mptcp/openmptcprouter
1
0
Fork 0
mirror of https://github.com/Ysurac/openmptcprouter.git synced 2025-03-09 15:40:20 +00:00
Code Issues Releases Wiki Activity

Add all changes for OpenWrt/LEDE source here

Browse source
This commit is contained in:
Ycarus 2018-01-23 15:56:13 +01:00
parent b68e966d63
commit 9414e5098b
8 changed files with 21403 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

61
patches/iptables-trace.patch Normal file
View file

@ -0,0 +1,61 @@
From 0f5291c8e2418bf489893121ef8d5438767a809a Mon Sep 17 00:00:00 2001
From: Martin Wetterwald <martin.wetterwald@corp.ovh.com>
Date: Thu, 12 Jan 2017 15:06:00 +0100
Subject: [PATCH] iptables: Fix target TRACE issue
The package kmod-ipt-debug builds the module xt_TRACE, which allows
users to use '-j TRACE' as target in the chain PREROUTING of the table
raw in iptables.
The kernel compilation flag NETFILTER_XT_TARGET_TRACE is also enabled so
that this feature which is implemented deep inside the linux IP stack
(for example in sk_buff) is compiled.
But a strace of iptables -t raw -I PREROUTING -p icmp -j TRACE reveals
that an attempt is made to read /usr/lib/iptables/libxt_TRACE.so, which
fails as this dynamic library is not present on the system.
I created the package iptables-mod-trace which takes care of that, and
target TRACE now works!
https://dev.openwrt.org/ticket/16694
https://dev.openwrt.org/ticket/19661
Signed-off-by: Martin Wetterwald <martin.wetterwald@corp.ovh.com>
---
package/network/utils/iptables/Makefile | 15 +++++++++++++++
1 file changed, 15 insertions(+)
diff --git a/package/network/utils/iptables/Makefile b/package/network/utils/iptables/Makefile
index ac869f0385..0604f6f0a8 100644
--- a/package/network/utils/iptables/Makefile
+++ b/package/network/utils/iptables/Makefile
@@ -203,6 +203,20 @@ define Package/iptables-mod-nflog/description
endef
+define Package/iptables-mod-trace
+$(call Package/iptables/Module, +kmod-ipt-debug)
+ TITLE:=Netfilter TRACE target
+endef
+
+define Package/iptables-mod-trace/description
+ iptables extension for TRACE target
+
+ Includes:
+ - libxt_TRACE
+
+endef
+
+
define Package/iptables-mod-nfqueue
$(call Package/iptables/Module, +kmod-nfnetlink-queue +kmod-ipt-nfqueue)
TITLE:=Netfilter NFQUEUE target
@@ -548,6 +562,7 @@ $(eval $(call BuildPlugin,iptables-mod-tproxy,$(IPT_TPROXY-m)))
$(eval $(call BuildPlugin,iptables-mod-tee,$(IPT_TEE-m)))
$(eval $(call BuildPlugin,iptables-mod-u32,$(IPT_U32-m)))
$(eval $(call BuildPlugin,iptables-mod-nflog,$(IPT_NFLOG-m)))
+$(eval $(call BuildPlugin,iptables-mod-trace,$(IPT_DEBUG-m)))
$(eval $(call BuildPlugin,iptables-mod-nfqueue,$(IPT_NFQUEUE-m)))
$(eval $(call BuildPackage,ip6tables))
$(eval $(call BuildPlugin,ip6tables-extra,$(IPT_IPV6_EXTRA-m)))