OpenWrt – Diff between revs 2 and 3

Subversion Repositories:
Rev:
Only display areas with differencesIgnore whitespace
Rev 2 Rev 3
1 # 1 #
2 # Copyright (C) 2006-2016 OpenWrt.org 2 # Copyright (C) 2006-2016 OpenWrt.org
3 # 3 #
4 # This is free software, licensed under the GNU General Public License v2. 4 # This is free software, licensed under the GNU General Public License v2.
5 # See /LICENSE for more information. 5 # See /LICENSE for more information.
6 # 6 #
7   7  
8 include $(TOPDIR)/rules.mk 8 include $(TOPDIR)/rules.mk
9 include $(INCLUDE_DIR)/kernel.mk 9 include $(INCLUDE_DIR)/kernel.mk
10   10  
11 PKG_NAME:=iptables 11 PKG_NAME:=iptables
12 PKG_VERSION:=1.8.2 12 PKG_VERSION:=1.6.2
13 PKG_RELEASE:=3 13 PKG_RELEASE:=1
14   14  
15 PKG_SOURCE_PROTO:=git 15 PKG_SOURCE_PROTO:=git
16 PKG_SOURCE_URL:=https://git.netfilter.org/iptables 16 PKG_SOURCE_URL:=https://git.netfilter.org/iptables
17 PKG_SOURCE_VERSION:=bba6bc692b0e6137e13881a1f398c134822e9f83 17 PKG_SOURCE_VERSION:=c16bdec15137b241586310d0e61bc88cc3726004
18 PKG_MIRROR_HASH:=23a61d2a23fc0d587029690ef2564625d78fba4b2d90117edaf5b9eaf55bb7f9 18 PKG_MIRROR_HASH:=72e4bec94a56dd600097846c773e1074ff705e38f800ef221db646c064371a53
19   19  
20 PKG_FIXUP:=autoreconf 20 PKG_FIXUP:=autoreconf
21 PKG_FLAGS:=nonshared 21 PKG_FLAGS:=nonshared
22   22  
23 PKG_INSTALL:=1 23 PKG_INSTALL:=1
24 PKG_BUILD_PARALLEL:=1 24 PKG_BUILD_PARALLEL:=1
25 PKG_LICENSE:=GPL-2.0 25 PKG_LICENSE:=GPL-2.0
26 PKG_CPE_ID:=cpe:/a:netfilter_core_team:iptables 26 PKG_CPE_ID:=cpe:/a:netfilter_core_team:iptables
27   27  
28 include $(INCLUDE_DIR)/package.mk 28 include $(INCLUDE_DIR)/package.mk
29 ifeq ($(DUMP),) 29 ifeq ($(DUMP),)
30 -include $(LINUX_DIR)/.config 30 -include $(LINUX_DIR)/.config
31 include $(INCLUDE_DIR)/netfilter.mk 31 include $(INCLUDE_DIR)/netfilter.mk
32 STAMP_CONFIGURED:=$(strip $(STAMP_CONFIGURED))_$(shell grep 'NETFILTER' $(LINUX_DIR)/.config | mkhash md5) 32 STAMP_CONFIGURED:=$(strip $(STAMP_CONFIGURED))_$(shell grep 'NETFILTER' $(LINUX_DIR)/.config | mkhash md5)
33 endif 33 endif
34   34  
35   35  
36 define Package/iptables/Default 36 define Package/iptables/Default
37 SECTION:=net 37 SECTION:=net
38 CATEGORY:=Network 38 CATEGORY:=Network
39 SUBMENU:=Firewall 39 SUBMENU:=Firewall
40 URL:=http://netfilter.org/ 40 URL:=http://netfilter.org/
41 endef 41 endef
42   42  
43 define Package/iptables/Module 43 define Package/iptables/Module
44 $(call Package/iptables/Default) 44 $(call Package/iptables/Default)
45 DEPENDS:=iptables $(1) 45 DEPENDS:=iptables $(1)
46 endef 46 endef
47   47  
48 define Package/iptables 48 define Package/iptables
49 $(call Package/iptables/Default) 49 $(call Package/iptables/Default)
50 TITLE:=IP firewall administration tool 50 TITLE:=IP firewall administration tool
51 MENU:=1 51 MENU:=1
52 DEPENDS+= +kmod-ipt-core +libip4tc +IPV6:libip6tc +libxtables 52 DEPENDS+= +kmod-ipt-core +libip4tc +IPV6:libip6tc +libxtables
53 endef 53 endef
54   54  
55 define Package/iptables/config 55 define Package/iptables/config
56 config IPTABLES_CONNLABEL 56 config IPTABLES_CONNLABEL
57 bool "Enable Connlabel support" 57 bool "Enable Connlabel support"
58 default n 58 default n
59 help 59 help
60 This enable connlabel support in iptables. 60 This enable connlabel support in iptables.
61   61  
62 config IPTABLES_NFTABLES 62 config IPTABLES_NFTABLES
63 bool "Enable Nftables support" 63 bool "Enable Nftables support"
64 default n 64 default n
65 help 65 help
66 This enable nftables support in iptables. 66 This enable nftables support in iptables.
67 endef 67 endef
68   68  
69 define Package/iptables/description 69 define Package/iptables/description
70 IP firewall administration tool. 70 IP firewall administration tool.
71   71  
72 Matches: 72 Matches:
73 - icmp 73 - icmp
74 - tcp 74 - tcp
75 - udp 75 - udp
76 - comment 76 - comment
77 - conntrack 77 - conntrack
78 - limit 78 - limit
79 - mac 79 - mac
80 - mark 80 - mark
81 - multiport 81 - multiport
82 - set 82 - set
83 - state 83 - state
84 - time 84 - time
85   85  
86 Targets: 86 Targets:
87 - ACCEPT 87 - ACCEPT
88 - CT 88 - CT
89 - DNAT 89 - DNAT
90 - DROP 90 - DROP
91 - REJECT 91 - REJECT
92 - FLOWOFFLOAD -  
93 - LOG 92 - LOG
94 - MARK 93 - MARK
95 - MASQUERADE 94 - MASQUERADE
96 - REDIRECT 95 - REDIRECT
97 - SET 96 - SET
98 - SNAT 97 - SNAT
99 - TCPMSS 98 - TCPMSS
100   99  
101 Tables: 100 Tables:
102 - filter 101 - filter
103 - mangle 102 - mangle
104 - nat 103 - nat
105 - raw 104 - raw
106   105  
107 endef 106 endef
108   -  
109 define Package/iptables-nft -  
110 $(call Package/iptables/Default) -  
111 TITLE:=IP firewall administration tool nft -  
112 DEPENDS:=iptables @IPTABLES_NFTABLES +libxtables-nft -  
113 endef -  
114   -  
115 define Package/iptables-nft/description -  
116 Extra iptables nftables nft binaries. -  
117 iptables-nft -  
118 iptables-nft-restore -  
119 iptables-nft-save -  
120 iptables-translate -  
121 iptables-restore-translate -  
122 endef -  
123   107  
124 define Package/iptables-mod-conntrack-extra 108 define Package/iptables-mod-conntrack-extra
125 $(call Package/iptables/Module, +kmod-ipt-conntrack-extra +kmod-ipt-raw) 109 $(call Package/iptables/Module, +kmod-ipt-conntrack-extra)
126 TITLE:=Extra connection tracking extensions 110 TITLE:=Extra connection tracking extensions
127 endef 111 endef
128   112  
129 define Package/iptables-mod-conntrack-extra/description 113 define Package/iptables-mod-conntrack-extra/description
