Firewall problems

You are probably experiencing fragmentation problems. This usually happens when you're on a DSL uplink, some router between your host and the server requests packet fragmentation (by sending back the respective ICMP message), and the message gets dropped somewhere en-route, because some idiot admin blocks ICMP.

Try this:

iptables -t mangle -A POSTROUTING -p tcp --tcp-flags SYN,RST SYN \\ -o dsl1 -j TCPMSS --clamp-mss-to-pmtu

Besides, you do *not* have a firewall here, because you allow each and every traffic between the networks connected by this router.

cu

Hi I've got this firewall configuration on a suse 10.1 distribution: iptables -P INPUT ACCEPT iptables -P OUTPUT ACCEPT iptables -P FORWARD ACCEPT

iptables -t nat -A POSTROUTING -o dsl1 -j MASQUERADE echo 1 > /proc/sys/net/ipv4/ip_forward

Lan is working correctly.

The problem is that my lan computers behind this firewall can't open certain web sites, but other sites are correctly browsed. I can't understand the cause even because policies are dropping nothing.

Thanks