2 # Copyright (C) 2006-2008 OpenWrt.org
4 # This is free software, licensed under the GNU General Public License v2.
5 # See /LICENSE for more information.
9 NF_MENU:=Netfilter Extensions
11 include $(INCLUDE_DIR)/netfilter.mk
13 define KernelPackage/ipt-conntrack
15 TITLE:=Modules for connection tracking
16 KCONFIG:=$(KCONFIG_IPT_CONNTRACK)
17 FILES:=$(foreach mod,$(IPT_CONNTRACK-m),$(LINUX_DIR)/net/$(mod).$(LINUX_KMOD_SUFFIX))
18 AUTOLOAD:=$(call AutoLoad,40,$(notdir $(IPT_CONNTRACK-m)))
21 define KernelPackage/ipt-conntrack/description
22 Netfilter (IPv4) kernel modules for connection tracking
26 - ipt_connmark/CONNMARK
29 $(eval $(call KernelPackage,ipt-conntrack))
32 define KernelPackage/ipt-filter
34 TITLE:=Modules for packet content inspection
35 KCONFIG:=$(KCONFIG_IPT_FILTER)
36 FILES:=$(foreach mod,$(IPT_FILTER-m),$(LINUX_DIR)/net/$(mod).$(LINUX_KMOD_SUFFIX))
37 AUTOLOAD:=$(call AutoLoad,40,$(notdir $(IPT_FILTER-m)))
40 define KernelPackage/ipt-filter/description
41 Netfilter (IPv4) kernel modules for packet content inspection
47 $(eval $(call KernelPackage,ipt-filter))
50 define KernelPackage/ipt-ipopt
52 TITLE:=Modules for matching/changing IP packet options
53 KCONFIG:=$(KCONFIG_IPT_IPOPT)
54 FILES:=$(foreach mod,$(IPT_IPOPT-m),$(LINUX_DIR)/net/$(mod).$(LINUX_KMOD_SUFFIX))
55 AUTOLOAD:=$(call AutoLoad,40,$(notdir $(IPT_IPOPT-m)))
58 define KernelPackage/ipt-ipopt/description
59 Netfilter (IPv4) modules for matching/changing IP packet options
72 $(eval $(call KernelPackage,ipt-ipopt))
75 define KernelPackage/ipt-ipsec
77 TITLE:=Modules for matching IPSec packets
78 KCONFIG:=$(KCONFIG_IPT_IPSEC)
79 FILES:=$(foreach mod,$(IPT_IPSEC-m),$(LINUX_DIR)/net/$(mod).$(LINUX_KMOD_SUFFIX))
80 AUTOLOAD:=$(call AutoLoad,40,$(notdir $(IPT_IPSEC-m)))
83 define KernelPackage/ipt-ipsec/description
84 Netfilter (IPv4) modules for matching IPSec packets
90 $(eval $(call KernelPackage,ipt-ipsec))
93 define KernelPackage/ipt-nat
95 TITLE:=Modules for extra NAT targets
96 KCONFIG:=$(KCONFIG_IPT_NAT)
97 FILES:=$(foreach mod,$(IPT_NAT-m),$(LINUX_DIR)/net/$(mod).$(LINUX_KMOD_SUFFIX))
98 AUTOLOAD:=$(call AutoLoad,40,$(notdir $(IPT_NAT-m)))
101 define KernelPackage/ipt-nat/description
102 Netfilter (IPv4) modules for extra NAT targets
108 $(eval $(call KernelPackage,ipt-nat))
111 define KernelPackage/ipt-nathelper
113 TITLE:=Default Conntrack and NAT helpers
114 KCONFIG:=$(KCONFIG_IPT_NATHELPER)
115 FILES:=$(foreach mod,$(IPT_NATHELPER-m),$(LINUX_DIR)/net/$(mod).$(LINUX_KMOD_SUFFIX))
116 AUTOLOAD:=$(call AutoLoad,40,$(notdir $(IPT_NATHELPER-m)))
119 define KernelPackage/ipt-nathelper/description
120 Default Netfilter (IPv4) Conntrack and NAT helpers
129 $(eval $(call KernelPackage,ipt-nathelper))
132 define KernelPackage/ipt-nathelper-extra
134 TITLE:=Extra Conntrack and NAT helpers
135 KCONFIG:=$(KCONFIG_IPT_NATHELPER_EXTRA)
136 FILES:=$(foreach mod,$(IPT_NATHELPER_EXTRA-m),$(LINUX_DIR)/net/$(mod).$(LINUX_KMOD_SUFFIX))
137 AUTOLOAD:=$(call AutoLoad,40,$(notdir $(IPT_NATHELPER_EXTRA-m)))
140 define KernelPackage/ipt-nathelper-extra/description
141 Extra Netfilter (IPv4) Conntrack and NAT helpers
143 - ip_conntrack_amanda
144 - ip_conntrack_proto_gre
153 $(eval $(call KernelPackage,ipt-nathelper-extra))
156 define KernelPackage/ipt-imq
158 TITLE:=Intermediate Queueing support
159 KCONFIG:=CONFIG_IP_NF_TARGET_IMQ
160 DEPENDS:=@!LINUX_2_6_25
161 FILES:=$(LINUX_DIR)/net/ipv4/netfilter/*IMQ*.$(LINUX_KMOD_SUFFIX) $(LINUX_DIR)/drivers/net/imq.$(LINUX_KMOD_SUFFIX)
