Commit Graph

147 Commits (c1da8b3304d10c3f03e3bda74769b7a54679eaa0)

Author SHA1 Message Date
Nicolas Thill af6c34ae44 make the whole iptables/netfiter modular (closes: #3871, #3527)
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@12649 3c298f89-4303-0410-b956-a3cf2f4a3e73
2008-09-22 15:19:59 +00:00
Felix Fietkau 73a5abbb32 use $(FPIC) in a few places where it matters
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@12225 3c298f89-4303-0410-b956-a3cf2f4a3e73
2008-08-06 22:10:29 +00:00
John Crispin 275038cae7 adds a new uci firewall
- iptbales and netfilter packages need to be rewrapped when we switch to this firewall as default
- there are some examples in the file /etc/config/firewall
- iptables-save/restore are still missing
- hotplug takes care of adding/removing netdevs during runtime
- misisng features ? wishes ? let me know ...



git-svn-id: svn://svn.openwrt.org/openwrt/trunk@12089 3c298f89-4303-0410-b956-a3cf2f4a3e73
2008-08-04 11:51:58 +00:00
Gabor Juhos 6aa05063a5 [package] netfilter/iptables: enable IMQ on 2.6.25
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@11335 3c298f89-4303-0410-b956-a3cf2f4a3e73
2008-06-02 19:46:47 +00:00
Florian Fainelli bb1b2a0111 We do not need to make the experimental/install-experimental targets starting with 1.4.x version
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@11325 3c298f89-4303-0410-b956-a3cf2f4a3e73
2008-06-02 11:54:05 +00:00
Gabor Juhos 6ac2050304 [package] IMQ is not yet available on 2.6.25
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@11007 3c298f89-4303-0410-b956-a3cf2f4a3e73
2008-05-02 11:29:53 +00:00
Gabor Juhos fd3378f1e1 update iptables to 1.4.0 (2.6 kernels only), refresh kernel patches
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@10843 3c298f89-4303-0410-b956-a3cf2f4a3e73
2008-04-15 06:11:23 +00:00
Florian Fainelli 0647a6e4d0 Fix layer7 user-space iptables compilation (#3307)
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@10745 3c298f89-4303-0410-b956-a3cf2f4a3e73
2008-04-06 18:01:53 +00:00
Gabor Juhos af4c957a1e [package] iptables: remove obsolete patch
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@10464 3c298f89-4303-0410-b956-a3cf2f4a3e73
2008-02-15 09:31:07 +00:00
Felix Fietkau b8d0d61fdb move /etc/config/firewall to /etc/firewall.config to prevent it from interfering with uci - yes, this beast really needs a rewrite :)
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@10383 3c298f89-4303-0410-b956-a3cf2f4a3e73
2008-02-04 22:03:18 +00:00
Felix Fietkau 2f8b5f8c28 Here comes the new UCI. Enjoy :)
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@10367 3c298f89-4303-0410-b956-a3cf2f4a3e73
2008-02-03 06:48:15 +00:00
Felix Fietkau 07ac525153 remove uninstalldev templates (no longer necessary)
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@9906 3c298f89-4303-0410-b956-a3cf2f4a3e73
2007-12-25 01:40:47 +00:00
Felix Fietkau 17391bc30b Use $(CP) instead of $(INSTALL_BIN) for binaries.
Signed-off-by: Andy Boyett <agb-openwrt@padded-cell.net>


