systems/lctr-rpi: add NETFILTER kernel config
This commit is contained in:
parent
d91631f542
commit
ff0a567462
@ -549,6 +549,7 @@ CONFIG_IP_ADVANCED_ROUTER=y
|
||||
CONFIG_IP_MULTIPLE_TABLES=y
|
||||
CONFIG_IP_ROUTE_MULTIPATH=y
|
||||
# CONFIG_IP_ROUTE_VERBOSE is not set
|
||||
CONFIG_IP_ROUTE_CLASSID=y
|
||||
CONFIG_IP_PNP=y
|
||||
CONFIG_IP_PNP_DHCP=y
|
||||
# CONFIG_IP_PNP_BOOTP is not set
|
||||
@ -573,7 +574,9 @@ CONFIG_SYN_COOKIES=y
|
||||
# CONFIG_INET_XFRM_MODE_TUNNEL is not set
|
||||
# CONFIG_INET_XFRM_MODE_BEET is not set
|
||||
# CONFIG_INET_LRO is not set
|
||||
# CONFIG_INET_DIAG is not set
|
||||
CONFIG_INET_DIAG=y
|
||||
CONFIG_INET_TCP_DIAG=y
|
||||
# CONFIG_INET_UDP_DIAG is not set
|
||||
# CONFIG_TCP_CONG_ADVANCED is not set
|
||||
CONFIG_TCP_CONG_CUBIC=y
|
||||
CONFIG_DEFAULT_TCP_CONG="cubic"
|
||||
@ -582,7 +585,169 @@ CONFIG_DEFAULT_TCP_CONG="cubic"
|
||||
# CONFIG_NETWORK_SECMARK is not set
|
||||
# CONFIG_NET_PTP_CLASSIFY is not set
|
||||
# CONFIG_NETWORK_PHY_TIMESTAMPING is not set
|
||||
# CONFIG_NETFILTER is not set
|
||||
CONFIG_NETFILTER=y
|
||||
# CONFIG_NETFILTER_DEBUG is not set
|
||||
CONFIG_NETFILTER_ADVANCED=y
|
||||
|
||||
#
|
||||
# Core Netfilter Configuration
|
||||
#
|
||||
CONFIG_NETFILTER_NETLINK=y
|
||||
CONFIG_NETFILTER_NETLINK_ACCT=y
|
||||
CONFIG_NETFILTER_NETLINK_QUEUE=y
|
||||
CONFIG_NETFILTER_NETLINK_LOG=y
|
||||
CONFIG_NF_CONNTRACK=y
|
||||
CONFIG_NF_LOG_COMMON=y
|
||||
CONFIG_NF_CONNTRACK_MARK=y
|
||||
CONFIG_NF_CONNTRACK_PROCFS=y
|
||||
CONFIG_NF_CONNTRACK_EVENTS=y
|
||||
CONFIG_NF_CONNTRACK_TIMEOUT=y
|
||||
CONFIG_NF_CONNTRACK_TIMESTAMP=y
|
||||
CONFIG_NF_CONNTRACK_LABELS=y
|
||||
CONFIG_NF_CT_PROTO_DCCP=y
|
||||
CONFIG_NF_CT_PROTO_GRE=y
|
||||
CONFIG_NF_CT_PROTO_SCTP=y
|
||||
CONFIG_NF_CT_PROTO_UDPLITE=y
|
||||
CONFIG_NF_CONNTRACK_AMANDA=y
|
||||
CONFIG_NF_CONNTRACK_FTP=y
|
||||
CONFIG_NF_CONNTRACK_H323=y
|
||||
CONFIG_NF_CONNTRACK_IRC=y
|
||||
CONFIG_NF_CONNTRACK_BROADCAST=y
|
||||
# CONFIG_NF_CONNTRACK_NETBIOS_NS is not set
|
||||
CONFIG_NF_CONNTRACK_SNMP=y
|
||||
CONFIG_NF_CONNTRACK_PPTP=y
|
||||
CONFIG_NF_CONNTRACK_SANE=y
|
||||
CONFIG_NF_CONNTRACK_SIP=y
|
||||
CONFIG_NF_CONNTRACK_TFTP=y
|
||||
CONFIG_NF_CT_NETLINK=y
|
||||
CONFIG_NF_CT_NETLINK_TIMEOUT=y
|
||||
CONFIG_NF_CT_NETLINK_HELPER=y
|
||||
CONFIG_NETFILTER_NETLINK_QUEUE_CT=y
