Re: [PATCH] xt_TCPMSS: SYN packets are allowed to contain data

From: Jan Engelhardt
Date: Thu Jan 21 2010 - 07:58:26 EST

On Thursday 2010-01-21 13:47, Simon Arlott wrote:
>The TCPMSS target can be applied to more than just one direction
>of traffic. I'm modifying incoming traffic too, so adding the MSS
>option and setting it to over 536 is wrong (although the first ICMP
>error will fix it).
>Existing users use this target precisely because their hosts are
>sending an unwanted MSS value, so it will never need to be added.

Ah, so they should be using TCPOPTSTRIP ;-)

To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at
Please read the FAQ at