162 AUTOLOAD:=$(call AutoLoad,40,$(notdir $(patsubst %.ko,%,$(wildcard $(LINUX_DIR)/net/ipv4/netfilter/*IMQ*.$(LINUX_KMOD_SUFFIX) $(LINUX_DIR)/drivers/net/imq.$(LINUX_KMOD_SUFFIX)))))
165 define KernelPackage/ipt-imq/description
166 Kernel support for Intermediate Queueing devices
169 $(eval $(call KernelPackage,ipt-imq))
172 define KernelPackage/ipt-queue
174 TITLE:=Module for user-space packet queueing
175 KCONFIG:=$(KCONFIG_IPT_QUEUE)
176 FILES:=$(foreach mod,$(IPT_QUEUE-m),$(LINUX_DIR)/net/$(mod).$(LINUX_KMOD_SUFFIX))
177 AUTOLOAD:=$(call AutoLoad,40,$(notdir $(IPT_QUEUE-m)))
180 define KernelPackage/ipt-queue/description
181 Netfilter (IPv4) module for user-space packet queueing
186 $(eval $(call KernelPackage,ipt-queue))
189 define KernelPackage/ipt-ulog
191 TITLE:=Module for user-space packet logging
192 KCONFIG:=$(KCONFIG_IPT_ULOG)
193 FILES:=$(foreach mod,$(IPT_ULOG-m),$(LINUX_DIR)/net/$(mod).$(LINUX_KMOD_SUFFIX))
194 AUTOLOAD:=$(call AutoLoad,40,$(notdir $(IPT_ULOG-m)))
197 define KernelPackage/ipt-ulog/description
198 Netfilter (IPv4) module for user-space packet logging
203 $(eval $(call KernelPackage,ipt-ulog))
206 define KernelPackage/ipt-iprange
208 TITLE:=Module for matching ip ranges
209 FILES:=$(foreach mod,$(IPT_IPRANGE-m),$(LINUX_DIR)/net/$(mod).$(LINUX_KMOD_SUFFIX))
210 AUTOLOAD:=$(call AutoLoad,40,$(notdir $(IPT_IPRANGE-m)))
213 define KernelPackage/ipt-iprange/description
214 Netfilter (IPv4) module for matching ip ranges
219 $(eval $(call KernelPackage,ipt-iprange))
222 define KernelPackage/ipt-ipset
225 KCONFIG:=$(KCONFIG_IPT_IPSET)
226 FILES:=$(foreach mod,$(IPT_IPSET-m),$(LINUX_DIR)/net/$(mod).$(LINUX_KMOD_SUFFIX))
227 AUTOLOAD:=$(call AutoLoad,40,$(notdir $(IPT_IPSET-m)))
230 define KernelPackage/ipt-ipset/description
231 Netfilter kernel modules for ipset
246 $(eval $(call KernelPackage,ipt-ipset))
249 define KernelPackage/ipt-extra
252 KCONFIG:=$(KCONFIG_IPT_EXTRA)
253 FILES:=$(foreach mod,$(IPT_EXTRA-m),$(LINUX_DIR)/net/$(mod).$(LINUX_KMOD_SUFFIX))
254 AUTOLOAD:=$(call AutoLoad,40,$(notdir $(IPT_EXTRA-m)))
257 define KernelPackage/ipt-extra/description
258 Other Netfilter (IPv4) kernel modules
272 $(eval $(call KernelPackage,ipt-extra))
275 # XXX: disabled on 2.6.25 due to broken IMQ
276 define KernelPackage/ip6tables
279 DEPENDS:=+kmod-ipv6 @!LINUX_2_6_25
280 KCONFIG:=CONFIG_IP6_NF_IPTABLES
281 FILES:=$(foreach mod,$(IPT_IPV6-m),$(LINUX_DIR)/net/$(mod).$(LINUX_KMOD_SUFFIX))
282 AUTOLOAD:=$(call AutoLoad,40,$(notdir $(IPT_IPV6-m)))
285 define KernelPackage/ip6tables/description
286 Netfilter IPv6 firewalling support
289 $(eval $(call KernelPackage,ip6tables))
292 define KernelPackage/arptables
294 TITLE:=ARP firewalling modules
295 FILES:=$(LINUX_DIR)/net/ipv4/netfilter/arp*.$(LINUX_KMOD_SUFFIX)
296 KCONFIG:=CONFIG_IP_NF_ARPTABLES
297 AUTOLOAD:=$(call AutoLoad,40,$(notdir $(patsubst %.ko,%,$(wildcard $(LINUX_DIR)/net/ipv4/netfilter/arp*.$(LINUX_KMOD_SUFFIX)))))
300 define KernelPackage/arptables/description
301 Kernel modules for ARP firewalling
304 $(eval $(call KernelPackage,arptables))
307 define KernelPackage/ebtables
309 TITLE:=Bridge firewalling modules
311 FILES:=$(LINUX_DIR)/net/bridge/netfilter/*.$(LINUX_KMOD_SUFFIX)
312 KCONFIG:=CONFIG_BRIDGE_NF_EBTABLES
313 AUTOLOAD:=$(call AutoLoad,40,$(notdir $(patsubst %.ko,%,ebtables.ko $(wildcard $(LINUX_DIR)/net/bridge/netfilter/ebtable_*.$(LINUX_KMOD_SUFFIX)) $(wildcard $(LINUX_DIR)/net/bridge/netfilter/ebt_*.$(LINUX_KMOD_SUFFIX)))))
316 define KernelPackage/ebtables/description
317 Kernel modules for Ethernet Bridge firewalling
320 $(eval $(call KernelPackage,ebtables))