From 322c614e473d044ca1d94dd9b42f6924aa579c55 Mon Sep 17 00:00:00 2001
From: Arne Fitzenreiter <arne_f@ipfire.org>
Date: Wed, 14 Oct 2020 15:09:13 +0200
Subject: [PATCH] netfilter: layer7: disable removed conntrack layer3 module
 handling

this was removed with linux kernel 4.19.

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
---
 net/netfilter/xt_layer7.c | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/net/netfilter/xt_layer7.c b/net/netfilter/xt_layer7.c
index 565d2c99dcc5..a7eb760123bf 100644
--- a/net/netfilter/xt_layer7.c
+++ b/net/netfilter/xt_layer7.c
@@ -564,6 +564,7 @@ match(const struct sk_buff *skbin,
 	return (pattern_result ^ info->invert);
 }
 
+/*
 // load nf_conntrack_ipv4
 #if LINUX_VERSION_CODE >= KERNEL_VERSION(2, 6, 35)
 static int
@@ -608,14 +609,15 @@ check(const char *tablename, const void *inf,
 		nf_ct_l3proto_module_put(match->family);
 	}
 #endif
+*/
 
 static struct xt_match xt_layer7_match[] __read_mostly = {
 {
 	.name		= "layer7",
 	.family		= NFPROTO_IPV4,
-	.checkentry	= check,
+//	.checkentry	= check,
 	.match		= match,
-	.destroy	= destroy,
+//	.destroy	= destroy,
 	.matchsize	= sizeof(struct xt_layer7_info),
 	.me		= THIS_MODULE
 }
@@ -631,7 +633,7 @@ static const struct proc_ops layer7_numpackets_proc_fops = {
 
 static int __init xt_layer7_init(void)
 {
-	need_conntrack();
+//	need_conntrack();
 
 	// Register proc interface
 	proc_create_data("layer7_numpackets", 0644,
-- 
2.47.2