2009-05-03 02:51:05 +03:00
|
|
|
|
2008-04-15 09:11:23 +03:00
|
|
|
#
|
2010-04-24 14:42:17 +03:00
|
|
|
# Copyright (C) 2006-2010 OpenWrt.org
|
2006-10-17 16:18:01 +03:00
|
|
|
#
|
|
|
|
# This is free software, licensed under the GNU General Public License v2.
|
|
|
|
# See /LICENSE for more information.
|
|
|
|
#
|
|
|
|
|
2007-09-16 20:45:15 +03:00
|
|
|
NF_MENU:=Netfilter Extensions
|
2008-05-08 14:16:07 +03:00
|
|
|
NF_KMOD:=1
|
2007-07-23 06:23:46 +03:00
|
|
|
include $(INCLUDE_DIR)/netfilter.mk
|
2006-10-17 16:18:01 +03:00
|
|
|
|
2008-09-22 18:19:59 +03:00
|
|
|
define KernelPackage/ipt-core
|
|
|
|
SUBMENU:=$(NF_MENU)
|
|
|
|
TITLE:=Netfilter core
|
|
|
|
KCONFIG:=$(KCONFIG_IPT_CORE)
|
2010-07-12 17:06:13 +03:00
|
|
|
FILES:=$(foreach mod,$(IPT_CORE-m),$(LINUX_DIR)/net/$(mod).ko)
|
2008-09-22 18:19:59 +03:00
|
|
|
AUTOLOAD:=$(call AutoLoad,40,$(notdir $(IPT_CORE-m)))
|
|
|
|
endef
|
|
|
|
|
|
|
|
define KernelPackage/ipt-core/description
|
|
|
|
Netfilter core kernel modules
|
|
|
|
Includes:
|
2010-04-04 15:40:06 +03:00
|
|
|
- comment (2.6)
|
|
|
|
- limit
|
|
|
|
- LOG
|
|
|
|
- mac
|
|
|
|
- multiport
|
|
|
|
- REJECT
|
|
|
|
- TCPMSS
|
2008-09-22 18:19:59 +03:00
|
|
|
endef
|
|
|
|
|
|
|
|
$(eval $(call KernelPackage,ipt-core))
|
|
|
|
|
|
|
|
|
2010-04-24 14:42:17 +03:00
|
|
|
define AddDepends/ipt
|
2007-09-16 20:45:15 +03:00
|
|
|
SUBMENU:=$(NF_MENU)
|
2010-04-29 07:04:19 +03:00
|
|
|
DEPENDS+= kmod-ipt-core $(1)
|
2010-01-22 10:18:04 +02:00
|
|
|
endef
|
|
|
|
|
|
|
|
|
|
|
|
define KernelPackage/ipt-conntrack
|
2008-09-22 18:19:59 +03:00
|
|
|
TITLE:=Basic connection tracking modules
|
2007-07-23 06:23:46 +03:00
|
|
|
KCONFIG:=$(KCONFIG_IPT_CONNTRACK)
|
2010-07-12 17:06:13 +03:00
|
|
|
FILES:=$(foreach mod,$(IPT_CONNTRACK-m),$(LINUX_DIR)/net/$(mod).ko)
|
2008-09-22 18:19:59 +03:00
|
|
|
AUTOLOAD:=$(call AutoLoad,41,$(notdir $(IPT_CONNTRACK-m)))
|
2010-04-29 07:04:19 +03:00
|
|
|
$(call AddDepends/ipt)
|
2006-10-17 16:18:01 +03:00
|
|
|
endef
|
2007-08-28 14:44:15 +03:00
|
|
|
|
2007-09-07 11:34:51 +03:00
|
|
|
define KernelPackage/ipt-conntrack/description
|
|
|
|
Netfilter (IPv4) kernel modules for connection tracking
|
2008-04-15 09:11:23 +03:00
|
|
|
Includes:
|
2010-03-20 12:27:24 +02:00
|
|
|
- conntrack
|
2010-04-04 15:40:06 +03:00
|
|
|
- defrag (2.6)
|
2010-03-20 12:27:24 +02:00
|
|
|
- iptables_raw
|
|
|
|
- NOTRACK
|
2008-09-22 18:19:59 +03:00
|
|
|
- state
|
2007-09-07 11:34:51 +03:00
|
|
|
endef
|
|
|
|
|
2006-10-17 16:18:01 +03:00
|
|
|
$(eval $(call KernelPackage,ipt-conntrack))
|
|
|
|
|
2007-08-28 14:44:15 +03:00
|
|
|
|
2008-09-22 18:19:59 +03:00
|
|
|
define KernelPackage/ipt-conntrack-extra
|
|
|
|
TITLE:=Extra connection tracking modules
|
|
|
|
KCONFIG:=$(KCONFIG_IPT_CONNTRACK_EXTRA)
|
2010-07-12 17:06:13 +03:00
|
|
|
FILES:=$(foreach mod,$(IPT_CONNTRACK_EXTRA-m),$(LINUX_DIR)/net/$(mod).ko)
|
2008-09-22 18:19:59 +03:00
|
|
|
AUTOLOAD:=$(call AutoLoad,42,$(notdir $(IPT_CONNTRACK_EXTRA-m)))
|
2010-04-29 07:04:19 +03:00
|
|
|
$(call AddDepends/ipt,+kmod-ipt-conntrack)
