projects / openwrt.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
package/mac80211: sync commit r22419
[openwrt.git] / package / kernel / modules / netfilter.mk
1
2 #
3 # Copyright (C) 2006-2010 OpenWrt.org
4 #
5 # This is free software, licensed under the GNU General Public License v2.
6 # See /LICENSE for more information.
7 #
8
9 NF_MENU:=Netfilter Extensions
10 NF_KMOD:=1
11 include $(INCLUDE_DIR)/netfilter.mk
12
13 define KernelPackage/ipt-core
14 SUBMENU:=$(NF_MENU)
15 TITLE:=Netfilter core
16 KCONFIG:=$(KCONFIG_IPT_CORE)
17 FILES:=$(foreach mod,$(IPT_CORE-m),$(LINUX_DIR)/net/$(mod).ko)
18 AUTOLOAD:=$(call AutoLoad,40,$(notdir $(IPT_CORE-m)))
19 endef
20
21 define KernelPackage/ipt-core/description
22 Netfilter core kernel modules
23 Includes:
24 - comment (2.6)
25 - limit
26 - LOG
27 - mac
28 - multiport
29 - REJECT
30 - TCPMSS
31 endef
32
33 $(eval $(call KernelPackage,ipt-core))
34
35
36 define AddDepends/ipt
37 SUBMENU:=$(NF_MENU)
38 DEPENDS+= kmod-ipt-core $(1)
39 endef
40
41
42 define KernelPackage/ipt-conntrack
43 TITLE:=Basic connection tracking modules
44 KCONFIG:=$(KCONFIG_IPT_CONNTRACK)
45 FILES:=$(foreach mod,$(IPT_CONNTRACK-m),$(LINUX_DIR)/net/$(mod).ko)
46 AUTOLOAD:=$(call AutoLoad,41,$(notdir $(IPT_CONNTRACK-m)))
47 $(call AddDepends/ipt)
48 endef
49
50 define KernelPackage/ipt-conntrack/description
51 Netfilter (IPv4) kernel modules for connection tracking
52 Includes:
53 - conntrack
54 - defrag (2.6)
55 - iptables_raw
56 - NOTRACK
57 - state
58 endef
59
60 $(eval $(call KernelPackage,ipt-conntrack))
61
62
63 define KernelPackage/ipt-conntrack-extra
64 TITLE:=Extra connection tracking modules
65 KCONFIG:=$(KCONFIG_IPT_CONNTRACK_EXTRA)
66 FILES:=$(foreach mod,$(IPT_CONNTRACK_EXTRA-m),$(LINUX_DIR)/net/$(mod).ko)
67 AUTOLOAD:=$(call AutoLoad,42,$(notdir $(IPT_CONNTRACK_EXTRA-m)))
68 $(call AddDepends/ipt,+kmod-ipt-conntrack)
69 endef
70
71 define KernelPackage/ipt-conntrack-extra/description
72 Netfilter (IPv4) extra kernel modules for connection tracking
73 Includes:
74 - connbytes
75 - connmark/CONNMARK
76 - conntrack
77 - helper
78 - recent
79 endef
80
81 $(eval $(call KernelPackage,ipt-conntrack-extra))
82
83
84 define KernelPackage/ipt-filter
85 TITLE:=Modules for packet content inspection
86 KCONFIG:=$(KCONFIG_IPT_FILTER)
87 FILES:=$(foreach mod,$(IPT_FILTER-m),$(LINUX_DIR)/net/$(mod).ko)
88 AUTOLOAD:=$(call AutoLoad,45,$(notdir $(IPT_FILTER-m)))
89 $(call AddDepends/ipt,+kmod-textsearch)
90 endef
91
92 define KernelPackage/ipt-filter/description
93 Netfilter (IPv4) kernel modules for packet content inspection
94 Includes:
95 - layer7
96 - string
97 endef
98
99 $(eval $(call KernelPackage,ipt-filter))
100
101
102 define KernelPackage/ipt-ipopt
103 TITLE:=Modules for matching/changing IP packet options
104 KCONFIG:=$(KCONFIG_IPT_IPOPT)
105 FILES:=$(foreach mod,$(IPT_IPOPT-m),$(LINUX_DIR)/net/$(mod).ko)
106 AUTOLOAD:=$(call AutoLoad,45,$(notdir $(IPT_IPOPT-m)))
