diff mbox series

[11/13] iptables: correctly enable libnetfilter_conntrack support

Message ID 20240516112640.2145789-11-alex.kanavin@gmail.com
State Accepted, archived
Commit 04ffb341864b443544e9f594248c0c785f601a55
Headers show
Series [01/13] mesa: remove obsolete 0001-meson.build-check-for-all-linux-host_os-combinations.patch | expand

Commit Message

Alexander Kanavin May 16, 2024, 11:26 a.m. UTC 
From: Alexander Kanavin <alex@linutronix.de>

This is done via configure option, and makes
0004-configure.ac-only-check-conntrack-when-libnfnetlink-.patch
unnecessary, as both libnetfilter_conntrack and libnfnetlink
are enabled in lockstep.

Signed-off-by: Alexander Kanavin <alex@linutronix.de>
---
 ...y-check-conntrack-when-libnfnetlink-.patch | 49 -------------------
 .../iptables/iptables_1.8.10.bb               |  3 +-
 2 files changed, 1 insertion(+), 51 deletions(-)
 delete mode 100644 meta/recipes-extended/iptables/iptables/0004-configure.ac-only-check-conntrack-when-libnfnetlink-.patch
diff mbox series

Patch

diff --git a/meta/recipes-extended/iptables/iptables/0004-configure.ac-only-check-conntrack-when-libnfnetlink-.patch b/meta/recipes-extended/iptables/iptables/0004-configure.ac-only-check-conntrack-when-libnfnetlink-.patch
deleted file mode 100644
index 5a022ebc8c3..00000000000
--- a/meta/recipes-extended/iptables/iptables/0004-configure.ac-only-check-conntrack-when-libnfnetlink-.patch
+++ /dev/null
@@ -1,49 +0,0 @@ 
-From 6832501bbb90a3dab977a4625d0391804c0e795c Mon Sep 17 00:00:00 2001
-From: "Maxin B. John" <maxin.john@intel.com>
-Date: Tue, 21 Feb 2017 11:49:07 +0200
-Subject: [PATCH] configure.ac:
- only-check-conntrack-when-libnfnetlink-enabled.patch
-
-Package libnetfilter-conntrack depends on package libnfnetlink. iptables
-checks package libnetfilter-conntrack whatever its package config
-libnfnetlink is enabled or not. When libnfnetlink is disabled but
-package libnetfilter-conntrack exists, it fails randomly with:
-
-In file included from
-.../iptables/1.4.21-r0/iptables-1.4.21/extensions/libxt_connlabel.c:8:0:
-
-.../tmp/sysroots/qemumips/usr/include/libnetfilter_conntrack/libnetfilter_conntrack.h:14:42:
-fatal error: libnfnetlink/linux_nfnetlink.h: No such file or directory
-
-compilation terminated.
-GNUmakefile:96: recipe for target 'libxt_connlabel.oo' failed
-Only check libnetfilter-conntrack when libnfnetlink is enabled to fix it.
-
-Upstream-Status: Pending
-
-Signed-off-by: Kai Kang <kai.kang@windriver.com>
-Signed-off-by: Maxin B. John <maxin.john@intel.com>
-
----
- configure.ac | 6 ++++--
- 1 file changed, 4 insertions(+), 2 deletions(-)
-
-diff --git a/configure.ac b/configure.ac
-index d607772..25a8e75 100644
---- a/configure.ac
-+++ b/configure.ac
-@@ -159,10 +159,12 @@ if test "$nftables" != 1; then
- fi
- 
- if test "x$enable_connlabel" = "xyes"; then
--	PKG_CHECK_MODULES([libnetfilter_conntrack],
-+    nfconntrack=0
-+    AS_IF([test "x$enable_libnfnetlink" = "xyes"], [
-+    PKG_CHECK_MODULES([libnetfilter_conntrack],
- 		[libnetfilter_conntrack >= 1.0.6],
- 		[nfconntrack=1], [nfconntrack=0])
--
-+    ])
- 	if test "$nfconntrack" -ne 1; then
- 		blacklist_modules="$blacklist_modules connlabel";
- 		echo "WARNING: libnetfilter_conntrack not found, connlabel match will not be built";
diff --git a/meta/recipes-extended/iptables/iptables_1.8.10.bb b/meta/recipes-extended/iptables/iptables_1.8.10.bb
index cbd727b75df..a9c88582cda 100644
--- a/meta/recipes-extended/iptables/iptables_1.8.10.bb
+++ b/meta/recipes-extended/iptables/iptables_1.8.10.bb
@@ -14,7 +14,6 @@  SRC_URI = "http://netfilter.org/projects/iptables/files/iptables-${PV}.tar.xz \
            file://ip6tables.service \
            file://ip6tables.rules \
            file://0001-configure-Add-option-to-enable-disable-libnfnetlink.patch \
-           file://0004-configure.ac-only-check-conntrack-when-libnfnetlink-.patch \
            "
 SRC_URI[sha256sum] = "5cc255c189356e317d070755ce9371eb63a1b783c34498fb8c30264f3cc59c9c"
 
@@ -33,7 +32,7 @@  PACKAGECONFIG ?= "${@bb.utils.filter('DISTRO_FEATURES', 'ipv6', d)}"
 PACKAGECONFIG[ipv6] = "--enable-ipv6,--disable-ipv6,"
 
 # libnfnetlink recipe is in meta-networking layer
-PACKAGECONFIG[libnfnetlink] = "--enable-libnfnetlink,--disable-libnfnetlink,libnfnetlink libnetfilter-conntrack"
+PACKAGECONFIG[libnfnetlink] = "--enable-libnfnetlink --enable-connlabel,--disable-libnfnetlink --disable-connlabel,libnfnetlink libnetfilter-conntrack"
 
 # libnftnl recipe is in meta-networking layer(previously known as libnftables)
 PACKAGECONFIG[libnftnl] = "--enable-nftables,--disable-nftables,libnftnl"