diff options
author | Felix Fietkau <nbd@openwrt.org> | 2014-11-03 22:01:45 +0000 |
---|---|---|
committer | Felix Fietkau <nbd@openwrt.org> | 2014-11-03 22:01:45 +0000 |
commit | 9a2cf10c33e30b89083ac48e2777cc06f899aee7 (patch) | |
tree | 349d2acd8cd91b93b728b59b0c1216e8782651f9 /package/kernel/linux | |
parent | 2c72ffc154c70b371a93f179587d899bbba921ca (diff) | |
download | mtk-20170518-9a2cf10c33e30b89083ac48e2777cc06f899aee7.zip mtk-20170518-9a2cf10c33e30b89083ac48e2777cc06f899aee7.tar.gz mtk-20170518-9a2cf10c33e30b89083ac48e2777cc06f899aee7.tar.bz2 |
netfilter: Enable compiling iptables match cluster
This patch adds the userspace and kernelspace for
- match NETFILTER_XT_MATCH_CLUSTER
This match can be used to deploy gateway and back-end load-sharing clusters.
- target IP_NF_TARGET_CLUSTERIP
This module allows you to configure a simple cluster of nodes
that share a certain IP and MAC address
without an explicit load balancer in front of them.
Connections are statically distributed between the nodes in this cluster.
This is used i.e. by strongswan-ha.
Signed-off-by: Christian Scheele <cs@embedd.com>
SVN-Revision: 43174
Diffstat (limited to 'package/kernel/linux')
-rw-r--r-- | package/kernel/linux/modules/netfilter.mk | 48 |
1 files changed, 48 insertions, 0 deletions
diff --git a/package/kernel/linux/modules/netfilter.mk b/package/kernel/linux/modules/netfilter.mk index 7621c7f..2cb769d 100644 --- a/package/kernel/linux/modules/netfilter.mk +++ b/package/kernel/linux/modules/netfilter.mk @@ -496,6 +496,54 @@ endef $(eval $(call KernelPackage,ipt-iprange)) +define KernelPackage/ipt-cluster + TITLE:=Module for matching cluster + KCONFIG:=$(KCONFIG_IPT_CLUSTER) + FILES:=$(foreach mod,$(IPT_CLUSTER-m),$(LINUX_DIR)/net/$(mod).ko) + AUTOLOAD:=$(call AutoProbe,$(notdir $(IPT_CLUSTER-m))) + $(call AddDepends/ipt) +endef + +define KernelPackage/ipt-cluster/description + Netfilter (IPv4/IPv6) module for matching cluster + This option allows you to build work-load-sharing clusters of + network servers/stateful firewalls without having a dedicated + load-balancing router/server/switch. Basically, this match returns + true when the packet must be handled by this cluster node. Thus, + all nodes see all packets and this match decides which node handles + what packets. The work-load sharing algorithm is based on source + address hashing. + + This module is usable for ipv4 and ipv6. + + To use it also enable iptables-mod-cluster + + see `iptables -m cluster --help` for more information. +endef + +$(eval $(call KernelPackage,ipt-cluster)) + +define KernelPackage/ipt-clusterip + TITLE:=Module for CLUSTERIP + KCONFIG:=$(KCONFIG_IPT_CLUSTERIP) + FILES:=$(foreach mod,$(IPT_CLUSTERIP-m),$(LINUX_DIR)/net/$(mod).ko) + AUTOLOAD:=$(call AutoProbe,$(notdir $(IPT_CLUSTERIP-m))) + $(call AddDepends/ipt,+kmod-nf-conntrack) +endef + +define KernelPackage/ipt-clusterip/description + Netfilter (IPv4-only) module for CLUSTERIP + The CLUSTERIP target allows you to build load-balancing clusters of + network servers without having a dedicated load-balancing + router/server/switch. + + To use it also enable iptables-mod-clusterip + + see `iptables -j CLUSTERIP --help` for more information. +endef + +$(eval $(call KernelPackage,ipt-clusterip)) + define KernelPackage/ipt-extra TITLE:=Extra modules |