X-Git-Url: https://git.rohieb.name/openwrt.git/blobdiff_plain/2b3519d8334c5a93202ea869e004b29dc380be32..17863d85c4fc0644bf186f7c84f68dd19a881678:/package/kernel/modules/netfilter.mk diff --git a/package/kernel/modules/netfilter.mk b/package/kernel/modules/netfilter.mk index 101550eac..4a99d0f5f 100644 --- a/package/kernel/modules/netfilter.mk +++ b/package/kernel/modules/netfilter.mk @@ -355,7 +355,7 @@ define KernelPackage/ip6tables SUBMENU:=$(NF_MENU) TITLE:=IPv6 modules DEPENDS:=+kmod-ipv6 - KCONFIG:=CONFIG_IP6_NF_IPTABLES + KCONFIG:=$(KCONFIG_IPT_IPV6) FILES:=$(foreach mod,$(IPT_IPV6-m),$(LINUX_DIR)/net/$(mod).$(LINUX_KMOD_SUFFIX)) AUTOLOAD:=$(call AutoLoad,49,$(notdir $(IPT_IPV6-m))) endef @@ -371,8 +371,10 @@ define KernelPackage/arptables SUBMENU:=$(NF_MENU) TITLE:=ARP firewalling modules FILES:=$(LINUX_DIR)/net/ipv4/netfilter/arp*.$(LINUX_KMOD_SUFFIX) - KCONFIG:=CONFIG_IP_NF_ARPTABLES - AUTOLOAD:=$(call AutoLoad,49,$(notdir $(patsubst %.ko,%,$(wildcard $(LINUX_DIR)/net/ipv4/netfilter/arp*.$(LINUX_KMOD_SUFFIX))))) + KCONFIG:=CONFIG_IP_NF_ARPTABLES \ + CONFIG_IP_NF_ARPFILTER \ + CONFIG_IP_NF_ARP_MANGLE + AUTOLOAD:=$(call AutoLoad,49,$(notdir $(patsubst %.$(LINUX_KMOD_SUFFIX),%,$(wildcard $(LINUX_DIR)/net/ipv4/netfilter/arp*.$(LINUX_KMOD_SUFFIX))))) endef define KernelPackage/arptables/description @@ -385,18 +387,67 @@ define KernelPackage/ebtables SUBMENU:=$(NF_MENU) TITLE:=Bridge firewalling modules DEPENDS:=@LINUX_2_6 - FILES:=$(LINUX_DIR)/net/bridge/netfilter/*.$(LINUX_KMOD_SUFFIX) + FILES:=$(foreach mod,$(EBTABLES-m),$(LINUX_DIR)/net/$(mod).$(LINUX_KMOD_SUFFIX)) KCONFIG:=CONFIG_BRIDGE_NETFILTER=y \ - CONFIG_BRIDGE_NF_EBTABLES - AUTOLOAD:=$(call AutoLoad,49,$(notdir $(patsubst %.ko,%,ebtables.ko $(wildcard $(LINUX_DIR)/net/bridge/netfilter/ebtable_*.$(LINUX_KMOD_SUFFIX)) $(wildcard $(LINUX_DIR)/net/bridge/netfilter/ebt_*.$(LINUX_KMOD_SUFFIX))))) + $(KCONFIG_EBTABLES) + AUTOLOAD:=$(call AutoLoad,49,$(notdir $(EBTABLES-m))) endef define KernelPackage/ebtables/description - Kernel modules for Ethernet Bridge firewalling + ebtables is a general, extensible frame/packet identification + framework. It provides you to do Ethernet + filtering/NAT/brouting on the Ethernet bridge. endef $(eval $(call KernelPackage,ebtables)) +define KernelPackage/ebtables-ipv4 + SUBMENU:=$(NF_MENU) + TITLE:=ebtables: IPv4 support + DEPENDS:= kmod-ebtables + FILES:=$(foreach mod,$(EBTABLES_IP4-m),$(LINUX_DIR)/net/$(mod).$(LINUX_KMOD_SUFFIX)) + KCONFIG:=$(KCONFIG_EBTABLES_IP4) + AUTOLOAD:=$(call AutoLoad,49,$(notdir $(EBTABLES_IP4-m))) +endef + +define KernelPackage/ebtables-ipv4/description + This option adds the IPv4 support to ebtables, which allows basic + IPv4 header field filtering, ARP filtering as well as SNAT, DNAT targets. +endef + +$(eval $(call KernelPackage,ebtables-ipv4)) + +define KernelPackage/ebtables-ipv6 + SUBMENU:=$(NF_MENU) + TITLE:=ebtables: IPv6 support + DEPENDS:= kmod-ebtables + FILES:=$(foreach mod,$(EBTABLES_IP6-m),$(LINUX_DIR)/net/$(mod).$(LINUX_KMOD_SUFFIX)) + KCONFIG:=$(KCONFIG_EBTABLES_IP6) + AUTOLOAD:=$(call AutoLoad,49,$(notdir $(EBTABLES_IP6-m))) +endef + +define KernelPackage/ebtables-ipv6/description + This option adds the IPv6 support to ebtables, which allows basic + IPv6 header field filtering and target support. +endef + +$(eval $(call KernelPackage,ebtables-ipv6)) + +define KernelPackage/ebtables-watchers + SUBMENU:=$(NF_MENU) + TITLE:=ebtables: watchers support + DEPENDS:= kmod-ebtables + FILES:=$(foreach mod,$(EBTABLES_WATCHERS-m),$(LINUX_DIR)/net/$(mod).$(LINUX_KMOD_SUFFIX)) + KCONFIG:=$(KCONFIG_EBTABLES_WATCHERS) + AUTOLOAD:=$(call AutoLoad,49,$(notdir $(EBTABLES_WATCHERS-m))) +endef + +define KernelPackage/ebtables-watchers/description + This option adds the log watchers, that you can use in any rule + in any ebtables table. +endef + +$(eval $(call KernelPackage,ebtables-watchers)) define KernelPackage/nfnetlink SUBMENU:=$(NF_MENU)