OpenWrt – Blame information for rev 3
?pathlinks?
| Rev | Author | Line No. | Line |
|---|---|---|---|
| 1 | office | 1 | # |
| 2 | # Copyright (C) 2006-2016 OpenWrt.org |
||
| 3 | # |
||
| 4 | # This is free software, licensed under the GNU General Public License v2. |
||
| 5 | # See /LICENSE for more information. |
||
| 6 | # |
||
| 7 | |||
| 8 | include $(TOPDIR)/rules.mk |
||
| 9 | include $(INCLUDE_DIR)/kernel.mk |
||
| 10 | |||
| 11 | PKG_NAME:=iptables |
||
| 3 | office | 12 | PKG_VERSION:=1.6.2 |
| 13 | PKG_RELEASE:=1 |
||
| 1 | office | 14 | |
| 15 | PKG_SOURCE_PROTO:=git |
||
| 16 | PKG_SOURCE_URL:=https://git.netfilter.org/iptables |
||
| 3 | office | 17 | PKG_SOURCE_VERSION:=c16bdec15137b241586310d0e61bc88cc3726004 |
| 18 | PKG_MIRROR_HASH:=72e4bec94a56dd600097846c773e1074ff705e38f800ef221db646c064371a53 |
||
| 1 | office | 19 | |
| 20 | PKG_FIXUP:=autoreconf |
||
| 21 | PKG_FLAGS:=nonshared |
||
| 22 | |||
| 23 | PKG_INSTALL:=1 |
||
| 24 | PKG_BUILD_PARALLEL:=1 |
||
| 25 | PKG_LICENSE:=GPL-2.0 |
||
| 26 | PKG_CPE_ID:=cpe:/a:netfilter_core_team:iptables |
||
| 27 | |||
| 28 | include $(INCLUDE_DIR)/package.mk |
||
| 29 | ifeq ($(DUMP),) |
||
| 30 | -include $(LINUX_DIR)/.config |
||
| 31 | include $(INCLUDE_DIR)/netfilter.mk |
||
| 32 | STAMP_CONFIGURED:=$(strip $(STAMP_CONFIGURED))_$(shell grep 'NETFILTER' $(LINUX_DIR)/.config | mkhash md5) |
||
| 33 | endif |
||
| 34 | |||
| 35 | |||
| 36 | define Package/iptables/Default |
||
| 37 | SECTION:=net |
||
| 38 | CATEGORY:=Network |
||
| 39 | SUBMENU:=Firewall |
||
| 40 | URL:=http://netfilter.org/ |
||
| 41 | endef |
||
| 42 | |||
| 43 | define Package/iptables/Module |
||
| 44 | $(call Package/iptables/Default) |
||
| 45 | DEPENDS:=iptables $(1) |
||
| 46 | endef |
||
| 47 | |||
| 48 | define Package/iptables |
||
| 49 | $(call Package/iptables/Default) |
||
| 50 | TITLE:=IP firewall administration tool |
||
| 51 | MENU:=1 |
||
| 52 | DEPENDS+= +kmod-ipt-core +libip4tc +IPV6:libip6tc +libxtables |
||
| 53 | endef |
||
| 54 | |||
| 55 | define Package/iptables/config |
||
| 56 | config IPTABLES_CONNLABEL |
||
| 57 | bool "Enable Connlabel support" |
||
| 58 | default n |
||
| 59 | help |
||
| 60 | This enable connlabel support in iptables. |
||
| 61 | |||
| 62 | config IPTABLES_NFTABLES |
||
| 63 | bool "Enable Nftables support" |
||
| 64 | default n |
||
| 65 | help |
||
| 66 | This enable nftables support in iptables. |
||
| 67 | endef |
||
| 68 | |||
| 69 | define Package/iptables/description |
||
| 70 | IP firewall administration tool. |
||
| 71 | |||
| 72 | Matches: |
||
| 73 | - icmp |
||
| 74 | - tcp |
||
| 75 | - udp |
||
| 76 | - comment |
||
| 77 | - conntrack |
||
| 78 | - limit |
||
| 79 | - mac |
||
| 80 | - mark |
||
| 81 | - multiport |
||
| 82 | - set |
||
| 83 | - state |
||
| 84 | - time |
||
| 85 | |||
| 86 | Targets: |
||
| 87 | - ACCEPT |
||
| 88 | - CT |
||
| 89 | - DNAT |
||
| 90 | - DROP |
||
| 91 | - REJECT |
||
| 92 | - LOG |
||
| 93 | - MARK |
||
| 94 | - MASQUERADE |
