mirror of https://github.com/hak5/openwrt-owl.git
backport netfilter modules split introduced by changeset:2083 in whiterussian (fix ticket:40)
SVN-Revision: 2430owl
parent
983e2788cc
commit
d626a78938
|
@ -188,21 +188,141 @@ config BR2_PACKAGE_KMOD_EBTABLES
|
|||
help
|
||||
Kernel modules for bridge firewalling
|
||||
|
||||
config BR2_PACKAGE_KMOD_IPTABLES_V4
|
||||
prompt "kmod-iptables..................... Basic set of kernel modules for iptables"
|
||||
config BR2_PACKAGE_KMOD_IPTABLES
|
||||
prompt "kmod-iptables..................... Core Netfilter modules for IPv4 firewalling"
|
||||
tristate
|
||||
default y
|
||||
help
|
||||
Kernel modules for IPv4 firewalling
|
||||
|
||||
config BR2_PACKAGE_KMOD_IPTABLES_V4_EXTRA
|
||||
prompt "kmod-iptables-extra............... Extra modules for iptables"
|
||||
config BR2_PACKAGE_KMOD_IPTABLES_EXTRA
|
||||
prompt "kmod-iptables-extra............... Extra Netfilter modules for IPv4 firewalling (meta-package)"
|
||||
tristate
|
||||
default m
|
||||
select BR2_PACKAGE_KMOD_IPT_CONNTRACK
|
||||
select BR2_PACKAGE_KMOD_IPT_FILTER
|
||||
select BR2_PACKAGE_KMOD_IPT_IPOPT
|
||||
select BR2_PACKAGE_KMOD_IPT_IPSEC
|
||||
select BR2_PACKAGE_KMOD_IPT_NAT
|
||||
select BR2_PACKAGE_KMOD_IPT_NAT_EXTRA
|
||||
select BR2_PACKAGE_KMOD_IPT_QUEUE
|
||||
select BR2_PACKAGE_KMOD_IPT_ULOG
|
||||
select BR2_PACKAGE_KMOD_IPT_EXTRA
|
||||
help
|
||||
Extra Netfilter kernel modules for IPv4 firewalling (meta-package)
|
||||
|
||||
config BR2_PACKAGE_KMOD_IPT_CONNTRACK
|
||||
prompt "kmod-ipt-conntrack................ Netfilter modules for connection tracking"
|
||||
tristate
|
||||
default m
|
||||
help
|
||||
Extra kernel modules for IPv4 firewalling
|
||||
Netfilter (IPv4) kernel modules for connection tracking
|
||||
|
||||
config BR2_PACKAGE_KMOD_IPTABLES_V6
|
||||
Includes:
|
||||
* ipt_conntrack
|
||||
* ipt_helper
|
||||
* ipt_connmark/CONNMARK
|
||||
|
||||
config BR2_PACKAGE_KMOD_IPT_FILTER
|
||||
prompt "kmod-ipt-filter................... Netfilter modules for packet content inspection"
|
||||
tristate
|
||||
default m
|
||||
help
|
||||
Netfilter (IPv4) kernel modules for packet content inspection
|
||||
|
||||
Includes:
|
||||
* ipt_ipp2p
|
||||
* ipt_layer7
|
||||
|
||||
config BR2_PACKAGE_KMOD_IPT_IPOPT
|
||||
prompt "kmod-ipt-ipopt.................... Netfilter modules for matching/changing IP packet options"
|
||||
tristate
|
||||
default m
|
||||
help
|
||||
Netfilter (IPv4) kernel modules for matching/changing IP packet options
|
||||
|
||||
Includes:
|
||||
* ipt_dscp/DSCP
|
