Hallo liebe (.*),ich benötige unbedingt vollständige (iptable-)nat Unterstützung, zum umleiten bestimmter well-known- Ports auf high- Ports (in Abhängigkeit bestimmter ip aliase).Leider gibt es immer Konflikte beim /bauen/ einiger avm Pakete (u.a. die avm firewall/pa), da diese nicht mehr kompatibel zu iptables sind. Ich stehe z.Z. auf dem Schlauch .. :/Hat bereits jemand einen halbwegs vernünftigen Lösungsansatz gefunden?
7490: freetz 6.30 iptables nat und avm firewall
- Ersteller lnslbrty
- Erstellt am
Hallo lnslbrty,
der Lösungsfahrplan hierfür wurde von Gene in Posting 2101049 aufgezeigt.
Dass IPTABLES/NAT/CONNTRACK Stand jetzt ausgeschaltet sind, heißt nicht, dass diese nie wieder eingeschaltet werden. Bevor dies geschieht sollten wir jedoch verstanden haben, was alles notwendig ist, damit diese stabil laufen, ohne die Stabilität der anderen AVM-Features zu beenträchtigen. Wenn es nicht möglich ist, dann soll dokumentiert werden, was man alles in Kauf nehmen muss, wenn man NAT und Co. auf der Box haben möchte. Auch die gegenseitigen Auswirkungen mit AVM_PA (wenn es welche gibt) sollten besser verstanden werden (u.U. könnte man den Kernel so patchen/bauen, dass AVM_PA von Beginn an komplett ausgeschaltet ist).
...
Ich würde mich sehr freuen, wenn die Community diese Arbeit übernehmen würde (z.B. unter Deiner Koordination) und wir, freetz-Entwickler, die Ergebnisse lediglich einpflegen/committen müssten
d.h. es geht momentan noch nicht;
Freetz-Mitwirkende, die sich diesem Thema annehmen, sind jedoch bei der Freetz-Community willkommen.
LG
PantaRhei
Das zentrale Problem besteht nach meiner Erfahrung nicht mit dem Packet Accelerator, sondern generell damit, daß einige von AVM veröffentlichte Kernel-Configs nicht zu den auf den AVM-Servern veröffentlichten Images passen, speziell das connection tracking ist hier das Problem - Du benötigst es als Voraussetzung für das Kernel-Modul nf_nat, es wird mit den AVM-Kernel-Configs aber nicht gebaut.
Ohne jegliche Gewähr kannst Du folgende Configs mal probieren:
Kernel-Config:
Iptables config.in:
Iptables config.in.modules:
Mit diesen Configs kannst Du im make menuconfig Iptables (wieder) auswählen, die von Dir benötigten Module werden nachladbar (<M>) gebaut (nf_conntrack, nf_nat) und können mittels modprobe geladen werden. Die Box bootet dann normal durch und lädt die Module. Zumindest bei mir läuft sie dann auch stabil weiter. Erste Einschränkungen kommen dann z.B. bei der VoIP-Telefonie dahingehend, daß die Gespräche entweder abbrechen oder unterirdische Qualität haben. Das muß allerdings nicht zwingend an den geladenen Modulen liegen, sondern könnte an fehlenden Port-Regeln für die VoIP-Telefonie liegen. Nochmal: lege Dir unbedingt vor dem Testen ausreichende Backups der Boxconfigs an und beschaffe Dir ein geeignetes Recover-Image.
Grüße,
JD.
Ohne jegliche Gewähr kannst Du folgende Configs mal probieren:
Kernel-Config:
Code:
#
# Automatically generated make config: don't edit
# Linux kernel version: 2.6.32.61
# Wed Jun 1 20:18:02 2016
#
CONFIG_MIPS=y
#
# Machine selection
#
# CONFIG_MACH_ALCHEMY is not set
# CONFIG_AR7 is not set
# CONFIG_MIPS_UR8 is not set
# CONFIG_BASLER_EXCITE is not set
# CONFIG_BCM47XX is not set
# CONFIG_BCM63XX is not set
# CONFIG_MIPS_COBALT is not set
# CONFIG_MACH_FUSIV is not set
CONFIG_LANTIQ=y
# CONFIG_MACH_DECSTATION is not set
# CONFIG_MACH_JAZZ is not set
# CONFIG_LASAT is not set
# CONFIG_MACH_LOONGSON is not set
# CONFIG_MIPS_MALTA is not set
# CONFIG_MIPS_SIM is not set
# CONFIG_NEC_MARKEINS is not set
# CONFIG_MACH_VR41XX is not set
# CONFIG_NXP_STB220 is not set
# CONFIG_NXP_STB225 is not set
# CONFIG_PNX8550_JBS is not set
# CONFIG_PNX8550_STB810 is not set
# CONFIG_PMC_MSP is not set
# CONFIG_PMC_YOSEMITE is not set
# CONFIG_SGI_IP22 is not set
# CONFIG_SGI_IP27 is not set
# CONFIG_SGI_IP28 is not set
# CONFIG_SGI_IP32 is not set
# CONFIG_SIBYTE_CRHINE is not set
# CONFIG_SIBYTE_CARMEL is not set
# CONFIG_SIBYTE_CRHONE is not set
# CONFIG_SIBYTE_RHONE is not set
# CONFIG_SIBYTE_SWARM is not set
# CONFIG_SIBYTE_LITTLESUR is not set
# CONFIG_SIBYTE_SENTOSA is not set
# CONFIG_SIBYTE_BIGSUR is not set
# CONFIG_SNI_RM is not set
# CONFIG_MACH_TX39XX is not set
# CONFIG_MACH_TX49XX is not set
# CONFIG_MIKROTIK_RB532 is not set
# CONFIG_WR_PPMC is not set
# CONFIG_CAVIUM_OCTEON_SIMULATOR is not set
# CONFIG_CAVIUM_OCTEON_REFERENCE_BOARD is not set
# CONFIG_MACH_AR7100 is not set
# CONFIG_MACH_AR7240 is not set
# CONFIG_MACH_AR724x is not set
# CONFIG_MACH_AR933x is not set
# CONFIG_MACH_AR934x is not set
# CONFIG_MACH_QCA955x is not set
# CONFIG_MACH_HORNET is not set
# CONFIG_DANUBE is not set
CONFIG_IFX_DMA_DESCRIPTOR_NUMBER=128
CONFIG_NAPI_ENABLED=y
# CONFIG_DMA_HW_POLL_DISABLED is not set
# CONFIG_AMAZON_SE is not set
# CONFIG_AR9 is not set
CONFIG_IFX_CLOCK_CHANGE=y
CONFIG_VR9=y
#
# VR9 Boards
#
# CONFIG_VR9_REF_BOARD is not set
CONFIG_VR9_AVM_FRITZ_BOX=y
# CONFIG_LTQ_RT288 is not set
#
# Extra Configuration
#
CONFIG_DMA_PACKET_ARBITRATION_ENABLED=y
# CONFIG_GRX_25M_MODEL is not set
# CONFIG_HN1 is not set
# CONFIG_AR10 is not set
CONFIG_AR9VR9_C55_MEMORY_SIZE=0x0
CONFIG_AR9VR9_C55_MEMORY_START=0x0
# CONFIG_AR9VR9_AVM_CPUFREQ is not set
# CONFIG_AR9VR9_AVM_CPUIDLE is not set
# CONFIG_ALCHEMY_GPIO_INDIRECT is not set
CONFIG_RWSEM_GENERIC_SPINLOCK=y
# CONFIG_ARCH_HAS_ILOG2_U32 is not set
# CONFIG_ARCH_HAS_ILOG2_U64 is not set
# CONFIG_MIPS_FUSIV is not set
# CONFIG_MACH_ATHEROS is not set
CONFIG_GENERIC_FIND_NEXT_BIT=y
CONFIG_GENERIC_HWEIGHT=y
CONFIG_GENERIC_CALIBRATE_DELAY=y
#
# *** AVM Board PCI Configuration ***
#
CONFIG_GENERIC_CLOCKEVENTS=y
CONFIG_GENERIC_TIME=y
# CONFIG_GENERIC_CMOS_UPDATE is not set
CONFIG_SCHED_OMIT_FRAME_POINTER=y
# CONFIG_GENERIC_HARDIRQS_NO__DO_IRQ is not set
CONFIG_CEVT_R4K_LIB=y
CONFIG_CEVT_R4K=y
CONFIG_CSRC_R4K_LIB=y
CONFIG_CSRC_R4K=y
CONFIG_DMA_NONCOHERENT=y
CONFIG_DMA_NEED_PCI_MAP_STATE=y
CONFIG_EARLY_PRINTK=y
CONFIG_SYS_HAS_EARLY_PRINTK=y
CONFIG_MIPS_FPU_EMU=y
# CONFIG_MIPS_MACHINE is not set
# CONFIG_IMAGE_CMDLINE_HACK is not set
# CONFIG_NO_IOPORT is not set
CONFIG_CPU_HAS_DSP_ASE=y
CONFIG_CPU_BIG_ENDIAN=y
# CONFIG_CPU_LITTLE_ENDIAN is not set
CONFIG_SYS_SUPPORTS_BIG_ENDIAN=y
CONFIG_IRQ_CPU=y
CONFIG_BOOT_ELF32=y
CONFIG_MIPS_L1_CACHE_SHIFT=5
#
# CPU selection
#
# CONFIG_CPU_LOONGSON2E is not set
# CONFIG_CPU_MIPS32_R1 is not set
# CONFIG_CPU_MIPS32_R2 is not set
# CONFIG_CPU_MIPS_24K is not set
CONFIG_CPU_MIPS_34K=y
# CONFIG_CPU_MIPS_74K is not set
# CONFIG_CPU_MIPS64_R1 is not set
# CONFIG_CPU_MIPS64_R2 is not set
# CONFIG_CPU_R3000 is not set
# CONFIG_CPU_TX39XX is not set
# CONFIG_CPU_VR41XX is not set
# CONFIG_CPU_R4300 is not set
# CONFIG_CPU_R4X00 is not set
# CONFIG_CPU_TX49XX is not set
# CONFIG_CPU_R5000 is not set
# CONFIG_CPU_R5432 is not set
# CONFIG_CPU_R5500 is not set
# CONFIG_CPU_R6000 is not set
# CONFIG_CPU_NEVADA is not set
# CONFIG_CPU_R8000 is not set
# CONFIG_CPU_R10000 is not set
# CONFIG_CPU_RM7000 is not set
# CONFIG_CPU_RM9000 is not set
# CONFIG_CPU_SB1 is not set
# CONFIG_CPU_CAVIUM_OCTEON is not set
CONFIG_SYS_HAS_CPU_MIPS32_R1=y
CONFIG_SYS_HAS_CPU_MIPS32_R2=y
CONFIG_WEAK_ORDERING=y
CONFIG_WEAK_REORDERING_BEYOND_LLSC=y
CONFIG_CPU_MIPS32=y
CONFIG_CPU_MIPSR2=y
CONFIG_SYS_SUPPORTS_32BIT_KERNEL=y
CONFIG_CPU_SUPPORTS_32BIT_KERNEL=y
CONFIG_HARDWARE_WATCHPOINTS=y
#
# Kernel type
#
CONFIG_LTQ=y
# CONFIG_LTQ_SYS_OPT is not set
# CONFIG_LTQ_OPTIMIZATION is not set
CONFIG_32BIT=y
# CONFIG_64BIT is not set
CONFIG_PAGE_SIZE_4KB=y
# CONFIG_PAGE_SIZE_8KB is not set
# CONFIG_PAGE_SIZE_16KB is not set
# CONFIG_PAGE_SIZE_32KB is not set
# CONFIG_PAGE_SIZE_64KB is not set
CONFIG_THREAD_SIZE_ORDER=2
CONFIG_CPU_HAS_PREFETCH=y
# CONFIG_AVM_WP is not set
# CONFIG_MIPS_MT_DISABLED is not set
# CONFIG_MIPS_MT_SMP is not set
CONFIG_MIPS_MT_SMTC=y
CONFIG_MIPS_MT=y
CONFIG_SYS_SUPPORTS_MULTITHREADING=y
CONFIG_MIPS_MT_FPAFF=y
# CONFIG_MIPS_VPE_LOADER is not set
CONFIG_PERFCTRS=y
CONFIG_MTSCHED=y
# CONFIG_MIPS_MT_SMTC_IM_BACKSTOP is not set
# CONFIG_MIPS_MT_SMTC_IRQAFF is not set
CONFIG_CPU_MIPSR2_IRQ_VI=y
CONFIG_CPU_MIPSR2_IRQ_EI=y
CONFIG_CPU_HAS_SYNC=y
CONFIG_GENERIC_HARDIRQS=y
CONFIG_GENERIC_IRQ_PROBE=y
CONFIG_IRQ_PER_CPU=y
CONFIG_ARCH_FLATMEM_ENABLE=y
CONFIG_ARCH_POPULATES_NODE_MAP=y
CONFIG_SELECT_MEMORY_MODEL=y
CONFIG_FLATMEM_MANUAL=y
# CONFIG_DISCONTIGMEM_MANUAL is not set
# CONFIG_SPARSEMEM_MANUAL is not set
CONFIG_FLATMEM=y
CONFIG_FLAT_NODE_MEM_MAP=y
CONFIG_PAGEFLAGS_EXTENDED=y
CONFIG_SPLIT_PTLOCK_CPUS=4
# CONFIG_PHYS_ADDR_T_64BIT is not set
CONFIG_ZONE_DMA_FLAG=0
CONFIG_VIRT_TO_BUS=y
CONFIG_HAVE_MLOCK=y
CONFIG_HAVE_MLOCKED_PAGE_BIT=y
CONFIG_KSM=y
CONFIG_DEFAULT_MMAP_MIN_ADDR=4096
# CONFIG_AVM_LOW_MEMORY_STRATEGY is not set
CONFIG_SMP=y
CONFIG_SMP_UP=y
CONFIG_SYS_SUPPORTS_SMP=y
CONFIG_NR_CPUS_DEFAULT_8=y
CONFIG_NR_CPUS=2
CONFIG_TICK_ONESHOT=y
CONFIG_NO_HZ=y
CONFIG_HIGH_RES_TIMERS=y
CONFIG_GENERIC_CLOCKEVENTS_BUILD=y
# CONFIG_HZ_48 is not set
CONFIG_HZ_100=y
# CONFIG_HZ_128 is not set
# CONFIG_HZ_250 is not set
# CONFIG_HZ_256 is not set
# CONFIG_HZ_1000 is not set
# CONFIG_HZ_1024 is not set
CONFIG_SYS_SUPPORTS_100HZ=y
CONFIG_SYS_SUPPORTS_250HZ=y
CONFIG_SYS_SUPPORTS_1000HZ=y
CONFIG_HZ=100
CONFIG_PREEMPT_NONE=y
# CONFIG_PREEMPT_VOLUNTARY is not set
# CONFIG_PREEMPT is not set
CONFIG_KEXEC=y
CONFIG_SECCOMP=y
CONFIG_LOCKDEP_SUPPORT=y
CONFIG_STACKTRACE_SUPPORT=y
CONFIG_DEFCONFIG_LIST="/lib/modules/$UNAME_RELEASE/.config"
CONFIG_CONSTRUCTORS=y
#
# General setup
#
CONFIG_EXPERIMENTAL=y
CONFIG_LOCK_KERNEL=y
CONFIG_INIT_ENV_ARG_LIMIT=32
CONFIG_LOCALVERSION=""
# CONFIG_LOCALVERSION_AUTO is not set
CONFIG_SWAP=y
CONFIG_SYSVIPC=y
CONFIG_SYSVIPC_SYSCTL=y
CONFIG_POSIX_MQUEUE=y
CONFIG_POSIX_MQUEUE_SYSCTL=y
CONFIG_BSD_PROCESS_ACCT=y
CONFIG_BSD_PROCESS_ACCT_V3=y
# CONFIG_TASKSTATS is not set
# CONFIG_AUDIT is not set
#
# RCU Subsystem
#
CONFIG_TREE_RCU=y
# CONFIG_TREE_PREEMPT_RCU is not set
# CONFIG_RCU_TRACE is not set
CONFIG_RCU_FANOUT=32
# CONFIG_RCU_FANOUT_EXACT is not set
# CONFIG_TREE_RCU_TRACE is not set
# CONFIG_IKCONFIG is not set
CONFIG_LOG_BUF_SHIFT=16
# CONFIG_CGROUPS is not set
# CONFIG_SYSFS_DEPRECATED_V2 is not set
CONFIG_RELAY=y
# CONFIG_NAMESPACES is not set
CONFIG_BLK_DEV_INITRD=y
CONFIG_INITRAMFS_SOURCE=""
# CONFIG_RD_GZIP is not set
# CONFIG_RD_BZIP2 is not set
# CONFIG_RD_LZMA is not set
CONFIG_CC_OPTIMIZE_FOR_SIZE=y
CONFIG_SYSCTL=y
CONFIG_ANON_INODES=y
CONFIG_EMBEDDED=y
CONFIG_SYSCTL_SYSCALL=y
CONFIG_KALLSYMS=y
CONFIG_KALLSYMS_ALL=y
CONFIG_KALLSYMS_EXTRA_PASS=y
CONFIG_HOTPLUG=y
CONFIG_PRINTK=y
CONFIG_BUG=y
CONFIG_ELF_CORE=y
# CONFIG_PCSPKR_PLATFORM is not set
CONFIG_BASE_FULL=y
CONFIG_FUTEX=y
CONFIG_EPOLL=y
CONFIG_SIGNALFD=y
CONFIG_TIMERFD=y
CONFIG_EVENTFD=y
CONFIG_SHMEM=y
CONFIG_AIO=y
#
# Kernel Performance Events And Counters
#
CONFIG_VM_EVENT_COUNTERS=y
CONFIG_PCI_QUIRKS=y
CONFIG_COMPAT_BRK=y
CONFIG_SLAB=y
# CONFIG_SLUB is not set
# CONFIG_SLOB is not set
# CONFIG_PROFILING is not set
CONFIG_AVM_SIMPLE_PROFILING=y
# CONFIG_AVM_SIMPLE_PROFILING_YIELD is not set
CONFIG_HAVE_OPROFILE=y
CONFIG_USE_GENERIC_SMP_HELPERS=y
# CONFIG_AVM_ARCH_STATIC_WLAN_MEMORY is not set
#
# GCOV-based kernel profiling
#
# CONFIG_GCOV_KERNEL_ENABLE is not set
CONFIG_SLOW_WORK=y
CONFIG_HAVE_GENERIC_DMA_COHERENT=y
CONFIG_SLABINFO=y
CONFIG_RT_MUTEXES=y
CONFIG_BASE_SMALL=0
CONFIG_MODULES=y
# CONFIG_MODULE_FORCE_LOAD is not set
CONFIG_MODULE_UNLOAD=y
# CONFIG_MODULE_FORCE_UNLOAD is not set
# CONFIG_MODVERSIONS is not set
# CONFIG_MODULE_SRCVERSION_ALL is not set
CONFIG_STOP_MACHINE=y
CONFIG_BLOCK=y
CONFIG_LBDAF=y
# CONFIG_BLK_DEV_BSG is not set
# CONFIG_BLK_DEV_INTEGRITY is not set
#
# IO Schedulers
#
CONFIG_IOSCHED_NOOP=y