|
||||
CONFIG_NF_NAT=y
|
||||
CONFIG_NF_NAT_NEEDED=y
|
||||
CONFIG_NF_NAT_PROTO_DCCP=y
|
||||
CONFIG_NF_NAT_PROTO_UDPLITE=y
|
||||
CONFIG_NF_NAT_PROTO_SCTP=y
|
||||
CONFIG_NF_NAT_AMANDA=y
|
||||
CONFIG_NF_NAT_FTP=y
|
||||
CONFIG_NF_NAT_IRC=y
|
||||
CONFIG_NF_NAT_SIP=y
|
||||
CONFIG_NF_NAT_TFTP=y
|
||||
# CONFIG_NF_TABLES is not set
|
||||
CONFIG_NETFILTER_XTABLES=y
|
||||
|
||||
#
|
||||
# Xtables combined modules
|
||||
#
|
||||
CONFIG_NETFILTER_XT_MARK=y
|
||||
CONFIG_NETFILTER_XT_CONNMARK=y
|
||||
|
||||
#
|
||||
# Xtables targets
|
||||
#
|
||||
# CONFIG_NETFILTER_XT_TARGET_CHECKSUM is not set
|
||||
CONFIG_NETFILTER_XT_TARGET_CLASSIFY=y
|
||||
CONFIG_NETFILTER_XT_TARGET_CONNMARK=y
|
||||
# CONFIG_NETFILTER_XT_TARGET_DSCP is not set
|
||||
CONFIG_NETFILTER_XT_TARGET_HL=y
|
||||
CONFIG_NETFILTER_XT_TARGET_HMARK=y
|
||||
CONFIG_NETFILTER_XT_TARGET_IDLETIMER=y
|
||||
CONFIG_NETFILTER_XT_TARGET_LED=y
|
||||
CONFIG_NETFILTER_XT_TARGET_LOG=y
|
||||
CONFIG_NETFILTER_XT_TARGET_MARK=y
|
||||
CONFIG_NETFILTER_XT_NAT=y
|
||||
CONFIG_NETFILTER_XT_TARGET_NETMAP=y
|
||||
CONFIG_NETFILTER_XT_TARGET_NFLOG=y
|
||||
CONFIG_NETFILTER_XT_TARGET_NFQUEUE=y
|
||||
CONFIG_NETFILTER_XT_TARGET_RATEEST=y
|
||||
CONFIG_NETFILTER_XT_TARGET_REDIRECT=y
|
||||
CONFIG_NETFILTER_XT_TARGET_TEE=y
|
||||
# CONFIG_NETFILTER_XT_TARGET_TPROXY is not set
|
||||
CONFIG_NETFILTER_XT_TARGET_TCPMSS=y
|
||||
# CONFIG_NETFILTER_XT_TARGET_TCPOPTSTRIP is not set
|
||||
|
||||
#
|
||||
# Xtables matches
|
||||
#
|
||||
CONFIG_NETFILTER_XT_MATCH_ADDRTYPE=y
|
||||
CONFIG_NETFILTER_XT_MATCH_BPF=y
|
||||
CONFIG_NETFILTER_XT_MATCH_CLUSTER=y
|
||||
CONFIG_NETFILTER_XT_MATCH_COMMENT=y
|
||||
CONFIG_NETFILTER_XT_MATCH_CONNBYTES=y
|
||||
CONFIG_NETFILTER_XT_MATCH_CONNLABEL=y
|
||||
CONFIG_NETFILTER_XT_MATCH_CONNLIMIT=y
|
||||
CONFIG_NETFILTER_XT_MATCH_CONNMARK=y
|
||||
CONFIG_NETFILTER_XT_MATCH_CONNTRACK=y
|
||||
CONFIG_NETFILTER_XT_MATCH_CPU=y
|
||||
CONFIG_NETFILTER_XT_MATCH_DCCP=y
|
||||
CONFIG_NETFILTER_XT_MATCH_DEVGROUP=y
|
||||
CONFIG_NETFILTER_XT_MATCH_DSCP=y
|
||||
CONFIG_NETFILTER_XT_MATCH_ECN=y
|
||||
CONFIG_NETFILTER_XT_MATCH_ESP=y
|
||||
CONFIG_NETFILTER_XT_MATCH_HASHLIMIT=y
|
||||
CONFIG_NETFILTER_XT_MATCH_HELPER=y
|
||||
CONFIG_NETFILTER_XT_MATCH_HL=y
|
||||
CONFIG_NETFILTER_XT_MATCH_IPCOMP=y
|
||||
