首頁 探索 說明
登入
oss
/
openadk
4
1
複刻 3
Files 問題管理 1 合併請求 0 Wiki
目錄樹: 25ff0c99fa
分支列表 標籤列表
openadk
/
target
/
linux
/
config
/
Config.in.netfilter.ebt

Config.in.netfilter.ebt 8.0 KB
文件歷史 原始文件

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273 
  1. config ADK_KERNEL_BRIDGE_NF_EBTABLES
    2. 

  2. 	prompt 'Ethernet Bridge tables support'
    3. 

  3. 	tristate
    4. 

  4. 	select ADK_KERNEL_BRIDGE_NETFILTER
    5. 

  5. 	default n
    6. 

  6. 	help
    7. 

  7. 	  ebtables is a general, extensible frame/packet identification
    8. 

  8. 	  framework. Say 'Y' or 'M' here if you want to do Ethernet
    9. 

  9. 	  filtering/NAT/brouting on the Ethernet bridge.
    10. 

  10. 

  11. config ADK_KERNEL_BRIDGE_EBT_BROUTE
    12. 

  12. 	prompt "broute table support"
    13. 

  13. 	tristate
    14. 

  14. 	depends on ADK_KERNEL_BRIDGE_NF_EBTABLES
    15. 

  15. 	default n
    16. 

  16. 	help
    17. 

  17. 	  The ebtables broute table is used to define rules that decide between
    18. 

  18. 	  bridging and routing frames, giving Linux the functionality of a
    19. 

  19. 	  brouter. See the man page for ebtables(8) and examples on the ebtables
    20. 

  20. 	  website.
    21. 

  21. 

  22. 	  To compile it as a module, choose M here.  If unsure, say N.
    23. 

  23. 

  24. config ADK_KERNEL_BRIDGE_EBT_T_FILTER
    25. 

  25. 	prompt "filter table support"
    26. 

  26. 	tristate
    27. 

  27. 	depends on ADK_KERNEL_BRIDGE_NF_EBTABLES
    28. 

  28. 	default n
    29. 

  29. 	help
    30. 

  30. 	  The ebtables filter table is used to define frame filtering rules at
    31. 

  31. 	  local input, forwarding and local output. See the man page for
    32. 

  32. 	  ebtables(8).
    33. 

  33. 

  34. 	  To compile it as a module, choose M here.  If unsure, say N.
    35. 

  35. 

  36. config ADK_KERNEL_BRIDGE_EBT_T_NAT
    37. 

  37. 	prompt "nat table support"
    38. 

  38. 	tristate
    39. 

  39. 	depends on ADK_KERNEL_BRIDGE_NF_EBTABLES
    40. 

  40. 	default n
    41. 

  41. 	help
    42. 

  42. 	  The ebtables nat table is used to define rules that alter the MAC
    43. 

  43. 	  source address (MAC SNAT) or the MAC destination address (MAC DNAT).
    44. 

  44. 	  See the man page for ebtables(8).
    45. 

  45. 

  46. 	  To compile it as a module, choose M here.  If unsure, say N.
    47. 

  47. #
    48. 

  48. # matches
    49. 

  49. #
    50. 

  50. config ADK_KERNEL_BRIDGE_EBT_802_3
    51. 

  51. 	prompt "802.3 filter support"
    52. 

  52. 	tristate
    53. 

  53. 	depends on ADK_KERNEL_BRIDGE_NF_EBTABLES
    54. 

  54. 	default n
    55. 

  55. 	help
    56. 

  56. 	  This option adds matching support for 802.3 Ethernet frames.
    57. 

  57. 

  58. 	  To compile it as a module, choose M here.  If unsure, say N.
    59. 

  59. 

  60. config ADK_KERNEL_BRIDGE_EBT_AMONG
    61. 

  61. 	prompt "among filter support"
    62. 

  62. 	tristate
    63. 

