diff options
author | Etan Kissling <etan_kissling@apple.com> | 2021-01-13 00:54:08 +0100 |
---|---|---|
committer | Daniel Golle <daniel@makrotopia.org> | 2021-01-14 00:52:49 +0000 |
commit | 39add246c1e18afc1fe026b5f359a3acf8082279 (patch) | |
tree | 26f959f82e55407516f2ac3add16da94a5d75e75 | |
parent | 9afbf33b60a322d1d77fdaf50a4a33d82f2ba323 (diff) | |
download | upstream-39add246c1e18afc1fe026b5f359a3acf8082279.tar.gz upstream-39add246c1e18afc1fe026b5f359a3acf8082279.tar.bz2 upstream-39add246c1e18afc1fe026b5f359a3acf8082279.zip |
nf-conntrack: allow querying conntrack info in nfqueue
This allows libnetfilter_queue to access connection tracking information
by requesting NFQA_CFG_F_CONNTRACK. Connection tracking information is
provided in the NFQA_CT attribute.
CONFIG_NETFILTER_NETLINK_GLUE_CT enables the interaction between
nf_queue and nf_conntrack_netlink. Without this option, trying to access
connection tracking information results in "Operation not supported".
Signed-off-by: Etan Kissling <etan_kissling@apple.com>
-rw-r--r-- | package/kernel/linux/modules/netfilter.mk | 2 | ||||
-rw-r--r-- | target/linux/generic/config-5.4 | 1 |
2 files changed, 2 insertions, 1 deletions
diff --git a/package/kernel/linux/modules/netfilter.mk b/package/kernel/linux/modules/netfilter.mk index aacf5948b1..b46fcebc08 100644 --- a/package/kernel/linux/modules/netfilter.mk +++ b/package/kernel/linux/modules/netfilter.mk @@ -1002,7 +1002,7 @@ $(eval $(call KernelPackage,nfnetlink-queue)) define KernelPackage/nf-conntrack-netlink TITLE:=Connection tracking netlink interface FILES:=$(LINUX_DIR)/net/netfilter/nf_conntrack_netlink.ko - KCONFIG:=CONFIG_NF_CT_NETLINK CONFIG_NF_CONNTRACK_EVENTS=y + KCONFIG:=CONFIG_NF_CT_NETLINK CONFIG_NF_CONNTRACK_EVENTS=y CONFIG_NETFILTER_NETLINK_GLUE_CT=y AUTOLOAD:=$(call AutoProbe,nf_conntrack_netlink) $(call AddDepends/nfnetlink,+kmod-ipt-conntrack) endef diff --git a/target/linux/generic/config-5.4 b/target/linux/generic/config-5.4 index 9006c63ecf..15d235fea5 100644 --- a/target/linux/generic/config-5.4 +++ b/target/linux/generic/config-5.4 @@ -3672,6 +3672,7 @@ CONFIG_NF_CONNTRACK_PROCFS=y # CONFIG_NF_CONNTRACK_ZONES is not set # CONFIG_NF_CT_NETLINK is not set # CONFIG_NF_CT_NETLINK_TIMEOUT is not set +# CONFIG_NF_CT_NETLINK_HELPER is not set # CONFIG_NF_CT_PROTO_DCCP is not set # CONFIG_NF_CT_PROTO_GRE is not set # CONFIG_NF_CT_PROTO_SCTP is not set |