summary refs log tree commit diff
diff options
context:
space:
mode:
authorFranz Pletz <fpletz@fnordicwalking.de>2017-01-22 17:09:24 +0100
committerFranz Pletz <fpletz@fnordicwalking.de>2017-01-25 00:28:55 +0100
commit403fdd737eb353734591ee59711f8c5d26ca4f90 (patch)
treeebf11e10c97e26c1e122b75a1db478606659ba73
parent4a914f2f9f9b2784d2bf78ee3cd56a7fd4e44e93 (diff)
downloadnixlib-403fdd737eb353734591ee59711f8c5d26ca4f90.tar
nixlib-403fdd737eb353734591ee59711f8c5d26ca4f90.tar.gz
nixlib-403fdd737eb353734591ee59711f8c5d26ca4f90.tar.bz2
nixlib-403fdd737eb353734591ee59711f8c5d26ca4f90.tar.lz
nixlib-403fdd737eb353734591ee59711f8c5d26ca4f90.tar.xz
nixlib-403fdd737eb353734591ee59711f8c5d26ca4f90.tar.zst
nixlib-403fdd737eb353734591ee59711f8c5d26ca4f90.zip
linux: remove canDisableNetfilterConntrackHelpers feature
This feature is available in all kernels in nixpkgs.
Diffstat
-rw-r--r--nixos/modules/services/networking/firewall.nix3
-rw-r--r--pkgs/os-specific/linux/kernel/linux-3.10.nix1
-rw-r--r--pkgs/os-specific/linux/kernel/linux-3.12.nix1
-rw-r--r--pkgs/os-specific/linux/kernel/linux-3.18.nix1
-rw-r--r--pkgs/os-specific/linux/kernel/linux-4.1.nix1
-rw-r--r--pkgs/os-specific/linux/kernel/linux-4.4.nix1
-rw-r--r--pkgs/os-specific/linux/kernel/linux-4.9.nix1
-rw-r--r--pkgs/os-specific/linux/kernel/linux-chromiumos-3.14.nix1
-rw-r--r--pkgs/os-specific/linux/kernel/linux-chromiumos-3.18.nix3
-rw-r--r--pkgs/os-specific/linux/kernel/linux-grsecurity.nix1
-rw-r--r--pkgs/os-specific/linux/kernel/linux-mptcp.nix1
-rw-r--r--pkgs/os-specific/linux/kernel/linux-rpi.nix1
-rw-r--r--pkgs/os-specific/linux/kernel/linux-testing.nix1
13 files changed, 1 insertions, 16 deletions
diff --git a/nixos/modules/services/networking/firewall.nix b/nixos/modules/services/networking/firewall.nix
index c251b52e03fd..0b0ee57cf7ad 100644
--- a/nixos/modules/services/networking/firewall.nix
+++ b/nixos/modules/services/networking/firewall.nix
@@ -41,7 +41,6 @@ let
   kernelPackages = config.boot.kernelPackages;
 
   kernelHasRPFilter = kernelPackages.kernel.features.netfilterRPFilter or false;
-  kernelCanDisableHelpers = kernelPackages.kernel.features.canDisableNetfilterConntrackHelpers or false;
 
   helpers =
     ''
@@ -512,8 +511,6 @@ in
 
     assertions = [ { assertion = (cfg.checkReversePath != false) || kernelHasRPFilter;
                      message = "This kernel does not support rpfilter"; }
-                   { assertion = cfg.autoLoadConntrackHelpers || kernelCanDisableHelpers;
-                     message = "This kernel does not support disabling conntrack helpers"; }
                  ];
 
