I have a status monitor that I wish to set up using nmap to show all my externally open ports. Naturally nmap came to mind.
Unfortunately I use an iptables firewall and allow all traffic on the loopback interface. I want this and need this, as I might be doing web development on apache for instance. I do not want that port open to the outside world all the time (sometimes I do), and there are multiple services I do this for so just setting them to listen on the loopback interface might be too cumbersome.
I was hoping there was a way to scan nmap on the same computer without involving another computer. This would normally not be a problem but this computer is a laptop and can be in many different environments.
I was thinking something like:
nmap -e wlan0 -PN localhost
But that isn't working (showing everything closed when one is open) and it's taking too long to execute.
Here are my current iptables rules. Nothing fancy, and I'm open to suggestions related to iptables as well.
Chain INPUT (policy DROP)
target prot opt source destination
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:80
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination