I'm testing an ipTables firewall. Using nmap, I can see all the open ports...but there aren't very many. This firewall is in a test network, and the servers behind it aren't in place yet. So port 80, which will eventually be forwarded to a web server, shows as closed even though the firewall isn't blocking it because there's no web server to forward that traffic to.

Is there a tool or technique that I can use to "listen" to a given port, so that nmap will respond correctly that the port is open, even though it's not actually functioning? I want to test the firewall as if all of my application servers were in place (even though they're not in place yet). Any suggestions?

I've never done it, but the nc command (netcat) should be able to listen on specific ports. So something like:

nc -l 80

should have nc listening on port 80. I have no idea what nmap would make of it however.

Well, I've found a few possibilities. I haven't tried them out yet, but I thought I'd share them here for anyone who's interested:

PortMapper - The PortMapper-Server is a program, that listens a port (or ports) of a computer and transmits all the incoming requests to some other port of other computer. The PortMapper-Client is graphical tool for administering of Server.
http://sourceforge.net/projects/portmapper/files/

Listenport - Listens on a selected TCP port and displays remote IP and source port when connection is received. [Windows utility]
http://sourceforge.net/projects/listenport/

Blingd (prealpha) - Blingd is a multi-purpose daemon for UNIX/Linux that listens on an arbitrary TCP port. When queried, blingd will return a configurable message or random blings.
http://sourceforge.net/projects/blingd/

Sock4Log (beta) - Sock4Log is a simple java xml serwer. Sock4Log will listen for client connections on the specified port number. It is created for retrieving xml log data from Flash Swf aplications which are using XmlSocketConnection.
http://sourceforge.net/projects/sock4log/files/