|
2008-09-22 18:19:59 +03:00
|
|
|
endef
|
|
|
|
|
|
|
|
define KernelPackage/ipt-conntrack-extra/description
|
|
|
|
Netfilter (IPv4) extra kernel modules for connection tracking
|
|
|
|
Includes:
|
|
|
|
- connbytes
|
|
|
|
- connmark/CONNMARK
|
|
|
|
- conntrack
|
|
|
|
- helper
|
|
|
|
- recent
|
|
|
|
endef
|
|
|
|
|
|
|
|
$(eval $(call KernelPackage,ipt-conntrack-extra))
|
|
|
|
|
|
|
|
|
2006-10-17 16:18:01 +03:00
|
|
|
define KernelPackage/ipt-filter
|
|
|
|
TITLE:=Modules for packet content inspection
|
2007-07-23 06:23:46 +03:00
|
|
|
KCONFIG:=$(KCONFIG_IPT_FILTER)
|
2010-07-12 17:06:13 +03:00
|
|
|
FILES:=$(foreach mod,$(IPT_FILTER-m),$(LINUX_DIR)/net/$(mod).ko)
|
2008-09-22 18:19:59 +03:00
|
|
|
AUTOLOAD:=$(call AutoLoad,45,$(notdir $(IPT_FILTER-m)))
|
2010-06-26 23:44:28 +03:00
|
|
|
$(call AddDepends/ipt,+kmod-textsearch)
|
2006-10-17 16:18:01 +03:00
|
|
|
endef
|
2007-08-28 14:44:15 +03:00
|
|
|
|
2007-09-07 11:34:51 +03:00
|
|
|
define KernelPackage/ipt-filter/description
|
2008-04-15 09:11:23 +03:00
|
|
|
Netfilter (IPv4) kernel modules for packet content inspection
|
|
|
|
Includes:
|
2010-04-04 15:40:06 +03:00
|
|
|
- layer7
|
|
|
|
- string
|
2007-09-07 11:34:51 +03:00
|
|
|
endef
|
|
|
|
|
2006-10-17 16:18:01 +03:00
|
|
|
$(eval $(call KernelPackage,ipt-filter))
|
|
|
|
|
2007-08-28 14:44:15 +03:00
|
|
|
|
2006-10-17 16:18:01 +03:00
|
|
|
define KernelPackage/ipt-ipopt
|
|
|
|
TITLE:=Modules for matching/changing IP packet options
|
2007-07-23 06:23:46 +03:00
|
|
|
KCONFIG:=$(KCONFIG_IPT_IPOPT)
|
2010-07-12 17:06:13 +03:00
|
|
|
FILES:=$(foreach mod,$(IPT_IPOPT-m),$(LINUX_DIR)/net/$(mod).ko)
|
2008-09-22 18:19:59 +03:00
|
|
|
AUTOLOAD:=$(call AutoLoad,45,$(notdir $(IPT_IPOPT-m)))
|
2010-04-29 07:04:19 +03:00
|
|
|
$(call AddDepends/ipt)
|
2006-10-17 16:18:01 +03:00
|
|
|
endef
|
2007-08-28 14:44:15 +03:00
|
|
|
|
2007-09-07 11:34:51 +03:00
|
|
|
define KernelPackage/ipt-ipopt/description
|
2008-04-15 09:11:23 +03:00
|
|
|
Netfilter (IPv4) modules for matching/changing IP packet options
|
|
|
|
Includes:
|
2010-04-04 15:40:06 +03:00
|
|
|
- CLASSIFY
|
|
|
|
- dscp/DSCP
|
|
|
|
- ecn/ECN
|
|
|
|
- hl/HL (2.6.30 and later)
|
|
|
|
- length
|
|
|
|
- mark/MARK
|
|
|
|
- statistic (2.6)
|
|
|
|
- tcpmss
|
|
|
|
- time
|
|
|
|
- tos/TOS (prior to 2.6.25)
|
|
|
|
- ttl/TTL (prior to 2.6.30)
|
|
|
|
- unclean
|
2007-09-07 11:34:51 +03:00
|
|
|
endef
|
|
|
|
|
2006-10-17 16:18:01 +03:00
|
|
|
$(eval $(call KernelPackage,ipt-ipopt))
|
|
|
|
|
2007-08-28 14:44:15 +03:00
|
|
|
|
2006-10-17 16:18:01 +03:00
|
|
|
define KernelPackage/ipt-ipsec
|
|
|
|
TITLE:=Modules for matching IPSec packets
|
2007-07-23 06:23:46 +03:00
|
|
|
KCONFIG:=$(KCONFIG_IPT_IPSEC)
|
2010-07-12 17:06:13 +03:00
|
|
|
FILES:=$(foreach mod,$(IPT_IPSEC-m),$(LINUX_DIR)/net/$(mod).ko)
|
2008-09-22 18:19:59 +03:00
|
|
|
AUTOLOAD:=$(call AutoLoad,45,$(notdir $(IPT_IPSEC-m)))
|
2010-04-29 07:04:19 +03:00
|
|
|
$(call AddDepends/ipt)
|
2006-10-17 16:18:01 +03:00
|
|
|
endef
|
2007-08-28 14:44:15 +03:00
|
|
|
|
2007-09-07 11:34:51 +03:00
