octeon: disable edgerouter image

[openwrt/openwrt.git] / target / linux / generic / pending-4.19 / 613-netfilter_optional_tcp_window_check.patch

diff --git a/target/linux/generic/pending-4.19/613-netfilter_optional_tcp_window_check.patch b/target/linux/generic/pending-4.19/613-netfilter_optional_tcp_window_check.patch
index f9613a1ff63bb61805c78493ad7905da3e56523e..634218dfc318bf2fb4c0907e1b6f639d0684a9b2 100644 (file)
--- a/target/linux/generic/pending-4.19/613-netfilter_optional_tcp_window_check.patch
+++ b/target/linux/generic/pending-4.19/613-netfilter_optional_tcp_window_check.patch
@@ -18,7 +18,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
  /* "Be conservative in what you do,
      be liberal in what you accept from others."
      If it's non-zero, we mark only out of window RST segments as INVALID. */
-@@ -483,6 +486,9 @@ static bool tcp_in_window(const struct n
+@@ -484,6 +487,9 @@ static bool tcp_in_window(const struct n
        s32 receiver_offset;
        bool res, in_recv_win;
  
@@ -28,7 +28,16 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
        /*
         * Get the required data from the packet.
         */
-@@ -1476,6 +1482,13 @@ static struct ctl_table tcp_sysctl_table
+@@ -1059,7 +1065,7 @@ static int tcp_packet(struct nf_conn *ct
+                IP_CT_TCP_FLAG_DATA_UNACKNOWLEDGED &&
+                timeouts[new_state] > timeouts[TCP_CONNTRACK_UNACK])
+               timeout = timeouts[TCP_CONNTRACK_UNACK];
+-      else if (ct->proto.tcp.last_win == 0 &&
++      else if (!nf_ct_tcp_no_window_check && ct->proto.tcp.last_win == 0 &&
+                timeouts[new_state] > timeouts[TCP_CONNTRACK_RETRANS])
+               timeout = timeouts[TCP_CONNTRACK_RETRANS];
+       else
+@@ -1508,6 +1514,13 @@ static struct ctl_table tcp_sysctl_table
                .mode           = 0644,
                .proc_handler   = proc_dointvec,
        },