- NFT_SOCKET selected NF_SOCKET based on the wrong criterion. IPV6 itself does not guarantee that ipv6 functionality is available in nft. - NETFILTER_XT_MATCH_SOCKET now selects NF_SOCKET NF_SOCKET is not good for anything alone, so dependency is inapproproiate. Signed-off-by: Máté Eckl <ecklm94@xxxxxxxxx> --- net/netfilter/Kconfig | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/net/netfilter/Kconfig b/net/netfilter/Kconfig index dbd7d1fad277..8abcefb8b418 100644 --- a/net/netfilter/Kconfig +++ b/net/netfilter/Kconfig @@ -626,7 +626,7 @@ config NFT_SOCKET tristate "Netfilter nf_tables socket match support" depends on IPV6 || IPV6=n select NF_SOCKET_IPV4 - select NF_SOCKET_IPV6 if IPV6 + select NF_SOCKET_IPV6 if NF_TABLES_IPV6 help This option allows matching for the presence or absence of a corresponding socket and its attributes. @@ -1492,8 +1492,8 @@ config NETFILTER_XT_MATCH_SOCKET depends on NETFILTER_ADVANCED depends on IPV6 || IPV6=n depends on IP6_NF_IPTABLES || IP6_NF_IPTABLES=n - depends on NF_SOCKET_IPV4 - depends on NF_SOCKET_IPV6 + select NF_SOCKET_IPV4 + select NF_SOCKET_IPV6 if IP6_NF_IPTABLES select NF_DEFRAG_IPV4 select NF_DEFRAG_IPV6 if IP6_NF_IPTABLES != n help -- ecklm -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
