From 237df628c3be59b23e5194e8173e207a529970bd Mon Sep 17 00:00:00 2001 From: Jo-Philipp Wich Date: Sun, 28 Feb 2010 19:12:47 +0000 Subject: [PATCH] iptables: disable kernel module autoloading SVN-Revision: 19917 --- package/iptables/Makefile | 4 ---- .../020-iptables-disable-modprobe.patch | 18 +++++++++++++++++ .../020-iptables-force-modprobe-util.patch | 20 ------------------- 3 files changed, 18 insertions(+), 24 deletions(-) create mode 100644 package/iptables/patches/020-iptables-disable-modprobe.patch delete mode 100644 package/iptables/patches/020-iptables-force-modprobe-util.patch diff --git a/package/iptables/Makefile b/package/iptables/Makefile index 68ccc76282..20e4b315ca 100644 --- a/package/iptables/Makefile +++ b/package/iptables/Makefile @@ -254,10 +254,6 @@ TARGET_CPPFLAGS := \ -I$(LINUX_DIR)/arch/$(LINUX_KARCH)/include \ $(TARGET_CPPFLAGS) -TARGET_CFLAGS := \ - $(TARGET_CFLAGS) \ - -DFORCE_MODPROBE_PROGRAM="\\\"/sbin/insmod\\\"" - CONFIGURE_ARGS += \ --enable-shared \ --enable-devel \ diff --git a/package/iptables/patches/020-iptables-disable-modprobe.patch b/package/iptables/patches/020-iptables-disable-modprobe.patch new file mode 100644 index 0000000000..a6b5d1bf29 --- /dev/null +++ b/package/iptables/patches/020-iptables-disable-modprobe.patch @@ -0,0 +1,18 @@ +--- a/xtables.c ++++ b/xtables.c +@@ -313,6 +313,7 @@ static char *get_modprobe(void) + + int xtables_insmod(const char *modname, const char *modprobe, bool quiet) + { ++#if 0 + char *buf = NULL; + char *argv[4]; + int status; +@@ -356,6 +357,7 @@ int xtables_insmod(const char *modname, + free(buf); + if (WIFEXITED(status) && WEXITSTATUS(status) == 0) + return 0; ++#endif + return -1; + } + diff --git a/package/iptables/patches/020-iptables-force-modprobe-util.patch b/package/iptables/patches/020-iptables-force-modprobe-util.patch deleted file mode 100644 index 32c9fcd515..0000000000 --- a/package/iptables/patches/020-iptables-force-modprobe-util.patch +++ /dev/null @@ -1,20 +0,0 @@ ---- a/xtables.c -+++ b/xtables.c -@@ -285,6 +285,7 @@ void *xtables_realloc(void *ptr, size_t - - static char *get_modprobe(void) - { -+#ifndef FORCE_MODPROBE_PROGRAM - int procfile; - char *ret; - -@@ -309,6 +310,9 @@ static char *get_modprobe(void) - free(ret); - close(procfile); - return NULL; -+#else -+ return strdup(FORCE_MODPROBE_PROGRAM); -+#endif - } - - int xtables_insmod(const char *modname, const char *modprobe, bool quiet) -- 2.30.2