X-Git-Url: http://lab.mitty.jp/git/?a=blobdiff_plain;ds=sidebyside;f=iptables%2Fufw%2Fmangle.rules;fp=iptables%2Fufw%2Fmangle.rules;h=a54f5259796d4e8448e68d0e189ea26cbfa5d807;hb=49996391c0a72e72d2f07c9959e94f6036d621bb;hp=0000000000000000000000000000000000000000;hpb=ab902ad3696baaa38816efef2c2b60610daae511;p=lab.git

diff --git a/iptables/ufw/mangle.rules b/iptables/ufw/mangle.rules
new file mode 100644
index 0000000..a54f525
--- /dev/null
+++ b/iptables/ufw/mangle.rules
@@ -0,0 +1,12 @@
+#
+# This file is used by /etc/init.d/setfilter
+#
+# Rules that should be stored in mangle table.
+
+
+*mangle
+# to overcome criminally braindead ISPs or servers which block ICMP Fragmentation Needed packets
+# see iptables(8)
+-A FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
+
+COMMIT