Date: Tue, 26 Sep 2000 21:21:57 -0700 From: Janet Sullivan <eliyanah@techie.com> To: freebsd-questions@freebsd.org Subject: [Fwd: traceroute and IPFirewall] Message-ID: <39D175E5.D2D9C2F1@techie.com>
next in thread | raw e-mail | index | archive | help
"O. Hartmann" wrote: > > have some basic questions ... We use IPFIREWALL on our boxes and > ICMP is allowed to pass ... ping is possible, but no traceroute. > Any ideas how to fix or to do? Thanks. AFAIK, unix and cisco traceroutes send out UDP packets and receive ICMP messages in return (TTL exceded). So if you block all UDP, traceroute will be broken although ping will work. This does not apply to Windows tracert as it sends ICMP packets instead of UDP. Your traceroutes are likely failing because the initial UDP packets never make it past your firewall. Janet To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?39D175E5.D2D9C2F1>