update iptables to 1.4.0 (2.6 kernels only), refresh kernel patches
[openwrt/svn-archive/archive.git] / package / kernel / modules / netfilter.mk
1 #
2 # Copyright (C) 2006 OpenWrt.org
3 #
4 # This is free software, licensed under the GNU General Public License v2.
5 # See /LICENSE for more information.
6 #
7 # $Id$
8
9 NF_MENU:=Netfilter Extensions
10 include $(INCLUDE_DIR)/netfilter.mk
11
12 define KernelPackage/ipt-conntrack
13 SUBMENU:=$(NF_MENU)
14 TITLE:=Modules for connection tracking
15 KCONFIG:=$(KCONFIG_IPT_CONNTRACK)
16 FILES:=$(foreach mod,$(IPT_CONNTRACK-m),$(LINUX_DIR)/net/$(mod).$(LINUX_KMOD_SUFFIX))
17 AUTOLOAD:=$(call AutoLoad,40,$(notdir $(IPT_CONNTRACK-m)))
18 endef
19
20 define KernelPackage/ipt-conntrack/description
21 Netfilter (IPv4) kernel modules for connection tracking
22 Includes:
23 - ipt_conntrack
24 - ipt_helper
25 - ipt_connmark/CONNMARK
26 endef
27
28 $(eval $(call KernelPackage,ipt-conntrack))
29
30
31 define KernelPackage/ipt-filter
32 SUBMENU:=$(NF_MENU)
33 TITLE:=Modules for packet content inspection
34 KCONFIG:=$(KCONFIG_IPT_FILTER)
35 FILES:=$(foreach mod,$(IPT_FILTER-m),$(LINUX_DIR)/net/$(mod).$(LINUX_KMOD_SUFFIX))
36 AUTOLOAD:=$(call AutoLoad,40,$(notdir $(IPT_FILTER-m)))
37 endef
38
39 define KernelPackage/ipt-filter/description
40 Netfilter (IPv4) kernel modules for packet content inspection
41 Includes:
42 - ipt_ipp2p
43 - ipt_layer7
44 endef
45
46 $(eval $(call KernelPackage,ipt-filter))
47
48
49 define KernelPackage/ipt-ipopt
50 SUBMENU:=$(NF_MENU)
51 TITLE:=Modules for matching/changing IP packet options
52 KCONFIG:=$(KCONFIG_IPT_IPOPT)
53 FILES:=$(foreach mod,$(IPT_IPOPT-m),$(LINUX_DIR)/net/$(mod).$(LINUX_KMOD_SUFFIX))
54 AUTOLOAD:=$(call AutoLoad,40,$(notdir $(IPT_IPOPT-m)))
55 endef
56
57 define KernelPackage/ipt-ipopt/description
58 Netfilter (IPv4) modules for matching/changing IP packet options
59 Includes:
60 - ipt_CLASSIFY
61 - ipt_dscp/DSCP
62 - ipt_ecn/ECN
63 - ipt_length
64 - ipt_mac
65 - ipt_tos/TOS
66 - ipt_tcpmms
67 - ipt_ttl/TTL
68 - ipt_unclean
69 endef
70
71 $(eval $(call KernelPackage,ipt-ipopt))
72
73
74 define KernelPackage/ipt-ipsec
75 SUBMENU:=$(NF_MENU)
76 TITLE:=Modules for matching IPSec packets
77 KCONFIG:=$(KCONFIG_IPT_IPSEC)
78 FILES:=$(foreach mod,$(IPT_IPSEC-m),$(LINUX_DIR)/net/$(mod).$(LINUX_KMOD_SUFFIX))
79 AUTOLOAD:=$(call AutoLoad,40,$(notdir $(IPT_IPSEC-m)))
80 endef
81
82 define KernelPackage/ipt-ipsec/description
83 Netfilter (IPv4) modules for matching IPSec packets
84 Includes:
85 - ipt_ah
86 - ipt_esp
87 endef
88
89 $(eval $(call KernelPackage,ipt-ipsec))
90
91
92 define KernelPackage/ipt-nat
93 SUBMENU:=$(NF_MENU)
94 TITLE:=Modules for extra NAT targets
95 KCONFIG:=$(KCONFIG_IPT_NAT)
96 FILES:=$(foreach mod,$(IPT_NAT-m),$(LINUX_DIR)/net/$(mod).$(LINUX_KMOD_SUFFIX))
97 AUTOLOAD:=$(call AutoLoad,40,$(notdir $(IPT_NAT-m)))
98 endef
99
100 define KernelPackage/ipt-nat/description
101 Netfilter (IPv4) modules for extra NAT targets
102 Includes:
103 - ipt_REDIRECT
104 - ipt_NETMAP
105 endef
106
107 $(eval $(call KernelPackage,ipt-nat))
108
109