# CONFIG_IOSCHED_AS is not set
# CONFIG_IOSCHED_DEADLINE is not set
# CONFIG_IOSCHED_CFQ is not set
# CONFIG_DEFAULT_AS is not set
# CONFIG_DEFAULT_DEADLINE is not set
# CONFIG_DEFAULT_CFQ is not set
CONFIG_DEFAULT_NOOP=y
CONFIG_DEFAULT_IOSCHED="noop"
# CONFIG_PROBE_INITRD_HEADER is not set
# CONFIG_FREEZER is not set
#
# Bus options (PCI, PCMCIA, EISA, ISA, TC)
#
CONFIG_HW_HAS_PCI=y
# CONFIG_ATH_HAS_PCI_RC2 is not set
CONFIG_PCI=y
CONFIG_PCI_DOMAINS=y
CONFIG_PCIEPORTBUS=y
CONFIG_PCIEAER=y
# CONFIG_PCIE_ECRC is not set
# CONFIG_PCIEAER_INJECT is not set
CONFIG_IFX_PCIE=y
CONFIG_IFX_PCIE_PHY_36MHZ_MODE=y
# CONFIG_IFX_PCIE_PHY_36MHZ_SSC_MODE is not set
# CONFIG_IFX_PCIE_PHY_25MHZ_MODE is not set
# CONFIG_IFX_PCIE_PHY_100MHZ_MODE is not set
CONFIG_IFX_PCIE_1ST_CORE=y
CONFIG_IFX_PCIE_HW_SWAP=y
# CONFIG_IFX_PCIE_INBOUND_NO_HW_SWAP is not set
# CONFIG_IFX_PCIE_VR9_A11_HRST is not set
# CONFIG_PCIEASPM is not set
CONFIG_ARCH_SUPPORTS_MSI=y
# CONFIG_PCI_MSI is not set
CONFIG_PCI_LEGACY=y
# CONFIG_PCI_INIT_IN_MONITOR is not set
# CONFIG_PCI_DEBUG is not set
# CONFIG_PCI_STUB is not set
# CONFIG_PCI_DISABLE_COMMON_QUIRKS is not set
# CONFIG_PCI_IOV is not set
# CONFIG_IFX_PCI is not set
CONFIG_MMU=y
# CONFIG_PCCARD is not set
# CONFIG_HOTPLUG_PCI is not set
#
# Executable file formats
#
CONFIG_BINFMT_ELF=y
# CONFIG_CORE_DUMP_DEFAULT_ELF_HEADERS is not set
# CONFIG_HAVE_AOUT is not set
# CONFIG_BINFMT_MISC is not set
CONFIG_TRAD_SIGNALS=y
#
# Power management options
#
# CONFIG_PM is not set
# CONFIG_CPU_FREQ is not set
# CONFIG_CPU_IDLE is not set
CONFIG_NET=y
# CONFIG_NET_DEV_LOAD is not set
#
# Networking options
#
CONFIG_AVM_PA=y
CONFIG_AVM_PA_MAX_PID=32
CONFIG_AVM_PA_MAX_VPID=32
CONFIG_AVM_PA_MAX_SESSION=256
# CONFIG_AVM_RTP_TIMESTAMP is not set
CONFIG_KSPEEDTEST=m
CONFIG_PACKET=y
CONFIG_PACKET_MMAP=y
CONFIG_UNIX=y
# CONFIG_NET_KEY is not set
CONFIG_INET=y
# CONFIG_IFX_IPQOS is not set
# CONFIG_LTQ_ADDON is not set
CONFIG_IP_MULTICAST=y
# CONFIG_IP_ADVANCED_ROUTER is not set
CONFIG_IP_FIB_HASH=y
CONFIG_IP_PNP=y
# CONFIG_IP_PNP_DHCP is not set
# CONFIG_IP_PNP_BOOTP is not set
# CONFIG_IP_PNP_RARP is not set
CONFIG_NET_IPIP=y
# CONFIG_NET_IPGRE is not set
CONFIG_IP_MROUTE=y
CONFIG_IP_PIMSM_V1=y
CONFIG_IP_PIMSM_V2=y
# CONFIG_ARPD is not set
# CONFIG_SYN_COOKIES is not set
# CONFIG_INET_AH is not set
# CONFIG_INET_ESP is not set
# CONFIG_INET_IPCOMP is not set
# CONFIG_INET_XFRM_TUNNEL is not set
CONFIG_INET_TUNNEL=y
# CONFIG_INET_XFRM_MODE_TRANSPORT is not set
# CONFIG_INET_XFRM_MODE_TUNNEL is not set
# CONFIG_INET_XFRM_MODE_BEET is not set
# CONFIG_INET_LRO is not set
CONFIG_INET_DIAG=y
CONFIG_INET_TCP_DIAG=y
CONFIG_TCP_CONG_ADVANCED=y
CONFIG_TCP_CONG_BIC=m
CONFIG_TCP_CONG_CUBIC=y
CONFIG_TCP_CONG_WESTWOOD=m
CONFIG_TCP_CONG_HTCP=m
# CONFIG_TCP_CONG_HSTCP is not set
# CONFIG_TCP_CONG_HYBLA is not set
# CONFIG_TCP_CONG_VEGAS is not set
# CONFIG_TCP_CONG_SCALABLE is not set
# CONFIG_TCP_CONG_LP is not set
# CONFIG_TCP_CONG_VENO is not set
# CONFIG_TCP_CONG_YEAH is not set
# CONFIG_TCP_CONG_ILLINOIS is not set
# CONFIG_DEFAULT_BIC is not set
CONFIG_DEFAULT_CUBIC=y
# CONFIG_DEFAULT_HTCP is not set
# CONFIG_DEFAULT_VEGAS is not set
# CONFIG_DEFAULT_WESTWOOD is not set
# CONFIG_DEFAULT_RENO is not set
CONFIG_DEFAULT_TCP_CONG="cubic"
# CONFIG_TCP_MD5SIG is not set
CONFIG_IP_MULTICAST_FASTFORWARD=y
CONFIG_IPV6=y
# CONFIG_IPV6_PRIVACY is not set
CONFIG_IPV6_ROUTER_PREF=y
CONFIG_IPV6_ROUTE_INFO=y
# CONFIG_IPV6_OPTIMISTIC_DAD is not set
# CONFIG_INET6_AH is not set
# CONFIG_INET6_ESP is not set
# CONFIG_INET6_IPCOMP is not set
# CONFIG_IPV6_MIP6 is not set
# CONFIG_INET6_XFRM_TUNNEL is not set
# CONFIG_INET6_TUNNEL is not set
# CONFIG_INET6_XFRM_MODE_TRANSPORT is not set
# CONFIG_INET6_XFRM_MODE_TUNNEL is not set
# CONFIG_INET6_XFRM_MODE_BEET is not set
# CONFIG_INET6_XFRM_MODE_ROUTEOPTIMIZATION is not set
CONFIG_IPV6_SIT=y
CONFIG_IPV6_SIT_6RD=y
CONFIG_IPV6_NDISC_NODETYPE=y
# CONFIG_IPV6_TUNNEL is not set
# CONFIG_IPV6_MULTIPLE_TABLES is not set
# CONFIG_IPV6_MROUTE is not set
# CONFIG_NETLABEL is not set
# CONFIG_IFX_IGMP_PROXY is not set
# CONFIG_IFX_IGMP_SNOOPING is not set
CONFIG_IFX_MCAST_FASTPATH=y
CONFIG_GENERIC_CONNTRACK=y
# CONFIG_NETWORK_SECMARK is not set
CONFIG_NETFILTER=y
# CONFIG_NETFILTER_DEBUG is not set
CONFIG_NETFILTER_ADVANCED=y
# CONFIG_BRIDGE_NETFILTER is not set
#
# Core Netfilter Configuration
#
CONFIG_NETFILTER_NETLINK=m
# CONFIG_NETFILTER_NETLINK_QUEUE is not set
CONFIG_NETFILTER_NETLINK_LOG=m
CONFIG_NF_CONNTRACK=m
# CONFIG_NF_CT_ACCT is not set
# CONFIG_NF_CONNTRACK_MARK is not set
# CONFIG_NF_CONNTRACK_EVENTS is not set
# CONFIG_NF_CT_PROTO_DCCP is not set
CONFIG_NF_CT_PROTO_ESP=m
# CONFIG_NF_CT_PROTO_SCTP is not set
# CONFIG_NF_CT_PROTO_UDPLITE is not set
# CONFIG_NF_CONNTRACK_AMANDA is not set
# CONFIG_NF_CONNTRACK_FTP is not set
# CONFIG_NF_CONNTRACK_IPSEC_IKE is not set
# CONFIG_NF_CONNTRACK_H323 is not set
# CONFIG_NF_CONNTRACK_IRC is not set
# CONFIG_NF_CONNTRACK_NETBIOS_NS is not set
# CONFIG_NF_CONNTRACK_PPTP is not set
# CONFIG_NF_CONNTRACK_SANE is not set
# CONFIG_NF_CONNTRACK_SIP is not set
# CONFIG_NF_CONNTRACK_TFTP is not set
# CONFIG_NF_CONNTRACK_RTSP is not set
# CONFIG_NF_CT_NETLINK is not set
CONFIG_NETFILTER_XTABLES=m
CONFIG_NETFILTER_XT_TARGET_CLASSIFY=m
# CONFIG_NETFILTER_XT_TARGET_CONNMARK is not set
CONFIG_NETFILTER_XT_TARGET_DSCP=m
CONFIG_NETFILTER_XT_TARGET_HL=m
# CONFIG_NETFILTER_XT_TARGET_IMQ is not set
CONFIG_NETFILTER_XT_TARGET_MARK=m
CONFIG_NETFILTER_XT_TARGET_NFLOG=m
CONFIG_NETFILTER_XT_TARGET_NFQUEUE=m
# CONFIG_NETFILTER_XT_TARGET_NOTRACK is not set
CONFIG_NETFILTER_XT_TARGET_RATEEST=m
# CONFIG_NETFILTER_XT_TARGET_TRACE is not set
CONFIG_NETFILTER_XT_TARGET_TCPMSS=m
CONFIG_NETFILTER_XT_TARGET_TCPOPTSTRIP=m
# CONFIG_NETFILTER_XT_MATCH_CLUSTER is not set
CONFIG_NETFILTER_XT_MATCH_COMMENT=m
# CONFIG_NETFILTER_XT_MATCH_CONNBYTES is not set
# CONFIG_NETFILTER_XT_MATCH_CONNLIMIT is not set
# CONFIG_NETFILTER_XT_MATCH_CONNMARK is not set
CONFIG_NETFILTER_XT_MATCH_CONNTRACK=m
CONFIG_NETFILTER_XT_MATCH_DCCP=m
CONFIG_NETFILTER_XT_MATCH_DSCP=m
CONFIG_NETFILTER_XT_MATCH_ESP=m
CONFIG_NETFILTER_XT_MATCH_HASHLIMIT=m
# CONFIG_NETFILTER_XT_MATCH_HELPER is not set
CONFIG_NETFILTER_XT_MATCH_HL=m
CONFIG_NETFILTER_XT_MATCH_IPRANGE=m
CONFIG_NETFILTER_XT_MATCH_LENGTH=m
CONFIG_NETFILTER_XT_MATCH_LIMIT=m
CONFIG_NETFILTER_XT_MATCH_MAC=m
CONFIG_NETFILTER_XT_MATCH_MARK=m
CONFIG_NETFILTER_XT_MATCH_MULTIPORT=m
CONFIG_NETFILTER_XT_MATCH_OWNER=m
CONFIG_NETFILTER_XT_MATCH_PKTTYPE=m
CONFIG_NETFILTER_XT_MATCH_QUOTA=m
CONFIG_NETFILTER_XT_MATCH_RATEEST=m
CONFIG_NETFILTER_XT_MATCH_REALM=m
CONFIG_NETFILTER_XT_MATCH_RECENT=m
# CONFIG_NETFILTER_XT_MATCH_RECENT_PROC_COMPAT is not set
# CONFIG_NETFILTER_XT_MATCH_SCTP is not set
CONFIG_NETFILTER_XT_MATCH_STATE=m
CONFIG_NETFILTER_XT_MATCH_STATISTIC=m
CONFIG_NETFILTER_XT_MATCH_STRING=m
CONFIG_NETFILTER_XT_MATCH_TCPMSS=m
CONFIG_NETFILTER_XT_MATCH_TIME=m
CONFIG_NETFILTER_XT_MATCH_U32=m
# CONFIG_NETFILTER_XT_MATCH_OSF is not set
# CONFIG_IP_VS is not set
#
# IP: Netfilter Configuration
#
CONFIG_NF_DEFRAG_IPV4=m
CONFIG_NF_CONNTRACK_IPV4=m
CONFIG_NF_CONNTRACK_PROC_COMPAT=y
# CONFIG_IP_NF_QUEUE is not set
CONFIG_IP_NF_IPTABLES=m
CONFIG_IP_NF_MATCH_ADDRTYPE=m
CONFIG_IP_NF_MATCH_AH=m
CONFIG_IP_NF_MATCH_ECN=m
CONFIG_IP_NF_MATCH_TTL=m
CONFIG_IP_NF_FILTER=m
CONFIG_IP_NF_TARGET_REJECT=m
CONFIG_IP_NF_TARGET_LOG=m
# CONFIG_IP_NF_TARGET_ULOG is not set
CONFIG_NF_NAT=m
CONFIG_NF_NAT_NEEDED=y
CONFIG_IP_NF_TARGET_MASQUERADE=m
# CONFIG_IP_NF_TARGET_NATTYPE is not set
# CONFIG_IP_NF_TARGET_NETMAP is not set
CONFIG_IP_NF_TARGET_REDIRECT=m
# CONFIG_NF_NAT_SNMP_BASIC is not set
# CONFIG_ATH_HW_NAT is not set
# CONFIG_NF_NAT_FTP is not set
# CONFIG_NF_NAT_IRC is not set
# CONFIG_NF_NAT_RTSP is not set
# CONFIG_NF_NAT_TFTP is not set
# CONFIG_NF_NAT_AMANDA is not set
# CONFIG_NF_NAT_PPTP is not set
# CONFIG_NF_NAT_H323 is not set
# CONFIG_NF_NAT_SIP is not set
# CONFIG_IP_NF_MANGLE is not set
CONFIG_IP_NF_TARGET_TTL=m
CONFIG_IP_NF_RAW=m
# CONFIG_IP_NF_SECURITY is not set
CONFIG_IP_NF_ARPTABLES=m
# CONFIG_IP_NF_ARPFILTER is not set
# CONFIG_IP_NF_ARP_MANGLE is not set
#
# IPv6: Netfilter Configuration
#
# CONFIG_NF_CONNTRACK_IPV6 is not set
CONFIG_IP6_NF_QUEUE=m
CONFIG_IP6_NF_IPTABLES=m
CONFIG_IP6_NF_MATCH_AH=m
CONFIG_IP6_NF_MATCH_EUI64=m
CONFIG_IP6_NF_MATCH_FRAG=m
CONFIG_IP6_NF_MATCH_OPTS=m
CONFIG_IP6_NF_MATCH_HL=m
CONFIG_IP6_NF_MATCH_IPV6HEADER=m
CONFIG_IP6_NF_MATCH_MH=m
CONFIG_IP6_NF_MATCH_RT=m
CONFIG_IP6_NF_TARGET_HL=m
CONFIG_IP6_NF_TARGET_LOG=m
CONFIG_IP6_NF_FILTER=m
CONFIG_IP6_NF_TARGET_REJECT=m
CONFIG_IP6_NF_MANGLE=m
CONFIG_IP6_NF_RAW=m
# CONFIG_IP6_NF_SECURITY is not set
# CONFIG_IP_DCCP is not set
# CONFIG_IP_SCTP is not set
# CONFIG_RDS is not set
# CONFIG_TIPC is not set
CONFIG_ATM=y
# CONFIG_ATM_CLIP is not set
# CONFIG_ATM_LANE is not set
CONFIG_ATM_BR2684=y
# CONFIG_ATM_BR2684_IPFILTER is not set
CONFIG_IFX_OAM=y
CONFIG_L2TP=y
CONFIG_L2TP_V3=y
CONFIG_L2TP_IP=y
CONFIG_L2TP_ETH=y
CONFIG_STP=y
CONFIG_BRIDGE=y
# CONFIG_BRIDGE_SNOOPING is not set
# CONFIG_NET_DSA is not set
CONFIG_VLAN_8021Q=y
# CONFIG_VLAN_8021Q_GVRP is not set
# CONFIG_DECNET is not set
CONFIG_LLC=y
# CONFIG_LLC2 is not set
# CONFIG_IPX is not set
# CONFIG_ATALK is not set
# CONFIG_X25 is not set
# CONFIG_LAPB is not set
# CONFIG_ECONET is not set
# CONFIG_WAN_ROUTER is not set
# CONFIG_PHONET is not set
# CONFIG_IEEE802154 is not set
CONFIG_NET_SCHED=y
#
# Queueing/Scheduling
#
CONFIG_NET_SCH_CBQ=m
CONFIG_NET_SCH_HTB=m
CONFIG_NET_SCH_HFSC=m
# CONFIG_NET_SCH_ATM is not set
CONFIG_NET_SCH_PRIO=m
# CONFIG_NET_SCH_MULTIQ is not set
# CONFIG_NET_SCH_WRR is not set
CONFIG_NET_SCH_RED=m
CONFIG_NET_SCH_SFQ=m
# CONFIG_NET_SCH_ESFQ is not set
# CONFIG_NET_SCH_TEQL is not set
CONFIG_NET_SCH_TBF=m
# CONFIG_NET_SCH_GRED is not set
# CONFIG_NET_SCH_DSMARK is not set
# CONFIG_NET_SCH_NETEM is not set
# CONFIG_NET_SCH_DRR is not set
CONFIG_NET_SCH_LLQ=m
#
# Classification
#
CONFIG_NET_CLS=y
CONFIG_NET_CLS_BASIC=m
CONFIG_NET_CLS_TCINDEX=m
# CONFIG_NET_CLS_ROUTE4 is not set
CONFIG_NET_CLS_ROUTE=y
# CONFIG_NET_CLS_FW is not set
CONFIG_NET_CLS_U32=m
# CONFIG_CLS_U32_PERF is not set
# CONFIG_CLS_U32_MARK is not set
# CONFIG_NET_CLS_RSVP is not set
# CONFIG_NET_CLS_RSVP6 is not set
# CONFIG_NET_CLS_FLOW is not set
# CONFIG_NET_EMATCH is not set
# CONFIG_NET_CLS_ACT is not set
# CONFIG_NET_CLS_IND is not set
CONFIG_NET_SCH_FIFO=y
# CONFIG_DCB is not set
#
# Network testing
#
# CONFIG_NET_PKTGEN is not set
# CONFIG_HAMRADIO is not set
# CONFIG_CAN is not set
# CONFIG_IRDA is not set
CONFIG_BT=m
CONFIG_BT_L2CAP=m
# CONFIG_BT_SCO is not set
CONFIG_BT_RFCOMM=m
CONFIG_BT_RFCOMM_TTY=y
CONFIG_BT_BNEP=m
CONFIG_BT_BNEP_MC_FILTER=y
CONFIG_BT_BNEP_PROTO_FILTER=y
# CONFIG_BT_CMTP is not set
# CONFIG_BT_HIDP is not set
#
# Bluetooth device drivers
#
CONFIG_BT_HCIBTUSB=m
# CONFIG_BT_HCIUART is not set
# CONFIG_BT_HCIBCM203X is not set
# CONFIG_BT_HCIBPA10X is not set
CONFIG_BT_HCIBFUSB=m
# CONFIG_BT_HCIVHCI is not set
# CONFIG_BT_MRVL is not set
# CONFIG_AF_RXRPC is not set
CONFIG_WIRELESS=y
# CONFIG_CFG80211 is not set
CONFIG_CFG80211_DEFAULT_PS_VALUE=0
# CONFIG_WIRELESS_OLD_REGULATORY is not set
CONFIG_WIRELESS_EXT=y
# CONFIG_WIRELESS_EXT_SYSFS is not set
# CONFIG_LIB80211 is not set
# CONFIG_LIB80211_CRYPT_WEP is not set
# CONFIG_LIB80211_CRYPT_CCMP is not set
# CONFIG_LIB80211_CRYPT_TKIP is not set
#
# CFG80211 needs to be enabled for MAC80211
#
#
# Some wireless drivers require a rate control algorithm
#
# CONFIG_WIMAX is not set
# CONFIG_RFKILL is not set
# CONFIG_NET_9P is not set
#
# Device Drivers
#
#
# Generic Driver Options
#
CONFIG_UEVENT_HELPER_PATH="/sbin/hotplug"
# CONFIG_DEVTMPFS is not set
CONFIG_STANDALONE=y
CONFIG_PREVENT_FIRMWARE_BUILD=y
CONFIG_FW_LOADER=y
# CONFIG_FIRMWARE_IN_KERNEL is not set
CONFIG_EXTRA_FIRMWARE=""
