| Message ID | 20200710125219.51150-2-paolo.pisati@canonical.com |
|---|---|
| State | New |
| Headers | show |
| Series | UBUNTU: [Config] kvm: enable nftables (and modules) | expand |
On 10/07/2020 13:52, Paolo Pisati wrote: > BugLink: https://bugs.launchpad.net/bugs/1881346 > > Signed-off-by: Paolo Pisati <paolo.pisati@canonical.com> > --- > debian.kvm/config/config.common.ubuntu | 51 +++++++++++++++++++++++++++++++++- > 1 file changed, 50 insertions(+), 1 deletion(-) > > diff --git a/debian.kvm/config/config.common.ubuntu b/debian.kvm/config/config.common.ubuntu > index affa1a3..43b3e9a 100644 > --- a/debian.kvm/config/config.common.ubuntu > +++ b/debian.kvm/config/config.common.ubuntu > @@ -1691,6 +1691,42 @@ CONFIG_NFS_V3=m > # CONFIG_NFS_V3_ACL is not set > # CONFIG_NFS_V4 is not set > # CONFIG_NFTL is not set > +CONFIG_NFT_BRIDGE_META=m > +CONFIG_NFT_BRIDGE_REJECT=m > +CONFIG_NFT_COMPAT=m > +CONFIG_NFT_CONNLIMIT=m > +CONFIG_NFT_COUNTER=m > +CONFIG_NFT_CT=m > +CONFIG_NFT_DUP_IPV4=m > +CONFIG_NFT_DUP_IPV6=m > +CONFIG_NFT_DUP_NETDEV=m > +CONFIG_NFT_FIB=m > +CONFIG_NFT_FIB_INET=m > +CONFIG_NFT_FIB_IPV4=m > +CONFIG_NFT_FIB_IPV6=m > +CONFIG_NFT_FIB_NETDEV=m > +CONFIG_NFT_FLOW_OFFLOAD=m > +CONFIG_NFT_FWD_NETDEV=m > +CONFIG_NFT_HASH=m > +CONFIG_NFT_LIMIT=m > +CONFIG_NFT_LOG=m > +CONFIG_NFT_MASQ=m > +CONFIG_NFT_NAT=m > +CONFIG_NFT_NUMGEN=m > +CONFIG_NFT_OBJREF=m > +CONFIG_NFT_OSF=m > +CONFIG_NFT_QUEUE=m > +CONFIG_NFT_QUOTA=m > +CONFIG_NFT_REDIR=m > +CONFIG_NFT_REJECT=m > +CONFIG_NFT_REJECT_INET=m > +CONFIG_NFT_REJECT_IPV4=m > +CONFIG_NFT_REJECT_IPV6=m > +CONFIG_NFT_SOCKET=m > +CONFIG_NFT_SYNPROXY=m > +CONFIG_NFT_TPROXY=m > +CONFIG_NFT_TUNNEL=m > +CONFIG_NFT_XFRM=m > CONFIG_NF_CONNTRACK=m > CONFIG_NF_CONNTRACK_AMANDA=m > # CONFIG_NF_CONNTRACK_BRIDGE is not set > @@ -1723,7 +1759,13 @@ CONFIG_NF_DEFRAG_IPV4=m > CONFIG_NF_DEFRAG_IPV6=m > CONFIG_NF_DUP_IPV4=m > CONFIG_NF_DUP_IPV6=m > +CONFIG_NF_DUP_NETDEV=m > +CONFIG_NF_FLOW_TABLE=m > +CONFIG_NF_FLOW_TABLE_INET=m > +CONFIG_NF_FLOW_TABLE_IPV4=m > +CONFIG_NF_FLOW_TABLE_IPV6=m > # CONFIG_NF_LOG_ARP is not set > +CONFIG_NF_LOG_BRIDGE=m > CONFIG_NF_LOG_COMMON=m > CONFIG_NF_LOG_IPV4=m > CONFIG_NF_LOG_IPV6=m > @@ -1743,7 +1785,14 @@ CONFIG_NF_REJECT_IPV4=m > CONFIG_NF_REJECT_IPV6=m > CONFIG_NF_SOCKET_IPV4=m > CONFIG_NF_SOCKET_IPV6=m > -# CONFIG_NF_TABLES is not set > +CONFIG_NF_TABLES=m > +CONFIG_NF_TABLES_ARP=y > +CONFIG_NF_TABLES_BRIDGE=m > +CONFIG_NF_TABLES_INET=y > +CONFIG_NF_TABLES_IPV4=y > +CONFIG_NF_TABLES_IPV6=y > +CONFIG_NF_TABLES_NETDEV=y > +CONFIG_NF_TABLES_SET=m > CONFIG_NF_TPROXY_IPV4=m > CONFIG_NF_TPROXY_IPV6=m > CONFIG_NILFS2_FS=m > The impact on boot performance is not noticeable, I'm happy with this. Acked-by: Colin Ian King <colin.king@canonical.com>
