[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <alpine.LSU.2.01.1001211356180.30772@obet.zrqbmnf.qr>
Date: Thu, 21 Jan 2010 13:58:19 +0100 (CET)
From: Jan Engelhardt <jengelh@...ozas.de>
To: Simon Arlott <simon@...e.lp0.eu>
cc: Patrick McHardy <kaber@...sh.net>,
William Allen Simpson <william.allen.simpson@...il.com>,
netdev <netdev@...r.kernel.org>,
Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
netfilter-devel@...r.kernel.org
Subject: Re: [PATCH] xt_TCPMSS: SYN packets are allowed to contain data
On Thursday 2010-01-21 13:47, Simon Arlott wrote:
>
>The TCPMSS target can be applied to more than just one direction
>of traffic. I'm modifying incoming traffic too, so adding the MSS
>option and setting it to over 536 is wrong (although the first ICMP
>error will fix it).
>
>Existing users use this target precisely because their hosts are
>sending an unwanted MSS value, so it will never need to be added.
Ah, so they should be using TCPOPTSTRIP ;-)
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists