summaryrefslogtreecommitdiffstats
path: root/include/netfilter.mk
Commit message (Collapse)AuthorAgeFilesLines
* include/netfilter.mk: fix kmod-ipt-tee build with 4.3/4.4Felix Fietkau2015-12-131-0/+2
| | | | | | Signed-off-by: Felix Fietkau <nbd@openwrt.org> SVN-Revision: 47890
* netfilter.mk: fix redirect module locations for 3.19+Jonas Gorski2015-06-221-3/+3
| | | | | | | | | | | | ntf_redir_ipvX is part of NAT support, so they should be in the appropriate nft-nat kmods. Since they depend on nf_nat_redirect, nf_nat_redirect should be part of nf-nat, not ipt-nat. Fixes nft-core gaining a missing dependency on nf_nat_redirect.ko. Signed-off-by: Jonas Gorski <jogo@openwrt.org> SVN-Revision: 46109
* netfilter.mk: remove obsolete ip_nat_ftp related lineFelix Fietkau2015-04-201-1/+0
| | | | | | Signed-off-by: Felix Fietkau <nbd@openwrt.org> SVN-Revision: 45516
* netfilter.mk: move IRC conntrack/nat helpers to kmod-nf-nathelper-extraFelix Fietkau2015-04-201-2/+2
| | | | | | Signed-off-by: Felix Fietkau <nbd@openwrt.org> SVN-Revision: 45515
* kernel: finally remove layer7 filter supportFelix Fietkau2015-04-131-1/+0
| | | | | | | | | | | it has been non-functional for years and caused numerous memleaks and crashes for people that tried to enable it. it has no maintained upstream source, and it does not look like it's going to be fixed any time soon Signed-off-by: Felix Fietkau <nbd@openwrt.org> SVN-Revision: 45423
* netfilter.mk: remove bogus NAT related kernel module entries (#19451)Felix Fietkau2015-04-111-3/+0
| | | | | | Signed-off-by: Felix Fietkau <nbd@openwrt.org> SVN-Revision: 45382
* netfilter.mk: drop obsolete kernel version dependenciesFelix Fietkau2015-04-111-36/+36
| | | | | | Signed-off-by: Felix Fietkau <nbd@openwrt.org> SVN-Revision: 45381
* include: remove trailing whitespacesLuka Perkov2015-03-291-2/+2
| | | | | | Signed-off-by: Luka Perkov <luka@openwrt.org> SVN-Revision: 45127
* netfilter: add missing module/symbolFelix Fietkau2015-03-291-0/+1
| | | | | | | | ipv4 symbol was added but ipv6 symbol is missing Signed-off-by: Dirk Neukirchen <dirkneukirchen@web.de> SVN-Revision: 45122
* netfilter: clean up compatibility code for old kernelsFelix Fietkau2015-03-201-32/+16
| | | | | | Signed-off-by: Felix Fietkau <nbd@openwrt.org> SVN-Revision: 44904
* netfilter: fix nf_nat_redirect dependencies for 3.19 and 4.0John Crispin2015-03-051-0/+1
| | | | | | Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com> SVN-Revision: 44598
* include: netfilter: fix packaging of LOG target for Linux >= 3.16 (#19031)Jo-Philipp Wich2015-02-181-0/+3
| | | | | | Signed-off-by: Jo-Philipp Wich <jow@openwrt.org> SVN-Revision: 44488
* netfilter: add missing symbols and modules for Linux 3.18+Jo-Philipp Wich2015-01-291-1/+7
| | | | | | Signed-off-by: Jo-Philipp Wich <jow@openwrt.org> SVN-Revision: 44187
* generic: add preliminary 3.19 supportImre Kaloz2015-01-251-0/+2
| | | | | | Signed-off-by: Imre Kaloz <kaloz@openwrt.org> SVN-Revision: 44126
* netfilter: handle NFT_MASQ_IPV6Imre Kaloz2015-01-141-0/+1
| | | | | | Signed-off-by: Imre Kaloz <kaloz@openwrt.org> SVN-Revision: 43966
* netfilter: handle nft_masq and nft_masq_ipv4Imre Kaloz2015-01-121-0/+2
| | | | | | Signed-off-by: Imre Kaloz <kaloz@openwrt.org> SVN-Revision: 43950
* kernel: add a patch to make netfilter conntrack cache routing informationFelix Fietkau2014-12-091-0/+1
| | | | | | | | Significantly improves routing / NAT performance Signed-off-by: Felix Fietkau <nbd@openwrt.org> SVN-Revision: 43587
* keernel: Fixed dependencies in netfilter modules introduced with 3.18 kernelJohn Crispin2014-11-191-0/+3
