diff options
| author | Erik Kline <ek@google.com> | 2017-10-22 21:24:58 +0900 |
|---|---|---|
| committer | android-build-team Robot <android-build-team-robot@google.com> | 2017-10-24 06:10:55 +0000 |
| commit | db344d353df64c2f7ebdb2ec8d8b236e827fc43b (patch) | |
| tree | 2d24c746657f5ee9af2c6883090960c0e8b16ba3 | |
| parent | b5d1077933fef6cd9f61f770db73a98ed54955ff (diff) | |
| download | netd-db344d353df64c2f7ebdb2ec8d8b236e827fc43b.tar.gz | |
Set nf_conntrack_tcp_be_liberal only when tethering is enabled
Test: as follows
- built
- flashed
- booted
- manually tested with tethering enabled
- verified nf_conntrack_tcp_be_liberal == 0 when not tethering
- verified nf_conntrack_tcp_be_liberal == 1 when tethering
Bug: 67760792
Merged-In: Ib1000c71275e6c7811e4b8005413d447dd1479c4
Merged-In: I8508f7b9556d87568cac676b04d7577df1ae2d5f
Change-Id: I336439ba0760346c7c038d36d0ebdc8dc4f698f5
(cherry picked from commit 93f9b22d3675e3883ba37543663c87eb953b1025)
(cherry picked from commit 138881fdf824d245d56a802c57da25f6f4cdaec4)
| -rw-r--r-- | server/TetherController.cpp | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/server/TetherController.cpp b/server/TetherController.cpp index 1785ec71..43a20486 100644 --- a/server/TetherController.cpp +++ b/server/TetherController.cpp @@ -45,6 +45,7 @@ const char BP_TOOLS_MODE[] = "bp-tools"; const char IPV4_FORWARDING_PROC_FILE[] = "/proc/sys/net/ipv4/ip_forward"; const char IPV6_FORWARDING_PROC_FILE[] = "/proc/sys/net/ipv6/conf/all/forwarding"; const char SEPARATOR[] = "|"; +constexpr const char kTcpBeLiberal[] = "/proc/sys/net/netfilter/nf_conntrack_tcp_be_liberal"; bool writeToFile(const char* filename, const char* value) { int fd = open(filename, O_WRONLY | O_CLOEXEC); @@ -63,6 +64,11 @@ bool writeToFile(const char* filename, const char* value) { return true; } +// TODO: Consider altering TCP and UDP timeouts as well. +void configureForTethering(bool enabled) { + writeToFile(kTcpBeLiberal, enabled ? "1" : "0"); +} + bool configureForIPv6Router(const char *interface) { return (InterfaceController::setEnableIPv6(interface, 0) == 0) && (InterfaceController::setAcceptIPv6Ra(interface, 0) == 0) @@ -211,6 +217,7 @@ int TetherController::startTethering(int num_addrs, char **dhcp_ranges) { close(pipefd[0]); mDaemonPid = pid; mDaemonFd = pipefd[1]; + configureForTethering(true); applyDnsInterfaces(); ALOGD("Tethering services running"); } @@ -219,6 +226,7 @@ int TetherController::startTethering(int num_addrs, char **dhcp_ranges) { } int TetherController::stopTethering() { + configureForTethering(false); if (mDaemonPid == 0) { ALOGE("Tethering already stopped"); |