||
| 95 | - REDIRECT |
||
| 96 | - SET |
||
| 97 | - SNAT |
||
| 98 | - TCPMSS |
||
| 99 | |||
| 100 | Tables: |
||
| 101 | - filter |
||
| 102 | - mangle |
||
| 103 | - nat |
||
| 104 | - raw |
||
| 105 | |||
| 106 | endef |
||
| 107 | |||
| 108 | define Package/iptables-mod-conntrack-extra |
||
| 3 | office | 109 | $(call Package/iptables/Module, +kmod-ipt-conntrack-extra) |
| 1 | office | 110 | TITLE:=Extra connection tracking extensions |
| 111 | endef |
||
| 112 | |||
| 113 | define Package/iptables-mod-conntrack-extra/description |
||
| 114 | Extra iptables extensions for connection tracking. |
||
| 115 | |||
| 116 | Matches: |
||
| 117 | - connbytes |
||
| 118 | - connlimit |
||
| 119 | - connmark |
||
| 120 | - recent |
||
| 121 | - helper |
||
| 122 | |||
| 123 | Targets: |
||
| 124 | - CONNMARK |
||
| 125 | |||
| 126 | endef |
||
| 127 | |||
| 128 | define Package/iptables-mod-conntrack-label |
||
| 129 | $(call Package/iptables/Module, +kmod-ipt-conntrack-label @IPTABLES_CONNLABEL) |
||
| 130 | TITLE:=Connection tracking labeling extension |
||
| 131 | DEFAULT:=y if IPTABLES_CONNLABEL |
||
| 132 | endef |
||
| 133 | |||
| 134 | define Package/iptables-mod-conntrack-label/description |
||
| 135 | Match and set label(s) on connection tracking entries |
||
| 136 | |||
| 137 | Matches: |
||
| 138 | - connlabel |
||
| 139 | |||
| 140 | endef |
||
| 141 | |||
| 142 | define Package/iptables-mod-filter |
||
| 143 | $(call Package/iptables/Module, +kmod-ipt-filter) |
||
| 144 | TITLE:=Content inspection extensions |
||
| 145 | endef |
||
| 146 | |||
| 147 | define Package/iptables-mod-filter/description |
||
| 148 | iptables extensions for packet content inspection. |
||
| 149 | Includes support for: |
||
| 150 | |||
| 151 | Matches: |
||
| 152 | - string |
||
| 153 | |||
| 154 | endef |
||
| 155 | |||
| 156 | define Package/iptables-mod-ipopt |
||
| 157 | $(call Package/iptables/Module, +kmod-ipt-ipopt) |
||
| 158 | TITLE:=IP/Packet option extensions |
||
| 159 | endef |
||
| 160 | |||
| 161 | define Package/iptables-mod-ipopt/description |
||
| 162 | iptables extensions for matching/changing IP packet options. |
||
| 163 | |||
| 164 | Matches: |
||
| 165 | - dscp |
||
| 166 | - ecn |
||
| 167 | - length |
||
| 168 | - statistic |
||
| 169 | - tcpmss |
||
| 170 | - unclean |
||
| 171 | - hl |
||
| 172 | |||
| 173 | Targets: |
||
| 174 | - DSCP |
||
| 175 | - CLASSIFY |
||
| 176 | - ECN |
||
| 177 | - HL |
||
| 178 | |||
| 179 | endef |
||
| 180 | |||
| 181 | define Package/iptables-mod-ipsec |
||
| 182 | $(call Package/iptables/Module, +kmod-ipt-ipsec) |
||
| 183 | TITLE:=IPsec extensions |
||
| 184 | endef |
||
| 185 | |||
| 186 | define Package/iptables-mod-ipsec/description |
||
| 187 | iptables extensions for matching ipsec traffic. |
||
| 188 | |||
| 189 | Matches: |
||
| 190 | - ah |
||
| 191 | - esp |
||
| 192 | - policy |
||
| 193 | |||
| 194 | endef |
||
| 195 | |||
| 196 | define Package/iptables-mod-nat-extra |
||
