port over the netfilter module packaging to the new system and fix iptables dependencies

SVN-Revision: 4206
This commit is contained in:
Felix Fietkau 2006-07-22 12:33:28 +00:00
parent 2a08d05aa3
commit daa509ea7f
7 changed files with 171 additions and 301 deletions

View file

@ -17,10 +17,6 @@ $(eval $(call KMOD_template,GRE,gre,\
$(MODULES_DIR)/kernel/net/ipv4/ip_gre.o \ $(MODULES_DIR)/kernel/net/ipv4/ip_gre.o \
,CONFIG_NET_IPGRE)) ,CONFIG_NET_IPGRE))
$(eval $(call KMOD_template,IMQ,imq,\
$(MODULES_DIR)/kernel/net/ipv4/netfilter/*IMQ*.o \
$(MODULES_DIR)/kernel/drivers/net/imq.o \
))
$(eval $(call KMOD_template,IPIP,ipip,\ $(eval $(call KMOD_template,IPIP,ipip,\
$(MODULES_DIR)/kernel/net/ipv4/ipip.o \ $(MODULES_DIR)/kernel/net/ipv4/ipip.o \
,CONFIG_NET_IPIP,,60,ipip)) ,CONFIG_NET_IPIP,,60,ipip))
@ -56,61 +52,6 @@ $(eval $(call KMOD_template,TUN,tun,\
$(MODULES_DIR)/kernel/drivers/net/tun.o \ $(MODULES_DIR)/kernel/drivers/net/tun.o \
,CONFIG_TUN,,20,tun)) ,CONFIG_TUN,,20,tun))
# Filtering / Firewalling
$(eval $(call KMOD_template,ARPTABLES,arptables,\
$(MODULES_DIR)/kernel/net/ipv4/netfilter/arp*.o \
,CONFIG_IP_NF_ARPTABLES))
$(eval $(call KMOD_template,EBTABLES,ebtables,\
$(MODULES_DIR)/kernel/net/bridge/netfilter/*.o \
,CONFIG_BRIDGE_NF_EBTABLES))
# metapackage for compatibility ...
$(eval $(call KMOD_template,IPTABLES_EXTRA,iptables-extra,\
,,kmod-ipt-conntrack kmod-ipt-extra kmod-ipt-filter kmod-ipt-ipopt kmod-ipt-ipsec kmod-ipt-nat kmod-ipt-nat-extra kmod-ipt-queue kmod-ipt-ulogd))
$(eval $(call KMOD_template,IPT_CONNTRACK,ipt-conntrack,\
$(foreach mod,$(IPT_CONNTRACK-m),$(MODULES_DIR)/kernel/net/ipv4/netfilter/$(mod).o) \
))
$(eval $(call KMOD_template,IPT_EXTRA,ipt-extra,\
$(foreach mod,$(IPT_EXTRA-m),$(MODULES_DIR)/kernel/net/ipv4/netfilter/$(mod).o) \
))
$(eval $(call KMOD_template,IPT_FILTER,ipt-filter,\
$(foreach mod,$(IPT_FILTER-m),$(MODULES_DIR)/kernel/net/ipv4/netfilter/$(mod).o) \
))
$(eval $(call KMOD_template,IPT_IPOPT,ipt-ipopt,\
$(foreach mod,$(IPT_IPOPT-m),$(MODULES_DIR)/kernel/net/ipv4/netfilter/$(mod).o) \
))
$(eval $(call KMOD_template,IPT_IPSEC,ipt-ipsec,\
$(foreach mod,$(IPT_IPSEC-m),$(MODULES_DIR)/kernel/net/ipv4/netfilter/$(mod).o) \
))
$(eval $(call KMOD_template,IPT_NAT,ipt-nat,\
$(foreach mod,$(IPT_NAT-m),$(MODULES_DIR)/kernel/net/ipv4/netfilter/$(mod).o) \
))
$(eval $(call KMOD_template,IPT_NAT_EXTRA,ipt-nat-extra,\
$(foreach mod,$(IPT_NAT_EXTRA-m),$(MODULES_DIR)/kernel/net/ipv4/netfilter/$(mod).o) \
,,,40,$(IPT_NAT_EXTRA-m)))
$(eval $(call KMOD_template,IPT_QUEUE,ipt-queue,\
$(foreach mod,$(IPT_QUEUE-m),$(MODULES_DIR)/kernel/net/ipv4/netfilter/$(mod).o) \
))
$(eval $(call KMOD_template,IPT_ULOG,ipt-ulog,\
$(foreach mod,$(IPT_ULOG-m),$(MODULES_DIR)/kernel/net/ipv4/netfilter/$(mod).o) \
))
$(eval $(call KMOD_template,IP6TABLES,ip6tables,\
$(MODULES_DIR)/kernel/net/ipv6/netfilter/ip*.o \
,CONFIG_IP6_NF_IPTABLES,kmod-ipv6))
# Block devices # Block devices
$(eval $(call KMOD_template,LOOP,loop,\ $(eval $(call KMOD_template,LOOP,loop,\