On 10.07.20 14:52, Paolo Pisati wrote: > BugLink: https://bugs.launchpad.net/bugs/1881346 > > Signed-off-by: Paolo Pisati <paolo.pisati@canonical.com> Acked-by: Stefan Bader <stefan.bader@canonical.com> > --- Bug reports should be nominated for the target series to make it simpler to double check submissions. I have added that for now. -Stefan > debian.kvm/config/config.common.ubuntu | 51 +++++++++++++++++++++++++++++++++- > 1 file changed, 50 insertions(+), 1 deletion(-) > > diff --git a/debian.kvm/config/config.common.ubuntu b/debian.kvm/config/config.common.ubuntu > index affa1a3..43b3e9a 100644 > --- a/debian.kvm/config/config.common.ubuntu > +++ b/debian.kvm/config/config.common.ubuntu > @@ -1691,6 +1691,42 @@ CONFIG_NFS_V3=m > # CONFIG_NFS_V3_ACL is not set > # CONFIG_NFS_V4 is not set > # CONFIG_NFTL is not set > +CONFIG_NFT_BRIDGE_META=m > +CONFIG_NFT_BRIDGE_REJECT=m > +CONFIG_NFT_COMPAT=m > +CONFIG_NFT_CONNLIMIT=m > +CONFIG_NFT_COUNTER=m > +CONFIG_NFT_CT=m > +CONFIG_NFT_DUP_IPV4=m > +CONFIG_NFT_DUP_IPV6=m > +CONFIG_NFT_DUP_NETDEV=m > +CONFIG_NFT_FIB=m > +CONFIG_NFT_FIB_INET=m > +CONFIG_NFT_FIB_IPV4=m > +CONFIG_NFT_FIB_IPV6=m > +CONFIG_NFT_FIB_NETDEV=m > +CONFIG_NFT_FLOW_OFFLOAD=m > +CONFIG_NFT_FWD_NETDEV=m > +CONFIG_NFT_HASH=m > +CONFIG_NFT_LIMIT=m > +CONFIG_NFT_LOG=m > +CONFIG_NFT_MASQ=m > +CONFIG_NFT_NAT=m > +CONFIG_NFT_NUMGEN=m > +CONFIG_NFT_OBJREF=m > +CONFIG_NFT_OSF=m > +CONFIG_NFT_QUEUE=m > +CONFIG_NFT_QUOTA=m > +CONFIG_NFT_REDIR=m > +CONFIG_NFT_REJECT=m > +CONFIG_NFT_REJECT_INET=m > +CONFIG_NFT_REJECT_IPV4=m > +CONFIG_NFT_REJECT_IPV6=m > +CONFIG_NFT_SOCKET=m > +CONFIG_NFT_SYNPROXY=m > +CONFIG_NFT_TPROXY=m > +CONFIG_NFT_TUNNEL=m > +CONFIG_NFT_XFRM=m > CONFIG_NF_CONNTRACK=m > CONFIG_NF_CONNTRACK_AMANDA=m > # CONFIG_NF_CONNTRACK_BRIDGE is not set > @@ -1723,7 +1759,13 @@ CONFIG_NF_DEFRAG_IPV4=m > CONFIG_NF_DEFRAG_IPV6=m > CONFIG_NF_DUP_IPV4=m > CONFIG_NF_DUP_IPV6=m > +CONFIG_NF_DUP_NETDEV=m > +CONFIG_NF_FLOW_TABLE=m > +CONFIG_NF_FLOW_TABLE_INET=m > +CONFIG_NF_FLOW_TABLE_IPV4=m > +CONFIG_NF_FLOW_TABLE_IPV6=m > # CONFIG_NF_LOG_ARP is not set > +CONFIG_NF_LOG_BRIDGE=m > CONFIG_NF_LOG_COMMON=m > CONFIG_NF_LOG_IPV4=m > CONFIG_NF_LOG_IPV6=m > @@ -1743,7 +1785,14 @@ CONFIG_NF_REJECT_IPV4=m > CONFIG_NF_REJECT_IPV6=m > CONFIG_NF_SOCKET_IPV4=m > CONFIG_NF_SOCKET_IPV6=m > -# CONFIG_NF_TABLES is not set > +CONFIG_NF_TABLES=m > +CONFIG_NF_TABLES_ARP=y > +CONFIG_NF_TABLES_BRIDGE=m > +CONFIG_NF_TABLES_INET=y > +CONFIG_NF_TABLES_IPV4=y > +CONFIG_NF_TABLES_IPV6=y > +CONFIG_NF_TABLES_NETDEV=y > +CONFIG_NF_TABLES_SET=m > CONFIG_NF_TPROXY_IPV4=m > CONFIG_NF_TPROXY_IPV6=m > CONFIG_NILFS2_FS=m >