git-svn-id: svn://svn.openwrt.org/openwrt/trunk@9694 3c298f89-4303-0410-b956-a3cf2f4a3e73
2007-12-09 18:53:06 +00:00
Tim Yardley b03c1401f6 update stripped subset of l7 patterns to 11-03-2007 patterns
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@9582 3c298f89-4303-0410-b956-a3cf2f4a3e73
2007-11-19 23:07:00 +00:00
Florian Fainelli d164fef8c5 Add a boolean to allow NAT from LAN or not, default to nat LAN (#2535)
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@9503 3c298f89-4303-0410-b956-a3cf2f4a3e73
2007-11-05 14:19:16 +00:00
Gabor Juhos e28acb0f98 [packages] iptables: update description of the iptables-mod-ipopt
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@9468 3c298f89-4303-0410-b956-a3cf2f4a3e73
2007-10-31 20:21:58 +00:00
Florian Fainelli 2166cc1ae8 Only masquerade LAN, other settings need manual tweaking
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@9461 3c298f89-4303-0410-b956-a3cf2f4a3e73
2007-10-29 11:00:33 +00:00
Florian Fainelli f57bf774e8 Only masquerade non routable addresses (#2535)
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@9460 3c298f89-4303-0410-b956-a3cf2f4a3e73
2007-10-29 10:31:16 +00:00
Florian Fainelli edadcc7d66 Update description, iptables-mod-ipsec includes libipt_policy.so
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@9336 3c298f89-4303-0410-b956-a3cf2f4a3e73
2007-10-16 14:04:59 +00:00
Gabor Juhos 6958bdb20a add TARPIT support to netfilter/iptables
* netfilter: add the xt_TARPIT target module required by xt_CHAOS
 * include/netfilter.mk: reorder, xt_CHAOS depends on xt_TARPIT and xt_DELUDE
 * iptables: add libipt_TARPIT to the kmod-ipt-extra package, bump release number
 * original patchset can be found [http://tinyurl.com/2mjk2kx here]