  63. 	depends on ADK_KERNEL_BRIDGE_NF_EBTABLES
    64. 

  64. 	default n
    65. 

  65. 	help
    66. 

  66. 	  This option adds the among match, which allows matching the MAC source
    67. 

  67. 	  and/or destination address on a list of addresses. Optionally,
    68. 

  68. 	  MAC/IP address pairs can be matched, f.e. for anti-spoofing rules.
    69. 

  69. 

  70. 	  To compile it as a module, choose M here.  If unsure, say N.
    71. 

  71. 

  72. config ADK_KERNEL_BRIDGE_EBT_ARP
    73. 

  73. 	prompt "ARP filter support"
    74. 

  74. 	tristate
    75. 

  75. 	depends on ADK_KERNEL_BRIDGE_NF_EBTABLES
    76. 

  76. 	default n
    77. 

  77. 	help
    78. 

  78. 	  This option adds the ARP match, which allows ARP and RARP header field
    79. 

  79. 	  filtering.
    80. 

  80. 

  81. 	  To compile it as a module, choose M here.  If unsure, say N.
    82. 

  82. 

  83. config ADK_KERNEL_BRIDGE_EBT_IP
    84. 

  84. 	prompt "IP filter support"
    85. 

  85. 	tristate
    86. 

  86. 	depends on ADK_KERNEL_BRIDGE_NF_EBTABLES
    87. 

  87. 	default n
    88. 

  88. 	help
    89. 

  89. 	  This option adds the IP match, which allows basic IP header field
    90. 

  90. 	  filtering.
    91. 

  91. 

  92. 	  To compile it as a module, choose M here.  If unsure, say N.
    93. 

  93. 

  94. config ADK_KERNEL_BRIDGE_EBT_IP6
    95. 

  95. 	prompt "IP6 filter support"
    96. 

  96. 	tristate
    97. 

  97. 	depends on ADK_KERNEL_BRIDGE_NF_EBTABLES && ADK_KERNEL_IPV6
    98. 

  98. 	default n
    99. 

  99. 	help
    100. 

  100. 	  This option adds the IP6 match, which allows basic IPV6 header field
    101. 

  101. 	  filtering.
    102. 

  102. 

  103. 	  To compile it as a module, choose M here.  If unsure, say N.
    104. 

  104. 

  105. config ADK_KERNEL_BRIDGE_EBT_LIMIT
    106. 

  106. 	prompt "limit match support"
    107. 

  107. 	tristate
    108. 

  108. 	depends on ADK_KERNEL_BRIDGE_NF_EBTABLES
    109. 

  109. 	default n
    110. 

  110. 	help
    111. 

  111. 	  This option adds the limit match, which allows you to control
    112. 

  112. 	  the rate at which a rule can be matched. This match is the
    113. 

  113. 	  equivalent of the iptables limit match.
    114. 

  114. 

  115. 	  If you want to compile it as a module, say M here and read
    116. 

  116. 	  <file:Documentation/kbuild/modules.txt>.  If unsure, say `N'.
    117. 

  117. 

  118. config ADK_KERNEL_BRIDGE_EBT_MARK
    119. 

  119. 	prompt "mark filter support"
    120. 

  120. 	tristate
    121. 

  121. 	depends on ADK_KERNEL_BRIDGE_NF_EBTABLES
    122. 

  122. 	default n
    123. 

  123. 	help
    124. 

  124. 	  This option adds the mark match, which allows matching frames based on
    125. 

  125. 	  the 'nfmark' value in the frame. This can be set by the mark target.
    126. 

  126. 	  This value is the same as the one used in the iptables mark match and
    127. 

  127. 	  target.
    128. 

  128. 

  129. 	  To compile it as a module, choose M here.  If unsure, say N.
    130. 

  130. 

  131. config ADK_KERNEL_BRIDGE_EBT_PKTTYPE
    132. 

