48 lines
1.8 KiB
Diff
48 lines
1.8 KiB
Diff
From 107c7e3fbff713065def6e10f11e7210929726fe Mon Sep 17 00:00:00 2001
|
|
From: Pierre-Hugues Husson <phh@phh.me>
|
|
Date: Mon, 29 Jul 2019 18:09:12 +0200
|
|
Subject: [PATCH 2/2] Don't fail on FTP conntracking failing
|
|
|
|
The issue has been seen on some Samsung devices.
|
|
See https://github.com/phhusson/treble_experimentations/issues/425
|
|
|
|
Thanks @zamrih for pin-pointing the issue and validating fix
|
|
|
|
Change-Id: I3d9c865eb5a4b421f9983210c2ceae62b4906234
|
|
---
|
|
server/TetherController.cpp | 14 +++++++++-----
|
|
1 file changed, 9 insertions(+), 5 deletions(-)
|
|
|
|
diff --git a/server/TetherController.cpp b/server/TetherController.cpp
|
|
index 64ff80b0..2fa4a0c9 100644
|
|
--- a/server/TetherController.cpp
|
|
+++ b/server/TetherController.cpp
|
|
@@ -700,15 +700,19 @@ int TetherController::setForwardRules(bool add, const char *intIface, const char
|
|
return -EREMOTEIO;
|
|
}
|
|
|
|
- std::vector<std::string> v4 = {
|
|
-#ifndef IGNORES_FTP_PPTP_CONNTRACK_FAILURE
|
|
+ std::vector<std::string> v4Ftp = {
|
|
"*raw",
|
|
- StringPrintf("%s %s -p tcp --dport 21 -i %s -j CT --helper ftp", op,
|
|
- LOCAL_RAW_PREROUTING, intIface),
|
|
+ StringPrintf("%s %s -p tcp --dport 21 -i %s -j CT --helper ftp",
|
|
+ op, LOCAL_RAW_PREROUTING, intIface),
|
|
StringPrintf("%s %s -p tcp --dport 1723 -i %s -j CT --helper pptp", op,
|
|
LOCAL_RAW_PREROUTING, intIface),
|
|
"COMMIT",
|
|
-#endif
|
|
+ };
|
|
+ if(iptablesRestoreFunction(V4, Join(v4Ftp, '\n'), nullptr) == -1) {
|
|
+ ALOGE("Failed adding iptables CT target on FTP.");
|
|
+ }
|
|
+
|
|
+ std::vector<std::string> v4 = {
|
|
"*filter",
|
|
StringPrintf("%s %s -i %s -o %s -m state --state ESTABLISHED,RELATED -g %s", op,
|
|
LOCAL_FORWARD, extIface, intIface, LOCAL_TETHER_COUNTERS_CHAIN),
|
|
--
|
|
2.17.1
|
|
|