Re: strange behaviour

NetFilter

Re: strange behaviour

To:	angico <angico@yahoo.com>
Subject:	Re: strange behaviour
From:	Cedric Blancher <blancher@cartel-securite.fr>
Date:	Mon, 26 Feb 2007 16:07:55 +0000
Cc:	netfilter@lists.netfilter.org
Delivered-to:	sp-com-lists@consult.net
Delivered-to:	netfilter-list1@securepoint.com
In-reply-to:	<416274.29873.qm@web36802.mail.mud.yahoo.com>
List-archive:	</pipermail/netfilter>
List-help:	<mailto:netfilter-request@lists.netfilter.org?subject=help>
List-id:	General discussion and user questions <netfilter.lists.netfilter.org>
List-post:	<mailto:netfilter@lists.netfilter.org>
List-subscribe:	<https://lists.netfilter.org/mailman/listinfo/netfilter>, <mailto:netfilter-request@lists.netfilter.org?subject=subscribe>
List-unsubscribe:	<https://lists.netfilter.org/mailman/listinfo/netfilter>, <mailto:netfilter-request@lists.netfilter.org?subject=unsubscribe>
Organization:	Cartel Securite
References:	<416274.29873.qm@web36802.mail.mud.yahoo.com>
Sender:	netfilter-bounces@lists.netfilter.org

Le lundi 26 février 2007 à 07:35 -0800, angico a écrit :
> hi, buddys. thanks for your attention, but...
> nothing works, yet. and this option "--clamp-mss-to-pmtu" just send me an 
> error: "iptables: Invalid argument". 
> angico.

My mistake.
As Pascal stated, you have to specify a "-p tcp --tcp-flags SYN,RST SYN"
as well, as TCPMSS clamping only works on TCP packets with SYN flag set:

        iptables -t mangle -A FORWARD -o ppp0 -p tcp \
           --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu

It should work better.


-- 
http://sid.rstack.org/
PGP KeyID: 157E98EE FingerPrint: FA62226DA9E72FA8AECAA240008B480E157E98EE
>> Hi! I'm your friendly neighbourhood signature virus.
>> Copy me to your signature file and help me spread!

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
strange behaviour, angico Re: strange behaviour, Askar Ali Re: strange behaviour, Silvio Fonseca Re: strange behaviour, Pascal Hambourg Re: strange behaviour, Cedric Blancher Re: strange behaviour, Pascal Hambourg Re: strange behaviour, Cedric Blancher Re: strange behaviour, Pascal Hambourg Re: strange behaviour, Cedric Blancher Re: strange behaviour, angico Re: strange behaviour, Cedric Blancher <= Re: strange behaviour, angico Re: strange behaviour, Martijn Lievaart

Previous by Date:	Re: strange behaviour, angico
Next by Date:	Re: strange behaviour, Cedric Blancher
Previous by Thread:	Re: strange behaviour, angico
Next by Thread:	Re: strange behaviour, angico
Indexes:	[Date] [Thread] [Top] [All Lists]