Date: Mon, 14 Aug 2000 00:36:47 +1000 (EST) From: Darren Reed <darrenr@reed.wattle.id.au> To: fengyue@bluerose.windmoon.nu Cc: hackers@FreeBSD.ORG Subject: Re: ipfw drop packets based on SYN &TTL Message-ID: <200008131436.AAA27300@avalon.reed.wattle.id.au>
next in thread | raw e-mail | index | archive | help
> Hi, I need to drop packets using ipfw based on the value of > TTL and the value of TTL on a 2.2.8-stable system. It seems > ipfw does not support this, what options do I have? If you use IP Filter, this should "just work". You won't have to upgrade your system to FreeBSD 4.x/5.x either. I still use FreeBSD 2.2.X with current versions of IP Filter with no trouble. The syntax would be: block in ttl 1 proto tcp all flags S/S to block all TCP packets with the SYN bit set and a TTL of 1. Darren To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200008131436.AAA27300>