domenico/openwrt_NSS_ACW
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

iptables: NFLOG and NFQUEUE targets' full support

Browse Source 
NFLOG and NFQUEUE targets' full support for iptables.

Includes all needed kernel modules (Xtables's and Netlink's)
 and userspace libraries.
All added kernel modules can be individually disabled,
 all other new libraries get their own individual packages.

Reported-by: Fabian Hugelshofer <hugelshofer2006@gmx.ch>
Reported-by: Rainer Poisel <rainer.poisel@fhstp.ac.at>
Reported-by: Derek LaHousse <dlahouss@mtu.edu>
Signed-off-by: Guillaume Déflache <guillaume.deflache@ibwag.com>

SVN-Revision: 42022
This commit is contained in:
Steven Barth
2014-08-07 04:42:22 +00:00
parent 6656292619
commit 9f2a17103f
3 changed files with 103 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

58
package/kernel/linux/modules/netfilter.mk
View File

@@ -278,6 +278,40 @@ endef
$(eval $(call KernelPackage,ipt-ulog))
define KernelPackage/ipt-nflog
TITLE:=Module for user-space packet logging
KCONFIG:=$(KCONFIG_IPT_NFLOG)
FILES:=$(foreach mod,$(IPT_NFLOG-m),$(LINUX_DIR)/net/$(mod).ko)
AUTOLOAD:=$(call AutoProbe,$(notdir $(IPT_NFLOG-m)))
$(call AddDepends/ipt,+kmod-nfnetlink-log)
endef
define KernelPackage/ipt-nflog/description
Netfilter module for user-space packet logging
Includes:
- NFLOG
endef
$(eval $(call KernelPackage,ipt-nflog))
define KernelPackage/ipt-nfqueue
TITLE:=Module for user-space packet queuing
KCONFIG:=$(KCONFIG_IPT_NFQUEUE)
FILES:=$(foreach mod,$(IPT_NFQUEUE-m),$(LINUX_DIR)/net/$(mod).ko)
AUTOLOAD:=$(call AutoProbe,$(notdir $(IPT_NFQUEUE-m)))
$(call AddDepends/ipt,+kmod-nfnetlink-queue)
endef
define KernelPackage/ipt-nfqueue/description
Netfilter module for user-space packet queuing
Includes:
- NFQUEUE
endef
$(eval $(call KernelPackage,ipt-nfqueue))
define KernelPackage/ipt-debug
TITLE:=Module for debugging/development
KCONFIG:=$(KCONFIG_IPT_DEBUG)
@@ -530,10 +564,10 @@ $(eval $(call KernelPackage,ebtables-watchers))
define KernelPackage/nfnetlink
SUBMENU:=$(NF_MENU)
TITLE:=Netlink-based userspace interface
DEPENDS:=+kmod-ipt-core
FILES:=$(LINUX_DIR)/net/netfilter/nfnetlink.ko
KCONFIG:=CONFIG_NETFILTER_NETLINK
AUTOLOAD:=$(call AutoProbe,nfnetlink)
FILES:=$(foreach mod,$(NFNETLINK-m),$(LINUX_DIR)/net/$(mod).ko)
KCONFIG:=$(KCONFIG_NFNETLINK)
AUTOLOAD:=$(call AutoProbe,$(notdir $(NFNETLINK-m)))
$(call AddDepends/ipt)
endef
define KernelPackage/nfnetlink/description
@@ -551,14 +585,16 @@ endef
define KernelPackage/nfnetlink-log
TITLE:=Netfilter LOG over NFNETLINK interface
FILES:=$(LINUX_DIR)/net/netfilter/nfnetlink_log.ko
KCONFIG:=CONFIG_NETFILTER_NETLINK_LOG
AUTOLOAD:=$(call AutoProbe,nfnetlink_log)
FILES:=$(foreach mod,$(NFNETLINK_LOG-m),$(LINUX_DIR)/net/$(mod).ko)
KCONFIG:=$(KCONFIG_NFNETLINK_LOG)
AUTOLOAD:=$(call AutoProbe,$(notdir $(NFNETLINK_LOG-m)))
$(call AddDepends/nfnetlink)
endef
define KernelPackage/nfnetlink-log/description
Kernel modules support for logging packets via NFNETLINK
Includes:
- NFLOG
endef
$(eval $(call KernelPackage,nfnetlink-log))
@@ -566,14 +602,16 @@ $(eval $(call KernelPackage,nfnetlink-log))
define KernelPackage/nfnetlink-queue
TITLE:=Netfilter QUEUE over NFNETLINK interface
FILES:=$(LINUX_DIR)/net/netfilter/nfnetlink_queue.ko
KCONFIG:=CONFIG_NETFILTER_NETLINK_QUEUE
AUTOLOAD:=$(call AutoProbe,nfnetlink_queue)
FILES:=$(foreach mod,$(NFNETLINK_QUEUE-m),$(LINUX_DIR)/net/$(mod).ko)
KCONFIG:=$(KCONFIG_NFNETLINK_QUEUE)
AUTOLOAD:=$(call AutoProbe,$(notdir $(NFNETLINK_QUEUE-m)))
$(call AddDepends/nfnetlink)
endef
define KernelPackage/nfnetlink-queue/description
Kernel modules support for queueing packets via NFNETLINK
Includes:
- NFQUEUE
endef
$(eval $(call KernelPackage,nfnetlink-queue))