ipfw and nmap

[daniel quinn]

i've been experimenting with ipfw since moving some of my machines from linux 
to freebsd and i've run across an oddity wrt nmap and freebsd firewalls.  it 
doesn't seem to work and the activity isn't logged either.

the firewall is working though.  ssh goes through, while other ports are being 
blocked (and logged).  i've confirmed this with telnet.  but nmap still comes 
up empty.  i'd like to be able to do a proper portscan, but is this a feature 
with ipfw or a lack of feature in nmap?

for the purposes of this test, i've used a variation on the firewall supplied 
in the freebsd handbook:

  www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/firewalls-ipfw.html

-- 
...he who in dealing with the empire loves his subjects as one should love 
one's body is the best person to whom one can commit the empire.
  - lau tzu, "tao te ching: chapter xiii"