Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next

[linux-2.6-block.git] / net / bridge / netfilter / Kconfig

diff --git a/net/bridge/netfilter/Kconfig b/net/bridge/netfilter/Kconfig
index 36a98d36d339021fa56330811328fb6a2e0b957b..154fa558bb90836928bb37e814e8e1c0a785edbf 100644 (file)
--- a/net/bridge/netfilter/Kconfig
+++ b/net/bridge/netfilter/Kconfig
@@ -9,6 +9,12 @@ menuconfig NF_TABLES_BRIDGE
        bool "Ethernet Bridge nf_tables support"
 
 if NF_TABLES_BRIDGE
+
+config NFT_BRIDGE_META
+       tristate "Netfilter nf_table bridge meta support"
+       help
+         Add support for bridge dedicated meta key.
+
 config NFT_BRIDGE_REJECT
        tristate "Netfilter nf_tables bridge reject support"
        depends on NFT_REJECT && NFT_REJECT_IPV4 && NFT_REJECT_IPV6
@@ -19,6 +25,20 @@ config NF_LOG_BRIDGE
        tristate "Bridge packet logging"
        select NF_LOG_COMMON
 
+config NF_CONNTRACK_BRIDGE
+       tristate "IPv4/IPV6 bridge connection tracking support"
+       depends on NF_CONNTRACK
+       default n
+       help
+         Connection tracking keeps a record of what packets have passed
+         through your machine, in order to figure out how they are related
+         into connections. This is used to enhance packet filtering via
+         stateful policies. Enable this if you want native tracking from
+         the bridge. This provides a replacement for the `br_netfilter'
+         infrastructure.
+
+         To compile it as a module, choose M here.  If unsure, say N.
+
 endif # NF_TABLES_BRIDGE
 
 menuconfig BRIDGE_NF_EBTABLES