# CONFIG_DEBUG_DRIVER is not set
# CONFIG_DEBUG_DEVRES is not set
# CONFIG_SYS_HYPERVISOR is not set
# CONFIG_CONNECTOR is not set
CONFIG_MTD=y
# CONFIG_MTD_DEBUG is not set
# CONFIG_MTD_TESTS is not set
CONFIG_MTD_CONCAT=y
CONFIG_MTD_PARTITIONS=y
# CONFIG_MTD_ROOTFS_ROOT_DEV is not set
# CONFIG_MTD_ROOTFS_SPLIT is not set
CONFIG_MTD_REDBOOT_PARTS=y
CONFIG_MTD_REDBOOT_DIRECTORY_BLOCK=-1
# CONFIG_MTD_REDBOOT_PARTS_UNALLOCATED is not set
# CONFIG_MTD_REDBOOT_PARTS_READONLY is not set
# CONFIG_MTD_CMDLINE_PARTS is not set
# CONFIG_MTD_AR7_PARTS is not set
#
# User Modules And Translation Layers
#
CONFIG_MTD_CHAR=y
CONFIG_MTD_BLKDEVS=y
CONFIG_MTD_BLOCK=y
# CONFIG_FTL is not set
# CONFIG_NFTL is not set
# CONFIG_INFTL is not set
# CONFIG_RFD_FTL is not set
# CONFIG_SSFDC is not set
# CONFIG_MTD_OOPS is not set
#
# RAM/ROM/Flash chip drivers
#
CONFIG_MTD_CFI=y
# CONFIG_MTD_JEDECPROBE is not set
CONFIG_MTD_GEN_PROBE=y
# CONFIG_MTD_CFI_ADV_OPTIONS is not set
CONFIG_MTD_MAP_BANK_WIDTH_1=y
CONFIG_MTD_MAP_BANK_WIDTH_2=y
CONFIG_MTD_MAP_BANK_WIDTH_4=y
# CONFIG_MTD_MAP_BANK_WIDTH_8 is not set
# CONFIG_MTD_MAP_BANK_WIDTH_16 is not set
# CONFIG_MTD_MAP_BANK_WIDTH_32 is not set
CONFIG_MTD_CFI_I1=y
CONFIG_MTD_CFI_I2=y
# CONFIG_MTD_CFI_I4 is not set
# CONFIG_MTD_CFI_I8 is not set
# CONFIG_MTD_CFI_INTELEXT is not set
CONFIG_MTD_CFI_AMDSTD=y
CONFIG_MTD_CFI_STAA=y
CONFIG_MTD_CFI_UTIL=y
CONFIG_MTD_RAM=y
# CONFIG_MTD_ROM is not set
# CONFIG_MTD_ABSENT is not set
#
# Mapping drivers for chip access
#
CONFIG_MTD_COMPLEX_MAPPINGS=y
# CONFIG_MTD_PHYSMAP is not set
# CONFIG_MTD_PCI is not set
# CONFIG_MTD_INTEL_VR_NOR is not set
CONFIG_MTD_PLATRAM=y
CONFIG_MTD_PLATNOR=y
# CONFIG_MTD_IFX_NOR is not set
#
# Self-contained MTD device drivers
#
# CONFIG_MTD_PMC551 is not set
# CONFIG_MTD_DATAFLASH is not set
# CONFIG_MTD_M25P80 is not set
# CONFIG_MTD_SST25L is not set
# CONFIG_MTD_SLRAM is not set
# CONFIG_MTD_PHRAM is not set
CONFIG_MTD_MTDRAM=m
CONFIG_MTDRAM_TOTAL_SIZE=4096
CONFIG_MTDRAM_ERASE_SIZE=128
CONFIG_MTD_BLOCK2MTD=y
#
# Disk-On-Chip Device Drivers
#
# CONFIG_MTD_DOC2000 is not set
# CONFIG_MTD_DOC2001 is not set
# CONFIG_MTD_DOC2001PLUS is not set
# CONFIG_MTD_AR7240_SPI_FLASH is not set
# CONFIG_MTD_ATH_FLASH is not set
# CONFIG_MTD_AR7100_SPI_FLASH is not set
# CONFIG_MTD_AR9100_PARALLEL_FLASH is not set
CONFIG_MTD_NAND=y
CONFIG_MTD_NAND_VERIFY_WRITE=y
# CONFIG_MTD_NAND_ECC_SMC is not set
# CONFIG_MTD_NAND_MUSEUM_IDS is not set
CONFIG_MTD_NAND_IDS=y
# CONFIG_MTD_NAND_DISKONCHIP is not set
# CONFIG_MTD_NAND_CAFE is not set
# CONFIG_MTD_NAND_NANDSIM is not set
# CONFIG_MTD_NAND_PLATFORM is not set
# CONFIG_MTD_ALAUDA is not set
# CONFIG_MTD_NAND_COMPLETE_AVM is not set
CONFIG_MTD_IFX_NAND_LATCH_ENABLE=y
# CONFIG_MTD_IFX_NAND is not set
CONFIG_MTD_IFX_HSNAND=y
CONFIG_MTD_IFX_HSNAND_FLASH_SIZE=4
# CONFIG_MTD_ONENAND is not set
#
# LPDDR flash memory drivers
#
# CONFIG_MTD_LPDDR is not set
#
# UBI - Unsorted block images
#
# CONFIG_MTD_UBI is not set
# CONFIG_PARPORT is not set
CONFIG_BLK_DEV=y
CONFIG_COMPCACHE=m
# CONFIG_BLK_DEV_VIRTUAL_FAT is not set
# CONFIG_BLK_CPQ_DA is not set
# CONFIG_BLK_CPQ_CISS_DA is not set
# CONFIG_BLK_DEV_DAC960 is not set
# CONFIG_BLK_DEV_UMEM is not set
# CONFIG_BLK_DEV_COW_COMMON is not set
CONFIG_BLK_DEV_LOOP=y
# CONFIG_BLK_DEV_CRYPTOLOOP is not set
CONFIG_BLK_DEV_NBD=y
# CONFIG_BLK_DEV_SX8 is not set
# CONFIG_BLK_DEV_UB is not set
# CONFIG_BLK_DEV_RAM is not set
# CONFIG_CDROM_PKTCDVD is not set
# CONFIG_ATA_OVER_ETH is not set
# CONFIG_BLK_DEV_HD is not set
# CONFIG_MISC_DEVICES is not set
CONFIG_HAVE_IDE=y
# CONFIG_IDE is not set
#
# SCSI device support
#
# CONFIG_RAID_ATTRS is not set
CONFIG_SCSI=m
CONFIG_SCSI_DMA=y
# CONFIG_SCSI_TGT is not set
# CONFIG_SCSI_NETLINK is not set
CONFIG_SCSI_PROC_FS=y
#
# SCSI support type (disk, tape, CD-ROM)
#
CONFIG_BLK_DEV_SD=m
# CONFIG_CHR_DEV_ST is not set
# CONFIG_CHR_DEV_OSST is not set
# CONFIG_BLK_DEV_SR is not set
# CONFIG_CHR_DEV_SG is not set
# CONFIG_CHR_DEV_SCH is not set
CONFIG_SCSI_MULTI_LUN=y
CONFIG_SCSI_CONSTANTS=y
CONFIG_SCSI_LOGGING=y
CONFIG_SCSI_SCAN_ASYNC=y
CONFIG_SCSI_WAIT_SCAN=m
#
# SCSI Transports
#
# CONFIG_SCSI_SPI_ATTRS is not set
# CONFIG_SCSI_FC_ATTRS is not set
# CONFIG_SCSI_ISCSI_ATTRS is not set
# CONFIG_SCSI_SAS_LIBSAS is not set
# CONFIG_SCSI_SRP_ATTRS is not set
# CONFIG_SCSI_LOWLEVEL is not set
# CONFIG_SCSI_DH is not set
# CONFIG_SCSI_OSD_INITIATOR is not set
# CONFIG_ATA is not set
CONFIG_MD=y
# CONFIG_BLK_DEV_MD is not set
CONFIG_BLK_DEV_DM=m
# CONFIG_DM_DEBUG is not set
CONFIG_DM_CRYPT=m
# CONFIG_DM_SNAPSHOT is not set
# CONFIG_DM_MIRROR is not set
# CONFIG_DM_ZERO is not set
# CONFIG_DM_MULTIPATH is not set
# CONFIG_DM_DELAY is not set
# CONFIG_DM_UEVENT is not set
# CONFIG_FUSION is not set
#
# IEEE 1394 (FireWire) support
#
#
# You can enable one or both FireWire driver stacks.
#
#
# See the help texts for more information.
#
# CONFIG_FIREWIRE is not set
# CONFIG_IEEE1394 is not set
# CONFIG_I2O is not set
CONFIG_NETDEVICES=y
# CONFIG_DUMMY is not set
# CONFIG_BONDING is not set
# CONFIG_MACVLAN is not set
# CONFIG_EQUALIZER is not set
# CONFIG_IMQ is not set
CONFIG_TUN=y
# CONFIG_VETH is not set
# CONFIG_ARCNET is not set
# CONFIG_PHYLIB is not set
CONFIG_NET_ETHERNET=y
CONFIG_MII=y
CONFIG_AVM_CPMAC=y
CONFIG_AVM_CPMAC_NUM_RX_BUFFERS=256
CONFIG_AVM_CPMAC_SWITCH=y
CONFIG_AVM_SCATTER_GATHER=y
# CONFIG_AVMNET_DEBUG is not set
# CONFIG_AVMNET_DEBUG_HAL is not set
# CONFIG_AX88796 is not set
# CONFIG_HAPPYMEAL is not set
# CONFIG_SUNGEM is not set
# CONFIG_CASSINI is not set
# CONFIG_NET_VENDOR_3COM is not set
# CONFIG_SMC91X is not set
# CONFIG_DM9000 is not set
# CONFIG_ENC28J60 is not set
# CONFIG_ETHOC is not set
# CONFIG_DNET is not set
# CONFIG_NET_TULIP is not set
# CONFIG_HP100 is not set
# CONFIG_IBM_NEW_EMAC_ZMII is not set
# CONFIG_IBM_NEW_EMAC_RGMII is not set
# CONFIG_IBM_NEW_EMAC_TAH is not set
# CONFIG_IBM_NEW_EMAC_EMAC4 is not set
# CONFIG_IBM_NEW_EMAC_NO_FLOW_CTRL is not set
# CONFIG_IBM_NEW_EMAC_MAL_CLR_ICINTSTAT is not set
# CONFIG_IBM_NEW_EMAC_MAL_COMMON_ERR is not set
# CONFIG_NET_PCI is not set
# CONFIG_B44 is not set
# CONFIG_KS8842 is not set
# CONFIG_KS8851 is not set
# CONFIG_KS8851_MLL is not set
# CONFIG_ATL2 is not set
CONFIG_NETDEV_1000=y
# CONFIG_ACENIC is not set
# CONFIG_DL2K is not set
# CONFIG_E1000 is not set
# CONFIG_E1000E is not set
# CONFIG_IP1000 is not set
# CONFIG_IGB is not set
# CONFIG_IGBVF is not set
# CONFIG_NS83820 is not set
# CONFIG_HAMACHI is not set
# CONFIG_YELLOWFIN is not set
# CONFIG_R8169 is not set
# CONFIG_SIS190 is not set
# CONFIG_SKGE is not set
# CONFIG_SKY2 is not set
# CONFIG_VIA_VELOCITY is not set
# CONFIG_TIGON3 is not set
# CONFIG_BNX2 is not set
# CONFIG_CNIC is not set
# CONFIG_QLA3XXX is not set
# CONFIG_ATL1 is not set
# CONFIG_ATL1E is not set
# CONFIG_ATL1C is not set
# CONFIG_JME is not set
# CONFIG_ATHRF1_PHY is not set
CONFIG_ATHRF2_PHY=y
# CONFIG_ATHRS16_PHY is not set
# CONFIG_ATHRS17_PHY is not set
# CONFIG_AR8021_PHY is not set
# CONFIG_AR7240_S26_PHY is not set
# CONFIG_ATHRS27_PHY is not set
# CONFIG_AR8033_PHY is not set
CONFIG_LANTIQ_11G_PHY=y
CONFIG_WLAN_OFFLOAD_PHY=y
# CONFIG_NETDEV_10000 is not set
# CONFIG_TR is not set
# CONFIG_WLAN is not set
#
# Enable WiMAX (Networking options) to see the WiMAX drivers
#
#
# USB Network Adapters
#
# CONFIG_USB_CATC is not set
# CONFIG_USB_KAWETH is not set
# CONFIG_USB_PEGASUS is not set
# CONFIG_USB_RTL8150 is not set
CONFIG_USB_USBNET=m
# CONFIG_USB_NET_AX8817X is not set
CONFIG_USB_NET_CDCETHER=m
# CONFIG_USB_NET_CDC_EEM is not set
# CONFIG_USB_NET_DM9601 is not set
# CONFIG_USB_NET_SMSC95XX is not set
# CONFIG_USB_NET_GL620A is not set
# CONFIG_USB_NET_NET1080 is not set
# CONFIG_USB_NET_PLUSB is not set
# CONFIG_USB_NET_MCS7830 is not set
CONFIG_USB_NET_RNDIS_HOST=m
# CONFIG_USB_NET_CDC_SUBSET is not set
# CONFIG_USB_NET_ZAURUS is not set
# CONFIG_USB_NET_INT51X1 is not set
# CONFIG_WAN is not set
CONFIG_ATM_DRIVERS=y
# CONFIG_ATM_DUMMY is not set
# CONFIG_ATM_TCP is not set
# CONFIG_ATM_LANAI is not set
# CONFIG_ATM_ENI is not set
# CONFIG_ATM_FIRESTREAM is not set
# CONFIG_ATM_ZATM is not set
# CONFIG_ATM_NICSTAR is not set
# CONFIG_ATM_IDT77252 is not set
# CONFIG_ATM_AMBASSADOR is not set
# CONFIG_ATM_HORIZON is not set
# CONFIG_ATM_IA is not set
# CONFIG_ATM_FORE200E is not set
# CONFIG_ATM_HE is not set
# CONFIG_ATM_SOLOS is not set
# CONFIG_IFX_ATM is not set
# CONFIG_IFX_PTM is not set
# CONFIG_IFX_ADTRAN_PTM is not set
CONFIG_IFX_ETHSW_API=y
#
# IFX_ETHSW_API
#
# CONFIG_LTQ_8021X is not set
# CONFIG_LTQ_MULTICAST is not set
# CONFIG_LTQ_QOS is not set
# CONFIG_LTQ_STP is not set
# CONFIG_LTQ_VLAN is not set
# CONFIG_LTQ_WOL is not set
# CONFIG_IFX_ETHSW_API_COC is not set
# CONFIG_IFX_ETHSW_API_COC_PMCU is not set
# CONFIG_GPHY_DRIVER is not set
CONFIG_IFX_PPA_NAPI_ENABLE=y
CONFIG_IFX_PPA=y
CONFIG_IFX_PPA_AVM_USAGE=y
CONFIG_IFX_PPA_API=m
# CONFIG_IFX_PPA_API_DIRECTPATH is not set
# CONFIG_DEBUG_AVM_PPA_VDEV is not set
CONFIG_IFX_PPA_API_PROC=m
CONFIG_IFX_PPA_MFE=y
CONFIG_IFX_PPA_QOS=y
CONFIG_IFX_PPA_QOS_WFQ=y
CONFIG_IFX_PPA_QOS_RATE_SHAPING=y
CONFIG_IFX_PPA_DATAPATH=m
# CONFIG_IFX_PPA_A5 is not set
# CONFIG_IFX_PPA_D5 is not set
CONFIG_IFX_PPA_E5=y
# CONFIG_IFX_PPE_E5_OFFCHIP_BONDING is not set
CONFIG_IFX_PPA_IPv6_ENABLE=y
CONFIG_PTM_VECTORING=y
# CONFIG_IFX_VECTOR_TIMER_CHECK is not set
# CONFIG_IFX_7PORT_SWITCH is not set
CONFIG_IFX_ETH_FRAMEWORK=y
# CONFIG_FDDI is not set
# CONFIG_HIPPI is not set
CONFIG_PPP=m
# CONFIG_PPP_MULTILINK is not set
CONFIG_PPP_FILTER=y
CONFIG_PPP_ASYNC=m
CONFIG_PPP_SYNC_TTY=m
CONFIG_PPP_DEFLATE=m
# CONFIG_PPP_BSDCOMP is not set
CONFIG_PPP_MPPE_MPPC=m
# CONFIG_PPPOE is not set
# CONFIG_PPPOATM is not set
# CONFIG_PPPOL2TP is not set
# CONFIG_SLIP is not set
CONFIG_SLHC=m
# CONFIG_NET_FC is not set
# CONFIG_NETCONSOLE is not set
# CONFIG_NETPOLL is not set
# CONFIG_NET_POLL_CONTROLLER is not set
CONFIG_AVM_NET_LINK_AUDIO=m
CONFIG_ISDN=y
# CONFIG_ISDN_I4L is not set
# CONFIG_MISDN is not set
CONFIG_ISDN_CAPI=y
CONFIG_CAPI_OSLIB=y
# CONFIG_CAPI_OSLIB_DEBUG is not set
CONFIG_CAPI_CODEC=m
# CONFIG_CAPI_CODEC_SPEEX is not set
CONFIG_CAPI_CODEC_ILBC=y
CONFIG_CAPI_CODEC_G729=y
CONFIG_CAPI_CODEC_G711=y
CONFIG_CAPI_CODEC_G726=y
CONFIG_CAPI_CODEC_G722=y
CONFIG_CAPI_CODEC_VAD=y
CONFIG_CAPI_CODEC_CNG=y
CONFIG_CAPI_CODEC_FAX=y
CONFIG_AVM_DECT=m
# CONFIG_AVM_DECT_DEBUG is not set
# CONFIG_ISDN_DRV_AVMB1_VERBOSE_REASON is not set
# CONFIG_CAPI_TRACE is not set
# CONFIG_ISDN_CAPI_MIDDLEWARE is not set
# CONFIG_ISDN_CAPI_CAPI20 is not set
#
# CAPI hardware drivers
#
CONFIG_CAPI_AVM=y
# CONFIG_ISDN_DRV_AVMB1_B1PCI is not set
# CONFIG_ISDN_DRV_AVMB1_B1PCMCIA is not set
# CONFIG_ISDN_DRV_AVMB1_T1PCI is not set
# CONFIG_ISDN_DRV_AVMB1_C4 is not set
CONFIG_ISDN_CAPI_ISDN_NT_PCMLINK=m
CONFIG_ISDN_NT_PCMLINK_BLK=m
CONFIG_ISDN_NT_PCMLINK_E1=m
CONFIG_ISDN_NT_PCMLINK_STACK=m
CONFIG_ISDN_NT_PCMLINK_ISDN_AB=m
# CONFIG_ISDN_NT_PCMLINK_DEBUG is not set
# CONFIG_ISDN_NT_PCMLINK_NO_BCHANNEL is not set
# CONFIG_ISDN_NT_PCMLINK_FAX is not set
# CONFIG_ISDN_NT_PCMLINK_COMPRESS is not set
# CONFIG_ISDN_NT_PCMLINK_MODEM is not set
# CONFIG_ISDN_NT_PCMLINK_DTMF is not set
CONFIG_ISDN_NT_PCMLINK_VCTRLS=y
CONFIG_ISDN_NT_PCMLINK_VCTRLS_NUMBER=5
CONFIG_ISDN_NT_PCMLINK_FRITZX=y
# CONFIG_CAPI_EICON is not set
# CONFIG_PHONE is not set
#
# Input device support
#
CONFIG_INPUT=y
# CONFIG_INPUT_FF_MEMLESS is not set
# CONFIG_INPUT_POLLDEV is not set
#
# Userland interfaces
#
# CONFIG_INPUT_MOUSEDEV is not set
# CONFIG_INPUT_JOYDEV is not set
# CONFIG_INPUT_EVDEV is not set
# CONFIG_INPUT_EVBUG is not set
#
# Input Device Drivers
#
# CONFIG_INPUT_KEYBOARD is not set
# CONFIG_INPUT_MOUSE is not set
# CONFIG_INPUT_JOYSTICK is not set
# CONFIG_INPUT_TABLET is not set
# CONFIG_INPUT_TOUCHSCREEN is not set
# CONFIG_INPUT_MISC is not set
#
# Hardware I/O ports
#
# CONFIG_SERIO is not set
# CONFIG_GAMEPORT is not set
#
# Character devices
#
CONFIG_VT=y
# CONFIG_CONSOLE_TRANSLATIONS is not set
CONFIG_VT_CONSOLE=y
CONFIG_HW_CONSOLE=y
# CONFIG_VT_HW_CONSOLE_BINDING is not set
# CONFIG_DEVKMEM is not set
# CONFIG_SERIAL_NONSTANDARD is not set
# CONFIG_NOZOMI is not set
#
# Serial drivers
#
# CONFIG_SERIAL_8250 is not set
# CONFIG_SERIAL_HORNET is not set
#
# Non-8250 serial port support
#
# CONFIG_SERIAL_MAX3100 is not set
CONFIG_SERIAL_CORE=y
CONFIG_SERIAL_CORE_CONSOLE=y
# CONFIG_SERIAL_JSM is not set
CONFIG_SERIAL_AVM=y
# CONFIG_SERIAL_AVM_8250 is not set
# CONFIG_SERIAL_AVM_ATH_HI is not set
CONFIG_SERIAL_AVM_ASC=y
CONFIG_SERIAL_AVM_ASC_CONSOLE=y
# CONFIG_SERIAL_IFX_ASC is not set
# CONFIG_SERIAL_IFX_USIF_UART is not set
CONFIG_UNIX98_PTYS=y
# CONFIG_DEVPTS_MULTIPLE_INSTANCES is not set
CONFIG_LEGACY_PTYS=y
CONFIG_LEGACY_PTY_COUNT=256
# CONFIG_IPMI_HANDLER is not set
# CONFIG_HW_RANDOM is not set
# CONFIG_R3964 is not set
# CONFIG_APPLICOM is not set
# CONFIG_RAW_DRIVER is not set
CONFIG_TCG_TPM=y
# CONFIG_TCG_NSC is not set
# CONFIG_TCG_ATMEL is not set
CONFIG_DEVPORT=y
CONFIG_TFFS=y
CONFIG_TFFS_ENV=y
# CONFIG_TFFS_CRYPT is not set
CONFIG_TFFS_MTD_DEVICE_0=3
CONFIG_TFFS_MTD_DEVICE_1=4
CONFIG_TFFS_PANIC_LOG=y
CONFIG_TFFS_PANIC_LOG_ID=96
CONFIG_AVM_NET_TRACE=y
CONFIG_AVM_POWER=y
CONFIG_AVM_POWERMETER=y
CONFIG_AVM_DECT_IO=m
CONFIG_AVM_DECT_SYNC=-1
CONFIG_AVM_SAMMEL=y
CONFIG_AVM_EVENT=y
# CONFIG_AVM_PUSH_BUTTON is not set
# CONFIG_AVM_PUSH_BUTTON2 is not set
# CONFIG_AVM_PUSH_BUTTON3 is not set
# CONFIG_AVM_PUSH_BUTTON4 is not set
# CONFIG_AVM_PUSH_BUTTON5 is not set
# CONFIG_AVM_AUDIO is not set
CONFIG_AVM_WATCHDOG=y
CONFIG_AVM_LED_EVENTS=m
CONFIG_AVM_DEBUG=y
CONFIG_AVM_FLASH_UPDATE=m
# CONFIG_AVM_PIGLET is not set
CONFIG_AVM_PIGLET_NOEMIF=m
CONFIG_AVM_PIGLET_DECT=y
CONFIG_UBIK2=m
CONFIG_UBIK2_DEVELOPMENT_SUPPORT=0
CONFIG_UBIK2_MSEC_PER_IRQ=4
CONFIG_IFX_PMCU=y
# CONFIG_IFX_CPUFREQ is not set
CONFIG_IFX_PMU=y
CONFIG_IFX_PMU_POWER_GATING=y
CONFIG_IFX_GPIO=y
CONFIG_IFX_RCU=y
# CONFIG_IFX_SI is not set
# CONFIG_IFX_LEDC is not set
CONFIG_IFX_WDT=y
CONFIG_DSL_MEI_CPE_DRV=y
# CONFIG_IFX_PMON is not set
# CONFIG_IFX_DCDC is not set
CONFIG_IFX_TS=y
CONFIG_I2C=y
CONFIG_I2C_BOARDINFO=y
CONFIG_I2C_COMPAT=y
CONFIG_I2C_CHARDEV=y
# CONFIG_I2C_HELPER_AUTO is not set
#
# I2C Algorithms
#
# CONFIG_I2C_ALGOBIT is not set
# CONFIG_I2C_ALGOPCF is not set
# CONFIG_I2C_ALGOPCA is not set
#
# I2C Hardware Bus support
#
#
# PC SMBus host controller drivers
#
# CONFIG_I2C_ALI1535 is not set
# CONFIG_I2C_ALI1563 is not set
# CONFIG_I2C_ALI15X3 is not set
# CONFIG_I2C_AMD756 is not set
# CONFIG_I2C_AMD8111 is not set
# CONFIG_I2C_I801 is not set
# CONFIG_I2C_ISCH is not set
# CONFIG_I2C_PIIX4 is not set
# CONFIG_I2C_NFORCE2 is not set
# CONFIG_I2C_SIS5595 is not set
# CONFIG_I2C_SIS630 is not set
# CONFIG_I2C_SIS96X is not set
# CONFIG_I2C_VIA is not set
# CONFIG_I2C_VIAPRO is not set
#
# I2C system bus drivers (mostly embedded / system-on-chip)
#
# CONFIG_I2C_OCORES is not set
# CONFIG_I2C_SIMTEC is not set
#
# External I2C/SMBus adapter drivers
#
# CONFIG_I2C_PARPORT_LIGHT is not set
# CONFIG_I2C_TAOS_EVM is not set
# CONFIG_I2C_TINY_USB is not set
#
# Graphics adapter I2C/DDC channel drivers
#
# CONFIG_I2C_VOODOO3 is not set
#
# Other I2C/SMBus bus drivers
#
# CONFIG_I2C_PCA_PLATFORM is not set
# CONFIG_I2C_STUB is not set
#
# Miscellaneous I2C Chip support
#
# CONFIG_DS1682 is not set
# CONFIG_SENSORS_TSL2550 is not set
# CONFIG_I2C_DEBUG_CORE is not set
# CONFIG_I2C_DEBUG_ALGO is not set
# CONFIG_I2C_DEBUG_BUS is not set
# CONFIG_I2C_DEBUG_CHIP is not set
CONFIG_SPI=y
