Android SDK
  1. Android SDK

linux-imx

Public

Commits

Pablo Neira Ayuso
66293c46c93
Pablo Neira Ayuso committed 270a8a297f4
netfilter: nft_flow_offload: add entry to flowtable after confirmation

This is fixing flow offload for UDP traffic where packets only follow
one single direction.

The flow_offload_fixup_tcp() mechanism works fine in case that the
offloaded entry remains in SYN_RECV state, given sequence tracking is
reset and that conntrack handles syn+ack packets as a retransmission, ie.

	sES + synack => sIG

for reply traffic.

Fixes: a3c90f7a2323 ("netfilter: nf_tables: flow offload expression")
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>