linux-kernel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
* [PATCH] fix for /usr/src/linux/net/ipv4/ip_default_ttl usage
@ 2002-03-18 20:35 Charles-Edouard Ruault
  0 siblings, 0 replies; only message in thread
From: Charles-Edouard Ruault @ 2002-03-18 20:35 UTC (permalink / raw)
  To: linux-kernel; +Cc: davem

[-- Attachment #1: Type: text/plain, Size: 1017 bytes --]

Hi All,

i've been playing with different IP setting available in the linux 
kernel ( 2.4.18 ) and found a stange behaviour with 
/usr/src/linux/net/ipv4/ip_default_ttl :
the value that you set here is not taken into account in the following 
cases :

- ICMP reply ( of any kind )
- TCP RST .

since the sockets used in this cases are the one created at the init of 
the given protocols, and therefore the ttl value used are the one that 
are setup at boot time and not the one that you will set later when 
using the sysctl or the proc interface.

I'm not sure that this has been left out on purpose since it will defeat 
the goal of changing the default ttl to confuse OS fingerprinting 
softwares.
Therefore, i've made a small patch ( against kernel 2.4.18 ) that will 
change the behaviour and make the default ttl be used in these cases.

I hope it will be useful to some of you ....
Regards

PS : i'm not on the list so please CC me if you reply to this email.

-- 
Charles-Edouard Ruault
PGP Key ID 4370AF2D



[-- Attachment #2: default_ttl.patch --]
[-- Type: text/plain, Size: 1090 bytes --]

--- icmp.c.sav	Mon Mar 18 10:43:24 2002
+++ icmp.c	Mon Mar 18 12:29:48 2002
@@ -139,6 +139,8 @@
   { EHOSTUNREACH,	1 }	/*	ICMP_PREC_CUTOFF	*/
 };
 
+extern int sysctl_ip_default_ttl;
+
 /* Control parameters for ECHO replies. */
 int sysctl_icmp_echo_ignore_all;
 int sysctl_icmp_echo_ignore_broadcasts;
@@ -354,6 +356,7 @@
 	icmp_out_count(icmp_param->data.icmph.type);
 
 	sk->protinfo.af_inet.tos = skb->nh.iph->tos;
+	sk->protinfo.af_inet.ttl = sysctl_ip_default_ttl;
 	daddr = ipc.addr = rt->rt_src;
 	ipc.opt = NULL;
 	if (icmp_param->replyopts.optlen) {
--- tcp_ipv4.c.sav	Mon Mar 18 10:43:03 2002
+++ tcp_ipv4.c	Mon Mar 18 11:54:16 2002
@@ -64,7 +64,7 @@
 #include <linux/ipsec.h>
 
 extern int sysctl_ip_dynaddr;
-
+extern int sysctl_ip_default_ttl;
 /* Check TCP sequence numbers in ICMP packets. */
 #define ICMP_MIN_LENGTH 8
 
@@ -1072,6 +1072,7 @@
 	arg.n_iov = 1;
 	arg.csumoffset = offsetof(struct tcphdr, check) / 2; 
 
+	tcp_socket->sk->protinfo.af_inet.ttl = sysctl_ip_default_ttl;
 	ip_send_reply(tcp_socket->sk, skb, &arg, sizeof rth);
 
 	TCP_INC_STATS_BH(TcpOutSegs);

^ permalink raw reply	[flat|nested] only message in thread
only message in thread, other threads:[~2002-03-18 20:33 UTC | newest]

Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2002-03-18 20:35 [PATCH] fix for /usr/src/linux/net/ipv4/ip_default_ttl usage Charles-Edouard Ruault

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).