On Mon, 14 Dec 2015, Pablo Neira Ayuso wrote: > On Mon, Dec 14, 2015 at 09:47:31PM +0100, Jozsef Kadlecsik wrote: > > diff --git a/net/ipv4/netfilter/Kconfig b/net/ipv4/netfilter/Kconfig > > index a355841..a1dfd23 100644 > > --- a/net/ipv4/netfilter/Kconfig > > +++ b/net/ipv4/netfilter/Kconfig > > @@ -12,6 +12,7 @@ config NF_DEFRAG_IPV4 > > config NF_CONNTRACK_IPV4 > > tristate "IPv4 connection tracking support (required for NAT)" > > depends on NF_CONNTRACK > > + default NETFILTER_XT_MATCH_CONNTRACK > > I know of some people already giving a try to compiling nftables only > kernels, I think this would create an unnecessary dependency. > > > default m if NETFILTER_ADVANCED=n > > select NF_DEFRAG_IPV4 > > ---help--- It don't see why would it be a dependency for nftables only kernels. In that case NETFILTER_XT_MATCH_CONNTRACK is set to "n", so the default would be the same as currently and just right. Best regards, Jozsef - E-mail : kadlec@xxxxxxxxxxxxxxxxx, kadlecsik.jozsef@xxxxxxxxxxxxx PGP key : http://www.kfki.hu/~kadlec/pgp_public_key.txt Address : Wigner Research Centre for Physics, Hungarian Academy of Sciences H-1525 Budapest 114, POB. 49, Hungary -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
