[LEDE-DEV] [PATCH] conntrack: enable support for netfilter conntrack zones

Alin Nastac alin.nastac at gmail.com
Thu May 19 00:54:06 PDT 2016


Storage of such zones is provided by a nf_ct_ext struct, hence conntrack
memory foot print will not be increased if zones are not used.
---
 package/kernel/linux/modules/netfilter.mk | 1 +
 1 file changed, 1 insertion(+)

diff --git a/package/kernel/linux/modules/netfilter.mk b/package/kernel/linux/modules/netfilter.mk
index 3b623e4..4d9c116 100644
--- a/package/kernel/linux/modules/netfilter.mk
+++ b/package/kernel/linux/modules/netfilter.mk
@@ -68,6 +68,7 @@ define KernelPackage/nf-conntrack
   KCONFIG:= \
         CONFIG_NETFILTER=y \
         CONFIG_NETFILTER_ADVANCED=y \
+        CONFIG_NF_CONNTRACK_ZONES=y \
 	$(KCONFIG_NF_CONNTRACK)
   FILES:=$(foreach mod,$(NF_CONNTRACK-m),$(LINUX_DIR)/net/$(mod).ko)
   AUTOLOAD:=$(call AutoProbe,$(notdir $(NF_CONNTRACK-m)))
-- 
1.7.12.4




More information about the Lede-dev mailing list