Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Help determining what's blocking ports
Special Forums IP Networking Help determining what's blocking ports Post 302273592 by otheus on Monday 5th of January 2009 09:02:22 AM
Old 01-05-2009
At the command line on the Windows server, try "tracert -d <host>". If the traceroute completes, then either you need linux or a fancier traceroute tool that works on Windows and which can send traces via a specific UDP port.

Quote:
st. bernard iprism filtering hardware, a watchguard firebox, and a windows 2003 server.
That doesn't bode well, does it? I mean windows 2003 has a firewall enabled, and then you have two firewalls in between your Wireless AP and the net, right? See if you can get the configuration of the iprisim and the firebox and post them here. Before posting, X-out any IP addresses to make sure your students don't get any ideas on playing Wargames.
 

10 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

determining open ports

hi all 1) how to determine available ports in a box (solaris) do i have to go for a netstat on all the ports? 2) how to block a particular port for a particular type of connection. Any help would be greatly appreciated Thanks (7 Replies)
Discussion started by: matrixmadhan
7 Replies

2. UNIX for Dummies Questions & Answers

Determining file length

How can I determine what UNIX thinks the record size of any given file is?? (1 Reply)
Discussion started by: jbrubaker
1 Replies

3. SCO

Blocking ports and reseting conections

Hi folks! We have SCO Open System V 5.0.5 here. When I type "netstat -n" I found a line mentioning a conection at the port 1025, as follows: tcp 0 0 quartzo.1025 200-203-8-90.csl.aas ESTABLISHED Here we use only conections thru ports 22,23 and 25. I would like to... (0 Replies)
Discussion started by: Marcio Moraes
0 Replies

4. Shell Programming and Scripting

Determining directory path

Hello, I have a script where I get the full directory path of the script being executed: BASE=$0 echo "BASE:" $BASE The output looks like this: BASE: /webapps/appsdev/ACURA/rlz/oses3.sh I'd like to truncate the shell name, leaving just the directory path. The directory path can be... (2 Replies)
Discussion started by: cwalsek
2 Replies

5. Shell Programming and Scripting

Problem determining file

I got the following code, it partially works. Can someone tell me why it partially doenst work? #!/bin/sh file=$1 if then echo "File is a directory" else echo "File is not a directory!" fi heres the output: philip@philip-laptop:~/Desktop$ sh exFive.sh test.java File is... (4 Replies)
Discussion started by: philmetz
4 Replies

6. Solaris

determining miniroot revision

Hi guys I have a bunch of x4100's x4140's etc with solaris 10 update4 running on them but I suspect that when a lot of these boxes were originally built, the jumpstart process used an update2 miniroot, now as far as i understand it, the miniroot used at jumpstart is the miniroot that stays on... (1 Reply)
Discussion started by: hcclnoodles
1 Replies

7. Solaris

Blocking outgoing connection to ports/host in solaris

Hi, I want to block all outgoing connection ( the IMAP ) to my exchnage . I have to do it in my solaris server; from solaris host no outgoing connection can be made to the imap server. Please help me to configure that. I am new in solaris. Kind regards, Akhtar (2 Replies)
Discussion started by: akhtarbd
2 Replies

8. Programming

determining the IP of a function

Is there a way to determine the "Instruction Pointer" of a function in c++, and if so can someone tell me? (5 Replies)
Discussion started by: neur0n
5 Replies

9. UNIX for Dummies Questions & Answers

Determining Disk Speed

Hi, I went to a computer store and the salesman sold me a SATA cable and told me that all SATA cables are the same. Another salesman at a different store told me a cable rated for SATA 2, which I bought, MIGHT work as well as one rate for SATA 3 but it is not guaranteed. I decided to run a... (3 Replies)
Discussion started by: mojoman
3 Replies

10. Programming

Which are blocking and non-blocking api's in sockets in C ?

among the below socket programming api's, please let me know which are blocking and non-blocking. socket accept bind listen write read close (2 Replies)
Discussion started by: VSSajjan
2 Replies