| | | | | | | | | | Building current trunk with 3.18 kernel fired some errors like 'missed dependancy of module XXX from library kmod_YYY.ko'. These patch fixes 3 of such issues which are critical to have a successful build. Signed-off-by: Alexey N Vinogradov <a.n.vinogradov@gmail.com> SVN-Revision: 43318
* kernel: 3.18: Fix kmod-ipt-natSteven Barth2014-11-081-0/+2
| | | | | | | | | | | The 3.18 kernel introduced new Kconfig options for the xt_nat and iptable_nat kernel modules, that both belong to the ipt_nat kernel package. Enable this new options. Signed-off-by: Maxime Ripard <maxime.ripard@free-electrons.com> SVN-Revision: 43212
* netfilter: Enable compiling iptables match clusterFelix Fietkau2014-11-031-0/+7
| | | | | | | | | | | | | | | | | | This patch adds the userspace and kernelspace for - match NETFILTER_XT_MATCH_CLUSTER This match can be used to deploy gateway and back-end load-sharing clusters. - target IP_NF_TARGET_CLUSTERIP This module allows you to configure a simple cluster of nodes that share a certain IP and MAC address without an explicit load balancer in front of them. Connections are statically distributed between the nodes in this cluster. This is used i.e. by strongswan-ha. Signed-off-by: Christian Scheele <cs@embedd.com> SVN-Revision: 43174
* netfilter: unbreak kmod-ipt-nat for <3.7Steven Barth2014-09-291-0/+1
| | | | SVN-Revision: 42696
* netfilter: fix a typo in TTL-match moduleSteven Barth2014-09-181-1/+1
| | | | SVN-Revision: 42611
* netfilter: remove redundant CONFIG_IP_NF_IPTABLESSteven Barth2014-09-171-1/+0
| | | | | | Signed-off-by: Steven Barth <steven@midlink.org> SVN-Revision: 42599
* Reorganize netfilter kernel modules and package nftables kernel supportSteven Barth2014-09-171-40/+75
| | | | | | Signed-off-by: Steven Barth <steven@midlink.org> SVN-Revision: 42596
* iptables: NFLOG and NFQUEUE targets' full supportSteven Barth2014-08-071-0/+27
| | | | | | | | | | | | | | | | NFLOG and NFQUEUE targets' full support for iptables. Includes all needed kernel modules (Xtables's and Netlink's) and userspace libraries. All added kernel modules can be individually disabled, all other new libraries get their own individual packages. Reported-by: Fabian Hugelshofer <hugelshofer2006@gmx.ch> Reported-by: Rainer Poisel <rainer.poisel@fhstp.ac.at> Reported-by: Derek LaHousse <dlahouss@mtu.edu> Signed-off-by: Guillaume Déflache <guillaume.deflache@ibwag.com> SVN-Revision: 42022
* netfilter: introduce xt_id matchJo-Philipp Wich2014-08-011-1/+2
| | | | | | | | | This commit implements a new netfilter match "xt_id" which can be used to attach unsigned 32bit IDs to iptables rules. Signed-off-by: Jo-Philipp Wich <jow@openwrt.org> SVN-Revision: 41945
* netfilter: split off header matching modules not used by the default config ↵Felix Fietkau2014-06-021-7/+9
| | | | | | | | (reduces rootfs size and memory usage) Signed-off-by: Felix Fietkau <nbd@openwrt.org> SVN-Revision: 40983
* iptables/netfilter: add connlimit to conntrack-extraSteven Barth2014-03-111-0/+1
| | | | SVN-Revision: 39878
* Fix IPv6 NAT breaking older kernelsSteven Barth2013-09-031-2/+0
| | | | SVN-Revision: 37891
* netfilter: Add IPv6-NAT support for kernel and ipt Thanks to Berni, Adam ↵Steven Barth2013-09-011-1/+9
| | | | | | Novak and Sedat Dilek for patches and inspiration SVN-Revision: 37866
* netfilter: fix typoLuka Perkov2013-08-211-1/+1
| | | | | | Signed-off-by: Luka Perkov <luka@openwrt.org> SVN-Revision: 37821
* netfilter: remove use of obsolete compatibility config symbols for mark and ↵Felix Fietkau2013-07-151-8/+4
