A lot of the netfilter kernel features selected here get effectively disabled if NETFILTER_XTABLES_LEGACY is not enabled. In many cases nftables/xtables userspace tooling can replace iptables, but there may be gaps which are not tested. Hence enable the legacy support for now.
Signed-off-by: Mikko Rapeli <[email protected]> --- features/netfilter/netfilter.cfg | 2 ++ 1 file changed, 2 insertions(+) diff --git a/features/netfilter/netfilter.cfg b/features/netfilter/netfilter.cfg index 7f76c92c425d..57ffd0373a41 100644 --- a/features/netfilter/netfilter.cfg +++ b/features/netfilter/netfilter.cfg @@ -37,6 +37,8 @@ CONFIG_NETFILTER_XT_TARGET_MARK=m CONFIG_NETFILTER_XT_TARGET_NFLOG=m CONFIG_NETFILTER_XT_TARGET_NFQUEUE=m # CONFIG_NETFILTER_XT_TARGET_NOTRACK is not set + +CONFIG_NETFILTER_XTABLES_LEGACY=y CONFIG_NETFILTER_XT_TARGET_TRACE=m CONFIG_NETFILTER_XT_TARGET_TCPMSS=m CONFIG_NETFILTER_XT_MATCH_COMMENT=m -- 2.34.1
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#16154): https://lists.yoctoproject.org/g/linux-yocto/message/16154 Mute This Topic: https://lists.yoctoproject.org/mt/117176773/21656 Group Owner: [email protected] Unsubscribe: https://lists.yoctoproject.org/g/linux-yocto/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
