This is Solaris 10 with the IPFilter that comes with it.
I'm trying to figure out why I can't traceroute to my system. I can ping
out and traceroute out, other systems can ping this system but when they
attempt to traceroute to it, the following is produced:
Aug 23 08:39:36 hostname ipmon[217]: [ID 702911 local0.warning]
08:39:36.655913 hme0 @0:1 b a.b.c.d -> a.b.c.e PR icmp len 20 68 icmp
unreach/port for a.b.c.e,34415 - a.b.c.d,33434 PR udp len 20 40 OUT
Aug 23 08:39:41 hostname ipmon[217]: [ID 702911 local0.warning]
08:39:41.659090 hme0 @0:1 b a.b.c.d -> a.b.c.e PR icmp len 20 68 icmp
unreach/port for a.b.c.e,34415 - a.b.c.d,33435 PR udp len 20 40 OUT
Aug 23 08:39:46 hostname ipmon[217]: [ID 702911 local0.warning]
08:39:46.668976 hme0 @0:1 b a.b.c.d -> a.b.c.e PR icmp len 20 68 icmp
unreach/port for a.b.c.e,34415 - a.b.c.d,33436 PR udp len 20 40 OUT
Aug 23 08:39:52 hostname ipmon[217]: [ID 702911 local0.warning]
08:39:51.679110 hme0 @0:1 b a.b.c.d -> a.b.c.e PR icmp len 20 68 icmp
unreach/port for a.b.c.e,34415 - a.b.c.d,33437 PR udp len 20 40 OUT
and the system doing the traceroute produces the output
traceroute to a.b.c.d (a.b.c.d), 30 hopes max, 40 byte packets
* * *
* * *
.... keeps doing the same thing
Here's the ipf.conf file I'm currently using:
# cat ipf.conf
# INBOUND RULES
block in quick on hme0 from 0.0.0.0/8 to any
block in quick on hme0 from 127.0.0.0/8 to any
block in quick on hme0 from 169.254.0.0/16 to any
block in quick on hme0 from 172.16.0.0/12 to any
block in quick on hme0 from 192.0.2.0/24 to any
block in quick on hme0 from 192.168.0.0/16 to any
block in quick on hme0 from 204.152.64.0/23 to any
block in quick on hme0 from 224.0.0.0/3 to any
block in log proto icmp all
block return-icmp-as-dest(port-unr) in log proto udp all
block return-rst in log proto tcp all
# ICMP
pass in quick on hme0 proto icmp from any to a.b.c.d/32 icmp-type 8 keep
state
pass in quick on hme0 proto udp from any to a.b.c.d/32 port 33433><33690
keep state
# SSH
pass in quick on hme0 proto tcp from any to a.b.c.d/32 port = 22 flags S
keep state keep frags
# SMTP
pass in quick on hme0 proto tcp from any to a.b.c.d/32 port = 25 flags S
keep state keep frags
# Kerberos
pass in quick on hme0 proto udp from any to a.b.c.d/32 port = 88 keep state
pass in quick on hme0 proto tcp from any to a.b.c.d/32 port = 88 flags S
keep state keep frags
# LDAP
pass in quick on hme0 proto tcp from any to a.b.c.d/32 port = 389 flags S
keep state keep frags
# OUTBOUND RULES
block out log all
# ICMP
pass out quick on hme0 proto icmp from a.b.c.d/32 to any icmp-type 8 keep
state
pass out quick on hme0 proto udp from a.b.c.d/32 to any port 33433><33690
keep state
# DNS
pass out quick on hme0 proto udp from a.b.c.d/32 to d.n.s.1/32 port = 53
keep state
pass out quick on hme0 proto udp from a.b.c.d/32 to d.n.s.2/32 port = 53
keep state
If I comment out the line:
pass in quick on hme0 proto udp from any to a.b.c.d/32 port 33433><33690
keep state
and then have someone attempt to traceroute to this server I get the
following logged:
Aug 23 08:49:36 hostname ipmon[217]: [ID 702911 local0.warning]
08:49:36.683973 hme0 @0:10 b a.b.c.e,34418 -> a.b.c.d,33434 PR udp len 20 40
IN
Aug 23 08:49:36 hostname ipmon[217]: [ID 702911 local0.warning]
08:49:36.684737 hme0 @0:1 b a.b.c.d -> a.b.c.e PR icmp len 20 56 icmp
unreach/port for a.b.c.e,34418 - a.b.c.d,33434 PR udp len 20 40 OUT
Aug 23 08:49:42 hostname ipmon[217]: [ID 702911 local0.warning]
08:49:41.689385 hme0 @0:10 b a.b.c.e,34418 -> a.b.c.d,33435 PR udp len 20 40
IN
Aug 23 08:49:42 hostname ipmon[217]: [ID 702911 local0.warning]
08:49:41.700250 hme0 @0:10 b a.b.c.e,34418 -> a.b.c.d,33436 PR udp len 20 40
IN
BUT the traceroute actually kind of works:
traceroute to a.b.c.d (a.b.c.d), 30 hopes max, 40 byte packets
1 * hostname (a.b.c.d) 0.507 ms 0.248 ms
HELP!!!
Thank you in advance!
~Justin
_________________________________________________________________
Express yourself instantly with MSN Messenger! Download today - it's FREE!
http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/
