package/kernel/modules/netfilter.mk

   1 #
   2 # Copyright (C) 2006-2008 OpenWrt.org
   3 #
   4 # This is free software, licensed under the GNU General Public License v2.
   5 # See /LICENSE for more information.
   6 #
   7 # $Id$
   8
   9 NF_MENU:=Netfilter Extensions
  10 NF_KMOD:=1
  11 include $(INCLUDE_DIR)/netfilter.mk
  12
  13 define KernelPackage/ipt-conntrack
  14   SUBMENU:=$(NF_MENU)
  15   TITLE:=Modules for connection tracking
  16   KCONFIG:=$(KCONFIG_IPT_CONNTRACK)
  17   FILES:=$(foreach mod,$(IPT_CONNTRACK-m),$(LINUX_DIR)/net/$(mod).$(LINUX_KMOD_SUFFIX))
  18   AUTOLOAD:=$(call AutoLoad,40,$(notdir $(IPT_CONNTRACK-m)))
  19 endef
  20
  21 define KernelPackage/ipt-conntrack/description
  22  Netfilter (IPv4) kernel modules for connection tracking
  23  Includes:
  24  - ipt_conntrack
  25  - ipt_helper
  26  - ipt_connmark/CONNMARK
  27 endef
  28
  29 $(eval $(call KernelPackage,ipt-conntrack))
  30
  31
  32 define KernelPackage/ipt-filter
  33   SUBMENU:=$(NF_MENU)
  34   TITLE:=Modules for packet content inspection
  35   KCONFIG:=$(KCONFIG_IPT_FILTER)
  36   FILES:=$(foreach mod,$(IPT_FILTER-m),$(LINUX_DIR)/net/$(mod).$(LINUX_KMOD_SUFFIX))
  37   AUTOLOAD:=$(call AutoLoad,40,$(notdir $(IPT_FILTER-m)))
  38 endef
  39
  40 define KernelPackage/ipt-filter/description
  41  Netfilter (IPv4) kernel modules for packet content inspection
  42  Includes:
  43  - ipt_ipp2p
  44  - ipt_layer7
  45 endef
  46
  47 $(eval $(call KernelPackage,ipt-filter))
  48
  49
  50 define KernelPackage/ipt-ipopt
  51   SUBMENU:=$(NF_MENU)
  52   TITLE:=Modules for matching/changing IP packet options
  53   KCONFIG:=$(KCONFIG_IPT_IPOPT)
  54   FILES:=$(foreach mod,$(IPT_IPOPT-m),$(LINUX_DIR)/net/$(mod).$(LINUX_KMOD_SUFFIX))
  55   AUTOLOAD:=$(call AutoLoad,40,$(notdir $(IPT_IPOPT-m)))
  56 endef
  57
  58 define KernelPackage/ipt-ipopt/description
  59  Netfilter (IPv4) modules for matching/changing IP packet options
  60  Includes:
  61  - ipt_CLASSIFY
  62  - ipt_dscp/DSCP
  63  - ipt_ecn/ECN
  64  - ipt_length
  65  - ipt_mac
  66  - ipt_tos/TOS
  67  - ipt_tcpmms
  68  - ipt_ttl/TTL
  69  - ipt_unclean
  70 endef
  71
  72 $(eval $(call KernelPackage,ipt-ipopt))
  73
  74
  75 define KernelPackage/ipt-ipsec
  76   SUBMENU:=$(NF_MENU)
  77   TITLE:=Modules for matching IPSec packets
  78   KCONFIG:=$(KCONFIG_IPT_IPSEC)
  79   FILES:=$(foreach mod,$(IPT_IPSEC-m),$(LINUX_DIR)/net/$(mod).$(LINUX_KMOD_SUFFIX))
  80   AUTOLOAD:=$(call AutoLoad,40,$(notdir $(IPT_IPSEC-m)))
