diff options
| -rw-r--r-- | mk/modules.mk | 18 | ||||
| -rw-r--r-- | target/linux/config/Config.in.netfilter | 4 | ||||
| -rw-r--r-- | target/linux/config/Config.in.netfilter.ip4 | 8 |
3 files changed, 13 insertions, 17 deletions
diff --git a/mk/modules.mk b/mk/modules.mk index cb418057b..19070c365 100644 --- a/mk/modules.mk +++ b/mk/modules.mk @@ -470,6 +470,12 @@ $(eval $(call KMOD_template,NETFILTER_XT_TARGET_LOG,netfilter-xt-target-log,\ $(eval $(call KMOD_template,NF_CONNTRACK,nf-conntrack,\ $(MODULES_DIR)/kernel/net/netfilter/nf_conntrack \ + $(MODULES_DIR)/kernel/net/netfilter/xt_conntrack \ +,41)) + +$(eval $(call KMOD_template,NF_NAT,nf-nat,\ + $(MODULES_DIR)/kernel/net/netfilter/nf_nat \ + $(MODULES_DIR)/kernel/net/netfilter/xt_nat \ ,45)) $(eval $(call KMOD_template,NF_CONNTRACK_IPV4,nf-conntrack-ipv4,\ @@ -477,20 +483,10 @@ $(eval $(call KMOD_template,NF_CONNTRACK_IPV4,nf-conntrack-ipv4,\ $(MODULES_DIR)/kernel/net/ipv4/netfilter/nf_conntrack_ipv4 \ ,46)) -ifeq ($(KERNEL_BASE),3) -ifeq ($(KERNEL_MAJ),4) -$(eval $(call KMOD_template,FULL_NAT,full-nat,\ - $(MODULES_DIR)/kernel/net/ipv4/netfilter/nf_nat \ - $(MODULES_DIR)/kernel/net/ipv4/netfilter/iptable_nat \ -,50)) -else -$(eval $(call KMOD_template,FULL_NAT,full-nat,\ - $(MODULES_DIR)/kernel/net/netfilter/nf_nat \ +$(eval $(call KMOD_template,NF_NAT_IPV4,nf-nat-ipv4,\ $(MODULES_DIR)/kernel/net/ipv4/netfilter/nf_nat_ipv4 \ $(MODULES_DIR)/kernel/net/ipv4/netfilter/iptable_nat \ ,50)) -endif -endif $(eval $(call KMOD_template,NF_CONNTRACK_FTP,nf-conntrack-ftp,\ $(MODULES_DIR)/kernel/net/netfilter/nf_conntrack_ftp \ diff --git a/target/linux/config/Config.in.netfilter b/target/linux/config/Config.in.netfilter index 6ba9f0219..13f64d957 100644 --- a/target/linux/config/Config.in.netfilter +++ b/target/linux/config/Config.in.netfilter @@ -125,11 +125,11 @@ config ADK_KERNEL_NETFILTER_XT_MATCH_STATE # cannot be ADK_KERNEL_IP_NF_MATCH_CONNTRACK because # netfilter is built as a module -> this'll always be # a module, too -config ADK_KERNEL_IP_NF_MATCH_CONNTRACK +config ADK_KERNEL_NETFILTER_XT_MATCH_CONNTRACK tristate default n -config ADK_KERNEL_IP_NF_MATCH_CONNMARK +config ADK_KERNEL_NETFILTER_XT_MATCH_CONNMARK tristate default n diff --git a/target/linux/config/Config.in.netfilter.ip4 b/target/linux/config/Config.in.netfilter.ip4 index 075fabd1c..d26e61b8e 100644 --- a/target/linux/config/Config.in.netfilter.ip4 +++ b/target/linux/config/Config.in.netfilter.ip4 @@ -2,6 +2,7 @@ config ADK_KERNEL_NF_CONNTRACK_IPV4 prompt 'IPv4 connection tracking support (required for NAT)' tristate select ADK_KERNEL_NF_CONNTRACK + select ADK_KERNEL_NETFILTER_XT_MATCH_CONNTRACK default m if ADK_PACKAGE_IPTABLES default n help @@ -61,7 +62,7 @@ config ADK_KERNEL_NF_NAT_IPV4 config ADK_KERNEL_IP_NF_TARGET_MASQUERADE tristate 'MASQUERADE target support' - depends on ADK_KERNEL_FULL_NAT + depends on ADK_KERNEL_NF_NAT default m if ADK_PACKAGE_IPTABLES default n help @@ -99,7 +100,7 @@ config ADK_KERNEL_IP_NF_TARGET_ULOG config ADK_KERNEL_IP_NF_TARGET_REDIRECT tristate 'REDIRECT target support' - depends on ADK_KERNEL_FULL_NAT + depends on ADK_KERNEL_NF_NAT help REDIRECT is a special case of NAT: all incoming connections are mapped onto the incoming interface's address, causing the packets to @@ -108,7 +109,7 @@ config ADK_KERNEL_IP_NF_TARGET_REDIRECT config ADK_KERNEL_IP_NF_TARGET_NETMAP tristate 'NETMAP target support' - depends on ADK_KERNEL_FULL_NAT + depends on ADK_KERNEL_NF_NAT help NETMAP is an implementation of static 1:1 NAT mapping of network addresses. It maps the network address part, while keeping the host @@ -117,7 +118,6 @@ config ADK_KERNEL_IP_NF_TARGET_NETMAP config ADK_KERNEL_IP_NF_MANGLE tristate 'Packet mangling' - depends on ADK_KERNEL_FULL_NAT help This option adds a `mangle' table to iptables: see the man page for iptables(8). This table is used for various packet alterations |