projects / openwrt.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
brcm63xx: add support for linux 3.3
[openwrt.git] / package / kernel / modules / netfilter.mk
1
2 #
3 # Copyright (C) 2006-2010 OpenWrt.org
4 #
5 # This is free software, licensed under the GNU General Public License v2.
6 # See /LICENSE for more information.
7 #
8
9 NF_MENU:=Netfilter Extensions
10 NF_KMOD:=1
11 include $(INCLUDE_DIR)/netfilter.mk
12
13 define KernelPackage/ipt-core
14 SUBMENU:=$(NF_MENU)
15 TITLE:=Netfilter core
16 KCONFIG:= \
17 CONFIG_NETFILTER=y \
18 CONFIG_NETFILTER_ADVANCED=y \
19 $(KCONFIG_IPT_CORE)
20 FILES:=$(foreach mod,$(IPT_CORE-m),$(LINUX_DIR)/net/$(mod).ko)
21 AUTOLOAD:=$(call AutoLoad,40,$(notdir $(IPT_CORE-m)))
22 endef
23
24 define KernelPackage/ipt-core/description
25 Netfilter core kernel modules
26 Includes:
27 - comment
28 - limit
29 - LOG
30 - mac
31 - multiport
32 - REJECT
33 - TCPMSS
34 endef
35
36 $(eval $(call KernelPackage,ipt-core))
37
38
39 define AddDepends/ipt
40 SUBMENU:=$(NF_MENU)
41 DEPENDS+= kmod-ipt-core $(1)
42 endef
43
44
45 define KernelPackage/ipt-conntrack
46 TITLE:=Basic connection tracking modules
47 KCONFIG:=$(KCONFIG_IPT_CONNTRACK)
48 FILES:=$(foreach mod,$(IPT_CONNTRACK-m),$(LINUX_DIR)/net/$(mod).ko)
49 AUTOLOAD:=$(call AutoLoad,41,$(notdir $(IPT_CONNTRACK-m)))
50 $(call AddDepends/ipt)
51 endef
52
53 define KernelPackage/ipt-conntrack/description
54 Netfilter (IPv4) kernel modules for connection tracking
55 Includes:
56 - conntrack
57 - defrag
58 - iptables_raw
59 - NOTRACK
60 - state
61 endef
62
63 $(eval $(call KernelPackage,ipt-conntrack))
64
65
66 define KernelPackage/ipt-conntrack-extra
67 TITLE:=Extra connection tracking modules
68 KCONFIG:=$(KCONFIG_IPT_CONNTRACK_EXTRA)
69 FILES:=$(foreach mod,$(IPT_CONNTRACK_EXTRA-m),$(LINUX_DIR)/net/$(mod).ko)
70 AUTOLOAD:=$(call AutoLoad,42,$(notdir $(IPT_CONNTRACK_EXTRA-m)))
71 $(call AddDepends/ipt,+kmod-ipt-conntrack)
72 endef
73
74 define KernelPackage/ipt-conntrack-extra/description
75 Netfilter (IPv4) extra kernel modules for connection tracking
76 Includes:
77 - connbytes
78 - connmark/CONNMARK
79 - conntrack
80 - helper
81 - recent
82 endef
83
84 $(eval $(call KernelPackage,ipt-conntrack-extra))
85
86
87 define KernelPackage/ipt-filter
88 TITLE:=Modules for packet content inspection
89 KCONFIG:=$(KCONFIG_IPT_FILTER)
90 FILES:=$(foreach mod,$(IPT_FILTER-m),$(LINUX_DIR)/net/$(mod).ko)
91 AUTOLOAD:=$(call AutoLoad,45,$(notdir $(IPT_FILTER-m)))
92 $(call AddDepends/ipt,+kmod-lib-textsearch)
93 endef
94
95 define KernelPackage/ipt-filter/description
