From 47bb5874f29a2db028b159e169954f29e83faa21 Mon Sep 17 00:00:00 2001
From: SunBK201 <sunbk201gm@gmail.com>
Date: Sat, 13 Dec 2025 16:08:24 +0800
Subject: [PATCH] fix: revert ih rule

---
 src/internal/server/desync/nftables.go | 39 ++++++++------------------
 1 file changed, 12 insertions(+), 27 deletions(-)

diff --git a/src/internal/server/desync/nftables.go b/src/internal/server/desync/nftables.go
index d19d67a..8222468 100644
--- a/src/internal/server/desync/nftables.go
+++ b/src/internal/server/desync/nftables.go
@@ -57,31 +57,16 @@ func (s *Server) NftSetDesync(tx *knftables.Transaction, table *knftables.Table)
 		Rule:  netfilter.NftRuleIgnorePorts,
 	})
 
-	if netfilter.NftIHAvailable() {
-		tx.Add(&knftables.Rule{
-			Chain: chain.Name,
-			Rule: knftables.Concat(
-				"meta l4proto tcp",
-				"ct state established",
-				"ct direction original",
-				"@ih,0,8 & 0 == 0",
-				fmt.Sprintf("ct bytes < %d", s.CtByte),
-				fmt.Sprintf("ct packets < %d", s.CtPackets),
-				fmt.Sprintf("counter queue num %d bypass", s.nfqServer.QueueNum),
-			),
-		})
-	} else {
-		tx.Add(&knftables.Rule{
-			Chain: chain.Name,
-			Rule: knftables.Concat(
-				"meta l4proto tcp",
-				"ct state established",
-				"ct direction original",
-				"ip length > 41",
-				fmt.Sprintf("ct bytes < %d", s.CtByte),
-				fmt.Sprintf("ct packets < %d", s.CtPackets),
-				fmt.Sprintf("counter queue num %d bypass", s.nfqServer.QueueNum),
-			),
-		})
-	}
+	tx.Add(&knftables.Rule{
+		Chain: chain.Name,
+		Rule: knftables.Concat(
+			"meta l4proto tcp",
+			"ct state established",
+			"ct direction original",
+			"ip length > 41",
+			fmt.Sprintf("ct bytes < %d", s.CtByte),
+			fmt.Sprintf("ct packets < %d", s.CtPackets),
+			fmt.Sprintf("counter queue num %d bypass", s.nfqServer.QueueNum),
+		),
+	})
 }