gluon-core: build in xt_CT with GLUON_SPECIALIZE_KERNEL

xt_CT was added to kmod-ipt-conntrack a while back. Update our GLUON_SPECIALIZE_KERNEL rules accordingly. When building xt_CT into the kernel, one of the symbols IP_NF_RAW and IP6_NF_RAW must be enabled as well, even though there is no runtime dependency when building as modules. The kernel grows by less than 1KB even when both IP_NF_RAW and NETFILTER_XT_TARGET_CT are enabled, making this change a (very slight) net win in both flash and RAM usage. (cherry picked from commit fcc6877c)

gluon-core: build in xt_CT with GLUON_SPECIALIZE_KERNEL
f55c965c · Matthias Schiffer · David Bauer · 9d996c49 · f55c965c
Commit f55c965c authored 4 years ago by Matthias Schiffer Committed by David Bauer 4 years ago
--- a/package/gluon-core/Config.in
+++ b/package/gluon-core/Config.in
@@ -279,6 +279,16 @@ config KERNEL_NETFILTER_XT_MATCH_CONNTRACK
 	select KERNEL_NETFILTER_XTABLES
 	select KERNEL_NF_CONNTRACK

+config KERNEL_IP_NF_RAW
+	bool
+	select KERNEL_IP_NF_IPTABLES
+
+config KERNEL_NETFILTER_XT_TARGET_CT
+	bool
+	select KERNEL_NETFILTER_XTABLES
+	select KERNEL_NF_CONNTRACK
+	select KERNEL_IP_NF_RAW
+

 # kmod-ipt-nat

@@ -344,6 +354,7 @@ config GLUON_SPECIALIZE_KERNEL
 	select KERNEL_NETFILTER_XT_TARGET_TCPMSS
 	select KERNEL_NETFILTER_XT_MATCH_STATE
 	select KERNEL_NETFILTER_XT_MATCH_CONNTRACK
+	select KERNEL_NETFILTER_XT_TARGET_CT
 	select KERNEL_IP_NF_NAT
 	select KERNEL_IP_NF_TARGET_MASQUERADE
 	select KERNEL_IP_NF_TARGET_REDIRECT