Hi,
On Wed, Sep 03, 2014 at 10:17:24PM +0200, Paul Bolle wrote:
> Hi Pablo,
>
> Your commit 8993cf8edf42 ("netfilter: move NAT Kconfig switches out of
> the iptables scope") just landed in linux-next (ie, in next-20140903).
> It claims to add NETFILTER_XT_NAT.
>
> That commit does add two select statements for NETFILTER_XT_NAT, and a
> Makefile line checking for NETFILTER_XT_NAT. But it does not add the
> actual Kconfig symbol NETFILTER_XT_NAT. This is a bit confusing. Do you
> know what may have happened here?
We never had so far a way to enable/disable the xt_nat targets from
Kconfig, before this patch that was controled by CONFIG_NF_NAT which
is a global switch to enable/disable NAT.
With that patch, the idea is that users still get the {S,D}NAT target
if the IPv4/IPv6 iptables NAT tables are enabled (thus the two select
statements) when jumping from old kernel config to new ones.
I can introduce a new explicit switch for NETFILTER_XT_NAT in Kconfig
for this if you consider that less confusing, it's something we didn't
have so far though. Please, let me know if I'm overlooking something
incorrect, thanks.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
