Quite a number of people have been asking me about ipsrvtrace. It's a
tool I wrote a few months ago, to investigate a service-specific black
hole. (Packets to one net to port 80 didn't get through; packets to
other ports or other nets did, and the network manager insisted that
there were no firewalls or transparent proxies in the way.)

Anyway -- the code is not (yet) released. It runs on NetBSD, FreeBSD,
and OpenBSD; a variant runs on Linux, but I haven't folded the Linux
changes back into the base version yet. If you need that sort of
functionality today, use tcptraceroute, which you can find at

    --Steve Bellovin, http://www.research.att.com/~smb
    Full text of "Firewalls" book now at http://www.wilyhacker.com

hping (www.hping.org or the FreeBSD Ports collection) can do tcp-based
tracerouting too, and a lot of other nice/nasty things as well. Slides
right past most non-stateful filtering.