From 7e4cac96fa08ed8734b20d7a8e70010b204d0f9d Mon Sep 17 00:00:00 2001 From: Brielle Date: Fri, 29 May 2015 11:45:05 -0600 Subject: [PATCH] Some fixes for mss clamping --- lib/iptables.inc | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/lib/iptables.inc b/lib/iptables.inc index e2f7d9d..16abaaf 100644 --- a/lib/iptables.inc +++ b/lib/iptables.inc @@ -175,6 +175,7 @@ function enable_mss_clamp { while read -r interface mss type msssize; do [[ ${interface} = \#* ]] && continue [[ ${interface} = "" ]] && continue + [[ ${interface} == "all" ]] && isallinterfaces="yes" #[[ -z ${mss} ]] && mss="-" [[ ${mss} != "-" ]] && mss="-m tcpmss --mss ${mss}" [[ ${mss} == "-" ]] && mss="" @@ -189,11 +190,11 @@ function enable_mss_clamp { #[[ ${interface} != "all" ]] && interface="-o ${interface}" [[ ${type} == "${InFilter}" ]] && interface="-i ${interface}" [[ ${type} == "${OutFilter}" ]] && interface="-o ${interface}" - [[ ${interface} == "all" ]] && interface="" + [[ ${isallinterfaces} == "yes" ]] && interface="" ${debug} ${DebugColor} "${FUNCNAME}:${DEFAULT_COLOR} Read: ${interface} ${mss} ${type} ${msssize}" ${VER_IPTABLES} -A ${type} -p tcp --tcp-flags SYN,RST SYN -j TCPMSS \ ${interface} ${mss} ${msssize} - unset interface mss type msssize + unset interface mss type msssize isallinterfaces done < "${FWCONFIGDIR}/ipv${IPVER}/mss-clamp.conf" ${debug} ${DebugColor} "${FUNCNAME}:${DEFAULT_COLOR} done"