Hi there, I'm going through reading the iptables tutorial on the netfilter website (ugh, my head hurts! ;) and I want to try implementing what's described in section "5.5.14. TTL target": http://www.netfilter.org/documentation/tutorials/blueflux/iptables-tutorial.html#AEN2815 "to change all Time To Live values to the same value on all outgoing packets," specifically the first example in "Table 5-24. TTL target" on my Bering setup. Here is what I tried:
# iptables -t mangle -A PREROUTING -i eth0 -j TTL --ttl-set 64 iptables: No chain/target/match by that name # echo $? 1 So I tried adding a new TTL chain to the mangle table: # iptables -t mangle -N TTL # iptables -t mangle -A PREROUTING -i eth0 -j TTL --ttl-set 64 Warning: using chain TTL, not extension # echo $? 0 Iptables is giving me a warning that I don't understand but the exit code says it was successful. Anyone know how it'll affect Shorewall or... actually, how I can use Shorewall's existing tables/chains to accomplish the same thing? While grasping at straws I even tried: gunzip -c Bering_1.0-rc3_modules_2.4.18.tar.gz | tar tvf - | grep -i ttl and found: ./modules/net/ipv4/netfilter/ipt_ttl.o and tried insmod-ing it. I don't know if it's necessary or if it had any effect ;). I tried searching the LEAF and Shorewall mailing lists archive and there doesn't seem to be anything appropriate. Lastly, when/if I successfully implement this, how can I test to see if it's actually mangling the TTL field correctly (which logs, etc. would I look at?) Thanks for any help! -- Cass __________________________________________________ Do You Yahoo!? HotJobs - Search Thousands of New Jobs http://www.hotjobs.com ------------------------------------------------------- This sf.net email is sponsored by: Dice - The leading online job board for high-tech professionals. Search and apply for tech jobs today! http://seeker.dice.com/seeker.epl?rel_code=31 ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