130 Extra iptables extensions for connection tracking. 114 Extra iptables extensions for connection tracking.
131   115  
132 Matches: 116 Matches:
133 - connbytes 117 - connbytes
134 - connlimit 118 - connlimit
135 - connmark 119 - connmark
136 - recent 120 - recent
137 - helper 121 - helper
138   122  
139 Targets: 123 Targets:
140 - CONNMARK 124 - CONNMARK
141   125  
142 endef 126 endef
143   127  
144 define Package/iptables-mod-conntrack-label 128 define Package/iptables-mod-conntrack-label
145 $(call Package/iptables/Module, +kmod-ipt-conntrack-label @IPTABLES_CONNLABEL) 129 $(call Package/iptables/Module, +kmod-ipt-conntrack-label @IPTABLES_CONNLABEL)
146 TITLE:=Connection tracking labeling extension 130 TITLE:=Connection tracking labeling extension
147 DEFAULT:=y if IPTABLES_CONNLABEL 131 DEFAULT:=y if IPTABLES_CONNLABEL
148 endef 132 endef
149   133  
150 define Package/iptables-mod-conntrack-label/description 134 define Package/iptables-mod-conntrack-label/description
151 Match and set label(s) on connection tracking entries 135 Match and set label(s) on connection tracking entries
152   136  
153 Matches: 137 Matches:
154 - connlabel 138 - connlabel
155   139  
156 endef 140 endef
157   141  
158 define Package/iptables-mod-filter 142 define Package/iptables-mod-filter
159 $(call Package/iptables/Module, +kmod-ipt-filter) 143 $(call Package/iptables/Module, +kmod-ipt-filter)
160 TITLE:=Content inspection extensions 144 TITLE:=Content inspection extensions
161 endef 145 endef
162   146  
163 define Package/iptables-mod-filter/description 147 define Package/iptables-mod-filter/description
164 iptables extensions for packet content inspection. 148 iptables extensions for packet content inspection.
165 Includes support for: 149 Includes support for:
166   150  
167 Matches: 151 Matches:
168 - string 152 - string
169 - bpf -  
170   153  
171 endef 154 endef
172   155  
173 define Package/iptables-mod-ipopt 156 define Package/iptables-mod-ipopt
174 $(call Package/iptables/Module, +kmod-ipt-ipopt) 157 $(call Package/iptables/Module, +kmod-ipt-ipopt)
175 TITLE:=IP/Packet option extensions 158 TITLE:=IP/Packet option extensions
176 endef 159 endef
177   160  
178 define Package/iptables-mod-ipopt/description 161 define Package/iptables-mod-ipopt/description
179 iptables extensions for matching/changing IP packet options. 162 iptables extensions for matching/changing IP packet options.
180   163  
181 Matches: 164 Matches:
182 - dscp 165 - dscp
183 - ecn 166 - ecn
184 - length 167 - length
185 - statistic 168 - statistic
186 - tcpmss 169 - tcpmss
187 - unclean 170 - unclean
188 - hl 171 - hl
189   172  
190 Targets: 173 Targets:
191 - DSCP 174 - DSCP
192 - CLASSIFY 175 - CLASSIFY
193 - ECN 176 - ECN
194 - HL 177 - HL
195   178  
196 endef 179 endef
197   180  
198 define Package/iptables-mod-ipsec 181 define Package/iptables-mod-ipsec
199 $(call Package/iptables/Module, +kmod-ipt-ipsec) 182 $(call Package/iptables/Module, +kmod-ipt-ipsec)
200 TITLE:=IPsec extensions 183 TITLE:=IPsec extensions
201 endef 184 endef
202   185  
203 define Package/iptables-mod-ipsec/description 186 define Package/iptables-mod-ipsec/description
204 iptables extensions for matching ipsec traffic. 187 iptables extensions for matching ipsec traffic.
205   188  
206 Matches: 189 Matches:
207 - ah 190 - ah
208 - esp 191 - esp
209 - policy 192 - policy
210   193  
211 endef 194 endef
212   195  
213 define Package/iptables-mod-nat-extra 196 define Package/iptables-mod-nat-extra
214 $(call Package/iptables/Module, +kmod-ipt-nat-extra) 197 $(call Package/iptables/Module, +kmod-ipt-nat-extra)
215 TITLE:=Extra NAT extensions 198 TITLE:=Extra NAT extensions
216 endef 199 endef
217   200  
218 define Package/iptables-mod-nat-extra/description 201 define Package/iptables-mod-nat-extra/description
219 iptables extensions for extra NAT targets. 202 iptables extensions for extra NAT targets.
220   203  
221 Targets: 204 Targets:
222 - MIRROR 205 - MIRROR
223 - NETMAP 206 - NETMAP
224 endef 207 endef
225   208  
226 define Package/iptables-mod-ulog 209 define Package/iptables-mod-ulog
227 $(call Package/iptables/Module, +kmod-ipt-ulog) 210 $(call Package/iptables/Module, +kmod-ipt-ulog)
228 TITLE:=user-space packet logging 211 TITLE:=user-space packet logging
229 endef 212 endef
230   213  
231 define Package/iptables-mod-ulog/description 214 define Package/iptables-mod-ulog/description
232 iptables extensions for user-space packet logging. 215 iptables extensions for user-space packet logging.
