On Fri, 2007-05-25 at 17:48 -0400, Brian J. Murrell wrote: > > This smacks of an MSS/PPPoE type problem where only full TCP segments > get dropped.
I.e. the type of problem that "clamp_mss" was invented to solve. > Or there is that sub-protocol that does probes of the > connection that gets fouled up by routers doing ICMP blackholing. I > forget what that sub-protocol was though. Anyone remember? I do. :-) PMTU discovery. Both of the above problems should exist with or without Shorewall's rules installed in iptables. b. -- My other computer is your Microsoft Windows server. Brian J. Murrell
signature.asc
Description: This is a digitally signed message part
------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
