tech-net: Re: FreeBSD IPSTEALTH

Subject: Re: FreeBSD IPSTEALTH
To: <>
From: Rui Paulo <goteki@pixeloverflow.com>
List: tech-net
Date: 12/31/2003 03:36:39

In fact it is, but I don't know if there is a better way than adding an
argument to ip_doootions() in NetBSD. And if I add that argument it
will break some other functions in ip_input.c. Maybe you know a better
way?

Regards,
	Rui Paulo

On Tue, 30 Dec 2003 19:13:38 -0800
Jason Thorpe <thorpej@wasabisystems.com> wrote:

> 
> On Dec 30, 2003, at 6:33 PM, Rui Paulo wrote:
> 
> >> From FreeBSD LINT kernel configuration:
> >
> > # IPSTEALTH enables code to support stealth forwarding (i.e.,
> > forwarding
> > # packets without touching the ttl).  This can be useful to
> > hide firewalls
> > # from traceroute and similar tools.
> 
> Ah, I just read the code in FreeBSD.  Looks like it would be almost 
> trivial to add this code to the NetBSD IP stack.
> 
>          -- Jason R. Thorpe <thorpej@wasabisystems.com>
> 
> 


-

  "Simplicity is the ultimate 
    sophistication." 
    -- Leonardo da Vinci      

goteki at pixeloverflow dot com | \
    [g|n]awk '{ gsub(/ dot /,".") }; { gsub(/ at /,"@") } END { print }'