110 define KernelPackage/ipt-nathelper
111 SUBMENU:=$(NF_MENU)
112 TITLE:=Default Conntrack and NAT helpers
113 KCONFIG:=$(KCONFIG_IPT_NAT_DEFAULT)
114 FILES:=$(foreach mod,$(IPT_NAT_DEFAULT-m),$(LINUX_DIR)/net/$(mod).$(LINUX_KMOD_SUFFIX))
115 AUTOLOAD:=$(call AutoLoad,40,$(notdir $(IPT_NAT_DEFAULT-m)))
116 endef
117
118 define KernelPackage/ipt-nathelper/description
119 Default Netfilter (IPv4) Conntrack and NAT helpers
120 Includes:
121 - ip_conntrack_ftp
122 - ip_nat_ftp
123 - ip_conntrack_irc
124 - ip_nat_irc
125 - ip_conntrack_tftp
126 endef
127
128 $(eval $(call KernelPackage,ipt-nathelper))
129
130
131 define KernelPackage/ipt-nathelper-extra
132 SUBMENU:=$(NF_MENU)
133 TITLE:=Extra Conntrack and NAT helpers
134 KCONFIG:=$(KCONFIG_IPT_NAT_EXTRA)
135 FILES:=$(foreach mod,$(IPT_NAT_EXTRA-m),$(LINUX_DIR)/net/$(mod).$(LINUX_KMOD_SUFFIX))
136 AUTOLOAD:=$(call AutoLoad,40,$(notdir $(IPT_NAT_EXTRA-m)))
137 endef
138
139 define KernelPackage/ipt-nathelper-extra/description
140 Extra Netfilter (IPv4) Conntrack and NAT helpers
141 Includes:
142 - ip_conntrack_amanda
143 - ip_conntrack_proto_gre
144 - ip_nat_proto_gre
145 - ip_conntrack_pptp
146 - ip_nat_pptp
147 - ip_conntrack_sip
148 - ip_nat_sip
149 - ip_nat_snmp_basic
150 endef
151
152 $(eval $(call KernelPackage,ipt-nathelper-extra))
153
154
155 define KernelPackage/ipt-imq
156 SUBMENU:=$(NF_MENU)
157 TITLE:=Intermediate Queueing support
158 KCONFIG:=CONFIG_IP_NF_TARGET_IMQ
159 FILES:=$(LINUX_DIR)/net/ipv4/netfilter/*IMQ*.$(LINUX_KMOD_SUFFIX) $(LINUX_DIR)/drivers/net/imq.$(LINUX_KMOD_SUFFIX)
160 AUTOLOAD:=$(call AutoLoad,40,$(notdir $(patsubst %.ko,%,$(wildcard $(LINUX_DIR)/net/ipv4/netfilter/*IMQ*.$(LINUX_KMOD_SUFFIX) $(LINUX_DIR)/drivers/net/imq.$(LINUX_KMOD_SUFFIX)))))
161 endef
162
163 define KernelPackage/ipt-imq/description
164 Kernel support for Intermediate Queueing devices
165 endef
166
167 $(eval $(call KernelPackage,ipt-imq))
168
169
170 define KernelPackage/ipt-queue
171 SUBMENU:=$(NF_MENU)
172 TITLE:=Module for user-space packet queueing
173 KCONFIG:=$(KCONFIG_IPT_QUEUE)
174 FILES:=$(foreach mod,$(IPT_QUEUE-m),$(LINUX_DIR)/net/$(mod).$(LINUX_KMOD_SUFFIX))
175 AUTOLOAD:=$(call AutoLoad,40,$(notdir $(IPT_QUEUE-m)))
176 endef
177
178 define KernelPackage/ipt-queue/description
179 Netfilter (IPv4) module for user-space packet queueing
180 Includes:
181 - ipt_QUEUE
182 endef
183
184 $(eval $(call KernelPackage,ipt-queue))
185
186
187 define KernelPackage/ipt-ulog
188 SUBMENU:=$(NF_MENU)
189 TITLE:=Module for user-space packet logging
190 KCONFIG:=$(KCONFIG_IPT_ULOG)
191 FILES:=$(foreach mod,$(IPT_ULOG-m),$(LINUX_DIR)/net/$(mod).$(LINUX_KMOD_SUFFIX))
192 AUTOLOAD:=$(call AutoLoad,40,$(notdir $(IPT_ULOG-m)))
193 endef
194
195 define KernelPackage/ipt-ulog/description
196 Netfilter (IPv4) module for user-space packet logging
197 Includes:
198 - ipt_ULOG
199 endef
200
201 $(eval $(call KernelPackage,ipt-ulog))
202
203
204 define KernelPackage/ipt-iprange
205 SUBMENU:=$(NF_MENU)
206 TITLE:=Module for matching ip ranges
207 FILES:=$(LINUX_DIR)/net/ipv4/netfilter/ipt_iprange.$(LINUX_KMOD_SUFFIX)
