From: Felix Fietkau Date: Fri, 18 Oct 2024 06:00:20 +0000 (+0200) Subject: defaults.c: fix ipv6 flow offloading X-Git-Url: http://git.lede-project.org./?a=commitdiff_plain;h=refs%2Fheads%2Fmaster;p=project%2Ffirewall3.git defaults.c: fix ipv6 flow offloading The xt_FLOWOFFLOAD target expects that par->thoff points to the beginning of the TCP header. For IPv4 that is always the case. However, on IPv6, the field is only initialized, if a protocol match was performed. Simply matching any protocol (protocol = 0) is enough to trigger the thoff initialization, so add it to the emitted rule. Signed-off-by: Felix Fietkau --- diff --git a/defaults.c b/defaults.c index 8a9a929..66fbc96 100644 --- a/defaults.c +++ b/defaults.c @@ -251,7 +251,10 @@ fw3_print_default_head_rules(struct fw3_ipt_handle *handle, if (defs->flow_offloading) { + struct fw3_protocol any = {}; + r = fw3_ipt_rule_new(handle); + fw3_ipt_rule_proto(r, &any); fw3_ipt_rule_comment(r, "Traffic offloading"); fw3_ipt_rule_extra(r, "-m conntrack --ctstate RELATED,ESTABLISHED"); fw3_ipt_rule_target(r, "FLOWOFFLOAD");