diff options
author | Jan Engelhardt <jengelh@medozas.de> | 2008-02-14 03:02:55 +0100 |
---|---|---|
committer | Patrick McHardy <kaber@trash.net> | 2008-04-14 09:09:49 +0200 |
commit | e24815d8a1b2755182fe983582a56fcc47153804 (patch) | |
tree | 74521e49f0274dd0ff7831d9b71d25ef020820b5 /extensions/libip6t_TCPMSS.man | |
parent | 23545c2a7a31c68c1e49c7c901b632c2f1c59968 (diff) |
Combine ipt and ip6t manpages
Combine ipt and ip6t manpages
Diffstat (limited to 'extensions/libip6t_TCPMSS.man')
-rw-r--r-- | extensions/libip6t_TCPMSS.man | 42 |
1 files changed, 0 insertions, 42 deletions
diff --git a/extensions/libip6t_TCPMSS.man b/extensions/libip6t_TCPMSS.man deleted file mode 100644 index b4c357e8..00000000 --- a/extensions/libip6t_TCPMSS.man +++ /dev/null @@ -1,42 +0,0 @@ -This target allows to alter the MSS value of TCP SYN packets, to control -the maximum size for that connection (usually limiting it to your -outgoing interface's MTU minus 60). Of course, it can only be used -in conjunction with -.BR "-p tcp" . -It is only valid in the -.BR mangle -table. -.br -This target is used to overcome criminally braindead ISPs or servers -which block ICMPv6 Packet Too Big packets or are unable to send them. -The symptoms of this problem are that everything works fine from your -Linux firewall/router, but machines behind it can never exchange large -packets: -.PD 0 -.RS 0.1i -.TP 0.3i -1) -Web browsers connect, then hang with no data received. -.TP -2) -Small mail works fine, but large emails hang. -.TP -3) -ssh works fine, but scp hangs after initial handshaking. -.RE -.PD -Workaround: activate this option and add a rule to your firewall -configuration like: -.nf - ip6tables -t mangle -A FORWARD -p tcp --tcp-flags SYN,RST SYN \\ - -j TCPMSS --clamp-mss-to-pmtu -.fi -.TP -.BI "--set-mss " "value" -Explicitly set MSS option to specified value. -.TP -.B "--clamp-mss-to-pmtu" -Automatically clamp MSS value to (path_MTU - 60). -.TP -These options are mutually exclusive. - |