netfilter: xtables: use "if" blocks in Kconfig
Signed-off-by: Jan Engelhardt <jengelh@medozas.de> Signed-off-by: Patrick McHardy <kaber@trash.net>
This commit is contained in:
Jan Engelhardt
committed by
Patrick McHardy
Patrick McHardy
parent
aba0d34800
commit
c2df73de24
@@ -61,10 +61,11 @@ config IP_NF_IPTABLES
|
||||
|
||||
To compile it as a module, choose M here. If unsure, say N.
|
||||
|
||||
if IP_NF_IPTABLES
|
||||
|
||||
# The matches.
|
||||
config IP_NF_MATCH_ADDRTYPE
|
||||
tristate '"addrtype" address type match support'
|
||||
depends on IP_NF_IPTABLES
|
||||
depends on NETFILTER_ADVANCED
|
||||
help
|
||||
This option allows you to match what routing thinks of an address,
|
||||
@@ -75,7 +76,6 @@ config IP_NF_MATCH_ADDRTYPE
|
||||
|
||||
config IP_NF_MATCH_AH
|
||||
tristate '"ah" match support'
|
||||
depends on IP_NF_IPTABLES
|
||||
depends on NETFILTER_ADVANCED
|
||||
help
|
||||
This match extension allows you to match a range of SPIs
|
||||
@@ -85,7 +85,6 @@ config IP_NF_MATCH_AH
|
||||
|
||||
config IP_NF_MATCH_ECN
|
||||
tristate '"ecn" match support'
|
||||
depends on IP_NF_IPTABLES
|
||||
depends on NETFILTER_ADVANCED
|
||||
help
|
||||
This option adds a `ECN' match, which allows you to match against
|
||||
@@ -95,7 +94,6 @@ config IP_NF_MATCH_ECN
|
||||
|
||||
config IP_NF_MATCH_TTL
|
||||
tristate '"ttl" match support'
|
||||
depends on IP_NF_IPTABLES
|
||||
depends on NETFILTER_ADVANCED
|
||||
help
|
||||
This adds CONFIG_IP_NF_MATCH_TTL option, which enabled the user
|
||||
@@ -106,7 +104,6 @@ config IP_NF_MATCH_TTL
|
||||
# `filter', generic and specific targets
|
||||
config IP_NF_FILTER
|
||||
tristate "Packet filtering"
|
||||
depends on IP_NF_IPTABLES
|
||||
default m if NETFILTER_ADVANCED=n
|
||||
help
|
||||
Packet filtering defines a table `filter', which has a series of
|
||||
@@ -128,7 +125,6 @@ config IP_NF_TARGET_REJECT
|
||||
|
||||
config IP_NF_TARGET_LOG
|
||||
tristate "LOG target support"
|
||||
depends on IP_NF_IPTABLES
|
||||
default m if NETFILTER_ADVANCED=n
|
||||
help
|
||||
This option adds a `LOG' target, which allows you to create rules in
|
||||
@@ -138,7 +134,6 @@ config IP_NF_TARGET_LOG
|
||||
|
||||
config IP_NF_TARGET_ULOG
|
||||
tristate "ULOG target support"
|
||||
depends on IP_NF_IPTABLES
|
||||
default m if NETFILTER_ADVANCED=n
|
||||
---help---
|
||||
|
||||
@@ -159,7 +154,7 @@ config IP_NF_TARGET_ULOG
|
||||
# NAT + specific targets: nf_conntrack
|
||||
config NF_NAT
|
||||
tristate "Full NAT"
|
||||
depends on IP_NF_IPTABLES && NF_CONNTRACK_IPV4
|
||||
depends on NF_CONNTRACK_IPV4
|
||||
default m if NETFILTER_ADVANCED=n
|
||||
help
|
||||
The Full NAT option allows masquerading, port forwarding and other
|
||||
@@ -254,44 +249,43 @@ config NF_NAT_PROTO_SCTP
|
||||
|
||||
config NF_NAT_FTP
|
||||
tristate
|
||||
depends on IP_NF_IPTABLES && NF_CONNTRACK && NF_NAT
|
||||
depends on NF_CONNTRACK && NF_NAT
|
||||
default NF_NAT && NF_CONNTRACK_FTP
|
||||
|
||||
config NF_NAT_IRC
|
||||
tristate
