On Mon, 2003-12-01 at 08:58, Henning Jebsen wrote: > Hi Tom > >>the TCPMSS rule is never > >>being traversed. So for those IP addresses that you are accounting for, > >>the setting of CLAMPMSS is being effectively ignored. > Uhh. Thats why *only some* sites react strange. > > > > What I recommend that you do is: > > > a) Install 1.4.8 > Yeah ! This version is better than the one I downloaded 2 weeks > ago from CVS ;-). > > When I installed the fresh shorewall.lrp, I was not able to > ping the firewall. After I inserted > fw loc ACCEPT > loc fw ACCEPT
That's a real overkill just to make ping work -- perhaps you should review http://www.shorewall.net/ping.html > into shorewall/policy, ping went well. > > Is this intended ? Yes -- Jacques adds entries to the rules that I release before he builds his .lrp file for inclusion in Bering -- there is information on the LEAF site for adding these additional rules manually when you upgrade to a .lrp from shorewall.net. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ [EMAIL PROTECTED] ------------------------------------------------------- This SF.net email is sponsored by: SF.net Giveback Program. Does SourceForge.net help you be more productive? Does it help you create better code? SHARE THE LOVE, and help us help YOU! Click Here: http://sourceforge.net/donate/ ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
