Problem Solved! Thank you very much!! (Tante grazie!)
Marcelo > -----Mensaje original----- > De: Gian Piero Carrubba [mailto:[EMAIL PROTECTED] > Enviado el: Jueves, 26 de Mayo de 2005 03:24 > Para: [email protected] > Asunto: Re: firewall script - iptables syntaxis > > Il giorno mar, 24/05/2005 alle 14.59 -0300, Marcelo Lafaille > ha scritto: > > > Chain FORWARD > > TCPMSS tcp -- anywhere anywhere tcp > flags:SYN,RST/SYN tcpmss match > > 1400:1536 TCPMSS clamp to PMTU > > > > when i don�t have this line, i can�t download pop3 mails... > (pppoeconf > > adds > > it) > > > > so i�d like to know what syntaxis i have to put in my > firewall script > > for this line to appear.. (clear?!?!.. hope so!) > > > >From /usr/share/doc/ppp/README.Debian.gz: > > <quote> > MSS clamping > ~~~~~~~~~~~~ > If the computer running pppd acts as a router for other > machines, you probably want to make it reduce the MSS field > of outgoing packets, to avoid fragmentation and problems > caused by path MTU blackholing. > You may add something like this to /etc/ppp/ip-up.d/local: > > iptables --insert FORWARD 1 --proto tcp --tcp-flags SYN,RST SYN \ > --out-interface $PPP_IFACE --match tcpmss --mss 1400:1536 \ > --jump TCPMSS --clamp-mss-to-pmtu </quote> > > If you use pppoe, you can also use the -m option of pppoe. > > Ciao, > Gian Piero. > > >
