Home Explore Help
Sign In
oss
/
openadk
4
1
Fork 3
Files Issues 1 Pull Requests 0 Wiki
Tree: 888a0d2203
Branches Tags
openadk
/
target
/
linux
/
config
/
Config.in.netfilter.ebt

Config.in.netfilter.ebt 8.1 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274 
  1. config ADK_KERNEL_BRIDGE_NF_EBTABLES
    2. 

  2. 	prompt 'Ethernet Bridge tables support'
    3. 

  3. 	tristate
    4. 

  4. 	select ADK_KERNEL_BRIDGE_NETFILTER
    5. 

  5. 	default m if ADK_PACKAGE_EBTABLES
    6. 

  6. 	default n
    7. 

  7. 	help
    8. 

  8. 	  ebtables is a general, extensible frame/packet identification
    9. 

  9. 	  framework. Say 'Y' or 'M' here if you want to do Ethernet
    10. 

  10. 	  filtering/NAT/brouting on the Ethernet bridge.
    11. 

  11. 

  12. config ADK_KERNEL_BRIDGE_EBT_BROUTE
    13. 

  13. 	prompt "broute table support"
    14. 

  14. 	tristate
    15. 

  15. 	depends on ADK_KERNEL_BRIDGE_NF_EBTABLES
    16. 

  16. 	default n
    17. 

  17. 	help
    18. 

  18. 	  The ebtables broute table is used to define rules that decide between
    19. 

  19. 	  bridging and routing frames, giving Linux the functionality of a
    20. 

  20. 	  brouter. See the man page for ebtables(8) and examples on the ebtables
    21. 

  21. 	  website.
    22. 

  22. 

  23. 	  To compile it as a module, choose M here.  If unsure, say N.
    24. 

  24. 

  25. config ADK_KERNEL_BRIDGE_EBT_T_FILTER
    26. 

  26. 	prompt "filter table support"
    27. 

  27. 	tristate
    28. 

  28. 	depends on ADK_KERNEL_BRIDGE_NF_EBTABLES
    29. 

  29. 	default n
    30. 

  30. 	help
    31. 

  31. 	  The ebtables filter table is used to define frame filtering rules at
    32. 

  32. 	  local input, forwarding and local output. See the man page for
    33. 

  33. 	  ebtables(8).
    34. 

  34. 

  35. 	  To compile it as a module, choose M here.  If unsure, say N.
    36. 

  36. 

  37. config ADK_KERNEL_BRIDGE_EBT_T_NAT
    38. 

  38. 	prompt "nat table support"
    39. 

  39. 	tristate
    40. 

  40. 	depends on ADK_KERNEL_BRIDGE_NF_EBTABLES
    41. 

  41. 	default n
    42. 

  42. 	help
    43. 

  43. 	  The ebtables nat table is used to define rules that alter the MAC
    44. 

  44. 	  source address (MAC SNAT) or the MAC destination address (MAC DNAT).
    45. 

  45. 	  See the man page for ebtables(8).
    46. 

  46. 

  47. 	  To compile it as a module, choose M here.  If unsure, say N.
    48. 

  48. #
    49. 

  49. # matches
    50. 

  50. #
    51. 

  51. config ADK_KERNEL_BRIDGE_EBT_802_3
    52. 

  52. 	prompt "802.3 filter support"
    53. 

  53. 	tristate
    54. 

  54. 	depends on ADK_KERNEL_BRIDGE_NF_EBTABLES
    55. 

  55. 	default n
    56. 

  56. 	help
    57. 

  57. 	  This option adds matching support for 802.3 Ethernet frames.
    58. 

  58. 

  59. 	  To compile it as a module, choose M here.  If unsure, say N.
    60. 

  60. 

  61. config ADK_KERNEL_BRIDGE_EBT_AMONG
    62. 

  62. 	prompt "among filter support"
    63. 

  63. 	tristate
    64. 

