Changeset 43587


Ignore:
Timestamp:
2014-12-09T12:01:49+01:00 (3 years ago)
Author:
nbd
Message:

kernel: add a patch to make netfilter conntrack cache routing information

Significantly improves routing / NAT performance

Signed-off-by: Felix Fietkau <nbd@…>

Location:
trunk
Files:
2 added
9 edited

Legend:

Unmodified
Added
Removed
  • trunk/include/netfilter.mk

    r43318 r43587  
    6767# kernel only 
    6868$(eval $(if $(NF_KMOD),$(call nf_add,NF_CONNTRACK,CONFIG_NF_CONNTRACK, $(P_XT)nf_conntrack),)) 
     69$(eval $(if $(NF_KMOD),$(call nf_add,NF_CONNTRACK,CONFIG_NF_CONNTRACK_RTCACHE, $(P_XT)nf_conntrack_rtcache),)) 
    6970$(eval $(if $(NF_KMOD),$(call nf_add,NF_CONNTRACK,CONFIG_NF_DEFRAG_IPV4, $(P_V4)nf_defrag_ipv4),)) 
    7071$(eval $(if $(NF_KMOD),$(call nf_add,NF_CONNTRACK,CONFIG_NF_CONNTRACK_IPV4, $(P_V4)nf_conntrack_ipv4),)) 
  • trunk/target/linux/generic/patches-3.14/250-netfilter_depends.patch

    r39789 r43587  
    11--- a/net/netfilter/Kconfig 
    22+++ b/net/netfilter/Kconfig 
    3 @@ -195,7 +195,6 @@ config NF_CONNTRACK_FTP 
     3@@ -207,7 +207,6 @@ config NF_CONNTRACK_FTP 
    44  
    55 config NF_CONNTRACK_H323 
     
    99        help 
    1010          H.323 is a VoIP signalling protocol from ITU-T. As one of the most 
    11 @@ -871,7 +870,6 @@ config NETFILTER_XT_TARGET_SECMARK 
     11@@ -883,7 +882,6 @@ config NETFILTER_XT_TARGET_SECMARK 
    1212  
    1313 config NETFILTER_XT_TARGET_TCPMSS 
  • trunk/target/linux/generic/patches-3.14/600-netfilter_layer7_2.22.patch

    r43564 r43587  
    11--- a/net/netfilter/Kconfig 
    22+++ b/net/netfilter/Kconfig 
    3 @@ -1345,6 +1345,27 @@ config NETFILTER_XT_MATCH_STATE 
     3@@ -1357,6 +1357,27 @@ config NETFILTER_XT_MATCH_STATE 
    44  
    55          To compile it as a module, choose M here.  If unsure, say N. 
     
    3131--- a/net/netfilter/Makefile 
    3232+++ b/net/netfilter/Makefile 
    33 @@ -158,6 +158,7 @@ obj-$(CONFIG_NETFILTER_XT_MATCH_RECENT)  
     33@@ -161,6 +161,7 @@ obj-$(CONFIG_NETFILTER_XT_MATCH_RECENT)  
    3434 obj-$(CONFIG_NETFILTER_XT_MATCH_SCTP) += xt_sctp.o 
    3535 obj-$(CONFIG_NETFILTER_XT_MATCH_SOCKET) += xt_socket.o 
  • trunk/target/linux/generic/patches-3.14/603-netfilter_layer7_2.6.36_fix.patch

    r39789 r43587  
    11--- a/net/netfilter/Kconfig 
    22+++ b/net/netfilter/Kconfig 
    3 @@ -1151,6 +1151,27 @@ config NETFILTER_XT_MATCH_L2TP 
     3@@ -1163,6 +1163,27 @@ config NETFILTER_XT_MATCH_L2TP 
    44  
    55        To compile it as a module, choose M here. If unsure, say N. 
     
    2929        tristate '"length" match support' 
    3030        depends on NETFILTER_ADVANCED 
    31 @@ -1345,26 +1366,11 @@ config NETFILTER_XT_MATCH_STATE 
     31@@ -1357,26 +1378,11 @@ config NETFILTER_XT_MATCH_STATE 
    3232  
    3333          To compile it as a module, choose M here.  If unsure, say N. 
  • trunk/target/linux/generic/patches-3.14/615-netfilter_add_xt_id_match.patch

    r43564 r43587  
    2222--- a/net/netfilter/Kconfig 
    2323+++ b/net/netfilter/Kconfig 
    24 @@ -1121,6 +1121,13 @@ config NETFILTER_XT_MATCH_IPCOMP 
     24@@ -1133,6 +1133,13 @@ config NETFILTER_XT_MATCH_IPCOMP 
    2525  
    2626          To compile it as a module, choose M here.  If unsure, say N. 
     
