Firewall & TTL

Chupaka · November 13, 2007, 3:29pm

is it possible to filter packets by TTL field?

fatonk · November 13, 2007, 4:33pm

Hi,

I have tried to do it with RouterOS, but unfortunately I have faild to do so. With gentoo linux there is a possibility to filter by TTL, here is example of what has been done in linux:

/sbin/iptables -A USERS -s 10.1.4.0/22 -m ttl --ttl 127 -j ACCEPT
/sbin/iptables -A USERS -s 10.1.4.0/22 -m ttl --ttl 63 -j ACCEPT
/sbin/iptables -A USERS -s 10.1.4.0/22 -m ttl --ttl 31 -j ACCEPT
/sbin/iptables -A USERS -s 10.1.4.0/22 -m ttl --ttl 254 -j ACCEPT
/sbin/iptables -A USERS -s 10.1.4.0/22 -j LOG --log-prefix "Possible NAT "
/sbin/iptables -A USERS -s 10.1.4.0/22 -j DROP

Regards

Faton