96 Netfilter (IPv4) kernel modules for packet content inspection
97 Includes:
98 - layer7
99 - string
100 endef
101
102 $(eval $(call KernelPackage,ipt-filter))
103
104
105 define KernelPackage/ipt-ipopt
106 TITLE:=Modules for matching/changing IP packet options
107 KCONFIG:=$(KCONFIG_IPT_IPOPT)
108 FILES:=$(foreach mod,$(IPT_IPOPT-m),$(LINUX_DIR)/net/$(mod).ko)
109 AUTOLOAD:=$(call AutoLoad,45,$(notdir $(IPT_IPOPT-m)))
110 $(call AddDepends/ipt)
111 endef
112
113 define KernelPackage/ipt-ipopt/description
114 Netfilter (IPv4) modules for matching/changing IP packet options
115 Includes:
116 - CLASSIFY
117 - dscp/DSCP
118 - ecn/ECN
119 - hl/HL
120 - length
121 - mark/MARK
122 - statistic
123 - tcpmss
124 - time
125 - unclean
126 endef
127
128 $(eval $(call KernelPackage,ipt-ipopt))
129
130
131 define KernelPackage/ipt-ipsec
132 TITLE:=Modules for matching IPSec packets
133 KCONFIG:=$(KCONFIG_IPT_IPSEC)
134 FILES:=$(foreach mod,$(IPT_IPSEC-m),$(LINUX_DIR)/net/$(mod).ko)
135 AUTOLOAD:=$(call AutoLoad,45,$(notdir $(IPT_IPSEC-m)))
136 $(call AddDepends/ipt)
137 endef
138
139 define KernelPackage/ipt-ipsec/description
140 Netfilter (IPv4) modules for matching IPSec packets
141 Includes:
142 - ah
143 - esp
144 - policy
145 endef
146
147 $(eval $(call KernelPackage,ipt-ipsec))
148
149
150 define KernelPackage/ipt-nat
151 TITLE:=Basic NAT targets
152 KCONFIG:=$(KCONFIG_IPT_NAT)
153 FILES:=$(foreach mod,$(IPT_NAT-m),$(LINUX_DIR)/net/$(mod).ko)
154 AUTOLOAD:=$(call AutoLoad,42,$(notdir $(IPT_NAT-m)))
155 $(call AddDepends/ipt,+kmod-ipt-conntrack)
156 endef
157
158 define KernelPackage/ipt-nat/description
159 Netfilter (IPv4) kernel modules for basic NAT targets
160 Includes:
161 - MASQUERADE
162 endef
163
164 $(eval $(call KernelPackage,ipt-nat))
165
166
167 define KernelPackage/ipt-nat-extra
168 TITLE:=Extra NAT targets
169 KCONFIG:=$(KCONFIG_IPT_NAT_EXTRA)
170 FILES:=$(foreach mod,$(IPT_NAT_EXTRA-m),$(LINUX_DIR)/net/$(mod).ko)
171 AUTOLOAD:=$(call AutoLoad,43,$(notdir $(IPT_NAT_EXTRA-m)))
172 $(call AddDepends/ipt,+kmod-ipt-nat)
173 endef
174
175 define KernelPackage/ipt-nat-extra/description
176 Netfilter (IPv4) kernel modules for extra NAT targets
177 Includes:
178 - NETMAP
179 - REDIRECT
180 endef
181
182 $(eval $(call KernelPackage,ipt-nat-extra))
183
184
185 define KernelPackage/ipt-nathelper
186 TITLE:=Basic Conntrack and NAT helpers
187 KCONFIG:=$(KCONFIG_IPT_NATHELPER)
188 FILES:=$(foreach mod,$(IPT_NATHELPER-m),$(LINUX_DIR)/net/$(mod).ko)
189 AUTOLOAD:=$(call AutoLoad,45,$(notdir $(IPT_NATHELPER-m)))
190 $(call AddDepends/ipt,+kmod-ipt-nat)
191 endef
192
