That's why you set min-ttl to it's highest value. You could also look at 'reassemble tcp'. It modifies ttl setting in the session as well. But it's meant more for normalizing traffic.
-Geoff Alexey S. Malyshev wrote: > On Sun, 30 Oct 2005 10:00:25 -0500 > Jeff Quast <[EMAIL PROTECTED]> wrote: > > >>scrub on $ext_if min-ttl 255 >> >>On 10/30/05, Alexey S. Malyshev <[EMAIL PROTECTED]> wrote: >> >>>Hi misc@ >>> >>>How to set TTL to certain value on a certain interface in order to hide >>>presence of LAN behind NAT? >>> >>> > > > hmm... but if TTL == 128 and min-ttl == 64, than packets not scrubed by PF... > and anti-NAT systems block this ip > > FreeBSD has `IPSTEALTH', OpenBSD have anything to do this? > > sorry, my english is very, very bad =(
