kernel: enable conntrack counter updates for iptables xt_FLOWOFFLOAD

Ensures that packet/byte counters in /proc/net/nf_conntrack are updated Signed-off-by: Felix Fietkau <nbd@nbd.name>
openwrt · Mar 24, 2023 · f84c940 · f84c940
1 parent 808014c
commit f84c940
Showing 1 changed file with 3 additions and 2 deletions.
diff --git a/target/linux/generic/hack-5.15/650-netfilter-add-xt_FLOWOFFLOAD-target.patch b/target/linux/generic/hack-5.15/650-netfilter-add-xt_FLOWOFFLOAD-target.patch
@@ -98,7 +98,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
  obj-$(CONFIG_NETFILTER_XT_TARGET_LED) += xt_LED.o
 --- /dev/null
 +++ b/net/netfilter/xt_FLOWOFFLOAD.c
-@@ -0,0 +1,697 @@
+@@ -0,0 +1,698 @@
 +/*
 + * Copyright (C) 2018-2021 Felix Fietkau <nbd@nbd.name>
 + *
@@ -752,6 +752,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
 +{
 +	INIT_DELAYED_WORK(&tbl->work, xt_flowoffload_hook_work);
 +	tbl->ft.type = &flowtable_inet;
++	tbl->ft.flags = NF_FLOWTABLE_COUNTER;
 +
 +	return nf_flow_table_init(&tbl->ft);
 +}
@@ -770,7 +771,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
 +	if (ret)
 +		goto cleanup;
 +
-+	flowtable[1].ft.flags = NF_FLOWTABLE_HW_OFFLOAD;
++	flowtable[1].ft.flags |= NF_FLOWTABLE_HW_OFFLOAD;
 +
 +	ret = xt_register_target(&offload_tg_reg);
 +	if (ret)