From: Hauke Mehrtens <hauke@hauke-m.de> Date: Sat, 9 Apr 2011 23:23:46 +0000 (+0000) Subject: iipt-debug: create bundle of netfilter modules for debugging X-Git-Url: http://git.cdn.openwrt.org/?a=commitdiff_plain;h=24c1caef5f3778fc634bc0ef588f94bcffbd2a85;p=openwrt%2Fstaging%2Faparcar.git iipt-debug: create bundle of netfilter modules for debugging Add a bundle for including commonly useful modules for IPtables debugging and development. For now, it just contains xt_TRACE.ko Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com> SVN-Revision: 26567 --- diff --git a/include/netfilter.mk b/include/netfilter.mk index 5cc34b4814..fe468fca31 100644 --- a/include/netfilter.mk +++ b/include/netfilter.mk @@ -278,6 +278,10 @@ $(eval $(call nf_add,IPT_QUEUE,CONFIG_IP_NF_QUEUE, $(P_V4)ip_queue)) $(eval $(call nf_add,IPT_ULOG,CONFIG_IP_NF_TARGET_ULOG, $(P_V4)ipt_ULOG)) +# debugging + +$(eval $(call nf_add,IPT_DEBUG,CONFIG_NETFILTER_XT_TARGET_TRACE, $(P_XT)xt_TRACE)) + # tproxy $(eval $(call nf_add,IPT_TPROXY,CONFIG_NETFILTER_XT_MATCH_SOCKET, $(P_XT)xt_socket)) @@ -337,6 +341,7 @@ IPT_BUILTIN += $(IPT_NAT_EXTRA-y) IPT_BUILTIN += $(IPT_NATHELPER-y) IPT_BUILTIN += $(IPT_NATHELPER_EXTRA-y) IPT_BUILTIN += $(IPT_ULOG-y) +IPT_BUILTIN += $(IPT_DEBUG-y) IPT_BUILTIN += $(IPT_TPROXY-y) IPT_BUILTIN += $(EBTABLES-y) IPT_BUILTIN += $(EBTABLES_IP4-y) diff --git a/package/kernel/modules/netfilter.mk b/package/kernel/modules/netfilter.mk index e44d067f35..919e8ad19d 100644 --- a/package/kernel/modules/netfilter.mk +++ b/package/kernel/modules/netfilter.mk @@ -262,6 +262,24 @@ endef $(eval $(call KernelPackage,ipt-ulog)) +define KernelPackage/ipt-debug + TITLE:=Module for debugging/development + KCONFIG:=$(KCONFIG_IPT_DEBUG) + DEFAULT:=n + FILES:=$(foreach mod,$(IPT_DEBUG-m),$(LINUX_DIR)/net/$(mod).ko) + AUTOLOAD:=$(call AutoLoad,45,$(notdir $(IPT_DEBUG-m))) + $(call AddDepends/ipt) +endef + +define KernelPackage/ipt-debug/description + Netfilter modules for debugging/development of the firewall + Includes: + - TRACE +endef + +$(eval $(call KernelPackage,ipt-debug)) + + define KernelPackage/ipt-led TITLE:=Module to trigger a LED with a Netfilter rule KCONFIG:=$(KCONFIG_IPT_LED)