[yocto] [PATCH][yocto-kernel-cache] netfilter: enable several netfilter options
rongqing.li at windriver.com
rongqing.li at windriver.com
Wed Nov 25 21:25:49 PST 2015
From: Roy Li <rongqing.li at windriver.com>
the below kernel options are enabled:
LOG target support
IPv6 connection tracking support,
"addrtype" address type match support
"recent" match support
the default configuration of ufw(Uncomplicated Firewall) asked them.
Signed-off-by: Roy Li <rongqing.li at windriver.com>
---
features/netfilter/netfilter.cfg | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/features/netfilter/netfilter.cfg b/features/netfilter/netfilter.cfg
index 8ecef4a..7bb8490 100644
--- a/features/netfilter/netfilter.cfg
+++ b/features/netfilter/netfilter.cfg
@@ -62,12 +62,16 @@ CONFIG_NETFILTER_XT_MATCH_STATISTIC=m
CONFIG_NETFILTER_XT_MATCH_STRING=m
CONFIG_NETFILTER_XT_MATCH_TCPMSS=m
CONFIG_NETFILTER_XT_MATCH_U32=m
+CONFIG_NETFILTER_XT_MATCH_ADDRTYPE=m
+CONFIG_NETFILTER_XT_MATCH_RECENT=m
+CONFIG_NETFILTER_XT_TARGET_LOG=m
#
# IP: Netfilter Configuration
#
CONFIG_NF_DEFRAG_IPV4=m
CONFIG_NF_CONNTRACK_IPV4=m
+CONFIG_NF_CONNTRACK_IPV6=m
CONFIG_NF_CONNTRACK_PROC_COMPAT=y
CONFIG_IP_NF_IPTABLES=m
CONFIG_IP_NF_MATCH_AH=m
--
1.9.1
More information about the yocto
mailing list