View file

@ -19,11 +19,6 @@ $(eval $(call KMOD_template,GRE,gre,\
$(MODULES_DIR)/kernel/net/ipv4/ip_gre.ko \ $(MODULES_DIR)/kernel/net/ipv4/ip_gre.ko \
,CONFIG_NET_IPGRE)) ,CONFIG_NET_IPGRE))
$(eval $(call KMOD_template,IMQ,imq,\
$(MODULES_DIR)/kernel/net/ipv4/netfilter/*IMQ*.ko \
$(MODULES_DIR)/kernel/drivers/net/imq.ko \
,CONFIG_IMQ))
$(eval $(call KMOD_template,IPIP,ipip,\ $(eval $(call KMOD_template,IPIP,ipip,\
$(MODULES_DIR)/kernel/net/ipv4/ipip.ko \ $(MODULES_DIR)/kernel/net/ipv4/ipip.ko \
,CONFIG_NET_IPIP,,60,ipip)) ,CONFIG_NET_IPIP,,60,ipip))
@ -60,62 +55,6 @@ $(eval $(call KMOD_template,TUN,tun,\
$(MODULES_DIR)/kernel/drivers/net/tun.ko \ $(MODULES_DIR)/kernel/drivers/net/tun.ko \
,CONFIG_TUN,,20,tun)) ,CONFIG_TUN,,20,tun))
# Filtering / Firewalling
$(eval $(call KMOD_template,ARPTABLES,arptables,\
$(MODULES_DIR)/kernel/net/ipv4/netfilter/arp*.ko \
,CONFIG_IP_NF_ARPTABLES))
$(eval $(call KMOD_template,EBTABLES,ebtables,\
$(MODULES_DIR)/kernel/net/bridge/netfilter/*.ko \
,CONFIG_BRIDGE_NF_EBTABLES))
# metapackage for compatibility ...
$(eval $(call KMOD_template,IPTABLES_EXTRA,iptables-extra,\
,,kmod-ipt-conntrack kmod-ipt-extra kmod-ipt-filter kmod-ipt-ipopt kmod-ipt-ipsec kmod-ipt-nat kmod-ipt-nat-extra kmod-ipt-queue kmod-ipt-ulogd))
$(eval $(call KMOD_template,IPT_CONNTRACK,ipt-conntrack,\
$(foreach mod,$(IPT_CONNTRACK-m),$(MODULES_DIR)/kernel/net/$(mod).ko) \
))
$(eval $(call KMOD_template,IPT_EXTRA,ipt-extra,\
$(foreach mod,$(IPT_EXTRA-m),$(MODULES_DIR)/kernel/net/$(mod).ko) \
))
$(eval $(call KMOD_template,IPT_FILTER,ipt-filter,\
$(foreach mod,$(IPT_FILTER-m),$(MODULES_DIR)/kernel/net/$(mod).ko) \
))
$(eval $(call KMOD_template,IPT_IPOPT,ipt-ipopt,\
$(foreach mod,$(IPT_IPOPT-m),$(MODULES_DIR)/kernel/net/$(mod).ko) \
))
$(eval $(call KMOD_template,IPT_IPSEC,ipt-ipsec,\
$(foreach mod,$(IPT_IPSEC-m),$(MODULES_DIR)/kernel/net/$(mod).ko) \
))
$(eval $(call KMOD_template,IPT_NAT,ipt-nat,\
$(foreach mod,$(IPT_NAT-m),$(MODULES_DIR)/kernel/net/$(mod).ko) \
))
$(eval $(call KMOD_template,IPT_NAT_EXTRA,ipt-nat-extra,\
$(foreach mod,$(IPT_NAT_EXTRA-m),$(MODULES_DIR)/kernel/net/$(mod).ko) \
,,,40,$(IPT_NAT_EXTRA-m)))
$(eval $(call KMOD_template,IPT_QUEUE,ipt-queue,\
$(foreach mod,$(IPT_QUEUE-m),$(MODULES_DIR)/kernel/net/$(mod).ko) \
))
$(eval $(call KMOD_template,IPT_ULOG,ipt-ulog,\
$(foreach mod,$(IPT_ULOG-m),$(MODULES_DIR)/kernel/net/$(mod).ko) \
))
$(eval $(call KMOD_template,IP6TABLES,ip6tables,\
$(MODULES_DIR)/kernel/net/ipv6/netfilter/ip*.ko \
,CONFIG_IP6_NF_IPTABLES,kmod-ipv6))
# Block devices # Block devices
$(eval $(call KMOD_template,LOOP,loop,\ $(eval $(call KMOD_template,LOOP,loop,\

