Added iptables features to kernel
This commit is contained in:
parent
d9706589e4
commit
5a04425f88
@ -764,6 +764,7 @@ CONFIG_COREDUMP=y
|
|||||||
CONFIG_X86_DEV_DMA_OPS=y
|
CONFIG_X86_DEV_DMA_OPS=y
|
||||||
CONFIG_PMC_ATOM=y
|
CONFIG_PMC_ATOM=y
|
||||||
CONFIG_NET=y
|
CONFIG_NET=y
|
||||||
|
CONFIG_NET_INGRESS=y
|
||||||
|
|
||||||
#
|
#
|
||||||
# Networking options
|
# Networking options
|
||||||
@ -809,18 +810,170 @@ CONFIG_DEFAULT_TCP_CONG="cubic"
|
|||||||
# CONFIG_NETWORK_SECMARK is not set
|
# CONFIG_NETWORK_SECMARK is not set
|
||||||
CONFIG_NET_PTP_CLASSIFY=y
|
CONFIG_NET_PTP_CLASSIFY=y
|
||||||
# CONFIG_NETWORK_PHY_TIMESTAMPING is not set
|
# CONFIG_NETWORK_PHY_TIMESTAMPING is not set
|
||||||
# CONFIG_NETFILTER is not set
|
CONFIG_NETFILTER=y
|
||||||
|
# CONFIG_NETFILTER_DEBUG is not set
|
||||||
|
CONFIG_NETFILTER_ADVANCED=y
|
||||||
|
CONFIG_BRIDGE_NETFILTER=y
|
||||||
|
|
||||||
|
#
|
||||||
|
# Core Netfilter Configuration
|
||||||
|
#
|
||||||
|
CONFIG_NETFILTER_INGRESS=y
|
||||||
|
CONFIG_NETFILTER_NETLINK=y
|
||||||
|
# CONFIG_NETFILTER_NETLINK_ACCT is not set
|
||||||
|
CONFIG_NETFILTER_NETLINK_QUEUE=y
|
||||||
|
CONFIG_NETFILTER_NETLINK_LOG=y
|
||||||
|
CONFIG_NF_CONNTRACK=y
|
||||||
|
CONFIG_NF_LOG_COMMON=y
|
||||||
|
CONFIG_NF_CONNTRACK_MARK=y
|
||||||
|
CONFIG_NF_CONNTRACK_PROCFS=y
|
||||||
|
# CONFIG_NF_CONNTRACK_EVENTS is not set
|
||||||
|
# CONFIG_NF_CONNTRACK_TIMEOUT is not set
|
||||||
|
# CONFIG_NF_CONNTRACK_TIMESTAMP is not set
|
||||||
|
# CONFIG_NF_CT_PROTO_DCCP is not set
|
||||||
|
# CONFIG_NF_CT_PROTO_SCTP is not set
|
||||||
|
# CONFIG_NF_CT_PROTO_UDPLITE is not set
|
||||||
|
# CONFIG_NF_CONNTRACK_AMANDA is not set
|
||||||
|
# CONFIG_NF_CONNTRACK_FTP is not set
|
||||||
|
# CONFIG_NF_CONNTRACK_H323 is not set
|
||||||
|
# CONFIG_NF_CONNTRACK_IRC is not set
|
||||||
|
# CONFIG_NF_CONNTRACK_NETBIOS_NS is not set
|
||||||
|
# CONFIG_NF_CONNTRACK_SNMP is not set
|
||||||
|
# CONFIG_NF_CONNTRACK_PPTP is not set
|
||||||
|
# CONFIG_NF_CONNTRACK_SANE is not set
|
||||||
|
# CONFIG_NF_CONNTRACK_SIP is not set
|
||||||
|
# CONFIG_NF_CONNTRACK_TFTP is not set
|
||||||
|
# CONFIG_NF_CT_NETLINK is not set
|
||||||
|
# CONFIG_NF_CT_NETLINK_TIMEOUT is not set
|
||||||
|
# CONFIG_NF_TABLES is not set
|
||||||
|
CONFIG_NETFILTER_XTABLES=y
|
||||||
|
|
||||||
|
#
|
||||||
|
# Xtables combined modules
|
||||||
|
#
|
