From: Supriya Mane Date: Tue, 9 Mar 2021 08:58:52 +0000 (+0530) Subject: x86/64: Iptables seems to lack support for cgroup v2 X-Git-Tag: v22.03.0-rc1~3046 X-Git-Url: http://git.lede-project.org./?a=commitdiff_plain;h=eccb45627ec62311d1c9cb18f02abef638a5291f;p=openwrt%2Fopenwrt.git x86/64: Iptables seems to lack support for cgroup v2 FS#3574 Adding cgroup support enables adding rules on processes to limit resources in terms of iptable policies Signed-off-by: Supriya Mane --- diff --git a/include/netfilter.mk b/include/netfilter.mk index 60f031e9a7..45e9dadf85 100644 --- a/include/netfilter.mk +++ b/include/netfilter.mk @@ -94,6 +94,7 @@ $(eval $(call nf_add,IPT_EXTRA,CONFIG_NETFILTER_XT_MATCH_ADDRTYPE, $(if $(NF_KMO $(eval $(call nf_add,IPT_EXTRA,CONFIG_NETFILTER_XT_MATCH_OWNER, $(P_XT)xt_owner)) $(eval $(call nf_add,IPT_EXTRA,CONFIG_NETFILTER_XT_MATCH_PKTTYPE, $(P_XT)xt_pkttype)) $(eval $(call nf_add,IPT_EXTRA,CONFIG_NETFILTER_XT_MATCH_QUOTA, $(P_XT)xt_quota)) +$(eval $(call nf_add,IPT_EXTRA,CONFIG_NETFILTER_XT_MATCH_CGROUP, $(P_XT)xt_cgroup)) #$(eval $(call nf_add,IPT_EXTRA,CONFIG_IP_NF_TARGET_ROUTE, $(P_V4)ipt_ROUTE))