what firewall rules does traceroute need?
Clash Royale CLAN TAG#URR8PPP
up vote
-1
down vote
favorite
The network team told me I only needed ICMP 8 bi directional for traceroute to work but it still does not seem to be working. ping does work with ICMP 8 being open but what do I need to open for traceroute to work?
I get this right now
[root]:$ traceroute server1
traceroute to server1 (x.x.x.x), 30 hops max, 40 byte packets
1 * * *
2 * * *
3 * * *
4 * * *
5 * * *
6 * * *
networking traceroute
edited Dec 22 '17 at 13:43
datUser
2,2811032
asked Dec 22 '17 at 13:28
kerplunk
113
add a comment |Â
up vote
-1
down vote
favorite
The network team told me I only needed ICMP 8 bi directional for traceroute to work but it still does not seem to be working. ping does work with ICMP 8 being open but what do I need to open for traceroute to work?
I get this right now
[root]:$ traceroute server1
traceroute to server1 (x.x.x.x), 30 hops max, 40 byte packets
1 * * *
2 * * *
3 * * *
4 * * *
5 * * *
6 * * *
networking traceroute
edited Dec 22 '17 at 13:43
datUser
2,2811032
asked Dec 22 '17 at 13:28
kerplunk
113
add a comment |Â
up vote
-1
down vote
favorite
up vote
-1
down vote
favorite
The network team told me I only needed ICMP 8 bi directional for traceroute to work but it still does not seem to be working. ping does work with ICMP 8 being open but what do I need to open for traceroute to work?
I get this right now
[root]:$ traceroute server1
traceroute to server1 (x.x.x.x), 30 hops max, 40 byte packets
1 * * *
2 * * *
3 * * *
4 * * *
5 * * *
6 * * *
networking traceroute
edited Dec 22 '17 at 13:43
datUser
2,2811032
asked Dec 22 '17 at 13:28
kerplunk
113
The network team told me I only needed ICMP 8 bi directional for traceroute to work but it still does not seem to be working. ping does work with ICMP 8 being open but what do I need to open for traceroute to work?
I get this right now
[root]:$ traceroute server1
traceroute to server1 (x.x.x.x), 30 hops max, 40 byte packets
1 * * *
2 * * *
3 * * *
4 * * *
5 * * *
6 * * *
networking traceroute
edited Dec 22 '17 at 13:43
datUser
2,2811032
asked Dec 22 '17 at 13:28
kerplunk
113
edited Dec 22 '17 at 13:43
datUser
2,2811032
edited Dec 22 '17 at 13:43
datUser
2,2811032
edited Dec 22 '17 at 13:43
datUser
2,2811032
2,2811032
asked Dec 22 '17 at 13:28
kerplunk
113
asked Dec 22 '17 at 13:28
kerplunk
113
asked Dec 22 '17 at 13:28
kerplunk
113
113
add a comment |Â
add a comment |Â
2 Answers
2
active
oldest
votes
up vote
0
down vote
In some distributions Traceroute use UDP you can give it -I so it will use ICMP, or -T for TCP.
The reason for it to use UDP in some distributions is because that way it won't need root permission to run.
answered Dec 22 '17 at 13:35
AsenM
3407
Yes port depends on if 32 or 64 or bigger size...
– AsenM
Dec 22 '17 at 14:57
add a comment |Â
up vote
-1
down vote
looks like I need this also for regular traceroute 8/ICMP, 33434-33689/UDP, I'm on linux and solaris systems.
I tried the -I and -T options but I don't have root on all systems in production
answered Dec 22 '17 at 15:09
kerplunk
113
add a comment |Â
2 Answers
2
active
oldest
votes
2 Answers
2
active
oldest
votes
active
oldest
votes
active
oldest
votes
up vote
0
down vote
In some distributions Traceroute use UDP you can give it -I so it will use ICMP, or -T for TCP.
The reason for it to use UDP in some distributions is because that way it won't need root permission to run.
answered Dec 22 '17 at 13:35
AsenM
3407
Yes port depends on if 32 or 64 or bigger size...
– AsenM
Dec 22 '17 at 14:57
add a comment |Â
up vote
0
down vote
In some distributions Traceroute use UDP you can give it -I so it will use ICMP, or -T for TCP.
The reason for it to use UDP in some distributions is because that way it won't need root permission to run.
answered Dec 22 '17 at 13:35
AsenM
3407
Yes port depends on if 32 or 64 or bigger size...
– AsenM
Dec 22 '17 at 14:57
add a comment |Â
up vote
0
down vote
up vote
0
down vote
In some distributions Traceroute use UDP you can give it -I so it will use ICMP, or -T for TCP.
The reason for it to use UDP in some distributions is because that way it won't need root permission to run.
answered Dec 22 '17 at 13:35
AsenM
3407
In some distributions Traceroute use UDP you can give it -I so it will use ICMP, or -T for TCP.
The reason for it to use UDP in some distributions is because that way it won't need root permission to run.
answered Dec 22 '17 at 13:35
AsenM
3407
answered Dec 22 '17 at 13:35
AsenM
3407
answered Dec 22 '17 at 13:35
AsenM
3407
answered Dec 22 '17 at 13:35
AsenM
3407
3407
Yes port depends on if 32 or 64 or bigger size...
– AsenM
Dec 22 '17 at 14:57
add a comment |Â
Yes port depends on if 32 or 64 or bigger size...
– AsenM
Dec 22 '17 at 14:57
Yes port depends on if 32 or 64 or bigger size...
– AsenM
Dec 22 '17 at 14:57
Yes port depends on if 32 or 64 or bigger size...
– AsenM
Dec 22 '17 at 14:57
add a comment |Â
up vote
-1
down vote
looks like I need this also for regular traceroute 8/ICMP, 33434-33689/UDP, I'm on linux and solaris systems.
I tried the -I and -T options but I don't have root on all systems in production
answered Dec 22 '17 at 15:09
kerplunk
113
add a comment |Â
up vote
-1
down vote
looks like I need this also for regular traceroute 8/ICMP, 33434-33689/UDP, I'm on linux and solaris systems.
I tried the -I and -T options but I don't have root on all systems in production
answered Dec 22 '17 at 15:09
kerplunk
113
add a comment |Â
up vote
-1
down vote
up vote
-1
down vote
looks like I need this also for regular traceroute 8/ICMP, 33434-33689/UDP, I'm on linux and solaris systems.
I tried the -I and -T options but I don't have root on all systems in production
answered Dec 22 '17 at 15:09
kerplunk
113
looks like I need this also for regular traceroute 8/ICMP, 33434-33689/UDP, I'm on linux and solaris systems.
I tried the -I and -T options but I don't have root on all systems in production
answered Dec 22 '17 at 15:09
kerplunk
113
answered Dec 22 '17 at 15:09
kerplunk
113
answered Dec 22 '17 at 15:09
kerplunk
113
answered Dec 22 '17 at 15:09
kerplunk
113
113
add a comment |Â
add a comment |Â
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f412507%2fwhat-firewall-rules-does-traceroute-need%23new-answer', 'question_page');
);
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