|
|
|
define KernelPackage/ipt-ipsec/description
|
2008-04-15 09:11:23 +03:00
|
|
|
Netfilter (IPv4) modules for matching IPSec packets
|
|
|
|
Includes:
|
2010-04-04 15:40:06 +03:00
|
|
|
- ah
|
|
|
|
- esp
|
|
|
|
- policy (2.6)
|
2007-09-07 11:34:51 +03:00
|
|
|
endef
|
|
|
|
|
2006-10-17 16:18:01 +03:00
|
|
|
$(eval $(call KernelPackage,ipt-ipsec))
|
|
|
|
|
2007-08-28 14:44:15 +03:00
|
|
|
|
2006-10-17 16:18:01 +03:00
|
|
|
define KernelPackage/ipt-nat
|
2008-09-22 18:19:59 +03:00
|
|
|
TITLE:=Basic NAT targets
|
2007-07-23 06:23:46 +03:00
|
|
|
KCONFIG:=$(KCONFIG_IPT_NAT)
|
2010-07-12 17:06:13 +03:00
|
|
|
FILES:=$(foreach mod,$(IPT_NAT-m),$(LINUX_DIR)/net/$(mod).ko)
|
2008-09-22 18:19:59 +03:00
|
|
|
AUTOLOAD:=$(call AutoLoad,42,$(notdir $(IPT_NAT-m)))
|
2010-04-29 07:04:19 +03:00
|
|
|
$(call AddDepends/ipt,+kmod-ipt-conntrack)
|
2006-10-17 16:18:01 +03:00
|
|
|
endef
|
2007-08-28 14:44:15 +03:00
|
|
|
|
2007-09-07 11:34:51 +03:00
|
|
|
define KernelPackage/ipt-nat/description
|
2008-09-22 18:19:59 +03:00
|
|
|
Netfilter (IPv4) kernel modules for basic NAT targets
|
2008-04-15 09:11:23 +03:00
|
|
|
Includes:
|
2008-09-22 18:19:59 +03:00
|
|
|
- MASQUERADE
|
2007-09-07 11:34:51 +03:00
|
|
|
endef
|
|
|
|
|
2006-10-17 16:18:01 +03:00
|
|
|
$(eval $(call KernelPackage,ipt-nat))
|
|
|
|
|
2007-08-28 14:44:15 +03:00
|
|
|
|
2008-09-22 18:19:59 +03:00
|
|
|
define KernelPackage/ipt-nat-extra
|
|
|
|
TITLE:=Extra NAT targets
|
|
|
|
KCONFIG:=$(KCONFIG_IPT_NAT_EXTRA)
|
2010-07-12 17:06:13 +03:00
|
|
|
FILES:=$(foreach mod,$(IPT_NAT_EXTRA-m),$(LINUX_DIR)/net/$(mod).ko)
|
2008-09-22 18:19:59 +03:00
|
|
|
AUTOLOAD:=$(call AutoLoad,43,$(notdir $(IPT_NAT_EXTRA-m)))
|
2010-04-29 07:04:19 +03:00
|
|
|
$(call AddDepends/ipt,+kmod-ipt-nat)
|
2008-09-22 18:19:59 +03:00
|
|
|
endef
|
|
|
|
|
|
|
|
define KernelPackage/ipt-nat-extra/description
|
|
|
|
Netfilter (IPv4) kernel modules for extra NAT targets
|
|
|
|
Includes:
|
2010-04-04 15:40:06 +03:00
|
|
|
- MIRROR (2.4)
|
2008-09-22 18:19:59 +03:00
|
|
|
- NETMAP
|
|
|
|
- REDIRECT
|
|
|
|
endef
|
|
|
|
|
|
|
|
$(eval $(call KernelPackage,ipt-nat-extra))
|
|
|
|
|
|
|
|
|
2006-10-17 16:18:01 +03:00
|
|
|
define KernelPackage/ipt-nathelper
|
2008-09-22 18:19:59 +03:00
|
|
|
TITLE:=Basic Conntrack and NAT helpers
|
2008-05-08 14:32:46 +03:00
|
|
|
KCONFIG:=$(KCONFIG_IPT_NATHELPER)
|
2010-07-12 17:06:13 +03:00
|
|
|
FILES:=$(foreach mod,$(IPT_NATHELPER-m),$(LINUX_DIR)/net/$(mod).ko)
|
2008-09-22 18:19:59 +03:00
|
|
|
AUTOLOAD:=$(call AutoLoad,45,$(notdir $(IPT_NATHELPER-m)))
|
2010-04-29 07:04:19 +03:00
|
|
|
$(call AddDepends/ipt,+kmod-ipt-nat)
|
2006-11-19 03:03:47 +02:00
|
|
|
endef
|
2007-08-28 14:44:15 +03:00
|
|
|
|
2007-09-07 11:34:51 +03:00
|
|
|
define KernelPackage/ipt-nathelper/description
|
2008-04-15 09:11:23 +03:00
|
|
|
Default Netfilter (IPv4) Conntrack and NAT helpers
|
|
|
|
Includes:
|
2010-04-04 15:40:06 +03:00
|
|
|
- ftp
|
|
|
|
- irc
|
|
|
|
- tftp
|
2007-09-07 11:34:51 +03:00
|
|
|
endef
|
|
|
|
|
2006-11-19 03:03:47 +02:00
|
|
|
