TTL mangling need some help

Discussion in 'HyperWRT Firmware' started by Wirt, Apr 3, 2006.

  1. Wirt

    Wirt LI Guru Member


    I need my WRT54GS V4 router to NOT decrease TTL for all packets.
    Now I found these two lines that I guess should do the job:

    iptables -t mangle -A PREROUTING -i eth1 -j TTL --ttl-inc 1
    iptables -t mangle -A POSTROUTING -o eth1 -j TTL --ttl-inc 1

    My questions are:
    Will I be able to make use of this option with the HyperWRT + Thibor firmware (BTW am I correct that + Tofu is not for WRT54GS?), using the webpage access (or is telnet the only way if there is a way at all)?

    Are the lines correct :) ?
    I also found the same commands with:

    iptables -t mangle -J (...)
    instead of -A, which am I supposed to use?

    And I also saw:
    instead of eth1, which is the one I need?

    Will the router save this setting forever or will I have to add it everytime I turn on/off/reset the router?

    And my final question :)

    What's the simplest way to verify that the router is indeed not decreasing TTL (or actually decreasing and then increasing for the same effect)? What to ping or how to tell?

    Some very specific questions here, but if anyone can tell me if this is doable and with what firmware and how, I will be greatful :)
  2. Wirt

    Wirt LI Guru Member

    I got most of it figured out.

    I still have a porblem with the Startup Script, the Run Command works fine, but Sturtup Script has no effect. Here's what I tried:

    iptables -t mangle -A PREROUTING -i vlan1 -j TTL --ttl-inc 1
    iptables -t mangle -A POSTROUTING -o vlan1 -j TTL --ttl-inc 1

    and then:

    sleep 60
    /usr/sbin/iptables -t mangle -A PREROUTING -i vlan1 -j TTL --ttl-inc 1
    /usr/sbin/iptables -t mangle -A POSTROUTING -o vlan1 -j TTL --ttl-inc 1

    but both aren't doing what their supposed to.
    Only one time command works (I'm pinging a website with preset TTL and see if it expires).
  3. Wirt

    Wirt LI Guru Member

    So the script did work after all :) I was just too impatient and didn't wait the 60 sec. and for the script to run (I thought that was 60ms).

    My final script is as follows:

    sleep 10
    iptables -t mangle -A PREROUTING -i vlan1 -j TTL --ttl-inc 1
    iptables -t mangle -A POSTROUTING -o vlan1 -j TTL --ttl-inc 1

    Thats for AP mode (Client mode must be eth1 instead of vlan1, I guess)

    I think it would be a really nice feature to add to the future HyperWRT based firmware web page access as an option, as I found many people want to do this and it isn't easy to figure out if you don't know the first thing about Linux and networking (like me :) )

    Now to make my router pretend it's a Windows machine and make it reply with a TTL of 128 :D
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice