***HELP*** TTL change for all devices using router

Post new topic   Reply to topic    DD-WRT Forum Index -> Advanced Networking
Goto page Previous  1, 2
Author Message
kernel-panic69
DD-WRT Guru


Joined: 08 May 2018
Posts: 14485
Location: Texas, USA

PostPosted: Tue Dec 31, 2019 13:48    Post subject: Reply with quote
And all you should have to do is add those rules for TTL to the firewall script in Admin - Commands, save firewall, reboot, and then you can check it with iptables -vnL -t mangle via telnet/ssh. Don't necessarily have to use the whole command you were using, but even that should work. That is what I was saying the whole time. I guess my plain English ain't clear enough.
_________________
"Life is but a fleeting moment, a vapor that vanishes quickly; All is vanity"
Contribute To DD-WRT
Pogo - A minimal level of ability is expected and needed...
DD-WRT Releases 2023 (PolitePol)
DD-WRT Releases 2023 (RSS Everything)

----------------------
Linux User #377467 counter.li.org / linuxcounter.net
Sponsor
cabinfever1932
DD-WRT Novice


Joined: 30 Dec 2019
Posts: 10

PostPosted: Wed Jan 01, 2020 17:25    Post subject: Reply with quote
Thanks!!! I think I have this working. I wont know for sure until tomorrow when I am testing it at my cabin. but it appears the command executed and i saw the same results as posted.
cabinfever1932
DD-WRT Novice


Joined: 30 Dec 2019
Posts: 10

PostPosted: Thu Jan 02, 2020 19:24    Post subject: Reply with quote
well...it's not working. I ran the commands via telnet and received the following. Any ideas?


root@DD-WRT:~# iptables -t mangle -I POSTROUTING -o $(get_wanface) -j TTL --ttl-
set 128
root@DD-WRT:~# iptables -vnL -t mangle
Chain PREROUTING (policy ACCEPT 20322 packets, 11M bytes)
pkts bytes target prot opt in out source destination
0 0 MARK 0 -- !vlan2 * 0.0.0.0/0 192.168.5.21 MARK or 0x80000000
20322 11M CONNMARK 0 -- * * 0.0.0.0/0 0.0.0.0/0 CONNMARK save

Chain INPUT (policy ACCEPT 2078 packets, 206K bytes)
pkts bytes target prot opt in out source destination

Chain FORWARD (policy ACCEPT 18229 packets, 11M bytes)
pkts bytes target prot opt in out source destination
1055 54864 TCPMSS tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x06/0x02 TCPMSS clamp to PMTU

Chain OUTPUT (policy ACCEPT 2038 packets, 234K bytes)
pkts bytes target prot opt in out source destination

Chain POSTROUTING (policy ACCEPT 20280 packets, 11M bytes)
pkts bytes target prot opt in out source destination



When I ping i receive this.
64 bytes from 98.138.219.232: seq=1 ttl=48 time=55.690 ms

When i ping from Win10 laptop via WiFi on that router i get this

Pinging yahoo.com [98.137.246.8] with 32 bytes of data:
Reply from 98.137.246.8: bytes=32 time=76ms TTL=47
BillA
DD-WRT Novice


Joined: 13 Feb 2024
Posts: 2

PostPosted: Tue Feb 13, 2024 11:50    Post subject: Reply with quote
cabinfever1932 wrote:
well...it's not working. I ran the commands via telnet and received the following. Any ideas?


When I ping i receive this.
64 bytes from 98.138.219.232: seq=1 ttl=48 time=55.690 ms

When i ping from Win10 laptop via WiFi on that router i get this

Pinging yahoo.com [98.137.246.8] with 32 bytes of data:
Reply from 98.137.246.8: bytes=32 time=76ms TTL=47



When pinging external web sites, the TTL value will vary by site.
For an accurate TTL value ping your ISP's gateway address, NOT your external IP (that will only show blank and will hang). You can get your <your_ISP_gateway> address by copy and pasting this into a Windows CMD window:
ipconfig.exe /all|more

ping <your_ISP_gateway>

* Note: your router's actual TTL is equal to the displayed value + 1
For example, if it's showing 64, then your router's actual TTL = 65

You can also try this (* Note as above):
ping 1.1.1.1
egc
DD-WRT Guru


Joined: 18 Mar 2014
Posts: 13093
Location: Netherlands

PostPosted: Tue Feb 13, 2024 13:43    Post subject: Reply with quote
BillA wrote:

When pinging external web sites, the TTL value will vary by site.
For an accurate TTL value ping your ISP's gateway address, NOT your external IP (that will only show blank and will hang). You can get your <your_ISP_gateway> address by copy and pasting this into a Windows CMD window:
ipconfig.exe /all|more

ping <your_ISP_gateway>

* Note: your router's actual TTL is equal to the displayed value + 1
For example, if it's showing 64, then your router's actual TTL = 65


Allmost true

But this is not accurate
BillA wrote:
You can get your <your_ISP_gateway> address by copy and pasting this into a Windows CMD window:
ipconfig.exe /all|more


ifconfig from your windows CMD gives you the routers IP address.

What you need is the next hop of the router, if the router is connected to the internet that could be the ISP gateway.
Gateway can be found from routers command prompt with: `nvram get wan_gateway`

_________________
Routers:Netgear R7000, R6400v1, R6400v2, EA6900 (XvortexCFE), E2000, E1200v1, WRT54GS v1.
Install guide R6400v2, R6700v3,XR300:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316399
Install guide R7800/XR500: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614
Forum Guide Lines (important read):https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087
BillA
DD-WRT Novice


Joined: 13 Feb 2024
Posts: 2

PostPosted: Thu Feb 15, 2024 13:15    Post subject: Reply with quote
egc wrote:


Allmost true



Oh yeah, the ipconfig will only show the LAN's gateway address, I was thinking about looking up <your_ISP_gateway> inside the router's status page (silly me). Or simply ping 1.1.1.1 which returns a TTL value add 1 = router's actual TTL.
Goto page Previous  1, 2 Display posts from previous:    Page 2 of 2
Post new topic   Reply to topic    DD-WRT Forum Index -> Advanced Networking All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum