How to determine TTL value of a received IP packet?

  • Thread starter Thread starter Anand R
  • Start date Start date
A

Anand R

Hi All,
I would like to know if Windows provides the capability to determine the
TTL value of a *received* IP packet. In Linux, one can do this using the
ancillary data(Posix standard "cmsghdr" structure). I did some search and found
that there is a "WSAMSG" structure that is supported in XP. But this provides
the capability to determine only the destination IP address and the Rx Interface
Index. Is there any other mechanism that is available in Windows that can tell
the TTL value in a received packet?

I know Windows provides the option to "set" the TTL value of an *outgoing*
packet.

Thanks in advance for any help.
-Anand
 
Search for DefaultTTL registry key to set with needed value as
TCP/IP & NBT Configuration Parameters for Windows NT and Windows 2000

Q120642 of KB MSDN describe.

Arkady
 
"Anand R" <[email protected]> said:
I would like to know if Windows provides the capability to determine the
TTL value of a *received* IP packet. In Linux, one can do this using the
ancillary data(Posix standard "cmsghdr" structure). I did some search and found
that there is a "WSAMSG" structure that is supported in XP. But this provides
the capability to determine only the destination IP address and the Rx
Interface
Index. Is there any other mechanism that is available in Windows that can tell
the TTL value in a received packet?
Click to expand...

It would seem to me that you're most likely to have to implement some form
of raw socket to do that. This will require you to inspect the IP header on
each packet.

Can I ask what you're planning on using this for? There are some
interesting uses for TTL, but since each OS seems to choose a different
value, sometimes changing values with service packs, and the value decreases
each hop, the TTL is somewhat of a random value by the time you get to read
it.

Alun.
~~~~

[Please don't email posters, if a Usenet response is appropriate.]
 
It would seem to me that you're most likely to have to implement some form
of raw socket to do that. This will require you to inspect the IP header on
each packet.

Can I ask what you're planning on using this for? There are some
interesting uses for TTL, but since each OS seems to choose a different
value, sometimes changing values with service packs, and the value decreases
each hop, the TTL is somewhat of a random value by the time you get to read
it.

Alun.
~~~~
Click to expand...

Check out some of the packet sniffing code that is available online,
since packet sniffers can capture every TCP/IP packet you can probably
figure out how to get the TTL field.
 
Back
Top