193 define KernelPackage/ipt-nathelper/description
194 Default Netfilter (IPv4) Conntrack and NAT helpers
195 Includes:
196 - ftp
197 - irc
198 - tftp
199 endef
200
201 $(eval $(call KernelPackage,ipt-nathelper))
202
203
204 define KernelPackage/ipt-nathelper-extra
205 TITLE:=Extra Conntrack and NAT helpers
206 KCONFIG:=$(KCONFIG_IPT_NATHELPER_EXTRA)
207 FILES:=$(foreach mod,$(IPT_NATHELPER_EXTRA-m),$(LINUX_DIR)/net/$(mod).ko)
208 AUTOLOAD:=$(call AutoLoad,45,$(notdir $(IPT_NATHELPER_EXTRA-m)))
209 $(call AddDepends/ipt,+kmod-ipt-nat +kmod-lib-textsearch)
210 endef
211
212 define KernelPackage/ipt-nathelper-extra/description
213 Extra Netfilter (IPv4) Conntrack and NAT helpers
214 Includes:
215 - amanda
216 - h323
217 - mms
218 - pptp
219 - proto_gre
220 - sip
221 - snmp_basic
222 endef
223
224 $(eval $(call KernelPackage,ipt-nathelper-extra))
225
226
227 define KernelPackage/ipt-queue
228 TITLE:=Module for user-space packet queueing
229 KCONFIG:=$(KCONFIG_IPT_QUEUE)
230 FILES:=$(foreach mod,$(IPT_QUEUE-m),$(LINUX_DIR)/net/$(mod).ko)
231 AUTOLOAD:=$(call AutoLoad,45,$(notdir $(IPT_QUEUE-m)))
232 $(call AddDepends/ipt)
233 endef
234
235 define KernelPackage/ipt-queue/description
236 Netfilter (IPv4) module for user-space packet queueing
237 Includes:
238 - QUEUE
239 endef
240
241 $(eval $(call KernelPackage,ipt-queue))
242
243
244 define KernelPackage/ipt-ulog
245 TITLE:=Module for user-space packet logging
246 KCONFIG:=$(KCONFIG_IPT_ULOG)
247 FILES:=$(foreach mod,$(IPT_ULOG-m),$(LINUX_DIR)/net/$(mod).ko)
248 AUTOLOAD:=$(call AutoLoad,45,$(notdir $(IPT_ULOG-m)))
249 $(call AddDepends/ipt)
250 endef
251
252 define KernelPackage/ipt-ulog/description
253 Netfilter (IPv4) module for user-space packet logging
254 Includes:
255 - ULOG
256 endef
257
258 $(eval $(call KernelPackage,ipt-ulog))
259
260
261 define KernelPackage/ipt-debug
262 TITLE:=Module for debugging/development
263 KCONFIG:=$(KCONFIG_IPT_DEBUG)
264 DEFAULT:=n
265 FILES:=$(foreach mod,$(IPT_DEBUG-m),$(LINUX_DIR)/net/$(mod).ko)
266 AUTOLOAD:=$(call AutoLoad,45,$(notdir $(IPT_DEBUG-m)))
267 $(call AddDepends/ipt)
268 endef
269
270 define KernelPackage/ipt-debug/description
271 Netfilter modules for debugging/development of the firewall
272 Includes:
273 - TRACE
274 endef
275
276 $(eval $(call KernelPackage,ipt-debug))
277
278
279 define KernelPackage/ipt-led
280 TITLE:=Module to trigger a LED with a Netfilter rule
281 KCONFIG:=$(KCONFIG_IPT_LED)
282 FILES:=$(foreach mod,$(IPT_LED-m),$(LINUX_DIR)/net/$(mod).ko)
283 AUTOLOAD:=$(call AutoLoad,61,$(notdir $(IPT_LED-m)))
284 $(call AddDepends/ipt)
