From 52e74f4b3fe3f379912815c9ed6ad11a387f1cc6 Mon Sep 17 00:00:00 2001 From: Brielle Date: Thu, 9 Apr 2015 15:35:54 -0600 Subject: [PATCH] Fix 'all' option for mss clamp --- lib/iptables.inc | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/lib/iptables.inc b/lib/iptables.inc index 76d938b..92f94cf 100644 --- a/lib/iptables.inc +++ b/lib/iptables.inc @@ -175,8 +175,9 @@ function enable_mss_clamp { while read -r interface mss type msssize; do [[ ${interface} = \#* ]] && continue [[ ${interface} = "" ]] && continue - [[ -z ${mss} ]] && mss="-" - [[ ${mss} == "-" ]] && mss="1400:1536" + #[[ -z ${mss} ]] && mss="-" + [[ ${mss} != "-" ]] && mss="--mss ${mss}" + [[ ${mss} == "-" ]] && mss="" [[ -z ${type} ]] && type="-" [[ ${type} == "-" ]] && type="${OutFilter}" [[ ${type} == "out" ]] && type="${OutFilter}" @@ -188,7 +189,7 @@ function enable_mss_clamp { [[ ${interface} == "all" ]] && interface="" ${debug} ${DebugColor} "${FUNCNAME}:${DEFAULT_COLOR} Read: ${interface} ${mss} ${type} ${msssize}" ${VER_IPTABLES} -A ${type} -p tcp --tcp-flags SYN,RST SYN -j TCPMSS \ - ${interface} -m tcpmss --mss ${mss} ${msssize} + ${interface} -m tcpmss ${mss} ${msssize} unset interface mss type msssize done < "${FWCONFIGDIR}/ipv${IPVER}/mss-clamp.conf"