233   216  
234 Targets: 217 Targets:
235 - ULOG 218 - ULOG
236   219  
237 endef 220 endef
238   221  
239 define Package/iptables-mod-nflog 222 define Package/iptables-mod-nflog
240 $(call Package/iptables/Module, +kmod-nfnetlink-log +kmod-ipt-nflog) 223 $(call Package/iptables/Module, +kmod-nfnetlink-log +kmod-ipt-nflog)
241 TITLE:=Netfilter NFLOG target 224 TITLE:=Netfilter NFLOG target
242 endef 225 endef
243   226  
244 define Package/iptables-mod-nflog/description 227 define Package/iptables-mod-nflog/description
245 iptables extension for user-space logging via NFNETLINK. 228 iptables extension for user-space logging via NFNETLINK.
246   229  
247 Includes: 230 Includes:
248 - libxt_NFLOG 231 - libxt_NFLOG
249   232  
250 endef 233 endef
251   234  
252 define Package/iptables-mod-trace 235 define Package/iptables-mod-trace
253 $(call Package/iptables/Module, +kmod-ipt-debug) 236 $(call Package/iptables/Module, +kmod-ipt-debug)
254 TITLE:=Netfilter TRACE target 237 TITLE:=Netfilter TRACE target
255 endef 238 endef
256   239  
257 define Package/iptables-mod-trace/description 240 define Package/iptables-mod-trace/description
258 iptables extension for TRACE target 241 iptables extension for TRACE target
259   242  
260 Includes: 243 Includes:
261 - libxt_TRACE 244 - libxt_TRACE
262   245  
263 endef 246 endef
264   247  
265   248  
266 define Package/iptables-mod-nfqueue 249 define Package/iptables-mod-nfqueue
267 $(call Package/iptables/Module, +kmod-nfnetlink-queue +kmod-ipt-nfqueue) 250 $(call Package/iptables/Module, +kmod-nfnetlink-queue +kmod-ipt-nfqueue)
268 TITLE:=Netfilter NFQUEUE target 251 TITLE:=Netfilter NFQUEUE target
269 endef 252 endef
270   253  
271 define Package/iptables-mod-nfqueue/description 254 define Package/iptables-mod-nfqueue/description
272 iptables extension for user-space queuing via NFNETLINK. 255 iptables extension for user-space queuing via NFNETLINK.
273   256  
274 Includes: 257 Includes:
275 - libxt_NFQUEUE 258 - libxt_NFQUEUE
276   259  
277 endef 260 endef
278   261  
279 define Package/iptables-mod-hashlimit 262 define Package/iptables-mod-hashlimit
280 $(call Package/iptables/Module, +kmod-ipt-hashlimit) 263 $(call Package/iptables/Module, +kmod-ipt-hashlimit)
281 TITLE:=hashlimit matching 264 TITLE:=hashlimit matching
282 endef 265 endef
283   266  
284 define Package/iptables-mod-hashlimit/description 267 define Package/iptables-mod-hashlimit/description
285 iptables extensions for hashlimit matching 268 iptables extensions for hashlimit matching
286   269  
287 Matches: 270 Matches:
288 - hashlimit 271 - hashlimit
289   272  
290 endef 273 endef
291   274  
292 define Package/iptables-mod-rpfilter 275 define Package/iptables-mod-rpfilter
293 $(call Package/iptables/Module, +kmod-ipt-rpfilter) 276 $(call Package/iptables/Module, +kmod-ipt-rpfilter)
294 TITLE:=rpfilter iptables extension 277 TITLE:=rpfilter iptables extension
295 endef 278 endef
296   279  
297 define Package/iptables-mod-rpfilter/description 280 define Package/iptables-mod-rpfilter/description
298 iptables extensions for reverse path filter test on a packet 281 iptables extensions for reverse path filter test on a packet
299   282  
300 Matches: 283 Matches:
301 - rpfilter 284 - rpfilter
302   285  
303 endef 286 endef
304   287  
305 define Package/iptables-mod-iprange 288 define Package/iptables-mod-iprange
306 $(call Package/iptables/Module, +kmod-ipt-iprange) 289 $(call Package/iptables/Module, +kmod-ipt-iprange)
307 TITLE:=IP range extension 290 TITLE:=IP range extension
308 endef 291 endef
309   292  
310 define Package/iptables-mod-iprange/description 293 define Package/iptables-mod-iprange/description
311 iptables extensions for matching ip ranges. 294 iptables extensions for matching ip ranges.
312   295  
313 Matches: 296 Matches:
314 - iprange 297 - iprange
315   298  
316 endef 299 endef
317   300  
318 define Package/iptables-mod-cluster 301 define Package/iptables-mod-cluster
319 $(call Package/iptables/Module, +kmod-ipt-cluster) 302 $(call Package/iptables/Module, +kmod-ipt-cluster)
320 TITLE:=Match cluster extension 303 TITLE:=Match cluster extension
321 endef 304 endef
322   305  
323 define Package/iptables-mod-cluster/description 306 define Package/iptables-mod-cluster/description
324 iptables extensions for matching cluster. 307 iptables extensions for matching cluster.
325   308  
326 Netfilter (IPv4/IPv6) module for matching cluster 309 Netfilter (IPv4/IPv6) module for matching cluster
327 This option allows you to build work-load-sharing clusters of 310 This option allows you to build work-load-sharing clusters of
328 network servers/stateful firewalls without having a dedicated 311 network servers/stateful firewalls without having a dedicated
329 load-balancing router/server/switch. Basically, this match returns 312 load-balancing router/server/switch. Basically, this match returns
330 true when the packet must be handled by this cluster node. Thus, 313 true when the packet must be handled by this cluster node. Thus,
331 all nodes see all packets and this match decides which node handles 314 all nodes see all packets and this match decides which node handles
332 what packets. The work-load sharing algorithm is based on source 315 what packets. The work-load sharing algorithm is based on source
333 address hashing. 316 address hashing.
334   317  
335 This module is usable for ipv4 and ipv6. 318 This module is usable for ipv4 and ipv6.
336   319  
337 If you select it, it enables kmod-ipt-cluster. 320 If you select it, it enables kmod-ipt-cluster.
338   321  
339 see `iptables -m cluster --help` for more information. 322 see `iptables -m cluster --help` for more information.
340 endef 323 endef
341   324  
342 define Package/iptables-mod-clusterip 325 define Package/iptables-mod-clusterip
343 $(call Package/iptables/Module, +kmod-ipt-clusterip) 326 $(call Package/iptables/Module, +kmod-ipt-clusterip)
344 TITLE:=Clusterip extension 327 TITLE:=Clusterip extension
345 endef 328 endef
346   329  
347 define Package/iptables-mod-clusterip/description 330 define Package/iptables-mod-clusterip/description
348 iptables extensions for CLUSTERIP. 331 iptables extensions for CLUSTERIP.
