On 4/27/05, GiZmen <[EMAIL PROTECTED]> wrote: > Hi, > > I am searching how to change packet ttl. I am runing a freebsd 5.4 > gateway and i would like to change ttl of any packets that are > going out from my internal interface. My goal is to change ttl to 1 > so the last hop is the next host in my internal network. > I want to prevent people to do small NAT in my network. I know that > changing ttl's is easy to bypass but not for normal user :) > I am using pf as my packet filter but there is no option to change > ttls to smaler value. Please help me with this problem. > Big thanks
IIRC, ipf can match packets by their ttl. You can use it to drop packets that come from your network and have odd ttls (63, 127), therefore preventing (most) users in that network from NATing eachother. > > -- > Best Regards: > GiZmen > > UNIX is user-friendly; it's just picky about its friends > UNIX is simple; it just takes a genius to understand its simplicity > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "[EMAIL PROTECTED]" > -- If it's there, and you can see it, it's real. If it's not there, and you can see it, it's virtual. If it's there, and you can't see it, it's transparent. If it's not there, and you can't see it, you erased it. _______________________________________________ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "[EMAIL PROTECTED]"
