Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    How to get tcptraceroute, or a functional equivalent

    Scheduled Pinned Locked Moved
    pfSense Packages
    2
    3
    1.3k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      davebu
      last edited by

      I need to do a traceroute with a specific port: TCP 1194 (OpenVPN) as the protocol, in order to troubleshoot OpenVPN connect requests being lost in the internet between ISPs

      I'm using Netgate appliances. SG5100 as a VPN hubs and SG1100s as VPN spoke peers.

      pfSense version is the latest:
      2.4.5-RELEASE-p1 (arm64) | FreeBSD 11.3-STABLE latest:

      The console shell does not recognize 'tcptraceroute'
      I notice this utility is provided by FreeBSD as:
      http://pkg.freebsd.org/freebsd:11:x86:64/latest/All/tcptraceroute-1.5beta7.txz
      but with my appliances actively firewalling, I do not have a route to 'pkg.freebsd.org' to download and install it.

      This diagnostic tool is needed to figure out why I can see request packets outbound on my remote station`s WAN port, but they never arrive at my hub station's WAN interface.
      (And yes, I do have firewall rules on the VPN-hub WAN permitting TCP 1194, and yes PING to/from the same hosts works fine.)
      The same OpenVPN configs work on another line with another identical SG5100 hub.

      So ... is there a pfSense package that provides equivalent capabilities; i.e. to traceroute specifically with TCP port 1194?

      If not, is there a process to the FreeBSD package with a USB?

      Thanks.

      1 Reply Last reply Reply Quote 0
      • D
        davebu
        last edited by

        Found it!

        Trick is to find the right BSD Architecture repository.
        And to pay attention to pre-required packages.
        Here is a clip of what worked ...

        [2.4.5-RELEASE][root@XXX.net]/root: pkg add http://pkg.freebsd.org/FreeBSD:11:aarch64/latest/All/tcptraceroute-1.5beta7.txz
        Fetching tcptraceroute-1.5beta7.txz: 100% 31 KiB 31.9kB/s 00:01
        Installing tcptraceroute-1.5beta7...
        pkg: Missing dependency 'libnet'

        Failed to install the following 1 package(s): http://pkg.freebsd.org/FreeBSD:11:aarch64/latest/All/tcptraceroute-1.5beta7.txz

        [2.4.5-RELEASE][root@XXX]/root: pkg add http://pkg.freebsd.org/FreeBSD:11:aarch64/latest/All/libnet-1.1.6_5,1.txz
        Fetching libnet-1.1.6_5,1.txz: 100% 139 KiB 142.2kB/s 00:01
        Installing libnet-1.1.6_5,1...
        Extracting libnet-1.1.6_5,1: 100%
        [2.4.5-RELEASE][root@XXX.net]/root: pkg add
        http://pkg.freebsd.org/FreeBSD:11:aarch64/latest/All/tcptraceroute-1.5beta7.txz
        Fetching tcptraceroute-1.5beta7.txz: 100% 31 KiB 31.9kB/s 00:01
        Installing tcptraceroute-1.5beta7...
        Extracting tcptraceroute-1.5beta7: 100%

        1 Reply Last reply Reply Quote 0
        • E
          embraquel_d_tuta
          last edited by

          I know that this question is old, but it actually helped me getting tcptraceroute on opnsense. The key thing was pkg add from freebsd. So for me it needed to be updated since I am on freebsd:13:amd64, I found https://freebsd.pkgs.org/13/freebsd-amd64/ with search :)

          So for me the resulting command was:

          pkg add http://pkg.freebsd.org/FreeBSD:13:amd64latest/All/tcptraceroute-1.5beta7.txz

          Still same version of tcptraceroute 2 years later, but it is how to find the package name that is important

          So thanks for this thread.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post