View file

@ -6,12 +6,9 @@
# #
# $Id: netfilter.mk 2411 2005-11-11 03:41:43Z nico $ # $Id: netfilter.mk 2411 2005-11-11 03:41:43Z nico $
ifeq ($(NF_2_6),1) ifeq ($(NF_KMOD),1)
P_V4:=ipv4/netfilter/ P_V4:=ipv4/netfilter/
P_XT:=netfilter/ P_XT:=netfilter/
else
P_V4:=
P_XT:=
endif endif
IPT_CONNTRACK-m := IPT_CONNTRACK-m :=
@ -84,6 +81,7 @@ IPT_NAT-$(CONFIG_IP_NF_NAT) += $(P_V4)ipt_SNAT $(P_V4)ipt_DNAT
IPT_NAT-$(CONFIG_IP_NF_TARGET_MASQUERADE) += $(P_V4)ipt_MASQUERADE IPT_NAT-$(CONFIG_IP_NF_TARGET_MASQUERADE) += $(P_V4)ipt_MASQUERADE
IPT_NAT-$(CONFIG_IP_NF_TARGET_MIRROR) += $(P_V4)ipt_MIRROR IPT_NAT-$(CONFIG_IP_NF_TARGET_MIRROR) += $(P_V4)ipt_MIRROR
IPT_NAT-$(CONFIG_IP_NF_TARGET_REDIRECT) += $(P_V4)ipt_REDIRECT IPT_NAT-$(CONFIG_IP_NF_TARGET_REDIRECT) += $(P_V4)ipt_REDIRECT
IPT_NAT-$(CONFIG_IP_NF_TARGET_NETMAP) += $(P_V4)ipt_NETMAP
IPT_NAT_EXTRA-m := IPT_NAT_EXTRA-m :=
IPT_NAT_EXTRA-$(CONFIG_IP_NF_AMANDA) += $(P_V4)ip_conntrack_amanda IPT_NAT_EXTRA-$(CONFIG_IP_NF_AMANDA) += $(P_V4)ip_conntrack_amanda

