CONFIG_BRIDGE=m && CONFIG_NETFILTER_XT_MATCH_PHYSDEV=y breaks at link time:
LD .tmp_vmlinux1
net/built-in.o: In function `checkentry':xt_physdev.c:(.text+0x223f8):
undefined reference to `brnf_deferred_hooks'
:xt_physdev.c:(.text+0x22420): undefined reference to `brnf_deferred_hooks'
make: *** [.tmp_vmlinux1] Error 1
net/netfilter/xt_physdev.c references 'brn_deferred_hooks' which is
declared in net/bridge/br_netfilter.c but CONFIG_BRIDGE=m prevents
linking br_netfilter.o in. So CONFIG_NETFILTER_XT_MATCH_PHYSDEV really
depends on CONFIG_BRIDGE and this should be enforced in netfilter's Kconfig.
Signed-off-by: Florin Malita <[email protected]>
---
diff --git a/net/netfilter/Kconfig b/net/netfilter/Kconfig
index a9894dd..b2c412a 100644
--- a/net/netfilter/Kconfig
+++ b/net/netfilter/Kconfig
@@ -342,7 +342,7 @@ config NETFILTER_XT_MATCH_MULTIPORT
config NETFILTER_XT_MATCH_PHYSDEV
tristate '"physdev" match support'
- depends on NETFILTER_XTABLES && BRIDGE_NETFILTER
+ depends on NETFILTER_XTABLES && BRIDGE_NETFILTER && BRIDGE
help
Physdev packet matching matches against the physical bridge ports
the IP packet arrived on or will leave by.