From 4d8ba6038db4455c0b03bac017f501c10442bcf6 Mon Sep 17 00:00:00 2001 From: Josef Schlehofer <josef.schlehofer@nic.cz> Date: Wed, 27 Jul 2022 17:47:56 +0200 Subject: [PATCH] patches/openwrt: 5.15: backport latest version of firewall --- ...022-firewall-update-it-to-2022-02-17.patch | 50 +++++++++++++++++++ 1 file changed, 50 insertions(+) create mode 100644 patches/openwrt/5.15-kernel-configuration/0022-firewall-update-it-to-2022-02-17.patch diff --git a/patches/openwrt/5.15-kernel-configuration/0022-firewall-update-it-to-2022-02-17.patch b/patches/openwrt/5.15-kernel-configuration/0022-firewall-update-it-to-2022-02-17.patch new file mode 100644 index 000000000..238dd52f9 --- /dev/null +++ b/patches/openwrt/5.15-kernel-configuration/0022-firewall-update-it-to-2022-02-17.patch @@ -0,0 +1,50 @@ +From 36171d816ebaf318b6939459744c3802a2a0a3ef Mon Sep 17 00:00:00 2001 +From: Josef Schlehofer <pepe.schlehofer@gmail.com> +Date: Wed, 27 Jul 2022 17:45:47 +0200 +Subject: [PATCH] firewall: update it to 2022-02-17 + +It includes important fix for kernel 5.15+: +https://git.openwrt.org/?p=project/firewall3.git;a=commit;h=3624c3786601699b6e7f9d18209fad0d7c6fe4e9 + +Fixes: +https://forum.turris.cz/t/hbl-5-15-kernel-upgrade-blocks-all-internet-traffic-from-clients/17419/11 +--- + package/network/config/firewall/Makefile | 12 +++++++----- + 1 file changed, 7 insertions(+), 5 deletions(-) + +diff --git a/package/network/config/firewall/Makefile b/package/network/config/firewall/Makefile +index 9ae7c06573..e4a3ad97f7 100644 +--- a/package/network/config/firewall/Makefile ++++ b/package/network/config/firewall/Makefile +@@ -9,13 +9,13 @@ + include $(TOPDIR)/rules.mk + + PKG_NAME:=firewall +-PKG_RELEASE:=1.1 ++PKG_RELEASE:=3 + + PKG_SOURCE_PROTO:=git + PKG_SOURCE_URL=$(PROJECT_GIT)/project/firewall3.git +-PKG_SOURCE_DATE:=2021-03-23 +-PKG_SOURCE_VERSION:=61db17edddb1f05e8107f0dbef6f7d060ce67483 +-PKG_MIRROR_HASH:=b2eb09816640e14e2dae21fb54ea05c33858fe0004844fe8d99e541a2e19e9c0 ++PKG_SOURCE_DATE:=2022-02-17 ++PKG_SOURCE_VERSION:=4cd7d4f36bea731bf901cb067456f1d460294926 ++PKG_MIRROR_HASH:=ce9e8ac1bcf22afbb0a80c3da1a8e8e887851299681097e3dfbfc347f2c4c80f + PKG_MAINTAINER:=Jo-Philipp Wich <jo@mein.io> + PKG_LICENSE:=ISC + +@@ -28,7 +28,9 @@ define Package/firewall + SECTION:=net + CATEGORY:=Base system + TITLE:=OpenWrt C Firewall +- DEPENDS:=+libubox +libubus +libuci +libip4tc +IPV6:libip6tc +libxtables +kmod-ipt-core +kmod-ipt-conntrack +IPV6:kmod-nf-conntrack6 +kmod-ipt-nat ++ DEPENDS:=+libubox +libubus +libuci +libip4tc +IPV6:libip6tc +libiptext +IPV6:libiptext6 +libxtables +kmod-ipt-core +kmod-ipt-conntrack +IPV6:kmod-nf-conntrack6 +kmod-ipt-nat ++ PROVIDES:=uci-firewall ++ CONFLICTS:=firewall4 + endef + + define Package/firewall/description +-- +2.34.1 + -- GitLab