     systemd.services.firewall = {
diff --git a/pkgs/os-specific/linux/kernel/linux-3.10.nix b/pkgs/os-specific/linux/kernel/linux-3.10.nix
index 3e6bd51cc475..42546b0262e6 100644
--- a/pkgs/os-specific/linux/kernel/linux-3.10.nix
+++ b/pkgs/os-specific/linux/kernel/linux-3.10.nix
@@ -14,6 +14,5 @@ import ./generic.nix (args // rec {
   features.iwlwifi = true;
   features.efiBootStub = true;
   features.needsCifsUtils = true;
-  features.canDisableNetfilterConntrackHelpers = true;
   features.netfilterRPFilter = true;
 })
diff --git a/pkgs/os-specific/linux/kernel/linux-3.12.nix b/pkgs/os-specific/linux/kernel/linux-3.12.nix
index 95ca51a972e9..9a0f314c2465 100644
--- a/pkgs/os-specific/linux/kernel/linux-3.12.nix
+++ b/pkgs/os-specific/linux/kernel/linux-3.12.nix
@@ -14,6 +14,5 @@ import ./generic.nix (args // rec {
   features.iwlwifi = true;
   features.efiBootStub = true;
   features.needsCifsUtils = true;
-  features.canDisableNetfilterConntrackHelpers = true;
   features.netfilterRPFilter = true;
 })
diff --git a/pkgs/os-specific/linux/kernel/linux-3.18.nix b/pkgs/os-specific/linux/kernel/linux-3.18.nix
index 5ecfdefa97d8..acfd08f2af3e 100644
--- a/pkgs/os-specific/linux/kernel/linux-3.18.nix
+++ b/pkgs/os-specific/linux/kernel/linux-3.18.nix
@@ -14,6 +14,5 @@ import ./generic.nix (args // rec {
   features.iwlwifi = true;
   features.efiBootStub = true;
   features.needsCifsUtils = true;
-  features.canDisableNetfilterConntrackHelpers = true;
   features.netfilterRPFilter = true;
 } // (args.argsOverride or {}))
diff --git a/pkgs/os-specific/linux/kernel/linux-4.1.nix b/pkgs/os-specific/linux/kernel/linux-4.1.nix
index fd171eae0012..9c7354024ada 100644
--- a/pkgs/os-specific/linux/kernel/linux-4.1.nix
+++ b/pkgs/os-specific/linux/kernel/linux-4.1.nix
@@ -14,6 +14,5 @@ import ./generic.nix (args // rec {
   features.iwlwifi = true;
   features.efiBootStub = true;
   features.needsCifsUtils = true;
-  features.canDisableNetfilterConntrackHelpers = true;
   features.netfilterRPFilter = true;
 } // (args.argsOverride or {}))
diff --git a/pkgs/os-specific/linux/kernel/linux-4.4.nix b/pkgs/os-specific/linux/kernel/linux-4.4.nix
index 0eb87a8dd9e2..bec31549ae3c 100644
--- a/pkgs/os-specific/linux/kernel/linux-4.4.nix
+++ b/pkgs/os-specific/linux/kernel/linux-4.4.nix
@@ -14,6 +14,5 @@ import ./generic.nix (args // rec {
   features.iwlwifi = true;
   features.efiBootStub = true;
   features.needsCifsUtils = true;
-  features.canDisableNetfilterConntrackHelpers = true;
   features.netfilterRPFilter = true;
 } // (args.argsOverride or {}))
diff --git a/pkgs/os-specific/linux/kernel/linux-4.9.nix b/pkgs/os-specific/linux/kernel/linux-4.9.nix
index 54c67901f503..dba02330380a 100644
--- a/pkgs/os-specific/linux/kernel/linux-4.9.nix
+++ b/pkgs/os-specific/linux/kernel/linux-4.9.nix
@@ -14,6 +14,5 @@ import ./generic.nix (args // rec {
   features.iwlwifi = true;
   features.efiBootStub = true;
   features.needsCifsUtils = true;
-  features.canDisableNetfilterConntrackHelpers = true;
   features.netfilterRPFilter = true;
 } // (args.argsOverride or {}))
diff --git a/pkgs/os-specific/linux/kernel/linux-chromiumos-3.14.nix b/pkgs/os-specific/linux/kernel/linux-chromiumos-3.14.nix
index 72d7cd1fba0a..c8e189dcbfcb 100644