  64. 	depends on ADK_KERNEL_BRIDGE_NF_EBTABLES
    65. 

  65. 	default n
    66. 

  66. 	help
    67. 

  67. 	  This option adds the among match, which allows matching the MAC source
    68. 

  68. 	  and/or destination address on a list of addresses. Optionally,
    69. 

  69. 	  MAC/IP address pairs can be matched, f.e. for anti-spoofing rules.
    70. 

  70. 

  71. 	  To compile it as a module, choose M here.  If unsure, say N.
    72. 

  72. 

  73. config ADK_KERNEL_BRIDGE_EBT_ARP
    74. 

  74. 	prompt "ARP filter support"
    75. 

  75. 	tristate
    76. 

  76. 	depends on ADK_KERNEL_BRIDGE_NF_EBTABLES
    77. 

  77. 	default n
    78. 

  78. 	help
    79. 

  79. 	  This option adds the ARP match, which allows ARP and RARP header field
    80. 

  80. 	  filtering.
    81. 

  81. 

  82. 	  To compile it as a module, choose M here.  If unsure, say N.
    83. 

  83. 

  84. config ADK_KERNEL_BRIDGE_EBT_IP
    85. 

  85. 	prompt "IP filter support"
    86. 

  86. 	tristate
    87. 

  87. 	depends on ADK_KERNEL_BRIDGE_NF_EBTABLES
    88. 

  88. 	default n
    89. 

  89. 	help
    90. 

  90. 	  This option adds the IP match, which allows basic IP header field
    91. 

  91. 	  filtering.
    92. 

  92. 

  93. 	  To compile it as a module, choose M here.  If unsure, say N.
    94. 

  94. 

  95. config ADK_KERNEL_BRIDGE_EBT_IP6
    96. 

  96. 	prompt "IP6 filter support"
    97. 

  97. 	tristate
    98. 

  98. 	depends on ADK_KERNEL_BRIDGE_NF_EBTABLES && ADK_KERNEL_IPV6
    99. 

  99. 	default n
    100. 

  100. 	help
    101. 

  101. 	  This option adds the IP6 match, which allows basic IPV6 header field
    102. 

  102. 	  filtering.
    103. 

  103. 

  104. 	  To compile it as a module, choose M here.  If unsure, say N.
    105. 

  105. 

  106. config ADK_KERNEL_BRIDGE_EBT_LIMIT
    107. 

  107. 	prompt "limit match support"
    108. 

  108. 	tristate
    109. 

  109. 	depends on ADK_KERNEL_BRIDGE_NF_EBTABLES
    110. 

  110. 	default n
    111. 

  111. 	help
    112. 

  112. 	  This option adds the limit match, which allows you to control
    113. 

  113. 	  the rate at which a rule can be matched. This match is the
    114. 

  114. 	  equivalent of the iptables limit match.
    115. 

  115. 

  116. 	  If you want to compile it as a module, say M here and read
    117. 

  117. 	  <file:Documentation/kbuild/modules.txt>.  If unsure, say `N'.
    118. 

  118. 

  119. config ADK_KERNEL_BRIDGE_EBT_MARK
    120. 

  120. 	prompt "mark filter support"
    121. 

  121. 	tristate
    122. 

  122. 	depends on ADK_KERNEL_BRIDGE_NF_EBTABLES
    123. 

  123. 	default n
    124. 

  124. 	help
    125. 

  125. 	  This option adds the mark match, which allows matching frames based on
    126. 

  126. 	  the 'nfmark' value in the frame. This can be set by the mark target.
    127. 

  127. 	  This value is the same as the one used in the iptables mark match and
    128. 

  128. 	  target.
    129. 

  129. 

  130. 	  To compile it as a module, choose M here.  If unsure, say N.
    131. 

  131. 

  132. config ADK_KERNEL_BRIDGE_EBT_PKTTYPE
    133. 

