summaryrefslogtreecommitdiff
path: root/include/netfilter.mk
AgeCommit message (Collapse)Author
2014-03-11iptables/netfilter: add connlimit to conntrack-extracyrus
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@39878 3c298f89-4303-0410-b956-a3cf2f4a3e73
2013-09-03Fix IPv6 NAT breaking older kernelscyrus
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@37891 3c298f89-4303-0410-b956-a3cf2f4a3e73
2013-09-01netfilter: Add IPv6-NAT support for kernel and iptcyrus
Thanks to Berni, Adam Novak and Sedat Dilek for patches and inspiration git-svn-id: svn://svn.openwrt.org/openwrt/trunk@37866 3c298f89-4303-0410-b956-a3cf2f4a3e73
2013-08-21netfilter: fix typoluka
Signed-off-by: Luka Perkov <luka@openwrt.org> git-svn-id: svn://svn.openwrt.org/openwrt/trunk@37821 3c298f89-4303-0410-b956-a3cf2f4a3e73
2013-07-15netfilter: remove use of obsolete compatibility config symbols for mark and ↵nbd
connmark fixes duplication of xt_mark and xt_connmark module entries Signed-off-by: Felix Fietkau <nbd@openwrt.org> git-svn-id: svn://svn.openwrt.org/openwrt/trunk@37344 3c298f89-4303-0410-b956-a3cf2f4a3e73
2013-05-21netfilter: move time, mark, set matches and MARK, REDIRECT, SET targets into ↵jow
base iptables package - drop iptables-mod-ipset git-svn-id: svn://svn.openwrt.org/openwrt/trunk@36683 3c298f89-4303-0410-b956-a3cf2f4a3e73
2013-03-07netfilter: Fix typo in last commitcyrus
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@35899 3c298f89-4303-0410-b956-a3cf2f4a3e73
2013-03-07iptables: Add missing IPv6 builtin modulescyrus
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@35898 3c298f89-4303-0410-b956-a3cf2f4a3e73
2013-02-04package/kernel: xt_NOTRACK has been removed in 3.7-rc1juhosg
Signed-off-by: Gabor Juhos <juhosg@openwrt.org> git-svn-id: svn://svn.openwrt.org/openwrt/trunk@35475 3c298f89-4303-0410-b956-a3cf2f4a3e73
2013-01-14netfilter.mk: add addrtype match to iptables-mod-extra (kmod-ipt-extra)jow
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@35155 3c298f89-4303-0410-b956-a3cf2f4a3e73
2013-01-10netfilter: xt_NOTRACK is incorporated in xt_CT as of 3.8-rc3florian
Signed-off-by: Florian Fainelli <florian@openwrt.org> git-svn-id: svn://svn.openwrt.org/openwrt/trunk@35087 3c298f89-4303-0410-b956-a3cf2f4a3e73
2012-12-22[netfilter] fix ipv4 nat on 3.7 by adding missing iptables modulesblogic
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@34841 3c298f89-4303-0410-b956-a3cf2f4a3e73
2012-12-18netfilter: fix module list for 3.7 kerneljuhosg
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com> Signed-off-by: Gabor Juhos <juhosg@openwrt.org> git-svn-id: svn://svn.openwrt.org/openwrt/trunk@34750 3c298f89-4303-0410-b956-a3cf2f4a3e73
2012-12-15netfilter.mk: extend nf_add macro to take a version dependency expressionjow
- nf_add now takes an optional 4th argument which specifies a kernel version dependency, e.g. "lt 3.7.0" - remove CompareKernelPatchVer conditionals around nf_add invocations, use version depends instead - fixes xt_LOG.ko packaging with Linux 3.6.0 and later git-svn-id: svn://svn.openwrt.org/openwrt/trunk@34681 3c298f89-4303-0410-b956-a3cf2f4a3e73
2012-12-11netfilter.mk: fix packaging of xt_LOG.ko, it moved between 3.3.8 and 3.6.xjow
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@34625 3c298f89-4303-0410-b956-a3cf2f4a3e73
2012-11-18kernel: fix loading of nf_nat_irchauke
nf_nat_irc depends on nf_conntrack_irc and it should be defined after that. This fixes a problem introduced in r34247. git-svn-id: svn://svn.openwrt.org/openwrt/trunk@34251 3c298f89-4303-0410-b956-a3cf2f4a3e73
2012-11-18[generic]: add 3.7-rc6 support (patch 820 still has to be fixed)kaloz
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@34247 3c298f89-4303-0410-b956-a3cf2f4a3e73
2012-09-23include/netfilter.mk: remove a few obsolete linesnbd
