Is it a good idea to control MSS value on router raw firewall? Trying to discard packet not fall between value 536-1500 and objective is to prevent flood or dos attack. Anyone has the same configuration?
He probably means some form of "attack" where TCP sessions with a very small MSS are set up, and so there is a large number of packets used to transport only very little data.
It would be possible to filter on that, but it is not unlikely that this can cause some erroneous packet drops.