PPP mangle rules

On of the changes made in the 6.0 release candidates was this:

Only 2 change mss mangle rules are created for all ppp interfaces;

I’ve just added a new PPP interface to a router that has 3 others and this is causing me problems. The initial 3 interfaces all have a 1500 byte MTU but the latest one needs a smaller MTU (as it’s tunnelled). When I set change-tcp-mss on the PPP profile I get the following in the mangle rules:

 7 D chain=forward action=change-mss new-mss=1360 passthrough=yes tcp-flags=syn protocol=tcp in-interface=all-ppp tcp-mss=1361-65535

 8 D chain=forward action=change-mss new-mss=1360 passthrough=yes tcp-flags=syn protocol=tcp out-interface=all-ppp tcp-mss=1361-65535

This then affect the other PPP interfaces also. I understand that the change was made to optimise the number of rules where the device is used as a PPP concentrator but can this behaviour be disabled?


Matt.

Create static rules for the one interface that needs a lower mms and place them in front of the dynamic interfaces. Also, turn passthrough off for those rules. When the packets match this rule, the packets will not continue in the mangle chain (because passthrough is off).

Please be sure to place other needed rules before these rules.