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@33518 3c298f89-4303-0410-b956-a3cf2f4a3e73
2012-06-18kmod-ipt-nathelper-extra: fix missing nf_conntrack_broadcast.konbd
kmod-ipt-nathelper-extra is missing the package nf_conntrack_broadcast.ko if it is not included into the kmod-ipt-nathelper-extra packge the modules nf_conntrack_snmp and nf_nat_snmp_basic cant get loaded: [ 44.500000] nf_conntrack_snmp: Unknown symbol nf_conntrack_broadcast_help (err 0) [ 44.664000] nf_nat_snmp_basic: Unknown symbol nf_nat_snmp_hook (err 0) Signed-off-by: Peter Wagner <tripolar@gmx.at> git-svn-id: svn://svn.openwrt.org/openwrt/trunk@32434 3c298f89-4303-0410-b956-a3cf2f4a3e73
2012-06-07include/netfilter.mk: clean up, remove junk for old kernel versionsnbd
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@32114 3c298f89-4303-0410-b956-a3cf2f4a3e73
2012-03-12[netfilter] fix ipt_ttl and ipt_TTL userspace library packagingjow
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@30897 3c298f89-4303-0410-b956-a3cf2f4a3e73
2012-02-02kernel: update module names and add new config symbols for linux 3.3jogo
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@29985 3c298f89-4303-0410-b956-a3cf2f4a3e73
2012-01-04add CT target and TTL/HL match+targetjow
This patch adds the CT target for conntrack (enables manipulation of conntrack events and supercedes NOTRACK) as well as the TTL/HL target and match. git-svn-id: svn://svn.openwrt.org/openwrt/trunk@29645 3c298f89-4303-0410-b956-a3cf2f4a3e73
2012-01-04[netfilter] remove current RTSP supportjow
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@29643 3c298f89-4303-0410-b956-a3cf2f4a3e73
2011-12-25[netfilter] package CT targetjow
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@29609 3c298f89-4303-0410-b956-a3cf2f4a3e73
2011-06-01netfilter.mk: remove a few obsolete CompareKernelPatchVer callsnbd
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@27086 3c298f89-4303-0410-b956-a3cf2f4a3e73
2011-05-24[netfilter] package u32 match and TEE target, patches by Maxim Uvarovjow
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@26977 3c298f89-4303-0410-b956-a3cf2f4a3e73
2011-04-12firewall: allow local redirection of portsjow
Allow a redirect like: config redirect option src 'wan' option dest 'lan' option src_dport '22001' option dest_port '22' option proto 'tcp' note the absence of the "dest_ip" field, meaning to terminate the connection on the firewall itself. This patch makes three changes: (1) moves the conntrack module into the conntrack package (but not any of the conntrack_* helpers). (2) fixes a bug where the wrong table is used when the "dest_ip" field is absent. (3) accepts incoming connections on the destination port on the input_ZONE table, but only for DNATted connections. In the above example, ssh -p 22 root@myrouter would fail from the outside, but: ssh -p 22001 root@myrouter would succeed. This is handy if: (1) you want to avoid ssh probes on your router, or (2) you want to redirect incoming connections on port 22 to some machine inside your firewall, but still want to allow firewall access from outside. Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com> git-svn-id: svn://svn.openwrt.org/openwrt/trunk@26617 3c298f89-4303-0410-b956-a3cf2f4a3e73
2011-04-09iipt-debug: create bundle of netfilter modules for debugginghauke
Add a bundle for including commonly useful modules for IPtables debugging and development. For now, it just contains xt_TRACE.ko Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com> git-svn-id: svn://svn.openwrt.org/openwrt/trunk@26567 3c298f89-4303-0410-b956-a3cf2f4a3e73
2011-04-03[package] add kmod-ipt-ledflorian
Netfilter LED target triggers blinkenlichten when a network packet hits a rule. LED target requires iptables 1.4.9 or higher Signed-off-by: Łukasz Stelmach <stlman@poczta.fm> git-svn-id: svn://svn.openwrt.org/openwrt/trunk@26451 3c298f89-4303-0410-b956-a3cf2f4a3e73