# CONFIG_SPI_DEBUG is not set
CONFIG_SPI_MASTER=y
#
# SPI Master Controller Drivers
#
CONFIG_SPI_BITBANG=y
CONFIG_IFX_SPI=y
# CONFIG_IFX_SPI_DEBUG is not set
# CONFIG_IFX_SPI_ASYNCHRONOUS is not set
CONFIG_IFX_SPI_FLASH=y
# CONFIG_IFX_SPI_AT45_FLASH is not set
# CONFIG_IFX_USIF_SPI is not set
#
# SPI Protocol Masters
#
# CONFIG_SPI_SPIDEV is not set
# CONFIG_SPI_TLE62X0 is not set
#
# PPS support
#
# CONFIG_PPS is not set
# CONFIG_W1 is not set
# CONFIG_POWER_SUPPLY is not set
# CONFIG_HWMON is not set
# CONFIG_THERMAL is not set
# CONFIG_WATCHDOG is not set
CONFIG_SSB_POSSIBLE=y
#
# Sonics Silicon Backplane
#
CONFIG_SSB=m
CONFIG_SSB_SPROM=y
CONFIG_SSB_PCIHOST_POSSIBLE=y
CONFIG_SSB_PCIHOST=y
# CONFIG_SSB_B43_PCI_BRIDGE is not set
# CONFIG_SSB_SILENT is not set
# CONFIG_SSB_DEBUG is not set
CONFIG_SSB_DRIVER_PCICORE_POSSIBLE=y
# CONFIG_SSB_DRIVER_PCICORE is not set
# CONFIG_SSB_DRIVER_MIPS is not set
#
# Multifunction device drivers
#
# CONFIG_MFD_CORE is not set
# CONFIG_MFD_SM501 is not set
# CONFIG_HTC_PASIC3 is not set
# CONFIG_TWL4030_CORE is not set
# CONFIG_MFD_TMIO is not set
# CONFIG_PMIC_DA903X is not set
# CONFIG_MFD_WM8400 is not set
# CONFIG_MFD_WM831X is not set
# CONFIG_MFD_WM8350_I2C is not set
# CONFIG_MFD_PCF50633 is not set
# CONFIG_MFD_MC13783 is not set
# CONFIG_AB3100_CORE is not set
# CONFIG_EZX_PCAP is not set
# CONFIG_REGULATOR is not set
# CONFIG_MEDIA_SUPPORT is not set
#
# Graphics support
#
# CONFIG_VGA_ARB is not set
# CONFIG_DRM is not set
# CONFIG_VGASTATE is not set
# CONFIG_VIDEO_OUTPUT_CONTROL is not set
# CONFIG_FB is not set
# CONFIG_BACKLIGHT_LCD_SUPPORT is not set
#
# Display device support
#
# CONFIG_DISPLAY_SUPPORT is not set
#
# Console display driver support
#
# CONFIG_VGA_CONSOLE is not set
CONFIG_DUMMY_CONSOLE=y
# CONFIG_SOUND is not set
# CONFIG_HID_SUPPORT is not set
CONFIG_USB_SUPPORT=y
CONFIG_USB_ARCH_HAS_HCD=y
CONFIG_USB_ARCH_HAS_OHCI=y
CONFIG_USB_ARCH_HAS_EHCI=y
CONFIG_USB=m
# CONFIG_USB_DEBUG is not set
# CONFIG_USB_ANNOUNCE_NEW_DEVICES is not set
#
# Miscellaneous USB options
#
CONFIG_USB_DEVICEFS=y
# CONFIG_USB_DEVICE_CLASS is not set
# CONFIG_USB_DYNAMIC_MINORS is not set
# CONFIG_USB_OTG is not set
# CONFIG_USB_OTG_WHITELIST is not set
# CONFIG_USB_OTG_BLACKLIST_HUB is not set
CONFIG_USB_MON=m
# CONFIG_USB_WUSB is not set
# CONFIG_USB_WUSB_CBAF is not set
#
# USB Host Controller Drivers
#
# CONFIG_USB_C67X00_HCD is not set
CONFIG_USB_XHCI_HCD=m
# CONFIG_USB_XHCI_HCD_DEBUGGING is not set
# CONFIG_USB_EHCI_HCD is not set
# CONFIG_USB_OXU210HP_HCD is not set
# CONFIG_USB_ISP116X_HCD is not set
# CONFIG_USB_ISP1760_HCD is not set
# CONFIG_USB_ISP1362_HCD is not set
# CONFIG_USB_OHCI_HCD is not set
# CONFIG_USB_UHCI_HCD is not set
# CONFIG_USB_SL811_HCD is not set
# CONFIG_USB_R8A66597_HCD is not set
# CONFIG_USB_WHCI_HCD is not set
# CONFIG_USB_HWA_HCD is not set
CONFIG_USB_HOST_IFX=m
CONFIG_USB_HOST_IFX_B=y
# CONFIG_USB_HOST_IFX_1 is not set
# CONFIG_USB_HOST_IFX_2 is not set
# CONFIG_USB_HOST_IFX_FORCE_USB11 is not set
# CONFIG_USB_HOST_IFX_WITH_HS_ELECT_TST is not set
# CONFIG_USB_HOST_IFX_WITH_ISO is not set
CONFIG_USB_HOST_IFX_UNALIGNED_ADJ=y
# CONFIG_USB_HOST_IFX_UNALIGNED_CHK is not set
# CONFIG_USB_HOST_IFX_UNALIGNED_NONE is not set
CONFIG_USB_HOST_IFX_AVM_YIELD=y
#
# USB Device Class drivers
#
CONFIG_USB_ACM=m
CONFIG_USB_PRINTER=m
# CONFIG_USB_WDM is not set
# CONFIG_USB_TMC is not set
#
# NOTE: USB_STORAGE depends on SCSI but BLK_DEV_SD may
#
#
# also be needed; see USB_STORAGE Help for more info
#
CONFIG_USB_STORAGE=m
# CONFIG_USB_STORAGE_DEBUG is not set
# CONFIG_USB_STORAGE_DATAFAB is not set
# CONFIG_USB_STORAGE_FREECOM is not set
# CONFIG_USB_STORAGE_ISD200 is not set
# CONFIG_USB_STORAGE_USBAT is not set
# CONFIG_USB_STORAGE_SDDR09 is not set
# CONFIG_USB_STORAGE_SDDR55 is not set
# CONFIG_USB_STORAGE_JUMPSHOT is not set
# CONFIG_USB_STORAGE_ALAUDA is not set
# CONFIG_USB_STORAGE_ONETOUCH is not set
# CONFIG_USB_STORAGE_KARMA is not set
# CONFIG_USB_STORAGE_CYPRESS_ATACB is not set
# CONFIG_USB_LIBUSUAL is not set
#
# USB Imaging devices
#
# CONFIG_USB_MDC800 is not set
# CONFIG_USB_MICROTEK is not set
#
# USB port drivers
#
CONFIG_USB_SERIAL=m
# CONFIG_USB_EZUSB is not set
# CONFIG_USB_SERIAL_GENERIC is not set
# CONFIG_USB_SERIAL_AIRCABLE is not set
# CONFIG_USB_SERIAL_ARK3116 is not set
# CONFIG_USB_SERIAL_BELKIN is not set
# CONFIG_USB_SERIAL_CH341 is not set
# CONFIG_USB_SERIAL_WHITEHEAT is not set
# CONFIG_USB_SERIAL_DIGI_ACCELEPORT is not set
CONFIG_USB_SERIAL_CP210X=m
# CONFIG_USB_SERIAL_CYPRESS_M8 is not set
# CONFIG_USB_SERIAL_EMPEG is not set
CONFIG_USB_SERIAL_FTDI_SIO=m
# CONFIG_USB_SERIAL_FUNSOFT is not set
# CONFIG_USB_SERIAL_VISOR is not set
CONFIG_USB_SERIAL_IPAQ=m
# CONFIG_USB_SERIAL_IR is not set
# CONFIG_USB_SERIAL_EDGEPORT is not set
# CONFIG_USB_SERIAL_EDGEPORT_TI is not set
# CONFIG_USB_SERIAL_GARMIN is not set
# CONFIG_USB_SERIAL_IPW is not set
# CONFIG_USB_SERIAL_IUU is not set
# CONFIG_USB_SERIAL_KEYSPAN_PDA is not set
# CONFIG_USB_SERIAL_KEYSPAN is not set
# CONFIG_USB_SERIAL_KLSI is not set
# CONFIG_USB_SERIAL_KOBIL_SCT is not set
# CONFIG_USB_SERIAL_MCT_U232 is not set
# CONFIG_USB_SERIAL_MOS7720 is not set
# CONFIG_USB_SERIAL_MOS7840 is not set
# CONFIG_USB_SERIAL_MOTOROLA is not set
# CONFIG_USB_SERIAL_NAVMAN is not set
CONFIG_USB_SERIAL_PL2303=m
# CONFIG_USB_SERIAL_OTI6858 is not set
# CONFIG_USB_SERIAL_QUALCOMM is not set
# CONFIG_USB_SERIAL_SPCP8X5 is not set
# CONFIG_USB_SERIAL_HP4X is not set
# CONFIG_USB_SERIAL_SAFE is not set
# CONFIG_USB_SERIAL_SIEMENS_MPI is not set
# CONFIG_USB_SERIAL_SIERRAWIRELESS is not set
# CONFIG_USB_SERIAL_SYMBOL is not set
# CONFIG_USB_SERIAL_TI is not set
# CONFIG_USB_SERIAL_CYBERJACK is not set
# CONFIG_USB_SERIAL_XIRCOM is not set
CONFIG_USB_SERIAL_OPTION=m
# CONFIG_USB_SERIAL_OMNINET is not set
# CONFIG_USB_SERIAL_OPTICON is not set
# CONFIG_USB_SERIAL_DEBUG is not set
#
# USB Miscellaneous drivers
#
# CONFIG_USB_EMI62 is not set
# CONFIG_USB_EMI26 is not set
# CONFIG_USB_ADUTUX is not set
# CONFIG_USB_SEVSEG is not set
# CONFIG_USB_RIO500 is not set
# CONFIG_USB_LEGOTOWER is not set
# CONFIG_USB_LCD is not set
# CONFIG_USB_BERRY_CHARGE is not set
# CONFIG_USB_LED is not set
# CONFIG_USB_CYPRESS_CY7C63 is not set
# CONFIG_USB_CYTHERM is not set
# CONFIG_USB_IDMOUSE is not set
# CONFIG_USB_FTDI_ELAN is not set
# CONFIG_USB_APPLEDISPLAY is not set
# CONFIG_USB_LD is not set
# CONFIG_USB_TRANCEVIBRATOR is not set
# CONFIG_USB_IOWARRIOR is not set
# CONFIG_USB_TEST is not set
# CONFIG_USB_ISIGHTFW is not set
# CONFIG_USB_VST is not set
# CONFIG_USB_ATM is not set
# CONFIG_USB_GADGET is not set
#
# OTG and related infrastructure
#
# CONFIG_NOP_USB_XCEIV is not set
# CONFIG_UWB is not set
# CONFIG_MMC is not set
# CONFIG_MEMSTICK is not set
CONFIG_NEW_LEDS=y
# CONFIG_LEDS_CLASS is not set
#
# LED drivers
#
#
# LED Triggers
#
# CONFIG_LEDS_TRIGGERS is not set
# CONFIG_ACCESSIBILITY is not set
# CONFIG_INFINIBAND is not set
CONFIG_RTC_LIB=y
CONFIG_RTC_CLASS=y
# CONFIG_RTC_HCTOSYS is not set
# CONFIG_RTC_DEBUG is not set
#
# RTC interfaces
#
CONFIG_RTC_INTF_SYSFS=y
CONFIG_RTC_INTF_PROC=y
CONFIG_RTC_INTF_DEV=y
# CONFIG_RTC_INTF_DEV_UIE_EMUL is not set
# CONFIG_RTC_DRV_TEST is not set
#
# I2C RTC drivers
#
# CONFIG_RTC_DRV_DS1307 is not set
# CONFIG_RTC_DRV_DS1374 is not set
# CONFIG_RTC_DRV_DS1672 is not set
# CONFIG_RTC_DRV_MAX6900 is not set
# CONFIG_RTC_DRV_RS5C372 is not set
# CONFIG_RTC_DRV_ISL1208 is not set
# CONFIG_RTC_DRV_X1205 is not set
# CONFIG_RTC_DRV_PCF8563 is not set
# CONFIG_RTC_DRV_PCF8583 is not set
# CONFIG_RTC_DRV_M41T80 is not set
# CONFIG_RTC_DRV_S35390A is not set
# CONFIG_RTC_DRV_FM3130 is not set
# CONFIG_RTC_DRV_RX8581 is not set
# CONFIG_RTC_DRV_RX8025 is not set
#
# SPI RTC drivers
#
# CONFIG_RTC_DRV_M41T94 is not set
# CONFIG_RTC_DRV_DS1305 is not set
# CONFIG_RTC_DRV_DS1390 is not set
# CONFIG_RTC_DRV_MAX6902 is not set
# CONFIG_RTC_DRV_R9701 is not set
# CONFIG_RTC_DRV_RS5C348 is not set
# CONFIG_RTC_DRV_DS3234 is not set
# CONFIG_RTC_DRV_PCF2123 is not set
#
# Platform RTC drivers
#
# CONFIG_RTC_DRV_CMOS is not set
# CONFIG_RTC_DRV_DS1286 is not set
# CONFIG_RTC_DRV_DS1511 is not set
# CONFIG_RTC_DRV_DS1553 is not set
# CONFIG_RTC_DRV_DS1742 is not set
# CONFIG_RTC_DRV_STK17TA8 is not set
# CONFIG_RTC_DRV_M48T86 is not set
# CONFIG_RTC_DRV_M48T35 is not set
# CONFIG_RTC_DRV_M48T59 is not set
# CONFIG_RTC_DRV_BQ4802 is not set
# CONFIG_RTC_DRV_V3020 is not set
# CONFIG_RTC_DRV_RTC7301 is not set
#
# on-CPU RTC drivers
#
CONFIG_RTC_DRV_AVM_REF_CLOCK=m
# CONFIG_DMADEVICES is not set
# CONFIG_AUXDISPLAY is not set
# CONFIG_UIO is not set
#
# TI VLYNQ
#
CONFIG_STAGING=y
# CONFIG_STAGING_EXCLUDE_BUILD is not set
# CONFIG_ET131X is not set
CONFIG_USB_IP_COMMON=m
CONFIG_USB_IP_VHCI_HCD=m
CONFIG_USB_IP_HOST=m
# CONFIG_ECHO is not set
# CONFIG_COMEDI is not set
# CONFIG_ASUS_OLED is not set
# CONFIG_ALTERA_PCIE_CHDMA is not set
# CONFIG_TRANZPORT is not set
#
# Android
#
#
# Qualcomm MSM Camera And Video
#
#
# Camera Sensor Selection
#
# CONFIG_INPUT_GPIO is not set
# CONFIG_DST is not set
# CONFIG_POHMELFS is not set
# CONFIG_B3DFG is not set
# CONFIG_PLAN9AUTH is not set
# CONFIG_USB_SERIAL_QUATECH2 is not set
# CONFIG_USB_SERIAL_QUATECH_USB2 is not set
# CONFIG_VT6655 is not set
# CONFIG_VT6656 is not set
# CONFIG_VME_BUS is not set
#
# RAR Register Driver
#
# CONFIG_RAR_REGISTER is not set
# CONFIG_IIO is not set
#
# AVM UR8 DSL support
#
#
# File systems
#
CONFIG_EXT2_FS=y
CONFIG_EXT2_FS_XATTR=y
CONFIG_EXT2_FS_POSIX_ACL=y
CONFIG_EXT2_FS_SECURITY=y
# CONFIG_EXT2_FS_XIP is not set
CONFIG_EXT3_FS=y
# CONFIG_EXT3_DEFAULTS_TO_ORDERED is not set
CONFIG_EXT3_FS_XATTR=y
CONFIG_EXT3_FS_POSIX_ACL=y
CONFIG_EXT3_FS_SECURITY=y
CONFIG_EXT4_FS=y
CONFIG_EXT4_FS_XATTR=y
CONFIG_EXT4_FS_POSIX_ACL=y
CONFIG_EXT4_FS_SECURITY=y
# CONFIG_EXT4_DEBUG is not set
CONFIG_JBD=y
CONFIG_JBD2=y
CONFIG_FS_MBCACHE=y
CONFIG_REISERFS_FS=m
# CONFIG_REISERFS_CHECK is not set
# CONFIG_REISERFS_PROC_INFO is not set
# CONFIG_REISERFS_FS_XATTR is not set
# CONFIG_JFS_FS is not set
CONFIG_FS_POSIX_ACL=y
# CONFIG_XFS_FS is not set
# CONFIG_GFS2_FS is not set
# CONFIG_OCFS2_FS is not set
# CONFIG_BTRFS_FS is not set
# CONFIG_NILFS2_FS is not set
CONFIG_YAFFS_FS=y
CONFIG_YAFFS_YAFFS1=y
# CONFIG_YAFFS_9BYTE_TAGS is not set
# CONFIG_YAFFS_DOES_ECC is not set
CONFIG_YAFFS_YAFFS2=y
CONFIG_YAFFS_AUTO_YAFFS2=y
CONFIG_YAFFS_DISABLE_TAGS_ECC=y
# CONFIG_YAFFS_ALWAYS_CHECK_CHUNK_ERASED is not set
CONFIG_YAFFS_EMPTY_LOST_AND_FOUND=y
# CONFIG_YAFFS_DISABLE_BLOCK_REFRESHING is not set
# CONFIG_YAFFS_DISABLE_BACKGROUND is not set
CONFIG_YAFFS_XATTR=y
CONFIG_FILE_LOCKING=y
CONFIG_FSNOTIFY=y
# CONFIG_DNOTIFY is not set
CONFIG_INOTIFY=y
CONFIG_INOTIFY_USER=y
# CONFIG_QUOTA is not set
# CONFIG_AUTOFS_FS is not set
CONFIG_AUTOFS4_FS=m
CONFIG_FUSE_FS=y
# CONFIG_CUSE is not set
#
# Caches
#
# CONFIG_FSCACHE is not set
#
# CD-ROM/DVD Filesystems
#
# CONFIG_ISO9660_FS is not set
# CONFIG_UDF_FS is not set
#
# DOS/FAT/NT Filesystems
#
CONFIG_FAT_FS=m
CONFIG_MSDOS_FS=m
CONFIG_VFAT_FS=m
CONFIG_FAT_DEFAULT_CODEPAGE=437
CONFIG_FAT_DEFAULT_IOCHARSET="iso8859-1"
# CONFIG_NTFS_FS is not set
#
# Pseudo filesystems
#
CONFIG_PROC_FS=y
# CONFIG_PROC_KCORE is not set
CONFIG_PROC_SYSCTL=y
CONFIG_PROC_PAGE_MONITOR=y
CONFIG_SYSFS=y
CONFIG_TMPFS=y
# CONFIG_TMPFS_POSIX_ACL is not set
# CONFIG_HUGETLB_PAGE is not set
CONFIG_CONFIGFS_FS=y
CONFIG_MISC_FILESYSTEMS=y
# CONFIG_ADFS_FS is not set
# CONFIG_AFFS_FS is not set
# CONFIG_ECRYPT_FS is not set
CONFIG_HFS_FS=m
CONFIG_HFSPLUS_FS=m
# CONFIG_BEFS_FS is not set
# CONFIG_BFS_FS is not set
# CONFIG_EFS_FS is not set
CONFIG_JFFS2_FS=m
CONFIG_JFFS2_FS_DEBUG=0
CONFIG_JFFS2_FS_WRITEBUFFER=y
# CONFIG_JFFS2_FS_WBUF_VERIFY is not set
# CONFIG_JFFS2_SUMMARY is not set
# CONFIG_JFFS2_FS_XATTR is not set
CONFIG_JFFS2_COMPRESSION_OPTIONS=y
CONFIG_JFFS2_ZLIB=y
# CONFIG_JFFS2_LZO is not set
# CONFIG_JFFS2_LZMA is not set
CONFIG_JFFS2_RTIME=y
# CONFIG_JFFS2_RUBIN is not set
# CONFIG_JFFS2_CMODE_NONE is not set
CONFIG_JFFS2_CMODE_PRIORITY=y
# CONFIG_JFFS2_CMODE_SIZE is not set
# CONFIG_JFFS2_CMODE_FAVOURLZO is not set
# CONFIG_CRAMFS is not set
CONFIG_SQUASHFS=y
CONFIG_SQUASHFS_EMBEDDED=y
CONFIG_SQUASHFS_FRAGMENT_CACHE_SIZE=3
# CONFIG_VXFS_FS is not set
CONFIG_MINI_FO=m
# CONFIG_MINIX_FS is not set
# CONFIG_OMFS_FS is not set
# CONFIG_HPFS_FS is not set
# CONFIG_QNX4FS_FS is not set
# CONFIG_ROMFS_FS is not set
# CONFIG_SYSV_FS is not set
# CONFIG_UFS_FS is not set
CONFIG_NETWORK_FILESYSTEMS=y
CONFIG_NFS_FS=y
CONFIG_NFS_V3=y
# CONFIG_NFS_V3_ACL is not set
# CONFIG_NFS_V4 is not set
CONFIG_ROOT_NFS=y
CONFIG_NFSD=m
CONFIG_NFSD_V3=y
# CONFIG_NFSD_V3_ACL is not set
# CONFIG_NFSD_V4 is not set
CONFIG_LOCKD=y
CONFIG_LOCKD_V4=y
CONFIG_EXPORTFS=m
CONFIG_NFS_COMMON=y
CONFIG_SUNRPC=y
# CONFIG_RPCSEC_GSS_KRB5 is not set
# CONFIG_RPCSEC_GSS_SPKM3 is not set
# CONFIG_SMB_FS is not set
CONFIG_CIFS=m
CONFIG_CIFS_STATS=y
# CONFIG_CIFS_STATS2 is not set
# CONFIG_CIFS_WEAK_PW_HASH is not set
# CONFIG_CIFS_UPCALL is not set
# CONFIG_CIFS_XATTR is not set
# CONFIG_CIFS_DEBUG2 is not set
# CONFIG_CIFS_DFS_UPCALL is not set
# CONFIG_CIFS_EXPERIMENTAL is not set
# CONFIG_NCP_FS is not set
CONFIG_CODA_FS=m
# CONFIG_AFS_FS is not set
#
# Partition Types
#
CONFIG_PARTITION_ADVANCED=y
# CONFIG_ACORN_PARTITION is not set
# CONFIG_OSF_PARTITION is not set
# CONFIG_AMIGA_PARTITION is not set
# CONFIG_ATARI_PARTITION is not set
# CONFIG_MAC_PARTITION is not set
CONFIG_MSDOS_PARTITION=y
# CONFIG_BSD_DISKLABEL is not set
# CONFIG_MINIX_SUBPARTITION is not set
# CONFIG_SOLARIS_X86_PARTITION is not set
# CONFIG_UNIXWARE_DISKLABEL is not set
CONFIG_LDM_PARTITION=y
CONFIG_LDM_DEBUG=y
# CONFIG_SGI_PARTITION is not set
# CONFIG_ULTRIX_PARTITION is not set
# CONFIG_SUN_PARTITION is not set
# CONFIG_KARMA_PARTITION is not set
CONFIG_EFI_PARTITION=y
# CONFIG_SYSV68_PARTITION is not set
CONFIG_NLS=y
CONFIG_NLS_DEFAULT="iso8859-1"
CONFIG_NLS_CODEPAGE_437=m
# CONFIG_NLS_CODEPAGE_737 is not set
# CONFIG_NLS_CODEPAGE_775 is not set
CONFIG_NLS_CODEPAGE_850=m
