2 # Copyright (C) 2006-2008 OpenWrt.org
4 # This is free software, licensed under the GNU General Public License v2.
5 # See /LICENSE for more information.
9 NF_MENU:=Netfilter Extensions
11 include $(INCLUDE_DIR)/netfilter.mk
13 define KernelPackage/ipt-conntrack
15 TITLE:=Modules for connection tracking
16 KCONFIG:=$(KCONFIG_IPT_CONNTRACK)
17 FILES:=$(foreach mod,$(IPT_CONNTRACK-m),$(LINUX_DIR)/net/$(mod).$(LINUX_KMOD_SUFFIX))
18 AUTOLOAD:=$(call AutoLoad,40,$(notdir $(IPT_CONNTRACK-m)))
21 define KernelPackage/ipt-conntrack/description
22 Netfilter (IPv4) kernel modules for connection tracking
26 - ipt_connmark/CONNMARK
29 $(eval $(call KernelPackage,ipt-conntrack))
32 define KernelPackage/ipt-filter
34 TITLE:=Modules for packet content inspection
35 KCONFIG:=$(KCONFIG_IPT_FILTER)
36 FILES:=$(foreach mod,$(IPT_FILTER-m),$(LINUX_DIR)/net/$(mod).$(LINUX_KMOD_SUFFIX))
37 AUTOLOAD:=$(call AutoLoad,40,$(notdir $(IPT_FILTER-m)))
40 define KernelPackage/ipt-filter/description
41 Netfilter (IPv4) kernel modules for packet content inspection
47 $(eval $(call KernelPackage,ipt-filter))
50 define KernelPackage/ipt-ipopt
52 TITLE:=Modules for matching/changing IP packet options
53 KCONFIG:=$(KCONFIG_IPT_IPOPT)
54 FILES:=$(foreach mod,$(IPT_IPOPT-m),$(LINUX_DIR)/net/$(mod).$(LINUX_KMOD_SUFFIX))
55 AUTOLOAD:=$(call AutoLoad,40,$(notdir $(IPT_IPOPT-m)))
58 define KernelPackage/ipt-ipopt/description
59 Netfilter (IPv4) modules for matching/changing IP packet options
72 $(eval $(call KernelPackage,ipt-ipopt))
75 define KernelPackage/ipt-ipsec
77 TITLE:=Modules for matching IPSec packets
78 KCONFIG:=$(KCONFIG_IPT_IPSEC)
79 FILES:=$(foreach mod,$(IPT_IPSEC-m),$(LINUX_DIR)/net/$(mod).$(LINUX_KMOD_SUFFIX))
80 AUTOLOAD:=$(call AutoLoad,40,$(notdir $(IPT_IPSEC-m)))
83 define KernelPackage/ipt-ipsec/description
84 Netfilter (IPv4) modules for matching IPSec packets
90 $(eval $(call KernelPackage,ipt-ipsec))
93 define KernelPackage/ipt-nat
95 TITLE:=Modules for extra NAT targets
96 KCONFIG:=$(KCONFIG_IPT_NAT)
97 FILES:=$(foreach mod,$(IPT_NAT-m),$(LINUX_DIR)/net/$(mod).$(LINUX_KMOD_SUFFIX))
98 AUTOLOAD:=$(call AutoLoad,40,$(notdir $(IPT_NAT-m)))
101 define KernelPackage/ipt-nat/description
102 Netfilter (IPv4) modules for extra NAT targets
108 $(eval $(call KernelPackage,ipt-nat))
111 define KernelPackage/ipt-nathelper
113 TITLE:=Default Conntrack and NAT helpers
114 KCONFIG:=$(KCONFIG_IPT_NATHELPER)
115 FILES:=$(foreach mod,$(IPT_NATHELPER-m),$(LINUX_DIR)/net/$(mod).$(LINUX_KMOD_SUFFIX))
116 AUTOLOAD:=$(call AutoLoad,40,$(notdir $(IPT_NATHELPER-m)))
119 define KernelPackage/ipt-nathelper/description
120 Default Netfilter (IPv4) Conntrack and NAT helpers
129 $(eval $(call KernelPackage,ipt-nathelper))
132 define KernelPackage/ipt-nathelper-extra
134 TITLE:=Extra Conntrack and NAT helpers
135 KCONFIG:=$(KCONFIG_IPT_NATHELPER_EXTRA)
136 FILES:=$(foreach mod,$(IPT_NATHELPER_EXTRA-m),$(LINUX_DIR)/net/$(mod).$(LINUX_KMOD_SUFFIX))
137 AUTOLOAD:=$(call AutoLoad,40,$(notdir $(IPT_NATHELPER_EXTRA-m)))
140 define KernelPackage/ipt-nathelper-extra/description
141 Extra Netfilter (IPv4) Conntrack and NAT helpers
143 - ip_conntrack_amanda
144 - ip_conntrack_proto_gre
153 $(eval $(call KernelPackage,ipt-nathelper-extra))
156 define KernelPackage/ipt-imq
158 TITLE:=Intermediate Queueing support
161 CONFIG_IMQ_BEHAVIOR_BA=y \
162 CONFIG_IMQ_NUM_DEVS=2 \
163 CONFIG_IP_NF_TARGET_IMQ
165 $(LINUX_DIR)/drivers/net/imq.$(LINUX_KMOD_SUFFIX) \
166 $(foreach mod,$(IPT_IMQ-m),$(LINUX_DIR)/net/$(mod).$(LINUX_KMOD_SUFFIX))
