3 # Copyright (C) 2006-2008 OpenWrt.org
5 # This is free software, licensed under the GNU General Public License v2.
6 # See /LICENSE for more information.
9 NF_MENU:=Netfilter Extensions
11 include $(INCLUDE_DIR)/netfilter.mk
13 define KernelPackage/ipt-core
16 KCONFIG:=$(KCONFIG_IPT_CORE)
17 FILES:=$(foreach mod,$(IPT_CORE-m),$(LINUX_DIR)/net/$(mod).$(LINUX_KMOD_SUFFIX))
18 AUTOLOAD:=$(call AutoLoad,40,$(notdir $(IPT_CORE-m)))
21 define KernelPackage/ipt-core/description
22 Netfilter core kernel modules
32 $(eval $(call KernelPackage,ipt-core))
35 define KernelPackage/ipt/Depends
37 DEPENDS:= kmod-ipt-core $(1)
41 define KernelPackage/ipt-conntrack
42 $(call KernelPackage/ipt/Depends,)
43 TITLE:=Basic connection tracking modules
44 KCONFIG:=$(KCONFIG_IPT_CONNTRACK)
45 FILES:=$(foreach mod,$(IPT_CONNTRACK-m),$(LINUX_DIR)/net/$(mod).$(LINUX_KMOD_SUFFIX))
46 AUTOLOAD:=$(call AutoLoad,41,$(notdir $(IPT_CONNTRACK-m)))
49 define KernelPackage/ipt-conntrack/description
50 Netfilter (IPv4) kernel modules for connection tracking
60 $(eval $(call KernelPackage,ipt-conntrack))
63 define KernelPackage/ipt-conntrack-extra
64 $(call KernelPackage/ipt/Depends,+kmod-ipt-conntrack)
65 TITLE:=Extra connection tracking modules
66 KCONFIG:=$(KCONFIG_IPT_CONNTRACK_EXTRA)
67 FILES:=$(foreach mod,$(IPT_CONNTRACK_EXTRA-m),$(LINUX_DIR)/net/$(mod).$(LINUX_KMOD_SUFFIX))
68 AUTOLOAD:=$(call AutoLoad,42,$(notdir $(IPT_CONNTRACK_EXTRA-m)))
71 define KernelPackage/ipt-conntrack-extra/description
72 Netfilter (IPv4) extra kernel modules for connection tracking
81 $(eval $(call KernelPackage,ipt-conntrack-extra))
84 define KernelPackage/ipt-filter
85 $(call KernelPackage/ipt/Depends,+LINUX_2_6:kmod-textsearch)
86 TITLE:=Modules for packet content inspection
87 KCONFIG:=$(KCONFIG_IPT_FILTER)
88 FILES:=$(foreach mod,$(IPT_FILTER-m),$(LINUX_DIR)/net/$(mod).$(LINUX_KMOD_SUFFIX))
89 AUTOLOAD:=$(call AutoLoad,45,$(notdir $(IPT_FILTER-m)))
92 define KernelPackage/ipt-filter/description
93 Netfilter (IPv4) kernel modules for packet content inspection
99 $(eval $(call KernelPackage,ipt-filter))
102 define KernelPackage/ipt-ipopt
103 $(call KernelPackage/ipt/Depends,)
104 TITLE:=Modules for matching/changing IP packet options
105 KCONFIG:=$(KCONFIG_IPT_IPOPT)
106 FILES:=$(foreach mod,$(IPT_IPOPT-m),$(LINUX_DIR)/net/$(mod).$(LINUX_KMOD_SUFFIX))
107 AUTOLOAD:=$(call AutoLoad,45,$(notdir $(IPT_IPOPT-m)))
110 define KernelPackage/ipt-ipopt/description
111 Netfilter (IPv4) modules for matching/changing IP packet options
123 $(eval $(call KernelPackage,ipt-ipopt))
126 define KernelPackage/ipt-ipsec
127 $(call KernelPackage/ipt/Depends,)
128 TITLE:=Modules for matching IPSec packets
129 KCONFIG:=$(KCONFIG_IPT_IPSEC)
130 FILES:=$(foreach mod,$(IPT_IPSEC-m),$(LINUX_DIR)/net/$(mod).$(LINUX_KMOD_SUFFIX))
131 AUTOLOAD:=$(call AutoLoad,45,$(notdir $(IPT_IPSEC-m)))
