[firewall] T314: add firewall options for MSS clamping
- clamp MSS IPv4 set firewall options interface pppoe0 adjust-mss '1452'
- clamp MSS IPv6 set firewall options interface pppoe0 adjust-mss6 '1452'
- disable entire rule set firewall options interface pppoe0 disable
Output
$ sudo iptables-save -t mangle # Generated by iptables-save v1.4.21 on Sun Apr 21 12:56:25 2019 *mangle :PREROUTING ACCEPT [1217:439885] :INPUT ACCEPT [290:52459] :FORWARD ACCEPT [920:375774] :OUTPUT ACCEPT [301:100053] :POSTROUTING ACCEPT [1221:475827] :VYOS_FW_OPTIONS - [0:0] -A FORWARD -j VYOS_FW_OPTIONS -A VYOS_FW_OPTIONS -o pppoe0 -p tcp -m tcp --tcp-flags SYN,RST SYN -j TCPMSS --set-mss 1452 COMMIT Completed on Sun Apr 21 12:56:25 2019