hardware offload: be closer to fw4 in interface names

nfqws: fix unitialized use of host buffer (udp)
2025-04-20 22:12:58 +03:00 · 2025-04-20 11:26:07 +03:00 · 2025-04-20 11:24:55 +03:00 · 2025-04-20 08:49:50 +03:00
3 changed files with 19 additions and 5 deletions
--- a/common/linux_iphelper.sh
+++ b/common/linux_iphelper.sh
@ -111,6 +111,14 @@ unprepare_route_localnet()
 	set_route_localnet 0 "$@"
 }
 get_uevent_devtype()
 {
 	local DEVTYPE INTERFACE IFINDEX OF_NAME OF_FULLNAME OF_COMPATIBLE_N
 	[ -f "/sys/class/net/$1/uevent" ] && {
 		. "/sys/class/net/$1/uevent"
 		echo -n $DEVTYPE
 	}
 }
 resolve_lower_devices()
 {
 	# $1 - bridge interface name
--- a/common/nft.sh
+++ b/common/nft.sh
@ -320,7 +320,7 @@ nft_fill_ifsets()
 	# $5 - space separated wan physical interface names (optional)
 	# $6 - space separated wan6 physical interface names (optional)
-	local script i j ALLDEVS devs
+	local script i j ALLDEVS devs b
 	# if large sets exist nft works very ineffectively
 	# looks like it analyzes the whole table blob to find required data pieces
@ -348,15 +348,18 @@ flush set inet $ZAPRET_NFT_TABLE lanif"
 			nft_create_or_update_flowtable 'offload' 2>/dev/null
 			# then add elements. some of them can cause error because unsupported
 			for i in $ALLDEVS; do
 				# first try to add interface itself
 				nft_create_or_update_flowtable 'offload' $i 2>/dev/null
 				# bridge members must be added instead of the bridge itself
 				# some members may not support hw offload. example : lan1 lan2 lan3 support, wlan0 wlan1 - not
 				b=
 				devs=$(resolve_lower_devices $i)
 				for j in $devs; do
 					# do not display error if addition failed
-					nft_create_or_update_flowtable 'offload' $j 2>/dev/null
+					nft_create_or_update_flowtable 'offload' $j && b=1 2>/dev/null
 				done
 				[ -n "$b" ] || {
 					# no lower devices added ? try to add interface itself
 					nft_create_or_update_flowtable 'offload' $i 2>/dev/null
 				}
 			done
 			;;
 	esac
--- a/nfq/desync.c
+++ b/nfq/desync.c
@ -2235,7 +2235,10 @@ static uint8_t dpi_desync_udp_packet_play(bool replay, size_t reasm_offset, uint
 		{
 			struct desync_profile *dp_prev = dp;
-			dp = dp_find(&params.desync_profiles, IPPROTO_UDP, (struct sockaddr *)&dst, ctrack_replay ? ctrack_replay->hostname : host, ctrack_replay ? ctrack_replay->l7proto : l7proto, &bCheckDone, &bCheckResult, &bCheckExcluded);
+			dp = dp_find(&params.desync_profiles, IPPROTO_UDP, (struct sockaddr *)&dst,
 				ctrack_replay ? ctrack_replay->hostname : bHaveHost ? host : NULL,
 				ctrack_replay ? ctrack_replay->l7proto : l7proto,
 				&bCheckDone, &bCheckResult, &bCheckExcluded);
 			if (ctrack_replay)
 			{
 				ctrack_replay->dp = dp;
Author	SHA1	Message	Date
bol-van	8fce75daa4	hardware offload: be closer to fw4 in interface names	2025-04-20 11:26:07 +03:00
bol-van	c1e2e56576	hardware offload: be closer to fw4 in interface names	2025-04-20 11:24:55 +03:00
bol-van	e16ec69922	nfqws: fix unitialized use of host buffer (udp)	2025-04-20 08:49:50 +03:00