diff --git a/include/netfilter.mk b/include/netfilter.mk index 9da455a07..371571a57 100644 --- a/include/netfilter.mk +++ b/include/netfilter.mk @@ -290,6 +290,14 @@ $(eval $(call nf_add,IPT_TPROXY,CONFIG_NETFILTER_XT_TARGET_TPROXY, $(P_XT)xt_TPR # led $(eval $(call nf_add,IPT_LED,CONFIG_NETFILTER_XT_TARGET_LED, $(P_XT)xt_LED)) +# tee + +$(eval $(call nf_add,IPT_TEE,CONFIG_NETFILTER_XT_TARGET_TEE, $(P_XT)xt_TEE)) + +# u32 + +$(eval $(call nf_add,IPT_U32,CONFIG_NETFILTER_XT_MATCH_U32, $(P_XT)xt_u32)) + # # ebtables # diff --git a/package/iptables/Makefile b/package/iptables/Makefile index f0f96f035..61739d355 100644 --- a/package/iptables/Makefile +++ b/package/iptables/Makefile @@ -229,6 +229,27 @@ Includes: - libxt_TPROXY endef +define Package/iptables-mod-tee +$(call Package/iptables/Module, +kmod-ipt-tee) + TITLE:=TEE iptables extensions +endef + +define Package/iptables-mod-tee/description +TEE iptables extensions. +Includes: +- libxt_TEE +endef + +define Package/iptables-mod-u32 +$(call Package/iptables/Module, +kmod-ipt-u32) + TITLE:=U32 iptables extensions +endef + +define Package/iptables-mod-u32/description +U32 iptables extensions. +Includes: +- libxt_u32 +endef define Package/iptables-utils $(call Package/iptables/Module, ) @@ -424,6 +445,8 @@ $(eval $(call BuildPlugin,iptables-mod-iprange,$(IPT_IPRANGE-m))) $(eval $(call BuildPlugin,iptables-mod-ulog,$(IPT_ULOG-m))) $(eval $(call BuildPlugin,iptables-mod-hashlimit,$(IPT_HASHLIMIT-m))) $(eval $(call BuildPlugin,iptables-mod-tproxy,$(IPT_TPROXY-m))) +$(eval $(call BuildPlugin,iptables-mod-tee,$(IPT_TEE-m))) +$(eval $(call BuildPlugin,iptables-mod-u32,$(IPT_U32-m))) $(eval $(call BuildPackage,ip6tables)) $(eval $(call BuildPackage,ip6tables-utils)) $(eval $(call BuildPackage,libiptc)) diff --git a/package/kernel/modules/netfilter.mk b/package/kernel/modules/netfilter.mk index 61226ee7f..64c45558d 100644 --- a/package/kernel/modules/netfilter.mk +++ b/package/kernel/modules/netfilter.mk @@ -311,6 +311,41 @@ endef $(eval $(call KernelPackage,ipt-tproxy)) +define KernelPackage/ipt-tee + TITLE:=TEE support + KCONFIG:= \ + CONFIG_NETFILTER_XT_TARGET_TEE + FILES:= \ + $(LINUX_DIR)/net/netfilter/xt_TEE.ko \ + $(foreach mod,$(IPT_TEE-m),$(LINUX_DIR)/net/$(mod).ko) + AUTOLOAD:=$(call AutoLoad,45,$(notdir nf_tee $(IPT_TEE-m))) + $(call AddDepends/ipt) +endef + +define KernelPackage/ipt-tee/description + Kernel modules for TEE +endef + +$(eval $(call KernelPackage,ipt-tee)) + + +define KernelPackage/ipt-u32 + TITLE:=U32 support + KCONFIG:= \ + CONFIG_NETFILTER_XT_MATCH_U32 + FILES:= \ + $(LINUX_DIR)/net/netfilter/xt_u32.ko \ + $(foreach mod,$(IPT_U32-m),$(LINUX_DIR)/net/$(mod).ko) + AUTOLOAD:=$(call AutoLoad,45,$(notdir nf_tee $(IPT_U32-m))) + $(call AddDepends/ipt) +endef + +define KernelPackage/ipt-u32/description + Kernel modules for U32 +endef + +$(eval $(call KernelPackage,ipt-u32)) + define KernelPackage/ipt-iprange TITLE:=Module for matching ip ranges