From b0c0422579e2d2958c59de694d4bdf0af9c4e77f Mon Sep 17 00:00:00 2001
From: Pierre-Hugues Husson <phh@phh.me>
Date: Mon, 29 Jul 2019 18:09:12 +0200
Subject: [PATCH 2/2] Don't fail on FTP conntracking failing

The issue has been seen on some Samsung devices.
See https://github.com/phhusson/treble_experimentations/issues/425

Thanks @zamrih for pin-pointing the issue and validating fix

Change-Id: I3d9c865eb5a4b421f9983210c2ceae62b4906234
---
 server/TetherController.cpp | 14 ++++++++++----
 1 file changed, 10 insertions(+), 4 deletions(-)

diff --git a/server/TetherController.cpp b/server/TetherController.cpp
index 884b8138..0c0ad68a 100644
--- a/server/TetherController.cpp
+++ b/server/TetherController.cpp
@@ -629,11 +629,17 @@ int TetherController::setForwardRules(bool add, const char *intIface, const char
         return -1;
     }
 
+    std::vector<std::string> v4Ftp = {
+            "*raw",
+            StringPrintf("%s %s -p tcp --dport 21 -i %s -j CT --helper ftp",
+                            op, LOCAL_RAW_PREROUTING, intIface),
+            "COMMIT",
+    };
+    if(iptablesRestoreFunction(V4, Join(v4Ftp, '\n'), nullptr) == -1) {
+            ALOGE("Failed adding iptables CT target on FTP.");
+    }
+
     std::vector<std::string> v4 = {
-        "*raw",
-        StringPrintf("%s %s -p tcp --dport 21 -i %s -j CT --helper ftp",
-                     op, LOCAL_RAW_PREROUTING, intIface),
-        "COMMIT",
         "*filter",
         StringPrintf("%s %s -i %s -o %s -m state --state ESTABLISHED,RELATED -g %s",
                      op, LOCAL_FORWARD, extIface, intIface, LOCAL_TETHER_COUNTERS_CHAIN),
-- 
2.17.1