A problem with the MTU? What about adding some logging rules?
A problem with the MTU? What about adding some logging rules?
You are probably experiencing fragmentation problems. This usually happens when you're on a DSL uplink, some router between your host and the server requests packet fragmentation (by sending back the respective ICMP message), and the message gets dropped somewhere en-route, because some idiot admin blocks ICMP.
Try this:
iptables -t mangle -A POSTROUTING -p tcp --tcp-flags SYN,RST SYN \\ -o dsl1 -j TCPMSS --clamp-mss-to-pmtu
Besides, you do *not* have a firewall here, because you allow each and every traffic between the networks connected by this router.
cu
59cobaltHi I've got this firewall configuration on a suse 10.1 distribution: iptables -P INPUT ACCEPT iptables -P OUTPUT ACCEPT iptables -P FORWARD ACCEPT
iptables -t nat -A POSTROUTING -o dsl1 -j MASQUERADE echo 1 > /proc/sys/net/ipv4/ip_forward
Lan is working correctly.
The problem is that my lan computers behind this firewall can't open certain web sites, but other sites are correctly browsed. I can't understand the cause even because policies are dropping nothing.
Thanks
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.