View file

@ -49,7 +49,7 @@ endef
define Package/iptables-mod-conntrack define Package/iptables-mod-conntrack
SECTION:=net SECTION:=net
CATEGORY:=Base system CATEGORY:=Base system
DEPENDS:=iptables DEPENDS:=iptables +kmod-ipt-conntrack
TITLE:=connection tracking modules TITLE:=connection tracking modules
DESCRIPTION:=iptables extensions for connection tracking \\\ DESCRIPTION:=iptables extensions for connection tracking \\\
Includes: \\\ Includes: \\\
@ -61,7 +61,7 @@ endef
define Package/iptables-mod-filter define Package/iptables-mod-filter
SECTION:=net SECTION:=net
CATEGORY:=Base system CATEGORY:=Base system
DEPENDS:=iptables DEPENDS:=iptables +kmod-ipt-filter
TITLE:=filter modules TITLE:=filter modules
DESCRIPTION:=iptables extensions for packet content inspection\\\ DESCRIPTION:=iptables extensions for packet content inspection\\\
Includes: \\\ Includes: \\\
@ -73,7 +73,7 @@ define Package/iptables-mod-imq
SECTION:=net SECTION:=net
CATEGORY:=Base system CATEGORY:=Base system
DEPENDS:=iptables DEPENDS:=iptables
TITLE:=IMQ support TITLE:=IMQ support +kmod-imq
DESCRIPTION:=iptables extension for IMQ support\\\ DESCRIPTION:=iptables extension for IMQ support\\\
Includes: \\\ Includes: \\\
* libipt_IMQ * libipt_IMQ
@ -82,7 +82,7 @@ endef
define Package/iptables-mod-ipopt define Package/iptables-mod-ipopt
SECTION:=net SECTION:=net
CATEGORY:=Base system CATEGORY:=Base system
DEPENDS:=iptables DEPENDS:=iptables +kmod-ipt-ipopt
TITLE:=IP/Packet option modules TITLE:=IP/Packet option modules
DESCRIPTION:=iptables extensions for matching/changing IP packet options\\\ DESCRIPTION:=iptables extensions for matching/changing IP packet options\\\
Includes: \\\ Includes: \\\
@ -99,7 +99,7 @@ endef
define Package/iptables-mod-ipsec define Package/iptables-mod-ipsec
SECTION:=net SECTION:=net
CATEGORY:=Base system CATEGORY:=Base system
DEPENDS:=iptables DEPENDS:=iptables +kmod-ipt-ipsec
TITLE:=IPSec extensions TITLE:=IPSec extensions
DESCRIPTION:=iptables extensions for matching ipsec traffic\\\ DESCRIPTION:=iptables extensions for matching ipsec traffic\\\
Includes: \\\ Includes: \\\
@ -110,7 +110,7 @@ endef
define Package/iptables-mod-nat define Package/iptables-mod-nat
SECTION:=net SECTION:=net
CATEGORY:=Base system CATEGORY:=Base system
DEPENDS:=iptables DEPENDS:=iptables +kmod-ipt-nat
TITLE:=extra NAT targets TITLE:=extra NAT targets
DESCRIPTION:=iptables extensions for different NAT targets\\\ DESCRIPTION:=iptables extensions for different NAT targets\\\
Includes: \\\ Includes: \\\
@ -120,7 +120,7 @@ endef
define Package/iptables-mod-ulog define Package/iptables-mod-ulog
SECTION:=net SECTION:=net
CATEGORY:=Base system CATEGORY:=Base system
DEPENDS:=iptables DEPENDS:=iptables +kmod-ipt-ulog
TITLE:=user-space packet logging TITLE:=user-space packet logging
DESCRIPTION:=iptables extensions for user-space packet logging\\\ DESCRIPTION:=iptables extensions for user-space packet logging\\\
Includes: \\\ Includes: \\\
@ -130,7 +130,7 @@ endef
define Package/iptables-mod-extra define Package/iptables-mod-extra
SECTION:=net SECTION:=net
CATEGORY:=Base system CATEGORY:=Base system
DEPENDS:=iptables DEPENDS:=iptables +kmod-ipt-extra
TITLE:=other extra iptables extensions TITLE:=other extra iptables extensions
DESCRIPTION:=other extra iptables extensions\\\ DESCRIPTION:=other extra iptables extensions\\\
Includes: \\\ Includes: \\\

View file

@ -18,6 +18,7 @@ PKG_BUILD_DIR:=$(KERNEL_BUILD_DIR)/packages
include $(INCLUDE_DIR)/package.mk include $(INCLUDE_DIR)/package.mk
ifeq ($(DUMP),) ifeq ($(DUMP),)
-include $(LINUX_DIR)/.config -include $(LINUX_DIR)/.config
NF_KMOD:=1
include $(INCLUDE_DIR)/netfilter.mk include $(INCLUDE_DIR)/netfilter.mk
endif endif

