[linux-yocto] [PATCH 10/17] netfilter: drop CONFIG_NF_CONNTRACK_PROC_COMPAT
Anuj Mittal
anuj.mittal at intel.com
Wed Aug 29 21:28:40 PDT 2018
From: Bruce Ashfield <bruce.ashfield at windriver.com>
Upstream commit adf05168 has removed this option:
commit adf0516845bcd0e626323c858ece28ee58c74455
Author: Pablo Neira Ayuso <pablo at netfilter.org>
Date: Fri Aug 12 13:47:06 2016 +0200
netfilter: remove ip_conntrack* sysctl compat code
This backward compatibility has been around for more than ten years,
since Yasuyuki Kozakai introduced IPv6 in conntrack. These days, we have
alternate /proc/net/nf_conntrack* entries, the ctnetlink interface and
the conntrack utility got adopted by many people in the user community
according to what I observed on the netfilter user mailing list.
So let's get rid of this.
Note that nf_conntrack_htable_size and unsigned int nf_conntrack_max do
not need to be exported as symbol anymore.
Signed-off-by: Pablo Neira Ayuso <pablo at netfilter.org>
Signed-off-by: Bruce Ashfield <bruce.ashfield at windriver.com>
---
features/netfilter/netfilter.cfg | 1 -
1 file changed, 1 deletion(-)
diff --git a/features/netfilter/netfilter.cfg b/features/netfilter/netfilter.cfg
index 66cc63e2..6497b0ea 100644
--- a/features/netfilter/netfilter.cfg
+++ b/features/netfilter/netfilter.cfg
@@ -69,7 +69,6 @@ CONFIG_NETFILTER_XT_MATCH_U32=m
CONFIG_NF_DEFRAG_IPV4=m
CONFIG_NF_CONNTRACK_IPV4=m
CONFIG_NF_CONNTRACK_IPV6=m
-CONFIG_NF_CONNTRACK_PROC_COMPAT=y
CONFIG_IP_NF_IPTABLES=m
CONFIG_IP_NF_MATCH_AH=m
CONFIG_IP_NF_MATCH_ECN=m
--
2.17.1
More information about the linux-yocto
mailing list