  81 endef
  82
  83 define KernelPackage/ipt-ipsec/description
  84  Netfilter (IPv4) modules for matching IPSec packets
  85  Includes:
  86  - ipt_ah
  87  - ipt_esp
  88 endef
  89
  90 $(eval $(call KernelPackage,ipt-ipsec))
  91
  92
  93 define KernelPackage/ipt-nat
  94   SUBMENU:=$(NF_MENU)
  95   TITLE:=Modules for extra NAT targets
  96   KCONFIG:=$(KCONFIG_IPT_NAT)
  97   FILES:=$(foreach mod,$(IPT_NAT-m),$(LINUX_DIR)/net/$(mod).$(LINUX_KMOD_SUFFIX))
  98   AUTOLOAD:=$(call AutoLoad,40,$(notdir $(IPT_NAT-m)))
  99 endef
 100
 101 define KernelPackage/ipt-nat/description
 102  Netfilter (IPv4) modules for extra NAT targets
 103  Includes:
 104  - ipt_REDIRECT
 105  - ipt_NETMAP
 106 endef
 107
 108 $(eval $(call KernelPackage,ipt-nat))
 109
 110
 111 define KernelPackage/ipt-nathelper
 112   SUBMENU:=$(NF_MENU)
 113   TITLE:=Default Conntrack and NAT helpers
 114   KCONFIG:=$(KCONFIG_IPT_NATHELPER)
 115   FILES:=$(foreach mod,$(IPT_NATHELPER-m),$(LINUX_DIR)/net/$(mod).$(LINUX_KMOD_SUFFIX))
 116   AUTOLOAD:=$(call AutoLoad,40,$(notdir $(IPT_NATHELPER-m)))
 117 endef
 118
 119 define KernelPackage/ipt-nathelper/description
 120  Default Netfilter (IPv4) Conntrack and NAT helpers
 121  Includes:
 122  - ip_conntrack_ftp
 123  - ip_nat_ftp
 124  - ip_conntrack_irc
 125  - ip_nat_irc
 126  - ip_conntrack_tftp
 127 endef
 128
 129 $(eval $(call KernelPackage,ipt-nathelper))
 130
 131
 132 define KernelPackage/ipt-nathelper-extra
 133   SUBMENU:=$(NF_MENU)
 134   TITLE:=Extra Conntrack and NAT helpers
 135   KCONFIG:=$(KCONFIG_IPT_NATHELPER_EXTRA)
 136   FILES:=$(foreach mod,$(IPT_NATHELPER_EXTRA-m),$(LINUX_DIR)/net/$(mod).$(LINUX_KMOD_SUFFIX))
 137   AUTOLOAD:=$(call AutoLoad,40,$(notdir $(IPT_NATHELPER_EXTRA-m)))
 138 endef
 139
 140 define KernelPackage/ipt-nathelper-extra/description
 141  Extra Netfilter (IPv4) Conntrack and NAT helpers
 142  Includes:
 143  - ip_conntrack_amanda
 144  - ip_conntrack_proto_gre
 145  - ip_nat_proto_gre
 146  - ip_conntrack_pptp
 147  - ip_nat_pptp
 148  - ip_conntrack_sip
 149  - ip_nat_sip
 150  - ip_nat_snmp_basic
 151 endef
 152
 153 $(eval $(call KernelPackage,ipt-nathelper-extra))
 154
 155
 156 define KernelPackage/ipt-imq
 157   SUBMENU:=$(NF_MENU)
 158   TITLE:=Intermediate Queueing support
 159   KCONFIG:= \
 160         CONFIG_IMQ \
 161         CONFIG_IMQ_BEHAVIOR_BA=y \
 162         CONFIG_IMQ_NUM_DEVS=2 \
 163         CONFIG_IP_NF_TARGET_IMQ
 164   FILES:= \
 165         $(LINUX_DIR)/drivers/net/imq.$(LINUX_KMOD_SUFFIX) \