| 197 | $(call Package/iptables/Module, +kmod-ipt-nat-extra) |
||
| 198 | TITLE:=Extra NAT extensions |
||
| 199 | endef |
||
| 200 | |||
| 201 | define Package/iptables-mod-nat-extra/description |
||
| 202 | iptables extensions for extra NAT targets. |
||
| 203 | |||
| 204 | Targets: |
||
| 205 | - MIRROR |
||
| 206 | - NETMAP |
||
| 207 | endef |
||
| 208 | |||
| 209 | define Package/iptables-mod-ulog |
||
| 210 | $(call Package/iptables/Module, +kmod-ipt-ulog) |
||
| 211 | TITLE:=user-space packet logging |
||
| 212 | endef |
||
| 213 | |||
| 214 | define Package/iptables-mod-ulog/description |
||
| 215 | iptables extensions for user-space packet logging. |
||
| 216 | |||
| 217 | Targets: |
||
| 218 | - ULOG |
||
| 219 | |||
| 220 | endef |
||
| 221 | |||
| 222 | define Package/iptables-mod-nflog |
||
| 223 | $(call Package/iptables/Module, +kmod-nfnetlink-log +kmod-ipt-nflog) |
||
| 224 | TITLE:=Netfilter NFLOG target |
||
| 225 | endef |
||
| 226 | |||
| 227 | define Package/iptables-mod-nflog/description |
||
| 228 | iptables extension for user-space logging via NFNETLINK. |
||
| 229 | |||
| 230 | Includes: |
||
| 231 | - libxt_NFLOG |
||
| 232 | |||
| 233 | endef |
||
| 234 | |||
| 235 | define Package/iptables-mod-trace |
||
| 236 | $(call Package/iptables/Module, +kmod-ipt-debug) |
||
| 237 | TITLE:=Netfilter TRACE target |
||
| 238 | endef |
||
| 239 | |||
| 240 | define Package/iptables-mod-trace/description |
||
| 241 | iptables extension for TRACE target |
||
| 242 | |||
| 243 | Includes: |
||
| 244 | - libxt_TRACE |
||
| 245 | |||
| 246 | endef |
||
| 247 | |||
| 248 | |||
| 249 | define Package/iptables-mod-nfqueue |
||
| 250 | $(call Package/iptables/Module, +kmod-nfnetlink-queue +kmod-ipt-nfqueue) |
||
| 251 | TITLE:=Netfilter NFQUEUE target |
||
| 252 | endef |
||
| 253 | |||
| 254 | define Package/iptables-mod-nfqueue/description |
||
| 255 | iptables extension for user-space queuing via NFNETLINK. |
||
| 256 | |||
| 257 | Includes: |
||
| 258 | - libxt_NFQUEUE |
||
| 259 | |||
| 260 | endef |
||
| 261 | |||
| 262 | define Package/iptables-mod-hashlimit |
||
| 263 | $(call Package/iptables/Module, +kmod-ipt-hashlimit) |
||
| 264 | TITLE:=hashlimit matching |
||
| 265 | endef |
||
| 266 | |||
| 267 | define Package/iptables-mod-hashlimit/description |
||
| 268 | iptables extensions for hashlimit matching |
||
| 269 | |||
| 270 | Matches: |
||
| 271 | - hashlimit |
||
| 272 | |||
| 273 | endef |
||
| 274 | |||
| 275 | define Package/iptables-mod-rpfilter |
||
| 276 | $(call Package/iptables/Module, +kmod-ipt-rpfilter) |
||
| 277 | TITLE:=rpfilter iptables extension |
||
| 278 | endef |
||
| 279 | |||
| 280 | define Package/iptables-mod-rpfilter/description |
||
| 281 | iptables extensions for reverse path filter test on a packet |
||
| 282 | |||
| 283 | Matches: |
||
| 284 | - rpfilter |
||
| 285 | |||
| 286 | endef |
||
| 287 | |||
| 288 | define Package/iptables-mod-iprange |
||
| 289 | $(call Package/iptables/Module, +kmod-ipt-iprange) |
||
