iptables and traceroute

Hi everyone,

I would like to check with you guys whether the following iptables rules are ok in order to allow incoming and outgoing traceroute:

Allow OUTPUT traceroute:
Code: 
$IPTABLES -A OUTPUT -o eth0 -p udp -s $SERVERIPS --sport 32769:65535 --dport 33434:33523 -m state --state NEW -j ACCEPT
Allow INPUT traceroute:
Code: 
$IPTABLES -A INPUT -i eth0 -p udp -s $SERVERIPS --sport 32769:65535 -d $SERVERIPS --dport 33434:33523 -m state --state NEW -j ACCEPT
WHERE:
$IPTABLES is /sbin/iptables
$SERVERIPS is/are my server allocated IPs

No sure about which are the ports used for traceroute though... is it from 33434 to 33600?

Thanks iptables and traceroute

Kindest regards,
Choon

 

 

 

 

Top