    3838--- a/net/netfilter/Makefile 
    3939+++ b/net/netfilter/Makefile 
    40 @@ -136,6 +136,7 @@ obj-$(CONFIG_NETFILTER_XT_MATCH_ESP) +=  
     40@@ -139,6 +139,7 @@ obj-$(CONFIG_NETFILTER_XT_MATCH_ESP) +=  
    4141 obj-$(CONFIG_NETFILTER_XT_MATCH_HASHLIMIT) += xt_hashlimit.o 
    4242 obj-$(CONFIG_NETFILTER_XT_MATCH_HELPER) += xt_helper.o 
  • trunk/target/linux/generic/patches-3.18/250-netfilter_depends.patch

    r43093 r43587  
    11--- a/net/netfilter/Kconfig 
    22+++ b/net/netfilter/Kconfig 
    3 @@ -198,7 +198,6 @@ config NF_CONNTRACK_FTP 
     3@@ -210,7 +210,6 @@ config NF_CONNTRACK_FTP 
    44  
    55 config NF_CONNTRACK_H323 
     
    99        help 
    1010          H.323 is a VoIP signalling protocol from ITU-T. As one of the most 
    11 @@ -895,7 +894,6 @@ config NETFILTER_XT_TARGET_SECMARK 
     11@@ -907,7 +906,6 @@ config NETFILTER_XT_TARGET_SECMARK 
    1212  
    1313 config NETFILTER_XT_TARGET_TCPMSS 
  • trunk/target/linux/generic/patches-3.18/600-netfilter_layer7_2.22.patch

    r43578 r43587  
    11--- a/net/netfilter/Kconfig 
    22+++ b/net/netfilter/Kconfig 
    3 @@ -1369,6 +1369,27 @@ config NETFILTER_XT_MATCH_STATE 
     3@@ -1381,6 +1381,27 @@ config NETFILTER_XT_MATCH_STATE 
    44  
    55          To compile it as a module, choose M here.  If unsure, say N. 
     
    3131--- a/net/netfilter/Makefile 
    3232+++ b/net/netfilter/Makefile 
    33 @@ -162,6 +162,7 @@ obj-$(CONFIG_NETFILTER_XT_MATCH_RECENT) 
     33@@ -165,6 +165,7 @@ obj-$(CONFIG_NETFILTER_XT_MATCH_RECENT)  
    3434 obj-$(CONFIG_NETFILTER_XT_MATCH_SCTP) += xt_sctp.o 
    3535 obj-$(CONFIG_NETFILTER_XT_MATCH_SOCKET) += xt_socket.o 
  • trunk/target/linux/generic/patches-3.18/603-netfilter_layer7_2.6.36_fix.patch

    r43093 r43587  
    11--- a/net/netfilter/Kconfig 
    22+++ b/net/netfilter/Kconfig 
    3 @@ -1175,6 +1175,27 @@ config NETFILTER_XT_MATCH_L2TP 
     3@@ -1187,6 +1187,27 @@ config NETFILTER_XT_MATCH_L2TP 
    44  
    55        To compile it as a module, choose M here. If unsure, say N. 
     
    2929        tristate '"length" match support' 
    3030        depends on NETFILTER_ADVANCED 
    31 @@ -1369,26 +1390,11 @@ config NETFILTER_XT_MATCH_STATE 
     31@@ -1381,26 +1402,11 @@ config NETFILTER_XT_MATCH_STATE 
    3232  
    3333          To compile it as a module, choose M here.  If unsure, say N. 
  • trunk/target/linux/generic/patches-3.18/615-netfilter_add_xt_id_match.patch

    r43578 r43587  
    2222--- a/net/netfilter/Kconfig 
    2323+++ b/net/netfilter/Kconfig 
    24 @@ -1145,6 +1145,13 @@ config NETFILTER_XT_MATCH_IPCOMP 
     24@@ -1157,6 +1157,13 @@ config NETFILTER_XT_MATCH_IPCOMP 
    2525  
    2626          To compile it as a module, choose M here.  If unsure, say N. 
     
    3838--- a/net/netfilter/Makefile 
    3939+++ b/net/netfilter/Makefile 
    40 @@ -140,6 +140,7 @@ obj-$(CONFIG_NETFILTER_XT_MATCH_ESP) += 
     40@@ -143,6 +143,7 @@ obj-$(CONFIG_NETFILTER_XT_MATCH_ESP) +=  
    4141 obj-$(CONFIG_NETFILTER_XT_MATCH_HASHLIMIT) += xt_hashlimit.o 
    4242 obj-$(CONFIG_NETFILTER_XT_MATCH_HELPER) += xt_helper.o 
Note: See TracChangeset for help on using the changeset viewer.