| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20240126201308.2903602-1-kuba@kernel.org> Date: Fri, 26 Jan 2024 12:13:08 -0800 From: Jakub Kicinski <kuba@...nel.org> To: davem@...emloft.net Cc: netdev@...r.kernel.org, edumazet@...gle.com, pabeni@...hat.com, Jakub Kicinski <kuba@...nel.org>, shuah@...nel.org, linux-kselftest@...r.kernel.org Subject: [PATCH net] selftests: net: add missing config for nftables-backed iptables Modern OSes use iptables implementation with nf_tables as a backend, e.g.: $ iptables -V iptables v1.8.8 (nf_tables) Pablo points out that we need CONFIG_NFT_COMPAT to make that work, otherwise we see a lot of: Warning: Extension DNAT revision 0 not supported, missing kernel module? with DNAT being just an example here, other modules we need include udp, TTL, length etc. Signed-off-by: Jakub Kicinski <kuba@...nel.org> --- Location for new entry chosen based on `sort --version-sort`. CC: shuah@...nel.org CC: linux-kselftest@...r.kernel.org --- tools/testing/selftests/net/config | 1 + 1 file changed, 1 insertion(+) diff --git a/tools/testing/selftests/net/config b/tools/testing/selftests/net/config index 413ab9abcf1b..ba56f231e109 100644 --- a/tools/testing/selftests/net/config +++ b/tools/testing/selftests/net/config @@ -59,6 +59,7 @@ CONFIG_NET_SCH_HTB=m CONFIG_NET_SCH_FQ=m CONFIG_NET_SCH_ETF=m CONFIG_NET_SCH_NETEM=y +CONFIG_NFT_COMPAT=m CONFIG_NF_FLOW_TABLE=m CONFIG_PSAMPLE=m CONFIG_TCP_MD5SIG=y -- 2.43.0
Powered by blists - more mailing lists