fix: load nf_conntrack and ignore not tcp package

openwrt/files/ua2f.init

@@ -36,6 +36,7 @@ setup_firewall() {
 	config_get_bool handle_mmtls "firewall" "handle_mmtls" "0"
 
 	if [ -n "$FW4" ]; then
+	  modprobe nf_conntrack
 		nft -f- <<-EOF
 			table inet ua2f {
 				set localaddr_v4 {
@@ -66,6 +67,8 @@ setup_firewall() {
 				chain prerouting {
 					type filter hook prerouting priority mangle -5; policy accept;
 
+          meta l4proto != tcp counter return comment "!ua2f: not tcp";
+
 					ip daddr @localaddr_v4 counter return;
 					ip6 daddr @localaddr_v6 counter return;