Comments on: Traceroutes time out after turning on an iptables firewall https://www.brandonchecketts.com/archives/traceroutes-time-out-after-turning-on-an-iptables-firewall Web Programming, Linux System Administation, and Entrepreneurship in Athens Georgia Sun, 08 Apr 2007 14:49:48 +0000 hourly 1 https://wordpress.org/?v=6.9.1 By: Brandon https://www.brandonchecketts.com/archives/traceroutes-time-out-after-turning-on-an-iptables-firewall/comment-page-1#comment-81 Sun, 08 Apr 2007 14:49:48 +0000 http://www.brandonchecketts.com/archives/50#comment-81 The rule just stops the firewall from dropping the packets before they get to the kernel. Since there is nothing listening on the ports, it will then reply with the ICMP ‘port unreachable’ packet as it normally would.

]]> By: Mark Mathson https://www.brandonchecketts.com/archives/traceroutes-time-out-after-turning-on-an-iptables-firewall/comment-page-1#comment-77 Wed, 04 Apr 2007 21:41:32 +0000 http://www.brandonchecketts.com/archives/50#comment-77 Good post Brandon…

Does this rule you added open the ports specified for udp or just effectively allow communication to them, but keeping them closed?

## Allow traceroutes, which send a packet to a UDP port in this general range
iptables -A INPUT -s 0/0 -p udp –destination-port 33441:33500 -j ACCEPT

]]>