# CONFIG_NLS_CODEPAGE_852 is not set
# CONFIG_NLS_CODEPAGE_855 is not set
# CONFIG_NLS_CODEPAGE_857 is not set
# CONFIG_NLS_CODEPAGE_860 is not set
# CONFIG_NLS_CODEPAGE_861 is not set
# CONFIG_NLS_CODEPAGE_862 is not set
# CONFIG_NLS_CODEPAGE_863 is not set
# CONFIG_NLS_CODEPAGE_864 is not set
# CONFIG_NLS_CODEPAGE_865 is not set
# CONFIG_NLS_CODEPAGE_866 is not set
# CONFIG_NLS_CODEPAGE_869 is not set
# CONFIG_NLS_CODEPAGE_936 is not set
# CONFIG_NLS_CODEPAGE_950 is not set
# CONFIG_NLS_CODEPAGE_932 is not set
# CONFIG_NLS_CODEPAGE_949 is not set
# CONFIG_NLS_CODEPAGE_874 is not set
# CONFIG_NLS_ISO8859_8 is not set
# CONFIG_NLS_CODEPAGE_1250 is not set
# CONFIG_NLS_CODEPAGE_1251 is not set
CONFIG_NLS_ASCII=m
CONFIG_NLS_ISO8859_1=m
# CONFIG_NLS_ISO8859_2 is not set
# CONFIG_NLS_ISO8859_3 is not set
# CONFIG_NLS_ISO8859_4 is not set
# CONFIG_NLS_ISO8859_5 is not set
# CONFIG_NLS_ISO8859_6 is not set
# CONFIG_NLS_ISO8859_7 is not set
# CONFIG_NLS_ISO8859_9 is not set
# CONFIG_NLS_ISO8859_13 is not set
# CONFIG_NLS_ISO8859_14 is not set
CONFIG_NLS_ISO8859_15=m
# CONFIG_NLS_KOI8_R is not set
# CONFIG_NLS_KOI8_U is not set
CONFIG_NLS_UTF8=y
# CONFIG_DLM is not set
#
# Kernel hacking
#
CONFIG_TRACE_IRQFLAGS_SUPPORT=y
CONFIG_PRINTK_TIME=y
CONFIG_ENABLE_WARN_DEPRECATED=y
CONFIG_ENABLE_MUST_CHECK=y
CONFIG_FRAME_WARN=1024
CONFIG_MAGIC_SYSRQ=y
# CONFIG_STRIP_ASM_SYMS is not set
CONFIG_UNUSED_SYMBOLS=y
# CONFIG_DEBUG_FS is not set
# CONFIG_HEADERS_CHECK is not set
CONFIG_DEBUG_KERNEL=y
# CONFIG_DEBUG_SHIRQ is not set
CONFIG_DETECT_SOFTLOCKUP=y
CONFIG_BOOTPARAM_SOFTLOCKUP_PANIC=y
CONFIG_BOOTPARAM_SOFTLOCKUP_PANIC_VALUE=1
# CONFIG_DETECT_HUNG_TASK is not set
# CONFIG_SCHED_DEBUG is not set
# CONFIG_SCHEDSTATS is not set
# CONFIG_TIMER_STATS is not set
# CONFIG_DEBUG_OBJECTS is not set
# CONFIG_DEBUG_SLAB is not set
CONFIG_DEBUG_SLAB_DOUBLE_FREE=y
# CONFIG_DEBUG_RT_MUTEXES is not set
# CONFIG_RT_MUTEX_TESTER is not set
CONFIG_DEBUG_SPINLOCK=y
# CONFIG_DEBUG_MUTEXES is not set
# CONFIG_DEBUG_LOCK_ALLOC is not set
# CONFIG_PROVE_LOCKING is not set
# CONFIG_LOCK_STAT is not set
# CONFIG_DEBUG_SPINLOCK_SLEEP is not set
# CONFIG_DEBUG_LOCKING_API_SELFTESTS is not set
# CONFIG_DEBUG_KOBJECT is not set
CONFIG_DEBUG_INFO=y
# CONFIG_DEBUG_VM is not set
# CONFIG_DEBUG_WRITECOUNT is not set
# CONFIG_DEBUG_MEMORY_INIT is not set
# CONFIG_DEBUG_LIST is not set
# CONFIG_DEBUG_SG is not set
# CONFIG_DEBUG_NOTIFIERS is not set
# CONFIG_DEBUG_CREDENTIALS is not set
# CONFIG_BOOT_PRINTK_DELAY is not set
# CONFIG_RCU_TORTURE_TEST is not set
# CONFIG_RCU_CPU_STALL_DETECTOR is not set
# CONFIG_BACKTRACE_SELF_TEST is not set
# CONFIG_DEBUG_BLOCK_EXT_DEVT is not set
# CONFIG_DEBUG_FORCE_WEAK_PER_CPU is not set
# CONFIG_FAULT_INJECTION is not set
# CONFIG_SYSCTL_SYSCALL_CHECK is not set
# CONFIG_PAGE_POISONING is not set
CONFIG_HAVE_FUNCTION_TRACER=y
CONFIG_HAVE_FUNCTION_GRAPH_TRACER=y
CONFIG_HAVE_FUNCTION_TRACE_MCOUNT_TEST=y
CONFIG_HAVE_DYNAMIC_FTRACE=y
CONFIG_HAVE_FTRACE_MCOUNT_RECORD=y
CONFIG_TRACING_SUPPORT=y
# CONFIG_FTRACE is not set
# CONFIG_SAMPLES is not set
CONFIG_HAVE_ARCH_KGDB=y
# CONFIG_KGDB is not set
CONFIG_CMDLINE=""
# CONFIG_DEBUG_STACK_USAGE is not set
# CONFIG_SMTC_IDLE_HOOK_DEBUG is not set
# CONFIG_RUNTIME_DEBUG is not set
CONFIG_BDI_SWITCH=y
#
# Security options
#
CONFIG_KEYS=y
# CONFIG_KEYS_DEBUG_PROC_KEYS is not set
CONFIG_SECURITY=y
CONFIG_SECURITYFS=y
CONFIG_SECURITY_NETWORK=y
# CONFIG_SECURITY_PATH is not set
# CONFIG_SECURITY_FILE_CAPABILITIES is not set
# CONFIG_SECURITY_TOMOYO is not set
CONFIG_CRYPTO=y
#
# Crypto core or helper
#
CONFIG_CRYPTO_ALGAPI=m
CONFIG_CRYPTO_ALGAPI2=m
# CONFIG_CRYPTO_AEAD is not set
CONFIG_CRYPTO_AEAD2=m
CONFIG_CRYPTO_BLKCIPHER=m
CONFIG_CRYPTO_BLKCIPHER2=m
CONFIG_CRYPTO_HASH=m
CONFIG_CRYPTO_HASH2=m
CONFIG_CRYPTO_RNG=m
CONFIG_CRYPTO_RNG2=m
CONFIG_CRYPTO_PCOMP=m
CONFIG_CRYPTO_MANAGER=m
CONFIG_CRYPTO_MANAGER2=m
# CONFIG_CRYPTO_MANAGER_NO_TESTS is not set
# CONFIG_CRYPTO_GF128MUL is not set
# CONFIG_CRYPTO_NULL is not set
CONFIG_CRYPTO_WORKQUEUE=m
# CONFIG_CRYPTO_CRYPTD is not set
# CONFIG_CRYPTO_AUTHENC is not set
# CONFIG_CRYPTO_TEST is not set
#
# Authenticated Encryption with Associated Data
#
# CONFIG_CRYPTO_CCM is not set
# CONFIG_CRYPTO_GCM is not set
# CONFIG_CRYPTO_SEQIV is not set
#
# Block modes
#
CONFIG_CRYPTO_CBC=m
# CONFIG_CRYPTO_CTR is not set
# CONFIG_CRYPTO_CTS is not set
CONFIG_CRYPTO_ECB=m
# CONFIG_CRYPTO_LRW is not set
# CONFIG_CRYPTO_PCBC is not set
# CONFIG_CRYPTO_XTS is not set
#
# Hash modes
#
# CONFIG_CRYPTO_HMAC is not set
# CONFIG_CRYPTO_XCBC is not set
# CONFIG_CRYPTO_VMAC is not set
#
# Digest
#
CONFIG_CRYPTO_CRC32C=m
# CONFIG_CRYPTO_GHASH is not set
# CONFIG_CRYPTO_MD4 is not set
# CONFIG_CRYPTO_MD5 is not set
# CONFIG_CRYPTO_MICHAEL_MIC is not set
# CONFIG_CRYPTO_RMD128 is not set
# CONFIG_CRYPTO_RMD160 is not set
# CONFIG_CRYPTO_RMD256 is not set
# CONFIG_CRYPTO_RMD320 is not set
CONFIG_CRYPTO_SHA1=m
CONFIG_CRYPTO_SHA256=m
# CONFIG_CRYPTO_SHA512 is not set
# CONFIG_CRYPTO_TGR192 is not set
# CONFIG_CRYPTO_WP512 is not set
#
# Ciphers
#
CONFIG_CRYPTO_AES=m
# CONFIG_CRYPTO_ANUBIS is not set
CONFIG_CRYPTO_ARC4=m
# CONFIG_CRYPTO_BLOWFISH is not set
# CONFIG_CRYPTO_CAMELLIA is not set
# CONFIG_CRYPTO_CAST5 is not set
# CONFIG_CRYPTO_CAST6 is not set
# CONFIG_CRYPTO_DES is not set
# CONFIG_CRYPTO_FCRYPT is not set
# CONFIG_CRYPTO_KHAZAD is not set
# CONFIG_CRYPTO_SALSA20 is not set
# CONFIG_CRYPTO_SEED is not set
# CONFIG_CRYPTO_SERPENT is not set
# CONFIG_CRYPTO_TEA is not set
# CONFIG_CRYPTO_TWOFISH is not set
#
# Compression
#
# CONFIG_CRYPTO_DEFLATE is not set
# CONFIG_CRYPTO_ZLIB is not set
# CONFIG_CRYPTO_UNLZMA is not set
# CONFIG_CRYPTO_LZO is not set
#
# Random Number Generation
#
# CONFIG_CRYPTO_ANSI_CPRNG is not set
#
# OCF Configuration
#
# CONFIG_OCF_OCF is not set
# CONFIG_CRYPTO_HW is not set
# CONFIG_CRYPTO_DEV_DEU is not set
# CONFIG_BINARY_PRINTF is not set
#
# Library routines
#
CONFIG_BITREVERSE=y
CONFIG_GENERIC_FIND_LAST_BIT=y
CONFIG_CRC_CCITT=m
CONFIG_CRC16=y
# CONFIG_CRC_T10DIF is not set
CONFIG_CRC_ITU_T=m
CONFIG_CRC32=y
# CONFIG_CRC7 is not set
CONFIG_LIBCRC32C=m
CONFIG_ZLIB_INFLATE=y
CONFIG_ZLIB_DEFLATE=y
CONFIG_LZO_COMPRESS=m
CONFIG_LZO_DECOMPRESS=m
CONFIG_TEXTSEARCH=y
CONFIG_TEXTSEARCH_KMP=m
CONFIG_TEXTSEARCH_BM=m
CONFIG_TEXTSEARCH_FSM=m
CONFIG_HAS_IOMEM=y
CONFIG_HAS_IOPORT=y
CONFIG_HAS_DMA=y
CONFIG_NLATTR=yIptables config.in:
Code:
if !FREETZ_KERNEL_VERSION_3_10_MIN
config FREETZ_PACKAGE_IPTABLES
bool "Iptables 1.4.11.1 (binary only)"
depends on FREETZ_PACKAGE_IPTABLES_IS_SELECTABLE
default n
help
Netfilter/iptables
Netfilter is the set of hooks within the Linux kernel for intercepting
and manipulating network packets. The best-known component on top of
netfilter is the firewall which filters packets, but the hooks are also
used by a component which performs network address translation, and by
another which provides ipchains backwards compatibility. These
components are usually Loadable Kernel Modules.
iptables is the name of the user space tool by which administrators
create rules for the packet filtering and NAT modules. While technically
iptables is merely the tool which controls the packet filtering and NAT
components within the kernel, the name iptables is often used to refer
to the entire infrastructure, including netfilter, connection tracking
and NAT, as well as the tool itself. iptables is a standard part of all
modern Linux distributions.
config FREETZ_PACKAGE_IPTABLES_IS_SELECTABLE
bool "Is Iptables selectable for your custom configuration?" if FREETZ_TYPE_CUSTOM
default y if \
FREETZ_REPLACE_MODULE_AVAILABLE && \
!FREETZ_TYPE_W501V && \
!FREETZ_TYPE_5140
default n
help
Select this if you are sure that Iptables should work on your box
config FREETZ_PACKAGE_IPTABLES_SAVE_RESTORE
bool "Iptables-save / iptables-restore"
depends on FREETZ_PACKAGE_IPTABLES
default n
help
iptables-save & iptables-restore
config FREETZ_PACKAGE_IPTABLES_XML
bool "Iptables-xml"
depends on FREETZ_PACKAGE_IPTABLES_SAVE_RESTORE
default n
help
Include iptables-xml to convert saved rules to xml.
config FREETZ_PACKAGE_IPTABLES_STATIC
bool "Build static binary"
depends on FREETZ_PACKAGE_IPTABLES
default n
help
Build a statically linked binary with all libraries compiled in
# Include here for a cleaner menu structure (list packages before modules/libs)
source make/iptables-cgi/Config.in
source make/nhipt/Config.in
source make/iptables/Config.in.modules
comment "CAUTION: Use of module ip_conntrack can lead to spontaneous reboots"
depends on FREETZ_PACKAGE_IPTABLES && \
FREETZ_MODULE_ip_conntrack && \
FREETZ_KERNEL_VERSION_2_6_13
config FREETZ_PACKAGE_IPTABLES_KERNEL_MODULES
bool "Iptables kernel modules"
depends on FREETZ_PACKAGE_IPTABLES
default n
help
Linux kernel modules for iptables
Please note that some kernel modules have corresponding shared libraries
and vice versa, so please make sure to select both of them, if they are
needed for your purpose.
menu "Select kernel modules (IPv4)"
depends on FREETZ_PACKAGE_IPTABLES_KERNEL_MODULES
config FREETZ_MODULE_ip_conntrack
bool "ip_conntrack.ko"
depends on FREETZ_KERNEL_VERSION_2_6_19_MAX
default n
help
Connection tracking keeps a record of what packets have passed
through your machine, in order to figure out how they are related
into connections.
This is required to do Masquerading or other kinds of Network
Address Translation (except for Fast NAT). It can also be used to
enhance packet filtering (see `Connection state match support'
below).
config FREETZ_MODULE_nf_conntrack
bool "nf_conntrack.ko"
depends on FREETZ_KERNEL_VERSION_2_6_28_MIN
default n
help
Connection tracking keeps a record of what packets have passed
through your machine, in order to figure out how they are related
into connections.
This is required to do Masquerading or other kinds of Network
Address Translation (except for Fast NAT). It can also be used to
enhance packet filtering (see `Connection state match support'
below).
config FREETZ_MODULE_ip_conntrack_ftp
bool "ip_conntrack_ftp.ko"
depends on FREETZ_KERNEL_VERSION_2_6_19_MAX
select FREETZ_MODULE_ip_conntrack
default n
help
Tracking FTP connections is problematic: special helpers are
required for tracking them, and doing masquerading and other forms
of Network Address Translation on them.
config FREETZ_MODULE_nf_conntrack_ftp
bool "nf_conntrack_ftp.ko"
depends on FREETZ_KERNEL_VERSION_2_6_28_MIN
select FREETZ_MODULE_nf_conntrack
default n
help
Tracking FTP connections is problematic: special helpers are
required for tracking them, and doing masquerading and other forms
of Network Address Translation on them.
config FREETZ_MODULE_ip_conntrack_h323
bool "ip_conntrack_h323.ko"
depends on FREETZ_KERNEL_VERSION_2_6_19
select FREETZ_MODULE_ip_conntrack
default n
help
H.323 is a VoIP signalling protocol from ITU-T. As one of the most
important VoIP protocols, it is widely used by voice hardware and
software including voice gateways, IP phones, Netmeeting, OpenPhone,
Gnomemeeting, etc.
With this module you can support H.323 on a connection tracking/NAT
firewall.
This module supports RAS, Fast Start, H.245 Tunnelling, Call
Forwarding, RTP/RTCP and T.120 based audio, video, fax, chat,
whiteboard, file transfer, etc. For more information, please
visit http://nath323.sourceforge.net/.
config FREETZ_MODULE_nf_conntrack_h323
bool "nf_conntrack_h323.ko"
depends on FREETZ_KERNEL_VERSION_2_6_28_MIN
select FREETZ_MODULE_nf_conntrack
default n
help
H.323 is a VoIP signalling protocol from ITU-T. As one of the most
important VoIP protocols, it is widely used by voice hardware and
software including voice gateways, IP phones, Netmeeting, OpenPhone,
Gnomemeeting, etc.
With this module you can support H.323 on a connection tracking/NAT
firewall.
This module supports RAS, Fast Start, H.245 Tunnelling, Call
Forwarding, RTP/RTCP and T.120 based audio, video, fax, chat,
whiteboard, file transfer, etc. For more information, please
visit http://nath323.sourceforge.net/.
config FREETZ_MODULE_ip_conntrack_irc
bool "ip_conntrack_irc.ko"
depends on FREETZ_KERNEL_VERSION_2_6_19_MAX
select FREETZ_MODULE_ip_conntrack
default n
help
There is a commonly-used extension to IRC called
Direct Client-to-Client Protocol (DCC). This enables users to send
files to each other, and also chat to each other without the need
of a server. DCC Sending is used anywhere you send files over IRC,
and DCC Chat is most commonly used by Eggdrop bots. If you are using
NAT, this extension will enable you to send files and initiate chats.
Note that you do NOT need this extension to get files or have others
initiate chats, or everything else in IRC.
config FREETZ_MODULE_nf_conntrack_irc
bool "nf_conntrack_irc.ko"
depends on FREETZ_KERNEL_VERSION_2_6_28_MIN
select FREETZ_MODULE_nf_conntrack
default n
help
There is a commonly-used extension to IRC called
Direct Client-to-Client Protocol (DCC). This enables users to send
files to each other, and also chat to each other without the need
of a server. DCC Sending is used anywhere you send files over IRC,
and DCC Chat is most commonly used by Eggdrop bots. If you are using
NAT, this extension will enable you to send files and initiate chats.
Note that you do NOT need this extension to get files or have others
initiate chats, or everything else in IRC.
config FREETZ_MODULE_nf_conntrack_ipv4
bool "nf_conntrack_ipv4.ko"
depends on FREETZ_KERNEL_VERSION_2_6_28_MIN
default n
config FREETZ_MODULE_ip_conntrack_pptp
bool "ip_conntrack_pptp.ko"
depends on FREETZ_KERNEL_VERSION_2_6_19
select FREETZ_MODULE_ip_conntrack
default n
help
This module adds support for PPTP (Point to Point Tunnelling
Protocol, RFC2637) connection tracking and NAT.
If you are running PPTP sessions over a stateful firewall or NAT
box, you may want to enable this feature.
Please note that not all PPTP modes of operation are supported yet.
For more info, read top of the file
net/ipv4/netfilter/ip_conntrack_pptp.c
config FREETZ_MODULE_nf_conntrack_pptp
bool "nf_conntrack_pptp.ko"
depends on FREETZ_KERNEL_VERSION_2_6_28_MIN
select FREETZ_MODULE_nf_conntrack
select FREETZ_MODULE_nf_conntrack_proto_gre
default n
help
This module adds support for PPTP (Point to Point Tunnelling
Protocol, RFC2637) connection tracking and NAT.
If you are running PPTP sessions over a stateful firewall or NAT
box, you may want to enable this feature.
config FREETZ_MODULE_nf_conntrack_proto_gre
bool "nf_conntrack_proto_gre.ko"
depends on FREETZ_KERNEL_VERSION_2_6_28_MIN
default n
help
config FREETZ_MODULE_ip_conntrack_rtsp
bool "ip_conntrack_rtsp.ko"
depends on FREETZ_KERNEL_VERSION_2_6_19_MAX
select FREETZ_MODULE_ip_conntrack
default n
help
Tracking RTSP Connections
config FREETZ_MODULE_ip_conntrack_tftp
bool "ip_conntrack_tftp.ko"
depends on FREETZ_KERNEL_VERSION_2_6_19_MAX
select FREETZ_MODULE_ip_conntrack
default n
help
TFTP connection tracking helper, this is required depending
on how restrictive your ruleset is.
If you are using a tftp client behind -j SNAT or -j MASQUERADING
you will need this.
config FREETZ_MODULE_nf_conntrack_tftp
bool "nf_conntrack_tftp.ko"
depends on FREETZ_KERNEL_VERSION_2_6_28 || FREETZ_KERNEL_VERSION_2_6_32
select FREETZ_MODULE_nf_conntrack
default n
help
TFTP connection tracking helper, this is required depending
on how restrictive your ruleset is.
