hi every body

I want to rule over all ICMP Packet have not applied
Only be applied to Trace Route packets
Who knows Trace Route ICMP Type and ICMP code ?

My Rule :

Different traceroute tools on different platforms use different types of packets for tracing. Some use ICMP type 8 code 3 (ping) packets, others use UDP packets to a random (usually high) port number, which are hardly distinguishable from other UDP traffic.

Different traceroute tools on different platforms use different types of packets for tracing. Some use ICMP type 8 code 3 (ping) packets, others use UDP packets to a random (usually high) port number, which are hardly distinguishable from other UDP traffic.

thanks a lot for quick response
I think Windows is TraceRoute !
Help me please

regards,

Why worry about incrementing TTL for only Traceroute?
Obviously you're trying to hide your topology from LAN-side users, but it really shouldn't affect anything to just bump the TTL by 4 for all packets (traceroute or otherwise).
In fact, only modifying "traceroute" packets (as has already been said, there's no such thing as a traceroute packet) will expose your attempt at hiding for anyone with any skill.
Being 100% consistent is going to make it much harder to detect your tweaking of packets.

If you have some really edge-case reason that you absolutely need un-modified TTL internally for certain reasons, then it would be easier to simply place exception rules matching these cases.