||||||
|
CONFIG_NETFILTER_XT_MARK=y
|
||||||
|
# CONFIG_NETFILTER_XT_CONNMARK is not set
|
||||||
|
|
||||||
|
#
|
||||||
|
# Xtables targets
|
||||||
|
#
|
||||||
|
# CONFIG_NETFILTER_XT_TARGET_CLASSIFY is not set
|
||||||
|
# CONFIG_NETFILTER_XT_TARGET_CONNMARK is not set
|
||||||
|
# CONFIG_NETFILTER_XT_TARGET_HMARK is not set
|
||||||
|
# CONFIG_NETFILTER_XT_TARGET_IDLETIMER is not set
|
||||||
|
# CONFIG_NETFILTER_XT_TARGET_LED is not set
|
||||||
|
CONFIG_NETFILTER_XT_TARGET_LOG=y
|
||||||
|
# CONFIG_NETFILTER_XT_TARGET_MARK is not set
|
||||||
|
CONFIG_NETFILTER_XT_TARGET_NFLOG=y
|
||||||
|
CONFIG_NETFILTER_XT_TARGET_NFQUEUE=y
|
||||||
|
# CONFIG_NETFILTER_XT_TARGET_RATEEST is not set
|
||||||
|
# CONFIG_NETFILTER_XT_TARGET_TEE is not set
|
||||||
|
# CONFIG_NETFILTER_XT_TARGET_TCPMSS is not set
|
||||||
|
|
||||||
|
#
|
||||||
|
# Xtables matches
|
||||||
|
#
|
||||||
|
CONFIG_NETFILTER_XT_MATCH_ADDRTYPE=y
|
||||||
|
# CONFIG_NETFILTER_XT_MATCH_BPF is not set
|
||||||
|
CONFIG_NETFILTER_XT_MATCH_CGROUP=y
|
||||||
|
# CONFIG_NETFILTER_XT_MATCH_CLUSTER is not set
|
||||||
|
# CONFIG_NETFILTER_XT_MATCH_COMMENT is not set
|
||||||
|
# CONFIG_NETFILTER_XT_MATCH_CONNBYTES is not set
|
||||||
|
# CONFIG_NETFILTER_XT_MATCH_CONNLABEL is not set
|
||||||
|
# CONFIG_NETFILTER_XT_MATCH_CONNLIMIT is not set
|
||||||
|
# CONFIG_NETFILTER_XT_MATCH_CONNMARK is not set
|
||||||
|
# CONFIG_NETFILTER_XT_MATCH_CONNTRACK is not set
|
||||||
|
# CONFIG_NETFILTER_XT_MATCH_CPU is not set
|
||||||
|
# CONFIG_NETFILTER_XT_MATCH_DCCP is not set
|
||||||
|
CONFIG_NETFILTER_XT_MATCH_DEVGROUP=y
|
||||||
|
# CONFIG_NETFILTER_XT_MATCH_DSCP is not set
|
||||||
|
# CONFIG_NETFILTER_XT_MATCH_ECN is not set
|
||||||
|
# CONFIG_NETFILTER_XT_MATCH_ESP is not set
|
||||||
|
# CONFIG_NETFILTER_XT_MATCH_HASHLIMIT is not set
|
||||||
|
# CONFIG_NETFILTER_XT_MATCH_HELPER is not set
|
||||||
|
# CONFIG_NETFILTER_XT_MATCH_HL is not set
|
||||||
|
# CONFIG_NETFILTER_XT_MATCH_IPCOMP is not set
|
||||||
|
CONFIG_NETFILTER_XT_MATCH_IPRANGE=y
|
||||||
|
# CONFIG_NETFILTER_XT_MATCH_L2TP is not set
|
||||||
|
# CONFIG_NETFILTER_XT_MATCH_LENGTH is not set
|
||||||
|
# CONFIG_NETFILTER_XT_MATCH_LIMIT is not set
|
||||||
|
# CONFIG_NETFILTER_XT_MATCH_MAC is not set
|
||||||
|
CONFIG_NETFILTER_XT_MATCH_MARK=y
|
||||||
|
CONFIG_NETFILTER_XT_MATCH_MULTIPORT=y
|
||||||
|
