summaryrefslogtreecommitdiff
path: root/target/waldux/config/Config.in.netfilter.ebt
diff options
context:
space:
mode:
Diffstat (limited to 'target/waldux/config/Config.in.netfilter.ebt')
-rw-r--r--target/waldux/config/Config.in.netfilter.ebt218
1 files changed, 218 insertions, 0 deletions
diff --git a/target/waldux/config/Config.in.netfilter.ebt b/target/waldux/config/Config.in.netfilter.ebt
new file mode 100644
index 000000000..6b7c72fa5
--- /dev/null
+++ b/target/waldux/config/Config.in.netfilter.ebt
@@ -0,0 +1,218 @@
+# This file is part of the OpenADK project. OpenADK is copyrighted
+# material, please see the LICENCE file in the top-level directory.
+
+config ADK_WALDUX_KERNEL_BRIDGE_NF_EBTABLES
+ tristate 'Ethernet Bridge tables support'
+ select ADK_WALDUX_KERNEL_BRIDGE_NETFILTER
+ default n
+ help
+ ebtables is a general, extensible frame/packet identification
+ framework. Say 'Y' or 'M' here if you want to do Ethernet
+ filtering/NAT/brouting on the Ethernet bridge.
+
+config ADK_WALDUX_KERNEL_BRIDGE_EBT_BROUTE
+ tristate "broute table support"
+ depends on ADK_WALDUX_KERNEL_BRIDGE_NF_EBTABLES
+ default n
+ help
+ The ebtables broute table is used to define rules that decide between
+ bridging and routing frames, giving Linux the functionality of a
+ brouter. See the man page for ebtables(8) and examples on the ebtables
+ website.
+
+ To compile it as a module, choose M here. If unsure, say N.
+
+config ADK_WALDUX_KERNEL_BRIDGE_EBT_T_FILTER
+ tristate "filter table support"
+ depends on ADK_WALDUX_KERNEL_BRIDGE_NF_EBTABLES
+ default n
+ help
+ The ebtables filter table is used to define frame filtering rules at
+ local input, forwarding and local output. See the man page for
+ ebtables(8).
+
+ To compile it as a module, choose M here. If unsure, say N.
+
+config ADK_WALDUX_KERNEL_BRIDGE_EBT_T_NAT
+ tristate "nat table support"
+ depends on ADK_WALDUX_KERNEL_BRIDGE_NF_EBTABLES
+ default n
+ help
+ The ebtables nat table is used to define rules that alter the MAC
+ source address (MAC SNAT) or the MAC destination address (MAC DNAT).
+ See the man page for ebtables(8).
+
+#
+# matches
+#
+config ADK_WALDUX_KERNEL_BRIDGE_EBT_802_3
+ tristate "802.3 filter support"
+ depends on ADK_WALDUX_KERNEL_BRIDGE_NF_EBTABLES
+ default n
+ help
+ This option adds matching support for 802.3 Ethernet frames.
+
+config ADK_WALDUX_KERNEL_BRIDGE_EBT_AMONG
+ tristate "among filter support"
+ depends on ADK_WALDUX_KERNEL_BRIDGE_NF_EBTABLES
+ default n
+ help
+ This option adds the among match, which allows matching the MAC source
+ and/or destination address on a list of addresses. Optionally,
+ MAC/IP address pairs can be matched, f.e. for anti-spoofing rules.
+
+config ADK_WALDUX_KERNEL_BRIDGE_EBT_ARP
+ tristate "ARP filter support"
+ depends on ADK_WALDUX_KERNEL_BRIDGE_NF_EBTABLES
+ default n
+ help
+ This option adds the ARP match, which allows ARP and RARP header field
+ filtering.
+
+config ADK_WALDUX_KERNEL_BRIDGE_EBT_IP
+ tristate "IP filter support"
+ depends on ADK_WALDUX_KERNEL_BRIDGE_NF_EBTABLES
+ default n
+ help
+ This option adds the IP match, which allows basic IP header field
+ filtering.
+
+config ADK_WALDUX_KERNEL_BRIDGE_EBT_IP6
+ tristate "IP6 filter support"
+ depends on ADK_WALDUX_KERNEL_BRIDGE_NF_EBTABLES && ADK_WALDUX_KERNEL_IPV6
+ default n
+ help
+ This option adds the IP6 match, which allows basic IPV6 header field
+ filtering.
+
+config ADK_WALDUX_KERNEL_BRIDGE_EBT_LIMIT
+ tristate "limit match support"
+ depends on ADK_WALDUX_KERNEL_BRIDGE_NF_EBTABLES
+ default n
+ help
+ This option adds the limit match, which allows you to control
+ the rate at which a rule can be matched. This match is the
+ equivalent of the iptables limit match.
