This is v5 of the "exclude legacy tables". I retested the config fragments individually and as part of kselftest-merge to ensure none of the requested option is lost. The last patch in the series fixes up non-existing option which was noticed during that exercise. The other finding has been sent to net. Patch #2 has been split out from Florian's patch, hopefully as requested. Feel free to update Author: as needed/ if needed. v4…v5 https://lore.kernel.org/all/20250404152815.LilZda0r@xxxxxxxxxxxxx/ - Changes let selftests fail, bpf required legacy iptables which were no longer enabled. Florian reworked the patch. Additionally Florian tweaked the config snippets. v3…v4 https://lore.kernel.org/all/20250325165832.3110004-1-bigeasy@xxxxxxxxxxxxx/ - Merge all three patches into one. - CONFIG_IP6_NF_MANGLE -> CONFIG_IP6_NF_IPTABLES in xt_TCPOPTSTRIP and + CONFIG_NFT_COMPAT_ARP xt_mark to allow the modules without LEGACY as per Florian. v2…v3 https://lore.kernel.org/all/20250221133143.5058-1-bigeasy@xxxxxxxxxxxxx/ - Instead of getting LEGACY code to work for PREEMPT_RT the code is now disabled on PREEMPT_RT. Since the long term plan is to get rid of it anyway, it might be less painful for everyone. v1…v2 https://lore.kernel.org/all/20250216125135.3037967-1-bigeasy@xxxxxxxxxxxxx/ - Updated kerneldoc in 2/3 so that the renamed parameter is part of it. - Updated description 1/3 in case there are complains regarding the synchronize_rcu(). The suggested course of action is to motivate people to move away from "legacy" towards "nft" tooling. Last resort is not to wait for the in-flight counter and just copy what is there. Florian Westphal (1): selftests: net: Enable legacy netfilter legacy options. Pablo Neira Ayuso (1): netfilter: Exclude LEGACY TABLES on PREEMPT_RT. Sebastian Andrzej Siewior (1): selftests: netfilter: Enable CONFIG_INET_SCTP_DIAG net/bridge/netfilter/Kconfig | 10 ++++---- net/ipv4/netfilter/Kconfig | 24 +++++++++---------- net/ipv6/netfilter/Kconfig | 19 +++++++-------- net/netfilter/Kconfig | 10 ++++++++ net/netfilter/x_tables.c | 16 +++++++++---- tools/testing/selftests/bpf/config | 1 + tools/testing/selftests/hid/config.common | 1 + tools/testing/selftests/net/config | 11 +++++++++ tools/testing/selftests/net/mptcp/config | 2 ++ tools/testing/selftests/net/netfilter/config | 7 +++++- .../selftests/wireguard/qemu/kernel.config | 4 ++++ 11 files changed, 72 insertions(+), 33 deletions(-) -- 2.50.0
