--- zzzz-none-000/linux-3.10.107/net/bridge/Kconfig 2017-06-27 09:49:32.000000000 +0000 +++ vr9-7490-729/linux-3.10.107/net/bridge/Kconfig 2021-11-10 11:53:56.000000000 +0000 @@ -33,6 +33,24 @@ If unsure, say N. +config AVM_BRIDGE_FLOOD_RATELIMITER + bool "Port flood rate limiting" + depends on AVM_ENHANCED + depends on BRIDGE + default y + ---help--- + AVM extension + + This enables a simple, configurable bridge flood rate limiting mechanism, to + help protect accidental or willful network loops. You can configure a + maximum packet rate and a reserve. The reserve can be higher to allow for + short bursts. + + The ratelimiter will only limit packets which are forwarded on all ports. + Traffic (unicast and multicast) that is forwarded to specific ports is + unaffected. Locally generated traffic is unaffected as well. It is + disabled by default and must be configured through sysfs. + config BRIDGE_IGMP_SNOOPING bool "IGMP/MLD snooping" depends on BRIDGE @@ -47,6 +65,39 @@ If unsure, say Y. +config AVM_BRIDGE_MULTICAST_TO_UNICAST + bool "bridge multicast to unicast conversion" + depends on BRIDGE_IGMP_SNOOPING + default y + ---help--- + AVM extension + + If you say Y here, then the Ethernet bridge ports record the source + MAC addresses of IGMP report senders, and perform a multicast-to-unicast + conversion (Layer 2) before forwarding corresponding multicast packets. This + is useful in wireless networks where multicast traffic is severely limited + by 802.11. + + Even with this being configured, the feature must be turned on on a per-port + basis at runtime. + + Say N to exclude this support and reduce the binary size. + + If unsure, say Y. + +config AVM_BRIDGE_MULTICAST_TO_UNICAST_DEFAULT_THRESHOLD + int "multicast to unicast default threshold" + depends on AVM_BRIDGE_MULTICAST_TO_UNICAST + default 3 + ---help--- + AVM extension + + This selects the default threshold for switching from multicast-as-unicast + transmission back to plain multicast. This is really only the default, + the threshold can be configured on a per port basis on sysfs. The threshold + is multicast group specific. + + config BRIDGE_VLAN_FILTERING bool "VLAN filtering" depends on BRIDGE @@ -60,3 +111,34 @@ Say N to exclude this support and reduce the binary size. If unsure, say Y. + +config AVM_BRIDGE_ISOLATION + bool "Isolate bridge ports from each other" + depends on BRIDGE + depends on NETFILTER + depends on SYSFS + depends on AVM_ENHANCED + default y + ---help--- + AVM extension + + This feature allows to isolate bridge ports from each other so that clients + connected through a port can only communicate with the local system, for DHCP + or accessing the Internet, if the local system is a gateway. + +config AVM_BRIDGE_ISOLATION_UPSTREAM + bool "Break port isolation for select ports" + depends on AVM_BRIDGE_ISOLATION + default n + ---help--- + AVM extension + + This feature allows clients connected through a bridge port to communicate + not only with the local system but also with clients connected through "upstream" + ports. This is only useful if the bridge port is otherwise isolated. Use this + if the local system is not the gateway, but rather the gateway is connected through + another bridge port. + + Say n if the box has both WLAN bands in the bridges (lan, guest) on the host. + This option is useful for offload platforms where WLAN interfaces are on a + offload target which bridge traffic through a upstream interface to the host (7490)