$(eval $(call KernelPackage,ipt-nathelper))
|
|
|
|
|
2007-08-28 14:44:15 +03:00
|
|
|
|
2006-11-19 03:03:47 +02:00
|
|
|
define KernelPackage/ipt-nathelper-extra
|
2006-10-17 16:18:01 +03:00
|
|
|
TITLE:=Extra Conntrack and NAT helpers
|
2008-05-08 14:32:46 +03:00
|
|
|
KCONFIG:=$(KCONFIG_IPT_NATHELPER_EXTRA)
|
2010-07-12 17:06:13 +03:00
|
|
|
FILES:=$(foreach mod,$(IPT_NATHELPER_EXTRA-m),$(LINUX_DIR)/net/$(mod).ko)
|
2008-09-22 18:19:59 +03:00
|
|
|
AUTOLOAD:=$(call AutoLoad,45,$(notdir $(IPT_NATHELPER_EXTRA-m)))
|
2010-06-26 23:44:28 +03:00
|
|
|
$(call AddDepends/ipt,+kmod-ipt-nat +kmod-textsearch)
|
2006-10-17 16:18:01 +03:00
|
|
|
endef
|
2007-08-28 14:44:15 +03:00
|
|
|
|
2007-09-07 11:34:51 +03:00
|
|
|
define KernelPackage/ipt-nathelper-extra/description
|
2008-04-15 09:11:23 +03:00
|
|
|
Extra Netfilter (IPv4) Conntrack and NAT helpers
|
|
|
|
Includes:
|
2010-04-04 15:40:06 +03:00
|
|
|
- amanda
|
|
|
|
- h323
|
|
|
|
- mms
|
|
|
|
- pptp (2.6)
|
|
|
|
- proto_gre (2.6)
|
|
|
|
- rtsp
|
|
|
|
- sip (2.6)
|
|
|
|
- snmp_basic
|
2007-09-07 11:34:51 +03:00
|
|
|
endef
|
|
|
|
|
2006-11-19 03:23:07 +02:00
|
|
|
$(eval $(call KernelPackage,ipt-nathelper-extra))
|
2006-10-17 16:18:01 +03:00
|
|
|
|
2007-08-28 14:44:15 +03:00
|
|
|
|
2006-10-17 16:18:01 +03:00
|
|
|
define KernelPackage/ipt-imq
|
|
|
|
TITLE:=Intermediate Queueing support
|
2008-08-21 16:17:47 +03:00
|
|
|
KCONFIG:= \
|
|
|
|
CONFIG_IMQ \
|
|
|
|
CONFIG_IMQ_BEHAVIOR_BA=y \
|
|
|
|
CONFIG_IMQ_NUM_DEVS=2 \
|
2009-05-07 06:06:03 +03:00
|
|
|
CONFIG_NETFILTER_XT_TARGET_IMQ
|
2008-08-21 16:17:47 +03:00
|
|
|
FILES:= \
|
2010-07-12 17:06:13 +03:00
|
|
|
$(LINUX_DIR)/drivers/net/imq.ko \
|
|
|
|
$(foreach mod,$(IPT_IMQ-m),$(LINUX_DIR)/net/$(mod).ko)
|
2010-06-07 13:47:20 +03:00
|
|
|
AUTOLOAD:=$(call AutoLoad,46,$(notdir \
|
2008-09-27 13:09:54 +03:00
|
|
|
imq \
|
2008-08-21 16:17:47 +03:00
|
|
|
$(IPT_IMQ-m) \
|
|
|
|
))
|
2010-04-29 07:04:19 +03:00
|
|
|
$(call AddDepends/ipt)
|
2006-10-17 16:18:01 +03:00
|
|
|
endef
|
2007-08-28 14:44:15 +03:00
|
|
|
|
2007-09-07 11:34:51 +03:00
|
|
|
define KernelPackage/ipt-imq/description
|
|
|
|
Kernel support for Intermediate Queueing devices
|
|
|
|
endef
|
|
|
|
|
2006-10-17 16:18:01 +03:00
|
|
|
$(eval $(call KernelPackage,ipt-imq))
|
|
|
|
|
|
|
|
|
|
|
|
define KernelPackage/ipt-queue
|
|
|
|
TITLE:=Module for user-space packet queueing
|
2007-07-23 06:23:46 +03:00
|
|
|
KCONFIG:=$(KCONFIG_IPT_QUEUE)
|
2010-07-12 17:06:13 +03:00
|
|
|
FILES:=$(foreach mod,$(IPT_QUEUE-m),$(LINUX_DIR)/net/$(mod).ko)
|
2008-09-22 18:19:59 +03:00
|
|
|
AUTOLOAD:=$(call AutoLoad,45,$(notdir $(IPT_QUEUE-m)))
|
2010-04-29 07:04:19 +03:00
|
|
|
$(call AddDepends/ipt)
|
2006-10-17 16:18:01 +03:00
|
|
|
endef
|
2007-08-28 14:44:15 +03:00
|
|
|
|
2007-09-07 11:34:51 +03:00
|
|
|
define KernelPackage/ipt-queue/description
|
2008-04-15 09:11:23 +03:00
|
|
|
Netfilter (IPv4) module for user-space packet queueing
|
|
|
|
Includes:
|
2008-09-22 18:19:59 +03:00
|
|
|
- QUEUE
|
2007-09-07 11:34:51 +03:00
|
|
|
endef
|
|
|
|
|
2006-10-17 16:18:01 +03:00
