[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW1] Dropping packets with specific TTL
You must understand how to create a service 'other', and you need to understand the INSPECT language. try creating a service ip-ttl-too-short (or whatever you want to call it) then, in the Match field try ip_ttl < 2 I have implemented the rule on my firewall with no adverse effects. I have not tested this, but this should get you going down the right path. Lemme know (anyone who want to test this.) If it doesn't work, I'll write one that does. Cheers, CryptoTech Cedric Amand wrote: > Hi, > > I would like to drop all incoming packets that > have a TTL below a certain value. > > Does anyone know how I can do that ? > > Thanks in advance, > > -- > Best regards, > Cedric mailto:[email protected] > > ================================================================================ > To unsubscribe from this mailing list, please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================================================ ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|