ruleset: apply egress MSS fixup later to apply final MTU before wire

[project/firewall4.git] / tests / 01_configuration / 01_ruleset

diff --git a/tests/01_configuration/01_ruleset b/tests/01_configuration/01_ruleset
index c1a12c7ad91e642b2da8f5db22197332c3ba519b..108dff9590bbaa19189e16e8fbf1c37eda23f8b6 100644 (file)
--- a/tests/01_configuration/01_ruleset
+++ b/tests/01_configuration/01_ruleset
@@ -269,6 +269,7 @@ table inet fw4 {
 
        chain mangle_postrouting {
                type filter hook postrouting priority mangle; policy accept;
+               oifname "pppoe-wan" tcp flags syn / syn,fin,rst tcp option maxseg size set rt mtu comment "!fw4: Zone wan IPv4/IPv6 egress MTU fixing"
        }
 
        chain mangle_input {
@@ -281,8 +282,7 @@ table inet fw4 {
 
        chain mangle_forward {
                type filter hook forward priority mangle; policy accept;
-               iifname "pppoe-wan" tcp flags syn tcp option maxseg size set rt mtu comment "!fw4: Zone wan IPv4/IPv6 ingress MTU fixing"
-               oifname "pppoe-wan" tcp flags syn tcp option maxseg size set rt mtu comment "!fw4: Zone wan IPv4/IPv6 egress MTU fixing"
+               iifname "pppoe-wan" tcp flags syn / syn,fin,rst tcp option maxseg size set rt mtu comment "!fw4: Zone wan IPv4/IPv6 ingress MTU fixing"
        }
 }
 -- End --