Loading...
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 | # SPDX-License-Identifier: GPL-2.0-only menuconfig IP_SET tristate "IP set support" depends on INET && NETFILTER select NETFILTER_NETLINK help This option adds IP set support to the kernel. In order to define and use the sets, you need the userspace utility ipset(8). You can use the sets in netfilter via the "set" match and "SET" target. To compile it as a module, choose M here. If unsure, say N. if IP_SET config IP_SET_MAX int "Maximum number of IP sets" default 256 range 2 65534 depends on IP_SET help You can define here default value of the maximum number of IP sets for the kernel. The value can be overridden by the 'max_sets' module parameter of the 'ip_set' module. config IP_SET_BITMAP_IP tristate "bitmap:ip set support" depends on IP_SET help This option adds the bitmap:ip set type support, by which one can store IPv4 addresses (or network addresses) from a range. To compile it as a module, choose M here. If unsure, say N. config IP_SET_BITMAP_IPMAC tristate "bitmap:ip,mac set support" depends on IP_SET help This option adds the bitmap:ip,mac set type support, by which one can store IPv4 address and (source) MAC address pairs from a range. To compile it as a module, choose M here. If unsure, say N. config IP_SET_BITMAP_PORT tristate "bitmap:port set support" depends on IP_SET help This option adds the bitmap:port set type support, by which one can store TCP/UDP port numbers from a range. To compile it as a module, choose M here. If unsure, say N. config IP_SET_HASH_IP tristate "hash:ip set support" depends on IP_SET help This option adds the hash:ip set type support, by which one can store arbitrary IPv4 or IPv6 addresses (or network addresses) in a set. To compile it as a module, choose M here. If unsure, say N. config IP_SET_HASH_IPMARK tristate "hash:ip,mark set support" depends on IP_SET help This option adds the hash:ip,mark set type support, by which one can store IPv4/IPv6 address and mark pairs. To compile it as a module, choose M here. If unsure, say N. config IP_SET_HASH_IPPORT tristate "hash:ip,port set support" depends on IP_SET help This option adds the hash:ip,port set type support, by which one can store IPv4/IPv6 address and protocol/port pairs. To compile it as a module, choose M here. If unsure, say N. config IP_SET_HASH_IPPORTIP tristate "hash:ip,port,ip set support" depends on IP_SET help This option adds the hash:ip,port,ip set type support, by which one can store IPv4/IPv6 address, protocol/port, and IPv4/IPv6 address triples in a set. To compile it as a module, choose M here. If unsure, say N. config IP_SET_HASH_IPPORTNET tristate "hash:ip,port,net set support" depends on IP_SET help This option adds the hash:ip,port,net set type support, by which one can store IPv4/IPv6 address, protocol/port, and IPv4/IPv6 network address/prefix triples in a set. To compile it as a module, choose M here. If unsure, say N. config IP_SET_HASH_IPMAC tristate "hash:ip,mac set support" depends on IP_SET help This option adds the hash:ip,mac set type support, by which one can store IPv4/IPv6 address and MAC (ethernet address) pairs in a set. To compile it as a module, choose M here. If unsure, say N. config IP_SET_HASH_MAC tristate "hash:mac set support" depends on IP_SET help This option adds the hash:mac set type support, by which one can store MAC (ethernet address) elements in a set. To compile it as a module, choose M here. If unsure, say N. config IP_SET_HASH_NETPORTNET tristate "hash:net,port,net set support" depends on IP_SET help This option adds the hash:net,port,net set type support, by which one can store two IPv4/IPv6 subnets, and a protocol/port in a set. To compile it as a module, choose M here. If unsure, say N. config IP_SET_HASH_NET tristate "hash:net set support" depends on IP_SET help This option adds the hash:net set type support, by which one can store IPv4/IPv6 network address/prefix elements in a set. To compile it as a module, choose M here. If unsure, say N. config IP_SET_HASH_NETNET tristate "hash:net,net set support" depends on IP_SET help This option adds the hash:net,net set type support, by which one can store IPv4/IPv6 network address/prefix pairs in a set. To compile it as a module, choose M here. If unsure, say N. config IP_SET_HASH_NETPORT tristate "hash:net,port set support" depends on IP_SET help This option adds the hash:net,port set type support, by which one can store IPv4/IPv6 network address/prefix and protocol/port pairs as elements in a set. To compile it as a module, choose M here. If unsure, say N. config IP_SET_HASH_NETIFACE tristate "hash:net,iface set support" depends on IP_SET help This option adds the hash:net,iface set type support, by which one can store IPv4/IPv6 network address/prefix and interface name pairs as elements in a set. To compile it as a module, choose M here. If unsure, say N. config IP_SET_LIST_SET tristate "list:set set support" depends on IP_SET help This option adds the list:set set type support. In this kind of set one can store the name of other sets and it forms an ordered union of the member sets. To compile it as a module, choose M here. If unsure, say N. endif # IP_SET |