 166         $(foreach mod,$(IPT_IMQ-m),$(LINUX_DIR)/net/$(mod).$(LINUX_KMOD_SUFFIX))
 167   AUTOLOAD:=$(call AutoLoad,40,$(notdir \
 168         $(LINUX_DIR)/drivers/net/imq.$(LINUX_KMOD_SUFFIX) \
 169         $(IPT_IMQ-m) \
 170   ))
 171 endef
 172
 173 define KernelPackage/ipt-imq/description
 174  Kernel support for Intermediate Queueing devices
 175 endef
 176
 177 $(eval $(call KernelPackage,ipt-imq))
 178
 179
 180 define KernelPackage/ipt-queue
 181   SUBMENU:=$(NF_MENU)
 182   TITLE:=Module for user-space packet queueing
 183   KCONFIG:=$(KCONFIG_IPT_QUEUE)
 184   FILES:=$(foreach mod,$(IPT_QUEUE-m),$(LINUX_DIR)/net/$(mod).$(LINUX_KMOD_SUFFIX))
 185   AUTOLOAD:=$(call AutoLoad,40,$(notdir $(IPT_QUEUE-m)))
 186 endef
 187
 188 define KernelPackage/ipt-queue/description
 189  Netfilter (IPv4) module for user-space packet queueing
 190  Includes:
 191  - ipt_QUEUE
 192 endef
 193
 194 $(eval $(call KernelPackage,ipt-queue))
 195
 196
 197 define KernelPackage/ipt-ulog
 198   SUBMENU:=$(NF_MENU)
 199   TITLE:=Module for user-space packet logging
 200   KCONFIG:=$(KCONFIG_IPT_ULOG)
 201   FILES:=$(foreach mod,$(IPT_ULOG-m),$(LINUX_DIR)/net/$(mod).$(LINUX_KMOD_SUFFIX))
 202   AUTOLOAD:=$(call AutoLoad,40,$(notdir $(IPT_ULOG-m)))
 203 endef
 204
 205 define KernelPackage/ipt-ulog/description
 206  Netfilter (IPv4) module for user-space packet logging
 207  Includes:
 208  - ipt_ULOG
 209 endef
 210
 211 $(eval $(call KernelPackage,ipt-ulog))
 212
 213
 214 define KernelPackage/ipt-iprange
 215   SUBMENU:=$(NF_MENU)
 216   TITLE:=Module for matching ip ranges
 217   FILES:=$(foreach mod,$(IPT_IPRANGE-m),$(LINUX_DIR)/net/$(mod).$(LINUX_KMOD_SUFFIX))
 218   AUTOLOAD:=$(call AutoLoad,40,$(notdir $(IPT_IPRANGE-m)))
 219 endef
 220
 221 define KernelPackage/ipt-iprange/description
 222  Netfilter (IPv4) module for matching ip ranges
 223  Includes:
 224  - ipt_IPRANGE
 225 endef
 226
 227 $(eval $(call KernelPackage,ipt-iprange))
 228
 229
 230 define KernelPackage/ipt-ipset
 231   SUBMENU:=$(NF_MENU)
 232   TITLE:=IPSET Modules
 233   KCONFIG:=$(KCONFIG_IPT_IPSET)
 234   FILES:=$(foreach mod,$(IPT_IPSET-m),$(LINUX_DIR)/net/$(mod).$(LINUX_KMOD_SUFFIX))
 235   AUTOLOAD:=$(call AutoLoad,40,$(notdir $(IPT_IPSET-m)))
 236 endef
 237
 238 define KernelPackage/ipt-ipset/description
 239  Netfilter kernel modules for ipset
 240  Includes:
 241  - ip_set
 242  - ip_set_iphash
 243  - ip_set_ipmap
 244  - ip_set_ipporthash
 245  - ip_set_iptree
 246  - ip_set_iptreemap