285 endef
286
287 define KernelPackage/ipt-led/description
288 Netfilter target to trigger a LED when a network packet is matched.
289 endef
290
291 $(eval $(call KernelPackage,ipt-led))
292
293 define KernelPackage/ipt-tproxy
294 TITLE:=Transparent proxying support
295 DEPENDS+=+IPV6:kmod-ipv6
296 KCONFIG:= \
297 CONFIG_NETFILTER_TPROXY \
298 CONFIG_NETFILTER_XT_MATCH_SOCKET \
299 CONFIG_NETFILTER_XT_TARGET_TPROXY
300 FILES:= \
301 $(LINUX_DIR)/net/netfilter/nf_tproxy_core.ko \
302 $(foreach mod,$(IPT_TPROXY-m),$(LINUX_DIR)/net/$(mod).ko)
303 AUTOLOAD:=$(call AutoLoad,50,$(notdir nf_tproxy_core $(IPT_TPROXY-m)))
304 $(call AddDepends/ipt)
305 endef
306
307 define KernelPackage/ipt-tproxy/description
308 Kernel modules for Transparent Proxying
309 endef
310
311 $(eval $(call KernelPackage,ipt-tproxy))
312
313 define KernelPackage/ipt-tee
314 TITLE:=TEE support
315 KCONFIG:= \
316 CONFIG_NETFILTER_XT_TARGET_TEE
317 FILES:= \
318 $(LINUX_DIR)/net/netfilter/xt_TEE.ko \
319 $(foreach mod,$(IPT_TEE-m),$(LINUX_DIR)/net/$(mod).ko)
320 AUTOLOAD:=$(call AutoLoad,45,$(notdir nf_tee $(IPT_TEE-m)))
321 $(call AddDepends/ipt)
322 endef
323
324 define KernelPackage/ipt-tee/description
325 Kernel modules for TEE
326 endef
327
328 $(eval $(call KernelPackage,ipt-tee))
329
330
331 define KernelPackage/ipt-u32
332 TITLE:=U32 support
333 KCONFIG:= \
334 CONFIG_NETFILTER_XT_MATCH_U32
335 FILES:= \
336 $(LINUX_DIR)/net/netfilter/xt_u32.ko \
337 $(foreach mod,$(IPT_U32-m),$(LINUX_DIR)/net/$(mod).ko)
338 AUTOLOAD:=$(call AutoLoad,45,$(notdir nf_tee $(IPT_U32-m)))
339 $(call AddDepends/ipt)
340 endef
341
342 define KernelPackage/ipt-u32/description
343 Kernel modules for U32
344 endef
345
346 $(eval $(call KernelPackage,ipt-u32))
347
348
349 define KernelPackage/ipt-iprange
350 TITLE:=Module for matching ip ranges
351 KCONFIG:=$(KCONFIG_IPT_IPRANGE)
352 FILES:=$(foreach mod,$(IPT_IPRANGE-m),$(LINUX_DIR)/net/$(mod).ko)
353 AUTOLOAD:=$(call AutoLoad,45,$(notdir $(IPT_IPRANGE-m)))
354 $(call AddDepends/ipt)
355 endef
356
357 define KernelPackage/ipt-iprange/description
358 Netfilter (IPv4) module for matching ip ranges
359 Includes:
360 - iprange
361 endef
362
363 $(eval $(call KernelPackage,ipt-iprange))
364
365
366 define KernelPackage/ipt-extra
367 TITLE:=Extra modules
368 KCONFIG:=$(KCONFIG_IPT_EXTRA)
369 FILES:=$(foreach mod,$(IPT_EXTRA-m),$(LINUX_DIR)/net/$(mod).ko)
370 AUTOLOAD:=$(call AutoLoad,45,$(notdir $(IPT_EXTRA-m)))
371 $(call AddDepends/ipt)
372 endef
373
374 define KernelPackage/ipt-extra/description
375 Other Netfilter (IPv4) kernel modules
376 Includes:
377 - owner
378 - physdev (if bridge support was enabled in kernel)
379 - pkttype
380 - quota
381 endef
382
383 $(eval $(call KernelPackage,ipt-extra))
384
385
386 define KernelPackage/ip6tables
387 SUBMENU:=$(NF_MENU)
388 TITLE:=IPv6 modules
389 DEPENDS:=+kmod-ipv6
390 KCONFIG:=$(KCONFIG_IPT_IPV6)
391 FILES:=$(foreach mod,$(IPT_IPV6-m),$(LINUX_DIR)/net/$(mod).ko)
