[ previous ] [ next ] [ threads ]
 
 From:  Andrew Hull <list at racc2000 dot com>
 To:  Mono Wall list <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Re: [m0n0wall] m0n0wall blocking traceroute?
 Date:  Wed, 23 Aug 2006 09:15:01 -0400 
Richard E. Brown wrote:
> Folks:
> 
> I'm using m0n0wall 1.21, and it appears to be blocking traceroute functionality
> between computers on my internal (private IP) network and those on the public
> internet. I've tried both Windows tracert and traceroute on MacOS X.
> 
> After rummaging through the documentation and m0n0wall mailing list archives, I
> don't see any clues to solving this. 
> 
> Can anyone give me insight? Many thanks!
> 
> Rich Brown                    richard dot e dot brown at dartware dot com
> Dartware, LLC                 http://www.dartware.com
> 10 Buck Road, PO Box 130      Telephone: 603-643-9600
> Hanover, NH 03755-0130 USA    Fax: 603-643-2289
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
> 
> 

Rich,
I don't have any specific things for you to check on your mono's config, 
but....

Traceroute sends high port UDP packets with short, increasing and TTLs 
to the host you are tracing. When a router along the way expires the 
TTL, it sends the sender an ICMP TTL expired packet.

Is your mono box configured to block any of that? or not send ICMP?

My mono boxes are passing traceroute traffic; I did not do anything 
special, it just worked "out of the box."

Hope that at least gives you something to go on,
Andrew