summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorChristian Poessinger <christian@poessinger.com>2021-08-26 20:13:45 +0200
committerChristian Poessinger <christian@poessinger.com>2021-08-26 20:13:45 +0200
commitd7baa0c527cc71a74872a32d250a6ccfa6480604 (patch)
treeed4629908ba451c6cb3374e4a69846534e02b8f9
parentf53e011ba4313e3437eb71a57801cf9bb339eb23 (diff)
downloadvyos-1x-d7baa0c527cc71a74872a32d250a6ccfa6480604.tar.gz
vyos-1x-d7baa0c527cc71a74872a32d250a6ccfa6480604.zip
nat: T3781: do not ship the nftables implementation - fallback to vyatta-nat
Migrate back to old iptables NAT implementation as we can not use nft which requires Kernel 5.10 for proper prefix translation support. Kernel 5.10 unfortunately breaks with Intel QAT :(
-rw-r--r--Makefile10
1 files changed, 10 insertions, 0 deletions
diff --git a/Makefile b/Makefile
index 65f0cfdf7..ce7b18e65 100644
--- a/Makefile
+++ b/Makefile
@@ -48,6 +48,11 @@ interface_definitions: $(config_xml_obj)
rm -f $(TMPL_DIR)/vpn/ipsec/node.def
rm -rf $(TMPL_DIR)/vpn/nipsec
+ # XXX: T3781: migrate back to old iptables NAT implementation as we can not use nft
+ # which requires Kernel 5.10 for proper prefix translation support. Kernel 5.10
+ # unfortunately breaks with Intel QAT :(
+ rm -rf $(TMPL_DIR)/nat
+
# XXX: required until OSPF and RIP is migrated from vyatta-cfg-quagga to vyos-1x
mkdir $(TMPL_DIR)/interfaces/loopback/node.tag/ipv6
mkdir $(TMPL_DIR)/interfaces/dummy/node.tag/ipv6
@@ -85,6 +90,11 @@ op_mode_definitions: $(op_xml_obj)
rm -f $(OP_TMPL_DIR)/show/system/node.def
rm -f $(OP_TMPL_DIR)/show/vpn/node.def
+ # XXX: T3781: migrate back to old iptables NAT implementation as we can not use nft
+ # which requires Kernel 5.10 for proper prefix translation support. Kernel 5.10
+ # unfortunately breaks with Intel QAT :(
+ rm -rf $(OP_TMPL_DIR)/show/nat
+
# XXX: ping must be able to recursivly call itself as the
# options are provided from the script itself
ln -s ../node.tag $(OP_TMPL_DIR)/ping/node.tag/node.tag/