  132. 	prompt "packet type filter support"
    133. 

  133. 	tristate
    134. 

  134. 	depends on ADK_KERNEL_BRIDGE_NF_EBTABLES
    135. 

  135. 	default n
    136. 

  136. 	help
    137. 

  137. 	  This option adds the packet type match, which allows matching on the
    138. 

  138. 	  type of packet based on its Ethernet "class" (as determined by
    139. 

  139. 	  the generic networking code): broadcast, multicast,
    140. 

  140. 	  for this host alone or for another host.
    141. 

  141. 

  142. 	  To compile it as a module, choose M here.  If unsure, say N.
    143. 

  143. 

  144. config ADK_KERNEL_BRIDGE_EBT_STP
    145. 

  145. 	prompt "STP filter support"
    146. 

  146. 	tristate
    147. 

  147. 	depends on ADK_KERNEL_BRIDGE_NF_EBTABLES
    148. 

  148. 	default n
    149. 

  149. 	help
    150. 

  150. 	  This option adds the Spanning Tree Protocol match, which
    151. 

  151. 	  allows STP header field filtering.
    152. 

  152. 

  153. 	  To compile it as a module, choose M here.  If unsure, say N.
    154. 

  154. 

  155. config ADK_KERNEL_BRIDGE_EBT_VLAN
    156. 

  156. 	prompt "802.1Q VLAN filter support"
    157. 

  157. 	tristate
    158. 

  158. 	depends on ADK_KERNEL_BRIDGE_NF_EBTABLES
    159. 

  159. 	default n
    160. 

  160. 	help
    161. 

  161. 	  This option adds the 802.1Q vlan match, which allows the filtering of
    162. 

  162. 	  802.1Q vlan fields.
    163. 

  163. 

  164. 	  To compile it as a module, choose M here.  If unsure, say N.
    165. 

  165. #
    166. 

  166. # targets
    167. 

  167. #
    168. 

  168. config ADK_KERNEL_BRIDGE_EBT_ARPREPLY
    169. 

  169. 	prompt "arp reply target support"
    170. 

  170. 	tristate
    171. 

  171. 	depends on ADK_KERNEL_BRIDGE_NF_EBTABLES
    172. 

  172. 	default n
    173. 

  173. 	help
    174. 

  174. 	  This option adds the arp reply target, which allows
    175. 

  175. 	  automatically sending arp replies to arp requests.
    176. 

  176. 

  177. 	  To compile it as a module, choose M here.  If unsure, say N.
    178. 

  178. 

  179. config ADK_KERNEL_BRIDGE_EBT_DNAT
    180. 

  180. 	prompt "dnat target support"
    181. 

  181. 	tristate
    182. 

  182. 	depends on ADK_KERNEL_BRIDGE_NF_EBTABLES
    183. 

  183. 	default n
    184. 

  184. 	help
    185. 

  185. 	  This option adds the MAC DNAT target, which allows altering the MAC
    186. 

  186. 	  destination address of frames.
    187. 

  187. 

  188. 	  To compile it as a module, choose M here.  If unsure, say N.
    189. 

  189. 

  190. config ADK_KERNEL_BRIDGE_EBT_MARK_T
    191. 

  191. 	prompt "mark target support"
    192. 

  192. 	tristate
    193. 

  193. 	depends on ADK_KERNEL_BRIDGE_NF_EBTABLES
    194. 

  194. 	default n
    195. 

  195. 	help
    196. 

  196. 	  This option adds the mark target, which allows marking frames by
    197. 

  197. 	  setting the 'nfmark' value in the frame.
    198. 

  198. 	  This value is the same as the one used in the iptables mark match and
    199. 

  199. 	  target.
    200. 

  200. 

  201. 	  To compile it as a module, choose M here.  If unsure, say N.
    202. 

  202. 

  203. config ADK_KERNEL_BRIDGE_EBT_REDIRECT
    204. 