134 define KernelPackage/ipt-ipsec/description
135 Netfilter (IPv4) modules for matching IPSec packets
141 $(eval $(call KernelPackage,ipt-ipsec))
144 define KernelPackage/ipt-nat
145 $(call KernelPackage/ipt/Depends,+kmod-ipt-conntrack)
146 TITLE:=Basic NAT targets
147 KCONFIG:=$(KCONFIG_IPT_NAT)
148 FILES:=$(foreach mod,$(IPT_NAT-m),$(LINUX_DIR)/net/$(mod).$(LINUX_KMOD_SUFFIX))
149 AUTOLOAD:=$(call AutoLoad,42,$(notdir $(IPT_NAT-m)))
152 define KernelPackage/ipt-nat/description
153 Netfilter (IPv4) kernel modules for basic NAT targets
158 $(eval $(call KernelPackage,ipt-nat))
161 define KernelPackage/ipt-nat-extra
162 $(call KernelPackage/ipt/Depends,+kmod-ipt-nat)
163 TITLE:=Extra NAT targets
164 KCONFIG:=$(KCONFIG_IPT_NAT_EXTRA)
165 FILES:=$(foreach mod,$(IPT_NAT_EXTRA-m),$(LINUX_DIR)/net/$(mod).$(LINUX_KMOD_SUFFIX))
166 AUTOLOAD:=$(call AutoLoad,43,$(notdir $(IPT_NAT_EXTRA-m)))
169 define KernelPackage/ipt-nat-extra/description
170 Netfilter (IPv4) kernel modules for extra NAT targets
177 $(eval $(call KernelPackage,ipt-nat-extra))
180 define KernelPackage/ipt-nathelper
181 $(call KernelPackage/ipt/Depends,+kmod-ipt-nat)
182 TITLE:=Basic Conntrack and NAT helpers
183 KCONFIG:=$(KCONFIG_IPT_NATHELPER)
184 FILES:=$(foreach mod,$(IPT_NATHELPER-m),$(LINUX_DIR)/net/$(mod).$(LINUX_KMOD_SUFFIX))
185 AUTOLOAD:=$(call AutoLoad,45,$(notdir $(IPT_NATHELPER-m)))
188 define KernelPackage/ipt-nathelper/description
189 Default Netfilter (IPv4) Conntrack and NAT helpers
199 $(eval $(call KernelPackage,ipt-nathelper))
202 define KernelPackage/ipt-nathelper-extra
203 $(call KernelPackage/ipt/Depends,+kmod-ipt-nat +LINUX_2_6:kmod-textsearch)
204 TITLE:=Extra Conntrack and NAT helpers
205 KCONFIG:=$(KCONFIG_IPT_NATHELPER_EXTRA)
206 FILES:=$(foreach mod,$(IPT_NATHELPER_EXTRA-m),$(LINUX_DIR)/net/$(mod).$(LINUX_KMOD_SUFFIX))
207 AUTOLOAD:=$(call AutoLoad,45,$(notdir $(IPT_NATHELPER_EXTRA-m)))
210 define KernelPackage/ipt-nathelper-extra/description
211 Extra Netfilter (IPv4) Conntrack and NAT helpers
213 - ip_conntrack_amanda
214 - ip_conntrack_proto_gre
223 $(eval $(call KernelPackage,ipt-nathelper-extra))
226 define KernelPackage/ipt-imq
227 $(call KernelPackage/ipt/Depends,)
228 TITLE:=Intermediate Queueing support
231 CONFIG_IMQ_BEHAVIOR_BA=y \
232 CONFIG_IMQ_NUM_DEVS=2 \
233 CONFIG_NETFILTER_XT_TARGET_IMQ
235 $(LINUX_DIR)/drivers/net/imq.$(LINUX_KMOD_SUFFIX) \
236 $(foreach mod,$(IPT_IMQ-m),$(LINUX_DIR)/net/$(mod).$(LINUX_KMOD_SUFFIX))
237 AUTOLOAD:=$(call AutoLoad,45,$(notdir \
243 define KernelPackage/ipt-imq/description
244 Kernel support for Intermediate Queueing devices
247 $(eval $(call KernelPackage,ipt-imq))
250 define KernelPackage/ipt-queue
251 $(call KernelPackage/ipt/Depends,)
252 TITLE:=Module for user-space packet queueing
253 KCONFIG:=$(KCONFIG_IPT_QUEUE)
