domenico/openwrt_NSS_ACW
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

kernel: fix offloading connections with SNAT + DNAT

Browse Source 
Signed-off-by: Felix Fietkau <nbd@nbd.name>
This commit is contained in:
Felix Fietkau
2018-03-23 19:15:58 +01:00
parent 48d17551b6
commit 99d511dcd3
1 changed files with 23 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
target/linux/generic/backport-4.14/368-netfilter-nf_flow_table-fix-offloading-connections-w.patch Normal file
View File

@@ -0,0 +1,23 @@
From: Felix Fietkau <nbd@nbd.name>
Date: Fri, 23 Mar 2018 19:12:30 +0100
Subject: [PATCH] netfilter: nf_flow_table: fix offloading connections with
SNAT+DNAT
Pass all NAT types to the flow offload struct, otherwise parts of the
address/port pair do not get translated properly, causing connection
stalls
Signed-off-by: Felix Fietkau <nbd@nbd.name>
---
--- a/net/netfilter/nf_flow_table_core.c
+++ b/net/netfilter/nf_flow_table_core.c
@@ -83,7 +83,7 @@ flow_offload_alloc(struct nf_conn *ct, s
if (ct->status & IPS_SRC_NAT)
flow->flags |= FLOW_OFFLOAD_SNAT;
- else if (ct->status & IPS_DST_NAT)
+ if (ct->status & IPS_DST_NAT)
flow->flags |= FLOW_OFFLOAD_DNAT;
return flow;