From 2d15f51c44b1e884488658c89a4eb13581099507 Mon Sep 17 00:00:00 2001
From: unifreq <39355261+unifreq@users.noreply.github.com>
Date: Tue, 1 Mar 2022 00:29:49 +0800
Subject: [PATCH] Fixed a bug that could crash the kernel, and limit the value
 of the sysctl variable: net.netfilter.nf_conntrack_tcp_no_window_check to 0
 or 1. (#8967)

---
 .../613-netfilter_optional_tcp_window_check.patch           | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/target/linux/generic/pending-5.15/613-netfilter_optional_tcp_window_check.patch b/target/linux/generic/pending-5.15/613-netfilter_optional_tcp_window_check.patch
index 249c3c8a8..85d0da172 100644
--- a/target/linux/generic/pending-5.15/613-netfilter_optional_tcp_window_check.patch
+++ b/target/linux/generic/pending-5.15/613-netfilter_optional_tcp_window_check.patch
@@ -44,9 +44,11 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
 +	[NF_SYSCTL_CT_PROTO_TCP_NO_WINDOW_CHECK] = {
 +		.procname       = "nf_conntrack_tcp_no_window_check",
 +		.data           = &init_net.ct.sysctl_no_window_check,
-+		.maxlen         = sizeof(unsigned int),
++		.maxlen         = sizeof(u8),
 +		.mode           = 0644,
-+		.proc_handler   = proc_dointvec,
++		.proc_handler	= proc_dou8vec_minmax,
++		.extra1 	= SYSCTL_ZERO,
++		.extra2 	= SYSCTL_ONE,
 +	},
  	{}
  };