Philipp Rusch wrote: > Hello Tom, > > I did what you suggested: >>> a) Does everything work if you "shorewall clear" then run this command? >>> >>> iptables -A FORWARD -j TCPMSS --set-mss 1400 >>> >>> If it doesn't, then the problem has nothing to do with Shorewall >>> > I get an error : "iptables: Unknown error 18446744073709551615" > > What does that mean ? Is my kernel broken ? > OK- googled for that error and found some discussion in > lists.netfilter.org ... > but, to be honest, I don't understand/know what to do know. >
It's an old bug that has been fixed for months that the "Enterprise" distributions are just now encountering. At any rate, the command I gave you was incomplete. It should have been: iptables -A FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --set-mss 1400 Sorry for the confusion, -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ [EMAIL PROTECTED] PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
