Have you enabled ip forwarding (IP_FORWARDING=On in shorewall.conf)?
Yup.
If so, what is the MTU of eth0? If it is less than 1500 (Comcast has been known to configure MTU=576 on their consumer DHCP setups), then try setting CLAMPMSS=Yes in shorewall.conf.
Bingo! That was it exactly.I wonder if they just started doing that here and my router here at the house hasn't gotten hit by it yet (it hasn't been rebooted in quite a while), or if they just have it set for the business accounts the one I just set up is on...
Thanks! Once again you've saved my sanity. :)
-Tom
Mark II
-- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
-- Mark D. Montgomery II http://www.techiem2.net
bint5qOGFxC8J.bin
Description: PGP Public Key
pgpolcsw1sIhn.pgp
Description: PGP Digital Signature
------------------------------------------------------------------------------ This SF.net email is sponsored by Sprint What will you do first with EVO, the first 4G phone? Visit sprint.com/first -- http://p.sf.net/sfu/sprint-com-first
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
