#
-# Copyright (C) 2006-2008 OpenWrt.org
+# Copyright (C) 2006-2010 OpenWrt.org
#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
$(eval $(if $(NF_KMOD),$(call nf_add,IPT_CORE,CONFIG_IP_NF_FILTER, $(P_V4)iptable_filter),))
$(eval $(if $(NF_KMOD),$(call nf_add,IPT_CORE,CONFIG_IP_NF_MANGLE, $(P_V4)iptable_mangle),))
-#
-# ebtables
-#
-
-$(eval $(if $(NF_KMOD),$(call nf_add,EBTABLES,CONFIG_BRIDGE_NF_EBTABLES, $(P_EBT)ebtables),))
-
-# ebtables: tables
-$(eval $(call nf_add,EBTABLES,CONFIG_BRIDGE_EBT_BROUTE, $(P_EBT)ebtable_broute))
-$(eval $(call nf_add,EBTABLES,CONFIG_BRIDGE_EBT_T_FILTER, $(P_EBT)ebtable_filter))
-$(eval $(call nf_add,EBTABLES,CONFIG_BRIDGE_EBT_T_NAT, $(P_EBT)ebtable_nat))
-
-# ebtables: matches
-$(eval $(call nf_add,EBTABLES,CONFIG_BRIDGE_EBT_802_3, $(P_EBT)ebt_802_3))
-$(eval $(call nf_add,EBTABLES,CONFIG_BRIDGE_EBT_AMONG, $(P_EBT)ebt_among))
-$(eval $(call nf_add,EBTABLES_IP4,CONFIG_BRIDGE_EBT_ARP, $(P_EBT)ebt_arp))
-$(eval $(call nf_add,EBTABLES_IP4,CONFIG_BRIDGE_EBT_IP, $(P_EBT)ebt_ip))
-$(eval $(call nf_add,EBTABLES_IP6,CONFIG_BRIDGE_EBT_IP6, $(P_EBT)ebt_ip6))
-$(eval $(call nf_add,EBTABLES,CONFIG_BRIDGE_EBT_LIMIT, $(P_EBT)ebt_limit))
-$(eval $(call nf_add,EBTABLES,CONFIG_BRIDGE_EBT_MARK, $(P_EBT)ebt_mark_m))
-$(eval $(call nf_add,EBTABLES,CONFIG_BRIDGE_EBT_PKTTYPE, $(P_EBT)ebt_pkttype))
-$(eval $(call nf_add,EBTABLES,CONFIG_BRIDGE_EBT_STP, $(P_EBT)ebt_stp))
-$(eval $(call nf_add,EBTABLES,CONFIG_BRIDGE_EBT_VLAN, $(P_EBT)ebt_vlan))
-
-# targets
-$(eval $(call nf_add,EBTABLES_IP4,CONFIG_BRIDGE_EBT_ARPREPLY, $(P_EBT)ebt_arpreply))
-$(eval $(call nf_add,EBTABLES,CONFIG_BRIDGE_EBT_MARK_T, $(P_EBT)ebt_mark))
-$(eval $(call nf_add,EBTABLES_IP4,CONFIG_BRIDGE_EBT_DNAT, $(P_EBT)ebt_dnat))
-$(eval $(call nf_add,EBTABLES,CONFIG_BRIDGE_EBT_REDIRECT, $(P_EBT)ebt_redirect))
-$(eval $(call nf_add,EBTABLES_IP4,CONFIG_BRIDGE_EBT_SNAT, $(P_EBT)ebt_snat))
-
-# watchers
-$(eval $(call nf_add,EBTABLES_WATCHERS,CONFIG_BRIDGE_EBT_LOG, $(P_EBT)ebt_log))
-$(eval $(call nf_add,EBTABLES_WATCHERS,CONFIG_BRIDGE_EBT_ULOG, $(P_EBT)ebt_ulog))
-$(eval $(call nf_add,EBTABLES_WATCHERS,CONFIG_BRIDGE_EBT_NFLOG, $(P_EBT)ebt_nflog))
-
# userland only
$(eval $(if $(NF_KMOD),,$(call nf_add,IPT_CORE,CONFIG_IP_NF_IPTABLES, xt_standard ipt_icmp xt_tcp xt_udp xt_comment)))
$(eval $(call nf_add,IPT_EXTRA,CONFIG_IP_NF_MATCH_CONDITION, $(P_V4)ipt_condition))
$(eval $(call nf_add,IPT_EXTRA,CONFIG_IP_NF_MATCH_OWNER, $(P_V4)ipt_owner))
