fseek:

The problem manifested itself on a TP-Link Archer C7:

• mips_24kc BIG-ENDIAN architecture
• the latest git version of openwrt-21.02 (a205de5)
• Linux kernel 5.4.132
• nftables 0.9.6
• when using PPPoE over a tagged VLAN.

The PPPoE headers take away 8 bytes of space from the 1500 bytes of ethernet packets, therefore the advertised tcpmss should be reduced accordingly from 1460 to 1452 bytes.

With nftables the documented way to clamp the tcp maximum segment size is with the following command:

nft add rule ip filter forward tcp flags syn tcp option maxseg size set 1452

or alternatively:

nft add rule ip filter forward tcp flags syn tcp option maxseg size set rt mtu

Unfortunately these rules don't work as intended on big-endian architectures because of a byte-swapping bug in the kernel that mangles the mss to 0, disrupting the tcp connections.

This kernel bug is fixed since linux v5.7 but apparently the [[https://github.com/torvalds/linux/commit/2e34328b396a69b73661ba38d47d92b7cf21c2c4|fix 2e34328b396a]] was never backported to v5.4

I've personally patched and tested the fix on my device and verified that it works, and I'm now carrying the patch in my personal git repo.

Given that nftables is not a first-class citizen of OpenWRT yet I assigned this bug-report a low priority, nonetheless it would be nice if it's fixed.