|
|
|
$(eval $(call KernelPackage,ipt-queue))
|
|
|
|
|
2007-08-28 14:44:15 +03:00
|
|
|
|
2006-10-17 16:18:01 +03:00
|
|
|
define KernelPackage/ipt-ulog
|
|
|
|
TITLE:=Module for user-space packet logging
|
2007-07-23 06:23:46 +03:00
|
|
|
KCONFIG:=$(KCONFIG_IPT_ULOG)
|
2010-07-12 17:06:13 +03:00
|
|
|
FILES:=$(foreach mod,$(IPT_ULOG-m),$(LINUX_DIR)/net/$(mod).ko)
|
2008-09-22 18:19:59 +03:00
|
|
|
AUTOLOAD:=$(call AutoLoad,45,$(notdir $(IPT_ULOG-m)))
|
2010-04-29 07:04:19 +03:00
|
|
|
$(call AddDepends/ipt)
|
2006-10-17 16:18:01 +03:00
|
|
|
endef
|
2007-08-28 14:44:15 +03:00
|
|
|
|
2007-09-07 11:34:51 +03:00
|
|
|
define KernelPackage/ipt-ulog/description
|
2008-04-15 09:11:23 +03:00
|
|
|
Netfilter (IPv4) module for user-space packet logging
|
|
|
|
Includes:
|
2010-04-04 15:40:06 +03:00
|
|
|
- ULOG
|
2007-09-07 11:34:51 +03:00
|
|
|
endef
|
|
|
|
|
2006-10-17 16:18:01 +03:00
|
|
|
$(eval $(call KernelPackage,ipt-ulog))
|
|
|
|
|
2007-08-28 14:44:15 +03:00
|
|
|
|
2010-06-23 01:39:22 +03:00
|
|
|
define KernelPackage/ipt-tproxy
|
|
|
|
TITLE:=Transparent proxying support
|
|
|
|
KCONFIG:= \
|
|
|
|
CONFIG_NETFILTER_TPROXY \
|
|
|
|
CONFIG_NETFILTER_XT_MATCH_SOCKET \
|
|
|
|
CONFIG_NETFILTER_XT_TARGET_TPROXY
|
|
|
|
FILES:= \
|
2010-07-12 17:06:13 +03:00
|
|
|
$(LINUX_DIR)/net/netfilter/nf_tproxy_core.ko \
|
|
|
|
$(foreach mod,$(IPT_TPROXY-m),$(LINUX_DIR)/net/$(mod).ko)
|
2010-06-23 01:39:22 +03:00
|
|
|
AUTOLOAD:=$(call AutoLoad,45,$(notdir nf_tproxy_core $(IPT_TPROXY-m)))
|
|
|
|
$(call AddDepends/ipt)
|
|
|
|
endef
|
|
|
|
|
|
|
|
define KernelPackage/ipt-tproxy/description
|
|
|
|
Kernel modules for Transparent Proxying
|
|
|
|
endef
|
|
|
|
|
|
|
|
$(eval $(call KernelPackage,ipt-tproxy))
|
|
|
|
|
|
|
|
|
2007-06-03 01:57:33 +03:00
|
|
|
define KernelPackage/ipt-iprange
|
|
|
|
TITLE:=Module for matching ip ranges
|
2009-12-18 21:09:33 +02:00
|
|
|
KCONFIG:=$(KCONFIG_IPT_IPRANGE)
|
2010-07-12 17:06:13 +03:00
|
|
|
FILES:=$(foreach mod,$(IPT_IPRANGE-m),$(LINUX_DIR)/net/$(mod).ko)
|
2008-09-22 18:19:59 +03:00
|
|
|
AUTOLOAD:=$(call AutoLoad,45,$(notdir $(IPT_IPRANGE-m)))
|
2010-04-29 07:04:19 +03:00
|
|
|
$(call AddDepends/ipt)
|
2007-06-03 01:57:33 +03:00
|
|
|
endef
|
2007-08-28 14:44:15 +03:00
|
|
|
|
2007-09-07 11:34:51 +03:00
|
|
|
define KernelPackage/ipt-iprange/description
|
2008-04-15 09:11:23 +03:00
|
|
|
Netfilter (IPv4) module for matching ip ranges
|
|
|
|
Includes:
|
2010-04-04 15:40:06 +03:00
|
|
|
- iprange
|
2007-09-07 11:34:51 +03:00
|
|
|
endef
|
|
|
|
|
2007-06-03 01:57:33 +03:00
|
|
|
$(eval $(call KernelPackage,ipt-iprange))
|
|
|
|
|
2007-08-28 14:44:15 +03:00
|
|
|
|
2006-10-17 16:18:01 +03:00
|
|
|
define KernelPackage/ipt-extra
|
|
|
|
TITLE:=Extra modules
|
2007-07-23 06:23:46 +03:00
|
|
|
KCONFIG:=$(KCONFIG_IPT_EXTRA)
|
2010-07-12 17:06:13 +03:00
|
|
|
FILES:=$(foreach mod,$(IPT_EXTRA-m),$(LINUX_DIR)/net/$(mod).ko)
|
2008-09-22 18:19:59 +03:00
|
|
|
AUTOLOAD:=$(call AutoLoad,45,$(notdir $(IPT_EXTRA-m)))
|
2010-04-29 07:04:19 +03:00
|
|
|
$(call AddDepends/ipt)