# CONFIG_NETFILTER_XT_MATCH_NFACCT is not set
|
||||||
|
# CONFIG_NETFILTER_XT_MATCH_OSF is not set
|
||||||
|
CONFIG_NETFILTER_XT_MATCH_OWNER=y
|
||||||
|
# CONFIG_NETFILTER_XT_MATCH_PHYSDEV is not set
|
||||||
|
# CONFIG_NETFILTER_XT_MATCH_PKTTYPE is not set
|
||||||
|
# CONFIG_NETFILTER_XT_MATCH_QUOTA is not set
|
||||||
|
# CONFIG_NETFILTER_XT_MATCH_RATEEST is not set
|
||||||
|
# CONFIG_NETFILTER_XT_MATCH_REALM is not set
|
||||||
|
# CONFIG_NETFILTER_XT_MATCH_RECENT is not set
|
||||||
|
# CONFIG_NETFILTER_XT_MATCH_SCTP is not set
|
||||||
|
CONFIG_NETFILTER_XT_MATCH_SOCKET=y
|
||||||
|
# CONFIG_NETFILTER_XT_MATCH_STATE is not set
|
||||||
|
# CONFIG_NETFILTER_XT_MATCH_STATISTIC is not set
|
||||||
|
# CONFIG_NETFILTER_XT_MATCH_STRING is not set
|
||||||
|
# CONFIG_NETFILTER_XT_MATCH_TCPMSS is not set
|
||||||
|
# CONFIG_NETFILTER_XT_MATCH_TIME is not set
|
||||||
|
# CONFIG_NETFILTER_XT_MATCH_U32 is not set
|
||||||
|
# CONFIG_IP_SET is not set
|
||||||
|
# CONFIG_IP_VS is not set
|
||||||
|
|
||||||
|
#
|
||||||
|
# IP: Netfilter Configuration
|
||||||
|
#
|
||||||
|
CONFIG_NF_DEFRAG_IPV4=y
|
||||||
|
# CONFIG_NF_CONNTRACK_IPV4 is not set
|
||||||
|
# CONFIG_NF_DUP_IPV4 is not set
|
||||||
|
# CONFIG_NF_LOG_ARP is not set
|
||||||
|
CONFIG_NF_LOG_IPV4=y
|
||||||
|
CONFIG_NF_REJECT_IPV4=y
|
||||||
|
CONFIG_IP_NF_IPTABLES=y
|
||||||
|
# CONFIG_IP_NF_MATCH_AH is not set
|
||||||
|
# CONFIG_IP_NF_MATCH_ECN is not set
|
||||||
|
# CONFIG_IP_NF_MATCH_TTL is not set
|
||||||
|
CONFIG_IP_NF_FILTER=y
|
||||||
|
CONFIG_IP_NF_TARGET_REJECT=y
|
||||||
|
# CONFIG_IP_NF_TARGET_SYNPROXY is not set
|
||||||
|
# CONFIG_IP_NF_MANGLE is not set
|
||||||
|
# CONFIG_IP_NF_RAW is not set
|
||||||
|
# CONFIG_IP_NF_SECURITY is not set
|
||||||
|
# CONFIG_IP_NF_ARPTABLES is not set
|
||||||
|
CONFIG_BRIDGE_NF_EBTABLES=y
|
||||||
|
# CONFIG_BRIDGE_EBT_BROUTE is not set
|
||||||
|
CONFIG_BRIDGE_EBT_T_FILTER=y
|
||||||
|
# CONFIG_BRIDGE_EBT_T_NAT is not set
|
||||||
|
# CONFIG_BRIDGE_EBT_802_3 is not set
|
||||||
|
# CONFIG_BRIDGE_EBT_AMONG is not set
|
||||||
|
# CONFIG_BRIDGE_EBT_ARP is not set
|
||||||
|
CONFIG_BRIDGE_EBT_IP=y
|
||||||
|
# CONFIG_BRIDGE_EBT_LIMIT is not set
|
||||||
|
CONFIG_BRIDGE_EBT_MARK=y
|
||||||
|
# CONFIG_BRIDGE_EBT_PKTTYPE is not set
|
||||||
|
# CONFIG_BRIDGE_EBT_STP is not set
|
||||||
|
# CONFIG_BRIDGE_EBT_VLAN is not set
|
||||||
|
