Date: Wed, 12 Mar 2008 17:39:23 +0200 From: Nikos Vassiliadis <nvass@teledomenet.gr> To: freebsd-questions@freebsd.org Cc: Zbigniew Szalbot <zszalbot@gmail.com>, Wojciech Puchar <wojtek@wojtek.tensor.gdynia.pl> Subject: Re: traceroute problems Message-ID: <200803121739.24408.nvass@teledomenet.gr> In-Reply-To: <20080310232639.K7504@wojtek.tensor.gdynia.pl> References: <94136a2c0803101454l6ca76c99ma1fa1083d7ea2137@mail.gmail.com> <94136a2c0803101520p4f044ce4lae76975f899296e7@mail.gmail.com> <20080310232639.K7504@wojtek.tensor.gdynia.pl>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tuesday 11 March 2008 00:30:05 Wojciech Puchar wrote: > > Right - thanks. I will see if I can unblock it then. Hm, I wouldn't bet on it, since most of these devices tend to have preconfigured well-hidden firewall rules. > traceroute uses UDP packets, no special port numbers. FreeBSD's traceroute can use TCP or ICMP instead of UDP. You can also force using a specific port, so you can mimic a web browser that uses an insanely small TTL. Something like: "-e -P TCP -p 80 $destination_host" or "-P ICMP $destination_host" I've had success using combinations like the above. Of course, if your NAT device drops ICMP indistinctively or does not relate these ICMP to your LAN address, you're out of luck. I think many DLinks are Linux based, so there is good possibility to have a proper TCP/IP stack and a proper packet filter. Can't tell of the packet filter rules though. HTH, Nikos
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200803121739.24408.nvass>