Pascal Hambourg wrote:
Hello,
Jaco Kroon a écrit :
possibly add a "--clamp-to-mtu mtu_value" or "--clamp-to-mss
mss_value" option (I'd prefer --clamp-to-mtu), which works like --set,
but only if the new mss value is less than the existing one.
Doesn't the patch "xt_TCPMSS: don't allow netfilter --setmss to increase
mss" applied to 2.6.25 about a month ago already do this ?
I haven't followed that. I'm running stable (2.6.23.14 atm) on most of
my systems, my notebook is still on -rc8 for 2.6.24. I've just had a
specific problem that had a need to be scratched, but yes, based on the
description you gave that would do _exactly_ that.
Random question: What happens with the case where we explicitly _want_
to break the MSS? In other words, to set it to something insane like
3000 in order to test other equipment.
Jaco
-
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
