I have a GL-AR750S SLATE router running OpenWRT. I am trying to send all TCP packets on a specific port to a userspace application using iptables and netfilter queue. I set up a TCP socket between my local machine (connected wirelessly to the router) and a remote host, but after a certain number of packet transmissions, iptables stops capturing packets. When filtering packets into the userspace application I use the rules:
iptables -I FORWARD -p tcp --sport <port-num> -j NFQUEUE
iptables -I FORWARD -p tcp --dport <port-num> -j NFQUEUE
The userspace application prints each packet when it is received. When the number of packets equals 65 on the destination port and 66 on the source port, the application stops printing and stops receiving packets from iptables altogether. I changed the iptables target to simply ACCEPT the packets, and the problem still exists. After 131 packet transmissions in both directions combined (including ACKs and the initial connection), iptables stops counting packets for that connection. The rules I'm using to track these packets are:
iptables -I FORWARD -p tcp --sport <port-num> -j ACCEPT
iptables -I FORWARD -p tcp --dport <port-num> -j ACCEPT
With a basic TCP chat application, the rules will reach 65 packets and 66 packets respectively. The socket continues to work perfectly fine after iptables stops counting packets. A new socket connection will get captured by iptables for another 131 packets. The payload size and transmission rate don't change the outcome. Could this be an issue specific to OpenWRT or the kernel version on the router? The issue occurs with UDP packets as well, so I know it isn't an issue with the protocol. I replicated the setup on a Raspberry Pi and iptables on the Pi didn't have the issue - all packets were counted well into the thousands.
Why would iptables on OpenWRT have a packet limit?