On Tue, May 18, 2004 22:03:58 PM +0100, Luciano Miguel Ferreira Rocha (strange@xxxxxxxxxxxxx) wrote: > You forgot the "--clamp-mss-to-pmtu" option. :) > > I'll check the tcpdump output later. > > To list the NAT table: > iptables -t nat -L -n -v Here it is: BusyBox v0.61.pre (2004.02.17-09:20+0000) Built-in shell (ash) Enter 'help' for a list of built-in commands. # iptables -A FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu # iptables -t nat -L -n -v Chain PREROUTING (policy ACCEPT 1549 packets, 90751 bytes) pkts bytes target prot opt in out source destination Chain POSTROUTING (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 917 59962 MASQUERADE all -- * ppp0 0.0.0.0/0 0.0.0.0/0 Chain OUTPUT (policy ACCEPT 1 packets, 73 bytes) pkts bytes target prot opt in out source destination Nothing changes after the first iptables command. Ciao, Marco F. -- Marco Fioretti m.fioretti, at the server inwind.it Red Hat for low memory http://www.rule-project.org/en/ The test of success in education...is not what a boy knows after examination on leaving school but what he is doing ten years later. Robert Baden Powell, founder of the Boy Scouts
