diff options
| author | Jan Engelhardt <jengelh@medozas.de> | 2010-02-26 14:20:32 +0100 |
|---|---|---|
| committer | Patrick McHardy <kaber@trash.net> | 2010-03-17 15:48:36 +0100 |
| commit | b8f00ba27e4acc4a2224360ce3aa8a22354434c5 (patch) | |
| tree | 60b9e536bc19ba6d4ddacd4bac5ebec1da9dc1d7 /net/netfilter/Kconfig | |
| parent | 28b949885f80efb87d7cebdcf879c99db12c37bd (diff) | |
| download | linux-b8f00ba27e4acc4a2224360ce3aa8a22354434c5.tar.bz2 | |
netfilter: xtables: merge xt_CONNMARK into xt_connmark
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
Diffstat (limited to 'net/netfilter/Kconfig')
| -rw-r--r-- | net/netfilter/Kconfig | 39 |
1 files changed, 22 insertions, 17 deletions
diff --git a/net/netfilter/Kconfig b/net/netfilter/Kconfig index 236aa20ce5cc..8550dfde7804 100644 --- a/net/netfilter/Kconfig +++ b/net/netfilter/Kconfig @@ -331,6 +331,18 @@ config NETFILTER_XT_MARK "Use netfilter MARK value as routing key") and can also be used by other subsystems to change their behavior. +config NETFILTER_XT_CONNMARK + tristate 'ctmark target and match support' + depends on NF_CONNTRACK + depends on NETFILTER_ADVANCED + select NF_CONNTRACK_MARK + ---help--- + This option adds the "CONNMARK" target and "connmark" match. + + Netfilter allows you to store a mark value per connection (a.k.a. + ctmark), similarly to the packet mark (nfmark). Using this + target and match, you can set and match on this mark. + # alphabetically ordered list of targets comment "Xtables targets" @@ -351,15 +363,11 @@ config NETFILTER_XT_TARGET_CONNMARK tristate '"CONNMARK" target support' depends on NF_CONNTRACK depends on NETFILTER_ADVANCED - select NF_CONNTRACK_MARK - help - This option adds a `CONNMARK' target, which allows one to manipulate - the connection mark value. Similar to the MARK target, but - affects the connection mark value rather than the packet mark value. - - If you want to compile it as a module, say M here and read - <file:Documentation/kbuild/modules.txt>. The module will be called - ipt_CONNMARK. If unsure, say `N'. + select NETFILTER_XT_CONNMARK + ---help--- + This is a backwards-compat option for the user's convenience + (e.g. when running oldconfig). It selects + CONFIG_NETFILTER_XT_CONNMARK (combined connmark/CONNMARK module). config NETFILTER_XT_TARGET_CONNSECMARK tristate '"CONNSECMARK" target support' @@ -621,14 +629,11 @@ config NETFILTER_XT_MATCH_CONNMARK tristate '"connmark" connection mark match support' depends on NF_CONNTRACK depends on NETFILTER_ADVANCED - select NF_CONNTRACK_MARK - help - This option adds a `connmark' match, which allows you to match the - connection mark value previously set for the session by `CONNMARK'. - - If you want to compile it as a module, say M here and read - <file:Documentation/kbuild/modules.txt>. The module will be called - ipt_connmark. If unsure, say `N'. + select NETFILTER_XT_CONNMARK + ---help--- + This is a backwards-compat option for the user's convenience + (e.g. when running oldconfig). It selects + CONFIG_NETFILTER_XT_CONNMARK (combined connmark/CONNMARK module). config NETFILTER_XT_MATCH_CONNTRACK tristate '"conntrack" connection tracking match support' |