349 The CLUSTERIP target allows you to build load-balancing clusters of 332 The CLUSTERIP target allows you to build load-balancing clusters of
350 network servers without having a dedicated load-balancing 333 network servers without having a dedicated load-balancing
351 router/server/switch. 334 router/server/switch.
352   335  
353 If you select it, it enables kmod-ipt-clusterip. 336 If you select it, it enables kmod-ipt-clusterip.
354   337  
355 see `iptables -j CLUSTERIP --help` for more information. 338 see `iptables -j CLUSTERIP --help` for more information.
356 endef 339 endef
357   340  
358 define Package/iptables-mod-extra 341 define Package/iptables-mod-extra
359 $(call Package/iptables/Module, +kmod-ipt-extra) 342 $(call Package/iptables/Module, +kmod-ipt-extra)
360 TITLE:=Other extra iptables extensions 343 TITLE:=Other extra iptables extensions
361 endef 344 endef
362   345  
363 define Package/iptables-mod-extra/description 346 define Package/iptables-mod-extra/description
364 Other extra iptables extensions. 347 Other extra iptables extensions.
365   348  
366 Matches: 349 Matches:
367 - addrtype 350 - addrtype
368 - condition 351 - condition
369 - owner 352 - owner
370 - pkttype 353 - pkttype
371 - quota 354 - quota
372   355  
373 endef 356 endef
374   357  
375 define Package/iptables-mod-physdev 358 define Package/iptables-mod-physdev
376 $(call Package/iptables/Module, +kmod-ipt-physdev) 359 $(call Package/iptables/Module, +kmod-ipt-physdev)
377 TITLE:=physdev iptables extension 360 TITLE:=physdev iptables extension
378 endef 361 endef
379   362  
380 define Package/iptables-mod-physdev/description 363 define Package/iptables-mod-physdev/description
381 The iptables physdev match. 364 The iptables physdev match.
382 endef 365 endef
383   366  
384 define Package/iptables-mod-led 367 define Package/iptables-mod-led
385 $(call Package/iptables/Module, +kmod-ipt-led) 368 $(call Package/iptables/Module, +kmod-ipt-led)
386 TITLE:=LED trigger iptables extension 369 TITLE:=LED trigger iptables extension
387 endef 370 endef
388   371  
389 define Package/iptables-mod-led/description 372 define Package/iptables-mod-led/description
390 iptables extension for triggering a LED. 373 iptables extension for triggering a LED.
391   374  
392 Targets: 375 Targets:
393 - LED 376 - LED
394   377  
395 endef 378 endef
396   379  
397 define Package/iptables-mod-tproxy 380 define Package/iptables-mod-tproxy
398 $(call Package/iptables/Module, +kmod-ipt-tproxy) 381 $(call Package/iptables/Module, +kmod-ipt-tproxy)
399 TITLE:=Transparent proxy iptables extensions 382 TITLE:=Transparent proxy iptables extensions
400 endef 383 endef
401   384  
402 define Package/iptables-mod-tproxy/description 385 define Package/iptables-mod-tproxy/description
403 Transparent proxy iptables extensions. 386 Transparent proxy iptables extensions.
404   387  
405 Matches: 388 Matches:
406 - socket 389 - socket
407   390  
408 Targets: 391 Targets:
409 - TPROXY 392 - TPROXY
410   393  
411 endef 394 endef
412   395  
413 define Package/iptables-mod-tee 396 define Package/iptables-mod-tee
414 $(call Package/iptables/Module, +kmod-ipt-tee) 397 $(call Package/iptables/Module, +kmod-ipt-tee)
415 TITLE:=TEE iptables extensions 398 TITLE:=TEE iptables extensions
416 endef 399 endef
417   400  
418 define Package/iptables-mod-tee/description 401 define Package/iptables-mod-tee/description
419 TEE iptables extensions. 402 TEE iptables extensions.
420   403  
421 Targets: 404 Targets:
422 - TEE 405 - TEE
423   406  
424 endef 407 endef
425   408  
426 define Package/iptables-mod-u32 409 define Package/iptables-mod-u32
427 $(call Package/iptables/Module, +kmod-ipt-u32) 410 $(call Package/iptables/Module, +kmod-ipt-u32)
428 TITLE:=U32 iptables extensions 411 TITLE:=U32 iptables extensions
429 endef 412 endef
430   413  
431 define Package/iptables-mod-u32/description 414 define Package/iptables-mod-u32/description
432 U32 iptables extensions. 415 U32 iptables extensions.
433   416  
434 Matches: 417 Matches:
435 - u32 418 - u32
436   419  
437 endef 420 endef
438   421  
439 define Package/iptables-mod-checksum 422 define Package/iptables-mod-checksum
440 $(call Package/iptables/Module, +kmod-ipt-checksum) 423 $(call Package/iptables/Module, +kmod-ipt-checksum)
441 TITLE:=IP CHECKSUM target extension 424 TITLE:=IP CHECKSUM target extension
442 endef 425 endef
443   426  
444 define Package/iptables-mod-checksum/description 427 define Package/iptables-mod-checksum/description
445 iptables extension for the CHECKSUM calculation target 428 iptables extension for the CHECKSUM calculation target
446 endef 429 endef
447   430  
448 define Package/ip6tables 431 define Package/ip6tables
449 $(call Package/iptables/Default) 432 $(call Package/iptables/Default)
450 DEPENDS:=@IPV6 +kmod-ip6tables +iptables 433 DEPENDS:=@IPV6 +kmod-ip6tables +iptables
451 CATEGORY:=Network 434 CATEGORY:=Network
452 TITLE:=IPv6 firewall administration tool 435 TITLE:=IPv6 firewall administration tool
453 MENU:=1 436 MENU:=1
454 endef 437 endef
455   -  
456 define Package/ip6tables-nft -  
457 $(call Package/iptables/Default) -  
458 DEPENDS:=ip6tables @IPTABLES_NFTABLES +libxtables-nft -  
459 TITLE:=IP firewall administration tool nft -  
460 endef -  
461   -  
462 define Package/ip6tables-nft/description -  
463 Extra ip6tables nftables nft binaries. -  
464 iptables-nft -  
465 iptables-nft-restore -  
466 iptables-nft-save -  
467 iptables-translate -  
468 iptables-restore-translate -  
469 endef 438  
470   439  
471 define Package/ip6tables-extra 440 define Package/ip6tables-extra
472 $(call Package/iptables/Default) 441 $(call Package/iptables/Default)
473 DEPENDS:=ip6tables +kmod-ip6tables-extra 442 DEPENDS:=ip6tables +kmod-ip6tables-extra
474 TITLE:=IPv6 header matching modules 443 TITLE:=IPv6 header matching modules
475 endef 444 endef
476   445  
477 define Package/ip6tables-mod-extra/description 446 define Package/ip6tables-mod-extra/description
478 iptables header matching modules for IPv6 447 iptables header matching modules for IPv6
479 endef 448 endef
480   449  
481 define Package/ip6tables-mod-nat 450 define Package/ip6tables-mod-nat
482 $(call Package/iptables/Default) 451 $(call Package/iptables/Default)
483 DEPENDS:=ip6tables +kmod-ipt-nat6 452 DEPENDS:=ip6tables +kmod-ipt-nat6
484 TITLE:=IPv6 NAT extensions 453 TITLE:=IPv6 NAT extensions
485 endef 454 endef
486   455  
487 define Package/ip6tables-mod-nat/description 456 define Package/ip6tables-mod-nat/description
488 iptables extensions for IPv6-NAT targets. 457 iptables extensions for IPv6-NAT targets.
