Commit 9a3e7f8d authored by Seblu's avatar Seblu
Browse files

Enable Xtables and nft_compat 

dockerd requires Xtables and nft_compat to use iptable-nft.
This is not ideal but this commit restore xtables to support dockerd
parent 9f5327dc

PKGBUILD

+1 −1
Original line number Diff line number Diff line
@@ -21,7 +21,7 @@ _stable=https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git 
source=("git+$_main#tag=v5.12"

        "config.$CARCH")

sha256sums=('SKIP'

            'ee5ad08ec09091ea0ce664963680e40dbf3318adef0c11a1ca0065fbd2ceb560')

            '4afb8438f80b249e13ff090eeead88342eacf774773aeb2a365803a91bcc8048')



prepare() {

  [[ -d linux-stable ]] && ln -snf linux-stable linux

config.x86_64

+86 −2
Original line number Diff line number Diff line
@@ -1171,7 +1171,7 @@ CONFIG_NETFILTER_CONNCOUNT=m 
CONFIG_NF_CONNTRACK_MARK=y

CONFIG_NF_CONNTRACK_SECMARK=y

CONFIG_NF_CONNTRACK_ZONES=y

CONFIG_NF_CONNTRACK_PROCFS=y

# CONFIG_NF_CONNTRACK_PROCFS is not set

CONFIG_NF_CONNTRACK_EVENTS=y

CONFIG_NF_CONNTRACK_TIMEOUT=y

CONFIG_NF_CONNTRACK_TIMESTAMP=y
@@ -1223,6 +1223,7 @@ CONFIG_NFT_QUEUE=m 
CONFIG_NFT_QUOTA=m

CONFIG_NFT_REJECT=m

CONFIG_NFT_REJECT_INET=m

CONFIG_NFT_COMPAT=m

CONFIG_NFT_HASH=m

CONFIG_NFT_FIB=m

CONFIG_NFT_FIB_INET=m
@@ -1238,7 +1239,86 @@ CONFIG_NFT_FIB_NETDEV=m 
CONFIG_NFT_REJECT_NETDEV=m

CONFIG_NF_FLOW_TABLE_INET=m

CONFIG_NF_FLOW_TABLE=m

# CONFIG_NETFILTER_XTABLES is not set

CONFIG_NETFILTER_XTABLES=m



#

# Xtables combined modules

#

CONFIG_NETFILTER_XT_MARK=m

CONFIG_NETFILTER_XT_CONNMARK=m

CONFIG_NETFILTER_XT_SET=m



#

# Xtables targets

#

CONFIG_NETFILTER_XT_TARGET_CLASSIFY=m

CONFIG_NETFILTER_XT_TARGET_CONNMARK=m

CONFIG_NETFILTER_XT_TARGET_CONNSECMARK=m

CONFIG_NETFILTER_XT_TARGET_HMARK=m

CONFIG_NETFILTER_XT_TARGET_IDLETIMER=m

CONFIG_NETFILTER_XT_TARGET_LED=m

CONFIG_NETFILTER_XT_TARGET_LOG=m

CONFIG_NETFILTER_XT_TARGET_MARK=m

CONFIG_NETFILTER_XT_NAT=m

CONFIG_NETFILTER_XT_TARGET_NETMAP=m

CONFIG_NETFILTER_XT_TARGET_NFLOG=m

CONFIG_NETFILTER_XT_TARGET_NFQUEUE=m

CONFIG_NETFILTER_XT_TARGET_RATEEST=m

CONFIG_NETFILTER_XT_TARGET_REDIRECT=m

CONFIG_NETFILTER_XT_TARGET_MASQUERADE=m

CONFIG_NETFILTER_XT_TARGET_TEE=m

CONFIG_NETFILTER_XT_TARGET_SECMARK=m

CONFIG_NETFILTER_XT_TARGET_TCPMSS=m



#

# Xtables matches

#

CONFIG_NETFILTER_XT_MATCH_ADDRTYPE=m

