Hi Avishay, Have you tried to reduce the MTU on the internal hosts to 1452? (see the bottom of the adsl howto if you don't know how).
If you're using netfilter you can just use: 'iptables -A FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu' instead. Sagi On Friday 16 November 2001 21:03, Avishay Aton wrote: > sure,everything works great from the router(linux/freebsd - i switch > between them) > but from the Lan , i can't get some sites(linuxtoday.com , > alcatel.com.....) > from snort ouput i can see the first stage of the connection(3 hand > shaking) ----- Original Message ----- > From: "Matan Ziv-Av" <[EMAIL PROTECTED]> > To: "Avishay Aton" <[EMAIL PROTECTED]> > Cc: <[EMAIL PROTECTED]> > Sent: Friday, November 16, 2001 8:32 PM > Subject: Re: Linux(2.4.x) and masqeurating > > > On Fri, 16 Nov 2001, Avishay Aton wrote: > > > Hi, > > > i connect to the net with pptp + adsl, and i use nat on my linux > > box(2.4.x) for other computers on > > > > my private network. > > > My nat rule is simple one: > > > > > > modprobe iptable_nat > > > modprobe ip_conntrack_ftp > > > iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE > > > > > > > > > I can get most of the sites , but for example www.linuxtoday.com dosn't > > work for me. > > > Does it work from the router itself? > > If not, it sounds like ECN problem. > > > > > > -- > > Matan Ziv-Av. [EMAIL PROTECTED] > > ================================================================= > To unsubscribe, send mail to [EMAIL PROTECTED] with > the word "unsubscribe" in the message body, e.g., run the command > echo unsubscribe | mail [EMAIL PROTECTED] ================================================================= To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
