Date: Tue, 26 Sep 2000 21:59:18 +0200 (CEST) From: "O. Hartmann" <ohartman@ipamzlx.physik.uni-mainz.de> To: chip@chocobo.cx Cc: freebsd-questions@freebsd.org Subject: Re: traceroute and IPFirewall Message-ID: <Pine.BSF.4.21.0009262158560.2125-100000@ipamzlx.physik.uni-mainz.de> In-Reply-To: <20000926155522.A7962@setzer.chocobo.cx>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 26 Sep 2000, Chip Marshall wrote: Thanks, that was the mistake! UDP has to be allowed in the specified port range ... :>On September 26, 2000, O. Hartmann sent me the following: :>> have some basic questions ... We use IPFIREWALL on our boxes and :>> ICMP is allowed to pass ... ping is possible, but no traceroute. :>> Any ideas how to fix or to do? Thanks. :> :>Are you trying to disallow ping, or allow traceroute? If you're trying :>to allow traceroute, keep in mind that the outgoing part of a :>traceroute is a series of UDP packets, not ICMP (in FreeBSD at least. :>I know Microsoft Windows tracert used ICMP packets.) The manpage for :>traceroute tells the UDP port range it uses. :> :>-- :>Chip Marshall <chip@chocobo.cx> http://www.chocobo.cx/chip/ Finger for PGP :>GCM/CS d+(-) s+:++ a18>? C++ UB++++$ P+++$ L- E--- W++ N+@ o K- w O M+ V-- :>PS PE Y? PGP++ t+@ 5 X R>+ tv+() b++>+++ DI++++ D(-) G++ e>++ h!>++ r-- y- :> Gruss O. Hartmann ------------------------------------------------------------------- ohartman@ipamzlx.physik.uni-mainz.de Klimadatenserver des IPA, Universitaet Mainz Netzwerk- und Systembetreuung To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0009262158560.2125-100000>