On August 10, 2004 04:24 pm, Meszaros Gergely wrote:
> Thank you ! It wooorks !
>
> That clamp-mss magic worked for me, so I consider myself lucky. ^^
>
> > iptables -I FORWARD -i $INTERNAL_IF -p tcp --syn -j TCPMSS
> > --clamp-mss-to-pmtu
>
> Great!
>
> If it would be in the mangle table, i would dare to say i understand what
> it does, but this case ... how can it send a larger packet in a smaller
> one? magic :)
>
> I tried Anthony's mangle version also but something must be missing here to
> make it work: iptables -t mangle -A POSTROUTING -o EXTIF -j TCPMSS
> --clamp-mss-to-mtu iptables v1.2.9: Unknown arg `--clamp-mss-to-mtu'
> Mabbe modules? Or I misspelled it?
Nope, we're missing a p there
iptables -t mangle -A POSTROUTING -O ${EXTINF} -j TCPMSS --clamp-mss-to-pmtu
whoopsy.
Alistair
>
> However it works, so i'm happy.
> Thank you very much both of you, gurus ! :)
> If you come to Budapest, you are my guest for a beer !
>
> 1 MonK
