From 51340f7b6a1103b12d86ef488f7140406d80401e Mon Sep 17 00:00:00 2001
From: Florian Westphal <fw@strlen.de>
Date: Mon, 15 Jul 2013 16:35:08 +0200
Subject: extensions: libxt_connlabel: use libnetfilter_conntrack

Pablo suggested to make it depend on lnf-conntrack, and get rid of
the example config file as well.

The problem is that the file must be in a fixed path,
/etc/xtables/connlabel.conf, else userspace needs to "guess-the-right-file"
when translating names to their bit values (and vice versa).

Originally "make install" did put an example file into /etc/xtables/,
but distributors complained about iptables ignoring the sysconfdir.

So rather remove the example file, the man-page explains the format,
and connlabels are inherently system-specific anyway.

Signed-off-by: Florian Westphal <fw@strlen.de>
---
 extensions/libxt_connlabel.man | 1 +
 1 file changed, 1 insertion(+)

(limited to 'extensions/libxt_connlabel.man')

diff --git a/extensions/libxt_connlabel.man b/extensions/libxt_connlabel.man
index 9fd2043d..bdaa51e8 100644
--- a/extensions/libxt_connlabel.man
+++ b/extensions/libxt_connlabel.man
@@ -17,6 +17,7 @@ the time the connection is created.
 In this case, the match will fail (or succeed, in case \fB\-\-label\fP
 option was negated).
 .PP
+This match depends on libnetfilter_conntrack 1.0.4 or later.
 Label translation is done via the \fB/etc/xtables/connlabel.conf\fP configuration file.
 .PP
 Example:
-- 
cgit v1.2.3