Oracle Solaris Networking (MOSC)

MOSC Banner

pf.conf rule that allows outbound traceroute on a specific port

edited Jul 21, 2022 11:42AM in Oracle Solaris Networking (MOSC) Question

Hello,

Product: Sparc Solaris 11.4.x

I'm trying to test the network route for outbound UDP packets using this command:

traceroute remoteHostName 52311

And am getting these blocked entries when dynamically viewing the pf.log:

one log entry showing:

00:00:05.409347 rule 7/0(match): block out on net1: xxx.xxx.xxx..214.38943 > xxx.xxx.xxx.184.33434: UDP, bad length 52283 > 1472


and then repeated log entries showing:

00:00:00.000011 rule 7/0(match): block out on net1: xxx.xxx.xxx.214 > xxx.xxx.xxx.184: ip-proto-17

Which I'm not understanding why, because :

grep udp /etc/protocols 

udp       17   UDP       # user datagram protocol


verifies traceroute is attempting a UDP packet traceroute, and pf.conf has this rule to allow outbound UDP on port 52311:

Howdy, Stranger!

Log In

To view full details, sign in to My Oracle Support Community.

Register

Don't have a My Oracle Support Community account? Click here to get started.

Category Leaderboard

Top contributors this month

Instructions for posting

×

1. Select a discussion category from the picklist.


2. Enter a title that clearly identifies the subject of your question.


3. In the body, insert detailed information, including Oracle product and version.


Please abide by the Oracle Community guidelines and refrain from posting any customer or personally identifiable information (PI/CI).


Cloud / Fusion customers - Our Cloud community has moved! Please go to Cloud Customer Connect .


New to My Oracle Support Community? Visit our Welcome Center

MOSC Help Center