[PATCH] kernel: 6.1: fix iptables offload build without nftables

Qingfang Deng dqfext at gmail.com
Mon Mar 11 02:51:24 PDT 2024


When rebasing patches on top of 6.1, a change that removed NF_TABLES
from NF_FLOW_TABLE's dependency was dropped accidentally, and iptables
flow offload module can only be built when nftables is selected.
Restore the change to fix it.

Fixes: 19a246bb6503 ("generic: 6.1: manually refresh hack patches")
Signed-off-by: Qingfang Deng <dqfext at gmail.com>
---
 .../650-netfilter-add-xt_FLOWOFFLOAD-target.patch      | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/target/linux/generic/hack-6.1/650-netfilter-add-xt_FLOWOFFLOAD-target.patch b/target/linux/generic/hack-6.1/650-netfilter-add-xt_FLOWOFFLOAD-target.patch
index 59a5fb4d91..aee845d984 100644
--- a/target/linux/generic/hack-6.1/650-netfilter-add-xt_FLOWOFFLOAD-target.patch
+++ b/target/linux/generic/hack-6.1/650-netfilter-add-xt_FLOWOFFLOAD-target.patch
@@ -8,7 +8,15 @@ Signed-off-by: Felix Fietkau <nbd at nbd.name>
 
 --- a/net/netfilter/Kconfig
 +++ b/net/netfilter/Kconfig
-@@ -1023,6 +1023,15 @@ config NETFILTER_XT_TARGET_NOTRACK
+@@ -726,7 +726,6 @@ config NF_FLOW_TABLE
+ 	tristate "Netfilter flow table module"
+ 	depends on NETFILTER_INGRESS
+ 	depends on NF_CONNTRACK
+-	depends on NF_TABLES
+ 	help
+ 	  This option adds the flow table core infrastructure.
+ 
+@@ -1023,6 +1022,15 @@ config NETFILTER_XT_TARGET_NOTRACK
  	depends on NETFILTER_ADVANCED
  	select NETFILTER_XT_TARGET_CT
  
-- 
2.34.1




More information about the openwrt-devel mailing list