Patrick McHardy wrote: > Al Boldi wrote: > > Make NF_CONNTRACK_IPV4 and NF_CONNTRACK_IPV6 select > > NF_CONNTRACK_ENABLED. > > One thought that occured to me after the last of many false bugreports > that were actually caused by failure to configure the new options > properly. Most people know they want NF_CONNTRACK (and its selected by > default with old configs), what they're missing is that they now also > need to select IPv4 connection tracking. So what would really make sense > is to make NF_CONNTRACK_IPV4 default to "m" (and really *everyone* > using conntrack wants this). But with your proposed change this would > default to selecting NF_CONNTRACK by default, which I'm not so sure > is a good idea.
Making NF_CONNTRACK_IPV4 default to "m" would select NF_CONNTRACK to "m" if it hasn't been selected by the user to be "y", which seems reasonable. > So I'm leaning towards just using "m" as default for > IPv4 conntrack to save people trouble and myself some bugreports, but > I also like your simplification ... I was also planning to submit another patch to make all netfilter childoptions options default to their parent, i.e: NF_CONNTRACK_FTP would default NF_CONNTRACK. This could be one big Kconfig time-saver. > Maybe we can do something to have the NF_CONNTRACK_ENABLED option select > NF_CONNTRACK_IPV4 (which really is what we actually want) and combine > that with automatic selection of NF_CONNTRACK? I believe the only case > with negative impact would be people that currently use only IPv6 > connection tracking, which is most likely nobody. I think that wouldn't be advisable, as this would add an unnecessary dependency. But of course, it's your call... Thanks! -- Al - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
