aboutsummaryrefslogtreecommitdiffstats
path: root/include/netfilter.mk
Commit message (Collapse)AuthorAgeFilesLines
...
* kernel: update module names and add new config symbols for linux 3.3Jonas Gorski2012-02-021-1/+6
| | | | git-svn-id: svn://svn.openwrt.org/openwrt/trunk@29985 3c298f89-4303-0410-b956-a3cf2f4a3e73
* add CT target and TTL/HL match+targetJo-Philipp Wich2012-01-041-0/+4
| | | | | | | | This patch adds the CT target for conntrack (enables manipulation of conntrack events and supercedes NOTRACK) as well as the TTL/HL target and match. git-svn-id: svn://svn.openwrt.org/openwrt/trunk@29645 3c298f89-4303-0410-b956-a3cf2f4a3e73
* [netfilter] remove current RTSP supportJo-Philipp Wich2012-01-041-4/+0
| | | | git-svn-id: svn://svn.openwrt.org/openwrt/trunk@29643 3c298f89-4303-0410-b956-a3cf2f4a3e73
* [netfilter] package CT targetJo-Philipp Wich2011-12-251-0/+1
| | | | git-svn-id: svn://svn.openwrt.org/openwrt/trunk@29609 3c298f89-4303-0410-b956-a3cf2f4a3e73
* netfilter.mk: remove a few obsolete CompareKernelPatchVer callsFelix Fietkau2011-06-011-17/+5
| | | | git-svn-id: svn://svn.openwrt.org/openwrt/trunk@27086 3c298f89-4303-0410-b956-a3cf2f4a3e73
* [netfilter] package u32 match and TEE target, patches by Maxim UvarovJo-Philipp Wich2011-05-241-0/+8
| | | | git-svn-id: svn://svn.openwrt.org/openwrt/trunk@26977 3c298f89-4303-0410-b956-a3cf2f4a3e73
* firewall: allow local redirection of portsJo-Philipp Wich2011-04-121-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Allow a redirect like: config redirect option src 'wan' option dest 'lan' option src_dport '22001' option dest_port '22' option proto 'tcp' note the absence of the "dest_ip" field, meaning to terminate the connection on the firewall itself. This patch makes three changes: (1) moves the conntrack module into the conntrack package (but not any of the conntrack_* helpers). (2) fixes a bug where the wrong table is used when the "dest_ip" field is absent. (3) accepts incoming connections on the destination port on the input_ZONE table, but only for DNATted connections. In the above example, ssh -p 22 root@myrouter would fail from the outside, but: ssh -p 22001 root@myrouter would succeed. This is handy if: (1) you want to avoid ssh probes on your router, or (2) you want to redirect incoming connections on port 22 to some machine inside your firewall, but still want to allow firewall access from outside. Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com> git-svn-id: svn://svn.openwrt.org/openwrt/trunk@26617 3c298f89-4303-0410-b956-a3cf2f4a3e73
* iipt-debug: create bundle of netfilter modules for debuggingHauke Mehrtens2011-04-091-0/+5
| | | | | | | | | | | Add a bundle for including commonly useful modules for IPtables debugging and development. For now, it just contains xt_TRACE.ko Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com> git-svn-id: svn://svn.openwrt.org/openwrt/trunk@26567 3c298f89-4303-0410-b956-a3cf2f4a3e73
* [package] add kmod-ipt-ledFlorian Fainelli2011-04-031-0/+3
