| Message ID | 20240126201308.2903602-1-kuba@kernel.org (mailing list archive) |
|---|---|
| State | Accepted |
| Commit | 59c93583491ab15db109f9902524d241c4fa4c0b |
| Headers | show |
| Series | [net] selftests: net: add missing config for nftables-backed iptables | expand |
Hello: This patch was applied to netdev/net.git (main) by Jakub Kicinski <kuba@kernel.org>: On Fri, 26 Jan 2024 12:13:08 -0800 you wrote: > Modern OSes use iptables implementation with nf_tables as a backend, > e.g.: > > $ iptables -V > iptables v1.8.8 (nf_tables) > > Pablo points out that we need CONFIG_NFT_COMPAT to make that work, > otherwise we see a lot of: > > [...] Here is the summary with links: - [net] selftests: net: add missing config for nftables-backed iptables https://git.kernel.org/netdev/net/c/59c93583491a You are awesome, thank you!
diff --git a/tools/testing/selftests/net/config b/tools/testing/selftests/net/config index 413ab9abcf1b..ba56f231e109 100644 --- a/tools/testing/selftests/net/config +++ b/tools/testing/selftests/net/config @@ -59,6 +59,7 @@ CONFIG_NET_SCH_HTB=m CONFIG_NET_SCH_FQ=m CONFIG_NET_SCH_ETF=m CONFIG_NET_SCH_NETEM=y +CONFIG_NFT_COMPAT=m CONFIG_NF_FLOW_TABLE=m CONFIG_PSAMPLE=m CONFIG_TCP_MD5SIG=y
Modern OSes use iptables implementation with nf_tables as a backend, e.g.: $ iptables -V iptables v1.8.8 (nf_tables) Pablo points out that we need CONFIG_NFT_COMPAT to make that work, otherwise we see a lot of: Warning: Extension DNAT revision 0 not supported, missing kernel module? with DNAT being just an example here, other modules we need include udp, TTL, length etc. Signed-off-by: Jakub Kicinski <kuba@kernel.org> --- Location for new entry chosen based on `sort --version-sort`. CC: shuah@kernel.org CC: linux-kselftest@vger.kernel.org --- tools/testing/selftests/net/config | 1 + 1 file changed, 1 insertion(+)