x86/64: Iptables seems to lack support for cgroup v2

FS#3574
Adding cgroup support enables adding rules on processes
to limit resources in terms of iptable policies

Signed-off-by: Supriya Mane <sm.supriya@globaledgesoft.com>

diff --git a/include/netfilter.mk b/include/netfilter.mk
index 60f031e9a71232d698a9457a3b9aefa98a9f2671..45e9dadf85fb260b5a22fefab6d0080f1ce7089f 100644 (file)
--- a/include/netfilter.mk
+++ b/include/netfilter.mk
@@ -94,6 +94,7 @@ $(eval $(call nf_add,IPT_EXTRA,CONFIG_NETFILTER_XT_MATCH_ADDRTYPE, $(if $(NF_KMO
 $(eval $(call nf_add,IPT_EXTRA,CONFIG_NETFILTER_XT_MATCH_OWNER, $(P_XT)xt_owner))
 $(eval $(call nf_add,IPT_EXTRA,CONFIG_NETFILTER_XT_MATCH_PKTTYPE, $(P_XT)xt_pkttype))
 $(eval $(call nf_add,IPT_EXTRA,CONFIG_NETFILTER_XT_MATCH_QUOTA, $(P_XT)xt_quota))
+$(eval $(call nf_add,IPT_EXTRA,CONFIG_NETFILTER_XT_MATCH_CGROUP, $(P_XT)xt_cgroup))
 
 #$(eval $(call nf_add,IPT_EXTRA,CONFIG_IP_NF_TARGET_ROUTE, $(P_V4)ipt_ROUTE))