On Mon, Dec 04, 2023 at 10:43:51AM +0100, Florian Westphal wrote: > Florian Westphal <fw@xxxxxxxxx> wrote: > > Maciej Żenczykowski <zenczykowski@xxxxxxxxx> wrote: > > > FYI, I upgraded the router to OpenWrt 23.05.2 with 5.15.137 and it > > > doesn't appear to have changed anything, ie. 'tcp option fastopen > > > exists' still does not appear to match. > > > > > > Also note that I'm putting this in table inet filter postrouting like > > > below... but that shouldn't matter should it? > > > > No, this is an endianess bug, on BE the compared byte is always 0. > > We could fix this from userspace too: > > ... exists -> reg32 != 0 > ... missing -> reg32 == 0 > > currently nftables uses &boolean_type, so the > compare is for 1 byte. We could switch this to > 32 bit integer type, this way it will no longer > matter if the kernel stores the number at offset 0 or 3. This simplifies things. > Phil, Pablo, what do you think? Just make sure this does not break backward compatibility. When used from set declarations with typeof, for example.
