Connection tracking keeps a record of what packets have passed through your machine, in order to figure out how they are related into connections. This is IPv6 support on Layer 3 independent connection tracking. Layer 3 independent connection tracking is experimental scheme which generalize ip_conntrack to support other layer 3 protocols. To compile it as a module, choose M here. If unsure, say N.
This option adds a queue handler to the kernel for IPv6 packets which enables users to receive the filtered packets with QUEUE target using libipq. This option enables the old IPv6-only "ip6_queue" implementation which has been obsoleted by the new "nfnetlink_queue" code (see CONFIG_NETFILTER_NETLINK_QUEUE). (C) Fernando Anton 2001 IPv64 Project - Work based in IPv64 draft by Arturo Azcorra. Universidad Carlos III de Madrid Universidad Politecnica de Alcala de Henares email: <fanton@it.uc3m.es>. To compile it as a module, choose M here. If unsure, say N.
ip6tables is a general, extensible packet identification framework. Currently only the packet filtering and packet mangling subsystem for IPv6 use this, but connection tracking is going to follow. Say 'Y' or 'M' here if you want to use either of those. To compile it as a module, choose M here. If unsure, say N.
This module allows one to match AH packets. To compile it as a module, choose M here. If unsure, say N.
This module performs checking on the IPv6 source address Compares the last 64 bits with the EUI64 (delivered from the MAC address) address To compile it as a module, choose M here. If unsure, say N.
frag matching allows you to match packets based on the fragmentation header of the packet. To compile it as a module, choose M here. If unsure, say N.
This allows one to match packets based on the hop-by-hop and destination options headers of a packet. To compile it as a module, choose M here. If unsure, say N.
This is a backwards-compat option for the user's convenience (e.g. when running oldconfig). It selects CONFIG_NETFILTER_XT_MATCH_HL.
This module allows one to match packets based upon the ipv6 extension headers. To compile it as a module, choose M here. If unsure, say N.
This module allows one to match MH packets. To compile it as a module, choose M here. If unsure, say N.
rt matching allows you to match packets based on the routing header of the packet. To compile it as a module, choose M here. If unsure, say N.
This is a backwards-compatible option for the user's convenience (e.g. when running oldconfig). It selects CONFIG_NETFILTER_XT_TARGET_HL.
This option adds a `LOG' target, which allows you to create rules in any iptables table which records the packet header to the syslog. To compile it as a module, choose M here. If unsure, say N.
Packet filtering defines a table `filter', which has a series of rules for simple packet filtering at local input, forwarding and local output. See the man page for iptables(8). To compile it as a module, choose M here. If unsure, say N.
The REJECT target allows a filtering rule to specify that an ICMPv6 error should be issued in response to an incoming packet, rather than silently being dropped. To compile it as a module, choose M here. If unsure, say N.
This option adds a `mangle' table to iptables: see the man page for iptables(8). This table is used for various packet alterations which can effect how the packet is routed. To compile it as a module, choose M here. If unsure, say N.
This option adds a `raw' table to ip6tables. This table is the very first in the netfilter framework and hooks in at the PREROUTING and OUTPUT chains. If you want to compile it as a module, say M here and read <file:Documentation/kbuild/modules.txt>. If unsure, say `N'.
This option adds a `security' table to iptables, for use with Mandatory Access Control (MAC) policy. If unsure, say N.