Hi, > No this sysctl is not what i want. > I need to change ttl of outgoing packets to my internal network. > For example. There is connection from host on internet. > it has for example 10 hops to my gateway. And when packet comes > to my box it has for example 55 ttl in ip header. > And then it is routed to host in my network so my box change ttl > to 54. But what i need is change ttl to '1'.
In Linux terms, you want to ``mangle'' the packet, we-writing its TTL. AFAIK, this is not possible with FreeBSD since this is really not a common action for a firewall (some conservative folks would even argue this is not its job). The pf firewall seems to have a ``min-ttl'' statement in traffic normalization, but there is no ``max-ttl'' one. The simplest way to achieve this is to write a userland daemon which will retrieve the packet from the firewall from a divert socket, using ipfw(8). But this would have very poor performances in case you need high-bandwidth traffic as each packet would require at least two context switches, but for a DSL connexion, I guess this would be ok. There other solution is to make a patch for one of the firewall avaiable in FreeBSD. Best regards, -- Jeremie Le Hen < jeremie at le-hen dot org >< ttz at chchile dot org > _______________________________________________ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "[EMAIL PROTECTED]"