LEARN ABOUT DEBIAN

rltraceroute6

TRACEROUTE6(8)						      System Manager's Manual						    TRACEROUTE6(8)

NAME

       rltraceroute6 - IPv6 traceroute tool

       tcptraceroute6 - TCP/IPv6 traceroute tool

SYNOPSIS

       traceroute6  [-AdEILlnrSU]  [-f	min_hop]  [-g hop] [ -i iface] [-m max_hop] [-p port] [-q attempts] [ -s source] [-t tclass] [-w wait] [-z
       delay_ms] < hostname/address> [packet length]

       tcptraceroute6 [-AdEnrS] [-f min_hop] [-g hop] [ -i iface] [-l packet_size] [-m max_hop] [-p port] [ -q attempts] [-s source]  [-t  tclass]
       [-w wait] [ -z delay_ms] < hostname/address> [port]

DESCRIPTON

       rltraceroute6 is an IPv6 traceroute implementation.

       It  displays  the  list of hops along the network route between the local system and specified destination, by sending packets while incre-
       menting their hop limit, until the final destination is reached.

       By default, rltraceroute6 sends UDP probe packets toward the destination (that's the historical default).  However, it can  also  send  TCP
       packets,  much  like  Michael  C. Toren's tcptraceroute does on IPv4 networks; tcptraceroute6 sends TCP packets by default (and mimics tcp-
       traceroute command line syntax).  Finally, it can also send ICMPv6 Echo Request packets, like some other traceroute  implementations  (such
       as the one in Microsoft Windows); tracert6 does this by default.

       You  must  specify  the	name  or address of the host toward which the network route should be determined. An optional additional parameter
       specifies either the probe packets length (for UDP and ICMP packets), or the destination port number/service name (for TCP packets).

       Note that TCP destination port zero really is TCP port numbered 0 (which cannot be used via the	standard  higer-level  TCP/IP  programming
       interface).

OPTIONS

       -A     Send  TCP/ACK  probe  packets.  That's very efficient against stateless firewalls (e.g. the official Linux kernel versions up to and
	      including 2.4.31 and 2.6.14), and utterly helpless against stateful ones. Note that TCP/ACK probing  cannot  determine  whether  the
	      destination TCP port is open or not.

       -d     Enable  socket  debugging  option  (SO_DEBUG).  Unless  you  are debugging the kernel, this is probably not going to have any actual
	      effect.

       -E     Send ECN-setup TCP/SYN probe packets (as per RFC 3168) rather than non-ECN-setup TCP/SYN probe packets. This has	no  effect  unless
	      command line optin -S is specified as well.

       -F     This option is ignored for backward compatibility.  IPv6 packets are never fragmented en route.

       -f     Override the initial IPv6 packets hop limit (default: 1).

       -g     Add  an  IPv6  route  segment  within  an IPv6 Routing Header.  This enables loose source routing.  Currently, only "Type 0" routing
	      header is supported.

       -h     Display some help and exit.

       -I  (rltraceroute6 only)
	      Send ICMPv6 Echo requests (like ping6) as probe packets.	That's the default for tracert6.

       -i     Only send packets through the specified interface.  See also BUGS.

       -I  (rltraceroute6 only)
	      Send UDP-Lite (protocol 136) packets (with full checksum coverage) as probe packets instead of normal UDP (protocol 17).

       -l (rltraceroute6 only)
	      Print the hop limit of received packets.	This is mostly used to detect asymmetric routing.

       -l (tcptraceroute6 only)
	      Specify the size (bytes) of sent packets.

       -m     Override the maximum hop limit (maximum number of hops).	The default is 30 hops which should be sufficient on the IPv6 Internet for
	      some time.

       -N     Try  to  resolve	each hop's IPv6 address to a host name. This is the default.  This option is meant for backward compatibility with
	      tcptraceroute(8).

       -n     Do not try to resolve each hop's IPv6 address to a host name.  That may speed up the traceroute significantly.