489 endef 458 endef
490   459  
491 define Package/libiptc 460 define Package/libiptc
492 $(call Package/iptables/Default) 461 $(call Package/iptables/Default)
493 SECTION:=libs 462 SECTION:=libs
494 CATEGORY:=Libraries 463 CATEGORY:=Libraries
495 DEPENDS:=+libip4tc +libip6tc +libxtables 464 DEPENDS:=+libip4tc +libip6tc +libxtables
496 ABI_VERSION:=0 465 ABI_VERSION:=$(PKG_VERSION)
497 TITLE:=IPv4/IPv6 firewall - shared libiptc library (nf compatibility stub) 466 TITLE:=IPv4/IPv6 firewall - shared libiptc library (compatibility stub)
498 endef 467 endef
499   468  
500 define Package/libip4tc 469 define Package/libip4tc
501 $(call Package/iptables/Default) 470 $(call Package/iptables/Default)
502 SECTION:=libs 471 SECTION:=libs
503 CATEGORY:=Libraries 472 CATEGORY:=Libraries
504 TITLE:=IPv4 firewall - shared libiptc library 473 TITLE:=IPv4 firewall - shared libiptc library
505 ABI_VERSION:=0 474 ABI_VERSION:=$(PKG_VERSION)
506 DEPENDS:=+libxtables 475 DEPENDS:=+libxtables
507 endef 476 endef
508   477  
509 define Package/libip6tc 478 define Package/libip6tc
510 $(call Package/iptables/Default) 479 $(call Package/iptables/Default)
511 SECTION:=libs 480 SECTION:=libs
512 CATEGORY:=Libraries 481 CATEGORY:=Libraries
513 TITLE:=IPv6 firewall - shared libiptc library 482 TITLE:=IPv6 firewall - shared libiptc library
514 ABI_VERSION:=0 483 ABI_VERSION:=$(PKG_VERSION)
515 DEPENDS:=+libxtables 484 DEPENDS:=+libxtables
516 endef 485 endef
517   486  
518 define Package/libxtables 487 define Package/libxtables
519 $(call Package/iptables/Default) 488 $(call Package/iptables/Default)
520 SECTION:=libs 489 SECTION:=libs
521 CATEGORY:=Libraries 490 CATEGORY:=Libraries
522 TITLE:=IPv4/IPv6 firewall - shared xtables library 491 TITLE:=IPv4/IPv6 firewall - shared xtables library
523 ABI_VERSION:=12 492 ABI_VERSION:=$(PKG_VERSION)
524 DEPENDS:= \ 493 DEPENDS:= \
525 +IPTABLES_CONNLABEL:libnetfilter-conntrack \ 494 +IPTABLES_CONNLABEL:libnetfilter-conntrack \
526 +IPTABLES_NFTABLES:libnftnl 495 +IPTABLES_NFTABLES:libnftnl
527 endef 496 endef
528   -  
529 define Package/libxtables-nft -  
530 $(call Package/iptables/Default) -  
531 SECTION:=libs -  
532 CATEGORY:=Libraries -  
533 TITLE:=IPv4/IPv6 firewall - shared xtables nft library -  
534 ABI_VERSION:=12 -  
535 DEPENDS:=libxtables -  
536 endef -  
537   497  
538 TARGET_CPPFLAGS := \ 498 TARGET_CPPFLAGS := \
539 -I$(PKG_BUILD_DIR)/include \ 499 -I$(PKG_BUILD_DIR)/include \
540 -I$(LINUX_DIR)/user_headers/include \ 500 -I$(LINUX_DIR)/user_headers/include \
541 $(TARGET_CPPFLAGS) 501 $(TARGET_CPPFLAGS)
542   502  
543 TARGET_CFLAGS += \ 503 TARGET_CFLAGS += \
544 -I$(PKG_BUILD_DIR)/include \ 504 -I$(PKG_BUILD_DIR)/include \
545 -I$(LINUX_DIR)/user_headers/include \ 505 -I$(LINUX_DIR)/user_headers/include \
546 -ffunction-sections -fdata-sections \ 506 -ffunction-sections -fdata-sections \
547 -DNO_LEGACY 507 -DNO_LEGACY
548   508  
549 TARGET_LDFLAGS += \ 509 TARGET_LDFLAGS += \
550 -Wl,--gc-sections 510 -Wl,--gc-sections
551   511  
552 CONFIGURE_ARGS += \ 512 CONFIGURE_ARGS += \
553 --enable-shared \ 513 --enable-shared \
554 --enable-static \ 514 --enable-static \
555 --enable-devel \ 515 --enable-devel \
556 --with-kernel="$(LINUX_DIR)/user_headers" \ 516 --with-kernel="$(LINUX_DIR)/user_headers" \
557 --with-xtlibdir=/usr/lib/iptables \ 517 --with-xtlibdir=/usr/lib/iptables \
558 --with-xt-lock-name=/var/run/xtables.lock \ 518 --with-xt-lock-name=/var/run/xtables.lock \
559 $(if $(CONFIG_IPTABLES_CONNLABEL),,--disable-connlabel) \ 519 $(if $(CONFIG_IPTABLES_CONNLABEL),,--disable-connlabel) \
560 $(if $(CONFIG_IPTABLES_NFTABLES),,--disable-nftables) \ 520 $(if $(CONFIG_IPTABLES_NFTABLES),,--disable-nftables) \
561 $(if $(CONFIG_IPV6),,--disable-ipv6) 521 $(if $(CONFIG_IPV6),,--disable-ipv6)
562   522  
563 MAKE_FLAGS := \ 523 MAKE_FLAGS := \
564 $(TARGET_CONFIGURE_OPTS) \ 524 $(TARGET_CONFIGURE_OPTS) \
565 COPT_FLAGS="$(TARGET_CFLAGS)" \ 525 COPT_FLAGS="$(TARGET_CFLAGS)" \