||||
* ipt_ecn/ECN
|
||||
* ipt_length
|
||||
* ipt_mac
|
||||
* ipt_tos/TOS
|
||||
* ipt_tcpmms
|
||||
* ipt_ttl/TTL
|
||||
* ipt_unclean
|
||||
|
||||
config BR2_PACKAGE_KMOD_IPT_IPSEC
|
||||
prompt "kmod-ipt-ipsec.................... Netfilter modules for matching IPsec packets"
|
||||
tristate
|
||||
default m
|
||||
help
|
||||
Netfilter (IPv4) kernel modules for matching IPsec packets
|
||||
|
||||
Includes:
|
||||
* ipt_ah
|
||||
* ipt_esp
|
||||
|
||||
config BR2_PACKAGE_KMOD_IPT_NAT
|
||||
prompt "kmod-ipt-nat...................... Netfilter modules for different NAT targets"
|
||||
tristate
|
||||
default m
|
||||
help
|
||||
Netfilter (IPv4) kernel modules for different NAT targets
|
||||
|
||||
Includes:
|
||||
* ipt_REDIRECT
|
||||
|
||||
config BR2_PACKAGE_KMOD_IPT_NAT_EXTRA
|
||||
prompt "kmod-ipt-nat-extra................ Extra Netfilter NAT modules for special protocols"
|
||||
tristate
|
||||
default m
|
||||
help
|
||||
Extra Netfilter (IPv4) NAT kernel modules for special protocols
|
||||
|
||||
Includes:
|
||||
* ip_conntrack_amanda
|
||||
* ip_conntrack_proto_gre
|
||||
* ip_nat_proto_gre
|
||||
* ip_conntrack_pptp
|
||||
* ip_nat_pptp
|
||||
* ip_nat_snmp_basic
|
||||
* ip_conntrack_tftp
|
||||
|
||||
config BR2_PACKAGE_KMOD_IPT_QUEUE
|
||||
prompt "kmod-ipt-queue.................... Netfilter module for user-space packet queueing"
|
||||
tristate
|
||||
default m
|
||||
help
|
||||
Netfilter (IPv4) module for user-space packet queueing
|
||||
|
||||
Includes:
|
||||
* ipt_QUEUE
|
||||
|
||||
config BR2_PACKAGE_KMOD_IPT_ULOG
|
||||
prompt "kmod-ipt-ulog..................... Netfilter module for user-space packet logging"
|
||||
tristate
|
||||
default m
|
||||
help
|
||||
Netfilter (IPv4) module for user-space packet logging
|
||||
|
||||
Includes:
|
||||
* ipt_ULOG
|
||||
|
||||
config BR2_PACKAGE_KMOD_IPT_EXTRA
|
||||
prompt "kmod-ipt-extra.................... Other extra Netfilter modules"
|
||||
tristate
|
||||
default m
|
||||
help
|
||||
Other extra Netfilter (IPv4) kernel modules
|
||||
|
||||
Includes:
|
||||
* ipt_limit
|
||||
* ipt_owner
|
||||
* ipt_physdev
|
||||
* ipt_pkttype
|
||||
* ipt_recent
|
||||
|
||||
config BR2_PACKAGE_KMOD_IP6TABLES
|
||||
prompt "kmod-ip6tables.................... Kernel modules for ip6tables"
|
||||
tristate
|
||||
default m
|
||||
|
|
|
@ -0,0 +1,4 @@
|
|||
Package: kmod-imq
|
||||
Priority: optional
|
||||
Section: net
|
||||
Description: Kernel support for the Intermediate Queueing device
|
|
@ -0,0 +1,4 @@
|
|||
Package: kmod-ipt-conntrack
|
||||