167 AUTOLOAD:=$(call AutoLoad,40,$(notdir \
168 $(LINUX_DIR)/drivers/net/imq.$(LINUX_KMOD_SUFFIX) \
173 define KernelPackage/ipt-imq/description
174 Kernel support for Intermediate Queueing devices
177 $(eval $(call KernelPackage,ipt-imq))
180 define KernelPackage/ipt-queue
182 TITLE:=Module for user-space packet queueing
183 KCONFIG:=$(KCONFIG_IPT_QUEUE)
184 FILES:=$(foreach mod,$(IPT_QUEUE-m),$(LINUX_DIR)/net/$(mod).$(LINUX_KMOD_SUFFIX))
185 AUTOLOAD:=$(call AutoLoad,40,$(notdir $(IPT_QUEUE-m)))
188 define KernelPackage/ipt-queue/description
189 Netfilter (IPv4) module for user-space packet queueing
194 $(eval $(call KernelPackage,ipt-queue))
197 define KernelPackage/ipt-ulog
199 TITLE:=Module for user-space packet logging
200 KCONFIG:=$(KCONFIG_IPT_ULOG)
201 FILES:=$(foreach mod,$(IPT_ULOG-m),$(LINUX_DIR)/net/$(mod).$(LINUX_KMOD_SUFFIX))
202 AUTOLOAD:=$(call AutoLoad,40,$(notdir $(IPT_ULOG-m)))
205 define KernelPackage/ipt-ulog/description
206 Netfilter (IPv4) module for user-space packet logging
211 $(eval $(call KernelPackage,ipt-ulog))
214 define KernelPackage/ipt-iprange
216 TITLE:=Module for matching ip ranges
217 FILES:=$(foreach mod,$(IPT_IPRANGE-m),$(LINUX_DIR)/net/$(mod).$(LINUX_KMOD_SUFFIX))
218 AUTOLOAD:=$(call AutoLoad,40,$(notdir $(IPT_IPRANGE-m)))
221 define KernelPackage/ipt-iprange/description
222 Netfilter (IPv4) module for matching ip ranges
227 $(eval $(call KernelPackage,ipt-iprange))
230 define KernelPackage/ipt-ipset
233 KCONFIG:=$(KCONFIG_IPT_IPSET)
234 FILES:=$(foreach mod,$(IPT_IPSET-m),$(LINUX_DIR)/net/$(mod).$(LINUX_KMOD_SUFFIX))
235 AUTOLOAD:=$(call AutoLoad,40,$(notdir $(IPT_IPSET-m)))
238 define KernelPackage/ipt-ipset/description
239 Netfilter kernel modules for ipset
254 $(eval $(call KernelPackage,ipt-ipset))
257 define KernelPackage/ipt-extra
260 KCONFIG:=$(KCONFIG_IPT_EXTRA)
261 FILES:=$(foreach mod,$(IPT_EXTRA-m),$(LINUX_DIR)/net/$(mod).$(LINUX_KMOD_SUFFIX))
262 AUTOLOAD:=$(call AutoLoad,40,$(notdir $(IPT_EXTRA-m)))
265 define KernelPackage/ipt-extra/description
266 Other Netfilter (IPv4) kernel modules
280 $(eval $(call KernelPackage,ipt-extra))
283 define KernelPackage/ip6tables
287 KCONFIG:=CONFIG_IP6_NF_IPTABLES
288 FILES:=$(foreach mod,$(IPT_IPV6-m),$(LINUX_DIR)/net/$(mod).$(LINUX_KMOD_SUFFIX))
289 AUTOLOAD:=$(call AutoLoad,40,$(notdir $(IPT_IPV6-m)))
292 define KernelPackage/ip6tables/description
293 Netfilter IPv6 firewalling support
296 $(eval $(call KernelPackage,ip6tables))
299 define KernelPackage/arptables
301 TITLE:=ARP firewalling modules
302 FILES:=$(LINUX_DIR)/net/ipv4/netfilter/arp*.$(LINUX_KMOD_SUFFIX)
303 KCONFIG:=CONFIG_IP_NF_ARPTABLES
304 AUTOLOAD:=$(call AutoLoad,40,$(notdir $(patsubst %.ko,%,$(wildcard $(LINUX_DIR)/net/ipv4/netfilter/arp*.$(LINUX_KMOD_SUFFIX)))))
307 define KernelPackage/arptables/description
308 Kernel modules for ARP firewalling
311 $(eval $(call KernelPackage,arptables))
313 define KernelPackage/ebtables
315 TITLE:=Bridge firewalling modules
317 FILES:=$(LINUX_DIR)/net/bridge/netfilter/*.$(LINUX_KMOD_SUFFIX)
318 KCONFIG:=CONFIG_BRIDGE_NETFILTER=y \
319 CONFIG_BRIDGE_NF_EBTABLES
320 AUTOLOAD:=$(call AutoLoad,40,$(notdir $(patsubst %.ko,%,ebtables.ko $(wildcard $(LINUX_DIR)/net/bridge/netfilter/ebtable_*.$(LINUX_KMOD_SUFFIX)) $(wildcard $(LINUX_DIR)/net/bridge/netfilter/ebt_*.$(LINUX_KMOD_SUFFIX)))))
323 define KernelPackage/ebtables/description
324 Kernel modules for Ethernet Bridge firewalling
327 $(eval $(call KernelPackage,ebtables))