+
+config ADK_WALDUX_KERNEL_BRIDGE_EBT_MARK
+ tristate "mark filter support"
+ depends on ADK_WALDUX_KERNEL_BRIDGE_NF_EBTABLES
+ default n
+ help
+ This option adds the mark match, which allows matching frames based on
+ the 'nfmark' value in the frame. This can be set by the mark target.
+ This value is the same as the one used in the iptables mark match and
+ target.
+
+config ADK_WALDUX_KERNEL_BRIDGE_EBT_PKTTYPE
+ tristate "packet type filter support"
+ depends on ADK_WALDUX_KERNEL_BRIDGE_NF_EBTABLES
+ default n
+ help
+ This option adds the packet type match, which allows matching on the
+ type of packet based on its Ethernet "class" (as determined by
+ the generic networking code): broadcast, multicast,
+ for this host alone or for another host.
+
+config ADK_WALDUX_KERNEL_BRIDGE_EBT_STP
+ tristate "STP filter support"
+ depends on ADK_WALDUX_KERNEL_BRIDGE_NF_EBTABLES
+ default n
+ help
+ This option adds the Spanning Tree Protocol match, which
+ allows STP header field filtering.
+
+config ADK_WALDUX_KERNEL_BRIDGE_EBT_VLAN
+ tristate "802.1Q VLAN filter support"
+ depends on ADK_WALDUX_KERNEL_BRIDGE_NF_EBTABLES
+ default n
+ help
+ This option adds the 802.1Q vlan match, which allows the filtering of
+ 802.1Q vlan fields.
+
+#
+# targets
+#
+config ADK_WALDUX_KERNEL_BRIDGE_EBT_ARPREPLY
+ tristate "arp reply target support"
+ depends on ADK_WALDUX_KERNEL_BRIDGE_NF_EBTABLES
+ default n
+ help
+ This option adds the arp reply target, which allows
+ automatically sending arp replies to arp requests.
+
+config ADK_WALDUX_KERNEL_BRIDGE_EBT_DNAT
+ tristate "dnat target support"
+ depends on ADK_WALDUX_KERNEL_BRIDGE_NF_EBTABLES
+ default n
+ help
+ This option adds the MAC DNAT target, which allows altering the MAC
+ destination address of frames.
+
+config ADK_WALDUX_KERNEL_BRIDGE_EBT_MARK_T
+ tristate "mark target support"
+ depends on ADK_WALDUX_KERNEL_BRIDGE_NF_EBTABLES
+ default n
+ help
+ This option adds the mark target, which allows marking frames by
+ setting the 'nfmark' value in the frame.
+ This value is the same as the one used in the iptables mark match and
+ target.
+
+config ADK_WALDUX_KERNEL_BRIDGE_EBT_REDIRECT
+ tristate "redirect target support"
+ depends on ADK_WALDUX_KERNEL_BRIDGE_NF_EBTABLES
+ default n
+ help
+ This option adds the MAC redirect target, which allows altering the MAC
+ destination address of a frame to that of the device it arrived on.
+
+config ADK_WALDUX_KERNEL_BRIDGE_EBT_SNAT
+ tristate "snat target support"
+ depends on ADK_WALDUX_KERNEL_BRIDGE_NF_EBTABLES
+ default n
+ help
+ This option adds the MAC SNAT target, which allows altering the MAC
+ source address of frames.
+
+#
+# watchers
+#
+config ADK_WALDUX_KERNEL_BRIDGE_EBT_LOG
+ tristate "log support"
+ depends on ADK_WALDUX_KERNEL_BRIDGE_NF_EBTABLES
+ default n
+ help
+ This option adds the log watcher, that you can use in any rule
+ in any ebtables table. It records info about the frame header
+ to the syslog.
+
+config ADK_WALDUX_KERNEL_BRIDGE_EBT_ULOG
+ tristate "ulog support"
+ depends on ADK_WALDUX_KERNEL_BRIDGE_NF_EBTABLES
+ default n
+ help
+ This option enables the old bridge-specific "ebt_ulog" implementation
+ which has been obsoleted by the new "nfnetlink_log" code (see
+ CONFIG_NETFILTER_NETLINK_LOG).
+
+ This option adds the ulog watcher, that you can use in any rule
+ in any ebtables table. The packet is passed to a userspace
+ logging daemon using netlink multicast sockets. This differs
+ from the log watcher in the sense that the complete packet is
+ sent to userspace instead of a descriptive text and that
+ netlink multicast sockets are used instead of the syslog.
+
+config ADK_WALDUX_KERNEL_BRIDGE_EBT_NFLOG
+ tristate "nflog support"
+ depends on ADK_WALDUX_KERNEL_BRIDGE_NF_EBTABLES
+ default n
+ help
+ This option enables the nflog watcher, which allows to LOG
+ messages through the netfilter logging API, which can use
+ either the old LOG target, the old ULOG target or nfnetlink_log
+ as backend.
+
+ This option adds the nflog watcher, that you can use in any rule
+ in any ebtables table.
+
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-03 07:25:51 +0000