From: Florian Fainelli Date: Fri, 13 Apr 2007 11:28:45 +0000 (+0000) Subject: Add raw and NOTRACK targets (#1583) X-Git-Url: http://git.lede-project.org./?a=commitdiff_plain;h=cd65230eea504014469af5ea65c0859c936e1f34;p=openwrt%2Fstaging%2Fthess.git Add raw and NOTRACK targets (#1583) SVN-Revision: 6945 --- diff --git a/include/netfilter.mk b/include/netfilter.mk index 58a81ee0b2..c3ef6909cf 100644 --- a/include/netfilter.mk +++ b/include/netfilter.mk @@ -45,6 +45,8 @@ IPT_EXTRA-$(CONFIG_NETFILTER_XT_MATCH_STRING) += $(P_XT)xt_string IPT_EXTRA-$(CONFIG_NETFILTER_XT_TARGET_CHAOS) += $(P_XT)xt_CHAOS IPT_EXTRA-$(CONFIG_NETFILTER_XT_TARGET_DELUDE) += $(P_XT)xt_DELUDE IPT_EXTRA-$(CONFIG_NETFILTER_XT_MATCH_PORTSCAN) += $(P_XT)xt_portscan +IPT_EXTRA-$(CONFIG_IP_NF_RAW) += $(P_V4)iptable_raw +IPT_EXTRA-$(CONFIG_NETFILTER_XT_TARGET_NOTRACK) += $(P_XT)xt_NOTRACK IPT_FILTER-m := IPT_FILTER-$(CONFIG_IP_NF_MATCH_IPP2P) += $(P_V4)ipt_ipp2p diff --git a/package/iptables/Makefile b/package/iptables/Makefile index 5c65e68e24..1bd13a507d 100644 --- a/package/iptables/Makefile +++ b/package/iptables/Makefile @@ -145,7 +145,8 @@ define Package/iptables-mod-extra - libipt_owner \\\ - libipt_physdev \\\ - libipt_pkttype \\\ - - libipt_recent + - libipt_recent \\\ + - libipt_NOTRACK endef define Package/iptables-utils diff --git a/package/kernel/modules/netfilter.mk b/package/kernel/modules/netfilter.mk index be05dc035a..d1653b946e 100644 --- a/package/kernel/modules/netfilter.mk +++ b/package/kernel/modules/netfilter.mk @@ -170,7 +170,9 @@ define KernelPackage/ipt-extra - ipt_owner \\\ - ipt_physdev \\\ - ipt_pkttype \\\ - - ipt_recent + - ipt_recent \\\ + - iptable_raw \\\ + - xt_NOTRACK FILES:=$(foreach mod,$(IPT_EXTRA-m),$(MODULES_DIR)/kernel/net/$(mod).$(LINUX_KMOD_SUFFIX)) SUBMENU:=$(NFMENU) AUTOLOAD:=$(call AutoLoad,40,$(notdir $(IPT_EXTRA-m))) diff --git a/target/linux/at91-2.6/config/default b/target/linux/at91-2.6/config/default index 27b3fb33d6..4caee4657f 100644 --- a/target/linux/at91-2.6/config/default +++ b/target/linux/at91-2.6/config/default @@ -211,7 +211,6 @@ CONFIG_MTD_PARTITIONS=y # CONFIG_NETFILTER_XT_MATCH_REALM is not set # CONFIG_NETFILTER_XT_MATCH_SCTP is not set # CONFIG_NETFILTER_XT_TARGET_NFQUEUE is not set -# CONFIG_NETFILTER_XT_TARGET_NOTRACK is not set # CONFIG_NET_CLS_ACT is not set # CONFIG_NET_CLS_IND is not set # CONFIG_NET_EMATCH is not set diff --git a/target/linux/brcm47xx-2.6/config/default b/target/linux/brcm47xx-2.6/config/default index bd8830e1ab..40788b2d47 100644 --- a/target/linux/brcm47xx-2.6/config/default +++ b/target/linux/brcm47xx-2.6/config/default @@ -101,7 +101,6 @@ CONFIG_INPUT=m # CONFIG_IP6_NF_MATCH_IPV6HEADER is not set # CONFIG_IP6_NF_MATCH_OPTS is not set # CONFIG_IP6_NF_MATCH_RT is not set -# CONFIG_IP6_NF_RAW is not set # CONFIG_IP6_NF_TARGET_HL is not set CONFIG_IPW2200_QOS=y # CONFIG_IP_DCCP is not set @@ -208,7 +207,6 @@ CONFIG_MTD_PARTITIONS=y # CONFIG_NETFILTER_XT_MATCH_REALM is not set # CONFIG_NETFILTER_XT_MATCH_SCTP is not set # CONFIG_NETFILTER_XT_TARGET_NFQUEUE is not set -# CONFIG_NETFILTER_XT_TARGET_NOTRACK is not set # CONFIG_NET_CLS_ACT is not set # CONFIG_NET_CLS_IND is not set # CONFIG_NET_EMATCH is not set diff --git a/target/linux/iop32x-2.6/config/default b/target/linux/iop32x-2.6/config/default index e912fce946..e3001119e5 100644 --- a/target/linux/iop32x-2.6/config/default +++ b/target/linux/iop32x-2.6/config/default @@ -163,7 +163,6 @@ CONFIG_INITRAMFS_SOURCE="" # CONFIG_IP6_NF_MATCH_OPTS is not set # CONFIG_IP6_NF_MATCH_OWNER is not set # CONFIG_IP6_NF_MATCH_RT is not set -# CONFIG_IP6_NF_RAW is not set # CONFIG_IP6_NF_TARGET_LOG is not set # CONFIG_IPV6_ROUTER_PREF is not set # CONFIG_IP_ADVANCED_ROUTER is not set @@ -178,7 +177,6 @@ CONFIG_IP_MROUTE=y # CONFIG_IP_NF_MATCH_RECENT is not set # CONFIG_IP_NF_MATCH_TIME is not set # CONFIG_IP_NF_PPTP is not set -# CONFIG_IP_NF_RAW is not set # CONFIG_IP_NF_SET is not set # CONFIG_IP_NF_TARGET_ECN is not set # CONFIG_IP_NF_TARGET_LOG is not set diff --git a/target/linux/ixp4xx-2.6/config/default b/target/linux/ixp4xx-2.6/config/default index d8f83d8457..3d5ebcf4b9 100644 --- a/target/linux/ixp4xx-2.6/config/default +++ b/target/linux/ixp4xx-2.6/config/default @@ -170,7 +170,6 @@ CONFIG_INITRAMFS_SOURCE="" # CONFIG_IP6_NF_MATCH_OPTS is not set # CONFIG_IP6_NF_MATCH_OWNER is not set # CONFIG_IP6_NF_MATCH_RT is not set -# CONFIG_IP6_NF_RAW is not set # CONFIG_IP6_NF_TARGET_LOG is not set # CONFIG_IPV6_ROUTER_PREF is not set # CONFIG_IP_ADVANCED_ROUTER is not set @@ -185,7 +184,6 @@ CONFIG_IP_MROUTE=y # CONFIG_IP_NF_MATCH_RECENT is not set # CONFIG_IP_NF_MATCH_TIME is not set # CONFIG_IP_NF_PPTP is not set -# CONFIG_IP_NF_RAW is not set # CONFIG_IP_NF_SET is not set # CONFIG_IP_NF_TARGET_ECN is not set # CONFIG_IP_NF_TARGET_LOG is not set diff --git a/target/linux/pxa-2.6/config/default b/target/linux/pxa-2.6/config/default index 6e87a2cf36..8dee3851e6 100644 --- a/target/linux/pxa-2.6/config/default +++ b/target/linux/pxa-2.6/config/default @@ -275,7 +275,6 @@ CONFIG_MTD_PARTITIONS=y # CONFIG_NETFILTER_XT_MATCH_REALM is not set # CONFIG_NETFILTER_XT_MATCH_SCTP is not set # CONFIG_NETFILTER_XT_TARGET_NFQUEUE is not set -# CONFIG_NETFILTER_XT_TARGET_NOTRACK is not set # CONFIG_NET_CLS_ACT is not set # CONFIG_NET_CLS_IND is not set CONFIG_NET_DIVERT=y diff --git a/target/linux/sibyte-2.6/config/default b/target/linux/sibyte-2.6/config/default index c9b9948559..8bede0ec5c 100644 --- a/target/linux/sibyte-2.6/config/default +++ b/target/linux/sibyte-2.6/config/default @@ -108,7 +108,6 @@ CONFIG_IP6_NF_MATCH_MULTIPORT=m # CONFIG_IP6_NF_MATCH_OPTS is not set # CONFIG_IP6_NF_MATCH_POLICY is not set # CONFIG_IP6_NF_MATCH_RT is not set -# CONFIG_IP6_NF_RAW is not set # CONFIG_IP6_NF_TARGET_HL is not set # CONFIG_IP6_NF_TARGET_LOG is not set # CONFIG_IPW2100 is not set @@ -122,7 +121,6 @@ CONFIG_IP_NF_MATCH_DSCP=m # CONFIG_IP_NF_MATCH_HASHLIMIT is not set CONFIG_IP_NF_MATCH_MULTIPORT=m # CONFIG_IP_NF_MATCH_POLICY is not set -# CONFIG_IP_NF_RAW is not set CONFIG_IP_NF_TARGET_DSCP=m # CONFIG_IP_NF_TARGET_LOG is not set # CONFIG_IP_NF_TARGET_NETMAP is not set