Looking at the code it seems that bridge case is supported. Hooks are registered for
NF_BR_POST_ROUTING so there are two chances for a given skb to get an HW NAT entry - in
NF_INET_POST_ROUTING or in
NF_BR_POST_ROUTING. If I get the logic correctly it means that mtk hwnat is only able to accelerate SNAT cases which should be enough as this is the most popular case.
Looking at the code I’d say that there are 4096 entries in HW NAT table but it does not necessarily means that your connections would always end up in hwnat table. Entry index is determined by an skb hash so if your connection happens to have the same hash as some other connection that was already bound into hwnat - new connection won’t be handled by hwnat. Then it looks like there’s a rate detection algo in place and connection rate should be big enough to pass over the threshold and be bound into hwnat entry. Take this with a grain of salt as my understanding of the mtk hwnat code is “ad hoc” - spent about an hour looking at the patch trying to understand what’s going on in there.