| 290 | TITLE:=IP range extension |
||
| 291 | endef |
||
| 292 | |||
| 293 | define Package/iptables-mod-iprange/description |
||
| 294 | iptables extensions for matching ip ranges. |
||
| 295 | |||
| 296 | Matches: |
||
| 297 | - iprange |
||
| 298 | |||
| 299 | endef |
||
| 300 | |||
| 301 | define Package/iptables-mod-cluster |
||
| 302 | $(call Package/iptables/Module, +kmod-ipt-cluster) |
||
| 303 | TITLE:=Match cluster extension |
||
| 304 | endef |
||
| 305 | |||
| 306 | define Package/iptables-mod-cluster/description |
||
| 307 | iptables extensions for matching cluster. |
||
| 308 | |||
| 309 | Netfilter (IPv4/IPv6) module for matching cluster |
||
| 310 | This option allows you to build work-load-sharing clusters of |
||
| 311 | network servers/stateful firewalls without having a dedicated |
||
| 312 | load-balancing router/server/switch. Basically, this match returns |
||
| 313 | true when the packet must be handled by this cluster node. Thus, |
||
| 314 | all nodes see all packets and this match decides which node handles |
||
| 315 | what packets. The work-load sharing algorithm is based on source |
||
| 316 | address hashing. |
||
| 317 | |||
| 318 | This module is usable for ipv4 and ipv6. |
||
| 319 | |||
| 320 | If you select it, it enables kmod-ipt-cluster. |
||
| 321 | |||
| 322 | see `iptables -m cluster --help` for more information. |
||
| 323 | endef |
||
| 324 | |||
| 325 | define Package/iptables-mod-clusterip |
||
| 326 | $(call Package/iptables/Module, +kmod-ipt-clusterip) |
||
| 327 | TITLE:=Clusterip extension |
||
| 328 | endef |
||
| 329 | |||
| 330 | define Package/iptables-mod-clusterip/description |
||
| 331 | iptables extensions for CLUSTERIP. |
||
| 332 | The CLUSTERIP target allows you to build load-balancing clusters of |
||
| 333 | network servers without having a dedicated load-balancing |
||
| 334 | router/server/switch. |
||
| 335 | |||
| 336 | If you select it, it enables kmod-ipt-clusterip. |
||
| 337 | |||
| 338 | see `iptables -j CLUSTERIP --help` for more information. |
||
| 339 | endef |
||
| 340 | |||
| 341 | define Package/iptables-mod-extra |
||
| 342 | $(call Package/iptables/Module, +kmod-ipt-extra) |
||
| 343 | TITLE:=Other extra iptables extensions |
||
| 344 | endef |
||
| 345 | |||
| 346 | define Package/iptables-mod-extra/description |
||
| 347 | Other extra iptables extensions. |
||
| 348 | |||
| 349 | Matches: |
||
| 350 | - addrtype |
||
| 351 | - condition |
||
| 352 | - owner |
||
| 353 | - pkttype |
||
| 354 | - quota |
||
| 355 | |||
| 356 | endef |
||
| 357 | |||
| 358 | define Package/iptables-mod-physdev |
||
| 359 | $(call Package/iptables/Module, +kmod-ipt-physdev) |
||
| 360 | TITLE:=physdev iptables extension |
||
| 361 | endef |
||
| 362 | |||
| 363 | define Package/iptables-mod-physdev/description |
||
| 364 | The iptables physdev match. |
||
| 365 | endef |
||
| 366 | |||
| 367 | define Package/iptables-mod-led |
||
| 368 | $(call Package/iptables/Module, +kmod-ipt-led) |
||
