source: lab.git/iptables/ufw/mangle.rules @ 920ad9e

trunk
Last change on this file since 920ad9e was 4999639, checked in by mitty <mitty@…>, 15 years ago
  • change --log-level to "err"
  • accept FORWARD from LAN (eth0 with 192.168.100.0/24)
  • drop CIFS access from/to WAN (eth1)
  • accept access from LAN
  • add custom rules for 'setfilter' script
    • mangle.rules, raw.rules

git-svn-id: https://lab.mitty.jp/svn/lab/trunk@12 7d2118f6-f56c-43e7-95a2-4bb3031d96e7

  • Property mode set to 100644
File size: 301 bytes
RevLine 
[4999639]1#
2# This file is used by /etc/init.d/setfilter
3#
4# Rules that should be stored in mangle table.
5
6
7*mangle
8# to overcome criminally braindead ISPs or servers which block ICMP Fragmentation Needed packets
9# see iptables(8)
10-A FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
11
12COMMIT
Note: See TracBrowser for help on using the repository browser.