On 24 August 2014 15:28, Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx> wrote: > On Fri, Aug 22, 2014 at 08:01:12PM +0200, Pablo Neira Ayuso wrote: >> On Thu, Aug 21, 2014 at 12:49:33PM +0200, Rafał Miłecki wrote: >> > Few days ago I updated my 3.16 to 3.17-rc1 (both self compiled) and I >> > was using it until I noticed my machine doesn't respond to pings. I >> > rebooted to 3.16 and it was working again. >> > >> > I bisected between 3.16 and 3.17-rc1 but it has failed. After all I >> > got 3.16 not working anymore as well. >> > >> > It took me few hours to find the one to blame: >> > CONFIG_NETFILTER_XT_TARGET_LOG. After moving my config from 3.16 to >> > 3.17-rc1 CONFIG_NETFILTER_XT_TARGET_LOG got disabled because of two >> > new dependencies: NF_LOG_IPV4 && NF_LOG_IPV6. >> > >> > It would be nice if you could try to use "select" instead of "depends >> > on" in such cases in the future. I bet fix my problem would be trivial >> > since the beginning, but end-users may spent hours or days tracking >> > such things :( >> >> Sorry for that Kconfig problem. Please, have a look at the attached >> patch and confirm that it fixes the problem. At quick glance I think >> it's safe to use select in this case. > > I'm just looking at this again. > > We cannot select NF_LOG_IPV6. This is going to break if IPV6 is not > enabled. > > I can just relax this to avoid the dependency with NF_LOG_IPV4 and > NF_LOG_IPV6 so CONFIG_NETFILTER_XT_TARGET_LOG will be still selected > if not NF_LOG_IP* is set (see patch attached). > > However, those new modules are really required to get this working, if > they are not present, iptables ... -j LOG will fail with -ENOENT since > the protocol logger won't be available. Well, with the attached patch, after moving from 3.16 to 3.17-rc1+ I get: CONFIG_NETFILTER_XT_TARGET_LOG=m # CONFIG_NF_LOG_IPV4 is not set I've just noticed there used to be "select"s, but they were removed in c1878869c0c8e0def3df5397155f369442ce4e06 netfilter: fix several Kconfig problems in NF_LOG_* Could this be solved with some conditional select-s? Something like a: select NF_LOG select NF_LOG_IPV4 select NF_LOG_IPV6 if IPV6 maybe? -- Rafał -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