| 369 | TITLE:=LED trigger iptables extension |
||
| 370 | endef |
||
| 371 | |||
| 372 | define Package/iptables-mod-led/description |
||
| 373 | iptables extension for triggering a LED. |
||
| 374 | |||
| 375 | Targets: |
||
| 376 | - LED |
||
| 377 | |||
| 378 | endef |
||
| 379 | |||
| 380 | define Package/iptables-mod-tproxy |
||
| 381 | $(call Package/iptables/Module, +kmod-ipt-tproxy) |
||
| 382 | TITLE:=Transparent proxy iptables extensions |
||
| 383 | endef |
||
| 384 | |||
| 385 | define Package/iptables-mod-tproxy/description |
||
| 386 | Transparent proxy iptables extensions. |
||
| 387 | |||
| 388 | Matches: |
||
| 389 | - socket |
||
| 390 | |||
| 391 | Targets: |
||
| 392 | - TPROXY |
||
| 393 | |||
| 394 | endef |
||
| 395 | |||
| 396 | define Package/iptables-mod-tee |
||
| 397 | $(call Package/iptables/Module, +kmod-ipt-tee) |
||
| 398 | TITLE:=TEE iptables extensions |
||
| 399 | endef |
||
| 400 | |||
| 401 | define Package/iptables-mod-tee/description |
||
| 402 | TEE iptables extensions. |
||
| 403 | |||
| 404 | Targets: |
||
| 405 | - TEE |
||
| 406 | |||
| 407 | endef |
||
| 408 | |||
| 409 | define Package/iptables-mod-u32 |
||
| 410 | $(call Package/iptables/Module, +kmod-ipt-u32) |
||
| 411 | TITLE:=U32 iptables extensions |
||
| 412 | endef |
||
| 413 | |||
| 414 | define Package/iptables-mod-u32/description |
||
| 415 | U32 iptables extensions. |
||
| 416 | |||
| 417 | Matches: |
||
| 418 | - u32 |
||
| 419 | |||
| 420 | endef |
||
| 421 | |||
| 422 | define Package/iptables-mod-checksum |
||
| 423 | $(call Package/iptables/Module, +kmod-ipt-checksum) |
||
| 424 | TITLE:=IP CHECKSUM target extension |
||
| 425 | endef |
||
| 426 | |||
| 427 | define Package/iptables-mod-checksum/description |
||
| 428 | iptables extension for the CHECKSUM calculation target |
||
| 429 | endef |
||
| 430 | |||
| 431 | define Package/ip6tables |
||
| 432 | $(call Package/iptables/Default) |
||
| 433 | DEPENDS:=@IPV6 +kmod-ip6tables +iptables |
||
| 434 | CATEGORY:=Network |
||
| 435 | TITLE:=IPv6 firewall administration tool |
||
| 436 | MENU:=1 |
||
| 437 | endef |
||
| 438 | |||
| 439 | |||
| 440 | define Package/ip6tables-extra |
||
| 441 | $(call Package/iptables/Default) |
||
| 442 | DEPENDS:=ip6tables +kmod-ip6tables-extra |
||
| 443 | TITLE:=IPv6 header matching modules |
||
| 444 | endef |
||
| 445 | |||
| 446 | define Package/ip6tables-mod-extra/description |
||
| 447 | iptables header matching modules for IPv6 |
||
| 448 | endef |
||
| 449 | |||
| 450 | define Package/ip6tables-mod-nat |
||
| 451 | $(call Package/iptables/Default) |
||
| 452 | DEPENDS:=ip6tables +kmod-ipt-nat6 |
||
| 453 | TITLE:=IPv6 NAT extensions |
||
| 454 | endef |
||
| 455 | |||
| 456 | define Package/ip6tables-mod-nat/description |
||
| 457 | iptables extensions for IPv6-NAT targets. |
||
| 458 | endef |
||
| 459 | |||
| 460 | define Package/libiptc |
||
| 461 | $(call Package/iptables/Default) |
||
| 462 | SECTION:=libs |
||
| 463 | CATEGORY:=Libraries |
||
