[NETFILTER]: xt_connlimit needs to depend on nf_conntrack
Cornelia Huck [Wed, 18 Jul 2007 09:38:32 +0000 (02:38 -0700)]
With NF_CONNTRACK=n, NETFILTER_XT_MATCH_CONNLIMIT=m I get the
following errors on current git:

CC [M] net/netfilter/xt_connlimit.o
  In file included from net/netfilter/xt_connlimit.c:27:
  include/net/netfilter/nf_conntrack.h:100: error: field 'ct_general' has incomplete type
  include/net/netfilter/nf_conntrack.h: In function 'nf_ct_get':
  include/net/netfilter/nf_conntrack.h:164: error: 'const struct sk_buff' has no member named 'nfct'
  include/net/netfilter/nf_conntrack.h: In function 'nf_ct_put':
  include/net/netfilter/nf_conntrack.h:171: warning: implicit declaration of function 'nf_conntrack_put'
  include/net/netfilter/nf_conntrack.h: In function 'nf_ct_is_untracked':
  include/net/netfilter/nf_conntrack.h:253: error: 'const struct sk_buff' has no member named 'nfct'
  In file included from net/netfilter/xt_connlimit.c:28:
  include/net/netfilter/nf_conntrack_core.h: In function 'nf_conntrack_confirm':
  include/net/netfilter/nf_conntrack_core.h:68: error: 'struct sk_buff' has no member named 'nfct'

Adding a dependency in Kconfig fixes this.

Signed-off-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Signed-off-by: David S. Miller <davem@davemloft.net>

net/netfilter/Kconfig

index 3ac39f1..3599770 100644 (file)
@@ -436,6 +436,7 @@ config NETFILTER_XT_MATCH_CONNBYTES
 config NETFILTER_XT_MATCH_CONNLIMIT
        tristate '"connlimit" match support"'
        depends on NETFILTER_XTABLES
+       depends on NF_CONNTRACK
        ---help---
          This match allows you to match against the number of parallel
          connections to a server per client IP address (or address block).