OpenWrt – Rev 4
?pathlinks?
From: Felix Fietkau <nbd@nbd.name>
Date: Sun, 25 Mar 2018 21:10:55 +0200
Subject: [PATCH] netfilter: nf_flow_table: rework hardware offload timeout
handling
Some offload implementations send keepalive packets + explicit
notifications of TCP FIN/RST packets. In this case it is more convenient
to simply let the driver update flow->timeout handling and use the
regular flow offload gc step.
For drivers that manage their own lifetime, a separate flag can be set
to avoid gc timeouts.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
---
--- a/include/net/netfilter/nf_flow_table.h
+++ b/include/net/netfilter/nf_flow_table.h
@@ -76,6 +76,7 @@ struct flow_offload_tuple_rhash {
#define FLOW_OFFLOAD_DYING 0x4
#define FLOW_OFFLOAD_TEARDOWN 0x8
#define FLOW_OFFLOAD_HW 0x10
+#define FLOW_OFFLOAD_KEEP 0x20
struct flow_offload {
struct flow_offload_tuple_rhash tuplehash[FLOW_OFFLOAD_DIR_MAX];
--- a/net/netfilter/nf_flow_table_core.c
+++ b/net/netfilter/nf_flow_table_core.c
@@ -358,7 +358,7 @@ static int nf_flow_offload_gc_step(struc
if (!teardown)
nf_ct_offload_timeout(flow);
- if (nf_flow_in_hw(flow) && !teardown)
+ if ((flow->flags & FLOW_OFFLOAD_KEEP) && !teardown)
continue;
if (nf_flow_has_expired(flow) || teardown)