Upstream commits
cc41c84b7e7f ("netfilter: kill the fake untracked
conntrack objects") and
ab8bc7ed864b ("netfilter: remove
nf_ct_is_untracked") removed the 'untracked' conntrack objects and
functions. The latter commit removes the usage of nf_ct_is_untracked()
from OVS. However, older kernels still have a representation of
'untracked' CT objects so the code needs to remain until the kernel
support is bumped to Linux 4.12 or newer. Introduce a macro to detect
this symbol and wrap these lines in the macro check.
Signed-off-by: Joe Stringer <joe@ovn.org>
Acked-by: Greg Rose <gvrose8192@gmail.com>
[OVS_DEFINE([HAVE_NF_CT_GET_TUPLEPR_TAKES_STRUCT_NET])])
OVS_GREP_IFELSE([$KSRC/include/net/netfilter/nf_conntrack.h],
[nf_ct_set])
+ OVS_GREP_IFELSE([$KSRC/include/net/netfilter/nf_conntrack.h],
+ [nf_ct_is_untracked])
OVS_GREP_IFELSE([$KSRC/include/net/netfilter/nf_conntrack_zones.h],
[nf_ct_zone_init])
OVS_GREP_IFELSE([$KSRC/include/net/netfilter/nf_conntrack_labels.h],
enum nf_nat_manip_type maniptype;
int err;
+#ifdef HAVE_NF_CT_IS_UNTRACKED
if (nf_ct_is_untracked(ct)) {
/* A NAT action may only be performed on tracked packets. */
return NF_ACCEPT;
}
+#endif /* HAVE_NF_CT_IS_UNTRACKED */
/* Add NAT extension if not confirmed yet. */
if (!nf_ct_is_confirmed(ct) && !nf_ct_nat_ext_add(ct))
projects / ovs.git / commitdiff