[NETFILTER]: fixed dependencies between modules related with ip_conntrack

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

- IP_NF_CONNTRACK_MARK is bool and depends on only IP_NF_CONNTRACK
which is tristate. If a variable depends on IP_NF_CONNTRACK_MARK and
doesn't care about IP_NF_CONNTRACK, it can be y. This must be avoided.
- IP_NF_CT_ACCT has same problem.
- IP_NF_TARGET_CLUSTERIP also depends on IP_NF_MANGLE.

Signed-off-by: Yasuyuki Kozakai <yasuyuki.kozakai@toshiba.co.jp>
Signed-off-by: Harald Welte <laforge@netfilter.org>
Signed-off-by: David S. Miller <davem@davemloft.net>

authored by

Yasuyuki Kozakai and committed by

David S. Miller 20 years ago 2b8f2ff6 c9e53cbe

+5 -5

1 changed file

expand all

net

ipv4

netfilter

Kconfig

+5 -5

net/ipv4/netfilter/Kconfig

··· 440 440 config IP_NF_MATCH_CONNMARK 441 441 tristate 'Connection mark match support' 442 442 depends on IP_NF_IPTABLES 443 - depends on IP_NF_CONNTRACK_MARK || (NF_CONNTRACK_MARK && NF_CONNTRACK_IPV4) 443 + depends on (IP_NF_CONNTRACK && IP_NF_CONNTRACK_MARK) || (NF_CONNTRACK_MARK && NF_CONNTRACK_IPV4) 444 444 help 445 445 This option adds a `connmark' match, which allows you to match the 446 446 connection mark value previously set for the session by `CONNMARK'. ··· 452 452 config IP_NF_MATCH_CONNBYTES 453 453 tristate 'Connection byte/packet counter match support' 454 454 depends on IP_NF_IPTABLES 455 - depends on IP_NF_CT_ACCT || (NF_CT_ACCT && NF_CONNTRACK_IPV4) 455 + depends on (IP_NF_CONNTRACK && IP_NF_CT_ACCT) || (NF_CT_ACCT && NF_CONNTRACK_IPV4) 456 456 help 457 457 This option adds a `connbytes' match, which allows you to match the 458 458 number of bytes and/or packets for each direction within a connection. ··· 767 767 config IP_NF_TARGET_CONNMARK 768 768 tristate 'CONNMARK target support' 769 769 depends on IP_NF_MANGLE 770 - depends on IP_NF_CONNTRACK_MARK || (NF_CONNTRACK_MARK && NF_CONNTRACK_IPV4) 770 + depends on (IP_NF_CONNTRACK && IP_NF_CONNTRACK_MARK) || (NF_CONNTRACK_MARK && NF_CONNTRACK_IPV4) 771 771 help 772 772 This option adds a `CONNMARK' target, which allows one to manipulate 773 773 the connection mark value. Similar to the MARK target, but ··· 779 779 780 780 config IP_NF_TARGET_CLUSTERIP 781 781 tristate "CLUSTERIP target support (EXPERIMENTAL)" 782 - depends on IP_NF_IPTABLES && EXPERIMENTAL 783 - depends on IP_NF_CONNTRACK_MARK || (NF_CONNTRACK_MARK && NF_CONNTRACK_IPV4) 782 + depends on IP_NF_MANGLE && EXPERIMENTAL 783 + depends on (IP_NF_CONNTRACK && IP_NF_CONNTRACK_MARK) || (NF_CONNTRACK_MARK && NF_CONNTRACK_IPV4) 784 784 help 785 785 The CLUSTERIP target allows you to build load-balancing clusters of 786 786 network servers without having a dedicated load-balancing