50 lines
1.6 KiB
Diff
50 lines
1.6 KiB
Diff
--- a/fast-classifier.c
|
|
+++ b/fast-classifier.c
|
|
@@ -31,6 +31,7 @@
|
|
#include <net/netfilter/nf_conntrack_core.h>
|
|
#include <linux/netfilter/xt_dscp.h>
|
|
#include <net/genetlink.h>
|
|
+#include <net/pkt_sched.h>
|
|
#include <linux/spinlock.h>
|
|
#include <linux/if_bridge.h>
|
|
#include <linux/hashtable.h>
|
|
@@ -245,6 +246,16 @@
|
|
dev = master_dev;
|
|
}
|
|
|
|
+#ifdef CONFIG_NET_CLS_ACT
|
|
+ /*
|
|
+ * If ingress Qdisc configured, and packet not processed by ingress Qdisc yet
|
|
+ * We cannot accelerate this packet.
|
|
+ */
|
|
+ if (dev->ingress_queue && !skb_skip_tc_classify(skb)) {
|
|
+ goto rx_exit;
|
|
+ }
|
|
+#endif
|
|
+
|
|
/*
|
|
* We're only interested in IPv4 and IPv6 packets.
|
|
*/
|
|
@@ -1128,7 +1139,20 @@
|
|
}
|
|
dev_put(dev);
|
|
|
|
- if (!fast_classifier_find_dev_and_mac_addr(skb, &sic.dest_ip_xlate, &dest_dev_tmp, sic.dest_mac_xlate, is_v4)) {
|
|
+ /*
|
|
+ * This is a hack to work-around the issue where dest_ip & dest_ip_xlate differs, i.e. reverse NAT, which
|
|
+ * interferes with UDP port forwarding in DD-WRT. Not sure why TCP is OK, since both UDP and TCP lookup
|
|
+ * destination interface are the same. For now, we fall back to the original behaviour of the destination
|
|
+ * interface lookup if we detect that we're handling post-routed reverse NAT traffic.
|
|
+ *
|
|
+ * TODO: to improve the way destination interface is looked up.
|
|
+ */
|
|
+ if (likely(sfe_addr_equal(&sic.dest_ip_xlate, &sic.dest_ip, is_v4)))
|
|
+ tmp_skb = skb;
|
|
+ else
|
|
+ tmp_skb = NULL;
|
|
+
|
|
+ if (!fast_classifier_find_dev_and_mac_addr(tmp_skb, &sic.dest_ip_xlate, &dest_dev_tmp, sic.dest_mac_xlate, is_v4)) {
|
|
fast_classifier_incr_exceptions(FAST_CL_EXCEPTION_NO_DEST_XLATE_DEV);
|
|
goto done1;
|
|
}
|