iipt-debug: create bundle of netfilter modules for debugging
authorHauke Mehrtens <hauke@hauke-m.de>
Sat, 9 Apr 2011 23:23:46 +0000 (23:23 +0000)
committerHauke Mehrtens <hauke@hauke-m.de>
Sat, 9 Apr 2011 23:23:46 +0000 (23:23 +0000)
Add a bundle for including commonly useful modules for IPtables debugging and development.

For now, it just contains xt_TRACE.ko

Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
SVN-Revision: 26567

include/netfilter.mk
package/kernel/modules/netfilter.mk

index 5cc34b4..fe468fc 100644 (file)
@@ -278,6 +278,10 @@ $(eval $(call nf_add,IPT_QUEUE,CONFIG_IP_NF_QUEUE, $(P_V4)ip_queue))
 $(eval $(call nf_add,IPT_ULOG,CONFIG_IP_NF_TARGET_ULOG, $(P_V4)ipt_ULOG))
 
 
+# debugging
+
+$(eval $(call nf_add,IPT_DEBUG,CONFIG_NETFILTER_XT_TARGET_TRACE, $(P_XT)xt_TRACE))
+
 # tproxy
 
 $(eval $(call nf_add,IPT_TPROXY,CONFIG_NETFILTER_XT_MATCH_SOCKET, $(P_XT)xt_socket))
@@ -337,6 +341,7 @@ IPT_BUILTIN += $(IPT_NAT_EXTRA-y)
 IPT_BUILTIN += $(IPT_NATHELPER-y)
 IPT_BUILTIN += $(IPT_NATHELPER_EXTRA-y)
 IPT_BUILTIN += $(IPT_ULOG-y)
+IPT_BUILTIN += $(IPT_DEBUG-y)
 IPT_BUILTIN += $(IPT_TPROXY-y)
 IPT_BUILTIN += $(EBTABLES-y)
 IPT_BUILTIN += $(EBTABLES_IP4-y)
index e44d067..919e8ad 100644 (file)
@@ -262,6 +262,24 @@ endef
 $(eval $(call KernelPackage,ipt-ulog))
 
 
+define KernelPackage/ipt-debug
+  TITLE:=Module for debugging/development
+  KCONFIG:=$(KCONFIG_IPT_DEBUG)
+  DEFAULT:=n
+  FILES:=$(foreach mod,$(IPT_DEBUG-m),$(LINUX_DIR)/net/$(mod).ko)
+  AUTOLOAD:=$(call AutoLoad,45,$(notdir $(IPT_DEBUG-m)))
+  $(call AddDepends/ipt)
+endef
+
+define KernelPackage/ipt-debug/description
+ Netfilter modules for debugging/development of the firewall
+ Includes:
+ - TRACE
+endef
+
+$(eval $(call KernelPackage,ipt-debug))
+
+
 define KernelPackage/ipt-led
   TITLE:=Module to trigger a LED with a Netfilter rule
   KCONFIG:=$(KCONFIG_IPT_LED)