diff options
| author | Vlad Buslov <vladbu@nvidia.com> | 2023-02-01 17:30:58 +0100 |
|---|---|---|
| committer | David S. Miller <davem@davemloft.net> | 2023-02-03 10:31:24 +0100 |
| commit | d5774cb6c55c8721c2daf57cc5e5345e3af286ea (patch) | |
| tree | 0cd0643ee3fea90f1f027befb70cf6b14b5a4758 /net/sched/act_ct.c | |
| parent | netfilter: flowtable: cache info of last offload (diff) | |
| download | linux-d5774cb6c55c8721c2daf57cc5e5345e3af286ea.tar.xz linux-d5774cb6c55c8721c2daf57cc5e5345e3af286ea.zip | |
net/sched: act_ct: set ctinfo in meta action depending on ct state
Currently tcf_ct_flow_table_fill_actions() function assumes that only
established connections can be offloaded and always sets ctinfo to either
IP_CT_ESTABLISHED or IP_CT_ESTABLISHED_REPLY strictly based on direction
without checking actual connection state. To enable UDP NEW connection
offload set the ctinfo, metadata cookie and NF_FLOW_HW_ESTABLISHED
flow_offload flags bit based on ct->status value.
Signed-off-by: Vlad Buslov <vladbu@nvidia.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to '')
| -rw-r--r-- | net/sched/act_ct.c | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/net/sched/act_ct.c b/net/sched/act_ct.c index b9d3e338f72d..2cee3f9f83de 100644 --- a/net/sched/act_ct.c +++ b/net/sched/act_ct.c @@ -249,8 +249,10 @@ static int tcf_ct_flow_table_fill_actions(struct net *net, switch (tdir) { case FLOW_OFFLOAD_DIR_ORIGINAL: dir = IP_CT_DIR_ORIGINAL; - ctinfo = IP_CT_ESTABLISHED; - set_bit(NF_FLOW_HW_ESTABLISHED, &flow->flags); + ctinfo = test_bit(IPS_SEEN_REPLY_BIT, &ct->status) ? + IP_CT_ESTABLISHED : IP_CT_NEW; + if (ctinfo == IP_CT_ESTABLISHED) + set_bit(NF_FLOW_HW_ESTABLISHED, &flow->flags); break; case FLOW_OFFLOAD_DIR_REPLY: dir = IP_CT_DIR_REPLY; |