From 53430d490eee46099c4e2900e22db37473cb0d63 Mon Sep 17 00:00:00 2001
From: Valentin Samir <samir@crans.org>
Date: Sun, 11 Nov 2012 16:50:55 +0100
Subject: [PATCH] [firewall_new] On modifie la taille maximale d'un segment TCP
 pour la connexion appartement.

Ignore-this: acf416db7bc38356bf2b98e4505078ae

darcs-hash:20121111155055-3a55a-4a4173013fbdb57d504a219fb37cc56a6c89352d.gz
---
 gestion/gen_confs/firewall_new.py | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/gestion/gen_confs/firewall_new.py b/gestion/gen_confs/firewall_new.py
index 629a719f..0491a015 100755
--- a/gestion/gen_confs/firewall_new.py
+++ b/gestion/gen_confs/firewall_new.py
@@ -761,6 +761,9 @@ class firewall_komaz(firewall_crans) :
         iptables("-A FORWARD -i %s -j BLACKLIST_DST" % self.eth_ext )
         iptables("-A FORWARD -o %s -j BLACKLIST_SRC" % self.eth_ext )
         iptables("-A FORWARD -s ! %s -d ! %s -j FILTRE_P2P" % (self.zone_serveur, self.zone_serveur) )
+
+	# Appartement ENS
+        iptables("-A FORWARD -i crans.21 -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --set-mss 1456")
         iptables("-A FORWARD -s %s -j ACCEPT" % NETs['personnel-ens'][0])
         iptables("-A FORWARD -d %s -j ACCEPT" % NETs['personnel-ens'][0])