|
2006-10-17 16:18:01 +03:00
|
|
|
endef
|
2007-08-28 14:44:15 +03:00
|
|
|
|
2007-09-07 11:34:51 +03:00
|
|
|
define KernelPackage/ipt-extra/description
|
|
|
|
Other Netfilter (IPv4) kernel modules
|
2008-04-15 09:11:23 +03:00
|
|
|
Includes:
|
2010-04-04 15:40:06 +03:00
|
|
|
- condition (2.4 only)
|
|
|
|
- owner
|
|
|
|
- physdev (if bridge support was enabled in kernel)
|
|
|
|
- pkttype
|
|
|
|
- quota
|
2007-09-07 11:34:51 +03:00
|
|
|
endef
|
|
|
|
|
2006-10-17 16:18:01 +03:00
|
|
|
$(eval $(call KernelPackage,ipt-extra))
|
|
|
|
|
2007-08-28 14:44:15 +03:00
|
|
|
|
2006-10-17 16:18:01 +03:00
|
|
|
define KernelPackage/ip6tables
|
2007-09-16 20:45:15 +03:00
|
|
|
SUBMENU:=$(NF_MENU)
|
2006-10-17 16:18:01 +03:00
|
|
|
TITLE:=IPv6 modules
|
2009-01-11 01:52:56 +02:00
|
|
|
DEPENDS:=+kmod-ipv6
|
2009-07-05 22:42:39 +03:00
|
|
|
KCONFIG:=$(KCONFIG_IPT_IPV6)
|
2010-07-12 17:06:13 +03:00
|
|
|
FILES:=$(foreach mod,$(IPT_IPV6-m),$(LINUX_DIR)/net/$(mod).ko)
|
2008-09-24 17:11:36 +03:00
|
|
|
AUTOLOAD:=$(call AutoLoad,49,$(notdir $(IPT_IPV6-m)))
|
2006-10-17 16:18:01 +03:00
|
|
|
endef
|
2007-08-28 14:44:15 +03:00
|
|
|
|
2007-09-07 11:34:51 +03:00
|
|
|
define KernelPackage/ip6tables/description
|
|
|
|
Netfilter IPv6 firewalling support
|
|
|
|
endef
|
|
|
|
|
2006-10-17 16:18:01 +03:00
|
|
|
$(eval $(call KernelPackage,ip6tables))
|
|
|
|
|
|
|
|
|
|
|
|
define KernelPackage/arptables
|
2007-09-16 20:45:15 +03:00
|
|
|
SUBMENU:=$(NF_MENU)
|
2006-10-17 16:18:01 +03:00
|
|
|
TITLE:=ARP firewalling modules
|
2010-07-12 17:06:13 +03:00
|
|
|
FILES:=$(LINUX_DIR)/net/ipv4/netfilter/arp*.ko
|
2009-06-28 09:18:22 +03:00
|
|
|
KCONFIG:=CONFIG_IP_NF_ARPTABLES \
|
|
|
|
CONFIG_IP_NF_ARPFILTER \
|
|
|
|
CONFIG_IP_NF_ARP_MANGLE
|
2010-07-12 17:06:13 +03:00
|
|
|
AUTOLOAD:=$(call AutoLoad,49,$(notdir $(patsubst %.ko,%,$(wildcard $(LINUX_DIR)/net/ipv4/netfilter/arp*.ko))))
|
2006-10-17 16:18:01 +03:00
|
|
|
endef
|
2007-08-28 14:44:15 +03:00
|
|
|
|
2007-09-07 11:34:51 +03:00
|
|
|
define KernelPackage/arptables/description
|
|
|
|
Kernel modules for ARP firewalling
|
|
|
|
endef
|
|
|
|
|
2006-10-17 16:18:01 +03:00
|
|
|
$(eval $(call KernelPackage,arptables))
|
|
|
|
|
2010-01-22 10:18:04 +02:00
|
|
|
|
2006-10-17 16:18:01 +03:00
|
|
|
define KernelPackage/ebtables
|
2007-09-16 20:45:15 +03:00
|
|
|
SUBMENU:=$(NF_MENU)
|
2006-10-17 16:18:01 +03:00
|
|
|
TITLE:=Bridge firewalling modules
|
2010-07-12 17:06:13 +03:00
|
|
|
FILES:=$(foreach mod,$(EBTABLES-m),$(LINUX_DIR)/net/$(mod).ko)
|
2008-07-30 03:58:36 +03:00
|
|
|
KCONFIG:=CONFIG_BRIDGE_NETFILTER=y \
|
2009-07-25 22:47:48 +03:00
|
|
|
$(KCONFIG_EBTABLES)
|
|
|
|
AUTOLOAD:=$(call AutoLoad,49,$(notdir $(EBTABLES-m)))
|
2006-10-17 16:18:01 +03:00
|
|
|
endef
|
2007-08-28 14:44:15 +03:00
|
|
|
|
2007-09-07 11:34:51 +03:00
|
|
|
define KernelPackage/ebtables/description
|
2009-07-25 22:47:48 +03:00
|
|
|
ebtables is a general, extensible frame/packet identification
|
|
|
|
framework. It provides you to do Ethernet
|
|
|
|
filtering/NAT/brouting on the Ethernet bridge.
