From: Florian Westphal <fw@strlen.de>
To: Jakub Kicinski <kuba@kernel.org>
Cc: Pablo Neira Ayuso <pablo@netfilter.org>,
fw@strlen.de, netfilter-devel@vger.kernel.org,
davem@davemloft.net, netdev@vger.kernel.org, pabeni@redhat.com,
edumazet@google.com, horms@kernel.org
Subject: Re: [PATCH net-next,v2 0/7] Netfilter updates for net-next
Date: Fri, 25 Apr 2025 19:59:22 +0200 [thread overview]
Message-ID: <20250425175922.GA26506@breakpoint.cc> (raw)
In-Reply-To: <20250425091854.4b5964fd@kernel.org>
Jakub Kicinski <kuba@kernel.org> wrote:
> On Thu, 24 Apr 2025 23:14:48 +0200 Pablo Neira Ayuso wrote:
> > v2: including fixes from Florian to address selftest issues
> > and a fix for set element count and type.
>
> Thanks, appreciated! All our networking tests now pass, but there
> seems to still be some breakage on the BPF side, so
> tools/testing/selftests/bpf/config needs touching up.
>
> I suppose while addressing the RT problem you're trying to move
> straggles off from the legacy stuff to nft? Which I'm entirely
> sympathetic to. But I'm worried that not everybody will be, and
> there's plenty of defconfigs which include iptables:
>
> $ git grep CONFIG_IP_NF_IPTABLES= | wc -l
> 54
Pablo, lets toss the relevant patch and try again later.
I have no idea how to make this work the way we want it to
without converting all "selects" to "depends on" clauses as in the patch.
diff --git a/net/ipv4/netfilter/Kconfig b/net/ipv4/netfilter/Kconfig
--- a/net/ipv4/netfilter/Kconfig
+++ b/net/ipv4/netfilter/Kconfig
@@ -14,6 +14,7 @@ config NF_DEFRAG_IPV4
config IP_NF_IPTABLES_LEGACY
tristate "Legacy IP tables support"
default n
+ depends on !PREEMPT_RT
select NETFILTER_XTABLES
help
... will not work, you just get a "Unmet direct dependencies" warning.
prev parent reply other threads:[~2025-04-25 17:59 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-04-24 21:14 [PATCH net-next,v2 0/7] Netfilter updates for net-next Pablo Neira Ayuso
2025-04-24 21:14 ` [PATCH net-next 1/7] netfilter: xt_IDLETIMER: convert timeouts to secs_to_jiffies() Pablo Neira Ayuso
2025-04-24 21:14 ` [PATCH net-next 2/7] netfilter: xt_cgroup: Make it independent from net_cls Pablo Neira Ayuso
2025-04-24 21:14 ` [PATCH net-next 3/7] net: cgroup: Guard users of sock_cgroup_classid() Pablo Neira Ayuso
2025-04-24 21:14 ` [PATCH net-next 4/7] netfilter: Exclude LEGACY TABLES on PREEMPT_RT Pablo Neira Ayuso
2025-04-24 21:14 ` [PATCH net-next 5/7] netfilter: conntrack: Remove redundant NFCT_ALIGN call Pablo Neira Ayuso
2025-04-24 21:14 ` [PATCH net-next 6/7] docs: tproxy: fix formatting for nft code block Pablo Neira Ayuso
2025-04-24 21:14 ` [PATCH net-next 7/7] netfilter: nf_tables: export set count and backend name to userspace Pablo Neira Ayuso
2025-04-25 16:18 ` [PATCH net-next,v2 0/7] Netfilter updates for net-next Jakub Kicinski
2025-04-25 17:59 ` Florian Westphal [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20250425175922.GA26506@breakpoint.cc \
--to=fw@strlen.de \
--cc=davem@davemloft.net \
--cc=edumazet@google.com \
--cc=horms@kernel.org \
--cc=kuba@kernel.org \
--cc=netdev@vger.kernel.org \
--cc=netfilter-devel@vger.kernel.org \
--cc=pabeni@redhat.com \
--cc=pablo@netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.