On 25/05/07, Brian J. Murrell <[EMAIL PROTECTED]> wrote: > Maybe a silly question, and maybe covered at the start of the thread, > but does this all work without shorewall installing a ruleset? i.e. if > you do a "shorewall clear" does everything magically work again? > Yes, issuing a shorewall clear, or alternatively removing the limit part of the SSH rule fixes the problem reproducibly.
> This smacks of an MSS/PPPoE type problem where only full TCP segments > get dropped. Or there is that sub-protocol that does probes of the > connection that gets fouled up by routers doing ICMP blackholing. I > forget what that sub-protocol was though. Anyone remember? Hm. This is a bit over my head I'm afraid. ------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
