Re: [OpenWrt-Devel] Building nf_nat_ipv6.ko

Thu, 29 Aug 2013 05:06:24 -0700 

On Thu, Aug 29, 2013 at 1:50 PM, Sedat Dilek <[email protected]> wrote:
>> On Thu, Aug 29, 2013 at 10:36 AM, Adam Novak <[email protected]> wrote:
>
> [ ... ]
>
> That diff [0] you pointed to is IMHO wrong...
>
> With Linux v3.7 it is now CONFIG_NF_NAT_IPV4 [1] and
> CONFIG_NF_NAT_IPV6 [2] was 1st introduced.
>
> I checked the netfilter kernel-modules here on Ubuntu/precise with
> raring-lts v3.8 kernel.
>
> [ include/netfilter.mk ]
>
> ifeq ($(NF_KMOD),1)
> P_V4:=ipv4/netfilter/
> P_V6:=ipv6/netfilter/
> P_XT:=netfilter/
> P_EBT:=bridge/netfilter/
> endif
>
> [ P_XT ]
>
> /lib/modules/3.8.0-30-generic/kernel/net/netfilter/nf_nat.ko
> /lib/modules/3.8.0-30-generic/kernel/net/netfilter/xt_nat.ko
>
> ( I don't know why this both kernel-modules are required with
> nf_nat_ipv4.ko together. )
>

Hmm, I see...

[ net/netfilter/Makefile ]

obj-$(CONFIG_NF_NAT) += nf_nat.o
obj-$(CONFIG_NF_NAT) += xt_nat.o

[ net/ipv4/netfilter/Kconfig ]

config NF_NAT_IPV4
    select NF_NAT

[ /net/ipv6/netfilter/Kconfig ]

config NF_NAT_IPV6
    select NF_NAT

Hmm, so we have to take into account CONFIG_NF_NAT and CONFIG_NF_NAT_IPV4.

Attached v2 to fix this.

- Sedat -

> [ P_V4 ]
>
> /lib/modules/3.8.0-30-generic/kernel/net/ipv4/netfilter/nf_nat_ipv4.ko
>
> [ P_V6 ]
>
> /lib/modules/3.8.0-30-generic/kernel/net/ipv6/netfilter/nf_nat_ipv6.ko
>
> [ KERNEL-MODULE NF-NAT (IPv4) ]
>
> -$(eval $(if $(NF_KMOD),$(call nf_add,IPT_NAT,CONFIG_NF_NAT,
> $(P_XT)nf_nat $(P_V4)nf_nat_ipv4 $(P_XT)xt_nat $(P_V4)iptable_nat, ge
> 3.7.0),))
>
> +$(eval $(if $(NF_KMOD),$(call nf_add,IPT_NAT,CONFIG_NF_NAT_IPV4,
> $(P_XT)nf_nat $(P_V4)nf_nat_ipv4 $(P_XT)xt_nat $(P_V4)iptable_nat, ge
> 3.7.0),))
>
> [ KERNEL-MODULE NF-NAT (IPv6) ]
>
> +$(eval $(if $(NF_KMOD),$(call nf_add,IPT_NAT,CONFIG_NF_NAT_IPV6,
> $(P_V6)nf_nat_ipv6 $(P_V6)ip6table_nat, ge 3.8.0),))
>
> [ USER-SPACE ]
>
> I am unsure if the iptables package shipped with OpenWrt (trunk) has
> netfilter-nat IPv6 support (for firewall settings).
>
> You can try the attached experimental patch.
>
> - Sedat -
>
> [0] https://dev.openwrt.org/attachment/ticket/13446/netfilter.3.diff
> [1] 
> http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/tree/net/ipv4/netfilter/Makefile?id=v3.7#n17
> [2] 
> http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/tree/net/ipv6/netfilter/Makefile?id=v3.7#n11

Attachment: include_netfilter_mk-v2.diff
Description: Binary data

_______________________________________________
openwrt-devel mailing list
[email protected]
https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel

Reply via email to