[OpenWrt-Devel] Firewall rule for UDP-based Traceroute
philipp_subx at redfish-solutions.com
Sun Apr 26 19:13:31 EDT 2020
I was playing with traceroute classic and Openwrt using the following rule:
option name Allow-UDP-Traceroute
option src wan
option dest_port 33434:33689
option proto udp
option family ipv4
option target REJECT
and it works, but can anyone see a downside to it? Yes, it exposes the presence of the Firewall.
But is there any other risk to the firewall besides that? Should we include this rule, even if it’s not enabled, in the default /etc/config/firewall?
openwrt-devel mailing list
openwrt-devel at lists.openwrt.org
More information about the openwrt-devel