Re: [PATCH] xt_TCPMSS: SYN packets are allowed to contain data

From: Jan Engelhardt
Date: Thu Jan 21 2010 - 07:58:26 EST

Next message: Patrick McHardy: "Re: [PATCH] xt_TCPMSS: SYN packets are allowed to contain data"
Previous message: Mahesh Salgaonkar: "[patch] HWBKPT FIX: Release the bp slot ifarch_validate_hwbkpt_settings() fails."
In reply to: Simon Arlott: "Re: [PATCH] xt_TCPMSS: SYN packets are allowed to contain data"
Next in thread: Patrick McHardy: "Re: [PATCH] xt_TCPMSS: SYN packets are allowed to contain data"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thursday 2010-01-21 13:47, Simon Arlott wrote:
>
>The TCPMSS target can be applied to more than just one direction
>of traffic. I'm modifying incoming traffic too, so adding the MSS
>option and setting it to over 536 is wrong (although the first ICMP
>error will fix it).
>
>Existing users use this target precisely because their hosts are
>sending an unwanted MSS value, so it will never need to be added.

Ah, so they should be using TCPOPTSTRIP ;-)

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Patrick McHardy: "Re: [PATCH] xt_TCPMSS: SYN packets are allowed to contain data"
Previous message: Mahesh Salgaonkar: "[patch] HWBKPT FIX: Release the bp slot ifarch_validate_hwbkpt_settings() fails."
In reply to: Simon Arlott: "Re: [PATCH] xt_TCPMSS: SYN packets are allowed to contain data"
Next in thread: Patrick McHardy: "Re: [PATCH] xt_TCPMSS: SYN packets are allowed to contain data"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]