Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: NixOS/nixpkgs
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: 7b512c15570c
Choose a base ref
...
head repository: NixOS/nixpkgs
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: 334921ad3153
Choose a head ref
  • 2 commits
  • 1 file changed
  • 2 contributors

Commits on Oct 15, 2019

  1. nftables: enable all features

    @Izorkin
    Izorkin committed Oct 15, 2019
    Copy the full SHA
    c1fd98f View commit details

Commits on Oct 16, 2019

  1. Merge pull request #66841 from Izorkin/kernel-nftables 

    nftables: enable all features in kernel
    @Mic92
    Mic92 authored Oct 16, 2019
    Copy the full SHA
    334921a View commit details
Showing with 19 additions and 8 deletions.
  1. +19 −8 pkgs/os-specific/linux/kernel/common-config.nix
27 changes: 19 additions & 8 deletions pkgs/os-specific/linux/kernel/common-config.nix
View file
Original file line number Diff line number Diff line change
@@ -98,8 +98,6 @@ let
networking = {
NET = yes;
IP_PNP = no;
NETFILTER = yes;
NETFILTER_ADVANCED = yes;
IP_VS_PROTO_TCP = yes;
IP_VS_PROTO_UDP = yes;
IP_VS_PROTO_ESP = yes;
@@ -144,12 +142,25 @@ let
KEY_DH_OPERATIONS = whenAtLeast "4.7" yes;

# needed for nftables
NF_TABLES_INET = whenAtLeast "4.17" yes;
NF_TABLES_NETDEV = whenAtLeast "4.17" yes;
NF_TABLES_IPV4 = whenAtLeast "4.17" yes;
NF_TABLES_ARP = whenAtLeast "4.17" yes;
NF_TABLES_IPV6 = whenAtLeast "4.17" yes;
NF_TABLES_BRIDGE = whenBetween "4.17" "5.3" yes;
# Networking Options
NETFILTER = yes;
NETFILTER_ADVANCED = yes;
# Core Netfilter Configuration
NF_CONNTRACK_ZONES = yes;
NF_CONNTRACK_EVENTS = yes;
NF_CONNTRACK_TIMEOUT = yes;
NF_CONNTRACK_TIMESTAMP = yes;
NETFILTER_NETLINK_GLUE_CT = yes;
NF_TABLES_INET = whenAtLeast "4.19" yes;
NF_TABLES_NETDEV = whenAtLeast "4.19" yes;
# IP: Netfilter Configuration
NF_TABLES_IPV4 = yes;
NF_TABLES_ARP = whenAtLeast "4.19" yes;
# IPv6: Netfilter Configuration
NF_TABLES_IPV6 = yes;
# Bridge Netfilter Configuration
NF_TABLES_BRIDGE = mkMerge [ (whenBetween "4.19" "5.3" yes)
(whenAtLeast "5.3" module) ];

# needed for ss
INET_DIAG = yes;