[NETFILTER]: x_tables: unify IPv4/IPv6 esp match This unifies ipt_esp and ip6t_esp to xt_esp. Please note that now a user program needs to specify IPPROTO_ESP as protocol to use esp match with IPv6. This means that ip6tables requires '-p esp' like iptables. Signed-off-by: Yasuyuki Kozakai <yasuyuki.kozakai@toshiba.co.jp> Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>

commit: dc5ab2faece3b7473931357db7f63f596678481d [log] [tgz]
author: Yasuyuki Kozakai <yasuyuki.kozakai@toshiba.co.jp> Sat Apr 01 02:22:30 2006 -0800
committer: David S. Miller <davem@davemloft.net> Sat Apr 01 02:22:30 2006 -0800
tree: d1e5fd3e805e7d2c4136459cca17d5f8ed44bfb6
parent: 9606a21635cec077e1928273751b44ecc824a49d [diff] [blame]
diff --git a/net/netfilter/Kconfig b/net/netfilter/Kconfig
index 332acb3..5fe5189 100644
--- a/net/netfilter/Kconfig
+++ b/net/netfilter/Kconfig

@@ -231,6 +231,15 @@
 	  If you want to compile it as a module, say M here and read
 	  <file:Documentation/modules.txt>.  If unsure, say `N'.
 
+config NETFILTER_XT_MATCH_ESP
+	tristate '"ESP" match support'
+	depends on NETFILTER_XTABLES
+	help
+	  This match extension allows you to match a range of SPIs
+	  inside ESP header of IPSec packets.
+
+	  To compile it as a module, choose M here.  If unsure, say N.
+
 config NETFILTER_XT_MATCH_HELPER
 	tristate '"helper" match support'
 	depends on NETFILTER_XTABLES
commit	dc5ab2faece3b7473931357db7f63f596678481d	[log] [tgz]
author	Yasuyuki Kozakai <yasuyuki.kozakai@toshiba.co.jp>	Sat Apr 01 02:22:30 2006 -0800
committer	David S. Miller <davem@davemloft.net>	Sat Apr 01 02:22:30 2006 -0800
tree	d1e5fd3e805e7d2c4136459cca17d5f8ed44bfb6
parent	9606a21635cec077e1928273751b44ecc824a49d [diff] [blame]