Home Explore Help
Sign In
oss
/
openadk
4
1
Fork 3
Files Issues 1 Pull Requests 0 Wiki
Tree: d973019721
Branches Tags
openadk
/
target
/
linux
/
config
/
Config.in.netfilter.ebt

Config.in.netfilter.ebt 8.0 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229 
  1. config ADK_KPACKAGE_KMOD_BRIDGE_NF_EBTABLES
    2. 

  2. 	tristate 'Ethernet Bridge tables (ebtables) support'
    3. 

  3. 	select ADK_KERNEL_BRIDGE_NETFILTER
    4. 

  4. 	help
    5. 

  5. 	  ebtables is a general, extensible frame/packet identification
    6. 

  6. 	  framework. Say 'Y' or 'M' here if you want to do Ethernet
    7. 

  7. 	  filtering/NAT/brouting on the Ethernet bridge.
    8. 

  8. 

  9. config ADK_KPACKAGE_KMOD_BRIDGE_EBT_BROUTE
    10. 

  10. 	tristate "ebt: broute table support"
    11. 

  11. 	depends on ADK_KPACKAGE_KMOD_BRIDGE_NF_EBTABLES
    12. 

  12. 	help
    13. 

  13. 	  The ebtables broute table is used to define rules that decide between
    14. 

  14. 	  bridging and routing frames, giving Linux the functionality of a
    15. 

  15. 	  brouter. See the man page for ebtables(8) and examples on the ebtables
    16. 

  16. 	  website.
    17. 

  17. 

  18. 	  To compile it as a module, choose M here.  If unsure, say N.
    19. 

  19. 

  20. config ADK_KPACKAGE_KMOD_BRIDGE_EBT_T_FILTER
    21. 

  21. 	tristate "ebt: filter table support"
    22. 

  22. 	depends on ADK_KPACKAGE_KMOD_BRIDGE_NF_EBTABLES
    23. 

  23. 	help
    24. 

  24. 	  The ebtables filter table is used to define frame filtering rules at
    25. 

  25. 	  local input, forwarding and local output. See the man page for
    26. 

  26. 	  ebtables(8).
    27. 

  27. 

  28. 	  To compile it as a module, choose M here.  If unsure, say N.
    29. 

  29. 

  30. config ADK_KPACKAGE_KMOD_BRIDGE_EBT_T_NAT
    31. 

  31. 	tristate "ebt: nat table support"
    32. 

  32. 	depends on ADK_KPACKAGE_KMOD_BRIDGE_NF_EBTABLES
    33. 

  33. 	help
    34. 

  34. 	  The ebtables nat table is used to define rules that alter the MAC
    35. 

  35. 	  source address (MAC SNAT) or the MAC destination address (MAC DNAT).
    36. 

  36. 	  See the man page for ebtables(8).
    37. 

  37. 

  38. 	  To compile it as a module, choose M here.  If unsure, say N.
    39. 

  39. #
    40. 

  40. # matches
    41. 

  41. #
    42. 

  42. config ADK_KPACKAGE_KMOD_BRIDGE_EBT_802_3
    43. 

  43. 	tristate "ebt: 802.3 filter support"
    44. 

  44. 	depends on ADK_KPACKAGE_KMOD_BRIDGE_NF_EBTABLES
    45. 

  45. 	help
    46. 

  46. 	  This option adds matching support for 802.3 Ethernet frames.
    47. 

  47. 

  48. 	  To compile it as a module, choose M here.  If unsure, say N.
    49. 

  49. 

  50. config ADK_KPACKAGE_KMOD_BRIDGE_EBT_AMONG
    51. 

  51. 	tristate "ebt: among filter support"
    52. 

  52. 	depends on ADK_KPACKAGE_KMOD_BRIDGE_NF_EBTABLES
    53. 

  53. 	help
    54. 

  54. 	  This option adds the among match, which allows matching the MAC source
    55. 

  55. 	  and/or destination address on a list of addresses. Optionally,
    56. 

  56. 	  MAC/IP address pairs can be matched, f.e. for anti-spoofing rules.
    57. 

  57. 

  58. 	  To compile it as a module, choose M here.  If unsure, say N.
    59. 

  59. 

  60. config ADK_KPACKAGE_KMOD_BRIDGE_EBT_ARP
    61. 

  61. 	tristate "ebt: ARP filter support"
    62. 

  62. 	depends on ADK_KPACKAGE_KMOD_BRIDGE_NF_EBTABLES
    63. 

  63. 	help
    64. 

  64. 	  This option adds the ARP match, which allows ARP and RARP header field
    65. 

  65. 	  filtering.
    66. 

  66. 

  67. 	  To compile it as a module, choose M here.  If unsure, say N.
    68. 

  68. 

  69. config ADK_KPACKAGE_KMOD_BRIDGE_EBT_IP
    70. 

  70. 	tristate "ebt: IP filter support"
    71. 

  71. 	depends on ADK_KPACKAGE_KMOD_BRIDGE_NF_EBTABLES
    72. 

