This part of the manual is out of date and the syntax does not work with pf in OpenBSD 5.3:
While pppoe(8) has an internal option, ``mssfixup'', which is enabled by default and takes care of this, pppoe users have to rely on other methods. Using a packet filter, the maximum segment size (MSS) can be set (clamped) to the required value. The following rule in pf.conf(5) would set the MSS to 1440: match on pppoe0 scrub (max-mss 1440) The documentation on pf.conf suggests doing much the same in it's example and it doesn't work. On Tue, Oct 1, 2013 at 2:07 AM, John Tate <j...@johntate.org> wrote: > Found it: > While pppoe(8) has an internal option, ``mssfixup'', which is enabled by > default and takes care of this, pppoe users have to rely on other > methods. Using a packet filter, the maximum segment size (MSS) can be > set (clamped) to the required value. The following rule in pf.conf(5) > would set the MSS to 1440: > > match on pppoe0 scrub (max-mss 1440) > > On Mon, Sep 30, 2013 at 11:53 PM, James Shupe <jsh...@hermetek.com> wrote: >> On 2013-09-30 08:18, John Tate wrote: >>> >>> I am having trouble with IP forwarding to specific sites on a very >>> typical configuration. The router itself can access these sites but >>> clients can not. I have looked in obvious places on the clients, but I >>> cannot find a cause. I reinstalled OpenBSD on the router after getting >>> SSL errors where SSL servers could not be reached from clients, and I >>> bought a cheap Netgear router to use which works fine ruling out that >>> my ISP is causing problems. >>> >> >> Have you tried setting your max-mss to something like 1440 or 1400? >> >> Usually that's necessary with DSL... or else you end up with very selective >> browsing. >> > > > > -- > www.johntate.org -- www.johntate.org
