From owner-freebsd-bugs Sat Feb 23 8: 0: 9 2002 Delivered-To: freebsd-bugs@hub.freebsd.org Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21]) by hub.freebsd.org (Postfix) with ESMTP id 5712437B402 for ; Sat, 23 Feb 2002 08:00:03 -0800 (PST) Received: (from gnats@localhost) by freefall.freebsd.org (8.11.6/8.11.6) id g1NG03232004; Sat, 23 Feb 2002 08:00:03 -0800 (PST) (envelope-from gnats) Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21]) by hub.freebsd.org (Postfix) with ESMTP id E5ED237B404 for ; Sat, 23 Feb 2002 07:53:21 -0800 (PST) Received: (from nobody@localhost) by freefall.freebsd.org (8.11.6/8.11.6) id g1NFrLR31225; Sat, 23 Feb 2002 07:53:21 -0800 (PST) (envelope-from nobody) Message-Id: <200202231553.g1NFrLR31225@freefall.freebsd.org> Date: Sat, 23 Feb 2002 07:53:21 -0800 (PST) From: Julian Noble To: freebsd-gnats-submit@FreeBSD.org X-Send-Pr-Version: www-1.0 Subject: misc/35245: unwanted stealth behaviour (inbound icmp via ppp tun0 ttl not decremented ?) Sender: owner-freebsd-bugs@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org >Number: 35245 >Category: misc >Synopsis: unwanted stealth behaviour (inbound icmp via ppp tun0 ttl not decremented ?) >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Sat Feb 23 08:00:03 PST 2002 >Closed-Date: >Last-Modified: >Originator: Julian Noble >Release: >Organization: Precisium >Environment: FreeBSD sydr3.Junctionworld.net 4.4-STABLE FreeBSD 4.4-STABLE #0: Wed Jan 23 07:42:09 GMT 2002 root@sydr3.Junctionworld.net:/usr/src/sys/compile/P7 i386 >Description: machine exhibits unwanted 'stealth' behaviour for inbound traceroutes to machines behind it even when no firewall enabled and IPSTEALTH kernel option not present. Machine does however appear as a hop for outbound traceroutes from machines behind it. >How-To-Repeat: traceroute to a machine behind a FreeBSD box with a ppp wan link and with the following kernel options. Hop is missing from trace even when you disable the firewall with sysctl or ipfw flush. No nat. All valid IP addresses. Connection is ADSL. If this is the nature of tun interfaces or something - I couldn't find any documentation on it. Only documentation I could find anywhere was about enabling stealth behaviour - not disabling - and I certainly didn't expect it to be on by default. It may be obvious - but I'm also new to unix-like operating systems so make extra consideration of the fact that I might not know what I'm doing. options IPFIREWALL options IPFIREWALL_VERBOSE options IPFIREWALL_VERBOSE_LIMIT=250 options IPFIREWALL_DEFAULT_TO_ACCEPT options IPDIVERT options NETGRAPH options NETGRAPH_SOCKET options NETGRAPH_ECHO options NETGRAPH_TEE options NETGRAPH_PPPOE options NETGRAPH_ETHER >Fix: >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message