I am having difficulty locating and applying the tcp-MSS patch as described here:
http://www.netfilter.org/documentation/HOWTO//netfilter-extensions-HOWTO-4.html#ss4.7
I have run through both the patch-o-matic-20031219 and the patch-o-matic-ng-20040302 against an iptables 1.2.9 and 2.4.25 kernel sources. The option to apply the patch does not appear as I run through the ./runme extra or ./rume userspace scripts for either patch-o-matics.
I am in desperate need to implement:
iptables -A FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
with a pptp client I have installed on a gateway device. (http://pptpclient.sourceforge.net/ <-- main page, and see these for the problem I am tryting to solve: http://pptpclient.sourceforge.net/howto-diagnosis.phtml#connections_freeze and finally http://lartc.org/howto/lartc.cookbook.mtu-mss.html)
The kernel config has these options set:
CONFIG_IP_NF_MATCH_TCPMSS=y CONFIG_IP_NF_TARGET_TCPMSS=y
Both the kernel and iptables appear to compile without complaints.
I get an "unknown arg `--clamp-mss-to-pmtu' gripe from the recompiled iptables when I enter the full command as specified above.
The only "hits" I could find using tcp-MSS on a google hunt were to a post on the netfilter list from October of 1999, and a reference to the patch on the samba cvs, but it was a dead link...
A nudge in the right direction would be greatly appreciated! Thanks for your time!
SJ
_________________________________________________________________
MSN Toolbar provides one-click access to Hotmail from any Web page ? FREE download! http://toolbar.msn.click-url.com/go/onm00200413ave/direct/01/
