Hi, guys
I was wondering how can I achieve such routing as the FreeBSD's ipstealth.
In other words, how can I make my linux to route like FreeBSD with ipstealth option compiled? I want my linux kernel not to touch the TTL value when routing internet. Can anyone tell me ? In *BSD is easy, but in linux ?

thank you

Hack /usr/src/linux/net/ip_forward.c, comment ip_decrease_ttl(iph); and recompile your kernel.

If you're trying to hide it from tracert (that is, Microsoft's traceroute) you can DROP ICMP type 11. That will only work against tracert though (the *NIX traceroute uses UDP).

HTH

Thank you!
I only need the TTL value untouched, I don't care about traceroute.

I have to recompile only the bzImage not the modules, right ?

Depends on how your kernel config is set up. I'd do both (not knowing what you have as modules), but you can try the bzImage first. The worst it can do is not work (or panic the machine ) ...

Out of morbid curiosity -- If you're not trying to hide from traceroute, what's the point?

OK, I've test it.
It works, but not quite...
First let me tell you why I'm doing this.
So...receive every packet from my ISP with TTL=0, originally this prevents NAT-ing,
I've patched my kernel with patch-o-matic for TTL target supprt and set the TTL to some other value so my machines behind the router have internet now.
But the "TTL target support" exercise is too boring, I need something quick and easy
In FreeBSD is very easy, just compile the kernel with ipstealth and everything is fine
So I want something like ipstealth in linux

sigsegv, I've test that you told
and it's work when there is some value different from zero
I set the TTL to 128 and a machine behind the router receives TTL=127
that was before
with my new kernel
the machine receives 128
but when I flush iptables, the TTL goes back to zero and the machines behind the router don't receive anything...
With FreeBSD they received same as the router (TTL=0)

any idea what's wrong ?

thank you

2 ugly things:
- there is a goto command
- (iph->ttl <= 1) also triggers for ttl=0 and ttl=1
Comment out
too, to ignore ttl (dangerous!! may cause packets to loop infinitely on your network, especially if you do it on more than one machine or the machine sends junk to itself).

stonux, these two lines are just condition
if TTL=0/1 it sends ICMP for expiration or something...
this have nothing to do with the IP header
and there is no reason of "looping infinitely"
sorry, but I thing you are generally wrong
read again my previous post

Come on guys
I don't believe that noone knows!

I'm not talking at an endless loop in the code.
I'm talking about packets endlessly loop on the network.
The reason why TTL has been introduced is not to prevent
ISP customers from NATting :-).
I just suspect that this "if" statement drops the packets.

Man, sorry, but I think you are nuts
I know what you mean!
But you are wrong.
How do you imagine this:
?

And about ISPs...
they don't really care about the reason why TTL field exists in the IP header. They just use it to prevent most of the clients to use NAT (although I can't see a method or technique an ISP can use to prevent some advanced UNIX user to NAT, but OK, let them set TTL=0 )

stonux, no offence meant !
I just don't agree with you
sorry