blog.plee.me About software, technology and random things

20May/121

Making Traceroutes Work with a Firewall (Windows)

Hi!

Even though I've had software firewalls in action for years now, I haven't really come across too many instances where I'd need traceroutes. The few times I did, however, I noticed that I only got output like the following:

>tracert example.com

Tracing route to example.com [123.123.123.123]
over a maximum of 30 hops:

  1     *        *        *     Request timed out.
  2     *        *        *     Request timed out.
  3     *        *        *     Request timed out.
  4     *        *        *     Request timed out.
  5     *        *        *     Request timed out.
  6     *        *        *     Request timed out.
  7     *        *        *     Request timed out.
  8     *        *        *     Request timed out.
  9     *        *        *     Request timed out.
 10     *        *        *     Request timed out.
 11    50 ms    50 ms    50 ms  example.com [123.123.123.123]

Trace complete.

The number of hops would of course vary for the specific host / IP address.

Today I had to use traceroute in order to analyze a couple of networking problems. That was the incentive I needed to look up why it didn't work.

The fact that not even my router was showing up was a big indicator that something was wrong with my local firewall settings.

After searching the web for a couple of minutes, I found out what I was looking for at this page: http://www.phildev.net/ipf/IPFques.html#ques34

Traceroute is using ICMP packets (plus UDP on Linux systems, but that's outside the scope of this blog entry. You can read more about it on the page I linked above). But even for an outgoing traceroute you need to accept incoming ICMP packets.

Which ones? These:

  • ICMP TTL Expired (Type 11, Code 0)
  • ICMP Port Unreachable (Type 3, Code 3)

Once you've enabled these types of packets for incoming traffic in your firewall(s), you'll see that your traceroute will now function as it should.

If your firewall does not allow you to configure accepting specific types of ICMP packets, try allowing incoming ICMP packets altogether (if that's not too much of a compromise for you).

Anyway, long-ish story short: It's working now 🙂

Thanks to the webmaster of the page I linked above! And thanks to you for reading.

13Aug/0910

Disabling Windows Vista / 7 / 8 / 10 Explorer’s Automatic Folder Type Discovery

Hey!

Update from 2015-09-06: I just used this for Windows 10 and it still works!

I very recently installed Windows 7 on my desktop computer and I'm loving it so far.

One of the major things that bugged me though was the new Explorer behavior. The automatic folder type discovery just goes ahead and tries to determine a folder type just by looking at how many (or if there are) files of a certain type (pictures, videos, songs, ...) are in the current folder, and then it adjusts the viewing settings accordingly. For example, if you open a folder that contains mainly video files, it would show those with big icons instead of my default, a detailed list. Pictures are displayed as thumbnails.

Disabling this behavior proved to be interestingly difficult. As with most things that have been declared a default setting by Microsoft, it luckily can be done - but only via registry.

First we need to delete our current folder type settings.

  • Close all open Explorer windows.
  • Open the registry editor with Start => Run => regedit and browse to HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell.
  • Delete and confirm the deletion of the keys BagMRU and Bags.
  • Now create a Key (right-click on the current key in the left pane and select New => Key) called Bags.
  • Create a subkey for Bags called AllFolders.
  • Create a subkey for AllFolders called Shell.
  • Create a String value (right-click in the right pane and select New => String Value) called FolderType and set the value to NotSpecified.
  • That's it for Windows 7. Please read the note for Windows Vista x64 below. Otherwise, just reboot and your new settings should be applied.

That's it for Windows 7. If you're using Windows Vista x64, it might be possible that there is a copy of (or a similar) the Local Settings\Software\Microsoft\Windows\Shell key in HKEY_CURRENT_USER\Software\Classes\Wow6432Node. I could not confirm this for Windows 7, though I am using the 64 bit version (it just had a CLSID subkey, nothing more). In that case, delete the Shell\Bags and Shell\BagMRU folders like I told you above before finishing your modifications with a reboot.

Warning: as always, playing around with the Windows registry can be dangerous when done incorrectly. If you do not feel safe about it, make sure to back up the keys you're about to modify via File => Export, or leave it altogether. I do not take any responsibility for any damage, nor do I give any guarantee that the steps I provided here will work for you. At least they worked for me.

Hopefully that was of help to you 🙂

I discovered the initial instructions on mydigitallife.info. Thank's so much 🙂 Had a hard time finding a guide for that.

   
%d bloggers like this: