Initial commit.

Populate the iptables-addons repository with two modules, xt_TARPIT
and xt_TEE, as a starting point.

Signed-off-by: Jan Engelhardt <jengelh@computergmbh.de>

extensions/xt_TARPIT.Kconfig

@@ -0,0 +1,16 @@
+config NETFILTER_XT_TARGET_TARPIT
+	tristate '"TARPIT" target support'
+	depends on NETFILTER_XTABLES
+	---help---
+	Adds a TARPIT target to iptables, which captures and holds incoming TCP
+	connections using no local per-connection resources. Connections are
+	accepted, but immediately switched to the persist state (0 byte
+	window), in which the remote side stops sending data and asks to
+	continue every 60-240 seconds. Attempts to close the connection are
+	ignored, forcing the remote side to time out the connection in 12-24
+	minutes.
+
+	This offers similar functionality to LaBrea
+	<http://www.hackbusters.net/LaBrea/>, but does not require dedicated
+	hardware or IPs. Any TCP port that you would normally DROP or REJECT
+	can instead become a tar pit.