[openwrt/openwrt] iptables: backport missing init_extensions6() calls

LEDE Commits lede-commits at lists.infradead.org
Sun Mar 13 12:53:36 PDT 2022


hauke pushed a commit to openwrt/openwrt.git, branch master:
https://git.openwrt.org/e9c99e0f7f02e94d8e8ca3da4429f5221684c305

commit e9c99e0f7f02e94d8e8ca3da4429f5221684c305
Author: Etienne Champetier <champetier.etienne at gmail.com>
AuthorDate: Sun Mar 13 00:24:13 2022 -0500

    iptables: backport missing init_extensions6() calls
    
    This fixes ip6tables-nft no being able to use built-in
    extensions like icmp6.
    
    Signed-off-by: Etienne Champetier <champetier.etienne at gmail.com>
---
 package/network/utils/iptables/Makefile            |  2 +-
 ...s-Call-init_extensions6-for-static-builds.patch | 68 ++++++++++++++++++++++
 2 files changed, 69 insertions(+), 1 deletion(-)

diff --git a/package/network/utils/iptables/Makefile b/package/network/utils/iptables/Makefile
index f978173c9f..f8cf3ec6a5 100644
--- a/package/network/utils/iptables/Makefile
+++ b/package/network/utils/iptables/Makefile
@@ -10,7 +10,7 @@ include $(INCLUDE_DIR)/kernel.mk
 
 PKG_NAME:=iptables
 PKG_VERSION:=1.8.7
-PKG_RELEASE:=4
+PKG_RELEASE:=5
 
 PKG_SOURCE_URL:=https://netfilter.org/projects/iptables/files
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
diff --git a/package/network/utils/iptables/patches/001-xtables-Call-init_extensions6-for-static-builds.patch b/package/network/utils/iptables/patches/001-xtables-Call-init_extensions6-for-static-builds.patch
new file mode 100644
index 0000000000..22ccfa533a
--- /dev/null
+++ b/package/network/utils/iptables/patches/001-xtables-Call-init_extensions6-for-static-builds.patch
@@ -0,0 +1,68 @@
+From e727ccad036e2cdba3339536c65c7ceef43c0740 Mon Sep 17 00:00:00 2001
+From: Erik Wilson <erik.e.wilson at gmail.com>
+Date: Tue, 13 Jul 2021 16:48:23 -0700
+Subject: [PATCH] xtables: Call init_extensions6() for static builds
+
+Initialize extensions from libext6 for cases where xtables is built statically.
+
+Closes: https://bugzilla.netfilter.org/show_bug.cgi?id=1550
+Signed-off-by: Erik Wilson <Erik.E.Wilson at gmail.com>
+Signed-off-by: Florian Westphal <fw at strlen.de>
+---
+ iptables/xtables-monitor.c    | 1 +
+ iptables/xtables-restore.c    | 1 +
+ iptables/xtables-save.c       | 1 +
+ iptables/xtables-standalone.c | 1 +
+ iptables/xtables-translate.c  | 1 +
+ 5 files changed, 5 insertions(+)
+
+--- a/iptables/xtables-monitor.c
++++ b/iptables/xtables-monitor.c
+@@ -628,6 +628,7 @@ int xtables_monitor_main(int argc, char
+ #if defined(ALL_INCLUSIVE) || defined(NO_SHARED_LIBS)
+ 	init_extensions();
+ 	init_extensions4();
++	init_extensions6();
+ #endif
+ 
+ 	if (nft_init(&h, AF_INET, xtables_ipv4)) {
+--- a/iptables/xtables-restore.c
++++ b/iptables/xtables-restore.c
+@@ -364,6 +364,7 @@ xtables_restore_main(int family, const c
+ #if defined(ALL_INCLUSIVE) || defined(NO_SHARED_LIBS)
+ 		init_extensions();
+ 		init_extensions4();
++		init_extensions6();
+ #endif
+ 		break;
+ 	case NFPROTO_ARP:
+--- a/iptables/xtables-save.c
++++ b/iptables/xtables-save.c
+@@ -202,6 +202,7 @@ xtables_save_main(int family, int argc,
+ #if defined(ALL_INCLUSIVE) || defined(NO_SHARED_LIBS)
+ 		init_extensions();
+ 		init_extensions4();
++		init_extensions6();
+ #endif
+ 		tables = xtables_ipv4;
+ 		d.commit = true;
+--- a/iptables/xtables-standalone.c
++++ b/iptables/xtables-standalone.c
+@@ -57,6 +57,7 @@ xtables_main(int family, const char *pro
+ #if defined(ALL_INCLUSIVE) || defined(NO_SHARED_LIBS)
+ 	init_extensions();
+ 	init_extensions4();
++	init_extensions6();
+ #endif
+ 
+ 	if (nft_init(&h, family, xtables_ipv4) < 0) {
+--- a/iptables/xtables-translate.c
++++ b/iptables/xtables-translate.c
+@@ -469,6 +469,7 @@ static int xtables_xlate_main_common(str
+ #if defined(ALL_INCLUSIVE) || defined(NO_SHARED_LIBS)
+ 	init_extensions();
+ 	init_extensions4();
++	init_extensions6();
+ #endif
+ 		tables = xtables_ipv4;
+ 		break;




More information about the lede-commits mailing list