Help - Mangle Packet TTL

This advanced option will set the Time to Live or TTL embedded in every IP packet. The TTL is used to tell when a packet has traveled too far without reaching its destination. This prevents it from traveling in infinite loops. Normally this value is set by the operating system and should not be changed. However, some providers, particularly broadband providers, do not want networks connected to the Internet through a single gateway/firewall system. Packets with varying TTLs apparently coming from a single system are evidence of a private network. This option will allow you to set one TTL on all outbound packets.

(If Javascript is disabled, then select this option and click the Generate Firewall button, and the form will release the TTL field.)

If the Mangle TTL option is checked, a value must be entered in the TTL field for the firewall to successfully generate. The default value is 128 hops. Do not change the default unless you really know what you're doing. A bad choice could have serious consequences.

Note: Broadband providers are beginning to look at traffic as the sole measure and charge heavy users more whether they use a single system or service a network. This is a more reasonable approach than attempting to prohibit networks attached through a gateway. If your provider does not restrict subscribers from using private networks, you probably have no need to use this option.

Note: The TTL target may not be included in the distribution on your system. If it is not and you require it, you will have to add it. That may require that you build from source.

Close Window