Gitiles
Code Review Sign In
gerrit-public.fairphone.software / fp2-dev / kernel / msm / 33b8e776056202aceaf4c90f465d0f4ee53432ac^! / . / net / Kconfig
commit33b8e776056202aceaf4c90f465d0f4ee53432ac[log] [tgz]
authorPatrick McHardy <kaber@trash.net>Mon Dec 17 22:47:05 2007 -0800
committerDavid S. Miller <davem@davemloft.net>Mon Jan 28 14:59:12 2008 -0800
tree24f6bc7b89a81d95b1b9c0f16254ad8423aed9cb
parent34498825cb9062192b77fa02dae672a4fe6eec70 [diff] [blame]
[NETFILTER]: Add CONFIG_NETFILTER_ADVANCED option

The NETFILTER_ADVANCED option hides lots of the rather obscure netfilter
options when disabled and provides defaults (M) that should allow to
run a distribution firewall without further thinking.

Defaults to 'y' to avoid breaking current configurations.

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>

diff --git a/net/Kconfig b/net/Kconfig
index 58ed2f4..b6a5d45 100644
--- a/net/Kconfig
+++ b/net/Kconfig

@@ -144,9 +144,21 @@
 	  You can say Y here if you want to get additional messages useful in
 	  debugging the netfilter code.
 
+config NETFILTER_ADVANCED
+	bool "Advanced netfilter configuration"
+	depends on NETFILTER
+	default y
+	help
+	  If you say Y here you can select between all the netfilter modules.
+	  If you say N the more ununsual ones will not be shown and the
+	  basic ones needed by most people will default to 'M'.
+
+	  If unsure, say Y.
+
 config BRIDGE_NETFILTER
 	bool "Bridged IP/ARP packets filtering"
 	depends on BRIDGE && NETFILTER && INET
+	depends on NETFILTER_ADVANCED
 	default y
 	---help---
 	  Enabling this option will let arptables resp. iptables see bridged