diff --git a/include/netfilter.mk b/include/netfilter.mk index 76b641724..f285a8db3 100644 --- a/include/netfilter.mk +++ b/include/netfilter.mk @@ -114,6 +114,7 @@ $(eval $(call nf_add,IPT_IMQ,CONFIG_NETFILTER_XT_TARGET_IMQ, $(P_XT)xt_IMQ)) $(eval $(call nf_add,IPT_IPOPT,CONFIG_IP_NF_MATCH_DSCP, $(P_V4)ipt_dscp)) $(eval $(call nf_add,IPT_IPOPT,CONFIG_NETFILTER_XT_MATCH_DSCP, $(P_XT)xt_dscp)) $(eval $(call nf_add,IPT_IPOPT,CONFIG_NETFILTER_XT_TARGET_DSCP, $(P_XT)xt_DSCP)) +$(eval $(call nf_add,IPT_HASHLIMIT,CONFIG_NETFILTER_XT_MATCH_HASHLIMIT, $(P_XT)xt_hashlimit)) $(eval $(call nf_add,IPT_IPOPT,CONFIG_IP_NF_MATCH_ECN, $(P_V4)ipt_ecn)) $(eval $(call nf_add,IPT_IPOPT,CONFIG_IP_NF_MATCH_LENGTH, $(P_V4)ipt_length)) $(eval $(call nf_add,IPT_IPOPT,CONFIG_NETFILTER_XT_MATCH_LENGTH, $(P_XT)xt_length)) diff --git a/package/iptables/Makefile b/package/iptables/Makefile index 1b3dda96f..bfc8ceefb 100644 --- a/package/iptables/Makefile +++ b/package/iptables/Makefile @@ -189,6 +189,17 @@ Includes: - libipt_ULOG endef +define Package/iptables-mod-hashlimit +$(call Package/iptables/Module, +kmod-ipt-hashlimit) + TITLE:=hashlimit matching +endef + +define Package/iptables-mod-hashlimit/description +iptables extensions for hashlimit matching +Includes: +- libxt_hashlimit +endef + define Package/iptables-mod-iprange $(call Package/iptables/Module, +kmod-ipt-iprange) TITLE:=IP range extension @@ -368,6 +379,7 @@ $(eval $(call BuildPlugin,iptables-mod-conntrack,$(IPT_CONNTRACK-m))) $(eval $(call BuildPlugin,iptables-mod-conntrack-extra,$(IPT_CONNTRACK_EXTRA-m))) $(eval $(call BuildPlugin,iptables-mod-extra,$(IPT_EXTRA-m))) $(eval $(call BuildPlugin,iptables-mod-filter,$(IPT_FILTER-m),$(L7_INSTALL))) +$(eval $(call BuildPlugin,iptables-mod-hashlimit,$(IPT_HASHLIMIT-m))) $(eval $(call BuildPlugin,iptables-mod-imq,$(IPT_IMQ-m))) $(eval $(call BuildPlugin,iptables-mod-ipopt,$(IPT_IPOPT-m))) $(eval $(call BuildPlugin,iptables-mod-ipsec,$(IPT_IPSEC-m))) diff --git a/package/kernel/modules/netfilter.mk b/package/kernel/modules/netfilter.mk index 45754b7fd..bbd44b89f 100644 --- a/package/kernel/modules/netfilter.mk +++ b/package/kernel/modules/netfilter.mk @@ -493,3 +493,17 @@ define KernelPackage/nf-conntrack-netlink/description endef $(eval $(call KernelPackage,nf-conntrack-netlink)) + +define KernelPackage/ipt-hashlimit +$(call KernelPackage/ipt/Depends,) + TITLE:=Netfilter hashlimit match + FILES:=$(LINUX_DIR)/net/netfilter/xt_hashlimit.$(LINUX_KMOD_SUFFIX) + KCONFIG:=$(KCONFIG_IPT_HASHLIMIT) + AUTOLOAD:=$(call AutoLoad,50,xt_hashlimit) +endef + +define KernelPackage/ipt-hashlimit/description + Kernel modules support for the hashlimit bucket match module +endef + +$(eval $(call KernelPackage,ipt-hashlimit))