Priority: optional
|
||||
Section: net
|
||||
Description: Extra Netfilter (IPv4) kernel modules for connection tracking
|
|
@ -0,0 +1,4 @@
|
|||
Package: kmod-ipt-extra
|
||||
Priority: optional
|
||||
Section: net
|
||||
Description: Other extra Netfilter (IPv4) kernel modules
|
|
@ -0,0 +1,4 @@
|
|||
Package: kmod-ipt-filter
|
||||
Priority: optional
|
||||
Section: net
|
||||
Description: Netfilter (IPv4) kernel modules for packet content inspection
|
|
@ -0,0 +1,4 @@
|
|||
Package: kmod-ipt-ipopt
|
||||
Priority: optional
|
||||
Section: net
|
||||
Description: Netfilter (IPv4) kernel modules for matching/changing IP packet options
|
|
@ -0,0 +1,4 @@
|
|||
Package: kmod-ipt-ipsec
|
||||
Priority: optional
|
||||
Section: net
|
||||
Description: Netfilter (IPv4) kernel modules for matching special IPsec packets
|
|
@ -0,0 +1,4 @@
|
|||
Package: kmod-ipt-nat-extra
|
||||
Priority: optional
|
||||
Section: net
|
||||
Description: Extra Netfilter (IPv4) NAT kernel modules for special protocols
|
|
@ -0,0 +1,4 @@
|
|||
Package: kmod-ipt-nat
|
||||
Priority: optional
|
||||
Section: net
|
||||
Description: Netfilter (IPv4) kernel modules for different NAT targets
|
|
@ -0,0 +1,4 @@
|
|||
Package: kmod-ipt-queue
|
||||
Priority: optional
|
||||
Section: net
|
||||
Description: Netfilter (IPv4) kernel module for user-space packet queuing
|
|
@ -0,0 +1,4 @@
|
|||
Package: kmod-ipt-ulog
|
||||
Priority: optional
|
||||
Section: net
|
||||
Description: Netfilter (IPv4) kernel module for user-space packet logging
|
|
@ -50,6 +50,7 @@ ifeq ($(BOARD),ar7)
|
|||
include ./ar7.mk
|
||||
endif
|
||||
|
||||
include ../netfilter.mk
|
||||
|
||||
# Networking
|
||||
|
||||
|
@ -62,6 +63,11 @@ $(eval $(call KMOD_template,GRE,gre,\
|
|||
$(MODULES_DIR)/kernel/net/ipv4/ip_gre.o \
|
||||
,CONFIG_NET_IPGRE))
|
||||
|
||||
$(eval $(call KMOD_template,IMQ,imq,\
|
||||
$(MODULES_DIR)/kernel/net/*/netfilter/*IMQ*.o \
|
||||
$(MODULES_DIR)/kernel/drivers/net/imq.o \
|
||||
))
|
||||
|
||||
$(eval $(call KMOD_template,IPV6,ipv6,\
|
||||
$(MODULES_DIR)/kernel/net/ipv6/ipv6.o \
|
||||
,CONFIG_IPV6,,20,ipv6))
|
||||
|
@ -107,11 +113,47 @@ $(eval $(call KMOD_template,EBTABLES,ebtables,\
|
|||
$(MODULES_DIR)/kernel/net/bridge/netfilter/*.o \
|
||||
,CONFIG_BRIDGE_NF_EBTABLES))
|
||||
|
||||
$(eval $(call KMOD_template,IPTABLES_V4_EXTRA,iptables-extra,\
|
||||
$(MODULES_DIR)/kernel/net/ipv4/netfilter/ip*.o \
|
||||
# metapackage for compatibility ...
|
||||
$(eval $(call KMOD_template,IPTABLES_EXTRA,iptables-extra,\
|
||||
