keepalived: enable nftables filtering

Signed-off-by: Florian Eckert <redacted>

diff --git a/net/keepalived/Config.in b/net/keepalived/Config.in
index 0cddf09f35460f50361bf9e4c14d88a92674e83b..862398db12142905bf9b3013c73ec622ba2cd113 100644 (file)
--- a/net/keepalived/Config.in
+++ b/net/keepalived/Config.in
@@ -71,6 +71,15 @@ config KEEPALIVED_IPTABLES
                Builds support for using iptables/ipsets for filtering packets
                to VIPs
 
+config KEEPALIVED_NFTABLES
+       depends on KEEPALIVED_VRRP
+       bool
+       default y
+       prompt "Enable nftables for VIP filtering"
+       help
+               Builds support for using nftables for filtering packets
+               to VIPs
+
 config KEEPALIVED_SNMP_VRRP
        depends on KEEPALIVED_VRRP
        bool

diff --git a/net/keepalived/Makefile b/net/keepalived/Makefile
index ab77087b4487bc1a5f88e95f415fa4f0dd0ab376..2e288373ff6b59bc1c902b01ca525967ff8e51b3 100644 (file)
--- a/net/keepalived/Makefile
+++ b/net/keepalived/Makefile
@@ -22,6 +22,7 @@ PKG_MAINTAINER:=Ben Kelly <ben@benjii.net> \
                Florian Eckert <fe@dev.tdt.de>
 
 PKG_CONFIG_DEPENDS += \
+       KEEPALIVED_NFTABLES \
        KEEPALIVED_VRRP \
        KEEPALIVED_LVS \
        KEEPALIVED_IPTABLES \
@@ -62,6 +63,7 @@ define Package/keepalived
     +libnl-genl \
     +libmagic \
     +libkmod \
+    +KEEPALIVED_NFTABLES:libnftnl \
     +KEEPALIVED_VRRP:kmod-macvlan \
     +KEEPALIVED_VRRP:libnl-route \
     +KEEPALIVED_VRRP:libnfnetlink \
@@ -87,7 +89,6 @@ endef
 
 CONFIGURE_ARGS+= \
        --with-init=SYSV \
-       --disable-nftables \
        --disable-track-process \
        --runstatedir="/var/run"
 
@@ -113,6 +114,12 @@ endif
 
 
 ifeq ($(CONFIG_KEEPALIVED_VRRP),y)
+
+ifeq ($(CONFIG_KEEPALIVED_NFTABLES),)
+CONFIGURE_ARGS += \
+       --disable-nftables
+endif
+
 ifeq ($(CONFIG_KEEPALIVED_IPTABLES),)
 CONFIGURE_ARGS += \
        --disable-iptables