Add costly interface rules to make forwarding in both directions
Test: as follows
- built
- flashed
- booted
- runtest -x system/netd/tests/netd_integration_test.cpp passes
- runtest -x system/netd/server/netd_unit_test.cpp passes
Bug: 65654957
Change-Id: I62dbe387aaeecb362b2bc69de8f9ce66f163d929
diff --git a/server/BandwidthController.cpp b/server/BandwidthController.cpp
index d66ccf5..1484187 100644
--- a/server/BandwidthController.cpp
+++ b/server/BandwidthController.cpp
@@ -307,6 +307,7 @@
"*filter",
StringPrintf("-I bw_INPUT %d -i %s --jump %s", ruleInsertPos, iface.c_str(), chain),
StringPrintf("-I bw_OUTPUT %d -o %s --jump %s", ruleInsertPos, iface.c_str(), chain),
+ StringPrintf("-A bw_FORWARD -i %s --jump %s", iface.c_str(), chain),
StringPrintf("-A bw_FORWARD -o %s --jump %s", iface.c_str(), chain),
};
if (mSharedQuotaIfaces.empty()) {
@@ -357,6 +358,7 @@
"*filter",
StringPrintf("-D bw_INPUT -i %s --jump %s", iface.c_str(), chain),
StringPrintf("-D bw_OUTPUT -o %s --jump %s", iface.c_str(), chain),
+ StringPrintf("-D bw_FORWARD -i %s --jump %s", iface.c_str(), chain),
StringPrintf("-D bw_FORWARD -o %s --jump %s", iface.c_str(), chain),
};
if (mSharedQuotaIfaces.size() == 1) {
@@ -425,6 +427,7 @@
chain.c_str()),
StringPrintf("-I bw_OUTPUT %d -o %s --jump %s", ruleInsertPos, iface.c_str(),
chain.c_str()),
+ StringPrintf("-A bw_FORWARD -i %s --jump %s", iface.c_str(), chain.c_str()),
StringPrintf("-A bw_FORWARD -o %s --jump %s", iface.c_str(), chain.c_str()),
StringPrintf("-A %s -m quota2 ! --quota %" PRId64 " --name %s --jump REJECT",
chain.c_str(), maxBytes, cost.c_str()),
@@ -481,6 +484,7 @@
"*filter",
StringPrintf("-D bw_INPUT -i %s --jump %s", iface.c_str(), chain.c_str()),
StringPrintf("-D bw_OUTPUT -o %s --jump %s", iface.c_str(), chain.c_str()),
+ StringPrintf("-D bw_FORWARD -i %s --jump %s", iface.c_str(), chain.c_str()),
StringPrintf("-D bw_FORWARD -o %s --jump %s", iface.c_str(), chain.c_str()),
StringPrintf("-F %s", chain.c_str()),
StringPrintf("-X %s", chain.c_str()),