  133. 	prompt "packet type filter support"
    134. 

  134. 	tristate
    135. 

  135. 	depends on ADK_KERNEL_BRIDGE_NF_EBTABLES
    136. 

  136. 	default n
    137. 

  137. 	help
    138. 

  138. 	  This option adds the packet type match, which allows matching on the
    139. 

  139. 	  type of packet based on its Ethernet "class" (as determined by
    140. 

  140. 	  the generic networking code): broadcast, multicast,
    141. 

  141. 	  for this host alone or for another host.
    142. 

  142. 

  143. 	  To compile it as a module, choose M here.  If unsure, say N.
    144. 

  144. 

  145. config ADK_KERNEL_BRIDGE_EBT_STP
    146. 

  146. 	prompt "STP filter support"
    147. 

  147. 	tristate
    148. 

  148. 	depends on ADK_KERNEL_BRIDGE_NF_EBTABLES
    149. 

  149. 	default n
    150. 

  150. 	help
    151. 

  151. 	  This option adds the Spanning Tree Protocol match, which
    152. 

  152. 	  allows STP header field filtering.
    153. 

  153. 

  154. 	  To compile it as a module, choose M here.  If unsure, say N.
    155. 

  155. 

  156. config ADK_KERNEL_BRIDGE_EBT_VLAN
    157. 

  157. 	prompt "802.1Q VLAN filter support"
    158. 

  158. 	tristate
    159. 

  159. 	depends on ADK_KERNEL_BRIDGE_NF_EBTABLES
    160. 

  160. 	default n
    161. 

  161. 	help
    162. 

  162. 	  This option adds the 802.1Q vlan match, which allows the filtering of
    163. 

  163. 	  802.1Q vlan fields.
    164. 

  164. 

  165. 	  To compile it as a module, choose M here.  If unsure, say N.
    166. 

  166. #
    167. 

  167. # targets
    168. 

  168. #
    169. 

  169. config ADK_KERNEL_BRIDGE_EBT_ARPREPLY
    170. 

  170. 	prompt "arp reply target support"
    171. 

  171. 	tristate
    172. 

  172. 	depends on ADK_KERNEL_BRIDGE_NF_EBTABLES
    173. 

  173. 	default n
    174. 

  174. 	help
    175. 

  175. 	  This option adds the arp reply target, which allows
    176. 

  176. 	  automatically sending arp replies to arp requests.
    177. 

  177. 

  178. 	  To compile it as a module, choose M here.  If unsure, say N.
    179. 

  179. 

  180. config ADK_KERNEL_BRIDGE_EBT_DNAT
    181. 

  181. 	prompt "dnat target support"
    182. 

  182. 	tristate
    183. 

  183. 	depends on ADK_KERNEL_BRIDGE_NF_EBTABLES
    184. 

  184. 	default n
    185. 

  185. 	help
    186. 

  186. 	  This option adds the MAC DNAT target, which allows altering the MAC
    187. 

  187. 	  destination address of frames.
    188. 

  188. 

  189. 	  To compile it as a module, choose M here.  If unsure, say N.
    190. 

  190. 

  191. config ADK_KERNEL_BRIDGE_EBT_MARK_T
    192. 

  192. 	prompt "mark target support"
    193. 

  193. 	tristate
    194. 

  194. 	depends on ADK_KERNEL_BRIDGE_NF_EBTABLES
    195. 

  195. 	default n
    196. 

  196. 	help
    197. 

  197. 	  This option adds the mark target, which allows marking frames by
    198. 

  198. 	  setting the 'nfmark' value in the frame.
    199. 

  199. 	  This value is the same as the one used in the iptables mark match and
    200. 

  200. 	  target.
    201. 

  201. 

  202. 	  To compile it as a module, choose M here.  If unsure, say N.
    203. 

  203. 

  204. config ADK_KERNEL_BRIDGE_EBT_REDIRECT
    205. 

