what firewall rules does traceroute need?

The name of the pictureThe name of the pictureThe name of the pictureClash Royale CLAN TAG#URR8PPP











up vote
-1
down vote

favorite












The network team told me I only needed ICMP 8 bi directional for traceroute to work but it still does not seem to be working. ping does work with ICMP 8 being open but what do I need to open for traceroute to work?



I get this right now



[root]:$ traceroute server1
traceroute to server1 (x.x.x.x), 30 hops max, 40 byte packets
1 * * *
2 * * *
3 * * *
4 * * *
5 * * *
6 * * *






share|improve this question


























    up vote
    -1
    down vote

    favorite












    The network team told me I only needed ICMP 8 bi directional for traceroute to work but it still does not seem to be working. ping does work with ICMP 8 being open but what do I need to open for traceroute to work?



    I get this right now



    [root]:$ traceroute server1
    traceroute to server1 (x.x.x.x), 30 hops max, 40 byte packets
    1 * * *
    2 * * *
    3 * * *
    4 * * *
    5 * * *
    6 * * *






    share|improve this question
























      up vote
      -1
      down vote

      favorite









      up vote
      -1
      down vote

      favorite











      The network team told me I only needed ICMP 8 bi directional for traceroute to work but it still does not seem to be working. ping does work with ICMP 8 being open but what do I need to open for traceroute to work?



      I get this right now



      [root]:$ traceroute server1
      traceroute to server1 (x.x.x.x), 30 hops max, 40 byte packets
      1 * * *
      2 * * *
      3 * * *
      4 * * *
      5 * * *
      6 * * *






      share|improve this question














      The network team told me I only needed ICMP 8 bi directional for traceroute to work but it still does not seem to be working. ping does work with ICMP 8 being open but what do I need to open for traceroute to work?



      I get this right now



      [root]:$ traceroute server1
      traceroute to server1 (x.x.x.x), 30 hops max, 40 byte packets
      1 * * *
      2 * * *
      3 * * *
      4 * * *
      5 * * *
      6 * * *








      share|improve this question













      share|improve this question




      share|improve this question








      edited Dec 22 '17 at 13:43









      datUser

      2,2811032




      2,2811032










      asked Dec 22 '17 at 13:28









      kerplunk

      113




      113




















          2 Answers
          2






          active

          oldest

          votes

















          up vote
          0
          down vote













          In some distributions Traceroute use UDP you can give it -I so it will use ICMP, or -T for TCP.
          The reason for it to use UDP in some distributions is because that way it won't need root permission to run.






          share|improve this answer




















          • Yes port depends on if 32 or 64 or bigger size...
            – AsenM
            Dec 22 '17 at 14:57

















          up vote
          -1
          down vote













          looks like I need this also for regular traceroute 8/ICMP, 33434-33689/UDP, I'm on linux and solaris systems.



          I tried the -I and -T options but I don't have root on all systems in production






          share|improve this answer




















            Your Answer







            StackExchange.ready(function()
            var channelOptions =
            tags: "".split(" "),
            id: "106"
            ;
            initTagRenderer("".split(" "), "".split(" "), channelOptions);

            StackExchange.using("externalEditor", function()
            // Have to fire editor after snippets, if snippets enabled
            if (StackExchange.settings.snippets.snippetsEnabled)
            StackExchange.using("snippets", function()
            createEditor();
            );

            else
            createEditor();

            );

            function createEditor()
            StackExchange.prepareEditor(
            heartbeatType: 'answer',
            convertImagesToLinks: false,
            noModals: false,
            showLowRepImageUploadWarning: true,
            reputationToPostImages: null,
            bindNavPrevention: true,
            postfix: "",
            onDemand: true,
            discardSelector: ".discard-answer"
            ,immediatelyShowMarkdownHelp:true
            );



            );








             

            draft saved


            draft discarded


















            StackExchange.ready(
            function ()
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f412507%2fwhat-firewall-rules-does-traceroute-need%23new-answer', 'question_page');

            );

            Post as a guest






























            2 Answers
            2






            active

            oldest

            votes








            2 Answers
            2






            active

            oldest

            votes









            active

            oldest

            votes






            active

            oldest

            votes








            up vote
            0
            down vote













            In some distributions Traceroute use UDP you can give it -I so it will use ICMP, or -T for TCP.
            The reason for it to use UDP in some distributions is because that way it won't need root permission to run.






            share|improve this answer




















            • Yes port depends on if 32 or 64 or bigger size...
              – AsenM
              Dec 22 '17 at 14:57














            up vote
            0
            down vote













            In some distributions Traceroute use UDP you can give it -I so it will use ICMP, or -T for TCP.
            The reason for it to use UDP in some distributions is because that way it won't need root permission to run.






            share|improve this answer




















            • Yes port depends on if 32 or 64 or bigger size...
              – AsenM
              Dec 22 '17 at 14:57












            up vote
            0
            down vote










            up vote
            0
            down vote









            In some distributions Traceroute use UDP you can give it -I so it will use ICMP, or -T for TCP.
            The reason for it to use UDP in some distributions is because that way it won't need root permission to run.






            share|improve this answer












            In some distributions Traceroute use UDP you can give it -I so it will use ICMP, or -T for TCP.
            The reason for it to use UDP in some distributions is because that way it won't need root permission to run.







            share|improve this answer












            share|improve this answer



            share|improve this answer










            answered Dec 22 '17 at 13:35









            AsenM

            3407




            3407











            • Yes port depends on if 32 or 64 or bigger size...
              – AsenM
              Dec 22 '17 at 14:57
















            • Yes port depends on if 32 or 64 or bigger size...
              – AsenM
              Dec 22 '17 at 14:57















            Yes port depends on if 32 or 64 or bigger size...
            – AsenM
            Dec 22 '17 at 14:57




            Yes port depends on if 32 or 64 or bigger size...
            – AsenM
            Dec 22 '17 at 14:57












            up vote
            -1
            down vote













            looks like I need this also for regular traceroute 8/ICMP, 33434-33689/UDP, I'm on linux and solaris systems.



            I tried the -I and -T options but I don't have root on all systems in production






            share|improve this answer
























              up vote
              -1
              down vote













              looks like I need this also for regular traceroute 8/ICMP, 33434-33689/UDP, I'm on linux and solaris systems.



              I tried the -I and -T options but I don't have root on all systems in production






              share|improve this answer






















                up vote
                -1
                down vote










                up vote
                -1
                down vote









                looks like I need this also for regular traceroute 8/ICMP, 33434-33689/UDP, I'm on linux and solaris systems.



                I tried the -I and -T options but I don't have root on all systems in production






                share|improve this answer












                looks like I need this also for regular traceroute 8/ICMP, 33434-33689/UDP, I'm on linux and solaris systems.



                I tried the -I and -T options but I don't have root on all systems in production







                share|improve this answer












                share|improve this answer



                share|improve this answer










                answered Dec 22 '17 at 15:09









                kerplunk

                113




                113






















                     

                    draft saved


                    draft discarded


























                     


                    draft saved


                    draft discarded














                    StackExchange.ready(
                    function ()
                    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f412507%2fwhat-firewall-rules-does-traceroute-need%23new-answer', 'question_page');

                    );

                    Post as a guest













































































                    Popular posts from this blog

                    How to check contact read email or not when send email to Individual?

                    Displaying single band from multi-band raster using QGIS

                    How many registers does an x86_64 CPU actually have?