> Hi, I need to drop packets using ipfw based on the value of
> TTL and the value of TTL on a 2.2.8-stable system. It seems
> ipfw does not support this, what options do I have?
If you use IP Filter, this should "just work". You won't have
to upgrade your system to FreeBSD 4.x/5.x either. I still use
FreeBSD 2.2.X with current versions of IP Filter with no trouble.
The syntax would be:
block in ttl 1 proto tcp all flags S/S
to block all TCP packets with the SYN bit set and a TTL of 1.
Darren
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message