|
||||
depends on IP_NF_IPTABLES && NF_CONNTRACK && NF_NAT
|
||||
depends on NF_CONNTRACK && NF_NAT
|
||||
default NF_NAT && NF_CONNTRACK_IRC
|
||||
|
||||
config NF_NAT_TFTP
|
||||
tristate
|
||||
depends on IP_NF_IPTABLES && NF_CONNTRACK && NF_NAT
|
||||
depends on NF_CONNTRACK && NF_NAT
|
||||
default NF_NAT && NF_CONNTRACK_TFTP
|
||||
|
||||
config NF_NAT_AMANDA
|
||||
tristate
|
||||
depends on IP_NF_IPTABLES && NF_CONNTRACK && NF_NAT
|
||||
depends on NF_CONNTRACK && NF_NAT
|
||||
default NF_NAT && NF_CONNTRACK_AMANDA
|
||||
|
||||
config NF_NAT_PPTP
|
||||
tristate
|
||||
depends on IP_NF_IPTABLES && NF_CONNTRACK && NF_NAT
|
||||
depends on NF_CONNTRACK && NF_NAT
|
||||
default NF_NAT && NF_CONNTRACK_PPTP
|
||||
select NF_NAT_PROTO_GRE
|
||||
|
||||
config NF_NAT_H323
|
||||
tristate
|
||||
depends on IP_NF_IPTABLES && NF_CONNTRACK && NF_NAT
|
||||
depends on NF_CONNTRACK && NF_NAT
|
||||
default NF_NAT && NF_CONNTRACK_H323
|
||||
|
||||
config NF_NAT_SIP
|
||||
tristate
|
||||
depends on IP_NF_IPTABLES && NF_CONNTRACK && NF_NAT
|
||||
depends on NF_CONNTRACK && NF_NAT
|
||||
default NF_NAT && NF_CONNTRACK_SIP
|
||||
|
||||
# mangle + specific targets
|
||||
config IP_NF_MANGLE
|
||||
tristate "Packet mangling"
|
||||
depends on IP_NF_IPTABLES
|
||||
default m if NETFILTER_ADVANCED=n
|
||||
help
|
||||
This option adds a `mangle' table to iptables: see the man page for
|
||||
@@ -346,7 +340,6 @@ config IP_NF_TARGET_TTL
|
||||
# raw + specific targets
|
||||
config IP_NF_RAW
|
||||
tristate 'raw table support (required for NOTRACK/TRACE)'
|
||||
depends on IP_NF_IPTABLES
|
||||
depends on NETFILTER_ADVANCED
|
||||
help
|
||||
This option adds a `raw' table to iptables. This table is the very
|
||||
@@ -359,7 +352,6 @@ config IP_NF_RAW
|
||||
# security table for MAC policy
|
||||
config IP_NF_SECURITY
|
||||
tristate "Security table"
|
||||
depends on IP_NF_IPTABLES
|
||||
depends on SECURITY
|
||||
depends on NETFILTER_ADVANCED
|
||||
help
|
||||
@@ -368,6 +360,8 @@ config IP_NF_SECURITY
|
||||
|
||||
If unsure, say N.
|
||||
|
||||
endif # IP_NF_IPTABLES
|
||||
|
||||
# ARP tables
|
||||
config IP_NF_ARPTABLES
|
||||
tristate "ARP tables support"
|
||||
@@ -380,9 +374,10 @@ config IP_NF_ARPTABLES
|
||||
|
||||
To compile it as a module, choose M here. If unsure, say N.
|
||||
|
||||
if IP_NF_ARPTABLES
|
||||
|
||||
config IP_NF_ARPFILTER
|
||||
tristate "ARP packet filtering"
|
||||
depends on IP_NF_ARPTABLES
|
||||
help
|
||||
ARP packet filtering defines a table `filter', which has a series of
|
||||
rules for simple ARP packet filtering at local input and
|
||||
@@ -393,10 +388,11 @@ config IP_NF_ARPFILTER
|
||||
|
||||
config IP_NF_ARP_MANGLE
|
||||
tristate "ARP payload mangling"
|
||||
depends on IP_NF_ARPTABLES
|
||||
help
|
||||
Allows altering the ARP packet payload: source and destination
|
||||
hardware and network addresses.
|
||||
|
||||
endif # IP_NF_ARPTABLES
|
||||
|
||||
endmenu
|
||||
|
||||
|
||||
Reference in New Issue
Block a user