aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorRafał Miłecki <rafal@milecki.pl>2023-02-09 13:29:37 +0100
committerRafał Miłecki <rafal@milecki.pl>2023-02-15 14:28:08 +0100
commit3c66ac7e22a385eefe84c0e1deef26a12bcf9fc6 (patch)
tree36b904f6bb28e460b51a6556956b62caff1e2cb9
parent6e555ac3ad260fe35f17e770277cf02d211a25d5 (diff)
downloadupstream-3c66ac7e22a385eefe84c0e1deef26a12bcf9fc6.tar.gz
upstream-3c66ac7e22a385eefe84c0e1deef26a12bcf9fc6.tar.bz2
upstream-3c66ac7e22a385eefe84c0e1deef26a12bcf9fc6.zip
iptables: iptables-mod-conntrack-extra: don't select kmod-ipt-raw
Package kmod-ipt-raw enables CONFIG_IP_NF_RAW and packages iptable_raw.ko According to kernel's net/netfilter/Kconfig there are only 3 kernel symbols that depend on the IP_NF_RAW: 1. NETFILTER_XT_TARGET_CT (xt_CT.ko) 2. NETFILTER_XT_TARGET_NOTRACK (unused symbol?!) 3. NETFILTER_XT_TARGET_TRACE (xt_TRACE.ko) Now: iptables-mod-conntrack-extra selects kmod-ipt-conntrack-extra which provides: xt_helper.ko nf_conncount.ko xt_connlimit.ko xt_connmark.ko xt_recent.ko and xt_connbytes.ko (none of them seems to require iptable_raw.ko). It seems there is no explicit reason for iptables-mod-conntrack-extra to require kmod-ipt-raw (iptables_raw.ko). Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
-rw-r--r--package/network/utils/iptables/Makefile2
1 files changed, 1 insertions, 1 deletions
diff --git a/package/network/utils/iptables/Makefile b/package/network/utils/iptables/Makefile
index dc57bb55d0..e96cfa0b16 100644
--- a/package/network/utils/iptables/Makefile
+++ b/package/network/utils/iptables/Makefile
@@ -150,7 +150,7 @@ Extra iptables nftables nft binaries.
endef
define Package/iptables-mod-conntrack-extra
-$(call Package/iptables/Module, +kmod-ipt-conntrack-extra +kmod-ipt-raw)
+$(call Package/iptables/Module, +kmod-ipt-conntrack-extra)
TITLE:=Extra connection tracking extensions
endef