projects
/
openwrt
/
openwrt.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
1c04365
)
x86/64: Iptables seems to lack support for cgroup v2
author
Supriya Mane
<sm.supriya@globaledgesoft.com>
Tue, 9 Mar 2021 08:58:52 +0000
(14:28 +0530)
committer
Hauke Mehrtens
<hauke@hauke-m.de>
Fri, 19 Mar 2021 00:25:26 +0000
(
01:25
+0100)
FS#3574
Adding cgroup support enables adding rules on processes
to limit resources in terms of iptable policies
Signed-off-by: Supriya Mane <sm.supriya@globaledgesoft.com>
include/netfilter.mk
patch
|
blob
|
history
diff --git
a/include/netfilter.mk
b/include/netfilter.mk
index 60f031e9a71232d698a9457a3b9aefa98a9f2671..45e9dadf85fb260b5a22fefab6d0080f1ce7089f 100644
(file)
--- a/
include/netfilter.mk
+++ b/
include/netfilter.mk
@@
-94,6
+94,7
@@
$(eval $(call nf_add,IPT_EXTRA,CONFIG_NETFILTER_XT_MATCH_ADDRTYPE, $(if $(NF_KMO
$(eval $(call nf_add,IPT_EXTRA,CONFIG_NETFILTER_XT_MATCH_OWNER, $(P_XT)xt_owner))
$(eval $(call nf_add,IPT_EXTRA,CONFIG_NETFILTER_XT_MATCH_PKTTYPE, $(P_XT)xt_pkttype))
$(eval $(call nf_add,IPT_EXTRA,CONFIG_NETFILTER_XT_MATCH_QUOTA, $(P_XT)xt_quota))
+$(eval $(call nf_add,IPT_EXTRA,CONFIG_NETFILTER_XT_MATCH_CGROUP, $(P_XT)xt_cgroup))
#$(eval $(call nf_add,IPT_EXTRA,CONFIG_IP_NF_TARGET_ROUTE, $(P_V4)ipt_ROUTE))