566 KERNEL_DIR="$(LINUX_DIR)/user_headers/" PREFIX=/usr \ 526 KERNEL_DIR="$(LINUX_DIR)/user_headers/" PREFIX=/usr \
567 KBUILD_OUTPUT="$(LINUX_DIR)" \ 527 KBUILD_OUTPUT="$(LINUX_DIR)" \
568 BUILTIN_MODULES="$(patsubst ip6t_%,%,$(patsubst ipt_%,%,$(patsubst xt_%,%,$(IPT_BUILTIN) $(IPT_CONNTRACK-m) $(IPT_NAT-m))))" 528 BUILTIN_MODULES="$(patsubst ip6t_%,%,$(patsubst ipt_%,%,$(patsubst xt_%,%,$(IPT_BUILTIN) $(IPT_CONNTRACK-m) $(IPT_NAT-m))))"
569   529  
570 ifneq ($(wildcard $(PKG_BUILD_DIR)/.config_*),$(subst .configured_,.config_,$(STAMP_CONFIGURED))) 530 ifneq ($(wildcard $(PKG_BUILD_DIR)/.config_*),$(subst .configured_,.config_,$(STAMP_CONFIGURED)))
571 define Build/Configure/rebuild 531 define Build/Configure/rebuild
572 $(FIND) $(PKG_BUILD_DIR) -name \*.o -or -name \*.\?o -or -name \*.a | $(XARGS) rm -f 532 $(FIND) $(PKG_BUILD_DIR) -name \*.o -or -name \*.\?o -or -name \*.a | $(XARGS) rm -f
573 rm -f $(PKG_BUILD_DIR)/.config_* 533 rm -f $(PKG_BUILD_DIR)/.config_*
574 rm -f $(PKG_BUILD_DIR)/.configured_* 534 rm -f $(PKG_BUILD_DIR)/.configured_*
575 touch $(subst .configured_,.config_,$(STAMP_CONFIGURED)) 535 touch $(subst .configured_,.config_,$(STAMP_CONFIGURED))
576 endef 536 endef
577 endif 537 endif
578   538  
579 define Build/Configure 539 define Build/Configure
580 $(Build/Configure/rebuild) 540 $(Build/Configure/rebuild)
581 $(Build/Configure/Default) 541 $(Build/Configure/Default)
582 endef 542 endef
583   543  
584 define Build/InstallDev 544 define Build/InstallDev
585 $(INSTALL_DIR) $(1)/usr/include 545 $(INSTALL_DIR) $(1)/usr/include
586 $(INSTALL_DIR) $(1)/usr/include/iptables 546 $(INSTALL_DIR) $(1)/usr/include/iptables
587 $(INSTALL_DIR) $(1)/usr/include/net/netfilter 547 $(INSTALL_DIR) $(1)/usr/include/net/netfilter
588   548  
589 # XXX: iptables header fixup, some headers are not installed by iptables anymore 549 # XXX: iptables header fixup, some headers are not installed by iptables anymore
590 $(CP) $(PKG_BUILD_DIR)/include/iptables/*.h $(1)/usr/include/iptables/ 550 $(CP) $(PKG_BUILD_DIR)/include/iptables/*.h $(1)/usr/include/iptables/
591 $(CP) $(PKG_BUILD_DIR)/include/iptables.h $(1)/usr/include/ 551 $(CP) $(PKG_BUILD_DIR)/include/iptables.h $(1)/usr/include/
592 $(CP) $(PKG_BUILD_DIR)/include/ip6tables.h $(1)/usr/include/ 552 $(CP) $(PKG_BUILD_DIR)/include/ip6tables.h $(1)/usr/include/
593 $(CP) $(PKG_BUILD_DIR)/include/libipulog $(1)/usr/include/ 553 $(CP) $(PKG_BUILD_DIR)/include/libipulog $(1)/usr/include/
594 $(CP) $(PKG_BUILD_DIR)/include/libiptc $(1)/usr/include/ 554 $(CP) $(PKG_BUILD_DIR)/include/libiptc $(1)/usr/include/
595   555  
596 $(CP) $(PKG_INSTALL_DIR)/usr/include/* $(1)/usr/include/ 556 $(CP) $(PKG_INSTALL_DIR)/usr/include/* $(1)/usr/include/
597 $(INSTALL_DIR) $(1)/usr/lib 557 $(INSTALL_DIR) $(1)/usr/lib
598 $(CP) $(PKG_INSTALL_DIR)/usr/lib/libxtables.so* $(1)/usr/lib/ 558 $(CP) $(PKG_INSTALL_DIR)/usr/lib/libxtables.so* $(1)/usr/lib/
599 $(CP) $(PKG_INSTALL_DIR)/usr/lib/libip*tc.so* $(1)/usr/lib/ 559 $(CP) $(PKG_INSTALL_DIR)/usr/lib/libip*tc.so* $(1)/usr/lib/
600 $(INSTALL_DIR) $(1)/usr/lib/pkgconfig 560 $(INSTALL_DIR) $(1)/usr/lib/pkgconfig
601 $(CP) $(PKG_INSTALL_DIR)/usr/lib/pkgconfig/xtables.pc $(1)/usr/lib/pkgconfig/ 561 $(CP) $(PKG_INSTALL_DIR)/usr/lib/pkgconfig/xtables.pc $(1)/usr/lib/pkgconfig/
602 $(CP) $(PKG_INSTALL_DIR)/usr/lib/pkgconfig/libip*tc.pc $(1)/usr/lib/pkgconfig/ 562 $(CP) $(PKG_INSTALL_DIR)/usr/lib/pkgconfig/libip*tc.pc $(1)/usr/lib/pkgconfig/
603   563  
604 # XXX: needed by firewall3 564 # XXX: needed by firewall3
605 $(CP) $(PKG_BUILD_DIR)/extensions/libiptext*.so $(1)/usr/lib/ 565 $(CP) $(PKG_BUILD_DIR)/extensions/libiptext*.so $(1)/usr/lib/
606 endef 566 endef
607   567  
608 define Package/iptables/install 568 define Package/iptables/install
609 $(INSTALL_DIR) $(1)/usr/sbin 569 $(INSTALL_DIR) $(1)/usr/sbin
610 $(CP) $(PKG_INSTALL_DIR)/usr/sbin/xtables-legacy-multi $(1)/usr/sbin/ 570 $(CP) $(PKG_INSTALL_DIR)/usr/sbin/xtables-multi $(1)/usr/sbin/
