Author: Martijn Lievaart <m@rtij.nl>
Status: ItWorksForMe(tm)

This patch adds CONFIG_IP_NF_MATCH_DONTFRAG which allows you to match
the ipv4 DF bit. This is useful with the FRAGNEEDED target to
investigate pmtud problems or to force pmtud when other parts of the
network don't NAT the icmp-fragmentation-needed messages correctly.

You probably want to use the length patch as well.

Example:
iptables -A INPUT -d x.x.x.x -m dontfrag -m length --length 1401: -j FRAGNEEDED --mtu 1400