git-svn-id: svn://svn.openwrt.org/openwrt/trunk@9178 3c298f89-4303-0410-b956-a3cf2f4a3e73
2007-10-07 17:17:04 +00:00
Felix Fietkau bb6c4aade1 add $(STAGING_DIR) as argument to the InstallDev template and update packages accordingly - this way we can reuse InstallDev to automatically generate UninstallDev or create -dev packages
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@9052 3c298f89-4303-0410-b956-a3cf2f4a3e73
2007-09-28 01:45:11 +00:00
Nicolas Thill d374fd767f move exec permissions fix at Build/Prepare stage
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@8802 3c298f89-4303-0410-b956-a3cf2f4a3e73
2007-09-16 16:25:53 +00:00
Nicolas Thill 2180fa92a1 move package description to a separate definition, remove it when DESCRIPTION=TITLE
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@8659 3c298f89-4303-0410-b956-a3cf2f4a3e73
2007-09-07 08:34:51 +00:00
Florian Fainelli b530ac0d50 Package ip6tables-utils as well (#2318)
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@8636 3c298f89-4303-0410-b956-a3cf2f4a3e73
2007-09-05 21:40:11 +00:00
Tim Yardley 1bf3b5183d iptables: refresh patches to 1.3.8
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@8286 3c298f89-4303-0410-b956-a3cf2f4a3e73
2007-07-31 20:28:55 +00:00
Florian Fainelli fb0973261c Fix the ip6tables dependency (#2079)
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@7978 3c298f89-4303-0410-b956-a3cf2f4a3e73
2007-07-15 18:53:33 +00:00
Tim Yardley a07641c906 move to iptables 1.3.8
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@7946 3c298f89-4303-0410-b956-a3cf2f4a3e73
2007-07-12 16:05:28 +00:00
Felix Fietkau d6611faaef make the firewall script run after the network script again (required for working with dynamically assigned interfaces), include the network state
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@7806 3c298f89-4303-0410-b956-a3cf2f4a3e73
2007-06-30 19:30:38 +00:00
Florian Fainelli 6318a38a80 Initialise firewall before network (#1988)
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@7757 3c298f89-4303-0410-b956-a3cf2f4a3e73
2007-06-28 12:56:55 +00:00
Tim Yardley 804026d07a package ipset for use
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@7517 3c298f89-4303-0410-b956-a3cf2f4a3e73
2007-06-07 15:30:59 +00:00
Felix Fietkau 15d890191f upgrade a few packages to newer versions (includes patch by kaloz) - preparation for 2.6.22
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@7507 3c298f89-4303-0410-b956-a3cf2f4a3e73
2007-06-05 22:46:02 +00:00
Felix Fietkau 12a81e859f refresh all package patches in the buildroot using quilt
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@7490 3c298f89-4303-0410-b956-a3cf2f4a3e73
2007-06-04 11:25:53 +00:00
Florian Fainelli 2053d4546c Add iprange (#1799)
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@7462 3c298f89-4303-0410-b956-a3cf2f4a3e73
2007-06-02 22:57:33 +00:00
Imre Kaloz b19f76df97 break trunk temporary - upgrade to 2.6.21.1 and iptables 1.3.7
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@7315 3c298f89-4303-0410-b956-a3cf2f4a3e73
2007-05-23 19:48:34 +00:00
Florian Fainelli 20b3fd837d Add raw and NOTRACK targets (#1583)
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@6945 3c298f89-4303-0410-b956-a3cf2f4a3e73
2007-04-13 11:28:45 +00:00
Felix Fietkau fc4c35b024 fix iptables extension issue with mac os x builds
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@6786 3c298f89-4303-0410-b956-a3cf2f4a3e73
2007-04-01 12:28:56 +00:00
Felix Fietkau fe34071314 fix a problem with the firewall script (multicast traffic could produce packet loss)
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@6726 3c298f89-4303-0410-b956-a3cf2f4a3e73
2007-03-27 16:45:10 +00:00
Felix Fietkau 8c04328d9b improve autorebuild for iptables when the kernel config changes
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@6652 3c298f89-4303-0410-b956-a3cf2f4a3e73
2007-03-23 19:19:23 +00:00
Felix Fietkau 713863458d add file type autodetection for the unpack command and nuke PKG_CAT:= in lots of places
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@6582 3c298f89-4303-0410-b956-a3cf2f4a3e73
2007-03-16 20:21:39 +00:00
Felix Fietkau c70cfb3d1a add a default for PKG_BUILD_DIR and PKG_INSTALL_DIR (will use KERNEL_BUILD_DIR if kernel.mk is included, BUILD_DIR otherwise)
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@6580 3c298f89-4303-0410-b956-a3cf2f4a3e73
2007-03-16 19:18:55 +00:00
Tim Yardley 4891b48e93 trunk.. same deal as changeset:6526
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@6527 3c298f89-4303-0410-b956-a3cf2f4a3e73
2007-03-05 01:38:44 +00:00
Felix Fietkau fa37ea7fbf make the iptables package robust to kernel config changes
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@6447 3c298f89-4303-0410-b956-a3cf2f4a3e73
2007-03-01 11:59:42 +00:00
Florian Fainelli 1442bbc0d8 Add ipt_CLASSIFY target for 2.4 kernels (#1338)
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@6424 3c298f89-4303-0410-b956-a3cf2f4a3e73
2007-02-28 12:04:58 +00:00
Felix Fietkau dc4d1dd12a port [6229] to kamikaze
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@6275 3c298f89-4303-0410-b956-a3cf2f4a3e73
2007-02-08 01:25:18 +00:00
Nicolas Thill 7fab397d19 fix chaostables patch (closes: #1246)
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@6184 3c298f89-4303-0410-b956-a3cf2f4a3e73
2007-01-23 16:08:24 +00:00
Florian Fainelli 06fe78f82d Add chaostable from #1187, also enable netfilter modules for ixp4xx.
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@6182 3c298f89-4303-0410-b956-a3cf2f4a3e73
2007-01-22 23:55:22 +00:00
Nicolas Thill a1156c89c4 more use of the INSTALL_DIR variable
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@6023 3c298f89-4303-0410-b956-a3cf2f4a3e73
2007-01-08 00:53:24 +00:00
Felix Fietkau 297f5ba753 fix iptables warning about 'wierd' interface names (#1082)
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@5962 3c298f89-4303-0410-b956-a3cf2f4a3e73
2007-01-01 23:31:36 +00:00
Florian Fainelli 713ed08bd1 Forgot kmod-ipt-imq dependency (#1076)
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@5901 3c298f89-4303-0410-b956-a3cf2f4a3e73
2006-12-25 17:43:06 +00:00
Felix Fietkau 86709475a5 prepare for moving part of the firewall to hotplug. created new chains {input,forwarding,prerouting}_wan for wan port forwardings and updated the examples. syntax of /etc/config/firewall unchanged and old firewall.user files are still compatible
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@5878 3c298f89-4303-0410-b956-a3cf2f4a3e73
2006-12-20 05:58:41 +00:00