# CONFIG_BRIDGE_EBT_ARPREPLY is not set
|
||||||
|
# CONFIG_BRIDGE_EBT_DNAT is not set
|
||||||
|
# CONFIG_BRIDGE_EBT_MARK_T is not set
|
||||||
|
# CONFIG_BRIDGE_EBT_REDIRECT is not set
|
||||||
|
# CONFIG_BRIDGE_EBT_SNAT is not set
|
||||||
|
CONFIG_BRIDGE_EBT_LOG=y
|
||||||
|
CONFIG_BRIDGE_EBT_NFLOG=y
|
||||||
# CONFIG_IP_DCCP is not set
|
# CONFIG_IP_DCCP is not set
|
||||||
# CONFIG_IP_SCTP is not set
|
# CONFIG_IP_SCTP is not set
|
||||||
# CONFIG_RDS is not set
|
# CONFIG_RDS is not set
|
||||||
# CONFIG_TIPC is not set
|
# CONFIG_TIPC is not set
|
||||||
# CONFIG_ATM is not set
|
# CONFIG_ATM is not set
|
||||||
# CONFIG_L2TP is not set
|
# CONFIG_L2TP is not set
|
||||||
# CONFIG_BRIDGE is not set
|
CONFIG_STP=y
|
||||||
|
CONFIG_BRIDGE=y
|
||||||
|
# CONFIG_BRIDGE_IGMP_SNOOPING is not set
|
||||||
CONFIG_HAVE_NET_DSA=y
|
CONFIG_HAVE_NET_DSA=y
|
||||||
# CONFIG_NET_DSA is not set
|
# CONFIG_NET_DSA is not set
|
||||||
# CONFIG_VLAN_8021Q is not set
|
# CONFIG_VLAN_8021Q is not set
|
||||||
# CONFIG_DECNET is not set
|
# CONFIG_DECNET is not set
|
||||||
|
CONFIG_LLC=y
|
||||||
# CONFIG_LLC2 is not set
|
# CONFIG_LLC2 is not set
|
||||||
# CONFIG_IPX is not set
|
# CONFIG_IPX is not set
|
||||||
# CONFIG_ATALK is not set
|
# CONFIG_ATALK is not set
|
||||||
@ -845,9 +998,9 @@ CONFIG_NET_SWITCHDEV=y
|
|||||||
CONFIG_RPS=y
|
CONFIG_RPS=y
|
||||||
CONFIG_RFS_ACCEL=y
|
CONFIG_RFS_ACCEL=y
|
||||||
CONFIG_XPS=y
|
CONFIG_XPS=y
|
||||||
# CONFIG_SOCK_CGROUP_DATA is not set
|
CONFIG_SOCK_CGROUP_DATA=y
|
||||||
# CONFIG_CGROUP_NET_PRIO is not set
|
# CONFIG_CGROUP_NET_PRIO is not set
|
||||||
# CONFIG_CGROUP_NET_CLASSID is not set
|
CONFIG_CGROUP_NET_CLASSID=y
|
||||||
CONFIG_NET_RX_BUSY_POLL=y
|
CONFIG_NET_RX_BUSY_POLL=y
|
||||||
CONFIG_BQL=y
|
CONFIG_BQL=y
|
||||||
# CONFIG_BPF_JIT is not set
|
# CONFIG_BPF_JIT is not set
|
||||||
@ -1350,7 +1503,7 @@ CONFIG_NET_CORE=y
|
|||||||
# CONFIG_NET_POLL_CONTROLLER is not set
|
# CONFIG_NET_POLL_CONTROLLER is not set
|
||||||
CONFIG_TUN=y
|
CONFIG_TUN=y
|
||||||
# CONFIG_TUN_VNET_CROSS_LE is not set
|
# CONFIG_TUN_VNET_CROSS_LE is not set
|
||||||
# CONFIG_VETH is not set
|
CONFIG_VETH=y
|
||||||
CONFIG_VIRTIO_NET=y
|
CONFIG_VIRTIO_NET=y
|
||||||
# CONFIG_NLMON is not set
|
# CONFIG_NLMON is not set
|
||||||
# CONFIG_ARCNET is not set
|
# CONFIG_ARCNET is not set
|
||||||
|
Loading…
Reference in New Issue
Block a user