|
2007-09-07 11:34:51 +03:00
|
|
|
endef
|
|
|
|
|
2006-10-17 16:18:01 +03:00
|
|
|
$(eval $(call KernelPackage,ebtables))
|
2009-01-31 18:09:25 +02:00
|
|
|
|
2010-01-22 10:18:04 +02:00
|
|
|
|
2010-04-24 14:42:17 +03:00
|
|
|
define AddDepends/ebtables
|
2009-07-25 22:47:48 +03:00
|
|
|
SUBMENU:=$(NF_MENU)
|
2010-04-29 07:04:19 +03:00
|
|
|
DEPENDS+=kmod-ebtables $(1)
|
2010-01-22 10:18:04 +02:00
|
|
|
endef
|
|
|
|
|
|
|
|
|
|
|
|
define KernelPackage/ebtables-ipv4
|
2009-07-25 22:47:48 +03:00
|
|
|
TITLE:=ebtables: IPv4 support
|
2010-07-12 17:06:13 +03:00
|
|
|
FILES:=$(foreach mod,$(EBTABLES_IP4-m),$(LINUX_DIR)/net/$(mod).ko)
|
2009-07-25 22:47:48 +03:00
|
|
|
KCONFIG:=$(KCONFIG_EBTABLES_IP4)
|
|
|
|
AUTOLOAD:=$(call AutoLoad,49,$(notdir $(EBTABLES_IP4-m)))
|
2010-04-29 07:04:19 +03:00
|
|
|
$(call AddDepends/ebtables)
|
2009-07-25 22:47:48 +03:00
|
|
|
endef
|
|
|
|
|
|
|
|
define KernelPackage/ebtables-ipv4/description
|
|
|
|
This option adds the IPv4 support to ebtables, which allows basic
|
|
|
|
IPv4 header field filtering, ARP filtering as well as SNAT, DNAT targets.
|
|
|
|
endef
|
|
|
|
|
|
|
|
$(eval $(call KernelPackage,ebtables-ipv4))
|
|
|
|
|
2010-01-22 10:18:04 +02:00
|
|
|
|
2009-07-25 22:47:48 +03:00
|
|
|
define KernelPackage/ebtables-ipv6
|
|
|
|
TITLE:=ebtables: IPv6 support
|
2010-07-12 17:06:13 +03:00
|
|
|
FILES:=$(foreach mod,$(EBTABLES_IP6-m),$(LINUX_DIR)/net/$(mod).ko)
|
2009-07-25 22:47:48 +03:00
|
|
|
KCONFIG:=$(KCONFIG_EBTABLES_IP6)
|
|
|
|
AUTOLOAD:=$(call AutoLoad,49,$(notdir $(EBTABLES_IP6-m)))
|
2010-04-29 07:04:19 +03:00
|
|
|
$(call AddDepends/ebtables)
|
2009-07-25 22:47:48 +03:00
|
|
|
endef
|
|
|
|
|
|
|
|
define KernelPackage/ebtables-ipv6/description
|
|
|
|
This option adds the IPv6 support to ebtables, which allows basic
|
|
|
|
IPv6 header field filtering and target support.
|
|
|
|
endef
|
|
|
|
|
|
|
|
$(eval $(call KernelPackage,ebtables-ipv6))
|
|
|
|
|
2010-01-22 10:18:04 +02:00
|
|
|
|
2009-07-25 22:47:48 +03:00
|
|
|
define KernelPackage/ebtables-watchers
|
|
|
|
TITLE:=ebtables: watchers support
|
2010-07-12 17:06:13 +03:00
|
|
|
FILES:=$(foreach mod,$(EBTABLES_WATCHERS-m),$(LINUX_DIR)/net/$(mod).ko)
|
2009-07-25 22:47:48 +03:00
|
|
|
KCONFIG:=$(KCONFIG_EBTABLES_WATCHERS)
|
|
|
|
AUTOLOAD:=$(call AutoLoad,49,$(notdir $(EBTABLES_WATCHERS-m)))
|
2010-04-29 07:04:19 +03:00
|
|
|
$(call AddDepends/ebtables)
|
2009-07-25 22:47:48 +03:00
|
|
|
endef
|
|
|
|
|
|
|
|
define KernelPackage/ebtables-watchers/description
|
|
|
|
This option adds the log watchers, that you can use in any rule
|
|
|
|
in any ebtables table.