+$(eval $(call nf_add,IPT_EXTRA,CONFIG_NETFILTER_XT_MATCH_OWNER, $(P_XT)xt_owner))
$(eval $(call nf_add,IPT_EXTRA,CONFIG_NETFILTER_XT_MATCH_PHYSDEV, $(P_XT)xt_physdev))
$(eval $(call nf_add,IPT_EXTRA,CONFIG_IP_NF_MATCH_PKTTYPE, $(P_V4)ipt_pkttype))
$(eval $(call nf_add,IPT_EXTRA,CONFIG_NETFILTER_XT_MATCH_PKTTYPE, $(P_XT)xt_pkttype))
-#$(eval $(call nf_add,IPT_EXTRA,CONFIG_IP_NF_MATCH_QUOTA, $(P_V4)ipt_quota))
+$(eval $(call nf_add,IPT_EXTRA,CONFIG_IP_NF_MATCH_QUOTA, $(P_V4)ipt_quota))
$(eval $(call nf_add,IPT_EXTRA,CONFIG_NETFILTER_XT_MATCH_QUOTA, $(P_XT)xt_quota))
#$(eval $(call nf_add,IPT_EXTRA,CONFIG_IP_NF_TARGET_ROUTE, $(P_V4)ipt_ROUTE))
$(eval $(call nf_add,IPT_NATHELPER,CONFIG_NF_CONNTRACK_IRC, $(P_XT)nf_conntrack_irc))
$(eval $(call nf_add,IPT_NATHELPER,CONFIG_NF_NAT_IRC, $(P_V4)nf_nat_irc))
$(eval $(call nf_add,IPT_NATHELPER,CONFIG_IP_NF_TFTP, $(P_V4)ip_conntrack_tftp))
+$(eval $(call nf_add,IPT_NATHELPER,CONFIG_IP_NF_NAT_TFTP, $(P_V4)ip_nat_tftp))
$(eval $(call nf_add,IPT_NATHELPER,CONFIG_NF_CONNTRACK_TFTP, $(P_XT)nf_conntrack_tftp))
$(eval $(call nf_add,IPT_NATHELPER,CONFIG_NF_NAT_TFTP, $(P_V4)nf_nat_tftp))
# nathelper-extra
$(eval $(call nf_add,IPT_NATHELPER_EXTRA,CONFIG_IP_NF_AMANDA, $(P_V4)ip_conntrack_amanda))
+$(eval $(call nf_add,IPT_NATHELPER_EXTRA,CONFIG_IP_NF_NAT_AMANDA, $(P_V4)ip_nat_amanda))
$(eval $(call nf_add,IPT_NATHELPER_EXTRA,CONFIG_NF_CONNTRACK_AMANDA, $(P_XT)nf_conntrack_amanda))
$(eval $(call nf_add,IPT_NATHELPER_EXTRA,CONFIG_NF_NAT_AMANDA, $(P_V4)nf_nat_amanda))
$(eval $(call nf_add,IPT_NATHELPER_EXTRA,CONFIG_IP_NF_CT_PROTO_GRE, $(P_V4)ip_conntrack_proto_gre))
$(eval $(call nf_add,IPT_ULOG,CONFIG_IP_NF_TARGET_ULOG, $(P_V4)ipt_ULOG))
+#
+# ebtables
+#
+
+$(eval $(if $(NF_KMOD),$(call nf_add,EBTABLES,CONFIG_BRIDGE_NF_EBTABLES, $(P_EBT)ebtables),))
+
+# ebtables: tables
+$(eval $(call nf_add,EBTABLES,CONFIG_BRIDGE_EBT_BROUTE, $(P_EBT)ebtable_broute))
+$(eval $(call nf_add,EBTABLES,CONFIG_BRIDGE_EBT_T_FILTER, $(P_EBT)ebtable_filter))
+$(eval $(call nf_add,EBTABLES,CONFIG_BRIDGE_EBT_T_NAT, $(P_EBT)ebtable_nat))
+
+# ebtables: matches
+$(eval $(call nf_add,EBTABLES,CONFIG_BRIDGE_EBT_802_3, $(P_EBT)ebt_802_3))
+$(eval $(call nf_add,EBTABLES,CONFIG_BRIDGE_EBT_AMONG, $(P_EBT)ebt_among))
+$(eval $(call nf_add,EBTABLES_IP4,CONFIG_BRIDGE_EBT_ARP, $(P_EBT)ebt_arp))
+$(eval $(call nf_add,EBTABLES_IP4,CONFIG_BRIDGE_EBT_IP, $(P_EBT)ebt_ip))
+$(eval $(call nf_add,EBTABLES_IP6,CONFIG_BRIDGE_EBT_IP6, $(P_EBT)ebt_ip6))
