defaults.c: fix ipv6 flow offloading

The xt_FLOWOFFLOAD target expects that par->thoff points to the beginning
of the TCP header. For IPv4 that is always the case. However, on IPv6, the
field is only initialized, if a protocol match was performed.
Simply matching any protocol (protocol = 0) is enough to trigger the thoff
initialization, so add it to the emitted rule.

Signed-off-by: Felix Fietkau <nbd@nbd.name>

diff --git a/defaults.c b/defaults.c
index 8a9a9295f00500ca7ba655de111acc643d41b214..66fbc96d7c239bb61fa24ce09758bf3338e40d73 100644 (file)
--- a/defaults.c
+++ b/defaults.c
@@ -251,7 +251,10 @@ fw3_print_default_head_rules(struct fw3_ipt_handle *handle,
 
                if (defs->flow_offloading)
                {
+                       struct fw3_protocol any = {};
+
                        r = fw3_ipt_rule_new(handle);
+                       fw3_ipt_rule_proto(r, &any);
                        fw3_ipt_rule_comment(r, "Traffic offloading");
                        fw3_ipt_rule_extra(r, "-m conntrack --ctstate RELATED,ESTABLISHED");
                        fw3_ipt_rule_target(r, "FLOWOFFLOAD");