Am Montag, 1. Dezember 2003 17:58 schrieb Henning Jebsen: > Hi Tom > > >>the TCPMSS rule is never > >>being traversed. So for those IP addresses that you are accounting for, > >>the setting of CLAMPMSS is being effectively ignored. > > Uhh. Thats why *only some* sites react strange. > > > What I recommend that you do is: > > > a) Install 1.4.8 > > Yeah ! This version is better than the one I downloaded 2 weeks > ago from CVS ;-). > > When I installed the fresh shorewall.lrp, I was not able to > ping the firewall. After I inserted > fw loc ACCEPT > loc fw ACCEPT > into shorewall/policy, ping went well.
This is the wrong place - you better modify rules. > > Is this intended ? Bering shorwall.lrp has some modifications in rules over the shorwall.lrp from shorewall.net - one of it is addition of icmp rules: # Allow Ping To And From Firewall # ACCEPT loc fw icmp 8 ACCEPT fw loc icmp 8 kp ------------------------------------------------------- This SF.net email is sponsored by: SF.net Giveback Program. Does SourceForge.net help you be more productive? Does it help you create better code? SHARE THE LOVE, and help us help YOU! Click Here: http://sourceforge.net/donate/ ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