107 $(call AddDepends/ipt)
108 endef
109
110 define KernelPackage/ipt-ipopt/description
111 Netfilter (IPv4) modules for matching/changing IP packet options
112 Includes:
113 - CLASSIFY
114 - dscp/DSCP
115 - ecn/ECN
116 - hl/HL (2.6.30 and later)
117 - length
118 - mark/MARK
119 - statistic (2.6)
120 - tcpmss
121 - time
122 - tos/TOS (prior to 2.6.25)
123 - ttl/TTL (prior to 2.6.30)
124 - unclean
125 endef
126
127 $(eval $(call KernelPackage,ipt-ipopt))
128
129
130 define KernelPackage/ipt-ipsec
131 TITLE:=Modules for matching IPSec packets
132 KCONFIG:=$(KCONFIG_IPT_IPSEC)
133 FILES:=$(foreach mod,$(IPT_IPSEC-m),$(LINUX_DIR)/net/$(mod).ko)
134 AUTOLOAD:=$(call AutoLoad,45,$(notdir $(IPT_IPSEC-m)))
135 $(call AddDepends/ipt)
136 endef
137
138 define KernelPackage/ipt-ipsec/description
139 Netfilter (IPv4) modules for matching IPSec packets
140 Includes:
141 - ah
142 - esp
143 - policy (2.6)
144 endef
145
146 $(eval $(call KernelPackage,ipt-ipsec))
147
148
149 define KernelPackage/ipt-nat
150 TITLE:=Basic NAT targets
151 KCONFIG:=$(KCONFIG_IPT_NAT)
152 FILES:=$(foreach mod,$(IPT_NAT-m),$(LINUX_DIR)/net/$(mod).ko)
153 AUTOLOAD:=$(call AutoLoad,42,$(notdir $(IPT_NAT-m)))
154 $(call AddDepends/ipt,+kmod-ipt-conntrack)
155 endef
156
157 define KernelPackage/ipt-nat/description
158 Netfilter (IPv4) kernel modules for basic NAT targets
159 Includes:
160 - MASQUERADE
161 endef
162
163 $(eval $(call KernelPackage,ipt-nat))
164
165
166 define KernelPackage/ipt-nat-extra
167 TITLE:=Extra NAT targets
168 KCONFIG:=$(KCONFIG_IPT_NAT_EXTRA)
169 FILES:=$(foreach mod,$(IPT_NAT_EXTRA-m),$(LINUX_DIR)/net/$(mod).ko)
170 AUTOLOAD:=$(call AutoLoad,43,$(notdir $(IPT_NAT_EXTRA-m)))
171 $(call AddDepends/ipt,+kmod-ipt-nat)
172 endef
173
174 define KernelPackage/ipt-nat-extra/description
175 Netfilter (IPv4) kernel modules for extra NAT targets
176 Includes:
177 - MIRROR (2.4)
178 - NETMAP
179 - REDIRECT
180 endef
181
182 $(eval $(call KernelPackage,ipt-nat-extra))
183
184
185 define KernelPackage/ipt-nathelper
186 TITLE:=Basic Conntrack and NAT helpers
187 KCONFIG:=$(KCONFIG_IPT_NATHELPER)
188 FILES:=$(foreach mod,$(IPT_NATHELPER-m),$(LINUX_DIR)/net/$(mod).ko)
189 AUTOLOAD:=$(call AutoLoad,45,$(notdir $(IPT_NATHELPER-m)))
190 $(call AddDepends/ipt,+kmod-ipt-nat)
191 endef
192
193 define KernelPackage/ipt-nathelper/description
194 Default Netfilter (IPv4) Conntrack and NAT helpers
195 Includes:
196 - ftp
197 - irc
198 - tftp
199 endef
200
201 $(eval $(call KernelPackage,ipt-nathelper))
202
203
204 define KernelPackage/ipt-nathelper-extra
205 TITLE:=Extra Conntrack and NAT helpers
206 KCONFIG:=$(KCONFIG_IPT_NATHELPER_EXTRA)
207 FILES:=$(foreach mod,$(IPT_NATHELPER_EXTRA-m),$(LINUX_DIR)/net/$(mod).ko)
208 AUTOLOAD:=$(call AutoLoad,45,$(notdir $(IPT_NATHELPER_EXTRA-m)))
209 $(call AddDepends/ipt,+kmod-ipt-nat +kmod-textsearch)
210 endef
211
212 define KernelPackage/ipt-nathelper-extra/description
