net/netfilter/Kconfig

Source file repositories/reference/linux-study-clean/net/netfilter/Kconfig

File Facts

System
Linux kernel
Corpus path
net/netfilter/Kconfig
Extension
[no extension]
Size
54664 bytes
Lines
1664
Domain
Networking Core
Bucket
Sockets, Protocols, Packet Path, And Network Policy
Inferred role
Networking Core: build/configuration rule
Status
atlas-only

Why This File Exists

Networking stack implementation surface: socket APIs, protocol dispatch, packet flow, routing, filtering, and network namespaces.

Dependency Surface

Detected Declarations

Annotated Snippet

# SPDX-License-Identifier: GPL-2.0-only
menu "Core Netfilter Configuration"
	depends on INET && NETFILTER

config NETFILTER_INGRESS
	bool "Netfilter ingress support"
	default y
	select NET_INGRESS
	help
	  This allows you to classify packets from ingress using the Netfilter
	  infrastructure.

config NETFILTER_EGRESS
	bool "Netfilter egress support"
	default y
	select NET_EGRESS
	help
	  This allows you to classify packets before transmission using the
	  Netfilter infrastructure.

config NETFILTER_SKIP_EGRESS
	def_bool NETFILTER_EGRESS && (NET_CLS_ACT || IFB)

config NETFILTER_NETLINK
	bool

config NETFILTER_FAMILY_BRIDGE
	bool

config NETFILTER_FAMILY_ARP
	bool

config NETFILTER_BPF_LINK
	def_bool BPF_SYSCALL

config NETFILTER_NETLINK_HOOK
	tristate "Netfilter base hook dump support"
	depends on NETFILTER_ADVANCED
	depends on NF_TABLES
	select NETFILTER_NETLINK
	help
	  If this option is enabled, the kernel will include support
	  to list the base netfilter hooks via NFNETLINK.
	  This is helpful for debugging.

config NETFILTER_NETLINK_ACCT
	tristate "Netfilter NFACCT over NFNETLINK interface"
	depends on NETFILTER_ADVANCED
	select NETFILTER_NETLINK
	help
	  If this option is enabled, the kernel will include support
	  for extended accounting via NFNETLINK.

config NETFILTER_NETLINK_QUEUE
	tristate "Netfilter NFQUEUE over NFNETLINK interface"
	depends on NETFILTER_ADVANCED
	select NETFILTER_NETLINK
	help
	  If this option is enabled, the kernel will include support
	  for queueing packets via NFNETLINK.

config NETFILTER_NETLINK_LOG
	tristate "Netfilter LOG over NFNETLINK interface"
	default m if NETFILTER_ADVANCED=n
	select NETFILTER_NETLINK
	help
	  If this option is enabled, the kernel will include support
	  for logging packets via NFNETLINK.

	  This obsoletes the existing ipt_ULOG and ebg_ulog mechanisms,

Annotation

Implementation Notes