298977887/lede
1
0
Fork 0
mirror of https://github.com/coolsnowwolf/lede.git synced 2025-07-18 15:46:59 +08:00
Code Issues Packages Projects Releases Wiki Activity

kernel: enable conntrack counter updates for iptables xt_FLOWOFFLOAD

Browse Source 
Ensures that packet/byte counters in /proc/net/nf_conntrack are updated

Signed-off-by: Felix Fietkau <nbd@nbd.name>
This commit is contained in:
Felix Fietkau 2023-03-23 21:44:10 +01:00 committed by AmadeusGhost
parent 3a82ee8b05
commit cc968a5b63
1 changed files with 5 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
target/linux/generic/hack-5.15/650-netfilter-add-xt_FLOWOFFLOAD-target.patch
View File

@ -98,7 +98,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
obj-$(CONFIG_NETFILTER_XT_TARGET_LED) += xt_LED.o obj-$(CONFIG_NETFILTER_XT_TARGET_LED) += xt_LED.o
--- /dev/null --- /dev/null
+++ b/net/netfilter/xt_FLOWOFFLOAD.c +++ b/net/netfilter/xt_FLOWOFFLOAD.c
@@ -0,0 +1,696 @@ @@ -0,0 +1,698 @@
+/* +/*
+ * Copyright (C) 2018-2021 Felix Fietkau <nbd@nbd.name> + * Copyright (C) 2018-2021 Felix Fietkau <nbd@nbd.name>
+ * + *
@ -293,11 +293,12 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
+ struct flow_offload *flow, void *data) + struct flow_offload *flow, void *data)
+{ +{
+ struct xt_flowoffload_table *table; + struct xt_flowoffload_table *table;
+ table = container_of(flowtable, struct xt_flowoffload_table, ft);
+ struct flow_offload_tuple *tuple0 = &flow->tuplehash[0].tuple; + struct flow_offload_tuple *tuple0 = &flow->tuplehash[0].tuple;
+ struct flow_offload_tuple *tuple1 = &flow->tuplehash[1].tuple; + struct flow_offload_tuple *tuple1 = &flow->tuplehash[1].tuple;
+ struct xt_flowoffload_hook *hook; + struct xt_flowoffload_hook *hook;
+ +
+ table = container_of(flowtable, struct xt_flowoffload_table, ft);
+
+ spin_lock_bh(&hooks_lock); + spin_lock_bh(&hooks_lock);
+ hlist_for_each_entry(hook, &table->hooks, list) { + hlist_for_each_entry(hook, &table->hooks, list) {
+ if (hook->ops.dev->ifindex != tuple0->iifidx && + if (hook->ops.dev->ifindex != tuple0->iifidx &&
@ -751,6 +752,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
+{ +{
+ INIT_DELAYED_WORK(&tbl->work, xt_flowoffload_hook_work); + INIT_DELAYED_WORK(&tbl->work, xt_flowoffload_hook_work);
+ tbl->ft.type = &flowtable_inet; + tbl->ft.type = &flowtable_inet;
+ tbl->ft.flags = NF_FLOWTABLE_COUNTER;
+ +
+ return nf_flow_table_init(&tbl->ft); + return nf_flow_table_init(&tbl->ft);
+} +}
@ -769,7 +771,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
+ if (ret) + if (ret)
+ goto cleanup; + goto cleanup;
+ +
+ flowtable[1].ft.flags = NF_FLOWTABLE_HW_OFFLOAD; + flowtable[1].ft.flags |= NF_FLOWTABLE_HW_OFFLOAD;
+ +
+ ret = xt_register_target(&offload_tg_reg); + ret = xt_register_target(&offload_tg_reg);
+ if (ret) + if (ret)