git.openwrt.org Git - openwrt/staging/xback.git/blob

   1 From 84443741faab9045d53f022a9ac6a6633067a481 Mon Sep 17 00:00:00 2001
   2 From: Felix Fietkau <nbd@nbd.name>
   3 Date: Wed, 14 Feb 2024 15:42:35 +0100
   4 Subject: [PATCH] netfilter: nf_tables: fix bidirectional offload regression
   5
   6 Commit 8f84780b84d6 ("netfilter: flowtable: allow unidirectional rules")
   7 made unidirectional flow offload possible, while completely ignoring (and
   8 breaking) bidirectional flow offload for nftables.
   9 Add the missing flag that was left out as an exercise for the reader :)
  10
  11 Cc: Vlad Buslov <vladbu@nvidia.com>
  12 Fixes: 8f84780b84d6 ("netfilter: flowtable: allow unidirectional rules")
  13 Reported-by: Daniel Golle <daniel@makrotopia.org>
  14 Signed-off-by: Felix Fietkau <nbd@nbd.name>
  15 Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
  16 ---
  17  net/netfilter/nft_flow_offload.c | 1 +
  18  1 file changed, 1 insertion(+)
  19
  20 --- a/net/netfilter/nft_flow_offload.c
  21 +++ b/net/netfilter/nft_flow_offload.c
  22 @@ -367,6 +367,7 @@ static void nft_flow_offload_eval(const
  23         if (tcph)
  24                 flow_offload_ct_tcp(ct);
  25
  26 +       __set_bit(NF_FLOW_HW_BIDIRECTIONAL, &flow->flags);
  27         ret = flow_offload_add(flowtable, flow);
  28         if (ret < 0)
  29                 goto err_flow_add;