  204. 	prompt "redirect target support"
    205. 

  205. 	tristate
    206. 

  206. 	depends on ADK_KERNEL_BRIDGE_NF_EBTABLES
    207. 

  207. 	default n
    208. 

  208. 	help
    209. 

  209. 	  This option adds the MAC redirect target, which allows altering the MAC
    210. 

  210. 	  destination address of a frame to that of the device it arrived on.
    211. 

  211. 

  212. 	  To compile it as a module, choose M here.  If unsure, say N.
    213. 

  213. 

  214. config ADK_KERNEL_BRIDGE_EBT_SNAT
    215. 

  215. 	prompt "snat target support"
    216. 

  216. 	tristate
    217. 

  217. 	depends on ADK_KERNEL_BRIDGE_NF_EBTABLES
    218. 

  218. 	default n
    219. 

  219. 	help
    220. 

  220. 	  This option adds the MAC SNAT target, which allows altering the MAC
    221. 

  221. 	  source address of frames.
    222. 

  222. 

  223. 	  To compile it as a module, choose M here.  If unsure, say N.
    224. 

  224. #
    225. 

  225. # watchers
    226. 

  226. #
    227. 

  227. config ADK_KERNEL_BRIDGE_EBT_LOG
    228. 

  228. 	prompt "log support"
    229. 

  229. 	tristate
    230. 

  230. 	depends on ADK_KERNEL_BRIDGE_NF_EBTABLES
    231. 

  231. 	default n
    232. 

  232. 	help
    233. 

  233. 	  This option adds the log watcher, that you can use in any rule
    234. 

  234. 	  in any ebtables table. It records info about the frame header
    235. 

  235. 	  to the syslog.
    236. 

  236. 

  237. 	  To compile it as a module, choose M here.  If unsure, say N.
    238. 

  238. 

  239. config ADK_KERNEL_BRIDGE_EBT_ULOG
    240. 

  240. 	prompt "ulog support"
    241. 

  241. 	tristate
    242. 

  242. 	depends on ADK_KERNEL_BRIDGE_NF_EBTABLES
    243. 

  243. 	default n
    244. 

  244. 	help
    245. 

  245. 	  This option enables the old bridge-specific "ebt_ulog" implementation
    246. 

  246. 	  which has been obsoleted by the new "nfnetlink_log" code (see
    247. 

  247. 	  CONFIG_NETFILTER_NETLINK_LOG).
    248. 

  248. 

  249. 	  This option adds the ulog watcher, that you can use in any rule
    250. 

  250. 	  in any ebtables table. The packet is passed to a userspace
    251. 

  251. 	  logging daemon using netlink multicast sockets. This differs
    252. 

  252. 	  from the log watcher in the sense that the complete packet is
    253. 

  253. 	  sent to userspace instead of a descriptive text and that
    254. 

  254. 	  netlink multicast sockets are used instead of the syslog.
    255. 

  255. 

  256. 	  To compile it as a module, choose M here.  If unsure, say N.
    257. 

  257. 

  258. config ADK_KERNEL_BRIDGE_EBT_NFLOG
    259. 

  259. 	prompt "nflog support"
    260. 

  260. 	tristate
    261. 

  261. 	depends on ADK_KERNEL_BRIDGE_NF_EBTABLES
    262. 

  262. 	default n
    263. 

  263. 	help
    264. 

  264. 	  This option enables the nflog watcher, which allows to LOG
    265. 

  265. 	  messages through the netfilter logging API, which can use
    266. 

  266. 	  either the old LOG target, the old ULOG target or nfnetlink_log
    267. 

  267. 	  as backend.
    268. 

  268. 

  269. 	  This option adds the nflog watcher, that you can use in any rule
    270. 

  270. 	  in any ebtables table.
    271. 

  271. 

  272. 	  To compile it as a module, choose M here.  If unsure, say N.
    273. 

  273.