sergiotarxz/nuttx
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
fe01d7c462
nuttx/net/ipfilter/Kconfig
Zhe Weng f7181676b7 net: Support IP packet filter 
Add a firewall compatible with Linux's iptables and ip6tables, with chains at similar points in the packet processing path.

NIC ─> ipv[46]_input ┬> ipv[46]_forward ─> [FORWARD] ┬> devif_poll_out ─> NIC
                     │                               │
                     │          ┌>  tcp  ┐           │
                     │          ├>  udp  ┤           │
                     └> [INPUT] ┼> icmp  ┼> [OUTPUT] ┘
                                ├> icmp6 ┤
                                └>  ...  ┘

Signed-off-by: Zhe Weng <wengzhe@xiaomi.com>
2024-06-20 09:43:05 +08:00

17 lines
598 B
Plaintext
Raw Blame History

#
# For a description of the syntax of this configuration file,
# see the file kconfig-language.txt in the NuttX tools repository.
#
config NET_IPFILTER
bool "Enable IP packet filter (firewall)"
default n
depends on NET_IPv4 || NET_IPv6
---help---
Enable this option to enable the IP packet filter (firewall).
Our IP packet filter is a netfilter-like packet filter that
operates on the IP (and transport) layer. It is a stateless
packet filter that can be used to filter packets based on
source and destination IP addresses, source and destination
ports, protocol, and interface.
Reference in New Issue View Git Blame Copy Permalink