netfilter: xtables: disable 32bit compat interface by default

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

This defaulted to 'y' because before this knob existed the 32bit
compat layer was always compiled in if CONFIG_COMPAT was set.

32bit iptables on 64bit kernel isn't common anymore, so remove
the default-y now.

Signed-off-by: Florian Westphal <fw@strlen.de>

Florian Westphal 3 years ago bde7170a f6ca5d5e

-1

1 changed file

expand all

net

netfilter

Kconfig

-1

net/netfilter/Kconfig

··· 753 753 config NETFILTER_XTABLES_COMPAT 754 754 bool "Netfilter Xtables 32bit support" 755 755 depends on COMPAT 756 - default y 757 756 help 758 757 This option provides a translation layer to run 32bit arp,ip(6),ebtables 759 758 binaries on 64bit kernels.