| | | | | | | | | | | Netfilter LED target triggers blinkenlichten when a network packet hits a rule. LED target requires iptables 1.4.9 or higher Signed-off-by: Łukasz Stelmach <stlman@poczta.fm> git-svn-id: svn://svn.openwrt.org/openwrt/trunk@26451 3c298f89-4303-0410-b956-a3cf2f4a3e73
* netfilter.mk: put ipv6 conntrack in the right packageFelix Fietkau2011-02-271-2/+1
| | | | git-svn-id: svn://svn.openwrt.org/openwrt/trunk@25750 3c298f89-4303-0410-b956-a3cf2f4a3e73
* netfilter: add missing modules for v6 conntrack (patch from #8940)Felix Fietkau2011-02-261-0/+2
| | | | git-svn-id: svn://svn.openwrt.org/openwrt/trunk@25731 3c298f89-4303-0410-b956-a3cf2f4a3e73
* move nf_{conntrack,nat}_tftp to ipt-nathelper-extra, most people don't need thisFelix Fietkau2011-02-261-4/+4
| | | | git-svn-id: svn://svn.openwrt.org/openwrt/trunk@25722 3c298f89-4303-0410-b956-a3cf2f4a3e73
* kernel: remove imq support, refresh patchesFelix Fietkau2011-02-211-8/+0
| | | | git-svn-id: svn://svn.openwrt.org/openwrt/trunk@25641 3c298f89-4303-0410-b956-a3cf2f4a3e73
* [include] netfilter.mk: fix connmark packaging for Kernels >= 2.6.35, thanks ↵Jo-Philipp Wich2010-12-191-1/+2
| | | | | | Daniel Gimpelevich git-svn-id: svn://svn.openwrt.org/openwrt/trunk@24729 3c298f89-4303-0410-b956-a3cf2f4a3e73
* [include] netfilter: workaround a userspace/kernel mismatch on Linux 2.6.35 ↵Jo-Philipp Wich2010-10-181-1/+6
| | | | | | and later git-svn-id: svn://svn.openwrt.org/openwrt/trunk@23521 3c298f89-4303-0410-b956-a3cf2f4a3e73
* finalize r22241 fixesAlexandros C. Couloumbis2010-07-171-3/+3
| | | | git-svn-id: svn://svn.openwrt.org/openwrt/trunk@22242 3c298f89-4303-0410-b956-a3cf2f4a3e73
* [netfilter] package TPROXY target and module infrastructureJo-Philipp Wich2010-06-221-0/+7
| | | | git-svn-id: svn://svn.openwrt.org/openwrt/trunk@21883 3c298f89-4303-0410-b956-a3cf2f4a3e73
* include/netfilter.mk fix typo on r21795Alexandros C. Couloumbis2010-06-141-2/+2
| | | | git-svn-id: svn://svn.openwrt.org/openwrt/trunk@21796 3c298f89-4303-0410-b956-a3cf2f4a3e73
* include/netfilter.mk: add 2.6.35 kernel supportAlexandros C. Couloumbis2010-06-141-3/+10
| | | | git-svn-id: svn://svn.openwrt.org/openwrt/trunk@21795 3c298f89-4303-0410-b956-a3cf2f4a3e73
* netfilter: extension fixes (partially closes: #7045)Nicolas Thill2010-04-041-1/+4
| | | | | | | | | | * add missing xt_owner (2.6) * enable ipt_quota (2.4), disabled in [8499] is building fine with recent iptables * add missing ipt_nat_tftp (2.4) * add missing nf_nat_amanda (2.6) git-svn-id: svn://svn.openwrt.org/openwrt/trunk@20693 3c298f89-4303-0410-b956-a3cf2f4a3e73
* [cosmectic] include/netfilter.mk: move ebtables definitions at the endNicolas Thill2010-04-041-36/+37
| | | | git-svn-id: svn://svn.openwrt.org/openwrt/trunk@20690 3c298f89-4303-0410-b956-a3cf2f4a3e73
* [netfilter] properly package xt_comment.ko (#6742)Jo-Philipp Wich2010-02-261-0/+2
| | | | git-svn-id: svn://svn.openwrt.org/openwrt/trunk@19861 3c298f89-4303-0410-b956-a3cf2f4a3e73
* [generic-2.4] netfilter: add support for raw table and NOTRACK target (#5504)Jo-Philipp Wich2010-02-191-0/+1
