It looks like mss is not a valid option in firewall filters:
root# set firewall family inet filter test term 1 from protocol tcp ? Possible completions:<[Enter]> Execute this command + apply-groups Groups from which to inherit configuration data + apply-groups-except Don't inherit configuration data from these groups> destination-address Match IP destination address + destination-port Match TCP/UDP destination port> destination-prefix-list Match IP destination prefixes in named list + dscp Match Differentiated Services (DiffServ) code point fragment-flags Match fragment flags (in symbolic or hex formats) - (Ingress only) + icmp-code Match ICMP message code + icmp-type Match ICMP message type> interface Match interface name + ip-options Match IP options is-fragment Match if packet is a fragment + precedence Match IP precedence value + protocol Match IP protocol type> source-address Match IP source address + source-port Match TCP/UDP source port> source-prefix-list Match IP source prefixes in named list tcp-established Match packet of an established TCP connection tcp-flags Match TCP flags (in symbolic or hex formats) tcp-initial Match initial packet of a TCP connection + ttl Match IP ttl type