If you are using a tftp client behind -j SNAT or -j MASQUERADING
you will need this.
config FREETZ_MODULE_ip_conntrack_proto_sctp
bool "ip_conntrack_proto_sctp.ko"
depends on FREETZ_KERNEL_VERSION_2_6_13
select FREETZ_MODULE_ip_conntrack
default n
help
With this option enabled, the connection tracking code will
be able to do state tracking on SCTP connections.
config FREETZ_MODULE_nf_defrag_ipv4
bool "nf_defrag_ipv4.ko"
depends on FREETZ_KERNEL_VERSION_2_6_28 || FREETZ_KERNEL_VERSION_2_6_32
default n
config FREETZ_MODULE_ip_nat
bool "ip_nat.ko"
depends on FREETZ_KERNEL_VERSION_2_6_19 && FREETZ_REPLACE_KERNEL
select FREETZ_MODULE_ip_conntrack
default n
help
The Full NAT option allows masquerading, port forwarding and other
forms of full Network Address Port Translation. It is controlled by
the `nat' table in iptables: see the man page for iptables(8).
config FREETZ_MODULE_nf_nat
bool
bool "nf_nat.ko"
depends on FREETZ_KERNEL_VERSION_2_6_28_MIN
select FREETZ_MODULE_nf_conntrack
select FREETZ_MODULE_nf_conntrack_ipv4
select FREETZ_MODULE_nf_defrag_ipv4
default n
help
The Full NAT option allows masquerading, port forwarding and other
forms of full Network Address Port Translation. It is controlled by
the `nat' table in iptables: see the man page for iptables(8).
config FREETZ_MODULE_ip_nat_ftp
bool "ip_nat_ftp.ko"
depends on FREETZ_KERNEL_VERSION_2_6_19_MAX && \
(!FREETZ_KERNEL_VERSION_2_6_19 || FREETZ_REPLACE_KERNEL)
select FREETZ_MODULE_iptable_nat if FREETZ_KERNEL_VERSION_2_6_13
select FREETZ_MODULE_ip_nat if FREETZ_KERNEL_VERSION_2_6_19
select FREETZ_MODULE_ip_conntrack_ftp
default n
config FREETZ_MODULE_nf_nat_ftp
bool "nf_nat_ftp.ko"
depends on FREETZ_KERNEL_VERSION_2_6_28_MIN
select FREETZ_MODULE_nf_nat
select FREETZ_MODULE_nf_conntrack_ftp
default n
config FREETZ_MODULE_ip_nat_h323
bool "ip_nat_h323.ko"
depends on FREETZ_KERNEL_VERSION_2_6_19 && FREETZ_REPLACE_KERNEL
select FREETZ_MODULE_ip_nat if FREETZ_KERNEL_VERSION_2_6_19
select FREETZ_MODULE_ip_conntrack_h323
default n
config FREETZ_MODULE_nf_nat_h323
bool
#bool "nf_nat_h323.ko"
depends on FREETZ_KERNEL_VERSION_2_6_28_MIN
select FREETZ_MODULE_nf_nat
select FREETZ_MODULE_nf_conntrack_h323
default n
config FREETZ_MODULE_ip_nat_irc
bool "ip_nat_irc.ko"
depends on FREETZ_KERNEL_VERSION_2_6_19_MAX && \
(!FREETZ_KERNEL_VERSION_2_6_19 || FREETZ_REPLACE_KERNEL)
select FREETZ_MODULE_iptable_nat if FREETZ_KERNEL_VERSION_2_6_13
select FREETZ_MODULE_ip_nat if FREETZ_KERNEL_VERSION_2_6_19
select FREETZ_MODULE_ip_conntrack_irc if FREETZ_KERNEL_VERSION_2_6_19
default n
config FREETZ_MODULE_nf_nat_irc
bool
#bool "nf_nat_irc.ko"
depends on FREETZ_KERNEL_VERSION_2_6_28_MIN
select FREETZ_MODULE_nf_nat
select FREETZ_MODULE_nf_conntrack_irc
default n
config FREETZ_MODULE_ip_nat_pptp
bool "ip_nat_pptp.ko"
depends on FREETZ_KERNEL_VERSION_2_6_19 && FREETZ_REPLACE_KERNEL
select FREETZ_MODULE_ip_nat
select FREETZ_MODULE_ip_conntrack_pptp
default n
config FREETZ_MODULE_nf_nat_pptp
bool
#bool "nf_nat_pptp.ko"
depends on FREETZ_KERNEL_VERSION_2_6_28_MIN
select FREETZ_MODULE_nf_nat
select FREETZ_MODULE_nf_conntrack_pptp
default n
config FREETZ_MODULE_ip_nat_rtsp
bool "ip_nat_rtsp.ko"
depends on FREETZ_KERNEL_VERSION_2_6_19_MAX && \
(!FREETZ_KERNEL_VERSION_2_6_19 || FREETZ_REPLACE_KERNEL)
select FREETZ_MODULE_iptable_nat if FREETZ_KERNEL_VERSION_2_6_13
select FREETZ_MODULE_ip_nat if FREETZ_KERNEL_VERSION_2_6_19
select FREETZ_MODULE_ip_conntrack_rtsp
default n
config FREETZ_MODULE_ip_nat_tftp
bool "ip_nat_tftp.ko"
depends on FREETZ_KERNEL_VERSION_2_6_19_MAX && \
(!FREETZ_KERNEL_VERSION_2_6_19 || FREETZ_REPLACE_KERNEL)
select FREETZ_MODULE_iptable_nat if FREETZ_KERNEL_VERSION_2_6_13
select FREETZ_MODULE_ip_nat if FREETZ_KERNEL_VERSION_2_6_19
select FREETZ_MODULE_ip_conntrack_tftp if FREETZ_KERNEL_VERSION_2_6_19
default n
config FREETZ_MODULE_nf_nat_tftp
bool "nf_nat_tftp.ko"
depends on FREETZ_KERNEL_VERSION_2_6_28_MIN
select FREETZ_MODULE_nf_nat
select FREETZ_MODULE_nf_conntrack_tftp
default n
config FREETZ_MODULE_iptable_filter
bool "iptable_filter.ko"
select FREETZ_MODULE_ip_tables
default n
help
Packet filtering defines a table `filter', which has a series of
rules for simple packet filtering at local input, forwarding and
local output. See the man page for iptables(8).
config FREETZ_MODULE_iptable_mangle
bool "iptable_mangle.ko"
select FREETZ_MODULE_ip_tables
default n
help
This option adds a `mangle' table to iptables: see the man page for
iptables(8). This table is used for various packet alterations
which can effect how the packet is routed.
comment "iptable_nat.ko (not available, needs replace kernel)"
depends on FREETZ_KERNEL_VERSION_2_6_19 && !FREETZ_REPLACE_KERNEL
config FREETZ_MODULE_iptable_nat
bool "iptable_nat.ko"
depends on !FREETZ_KERNEL_VERSION_2_6_19 || FREETZ_REPLACE_KERNEL
select FREETZ_MODULE_ip_conntrack if FREETZ_KERNEL_VERSION_2_6_19_MAX
select FREETZ_MODULE_ip_tables
select FREETZ_MODULE_ip_nat if FREETZ_KERNEL_VERSION_2_6_19
select FREETZ_MODULE_nf_nat if FREETZ_KERNEL_VERSION_2_6_28
default n
help
Cannot be loaded when using AVM-kernel 2.6.19, see http://freetz.org/ticket/1929
config FREETZ_MODULE_iptable_raw
bool "iptable_raw.ko"
depends on FREETZ_KERNEL_VERSION_2_6_19_MIN
select FREETZ_MODULE_ip_tables
default n
config FREETZ_MODULE_ip_tables
bool "ip_tables.ko"
select FREETZ_MODULE_x_tables if FREETZ_KERNEL_VERSION_2_6_19_MIN
default n
help
iptables is a general, extensible packet identification framework.
The packet filtering and full NAT (masquerading, port forwarding,
etc) subsystems now use this.
config FREETZ_MODULE_ipt_connmark
bool "ipt_connmark.ko"
depends on FREETZ_KERNEL_VERSION_2_6_13
select FREETZ_MODULE_ip_conntrack
select FREETZ_MODULE_ip_tables
default n
help
This option enables support for connection marks, used by the
`CONNMARK' target and `connmark' match. Similar to the mark value
of packets, but this mark value is kept in the conntrack session
instead of the individual packets.
config FREETZ_MODULE_ipt_CONNMARK
bool "ipt_CONNMARK.ko"
depends on FREETZ_KERNEL_VERSION_2_6_13
select FREETZ_MODULE_ip_conntrack
select FREETZ_MODULE_ip_tables
default n
help
This option adds a `CONNMARK' target, which allows one to manipulate
the connection mark value. Similar to the MARK target, but
affects the connection mark value rather than the packet mark value.
config FREETZ_MODULE_ipt_conntrack
bool "ipt_conntrack.ko"
depends on FREETZ_KERNEL_VERSION_2_6_13
select FREETZ_MODULE_ip_conntrack
select FREETZ_MODULE_ip_tables
default n
config FREETZ_MODULE_ipt_helper
bool "ipt_helper.ko"
depends on FREETZ_KERNEL_VERSION_2_6_13
select FREETZ_MODULE_ip_conntrack
select FREETZ_MODULE_ip_tables
default n
help
Helper matching allows you to match packets in dynamic connections
tracked by a conntrack-helper, ie. ip_conntrack_ftp
config FREETZ_MODULE_ipt_iprange
bool "ipt_iprange.ko"
depends on FREETZ_KERNEL_VERSION_2_6_19_MAX
select FREETZ_MODULE_ip_tables if FREETZ_KERNEL_VERSION_2_6_13
select FREETZ_MODULE_x_tables if FREETZ_KERNEL_VERSION_2_6_19
default n
help
This option makes possible to match IP addresses against IP address
ranges.
config FREETZ_MODULE_ipt_layer7
bool "ipt_layer7.ko"
depends on FREETZ_KERNEL_VERSION_2_6_19_MAX
select FREETZ_MODULE_ip_tables if FREETZ_KERNEL_VERSION_2_6_13
select FREETZ_MODULE_x_tables if FREETZ_KERNEL_VERSION_2_6_19
default n
help
Say Y if you want to be able to classify connections (and their
packets) based on regular expression matching of their application
layer data. This is one way to classify applications such as
peer-to-peer filesharing systems that do not always use the same
port.
config FREETZ_MODULE_ipt_ipp2p
bool "ipt_ipp2p.ko"
depends on FREETZ_KERNEL_VERSION_2_6_19
select FREETZ_MODULE_ip_tables if FREETZ_KERNEL_VERSION_2_6_13
select FREETZ_MODULE_x_tables if FREETZ_KERNEL_VERSION_2_6_19
default n
help
This option makes possible to match some P2P packets
therefore helps controlling such traffic.
config FREETZ_MODULE_ipt_length
bool "ipt_length.ko"
depends on FREETZ_KERNEL_VERSION_2_6_13
select FREETZ_MODULE_ip_tables
default n
help
This option allows you to match the length of a packet against a
specific value or range of values.
config FREETZ_MODULE_ipt_limit
bool "ipt_limit.ko"
depends on FREETZ_KERNEL_VERSION_2_6_13
select FREETZ_MODULE_ip_tables
default n
help
limit matching allows you to control the rate at which a rule can be
matched: mainly useful in combination with the LOG target ("LOG
target support", below) and to avoid some Denial of Service attacks.
config FREETZ_MODULE_ipt_LOG
bool "ipt_LOG.ko"
select FREETZ_MODULE_ip_tables if FREETZ_KERNEL_VERSION_2_6_19_MAX
select FREETZ_MODULE_x_tables if FREETZ_KERNEL_VERSION_2_6_28_MIN
default n
help
This option adds a `LOG' target, which allows you to create rules in
any iptables table which records the packet header to the syslog.
config FREETZ_MODULE_ipt_comment
bool "ipt_comment.ko"
depends on FREETZ_KERNEL_VERSION_2_6_19_MAX
select FREETZ_MODULE_ip_tables
default n
help
This option adds a module, which allows you to add comments to your rules.
config FREETZ_MODULE_ipt_mac
bool "ipt_mac.ko"
depends on FREETZ_KERNEL_VERSION_2_6_13
select FREETZ_MODULE_ip_tables
default n
help
MAC matching allows you to match packets based on the source
Ethernet address of the packet.
config FREETZ_MODULE_ipt_mark
bool "ipt_mark.ko"
depends on FREETZ_KERNEL_VERSION_2_6_13
select FREETZ_MODULE_ip_tables
default n
help
Netfilter mark matching allows you to match packets based on the
`nfmark' value in the packet. This can be set by the MARK target
(see below).
config FREETZ_MODULE_ipt_MARK
bool "ipt_MARK.ko"
depends on FREETZ_KERNEL_VERSION_2_6_13
select FREETZ_MODULE_ip_tables
default n
help
This option adds a `MARK' target, which allows you to create rules
in the `mangle' table which alter the netfilter mark (nfmark) field
associated with the packet prior to routing. This can change
the routing method (see `Use netfilter MARK value as routing
key') and can also be used by other subsystems to change their
behavior.
config FREETZ_MODULE_ipt_MASQUERADE
bool "ipt_MASQUERADE.ko"
depends on FREETZ_KERNEL_VERSION_2_6_19_MAX && \
(!FREETZ_KERNEL_VERSION_2_6_19 || FREETZ_REPLACE_KERNEL)
select FREETZ_MODULE_iptable_nat if FREETZ_KERNEL_VERSION_2_6_13
select FREETZ_MODULE_ip_nat if FREETZ_KERNEL_VERSION_2_6_19
select FREETZ_MODULE_x_tables if FREETZ_KERNEL_VERSION_2_6_19
default n
help
Masquerading is a special case of NAT: all outgoing connections are
changed to seem to come from a particular interface's address, and
if the interface goes down, those connections are lost. This is
only useful for dialup accounts with dynamic IP address (ie. your IP
address will be different on next dialup).
config FREETZ_MODULE_ipt_multiport
bool "ipt_multiport.ko"
depends on FREETZ_KERNEL_VERSION_2_6_13
select FREETZ_MODULE_ip_tables
default n
help
Multiport matching allows you to match TCP or UDP packets based on
a series of source or destination ports: normally a rule can only
match a single range of ports.
config FREETZ_MODULE_ipt_owner
bool "ipt_owner.ko"
depends on FREETZ_KERNEL_VERSION_2_6_19_MAX
select FREETZ_MODULE_ip_tables if FREETZ_KERNEL_VERSION_2_6_13
select FREETZ_MODULE_x_tables if FREETZ_KERNEL_VERSION_2_6_19
default n
help
Packet owner matching allows you to match locally-generated packets
based on who created them: the user, group, process or session.
config FREETZ_MODULE_ipt_REDIRECT
bool "ipt_REDIRECT.ko"
depends on FREETZ_KERNEL_VERSION_2_6_28_MAX && \
(!FREETZ_KERNEL_VERSION_2_6_19 || FREETZ_REPLACE_KERNEL)
select FREETZ_MODULE_iptable_nat
select FREETZ_MODULE_ip_nat if FREETZ_KERNEL_VERSION_2_6_19
select FREETZ_MODULE_x_tables if FREETZ_KERNEL_VERSION_2_6_19 || FREETZ_KERNEL_VERSION_2_6_28
default n
help
REDIRECT is a special case of NAT: all incoming connections are
mapped onto the incoming interface's address, causing the packets to
come to the local machine instead of passing through. This is
useful for transparent proxies.
config FREETZ_MODULE_ipt_REJECT
bool "ipt_REJECT.ko"
select FREETZ_MODULE_ip_tables if FREETZ_KERNEL_VERSION_2_6_13
select FREETZ_MODULE_x_tables if FREETZ_KERNEL_VERSION_2_6_19_MIN
default n
help
The REJECT target allows a filtering rule to specify that an ICMP
error should be issued in response to an incoming packet, rather
than silently being dropped.
config FREETZ_MODULE_ipt_state
bool "ipt_state.ko"
depends on FREETZ_KERNEL_VERSION_2_6_13
select FREETZ_MODULE_ip_conntrack
select FREETZ_MODULE_ip_tables
default n
help
Connection state matching allows you to match packets based on their
relationship to a tracked connection (ie. previous packets). This
is a powerful tool for packet classification.
config FREETZ_MODULE_ipt_tcpmss
bool "ipt_tcpmss.ko"
depends on FREETZ_KERNEL_VERSION_2_6_13
select FREETZ_MODULE_ip_tables
default n
help
This option adds a `tcpmss' match, which allows you to examine the
MSS value of TCP SYN packets, which control the maximum packet size
for that connection.
config FREETZ_MODULE_ipt_TCPMSS
bool "ipt_TCPMSS.ko"
depends on FREETZ_KERNEL_VERSION_2_6_19_MAX
select FREETZ_MODULE_ip_tables if FREETZ_KERNEL_VERSION_2_6_13
select FREETZ_MODULE_x_tables if FREETZ_KERNEL_VERSION_2_6_19
default n
help
This option adds a `TCPMSS' target, which allows you to alter the
MSS value of TCP SYN packets, to control the maximum size for that
connection (usually limiting it to your outgoing interface's MTU
minus 40).
This is used to overcome criminally braindead ISPs or servers which
block ICMP Fragmentation Needed packets. The symptoms of this
problem are that everything works fine from your Linux
firewall/router, but machines behind it can never exchange large
packets:
1) Web browsers connect, then hang with no data received.
2) Small mail works fine, but large emails hang.
3) ssh works fine, but scp hangs after initial handshaking.
Workaround: activate this option and add a rule to your firewall
configuration like:
iptables -A FORWARD -p tcp --tcp-flags SYN,RST SYN \
-j TCPMSS --clamp-mss-to-pmtu
config FREETZ_MODULE_ipt_tos
bool "ipt_tos.ko"
depends on FREETZ_KERNEL_VERSION_2_6_19_MAX
select FREETZ_MODULE_ip_tables if FREETZ_KERNEL_VERSION_2_6_13
select FREETZ_MODULE_x_tables if FREETZ_KERNEL_VERSION_2_6_19
default n
help
TOS matching allows you to match packets based on the Type Of
Service fields of the IP packet.
config FREETZ_MODULE_ipt_TOS
bool "ipt_TOS.ko"
depends on FREETZ_KERNEL_VERSION_2_6_19_MAX
select FREETZ_MODULE_ip_tables if FREETZ_KERNEL_VERSION_2_6_13
select FREETZ_MODULE_x_tables if FREETZ_KERNEL_VERSION_2_6_19
default n
help
This option adds a `TOS' target, which allows you to create rules in
the `mangle' table which alter the Type Of Service field of an IP
packet prior to routing.
config FREETZ_MODULE_ipt_ttl
bool "ipt_ttl.ko"
select FREETZ_MODULE_ip_tables if FREETZ_KERNEL_VERSION_2_6_13
select FREETZ_MODULE_x_tables if FREETZ_KERNEL_VERSION_2_6_19_MIN
default n
help
This adds CONFIG_IP_NF_MATCH_TTL option, which enabled the user
to match packets by their TTL value.
config FREETZ_MODULE_ipt_TTL
bool "ipt_TTL.ko"
default n
help
This option adds a `TTL' target, which allows you to create rules in
the `mangle' table which alter the TTL (time to live) field of an IP
packet.
endmenu
menu "x_tables (both IPv4 and IPv6)"
depends on FREETZ_PACKAGE_IPTABLES_KERNEL_MODULES
depends on FREETZ_KERNEL_VERSION_2_6_19_MIN
config FREETZ_MODULE_x_tables
bool "x_tables.ko"
default n
config FREETZ_MODULE_xt_helper
bool "xt_helper.ko"
depends on FREETZ_KERNEL_VERSION_2_6_19
select FREETZ_MODULE_x_tables
select FREETZ_MODULE_ip_conntrack
default n
help
Helper matching allows you to match packets in dynamic connections
tracked by a conntrack-helper, ie. ip_conntrack_ftp
config FREETZ_MODULE_xt_CLASSIFY
bool "xt_CLASSIFY.ko"
select FREETZ_MODULE_x_tables
default n
help
This option adds a `CLASSIFY' target, which enables the user to set
the priority of a packet. Some qdiscs can use this value for
classification, among these are:
atm, cbq, dsmark, pfifo_fast, htb, prio
config FREETZ_MODULE_xt_comment
bool "xt_comment.ko"
select FREETZ_MODULE_x_tables
default n
help
This option adds a `comment' dummy-match, which allows you to put
comments in your iptables ruleset.
config FREETZ_MODULE_xt_conntrack
bool "xt_conntrack.ko"
depends on FREETZ_KERNEL_VERSION_2_6_19
select FREETZ_MODULE_x_tables
select FREETZ_MODULE_ip_conntrack
default n
help
Connection tracking keeps a record of what packets have passed
through your machine, in order to figure out how they are related
into connections.
Layer 3 independent connection tracking is experimental scheme
which generalize ip_conntrack to support other layer 3 protocols.
config FREETZ_MODULE_xt_esp
bool "xt_esp.ko"
select FREETZ_MODULE_x_tables
default n
help
This match extension allows you to match a range of SPIs
inside ESP header of IPSec packets.
config FREETZ_MODULE_xt_length
bool "xt_length.ko"
select FREETZ_MODULE_x_tables
default n
help
This option allows you to match the length of a packet against a
specific value or range of values.
config FREETZ_MODULE_xt_limit
bool "xt_limit.ko"
select FREETZ_MODULE_x_tables
default n
help
limit matching allows you to control the rate at which a rule can be
matched: mainly useful in combination with the LOG target ("LOG
target support", below) and to avoid some Denial of Service attacks.
config FREETZ_MODULE_xt_mac
bool "xt_mac.ko"
select FREETZ_MODULE_x_tables
default n
help
MAC matching allows you to match packets based on the source
Ethernet address of the packet.
config FREETZ_MODULE_xt_multiport
bool "xt_multiport.ko"
select FREETZ_MODULE_x_tables
default n
help
Multiport matching allows you to match TCP or UDP packets based on
a series of source or destination ports: normally a rule can only
match a single range of ports.
config FREETZ_MODULE_xt_mark
bool "xt_mark.ko"
select FREETZ_MODULE_x_tables
default n
help
Netfilter mark matching allows you to match packets based on the
`nfmark' value in the packet. This can be set by the MARK target
(see below).
config FREETZ_MODULE_xt_MARK
bool "xt_MARK.ko"
select FREETZ_MODULE_x_tables
default n
help
This option adds a `MARK' target, which allows you to create rules
in the `mangle' table which alter the netfilter mark (nfmark) field
associated with the packet prior to routing. This can change
the routing method (see `Use netfilter MARK value as routing
key') and can also be used by other subsystems to change their
behavior.
config FREETZ_MODULE_xt_NFQUEUE
bool "xt_NFQUEUE.ko"
select FREETZ_MODULE_x_tables
default n
help
This target replaced the old obsolete QUEUE target.
As opposed to QUEUE, it supports 65535 different queues,
not just one.
config FREETZ_MODULE_xt_NOTRACK
bool "xt_NOTRACK.ko"
depends on FREETZ_KERNEL_VERSION_2_6_19
select FREETZ_MODULE_x_tables
select FREETZ_MODULE_ip_conntrack
default n
help
The NOTRACK target allows a select rule to specify
which packets *not* to enter the conntrack/NAT
subsystem with all the consequences (no ICMP error tracking,
no protocol helpers for the selected packets).
config FREETZ_MODULE_xt_iprange
bool "xt_iprange.ko"
select FREETZ_MODULE_x_tables
default n
help
This option adds a "iprange" match, which allows you to match
based on an IP address range. (Normal iptables only matches on
single addresses x with an optional mask.)
config FREETZ_MODULE_xt_pkttype
bool "xt_pkttype.ko"
select FREETZ_MODULE_x_tables
default n
help
Packet type matching allows you to match a packet by
its "class", eg. BROADCAST, MULTICAST, ...
