Hello,
I want to ask you how can I set TTL to TCP packet? I want all outgoing packets from my OpenBSD router to be with TTL=2 to some machines in network, but I don't know how to make it.
Thanks!!!
Hi, Well I did change the TTL flag on the TCP package, but you have to get that packages using pcap and change the TTL flag on the IP header of the package (the first header, well you have to check if the package is a Ip based package) and after that you have to resend the package using a raw C socket, and drop the original package. well ... something like that ...
Sumary, I made it deploying a special C program to do that, it takes a while!
So if you have any questions, please let me know.
Good luck
Kenneth
If you use pf on your OpenBSD box, you can set a scrub rule like this:
scrub out on $ext_if all min-ttl 10
that should be enougth to change the time to live flag on the Ip package to 10, that for all the outgoing traffic on the ext_int of your OpenBSD box.
Cheers
Kenneth
TTL
Hi, Well I did change the TTL flag on the TCP package, but you have to get that packages using pcap and change the TTL flag on the IP header of the package (the first header, well you have to check if the package is a Ip based package) and after that you have to resend the package using a raw C socket, and drop the original package. well ... something like that ...
Sumary, I made it deploying a special C program to do that, it takes a while!
So if you have any questions, please let me know.
Good luck
Kenneth
TTL -second choice
If you use pf on your OpenBSD box, you can set a scrub rule like this:
scrub out on $ext_if all min-ttl 10
that should be enougth to change the time to live flag on the Ip package to 10, that for all the outgoing traffic on the ext_int of your OpenBSD box.
Cheers
Kenneth