blob: fd468ae8369c87e5d5ae3b55cf84d4a1c0506ab4 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
|
## SECTION=networking
menuconfig NFTABLES
tristate
prompt "nftables "
select LIBGMP if !NFTABLES_MGMP
select READLINE
select LIBMNL
select LIBNFTNL
help
nftables is the project that aims to replace the existing
{ip,ip6,arp,eb}tables framework. Basically, this project provides
a new packet filtering framework, a new userspace utility and also
a compatibility layer for {ip,ip6}tables. nftables is built upon
the building blocks of the Netfilter infrastructure such as the
existing hooks, the connection tracking system, the userspace
queueing component and the logging subsystem.
Don't forget to enable nf_tables in kernel.
if NFTABLES
config NFTABLES_DEBUG
bool
default y
prompt "enable debug"
config NFTABLES_MGMP
bool
prompt "use mini-GMP"
help
use the nftables built-in mini-GMP instead of linking to the shared
libgmp. (may reduce debugging verbosity on some files)
config NFTABLES_STARTSCRIPT
bool
depends on INITMETHOD_BBINIT
prompt "install /etc/init.d/nftables"
config NFTABLES_SYSTEMD_UNIT
bool
default y
depends on INITMETHOD_SYSTEMD
prompt "install systemd unit file for nftables"
endif
|