The traceroute problem in CSF servers

Manish · June 06, 2016, 07:44:04 PM

Hello,

In the hosting industry the traceroute tool is a very common tool using for servers simple network status. If we install CSF in any server, the traceroute fails. So admins will think there will be some problems. As from a security view it is good to block such packets. Even though it will be good to enable the UDP_IN port rang 33434:33523 as open in default CSF configuration.

Open csf configuration file and search for UDP_IN

Quote# To allow incoming traceroute add 33434:33523 to this
UDP_IN = "20,21,53,953,33434:33523"

After that restart the csf firewall on server.

Quote# csf -r

Traceroute will work fine now

News:

The traceroute problem in CSF servers

Manish