From 14e9d63ab7353587cdb84a71d4907a3cc4ac5f6f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9bastien=20Bourdeauducq?= Date: Thu, 17 Oct 2024 15:08:27 +0800 Subject: [PATCH] nixbld: apply TCP MSS clamping to USA tunnel --- nixbld-etc-nixos/configuration.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/nixbld-etc-nixos/configuration.nix b/nixbld-etc-nixos/configuration.nix index 352f9bd1..f6873794 100644 --- a/nixbld-etc-nixos/configuration.nix +++ b/nixbld-etc-nixos/configuration.nix @@ -192,6 +192,7 @@ in iptables -w -N pccw-sucks iptables -A pccw-sucks -o ${netifSit} -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --set-mss 1440 iptables -A pccw-sucks -o ${netifAlt} -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --set-mss 1380 + iptables -A pccw-sucks -o ${netifUSA} -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --set-mss 1380 iptables -w -A FORWARD -j pccw-sucks ''; extraStopCommands = ''