Modify

Opened 7 years ago

Closed 7 years ago

#5173 closed enhancement (fixed)

pppoe mss fix

Reported by: anonymous Owned by: nico
Priority: normal Milestone: Kamikaze 8.09.2
Component: base system Version:
Keywords: Cc:

Description

I have problems using HP site to download from their support ftp using this rule solves the problem

iptables -t mangle -A POSTROUTING -p tcp --tcp-flags SYN,RST SYN -m tcpmss --mss 1452:65535 -j TCPMSS --clamp-mss-to-pmtu

the mss fix on the input chain is not neded

regards

Attachments (1)

fw-mss-fix.diff (3.3 KB) - added by nico 7 years ago.
Proposed fix (against trunk, r17757)

Download all attachments as: .zip

Change History (8)

comment:1 Changed 7 years ago by anonymous

I can confirm this bug on Kamikaze 8.09 final.

comment:2 Changed 7 years ago by anonymous

I confirm that the fix works; I can now download from HP's FTP server.

comment:3 Changed 7 years ago by anonymous

A simpler iptables rule that also allows one to download from HP's FTP server is:

iptables -t mangle -A POSTROUTING -p tcp --tcp-flags SYN,RST SYN -o ppp0 -j TCPMSS --clamp-mss-to-pmtu

comment:4 Changed 7 years ago by danielw86@…

I also confirm this

comment:5 Changed 7 years ago by nico

  • Milestone changed from Kamikaze to Kamikaze 8.09.2
  • Owner changed from developers to nico
  • Status changed from new to assigned

comment:6 Changed 7 years ago by nico

Confirmed, packets matching a RELATED connection (ie. an ftp file transfer session) can go out without reaching the MSSFIX table

Changed 7 years ago by nico

Proposed fix (against trunk, r17757)

comment:7 Changed 7 years ago by nico

  • Resolution set to fixed
  • Status changed from assigned to closed

Fixed in [17762], thanks!

Add Comment

Modify Ticket

Action
as closed .
The resolution will be deleted. Next status will be 'reopened'.
Author


E-mail address and user name can be saved in the Preferences.

 
Note: See TracTickets for help on using tickets.