iptables: backport missing init_extensions6() calls

This fixes ip6tables-nft no being able to use built-in extensions like icmp6. Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
musashino-build · Mar 13, 2022 · e9c99e0 · e9c99e0
1 parent e5440ec
commit e9c99e0
Show file tree

Hide file tree

Showing 2 changed files with 69 additions and 1 deletion.
diff --git a/package/network/utils/iptables/Makefile b/package/network/utils/iptables/Makefile
@@ -10,7 +10,7 @@ include $(INCLUDE_DIR)/kernel.mk
 
 PKG_NAME:=iptables
 PKG_VERSION:=1.8.7
-PKG_RELEASE:=4
+PKG_RELEASE:=5
 
 PKG_SOURCE_URL:=https://netfilter.org/projects/iptables/files
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2

diff --git a/.../network/utils/iptables/patches/001-xtables-Call-init_extensions6-for-static-builds.patch b/.../network/utils/iptables/patches/001-xtables-Call-init_extensions6-for-static-builds.patch
@@ -0,0 +1,68 @@
+From e727ccad036e2cdba3339536c65c7ceef43c0740 Mon Sep 17 00:00:00 2001
+From: Erik Wilson <erik.e.wilson@gmail.com>
+Date: Tue, 13 Jul 2021 16:48:23 -0700
+Subject: [PATCH] xtables: Call init_extensions6() for static builds
+
+Initialize extensions from libext6 for cases where xtables is built statically.
+
+Closes: https://bugzilla.netfilter.org/show_bug.cgi?id=1550
+Signed-off-by: Erik Wilson <Erik.E.Wilson@gmail.com>
+Signed-off-by: Florian Westphal <fw@strlen.de>
+---
+ iptables/xtables-monitor.c    | 1 +
+ iptables/xtables-restore.c    | 1 +
+ iptables/xtables-save.c       | 1 +
+ iptables/xtables-standalone.c | 1 +
+ iptables/xtables-translate.c  | 1 +
+ 5 files changed, 5 insertions(+)
+
+--- a/iptables/xtables-monitor.c
++++ b/iptables/xtables-monitor.c
+@@ -628,6 +628,7 @@ int xtables_monitor_main(int argc, char
+ #if defined(ALL_INCLUSIVE) || defined(NO_SHARED_LIBS)
+ 	init_extensions();
+ 	init_extensions4();
++	init_extensions6();
+ #endif
+
+ 	if (nft_init(&h, AF_INET, xtables_ipv4)) {
+--- a/iptables/xtables-restore.c
++++ b/iptables/xtables-restore.c
+@@ -364,6 +364,7 @@ xtables_restore_main(int family, const c
+ #if defined(ALL_INCLUSIVE) || defined(NO_SHARED_LIBS)
+ 		init_extensions();
+ 		init_extensions4();
++		init_extensions6();
+ #endif
+ 		break;
+ 	case NFPROTO_ARP:
+--- a/iptables/xtables-save.c
++++ b/iptables/xtables-save.c
+@@ -202,6 +202,7 @@ xtables_save_main(int family, int argc,
+ #if defined(ALL_INCLUSIVE) || defined(NO_SHARED_LIBS)
+ 		init_extensions();
+ 		init_extensions4();
++		init_extensions6();
+ #endif
+ 		tables = xtables_ipv4;
+ 		d.commit = true;
+--- a/iptables/xtables-standalone.c
++++ b/iptables/xtables-standalone.c
+@@ -57,6 +57,7 @@ xtables_main(int family, const char *pro
+ #if defined(ALL_INCLUSIVE) || defined(NO_SHARED_LIBS)
+ 	init_extensions();
+ 	init_extensions4();
++	init_extensions6();
+ #endif
+
+ 	if (nft_init(&h, family, xtables_ipv4) < 0) {
+--- a/iptables/xtables-translate.c
++++ b/iptables/xtables-translate.c
+@@ -469,6 +469,7 @@ static int xtables_xlate_main_common(str
+ #if defined(ALL_INCLUSIVE) || defined(NO_SHARED_LIBS)
+ 	init_extensions();
+ 	init_extensions4();
++	init_extensions6();
+ #endif
+ 		tables = xtables_ipv4;
+ 		break;