aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--README.md11
-rw-r--r--awall/modules/ttl.lua39
2 files changed, 50 insertions, 0 deletions
diff --git a/README.md b/README.md
index 6b20544..cc05910 100644
--- a/README.md
+++ b/README.md
@@ -472,6 +472,17 @@ attribute named **classify**, must specify the class using the
**class** attribute. These rules apply to the both directions of the
matching traffic.
+#### TTL Adjustment Rules
+
+TTL adjustment rules are used to set the TTL field of the IPv4 packets
+matching the specified criteria. The TTL adjustment rules are contained
+in the top-level list attribute named **ttl** and define an attribute
+named **ttl**. If the value is a non-negative integer, the TTL of the
+packet is set to the value. If it is a negative integer, the TTL value
+is decremented accordingly. The TTL value can be incremented by a
+constant by setting the attribute value to a string representing a
+positive integer, prepended with the plus sign (**+**).
+
#### Transparent Proxy Rules
Transparent proxy rules divert the matching packets to a local proxy
diff --git a/awall/modules/ttl.lua b/awall/modules/ttl.lua
new file mode 100644
index 0000000..3a1da36
--- /dev/null
+++ b/awall/modules/ttl.lua
@@ -0,0 +1,39 @@
+--[[
+TTL adjustment module for Alpine Wall
+Copyright (C) 2012-2016 Kaarle Ritvanen
+See LICENSE file for license details
+]]--
+
+
+local model = require('awall.model')
+
+
+local TTLRule = model.class(model.Rule)
+
+function TTLRule:trules()
+ local res = {}
+ for _, rule in ipairs(TTLRule.super(self):trules()) do
+ if rule.family == 'inet' then table.insert(res, rule) end
+ end
+ return res
+end
+
+function TTLRule:table() return 'mangle' end
+
+function TTLRule:target()
+ if not self.ttl then self:error('TTL not specified') end
+
+ if type(self.ttl) == 'string' then
+ if self.ttl:sub(1, 1) == '+' then
+ return 'TTL --ttl-inc '..self.ttl:sub(2, -1)
+ else self.ttl = tonumber(self.ttl) end
+ end
+ if type(self.ttl) ~= 'number' then
+ self:error('Invalid TTL specification')
+ end
+
+ return 'TTL --ttl-'..(self.ttl < 0 and 'dec' or 'set')..' '..
+ math.abs(self.ttl)
+end
+
+return {export={ttl={class=TTLRule}}}
generated by cgit v1.2.3 (git 2.25.1) at 2025-09-13 00:52:03 +0000