Stuart Henderson wrote: > > On 2007/12/21 14:13, gentoo1 wrote: >> I put this in my pf.conf but ttl is still zero.: >> >> scrub out on $ext_if min-ttl 10 >> .... >> scrub in on $ext_if all fragment reassemble min-ttl 15 max-mss 1400 > > You've got some other scrub rules: > >> scrub in all fragment reassemble >> scrub in on fxp0 all min-ttl 15 max-mss 1400 fragment reassemble >> scrub out on fxp0 all min-ttl 15 max-mss 1400 fragment reassemble >> scrub in on fxp0 all no-df fragment reassemble >> scrub on fxp0 all reassemble tcp fragment reassemble > > It looks like first matching scrub rule wins, so you need to > remove/re-order some of the others. > > >
Thank you Stuart for your kind reply! Ok. I try your rules but ttl is still zero. First i set this rules in my pf.conf , then i flush all tables and start pf again. mars:~# pfctl -sr scrub in all fragment reassemble scrub in all fragment reassemble scrub in on fxp0 all min-ttl 15 max-mss 1400 fragment reassemble scrub out on fxp0 all min-ttl 15 max-mss 1400 fragment reassemble scrub in on fxp0 all no-df fragment reassemble scrub on fxp0 all reassemble tcp fragment reassemble .......... mars:~# ping openbsd.org PING openbsd.org (199.185.137.3): 56 data bytes 64 bytes from 199.185.137.3: icmp_seq=0 ttl=0 time=207.995 ms 64 bytes from 199.185.137.3: icmp_seq=1 ttl=0 time=208.266 ms :( So any other ideas? Thanks -- View this message in context: http://www.nabble.com/OpenBSD-4.1----NAT-%2B-ttl%3D0-trouble-tp14463336p14467410.html Sent from the openbsd user - misc mailing list archive at Nabble.com.