+$(eval $(call nf_add,EBTABLES,CONFIG_BRIDGE_EBT_LIMIT, $(P_EBT)ebt_limit))
+$(eval $(call nf_add,EBTABLES,CONFIG_BRIDGE_EBT_MARK, $(P_EBT)ebt_mark_m))
+$(eval $(call nf_add,EBTABLES,CONFIG_BRIDGE_EBT_PKTTYPE, $(P_EBT)ebt_pkttype))
+$(eval $(call nf_add,EBTABLES,CONFIG_BRIDGE_EBT_STP, $(P_EBT)ebt_stp))
+$(eval $(call nf_add,EBTABLES,CONFIG_BRIDGE_EBT_VLAN, $(P_EBT)ebt_vlan))
+
+# targets
+$(eval $(call nf_add,EBTABLES_IP4,CONFIG_BRIDGE_EBT_ARPREPLY, $(P_EBT)ebt_arpreply))
+$(eval $(call nf_add,EBTABLES,CONFIG_BRIDGE_EBT_MARK_T, $(P_EBT)ebt_mark))
+$(eval $(call nf_add,EBTABLES_IP4,CONFIG_BRIDGE_EBT_DNAT, $(P_EBT)ebt_dnat))
+$(eval $(call nf_add,EBTABLES,CONFIG_BRIDGE_EBT_REDIRECT, $(P_EBT)ebt_redirect))
+$(eval $(call nf_add,EBTABLES_IP4,CONFIG_BRIDGE_EBT_SNAT, $(P_EBT)ebt_snat))
+
+# watchers
+$(eval $(call nf_add,EBTABLES_WATCHERS,CONFIG_BRIDGE_EBT_LOG, $(P_EBT)ebt_log))
+$(eval $(call nf_add,EBTABLES_WATCHERS,CONFIG_BRIDGE_EBT_ULOG, $(P_EBT)ebt_ulog))
+$(eval $(call nf_add,EBTABLES_WATCHERS,CONFIG_BRIDGE_EBT_NFLOG, $(P_EBT)ebt_nflog))
+
+
# userland only
IPT_BUILTIN += $(IPT_CORE-y) $(IPT_CORE-m)
IPT_BUILTIN += $(IPT_CONNTRACK-y)
define KernelPackage/ipt-core/description
Netfilter core kernel modules
Includes:
- - ipt_limit
- - xt_limit
- - ipt_mac
- - xt_mac
- - ipt_multiport
- - xt_multiport
- - ipt_comment
- - xt_comment
- - ipt_LOG
- - ipt_TCPMSS
- - xt_TCPMSS
- - ipt_REJECT
+ - comment (2.6)
+ - limit
+ - LOG
+ - mac
+ - multiport
+ - REJECT
+ - TCPMSS
endef
$(eval $(call KernelPackage,ipt-core))
Netfilter (IPv4) kernel modules for connection tracking
Includes:
- conntrack
- - defrag
+ - defrag (2.6)
- iptables_raw
- NOTRACK
- state
- - xt_NOTRACK
endef
$(eval $(call KernelPackage,ipt-conntrack))
define KernelPackage/ipt-filter/description
Netfilter (IPv4) kernel modules for packet content inspection
Includes:
- - ipt_layer7
- - ipt_string
- - xt_layer7
- - xt_string
+ - layer7
+ - string
endef
$(eval $(call KernelPackage,ipt-filter))
define KernelPackage/ipt-ipopt/description
Netfilter (IPv4) modules for matching/changing IP packet options
Includes:
- - ipt_dscp
- - xt_dscp
- - xt_DSCP
- - ipt_ecn
- - ipt_length
- - xt_length
- - ipt_mark
- - xt_mark
- - xt_statistic
- - ipt_tcpmss
- - xt_tcpmss
- - ipt_time
- - xt_time
- - ipt_unclean
- - ipt_CLASSIFY
- - xt_CLASSIFY
- - ipt_DSCP
- - ipt_ECN
- - ipt_MARK
- - xt_MARK
- - xt_tos
- - xt_TOS
- - xt_hl
- - xt_HL
+ - CLASSIFY
+ - dscp/DSCP
+ - ecn/ECN
+ - hl/HL (2.6.30 and later)
+ - length
+ - mark/MARK
+ - statistic (2.6)