diff --git a/debian.kvm/config/config.common.ubuntu b/debian.kvm/config/config.common.ubuntu index affa1a3..43b3e9a 100644 --- a/debian.kvm/config/config.common.ubuntu +++ b/debian.kvm/config/config.common.ubuntu @@ -1691,6 +1691,42 @@ CONFIG_NFS_V3=m # CONFIG_NFS_V3_ACL is not set # CONFIG_NFS_V4 is not set # CONFIG_NFTL is not set +CONFIG_NFT_BRIDGE_META=m +CONFIG_NFT_BRIDGE_REJECT=m +CONFIG_NFT_COMPAT=m +CONFIG_NFT_CONNLIMIT=m +CONFIG_NFT_COUNTER=m +CONFIG_NFT_CT=m +CONFIG_NFT_DUP_IPV4=m +CONFIG_NFT_DUP_IPV6=m +CONFIG_NFT_DUP_NETDEV=m +CONFIG_NFT_FIB=m +CONFIG_NFT_FIB_INET=m +CONFIG_NFT_FIB_IPV4=m +CONFIG_NFT_FIB_IPV6=m +CONFIG_NFT_FIB_NETDEV=m +CONFIG_NFT_FLOW_OFFLOAD=m +CONFIG_NFT_FWD_NETDEV=m +CONFIG_NFT_HASH=m +CONFIG_NFT_LIMIT=m +CONFIG_NFT_LOG=m +CONFIG_NFT_MASQ=m +CONFIG_NFT_NAT=m +CONFIG_NFT_NUMGEN=m +CONFIG_NFT_OBJREF=m +CONFIG_NFT_OSF=m +CONFIG_NFT_QUEUE=m +CONFIG_NFT_QUOTA=m +CONFIG_NFT_REDIR=m +CONFIG_NFT_REJECT=m +CONFIG_NFT_REJECT_INET=m +CONFIG_NFT_REJECT_IPV4=m +CONFIG_NFT_REJECT_IPV6=m +CONFIG_NFT_SOCKET=m +CONFIG_NFT_SYNPROXY=m +CONFIG_NFT_TPROXY=m +CONFIG_NFT_TUNNEL=m +CONFIG_NFT_XFRM=m CONFIG_NF_CONNTRACK=m CONFIG_NF_CONNTRACK_AMANDA=m # CONFIG_NF_CONNTRACK_BRIDGE is not set @@ -1723,7 +1759,13 @@ CONFIG_NF_DEFRAG_IPV4=m CONFIG_NF_DEFRAG_IPV6=m CONFIG_NF_DUP_IPV4=m CONFIG_NF_DUP_IPV6=m +CONFIG_NF_DUP_NETDEV=m +CONFIG_NF_FLOW_TABLE=m +CONFIG_NF_FLOW_TABLE_INET=m +CONFIG_NF_FLOW_TABLE_IPV4=m +CONFIG_NF_FLOW_TABLE_IPV6=m # CONFIG_NF_LOG_ARP is not set +CONFIG_NF_LOG_BRIDGE=m CONFIG_NF_LOG_COMMON=m CONFIG_NF_LOG_IPV4=m CONFIG_NF_LOG_IPV6=m @@ -1743,7 +1785,14 @@ CONFIG_NF_REJECT_IPV4=m CONFIG_NF_REJECT_IPV6=m CONFIG_NF_SOCKET_IPV4=m CONFIG_NF_SOCKET_IPV6=m -# CONFIG_NF_TABLES is not set +CONFIG_NF_TABLES=m +CONFIG_NF_TABLES_ARP=y +CONFIG_NF_TABLES_BRIDGE=m +CONFIG_NF_TABLES_INET=y +CONFIG_NF_TABLES_IPV4=y +CONFIG_NF_TABLES_IPV6=y +CONFIG_NF_TABLES_NETDEV=y +CONFIG_NF_TABLES_SET=m CONFIG_NF_TPROXY_IPV4=m CONFIG_NF_TPROXY_IPV6=m CONFIG_NILFS2_FS=m
BugLink: https://bugs.launchpad.net/bugs/1881346 Signed-off-by: Paolo Pisati <paolo.pisati@canonical.com> --- debian.kvm/config/config.common.ubuntu | 51 +++++++++++++++++++++++++++++++++- 1 file changed, 50 insertions(+), 1 deletion(-)