,,kmod-ipt-conntrack kmod-ipt-extra kmod-ipt-filter kmod-ipt-ipopt kmod-ipt-ipsec kmod-ipt-nat kmod-ipt-nat-extra kmod-ipt-queue kmod-ipt-ulogd))
|
||||
|
||||
$(eval $(call KMOD_template,IPT_CONNTRACK,ipt-conntrack,\
|
||||
$(foreach mod,$(IPKG_KMOD_IPT_CONNTRACK-m),$(MODULES_DIR)/kernel/net/ipv4/netfilter/$(mod).o) \
|
||||
))
|
||||
|
||||
$(eval $(call KMOD_template,IPTABLES_V6,ip6tables,\
|
||||
$(eval $(call KMOD_template,IPT_EXTRA,ipt-extra,\
|
||||
$(foreach mod,$(IPKG_KMOD_IPT_EXTRA-m),$(MODULES_DIR)/kernel/net/ipv4/netfilter/$(mod).o) \
|
||||
))
|
||||
|
||||
$(eval $(call KMOD_template,IPT_FILTER,ipt-filter,\
|
||||
$(foreach mod,$(IPKG_KMOD_IPT_FILTER-m),$(MODULES_DIR)/kernel/net/ipv4/netfilter/$(mod).o) \
|
||||
))
|
||||
|
||||
$(eval $(call KMOD_template,IPT_IPOPT,ipt-ipopt,\
|
||||
$(foreach mod,$(IPKG_KMOD_IPT_IPOPT-m),$(MODULES_DIR)/kernel/net/ipv4/netfilter/$(mod).o) \
|
||||
))
|
||||
|
||||
$(eval $(call KMOD_template,IPT_IPSEC,ipt-ipsec,\
|
||||
$(foreach mod,$(IPKG_KMOD_IPT_IPSEC-m),$(MODULES_DIR)/kernel/net/ipv4/netfilter/$(mod).o) \
|
||||
))
|
||||
|
||||
$(eval $(call KMOD_template,IPT_NAT,ipt-nat,\
|
||||
$(foreach mod,$(IPKG_KMOD_IPT_NAT-m),$(MODULES_DIR)/kernel/net/ipv4/netfilter/$(mod).o) \
|
||||
))
|
||||
|
||||
$(eval $(call KMOD_template,IPT_NAT_EXTRA,ipt-nat-extra,\
|
||||
$(foreach mod,$(IPKG_KMOD_IPT_NAT_EXTRA-m),$(MODULES_DIR)/kernel/net/ipv4/netfilter/$(mod).o) \
|
||||
,,,40,$(IPKG_KMOD_IPT_NAT_EXTRA-m)))
|
||||
|
||||
$(eval $(call KMOD_template,IPT_QUEUE,ipt-queue,\
|
||||
$(foreach mod,$(IPKG_KMOD_IPT_QUEUE-m),$(MODULES_DIR)/kernel/net/ipv4/netfilter/$(mod).o) \
|
||||
))
|
||||
|
||||
$(eval $(call KMOD_template,IPT_ULOG,ipt-ulog,\
|
||||
$(foreach mod,$(IPKG_KMOD_IPT_ULOG-m),$(MODULES_DIR)/kernel/net/ipv4/netfilter/$(mod).o) \
|
||||
))
|
||||
|
||||
$(eval $(call KMOD_template,IP6TABLES,ip6tables,\
|
||||
$(MODULES_DIR)/kernel/net/ipv6/netfilter/ip*.o \
|
||||
,CONFIG_IP6_NF_IPTABLES,kmod-ipv6))
|
||||
|
||||
|
|
|
@ -51,6 +51,7 @@ ifeq ($(BOARD),x86)
|
|||
include ./x86.mk
|
||||
endif
|
||||
|
||||
include ../netfilter.mk
|
||||
|
||||
# Networking
|
||||
|
||||
|
@ -63,6 +64,11 @@ $(eval $(call KMOD_template,GRE,gre,\
|
|||
$(MODULES_DIR)/kernel/net/ipv4/ip_gre.ko \
|
||||
,CONFIG_NET_IPGRE))
|
||||
|
||||
$(eval $(call KMOD_template,IMQ,imq,\
|
||||
$(MODULES_DIR)/kernel/net/*/netfilter/*IMQ*.ko \
|
||||
$(MODULES_DIR)/kernel/drivers/net/imq.ko \
|
||||
))
|
||||
|
||||
$(eval $(call KMOD_template,IPV6,ipv6,\
|
||||
$(MODULES_DIR)/kernel/net/ipv6/ipv6.ko \
|
||||
,CONFIG_IPV6,,20,ipv6))
|
||||
|
