On Wednesday 30 June 2004 10:47 pm, Florian Boelstler wrote:
> Hi,
>
> I have a similar problem.
>
> My traceroute says:
>
> traceroute to www.google.akadns.net (66.102.11.99), 30 hops max, 38 byte
> packets
> traceroute: sendto: Operation not permitted
> 1 traceroute: wrote www.google.akadns.net 38 chars, ret=-1
> [ ... ]
>
> My setup is rather simple. I have "black-boxed" router connected to the
> internet, that is able to forward traceroutes. My client is equipped
> with netfilter.
> When I disable my local netfilter on the client, traceroute works fine.
>
> I use
>
> $IPTABLES -A OUTPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
> $IPTABLES -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
>
> at the beginning of my firewall script.
>
> Nevertheless traceroute does not work.
>
> Do I miss something?
Tell us how you handle NEW packets leaving the machine.
Regards,
Antony.
--
"The problem with television is that the people must sit and keep their eyes
glued on a screen; the average American family hasn't time for it."
- New York Times, following a demonstration at the 1939 World's Fair.
Please reply to the list;
please don't CC me.
