Re: strange behaviour

To:	netfilter@lists.netfilter.org
Subject:	Re: strange behaviour
From:	angico <angico@yahoo.com>
Date:	Mon, 26 Feb 2007 08:21:33 -0800 (PST)
Delivered-to:	sp-com-lists@consult.net
Delivered-to:	netfilter-list1@securepoint.com
Domainkey-signature:	a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; h=X-YMail-OSG:Received:X-Mailer:Date:From:Subject:To:MIME-Version:Content-Type:Content-Transfer-Encoding:Message-ID; b=VPe0wjsJq2sGKIqjf9gKh2UqINpneALYlRVKkZ7nlOx/BU5bMGCJyzzzkQ7yzTGyQhZY4v39dG9mgc7N9OTEcSNJcr6a0d/fNd1SsxnEPh7GTjRfBh34pSgCqLLItIv/roMruKTHPq+BXVxGUKjjCVwWaqRhLxeE5fCObCBb4Jk=;
List-archive:	</pipermail/netfilter>
List-help:	<mailto:netfilter-request@lists.netfilter.org?subject=help>
List-id:	General discussion and user questions <netfilter.lists.netfilter.org>
List-post:	<mailto:netfilter@lists.netfilter.org>
List-subscribe:	<https://lists.netfilter.org/mailman/listinfo/netfilter>, <mailto:netfilter-request@lists.netfilter.org?subject=subscribe>
List-unsubscribe:	<https://lists.netfilter.org/mailman/listinfo/netfilter>, <mailto:netfilter-request@lists.netfilter.org?subject=unsubscribe>
Sender:	netfilter-bounces@lists.netfilter.org

GREAT, GUYS! IT WORKED!!!!!! I THANK YOU VERY MUCH for the help!
angico.

----- Original Message ----
From: Cedric Blancher <blancher@cartel-securite.fr>
To: angico <angico@yahoo.com>
Cc: netfilter@lists.netfilter.org
Sent: Monday, February 26, 2007 1:07:55 PM
Subject: Re: strange behaviour

Le lundi 26 février 2007 à 07:35 -0800, angico a écrit :
> hi, buddys. thanks for your attention, but...
> nothing works, yet. and this option "--clamp-mss-to-pmtu" just send me an 
> error: "iptables: Invalid argument". 
> angico.

My mistake.
As Pascal stated, you have to specify a "-p tcp --tcp-flags SYN,RST SYN"
as well, as TCPMSS clamping only works on TCP packets with SYN flag set:

        iptables -t mangle -A FORWARD -o ppp0 -p tcp \
           --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu

It should work better.

-- 
http://sid.rstack.org/
PGP KeyID: 157E98EE FingerPrint: FA62226DA9E72FA8AECAA240008B480E157E98EE
>> Hi! I'm your friendly neighbourhood signature virus.
>> Copy me to your signature file and help me spread!

____________________________________________________________________________________
Have a burning question?  
Go to www.Answers.yahoo.com and get answers from real people who know.

<Prev in Thread]	Current Thread	[Next in Thread>
Re: strange behaviour, (continued) Re: strange behaviour, Askar Ali Re: strange behaviour, Silvio Fonseca Re: strange behaviour, Pascal Hambourg Re: strange behaviour, Cedric Blancher Re: strange behaviour, Pascal Hambourg Re: strange behaviour, Cedric Blancher Re: strange behaviour, Pascal Hambourg Re: strange behaviour, Cedric Blancher Re: strange behaviour, angico Re: strange behaviour, Cedric Blancher Re: strange behaviour, angico <= Re: strange behaviour, Martijn Lievaart

Previous by Date:	Re: strange behaviour, Cedric Blancher
Next by Date:	Re: strange behaviour, Pascal Hambourg
Previous by Thread:	Re: strange behaviour, Cedric Blancher
Next by Thread:	Re: strange behaviour, Martijn Lievaart
Indexes:	[Date] [Thread] [Top] [All Lists]