From f9c1ee214aa51987a88098897d178853e3c4deb5 Mon Sep 17 00:00:00 2001 From: Kolan Sh Date: Tue, 23 Dec 2014 23:23:11 +0300 Subject: [PATCH] xeon: more advanced netfilter features enabled. --- config.xeon | 23 ++++++++++++----------- 1 file changed, 12 insertions(+), 11 deletions(-) diff --git a/config.xeon b/config.xeon index b884924..74fb026 100644 --- a/config.xeon +++ b/config.xeon @@ -1,6 +1,6 @@ # # Automatically generated file; DO NOT EDIT. -# Linux/x86 3.17.7-hardened Kernel Configuration +# Linux/x86 3.17.7-hardened-r1 Kernel Configuration # CONFIG_64BIT=y CONFIG_X86_64=y @@ -378,8 +378,6 @@ CONFIG_X86_MCE_INTEL=y CONFIG_X86_MCE_THRESHOLD=y # CONFIG_X86_MCE_INJECT is not set CONFIG_X86_THERMAL_VECTOR=y -CONFIG_X86_16BIT=y -CONFIG_X86_ESPFIX64=y # CONFIG_I8K is not set CONFIG_MICROCODE=m CONFIG_MICROCODE_INTEL=y @@ -685,10 +683,12 @@ CONFIG_BRIDGE_NETFILTER=y # # Core Netfilter Configuration # +CONFIG_NETFILTER_NETLINK=m # CONFIG_NETFILTER_NETLINK_ACCT is not set # CONFIG_NETFILTER_NETLINK_QUEUE is not set -# CONFIG_NETFILTER_NETLINK_LOG is not set +CONFIG_NETFILTER_NETLINK_LOG=m CONFIG_NF_CONNTRACK=y +CONFIG_NF_LOG_COMMON=m # CONFIG_NF_CONNTRACK_MARK is not set CONFIG_NF_CONNTRACK_PROCFS=y # CONFIG_NF_CONNTRACK_EVENTS is not set @@ -729,7 +729,7 @@ CONFIG_NETFILTER_XT_MARK=m # Xtables targets # # CONFIG_NETFILTER_XT_TARGET_AUDIT is not set -# CONFIG_NETFILTER_XT_TARGET_CHECKSUM is not set +CONFIG_NETFILTER_XT_TARGET_CHECKSUM=m # CONFIG_NETFILTER_XT_TARGET_CLASSIFY is not set # CONFIG_NETFILTER_XT_TARGET_CONNMARK is not set # CONFIG_NETFILTER_XT_TARGET_CT is not set @@ -738,11 +738,11 @@ CONFIG_NETFILTER_XT_TARGET_HL=m # CONFIG_NETFILTER_XT_TARGET_HMARK is not set # CONFIG_NETFILTER_XT_TARGET_IDLETIMER is not set # CONFIG_NETFILTER_XT_TARGET_LED is not set -# CONFIG_NETFILTER_XT_TARGET_LOG is not set +CONFIG_NETFILTER_XT_TARGET_LOG=m CONFIG_NETFILTER_XT_TARGET_MARK=m CONFIG_NETFILTER_XT_NAT=m CONFIG_NETFILTER_XT_TARGET_NETMAP=m -# CONFIG_NETFILTER_XT_TARGET_NFLOG is not set +CONFIG_NETFILTER_XT_TARGET_NFLOG=m # CONFIG_NETFILTER_XT_TARGET_NFQUEUE is not set # CONFIG_NETFILTER_XT_TARGET_NOTRACK is not set # CONFIG_NETFILTER_XT_TARGET_RATEEST is not set @@ -779,12 +779,13 @@ CONFIG_NETFILTER_XT_MATCH_HL=m # CONFIG_NETFILTER_XT_MATCH_IPCOMP is not set # CONFIG_NETFILTER_XT_MATCH_IPRANGE is not set # CONFIG_NETFILTER_XT_MATCH_L2TP is not set -# CONFIG_NETFILTER_XT_MATCH_LENGTH is not set +CONFIG_NETFILTER_XT_MATCH_LENGTH=m CONFIG_NETFILTER_XT_MATCH_LIMIT=m # CONFIG_NETFILTER_XT_MATCH_MAC is not set CONFIG_NETFILTER_XT_MATCH_MARK=m CONFIG_NETFILTER_XT_MATCH_MULTIPORT=m # CONFIG_NETFILTER_XT_MATCH_NFACCT is not set +# CONFIG_NETFILTER_XT_MATCH_OSF is not set # CONFIG_NETFILTER_XT_MATCH_OWNER is not set # CONFIG_NETFILTER_XT_MATCH_POLICY is not set CONFIG_NETFILTER_XT_MATCH_PHYSDEV=m @@ -810,8 +811,8 @@ CONFIG_NETFILTER_XT_MATCH_STATE=m CONFIG_NF_DEFRAG_IPV4=m CONFIG_NF_CONNTRACK_IPV4=m CONFIG_NF_CONNTRACK_PROC_COMPAT=y -# CONFIG_NF_LOG_ARP is not set -# CONFIG_NF_LOG_IPV4 is not set +CONFIG_NF_LOG_ARP=m +CONFIG_NF_LOG_IPV4=m CONFIG_NF_NAT_IPV4=m # CONFIG_NF_NAT_PPTP is not set # CONFIG_NF_NAT_H323 is not set @@ -839,7 +840,7 @@ CONFIG_IP_NF_MANGLE=m # CONFIG_NF_DEFRAG_IPV6=m CONFIG_NF_CONNTRACK_IPV6=m -# CONFIG_NF_LOG_IPV6 is not set +CONFIG_NF_LOG_IPV6=m # CONFIG_NF_NAT_IPV6 is not set CONFIG_IP6_NF_IPTABLES=m CONFIG_IP6_NF_MATCH_AH=m