Re: changing ttl size of forwarding packet

---

• From: Freddie Cash <fjwcash+freebsd@xxxxxxxxx>
• Date: Tue, 24 Jul 2007 12:04:19 -0700

---

On July 24, 2007 11:28 am Chuck Swiger wrote:

On Jul 24, 2007, at 10:46 AM, Samit wrote:

iptables can easily do it via mangle table. Is there any way using
ipfw2
to change the ttl size of the forwarding packets?

The size of the TTL field is fixed by the IP protocol to 1 byte;
perhaps you are looking for the IPFW transparent firewall option,
which prevents it from decrementing the TTL in order to make a
"hidden" firewall...?

Taken from http://www.linuxtopia.org/Linux_Firewall_iptables/x1196.html:
The TTL target is used to change the TTL (Time To Live) field of the
packet. We could tell packets to only have a specific TTL and so on. One
good reason for this could be that we don't want to give ourself away to
nosy Internet Service Providers. Some Internet Service Providers do not
like users running multiple computers on one single connection, and there
are some Internet Service Providers known to look for a single host
generating different TTL values, and take this as one of many signs of
multiple computers connected to a single connection.

What you are looking for is the IPSTEALTH kernel option, which gives you
an ipstealth sysctl that you can toggle. This will change the network
stack to either decrement the TTL as per normal (ipstealth=0) or not
decrement the TTL (ipstealth=1).

--
Freddie Cash, LPIC-2 CCNT CCLP Network Support Technician
School District 73 (250) 377-HELP [377-4357]
fjwcash+freebsd@xxxxxxxxx
_______________________________________________
freebsd-isp@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-isp
To unsubscribe, send any mail to "freebsd-isp-unsubscribe@xxxxxxxxxxx"

---

• References:
  • changing ttl size of forwarding packet
    • From: Samit
  • Re: changing ttl size of forwarding packet
    • From: Chuck Swiger

• Prev by Date: Re: changing ttl size of forwarding packet
• Next by Date: Re: changing ttl size of forwarding packet
• Previous by thread: Re: changing ttl size of forwarding packet
• Next by thread: Re: changing ttl size of forwarding packet
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: current-mode opamps ... when you screw the TTL logic with wrong level you screw your ... packets transmitted, 5 packets received, 0% packet loss ... % This is the RIPE Whois query server #1. ... mnt-routes: INET-NOC ... (sci.electronics.design) Re: Clever firewall rules ... TTL match+target ... coming onto my firewall get their TTL incremented by 5. ... 2- drop all the packets with source routing, record route, timestamp ... use during office hours (time match). ... (Focus-Linux) Re: TTL modification while routing IP packets ... > Long time ago 30 was a de facto TTL used in a lot of devices. ... this applies only to packets that the computer generates. ... Herb Martin ... >>> Don't confuse IP packet TTLs with DNS record TTLs, ... (microsoft.public.win2000.networking) Re: AKICIF: Mac Stuff ... >> (In fact the internet connection is to the household LAN, ... One example is to examine the TTL field of outgoing packets. ... for a router is to decrement the TTL on all packets passing through. ... (rec.arts.sf.fandom) Re: Changing packets ttls ... > I am searching how to change packet ttl. ... > so the last hop is the next host in my internal network. ... > changing ttl's is easy to bypass but not for normal user:) ... ipf can match packets by their ttl. ... (freebsd-net)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• Mailing-Lists
• Newsgroups
• About
• Privacy
• Search
• Imprint

unix.derkeiler.com  > Mailing-Lists  > FreeBSD  > isp  > 2007-07