I need an assistance to block(make them disappear) some hops from appearing in a traceroute.
Though they are my internal IP ,
See picture below for a guide . i dont't want those hops to appear in a trace ( 10.90.0.166 , 172.16.40.4, 172.16.18 ) .
I'm making use of juniper SRX5800.
![](https://higherlogicdownload.s3.amazonaws.com/JUNIPER/MessageImages/e651ecd1a7f3401e8eb454ddd5829930.png)
In the quest , i applied a filter configuration to a trust interface facing my internal network. Then noticed i was blocking to much.
See result below , and this will rather affect troubleshooting when i applied the filter.
![](https://higherlogicdownload.s3.amazonaws.com/JUNIPER/MessageImages/d11f7128a5cd45e9b7e69c96a0b2d394.png)
Below is my command line configuration
set interfaces reth0 unit 412 family inet filter output block-traceroute
set firewall family inet filter block-traceroute term t1 from source-address 0.0.0.0/0
set firewall family inet filter block-traceroute term t1 from protocol icmp
set firewall family inet filter block-traceroute term t1 from icmp-type time-exceeded
set firewall family inet filter block-traceroute term t1 then discard
set firewall family inet filter block-traceroute term accept-else then accept
BASICALLY BELOW IS AN EXAMPLE OF WHAT I NEED
![](https://higherlogicdownload.s3.amazonaws.com/JUNIPER/MessageImages/cbc08cb68b0f486391dc89cd73ac4fbf.png)
------------------------------
olalekan ajayi
------------------------------