Date: Fri, 4 Apr 2003 09:19:13 +1000 From: Christopher Smith <csmith@its.uq.edu.au> To: toni@stderror.at Cc: freebsd-questions@freebsd.org Subject: Re: Weird traceroute problem Message-ID: <AEBA4362-662A-11D7-BABB-000502F96668@its.uq.edu.au> In-Reply-To: <20030403084755.GC10973@devil.stderror.at>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thursday, April 3, 2003, at 06:47 PM, Toni Schmidbauer wrote: > On Thu, Apr 03, 2003 at 03:08:52PM +1000, Christopher Smith wrote: >> I have two firewalls - the second is being prepped to replace the >> first. All networking from the second machine appears to be fine >> *except* traceroute looks broken. This happens: > > could it be that your second maschine blocks all incoming icmp > traffic? so the traceroute udp packets are leaving your network but > the time exceeded or port unreachable icmp packets coming back are > blocked? There are no rules on the second machine yet. From a tcpdump, it appears there are no icmp messages being returned by the routers. However, I don't understand why this only happens to this one machine - both the other firewall and the target host can traceroute through the same routers fine... Is there some weird bug in 4.8 that affects whether or not icmp messages are received ? -- +- Christopher Smith, Systems Administrator ------------------------------+ | Server & Security Group, Information Technology Services | | The University of Queensland, Brisbane, Australia, 4072 | +- Ph +61 7 3365 4046 | email csmith@its.uq.edu.au | Fax +61 7 3365 4065 -+
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?AEBA4362-662A-11D7-BABB-000502F96668>