Ok, I found it out by myself, it is 1514b. I set up two length matches in the PREROUTING chain in the mangle table, one set to match on packets >=1500b and one >=1501b. The latter rule never matched so I thought that the max packet really was 1500b. However I then decided to put all packets matching the first rule in a separate class. >From there the answer was obvious, I simply divided the byte-count with the packet-count and voila, I got 1514. So I guess the length match doesn't count for the 14b's of ethernet encap. This led me to change another thing in my setup, I no longer match small TCP packets by matching them by <=64b but rather <=50b. Well... this prolly seem real newbie like to most of you but hey we all are at first. // Daniel _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
