-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Tuesday 17 February 2004 07:56 am, Keith Edmunds
wrote:> I have a (bizarre) problem with ssh, which someone has suggested may
> be down to the MSS value being too high.
I''m assuming that your trying to SSH from behind shorewall out to an
internet host somewhere. You didn''t say.
> I know that within Shorewall
> I can clamp the MSS value to the MTU-40 value, but is there a way I
> can set MSS to a discreet value?
Yes. With "ifconfig" mtu is an option that you can set on a given
interface. "man ifconfig"
> I just want to (dis)prove the MSS
> theory at the moment (I know it isn''t a real fix).
So why don''t you just turn on the clampMSS value in shorewall and test?
Would only take less than a minute.
Change. CLAMPMSS=No to CLAMPMSS=Yes in your Shorewall.conf file.
Hth''s,
JBanks
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)
iD8DBQFAM5KWp9X7q/XgeyYRAhQ0AJ0ZZtuVbYzkEvC4p/z7R/STeZuq5gCgmSJR
A6QN6rvsrww5ib5WX2s4tVA=zGMY
-----END PGP SIGNATURE-----