CONFIG_NETFILTER_XT_MATCH_BPF=m

CONFIG_NETFILTER_XT_MATCH_CGROUP=m

CONFIG_NETFILTER_XT_MATCH_CLUSTER=m

CONFIG_NETFILTER_XT_MATCH_COMMENT=m

CONFIG_NETFILTER_XT_MATCH_CONNBYTES=m

CONFIG_NETFILTER_XT_MATCH_CONNLABEL=m

CONFIG_NETFILTER_XT_MATCH_CONNLIMIT=m

CONFIG_NETFILTER_XT_MATCH_CONNMARK=m

CONFIG_NETFILTER_XT_MATCH_CONNTRACK=m

CONFIG_NETFILTER_XT_MATCH_CPU=m

CONFIG_NETFILTER_XT_MATCH_DCCP=m

CONFIG_NETFILTER_XT_MATCH_DEVGROUP=m

CONFIG_NETFILTER_XT_MATCH_DSCP=m

CONFIG_NETFILTER_XT_MATCH_ECN=m

CONFIG_NETFILTER_XT_MATCH_ESP=m

CONFIG_NETFILTER_XT_MATCH_HASHLIMIT=m

CONFIG_NETFILTER_XT_MATCH_HELPER=m

CONFIG_NETFILTER_XT_MATCH_HL=m

CONFIG_NETFILTER_XT_MATCH_IPCOMP=m

CONFIG_NETFILTER_XT_MATCH_IPRANGE=m

CONFIG_NETFILTER_XT_MATCH_IPVS=m

CONFIG_NETFILTER_XT_MATCH_L2TP=m

CONFIG_NETFILTER_XT_MATCH_LENGTH=m

CONFIG_NETFILTER_XT_MATCH_LIMIT=m

CONFIG_NETFILTER_XT_MATCH_MAC=m

CONFIG_NETFILTER_XT_MATCH_MARK=m

CONFIG_NETFILTER_XT_MATCH_MULTIPORT=m

CONFIG_NETFILTER_XT_MATCH_NFACCT=m

CONFIG_NETFILTER_XT_MATCH_OSF=m

CONFIG_NETFILTER_XT_MATCH_OWNER=m

CONFIG_NETFILTER_XT_MATCH_POLICY=m

CONFIG_NETFILTER_XT_MATCH_PHYSDEV=m

CONFIG_NETFILTER_XT_MATCH_PKTTYPE=m

CONFIG_NETFILTER_XT_MATCH_QUOTA=m

CONFIG_NETFILTER_XT_MATCH_RATEEST=m

CONFIG_NETFILTER_XT_MATCH_REALM=m

CONFIG_NETFILTER_XT_MATCH_RECENT=m

CONFIG_NETFILTER_XT_MATCH_SCTP=m

CONFIG_NETFILTER_XT_MATCH_SOCKET=m

CONFIG_NETFILTER_XT_MATCH_STATE=m

CONFIG_NETFILTER_XT_MATCH_STATISTIC=m

CONFIG_NETFILTER_XT_MATCH_STRING=m

CONFIG_NETFILTER_XT_MATCH_TCPMSS=m

CONFIG_NETFILTER_XT_MATCH_TIME=m

CONFIG_NETFILTER_XT_MATCH_U32=m

# end of Core Netfilter Configuration



CONFIG_IP_SET=m
@@ -1354,6 +1434,7 @@ CONFIG_NFT_BRIDGE_META=m 
CONFIG_NFT_BRIDGE_REJECT=m

CONFIG_NF_LOG_BRIDGE=m

CONFIG_NF_CONNTRACK_BRIDGE=m

# CONFIG_BRIDGE_NF_EBTABLES is not set

CONFIG_BPFILTER=y

CONFIG_BPFILTER_UMH=m

# CONFIG_IP_DCCP is not set
@@ -1473,6 +1554,7 @@ CONFIG_NET_ACT_GACT=m 
CONFIG_GACT_PROB=y

CONFIG_NET_ACT_MIRRED=m

CONFIG_NET_ACT_SAMPLE=m

# CONFIG_NET_ACT_IPT is not set

CONFIG_NET_ACT_NAT=m

CONFIG_NET_ACT_PEDIT=m

CONFIG_NET_ACT_SIMP=m
@@ -7643,6 +7725,8 @@ CONFIG_REED_SOLOMON_ENC8=y 
CONFIG_REED_SOLOMON_DEC8=y

CONFIG_TEXTSEARCH=y

CONFIG_TEXTSEARCH_KMP=m

CONFIG_TEXTSEARCH_BM=m

CONFIG_TEXTSEARCH_FSM=m

CONFIG_BTREE=y

CONFIG_INTERVAL_TREE=y

CONFIG_XARRAY_MULTI=y