Displaying 20 results from an estimated 10000 matches similar to: "Shorewall 1.2.3 Released"
2004 Sep 22
2
Trouble with mails and connections through ADSL
Hello every one, first time poster, four month shorewaller ;)
As the subject states, I''ve been experienced the infamous trouble described
in the next excerpt from shorewall.conf
# MSS CLAMPING
#
# Set this variable to "Yes" or "yes" if you want the TCP "Clamp MSS to
PMTU"
# option. This option is most commonly required when your internet
# interface is some
2016 Mar 20
8
[Bug 1058] New: Add clamp MSS to MTU
https://bugzilla.netfilter.org/show_bug.cgi?id=1058
Bug ID: 1058
Summary: Add clamp MSS to MTU
Product: nftables
Version: unspecified
Hardware: All
OS: All
Status: NEW
Severity: enhancement
Priority: P5
Component: nft
Assignee: pablo at netfilter.org
Reporter:
2002 Feb 28
1
TCP MSS clampage
Hey,
My internet is provided via ADSL using PPPoE. When I take a look at
ifconfig''s output, I see that eth0 has an MTU of 1500, and ppp0 has an MTU
of 1492. I don''t _think_ that rp-pppoe (my pppoe util) is clamping the MSS.
I am noticing some latency when there''s a lot of bandwidth in use (but not
>90%). What should I clamp, eth0/ppp0? How much? And what with,
2020 Jun 23
0
Voice broken during calls (again...)
Hello,
if you need clampmss then it is highly probable there is a PMTU
discovery problem. The clampmss does not work for UDP.
I probably counted the size incorrectly. So you are able to ping with
size 1464 and not with 1466. How about trying same ping sizes from the
internet towards your site? I mean trying to ping from sites with
higher MTU than yours without lower MTU links in the path.
You
2020 Jun 23
4
Voice broken during calls (again...)
Am 23.06.2020 08:43, schrieb Luca Bertoncello:
And another thing, I discovered right now...
> Could you suggest me something to restrict the problem?
> Currently, I think the problem can be:
>
> 1) on Asterisk
> 2) on my Gateway/Firewall
A couple of years ago I added this entry in my firewall:
/sbin/iptables -A FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS
2004 Aug 20
1
some websites cant be reached
I have an internet router powered by gentoo+shorewall2.0.7+adsl(pppoe)
but my clients(and gateway) cant access some websites----these sites
must be okay,other sites are okay. The I believe it is caused by MTU or
MSS, but I have no idea yet. Btw, the unaccessable sites are dynamic, it
says: today I cant access www.oracle.com nextday I redail--to get
another ip,I can access www.oracle.com.
Help!
2020 Jun 23
0
Voice broken during calls (again...)
Hello
Le 23/06/2020 à 09:06, Luca Bertoncello a écrit :
> Am 23.06.2020 08:43, schrieb Luca Bertoncello:
>
> And another thing, I discovered right now...
>
>> Could you suggest me something to restrict the problem?
>> Currently, I think the problem can be:
>>
>> 1) on Asterisk
>> 2) on my Gateway/Firewall
>
> A couple of years ago I added this entry
2002 Apr 28
0
[Documentation] Re: [Shorewall-users] Logging is done to console (fwd)
This is becoming a FAQ and should probably be added to the docs.
Thanks,
-Tom
--
Tom Eastep \ Shorewall - iptables made easy
AIM: tmeastep \ http://www.shorewall.net
ICQ: #60745924 \ teastep@shorewall.net
---------- Forwarded message ----------
Date: Sun, 28 Apr 2002 16:09:01 -0700 (Pacific Daylight Time)
From: Tom Eastep <teastep@shorewall.net>
To: Carl Spelkens
2002 Mar 03
0
Fwd: Re: strange UDP scan results on a Shorewall firewall
---------- Forwarded Message ----------
Subject: Re: [Shorewall-users] strange UDP scan results on a Shorewall=20
firewall
Date: Sun, 3 Mar 2002 08:33:20 -0800
From: Tom Eastep <teastep@shorewall.net>
To: "Scott Duncan" <sduncan@cytechconsult.com>
On Saturday 02 March 2002 04:30 am, Scott Duncan wrote:
> Yes, the net->all policy is the same on all three (REJECT log
2002 Sep 16
3
Shorewall 1.3.8
This is a minor release of Shorewall which rolls up a number of bug
fixes.