@ -105,11 +111,47 @@ $(eval $(call KMOD_template,EBTABLES,ebtables,\
|
|||
$(MODULES_DIR)/kernel/net/bridge/netfilter/*.ko \
|
||||
,CONFIG_BRIDGE_NF_EBTABLES))
|
||||
|
||||
$(eval $(call KMOD_template,IPTABLES_V4_EXTRA,iptables-extra,\
|
||||
$(MODULES_DIR)/kernel/net/ipv4/netfilter/ip*.ko \
|
||||
# metapackage for compatibility ...
|
||||
$(eval $(call KMOD_template,IPTABLES_EXTRA,iptables-extra,\
|
||||
,,kmod-ipt-conntrack kmod-ipt-extra kmod-ipt-filter kmod-ipt-ipopt kmod-ipt-ipsec kmod-ipt-nat kmod-ipt-nat-extra kmod-ipt-queue kmod-ipt-ulogd))
|
||||
|
||||
$(eval $(call KMOD_template,IPT_CONNTRACK,ipt-conntrack,\
|
||||
$(foreach mod,$(IPKG_KMOD_IPT_CONNTRACK-m),$(MODULES_DIR)/kernel/net/ipv4/netfilter/$(mod).ko) \
|
||||
))
|
||||
|
||||
$(eval $(call KMOD_template,IPTABLES_V6,ip6tables,\
|
||||
$(eval $(call KMOD_template,IPT_EXTRA,ipt-extra,\
|
||||
$(foreach mod,$(IPKG_KMOD_IPT_EXTRA-m),$(MODULES_DIR)/kernel/net/ipv4/netfilter/$(mod).ko) \
|
||||
))
|
||||
|
||||
$(eval $(call KMOD_template,IPT_FILTER,ipt-filter,\
|
||||
$(foreach mod,$(IPKG_KMOD_IPT_FILTER-m),$(MODULES_DIR)/kernel/net/ipv4/netfilter/$(mod).ko) \
|
||||
))
|
||||
|
||||
$(eval $(call KMOD_template,IPT_IPOPT,ipt-ipopt,\
|
||||
$(foreach mod,$(IPKG_KMOD_IPT_IPOPT-m),$(MODULES_DIR)/kernel/net/ipv4/netfilter/$(mod).ko) \
|
||||
))
|
||||
|
||||
$(eval $(call KMOD_template,IPT_IPSEC,ipt-ipsec,\
|
||||
$(foreach mod,$(IPKG_KMOD_IPT_IPSEC-m),$(MODULES_DIR)/kernel/net/ipv4/netfilter/$(mod).ko) \
|
||||
))
|
||||
|
||||
$(eval $(call KMOD_template,IPT_NAT,ipt-nat,\
|
||||
$(foreach mod,$(IPKG_KMOD_IPT_NAT-m),$(MODULES_DIR)/kernel/net/ipv4/netfilter/$(mod).ko) \
|
||||
))
|
||||
|
||||
$(eval $(call KMOD_template,IPT_NAT_EXTRA,ipt-nat-extra,\
|
||||
$(foreach mod,$(IPKG_KMOD_IPT_NAT_EXTRA-m),$(MODULES_DIR)/kernel/net/ipv4/netfilter/$(mod).ko) \
|
||||
,,,40,$(IPKG_KMOD_IPT_NAT_EXTRA-m)))
|
||||
|
||||
$(eval $(call KMOD_template,IPT_QUEUE,ipt-queue,\
|
||||
$(foreach mod,$(IPKG_KMOD_IPT_QUEUE-m),$(MODULES_DIR)/kernel/net/ipv4/netfilter/$(mod).ko) \
|
||||
))
|
||||
|
||||
$(eval $(call KMOD_template,IPT_ULOG,ipt-ulog,\
|
||||
$(foreach mod,$(IPKG_KMOD_IPT_ULOG-m),$(MODULES_DIR)/kernel/net/ipv4/netfilter/$(mod).ko) \
|
||||
))
|
||||
|
||||
$(eval $(call KMOD_template,IP6TABLES,ip6tables,\
|
||||
$(MODULES_DIR)/kernel/net/ipv6/netfilter/ip*.ko \
|
||||
,CONFIG_IP6_NF_IPTABLES,kmod-ipv6))
|
||||
|
||||
|
|
|
@ -0,0 +1,136 @@
|
|||
# $Id: netfilter.mk 2411 2005-11-11 03:41:43Z nico $
|
||||
|
||||
#
|
||||
# kernel modules
|
||||
#
|
||||
|
||||
