Using nmap to traceroute on a specific port
Solution 1
I can't find any parameter to control this behavior in the document of nmap.
If you want to find which hop drops the specific packet, you may try to use traceroute. The parameter -P
is for protocol and -p
is for port.
Hope this helps.
Solution 2
Nmap specifically chooses probes for traceroute from what it knows about the target, choosing probes that are most likely to make it all the way to the target. For this reason, its traceroute is not really useful for debugging dropped packets, but is excellent for quickly tracing the path without knowing what will reach the target.
I've just put in a feature request for this to be part of the Nping tool, which is developed by the Nmap Project and seems to be a good platform for such a capability. In the meantime, as @StevenLee mentions, there are existing traceroute tools that can specify which port to traceroute.
Related videos on Youtube
user25427
Updated on September 18, 2022Comments
-
user25427 over 1 year
The short version of this is that from client A to server B, some connections are getting all the way there, and others are being dropped in transit. I know they're being dropped in transit because, when I do a tcpdump at the server, I see hits for the ports that work, but nothing for the ones that don't.
I tried the
nmap
command:nmap -p <port> --traceroute <dst_ip>
which works perfectly when the connection is successful, but if the connection fails for whatever reason, it marks the port as filtered and then switches to icmp for the traceroute.
Is there something I can do to force the traceroute to stay in the port supplied even if the connection is unsuccessful? I need to be able to see how far the specific port(s) get before being dropped.
-
user25427 almost 8 yearsThanks a lot, the Windows tracert is pretty basic and doesn't have half the options that the unix traceroute has which is why I was trying to use nmap since it SEEMED to have exactly what I wanted, but then I ran into this behavior.
-
I say Reinstate Monica almost 7 yearsWelcome to Super User. Your answer could benefit from more detail (See How to Answer). Please edit it to explain how your solution works/how it addresses the OPs question.
-
Jeff Puckett over 6 yearsUnfortunately, this doesn't work either. nmap still switches to using icmp if tcp port is filtered.