From 31681f0878b193e2ad589f165e3c060e8fcc4c7b Mon Sep 17 00:00:00 2001 From: Felix Fietkau Date: Thu, 19 Mar 2015 11:58:17 +0000 Subject: [PATCH] ipset: use in-tree kernel modules to fix crash issues Signed-off-by: Felix Fietkau SVN-Revision: 44883 --- package/kernel/linux/modules/netfilter.mk | 48 +++++++++++++++++++++++ package/network/utils/ipset/Makefile | 26 ------------ 2 files changed, 48 insertions(+), 26 deletions(-) diff --git a/package/kernel/linux/modules/netfilter.mk b/package/kernel/linux/modules/netfilter.mk index 2cb769dead..8dfb1a321b 100644 --- a/package/kernel/linux/modules/netfilter.mk +++ b/package/kernel/linux/modules/netfilter.mk @@ -223,6 +223,54 @@ endef $(eval $(call KernelPackage,ipt-ipsec)) +IPSET_MODULES:= \ + ipset/ip_set \ + ipset/ip_set_bitmap_ip \ + ipset/ip_set_bitmap_ipmac \ + ipset/ip_set_bitmap_port \ + ipset/ip_set_hash_ip \ + ipset/ip_set_hash_ipmark \ + ipset/ip_set_hash_ipport \ + ipset/ip_set_hash_ipportip \ + ipset/ip_set_hash_ipportnet \ + ipset/ip_set_hash_mac \ + ipset/ip_set_hash_netportnet \ + ipset/ip_set_hash_net \ + ipset/ip_set_hash_netnet \ + ipset/ip_set_hash_netport \ + ipset/ip_set_hash_netiface \ + ipset/ip_set_list_set \ + xt_set + +define KernelPackage/ipt-ipset + SUBMENU:=Netfilter Extensions + TITLE:=IPset netfilter modules + DEPENDS+= +kmod-ipt-core +kmod-nfnetlink + KCONFIG:= \ + CONFIG_IP_SET \ + CONFIG_IP_SET_MAX=256 \ + CONFIG_NETFILTER_XT_SET \ + CONFIG_IP_SET_BITMAP_IP \ + CONFIG_IP_SET_BITMAP_IPMAC \ + CONFIG_IP_SET_BITMAP_PORT \ + CONFIG_IP_SET_HASH_IP \ + CONFIG_IP_SET_HASH_IPMARK \ + CONFIG_IP_SET_HASH_IPPORT \ + CONFIG_IP_SET_HASH_IPPORTIP \ + CONFIG_IP_SET_HASH_IPPORTNET \ + CONFIG_IP_SET_HASH_MAC \ + CONFIG_IP_SET_HASH_NET \ + CONFIG_IP_SET_HASH_NETNET \ + CONFIG_IP_SET_HASH_NETIFACE \ + CONFIG_IP_SET_HASH_NETPORT \ + CONFIG_IP_SET_HASH_NETPORTNET \ + CONFIG_IP_SET_LIST_SET \ + CONFIG_NET_EMATCH_IPSET=n + FILES:=$(foreach mod,$(IPSET_MODULES),$(LINUX_DIR)/net/netfilter/$(mod).ko) + AUTOLOAD:=$(call AutoLoad,49,$(notdir $(IPSET_MODULES))) +endef +$(eval $(call KernelPackage,ipt-ipset)) + define KernelPackage/ipt-nat TITLE:=Basic NAT targets diff --git a/package/network/utils/ipset/Makefile b/package/network/utils/ipset/Makefile index 14a47afbec..f1c50a90da 100644 --- a/package/network/utils/ipset/Makefile +++ b/package/network/utils/ipset/Makefile @@ -39,25 +39,8 @@ MAKE_FLAGS += \ ARCH="$(LINUX_KARCH)" \ SHELL="$(BASH)" -IPSET_MODULES:= \ - ipset/ip_set \ - ipset/ip_set_bitmap_ip \ - ipset/ip_set_bitmap_ipmac \ - ipset/ip_set_bitmap_port \ - ipset/ip_set_hash_ip \ - ipset/ip_set_hash_ipmark \ - ipset/ip_set_hash_ipport \ - ipset/ip_set_hash_ipportip \ - ipset/ip_set_hash_ipportnet \ - ipset/ip_set_hash_net \ - ipset/ip_set_hash_netiface \ - ipset/ip_set_hash_netport \ - ipset/ip_set_list_set \ - xt_set \ - define Build/Compile $(call Build/Compile/Default) - $(call Build/Compile/Default,modules) endef define Package/ipset/install @@ -67,13 +50,4 @@ define Package/ipset/install $(CP) $(PKG_INSTALL_DIR)/usr/lib/libipset*.so* $(1)/usr/lib/ endef -define KernelPackage/ipt-ipset - SUBMENU:=Netfilter Extensions - TITLE:=IPset netfilter modules - DEPENDS+= +kmod-ipt-core +kmod-nfnetlink - FILES:=$(foreach mod,$(IPSET_MODULES),$(PKG_BUILD_DIR)/kernel/net/netfilter/$(mod).ko) - AUTOLOAD:=$(call AutoLoad,49,$(notdir $(IPSET_MODULES))) -endef - $(eval $(call BuildPackage,ipset)) -$(eval $(call KernelPackage,ipt-ipset)) -- 2.25.1