This patch set updates iptables to the latest-and-greatest, adding IPv6 NAT support in the process. With great power comes great web-slinging abilities, or at least, systematic destruction of end-to-end connectivity. Try not to ruin the IPv6 Internet.
The IPv6 NAT is a little bit funny in terms of how the build environment seems to treat it; I've found that because the IPv4 NAT targets get built in, so too do the matching IPv6 ones, unfortunately I haven't probed deep enough into the scripting to determine why, but no doubt someone more familiar with it than I can trivially adjust this anyway. Linux 2.4 multiport compatibility (or rather, nuking entire chunks of code that provides help) went out the window, so it does now have help, but presumably won't work on 2.4. I bumped my ar71xx Makefile to 3.7 and threw the image onto my WNDR3800. It Works For Me(tm), YMMV. OMG! WTF? BBQ. Signed-off-by: Oliver Smith <oli...@8.c.9.b.0.7.4.0.1.0.0.2.ip6.arpa> Overall diffstat is below, each following patch has the relevant changes stated too. include/netfilter.mk | 11 +- package/kernel/modules/netfilter.mk | 20 +++ package/network/utils/iptables/Makefile | 78 ++++++++-- package/network/utils/iptables/patches/002-layer7_2.22.patch | 4 +- package/network/utils/iptables/patches/009-table-alignment.patch | 11 -- .../utils/iptables/patches/010-multiport-linux-2.4-compat.patch | 265 -------------------------------- package/network/utils/iptables/patches/011-recent-add-reap.patch | 116 -------------- .../network/utils/iptables/patches/020-iptables-disable-modprobe.patch | 10 +- package/network/utils/iptables/patches/030-no-libnfnetlink.patch | 26 ++-- .../iptables/patches/040-libip6t_DNPT-fix-wording-in-DNPT-target.patch | 75 +++++++++ .../patches/050-libip6t_DNAT-allow-port-DNAT-without-address.patch | 89 +++++++++++ .../051-libip6t_DNAT-set-ipv6-DNAT-to-destination-fix-DNAT_save.patch | 52 +++++++ .../iptables/patches/060-resolve-link-failure-for-ip6t_NETMAP.patch | 81 ++++++++++ .../utils/iptables/patches/070-iptables-1.4.17-fix-build-failure.patch | 14 ++ package/network/utils/iptables/patches/100-bash-location.patch | 14 +- package/network/utils/iptables/patches/110-linux_3.2_compat.patch | 12 -- package/network/utils/iptables/patches/200-configurable_builtin.patch | 40 +++-- package/network/utils/iptables/patches/300-musl_fixes.patch | 80 ++++++---- target/linux/generic/config-3.7 | 2 +- .../patches-3.7/615-netfilter-fix-ipv6-NPT-checksum-calculation.patch | 81 ++++++++++ 20 files changed, 589 insertions(+), 492 deletions(-) _______________________________________________ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
