From: Brett Mastbergen Date: Fri, 30 Oct 2020 14:35:05 +0000 (-0400) Subject: netfilter: Add queue support for nftables X-Git-Url: http://git.lede-project.org./?a=commitdiff_plain;h=df8e4906f7d02fbf7f705c14fe304e4f4cb4cf38;p=openwrt%2Fstaging%2Fnbd.git netfilter: Add queue support for nftables This change adds the configuration option to build and include the nft_queue kernel module, which allows traffic to be queued up to userspace from an nftables rule Tested-by: Sébastien Delafond sdelafond@gmail.com Signed-off-by: Brett Mastbergen --- diff --git a/include/netfilter.mk b/include/netfilter.mk index 77b4c6c79b..889beb7a98 100644 --- a/include/netfilter.mk +++ b/include/netfilter.mk @@ -355,6 +355,7 @@ $(eval $(if $(NF_KMOD),$(call nf_add,NFT_FIB,CONFIG_NFT_FIB_INET, $(P_XT)nft_fib $(eval $(if $(NF_KMOD),$(call nf_add,NFT_FIB,CONFIG_NFT_FIB_IPV4, $(P_V4)nft_fib_ipv4),)) $(eval $(if $(NF_KMOD),$(call nf_add,NFT_FIB,CONFIG_NFT_FIB_IPV6, $(P_V6)nft_fib_ipv6),)) +$(eval $(if $(NF_KMOD),$(call nf_add,NFT_QUEUE,CONFIG_NFT_QUEUE, $(P_XT)nft_queue),)) # userland only IPT_BUILTIN += $(NF_IPT-y) $(NF_IPT-m) diff --git a/package/kernel/linux/modules/netfilter.mk b/package/kernel/linux/modules/netfilter.mk index 22a9f8e2a6..aacf5948b1 100644 --- a/package/kernel/linux/modules/netfilter.mk +++ b/package/kernel/linux/modules/netfilter.mk @@ -1167,3 +1167,15 @@ define KernelPackage/nft-fib endef $(eval $(call KernelPackage,nft-fib)) + + +define KernelPackage/nft-queue + SUBMENU:=$(NF_MENU) + TITLE:=Netfilter nf_tables queue support + DEPENDS:=+kmod-nft-core +kmod-nfnetlink-queue + FILES:=$(foreach mod,$(NFT_QUEUE-m),$(LINUX_DIR)/net/$(mod).ko) + AUTOLOAD:=$(call AutoProbe,$(notdir $(NFT_QUEUE-m))) + KCONFIG:=$(KCONFIG_NFT_QUEUE) +endef + +$(eval $(call KernelPackage,nft-queue))