--- zzzz-none-000/linux-2.6.32.61/net/ipv4/netfilter/Kconfig 2013-06-10 09:43:48.000000000 +0000 +++ ar9-7330-650/linux-2.6.32.61/net/ipv4/netfilter/Kconfig 2011-07-20 07:23:51.000000000 +0000 @@ -9,6 +9,13 @@ tristate default n +config LTQ_NF_ADDONS + bool 'LTQ netfilter addons' + depends on LTQ_ADDON + help + If chosen, all the additions done by LTQ to netfilters + could be slected. It is recommended to be alwyas on. + config NF_CONNTRACK_IPV4 tristate "IPv4 connection tracking support (required for NAT)" depends on NF_CONNTRACK @@ -181,6 +188,10 @@ To compile it as a module, choose M here. If unsure, say N. +config IP_NF_TARGET_NATTYPE + tristate "NATTYPE target support" + depends on IP_NF_IPTABLES + config IP_NF_TARGET_NETMAP tristate "NETMAP target support" depends on NF_NAT @@ -220,6 +231,14 @@ To compile it as a module, choose M here. If unsure, say N. +config ATH_HW_NAT + tristate "Atheros H/W NAT Accelerator support" + depends on NF_NAT + default n + help + This option adds the support for atheros hardware nat + accelerator. + # If they want FTP, set to $CONFIG_IP_NF_NAT (m or y), # or $CONFIG_IP_NF_FTP (m or y), whichever is weaker. # From kconfig-language.txt: @@ -257,6 +276,21 @@ depends on NF_CONNTRACK && NF_NAT default NF_NAT && NF_CONNTRACK_IRC +config NF_NAT_RTSP + tristate + depends on IP_NF_IPTABLES && NF_CONNTRACK && NF_NAT + default NF_NAT && NF_CONNTRACK_RTSP + +config NF_NAT_MMS + tristate + depends on IP_NF_IPTABLES && NF_CONNTRACK && NF_NAT && LTQ_ADDON + default NF_NAT && NF_CONNTRACK_MMS + +config NF_NAT_TALK + tristate + depends on IP_NF_IPTABLES && NF_CONNTRACK && NF_NAT && LTQ_ADDON + default NF_NAT && NF_CONNTRACK_TALK + config NF_NAT_TFTP tristate depends on NF_CONNTRACK && NF_NAT @@ -354,6 +388,81 @@ If unsure, say N. +config IP_NF_MATCH_LTQATTACK + tristate "LTQattack match support" + depends on IP_NF_IPTABLES && LTQ_NF_ADDONS + help + Firewall support against several common DOS attacks. + +config CODE_REDI + bool + depends on IP_NF_MATCH_LTQATTACK + default y + +config CODE_REDII + bool + depends on IP_NF_MATCH_LTQATTACK + default y + +config ICQ_DOS + bool + depends on IP_NF_MATCH_LTQATTACK + default y + +config IIS_FRONTPAGE + bool + depends on IP_NF_MATCH_LTQATTACK + default n + +config LAND_ATTACK + bool + depends on IP_NF_MATCH_LTQATTACK + default y + +config FRAGGLE + bool + depends on IP_NF_MATCH_LTQATTACK + default n + +config MALFORMED_MIME + bool + depends on IP_NF_MATCH_LTQATTACK + default y + +config UDP_BOMB + bool + depends on IP_NF_MATCH_LTQATTACK + default y + +config FTP_PORT_REST + bool + depends on IP_NF_MATCH_LTQATTACK + default y + +config IP_NF_MATCH_WEBSTR + tristate 'webstring type match support' + depends on IP_NF_IPTABLES && LTQ_NF_ADDONS + help + This allows one to filter packets based on the string they contain. + +config IP_NF_MATCH_SYNFLOOD + tristate "synflood match support" + depends on IP_NF_IPTABLES && LTQ_NF_ADDONS + help + Firewall support against synflood DOS attack. + +config IP_NF_TARGET_TRIGGER + tristate 'TRIGGER target support (port-trigger)' + depends on NF_NAT && LTQ_NF_ADDONS + help + Port triggering is a specialized form of port forwarding in which + outbound traffic on predetermined ports "triggering ports") causes + inbound traffic to specific incoming ports to be dynamically + forwarded to the initiating host while the outbound ports are in use. + + To compile it as a module, choose M here. If unsure, say N. + + endif # IP_NF_IPTABLES # ARP tables @@ -388,5 +497,22 @@ endif # IP_NF_ARPTABLES +config NF_NAT_RTSP + tristate + depends on IP_NF_IPTABLES && NF_CONNTRACK && NF_NAT + default NF_NAT && NF_CONNTRACK_RTSP + +config NF_CONNTRACK_RTSP + tristate 'RTSP protocol support' + depends on NF_CONNTRACK + help + Support the RTSP protocol. This allows UDP transports to be setup + properly, including RTP and RDT. + + If you want to compile it as a module, say 'M' here and read + Documentation/modules.txt. If unsure, say 'Y'. + +source "net/ipv4/netfilter/Kconfig.ifx" + endmenu