nils/gluon
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

gluon-core: build in xt_CT with GLUON_SPECIALIZE_KERNEL

Browse Source 
xt_CT was added to kmod-ipt-conntrack a while back. Update our
GLUON_SPECIALIZE_KERNEL rules accordingly.

When building xt_CT into the kernel, one of the symbols IP_NF_RAW and
IP6_NF_RAW must be enabled as well, even though there is no runtime
dependency when building as modules. The kernel grows by less than 1KB
even when both IP_NF_RAW and NETFILTER_XT_TARGET_CT are enabled, making
this change a (very slight) net win in both flash and RAM usage.
This commit is contained in:
Matthias Schiffer 2020-05-27 21:56:02 +02:00 committed by David Bauer
parent 7e8af99cf5
commit fcc6877c8b
1 changed files with 11 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
package/gluon-core/Config.in
View File

@ -279,6 +279,16 @@ config KERNEL_NETFILTER_XT_MATCH_CONNTRACK
select KERNEL_NETFILTER_XTABLES
select KERNEL_NF_CONNTRACK
config KERNEL_IP_NF_RAW
bool
select KERNEL_IP_NF_IPTABLES
config KERNEL_NETFILTER_XT_TARGET_CT
bool
select KERNEL_NETFILTER_XTABLES
select KERNEL_NF_CONNTRACK
select KERNEL_IP_NF_RAW
# kmod-ipt-nat
@ -344,6 +354,7 @@ config GLUON_SPECIALIZE_KERNEL
select KERNEL_NETFILTER_XT_TARGET_TCPMSS
select KERNEL_NETFILTER_XT_MATCH_STATE
select KERNEL_NETFILTER_XT_MATCH_CONNTRACK
select KERNEL_NETFILTER_XT_TARGET_CT
select KERNEL_IP_NF_NAT
select KERNEL_IP_NF_TARGET_MASQUERADE
select KERNEL_IP_NF_TARGET_REDIRECT