213 Extra Netfilter (IPv4) Conntrack and NAT helpers
214 Includes:
215 - amanda
216 - h323
217 - mms
218 - pptp (2.6)
219 - proto_gre (2.6)
220 - rtsp
221 - sip (2.6)
222 - snmp_basic
223 endef
224
225 $(eval $(call KernelPackage,ipt-nathelper-extra))
226
227
228 define KernelPackage/ipt-imq
229 TITLE:=Intermediate Queueing support
230 KCONFIG:= \
231 CONFIG_IMQ \
232 CONFIG_IMQ_BEHAVIOR_BA=y \
233 CONFIG_IMQ_NUM_DEVS=2 \
234 CONFIG_NETFILTER_XT_TARGET_IMQ
235 FILES:= \
236 $(LINUX_DIR)/drivers/net/imq.ko \
237 $(foreach mod,$(IPT_IMQ-m),$(LINUX_DIR)/net/$(mod).ko)
238 AUTOLOAD:=$(call AutoLoad,46,$(notdir \
239 imq \
240 $(IPT_IMQ-m) \
241 ))
242 $(call AddDepends/ipt)
243 endef
244
245 define KernelPackage/ipt-imq/description
246 Kernel support for Intermediate Queueing devices
247 endef
248
249 $(eval $(call KernelPackage,ipt-imq))
250
251
252 define KernelPackage/ipt-queue
253 TITLE:=Module for user-space packet queueing
254 KCONFIG:=$(KCONFIG_IPT_QUEUE)
255 FILES:=$(foreach mod,$(IPT_QUEUE-m),$(LINUX_DIR)/net/$(mod).ko)
256 AUTOLOAD:=$(call AutoLoad,45,$(notdir $(IPT_QUEUE-m)))
257 $(call AddDepends/ipt)
258 endef
259
260 define KernelPackage/ipt-queue/description
261 Netfilter (IPv4) module for user-space packet queueing
262 Includes:
263 - QUEUE
264 endef
265
266 $(eval $(call KernelPackage,ipt-queue))
267
268
269 define KernelPackage/ipt-ulog
270 TITLE:=Module for user-space packet logging
271 KCONFIG:=$(KCONFIG_IPT_ULOG)
272 FILES:=$(foreach mod,$(IPT_ULOG-m),$(LINUX_DIR)/net/$(mod).ko)
273 AUTOLOAD:=$(call AutoLoad,45,$(notdir $(IPT_ULOG-m)))
274 $(call AddDepends/ipt)
275 endef
276
277 define KernelPackage/ipt-ulog/description
278 Netfilter (IPv4) module for user-space packet logging
279 Includes:
280 - ULOG
281 endef
282
283 $(eval $(call KernelPackage,ipt-ulog))
284
285
286 define KernelPackage/ipt-tproxy
287 TITLE:=Transparent proxying support
288 KCONFIG:= \
289 CONFIG_NETFILTER_TPROXY \
290 CONFIG_NETFILTER_XT_MATCH_SOCKET \
291 CONFIG_NETFILTER_XT_TARGET_TPROXY
292 FILES:= \
293 $(LINUX_DIR)/net/netfilter/nf_tproxy_core.ko \
294 $(foreach mod,$(IPT_TPROXY-m),$(LINUX_DIR)/net/$(mod).ko)
295 AUTOLOAD:=$(call AutoLoad,45,$(notdir nf_tproxy_core $(IPT_TPROXY-m)))
296 $(call AddDepends/ipt)
297 endef
298
299 define KernelPackage/ipt-tproxy/description
300 Kernel modules for Transparent Proxying
301 endef
302
303 $(eval $(call KernelPackage,ipt-tproxy))
304
305
306 define KernelPackage/ipt-iprange
307 TITLE:=Module for matching ip ranges
308 KCONFIG:=$(KCONFIG_IPT_IPRANGE)
309 FILES:=$(foreach mod,$(IPT_IPRANGE-m),$(LINUX_DIR)/net/$(mod).ko)
310 AUTOLOAD:=$(call AutoLoad,45,$(notdir $(IPT_IPRANGE-m)))
311 $(call AddDepends/ipt)
312 endef
313
314 define KernelPackage/ipt-iprange/description
315 Netfilter (IPv4) module for matching ip ranges
316 Includes:
317 - iprange
318 endef
319
320 $(eval $(call KernelPackage,ipt-iprange))
321
322
323 define KernelPackage/ipt-extra
324 TITLE:=Extra modules
