Dean,

Have you tried using a traceroute -I to use ICMP for the traceroute? A default traceroute will choose random UDP ports at the destination, so your firewall rules WILL kill those. I would suspect an ICMP based traceroute would work.

Nigel

On Apr 10, 2014, at 7:34 PM, Bart Kus <me@bartk.us> wrote:

On 04/10/2014 07:23 PM, Dean Gibson AE7Q wrote:

add action=drop chain=input comment="default configuration" in-interface=wlan1-gateway
My money is on that rule killing the inbound traceroute packets before the router can formulate a response packet.

--Bart

_______________________________________________
PSDR mailing list
PSDR@hamwan.org
http://mail.hamwan.org/mailman/listinfo/psdr_hamwan.org