From c0bbc6f16848cec6daa073d20d91ac6252170936 Mon Sep 17 00:00:00 2001 From: Sean Khan Date: Fri, 30 May 2025 18:07:45 -0400 Subject: [PATCH] treewide: Remove dependency on br_netfilter Upstream OpenWrt 24.10 and later uses nftables by default. Bridge filtering is not really needed anymore. This should also prevent unnecessary chain dependencies getting built like like `kmod-ipt-ipopt`. Signed-off-by: Sean Khan --- qca-mcs/Makefile | 5 ++--- qca-nss-clients/Makefile | 2 +- qca-nss-ecm/Makefile | 6 ++---- qca-nss-ecm/files/qca-nss-ecm.init | 15 ++++++++++++--- qca-nss-ecm/files/qca-nss-ecm.uci | 1 - 5 files changed, 17 insertions(+), 12 deletions(-) diff --git a/qca-mcs/Makefile b/qca-mcs/Makefile index 06c973b..6c4a2b0 100644 --- a/qca-mcs/Makefile +++ b/qca-mcs/Makefile @@ -1,7 +1,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=qca-mcs -PKG_RELEASE:=1 +PKG_RELEASE:=2 PKG_SOURCE_URL:=https://git.codelinaro.org/clo/qsdk/oss/lklm/qca-mcs.git PKG_SOURCE_DATE:=2024-09-04 @@ -24,8 +24,7 @@ define KernelPackage/qca-mcs MAINTAINER:=Qualcomm Atheros, Inc. TITLE:=QCA Multicast Snooping Support DEPENDS:=+@KERNEL_IPV6_MROUTE +@KERNEL_IP_MROUTE - KCONFIG:=CONFIG_NETFILTER=y \ - CONFIG_BRIDGE_NETFILTER=y + KCONFIG:=CONFIG_NETFILTER=y FILES:=$(PKG_BUILD_DIR)/qca-mcs.ko AUTOLOAD:=$(call AutoLoad,41,qca-mcs) endef diff --git a/qca-nss-clients/Makefile b/qca-nss-clients/Makefile index 8dc0dc8..64487f8 100644 --- a/qca-nss-clients/Makefile +++ b/qca-nss-clients/Makefile @@ -468,7 +468,7 @@ define KernelPackage/qca-nss-drv-ovpn-mgr +kmod-qca-nss-drv \ +@NSS_DRV_QVPN_ENABLE \ +kmod-qca-nss-cfi-cryptoapi \ - +kmod-ipt-conntrack \ + +kmod-nf-conntrack \ +kmod-tun \ @BROKEN FILES:=$(PKG_BUILD_DIR)/openvpn/src/qca-nss-ovpn-mgr.ko diff --git a/qca-nss-ecm/Makefile b/qca-nss-ecm/Makefile index e5b371f..d7cba36 100644 --- a/qca-nss-ecm/Makefile +++ b/qca-nss-ecm/Makefile @@ -1,7 +1,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=qca-nss-ecm -PKG_RELEASE:=6 +PKG_RELEASE:=7 PKG_SOURCE_URL:=https://git.codelinaro.org/clo/qsdk/oss/lklm/qca-nss-ecm.git PKG_SOURCE_PROTO:=git @@ -42,9 +42,7 @@ define KernelPackage/qca-nss-ecm +PACKAGE_kmod-pppoe:kmod-pppol2tp TITLE:=QCA NSS Enhanced Connection Manager (ECM) FILES:=$(PKG_BUILD_DIR)/ecm.ko - KCONFIG:=CONFIG_BRIDGE_NETFILTER=y \ - CONFIG_NF_CONNTRACK_EVENTS=y \ - CONFIG_NF_CONNTRACK_DSCPREMARK_EXT=y + KCONFIG:=CONFIG_NF_CONNTRACK_DSCPREMARK_EXT=y endef define KernelPackage/qca-nss-ecm/Description diff --git a/qca-nss-ecm/files/qca-nss-ecm.init b/qca-nss-ecm/files/qca-nss-ecm.init index 8bc7977..8fc3379 100644 --- a/qca-nss-ecm/files/qca-nss-ecm.init +++ b/qca-nss-ecm/files/qca-nss-ecm.init @@ -29,9 +29,18 @@ sysctl_update() { value=${2//\//\\/} file=${3:-/etc/sysctl.d/qca-nss-ecm.conf} - sed -i -e '/^#\?\(\s*'"${name}"'\s*=\s*\).*/{s//\1'"${value}"'/;:a;n;ba;q}' \ - -e '$a'"${name}"'='"${value}" "${file}" - sysctl -w ${name}=${value} + if [ -r "/proc/sys/${name//./\/}" ]; then + sed -i -e '/^#\?\(\s*'"${name}"'\s*=\s*\).*/{s//\1'"${value}"'/;:a;n;ba;q}' \ + -e '$a'"${name}"'='"${value}" "${file}" + sysctl -w ${name}=${value} + else + # If the sysctl value is not available but it is found in the file, disable it to avoid + # sysctl throwing warnings + if grep -qE '^#?\s*'"${name}\s*?=" "${file}"; then + sed -i -e '/^#\?\(\s*'"${name}"'\s*=\s*\).*/{s//\#\1'"${value}"'/;:a;n;ba;q}' \ + -e '$a'"#${name}"'='"${value}" "${file}" + fi + fi } get_front_end_mode() { diff --git a/qca-nss-ecm/files/qca-nss-ecm.uci b/qca-nss-ecm/files/qca-nss-ecm.uci index b8c2ab2..d51246d 100644 --- a/qca-nss-ecm/files/qca-nss-ecm.uci +++ b/qca-nss-ecm/files/qca-nss-ecm.uci @@ -2,7 +2,6 @@ config ecm 'global' option acceleration_engine 'auto' config ecm 'general' - option enable_bridge_filtering '0' option disable_offloads '0' option disable_flow_control '0' option disable_interrupt_moderation '0'