At least in kernel 5.11.5, CONFIG_NETFILTER_NETLINK is not directly settable when configuring the kernel, it is automatically enabled when one of the options that depend on it is enabled. The ebuild should instead check the actual feature that needs to be enabled:

NETFILTER_NETLINK

There is no help available for this option.
Symbol: NETFILTER_NETLINK [=n]
Type : tristate
Defined at net/netfilter/Kconfig:13
Depends on: NET [=y] && INET [=y] && NETFILTER [=y]
Selected by [n]:
- IP_SET [=n] && NET [=y] && INET [=y] && NETFILTER [=y]
- NETFILTER_NETLINK_ACCT [=n] && NET [=y] && INET [=y] && NETFILTER [=y] && NETFILTER_ADVANCED [=y]
- NETFILTER_NETLINK_QUEUE [=n] && NET [=y] && INET [=y] && NETFILTER [=y] && NETFILTER_ADVANCED [=y]
- NETFILTER_NETLINK_LOG [=n] && NET [=y] && INET [=y] && NETFILTER [=y]
- NETFILTER_NETLINK_OSF [=n] && NET [=y] && INET [=y] && NETFILTER [=y] && NETFILTER_ADVANCED [=y]
- NF_TABLES [=n] && NET [=y] && INET [=y] && NETFILTER [=y]
- NF_CT_NETLINK [=n] && NET [=y] && INET [=y] && NETFILTER [=y] && NF_CONNTRACK [=m]
- NF_CT_NETLINK_TIMEOUT [=n] && NET [=y] && INET [=y] && NETFILTER [=y] && NF_CONNTRACK [=m] && NETFILTER_ADVANCED [=y] && NF_CONNTRACK_TIMEOUT [=n]
- NF_CT_NETLINK_HELPER [=n] && NET [=y] && INET [=y] && NETFILTER [=y] && NF_CONNTRACK [=m] && NF_CT_NETLINK [=n] && NETFILTER_NETLINK_QUEUE [=n] && NETFILTER_NETLINK_GLUE_CT [=n] && NETFILTER_ADVANCED [=y]

Reproducible: Always