Typical usage:
iptables -A INPUT -m pkttype --pkt-type broadcast -j LOG
config FREETZ_MODULE_xt_physdev
bool "xt_physdev.ko"
select FREETZ_MODULE_x_tables
default n
help
Physdev packet matching matches against the physical bridge ports
the IP packet arrived on or will leave by.
config FREETZ_MODULE_xt_quota
bool "xt_quota.ko"
select FREETZ_MODULE_x_tables
default n
help
This option adds a `quota' match, which allows to match on a
byte counter.
config FREETZ_MODULE_xt_realm
bool "xt_realm.ko"
select FREETZ_MODULE_x_tables
default n
help
This option adds a `realm' match, which allows you to use the realm
key from the routing subsystem inside iptables.
This match pretty much resembles the CONFIG_NET_CLS_ROUTE4 option
in tc world.
config FREETZ_MODULE_xt_state
bool "xt_state.ko"
#depends on FREETZ_KERNEL_VERSION_2_6_19
select FREETZ_MODULE_x_tables
select FREETZ_MODULE_ip_conntrack
default n
help
Connection state matching allows you to match packets based on their
relationship to a tracked connection (ie. previous packets). This
is a powerful tool for packet classification.
config FREETZ_MODULE_xt_statistic
bool "xt_statistic.ko"
select FREETZ_MODULE_x_tables
default n
help
This option adds a `statistic' match, which allows you to match
on packets periodically or randomly with a given percentage.
config FREETZ_MODULE_xt_string
bool "xt_string.ko"
select FREETZ_MODULE_x_tables
default n
help
This option adds a `string' match, which allows you to look for
pattern matchings in packets.
config FREETZ_MODULE_xt_tcpudp
bool "xt_tcpudp.ko"
select FREETZ_MODULE_x_tables
default n
config FREETZ_MODULE_xt_tcpmss
bool "xt_tcpmss.ko"
select FREETZ_MODULE_x_tables
default n
help
This option adds a `tcpmss' match, which allows you to examine the
MSS value of TCP SYN packets, which control the maximum packet size
for that connection.
config FREETZ_MODULE_xt_time
bool "xt_time.ko"
depends on FREETZ_KERNEL_VERSION_2_6_28_MIN
default n
endmenu
menu "Select kernel modules (IPv6)"
depends on FREETZ_PACKAGE_IPTABLES_KERNEL_MODULES
depends on FREETZ_TARGET_IPV6_SUPPORT
config FREETZ_MODULE_ip6_queue
bool "ip6_queue.ko"
default n
help
Userspace queueing via NETLINK
This option adds a queue handler to the kernel for IPv6
packets which lets us to receive the filtered packets
with QUEUE target using libiptc as we can do with
the IPv4 now.
(C) Fernando Anton 2001
IPv64 Project - Work based in IPv64 draft by Arturo Azcorra.
Universidad Carlos III de Madrid
Universidad Politecnica de Alcala de Henares
email: <[email protected]>.
config FREETZ_MODULE_ip6_tables
select FREETZ_PACKAGE_IPTABLES_SHARED_LIBS
select FREETZ_LIB_libxt_standard
bool "ip6_tables.ko"
default n
help
IP6 tables support (required for filtering/masq/NAT)
ip6tables is a general, extensible packet identification framework.
Currently only the packet filtering and packet mangling subsystem
for IPv6 use this, but connection tracking is going to follow.
config FREETZ_MODULE_ip6table_filter
depends on FREETZ_MODULE_ip6_tables
bool "ip6table_filter.ko"
default n
help
Packet filtering
Packet filtering defines a table `filter', which has a series of
rules for simple packet filtering at local input, forwarding and
local output. See the man page for iptables(8).
config FREETZ_MODULE_ip6table_raw
depends on FREETZ_MODULE_ip6_tables
bool "ip6table_raw.ko"
default n
help
raw table support (required for TRACE)
This option adds a `raw' table to ip6tables. This table is the very
first in the netfilter framework and hooks in at the PREROUTING
and OUTPUT chains.
config FREETZ_MODULE_ip6t_ah
depends on FREETZ_MODULE_ip6_tables
bool "ip6t_ah.ko"
default n
help
AH match support
This module allows one to match AH and ESP packets.
config FREETZ_MODULE_ip6t_dst
depends on FREETZ_KERNEL_VERSION_2_6_13 && FREETZ_MODULE_ip6_tables
bool "ip6t_dst.ko"
default n
help
Dst opts header match support
This allows one to match packets based on the hop-by-hop
and destination options headers of a packet.
config FREETZ_MODULE_ip6t_esp
depends on FREETZ_KERNEL_VERSION_2_6_13 && FREETZ_MODULE_ip6_tables
bool "ip6t_esp.ko"
default n
help
ESP match support
This module allows one to match AH and ESP packets.
config FREETZ_MODULE_ip6t_eui64
depends on FREETZ_MODULE_ip6_tables
bool "ip6t_eui64.ko"
default n
help
EUI64 address check
This module performs checking on the IPv6 source address
Compares the last 64 bits with the EUI64 (delivered
from the MAC address) address
config FREETZ_MODULE_ip6t_frag
depends on FREETZ_MODULE_ip6_tables
bool "ip6t_frag.ko"
default n
help
Fragmentation header match support
frag matching allows you to match packets based on the fragmentation
header of the packet.
config FREETZ_MODULE_ip6t_hbh
depends on FREETZ_MODULE_ip6_tables
bool "ip6t_hbh.ko"
default n
help
Hop-by-hop and header match support
This allows one to match packets based on the hop-by-hop
and destination options headers of a packet.
config FREETZ_MODULE_ip6t_hl
depends on FREETZ_MODULE_ip6_tables
bool "ip6t_hl.ko"
default n
help
HL match support
HL matching allows you to match packets based on the hop
limit of the packet.
config FREETZ_MODULE_ip6t_ipv6header
depends on FREETZ_MODULE_ip6_tables
bool "ip6t_ipv6header.ko"
default n
help
IPv6 Extension Headers Match
This module allows one to match packets based upon
the ipv6 extension headers.
config FREETZ_MODULE_ip6t_length
depends on FREETZ_KERNEL_VERSION_2_6_13 && FREETZ_MODULE_ip6_tables
bool "ip6t_length.ko"
default n
help
Packet Length match support
This option allows you to match the length of a packet against a
specific value or range of values.
config FREETZ_MODULE_ip6t_limit
depends on FREETZ_KERNEL_VERSION_2_6_13 && FREETZ_MODULE_ip6_tables
bool "ip6t_limit.ko"
default n
help
limit match support
limit matching allows you to control the rate at which a rule can be
matched: mainly useful in combination with the LOG target ("LOG
target support", below) and to avoid some Denial of Service attacks.
config FREETZ_MODULE_ip6t_LOG
depends on FREETZ_MODULE_ip6_tables
bool "ip6t_LOG.ko"
default n
help
LOG target support
This option adds a `LOG' target, which allows you to create rules in
any iptables table which records the packet header to the syslog.
config FREETZ_MODULE_ip6t_mac
depends on FREETZ_KERNEL_VERSION_2_6_13 && FREETZ_MODULE_ip6_tables
bool "ip6t_mac.ko"
default n
help
MAC address match support
mac matching allows you to match packets based on the source
Ethernet address of the packet.
config FREETZ_MODULE_ip6t_mark
depends on FREETZ_KERNEL_VERSION_2_6_13 && FREETZ_MODULE_ip6_tables
bool "ip6t_mark.ko"
default n
help
netfilter MARK match support
Netfilter mark matching allows you to match packets based on the
`nfmark' value in the packet. This can be set by the MARK target
(see below).
config FREETZ_MODULE_ip6t_multiport
depends on FREETZ_KERNEL_VERSION_2_6_13 && FREETZ_MODULE_ip6_tables
bool "ip6t_multiport.ko"
default n
help
Multiple port match support
Multiport matching allows you to match TCP or UDP packets based on
a series of source or destination ports: normally a rule can only
match a single range of ports.
config FREETZ_MODULE_ip6t_owner
depends on FREETZ_KERNEL_VERSION_2_6_13 && FREETZ_MODULE_ip6_tables
bool "ip6t_owner.ko"
default n
help
Owner match support
Packet owner matching allows you to match locally-generated packets
based on who created them: the user, group, process or session.
config FREETZ_MODULE_ip6t_REJECT
depends on FREETZ_MODULE_ip6_tables
bool "ip6t_REJECT.ko"
default n
help
The REJECT target allows a filtering rule to specify that an ICMPv6
error should be issued in response to an incoming packet, rather
than silently being dropped.
config FREETZ_MODULE_ip6t_rt
depends on FREETZ_MODULE_ip6_tables
bool "ip6t_rt.ko"
default n
help
Routing header match support
rt matching allows you to match packets based on the routing
header of the packet.
config FREETZ_MODULE_ip6table_mangle
depends on FREETZ_MODULE_ip6_tables
bool "ip6table_mangle.ko"
default n
help
Packet mangling
This option adds a `mangle' table to iptables: see the man page for
iptables(8). This table is used for various packet alterations
which can effect how the packet is routed.
config FREETZ_MODULE_ip6t_MARK
depends on FREETZ_KERNEL_VERSION_2_6_13 && FREETZ_MODULE_ip6_tables
bool "ip6t_MARK.ko"
default n
help
MARK target support
This option adds a `MARK' target, which allows you to create rules
in the `mangle' table which alter the netfilter mark (nfmark) field
associated with the packet packet prior to routing. This can change
the routing method (see `Use netfilter MARK value as routing
key') and can also be used by other subsystems to change their
behavior.
config FREETZ_MODULE_nf_conntrack_ipv6
bool
#bool "nf_conntrack_ipv6.ko"
depends on FREETZ_KERNEL_VERSION_2_6_28_MIN
default n
help
Connection tracking keeps a record of what packets have passed
through your machine, in order to figure out how they are related
into connections.
This is IPv6 support on Layer 3 independent connection tracking.
Layer 3 independent connection tracking is experimental scheme which
generalize ip_conntrack to support other layer 3 protocols.
endmenu
config FREETZ_PACKAGE_IPTABLES_SHARED_LIBS
bool "Iptables shared libraries"
depends on FREETZ_PACKAGE_IPTABLES && ! FREETZ_PACKAGE_IPTABLES_STATIC
default n
help
Shared Libraries for iptables
Please note that some kernel modules have corresponding shared libraries
and vice versa, so please make sure to select both of them, if they are
needed for your purpose.
menu "Select shared libraries (IPv4)"
depends on FREETZ_PACKAGE_IPTABLES_SHARED_LIBS
config FREETZ_LIB_libipt_addrtype
bool "libipt_addrtype.so"
default n
help
This module matches packets based on their address type.
Address types are used within the kernel networking stack and categorize
addresses into various groups. The exact definition of that group
depends on the specific layer three protocol.
Examples: UNICAST, BROADCAST, LOCAL, MULTICAST, ANYCAST, ...
config FREETZ_LIB_libipt_ah
bool "libipt_ah.so"
default n
help
This module matches the SPIs in Authentication header of IPsec packets.
config FREETZ_LIB_libipt_CLUSTERIP
bool "lipipt_CLUSTERIP.so"
default n
help
This module allows you to configure a simple cluster of nodes that
share a certain IP and MAC address without an explicit load balancer
in front of them. Connections are statically distributed between the
nodes in this cluster.
config FREETZ_LIB_libipt_DNAT
bool "libipt_DNAT.so"
default n
help
This target is only valid in the nat table, in the PREROUTING
and OUTPUT chains, and user-defined chains which are only called from
those chains. It specifies that the destination address of the packet
should be modified (and all future packets in this connection will
also be mangled), and rules should cease being examined.
config FREETZ_LIB_libipt_ecn
bool "libipt_ecn.so"
default n
help
This allows you to match the ECN bits of the IPv4 and TCP header.
ECN is the Explicit Congestion Notification mechanism as specified in
RFC3168.
config FREETZ_LIB_libipt_ECN
bool "libipt_ECN.so"
default n
help
This target allows to selectively work around known ECN blackholes.
It can only be used in the mangle table.
config FREETZ_LIB_libipt_icmp
bool "libipt_icmp.so"
default n
help
This extension can be used if `--protocol icmp' is specified.
config FREETZ_LIB_libipt_ipp2p
bool "libipt_ipp2p.so"
depends on FREETZ_MODULE_ipt_ipp2p
default n
help
This extension can be used to match p2p protocols such as
eDonkey, KaZaA, Gnutella, BitTorrent.
config FREETZ_LIB_libipt_LOG
bool "libipt_LOG.so"
default n
help
Turn on kernel logging of matching packets. When this option is set
for a rule, the Linux kernel will print some information on all
matching packets (like most IP header fields) via the kernel log
(where it can be read with dmesg or syslogd (8)).
config FREETZ_LIB_libipt_MASQUERADE
bool "libipt_MASQUERADE.so"
default n
help
This target is only valid in the nat table, in the POSTROUTING
chain. It should only be used with dynamically assigned IP (dialup)
connections: if you have a static IP address, you should use the SNAT
target.
config FREETZ_LIB_libipt_MIRROR
bool "libipt_MIRROR.so"
default n
help
This is an experimental demonstration target which inverts the source
and destination fields in the IP header and retransmits the packet.
config FREETZ_LIB_libipt_NETMAP
bool "libipt_NETMAP.so"
default n
help
This target allows you to statically map a whole network of addresses onto
another network of addresses.
config FREETZ_LIB_libipt_realm
bool "libipt_realm.so"
select FREETZ_MODULE_xt_realm if FREETZ_KERNEL_VERSION_2_6_19
default n
help
This matches the routing realm. Routing realms are used in complex
routing setups involving dynamic routing protocols like BGP.
config FREETZ_LIB_libipt_REDIRECT
bool "libipt_REDIRECT.so"
default n
help
This target redirects the packet to the machine itself by changing the
destination IP to the primary address of the incoming interface
(locally-generated packets are mapped to the 127.0.0.1 address).
config FREETZ_LIB_libipt_REJECT
bool "libipt_REJECT.so"
default n
help
This is used to send back an error packet in response to the matched
packet: otherwise it is equivalent to DROP
so it is a terminating TARGET, ending rule traversal.
config FREETZ_LIB_libipt_SAME
bool "libipt_SAME.so"
default n
help
Similar to SNAT/DNAT depending on chain: it takes a range of addresses
(`--to 1.2.3.4-1.2.3.7') and gives a client the same
source-/destination-address for each connection.
config FREETZ_LIB_libipt_SNAT
bool "libipt_SNAT.so"
default n
help
This target specifies that the source address of the packet should be
modified (and all future packets in this connection will also be
mangled), and rules should cease being examined.
config FREETZ_LIB_libipt_ttl
bool "libipt_ttl.so"
default n
help
This module matches the time to live field in the IP header.
config FREETZ_LIB_libipt_TTL
bool "libipt_TTL.so"
default n
help
This is used to modify the IPv4 TTL header field. The TTL field
determines how many hops (routers) a packet can traverse until it's
time to live is exceeded.
config FREETZ_LIB_libipt_ULOG
bool "libipt_ULOG.so"
default n
help
This target provides userspace logging of matching packets. When this
target is set for a rule, the Linux kernel will multicast this packet
through a netlink socket. One or more userspace processes may then
subscribe to various multicast groups and receive the packets.
config FREETZ_LIB_libipt_unclean
bool "libipt_unclean.so"
default n
help
This module takes no options, but attempts to match packets which seem
malformed or unusual. This is regarded as experimental.
endmenu
menu "Select shared libraries (both IPv4 and IPv6)"
depends on FREETZ_PACKAGE_IPTABLES_SHARED_LIBS
config FREETZ_LIB_libxt_CLASSIFY
bool "libxt_CLASSIFY.so"
default n
help
This module allows you to set the skb->priority value (and thus
classify the packet into a specific CBQ class).
config FREETZ_LIB_libxt_comment
bool "libxt_comment.so"
select FREETZ_MODULE_xt_comment if FREETZ_KERNEL_VERSION_2_6_19
default n
help
Allows you to add comments (up to 256 characters) to any rule.
config FREETZ_LIB_libxt_connbytes
bool "libxt_connbytes.so"
default n
help
Match by how many bytes or packets a connection (or one of the two
flows constituting the connection) has transferred so far, or by
average bytes per packet.
#config FREETZ_LIB_libxt_connlimit
# bool "libxt_connlimit.so"
# default n
# help
# Allows you to restrict the number of parallel connections to a server
# per client IP address (or client address block).
config FREETZ_LIB_libxt_connmark
bool "libxt_connmark.so"
default n
help
This module matches the netfilter mark field associated with a
connection (which can be set using the CONNMARK target below).
config FREETZ_LIB_libxt_CONNMARK
bool "libxt_CONNMARK.so"
default n
help
This module sets the netfilter mark value associated with a connection.
config FREETZ_LIB_libxt_CONNSECMARK
bool "libxt_CONNSECMARK.so"
default n
help
This module copies security markings from packets to connections
(if unlabeled), and from connections back to packets (also only
if unlabeled). Typically used in conjunction with SECMARK, it is
only valid in the mangle table.
config FREETZ_LIB_libxt_conntrack
bool "libxt_conntrack.so"
select FREETZ_MODULE_xt_conntrack if FREETZ_KERNEL_VERSION_2_6_19
default n
help
This module, when combined with connection tracking, allows access to
the connection tracking state for this packet/connection.
config FREETZ_LIB_libxt_dscp
bool "libxt_dscp.so"
default n
help
This module matches the 6 bit DSCP field within the TOS field in the
IP header. DSCP has superseded TOS within the IETF.
config FREETZ_LIB_libxt_DSCP
bool "libxt_DSCP.so"
default n
help
This target allows to alter the value of the DSCP bits within the TOS
header of the IPv4 packet. As this manipulates a packet, it can only
be used in the mangle table.
config FREETZ_LIB_libxt_esp
bool "libxt_esp.so"
default n
help
This module matches the SPIs in ESP header of IPsec packets.
config FREETZ_LIB_libxt_hashlimit
bool "libxt_hashlimit.so"
default n
help
hashlimit uses hash buckets to express a rate limiting match (like the
limit match) for a group of connections using a single iptables
rule.
config FREETZ_LIB_libxt_helper
bool "libxt_helper.so"
select FREETZ_MODULE_xt_helper if FREETZ_KERNEL_VERSION_2_6_19
default n
help
This module matches packets related to a specific conntrack-helper.
config FREETZ_LIB_libxt_iprange
bool "libxt_iprange.so"
default n
help
This matches on a given arbitrary range of IP addresses.
config FREETZ_LIB_libxt_length
bool "libxt_length.so"
select FREETZ_MODULE_xt_length if FREETZ_KERNEL_VERSION_2_6_19
default n
help
This module matches the length of the layer-3 payload (e.g. layer-4
packet) of a packet against a specific value or range of values.
config FREETZ_LIB_libxt_limit
bool "libxt_limit.so"
select FREETZ_MODULE_xt_limit if FREETZ_KERNEL_VERSION_2_6_19
default n
help
This module matches at a limited rate using a token bucket filter.
A rule using this extension will match until this limit is reached
(unless the `!' flag is used). It can be used in combination with the
LOG target to give limited logging, for example.
config FREETZ_LIB_libxt_mac
bool "libxt_mac.so"
select FREETZ_MODULE_xt_mac if FREETZ_KERNEL_VERSION_2_6_19
default n
help
Match source MAC address.
config FREETZ_LIB_libxt_mark
bool "libxt_mark.so"
select FREETZ_MODULE_xt_mark if FREETZ_KERNEL_VERSION_2_6_19
default n
help
This module matches the netfilter mark field associated with a packet
(which can be set using the MARK target below).
config FREETZ_LIB_libxt_MARK
bool "libxt_MARK.so"
select FREETZ_MODULE_xt_MARK if FREETZ_KERNEL_VERSION_2_6_19
default n
help
This target is used to set the Netfilter mark value associated with
the packet. The target can only be used in the mangle table. It can,
for example, be used in conjunction with routing based on fwmark
(needs iproute2).
config FREETZ_LIB_libxt_multiport
bool "libxt_multiport.so"
select FREETZ_MODULE_xt_multiport if FREETZ_KERNEL_VERSION_2_6_19
default n
help
This module matches a set of source or destination ports. Up to 15
ports can be specified. A port range (port:port) counts as two
ports.
config FREETZ_LIB_libxt_NFLOG
bool "libxt_NFLOG.so"
default n
help
This target provides logging of matching packets. When this target is
set for a rule, the Linux kernel will pass the packet to the loaded
logging backend to log the packet.
config FREETZ_LIB_libxt_NFQUEUE
bool "libxt_NFQUEUE.so"
default n
help
This target is an extension of the QUEUE target. As opposed to QUEUE,
it allows you to put a packet into any specific queue, identified by
its 16-bit queue number.
config FREETZ_LIB_libxt_NOTRACK
bool "libxt_NOTRACK.so"
default n
help
This target disables connection tracking for all packets matching
that rule.
config FREETZ_LIB_libxt_owner
bool "libxt_owner.so"
default n
help
This module attempts to match various characteristics of the packet
creator, for locally generated packets.
config FREETZ_LIB_libxt_physdev
bool "libxt_physdev.so"
select FREETZ_MODULE_xt_physdev if FREETZ_KERNEL_VERSION_2_6_19
default n
help
This module matches on the bridge port input and output devices
enslaved to a bridge device.
config FREETZ_LIB_libxt_pkttype
bool "libxt_pkttype.so"
select FREETZ_MODULE_xt_pkttype if FREETZ_KERNEL_VERSION_2_6_19
default n
help
This module matches the link-layer packet type.
config FREETZ_LIB_libxt_quota
bool "libxt_quota.so"
default n
help
Implements network quotas by decrementing a byte counter with each
packet.
config FREETZ_LIB_libxt_rateest
bool "libxt_rateest.so"
default n
config FREETZ_LIB_libxt_RATEEST
bool "libxt_RATEEST.so"
default n
help
The RATEEST target collects statistics, performs rate estimation
calculation and saves the results for later evaluation using the
rateest match.
config FREETZ_LIB_libxt_sctp
bool "libxt_sctp.so"
default n
config FREETZ_LIB_libxt_SECMARK
bool "libxt_SECMARK.so"
default n
help
This is used to set the security mark value associated with the
packet for use by security subsystems such as SELinux.
config FREETZ_LIB_libxt_standard
bool "libxt_standard.so"
default n
config FREETZ_LIB_libxt_state
bool "libxt_state.so"
select FREETZ_MODULE_xt_state if FREETZ_KERNEL_VERSION_2_6_19
default n
help
This module, when combined with connection tracking, allows access to
the connection tracking state for this packet.
config FREETZ_LIB_libxt_statistic
bool "libxt_statistic.so"
default n
help
This module matches packets based on some statistic condition.
config FREETZ_LIB_libxt_string
bool "libxt_string.so"
select FREETZ_MODULE_xt_string if FREETZ_KERNEL_VERSION_2_6_19
default n
help
This modules matches a given string by using some pattern matching
strategy.
config FREETZ_LIB_libxt_tcpmss
bool "libxt_tcpmss.so"
select FREETZ_MODULE_xt_tcpmss if FREETZ_KERNEL_VERSION_2_6_19
default n
help
This matches the TCP MSS (maximum segment size) field of the TCP header.
config FREETZ_LIB_libxt_TCPMSS
bool "libxt_TCPMSS.so"
default n
help
This target allows to alter the MSS value of TCP SYN packets, to control
the maximum size for that connection (usually limiting it to your
outgoing interface's MTU minus 40 for IPv4 or 60 for IPv6,
respectively).
config FREETZ_LIB_libxt_tcp
bool "libxt_tcp.so"
select FREETZ_MODULE_xt_tcpudp if FREETZ_KERNEL_VERSION_2_6_19
default n
help
These extensions can be used if `--protocol tcp' is specified.
config FREETZ_LIB_libxt_time
bool "libxt_time.so"
default n
help
This matches if the packet arrival time/date is within a given range.
config FREETZ_LIB_libxt_tos
bool "libxt_tos.so"
default n
help
This module matches the 8-bit Type of Service field in the IPv4 header
(i.e. including the "Precedence" bits) or the (also 8-bit) Priority
field in the IPv6 header.
config FREETZ_LIB_libxt_TOS
bool "libxt_TOS.so"
default n
help
This module sets the Type of Service field in the IPv4 header
(including the 'precedence' bits) or the Priority field in the IPv6
header.
config FREETZ_LIB_libxt_TRACE
bool "libxt_TRACE.so"
default n
help
This target marks packes so that the kernel will log every rule which
match the packets as those traverse the tables, chains, rules.
