/*
 * QEMU USB HID devices
 * 
 * Copyright (c) 2005 Fabrice Bellard
 * 
 * Permission is hereby granted, free of charge, to any person obtaining a copy
 * of this software and associated documentation files (the "Software"), to deal
 * in the Software without restriction, including without limitation the rights
 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 * copies of the Software, and to permit persons to whom the Software is
 * furnished to do so, subject to the following conditions:
 *
 * The above copyright notice and this permission notice shall be included in
 * all copies or substantial portions of the Software.
 *
 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 * THE SOFTWARE.
 */
#include "vl.h"

/* HID interface requests */
#define GET_REPORT   0xa101
#define GET_IDLE     0xa102
#define GET_PROTOCOL 0xa103
#define SET_IDLE     0x210a
#define SET_PROTOCOL 0x210b

#define USB_MOUSE  1
#define USB_TABLET 2

typedef struct USBMouseState {
    USBDevice dev;
    int dx, dy, dz, buttons_state;
    int x, y;
    int kind;
    int mouse_grabbed;
    int status_changed;
    QEMUPutMouseEntry *eh_entry;
} USBMouseState;

/* mostly the same values as the Bochs USB Mouse device */
static const uint8_t qemu_mouse_dev_descriptor[] = {
	0x12,       /*  u8 bLength; */
	0x01,       /*  u8 bDescriptorType; Device */
	0x10, 0x00, /*  u16 bcdUSB; v1.0 */

	0x00,	    /*  u8  bDeviceClass; */
	0x00,	    /*  u8  bDeviceSubClass; */
	0x00,       /*  u8  bDeviceProtocol; [ low/full speeds only ] */
	0x08,       /*  u8  bMaxPacketSize0; 8 Bytes */

	0x27, 0x06, /*  u16 idVendor; */
 	0x01, 0x00, /*  u16 idProduct; */
	0x00, 0x00, /*  u16 bcdDevice */

	0x03,       /*  u8  iManufacturer; */
	0x02,       /*  u8  iProduct; */
	0x01,       /*  u8  iSerialNumber; */
	0x01        /*  u8  bNumConfigurations; */
};

static const uint8_t qemu_mouse_config_descriptor[] = {
	/* one configuration */
	0x09,       /*  u8  bLength; */
	0x02,       /*  u8  bDescriptorType; Configuration */
	0x22, 0x00, /*  u16 wTotalLength; */
	0x01,       /*  u8  bNumInterfaces; (1) */
	0x01,       /*  u8  bConfigurationValue; */
	0x04,       /*  u8  iConfiguration; */
	0xa0,       /*  u8  bmAttributes; 
				 Bit 7: must be set,
				     6: Self-powered,
				     5: Remote wakeup,
				     4..0: resvd */
	50,         /*  u8  MaxPower; */
      
	/* USB 1.1:
	 * USB 2.0, single TT organization (mandatory):
	 *	one interface, protocol 0
	 *
	 * USB 2.0, multiple TT organization (optional):
	 *	two interfaces, protocols 1 (like single TT)
	 *	and 2 (multiple TT mode) ... config is
	 *	sometimes settable
	 *	NOT IMPLEMENTED
	 */

	/* one interface */
	0x09,       /*  u8  if_bLength; */
	0x04,       /*  u8  if_bDescriptorType; Interface */
	0x00,       /*  u8  if_bInterfaceNumber; */
	0x00,       /*  u8  if_bAlternateSetting; */
	0x01,       /*  u8  if_bNumEndpoints; */
	0x03,       /*  u8  if_bInterfaceClass; */
	0x01,       /*  u8  if_bInterfaceSubClass; */
	0x02,       /*  u8  if_bInterfaceProtocol; [usb1.1 or single tt] */
	0x05,       /*  u8  if_iInterface; */
     
        /* HID descriptor */
        0x09,        /*  u8  bLength; */
        0x21,        /*  u8 bDescriptorType; */
        0x01, 0x00,  /*  u16 HID_class */
        0x00,        /*  u8 country_code */
        0x01,        /*  u8 num_descriptors */
        0x22,        /*  u8 type; Report */
        50, 0,       /*  u16 len */

	/* one endpoint (status change endpoint) */
	0x07,       /*  u8  ep_bLength; */
	0x05,       /*  u8  ep_bDescriptorType; Endpoint */
	0x81,       /*  u8  ep_bEndpointAddress; IN Endpoint 1 */
 	0x03,       /*  u8  ep_bmAttributes; Interrupt */
 	0x03, 0x00, /*  u16 ep_wMaxPacketSize; */
	0x0a,       /*  u8  ep_bInterval; (255ms -- usb 2.0 spec) */
};

static const uint8_t qemu_tablet_config_descriptor[] = {
	/* one configuration */
	0x09,       /*  u8  bLength; */
	0x02,       /*  u8  bDescriptorType; Configuration */
	0x22, 0x00, /*  u16 wTotalLength; */
	0x01,       /*  u8  bNumInterfaces; (1) */
	0x01,       /*  u8  bConfigurationValue; */
	0x04,       /*  u8  iConfiguration; */
	0xa0,       /*  u8  bmAttributes; 
				 Bit 7: must be set,
				     6: Self-powered,
				     5: Remote wakeup,
				     4..0: resvd */
	50,         /*  u8  MaxPower; */
      
	/* USB 1.1:
	 * USB 2.0, single TT organization (mandatory):
	 *	one interface, protocol 0
	 *
	 * USB 2.0, multiple TT organization (optional):
	 *	two interfaces, protocols 1 (like single TT)
	 *	and 2 (multiple TT mode) ... config is
	 *	sometimes settable
	 *	NOT IMPLEMENTED
	 */

