<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN">
<html><body>
<p>Hi,</p>
<pre>Thank you David and Akemi.<br /><br />I will try to update the iptables first on my test system and than want to think about the upgrade to CentOs 6.<br /><br />Best regards,<br />Michel</pre>
<p>On Sun, 17 Jul 2011 10:23:31 -0700, Akemi Yagi wrote:</p>
<blockquote type="cite" style="padding-left:5px; border-left:#1010ff 2px solid; margin-left:5px; width:100%"><!-- html ignored --><!-- head ignored --><!-- meta ignored -->
<pre>On Sun, Jul 17, 2011 at 9:55 AM, David Ranch <<a href="mailto:elrepo@trinnet.net">elrepo@trinnet.net</a>> wrote:</pre>
<blockquote type="cite" style="padding-left:5px; border-left:#1010ff 2px solid; margin-left:5px; width:100%">Hello Michael, You are running ip6tables v1.3.5 but MSS clamping wasn't added until 1.3.8. Do a search for "mss" in the changelog and you'll find it: <a href="http://ftp.netfilter.org/pub/iptables/changes-iptables-1.3.8.txt">http://ftp.netfilter.org/pub/iptables/changes-iptables-1.3.8.txt</a> The current stable version of iptables and ip6tables is 1.4.11. --David</blockquote>
<pre>Ah, so Phil's guess was right.
RHEL/CentOS/SL-6 has iptables-1.4.7-3.el6. Also the el6 kernel has the
xt_TCPMSS(ip6t_TCPMSS) module. If upgrading to the el6 OS is the
option for you, Michel, that would be the easiest solution.
Akemi
_______________________________________________
elrepo-devel mailing list
<a href="mailto:elrepo-devel@lists.elrepo.org">elrepo-devel@lists.elrepo.org</a>
<a href="http://lists.elrepo.org/mailman/listinfo/elrepo-devel">http://lists.elrepo.org/mailman/listinfo/elrepo-devel</a>
</pre>
</blockquote>
<p> </p>
<div>-- <br />
<pre>Check out my website: <a href="http://michel.foto-logs.nl">http://michel.foto-logs.nl</a></pre>
</div>
</body></html>