Hi, Love the ip_set features - any chance that you might provide the
code (or possibly just instructions?) to build into the kernel in a
non-modular fashion? (for 2.6.38 and earlier)
I was able to successfully achieve just that with version 4.5 and kernel
2.6.35 (kernel compiled from source, of course). If you have ipset 4.5
there is a nifty script called patch_kernel in the kernel/ directory
which does the donkey work for you - i.e. copying the necessary files to
the kernel source directory and adjust the appropriate kernel Kbuild and
Makefile(s).
What is left to be done by you then is to run "make oldconfig" (or amend
the ipset kernel options manually, if you wish) and adjust the ipset
kernel options so that all ipset files are included in the kernel, not
as modules (in other words, set all ipset-related kernel options to "y"
as oppose to "m").
In version 6 and above, the job is a tad more difficult as I am not sure
you can build the ipset objects as part of the kernel - I have
successfully built them as modules (as part of the kernel compilation),
but have not tried to include them as part of the kernel itself - I am
waiting for Jozsef to fix the bug I found in v6.3 and I will then
upgrade all my systems to that version (I am still on 4.5 at present).
Good luck!
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