325 KCONFIG:=$(KCONFIG_IPT_EXTRA)
326 FILES:=$(foreach mod,$(IPT_EXTRA-m),$(LINUX_DIR)/net/$(mod).ko)
327 AUTOLOAD:=$(call AutoLoad,45,$(notdir $(IPT_EXTRA-m)))
328 $(call AddDepends/ipt)
329 endef
330
331 define KernelPackage/ipt-extra/description
332 Other Netfilter (IPv4) kernel modules
333 Includes:
334 - condition (2.4 only)
335 - owner
336 - physdev (if bridge support was enabled in kernel)
337 - pkttype
338 - quota
339 endef
340
341 $(eval $(call KernelPackage,ipt-extra))
342
343
344 define KernelPackage/ip6tables
345 SUBMENU:=$(NF_MENU)
346 TITLE:=IPv6 modules
347 DEPENDS:=+kmod-ipv6
348 KCONFIG:=$(KCONFIG_IPT_IPV6)
349 FILES:=$(foreach mod,$(IPT_IPV6-m),$(LINUX_DIR)/net/$(mod).ko)
350 AUTOLOAD:=$(call AutoLoad,49,$(notdir $(IPT_IPV6-m)))
351 endef
352
353 define KernelPackage/ip6tables/description
354 Netfilter IPv6 firewalling support
355 endef
356
357 $(eval $(call KernelPackage,ip6tables))
358
359
360 define KernelPackage/arptables
361 SUBMENU:=$(NF_MENU)
362 TITLE:=ARP firewalling modules
363 FILES:=$(LINUX_DIR)/net/ipv4/netfilter/arp*.ko
364 KCONFIG:=CONFIG_IP_NF_ARPTABLES \
365 CONFIG_IP_NF_ARPFILTER \
366 CONFIG_IP_NF_ARP_MANGLE
367 AUTOLOAD:=$(call AutoLoad,49,$(notdir $(patsubst %.ko,%,$(wildcard $(LINUX_DIR)/net/ipv4/netfilter/arp*.ko))))
368 endef
369
370 define KernelPackage/arptables/description
371 Kernel modules for ARP firewalling
372 endef
373
374 $(eval $(call KernelPackage,arptables))
375
376
377 define KernelPackage/ebtables
378 SUBMENU:=$(NF_MENU)
379 TITLE:=Bridge firewalling modules
380 FILES:=$(foreach mod,$(EBTABLES-m),$(LINUX_DIR)/net/$(mod).ko)
381 KCONFIG:=CONFIG_BRIDGE_NETFILTER=y \
382 $(KCONFIG_EBTABLES)
383 AUTOLOAD:=$(call AutoLoad,49,$(notdir $(EBTABLES-m)))
384 endef
385
386 define KernelPackage/ebtables/description
387 ebtables is a general, extensible frame/packet identification
388 framework. It provides you to do Ethernet
389 filtering/NAT/brouting on the Ethernet bridge.
390 endef
391
392 $(eval $(call KernelPackage,ebtables))
393
394
395 define AddDepends/ebtables
396 SUBMENU:=$(NF_MENU)
397 DEPENDS+=kmod-ebtables $(1)
398 endef
399
400
401 define KernelPackage/ebtables-ipv4
402 TITLE:=ebtables: IPv4 support
403 FILES:=$(foreach mod,$(EBTABLES_IP4-m),$(LINUX_DIR)/net/$(mod).ko)
404 KCONFIG:=$(KCONFIG_EBTABLES_IP4)
405 AUTOLOAD:=$(call AutoLoad,49,$(notdir $(EBTABLES_IP4-m)))
406 $(call AddDepends/ebtables)
407 endef
408
409 define KernelPackage/ebtables-ipv4/description
410 This option adds the IPv4 support to ebtables, which allows basic
411 IPv4 header field filtering, ARP filtering as well as SNAT, DNAT targets.
412 endef
413
414 $(eval $(call KernelPackage,ebtables-ipv4))
415
416
417 define KernelPackage/ebtables-ipv6
418 TITLE:=ebtables: IPv6 support
419 FILES:=$(foreach mod,$(EBTABLES_IP6-m),$(LINUX_DIR)/net/$(mod).ko)
420 KCONFIG:=$(KCONFIG_EBTABLES_IP6)
421 AUTOLOAD:=$(call AutoLoad,49,$(notdir $(EBTABLES_IP6-m)))
422 $(call AddDepends/ebtables)
