[Devel] [PATCH RH7] ve/netfilter/ipset: allow modules autoload
Pavel Tikhomirov
ptikhomirov at virtuozzo.com
Mon Jun 6 07:43:57 PDT 2016
I forgot to allow in CT autoload of needed modules, so do:
ip_set_list_set
ip_set_hash_netiface
ip_set_hash_ipportnet
ip_set_hash_netport
ip_set_hash_net
ip_set_hash_ipportip
ip_set_hash_ipport
ip_set_hash_ip
ip_set_bitmap_port
ip_set_bitmap_ipmac
ip_set_bitmap_ip
ip_set
https://jira.sw.ru/browse/PSBM-46102
Signed-off-by: Pavel Tikhomirov <ptikhomirov at virtuozzo.com>
---
kernel/kmod.c | 14 ++++++++++++++
1 file changed, 14 insertions(+)
diff --git a/kernel/kmod.c b/kernel/kmod.c
index 4e53fef..5e5c2c6 100644
--- a/kernel/kmod.c
+++ b/kernel/kmod.c
@@ -403,6 +403,20 @@ static const char * const ve0_allowed_mod[] = {
/* netlink_diag */
"net-pf-16-proto-4-type-16", /* PF_NETLINK, NETLINK_SOCK_DIAG, AF_NETLINK */
+
+ /* ip_set */
+ "nfnetlink-subsys-6", /* NFNL_SUBSYS_IPSET */
+ "ip_set_bitmap:ip",
+ "ip_set_bitmap:ip,mac",
+ "ip_set_bitmap:port",
+ "ip_set_hash:ip",
+ "ip_set_hash:ip,port",
+ "ip_set_hash:ip,port,ip",
+ "ip_set_hash:net",
+ "ip_set_hash:net,port",
+ "ip_set_hash:ip,port,net",
+ "ip_set_hash:net,iface",
+ "ip_set_list:set",
};
/*
--
2.5.5
More information about the Devel
mailing list