[openwrt/openwrt] kernel: fix iptables offload build without nftables

Sat Mar 23 10:35:19 PDT 2024

hauke pushed a commit to openwrt/openwrt.git, branch main:
https://git.openwrt.org/27ce04a94867e870ffa1c753e531571054f2358f

commit 27ce04a94867e870ffa1c753e531571054f2358f
Author: Qingfang Deng <dqfext at gmail.com>
AuthorDate: Tue Mar 12 10:05:13 2024 +0800

    kernel: fix iptables offload build without nftables
    
    When rebasing patches on top of 6.1, a change that removed NF_TABLES
    from NF_FLOW_TABLE's dependency was dropped accidentally, and iptables
    flow offload module can only be built when nftables is selected.
    Restore the change to fix it.
    
    Fixes: 19a246bb6503 ("generic: 6.1: manually refresh hack patches")
    Signed-off-by: Qingfang Deng <dqfext at gmail.com>
---
 .../hack-6.1/650-netfilter-add-xt_FLOWOFFLOAD-target.patch     | 10 +++++++++-
 .../hack-6.6/650-netfilter-add-xt_FLOWOFFLOAD-target.patch     | 10 +++++++++-
 2 files changed, 18 insertions(+), 2 deletions(-)

diff --git a/target/linux/generic/hack-6.1/650-netfilter-add-xt_FLOWOFFLOAD-target.patch b/target/linux/generic/hack-6.1/650-netfilter-add-xt_FLOWOFFLOAD-target.patch
index 1dfd556ce8..6fdfc79207 100644
--- a/target/linux/generic/hack-6.1/650-netfilter-add-xt_FLOWOFFLOAD-target.patch
+++ b/target/linux/generic/hack-6.1/650-netfilter-add-xt_FLOWOFFLOAD-target.patch
@@ -8,7 +8,15 @@ Signed-off-by: Felix Fietkau <nbd at nbd.name>
 
 --- a/net/netfilter/Kconfig
 +++ b/net/netfilter/Kconfig
-@@ -1023,6 +1023,15 @@ config NETFILTER_XT_TARGET_NOTRACK
+@@ -726,7 +726,6 @@ config NF_FLOW_TABLE
+ 	tristate "Netfilter flow table module"
+ 	depends on NETFILTER_INGRESS
+ 	depends on NF_CONNTRACK
+-	depends on NF_TABLES
+ 	help
+ 	  This option adds the flow table core infrastructure.
+ 
+@@ -1023,6 +1022,15 @@ config NETFILTER_XT_TARGET_NOTRACK
  	depends on NETFILTER_ADVANCED
  	select NETFILTER_XT_TARGET_CT
  
diff --git a/target/linux/generic/hack-6.6/650-netfilter-add-xt_FLOWOFFLOAD-target.patch b/target/linux/generic/hack-6.6/650-netfilter-add-xt_FLOWOFFLOAD-target.patch
index 1c75a2cf3d..9735983212 100644
--- a/target/linux/generic/hack-6.6/650-netfilter-add-xt_FLOWOFFLOAD-target.patch
+++ b/target/linux/generic/hack-6.6/650-netfilter-add-xt_FLOWOFFLOAD-target.patch
@@ -8,7 +8,15 @@ Signed-off-by: Felix Fietkau <nbd at nbd.name>
 
 --- a/net/netfilter/Kconfig
 +++ b/net/netfilter/Kconfig
-@@ -1025,6 +1025,15 @@ config NETFILTER_XT_TARGET_NOTRACK
+@@ -729,7 +729,6 @@ config NF_FLOW_TABLE
+ 	tristate "Netfilter flow table module"
+ 	depends on NETFILTER_INGRESS
+ 	depends on NF_CONNTRACK
+-	depends on NF_TABLES
+ 	help
+ 	  This option adds the flow table core infrastructure.
+ 
+@@ -1025,6 +1024,15 @@ config NETFILTER_XT_TARGET_NOTRACK
  	depends on NETFILTER_ADVANCED
  	select NETFILTER_XT_TARGET_CT
  


