[Buildroot] [PATCH] package/iptables: add nf_log.h
Markus Mayer
mmayer at broadcom.com
Thu Jun 30 21:21:00 UTC 2022
On Thu, 16 Jun 2022 at 16:23, Markus Mayer <mmayer at broadcom.com> wrote:
>
> iptables generally bundles the netfilter header files inside its own
> tar-ball.
>
> Since iptables 1.8.8, it started to make use of netfilter/nf_log.h, but
> didn't include it in the iptables tar-ball. This can lead to build
> failures.
>
> Add a patch that rectifies this for iptables 1.8.8.
This change has now been accepted upstream.
https://git.netfilter.org/iptables/commit/?id=9ea7e6aa638d0dfa14613f6f97e6dc06c857e609
Since there isn't an iptables 1.8.9 yet, would it be possible to
accept the patch below into Buildroot for now, until the next iptables
release becomes available?
Thanks,
-Markus
> Signed-off-by: Markus Mayer <mmayer at broadcom.com>
> ---
> .../0001-netfilter-add-nf_log.h.patch | 37 +++++++++++++++++++
> 1 file changed, 37 insertions(+)
> create mode 100644 package/iptables/0001-netfilter-add-nf_log.h.patch
>
> diff --git a/package/iptables/0001-netfilter-add-nf_log.h.patch b/package/iptables/0001-netfilter-add-nf_log.h.patch
> new file mode 100644
> index 000000000000..c014c45931e9
> --- /dev/null
> +++ b/package/iptables/0001-netfilter-add-nf_log.h.patch
> @@ -0,0 +1,37 @@
> +From 15ea3fa147dea25d8cae3c2ac417142f2e0f029e Mon Sep 17 00:00:00 2001
> +From: Markus Mayer <mmayer at broadcom.com>
> +To: Netfilter Mailing List <netfilter-devel at vger.kernel.org>
> +Date: Thu, 16 Jun 2022 15:29:58 -0700
> +Subject: [PATCH] netfilter: add nf_log.h
> +
> +Since libxt_NFLOG is now using the UAPI version of nf_log.h, it should
> +be bundled alongside the other netfilter kernel headers.
> +
> +This copy of nf_log.h was taken from Linux 5.18.
> +
> +Signed-off-by: Markus Mayer <mmayer at broadcom.com>
> +---
> +diff --git a/include/linux/netfilter/nf_log.h b/include/linux/netfilter/nf_log.h
> +new file mode 100644
> +index 000000000000..2ae00932d3d2
> +--- /dev/null
> ++++ b/include/linux/netfilter/nf_log.h
> +@@ -0,0 +1,15 @@
> ++/* SPDX-License-Identifier: GPL-2.0 WITH Linux-syscall-note */
> ++#ifndef _NETFILTER_NF_LOG_H
> ++#define _NETFILTER_NF_LOG_H
> ++
> ++#define NF_LOG_TCPSEQ 0x01 /* Log TCP sequence numbers */
> ++#define NF_LOG_TCPOPT 0x02 /* Log TCP options */
> ++#define NF_LOG_IPOPT 0x04 /* Log IP options */
> ++#define NF_LOG_UID 0x08 /* Log UID owning local socket */
> ++#define NF_LOG_NFLOG 0x10 /* Unsupported, don't reuse */
> ++#define NF_LOG_MACDECODE 0x20 /* Decode MAC header */
> ++#define NF_LOG_MASK 0x2f
> ++
> ++#define NF_LOG_PREFIXLEN 128
> ++
> ++#endif /* _NETFILTER_NF_LOG_H */
> +--
> +2.25.1
> +
> --
> 2.25.1
>
More information about the buildroot
mailing list