nftables uses nfnl_[un]lock() and thus depends on CONFIG_NETFILTER_NETLINK.
It's not possible to have nftables built-in when CONFIG_NETFILTER_NETLINK is set
to m.
I also add a dependancy between NETFILTER_XTABLES and NFT_COMPAT instead of
automatically set NETFILTER_XTABLES when NFT_COMPAT is set. This is to avoid a
circular dependency:
net/netfilter/Kconfig:432:error: recursive dependency detected!
net/netfilter/Kconfig:432: symbol NF_TABLES depends on NETFILTER_NETLINK
net/netfilter/Kconfig:4: symbol NETFILTER_NETLINK is selected by NETFILTER_NETLINK_ACCT
net/netfilter/Kconfig:7: symbol NETFILTER_NETLINK_ACCT is selected by NETFILTER_XT_MATCH_NFACCT
net/netfilter/Kconfig:1087: symbol NETFILTER_XT_MATCH_NFACCT depends on NETFILTER_XTABLES
net/netfilter/Kconfig:425: symbol NETFILTER_XTABLES is selected by NFT_COMPAT
net/netfilter/Kconfig:478: symbol NFT_COMPAT depends on NF_TABLES
Signed-off-by: Nicolas Dichtel <nicolas.dichtel@xxxxxxxxx>
---
v2: fix circular dependency
net/netfilter/Kconfig | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/net/netfilter/Kconfig b/net/netfilter/Kconfig
index 7d1c3c0..903275e 100644
--- a/net/netfilter/Kconfig
+++ b/net/netfilter/Kconfig
@@ -430,6 +430,7 @@ config NETFILTER_XTABLES
ip6_tables or arp_tables.
config NF_TABLES
+ depends on NETFILTER_NETLINK
tristate "Netfilter nf_tables support"
config NFT_PAYLOAD
@@ -476,7 +477,7 @@ config NFT_NAT
config NFT_COMPAT
depends on NF_TABLES
- select NETFILTER_XTABLES
+ depends on NETFILTER_XTABLES
tristate "Netfilter x_tables over nf_tables module"
help
This is required if you intend to use any of existing
--
1.8.0.1
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
