+
#
# Copyright (C) 2006-2008 OpenWrt.org
#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
#
-# $Id$
NF_MENU:=Netfilter Extensions
NF_KMOD:=1
KCONFIG:=$(KCONFIG_IPT_FILTER)
FILES:=$(foreach mod,$(IPT_FILTER-m),$(LINUX_DIR)/net/$(mod).$(LINUX_KMOD_SUFFIX))
AUTOLOAD:=$(call AutoLoad,45,$(notdir $(IPT_FILTER-m)))
- DEPENDS:= kmod-ipt-core
+ DEPENDS:=kmod-ipt-core +LINUX_2_6:kmod-textsearch
endef
define KernelPackage/ipt-filter/description
Netfilter (IPv4) kernel modules for packet content inspection
Includes:
- - ipt_ipp2p
- ipt_layer7
+ - ipt_string
endef
$(eval $(call KernelPackage,ipt-filter))
KCONFIG:=$(KCONFIG_IPT_NATHELPER_EXTRA)
FILES:=$(foreach mod,$(IPT_NATHELPER_EXTRA-m),$(LINUX_DIR)/net/$(mod).$(LINUX_KMOD_SUFFIX))
AUTOLOAD:=$(call AutoLoad,45,$(notdir $(IPT_NATHELPER_EXTRA-m)))
- DEPENDS:= kmod-ipt-core +kmod-ipt-nat
+ DEPENDS:= kmod-ipt-core +kmod-ipt-nat +kmod-textsearch
endef
define KernelPackage/ipt-nathelper-extra/description
CONFIG_IMQ \
CONFIG_IMQ_BEHAVIOR_BA=y \
CONFIG_IMQ_NUM_DEVS=2 \
- CONFIG_IP_NF_TARGET_IMQ
+ CONFIG_NETFILTER_XT_TARGET_IMQ
FILES:= \
$(LINUX_DIR)/drivers/net/imq.$(LINUX_KMOD_SUFFIX) \
$(foreach mod,$(IPT_IMQ-m),$(LINUX_DIR)/net/$(mod).$(LINUX_KMOD_SUFFIX))
imq \
$(IPT_IMQ-m) \
))
- DEPENDS:= kmod-ipt-core @!LINUX_2_6_27
+ DEPENDS:= kmod-ipt-core
endef
define KernelPackage/ipt-imq/description
- ipt_recent
- iptable_raw
- xt_NOTRACK
- - xt_TARPIT
- - xt_DELUDE
- - xt_CHAOS
endef
$(eval $(call KernelPackage,ipt-extra))
-# XXX: disabled on 2.6.27 due to broken IMQ
define KernelPackage/ip6tables
SUBMENU:=$(NF_MENU)
TITLE:=IPv6 modules
- DEPENDS:=+kmod-ipv6 @!LINUX_2_6_27
+ DEPENDS:=+kmod-ipv6
KCONFIG:=CONFIG_IP6_NF_IPTABLES
FILES:=$(foreach mod,$(IPT_IPV6-m),$(LINUX_DIR)/net/$(mod).$(LINUX_KMOD_SUFFIX))
AUTOLOAD:=$(call AutoLoad,49,$(notdir $(IPT_IPV6-m)))
SUBMENU:=$(NF_MENU)
TITLE:=ARP firewalling modules
FILES:=$(LINUX_DIR)/net/ipv4/netfilter/arp*.$(LINUX_KMOD_SUFFIX)
- KCONFIG:=CONFIG_IP_NF_ARPTABLES
+ KCONFIG:=CONFIG_IP_NF_ARPTABLES \
+ CONFIG_IP_NF_ARPFILTER \
+ CONFIG_IP_NF_ARP_MANGLE
AUTOLOAD:=$(call AutoLoad,49,$(notdir $(patsubst %.ko,%,$(wildcard $(LINUX_DIR)/net/ipv4/netfilter/arp*.$(LINUX_KMOD_SUFFIX)))))
endef
endef
$(eval $(call KernelPackage,ebtables))
+
+
+define KernelPackage/nfnetlink
+ SUBMENU:=$(NF_MENU)
+ TITLE:=Netlink-based userspace interface
+ DEPENDS:=@LINUX_2_6 +kmod-ipt-core
+ FILES:=$(LINUX_DIR)/net/netfilter/nfnetlink.$(LINUX_KMOD_SUFFIX)
+ KCONFIG:=CONFIG_NETFILTER_NETLINK
+ AUTOLOAD:=$(call AutoLoad,48,nfnetlink)
+endef
+
+define KernelPackage/nfnetlink/description
+ Kernel modules support for a netlink-based userspace interface
+endef
+
+$(eval $(call KernelPackage,nfnetlink))
+
+
+define KernelPackage/nfnetlink-log
+ SUBMENU:=$(NF_MENU)
+ TITLE:=Netfilter LOG over NFNETLINK interface
+ DEPENDS:=@LINUX_2_6 +kmod-nfnetlink
+ FILES:=$(LINUX_DIR)/net/netfilter/nfnetlink_log.$(LINUX_KMOD_SUFFIX)
+ KCONFIG:=CONFIG_NETFILTER_NETLINK_LOG
+ AUTOLOAD:=$(call AutoLoad,48,nfnetlink_log)
+endef
+
+define KernelPackage/nfnetlink-log/description
+ Kernel modules support for logging packets via NFNETLINK
+endef
+
+$(eval $(call KernelPackage,nfnetlink-log))
+
+
+define KernelPackage/nfnetlink-queue
+ SUBMENU:=$(NF_MENU)
+ TITLE:=Netfilter QUEUE over NFNETLINK interface
+ DEPENDS:=@LINUX_2_6 +kmod-nfnetlink
+ FILES:=$(LINUX_DIR)/net/netfilter/nfnetlink_queue.$(LINUX_KMOD_SUFFIX)
+ KCONFIG:=CONFIG_NETFILTER_NETLINK_QUEUE
+ AUTOLOAD:=$(call AutoLoad,48,nfnetlink_queue)
+endef
+
+define KernelPackage/nfnetlink-queue/description
+ Kernel modules support for queueing packets via NFNETLINK
+endef
+
+$(eval $(call KernelPackage,nfnetlink-queue))
+
+
+define KernelPackage/nf-conntrack-netlink
+ SUBMENU:=$(NF_MENU)
+ TITLE:=Connection tracking netlink interface
+ DEPENDS:=@LINUX_2_6 +kmod-nfnetlink +kmod-ipt-conntrack
+ FILES:=$(LINUX_DIR)/net/netfilter/nf_conntrack_netlink.$(LINUX_KMOD_SUFFIX)
+ KCONFIG:=CONFIG_NF_CT_NETLINK
+ AUTOLOAD:=$(call AutoLoad,49,nf_conntrack_netlink)
+endef
+
+define KernelPackage/nf-conntrack-netlink/description
+ Kernel modules support for a netlink-based connection tracking
+ userspace interface
+endef
+
+$(eval $(call KernelPackage,nf-conntrack-netlink))