2011-02-27netfilter.mk: put ipv6 conntrack in the right packagenbd
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@25750 3c298f89-4303-0410-b956-a3cf2f4a3e73
2011-02-26netfilter: add missing modules for v6 conntrack (patch from #8940)nbd
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@25731 3c298f89-4303-0410-b956-a3cf2f4a3e73
2011-02-26move nf_{conntrack,nat}_tftp to ipt-nathelper-extra, most people don't need thisnbd
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@25722 3c298f89-4303-0410-b956-a3cf2f4a3e73
2011-02-21kernel: remove imq support, refresh patchesnbd
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@25641 3c298f89-4303-0410-b956-a3cf2f4a3e73
2010-12-19[include] netfilter.mk: fix connmark packaging for Kernels >= 2.6.35, thanks ↵jow
Daniel Gimpelevich git-svn-id: svn://svn.openwrt.org/openwrt/trunk@24729 3c298f89-4303-0410-b956-a3cf2f4a3e73
2010-10-18[include] netfilter: workaround a userspace/kernel mismatch on Linux 2.6.35 ↵jow
and later git-svn-id: svn://svn.openwrt.org/openwrt/trunk@23521 3c298f89-4303-0410-b956-a3cf2f4a3e73
2010-07-17finalize r22241 fixesacoul
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@22242 3c298f89-4303-0410-b956-a3cf2f4a3e73
2010-06-22[netfilter] package TPROXY target and module infrastructurejow
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@21883 3c298f89-4303-0410-b956-a3cf2f4a3e73
2010-06-14include/netfilter.mk fix typo on r21795acoul
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@21796 3c298f89-4303-0410-b956-a3cf2f4a3e73
2010-06-14include/netfilter.mk: add 2.6.35 kernel supportacoul
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@21795 3c298f89-4303-0410-b956-a3cf2f4a3e73
2010-04-04netfilter: extension fixes (partially closes: #7045)nico
* add missing xt_owner (2.6) * enable ipt_quota (2.4), disabled in [8499] is building fine with recent iptables * add missing ipt_nat_tftp (2.4) * add missing nf_nat_amanda (2.6) git-svn-id: svn://svn.openwrt.org/openwrt/trunk@20693 3c298f89-4303-0410-b956-a3cf2f4a3e73
2010-04-04[cosmectic] include/netfilter.mk: move ebtables definitions at the endnico
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@20690 3c298f89-4303-0410-b956-a3cf2f4a3e73
2010-02-26[netfilter] properly package xt_comment.ko (#6742)jow
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@19861 3c298f89-4303-0410-b956-a3cf2f4a3e73
2010-02-19[generic-2.4] netfilter: add support for raw table and NOTRACK target (#5504)jow
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@19721 3c298f89-4303-0410-b956-a3cf2f4a3e73
2009-12-08[package] iptables: add comment match to the core packagejow
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@18706 3c298f89-4303-0410-b956-a3cf2f4a3e73
2009-10-11[kernel] netfilter: remove IPset leftovers missed from [17844]nico
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@18032 3c298f89-4303-0410-b956-a3cf2f4a3e73
2009-09-27[ipset] Update ipset to version 3.2hauke
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@17764 3c298f89-4303-0410-b956-a3cf2f4a3e73
2009-07-25[package] split ebtables packages and modules into ebtables ipv4/6 and ↵florian
watchers (#5001) git-svn-id: svn://svn.openwrt.org/openwrt/trunk@16980 3c298f89-4303-0410-b956-a3cf2f4a3e73
2009-07-24[package] fix ip6tables installation against ip6t_HL which has been merged ↵florian
in xt_HL since 2.6.29 (#5568) git-svn-id: svn://svn.openwrt.org/openwrt/trunk@16964 3c298f89-4303-0410-b956-a3cf2f4a3e73
2009-05-14netfilter: move iptable_raw, xt_NOTRACK from conntrack-extra to conntracknbd
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@15854 3c298f89-4303-0410-b956-a3cf2f4a3e73
generated by cgit v1.2.3 (git 2.39.1) at 2024-10-16 23:25:23 +0000