From: Alexander Kanavin Date: Thu, 16 May 2024 11:26:38 +0000 (+0200) Subject: iptables: correctly enable libnetfilter_conntrack support X-Git-Tag: uninative-4.6~467 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=04ffb341864b443544e9f594248c0c785f601a55;p=thirdparty%2Fopenembedded%2Fopenembedded-core.git iptables: correctly enable libnetfilter_conntrack support This is done via configure option, and makes 0004-configure.ac-only-check-conntrack-when-libnfnetlink-.patch unnecessary, as both libnetfilter_conntrack and libnfnetlink are enabled in lockstep. Signed-off-by: Alexander Kanavin Signed-off-by: Alexandre Belloni Signed-off-by: Richard Purdie --- diff --git a/meta/recipes-extended/iptables/iptables/0004-configure.ac-only-check-conntrack-when-libnfnetlink-.patch b/meta/recipes-extended/iptables/iptables/0004-configure.ac-only-check-conntrack-when-libnfnetlink-.patch deleted file mode 100644 index 5a022ebc8c3..00000000000 --- a/meta/recipes-extended/iptables/iptables/0004-configure.ac-only-check-conntrack-when-libnfnetlink-.patch +++ /dev/null @@ -1,49 +0,0 @@ -From 6832501bbb90a3dab977a4625d0391804c0e795c Mon Sep 17 00:00:00 2001 -From: "Maxin B. John" -Date: Tue, 21 Feb 2017 11:49:07 +0200 -Subject: [PATCH] configure.ac: - only-check-conntrack-when-libnfnetlink-enabled.patch - -Package libnetfilter-conntrack depends on package libnfnetlink. iptables -checks package libnetfilter-conntrack whatever its package config -libnfnetlink is enabled or not. When libnfnetlink is disabled but -package libnetfilter-conntrack exists, it fails randomly with: - -In file included from -.../iptables/1.4.21-r0/iptables-1.4.21/extensions/libxt_connlabel.c:8:0: - -.../tmp/sysroots/qemumips/usr/include/libnetfilter_conntrack/libnetfilter_conntrack.h:14:42: -fatal error: libnfnetlink/linux_nfnetlink.h: No such file or directory - -compilation terminated. -GNUmakefile:96: recipe for target 'libxt_connlabel.oo' failed -Only check libnetfilter-conntrack when libnfnetlink is enabled to fix it. - -Upstream-Status: Pending - -Signed-off-by: Kai Kang -Signed-off-by: Maxin B. John - ---- - configure.ac | 6 ++++-- - 1 file changed, 4 insertions(+), 2 deletions(-) - -diff --git a/configure.ac b/configure.ac -index d607772..25a8e75 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -159,10 +159,12 @@ if test "$nftables" != 1; then - fi - - if test "x$enable_connlabel" = "xyes"; then -- PKG_CHECK_MODULES([libnetfilter_conntrack], -+ nfconntrack=0 -+ AS_IF([test "x$enable_libnfnetlink" = "xyes"], [ -+ PKG_CHECK_MODULES([libnetfilter_conntrack], - [libnetfilter_conntrack >= 1.0.6], - [nfconntrack=1], [nfconntrack=0]) -- -+ ]) - if test "$nfconntrack" -ne 1; then - blacklist_modules="$blacklist_modules connlabel"; - echo "WARNING: libnetfilter_conntrack not found, connlabel match will not be built"; diff --git a/meta/recipes-extended/iptables/iptables_1.8.10.bb b/meta/recipes-extended/iptables/iptables_1.8.10.bb index cbd727b75df..a9c88582cda 100644 --- a/meta/recipes-extended/iptables/iptables_1.8.10.bb +++ b/meta/recipes-extended/iptables/iptables_1.8.10.bb @@ -14,7 +14,6 @@ SRC_URI = "http://netfilter.org/projects/iptables/files/iptables-${PV}.tar.xz \ file://ip6tables.service \ file://ip6tables.rules \ file://0001-configure-Add-option-to-enable-disable-libnfnetlink.patch \ - file://0004-configure.ac-only-check-conntrack-when-libnfnetlink-.patch \ " SRC_URI[sha256sum] = "5cc255c189356e317d070755ce9371eb63a1b783c34498fb8c30264f3cc59c9c" @@ -33,7 +32,7 @@ PACKAGECONFIG ?= "${@bb.utils.filter('DISTRO_FEATURES', 'ipv6', d)}" PACKAGECONFIG[ipv6] = "--enable-ipv6,--disable-ipv6," # libnfnetlink recipe is in meta-networking layer -PACKAGECONFIG[libnfnetlink] = "--enable-libnfnetlink,--disable-libnfnetlink,libnfnetlink libnetfilter-conntrack" +PACKAGECONFIG[libnfnetlink] = "--enable-libnfnetlink --enable-connlabel,--disable-libnfnetlink --disable-connlabel,libnfnetlink libnetfilter-conntrack" # libnftnl recipe is in meta-networking layer(previously known as libnftables) PACKAGECONFIG[libnftnl] = "--enable-nftables,--disable-nftables,libnftnl"