Can you show me your firewall? Can you paste the blocks you are seeing? It does not get past the 1st hop, or? Post an example traceroute? -----Original Message----- From: netfilter-admin@xxxxxxxxxxxxxxxxxxx [mailto:netfilter-admin@xxxxxxxxxxxxxxxxxxx] On Behalf Of Antony Stone Sent: Wednesday, June 30, 2004 9:29 AM To: netfilter Subject: Re: traceroute On Wednesday 30 June 2004 2:05 pm, Peter Marshall wrote: > Hi. I was wondering what I would need for rules to have traceroute work > through my firewall. (I have a box behind the firewall trying to get out > using traceroute). > > I have an allow established connections on my forwared chain, and I am > allowing anything from the source IP of the box in question to leave ... It > appears that the problem is on the packets comming back in .. but I am not > sure what I have to do to fix it .... Allow RELATED packets as well as ESTABLISHED. Regards, Antony. -- "It is easy to be blinded to the essential uselessness of them by the sense of achievement you get from getting them to work at all. In other words - and this is the rock solid principle on which the whole of the Corporation's Galaxy-wide success is founded - their fundamental design flaws are completely hidden by their superficial design flaws." - Douglas Noel Adams Please reply to the list; please don't CC me.