  205. 	prompt "redirect target support"
    206. 

  206. 	tristate
    207. 

  207. 	depends on ADK_KERNEL_BRIDGE_NF_EBTABLES
    208. 

  208. 	default n
    209. 

  209. 	help
    210. 

  210. 	  This option adds the MAC redirect target, which allows altering the MAC
    211. 

  211. 	  destination address of a frame to that of the device it arrived on.
    212. 

  212. 

  213. 	  To compile it as a module, choose M here.  If unsure, say N.
    214. 

  214. 

  215. config ADK_KERNEL_BRIDGE_EBT_SNAT
    216. 

  216. 	prompt "snat target support"
    217. 

  217. 	tristate
    218. 

  218. 	depends on ADK_KERNEL_BRIDGE_NF_EBTABLES
    219. 

  219. 	default n
    220. 

  220. 	help
    221. 

  221. 	  This option adds the MAC SNAT target, which allows altering the MAC
    222. 

  222. 	  source address of frames.
    223. 

  223. 

  224. 	  To compile it as a module, choose M here.  If unsure, say N.
    225. 

  225. #
    226. 

  226. # watchers
    227. 

  227. #
    228. 

  228. config ADK_KERNEL_BRIDGE_EBT_LOG
    229. 

  229. 	prompt "log support"
    230. 

  230. 	tristate
    231. 

  231. 	depends on ADK_KERNEL_BRIDGE_NF_EBTABLES
    232. 

  232. 	default n
    233. 

  233. 	help
    234. 

  234. 	  This option adds the log watcher, that you can use in any rule
    235. 

  235. 	  in any ebtables table. It records info about the frame header
    236. 

  236. 	  to the syslog.
    237. 

  237. 

  238. 	  To compile it as a module, choose M here.  If unsure, say N.
    239. 

  239. 

  240. config ADK_KERNEL_BRIDGE_EBT_ULOG
    241. 

  241. 	prompt "ulog support"
    242. 

  242. 	tristate
    243. 

  243. 	depends on ADK_KERNEL_BRIDGE_NF_EBTABLES
    244. 

  244. 	default n
    245. 

  245. 	help
    246. 

  246. 	  This option enables the old bridge-specific "ebt_ulog" implementation
    247. 

  247. 	  which has been obsoleted by the new "nfnetlink_log" code (see
    248. 

  248. 	  CONFIG_NETFILTER_NETLINK_LOG).
    249. 

  249. 

  250. 	  This option adds the ulog watcher, that you can use in any rule
    251. 

  251. 	  in any ebtables table. The packet is passed to a userspace
    252. 

  252. 	  logging daemon using netlink multicast sockets. This differs
    253. 

  253. 	  from the log watcher in the sense that the complete packet is
    254. 

  254. 	  sent to userspace instead of a descriptive text and that
    255. 

  255. 	  netlink multicast sockets are used instead of the syslog.
    256. 

  256. 

  257. 	  To compile it as a module, choose M here.  If unsure, say N.
    258. 

  258. 

  259. config ADK_KERNEL_BRIDGE_EBT_NFLOG
    260. 

  260. 	prompt "nflog support"
    261. 

  261. 	tristate
    262. 

  262. 	depends on ADK_KERNEL_BRIDGE_NF_EBTABLES
    263. 

  263. 	default n
    264. 

  264. 	help
    265. 

  265. 	  This option enables the nflog watcher, which allows to LOG
    266. 

  266. 	  messages through the netfilter logging API, which can use
    267. 

  267. 	  either the old LOG target, the old ULOG target or nfnetlink_log
    268. 

  268. 	  as backend.
    269. 

  269. 

  270. 	  This option adds the nflog watcher, that you can use in any rule
    271. 

  271. 	  in any ebtables table.
    272. 

  272. 

  273. 	  To compile it as a module, choose M here.  If unsure, say N.
    274. 

  274.