xt_socket: checks for the state of nf_conntrack
authorLaszlo Attila Toth <panther@balabit.hu>
Fri, 1 May 2009 22:23:10 +0000 (15:23 -0700)
committerDavid S. Miller <davem@davemloft.net>
Fri, 1 May 2009 22:23:10 +0000 (15:23 -0700)
xt_socket can use connection tracking, and checks whether it is a module.

Signed-off-by: Laszlo Attila Toth <panther@balabit.hu>
Signed-off-by: David S. Miller <davem@davemloft.net>
net/netfilter/Kconfig

index 881203c4a142738bbf6e090272f853c7999e389c..cb3ad741ebf878f2131e557b84d055a0bfbbe4ac 100644 (file)
@@ -837,6 +837,7 @@ config NETFILTER_XT_MATCH_SOCKET
        depends on NETFILTER_TPROXY
        depends on NETFILTER_XTABLES
        depends on NETFILTER_ADVANCED
+       depends on !NF_CONNTRACK || NF_CONNTRACK
        select NF_DEFRAG_IPV4
        help
          This option adds a `socket' match, which can be used to match