Re: [leaf-user] Hiding network behind Bering Box

Erich Titl Thu, 15 Jul 2004 08:39:55 -0700

Tom

At 07:32 15.07.2004 -0700, Tom Eastep wrote:
>Erich Titl wrote:
>>Paul
>>At 21:23 14.07.2004 +0200, Yazgot wrote:
>>
>>>Hello !
>>>
>>>Recently i figured out i need to change TTL of all outgoing packets to
>>>the same value eg 64. Behind bering box is NATed 3 computers network
>>>and i need to make all outgoing traffic look like it is originating
>>
>>>from one machine. AFAIK this is possible by iptables packet mangling
>>
>>>but i can't success setting rules in bering iptables. Is it possible
>>>with bering?
>>
>>Sure, easiest way is to use Shorewall, it does it by default.
>
>Shorewall doesn't alter the TTL of packets passing through the firewall/router and 
>has no native support for doing so. The OP needs to insert the appropriate rules into 
>the mangle table POSTROUTING chain to set TTL as required. The iptables commands can 
>be placed in the /etc/shorewall/start file.


Thanks making this clear, I was referring to the masquerading function

Erich

THINK 
P�ntenstrasse 39 
8143 Stallikon 
mailto:[EMAIL PROTECTED] 
PGP Fingerprint: BC9A 25BC 3954 3BC8 C024 8D8A B7D4 FF9D 05B8 0A16




-------------------------------------------------------
This SF.Net email is sponsored by BEA Weblogic Workshop
FREE Java Enterprise J2EE developer tools!
Get your free copy of BEA WebLogic Workshop 8.1 today.
http://ads.osdn.com/?ad_idG21&alloc_id040&op=click
------------------------------------------------------------------------
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

Re: [leaf-user] Hiding network behind Bering Box

Reply via email to