 247  - ip_set_macipmap
 248  - ip_set_nethash
 249  - ip_set_portmap
 250  - ipt_set
 251  - ipt_SET
 252 endef
 253
 254 $(eval $(call KernelPackage,ipt-ipset))
 255
 256
 257 define KernelPackage/ipt-extra
 258   SUBMENU:=$(NF_MENU)
 259   TITLE:=Extra modules
 260   KCONFIG:=$(KCONFIG_IPT_EXTRA)
 261   FILES:=$(foreach mod,$(IPT_EXTRA-m),$(LINUX_DIR)/net/$(mod).$(LINUX_KMOD_SUFFIX))
 262   AUTOLOAD:=$(call AutoLoad,40,$(notdir $(IPT_EXTRA-m)))
 263 endef
 264
 265 define KernelPackage/ipt-extra/description
 266  Other Netfilter (IPv4) kernel modules
 267  Includes:
 268  - ipt_limit
 269  - ipt_owner
 270  - ipt_physdev
 271  - ipt_pkttype
 272  - ipt_recent
 273  - iptable_raw
 274  - xt_NOTRACK
 275  - xt_TARPIT
 276  - xt_DELUDE
 277  - xt_CHAOS
 278 endef
 279
 280 $(eval $(call KernelPackage,ipt-extra))
 281
 282
 283 define KernelPackage/ip6tables
 284   SUBMENU:=$(NF_MENU)
 285   TITLE:=IPv6 modules
 286   DEPENDS:=+kmod-ipv6
 287   KCONFIG:=CONFIG_IP6_NF_IPTABLES
 288   FILES:=$(foreach mod,$(IPT_IPV6-m),$(LINUX_DIR)/net/$(mod).$(LINUX_KMOD_SUFFIX))
 289   AUTOLOAD:=$(call AutoLoad,40,$(notdir $(IPT_IPV6-m)))
 290 endef
 291
 292 define KernelPackage/ip6tables/description
 293  Netfilter IPv6 firewalling support
 294 endef
 295
 296 $(eval $(call KernelPackage,ip6tables))
 297
 298
 299 define KernelPackage/arptables
 300   SUBMENU:=$(NF_MENU)
 301   TITLE:=ARP firewalling modules
 302   FILES:=$(LINUX_DIR)/net/ipv4/netfilter/arp*.$(LINUX_KMOD_SUFFIX)
 303   KCONFIG:=CONFIG_IP_NF_ARPTABLES
 304   AUTOLOAD:=$(call AutoLoad,40,$(notdir $(patsubst %.ko,%,$(wildcard $(LINUX_DIR)/net/ipv4/netfilter/arp*.$(LINUX_KMOD_SUFFIX)))))
 305 endef
 306
 307 define KernelPackage/arptables/description
 308  Kernel modules for ARP firewalling
 309 endef
 310
 311 $(eval $(call KernelPackage,arptables))
 312
 313 define KernelPackage/ebtables
 314   SUBMENU:=$(NF_MENU)
 315   TITLE:=Bridge firewalling modules
 316   DEPENDS:=@LINUX_2_6
 317   FILES:=$(LINUX_DIR)/net/bridge/netfilter/*.$(LINUX_KMOD_SUFFIX)
 318   KCONFIG:=CONFIG_BRIDGE_NETFILTER=y \
 319         CONFIG_BRIDGE_NF_EBTABLES
 320   AUTOLOAD:=$(call AutoLoad,40,$(notdir $(patsubst %.ko,%,ebtables.ko $(wildcard $(LINUX_DIR)/net/bridge/netfilter/ebtable_*.$(LINUX_KMOD_SUFFIX)) $(wildcard $(LINUX_DIR)/net/bridge/netfilter/ebt_*.$(LINUX_KMOD_SUFFIX)))))
 321 endef
 322
 323 define KernelPackage/ebtables/description
 324  Kernel modules for Ethernet Bridge firewalling
 325 endef
 326
 327 $(eval $(call KernelPackage,ebtables))