+ - tcpmss
+ - time
+ - tos/TOS (prior to 2.6.25)
+ - ttl/TTL (prior to 2.6.30)
+ - unclean
endef
$(eval $(call KernelPackage,ipt-ipopt))
define KernelPackage/ipt-ipsec/description
Netfilter (IPv4) modules for matching IPSec packets
Includes:
- - ipt_ah
- - ipt_esp
- - xt_esp
- - xt_policy
+ - ah
+ - esp
+ - policy (2.6)
endef
$(eval $(call KernelPackage,ipt-ipsec))
define KernelPackage/ipt-nat-extra/description
Netfilter (IPv4) kernel modules for extra NAT targets
Includes:
- - MIRROR
+ - MIRROR (2.4)
- NETMAP
- REDIRECT
endef
define KernelPackage/ipt-nathelper/description
Default Netfilter (IPv4) Conntrack and NAT helpers
Includes:
- - ip_conntrack_ftp
- - ip_nat_ftp
- - nf_conntrack_ftp
- - nf_nat_ftp
- - ip_conntrack_irc
- - ip_nat_irc
- - nf_conntrack_irc
- - nf_nat_irc
- - ip_conntrack_tftp
- - nf_conntrack_tftp
- - nf_nat_tftp
+ - ftp
+ - irc
+ - tftp
endef
$(eval $(call KernelPackage,ipt-nathelper))
define KernelPackage/ipt-nathelper-extra/description
Extra Netfilter (IPv4) Conntrack and NAT helpers
Includes:
- - ip_conntrack_amanda
- - nf_conntrack_amanda
- - nf_nat_amanda
- - ip_conntrack_proto_gre
- - ip_nat_proto_gre
- - nf_conntrack_proto_gre
- - nf_nat_proto_gre
- - ip_conntrack_h323
- - ip_nat_h323
- - nf_conntrack_h323
- - nf_nat_h323
- - ip_conntrack_mms
- - ip_nat_mms
- - ip_conntrack_pptp
- - ip_nat_pptp
- - nf_conntrack_pptp
- - nf_nat_pptp
- - ip_conntrack_rtsp
- - ip_nat_rtsp
- - nf_conntrack_rtsp
- - nf_nat_rtsp
- - ip_conntrack_sip
- - ip_nat_sip
- - nf_conntrack_sip
- - nf_nat_sip
- - ip_nat_snmp_basic
- - nf_nat_snmp_basic
+ - amanda
+ - h323
+ - mms
+ - pptp (2.6)
+ - proto_gre (2.6)
+ - rtsp
+ - sip (2.6)
+ - snmp_basic
endef
$(eval $(call KernelPackage,ipt-nathelper-extra))
define KernelPackage/ipt-ulog/description
Netfilter (IPv4) module for user-space packet logging
Includes:
- - ipt_ULOG
+ - ULOG
endef
$(eval $(call KernelPackage,ipt-ulog))
define KernelPackage/ipt-iprange/description
Netfilter (IPv4) module for matching ip ranges
Includes:
- - ipt_IPRANGE
+ - iprange
endef
$(eval $(call KernelPackage,ipt-iprange))
define KernelPackage/ipt-extra/description
Other Netfilter (IPv4) kernel modules
Includes:
- - ipt_condition
- - ipt_owner
- - xt_physdev
- - ipt_pkttype
- - xt_pkttype
- - xt_quota
+ - condition (2.4 only)
+ - owner
+ - physdev (if bridge support was enabled in kernel)
+ - pkttype
+ - quota
endef
$(eval $(call KernelPackage,ipt-extra))
projects / openwrt / svn-archive / openwrt.git / commitdiff