| 464 | DEPENDS:=+libip4tc +libip6tc +libxtables |
||
| 3 | office | 465 | ABI_VERSION:=$(PKG_VERSION) |
| 466 | TITLE:=IPv4/IPv6 firewall - shared libiptc library (compatibility stub) |
||
| 1 | office | 467 | endef |
| 468 | |||
| 469 | define Package/libip4tc |
||
| 470 | $(call Package/iptables/Default) |
||
| 471 | SECTION:=libs |
||
| 472 | CATEGORY:=Libraries |
||
| 473 | TITLE:=IPv4 firewall - shared libiptc library |
||
| 3 | office | 474 | ABI_VERSION:=$(PKG_VERSION) |
| 1 | office | 475 | DEPENDS:=+libxtables |
| 476 | endef |
||
| 477 | |||
| 478 | define Package/libip6tc |
||
| 479 | $(call Package/iptables/Default) |
||
| 480 | SECTION:=libs |
||
| 481 | CATEGORY:=Libraries |
||
| 482 | TITLE:=IPv6 firewall - shared libiptc library |
||
| 3 | office | 483 | ABI_VERSION:=$(PKG_VERSION) |
| 1 | office | 484 | DEPENDS:=+libxtables |
| 485 | endef |
||
| 486 | |||
| 487 | define Package/libxtables |
||
| 488 | $(call Package/iptables/Default) |
||
| 489 | SECTION:=libs |
||
| 490 | CATEGORY:=Libraries |
||
| 491 | TITLE:=IPv4/IPv6 firewall - shared xtables library |
||
| 3 | office | 492 | ABI_VERSION:=$(PKG_VERSION) |
| 1 | office | 493 | DEPENDS:= \ |
| 494 | +IPTABLES_CONNLABEL:libnetfilter-conntrack \ |
||
| 495 | +IPTABLES_NFTABLES:libnftnl |
||
| 496 | endef |
||
| 497 | |||
| 498 | TARGET_CPPFLAGS := \ |
||
| 499 | -I$(PKG_BUILD_DIR)/include \ |
||
| 500 | -I$(LINUX_DIR)/user_headers/include \ |
||
| 501 | $(TARGET_CPPFLAGS) |
||
| 502 | |||
| 503 | TARGET_CFLAGS += \ |
||
| 504 | -I$(PKG_BUILD_DIR)/include \ |
||
| 505 | -I$(LINUX_DIR)/user_headers/include \ |
||
| 506 | -ffunction-sections -fdata-sections \ |
||
| 507 | -DNO_LEGACY |
||
| 508 | |||
| 509 | TARGET_LDFLAGS += \ |
||
| 510 | -Wl,--gc-sections |
||
| 511 | |||
| 512 | CONFIGURE_ARGS += \ |
||
| 513 | --enable-shared \ |
||
| 514 | --enable-static \ |
||
| 515 | --enable-devel \ |
||
| 516 | --with-kernel="$(LINUX_DIR)/user_headers" \ |
||
| 517 | --with-xtlibdir=/usr/lib/iptables \ |
||
| 518 | --with-xt-lock-name=/var/run/xtables.lock \ |
||
| 519 | $(if $(CONFIG_IPTABLES_CONNLABEL),,--disable-connlabel) \ |
||
| 520 | $(if $(CONFIG_IPTABLES_NFTABLES),,--disable-nftables) \ |
||
| 521 | $(if $(CONFIG_IPV6),,--disable-ipv6) |
||
| 522 | |||
| 523 | MAKE_FLAGS := \ |
||
| 524 | $(TARGET_CONFIGURE_OPTS) \ |
||
| 525 | COPT_FLAGS="$(TARGET_CFLAGS)" \ |
||
| 526 | KERNEL_DIR="$(LINUX_DIR)/user_headers/" PREFIX=/usr \ |
||
| 527 | KBUILD_OUTPUT="$(LINUX_DIR)" \ |
||
| 528 | BUILTIN_MODULES="$(patsubst ip6t_%,%,$(patsubst ipt_%,%,$(patsubst xt_%,%,$(IPT_BUILTIN) $(IPT_CONNTRACK-m) $(IPT_NAT-m))))" |
||
| 529 | |||
| 530 | ifneq ($(wildcard $(PKG_BUILD_DIR)/.config_*),$(subst .configured_,.config_,$(STAMP_CONFIGURED))) |
||
| 531 | define Build/Configure/rebuild |
||
| 532 | $(FIND) $(PKG_BUILD_DIR) -name \*.o -or -name \*.\?o -or -name \*.a | $(XARGS) rm -f |
||
| 533 | rm -f $(PKG_BUILD_DIR)/.config_* |
||
| 534 | rm -f $(PKG_BUILD_DIR)/.configured_* |
||