392 AUTOLOAD:=$(call AutoLoad,49,$(notdir $(IPT_IPV6-m)))
393 endef
394
395 define KernelPackage/ip6tables/description
396 Netfilter IPv6 firewalling support
397 endef
398
399 $(eval $(call KernelPackage,ip6tables))
400
401
402 define KernelPackage/arptables
403 SUBMENU:=$(NF_MENU)
404 TITLE:=ARP firewalling modules
405 FILES:=$(LINUX_DIR)/net/ipv4/netfilter/arp*.ko
406 KCONFIG:=CONFIG_IP_NF_ARPTABLES \
407 CONFIG_IP_NF_ARPFILTER \
408 CONFIG_IP_NF_ARP_MANGLE
409 AUTOLOAD:=$(call AutoLoad,49,$(notdir $(patsubst %.ko,%,$(wildcard $(LINUX_DIR)/net/ipv4/netfilter/arp*.ko))))
410 endef
411
412 define KernelPackage/arptables/description
413 Kernel modules for ARP firewalling
414 endef
415
416 $(eval $(call KernelPackage,arptables))
417
418
419 define KernelPackage/ebtables
420 SUBMENU:=$(NF_MENU)
421 TITLE:=Bridge firewalling modules
422 FILES:=$(foreach mod,$(EBTABLES-m),$(LINUX_DIR)/net/$(mod).ko)
423 KCONFIG:=CONFIG_BRIDGE_NETFILTER=y \
424 $(KCONFIG_EBTABLES)
425 AUTOLOAD:=$(call AutoLoad,49,$(notdir $(EBTABLES-m)))
426 endef
427
428 define KernelPackage/ebtables/description
429 ebtables is a general, extensible frame/packet identification
430 framework. It provides you to do Ethernet
431 filtering/NAT/brouting on the Ethernet bridge.
432 endef
433
434 $(eval $(call KernelPackage,ebtables))
435
436
437 define AddDepends/ebtables
438 SUBMENU:=$(NF_MENU)
439 DEPENDS+=kmod-ebtables $(1)
440 endef
441
442
443 define KernelPackage/ebtables-ipv4
444 TITLE:=ebtables: IPv4 support
445 FILES:=$(foreach mod,$(EBTABLES_IP4-m),$(LINUX_DIR)/net/$(mod).ko)
446 KCONFIG:=$(KCONFIG_EBTABLES_IP4)
447 AUTOLOAD:=$(call AutoLoad,49,$(notdir $(EBTABLES_IP4-m)))
448 $(call AddDepends/ebtables)
449 endef
450
451 define KernelPackage/ebtables-ipv4/description
452 This option adds the IPv4 support to ebtables, which allows basic
453 IPv4 header field filtering, ARP filtering as well as SNAT, DNAT targets.
454 endef
455
456 $(eval $(call KernelPackage,ebtables-ipv4))
457
458
459 define KernelPackage/ebtables-ipv6
460 TITLE:=ebtables: IPv6 support
461 FILES:=$(foreach mod,$(EBTABLES_IP6-m),$(LINUX_DIR)/net/$(mod).ko)
462 KCONFIG:=$(KCONFIG_EBTABLES_IP6)
463 AUTOLOAD:=$(call AutoLoad,49,$(notdir $(EBTABLES_IP6-m)))
464 $(call AddDepends/ebtables)
465 endef
466
467 define KernelPackage/ebtables-ipv6/description
468 This option adds the IPv6 support to ebtables, which allows basic
469 IPv6 header field filtering and target support.
470 endef
471
472 $(eval $(call KernelPackage,ebtables-ipv6))
473
474
475 define KernelPackage/ebtables-watchers
476 TITLE:=ebtables: watchers support
477 FILES:=$(foreach mod,$(EBTABLES_WATCHERS-m),$(LINUX_DIR)/net/$(mod).ko)
478 KCONFIG:=$(KCONFIG_EBTABLES_WATCHERS)
479 AUTOLOAD:=$(call AutoLoad,49,$(notdir $(EBTABLES_WATCHERS-m)))
480 $(call AddDepends/ebtables)
481 endef
482
483 define KernelPackage/ebtables-watchers/description
484 This option adds the log watchers, that you can use in any rule
485 in any ebtables table.
