Set nf_conntrack_tcp_be_liberal only when tethering is enabled

Test: as follows
    - built
    - flashed
    - booted
    - manually tested with tethering enabled
      - verified nf_conntrack_tcp_be_liberal == 0 when not tethering
      - verified nf_conntrack_tcp_be_liberal == 1 when tethering
Bug: 67760792
Change-Id: I336439ba0760346c7c038d36d0ebdc8dc4f698f5

1 files changed, 8 insertions, 0 deletions

diff --git a/server/TetherController.cpp b/server/TetherController.cpp
index baf477af..a60024ea 100644
--- a/server/TetherController.cpp
+++ b/server/TetherController.cpp
@@ -56,6 +56,7 @@ const char BP_TOOLS_MODE[] = "bp-tools";
 const char IPV4_FORWARDING_PROC_FILE[] = "/proc/sys/net/ipv4/ip_forward";
 const char IPV6_FORWARDING_PROC_FILE[] = "/proc/sys/net/ipv6/conf/all/forwarding";
 const char SEPARATOR[] = "|";
+constexpr const char kTcpBeLiberal[] = "/proc/sys/net/netfilter/nf_conntrack_tcp_be_liberal";
 
 bool writeToFile(const char* filename, const char* value) {
     int fd = open(filename, O_WRONLY | O_CLOEXEC);
@@ -74,6 +75,11 @@ bool writeToFile(const char* filename, const char* value) {
     return true;
 }
 
+// TODO: Consider altering TCP and UDP timeouts as well.
+void configureForTethering(bool enabled) {
+    writeToFile(kTcpBeLiberal, enabled ? "1" : "0");
+}
+
 bool configureForIPv6Router(const char *interface) {
     return (InterfaceController::setEnableIPv6(interface, 0) == 0)
             && (InterfaceController::setAcceptIPv6Ra(interface, 0) == 0)
@@ -232,6 +238,7 @@ int TetherController::startTethering(int num_addrs, char **dhcp_ranges) {
         close(pipefd[0]);
         mDaemonPid = pid;
         mDaemonFd = pipefd[1];
+        configureForTethering(true);
         applyDnsInterfaces();
         ALOGD("Tethering services running");
     }
@@ -240,6 +247,7 @@ int TetherController::startTethering(int num_addrs, char **dhcp_ranges) {
 }
 
 int TetherController::stopTethering() {
+    configureForTethering(false);
 
     if (mDaemonPid == 0) {
         ALOGE("Tethering already stopped");