  72. 	help
    73. 

  73. 	  This option adds the IP match, which allows basic IP header field
    74. 

  74. 	  filtering.
    75. 

  75. 

  76. 	  To compile it as a module, choose M here.  If unsure, say N.
    77. 

  77. 

  78. config ADK_KPACKAGE_KMOD_BRIDGE_EBT_IP6
    79. 

  79. 	tristate "ebt: IP6 filter support"
    80. 

  80. 	depends on ADK_KPACKAGE_KMOD_BRIDGE_NF_EBTABLES && ADK_KPACKAGE_KMOD_IPV6
    81. 

  81. 	help
    82. 

  82. 	  This option adds the IP6 match, which allows basic IPV6 header field
    83. 

  83. 	  filtering.
    84. 

  84. 

  85. 	  To compile it as a module, choose M here.  If unsure, say N.
    86. 

  86. 

  87. config ADK_KPACKAGE_KMOD_BRIDGE_EBT_LIMIT
    88. 

  88. 	tristate "ebt: limit match support"
    89. 

  89. 	depends on ADK_KPACKAGE_KMOD_BRIDGE_NF_EBTABLES
    90. 

  90. 	help
    91. 

  91. 	  This option adds the limit match, which allows you to control
    92. 

  92. 	  the rate at which a rule can be matched. This match is the
    93. 

  93. 	  equivalent of the iptables limit match.
    94. 

  94. 

  95. 	  If you want to compile it as a module, say M here and read
    96. 

  96. 	  <file:Documentation/kbuild/modules.txt>.  If unsure, say `N'.
    97. 

  97. 

  98. config ADK_KPACKAGE_KMOD_BRIDGE_EBT_MARK
    99. 

  99. 	tristate "ebt: mark filter support"
    100. 

  100. 	depends on ADK_KPACKAGE_KMOD_BRIDGE_NF_EBTABLES
    101. 

  101. 	help
    102. 

  102. 	  This option adds the mark match, which allows matching frames based on
    103. 

  103. 	  the 'nfmark' value in the frame. This can be set by the mark target.
    104. 

  104. 	  This value is the same as the one used in the iptables mark match and
    105. 

  105. 	  target.
    106. 

  106. 

  107. 	  To compile it as a module, choose M here.  If unsure, say N.
    108. 

  108. 

  109. config ADK_KPACKAGE_KMOD_BRIDGE_EBT_PKTTYPE
    110. 

  110. 	tristate "ebt: packet type filter support"
    111. 

  111. 	depends on ADK_KPACKAGE_KMOD_BRIDGE_NF_EBTABLES
    112. 

  112. 	help
    113. 

  113. 	  This option adds the packet type match, which allows matching on the
    114. 

  114. 	  type of packet based on its Ethernet "class" (as determined by
    115. 

  115. 	  the generic networking code): broadcast, multicast,
    116. 

  116. 	  for this host alone or for another host.
    117. 

  117. 

  118. 	  To compile it as a module, choose M here.  If unsure, say N.
    119. 

  119. 

  120. config ADK_KPACKAGE_KMOD_BRIDGE_EBT_STP
    121. 

  121. 	tristate "ebt: STP filter support"
    122. 

  122. 	depends on ADK_KPACKAGE_KMOD_BRIDGE_NF_EBTABLES
    123. 

  123. 	help
    124. 

  124. 	  This option adds the Spanning Tree Protocol match, which
    125. 

  125. 	  allows STP header field filtering.
    126. 

  126. 

  127. 	  To compile it as a module, choose M here.  If unsure, say N.
    128. 

  128. 

  129. config ADK_KPACKAGE_KMOD_BRIDGE_EBT_VLAN
    130. 

  130. 	tristate "ebt: 802.1Q VLAN filter support"
    131. 

  131. 	depends on ADK_KPACKAGE_KMOD_BRIDGE_NF_EBTABLES
    132. 

  132. 	help
    133. 

  133. 	  This option adds the 802.1Q vlan match, which allows the filtering of
    134. 

  134. 	  802.1Q vlan fields.
    135. 

  135. 

  136. 	  To compile it as a module, choose M here.  If unsure, say N.
    137. 

  137. #
    138. 

  138. # targets
    139. 

  139. #
    140. 

  140. config ADK_KPACKAGE_KMOD_BRIDGE_EBT_ARPREPLY
    141. 

  141. 	tristate "ebt: arp reply target support"
    142. 

  142. 	depends on ADK_KPACKAGE_KMOD_BRIDGE_NF_EBTABLES
    143. 

  143. 	help
    144. 

  144. 	  This option adds the arp reply target, which allows
    145. 

  145. 	  automatically sending arp replies to arp requests.
    146. 

  146. 

  147. 	  To compile it as a module, choose M here.  If unsure, say N.
    148. 

  148. 

  149. config ADK_KPACKAGE_KMOD_BRIDGE_EBT_DNAT
    150. 

