On Fri, May 16, 2025 at 04:12:13PM +0200, Florian Westphal wrote: > Its now possible to build a kernel that has no support for the classic > xtables get/setsockopt interfaces and builtin tables. > > In this case, we have CONFIG_IP6_NF_MANGLE=n and > CONFIG_IP_NF_ARPTABLES=n. > > For optstript, the ipv6 code is so small that we can enable it if > netfilter ipv6 support exists. For mark, check if either classic > arptables or NFT_ARP_COMPAT is set. Applied to nf-next, thanks