| 535 | touch $(subst .configured_,.config_,$(STAMP_CONFIGURED)) |
||
| 536 | endef |
||
| 537 | endif |
||
| 538 | |||
| 539 | define Build/Configure |
||
| 540 | $(Build/Configure/rebuild) |
||
| 541 | $(Build/Configure/Default) |
||
| 542 | endef |
||
| 543 | |||
| 544 | define Build/InstallDev |
||
| 545 | $(INSTALL_DIR) $(1)/usr/include |
||
| 546 | $(INSTALL_DIR) $(1)/usr/include/iptables |
||
| 547 | $(INSTALL_DIR) $(1)/usr/include/net/netfilter |
||
| 548 | |||
| 549 | # XXX: iptables header fixup, some headers are not installed by iptables anymore |
||
| 550 | $(CP) $(PKG_BUILD_DIR)/include/iptables/*.h $(1)/usr/include/iptables/ |
||
| 551 | $(CP) $(PKG_BUILD_DIR)/include/iptables.h $(1)/usr/include/ |
||
| 552 | $(CP) $(PKG_BUILD_DIR)/include/ip6tables.h $(1)/usr/include/ |
||
| 553 | $(CP) $(PKG_BUILD_DIR)/include/libipulog $(1)/usr/include/ |
||
| 554 | $(CP) $(PKG_BUILD_DIR)/include/libiptc $(1)/usr/include/ |
||
| 555 | |||
| 556 | $(CP) $(PKG_INSTALL_DIR)/usr/include/* $(1)/usr/include/ |
||
| 557 | $(INSTALL_DIR) $(1)/usr/lib |
||
| 558 | $(CP) $(PKG_INSTALL_DIR)/usr/lib/libxtables.so* $(1)/usr/lib/ |
||
| 559 | $(CP) $(PKG_INSTALL_DIR)/usr/lib/libip*tc.so* $(1)/usr/lib/ |
||
| 560 | $(INSTALL_DIR) $(1)/usr/lib/pkgconfig |
||
| 561 | $(CP) $(PKG_INSTALL_DIR)/usr/lib/pkgconfig/xtables.pc $(1)/usr/lib/pkgconfig/ |
||
| 562 | $(CP) $(PKG_INSTALL_DIR)/usr/lib/pkgconfig/libip*tc.pc $(1)/usr/lib/pkgconfig/ |
||
| 563 | |||
| 564 | # XXX: needed by firewall3 |
||
| 565 | $(CP) $(PKG_BUILD_DIR)/extensions/libiptext*.so $(1)/usr/lib/ |
||
| 566 | endef |
||
| 567 | |||
| 568 | define Package/iptables/install |
||
| 569 | $(INSTALL_DIR) $(1)/usr/sbin |
||
| 3 | office | 570 | $(CP) $(PKG_INSTALL_DIR)/usr/sbin/xtables-multi $(1)/usr/sbin/ |
| 1 | office | 571 | $(CP) $(PKG_INSTALL_DIR)/usr/sbin/iptables{,-restore,-save} $(1)/usr/sbin/ |
| 572 | $(INSTALL_DIR) $(1)/usr/lib/iptables |
||
| 573 | endef |
||
| 574 | |||
| 575 | define Package/ip6tables/install |
||
| 576 | $(INSTALL_DIR) $(1)/usr/sbin |
||
| 577 | $(CP) $(PKG_INSTALL_DIR)/usr/sbin/ip6tables{,-restore,-save} $(1)/usr/sbin/ |
||
| 578 | endef |
||
| 579 | |||
| 580 | define Package/libiptc/install |
||
| 581 | $(INSTALL_DIR) $(1)/usr/lib |
||
| 3 | office | 582 | $(CP) $(PKG_INSTALL_DIR)/usr/lib/libiptc.so* $(1)/usr/lib/ |
| 1 | office | 583 | endef |
| 584 | |||
| 585 | define Package/libip4tc/install |
||
| 586 | $(INSTALL_DIR) $(1)/usr/lib |
||
| 3 | office | 587 | $(CP) $(PKG_INSTALL_DIR)/usr/lib/libip4tc.so* $(1)/usr/lib/ |
| 1 | office | 588 | $(CP) $(PKG_BUILD_DIR)/extensions/libiptext4.so $(1)/usr/lib/ |
| 589 | endef |
||
| 590 | |||
| 591 | define Package/libip6tc/install |
||
| 592 | $(INSTALL_DIR) $(1)/usr/lib |
||
| 3 | office | 593 | $(CP) $(PKG_INSTALL_DIR)/usr/lib/libip6tc.so* $(1)/usr/lib/ |
| 1 | office | 594 | $(CP) $(PKG_BUILD_DIR)/extensions/libiptext6.so $(1)/usr/lib/ |
| 595 | endef |
||
| 596 | |||
| 597 | define Package/libxtables/install |
||
| 598 | $(INSTALL_DIR) $(1)/usr/lib |
||
