iptablesでUDPを対象にしたルールの確認方法

Linux Network

本で書き忘れたけどiptablesUDPを対象にしたルールの確認はtracerouteを使うといい.
tracerouteの性格上できれば間にルーターが入っていない環境がいいすね.

$ traceroute --help
Usage:
  traceroute [ -46dFITnrAUV ] [ -f first_ttl ] [ -g gate,... ] [ -i device ] [ -m max_ttl ] [ -N squeries ] [ -p port ] [ -t tos ] [ -l flow_label ] [ -w waittime ] [ -q nqueries ] [ -s src_addr ] [ -z sendwait ] host [ packetlen ]
Options:
(snip)
  -p port  --port=port        Set the destination port to use. It is either
                              initial udp port value for "default" method
                              (incremented by each probe, default is 33434), or
                              initial seq for "icmp" (incremented as well,
                              default from 1), or some constant destination
                              port for other methods (with default of 80 for
                              "tcp", 53 for "udp", etc.)
(snip)
  -U  --udp                   Use UDP to particular port for tracerouting
                              (instead of increasing the port per each probe),
                              default port is 53
$ traceroute -U -p [PORT_NUMBER] [IP_ADDRESS]

改訂第二版 CentOSサーバ構築バイブル

改訂第二版 CentOSサーバ構築バイブル