From 804bd939fdefe7609b4de1c2c2ba2007867e7bcd Mon Sep 17 00:00:00 2001
From: Zxilly <zxilly@outlook.com>
Date: Fri, 1 Sep 2023 19:12:42 +0800
Subject: [PATCH] fix: load nf_conntrack and ignore not tcp package

---
 openwrt/files/ua2f.init | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/openwrt/files/ua2f.init b/openwrt/files/ua2f.init
index 519c394..399da6c 100755
--- a/openwrt/files/ua2f.init
+++ b/openwrt/files/ua2f.init
@@ -36,6 +36,7 @@ setup_firewall() {
 	config_get_bool handle_mmtls "firewall" "handle_mmtls" "0"
 
 	if [ -n "$FW4" ]; then
+	  modprobe nf_conntrack
 		nft -f- <<-EOF
 			table inet ua2f {
 				set localaddr_v4 {
@@ -66,6 +67,8 @@ setup_firewall() {
 				chain prerouting {
 					type filter hook prerouting priority mangle -5; policy accept;
 
+          meta l4proto != tcp counter return comment "!ua2f: not tcp";
+
 					ip daddr @localaddr_v4 counter return;
 					ip6 daddr @localaddr_v6 counter return;