328.28.00 wrote:
> hallo all,
> anybody know how clear (DF) - dont fragment by iptables
> from packets ?
>
> R,
The prob is that if you clear the DF bit, you have to ensure that each
packet has a unique IP-ID.
maybe a better bet would be to change the max seg size:::
iptables -I FORWARD -s SS.SS.SS.SS/NM -d DD.DD.DD.DD/NM -p tcp --tcp-flags
SYN,RST SYN -j TCPMSS --set-mss 1400
hth,
TroyC
--
---------
No bits were hurt during this transmission.
----== Posted via Newsfeed.Com - Unlimited-Uncensored-Secure Usenet News==----
http://www.newsfeed.com The #1 Newsgroup Service in the World! >100,000 Newsgroups
---= 19 East/West-Coast Specialized Servers - Total Privacy via Encryption =---
Similar Threads
Linear Mode
