From: Joshua B. <sy...@co...> - 2004-02-18 16:33:15
|
=2D----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tuesday 17 February 2004 07:56 am, Keith Edmunds wrote: > I have a (bizarre) problem with ssh, which someone has suggested may > be down to the MSS value being too high.=20 I'm assuming that your trying to SSH from behind shorewall out to an=20 internet host somewhere. You didn't say. > I know that within Shorewall > I can clamp the MSS value to the MTU-40 value, but is there a way I > can set MSS to a discreet value? Yes. With "ifconfig" mtu is an option that you can set on a given=20 interface. "man ifconfig" > I just want to (dis)prove the MSS > theory at the moment (I know it isn't a real fix). So why don't you just turn on the clampMSS value in shorewall and test? Would only take less than a minute. Change. CLAMPMSS=3DNo to CLAMPMSS=3DYes in your Shorewall.conf file. Hth's, JBanks =2D----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (GNU/Linux) iD8DBQFAM5KWp9X7q/XgeyYRAhQ0AJ0ZZtuVbYzkEvC4p/z7R/STeZuq5gCgmSJR A6QN6rvsrww5ib5WX2s4tVA=3D =3DzGMY =2D----END PGP SIGNATURE----- |