traceroute problems

[Nikos Vassiliadis]

On Tuesday 11 March 2008 00:30:05 Wojciech Puchar wrote:
> > Right - thanks. I will see if I can unblock it then.

Hm, I wouldn't bet on it, since most of these devices tend
to have preconfigured well-hidden firewall rules.

> traceroute uses UDP packets, no special port numbers.

FreeBSD's traceroute can use TCP or ICMP instead of UDP.
You can also force using a specific port, so you can mimic a
web browser that uses an insanely small TTL. Something like:
"-e -P TCP -p 80 $destination_host"
or "-P ICMP $destination_host"
I've had success using combinations like the above.

Of course, if your NAT device drops ICMP indistinctively
or does not relate these ICMP to your LAN address, you're
out of luck. I think many DLinks are Linux based, so there is
good possibility to have a proper TCP/IP stack and a proper
packet filter. Can't tell of the packet filter rules though.

HTH, Nikos