254 FILES:=$(foreach mod,$(IPT_QUEUE-m),$(LINUX_DIR)/net/$(mod).$(LINUX_KMOD_SUFFIX))
255 AUTOLOAD:=$(call AutoLoad,45,$(notdir $(IPT_QUEUE-m)))
258 define KernelPackage/ipt-queue/description
259 Netfilter (IPv4) module for user-space packet queueing
264 $(eval $(call KernelPackage,ipt-queue))
267 define KernelPackage/ipt-ulog
268 $(call KernelPackage/ipt/Depends,)
269 TITLE:=Module for user-space packet logging
270 KCONFIG:=$(KCONFIG_IPT_ULOG)
271 FILES:=$(foreach mod,$(IPT_ULOG-m),$(LINUX_DIR)/net/$(mod).$(LINUX_KMOD_SUFFIX))
272 AUTOLOAD:=$(call AutoLoad,45,$(notdir $(IPT_ULOG-m)))
275 define KernelPackage/ipt-ulog/description
276 Netfilter (IPv4) module for user-space packet logging
281 $(eval $(call KernelPackage,ipt-ulog))
284 define KernelPackage/ipt-iprange
285 $(call KernelPackage/ipt/Depends,)
286 TITLE:=Module for matching ip ranges
287 KCONFIG:=$(KCONFIG_IPT_IPRANGE)
288 FILES:=$(foreach mod,$(IPT_IPRANGE-m),$(LINUX_DIR)/net/$(mod).$(LINUX_KMOD_SUFFIX))
289 AUTOLOAD:=$(call AutoLoad,45,$(notdir $(IPT_IPRANGE-m)))
292 define KernelPackage/ipt-iprange/description
293 Netfilter (IPv4) module for matching ip ranges
298 $(eval $(call KernelPackage,ipt-iprange))
301 define KernelPackage/ipt-extra
302 $(call KernelPackage/ipt/Depends,)
304 KCONFIG:=$(KCONFIG_IPT_EXTRA)
305 FILES:=$(foreach mod,$(IPT_EXTRA-m),$(LINUX_DIR)/net/$(mod).$(LINUX_KMOD_SUFFIX))
306 AUTOLOAD:=$(call AutoLoad,45,$(notdir $(IPT_EXTRA-m)))
309 define KernelPackage/ipt-extra/description
310 Other Netfilter (IPv4) kernel modules
318 $(eval $(call KernelPackage,ipt-extra))
321 define KernelPackage/ip6tables
325 KCONFIG:=$(KCONFIG_IPT_IPV6)
326 FILES:=$(foreach mod,$(IPT_IPV6-m),$(LINUX_DIR)/net/$(mod).$(LINUX_KMOD_SUFFIX))
327 AUTOLOAD:=$(call AutoLoad,49,$(notdir $(IPT_IPV6-m)))
330 define KernelPackage/ip6tables/description
331 Netfilter IPv6 firewalling support
334 $(eval $(call KernelPackage,ip6tables))
337 define KernelPackage/arptables
339 TITLE:=ARP firewalling modules
340 FILES:=$(LINUX_DIR)/net/ipv4/netfilter/arp*.$(LINUX_KMOD_SUFFIX)
341 KCONFIG:=CONFIG_IP_NF_ARPTABLES \
342 CONFIG_IP_NF_ARPFILTER \
343 CONFIG_IP_NF_ARP_MANGLE
344 AUTOLOAD:=$(call AutoLoad,49,$(notdir $(patsubst %.$(LINUX_KMOD_SUFFIX),%,$(wildcard $(LINUX_DIR)/net/ipv4/netfilter/arp*.$(LINUX_KMOD_SUFFIX)))))
347 define KernelPackage/arptables/description
348 Kernel modules for ARP firewalling
351 $(eval $(call KernelPackage,arptables))
354 define KernelPackage/ebtables
356 TITLE:=Bridge firewalling modules
358 FILES:=$(foreach mod,$(EBTABLES-m),$(LINUX_DIR)/net/$(mod).$(LINUX_KMOD_SUFFIX))
359 KCONFIG:=CONFIG_BRIDGE_NETFILTER=y \
361 AUTOLOAD:=$(call AutoLoad,49,$(notdir $(EBTABLES-m)))
364 define KernelPackage/ebtables/description
365 ebtables is a general, extensible frame/packet identification
366 framework. It provides you to do Ethernet
367 filtering/NAT/brouting on the Ethernet bridge.