423 endef
424
425 define KernelPackage/ebtables-ipv6/description
426 This option adds the IPv6 support to ebtables, which allows basic
427 IPv6 header field filtering and target support.
428 endef
429
430 $(eval $(call KernelPackage,ebtables-ipv6))
431
432
433 define KernelPackage/ebtables-watchers
434 TITLE:=ebtables: watchers support
435 FILES:=$(foreach mod,$(EBTABLES_WATCHERS-m),$(LINUX_DIR)/net/$(mod).ko)
436 KCONFIG:=$(KCONFIG_EBTABLES_WATCHERS)
437 AUTOLOAD:=$(call AutoLoad,49,$(notdir $(EBTABLES_WATCHERS-m)))
438 $(call AddDepends/ebtables)
439 endef
440
441 define KernelPackage/ebtables-watchers/description
442 This option adds the log watchers, that you can use in any rule
443 in any ebtables table.
444 endef
445
446 $(eval $(call KernelPackage,ebtables-watchers))
447
448
449 define KernelPackage/nfnetlink
450 SUBMENU:=$(NF_MENU)
451 TITLE:=Netlink-based userspace interface
452 DEPENDS:=+kmod-ipt-core
453 FILES:=$(LINUX_DIR)/net/netfilter/nfnetlink.ko
454 KCONFIG:=CONFIG_NETFILTER_NETLINK
455 AUTOLOAD:=$(call AutoLoad,48,nfnetlink)
456 endef
457
458 define KernelPackage/nfnetlink/description
459 Kernel modules support for a netlink-based userspace interface
460 endef
461
462 $(eval $(call KernelPackage,nfnetlink))
463
464
465 define AddDepends/nfnetlink
466 SUBMENU:=$(NF_MENU)
467 DEPENDS+=+kmod-nfnetlink $(1)
468 endef
469
470
471 define KernelPackage/nfnetlink-log
472 TITLE:=Netfilter LOG over NFNETLINK interface
473 FILES:=$(LINUX_DIR)/net/netfilter/nfnetlink_log.ko
474 KCONFIG:=CONFIG_NETFILTER_NETLINK_LOG
475 AUTOLOAD:=$(call AutoLoad,48,nfnetlink_log)
476 $(call AddDepends/nfnetlink)
477 endef
478
479 define KernelPackage/nfnetlink-log/description
480 Kernel modules support for logging packets via NFNETLINK
481 endef
482
483 $(eval $(call KernelPackage,nfnetlink-log))
484
485
486 define KernelPackage/nfnetlink-queue
487 TITLE:=Netfilter QUEUE over NFNETLINK interface
488 FILES:=$(LINUX_DIR)/net/netfilter/nfnetlink_queue.ko
489 KCONFIG:=CONFIG_NETFILTER_NETLINK_QUEUE
490 AUTOLOAD:=$(call AutoLoad,48,nfnetlink_queue)
491 $(call AddDepends/nfnetlink)
492 endef
493
494 define KernelPackage/nfnetlink-queue/description
495 Kernel modules support for queueing packets via NFNETLINK
496 endef
497
498 $(eval $(call KernelPackage,nfnetlink-queue))
499
500
501 define KernelPackage/nf-conntrack-netlink
502 TITLE:=Connection tracking netlink interface
503 FILES:=$(LINUX_DIR)/net/netfilter/nf_conntrack_netlink.ko
504 KCONFIG:=CONFIG_NF_CT_NETLINK
505 AUTOLOAD:=$(call AutoLoad,49,nf_conntrack_netlink)
506 $(call AddDepends/nfnetlink,+kmod-ipt-conntrack)
507 endef
508
509 define KernelPackage/nf-conntrack-netlink/description
510 Kernel modules support for a netlink-based connection tracking
511 userspace interface
512 endef
513
514 $(eval $(call KernelPackage,nf-conntrack-netlink))
515
516 define KernelPackage/ipt-hashlimit
517 SUBMENU:=$(NF_MENU)
518 TITLE:=Netfilter hashlimit match
519 KCONFIG:=$(KCONFIG_IPT_HASHLIMIT)
520 FILES:=$(LINUX_DIR)/net/netfilter/xt_hashlimit.ko
521 AUTOLOAD:=$(call AutoLoad,50,xt_hashlimit)
522 $(call KernelPackage/ipt)
523 endef
524
525 define KernelPackage/ipt-hashlimit/description
526 Kernel modules support for the hashlimit bucket match module
527 endef
528
529 $(eval $(call KernelPackage,ipt-hashlimit))
Personal OpenWRT clone
This page took 0.065959 seconds and 5 git commands to generate.