Q: Why does my firewall hate the cambridge picturehouse?

Jeremy Henty onepoint at starurchin.org
Wed Oct 22 15:37:48 CEST 2008

Previous message: Q: Why does my firewall hate the cambridge picturehouse?
Next message: Q: Why does my firewall hate the cambridge picturehouse?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Oct 22, 2008 at 02:16:01PM +0100, Ian Spray wrote:

> Just try the  'ip link' equivalent of 'ifconfig  eth0 mtu 1400' (I'm
> not on a Linux box right now so can't be sure of the syntax) and see
> if the problems go away.

That was easily done but it's made no difference: the connection still
chokes and dies, and the firewall logs loads of dropped packets.  :-(

Incidentally I don't see how fragmentation could affect the firewall's
behaviour, doesn't  connection tracking reassemble  the packets before
iptables applies the rules?

Regards, 

Jeremy Henty

Previous message: Q: Why does my firewall hate the cambridge picturehouse?
Next message: Q: Why does my firewall hate the cambridge picturehouse?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the CLUG mailing list