IPKG_KMOD_IPT_CONNTRACK-m :=
|
||||
IPKG_KMOD_IPT_CONNTRACK-$(CONFIG_IP_NF_MATCH_CONNTRACK) += ipt_conntrack
|
||||
IPKG_KMOD_IPT_CONNTRACK-$(CONFIG_IP_NF_MATCH_HELPER) += ipt_helper
|
||||
IPKG_KMOD_IPT_CONNTRACK-$(CONFIG_IP_NF_MATCH_CONNMARK) += ipt_connmark
|
||||
IPKG_KMOD_IPT_CONNTRACK-$(CONFIG_IP_NF_TARGET_CONNMARK) += ipt_CONNMARK
|
||||
IPKG_KMOD_IPT_CONNTRACK-$(CONFIG_IP_NF_MATCH_STATE) += ipt_state
|
||||
|
||||
IPKG_KMOD_IPT_EXTRA-m :=
|
||||
IPKG_KMOD_IPT_EXTRA-$(CONFIG_IP_NF_MATCH_LIMIT) += ipt_limit
|
||||
IPKG_KMOD_IPT_EXTRA-$(CONFIG_IP_NF_TARGET_LOG) += ipt_LOG
|
||||
IPKG_KMOD_IPT_EXTRA-$(CONFIG_IP_NF_MATCH_MULTIPORT) += multiport
|
||||
IPKG_KMOD_IPT_EXTRA-$(CONFIG_IP_NF_MATCH_OWNER) += ipt_owner
|
||||
IPKG_KMOD_IPT_EXTRA-$(CONFIG_IP_NF_MATCH_PHYSDEV) += ipt_physdev
|
||||
IPKG_KMOD_IPT_EXTRA-$(CONFIG_IP_NF_MATCH_PKTTYPE) += ipt_pkttype
|
||||
IPKG_KMOD_IPT_EXTRA-$(CONFIG_IP_NF_MATCH_RECENT) += ipt_recent
|
||||
IPKG_KMOD_IPT_EXTRA-$(CONFIG_IP_NF_TARGET_REJECT) += ipt_REJECT
|
||||
|
||||
IPKG_KMOD_IPT_FILTER-m :=
|
||||
IPKG_KMOD_IPT_FILTER-$(CONFIG_IP_NF_MATCH_IPP2P) += ipt_ipp2p
|
||||
IPKG_KMOD_IPT_FILTER-$(CONFIG_IP_NF_MATCH_LAYER7) += ipt_layer7
|
||||
|
||||
IPKG_KMOD_IPT_IPOPT-m :=
|
||||
IPKG_KMOD_IPT_IPOPT-$(CONFIG_IP_NF_MATCH_DSCP) += ipt_dscp
|
||||
IPKG_KMOD_IPT_IPOPT-$(CONFIG_IP_NF_TARGET_DSCP) += ipt_DSCP
|
||||
IPKG_KMOD_IPT_IPOPT-$(CONFIG_IP_NF_MATCH_ECN) += ipt_ecn
|
||||
IPKG_KMOD_IPT_IPOPT-$(CONFIG_IP_NF_TARGET_ECN) += ipt_ECN
|
||||
IPKG_KMOD_IPT_IPOPT-$(CONFIG_IP_NF_MATCH_LENGTH) += ipt_length
|
||||
IPKG_KMOD_IPT_IPOPT-$(CONFIG_IP_NF_MATCH_MAC) += ipt_mac
|
||||
IPKG_KMOD_IPT_IPOPT-$(CONFIG_IP_NF_MATCH_MARK) += ipt_mark
|
||||
IPKG_KMOD_IPT_IPOPT-$(CONFIG_IP_NF_TARGET_MARK) += ipt_MARK
|
||||
IPKG_KMOD_IPT_IPOPT-$(CONFIG_IP_NF_MATCH_TCPMSS) += ipt_tcpmss
|
||||
IPKG_KMOD_IPT_IPOPT-$(CONFIG_IP_NF_TARGET_TCPMSS) += ipt_TCPMSS
|
||||
IPKG_KMOD_IPT_IPOPT-$(CONFIG_IP_NF_MATCH_TOS) += ipt_tos
|
||||
IPKG_KMOD_IPT_IPOPT-$(CONFIG_IP_NF_TARGET_TOS) += ipt_TOS
|
||||
IPKG_KMOD_IPT_IPOPT-$(CONFIG_IP_NF_MATCH_TTL) += ipt_ttl
|
||||
IPKG_KMOD_IPT_IPOPT-$(CONFIG_IP_NF_TARGET_TTL) += ipt_TTL
|
||||
IPKG_KMOD_IPT_IPOPT-$(CONFIG_IP_NF_MATCH_UNCLEAN) += ipt_unclean
|
||||
|
||||
IPKG_KMOD_IPT_IPSEC-m :=
|
||||
IPKG_KMOD_IPT_IPSEC-$(CONFIG_IP_NF_MATCH_AH_ESP) += ipt_ah ipt_esp
|
||||
|
||||
IPKG_KMOD_IPT_NAT-m :=
|
||||
IPKG_KMOD_IPT_NAT-$(CONFIG_IP_NF_TARGET_MASQUERADE) += ipt_MASQUERADE
|
||||
IPKG_KMOD_IPT_NAT-$(CONFIG_IP_NF_TARGET_MIRROR) += ipt_MIRROR
|
||||
IPKG_KMOD_IPT_NAT-$(CONFIG_IP_NF_TARGET_REDIRECT) += ipt_REDIRECT