New features include:
1. A NEWNOTSYN option has been added to shorewall.conf. This option
determines whether Shorewall accepts TCP packets which are not part
of an established connection and that are not ''SYN'' packets (SYN
flag on and ACK flag off).
2. The need for the
2003 Jun 02
3
[jik@kamens.brookline.ma.us: MSS clamping doesn''t work with masquerading through VPN?]
I sent the message below to this list over a week ago, and I haven''t
seen any response.
If this is not the correct forum for my question, can anyone suggest a
better person or place to which I should direct it?
Thank you,
Jonathan Kamens
------- Start of forwarded message -------
From: Jonathan Kamens <jik@kamens.brookline.ma.us>
To: lartc@mailman.ds9a.nl
Subject: [LARTC] MSS
2014 Apr 30
2
[Bug 917] New: Kernel OOPS on Kernel 3.14.2
https://bugzilla.netfilter.org/show_bug.cgi?id=917
Summary: Kernel OOPS on Kernel 3.14.2
Product: netfilter/iptables
Version: unspecified
Platform: x86_64
OS/Version: Debian GNU/Linux
Status: NEW
Severity: critical
Priority: P5
Component: NAT
AssignedTo: netfilter-buglog at lists.netfilter.org
2004 Nov 11
5
URGENT!! some large websites cant be surfered
Clients: Some sites just show the top area not the full page. Some sites
cant be reached at all.
I think it 90% may be the MTU/MSS problem. But I already have set the
shorewall.conf CLAMPMSS=1400 or CLAMPMSS=Yes, but it doest make things
good.
I would be mad. Anybody helps me would so appreciated!
If you want know more info. to diag my problem, I would be please to.
2002 Apr 20
0
Shorewall 1.2.12
Shorewall 1.2.12 is now available.
This release:
a) Integrates Stefan Mohr''s SuSE RPM changes into the main RPM so the one
RPM will work on SuSE as well as RedHat, TurboLinux, etc.
b) Restores the ''try'' command.
c) Fixes a couple of problems in the uninstall script.
d) Corrects file permissions set by the install script.
-Tom
--
Tom Eastep \ Shorewall -
2014 Sep 28
1
Proposals for UDP information transport over the metagraph
While working on SPTPS UDP relaying I realized that there is one issue
I didn't account for, which is that the sending node only knows the
PMTU to the first relay node. It doesn't know the PMTU of the entire
relay path beyond the first hop, because the relay nodes don't provide
their own PMTU information over the metaprotocol.
Now, in the legacy protocol this is not really an issue,
2007 Apr 17
6
[Bug 554] Packet illegaly bypassing SNAT
https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=554
------- Additional Comments From fhagur@gmail.com 2007-04-17 05:04 MET -------
I have been wondering about this bug and had similar problems myself here in my
Debian system, linux-kernel 2.6.18 iptables 1.3.6.
I too saw that some packets became transmitted illegally through the ppp0
interface, when they just shoudn't.
What I
2003 Apr 14
1
http://lartc.org/howto/lartc.cookbook.mtu-mss.html
current content below is annotated by some suggestions of things to
add along with questions for those who know more than I do [in brackets]
================
# iptables -A FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS
--clamp-mss-to-pmtu
This calculates the proper MSS for your link.
[If I understand the code correctly ... - expert intervention invited]
More precisely, this sets the
2002 Sep 29
3
Shorewall 1.3.9
Shorewall 1.3.9 is available.
In this release:
1. DNS Names are now allowed in Shorewall config files (I still recommend
against using them however).
2. The connection SOURCE may now be qualified by both interface
and IP address in a Shorewall rule.
3. Shorewall startup is now disabled after initial installation until
the file /etc/shorewall/startup_disabled is removed.
4. The
2006 May 15
0
pop3d and iptables lockup
I am having a problem implementing iptables with Courier's pop3
daemon. If I disable iptables, everything works fine. As soon as I
enable it, pop3 will stop working for messages over 32K. Small
messages will go through with no problems, but large ones will time
out.
I get this message from OE: "Your POP3 server has not responded in 60
seconds." And an option to stop or continue
2002 May 14
2
Shorewall.net is back up
Let me know if there are any problems.
-Tom
--
Tom Eastep \ Shorewall - iptables made easy
AIM: tmeastep \ http://www.shorewall.net
ICQ: #60745924 \ teastep@shorewall.net