From acc2c227590a72654ff61e940e7530fedde7bc7a Mon Sep 17 00:00:00 2001
From: Soul Trace <S-trace@list.ru>
Date: Fri, 4 Dec 2020 18:30:53 +0300
Subject: [PATCH] arm64: kvims_defconfig: enable IP_NF_TARGET_TTL and
 NETFILTER_XT_TARGET_HL

Those features are necessary to change TTL in IP packets using iptables rules:
iptables -t mangle -A POSTROUTING -j TTL --ttl-set 65
iptables -t mangle -A PREROUTING -j TTL --ttl-set 65

This may be used to work around some ISPs with misconfigured network
(i.e. TTL always equals 1 for all incoming packets and/or connectivity problems
if an ISP receives packets with different TTLs from the same connection)
when VIMx is set up as a router/WiFi AP.
---
 arch/arm64/configs/kvims_defconfig | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/arch/arm64/configs/kvims_defconfig b/arch/arm64/configs/kvims_defconfig
index 2563bb5be16ea..a658d38a46e35 100644
--- a/arch/arm64/configs/kvims_defconfig
+++ b/arch/arm64/configs/kvims_defconfig
@@ -140,6 +140,7 @@ CONFIG_NETFILTER_XT_TARGET_TPROXY=y
 CONFIG_NETFILTER_XT_TARGET_TRACE=y
 CONFIG_NETFILTER_XT_TARGET_SECMARK=y
 CONFIG_NETFILTER_XT_TARGET_TCPMSS=y
+CONFIG_NETFILTER_XT_TARGET_HL=y
 CONFIG_NETFILTER_XT_MATCH_ADDRTYPE=y
 CONFIG_NETFILTER_XT_MATCH_BPF=y
 CONFIG_NETFILTER_XT_MATCH_COMMENT=y
@@ -190,6 +191,7 @@ CONFIG_IP_NF_SECURITY=y
 CONFIG_IP_NF_ARPTABLES=y
 CONFIG_IP_NF_ARPFILTER=y
 CONFIG_IP_NF_ARP_MANGLE=y
+CONFIG_IP_NF_TARGET_TTL=y
 CONFIG_NF_CONNTRACK_IPV6=y
 CONFIG_IP6_NF_IPTABLES=y
 CONFIG_IP6_NF_MATCH_RPFILTER=y