View file

@ -63,4 +63,164 @@ AUTOLOAD:=$(call AutoLoad,30,pdc202xx_old)
endef endef
$(eval $(call KernelPackage,ide-pdc202xx)) $(eval $(call KernelPackage,ide-pdc202xx))
NFMENU:=Netfilter Extensions
define KernelPackage/ipt-conntrack
TITLE:=Modules for connection tracking
DESCRIPTION:=Netfilter (IPv4) kernel modules for connection tracking\\\
Includes: \\\
* ipt_conntrack \\\
* ipt_helper \\\
* ipt_connmark/CONNMARK
SUBMENU:=$(NFMENU)
FILES:=$(foreach mod,$(IPT_CONNTRACK-m),$(MODULES_DIR)/kernel/net/$(mod).$(LINUX_KMOD_SUFFIX))
endef
$(eval $(call KernelPackage,ipt-conntrack))
define KernelPackage/ipt-filter
TITLE:=Modules for packet content inspection
DESCRIPTION:=Netfilter (IPv4) kernel modules for packet content inspection \\\
Includes: \\\
* ipt_ipp2p \\\
* ipt_layer7
SUBMENU:=$(NFMENU)
FILES:=$(foreach mod,$(IPT_FILTER-m),$(MODULES_DIR)/kernel/net/$(mod).$(LINUX_KMOD_SUFFIX))
endef
$(eval $(call KernelPackage,ipt-filter))
define KernelPackage/ipt-ipopt
TITLE:=Modules for matching/changing IP packet options
DESCRIPTION:=Netfilter (IPv4) modules for matching/changing IP packet options \\\
Includes: \\\
* ipt_dscp/DSCP \\\
* ipt_ecn/ECN \\\
* ipt_length \\\
* ipt_mac \\\
* ipt_tos/TOS \\\
* ipt_tcpmms \\\
* ipt_ttl/TTL \\\
* ipt_unclean
SUBMENU:=$(NFMENU)
FILES:=$(foreach mod,$(IPT_IPOPT-m),$(MODULES_DIR)/kernel/net/$(mod).$(LINUX_KMOD_SUFFIX))
endef
$(eval $(call KernelPackage,ipt-ipopt))
define KernelPackage/ipt-ipsec
TITLE:=Modules for matching IPSec packets
DESCRIPTION:=Netfilter (IPv4) modules for matching IPSec packets \\\
Includes: \\\
* ipt_ah \\\
* ipt_esp
SUBMENU:=$(NFMENU)
FILES:=$(foreach mod,$(IPT_IPSEC-m),$(MODULES_DIR)/kernel/net/$(mod).$(LINUX_KMOD_SUFFIX))
endef
$(eval $(call KernelPackage,ipt-ipsec))
define KernelPackage/ipt-nat
TITLE:=Modules for extra NAT targets
DESCRIPTION:=Netfilter (IPv4) modules for extra NAT targets \\\
Includes: \\\
* ipt_REDIRECT \\\
* ipt_NETMAP
SUBMENU:=$(NFMENU)
FILES:=$(foreach mod,$(IPT_NAT-m),$(MODULES_DIR)/kernel/net/$(mod).$(LINUX_KMOD_SUFFIX))
endef
$(eval $(call KernelPackage,ipt-nat))
define KernelPackage/ipt-nathelper
TITLE:=Extra Conntrack and NAT helpers
DESCRIPTION:=Extra Conntrack and NAT helpers (IPv4) \\\
Includes: \\\
* ip_conntrack_amanda \\\
* ip_conntrack_proto_gre \\\
* ip_nat_proto_gre \\\
* ip_conntrack_pptp \\\
* ip_nat_pptp \\\
* ip_conntrack_sip \\\
* ip_nat_sip \\\