370 $(eval $(call KernelPackage,ebtables))
373 define KernelPackage/ebtables/Depends
375 DEPENDS:=kmod-ebtables $(1)
379 define KernelPackage/ebtables-ipv4
380 $(call KernelPackage/ebtables/Depends,)
381 TITLE:=ebtables: IPv4 support
382 FILES:=$(foreach mod,$(EBTABLES_IP4-m),$(LINUX_DIR)/net/$(mod).$(LINUX_KMOD_SUFFIX))
383 KCONFIG:=$(KCONFIG_EBTABLES_IP4)
384 AUTOLOAD:=$(call AutoLoad,49,$(notdir $(EBTABLES_IP4-m)))
387 define KernelPackage/ebtables-ipv4/description
388 This option adds the IPv4 support to ebtables, which allows basic
389 IPv4 header field filtering, ARP filtering as well as SNAT, DNAT targets.
392 $(eval $(call KernelPackage,ebtables-ipv4))
395 define KernelPackage/ebtables-ipv6
396 $(call KernelPackage/ebtables/Depends,)
397 TITLE:=ebtables: IPv6 support
398 FILES:=$(foreach mod,$(EBTABLES_IP6-m),$(LINUX_DIR)/net/$(mod).$(LINUX_KMOD_SUFFIX))
399 KCONFIG:=$(KCONFIG_EBTABLES_IP6)
400 AUTOLOAD:=$(call AutoLoad,49,$(notdir $(EBTABLES_IP6-m)))
403 define KernelPackage/ebtables-ipv6/description
404 This option adds the IPv6 support to ebtables, which allows basic
405 IPv6 header field filtering and target support.
408 $(eval $(call KernelPackage,ebtables-ipv6))
411 define KernelPackage/ebtables-watchers
412 $(call KernelPackage/ebtables/Depends,)
413 TITLE:=ebtables: watchers support
414 FILES:=$(foreach mod,$(EBTABLES_WATCHERS-m),$(LINUX_DIR)/net/$(mod).$(LINUX_KMOD_SUFFIX))
415 KCONFIG:=$(KCONFIG_EBTABLES_WATCHERS)
416 AUTOLOAD:=$(call AutoLoad,49,$(notdir $(EBTABLES_WATCHERS-m)))
419 define KernelPackage/ebtables-watchers/description
420 This option adds the log watchers, that you can use in any rule
421 in any ebtables table.
424 $(eval $(call KernelPackage,ebtables-watchers))
427 define KernelPackage/nfnetlink
429 TITLE:=Netlink-based userspace interface
430 DEPENDS:=@LINUX_2_6 +kmod-ipt-core
431 FILES:=$(LINUX_DIR)/net/netfilter/nfnetlink.$(LINUX_KMOD_SUFFIX)
432 KCONFIG:=CONFIG_NETFILTER_NETLINK
433 AUTOLOAD:=$(call AutoLoad,48,nfnetlink)
436 define KernelPackage/nfnetlink/description
437 Kernel modules support for a netlink-based userspace interface
440 $(eval $(call KernelPackage,nfnetlink))
443 define KernelPackage/nfnetlink/Depends
445 DEPENDS:=@LINUX_2_6 +kmod-nfnetlink $(1)
449 define KernelPackage/nfnetlink-log
450 $(call KernelPackage/nfnetlink/Depends,)
451 TITLE:=Netfilter LOG over NFNETLINK interface
452 FILES:=$(LINUX_DIR)/net/netfilter/nfnetlink_log.$(LINUX_KMOD_SUFFIX)
453 KCONFIG:=CONFIG_NETFILTER_NETLINK_LOG
454 AUTOLOAD:=$(call AutoLoad,48,nfnetlink_log)
457 define KernelPackage/nfnetlink-log/description
458 Kernel modules support for logging packets via NFNETLINK
461 $(eval $(call KernelPackage,nfnetlink-log))
464 define KernelPackage/nfnetlink-queue
465 $(call KernelPackage/nfnetlink/Depends,)
466 TITLE:=Netfilter QUEUE over NFNETLINK interface
467 FILES:=$(LINUX_DIR)/net/netfilter/nfnetlink_queue.$(LINUX_KMOD_SUFFIX)
468 KCONFIG:=CONFIG_NETFILTER_NETLINK_QUEUE
469 AUTOLOAD:=$(call AutoLoad,48,nfnetlink_queue)
472 define KernelPackage/nfnetlink-queue/description
473 Kernel modules support for queueing packets via NFNETLINK
476 $(eval $(call KernelPackage,nfnetlink-queue))
479 define KernelPackage/nf-conntrack-netlink
480 $(call KernelPackage/nfnetlink/Depends,+kmod-ipt-conntrack)
481 TITLE:=Connection tracking netlink interface
482 FILES:=$(LINUX_DIR)/net/netfilter/nf_conntrack_netlink.$(LINUX_KMOD_SUFFIX)
483 KCONFIG:=CONFIG_NF_CT_NETLINK
484 AUTOLOAD:=$(call AutoLoad,49,nf_conntrack_netlink)
487 define KernelPackage/nf-conntrack-netlink/description
488 Kernel modules support for a netlink-based connection tracking
492 $(eval $(call KernelPackage,nf-conntrack-netlink))
projects / openwrt.git / blob