Hi,
I'm on ADSL and !important]Netalyzr claims I can't send fragmented UDP traffic, that is, until I move the clamp-mss-to-pmtu rule to the mangle table.
I have the following firewall-start script which fixes the problem:
- #!/bin/sh
- iptables -D FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
- iptables -t mangle -A POSTROUTING -p tcp --tcp-flags SYN,RST SYN -j TCPMSS -o ppp0 --clamp-mss-to-pmtu
OpenWRT decided to move the rule to the mangle table. There are a few OpenWRT discussions about this. Now, putting the rule in FORWARD or POSTROUTING seems to be a great debate, but in my case, fixed some things.
https://lists.openwrt.org/piperm ... ebruary/014129.html
Netalyzr is also claiming that ICMP too big packets are blocked, which could explain why the fix is necessary to start with. Is there a ICMP blocking rule on Asuswrt or (most probably) my ISP is blocking them?
|
/1 
