heh--yeah, sorry about that. Frederico- there's a nice (albeit a bit old) step-by-step on patch-o-matic at: http://www.lowth.com/howto/add-iptables-modules.php when you get down to step 6--the patch you're interested in is: "runme base/TTL.patch" i've never had any luck with pom-ng on the stock RH kernels (runme says that the kernel is too old), so you probably want to grab 'patch-o-matic-20031219' which does have the TTL target you're looking for. HTH, -j -----Original Message----- From: netfilter-admin@xxxxxxxxxxxxxxxxxxx [mailto:netfilter-admin@xxxxxxxxxxxxxxxxxxx]On Behalf Of Antony Stone Sent: Friday, July 23, 2004 2:44 PM To: netfilter@xxxxxxxxxxxxxxxxxxx Subject: Re: TTL target On Friday 23 July 2004 7:29 pm, Gonzalez, Federico wrote: > I get the following error: > > iptables: No chain/target/match by that name I think two people may be talking about two different things here without realising it: The ttl *match* (lowercase) is for matching packets by value of the TTL field. The TTL *target* (uppercase) is for altering the TTL value in a packet. Sorry I can't answer the actual question, because I don't use Fedora, but hopefully this might help to avoid some confusion, at least... Regards, Antony. > ----- Original Message ----- > From: "Jason Opperisano" <Jopperisano@xxxxxxxxxxxxxxxx> > To: "Gonzalez, Federico" <fgonzalez@xxxxxxxxxxxxxx>; > <netfilter@xxxxxxxxxxxxxxxxxxx> > Sent: Friday, July 23, 2004 3:21 PM > Subject: RE: TTL target > > > um--on fedora core 1--which seems to match the versions you provide, the > TTL match target is there. > > $ uname -r > 2.4.22-1.2197.nptl > > $ iptables -V > iptables v1.2.9 > > # iptables -A INPUT -m ttl --ttl-eq 1 -j DROP > # > > # iptables -vnL INPUT > Chain INPUT (policy DROP 184 packets, 19161 bytes) > pkts bytes target prot opt in out source > destination > 0 0 DROP all -- * * 0.0.0.0/0 > 0.0.0.0/0 TTL match TTL == 1 > > -j > > -----Original Message----- > From: netfilter-admin@xxxxxxxxxxxxxxxxxxx > [mailto:netfilter-admin@xxxxxxxxxxxxxxxxxxx]On Behalf Of Gonzalez, > Federico > Sent: Friday, July 23, 2004 1:52 PM > To: netfilter@xxxxxxxxxxxxxxxxxxx > Subject: TTL target > > > Hi, > > I have iptables 1.2.9, red hat kernel 2.4.22 and i need to use the TTL > target to change the packets TTL. > > How do i enable this functionality ? > > Thank you. -- "Black holes are where God divided by zero." - Steven Wright Please reply to the list; please don't CC me.
