Hello Florian,
On Thu, Aug 29, 2024 at 06:25:12PM +0200, Florian Westphal wrote:
> Breno Leitao <leitao@xxxxxxxxxx> wrote:
> > This option makes IP6_NF_IPTABLES_LEGACY user selectable, giving
> > users the option to configure iptables without enabling any other
> > config.
>
> I don't get it.
>
> IP(6)_NF_IPTABLES_LEGACY without iptable_filter, mangle etc.
> is useless,
Correct. We need to have iptable_filter, mangle, etc available.
I would like to have ip6_tables as built-in
(IP(6)_NF_IPTABLES_LEGACY=y), all the other tables built as modules.
So, I am used to a configure similar to the following (before
a9525c7f6219c ("netfilter: xtables: allow xtables-nft only builds"))
CONFIG_IP6_NF_IPTABLES=y
CONFIG_IP6_NF_MANGLE=m
CONFIG_IP6_NF_RAW=m
...
After a9525c7f6219c ("netfilter: xtables: allow xtables-nft only
builds"), the same configuration is not possible anymore, because
CONFIG_IP6_NF_IPTABLES is not user selectable anymore, thus, in order to
set it as built-in (=y), I need to set the tables as =y.
Sorry for not being clear before, and thanks for reviewing it.
--breno
