git.baikalelectronics.ru Git - kernel.git/commit

author	Pablo Neira Ayuso <pablo@netfilter.org>
	Mon, 11 Aug 2014 16:21:49 +0000 (18:21 +0200)
committer	Pablo Neira Ayuso <pablo@netfilter.org>
	Mon, 18 Aug 2014 19:55:54 +0000 (21:55 +0200)
commit	23ae31e65aeb9f3c558047c428812b78eff803f7
tree	1992aa7bef7373354a096519378a4ceba73ee97d	tree \| snapshot
parent	83a7bf972a9e192c293b765ac6954828dd777be3	commit \| diff

netfilter: move NAT Kconfig switches out of the iptables scope

Currently, the NAT configs depend on iptables and ip6tables. However,
users should be capable of enabling NAT for nft without having to
switch on iptables.

Fix this by adding new specific IP_NF_NAT and IP6_NF_NAT config
switches for iptables and ip6tables NAT support. I have also moved
the original NF_NAT_IPV4 and NF_NAT_IPV6 configs out of the scope
of iptables to make them independent of it.

This patch also adds NETFILTER_XT_NAT which selects the xt_nat
combo that provides snat/dnat for iptables. We cannot use NF_NAT
anymore since nf_tables can select this.

Reported-by: Matteo Croce <technoboy85@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

net/ipv4/netfilter/Kconfig		diff \| blob \| history
net/ipv4/netfilter/Makefile		diff \| blob \| history
net/ipv6/netfilter/Kconfig		diff \| blob \| history
net/ipv6/netfilter/Makefile		diff \| blob \| history
net/netfilter/Makefile		diff \| blob \| history