Date: Tue, 05 Jun 2012 13:57:05 -0400 From: Michael Spratt <mike@magicislandtechnologies.com> To: freebsd-ipfw@freebsd.org Cc: Daniel Hartmeier <daniel@benzedrine.cx> Subject: Re: kern/168190: pfil hook leaving ip_len in wrong byte order (ipfw?) Message-ID: <4FCE4871.4000708@magicislandtechnologies.com> In-Reply-To: <20120605141124.GF13069@insomnia.benzedrine.cx> References: <20120524114555.GL29536@insomnia.benzedrine.cx> <20120605141124.GF13069@insomnia.benzedrine.cx>
next in thread | previous in thread | raw e-mail | index | archive | help
Dear respected sir/s, How can I mangle all forwarded packets on freebsd/pf/ipfw/ stamping them with a hard set MSS like 512, I need to clamp my mss on the freebsd forwarder/router because of gre tunnels breaking MTUPD for extranet clients, and some sites like yahoo/hotmail will often not work. What function in freebsd/pf/ipfw will allow me to tag all my packets/connections with MSS=512 as I foward them or as they come in or out of an interface. That would be cool if the OS offered a sysctl overide. Linux iptables equivilent of iptables -I FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu or iptables -I FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --set-mss 512 Daniel Hartmeier wrote: > The problem turned out to be in ipfilter, for more details see > http://marc.info/?l=freebsd-net&m=133888532814565 > > Daniel > _______________________________________________ > freebsd-ipfw@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw > To unsubscribe, send any mail to "freebsd-ipfw-unsubscribe@freebsd.org" > >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4FCE4871.4000708>