| | | | | | | | | | connmark fixes duplication of xt_mark and xt_connmark module entries Signed-off-by: Felix Fietkau <nbd@openwrt.org> SVN-Revision: 37344
* netfilter: move time, mark, set matches and MARK, REDIRECT, SET targets into ↵Jo-Philipp Wich2013-05-211-11/+11
| | | | | | base iptables package - drop iptables-mod-ipset SVN-Revision: 36683
* netfilter: Fix typo in last commitSteven Barth2013-03-071-1/+1
| | | | SVN-Revision: 35899
* iptables: Add missing IPv6 builtin modulesSteven Barth2013-03-071-1/+3
| | | | SVN-Revision: 35898
* package/kernel: xt_NOTRACK has been removed in 3.7-rc1Gabor Juhos2013-02-041-1/+1
| | | | | | Signed-off-by: Gabor Juhos <juhosg@openwrt.org> SVN-Revision: 35475
* netfilter.mk: add addrtype match to iptables-mod-extra (kmod-ipt-extra)Jo-Philipp Wich2013-01-141-2/+1
| | | | SVN-Revision: 35155
* netfilter: xt_NOTRACK is incorporated in xt_CT as of 3.8-rc3Florian Fainelli2013-01-101-1/+1
| | | | | | Signed-off-by: Florian Fainelli <florian@openwrt.org> SVN-Revision: 35087
* fix ipv4 nat on 3.7 by adding missing iptables modulesJohn Crispin2012-12-221-1/+1
| | | | SVN-Revision: 34841
* netfilter: fix module list for 3.7 kernelGabor Juhos2012-12-181-6/+11
| | | | | | | Signed-off-by: David Woodhouse <David.Woodhouse@intel.com> Signed-off-by: Gabor Juhos <juhosg@openwrt.org> SVN-Revision: 34750
* netfilter.mk: extend nf_add macro to take a version dependency expressionJo-Philipp Wich2012-12-151-19/+16
| | | | | | | | - nf_add now takes an optional 4th argument which specifies a kernel version dependency, e.g. "lt 3.7.0" - remove CompareKernelPatchVer conditionals around nf_add invocations, use version depends instead - fixes xt_LOG.ko packaging with Linux 3.6.0 and later SVN-Revision: 34681
* netfilter.mk: fix packaging of xt_LOG.ko, it moved between 3.3.8 and 3.6.xJo-Philipp Wich2012-12-111-2/+6
| | | | SVN-Revision: 34625
* kernel: fix loading of nf_nat_ircHauke Mehrtens2012-11-181-1/+1
| | | | | | | nf_nat_irc depends on nf_conntrack_irc and it should be defined after that. This fixes a problem introduced in r34247. SVN-Revision: 34251
* add 3.7-rc6 support (patch 820 still has to be fixed)Imre Kaloz2012-11-181-3/+12
| | | | SVN-Revision: 34247
* include/netfilter.mk: remove a few obsolete linesFelix Fietkau2012-09-231-8/+0
| | | | SVN-Revision: 33518
* kmod-ipt-nathelper-extra: fix missing nf_conntrack_broadcast.koFelix Fietkau2012-06-181-0/+1
| | | | | | | | | | | | | | kmod-ipt-nathelper-extra is missing the package nf_conntrack_broadcast.ko if it is not included into the kmod-ipt-nathelper-extra packge the modules nf_conntrack_snmp and nf_nat_snmp_basic cant get loaded: [ 44.500000] nf_conntrack_snmp: Unknown symbol nf_conntrack_broadcast_help (err 0) [ 44.664000] nf_nat_snmp_basic: Unknown symbol nf_nat_snmp_hook (err 0) Signed-off-by: Peter Wagner <tripolar@gmx.at> SVN-Revision: 32434
* include/netfilter.mk: clean up, remove junk for old kernel versionsFelix Fietkau2012-06-071-70/+9
| | | | SVN-Revision: 32114
* fix ipt_ttl and ipt_TTL userspace library packagingJo-Philipp Wich2012-03-121-4/+4
| | | | SVN-Revision: 30897
* kernel: update module names and add new config symbols for linux 3.3Jonas Gorski2012-02-021-1/+6
| | | | SVN-Revision: 29985
* add CT target and TTL/HL match+targetJo-Philipp Wich2012-01-041-0/+4
| | | | | | | | This patch adds the CT target for conntrack (enables manipulation of conntrack events and supercedes NOTRACK) as well as the TTL/HL target and match. SVN-Revision: 29645
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-09 23:57:29 +0000