From a5799cd9ad758bfcb8ee777b3aed221cb0faf0c0 Mon Sep 17 00:00:00 2001 From: pavlov Date: Thu, 7 Jun 2007 15:30:59 +0000 Subject: [PATCH] package ipset for use git-svn-id: svn://svn.openwrt.org/openwrt/trunk@7517 3c298f89-4303-0410-b956-a3cf2f4a3e73 --- include/netfilter.mk | 13 +++++++++++++ package/iptables/Makefile | 9 +++++++++ package/kernel/modules/netfilter.mk | 11 +++++++++++ 3 files changed, 33 insertions(+) diff --git a/include/netfilter.mk b/include/netfilter.mk index a602f9d71..531f8c7a7 100644 --- a/include/netfilter.mk +++ b/include/netfilter.mk @@ -88,6 +88,18 @@ IPT_IPSEC-$(CONFIG_IP_NF_MATCH_AH_ESP) += $(P_V4)ipt_ah $(P_V4)ipt_esp IPT_IPSEC-$(CONFIG_IP_NF_MATCH_AH) += $(P_V4)ipt_ah IPT_IPSEC-$(CONFIG_NETFILTER_XT_MATCH_ESP) += $(P_XT)xt_esp +IPT_IPSET-m := +IPT_IPSET-$(CONFIG_IP_NF_SET) += $(P_V4)ip_set +IPT_IPSET-$(CONFIG_IP_NF_MATCH_SET) += $(P_V4)ipt_set +IPT_IPSET-$(CONFIG_IP_NF_SET_IPMAP) += $(P_V4)ip_set_ipmap +IPT_IPSET-$(CONFIG_IP_NF_SET_MACIPMAP) += $(P_V4)ip_set_macipmap +IPT_IPSET-$(CONFIG_IP_NF_SET_PORTMAP) += $(P_V4)ip_set_portmap +IPT_IPSET-$(CONFIG_IP_NF_SET_IPHASH) += $(P_V4)ip_set_iphash +IPT_IPSET-$(CONFIG_IP_NF_SET_NETHASH) += $(P_V4)ip_set_nethash +IPT_IPSET-$(CONFIG_IP_NF_SET_IPPORTHASH) += $(P_V4)ip_set_ipporthash +IPT_IPSET-$(CONFIG_IP_NF_SET_IPTREE) += $(P_V4)ip_set_iptree +IPT_IPSET-$(CONFIG_IP_NF_TARGET_SET) += $(P_V4)ipt_SET + IPT_NAT-m := ifneq ($(NF_KMOD),1) IPT_NAT-$(CONFIG_IP_NF_NAT) += $(P_V4)ipt_SNAT $(P_V4)ipt_DNAT @@ -139,5 +151,6 @@ IPT_BUILTIN += $(IPT_FILTER-y) IPT_BUILTIN += $(IPT_IMQ-y) IPT_BUILTIN += $(IPT_IPOPT-y) IPT_BUILTIN += $(IPT_IPSEC-y) +IPT_BUILTIN += $(IPT_IPSET-y) IPT_BUILTIN += $(IPT_NAT-y) IPT_BUILTIN += $(IPT_ULOG-y) diff --git a/package/iptables/Makefile b/package/iptables/Makefile index bd85322ff..bfd28a16a 100644 --- a/package/iptables/Makefile +++ b/package/iptables/Makefile @@ -160,6 +160,14 @@ define Package/iptables-mod-extra - libipt_NOTRACK endef +define Package/iptables-mod-ipset + $(call Package/iptables/Default) + DEPENDS:=iptables +kmod-ipt-ipset + TITLE:=ipset iptables extension + DESCRIPTION:=\ + ipset +endef + define Package/iptables-utils $(call Package/iptables/Default) DEPENDS:=iptables @@ -263,6 +271,7 @@ $(eval $(call BuildPackage,iptables)) $(eval $(call BuildPackage,iptables-utils)) $(eval $(call BuildPlugin,iptables-mod-conntrack,$(IPT_CONNTRACK-m))) $(eval $(call BuildPlugin,iptables-mod-extra,$(IPT_EXTRA-m))) +$(eval $(call BuildPlugin,iptables-mod-ipset,$(IPT_IPSET-m))) $(eval $(call BuildPlugin,iptables-mod-filter,$(IPT_FILTER-m),$(L7_INSTALL))) $(eval $(call BuildPlugin,iptables-mod-imq,$(IPT_IMQ-m))) $(eval $(call BuildPlugin,iptables-mod-ipopt,$(IPT_IPOPT-m))) diff --git a/package/kernel/modules/netfilter.mk b/package/kernel/modules/netfilter.mk index d3b3396e8..ad6066fc8 100644 --- a/package/kernel/modules/netfilter.mk +++ b/package/kernel/modules/netfilter.mk @@ -174,6 +174,17 @@ define KernelPackage/ipt-iprange endef $(eval $(call KernelPackage,ipt-iprange)) +define KernelPackage/ipt-ipset + TITLE:=IPSET Modules + DESCRIPTION:=\ + Netfilter kernel modules for ipset + FILES:=$(foreach mod,$(IPT_IPSET-m),$(LINUX_DIR)/net/$(mod).$(LINUX_KMOD_SUFFIX)) + SUBMENU:=$(NFMENU) + AUTOLOAD:=$(call AutoLoad,40,$(notdir $(IPT_IPSET-m))) +endef +$(eval $(call KernelPackage,ipt-ipset)) + + define KernelPackage/ipt-extra TITLE:=Extra modules DESCRIPTION:=\ -- 2.20.1