Hello, I set up a IPSec service on my FreeBSD server and some clients connect it via this IPSec tunnel. Because IPSec requires extra bytes from headers so these packets have lower size capacity. I want to write rules in /etc/pf.conf to overwrite the tcpmss value of TCP packets, bidirectional, for SYN and SYN/ACK packets.
I successfully set up similar rules with iptables on Ubuntu servers but I don't know how to achieve the same goal on FreeBSD via PF. Thanks.
I successfully set up similar rules with iptables on Ubuntu servers but I don't know how to achieve the same goal on FreeBSD via PF. Thanks.