Allow connectivity-critical packets in data saver mode.
This makes IPv6 work on metered wifi networks. Without this:
1. We reject incoming RAs, so we lose connectivity when the RA
parameters expire.
2. We reject incoming NAs, so we get NUD failures.
Bug: 66015813
Test: angler builds, boots
Test: netd_{unit,integration}_test pass
Test: CtsHostsideNetworkTests tests pass
Change-Id: I033040ef0b91c22035e29c636123cd41ab1967ec
diff --git a/server/BandwidthControllerTest.cpp b/server/BandwidthControllerTest.cpp
index 7a960e8..027e90b 100644
--- a/server/BandwidthControllerTest.cpp
+++ b/server/BandwidthControllerTest.cpp
@@ -208,20 +208,38 @@
TEST_F(BandwidthControllerTest, TestEnableDataSaver) {
mBw.enableDataSaver(true);
- std::vector<std::string> expected = {
+ std::string expected4 =
"*filter\n"
- "-R bw_data_saver 1 --jump REJECT\n"
- "COMMIT\n"
- };
- expectIptablesRestoreCommands(expected);
+ ":bw_data_saver -\n"
+ "-A bw_data_saver --jump REJECT\n"
+ "COMMIT\n";
+ std::string expected6 =
+ "*filter\n"
+ ":bw_data_saver -\n"
+ "-A bw_data_saver -p icmpv6 --icmpv6-type packet-too-big -j RETURN\n"
+ "-A bw_data_saver -p icmpv6 --icmpv6-type router-solicitation -j RETURN\n"
+ "-A bw_data_saver -p icmpv6 --icmpv6-type router-advertisement -j RETURN\n"
+ "-A bw_data_saver -p icmpv6 --icmpv6-type neighbour-solicitation -j RETURN\n"
+ "-A bw_data_saver -p icmpv6 --icmpv6-type neighbour-advertisement -j RETURN\n"
+ "-A bw_data_saver -p icmpv6 --icmpv6-type redirect -j RETURN\n"
+ "-A bw_data_saver --jump REJECT\n"
+ "COMMIT\n";
+ expectIptablesRestoreCommands({
+ {V4, expected4},
+ {V6, expected6},
+ });
mBw.enableDataSaver(false);
- expected = {
+ std::string expected = {
"*filter\n"
- "-R bw_data_saver 1 --jump RETURN\n"
+ ":bw_data_saver -\n"
+ "-A bw_data_saver --jump RETURN\n"
"COMMIT\n"
};
- expectIptablesRestoreCommands(expected);
+ expectIptablesRestoreCommands({
+ {V4, expected},
+ {V6, expected},
+ });
}
const std::vector<std::string> makeInterfaceQuotaCommands(const std::string& iface, int ruleIndex,