  150. 	tristate "ebt: dnat target support"
    151. 

  151. 	depends on ADK_KPACKAGE_KMOD_BRIDGE_NF_EBTABLES
    152. 

  152. 	help
    153. 

  153. 	  This option adds the MAC DNAT target, which allows altering the MAC
    154. 

  154. 	  destination address of frames.
    155. 

  155. 

  156. 	  To compile it as a module, choose M here.  If unsure, say N.
    157. 

  157. 

  158. config ADK_KPACKAGE_KMOD_BRIDGE_EBT_MARK_T
    159. 

  159. 	tristate "ebt: mark target support"
    160. 

  160. 	depends on ADK_KPACKAGE_KMOD_BRIDGE_NF_EBTABLES
    161. 

  161. 	help
    162. 

  162. 	  This option adds the mark target, which allows marking frames by
    163. 

  163. 	  setting the 'nfmark' value in the frame.
    164. 

  164. 	  This value is the same as the one used in the iptables mark match and
    165. 

  165. 	  target.
    166. 

  166. 

  167. 	  To compile it as a module, choose M here.  If unsure, say N.
    168. 

  168. 

  169. config ADK_KPACKAGE_KMOD_BRIDGE_EBT_REDIRECT
    170. 

  170. 	tristate "ebt: redirect target support"
    171. 

  171. 	depends on ADK_KPACKAGE_KMOD_BRIDGE_NF_EBTABLES
    172. 

  172. 	help
    173. 

  173. 	  This option adds the MAC redirect target, which allows altering the MAC
    174. 

  174. 	  destination address of a frame to that of the device it arrived on.
    175. 

  175. 

  176. 	  To compile it as a module, choose M here.  If unsure, say N.
    177. 

  177. 

  178. config ADK_KPACKAGE_KMOD_BRIDGE_EBT_SNAT
    179. 

  179. 	tristate "ebt: snat target support"
    180. 

  180. 	depends on ADK_KPACKAGE_KMOD_BRIDGE_NF_EBTABLES
    181. 

  181. 	help
    182. 

  182. 	  This option adds the MAC SNAT target, which allows altering the MAC
    183. 

  183. 	  source address of frames.
    184. 

  184. 

  185. 	  To compile it as a module, choose M here.  If unsure, say N.
    186. 

  186. #
    187. 

  187. # watchers
    188. 

  188. #
    189. 

  189. config ADK_KPACKAGE_KMOD_BRIDGE_EBT_LOG
    190. 

  190. 	tristate "ebt: log support"
    191. 

  191. 	depends on ADK_KPACKAGE_KMOD_BRIDGE_NF_EBTABLES
    192. 

  192. 	help
    193. 

  193. 	  This option adds the log watcher, that you can use in any rule
    194. 

  194. 	  in any ebtables table. It records info about the frame header
    195. 

  195. 	  to the syslog.
    196. 

  196. 

  197. 	  To compile it as a module, choose M here.  If unsure, say N.
    198. 

  198. 

  199. config ADK_KPACKAGE_KMOD_BRIDGE_EBT_ULOG
    200. 

  200. 	tristate "ebt: ulog support (OBSOLETE)"
    201. 

  201. 	depends on ADK_KPACKAGE_KMOD_BRIDGE_NF_EBTABLES
    202. 

  202. 	help
    203. 

  203. 	  This option enables the old bridge-specific "ebt_ulog" implementation
    204. 

  204. 	  which has been obsoleted by the new "nfnetlink_log" code (see
    205. 

  205. 	  CONFIG_NETFILTER_NETLINK_LOG).
    206. 

  206. 

  207. 	  This option adds the ulog watcher, that you can use in any rule
    208. 

  208. 	  in any ebtables table. The packet is passed to a userspace
    209. 

  209. 	  logging daemon using netlink multicast sockets. This differs
    210. 

  210. 	  from the log watcher in the sense that the complete packet is
    211. 

  211. 	  sent to userspace instead of a descriptive text and that
    212. 

  212. 	  netlink multicast sockets are used instead of the syslog.
    213. 

  213. 

  214. 	  To compile it as a module, choose M here.  If unsure, say N.
    215. 

  215. 

  216. config ADK_KPACKAGE_KMOD_BRIDGE_EBT_NFLOG
    217. 

  217. 	tristate "ebt: nflog support"
    218. 

  218. 	depends on ADK_KPACKAGE_KMOD_BRIDGE_NF_EBTABLES
    219. 

  219. 	help
    220. 

  220. 	  This option enables the nflog watcher, which allows to LOG
    221. 

  221. 	  messages through the netfilter logging API, which can use
    222. 

  222. 	  either the old LOG target, the old ULOG target or nfnetlink_log
    223. 

  223. 	  as backend.
    224. 

  224. 

  225. 	  This option adds the nflog watcher, that you can use in any rule
    226. 

  226. 	  in any ebtables table.
    227. 

  227. 

  228. 	  To compile it as a module, choose M here.  If unsure, say N.
    229. 

  229.