[OT] Pinging and traceroute
Any ideas why I'm unable to run a traceroute to an IP address without
first pinging it ?? If I try and trace a site, it does little to
nothing. Here's what a trace to www.debian.org shows after 15 seconds:
traceroute www.debian.org
traceroute to www.debian.org (198.186.203.20), 30 hops max, 38 byte
packets
1 * * *
Now if I ping the same site...
ping www.debian.org
PING www.debian.org (198.186.203.20): 56 data bytes
64 bytes from 198.186.203.20: icmp_seq=0 ttl=241 time=126.3 ms
64 bytes from 198.186.203.20: icmp_seq=1 ttl=241 time=123.6 ms
64 bytes from 198.186.203.20: icmp_seq=2 ttl=241 time=123.1 ms
... a traceroute should work right away.
It does. More or less right away, I get this:
traceroute www.debian.org
traceroute to www.debian.org (198.186.203.20), 30 hops max, 38 byte
packets
1 user-xxxxxxx.dsl.mindspring.com (xxx.xxx.xxx.xxx) 31.413 ms 27.102
ms 32.104 ms
2 cisco-f0-0-0.cle.mindspring.net (207.69.222.193) 22.466 ms 22.808
ms *
3 cisco-h2-0-1.chi.mindspring.net (207.69.130.10) 43.143 ms 57.928
ms 49.438 ms
I do have an IPTABLES firewall running. Pinging a site does nothing to
the firewall's logs. Using traceroute does. This is the relevant
firewall rule, I think:
#Allowing all ICMP
$IPT -t filter -A INPUT -p icmp -s 0/0 -d $NET -m limit --limit 1/s -j
ACCEPT
I also have this one:
#Allow ICMP Output
$IPT -A OUTPUT -p icmp -s $NET -d 0/0 -j ACCEPT
(I use Firestarter to make the bulk of it and have modified it myself
very little)
Any ideas or help ?? I'd appreciate it...
Hall
Reply to: