>> >> Microsoft traceroute uses icmp whereas unix traceroute tends to use udp
> >> ports in the range above 33000. > >Huh. That's wild. I didn't know UDP was useful for such things. I'd've >thought there'd have to be like a "tracerouted" listening to some UDP >port(s) for it to work that way, whereas I thought the TCP/IP stack was >responsible for responding to certain ICMP messages, and that ICMP's whole >reason for being was things like ping and traceroute (and lower-level >equivalents). The unix traceroute is based on the fact that you will respond with a package stating that nothing is listening on that port. That is normal behaviour if you don't have a firewall DROPping the package. A reject rule might make a unix traceroute already happy (not sure though). As to making the traceroute from microsoft work, I am pretty sure it involves some icmp rule being added, not sure what though. But default bering only allows icmp type 8 in which is the echo request icmp packet. Just testing by allowing all icmp in should confirm my suspicion that it is an icmp related issue. Close it up afterwards again. I will try and network monitor an microsoft traceroute and come back with a better filtered solution. Kim Oppalfens > >> I am not sure on the exact range used but 33434-33463 probably is correct. >> >> So if the problem is reproducable by tracerouting from a win2k station > >> it is icmp related and not udp related. > >I see. That explains why Russ Price and I were seeing different behavior >than Tom Eastep. Presumably the solution, then, would be to open up some >"icmp" stuff in Shorewall, though I wouldn't hazard to guess what. > >Personally it doesn't really bother me that the first hop of traceroute >always gets "* * *", now that I know it's to be expected. (If the required >Shorewall rule to fix it were easy, however, I'd probably go ahead and do >so.) > >-- >Dan Harkless >[EMAIL PROTECTED] >http://harkless.org/dan/ > > >------------------------------------------------------- >This sf.net email is sponsored by: Dice - The leading online job board >for high-tech professionals. Search and apply for tech jobs today! >http://seeker.dice.com/seeker.epl?rel_code=31 >------------------------------------------------------------------------ >leaf-user mailing list: [EMAIL PROTECTED] >https://lists.sourceforge.net/lists/listinfo/leaf-user >SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html ------------------------------------------------------- This sf.net email is sponsored by: Dice - The leading online job board for high-tech professionals. Search and apply for tech jobs today! http://seeker.dice.com/seeker.epl?rel_code=31 ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
