[Bug 1169] New: Bug in altering IP TTL field of a packet?

bugzilla-daemon at netfilter.org bugzilla-daemon at netfilter.org
Wed Aug 16 15:17:31 CEST 2017


https://bugzilla.netfilter.org/show_bug.cgi?id=1169

            Bug ID: 1169
           Summary: Bug in altering IP TTL field of a packet?
           Product: nftables
           Version: unspecified
          Hardware: All
                OS: All
            Status: NEW
          Severity: enhancement
          Priority: P5
         Component: nft
          Assignee: pablo at netfilter.org
          Reporter: berend at kubusje.nl

When I try to set the IP TTL field to a certain number with a rule it doesn't
change the TTL field but it changes the PROTO field.

This is the rule:
oifname eno2 ip daddr 136.144.X.X ip ttl 1-63 ip ttl set 64 nftrace set 1 log
prefix "TTLTEST "

This is in the log file:
Aug 16 15:08:58 name kernel: TTLTEST IN= OUT=eno2 SRC=217.100.X.X
DST=136.144.X.X LEN=64 TOS=0x10 PREC=0x00 TTL=63 ID=32700 DF PROTO=64

So this seems like a bug to me. 

Altering other IP/TCP fields like dport or sport as documented on the following
link works fine:
https://wiki.nftables.org/wiki-nftables/index.php/Mangle_packet_header_fields

Thanks in advance.

-- 
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20170816/ebba3bcc/attachment.html>


More information about the netfilter-buglog mailing list