From 107c7e3fbff713065def6e10f11e7210929726fe Mon Sep 17 00:00:00 2001
From: Pierre-Hugues Husson <phh@phh.me>
Date: Mon, 29 Jul 2019 18:09:12 +0200
Subject: [PATCH 2/2] Don't fail on FTP conntracking failing

The issue has been seen on some Samsung devices.
See https://github.com/phhusson/treble_experimentations/issues/425

Thanks @zamrih for pin-pointing the issue and validating fix

Change-Id: I3d9c865eb5a4b421f9983210c2ceae62b4906234
---
 server/TetherController.cpp | 14 +++++++++-----
 1 file changed, 9 insertions(+), 5 deletions(-)

diff --git a/server/TetherController.cpp b/server/TetherController.cpp
index 64ff80b0..2fa4a0c9 100644
--- a/server/TetherController.cpp
+++ b/server/TetherController.cpp
@@ -700,15 +700,19 @@ int TetherController::setForwardRules(bool add, const char *intIface, const char
         return -EREMOTEIO;
     }
 
-    std::vector<std::string> v4 = {
-#ifndef IGNORES_FTP_PPTP_CONNTRACK_FAILURE
+    std::vector<std::string> v4Ftp = {
             "*raw",
-            StringPrintf("%s %s -p tcp --dport 21 -i %s -j CT --helper ftp", op,
-                         LOCAL_RAW_PREROUTING, intIface),
+            StringPrintf("%s %s -p tcp --dport 21 -i %s -j CT --helper ftp",
+                            op, LOCAL_RAW_PREROUTING, intIface),
             StringPrintf("%s %s -p tcp --dport 1723 -i %s -j CT --helper pptp", op,
                          LOCAL_RAW_PREROUTING, intIface),
             "COMMIT",
-#endif
+    };
+    if(iptablesRestoreFunction(V4, Join(v4Ftp, '\n'), nullptr) == -1) {
+            ALOGE("Failed adding iptables CT target on FTP.");
+    }
+
+    std::vector<std::string> v4 = {
             "*filter",
             StringPrintf("%s %s -i %s -o %s -m state --state ESTABLISHED,RELATED -g %s", op,
                          LOCAL_FORWARD, extIface, intIface, LOCAL_TETHER_COUNTERS_CHAIN),
-- 
2.17.1