Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FW1] Off-topic (somewhat): How does traceroute work, anyway?

To: "Fw-1-Mailinglist (E-mail)" <[email protected]>
Subject: [FW1] Off-topic (somewhat): How does traceroute work, anyway?
From: "Reed Mohn, Anders" <[email protected]>
Date: Wed, 29 Nov 2000 20:09:40 +0100
Sender: [email protected]



I've just upgraded to CP2000, and I since I was at it, I used the
opportunity to
clean up my rulebase a little.
I threw out all the implied rules and set what was needed back up
"manually".

I thought I'd seen the answer to this on the list once, but I haven't been 
able to find it in the archives.
Here's the question:

In adding rules to allow ping / traceroute, I added a rule to allow incoming

ICMP dest-unreachable, echo-reply and time-exceeded.

Now why a time-exceeded message? This goes to how traceroute
works, I suppose.
I'm guessing that traceroute sends out packets with an increasing TTL,
until an echo-reply from the destination comes back. Is this correct?

Cheers,
Anders RM :)


================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Prev by Date: Re: [FW1] intrusion detection - benifits?
Next by Date: [FW1] Adding rule for echo-request.
Previous by thread: [FW1] A script for cleaning out log files?
Next by thread: RE: [FW1] Off-topic (somewhat): How does traceroute work, anyway?
Index(es):
- Date
- Thread