mirror of https://github.com/hak5/openwrt-owl.git
netfilter: add packages for arp and bridge tables of nftables
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>owl
parent
bbef76f1b1
commit
352c74fcb4
|
@ -340,15 +340,23 @@ $(eval $(if $(NF_KMOD),$(call nf_add,NFT_CORE,CONFIG_NFT_CHAIN_ROUTE_IPV6, $(P_V
|
|||
$(eval $(if $(NF_KMOD),$(call nf_add,NFT_CORE,CONFIG_NFT_REDIR, $(P_XT)nft_redir, ge 3.19.0),))
|
||||
$(eval $(if $(NF_KMOD),$(call nf_add,NFT_CORE,CONFIG_NFT_QUOTA, $(P_XT)nft_quota, ge 4.9.0),))
|
||||
|
||||
$(eval $(if $(NF_KMOD),$(call nf_add,NFT_ARP,CONFIG_NF_TABLES_ARP, $(P_V4)nf_tables_arp),))
|
||||
|
||||
$(eval $(if $(NF_KMOD),$(call nf_add,NFT_BRIDGE,CONFIG_NF_TABLES_BRIDGE, $(P_EBT)nf_tables_bridge),))
|
||||
$(eval $(if $(NF_KMOD),$(call nf_add,NFT_BRIDGE,CONFIG_NFT_BRIDGE_META, $(P_EBT)nft_meta_bridge),))
|
||||
$(eval $(if $(NF_KMOD),$(call nf_add,NFT_BRIDGE,CONFIG_NFT_BRIDGE_REJECT, $(P_EBT)nft_reject_bridge),))
|
||||
|
||||
$(eval $(if $(NF_KMOD),$(call nf_add,NFT_NAT,CONFIG_NFT_NAT, $(P_XT)nft_nat),))
|
||||
$(eval $(if $(NF_KMOD),$(call nf_add,NFT_NAT,CONFIG_NFT_CHAIN_NAT_IPV4, $(P_V4)nft_chain_nat_ipv4),))
|
||||
$(eval $(if $(NF_KMOD),$(call nf_add,NFT_NAT,CONFIG_NFT_REDIR_IPV4, $(P_V4)nft_redir_ipv4, ge 3.19.0),))
|
||||
$(eval $(if $(NF_KMOD),$(call nf_add,NFT_NAT6,CONFIG_NFT_REDIR_IPV6, $(P_V6)nft_redir_ipv6, ge 3.19.0),))
|
||||
$(eval $(if $(NF_KMOD),$(call nf_add,NFT_NAT6,CONFIG_NFT_CHAIN_NAT_IPV6, $(P_V6)nft_chain_nat_ipv6),))
|
||||
$(eval $(if $(NF_KMOD),$(call nf_add,NFT_NAT,CONFIG_NFT_MASQ, $(P_XT)nft_masq),))
|
||||
$(eval $(if $(NF_KMOD),$(call nf_add,NFT_NAT,CONFIG_NFT_MASQ_IPV4, $(P_V4)nft_masq_ipv4),))
|
||||
|
||||
$(eval $(if $(NF_KMOD),$(call nf_add,NFT_NAT6,CONFIG_NFT_REDIR_IPV6, $(P_V6)nft_redir_ipv6, ge 3.19.0),))
|
||||
$(eval $(if $(NF_KMOD),$(call nf_add,NFT_NAT6,CONFIG_NFT_CHAIN_NAT_IPV6, $(P_V6)nft_chain_nat_ipv6),))
|
||||
$(eval $(if $(NF_KMOD),$(call nf_add,NFT_NAT6,CONFIG_NFT_MASQ_IPV6, $(P_V6)nft_masq_ipv6),))
|
||||
|
||||
|
||||
# userland only
|
||||
IPT_BUILTIN += $(NF_IPT-y) $(NF_IPT-m)
|
||||
IPT_BUILTIN += $(IPT_CORE-y) $(IPT_CORE-m)
|
||||
|
|
|
@ -907,8 +907,6 @@ define KernelPackage/nft-core
|
|||
KCONFIG:= \
|
||||
CONFIG_NFT_COMPAT=n \
|
||||
CONFIG_NFT_QUEUE=n \
|
||||
CONFIG_NF_TABLES_ARP=n \
|
||||
CONFIG_NF_TABLES_BRIDGE=n \
|
||||
$(KCONFIG_NFT_CORE)
|
||||
endef
|
||||
|
||||
|
@ -919,6 +917,32 @@ endef
|
|||
$(eval $(call KernelPackage,nft-core))
|
||||
|
||||
|
||||
define KernelPackage/nft-arp
|
||||
SUBMENU:=$(NF_MENU)
|
||||
TITLE:=Netfilter nf_tables ARP table support
|
||||
DEPENDS:=+kmod-nft-core
|
||||
FILES:=$(foreach mod,$(NFT_ARP-m),$(LINUX_DIR)/net/$(mod).ko)
|
||||
AUTOLOAD:=$(call AutoProbe,$(notdir $(NFT_ARP-m)))
|
||||
KCONFIG:=$(KCONFIG_NFT_ARP)
|
||||
endef
|
||||
|
||||
$(eval $(call KernelPackage,nft-arp))
|
||||
|
||||
|
||||
define KernelPackage/nft-bridge
|
||||
SUBMENU:=$(NF_MENU)
|
||||
TITLE:=Netfilter nf_tables bridge table support
|
||||
DEPENDS:=+kmod-nft-core
|
||||
FILES:=$(foreach mod,$(NFT_BRIDGE-m),$(LINUX_DIR)/net/$(mod).ko)
|
||||
AUTOLOAD:=$(call AutoProbe,$(notdir $(NFT_BRIDGE-m)))
|
||||
KCONFIG:= \
|
||||
CONFIG_NF_LOG_BRIDGE=n \
|
||||
$(KCONFIG_NFT_BRIDGE)
|
||||
endef
|
||||
|
||||
$(eval $(call KernelPackage,nft-bridge))
|
||||
|
||||
|
||||
define KernelPackage/nft-nat
|
||||
SUBMENU:=$(NF_MENU)
|
||||
TITLE:=Netfilter nf_tables NAT support
|
||||
|
|
Loading…
Reference in New Issue