Am So, den 28.11.2004 schrieb Alexander Dalloz um 5:52: > B) changed iptables on target host by allowing new UDP packets > > iptables -I RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp -j > ACCEPT > > $ traceroute 192.168.0.3 > traceroute to 192.168.0.3 (192.168.0.3), 30 hops max, 38 byte packets > 1 bartleby (192.168.0.3) 4.562 ms 0.627 ms 0.334 ms Use "traceroute -I $target_host" while UDP is blocked and you will see the same result. The "-I" switch for traceroute means -I Use ICMP ECHO instead of UDP datagrams. All ICMP types are allowed by the default firewall setup. Alexander -- Alexander Dalloz | Enger, Germany | new address - new key: 0xB366A773 legal statement: http://www.uni-x.org/legal.html Fedora GNU/Linux Core 2 (Tettnang) on Athlon kernel 2.6.9-1.6_FC2smp Serendipity 05:59:53 up 8 days, 47 users, load average: 1.62, 1.02, 0.93
Attachment:
signature.asc
Description: Dies ist ein digital signierter Nachrichtenteil
