.\" Automatically generated by Pandoc 1.17.2
.nh
.\"
.TH "firehol\-tcpmss" "5" "Built 21 Jan 2017" "FireHOL Reference" "3.1.1"
.hy
.SH NAME
.PP
firehol\-tcpmss \- set the MSS of TCP SYN packets for routers
.SH SYNOPSIS
.PP
tcpmss { \f[I]mss\f[] | auto } [\f[I]if\-list\f[]]
.SH DESCRIPTION
.PP
The \f[C]tcpmss\f[] helper command sets the MSS (Maximum Segment Size)
of TCP SYN packets routed through the firewall.
This can be used to overcome situations where Path MTU Discovery is not
working and packet fragmentation is not possible.
.PP
A numeric \f[I]mss\f[] will set MSS of TCP connections to the value
given.
Using the word \f[C]auto\f[] will set the MSS to the MTU of the outgoing
interface minus 40 (clamp\-mss\-to\-pmtu).
.PP
If used within a \f[C]router\f[] or \f[C]interface\f[] definition the
MSS will be applied to outgoing traffic on the \f[C]outface\f[](s) of
the router or interface.
.PP
If used before any router or interface definitions it will be applied to
all traffic passing through the firewall.
If \f[I]if\-list\f[] is given, the MSS will be applied only to those
interfaces.
.SH EXAMPLES
.IP
.nf
\f[C]

tcpmss\ auto

tcpmss\ 500

tcpmss\ 500\ "eth1\ eth2\ eth3"
\f[]
.fi
.SH SEE ALSO
.IP \[bu] 2
firehol(1) \- FireHOL program
.IP \[bu] 2
firehol.conf(5) \- FireHOL configuration
.IP \[bu] 2
firehol\-interface(5) \- interface definition
.IP \[bu] 2
firehol\-router(5) \- router definition
.IP \[bu] 2
FireHOL Website (http://firehol.org/)
.IP \[bu] 2
FireHOL Online PDF Manual (http://firehol.org/firehol-manual.pdf)
.IP \[bu] 2
FireHOL Online Documentation (http://firehol.org/documentation/)
.IP \[bu] 2
TCPMSS target in the iptables
tutorial (https://www.frozentux.net/iptables-tutorial/iptables-tutorial.html#TCPMSSTARGET)
.SH AUTHORS
FireHOL Team.