| | | | git-svn-id: svn://svn.openwrt.org/openwrt/trunk@19721 3c298f89-4303-0410-b956-a3cf2f4a3e73
* [package] iptables: add comment match to the core packageJo-Philipp Wich2009-12-081-1/+1
| | | | git-svn-id: svn://svn.openwrt.org/openwrt/trunk@18706 3c298f89-4303-0410-b956-a3cf2f4a3e73
* [kernel] netfilter: remove IPset leftovers missed from [17844]Nicolas Thill2009-10-111-21/+0
| | | | git-svn-id: svn://svn.openwrt.org/openwrt/trunk@18032 3c298f89-4303-0410-b956-a3cf2f4a3e73
* [ipset] Update ipset to version 3.2Hauke Mehrtens2009-09-271-0/+3
| | | | git-svn-id: svn://svn.openwrt.org/openwrt/trunk@17764 3c298f89-4303-0410-b956-a3cf2f4a3e73
* [package] split ebtables packages and modules into ebtables ipv4/6 and ↵Florian Fainelli2009-07-251-0/+40
| | | | | | watchers (#5001) git-svn-id: svn://svn.openwrt.org/openwrt/trunk@16980 3c298f89-4303-0410-b956-a3cf2f4a3e73
* [package] fix ip6tables installation against ip6t_HL which has been merged ↵Florian Fainelli2009-07-241-2/+0
| | | | | | in xt_HL since 2.6.29 (#5568) git-svn-id: svn://svn.openwrt.org/openwrt/trunk@16964 3c298f89-4303-0410-b956-a3cf2f4a3e73
* netfilter: move iptable_raw, xt_NOTRACK from conntrack-extra to conntrackFelix Fietkau2009-05-141-2/+2
| | | | git-svn-id: svn://svn.openwrt.org/openwrt/trunk@15854 3c298f89-4303-0410-b956-a3cf2f4a3e73
* [netfilter] ipt_TTL and ipt_ttl moved and were renamed in kernel 2.6.30Hauke Mehrtens2009-05-141-2/+8
| | | | git-svn-id: svn://svn.openwrt.org/openwrt/trunk@15851 3c298f89-4303-0410-b956-a3cf2f4a3e73
* [include] adept netfilter.mk to updated imqJo-Philipp Wich2009-05-071-0/+1
| | | | git-svn-id: svn://svn.openwrt.org/openwrt/trunk@15656 3c298f89-4303-0410-b956-a3cf2f4a3e73
* get rid of $Id$ - it has never helped us and it has broken too many patches ;)Felix Fietkau2009-04-171-1/+0
| | | | git-svn-id: svn://svn.openwrt.org/openwrt/trunk@15242 3c298f89-4303-0410-b956-a3cf2f4a3e73
* move iptable_raw to the conntrack-extra packageFelix Fietkau2009-04-091-1/+1
| | | | git-svn-id: svn://svn.openwrt.org/openwrt/trunk@15175 3c298f89-4303-0410-b956-a3cf2f4a3e73
* [kernel] accomodate netfilter module (xt_recent) name change in 2.6.28, add ↵Nicolas Thill2009-04-061-0/+1
| | | | | | missing kconfig when xt_recent is enabled git-svn-id: svn://svn.openwrt.org/openwrt/trunk@15123 3c298f89-4303-0410-b956-a3cf2f4a3e73
* remove support for ipp2p - it's unmaintained, broken, overmatching and ↵Felix Fietkau2009-02-211-1/+0
| | | | | | undermatching => not that useful for QoS git-svn-id: svn://svn.openwrt.org/openwrt/trunk@14596 3c298f89-4303-0410-b956-a3cf2f4a3e73
* [kernel] netfilter: remove CHAOS, TARPIT and DELUDE referencesGabor Juhos2009-02-091-4/+0
| | | | git-svn-id: svn://svn.openwrt.org/openwrt/trunk@14461 3c298f89-4303-0410-b956-a3cf2f4a3e73
* defrag needs to be loaded before conntrack_ipv4Imre Kaloz2008-12-101-1/+1
| | | | git-svn-id: svn://svn.openwrt.org/openwrt/trunk@13585 3c298f89-4303-0410-b956-a3cf2f4a3e73
* fix conntrack on 2.6.28Imre Kaloz2008-12-101-0/+1
| | | | git-svn-id: svn://svn.openwrt.org/openwrt/trunk@13582 3c298f89-4303-0410-b956-a3cf2f4a3e73
