Allow a redirect like:
config redirect
option src 'wan'
option dest 'lan'
option src_dport '22001'
option dest_port '22'
option proto 'tcp'
note the absence of the "dest_ip" field, meaning to terminate the connection on the firewall itself.
This patch makes three changes:
(1) moves the conntrack module into the conntrack package (but not any of the conntrack_* helpers).
(2) fixes a bug where the wrong table is used when the "dest_ip" field is absent.
(3) accepts incoming connections on the destination port on the input_ZONE table, but only for DNATted
connections.
In the above example,
ssh -p 22 root@myrouter
would fail from the outside, but:
ssh -p 22001 root@myrouter
would succeed. This is handy if:
(1) you want to avoid ssh probes on your router, or
(2) you want to redirect incoming connections on port 22 to some machine inside your firewall, but
still want to allow firewall access from outside.
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
SVN-Revision: 26617
Currently the device id in the platform driver is hardcoded to an
id which is specific to AR9130/AR9132 SOCs as it supports only wmac
(wireless mac) of these SOCs. But this needs to be dynamic when we
want to support different wmac of SOCs. So add id_table to driver to
make it extendable to more SOCs.
Signed-off-by: Vasanthakumar Thiagarajan <vasanth@atheros.com>
SVN-Revision: 26604
* Some module should be loaded later to load them after the modules they are depending on
* add some more missing config symbols
* make CS5535 build again
SVN-Revision: 26570
Add a bundle for including commonly useful modules for IPtables debugging and development.
For now, it just contains xt_TRACE.ko
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
SVN-Revision: 26567
If your ISP is pushing their own DSL equipment (which many do to contain support costs), they won't be
forthcoming with your various settings: encapsulation, VPI/VCI, etc.
These you might have to discover yourself. The easiest way to do this is with atmdiag and atmdump.
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
SVN-Revision: 26542
This adds the Intel wireless drivers for their normal cards.
Thank you framer99 for the patch, I extended it a little bit.
This closes#7227
SVN-Revision: 26534
This enables support for Realtek 8169 based network cards for other
platforms than x86. I have a mini-PCI card on ixp4xxx running here.
Maybe for the other cards in netdevices.mk a @DEPENDS change from
@TARGET_x86 to @PCI_SUPPORT makes also sense.
Signed-off-by: Christoph König <christoph.koenig@ikt.uni-hannover.de>
SVN-Revision: 26529
Since r26296 mppe.ko could not be loaded, kernel gives "device missing" error.
According to KConfig cypther-ecb is required.
Signed-off-by: Sven Roederer <mailinglists.sven_at_roederer.dhs.org>
SVN-Revision: 26507
Hi
minrate and maxrate are acually not boolean, so, for example
"config minrate 11000" in /etc/config/wireless has no effect.
Signed-off by: Jan Hetges <tran@ms20.net>
SVN-Revision: 26504
/etc/functions.sh:pi_include() checks if the argument exists and prints
a warning if not. To prevent this warning if package block-mount is installed
but not package e2fsprogs, the script should check if this directory exists
before calling pi_include()
A wrong patch to suppress this warning was previously posted
with subject:
[PATCH] Fix typo in name of to be included file
Signed-off-by: Mark Vels <mark.vels@team-embedded.nl>
SVN-Revision: 26503
The script tests for the existance of /dev/root with test -e which fails if
/dev/root is a dangling symlink making the call to ln fail.
Signed-off-by: Justus Winter <4winter@informatik.uni-hamburg.de>
SVN-Revision: 26483