| Jozsef Kadlecsik | a7b4f98 | 2011-02-01 15:28:35 +0100 | [diff] [blame] | 1 | menuconfig IP_SET |
| 2 | tristate "IP set support" |
| 3 | depends on INET && NETFILTER |
| Patrick McHardy | c16e19c | 2011-02-10 10:13:07 +0100 | [diff] [blame] | 4 | depends on NETFILTER_NETLINK |
| Jozsef Kadlecsik | a7b4f98 | 2011-02-01 15:28:35 +0100 | [diff] [blame] | 5 | help |
| 6 | This option adds IP set support to the kernel. |
| 7 | In order to define and use the sets, you need the userspace utility |
| 8 | ipset(8). You can use the sets in netfilter via the "set" match |
| 9 | and "SET" target. |
| 10 | |
| 11 | To compile it as a module, choose M here. If unsure, say N. |
| 12 | |
| 13 | if IP_SET |
| 14 | |
| 15 | config IP_SET_MAX |
| 16 | int "Maximum number of IP sets" |
| 17 | default 256 |
| 18 | range 2 65534 |
| 19 | depends on IP_SET |
| 20 | help |
| 21 | You can define here default value of the maximum number |
| 22 | of IP sets for the kernel. |
| 23 | |
| 24 | The value can be overriden by the 'max_sets' module |
| 25 | parameter of the 'ip_set' module. |
| 26 | |
| Jozsef Kadlecsik | 72205fc | 2011-02-01 15:33:17 +0100 | [diff] [blame] | 27 | config IP_SET_BITMAP_IP |
| 28 | tristate "bitmap:ip set support" |
| 29 | depends on IP_SET |
| 30 | help |
| 31 | This option adds the bitmap:ip set type support, by which one |
| 32 | can store IPv4 addresses (or network addresse) from a range. |
| 33 | |
| 34 | To compile it as a module, choose M here. If unsure, say N. |
| 35 | |
| Jozsef Kadlecsik | de76021 | 2011-02-01 15:35:12 +0100 | [diff] [blame] | 36 | config IP_SET_BITMAP_IPMAC |
| 37 | tristate "bitmap:ip,mac set support" |
| 38 | depends on IP_SET |
| 39 | help |
| 40 | This option adds the bitmap:ip,mac set type support, by which one |
| 41 | can store IPv4 address and (source) MAC address pairs from a range. |
| 42 | |
| 43 | To compile it as a module, choose M here. If unsure, say N. |
| 44 | |
| Jozsef Kadlecsik | 5432619 | 2011-02-01 15:37:04 +0100 | [diff] [blame] | 45 | config IP_SET_BITMAP_PORT |
| 46 | tristate "bitmap:port set support" |
| 47 | depends on IP_SET |
| 48 | help |
| 49 | This option adds the bitmap:port set type support, by which one |
| 50 | can store TCP/UDP port numbers from a range. |
| 51 | |
| 52 | To compile it as a module, choose M here. If unsure, say N. |
| 53 | |
| Jozsef Kadlecsik | 6c02788 | 2011-02-01 15:38:36 +0100 | [diff] [blame] | 54 | config IP_SET_HASH_IP |
| 55 | tristate "hash:ip set support" |
| 56 | depends on IP_SET |
| 57 | help |
| 58 | This option adds the hash:ip set type support, by which one |
| 59 | can store arbitrary IPv4 or IPv6 addresses (or network addresses) |
| 60 | in a set. |
| 61 | |
| 62 | To compile it as a module, choose M here. If unsure, say N. |
| 63 | |
| Jozsef Kadlecsik | 07896ed | 2011-02-01 15:39:52 +0100 | [diff] [blame] | 64 | config IP_SET_HASH_IPPORT |
| 65 | tristate "hash:ip,port set support" |
| 66 | depends on IP_SET |
| 67 | help |
| 68 | This option adds the hash:ip,port set type support, by which one |
| 69 | can store IPv4/IPv6 address and protocol/port pairs. |
| 70 | |
| 71 | To compile it as a module, choose M here. If unsure, say N. |
| 72 | |
| Jozsef Kadlecsik | 5663bc3 | 2011-02-01 15:41:26 +0100 | [diff] [blame] | 73 | config IP_SET_HASH_IPPORTIP |
| 74 | tristate "hash:ip,port,ip set support" |
| 75 | depends on IP_SET |
| 76 | help |
| 77 | This option adds the hash:ip,port,ip set type support, by which |
| 78 | one can store IPv4/IPv6 address, protocol/port, and IPv4/IPv6 |
| 79 | address triples in a set. |
| 80 | |
| 81 | To compile it as a module, choose M here. If unsure, say N. |
| 82 | |
| Jozsef Kadlecsik | 41d22f7 | 2011-02-01 15:51:00 +0100 | [diff] [blame] | 83 | config IP_SET_HASH_IPPORTNET |
| 84 | tristate "hash:ip,port,net set support" |
| 85 | depends on IP_SET |
| 86 | help |
| 87 | This option adds the hash:ip,port,net set type support, by which |
| 88 | one can store IPv4/IPv6 address, protocol/port, and IPv4/IPv6 |
| 89 | network address/prefix triples in a set. |
| 90 | |
| 91 | To compile it as a module, choose M here. If unsure, say N. |
| 92 | |
| Jozsef Kadlecsik | b383702 | 2011-02-01 15:52:54 +0100 | [diff] [blame] | 93 | config IP_SET_HASH_NET |
| 94 | tristate "hash:net set support" |
| 95 | depends on IP_SET |
| 96 | help |
| 97 | This option adds the hash:net set type support, by which |
| 98 | one can store IPv4/IPv6 network address/prefix elements in a set. |
| 99 | |
| 100 | To compile it as a module, choose M here. If unsure, say N. |
| 101 | |
| Jozsef Kadlecsik | 21f4502 | 2011-02-01 15:53:55 +0100 | [diff] [blame] | 102 | config IP_SET_HASH_NETPORT |
| 103 | tristate "hash:net,port set support" |
| 104 | depends on IP_SET |
| 105 | help |
| 106 | This option adds the hash:net,port set type support, by which |
| 107 | one can store IPv4/IPv6 network address/prefix and |
| 108 | protocol/port pairs as elements in a set. |
| 109 | |
| 110 | To compile it as a module, choose M here. If unsure, say N. |
| 111 | |
| Jozsef Kadlecsik | e385357 | 2011-06-16 19:00:48 +0200 | [diff] [blame] | 112 | config IP_SET_HASH_NETIFACE |
| 113 | tristate "hash:net,iface set support" |
| 114 | depends on IP_SET |
| 115 | help |
| 116 | This option adds the hash:net,iface set type support, by which |
| 117 | one can store IPv4/IPv6 network address/prefix and |
| 118 | interface name pairs as elements in a set. |
| 119 | |
| 120 | To compile it as a module, choose M here. If unsure, say N. |
| 121 | |
| Jozsef Kadlecsik | f830837 | 2011-02-01 15:54:59 +0100 | [diff] [blame] | 122 | config IP_SET_LIST_SET |
| 123 | tristate "list:set set support" |
| 124 | depends on IP_SET |
| 125 | help |
| 126 | This option adds the list:set set type support. In this |
| 127 | kind of set one can store the name of other sets and it forms |
| 128 | an ordered union of the member sets. |
| 129 | |
| 130 | To compile it as a module, choose M here. If unsure, say N. |
| 131 | |
| Jozsef Kadlecsik | a7b4f98 | 2011-02-01 15:28:35 +0100 | [diff] [blame] | 132 | endif # IP_SET |