[OpenWrt-Devel] Firewall rule for UDP-based Traceroute
Philip Prindeville
philipp_subx at redfish-solutions.com
Sun Apr 26 19:13:31 EDT 2020
I was playing with traceroute classic and Openwrt using the following rule:
config rule
option name Allow-UDP-Traceroute
option src wan
option dest_port 33434:33689
option proto udp
option family ipv4
option target REJECT
and it works, but can anyone see a downside to it? Yes, it exposes the presence of the Firewall.
But is there any other risk to the firewall besides that? Should we include this rule, even if it’s not enabled, in the default /etc/config/firewall?
-Philip
_______________________________________________
openwrt-devel mailing list
openwrt-devel at lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel
More information about the openwrt-devel
mailing list