filtering packets based on the ip options

hello all

we have a fortigate 600d fortiOS v5.4.4 and i want to deny any packet that have time-to-live (ttl) value less than 125.

what should i do?

New Member

solved !

i created a custom ips sig as following:

F-SBID( --name "IP.TTL.Filter"; --attack_id 4478; --ip_ttl < 125;)

Sign up