* ip_nat_snmp_basic \\\
* ip_conntrack_tftp
SUBMENU:=$(NFMENU)
FILES:=$(foreach mod,$(IPT_NAT_EXTRA-m),$(MODULES_DIR)/kernel/net/$(mod).$(LINUX_KMOD_SUFFIX))
endef
$(eval $(call KernelPackage,ipt-nathelper))
define KernelPackage/ipt-imq
TITLE:=Intermediate Queueing support
DESCRIPTION:=Kernel support for Intermediate Queueing devices
KCONFIG:=$(CONFIG_IMQ)
SUBMENU:=$(NFMENU)
FILES:= \
$(MODULES_DIR)/kernel/net/ipv4/netfilter/*IMQ*.$(LINUX_KMOD_SUFFIX) \
$(MODULES_DIR)/kernel/drivers/net/imq.$(LINUX_KMOD_SUFFIX)
endef
$(eval $(call KernelPackage,imq))
define KernelPackage/ipt-queue
TITLE:=Module for user-space packet queueing
DESCRIPTION:=Netfilter (IPv4) module for user-space packet queueing \\\
Includes: \\\
* ipt_QUEUE
SUBMENU:=$(NFMENU)
FILES:=$(foreach mod,$(IPT_QUEUE-m),$(MODULES_DIR)/kernel/net/$(mod).$(LINUX_KMOD_SUFFIX))
endef
$(eval $(call KernelPackage,ipt-queue))
define KernelPackage/ipt-ulog
TITLE:=Module for user-space packet logging
DESCRIPTION:=Netfilter (IPv4) module for user-space packet logging \\\
Includes: \\\
* ipt_ULOG
SUBMENU:=$(NFMENU)
FILES:=$(foreach mod,$(IPT_ULOG-m),$(MODULES_DIR)/kernel/net/$(mod).$(LINUX_KMOD_SUFFIX))
endef
$(eval $(call KernelPackage,ipt-ulog))
define KernelPackage/ipt-extra
TITLE:=Extra modules
DESCRIPTION:=Other Netfilter (IPv4) kernel modules\\\
Includes: \\\
* ipt_limit \\\
* ipt_owner \\\
* ipt_physdev \\\
* ipt_pkttype \\\
* ipt_recent
SUBMENU:=$(NFMENU)
FILES:=$(foreach mod,$(IPT_EXTRA-m),$(MODULES_DIR)/kernel/net/$(mod).$(LINUX_KMOD_SUFFIX))
endef
$(eval $(call KernelPackage,ipt-extra))
define KernelPackage/ip6tables
TITLE:=IPv6 modules
DESCRIPTION:=Netfilter IPv6 firewalling support
SUBMENU:=$(NFMENU)
FILES:=$(MODULES_DIR)/kernel/net/ipv6/netfilter/ip*.$(LINUX_KMOD_SUFFIX)
endef
$(eval $(call KernelPackage,ip6tables))
define KernelPackage/arptables
TITLE:=ARP firewalling modules
DESCRIPTION:=Kernel modules for ARP firewalling
SUBMENU:=$(NFMENU)
FILES:=$(MODULES_DIR)/kernel/net/ipv4/netfilter/arp*.$(LINUX_KMOD_SUFFIX)
KCONFIG:=$(CONFIG_IP_NF_ARPTABLES)
endef
$(eval $(call KernelPackage,arptables))
define KernelPackage/ebtables
TITLE:=Bridge firewalling modules
DESCRIPTION:=Kernel modules for Ethernet Bridge firewalling
SUBMENU:=$(NFMENU)
FILES:=$(MODULES_DIR)/kernel/net/bridge/netfilter/*.$(LINUX_KMOD_SUFFIX)
KCONFIG:=$(CONFIG_BRIDGE_NF_EBTABLES)
endef
$(eval $(call KernelPackage,ebtables))

