Hello,
I'm writing to request a backport of the following commit:
2e34328b396a netfilter: nft_exthdr: fix endianness of tcp option cast
to the stable version of Linux v5.4.
This bugfix never landed to Linux v5.4: a later similar endianness
bugfix (b428336676db) instead did (see commit 666d1d1a0584).
The aforementioned commit fixes an endianness bug in the mangling of the
MSS tcp option for nftables.
This bug bites hard big-endian routers (MIPS for example) running the
PPPoE stack and nftables.
The following rule:
nft add rule ip filter forward tcp flags syn tcp option maxseg size
set rt mtu
instead of changing the MSS value the one in the routing cache, ZEROES
it, disrupting the tcp connections.
A backport would be nice because Linux v5.4 is the release used in the
upcoming stable release of OpenWRT (21.02).
I already submitted a bug-report to OpenWRT a few weeks ago but I've got
no answer yet maybe because they still use iptables as the default
netfilter tool, even if they offer nftables as an alternative.
Still I think this bug should be fixed in the stable versions of the kernel.
This way it will also come to OpenWRT when they update the kernel to the
latest minor version, even if the maintainers don't see the my bug
report is ignored.
I'd like to thank you for the attention you paid to this message even if
I probably didn't follow the right process for reporting the problem.
Regards,
Gianluca Anzolin