Thanks for the repost. On Tue, Apr 30, 2002 at 04:32:48PM +0200, Kaddouch Guillaume wrote:
> > You should be able to do something like this: > > > > -t mangle -A PREROUTING <some restrictions to the rule> j TTL --ttl-set 0 > > I had forgot to say that it is for using with the "fake-source" > patch-o-matic that is already install to have a rule like this: > > ... -j REJECT --reject-with icmp-time-exceeded --fake-source IPADDR > > The rule with "-t mangle ..." doesn't allow me to specify an IP address. OK. Try to set the TTL in PREROUTING: -t mangle -A PREROUTING <some restrictions to the rule> j TTL --ttl-set 0 and then when your box generates the time-exceeded in response to this rule, set the src in POSTROUTING: -t nat A POSTROUTING -m ttl --ttl-eq 0 -j SNAT --to IPADDR Ramin > > But I haven't the sufficient skill to do myself the patch. > Is it scheduled? > > Or are they an other method? > > Thanks for your answers. > > Guillaume. > > > > > Ramin