* make the whole iptables/netfiter modular (closes: #3871, #3527)Nicolas Thill2008-09-221-37/+65
| | | | git-svn-id: svn://svn.openwrt.org/openwrt/trunk@12649 3c298f89-4303-0410-b956-a3cf2f4a3e73
* Package ip6t_limit and ip6t_frag for 2.4 kernels (#3760)Florian Fainelli2008-08-111-0/+1
| | | | git-svn-id: svn://svn.openwrt.org/openwrt/trunk@12276 3c298f89-4303-0410-b956-a3cf2f4a3e73
* cosmetic change: rename IPT_NAT_DEFAULT & IPT_NAT_EXTRA to IPT_NATHELPER & ↵Nicolas Thill2008-05-081-39/+41
| | | | | | IPT_NATHELPER_EXTRA respectively, to better match package names git-svn-id: svn://svn.openwrt.org/openwrt/trunk@11073 3c298f89-4303-0410-b956-a3cf2f4a3e73
* [package] kmod-ipt-iprange: fix build error on .25Gabor Juhos2008-04-301-0/+1
| | | | git-svn-id: svn://svn.openwrt.org/openwrt/trunk@10992 3c298f89-4303-0410-b956-a3cf2f4a3e73
* update iptables to 1.4.0 (2.6 kernels only), refresh kernel patchesGabor Juhos2008-04-151-0/+4
| | | | git-svn-id: svn://svn.openwrt.org/openwrt/trunk@10843 3c298f89-4303-0410-b956-a3cf2f4a3e73
* layer7 filtering module is now xt_layer7 (#3268)Florian Fainelli2008-03-271-0/+1
| | | | git-svn-id: svn://svn.openwrt.org/openwrt/trunk@10674 3c298f89-4303-0410-b956-a3cf2f4a3e73
* [kernel] netfilter/ipset cleanupsGabor Juhos2007-10-121-0/+1
| | | | | | | | | | * rename patches to follow our naming conventions * update ipset patches with revision 7096 of [https://svn.netfilter.org/netfilter/trunk/patch-o-matic-ng pom] * add CONFIG_IP_NF_SET_IPTREEMAP to default kernel configs * add ip_set_iptreemap to include/netfilter.mk * update kmod-ipt-ipset module description git-svn-id: svn://svn.openwrt.org/openwrt/trunk@9269 3c298f89-4303-0410-b956-a3cf2f4a3e73
* add TARPIT support to netfilter/iptablesGabor Juhos2007-10-071-2/+3
| | | | | | | | | * netfilter: add the xt_TARPIT target module required by xt_CHAOS * include/netfilter.mk: reorder, xt_CHAOS depends on xt_TARPIT and xt_DELUDE * iptables: add libipt_TARPIT to the kmod-ipt-extra package, bump release number * original patchset can be found [http://tinyurl.com/2mjk2kx here] git-svn-id: svn://svn.openwrt.org/openwrt/trunk@9178 3c298f89-4303-0410-b956-a3cf2f4a3e73
* add ipv6 conntrack support (closes: #2192)Nicolas Thill2007-09-231-0/+29
| | | | git-svn-id: svn://svn.openwrt.org/openwrt/trunk@8984 3c298f89-4303-0410-b956-a3cf2f4a3e73
* add missing 2.6 conntrack/nat helpers, add 2.6 conntrack/nat helper for RTSP ↵Nicolas Thill2007-09-221-3/+37
| | | | | | (closes: #2297, thanks to aorlinsk), sync 2.4 / 2.6 kconfigs. git-svn-id: svn://svn.openwrt.org/openwrt/trunk@8955 3c298f89-4303-0410-b956-a3cf2f4a3e73
* cosmetic cleanup before more deep changesNicolas Thill2007-09-201-51/+83
| | | | git-svn-id: svn://svn.openwrt.org/openwrt/trunk@8870 3c298f89-4303-0410-b956-a3cf2f4a3e73
* fix typo again (do i need some sleep?)Nicolas Thill2007-09-171-1/+1
| | | | git-svn-id: svn://svn.openwrt.org/openwrt/trunk@8822 3c298f89-4303-0410-b956-a3cf2f4a3e73
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-23 03:30:49 +0000