| 3 | office | 599 | $(CP) $(PKG_INSTALL_DIR)/usr/lib/libxtables.so* $(1)/usr/lib/ |
| 1 | office | 600 | $(CP) $(PKG_BUILD_DIR)/extensions/libiptext.so $(1)/usr/lib/ |
| 601 | endef |
||
| 602 | |||
| 603 | define BuildPlugin |
||
| 604 | define Package/$(1)/install |
||
| 605 | $(INSTALL_DIR) $$(1)/usr/lib/iptables |
||
| 606 | for m in $(patsubst xt_%,ipt_%,$(2)) $(patsubst ipt_%,xt_%,$(2)) $(patsubst xt_%,ip6t_%,$(2)) $(patsubst ip6t_%,xt_%,$(2)); do \ |
||
| 607 | if [ -f $(PKG_INSTALL_DIR)/usr/lib/iptables/lib$$$$$$$${m}.so ]; then \ |
||
| 608 | $(CP) $(PKG_INSTALL_DIR)/usr/lib/iptables/lib$$$$$$$${m}.so $$(1)/usr/lib/iptables/ ; \ |
||
| 609 | fi; \ |
||
| 610 | done |
||
| 611 | $(3) |
||
| 612 | endef |
||
| 613 | |||
| 614 | $$(eval $$(call BuildPackage,$(1))) |
||
| 615 | endef |
||
| 616 | |||
| 617 | $(eval $(call BuildPackage,iptables)) |
||
| 618 | $(eval $(call BuildPlugin,iptables-mod-conntrack-extra,$(IPT_CONNTRACK_EXTRA-m))) |
||
| 619 | $(eval $(call BuildPlugin,iptables-mod-conntrack-label,$(IPT_CONNTRACK_LABEL-m))) |
||
| 620 | $(eval $(call BuildPlugin,iptables-mod-extra,$(IPT_EXTRA-m))) |
||
| 621 | $(eval $(call BuildPlugin,iptables-mod-physdev,$(IPT_PHYSDEV-m))) |
||
| 622 | $(eval $(call BuildPlugin,iptables-mod-filter,$(IPT_FILTER-m))) |
||
| 623 | $(eval $(call BuildPlugin,iptables-mod-ipopt,$(IPT_IPOPT-m))) |
||
| 624 | $(eval $(call BuildPlugin,iptables-mod-ipsec,$(IPT_IPSEC-m))) |
||
| 625 | $(eval $(call BuildPlugin,iptables-mod-nat-extra,$(IPT_NAT_EXTRA-m))) |
||
| 626 | $(eval $(call BuildPlugin,iptables-mod-iprange,$(IPT_IPRANGE-m))) |
||
| 627 | $(eval $(call BuildPlugin,iptables-mod-cluster,$(IPT_CLUSTER-m))) |
||
| 628 | $(eval $(call BuildPlugin,iptables-mod-clusterip,$(IPT_CLUSTERIP-m))) |
||
| 629 | $(eval $(call BuildPlugin,iptables-mod-ulog,$(IPT_ULOG-m))) |
||
| 630 | $(eval $(call BuildPlugin,iptables-mod-hashlimit,$(IPT_HASHLIMIT-m))) |
||
| 631 | $(eval $(call BuildPlugin,iptables-mod-rpfilter,$(IPT_RPFILTER-m))) |
||
| 632 | $(eval $(call BuildPlugin,iptables-mod-led,$(IPT_LED-m))) |
||
| 633 | $(eval $(call BuildPlugin,iptables-mod-tproxy,$(IPT_TPROXY-m))) |
||
| 634 | $(eval $(call BuildPlugin,iptables-mod-tee,$(IPT_TEE-m))) |
||
| 635 | $(eval $(call BuildPlugin,iptables-mod-u32,$(IPT_U32-m))) |
||
| 636 | $(eval $(call BuildPlugin,iptables-mod-nflog,$(IPT_NFLOG-m))) |
||
| 637 | $(eval $(call BuildPlugin,iptables-mod-trace,$(IPT_DEBUG-m))) |
||
| 638 | $(eval $(call BuildPlugin,iptables-mod-nfqueue,$(IPT_NFQUEUE-m))) |
||
| 639 | $(eval $(call BuildPlugin,iptables-mod-checksum,$(IPT_CHECKSUM-m))) |
||
| 640 | $(eval $(call BuildPackage,ip6tables)) |
||
| 641 | $(eval $(call BuildPlugin,ip6tables-extra,$(IPT_IPV6_EXTRA-m))) |
||
| 642 | $(eval $(call BuildPlugin,ip6tables-mod-nat,$(IPT_NAT6-m))) |
||
| 643 | $(eval $(call BuildPackage,libiptc)) |
||
| 644 | $(eval $(call BuildPackage,libip4tc)) |
||
| 645 | $(eval $(call BuildPackage,libip6tc)) |
||
| 646 | $(eval $(call BuildPackage,libxtables)) |