|
||||
|
||||
IPKG_KMOD_IPT_NAT_EXTRA-m :=
|
||||
IPKG_KMOD_IPT_NAT_EXTRA-$(CONFIG_IP_NF_AMANDA) += ip_conntrack_amanda
|
||||
IPKG_KMOD_IPT_NAT_EXTRA-$(CONFIG_IP_NF_CT_PROTO_GRE) += ip_conntrack_proto_gre
|
||||
IPKG_KMOD_IPT_NAT_EXTRA-$(CONFIG_IP_NF_NAT_PROTO_GRE) += ip_nat_proto_gre
|
||||
IPKG_KMOD_IPT_NAT_EXTRA-$(CONFIG_IP_NF_PPTP) += ip_conntrack_pptp
|
||||
IPKG_KMOD_IPT_NAT_EXTRA-$(CONFIG_IP_NF_NAT_PPTP) += ip_nat_pptp
|
||||
IPKG_KMOD_IPT_NAT_EXTRA-$(CONFIG_IP_NF_NAT_SNMP_BASIC) += ip_nat_snmp_basic
|
||||
IPKG_KMOD_IPT_NAT_EXTRA-$(CONFIG_IP_NF_TFTP) += ip_conntrack_tftp
|
||||
|
||||
IPKG_KMOD_IPT_QUEUE-m :=
|
||||
IPKG_KMOD_IPT_QUEUE-$(CONFIG_IP_NF_QUEUE) += ip_queue
|
||||
|
||||
IPKG_KMOD_IPT_ULOG-m :=
|
||||
IPKG_KMOD_IPT_ULOG-$(CONFIG_IP_NF_TARGET_ULOG) += ipt_ULOG
|
||||
|
||||
|
||||
#
|
||||
# iptables extensions
|
||||
#
|
||||
|
||||
IPKG_IPTABLES-y := ipt_standard
|
||||
IPKG_IPTABLES-y := ipt_icmp ipt_tcp ipt_udp
|
||||
|
||||
IPKG_IPTABLES_MOD_CONNTRACK-m :=
|
||||
IPKG_IPTABLES_MOD_CONNTRACK-$(CONFIG_IP_NF_MATCH_CONNMARK) += ipt_connmark
|
||||
IPKG_IPTABLES_MOD_CONNTRACK-$(CONFIG_IP_NF_TARGET_CONNMARK) += ipt_CONNMARK
|
||||
IPKG_IPTABLES_MOD_CONNTRACK-$(CONFIG_IP_NF_MATCH_CONNTRACK) += ipt_conntrack
|
||||
IPKG_IPTABLES_MOD_CONNTRACK-$(CONFIG_IP_NF_MATCH_HELPER) += ipt_helper
|
||||
IPKG_IPTABLES_MOD_CONNTRACK-$(CONFIG_IP_NF_MATCH_STATE) += ipt_state
|
||||
|
||||
IPKG_IPTABLES_MOD_EXTRA-m :=
|
||||
IPKG_IPTABLES_MOD_EXTRA-$(CONFIG_IP_NF_MATCH_LIMIT) += ipt_limit
|
||||
IPKG_IPTABLES_MOD_EXTRA-$(CONFIG_IP_NF_TARGET_LOG) += ipt_LOG
|
||||
IPKG_IPTABLES_MOD_EXTRA-$(CONFIG_IP_NF_MATCH_MULTIPORT) += ipt_multiport
|
||||
IPKG_IPTABLES_MOD_EXTRA-$(CONFIG_IP_NF_MATCH_OWNER) += ipt_owner
|
||||
IPKG_IPTABLES_MOD_EXTRA-$(CONFIG_IP_NF_MATCH_PHYSDEV) += ipt_physdev
|
||||
IPKG_IPTABLES_MOD_EXTRA-$(CONFIG_IP_NF_MATCH_PKTTYPE) += ipt_pkttype
|
||||
IPKG_IPTABLES_MOD_EXTRA-$(CONFIG_IP_NF_MATCH_RECENT) += ipt_recent
|
||||
IPKG_IPTABLES_MOD_EXTRA-$(CONFIG_IP_NF_TARGET_REJECT) += ipt_REJECT
|
||||
|
||||
IPKG_IPTABLES_MOD_FILTER-m :=
|
||||
IPKG_IPTABLES_MOD_FILTER-$(CONFIG_IP_NF_MATCH_IPP2P) += ipt_ipp2p
|
||||
IPKG_IPTABLES_MOD_FILTER-$(CONFIG_IP_NF_MATCH_LAYER7) += ipt_layer7
|
||||
|
||||
IPKG_IPTABLES_MOD_IMQ-m :=
|
||||
IPKG_IPTABLES_MOD_IMQ-$(CONFIG_IP_NF_TARGET_IMQ) += ipt_IMQ
|
||||
|
||||
IPKG_IPTABLES_MOD_IPOPT-m :=
|
||||
IPKG_IPTABLES_MOD_IPOPT-$(CONFIG_IP_NF_MATCH_DSCP) += ipt_dscp
|
||||
IPKG_IPTABLES_MOD_IPOPT-$(CONFIG_IP_NF_TARGET_DSCP) += ipt_DSCP
|
||||
