Re: Changing packets ttl's

• Previous message: Neo-Vortex: "Re: Changing packets ttl's"
• In reply to: GiZmen: "Changing packets ttl's"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Date: Wed, 27 Apr 2005 10:33:04 +0300
To: freebsd-net@freebsd.org

On 4/27/05, GiZmen <gizmen@zion.vsip.pl> wrote:
> Hi,
>
> I am searching how to change packet ttl. I am runing a freebsd 5.4
> gateway and i would like to change ttl of any packets that are
> going out from my internal interface. My goal is to change ttl to 1
> so the last hop is the next host in my internal network.
> I want to prevent people to do small NAT in my network. I know that
> changing ttl's is easy to bypass but not for normal user :)
> I am using pf as my packet filter but there is no option to change
> ttls to smaler value. Please help me with this problem.
> Big thanks

   IIRC, ipf can match packets by their ttl. You can use it to drop
packets that come from your network and have odd ttls (63, 127),
therefore preventing (most) users in that network from NATing
eachother.

>
> --
> Best Regards:
> GiZmen
>
> UNIX is user-friendly; it's just picky about its friends
> UNIX is simple; it just takes a genius to understand its simplicity
> _______________________________________________
> freebsd-net@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-net
> To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"
>

-- 
If it's there, and you can see it, it's real.
If it's not there, and you can see it, it's virtual.
If it's there, and you can't see it, it's transparent.
If it's not there, and you can't see it, you erased it.
_______________________________________________
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"

• Previous message: Neo-Vortex: "Re: Changing packets ttl's"
• In reply to: GiZmen: "Changing packets ttl's"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Relevant Pages Re: ICMP Destination Unreachable, Administratively Prohibited ... These are ICMP type 3 packets, ... know for sure if it came from your network. ... The TTL in each stimulus packet is 124. ... 128 but that would imply the Windows box is 4 hops from the router. ... (Incidents) Re: SRVLOC multicast packets ... > packets that I am seeing on our network for SVRLOC.MCAST.NET ... > If you can find a multicast group to which users are being ... > inadvertently connected with a significant ttl, ... (comp.security.misc) Re: current-mode opamps ... when you screw the TTL logic with wrong level you screw your ... packets transmitted, 5 packets received, 0% packet loss ... % This is the RIPE Whois query server #1. ... mnt-routes: INET-NOC ... (sci.electronics.design) Re: Clever firewall rules ... TTL match+target ... coming onto my firewall get their TTL incremented by 5. ... 2- drop all the packets with source routing, record route, timestamp ... use during office hours (time match). ... (Focus-Linux) Re: TTL modification while routing IP packets ... > Long time ago 30 was a de facto TTL used in a lot of devices. ... this applies only to packets that the computer generates. ... Herb Martin ... >>> Don't confuse IP packet TTLs with DNS record TTLs, ... (microsoft.public.win2000.networking)