       -p     For rltraceroute6, specify the base destination port number (default: 33434).  rltraceroute6 assumes that packets toward	this  port
	      up  to  this port plus the maximum hop limit are not in use by any program on the final destination and that they are not blocked by
	      some firewall. The fact that this very assumption was not always correct, eventually lead to the development of  the  original  IPv4
	      tcptraceroute by Michael Toren.

	      For  tcptraceroute6,  specify  the  source port number (default: auto).  Note that source port number zero really means number zero,
	      rather than some port number that would be automatically assigned, as is the case with usual softwares.

       -q     Override the number of probes sent to each hop (default: 3).

       -r     Do not route packets, i.e. do not send packets through a gateway that would be specified by the routing table.  See also BUGS.

       -S     Use TCP/SYN probe packets. That's the default for tcptraceroute6.

       -s     Specify the source address to use for probe packets explicitly.

       -S     Use UDP probe packets. That's the default for rltraceroute6.

       -t     Specify the traffic class (DSCP) for probe packets.  See also BUGS.

       -U  (rltraceroute6 only)
	      Send UDP probe packets. That's the default.

       -V     Display program version and license and exit.

       -w     Override the delay (in seconds) to wait for response once a given probe packet was sent (default: 5 seconds).

       -x     This option is ignored for seamless migration from IPv4 traceroute.  The IPv6 header has no checksum field.

       -z     Specify a milliseconds delay to wait between each probe with identical hop limit.  This can be useful  to  work-around  ICMPv6  rate
	      limitation on some hosts.

DIAGNOSTICS

       If a response is received, the round-trip time is printed.  In addition, specific symbols denote certain errors:

       *   No response
	      No valid response received before the timeout delay (see -w option).

       !N  No route to destination
	      There is no entry for the destination network in the routing table.

       !A  Communication with destination administratively prohibited
	      A firewall explicitly rejected the traffic.

       !S  Beyond scope of source address
	      The  address scope of the source address is too small to reach the destination address. At the time of writing, this can only happen
	      when using a link-local source address to reach a global scope destination.  (Note: some IPv4 traceroute implementations use !S  for
	      source route error which is completely different)

       !H  Address unreachable
	      The host address is not reachable for some other reasons, particularly a link-layer failure (e.g. Neighbor discovery failure).

       !P  Unrecognized Next Header type encountered
	      The  destination	does not implement the layer-4 protocol used.  You should retry with ICMPv6 Echo Requests (-I command line option)
	      which MUST be supported by any IPv6 node.

SECURITY

       rltraceroute6 should be setuid root to allow use by non privileged users. It will drop its root privileges before any attempt  is  made	to
       send or receive data from the network so as to reduce the possible impact of a security vulnerability.

BUGS

       However	useful they might be, -i and -r options are ignored by the official Linux kernel at the time of writing this manpage, and hence do
       not work as documented.

       Support for option -t was broken until Linux kernel version 2.6.18.

       Usage of Routing Header, with option -g, triggers an OOPS on Linux kernel versions below 2.6.17.12.

       Receiving TCP/SYN-ACK packets does not work on FreeBSD at all.  This severely limits the usefulness of tcptraceroute6 on FreeBSD.

       Packet length takes the IPv6 header and, if present, extension headers into account.  rltraceroute6 versions before 0.7.4 used it  as  IPv6
       payload	length	instead, i.e. did not include the layer-3 headers in the computation.  Linux iputils traceroute6 does not even include the
       UDP header.  On the whole, the packet length semantic is very inconsistent among IPv6 traceroute implementations.

SEE ALSO

       ipv6(7), traceroute(8), tcptraceroute(8), traceroute6(8)

AUTHOR

       Remi Denis-Courmont <remi at remlab dot net>

       $Id: rltraceroute6.8 658 2010-10-31 20:56:30Z remi $

       http://www.remlab.net/ndisc6/

traceroute6				      $Date: 2010-10-31 22:56:30 +0200 (dim. 31 oct. 2010) $				    TRACEROUTE6(8)
All times are GMT -4. The time now is 08:19 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy