----- Original Message -----
From: "Ramin Alidousti" <
ramin@xxxxxxxxxxxxxxxxxxxx>
To:
"Kaddouch Guillaume" <
gkweb@xxxxxxxxxx>
Cc: <
netfilter@xxxxxxxxxxxxxxx>
Sent:
Monday, April 29, 2002 7:18 PM
Subject: Re: "-j REJECT --reject-with
icmp-time-exceeded"
> You should be able to do something like
this:
>
> -t mangle -A PREROUTING <some restrictions to the
rule> j TTL --ttl-set 0
I had forgot to say that it is for using with
the "fake-source"
patch-o-matic that is already install to have a rule like
this:
... -j REJECT --reject-with icmp-time-exceeded
--fake-source IPADDR
The rule with "-t mangle ..." doesn't allow me to
specify an IP address.
But I haven't the sufficient skill to do myself
the patch.
Is it scheduled?
Or are they an other method?
Thanks
for your answers.
Guillaume.
>
> Ramin
>
> On Mon, Apr 29, 2002 at
06:27:24PM +0200, Kaddouch Guillaume wrote:
>
> > For certains
raison I have to reject a packet with a "time-exceeded"
icmp reply. However,
this type of packet don't seem to be sendable by target
REJECT.
> >
Is exist a patch to do it?
> >
> > Thanks.
>
>
> >
Guillaume.
>