From owner-freebsd-questions Thu Nov 9 23:55:17 2000 Delivered-To: freebsd-questions@freebsd.org Received: from mailhost01.reflexnet.net (mailhost01.reflexnet.net [64.6.192.82]) by hub.freebsd.org (Postfix) with ESMTP id 2EC2337B479 for ; Thu, 9 Nov 2000 23:55:15 -0800 (PST) Received: from 149.211.6.64.reflexcom.com ([64.6.211.149]) by mailhost01.reflexnet.net with Microsoft SMTPSVC(5.5.1877.197.19); Thu, 9 Nov 2000 23:53:50 -0800 Received: (from cjc@localhost) by 149.211.6.64.reflexcom.com (8.11.0/8.11.0) id eAA7t8895948; Thu, 9 Nov 2000 23:55:08 -0800 (PST) (envelope-from cjc) Date: Thu, 9 Nov 2000 23:55:08 -0800 From: "Crist J . Clark" To: Jason Halbert Cc: questions@FreeBSD.ORG Subject: Re: Firewall Problem Message-ID: <20001109235508.W75251@149.211.6.64.reflexcom.com> Reply-To: cjclark@alum.mit.edu References: <3A0AEF4F.F801EE3@gte.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 1.0i In-Reply-To: <3A0AEF4F.F801EE3@gte.net>; from res02jw5@gte.net on Thu, Nov 09, 2000 at 06:39:11PM +0000 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Thu, Nov 09, 2000 at 06:39:11PM +0000, Jason Halbert wrote: > FreeBSD: > > I'm having a slight problem with my firewall. I need to be able to > trace route, but I don't think my firewall is allowing the packets > out. > > Here is the result of trying to traceroute: > > next# traceroute 4.33.96.1 > traceroute to 4.33.96.1 (4.33.96.1), 30 hops max, 40 byte packets > traceroute: sendto: Permission denied > 1 traceroute: wrote 4.33.96.1 40 chars, ret=-1 For the default UNIX traceroute to work, you will need to pass UDP ports 33434-33474 going out of your network and allow ICMP types 3 and 11 in. -- Crist J. Clark cjclark@alum.mit.edu To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message