(The ipt_LOG or ip6t_LOG module is required for the logging.)
config FREETZ_LIB_libxt_u32
bool "libxt_u32.so"
default n
help
U32 tests whether quantities of up to 4 bytes extracted from a packet
have specified values. The specification of what to extract is general
enough to find data at given offsets from tcp headers or payloads.
config FREETZ_LIB_libxt_udp
bool "libxt_udp.so"
select FREETZ_MODULE_xt_tcpudp if FREETZ_KERNEL_VERSION_2_6_19
default n
help
These extensions can be used if `--protocol udp' is specified.
endmenu
menu "Select shared libraries (IPv6)"
depends on FREETZ_PACKAGE_IPTABLES_SHARED_LIBS
depends on FREETZ_TARGET_IPV6_SUPPORT
config FREETZ_LIB_libip6t_ah
bool "libip6t_ah.so"
default n
help
This module matches the parameters in Authentication header of IPsec
packets.
config FREETZ_LIB_libip6t_dst
bool "libip6t_dst.so"
default n
help
This module matches the parameters in Destination Options header.
config FREETZ_LIB_libip6t_eui64
bool "libip6t_eui64.so"
default n
help
This module matches the EUI-64 part of a stateless autoconfigured IPv6
address.
config FREETZ_LIB_libip6t_frag
bool "libip6t_frag.so"
default n
help
This module matches the parameters in Fragment header.
config FREETZ_LIB_libip6t_hbh
bool "libip6t_hbh.so"
default n
help
This module matches the parameters in Hop-by-Hop Options header.
config FREETZ_LIB_libip6t_hl
bool "libip6t_hl.so"
default n
help
This module matches the Hop Limit field in the IPv6 header.
config FREETZ_LIB_libip6t_HL
bool "libip6t_HL.so"
default n
help
This is used to modify the Hop Limit field in IPv6 header.
The Hop Limit field is similar to what is known as TTL value in IPv4.
config FREETZ_LIB_libip6t_icmp6
bool "libip6t_icmp6.so"
default y
help
This extension can be used if `--protocol ipv6-icmp' or
`--protocol icmpv6' is specified.
config FREETZ_LIB_libip6t_ipv6header
bool "libip6t_ipv6header.so"
default n
help
This module matches IPv6 extension headers and/or upper layer header.
config FREETZ_LIB_libip6t_LOG
bool "libip6t_LOG.so"
default n
help
Turn on kernel logging of matching packets. When this option is set
for a rule, the Linux kernel will print some information on all
matching packets (like most IPv6 IPv6-header fields) via the kernel log
(where it can be read with dmesg or syslogd (8)).
config FREETZ_LIB_libip6t_mh
bool "libip6t_mh.so"
default n
help
This extension is loaded if `--protocol ipv6-mh' or `--protocol mh' is
specified.
config FREETZ_LIB_libip6t_REJECT
bool "libip6t_REJECT.so"
default n
help
This is used to send back an error packet in response to the matched
packet: otherwise it is equivalent to DROP so it is a terminating
TARGET, ending rule traversal.
config FREETZ_LIB_libip6t_rt
bool "libip6t_rt.so"
default n
help
Match on IPv6 routing header.
endmenu
endifIptables config.in.modules:
Code:
if FREETZ_KERNEL_VERSION_2_6_13
config FREETZ_PACKAGE_IPTABLES_STANDARD_MODULES
bool
default n
depends on FREETZ_PACKAGE_IPTABLES
# Activate group menus for modules and libs before selecting sub-entries
select FREETZ_PACKAGE_IPTABLES_KERNEL_MODULES
select FREETZ_PACKAGE_IPTABLES_SHARED_LIBS if ! FREETZ_PACKAGE_IPTABLES_STATIC
# Kernel modules
select FREETZ_MODULE_ip_tables
select FREETZ_MODULE_ip_conntrack
select FREETZ_MODULE_ip_conntrack_ftp
select FREETZ_MODULE_iptable_filter
select FREETZ_MODULE_ipt_iprange
select FREETZ_MODULE_ipt_LOG
select FREETZ_MODULE_ipt_mac
select FREETZ_MODULE_ipt_multiport
select FREETZ_MODULE_ipt_state
select FREETZ_MODULE_iptable_nat
select FREETZ_MODULE_ipt_MASQUERADE
select FREETZ_MODULE_ipt_REDIRECT
select FREETZ_MODULE_ipt_REJECT
# Shared libs
select FREETZ_LIB_libxt_iprange
select FREETZ_LIB_libipt_LOG
select FREETZ_LIB_libxt_mac
select FREETZ_LIB_libxt_multiport
select FREETZ_LIB_libxt_standard
select FREETZ_LIB_libxt_state
select FREETZ_LIB_libxt_tcp
select FREETZ_LIB_libxt_udp
select FREETZ_LIB_libipt_DNAT
select FREETZ_LIB_libipt_SNAT
select FREETZ_LIB_libipt_MASQUERADE
select FREETZ_LIB_libipt_REDIRECT
endif
if FREETZ_KERNEL_VERSION_2_6_19
config FREETZ_PACKAGE_IPTABLES_STANDARD_MODULES
bool
default n
depends on FREETZ_PACKAGE_IPTABLES
# Activate group menus for modules and libs before selecting sub-entries
select FREETZ_PACKAGE_IPTABLES_KERNEL_MODULES
select FREETZ_PACKAGE_IPTABLES_SHARED_LIBS if ! FREETZ_PACKAGE_IPTABLES_STATIC
# Kernel modules
select FREETZ_MODULE_ip_tables
select FREETZ_MODULE_ip_conntrack
select FREETZ_MODULE_ip_conntrack_ftp
select FREETZ_MODULE_ip_nat
select FREETZ_MODULE_ip_nat_ftp
select FREETZ_MODULE_iptable_filter
select FREETZ_MODULE_ipt_REJECT
select FREETZ_MODULE_ipt_iprange
select FREETZ_MODULE_ipt_LOG
select FREETZ_MODULE_iptable_nat
select FREETZ_MODULE_ipt_MASQUERADE
select FREETZ_MODULE_ipt_REDIRECT
select FREETZ_MODULE_xt_mac
select FREETZ_MODULE_xt_multiport
select FREETZ_MODULE_xt_state
select FREETZ_MODULE_xt_conntrack
select FREETZ_MODULE_xt_length
select FREETZ_MODULE_xt_limit
select FREETZ_MODULE_xt_mark
select FREETZ_MODULE_xt_MARK
select FREETZ_MODULE_xt_pkttype
select FREETZ_MODULE_xt_physdev
select FREETZ_MODULE_xt_tcpudp
# Shared libs
select FREETZ_LIB_libxt_CLASSIFY
select FREETZ_LIB_libxt_connbytes
select FREETZ_LIB_libxt_connmark
select FREETZ_LIB_libxt_CONNMARK
select FREETZ_LIB_libxt_conntrack
select FREETZ_LIB_libxt_iprange
select FREETZ_LIB_libxt_length
select FREETZ_LIB_libxt_limit
select FREETZ_LIB_libxt_mac
select FREETZ_LIB_libxt_mark
select FREETZ_LIB_libxt_MARK
select FREETZ_LIB_libxt_multiport
select FREETZ_LIB_libxt_physdev
select FREETZ_LIB_libxt_pkttype
select FREETZ_LIB_libxt_standard
select FREETZ_LIB_libxt_state
select FREETZ_LIB_libxt_TCPMSS
select FREETZ_LIB_libxt_tcp
select FREETZ_LIB_libxt_udp
select FREETZ_LIB_libipt_addrtype
select FREETZ_LIB_libipt_DNAT
select FREETZ_LIB_libipt_icmp
select FREETZ_LIB_libipt_LOG
select FREETZ_LIB_libipt_MASQUERADE
select FREETZ_LIB_libipt_REDIRECT
select FREETZ_LIB_libipt_REJECT
select FREETZ_LIB_libipt_SNAT
select FREETZ_LIB_libipt_ULOG
endif
if FREETZ_KERNEL_VERSION_2_6_28
config FREETZ_PACKAGE_IPTABLES_STANDARD_MODULES
bool
default n
depends on FREETZ_PACKAGE_IPTABLES
# Activate group menus for modules and libs before selecting sub-entries
select FREETZ_PACKAGE_IPTABLES_KERNEL_MODULES
select FREETZ_PACKAGE_IPTABLES_SHARED_LIBS if ! FREETZ_PACKAGE_IPTABLES_STATIC
# Kernel modules
select FREETZ_MODULE_ip_tables
select FREETZ_MODULE_nf_conntrack
select FREETZ_MODULE_nf_conntrack_ftp
select FREETZ_MODULE_nf_nat
select FREETZ_MODULE_nf_nat_ftp
select FREETZ_MODULE_iptable_filter
select FREETZ_MODULE_ipt_REJECT
select FREETZ_MODULE_ipt_LOG
select FREETZ_MODULE_iptable_nat
#select FREETZ_MODULE_ipt_MASQUERADE
select FREETZ_MODULE_xt_mac
select FREETZ_MODULE_xt_multiport
select FREETZ_MODULE_xt_iprange
select FREETZ_MODULE_xt_length
select FREETZ_MODULE_xt_limit
select FREETZ_MODULE_xt_mark
select FREETZ_MODULE_xt_MARK
select FREETZ_MODULE_xt_pkttype
select FREETZ_MODULE_xt_physdev
select FREETZ_MODULE_xt_tcpudp
# Shared libs
select FREETZ_LIB_libxt_CLASSIFY
select FREETZ_LIB_libxt_connbytes
select FREETZ_LIB_libxt_connmark
select FREETZ_LIB_libxt_CONNMARK
select FREETZ_LIB_libxt_conntrack
select FREETZ_LIB_libxt_iprange
select FREETZ_LIB_libxt_length
select FREETZ_LIB_libxt_limit
select FREETZ_LIB_libxt_mac
select FREETZ_LIB_libxt_mark
select FREETZ_LIB_libxt_MARK
select FREETZ_LIB_libxt_multiport
select FREETZ_LIB_libxt_physdev
select FREETZ_LIB_libxt_pkttype
select FREETZ_LIB_libxt_standard
select FREETZ_LIB_libxt_state
select FREETZ_LIB_libxt_TCPMSS
select FREETZ_LIB_libxt_tcp
select FREETZ_LIB_libxt_udp
select FREETZ_LIB_libipt_addrtype
select FREETZ_LIB_libipt_DNAT
select FREETZ_LIB_libipt_icmp
select FREETZ_LIB_libipt_LOG
select FREETZ_LIB_libipt_MASQUERADE
select FREETZ_LIB_libipt_REDIRECT
select FREETZ_LIB_libipt_REJECT
select FREETZ_LIB_libipt_SNAT
select FREETZ_LIB_libipt_ULOG
endif
if FREETZ_KERNEL_VERSION_2_6_32
config FREETZ_PACKAGE_IPTABLES_STANDARD_MODULES
bool
default n
depends on FREETZ_PACKAGE_IPTABLES
# Activate group menus for modules and libs before selecting sub-entries
select FREETZ_PACKAGE_IPTABLES_KERNEL_MODULES
select FREETZ_PACKAGE_IPTABLES_SHARED_LIBS if ! FREETZ_PACKAGE_IPTABLES_STATIC
# Kernel modules
select FREETZ_MODULE_ip_tables
#select FREETZ_MODULE_nf_conntrack
#select FREETZ_MODULE_nf_conntrack_ftp
#select FREETZ_MODULE_nf_nat
#select FREETZ_MODULE_nf_nat_ftp
select FREETZ_MODULE_iptable_filter
select FREETZ_MODULE_ipt_REJECT
select FREETZ_MODULE_ipt_LOG
#select FREETZ_MODULE_iptable_nat
#select FREETZ_MODULE_ipt_MASQUERADE
select FREETZ_MODULE_xt_mac
select FREETZ_MODULE_xt_multiport
select FREETZ_MODULE_xt_iprange
select FREETZ_MODULE_xt_length
select FREETZ_MODULE_xt_limit
select FREETZ_MODULE_xt_mark
select FREETZ_MODULE_xt_MARK
select FREETZ_MODULE_xt_pkttype
select FREETZ_MODULE_xt_physdev
select FREETZ_MODULE_xt_tcpudp
# Shared libs
select FREETZ_LIB_libxt_CLASSIFY
select FREETZ_LIB_libxt_connbytes
select FREETZ_LIB_libxt_connmark
select FREETZ_LIB_libxt_CONNMARK
#select FREETZ_LIB_libxt_conntrack
select FREETZ_LIB_libxt_iprange
select FREETZ_LIB_libxt_length
select FREETZ_LIB_libxt_limit
select FREETZ_LIB_libxt_mac
select FREETZ_LIB_libxt_mark
select FREETZ_LIB_libxt_MARK
select FREETZ_LIB_libxt_multiport
select FREETZ_LIB_libxt_physdev
select FREETZ_LIB_libxt_pkttype
select FREETZ_LIB_libxt_standard
select FREETZ_LIB_libxt_state
select FREETZ_LIB_libxt_TCPMSS
select FREETZ_LIB_libxt_tcp
select FREETZ_LIB_libxt_udp
select FREETZ_LIB_libipt_addrtype
select FREETZ_LIB_libipt_DNAT
select FREETZ_LIB_libipt_icmp
select FREETZ_LIB_libipt_LOG
select FREETZ_LIB_libipt_MASQUERADE
select FREETZ_LIB_libipt_REDIRECT
select FREETZ_LIB_libipt_REJECT
select FREETZ_LIB_libipt_SNAT
select FREETZ_LIB_libipt_ULOG
endifMit diesen Configs kannst Du im make menuconfig Iptables (wieder) auswählen, die von Dir benötigten Module werden nachladbar (<M>) gebaut (nf_conntrack, nf_nat) und können mittels modprobe geladen werden. Die Box bootet dann normal durch und lädt die Module. Zumindest bei mir läuft sie dann auch stabil weiter. Erste Einschränkungen kommen dann z.B. bei der VoIP-Telefonie dahingehend, daß die Gespräche entweder abbrechen oder unterirdische Qualität haben. Das muß allerdings nicht zwingend an den geladenen Modulen liegen, sondern könnte an fehlenden Port-Regeln für die VoIP-Telefonie liegen. Nochmal: lege Dir unbedingt vor dem Testen ausreichende Backups der Boxconfigs an und beschaffe Dir ein geeignetes Recover-Image.
Grüße,
JD.
Zuletzt bearbeitet:
Ok, mit ein wenig Verspätung komme ich zu folgendem Ergebnis: Mit diesen Configs werden alle benötigten Kernel Module gebaut - Ohne Fehler.Jedoch erhalte ich beim insmod von nf_conntrack.ko folgende Fehlermeldung bzgl. fehlender Symbole:[ 892.430000] nf_conntrack: Unknown symbol nf_conntrack_destroy[ 892.430000] nf_conntrack: Unknown symbol nf_ct_destroy[ 892.440000] nf_conntrack: Unknown symbol ip_ct_attachDie fehlenden Symbole (aus ./source/kernel/ref-vr9-7490_06.30/linux-2.6.32/net/netfilter/core.c) werden nicht mit übersetzt, so scheint es mir.Jedenfalls gibt ein `objdump -x ./source/kernel/ref-vr9-7490_06.30/linux-2.6.32/net/netfilter/nf_conntrack.ko` keine dieser fehlenden Symbole aus.Oder befinden sich diese in einem anderen Kernel Modul, welches ich übersehen habe?
- - - Aktualisiert - - -
Ok, mit ein wenig Verspätung komme ich zu folgendem Ergebnis: Mit diesen Configs werden alle benötigten Kernel Module gebaut - Ohne Fehler. Jedoch erhalte ich beim insmod von nf_conntrack.ko folgende Fehlermeldung bzgl. fehlender Symbole: nf_conntrack: Unknown symbol nf_conntrack_destroy nf_conntrack: Unknown symbol nf_ct_destroy nf_conntrack: Unknown symbol ip_ct_attach. Die fehlenden Symbole (aus ./source/kernel/ref-vr9-7490_06.30/linux-2.6.32/net/netfilter/core.c) werden nicht mit übersetzt, so scheint es mir. Jedenfalls gibt ein `objdump -x ./source/kernel/ref-vr9-7490_06.30/linux-2.6.32/net/netfilter/nf_conntrack.ko` keine dieser fehlenden Symbole aus. Oder befinden sich diese in einem anderen Kernel Modul, welches ich übersehen habe?
- - - Aktualisiert - - -
Ok, mit ein wenig Verspätung komme ich zu folgendem Ergebnis: Mit diesen Configs werden alle benötigten Kernel Module gebaut - Ohne Fehler. Jedoch erhalte ich beim insmod von nf_conntrack.ko folgende Fehlermeldung bzgl. fehlender Symbole: nf_conntrack: Unknown symbol nf_conntrack_destroy nf_conntrack: Unknown symbol nf_ct_destroy nf_conntrack: Unknown symbol ip_ct_attach. Die fehlenden Symbole (aus ./source/kernel/ref-vr9-7490_06.30/linux-2.6.32/net/netfilter/core.c) werden nicht mit übersetzt, so scheint es mir. Jedenfalls gibt ein `objdump -x ./source/kernel/ref-vr9-7490_06.30/linux-2.6.32/net/netfilter/nf_conntrack.ko` keine dieser fehlenden Symbole aus. Oder befinden sich diese in einem anderen Kernel Modul, welches ich übersehen habe?
Zunächst kleine Bitte: Packe die Fehlermeldungen bitte in Code-Tags, sie sind so einfach besser lesbar.
Zum Inhalt: In der Kernel-Config steht doch
,
d.h., daß das Modul doch schon "fest im Kernel" eingebaut ist und nicht mehr installiert, sondern nur noch geladen werden muss ....
Versuche doch statt dem insmod mal ein
Zum Inhalt: In der Kernel-Config steht doch
Code:
CONFIG_NF_CONNTRACK=md.h., daß das Modul doch schon "fest im Kernel" eingebaut ist und nicht mehr installiert, sondern nur noch geladen werden muss ....
Versuche doch statt dem insmod mal ein
Code:
modprobe nf_conntrackSoweit ich weiß bedeutet:
nur, dass ein entsprechendes Kernel Modul `gebaut` werden soll, nicht jedoch das `fest in den Kernel einbauen`.Und bei:
erhalte ich den gleichen Fehler:
Code:
CONFIG_NF_CONNTRACK=m
Code:
modprobe nf_conntrack
Code:
[12188.480000] nf_conntrack: Unknown symbol nf_conntrack_destroy[12188.480000] nf_conntrack: Unknown symbol nf_ct_destroy[12188.490000] nf_conntrack: Unknown symbol ip_ct_attachStimmt, mein Fehler.
Die Fehlermeldung deutet allerdings auf ein generelles Problem mit dem gebauten Modul nf_conntrack hin:
Kannst Du mal das komplette Log posten ?
Welche FW-Basis verwendest Du (6.?) ?
Gab es beim Bauen irgendwo Fehler ? Auch hier wären Logs hilfreich.
Die Fehlermeldung deutet allerdings auf ein generelles Problem mit dem gebauten Modul nf_conntrack hin:
Code:
Unknown symbol ip_ct_attach...Kannst Du mal das komplette Log posten ?
Welche FW-Basis verwendest Du (6.?) ?
Gab es beim Bauen irgendwo Fehler ? Auch hier wären Logs hilfreich.
Danke für die schnelle Antwort.
Ich benutze eine 7490 mit
Soweit ich weiß, gab es keine Fehler beim bauen. Werde den Vorgang nochmals wiederholen und das Ergebnis in eine Logfile schreiben.
Meinst du die komplette `dmesg` Ausgabe?
Ich benutze eine 7490 mit
Code:
Firmware: 113.06.30 rev30889
Freetz: devel-13963Soweit ich weiß, gab es keine Fehler beim bauen. Werde den Vorgang nochmals wiederholen und das Ergebnis in eine Logfile schreiben.
Meinst du die komplette `dmesg` Ausgabe?
Neueste Beiträge
-
FRITZ!Box 7590 / FRITZ!OS 8.00 vom 31.10.2024- Letzte: Bugs Bunny
-
Fritzbox nicht unter IPv6 erreichbar
- Letzte: H´Sishi
-
Suche Telefonanlage für kleine Kanzlei
- Letzte: ip-phoneforum72
-
Fanvil X7 / IPCam
- Letzte: ip-phoneforum72
-
[Sammlung] FRITZ!Smart Control 440 - Firmware 4.89 - 5.xx- Letzte: stoney
