Add costly interface rules to make forwarding in both directions
Test: as follows
- built
- flashed
- booted
- runtest -x system/netd/tests/netd_integration_test.cpp passes
- runtest -x system/netd/server/netd_unit_test.cpp passes
Bug: 65654957
Change-Id: I62dbe387aaeecb362b2bc69de8f9ce66f163d929
diff --git a/server/BandwidthControllerTest.cpp b/server/BandwidthControllerTest.cpp
index e62f340..7a960e8 100644
--- a/server/BandwidthControllerTest.cpp
+++ b/server/BandwidthControllerTest.cpp
@@ -235,6 +235,7 @@
StringPrintf("-A %s -j bw_penalty_box", c_chain),
StringPrintf("-I bw_INPUT %d -i %s --jump %s", ruleIndex, c_iface, c_chain),
StringPrintf("-I bw_OUTPUT %d -o %s --jump %s", ruleIndex, c_iface, c_chain),
+ StringPrintf("-A bw_FORWARD -i %s --jump %s", c_iface, c_chain),
StringPrintf("-A bw_FORWARD -o %s --jump %s", c_iface, c_chain),
StringPrintf("-A %s -m quota2 ! --quota %" PRIu64 " --name %s --jump REJECT", c_chain,
quota, c_iface),
@@ -251,6 +252,7 @@
"*filter",
StringPrintf("-D bw_INPUT -i %s --jump %s", c_iface, c_chain),
StringPrintf("-D bw_OUTPUT -o %s --jump %s", c_iface, c_chain),
+ StringPrintf("-D bw_FORWARD -i %s --jump %s", c_iface, c_chain),
StringPrintf("-D bw_FORWARD -o %s --jump %s", c_iface, c_chain),
StringPrintf("-F %s", c_chain),
StringPrintf("-X %s", c_chain),
@@ -288,6 +290,7 @@
"*filter",
StringPrintf("-I bw_INPUT %d -i %s --jump %s", ruleIndex, c_iface, c_chain),
StringPrintf("-I bw_OUTPUT %d -o %s --jump %s", ruleIndex, c_iface, c_chain),
+ StringPrintf("-A bw_FORWARD -i %s --jump %s", c_iface, c_chain),
StringPrintf("-A bw_FORWARD -o %s --jump %s", c_iface, c_chain),
};
if (insertQuota) {
@@ -307,6 +310,7 @@
"*filter",
StringPrintf("-D bw_INPUT -i %s --jump %s", c_iface, c_chain),
StringPrintf("-D bw_OUTPUT -o %s --jump %s", c_iface, c_chain),
+ StringPrintf("-D bw_FORWARD -i %s --jump %s", c_iface, c_chain),
StringPrintf("-D bw_FORWARD -o %s --jump %s", c_iface, c_chain),
};
if (deleteQuota) {