|
|
|
|
endef
|
|
|
|
|
|
|
|
$(eval $(call KernelPackage,ebtables-watchers))
|
2009-01-31 18:09:25 +02:00
|
|
|
|
2010-01-22 10:18:04 +02:00
|
|
|
|
2009-01-31 18:09:25 +02:00
|
|
|
define KernelPackage/nfnetlink
|
|
|
|
SUBMENU:=$(NF_MENU)
|
|
|
|
TITLE:=Netlink-based userspace interface
|
2010-06-26 23:44:28 +03:00
|
|
|
DEPENDS:=+kmod-ipt-core
|
2010-07-12 17:06:13 +03:00
|
|
|
FILES:=$(LINUX_DIR)/net/netfilter/nfnetlink.ko
|
2009-01-31 18:09:25 +02:00
|
|
|
KCONFIG:=CONFIG_NETFILTER_NETLINK
|
|
|
|
AUTOLOAD:=$(call AutoLoad,48,nfnetlink)
|
|
|
|
endef
|
|
|
|
|
|
|
|
define KernelPackage/nfnetlink/description
|
|
|
|
Kernel modules support for a netlink-based userspace interface
|
|
|
|
endef
|
|
|
|
|
|
|
|
$(eval $(call KernelPackage,nfnetlink))
|
|
|
|
|
|
|
|
|
2010-04-24 14:42:17 +03:00
|
|
|
define AddDepends/nfnetlink
|
2009-01-31 18:09:25 +02:00
|
|
|
SUBMENU:=$(NF_MENU)
|
2010-06-26 23:44:28 +03:00
|
|
|
DEPENDS+=+kmod-nfnetlink $(1)
|
2010-01-22 10:18:04 +02:00
|
|
|
endef
|
|
|
|
|
|
|
|
|
|
|
|
define KernelPackage/nfnetlink-log
|
2009-01-31 18:09:25 +02:00
|
|
|
TITLE:=Netfilter LOG over NFNETLINK interface
|
2010-07-12 17:06:13 +03:00
|
|
|
FILES:=$(LINUX_DIR)/net/netfilter/nfnetlink_log.ko
|
2009-01-31 18:09:25 +02:00
|
|
|
KCONFIG:=CONFIG_NETFILTER_NETLINK_LOG
|
|
|
|
AUTOLOAD:=$(call AutoLoad,48,nfnetlink_log)
|
2010-04-29 07:04:19 +03:00
|
|
|
$(call AddDepends/nfnetlink)
|
2009-01-31 18:09:25 +02:00
|
|
|
endef
|
|
|
|
|
|
|
|
define KernelPackage/nfnetlink-log/description
|
|
|
|
Kernel modules support for logging packets via NFNETLINK
|
|
|
|
endef
|
|
|
|
|
|
|
|
$(eval $(call KernelPackage,nfnetlink-log))
|
|
|
|
|
|
|
|
|
|
|
|
define KernelPackage/nfnetlink-queue
|
|
|
|
TITLE:=Netfilter QUEUE over NFNETLINK interface
|
2010-07-12 17:06:13 +03:00
|
|
|
FILES:=$(LINUX_DIR)/net/netfilter/nfnetlink_queue.ko
|
2009-01-31 18:09:25 +02:00
|
|
|
KCONFIG:=CONFIG_NETFILTER_NETLINK_QUEUE
|
|
|
|
AUTOLOAD:=$(call AutoLoad,48,nfnetlink_queue)
|
2010-04-29 07:04:19 +03:00
|
|
|
$(call AddDepends/nfnetlink)
|
2009-01-31 18:09:25 +02:00
|
|
|
endef
|
|
|
|
|
|
|
|
define KernelPackage/nfnetlink-queue/description
|
|
|
|
Kernel modules support for queueing packets via NFNETLINK
|
|
|
|
endef
|
|
|
|
|
|
|
|
$(eval $(call KernelPackage,nfnetlink-queue))
|
|
|
|
|
|
|
|
|
|
|
|
define KernelPackage/nf-conntrack-netlink
|
|
|
|
TITLE:=Connection tracking netlink interface
|
2010-07-12 17:06:13 +03:00
|
|
|
FILES:=$(LINUX_DIR)/net/netfilter/nf_conntrack_netlink.ko
|
2009-01-31 18:09:25 +02:00
|
|
|
KCONFIG:=CONFIG_NF_CT_NETLINK
|
|
|
|
AUTOLOAD:=$(call AutoLoad,49,nf_conntrack_netlink)
|
2010-04-29 07:04:19 +03:00
|
|
|
$(call AddDepends/nfnetlink,+kmod-ipt-conntrack)
|
2009-01-31 18:09:25 +02:00
|
|
|
endef
|
|
|
|
|
|
|
|
define KernelPackage/nf-conntrack-netlink/description
|
|
|
|
Kernel modules support for a netlink-based connection tracking
|
|
|
|
userspace interface
|
|
|
|
endef
|
|
|
|
|
|
|
|
$(eval $(call KernelPackage,nf-conntrack-netlink))
|
2010-07-16 09:15:07 +03:00
|
|
|
|
|
|
|
define KernelPackage/ipt-hashlimit
|
2010-07-17 11:50:19 +03:00
|
|
|
SUBMENU:=$(NF_MENU)
|
2010-07-16 09:15:07 +03:00
|
|
|
TITLE:=Netfilter hashlimit match
|
|
|
|
KCONFIG:=$(KCONFIG_IPT_HASHLIMIT)
|
2010-07-17 11:50:19 +03:00
|
|
|
FILES:=$(LINUX_DIR)/net/netfilter/xt_hashlimit.ko
|
2010-07-16 09:15:07 +03:00
|
|
|
AUTOLOAD:=$(call AutoLoad,50,xt_hashlimit)
|
2010-07-17 11:50:19 +03:00
|
|
|
$(call KernelPackage/ipt)
|
2010-07-16 09:15:07 +03:00
|
|
|
endef
|
|
|
|
|
|
|
|
define KernelPackage/ipt-hashlimit/description
|
|
|
|
Kernel modules support for the hashlimit bucket match module
|
|
|
|
endef
|
|
|
|
|
|
|
|
$(eval $(call KernelPackage,ipt-hashlimit))
|