208 AUTOLOAD:=$(call AutoLoad,40,$(notdir $(IPT_IPRANGE-m)))
209 endef
210
211 define KernelPackage/ipt-iprange/description
212 Netfilter (IPv4) module for matching ip ranges
213 Includes:
214 - ipt_IPRANGE
215 endef
216
217 $(eval $(call KernelPackage,ipt-iprange))
218
219
220 define KernelPackage/ipt-ipset
221 SUBMENU:=$(NF_MENU)
222 TITLE:=IPSET Modules
223 KCONFIG:=$(KCONFIG_IPT_IPSET)
224 FILES:=$(foreach mod,$(IPT_IPSET-m),$(LINUX_DIR)/net/$(mod).$(LINUX_KMOD_SUFFIX))
225 AUTOLOAD:=$(call AutoLoad,40,$(notdir $(IPT_IPSET-m)))
226 endef
227
228 define KernelPackage/ipt-ipset/description
229 Netfilter kernel modules for ipset
230 Includes:
231 - ip_set
232 - ip_set_iphash
233 - ip_set_ipmap
234 - ip_set_ipporthash
235 - ip_set_iptree
236 - ip_set_iptreemap
237 - ip_set_macipmap
238 - ip_set_nethash
239 - ip_set_portmap
240 - ipt_set
241 - ipt_SET
242 endef
243
244 $(eval $(call KernelPackage,ipt-ipset))
245
246
247 define KernelPackage/ipt-extra
248 SUBMENU:=$(NF_MENU)
249 TITLE:=Extra modules
250 KCONFIG:=$(KCONFIG_IPT_EXTRA)
251 FILES:=$(foreach mod,$(IPT_EXTRA-m),$(LINUX_DIR)/net/$(mod).$(LINUX_KMOD_SUFFIX))
252 AUTOLOAD:=$(call AutoLoad,40,$(notdir $(IPT_EXTRA-m)))
253 endef
254
255 define KernelPackage/ipt-extra/description
256 Other Netfilter (IPv4) kernel modules
257 Includes:
258 - ipt_limit
259 - ipt_owner
260 - ipt_physdev
261 - ipt_pkttype
262 - ipt_recent
263 - iptable_raw
264 - xt_NOTRACK
265 - xt_TARPIT
266 - xt_DELUDE
267 - xt_CHAOS
268 endef
269
270 $(eval $(call KernelPackage,ipt-extra))
271
272
273 define KernelPackage/ip6tables
274 SUBMENU:=$(NF_MENU)
275 TITLE:=IPv6 modules
276 DEPENDS:=+kmod-ipv6
277 KCONFIG:=CONFIG_IP6_NF_IPTABLES
278 FILES:=$(foreach mod,$(IPT_IPV6-m),$(LINUX_DIR)/net/$(mod).$(LINUX_KMOD_SUFFIX))
279 AUTOLOAD:=$(call AutoLoad,40,$(notdir $(IPT_IPV6-m)))
280 endef
281
282 define KernelPackage/ip6tables/description
283 Netfilter IPv6 firewalling support
284 endef
285
286 $(eval $(call KernelPackage,ip6tables))
287
288
289 define KernelPackage/arptables
290 SUBMENU:=$(NF_MENU)
291 TITLE:=ARP firewalling modules
292 FILES:=$(LINUX_DIR)/net/ipv4/netfilter/arp*.$(LINUX_KMOD_SUFFIX)
293 KCONFIG:=CONFIG_IP_NF_ARPTABLES
294 AUTOLOAD:=$(call AutoLoad,40,$(notdir $(patsubst %.ko,%,$(wildcard $(LINUX_DIR)/net/ipv4/netfilter/arp*.$(LINUX_KMOD_SUFFIX)))))
295 endef
296
297 define KernelPackage/arptables/description
298 Kernel modules for ARP firewalling
299 endef
300
301 $(eval $(call KernelPackage,arptables))
302
303
304 define KernelPackage/ebtables
305 SUBMENU:=$(NF_MENU)
306 TITLE:=Bridge firewalling modules
307 DEPENDS:=@LINUX_2_6
308 FILES:=$(LINUX_DIR)/net/bridge/netfilter/*.$(LINUX_KMOD_SUFFIX)
309 KCONFIG:=CONFIG_BRIDGE_NF_EBTABLES
310 AUTOLOAD:=$(call AutoLoad,40,$(notdir $(patsubst %.ko,%,ebtables.ko $(wildcard $(LINUX_DIR)/net/bridge/netfilter/ebtable_*.$(LINUX_KMOD_SUFFIX)) $(wildcard $(LINUX_DIR)/net/bridge/netfilter/ebt_*.$(LINUX_KMOD_SUFFIX)))))
311 endef
312
313 define KernelPackage/ebtables/description
314 Kernel modules for Ethernet Bridge firewalling
315 endef
316
317 $(eval $(call KernelPackage,ebtables))