Re: [Shorewall-users] Setting MSS

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

=2D----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Tuesday 17 February 2004 07:56 am, Keith Edmunds wrote:
> I have a (bizarre) problem with ssh, which someone has suggested may
> be down to the MSS value being too high.=20
I'm assuming that your trying to SSH from behind shorewall out to an=20
internet host somewhere.  You didn't say.

> I know that within Shorewall
> I can clamp the MSS value to the MTU-40 value, but is there a way I
> can set MSS to a discreet value?

Yes. With "ifconfig" mtu is an option that you can set on a given=20
interface. "man ifconfig"

> I just want to (dis)prove the MSS
> theory at the moment (I know it isn't a real fix).

So why don't you just turn on the clampMSS value in shorewall and test?
Would only take less than a minute.

Change. CLAMPMSS=3DNo to CLAMPMSS=3DYes in your Shorewall.conf file.

Hth's,
JBanks
=2D----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)

iD8DBQFAM5KWp9X7q/XgeyYRAhQ0AJ0ZZtuVbYzkEvC4p/z7R/STeZuq5gCgmSJR
A6QN6rvsrww5ib5WX2s4tVA=3D
=3DzGMY
=2D----END PGP SIGNATURE-----