There is TCPMSS target to edit MSS value of connections (including forwarded).
How to edit window size (for example, cap to some maximum value) by iptables rule?
Expecting something like
iptables -t mangle -A OUTPUT -p tcp --dport 1234 -j TCPWINDOW --tcpwindow-set 'min(val,100000)'
To change TCP window from iptables you need to:
iptables -t mangle -I OUTPUT -p tcp --sport 80 --tcp-flags SYN,ACK SYN,ACK -j TCPWIN --tcpwin-set 1000
Yes, you can use the option --set-mss to achieve this.
Example:
iptables -I FORWARD -o ppp0 -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --set-mss 1492
Documentation: http://www.linuxtopia.org/Linux_Firewall_iptables/x4700.html