View file

@ -23,13 +23,6 @@ config PACKAGE_KMOD_GRE
help help
Kernel support for GRE tunnels Kernel support for GRE tunnels
config PACKAGE_KMOD_IMQ
prompt "kmod-imq.......................... Intermediate Queueing device"
tristate
default m
help
Kernel support for the Intermediate Queueing device
config PACKAGE_KMOD_IPIP config PACKAGE_KMOD_IPIP
prompt "kmod-ipip......................... IP in IP encapsulation support" prompt "kmod-ipip......................... IP in IP encapsulation support"
tristate tristate
@ -101,168 +94,6 @@ config PACKAGE_KMOD_TUN
endmenu endmenu
menu "Filtering/Firewalling"
config PACKAGE_KMOD_ARPTABLES
prompt "kmod-arptables.................... ARP firewalling support"
tristate
default m
help
Kernel modules for ARP firewalling
config PACKAGE_KMOD_EBTABLES
prompt "kmod-ebtables..................... Ethernet Bridge firewalling support"
tristate
default m
help
Kernel modules for bridge firewalling
config PACKAGE_KMOD_IPTABLES
prompt "kmod-iptables..................... Core Netfilter modules for IPv4 firewalling"
tristate
default y
help
Kernel modules for IPv4 firewalling
config PACKAGE_KMOD_IPTABLES_EXTRA
prompt "kmod-iptables-extra............... Extra Netfilter modules for IPv4 firewalling (meta-package)"
tristate
default m
select PACKAGE_KMOD_IPT_CONNTRACK
select PACKAGE_KMOD_IPT_FILTER
select PACKAGE_KMOD_IPT_IPOPT
select PACKAGE_KMOD_IPT_IPSEC
select PACKAGE_KMOD_IPT_NAT
select PACKAGE_KMOD_IPT_NAT_EXTRA
select PACKAGE_KMOD_IPT_QUEUE
select PACKAGE_KMOD_IPT_ULOG
select PACKAGE_KMOD_IPT_EXTRA
help
Extra Netfilter kernel modules for IPv4 firewalling (meta-package)
config PACKAGE_KMOD_IPT_CONNTRACK
prompt "kmod-ipt-conntrack................ Netfilter modules for connection tracking"
tristate
default m
help
Netfilter (IPv4) kernel modules for connection tracking
Includes:
* ipt_conntrack
* ipt_helper
* ipt_connmark/CONNMARK
config PACKAGE_KMOD_IPT_FILTER
prompt "kmod-ipt-filter................... Netfilter modules for packet content inspection"
tristate
default m
help
Netfilter (IPv4) kernel modules for packet content inspection
Includes:
* ipt_ipp2p
* ipt_layer7
config PACKAGE_KMOD_IPT_IPOPT
prompt "kmod-ipt-ipopt.................... Netfilter modules for matching/changing IP packet options"
tristate
default m
help
Netfilter (IPv4) kernel modules for matching/changing IP packet options
Includes:
* ipt_dscp/DSCP
* ipt_ecn/ECN
* ipt_length
* ipt_mac
* ipt_tos/TOS
* ipt_tcpmms
* ipt_ttl/TTL
* ipt_unclean
config PACKAGE_KMOD_IPT_IPSEC
prompt "kmod-ipt-ipsec.................... Netfilter modules for matching IPsec packets"
tristate
default m
help
Netfilter (IPv4) kernel modules for matching IPsec packets
Includes:
* ipt_ah
* ipt_esp
config PACKAGE_KMOD_IPT_NAT
prompt "kmod-ipt-nat...................... Netfilter modules for different NAT targets"
tristate
default m
help
Netfilter (IPv4) kernel modules for different NAT targets
Includes:
* ipt_REDIRECT
config PACKAGE_KMOD_IPT_NAT_EXTRA
prompt "kmod-ipt-nat-extra................ Extra Netfilter NAT modules for special protocols"
tristate
default m
help
Extra Netfilter (IPv4) NAT kernel modules for special protocols
Includes:
* ip_conntrack_amanda
* ip_conntrack_proto_gre
* ip_nat_proto_gre
* ip_conntrack_pptp
* ip_nat_pptp
* ip_conntrack_sip
* ip_nat_sip
* ip_nat_snmp_basic
* ip_conntrack_tftp
config PACKAGE_KMOD_IPT_QUEUE
prompt "kmod-ipt-queue.................... Netfilter module for user-space packet queueing"
tristate
default m
help
Netfilter (IPv4) module for user-space packet queueing
Includes:
* ipt_QUEUE
config PACKAGE_KMOD_IPT_ULOG
prompt "kmod-ipt-ulog..................... Netfilter module for user-space packet logging"
tristate
default m
help
Netfilter (IPv4) module for user-space packet logging
Includes:
* ipt_ULOG
config PACKAGE_KMOD_IPT_EXTRA
prompt "kmod-ipt-extra.................... Other extra Netfilter modules"
tristate
default m
help
Other extra Netfilter (IPv4) kernel modules
Includes:
* ipt_limit
* ipt_owner
* ipt_physdev
* ipt_pkttype
* ipt_recent
config PACKAGE_KMOD_IP6TABLES
prompt "kmod-ip6tables.................... Kernel modules for ip6tables"
tristate
default m
depends PACKAGE_KMOD_IPV6
help
IPv6 firewalling support
endmenu
menu "Block devices support" menu "Block devices support"
config PACKAGE_kmod-ide-core config PACKAGE_kmod-ide-core