diff options
| author |   Pablo Neira Ayuso <pablo@netfilter.org> | 2018-01-07 01:04:15 +0100 |
|---|---|---|
| committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2018-01-08 18:11:08 +0100 |
| commit | 97add9f0d66da9898da325f84e80533db9cc0ced (patch) | |
| tree | 3391d184c371884e38a0483655cb167b23c2e488 /net/ipv4/netfilter/Kconfig | |
| parent | netfilter: add generic flow table infrastructure (diff) | |
| download | linux-dev-97add9f0d66da9898da325f84e80533db9cc0ced.tar.xz linux-dev-97add9f0d66da9898da325f84e80533db9cc0ced.zip | |
netfilter: flow table support for IPv4
This patch adds the IPv4 flow table type, that implements the datapath
flow table to forward IPv4 traffic. Rationale is:
1) Look up for the packet in the flow table, from the ingress hook.
2) If there's a hit, decrement ttl and pass it on to the neighbour layer
for transmission.
3) If there's a miss, packet is passed up to the classic forwarding
path.
This patch also supports layer 3 source and destination NAT.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'net/ipv4/netfilter/Kconfig')
| -rw-r--r-- | net/ipv4/netfilter/Kconfig | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/net/ipv4/netfilter/Kconfig b/net/ipv4/netfilter/Kconfig index cee51045e2f7..7d5d444964aa 100644 --- a/net/ipv4/netfilter/Kconfig +++ b/net/ipv4/netfilter/Kconfig @@ -78,6 +78,14 @@ config NF_TABLES_ARP endif # NF_TABLES +config NF_FLOW_TABLE_IPV4 + select NF_FLOW_TABLE + tristate "Netfilter flow table IPv4 module" + help + This option adds the flow table IPv4 support. + + To compile it as a module, choose M here. + config NF_DUP_IPV4 tristate "Netfilter IPv4 packet duplication to alternate destination" depends on !NF_CONNTRACK || NF_CONNTRACK |