611 $(CP) $(PKG_INSTALL_DIR)/usr/sbin/iptables{,-restore,-save} $(1)/usr/sbin/ 571 $(CP) $(PKG_INSTALL_DIR)/usr/sbin/iptables{,-restore,-save} $(1)/usr/sbin/
612 $(INSTALL_DIR) $(1)/usr/lib/iptables 572 $(INSTALL_DIR) $(1)/usr/lib/iptables
613 endef 573 endef
614   -  
615 define Package/iptables-nft/install -  
616 $(INSTALL_DIR) $(1)/usr/sbin -  
617 $(CP) $(PKG_INSTALL_DIR)/usr/sbin/xtables-nft-multi $(1)/usr/sbin/ -  
618 $(CP) $(PKG_INSTALL_DIR)/usr/sbin/iptables-nft{,-restore,-save} $(1)/usr/sbin/ -  
619 $(CP) $(PKG_INSTALL_DIR)/usr/sbin/iptables{,-restore}-translate $(1)/usr/sbin/ -  
620 endef -  
621   574  
622 define Package/ip6tables/install 575 define Package/ip6tables/install
623 $(INSTALL_DIR) $(1)/usr/sbin 576 $(INSTALL_DIR) $(1)/usr/sbin
624 $(CP) $(PKG_INSTALL_DIR)/usr/sbin/ip6tables{,-restore,-save} $(1)/usr/sbin/ 577 $(CP) $(PKG_INSTALL_DIR)/usr/sbin/ip6tables{,-restore,-save} $(1)/usr/sbin/
625 endef 578 endef
626   -  
627 define Package/ip6tables-nft/install -  
628 $(INSTALL_DIR) $(1)/usr/sbin -  
629 $(CP) $(PKG_INSTALL_DIR)/usr/sbin/ip6tables-nft{,-restore,-save} $(1)/usr/sbin/ -  
630 $(CP) $(PKG_INSTALL_DIR)/usr/sbin/ip6tables{,-restore}-translate $(1)/usr/sbin/ -  
631 endef -  
632   579  
633 define Package/libiptc/install 580 define Package/libiptc/install
634 $(INSTALL_DIR) $(1)/usr/lib 581 $(INSTALL_DIR) $(1)/usr/lib
635 $(CP) $(PKG_INSTALL_DIR)/usr/lib/libiptc.so.* $(1)/usr/lib/ 582 $(CP) $(PKG_INSTALL_DIR)/usr/lib/libiptc.so* $(1)/usr/lib/
636 endef 583 endef
637   584  
638 define Package/libip4tc/install 585 define Package/libip4tc/install
639 $(INSTALL_DIR) $(1)/usr/lib 586 $(INSTALL_DIR) $(1)/usr/lib
640 $(CP) $(PKG_INSTALL_DIR)/usr/lib/libip4tc.so.* $(1)/usr/lib/ 587 $(CP) $(PKG_INSTALL_DIR)/usr/lib/libip4tc.so* $(1)/usr/lib/
641 $(CP) $(PKG_BUILD_DIR)/extensions/libiptext4.so $(1)/usr/lib/ 588 $(CP) $(PKG_BUILD_DIR)/extensions/libiptext4.so $(1)/usr/lib/
642 endef 589 endef
643   590  
644 define Package/libip6tc/install 591 define Package/libip6tc/install
645 $(INSTALL_DIR) $(1)/usr/lib 592 $(INSTALL_DIR) $(1)/usr/lib
646 $(CP) $(PKG_INSTALL_DIR)/usr/lib/libip6tc.so.* $(1)/usr/lib/ 593 $(CP) $(PKG_INSTALL_DIR)/usr/lib/libip6tc.so* $(1)/usr/lib/
647 $(CP) $(PKG_BUILD_DIR)/extensions/libiptext6.so $(1)/usr/lib/ 594 $(CP) $(PKG_BUILD_DIR)/extensions/libiptext6.so $(1)/usr/lib/
648 endef 595 endef
649   596  
650 define Package/libxtables/install 597 define Package/libxtables/install
651 $(INSTALL_DIR) $(1)/usr/lib 598 $(INSTALL_DIR) $(1)/usr/lib
652 $(CP) $(PKG_INSTALL_DIR)/usr/lib/libxtables.so.* $(1)/usr/lib/ 599 $(CP) $(PKG_INSTALL_DIR)/usr/lib/libxtables.so* $(1)/usr/lib/
653 $(CP) $(PKG_BUILD_DIR)/extensions/libiptext.so $(1)/usr/lib/ 600 $(CP) $(PKG_BUILD_DIR)/extensions/libiptext.so $(1)/usr/lib/
654 endef 601 endef
655   -  
656 define Package/libxtables-nft/install -  
657 $(INSTALL_DIR) $(1)/usr/lib -  
658 $(CP) $(PKG_BUILD_DIR)/extensions/libiptext_*.so $(1)/usr/lib/ -  
659 endef -  
660   602  
661 define BuildPlugin 603 define BuildPlugin
662 define Package/$(1)/install 604 define Package/$(1)/install
663 $(INSTALL_DIR) $$(1)/usr/lib/iptables 605 $(INSTALL_DIR) $$(1)/usr/lib/iptables
664 for m in $(patsubst xt_%,ipt_%,$(2)) $(patsubst ipt_%,xt_%,$(2)) $(patsubst xt_%,ip6t_%,$(2)) $(patsubst ip6t_%,xt_%,$(2)); do \ 606 for m in $(patsubst xt_%,ipt_%,$(2)) $(patsubst ipt_%,xt_%,$(2)) $(patsubst xt_%,ip6t_%,$(2)) $(patsubst ip6t_%,xt_%,$(2)); do \
665 if [ -f $(PKG_INSTALL_DIR)/usr/lib/iptables/lib$$$$$$$${m}.so ]; then \ 607 if [ -f $(PKG_INSTALL_DIR)/usr/lib/iptables/lib$$$$$$$${m}.so ]; then \
666 $(CP) $(PKG_INSTALL_DIR)/usr/lib/iptables/lib$$$$$$$${m}.so $$(1)/usr/lib/iptables/ ; \ 608 $(CP) $(PKG_INSTALL_DIR)/usr/lib/iptables/lib$$$$$$$${m}.so $$(1)/usr/lib/iptables/ ; \
667 fi; \ 609 fi; \
668 done 610 done
669 $(3) 611 $(3)
670 endef 612 endef
671   613  
672 $$(eval $$(call BuildPackage,$(1))) 614 $$(eval $$(call BuildPackage,$(1)))
673 endef 615 endef
674   616  
