Fakeroute allows you to insert fake IPv4 and IPv6 hops between the last real hop and your server by making use of IP address spoofing.
Install the dependencies using pip3 install -r requirements.txt. Copy iptables.sh and fakeroute.py to the server which you want to fake the traceroute of and run them. spoof.py is to be run on a server in a data center without egress filters. Make sure to adapt MAC addresses, interface names, TTL threshold etc. inside all scripts.
IP packet headers contain a one byte time to live (TTL, IPv4) or hop limit (HL, IPv6) field which is supposed to be decreased by every router on the packet's path in order to prevent infinite circulations. Initially, the sender populates the packet with a sufficiently large value. Most routers signal the expiry of the TTL by replying with an ICMP "TTL expired" packet to the packet sender. Tracerouting works by sending out packets with increasing TTL. The first router will drop the packet with TTL 1 and send an ICMP reply, the second router will drop the packet with TTL 2 and so on. By simply dropping all packets with a TTL below a certain threshold N at the last hop, it will appear as if N hops, that do not reply with ICMP packets, had been inserted. The fakeroute.py script uses a raw socket to capture packets with low TTL and relay them to a server in a data center without egress filtering (i.e. where packets with spoofed source IP address are not filtered). The spoof.py script receives these low TTL packets and generates ICMP replies for them from fake source IP addresses.