IPKG_IPTABLES_MOD_IPOPT-$(CONFIG_IP_NF_MATCH_ECN) += ipt_ecn
|
||||
IPKG_IPTABLES_MOD_IPOPT-$(CONFIG_IP_NF_TARGET_ECN) += ipt_ECN
|
||||
IPKG_IPTABLES_MOD_IPOPT-$(CONFIG_IP_NF_MATCH_LENGTH) += ipt_length
|
||||
IPKG_IPTABLES_MOD_IPOPT-$(CONFIG_IP_NF_MATCH_MAC) += ipt_mac
|
||||
IPKG_IPTABLES_MOD_IPOPT-$(CONFIG_IP_NF_MATCH_MARK) += ipt_mark
|
||||
IPKG_IPTABLES_MOD_IPOPT-$(CONFIG_IP_NF_TARGET_MARK) += ipt_MARK
|
||||
IPKG_IPTABLES_MOD_IPOPT-$(CONFIG_IP_NF_MATCH_TCPMSS) += ipt_tcpmss
|
||||
IPKG_IPTABLES_MOD_IPOPT-$(CONFIG_IP_NF_TARGET_TCPMSS) += ipt_TCPMSS
|
||||
IPKG_IPTABLES_MOD_IPOPT-$(CONFIG_IP_NF_MATCH_TOS) += ipt_tos
|
||||
IPKG_IPTABLES_MOD_IPOPT-$(CONFIG_IP_NF_TARGET_TOS) += ipt_TOS
|
||||
IPKG_IPTABLES_MOD_IPOPT-$(CONFIG_IP_NF_MATCH_TTL) += ipt_ttl
|
||||
IPKG_IPTABLES_MOD_IPOPT-$(CONFIG_IP_NF_TARGET_TTL) += ipt_TTL
|
||||
IPKG_IPTABLES_MOD_IPOPT-$(CONFIG_IP_NF_MATCH_UNCLEAN) += ipt_unclean
|
||||
|
||||
IPKG_IPTABLES_MOD_IPSEC-m :=
|
||||
IPKG_IPTABLES_MOD_IPSEC-$(CONFIG_IP_NF_MATCH_AH_ESP) += ipt_ah ipt_esp
|
||||
|
||||
IPKG_IPTABLES_MOD_NAT-m :=
|
||||
IPKG_IPTABLES_MOD_NAT-$(CONFIG_IP_NF_NAT) += ipt_SNAT ipt_DNAT
|
||||
IPKG_IPTABLES_MOD_NAT-$(CONFIG_IP_NF_TARGET_MASQUERADE) += ipt_MASQUERADE
|
||||
IPKG_IPTABLES_MOD_NAT-$(CONFIG_IP_NF_TARGET_MIRROR) += ipt_MIRROR
|
||||
IPKG_IPTABLES_MOD_NAT-$(CONFIG_IP_NF_TARGET_REDIRECT) += ipt_REDIRECT
|
||||
|
||||
IPKG_IPTABLES_MOD_ULOG-m :=
|
||||
IPKG_IPTABLES_MOD_ULOG-$(CONFIG_IP_NF_TARGET_ULOG) += ipt_ULOG
|
||||
|
||||
IPKG_IPTABLES-y += $(IPKG_IPTABLES_MOD_CONNTRACK-y)
|
||||
IPKG_IPTABLES-y += $(IPKG_IPTABLES_MOD_EXTRA-y)
|
||||
IPKG_IPTABLES-y += $(IPKG_IPTABLES_MOD_FILTER-y)
|
||||
IPKG_IPTABLES-y += $(IPKG_IPTABLES_MOD_IMQ-y)
|
||||
IPKG_IPTABLES-y += $(IPKG_IPTABLES_MOD_IPOPT-y)
|
||||
IPKG_IPTABLES-y += $(IPKG_IPTABLES_MOD_IPSEC-y)
|
||||
IPKG_IPTABLES-y += $(IPKG_IPTABLES_MOD_NAT-y)
|
||||
IPKG_IPTABLES-y += $(IPKG_IPTABLES_MOD_ULOG-y)
|
|
@ -37,10 +37,12 @@ endif
|
|||
|
||||
$$(PKG_$(1)): $(LINUX_DIR)/.modules_done
|
||||
rm -rf $$(I_$(1))
|
||||
mkdir -p $$(I_$(1))/lib/modules/$(LINUX_VERSION)
|
||||
$(SCRIPT_DIR)/make-ipkg-dir.sh $$(I_$(1)) ../control/kmod-$(2).control $(LINUX_VERSION)-$(BOARD)-$(PKG_RELEASE) $(ARCH)
|
||||
echo "Depends: $$(IDEPEND_$(1))" >> $$(I_$(1))/CONTROL/control
|
||||
ifneq ($(strip $(3)),)
|
||||
mkdir -p $$(I_$(1))/lib/modules/$(LINUX_VERSION)
|
||||
cp $(3) $$(I_$(1))/lib/modules/$(LINUX_VERSION)
|
||||
endif
|
||||
ifneq ($(6),)
|
||||
mkdir -p $$(I_$(1))/etc/modules.d
|
||||
for module in $(7); do \
|
||||
|
|
Loading…
Reference in New Issue