675 $(eval $(call BuildPackage,iptables)) 617 $(eval $(call BuildPackage,iptables))
676 $(eval $(call BuildPackage,iptables-nft)) -  
677 $(eval $(call BuildPlugin,iptables-mod-conntrack-extra,$(IPT_CONNTRACK_EXTRA-m))) 618 $(eval $(call BuildPlugin,iptables-mod-conntrack-extra,$(IPT_CONNTRACK_EXTRA-m)))
678 $(eval $(call BuildPlugin,iptables-mod-conntrack-label,$(IPT_CONNTRACK_LABEL-m))) 619 $(eval $(call BuildPlugin,iptables-mod-conntrack-label,$(IPT_CONNTRACK_LABEL-m)))
679 $(eval $(call BuildPlugin,iptables-mod-extra,$(IPT_EXTRA-m))) 620 $(eval $(call BuildPlugin,iptables-mod-extra,$(IPT_EXTRA-m)))
680 $(eval $(call BuildPlugin,iptables-mod-physdev,$(IPT_PHYSDEV-m))) 621 $(eval $(call BuildPlugin,iptables-mod-physdev,$(IPT_PHYSDEV-m)))
681 $(eval $(call BuildPlugin,iptables-mod-filter,$(IPT_FILTER-m))) 622 $(eval $(call BuildPlugin,iptables-mod-filter,$(IPT_FILTER-m)))
682 $(eval $(call BuildPlugin,iptables-mod-ipopt,$(IPT_IPOPT-m))) 623 $(eval $(call BuildPlugin,iptables-mod-ipopt,$(IPT_IPOPT-m)))
683 $(eval $(call BuildPlugin,iptables-mod-ipsec,$(IPT_IPSEC-m))) 624 $(eval $(call BuildPlugin,iptables-mod-ipsec,$(IPT_IPSEC-m)))
684 $(eval $(call BuildPlugin,iptables-mod-nat-extra,$(IPT_NAT_EXTRA-m))) 625 $(eval $(call BuildPlugin,iptables-mod-nat-extra,$(IPT_NAT_EXTRA-m)))
685 $(eval $(call BuildPlugin,iptables-mod-iprange,$(IPT_IPRANGE-m))) 626 $(eval $(call BuildPlugin,iptables-mod-iprange,$(IPT_IPRANGE-m)))
686 $(eval $(call BuildPlugin,iptables-mod-cluster,$(IPT_CLUSTER-m))) 627 $(eval $(call BuildPlugin,iptables-mod-cluster,$(IPT_CLUSTER-m)))
687 $(eval $(call BuildPlugin,iptables-mod-clusterip,$(IPT_CLUSTERIP-m))) 628 $(eval $(call BuildPlugin,iptables-mod-clusterip,$(IPT_CLUSTERIP-m)))
688 $(eval $(call BuildPlugin,iptables-mod-ulog,$(IPT_ULOG-m))) 629 $(eval $(call BuildPlugin,iptables-mod-ulog,$(IPT_ULOG-m)))
689 $(eval $(call BuildPlugin,iptables-mod-hashlimit,$(IPT_HASHLIMIT-m))) 630 $(eval $(call BuildPlugin,iptables-mod-hashlimit,$(IPT_HASHLIMIT-m)))
690 $(eval $(call BuildPlugin,iptables-mod-rpfilter,$(IPT_RPFILTER-m))) 631 $(eval $(call BuildPlugin,iptables-mod-rpfilter,$(IPT_RPFILTER-m)))
691 $(eval $(call BuildPlugin,iptables-mod-led,$(IPT_LED-m))) 632 $(eval $(call BuildPlugin,iptables-mod-led,$(IPT_LED-m)))
692 $(eval $(call BuildPlugin,iptables-mod-tproxy,$(IPT_TPROXY-m))) 633 $(eval $(call BuildPlugin,iptables-mod-tproxy,$(IPT_TPROXY-m)))
693 $(eval $(call BuildPlugin,iptables-mod-tee,$(IPT_TEE-m))) 634 $(eval $(call BuildPlugin,iptables-mod-tee,$(IPT_TEE-m)))
694 $(eval $(call BuildPlugin,iptables-mod-u32,$(IPT_U32-m))) 635 $(eval $(call BuildPlugin,iptables-mod-u32,$(IPT_U32-m)))
695 $(eval $(call BuildPlugin,iptables-mod-nflog,$(IPT_NFLOG-m))) 636 $(eval $(call BuildPlugin,iptables-mod-nflog,$(IPT_NFLOG-m)))
696 $(eval $(call BuildPlugin,iptables-mod-trace,$(IPT_DEBUG-m))) 637 $(eval $(call BuildPlugin,iptables-mod-trace,$(IPT_DEBUG-m)))
697 $(eval $(call BuildPlugin,iptables-mod-nfqueue,$(IPT_NFQUEUE-m))) 638 $(eval $(call BuildPlugin,iptables-mod-nfqueue,$(IPT_NFQUEUE-m)))
698 $(eval $(call BuildPlugin,iptables-mod-checksum,$(IPT_CHECKSUM-m))) 639 $(eval $(call BuildPlugin,iptables-mod-checksum,$(IPT_CHECKSUM-m)))
699 $(eval $(call BuildPackage,ip6tables)) 640 $(eval $(call BuildPackage,ip6tables))
700 $(eval $(call BuildPackage,ip6tables-nft)) -  
701 $(eval $(call BuildPlugin,ip6tables-extra,$(IPT_IPV6_EXTRA-m))) 641 $(eval $(call BuildPlugin,ip6tables-extra,$(IPT_IPV6_EXTRA-m)))
702 $(eval $(call BuildPlugin,ip6tables-mod-nat,$(IPT_NAT6-m))) 642 $(eval $(call BuildPlugin,ip6tables-mod-nat,$(IPT_NAT6-m)))
703 $(eval $(call BuildPackage,libiptc)) 643 $(eval $(call BuildPackage,libiptc))
704 $(eval $(call BuildPackage,libip4tc)) 644 $(eval $(call BuildPackage,libip4tc))
705 $(eval $(call BuildPackage,libip6tc)) 645 $(eval $(call BuildPackage,libip6tc))
706 $(eval $(call BuildPackage,libxtables)) 646 $(eval $(call BuildPackage,libxtables))
707 $(eval $(call BuildPackage,libxtables-nft)) -  
708   647