CLAMPMSS="Yes" at bottom of shorewall.conf ?? (1.2.3 and later I
think)..
----- Original Message -----
From: "Dominik Kubla" <kubla@uni-mainz.de>
To: <teastep@shorewall.net>
Cc: <shorewall-users@shorewall.net>
Sent: Saturday, March 16, 2002 6:56 PM
Subject: [Shorewall-users] PPPoE support?
> FYI:
>
> If one wants to use shorewall together with a PPP over Ethernet
> connection (eg. for a DSL or Cable Modem link), one has to clamp the MSS
> to the PMTU. This is done with the following iptables command:
>
> iptables -I FORWARD -p tcp --tcpflags SYN,RST SYN -j TCPMSS \
> --clamp-mss-to-pmtu
>
> Otherwise you will be able to connect to most sites but some connections
> mysteriously get stuck and will time out.
>
> I ran into this after my provider changed my link from ISDN to ADSL.
> After reading the DSL-HOWTO i added the line to common.def but somehow
> that didn''t work: i still have to execute the command manually
as soon
> as the firewall is up.
>
> Yours,
> Dominik Kubla
> --
> A lovely thing to see: Kobayashi Issa
> through the paper window''s holes (1763-1828)
> the galaxy. [taken from: David Brin - Sundiver]
> _______________________________________________
> Shorewall-users mailing list
> Shorewall-users@shorewall.net
> http://www.shorewall.net/mailman/listinfo/shorewall-users