02-24-2004 01:34 AM - edited 03-09-2019 06:31 AM
Hi,
Does anyone know what are the range of UDP ports unix used when doing traceroute? I allow ICMP on my firewall. The unix server can do a PING but not traceroute. When i refer to the firewall log, saw a range of high UDP ports being deny. Anyone does know specifcally what are the range of ports being used for traceroute?
Thanks
02-24-2004 01:55 AM
Outbound ICMP and UDP is permitted by default, as are responses to outbound UDP. In PIX versions 4.2.2
and later, inbound ICMP "time exceeded" and "unreachable" responses must be explicitly permitted via
conduits or ACLs:
Inbound UDP must be permitted. Because the source and destination ports are random, all UDP must be permitted
to the device:
02-24-2004 02:04 AM
Our company policy is permit those necessary and deny all. I am not allow to permit all UDP to the device or vice versa. Is there any UNIX professional out there does know the range of ports used for tracroute?
Thanks :)
02-24-2004 05:04 AM
It looks like it starts off with port UDP D=33434 and then increments this by one for every packet.
Below is a trace on Sol 2.8
-------------
XYZ -> 10.76.39.5 UDP D=33434 S=38791 LEN=20
XYZ -> 10.76.39.5 UDP D=33435 S=38791 LEN=20
XYZ -> 10.76.39.5 UDP D=33436 S=38791 LEN=20
XYZ -> 10.76.39.5 UDP D=33437 S=38791 LEN=20
XYZ -> 10.76.39.5 UDP D=33438 S=38791 LEN=20
XYZ -> 10.76.39.5 UDP D=33439 S=38791 LEN=20
XYZ -> 10.76.39.5 UDP D=33440 S=38791 LEN=20
XYZ -> 10.76.39.5 UDP D=33441 S=38791 LEN=20
XYZ -> 10.76.39.5 UDP D=33442 S=38791 LEN=20
XYZ -> 10.76.39.5 UDP D=33443 S=38791 LEN=20
XYZ -> 10.76.39.5 UDP D=33444 S=38791 LEN=20
XYZ -> 10.76.39.5 UDP D=33445 S=38791 LEN=20
XYZ -> 10.76.39.5 UDP D=33446 S=38791 LEN=20
-------------------
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide