Hi, I am setting up a firewall on CENTOS 4.4. I have done default block iptables -P INPUT DROP iptables -P FORWARD DROP iptables -P OUTPUT DROP I have enabled ICMP to www.google.com iptables -A OUTPUT -p icmp -d 64.233.189.104 -j ACCEPT iptables -A INPUT -p icmp -s 64.233.189.104 -j ACCEPT Ping works fine as below [root at firebox rc.d]# ping 64.233.189.104 PING 64.233.189.104 ( 64.233.189.104) 56(84) bytes of data. 64 bytes from 64.233.189.104: icmp_seq=0 ttl=246 time=91.7 ms 64 bytes from 64.233.189.104: icmp_seq=1 ttl=246 time= 92.6 ms 64 bytes from 64.233.189.104: icmp_seq=2 ttl=246 time=93.2 ms 64 bytes from 64.233.189.104: icmp_seq=3 ttl=246 time=92.8 ms 64 bytes from 64.233.189.104: icmp_seq=4 ttl=246 time=91.4 ms 64 bytes from 64.233.189.104: icmp_seq=5 ttl=246 time=93.1 ms But I still can not traceroute to that ip Pls see below, as to when I try traceroute [root at firebox rc.d]# traceroute 64.233.189.104 traceroute to 64.233.189.104 ( 64.233.189.104), 30 hops max, 38 byte packets traceroute: sendto: Operation not permitted 1 traceroute: wrote 64.233.189.104 38 chars, ret=-1 *traceroute: sendto: Operation not permitted traceroute: wrote 64.233.189.104 38 chars, ret=-1 *traceroute: sendto: Operation not permitted traceroute: wrote 64.233.189.104 38 chars, ret=-1 * traceroute: sendto: Operation not permitted 2 traceroute: wrote 64.233.189.104 38 chars, ret=-1 WHY , Help needed. -- Thank you Indunil Jayasooriya -- Thank you Indunil Jayasooriya -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.centos.org/pipermail/centos/attachments/20070217/76c92cd6/attachment-0004.html>