--- a/pkgs/os-specific/linux/kernel/linux-chromiumos-3.14.nix
+++ b/pkgs/os-specific/linux/kernel/linux-chromiumos-3.14.nix
@@ -16,7 +16,6 @@ import ./generic.nix (args // rec {
   features.iwlwifi = true;
   features.efiBootStub = true;
   features.needsCifsUtils = true;
-  features.canDisableNetfilterConntrackHelpers = true;
   features.netfilterRPFilter = true;
   features.chromiumos = true;
 } // (args.argsOverride or {}))
diff --git a/pkgs/os-specific/linux/kernel/linux-chromiumos-3.18.nix b/pkgs/os-specific/linux/kernel/linux-chromiumos-3.18.nix
index 4be81409ee1e..b80c9acd659e 100644
--- a/pkgs/os-specific/linux/kernel/linux-chromiumos-3.18.nix
+++ b/pkgs/os-specific/linux/kernel/linux-chromiumos-3.18.nix
@@ -16,9 +16,8 @@ import ./generic.nix (args // rec {
   features.iwlwifi = true;
   features.efiBootStub = true;
   features.needsCifsUtils = true;
-  features.canDisableNetfilterConntrackHelpers = true;
   features.netfilterRPFilter = true;
   features.chromiumos = true;
-  
+
   extraMeta.hydraPlatforms = [];
 } // (args.argsOverride or {}))
diff --git a/pkgs/os-specific/linux/kernel/linux-grsecurity.nix b/pkgs/os-specific/linux/kernel/linux-grsecurity.nix
index 8a71a771c4fc..7b725f4e4395 100644
--- a/pkgs/os-specific/linux/kernel/linux-grsecurity.nix
+++ b/pkgs/os-specific/linux/kernel/linux-grsecurity.nix
@@ -14,6 +14,5 @@ import ./generic.nix (args // rec {
   features.iwlwifi = true;
   features.efiBootStub = true;
   features.needsCifsUtils = true;
-  features.canDisableNetfilterConntrackHelpers = true;
   features.netfilterRPFilter = true;
 } // (args.argsOverride or {}))
diff --git a/pkgs/os-specific/linux/kernel/linux-mptcp.nix b/pkgs/os-specific/linux/kernel/linux-mptcp.nix
index a037343751ca..e533670014b3 100644
--- a/pkgs/os-specific/linux/kernel/linux-mptcp.nix
+++ b/pkgs/os-specific/linux/kernel/linux-mptcp.nix
@@ -46,6 +46,5 @@ import ./generic.nix (args // rec {
   features.iwlwifi = true;
   features.efiBootStub = true;
   features.needsCifsUtils = true;
-  features.canDisableNetfilterConntrackHelpers = true;
   features.netfilterRPFilter = true;
 } // (args.argsOverride or {}))
diff --git a/pkgs/os-specific/linux/kernel/linux-rpi.nix b/pkgs/os-specific/linux/kernel/linux-rpi.nix
index f41c53da5a68..e50a6c802326 100644
--- a/pkgs/os-specific/linux/kernel/linux-rpi.nix
+++ b/pkgs/os-specific/linux/kernel/linux-rpi.nix
@@ -17,7 +17,6 @@ stdenv.lib.overrideDerivation (import ./generic.nix (args // rec {
 
   features.iwlwifi = true;
   features.needsCifsUtils = true;
-  features.canDisableNetfilterConntrackHelpers = true;
   features.netfilterRPFilter = true;
 
   extraMeta.hydraPlatforms = [];
diff --git a/pkgs/os-specific/linux/kernel/linux-testing.nix b/pkgs/os-specific/linux/kernel/linux-testing.nix
index 8f18febdf0df..1778f3439039 100644
--- a/pkgs/os-specific/linux/kernel/linux-testing.nix
+++ b/pkgs/os-specific/linux/kernel/linux-testing.nix
@@ -13,7 +13,6 @@ import ./generic.nix (args // rec {
   features.iwlwifi = true;
   features.efiBootStub = true;
   features.needsCifsUtils = true;
-  features.canDisableNetfilterConntrackHelpers = true;
   features.netfilterRPFilter = true;
 
   # Should the testing kernels ever be built on Hydra?
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-07-13 05:12:48 +0000