From: Breno Leitao <leitao@debian.org>
To: Florian Westphal <fw@strlen.de>
Cc: davem@davemloft.net, edumazet@google.com, kuba@kernel.org,
pabeni@redhat.com, Pablo Neira Ayuso <pablo@netfilter.org>,
Jozsef Kadlecsik <kadlec@netfilter.org>,
David Ahern <dsahern@kernel.org>,
rbc@meta.com, netdev@vger.kernel.org,
linux-kernel@vger.kernel.org, netfilter-devel@vger.kernel.org,
"open list:NETFILTER" <coreteam@netfilter.org>
Subject: Re: [PATCH nf-next v4 1/2] netfilter: Make IP6_NF_IPTABLES_LEGACY selectable
Date: Fri, 30 Aug 2024 05:45:54 -0700 [thread overview]
Message-ID: <ZtG/Ai88bIRFZZ6Y@gmail.com> (raw)
In-Reply-To: <20240829162512.GA14214@breakpoint.cc>
Hello Florian,
On Thu, Aug 29, 2024 at 06:25:12PM +0200, Florian Westphal wrote:
> Breno Leitao <leitao@debian.org> wrote:
> > This option makes IP6_NF_IPTABLES_LEGACY user selectable, giving
> > users the option to configure iptables without enabling any other
> > config.
>
> I don't get it.
>
> IP(6)_NF_IPTABLES_LEGACY without iptable_filter, mangle etc.
> is useless,
Correct. We need to have iptable_filter, mangle, etc available.
I would like to have ip6_tables as built-in
(IP(6)_NF_IPTABLES_LEGACY=y), all the other tables built as modules.
So, I am used to a configure similar to the following (before
a9525c7f6219c ("netfilter: xtables: allow xtables-nft only builds"))
CONFIG_IP6_NF_IPTABLES=y
CONFIG_IP6_NF_MANGLE=m
CONFIG_IP6_NF_RAW=m
...
After a9525c7f6219c ("netfilter: xtables: allow xtables-nft only
builds"), the same configuration is not possible anymore, because
CONFIG_IP6_NF_IPTABLES is not user selectable anymore, thus, in order to
set it as built-in (=y), I need to set the tables as =y.
Sorry for not being clear before, and thanks for reviewing it.
--breno
next prev parent reply other threads:[~2024-08-30 12:46 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-08-29 16:16 [PATCH nf-next v4 0/2] netfilter: Make IP_NF_IPTABLES_LEGACY selectable Breno Leitao
2024-08-29 16:16 ` [PATCH nf-next v4 1/2] netfilter: Make IP6_NF_IPTABLES_LEGACY selectable Breno Leitao
2024-08-29 16:25 ` Florian Westphal
2024-08-30 12:45 ` Breno Leitao [this message]
2024-08-30 13:13 ` Florian Westphal
2024-08-30 14:04 ` Breno Leitao
2024-08-30 14:09 ` Florian Westphal
2024-09-05 23:01 ` Pablo Neira Ayuso
2024-09-09 8:29 ` Breno Leitao
2024-08-29 16:16 ` [PATCH nf-next v4 2/2] netfilter: Make IP_NF_IPTABLES_LEGACY selectable Breno Leitao
2024-08-30 18:18 ` [PATCH nf-next v4 0/2] " Jakub Kicinski
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ZtG/Ai88bIRFZZ6Y@gmail.com \
--to=leitao@debian.org \
--cc=coreteam@netfilter.org \
--cc=davem@davemloft.net \
--cc=dsahern@kernel.org \
--cc=edumazet@google.com \
--cc=fw@strlen.de \
--cc=kadlec@netfilter.org \
--cc=kuba@kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=netdev@vger.kernel.org \
--cc=netfilter-devel@vger.kernel.org \
--cc=pabeni@redhat.com \
--cc=pablo@netfilter.org \
--cc=rbc@meta.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.