projects
/
project
/
firewall4.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
| inline |
side by side
ruleset: apply egress MSS fixup later to apply final MTU before wire
[project/firewall4.git]
/
root
/
usr
/
share
/
firewall4
/
templates
/
zone-mssfix.uc
diff --git
a/root/usr/share/firewall4/templates/zone-mssfix.uc
b/root/usr/share/firewall4/templates/zone-mssfix.uc
index b76cfb65eacca7422098bd9fced236a971156b3a..17b6e92719ce8b6f4f7e81972d20d3c68f7cbad2 100644
(file)
--- a/
root/usr/share/firewall4/templates/zone-mssfix.uc
+++ b/
root/usr/share/firewall4/templates/zone-mssfix.uc
@@
-1,7
+1,7
@@
{%+ if (rule.family): -%}
meta nfproto {{ fw4.nfproto(rule.family) }} {%+ endif -%}
{%+ include("zone-match.uc", { egress, rule }) -%}
-tcp flags syn tcp option maxseg size set rt mtu {%+ if (zone.log & 2): -%}
+tcp flags syn
/ syn,fin,rst
tcp option maxseg size set rt mtu {%+ if (zone.log & 2): -%}
log prefix "MSSFIX {{ zone.name }} out: " {%+ endif -%}
comment "!fw4: Zone {{ zone.name }} {{
fw4.nfproto(rule.family, true)
projects / project / firewall4.git / blobdiff