Set nf_conntrack_tcp_be_liberal only when tethering is enabled
Test: as follows
- built
- flashed
- booted
- manually tested with tethering enabled
- verified nf_conntrack_tcp_be_liberal == 0 when not tethering
- verified nf_conntrack_tcp_be_liberal == 1 when tethering
Bug: 67760792
Change-Id: I336439ba0760346c7c038d36d0ebdc8dc4f698f5
diff --git a/server/TetherController.cpp b/server/TetherController.cpp
index baf477a..a60024e 100644
--- a/server/TetherController.cpp
+++ b/server/TetherController.cpp
@@ -56,6 +56,7 @@
const char IPV4_FORWARDING_PROC_FILE[] = "/proc/sys/net/ipv4/ip_forward";
const char IPV6_FORWARDING_PROC_FILE[] = "/proc/sys/net/ipv6/conf/all/forwarding";
const char SEPARATOR[] = "|";
+constexpr const char kTcpBeLiberal[] = "/proc/sys/net/netfilter/nf_conntrack_tcp_be_liberal";
bool writeToFile(const char* filename, const char* value) {
int fd = open(filename, O_WRONLY | O_CLOEXEC);
@@ -74,6 +75,11 @@
return true;
}
+// TODO: Consider altering TCP and UDP timeouts as well.
+void configureForTethering(bool enabled) {
+ writeToFile(kTcpBeLiberal, enabled ? "1" : "0");
+}
+
bool configureForIPv6Router(const char *interface) {
return (InterfaceController::setEnableIPv6(interface, 0) == 0)
&& (InterfaceController::setAcceptIPv6Ra(interface, 0) == 0)
@@ -232,6 +238,7 @@
close(pipefd[0]);
mDaemonPid = pid;
mDaemonFd = pipefd[1];
+ configureForTethering(true);
applyDnsInterfaces();
ALOGD("Tethering services running");
}
@@ -240,6 +247,7 @@
}
int TetherController::stopTethering() {
+ configureForTethering(false);
if (mDaemonPid == 0) {
ALOGE("Tethering already stopped");