Diff output from Namp and esxcfg-firewall cmd

galibai · ‎07-09-2009

Hi,

I am trying to understand the esxcfg-firewall cmd and the namp output.

esxcfg-firewall -q cmd output is

Opened ports:

sshClient : port 22 tcp.in

snmp : port 161 tcp.in tcp.out udp.in udp.out

ftpClient : port 21 tcp.in

snmptrap : port 162 udp.in udp.out

dynamicupdates : port 8081 tcp.out

OpenManageRequest : port 1311 tcp.in

When, I use nmap to scan the same server

Not shown: 987 closed ports

PORT STATE SERVICE

22/tcp open ssh

80/tcp open http

199/tcp open smux

443/tcp open https

902/tcp open iss-realsecure

903/tcp open iss-console-mgr

1311/tcp open rxmon

5988/tcp open unknown

5989/tcp open unknown

8009/tcp open ajp13

8042/tcp open unknown

8045/tcp open unknown

8080/tcp open http-proxy

Why is the esxcfg-firewall now showing the ports, that is shwon by nmap ?

Thanks

PaScKM · ‎07-09-2009

nmap shows only ports which are open. Closed/Outgoing Ports are not shown.

galibai · ‎07-10-2009

There are so many other ports which are open but they are not shown by the firewall that is very strange. Is this a bug ?

Thanks