summaryrefslogtreecommitdiff
path: root/Makefile
diff options
context:
space:
mode:
authorChristian Poessinger <christian@poessinger.com>2019-04-21 13:19:12 +0200
committerChristian Poessinger <christian@poessinger.com>2019-04-21 13:19:12 +0200
commit476aa4c3a561ea0ef0bf9b4c26ec8b78d18a5d02 (patch)
treec3001c3c6619a39e12c712909518769391a03a71 /Makefile
parentafbd14c8a97984f7b1385ee6eaff08a7e2264956 (diff)
downloadvyos-1x-476aa4c3a561ea0ef0bf9b4c26ec8b78d18a5d02.tar.gz
vyos-1x-476aa4c3a561ea0ef0bf9b4c26ec8b78d18a5d02.zip
[firewall] T314: add firewall options for MSS clamping
* clamp MSS IPv4 set firewall options interface pppoe0 adjust-mss '1452' * clamp MSS IPv6 set firewall options interface pppoe0 adjust-mss6 '1452' * disable entire rule set firewall options interface pppoe0 disable Output ------ $ sudo iptables-save -t mangle # Generated by iptables-save v1.4.21 on Sun Apr 21 12:56:25 2019 *mangle :PREROUTING ACCEPT [1217:439885] :INPUT ACCEPT [290:52459] :FORWARD ACCEPT [920:375774] :OUTPUT ACCEPT [301:100053] :POSTROUTING ACCEPT [1221:475827] :VYOS_FW_OPTIONS - [0:0] -A FORWARD -j VYOS_FW_OPTIONS -A VYOS_FW_OPTIONS -o pppoe0 -p tcp -m tcp --tcp-flags SYN,RST SYN -j TCPMSS --set-mss 1452 COMMIT Completed on Sun Apr 21 12:56:25 2019
Diffstat (limited to 'Makefile')
-rw-r--r--Makefile1
1 files changed, 1 insertions, 0 deletions
diff --git a/Makefile b/Makefile
index dd3d2d00f..e4b230622 100644
--- a/Makefile
+++ b/Makefile
@@ -9,6 +9,7 @@ interface_definitions:
find $(CURDIR)/interface-definitions/ -type f -name "*.xml" | xargs -I {} $(CURDIR)/scripts/build-command-templates {} $(CURDIR)/schema/interface_definition.rng $(TMPL_DIR) || exit 1
# XXX: delete top level node.def's that now live in other packages
+ rm -f $(TMPL_DIR)/firewall/node.def
rm -f $(TMPL_DIR)/interfaces/node.def
rm -f $(TMPL_DIR)/protocols/node.def
rm -f $(TMPL_DIR)/system/node.def