486 endef
487
488 $(eval $(call KernelPackage,ebtables-watchers))
489
490
491 define KernelPackage/nfnetlink
492 SUBMENU:=$(NF_MENU)
493 TITLE:=Netlink-based userspace interface
494 DEPENDS:=+kmod-ipt-core
495 FILES:=$(LINUX_DIR)/net/netfilter/nfnetlink.ko
496 KCONFIG:=CONFIG_NETFILTER_NETLINK
497 AUTOLOAD:=$(call AutoLoad,48,nfnetlink)
498 endef
499
500 define KernelPackage/nfnetlink/description
501 Kernel modules support for a netlink-based userspace interface
502 endef
503
504 $(eval $(call KernelPackage,nfnetlink))
505
506
507 define AddDepends/nfnetlink
508 SUBMENU:=$(NF_MENU)
509 DEPENDS+=+kmod-nfnetlink $(1)
510 endef
511
512
513 define KernelPackage/nfnetlink-log
514 TITLE:=Netfilter LOG over NFNETLINK interface
515 FILES:=$(LINUX_DIR)/net/netfilter/nfnetlink_log.ko
516 KCONFIG:=CONFIG_NETFILTER_NETLINK_LOG
517 AUTOLOAD:=$(call AutoLoad,48,nfnetlink_log)
518 $(call AddDepends/nfnetlink)
519 endef
520
521 define KernelPackage/nfnetlink-log/description
522 Kernel modules support for logging packets via NFNETLINK
523 endef
524
525 $(eval $(call KernelPackage,nfnetlink-log))
526
527
528 define KernelPackage/nfnetlink-queue
529 TITLE:=Netfilter QUEUE over NFNETLINK interface
530 FILES:=$(LINUX_DIR)/net/netfilter/nfnetlink_queue.ko
531 KCONFIG:=CONFIG_NETFILTER_NETLINK_QUEUE
532 AUTOLOAD:=$(call AutoLoad,48,nfnetlink_queue)
533 $(call AddDepends/nfnetlink)
534 endef
535
536 define KernelPackage/nfnetlink-queue/description
537 Kernel modules support for queueing packets via NFNETLINK
538 endef
539
540 $(eval $(call KernelPackage,nfnetlink-queue))
541
542
543 define KernelPackage/nf-conntrack-netlink
544 TITLE:=Connection tracking netlink interface
545 FILES:=$(LINUX_DIR)/net/netfilter/nf_conntrack_netlink.ko
546 KCONFIG:=CONFIG_NF_CT_NETLINK
547 AUTOLOAD:=$(call AutoLoad,49,nf_conntrack_netlink)
548 $(call AddDepends/nfnetlink,+kmod-ipt-conntrack)
549 endef
550
551 define KernelPackage/nf-conntrack-netlink/description
552 Kernel modules support for a netlink-based connection tracking
553 userspace interface
554 endef
555
556 $(eval $(call KernelPackage,nf-conntrack-netlink))
557
558 define KernelPackage/ipt-hashlimit
559 SUBMENU:=$(NF_MENU)
560 TITLE:=Netfilter hashlimit match
561 KCONFIG:=$(KCONFIG_IPT_HASHLIMIT)
562 FILES:=$(LINUX_DIR)/net/netfilter/xt_hashlimit.ko
563 AUTOLOAD:=$(call AutoLoad,50,xt_hashlimit)
564 $(call KernelPackage/ipt)
565 endef
566
567 define KernelPackage/ipt-hashlimit/description
568 Kernel modules support for the hashlimit bucket match module
569 endef
570
571 $(eval $(call KernelPackage,ipt-hashlimit))
Personal OpenWRT clone
This page took 0.061105 seconds and 5 git commands to generate.