From df23cb365a105b28a5b8ed1c76304a2ec36e29f5 Mon Sep 17 00:00:00 2001 From: bol-van Date: Wed, 15 Dec 2021 12:59:04 +0300 Subject: [PATCH] readme.eng : mediatek badsum limitation --- docs/readme.eng.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/docs/readme.eng.md b/docs/readme.eng.md index 2e19530..540c1aa 100644 --- a/docs/readme.eng.md +++ b/docs/readme.eng.md @@ -182,6 +182,9 @@ add tcp option **MD5 signature**. All of them have their own disadvantages : System never verifies checksums of locally generated packets so nfqws will always work on the router itself. If you are behind another NAT, such as a ISP, and it does not pass invalid packages, there is nothing you can do about it. But usually ISPs pass badsum. + Some adapters/switches/drivers enable hardware filtering of rx badsum not allowing it to pass to the OS. + This behavior was observed on a Mediatek MT7621 based device. + Tried to modify mediatek ethernet driver with no luck, likely hardware enforced limitation. * badsum doesn't work if your device is behind NAT which does not pass invalid packets. Linux NAT by default does not pass them without special setting `sysctl -w net.netfilter.nf_conntrack_checksum=0` Openwrt sets it from the box, other routers in most cases don't, and its not always possible to change it.