Salvatore
2004-Jul-23 12:48 UTC
Shorewall as gateway/router - web traffic not full working
Hi,
I am using Shorewall 2.0.6 on Debian with iptables 1.29.
Before I was using Shorewall 2.0.3 and If work correctly, I am not sure that
my problems begin after upgrade to 2.0.6, but my problem is that I
can''t see
some websites on the pc clients ( such as www.microsoft.com ), but some
websites yes ( they are not in the pc cache ).
My config is Shorewall as gateway/router of my little network.
I have an Adsl router with PPTP server inside, my ppp0 interfaces is configured
with:
net ppp0 - tcpflags,norfc1918,routefilter
I have in shorewall.conf:
CLAMPMSS=Yes
and I have no special rules that drop traffic.
The problem is that websites I see it correctly on my FW with " lynx
", I don''t know
why I can''t see it on my local network pc, and don''t
understand why some website
works and some other no.
Somebody can help me ?
Salvatore
2004-Jul-23 12:56 UTC
Re: Shorewall as gateway/router - web traffic notfull working
sorry I solved the problem,
the problem is in the MTU, because my ppp0 and eth* interfaces had
different MTU, setting all the same work all fine.
Sorry
----- Original Message -----
From: "Salvatore" <ilcorvo@pizzairc.it>
To: <shorewall-users@lists.shorewall.net>
Sent: Friday, July 23, 2004 2:48 PM
Subject: [Shorewall-users] Shorewall as gateway/router - web traffic notfull
working
Hi,
I am using Shorewall 2.0.6 on Debian with iptables 1.29.
Before I was using Shorewall 2.0.3 and If work correctly, I am not sure
that
my problems begin after upgrade to 2.0.6, but my problem is that I
can''t see
some websites on the pc clients ( such as www.microsoft.com ), but some
websites yes ( they are not in the pc cache ).
My config is Shorewall as gateway/router of my little network.
I have an Adsl router with PPTP server inside, my ppp0 interfaces is
configured with:
net ppp0 - tcpflags,norfc1918,routefilter
I have in shorewall.conf:
CLAMPMSS=Yes
and I have no special rules that drop traffic.
The problem is that websites I see it correctly on my FW with " lynx
", I
don''t know
why I can''t see it on my local network pc, and don''t
understand why some
website
works and some other no.
Somebody can help me ?
_______________________________________________
Shorewall-users mailing list
Post: Shorewall-users@lists.shorewall.net
Subscribe/Unsubscribe:
https://lists.shorewall.net/mailman/listinfo/shorewall-users
Support: http://www.shorewall.net/support.htm
FAQ: http://www.shorewall.net/FAQ.htm
Joshua Banks
2004-Jul-23 17:08 UTC
Re: Shorewall as gateway/router - web trafficnotfull working
----- Original Message ----- From: "Salvatore"> sorry I solved the problem, > > the problem is in the MTU, because my ppp0 and eth* interfaces had > different MTU, setting all the same work all fine.What was the MTU that you used on the eth* interface ? I have a friend that has the same problem. Setting CLAMP_MSS in shorewall.conf isn''t helping. That worked for me when I used dialup and I didn''t have to adjust the ethernet interfaces. So I''m assuming that since he''s using pptp as well that the MTU is even slightly lower than 1492 for PPOE. Maybe 1472 ? Thanks, Joshua Banks