CONFIG_NETFILTER_XT_MATCH_IPRANGE=y
|
||||
CONFIG_NETFILTER_XT_MATCH_L2TP=y
|
||||
CONFIG_NETFILTER_XT_MATCH_LENGTH=y
|
||||
CONFIG_NETFILTER_XT_MATCH_LIMIT=y
|
||||
CONFIG_NETFILTER_XT_MATCH_MAC=y
|
||||
CONFIG_NETFILTER_XT_MATCH_MARK=y
|
||||
CONFIG_NETFILTER_XT_MATCH_MULTIPORT=y
|
||||
CONFIG_NETFILTER_XT_MATCH_NFACCT=y
|
||||
# CONFIG_NETFILTER_XT_MATCH_OSF is not set
|
||||
CONFIG_NETFILTER_XT_MATCH_OWNER=y
|
||||
CONFIG_NETFILTER_XT_MATCH_POLICY=y
|
||||
# CONFIG_NETFILTER_XT_MATCH_PKTTYPE is not set
|
||||
CONFIG_NETFILTER_XT_MATCH_QUOTA=y
|
||||
CONFIG_NETFILTER_XT_MATCH_RATEEST=y
|
||||
CONFIG_NETFILTER_XT_MATCH_REALM=y
|
||||
# CONFIG_NETFILTER_XT_MATCH_RECENT is not set
|
||||
CONFIG_NETFILTER_XT_MATCH_SCTP=y
|
||||
CONFIG_NETFILTER_XT_MATCH_SOCKET=y
|
||||
CONFIG_NETFILTER_XT_MATCH_STATE=y
|
||||
CONFIG_NETFILTER_XT_MATCH_STATISTIC=y
|
||||
# CONFIG_NETFILTER_XT_MATCH_STRING is not set
|
||||
CONFIG_NETFILTER_XT_MATCH_TCPMSS=y
|
||||
CONFIG_NETFILTER_XT_MATCH_TIME=y
|
||||
# CONFIG_NETFILTER_XT_MATCH_U32 is not set
|
||||
# CONFIG_IP_SET is not set
|
||||
# CONFIG_IP_VS is not set
|
||||
|
||||
#
|
||||
# IP: Netfilter Configuration
|
||||
#
|
||||
CONFIG_NF_DEFRAG_IPV4=y
|
||||
CONFIG_NF_CONNTRACK_IPV4=y
|
||||
CONFIG_NF_CONNTRACK_PROC_COMPAT=y
|
||||
CONFIG_NF_LOG_ARP=y
|
||||
CONFIG_NF_LOG_IPV4=y
|
||||
CONFIG_NF_REJECT_IPV4=y
|
||||
CONFIG_NF_NAT_IPV4=y
|
||||
CONFIG_NF_NAT_MASQUERADE_IPV4=y
|
||||
CONFIG_NF_NAT_SNMP_BASIC=y
|
||||
CONFIG_NF_NAT_PROTO_GRE=y
|
||||
CONFIG_NF_NAT_PPTP=y
|
||||
CONFIG_NF_NAT_H323=y
|
||||
CONFIG_IP_NF_IPTABLES=y
|
||||
CONFIG_IP_NF_MATCH_AH=y
|
||||
CONFIG_IP_NF_MATCH_ECN=y
|
||||
CONFIG_IP_NF_MATCH_RPFILTER=y
|
||||
CONFIG_IP_NF_MATCH_TTL=y
|
||||
CONFIG_IP_NF_FILTER=y
|
||||
CONFIG_IP_NF_TARGET_REJECT=y
|
||||
# CONFIG_IP_NF_TARGET_SYNPROXY is not set
|
||||
CONFIG_IP_NF_NAT=y
|
||||
CONFIG_IP_NF_TARGET_MASQUERADE=y
|
||||
CONFIG_IP_NF_TARGET_NETMAP=y
|
||||
CONFIG_IP_NF_TARGET_REDIRECT=y
|
||||
CONFIG_IP_NF_MANGLE=y
|
||||
CONFIG_IP_NF_TARGET_CLUSTERIP=y
|
||||
CONFIG_IP_NF_TARGET_ECN=y
|
||||
CONFIG_IP_NF_TARGET_TTL=y
|
||||
# CONFIG_IP_NF_RAW is not set
|
||||
# CONFIG_IP_NF_ARPTABLES is not set
|
||||
# CONFIG_IP_DCCP is not set
|
||||
# CONFIG_IP_SCTP is not set
|
||||
# CONFIG_RDS is not set
|
||||
|
Reference in New Issue
Block a user