aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorSteven Barth <cyrus@openwrt.org>2014-09-17 12:11:06 +0000
committerSteven Barth <cyrus@openwrt.org>2014-09-17 12:11:06 +0000
commit72e6e0b85bf75f1c6728cf95aaa8da86caf80d6c (patch)
tree3208f8166627be84da7a327c8cd9b29af5463078
parent2f7d8539bdad64432c727dda56c1f2e036deffb9 (diff)
downloadupstream-72e6e0b85bf75f1c6728cf95aaa8da86caf80d6c.tar.gz
upstream-72e6e0b85bf75f1c6728cf95aaa8da86caf80d6c.tar.bz2
upstream-72e6e0b85bf75f1c6728cf95aaa8da86caf80d6c.zip
nftables: introduce experimental nftables
Signed-off-by: Steven Barth <steven@midlink.org> SVN-Revision: 42598
-rw-r--r--package/network/utils/nftables/Makefile39
-rw-r--r--package/network/utils/nftables/patches/100-no-interactive.patch38
2 files changed, 77 insertions, 0 deletions
diff --git a/package/network/utils/nftables/Makefile b/package/network/utils/nftables/Makefile
new file mode 100644
index 0000000000..8fccc65cc6
--- /dev/null
+++ b/package/network/utils/nftables/Makefile
@@ -0,0 +1,39 @@
+# Copyright (C) 2014 OpenWrt.org
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=nftables
+PKG_VERSION:=0.3+2014-09-11
+PKG_RELEASE:=1
+
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
+PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)
+PKG_SOURCE_URL:=git://git.netfilter.org/nftables
+PKG_SOURCE_PROTO:=git
+PKG_SOURCE_VERSION:=ae355b89e7b74c28de753bf2878a8e189030ad47
+PKG_MAINTAINER:=Steven Barth <steven@midlink.org>
+
+PKG_FIXUP:=autoreconf
+
+include $(INCLUDE_DIR)/package.mk
+
+define Package/nftables
+ SECTION:=net
+ CATEGORY:=Network
+ SUBMENU:=Firewall
+ TITLE:=nftables packet filtering userspace utility
+ DEPENDS:=+kmod-nft-core +kmod-nft-nat +libnftnl +libgmp
+ URL:=http://netfilter.org/projects/nftables/
+endef
+
+
+define Package/nftables/install
+ $(INSTALL_DIR) $(1)/usr/sbin
+ $(CP) $(PKG_BUILD_DIR)/src/nft $(1)/usr/sbin/
+endef
+
+$(eval $(call BuildPackage,nftables))
diff --git a/package/network/utils/nftables/patches/100-no-interactive.patch b/package/network/utils/nftables/patches/100-no-interactive.patch
new file mode 100644
index 0000000000..47eb32c1c8
--- /dev/null
+++ b/package/network/utils/nftables/patches/100-no-interactive.patch
@@ -0,0 +1,38 @@
+--- a/src/Makefile.in
++++ b/src/Makefile.in
+@@ -3,7 +3,6 @@ PROGRAMS += nft
+ nft-destdir := @sbindir@
+
+ nft-obj += main.o
+-nft-obj += cli.o
+ nft-obj += rule.o
+ nft-obj += statement.o
+ nft-obj += datatype.o
+--- a/src/main.c
++++ b/src/main.c
+@@ -334,7 +334,7 @@ int main(int argc, char * const *argv)
+ if (scanner_read_file(scanner, filename, &internal_location) < 0)
+ goto out;
+ } else if (interactive) {
+- cli_init(&state);
++ fprintf(stderr, "%s: interactive mode not supported\n", argv[0]);
+ return 0;
+ } else {
+ fprintf(stderr, "%s: no command specified\n", argv[0]);
+--- a/configure.ac
++++ b/configure.ac
+@@ -71,13 +71,11 @@ AC_CHECK_LIB([nftnl], [nft_rule_alloc],
+ AC_CHECK_LIB([gmp], [__gmpz_init], ,
+ AC_MSG_ERROR([No suitable version of libgmp found]))
+
+-AC_CHECK_LIB([readline], [readline], ,
+- AC_MSG_ERROR([No suitable version of libreadline found]))
+
+ # Checks for header files.
+ AC_HEADER_STDC
+ AC_HEADER_ASSERT
+-AC_CHECK_HEADERS([arpa/inet.h fcntl.h inttypes.h libintl.h limits.h malloc.h \
++AC_CHECK_HEADERS([arpa/inet.h fcntl.h inttypes.h limits.h malloc.h \
+ netdb.h netinet/in.h netinet/ip.h netinet/ip6.h \
+ netinet/tcp.h netinet/udp.h netinet/ip_icmp.h \
+ stddef.h stdint.h stdlib.h string.h unistd.h], ,