	/* one interface */
	0x09,       /*  u8  if_bLength; */
	0x04,       /*  u8  if_bDescriptorType; Interface */
	0x00,       /*  u8  if_bInterfaceNumber; */
	0x00,       /*  u8  if_bAlternateSetting; */
	0x01,       /*  u8  if_bNumEndpoints; */
	0x03,       /*  u8  if_bInterfaceClass; */
	0x01,       /*  u8  if_bInterfaceSubClass; */
	0x02,       /*  u8  if_bInterfaceProtocol; [usb1.1 or single tt] */
	0x05,       /*  u8  if_iInterface; */

        /* HID descriptor */
        0x09,        /*  u8  bLength; */
        0x21,        /*  u8 bDescriptorType; */
        0x01, 0x00,  /*  u16 HID_class */
        0x00,        /*  u8 country_code */
        0x01,        /*  u8 num_descriptors */
        0x22,        /*  u8 type; Report */
        74, 0,       /*  u16 len */

	/* one endpoint (status change endpoint) */
	0x07,       /*  u8  ep_bLength; */
	0x05,       /*  u8  ep_bDescriptorType; Endpoint */
	0x81,       /*  u8  ep_bEndpointAddress; IN Endpoint 1 */
 	0x03,       /*  u8  ep_bmAttributes; Interrupt */
 	0x08, 0x00, /*  u16 ep_wMaxPacketSize; */
	0x03,       /*  u8  ep_bInterval; (255ms -- usb 2.0 spec) */
};

static const uint8_t qemu_mouse_hid_report_descriptor[] = {
    0x05, 0x01, 0x09, 0x02, 0xA1, 0x01, 0x09, 0x01, 
    0xA1, 0x00, 0x05, 0x09, 0x19, 0x01, 0x29, 0x03,
    0x15, 0x00, 0x25, 0x01, 0x95, 0x03, 0x75, 0x01, 
    0x81, 0x02, 0x95, 0x01, 0x75, 0x05, 0x81, 0x01,
    0x05, 0x01, 0x09, 0x30, 0x09, 0x31, 0x15, 0x81, 
    0x25, 0x7F, 0x75, 0x08, 0x95, 0x02, 0x81, 0x06,
    0xC0, 0xC0,
};

static const uint8_t qemu_tablet_hid_report_descriptor[] = {
        0x05, 0x01, /* Usage Page Generic Desktop */
        0x09, 0x01, /* Usage Mouse */
        0xA1, 0x01, /* Collection Application */
        0x09, 0x01, /* Usage Pointer */
        0xA1, 0x00, /* Collection Physical */
        0x05, 0x09, /* Usage Page Button */
        0x19, 0x01, /* Usage Minimum Button 1 */
        0x29, 0x03, /* Usage Maximum Button 3 */
        0x15, 0x00, /* Logical Minimum 0 */
        0x25, 0x01, /* Logical Maximum 1 */
        0x95, 0x03, /* Report Count 3 */
        0x75, 0x01, /* Report Size 1 */
        0x81, 0x02, /* Input (Data, Var, Abs) */
        0x95, 0x01, /* Report Count 1 */
        0x75, 0x05, /* Report Size 5 */
        0x81, 0x01, /* Input (Cnst, Var, Abs) */
        0x05, 0x01, /* Usage Page Generic Desktop */
        0x09, 0x30, /* Usage X */
        0x09, 0x31, /* Usage Y */
        0x15, 0x00, /* Logical Minimum 0 */
        0x26, 0xFF, 0x7F, /* Logical Maximum 0x7fff */
        0x35, 0x00, /* Physical Minimum 0 */
        0x46, 0xFE, 0x7F, /* Physical Maximum 0x7fff */
        0x75, 0x10, /* Report Size 16 */
        0x95, 0x02, /* Report Count 2 */
        0x81, 0x02, /* Input (Data, Var, Abs) */
        0x05, 0x01, /* Usage Page Generic Desktop */
        0x09, 0x38, /* Usage Wheel */
        0x15, 0x81, /* Logical Minimum -127 */
        0x25, 0x7F, /* Logical Maximum 127 */
        0x35, 0x00, /* Physical Minimum 0 (same as logical) */
        0x45, 0x00, /* Physical Maximum 0 (same as logical) */
        0x75, 0x08, /* Report Size 8 */
        0x95, 0x01, /* Report Count 1 */
        0x81, 0x02, /* Input (Data, Var, Rel) */
        0xC0,       /* End Collection */
        0xC0,       /* End Collection */
};

static void usb_mouse_event(void *opaque,
                            int dx1, int dy1, int dz1, int buttons_state)
{
    USBMouseState *s = opaque;

    s->dx += dx1;
    s->dy += dy1;
    s->dz += dz1;
    s->buttons_state = buttons_state;
    s->status_changed = 1;
}

static void usb_tablet_event(void *opaque,
			     int x, int y, int dz, int buttons_state)
{
    USBMouseState *s = opaque;

    s->x = x;
    s->y = y;
    s->dz += dz;
    s->buttons_state = buttons_state;
    s->status_changed = 1;
}

static inline int int_clamp(int val, int vmin, int vmax)
{
    if (val < vmin)
        return vmin;
    else if (val > vmax)
        return vmax;
    else
        return val;
}

static int usb_mouse_poll(USBMouseState *s, uint8_t *buf, int len)
{
    int dx, dy, dz, b, l;

    if (!s->mouse_grabbed) {
	s->eh_entry = qemu_add_mouse_event_handler(usb_mouse_event, s,
                                                  0, "QEMU USB Mouse");
	s->mouse_grabbed = 1;
    }
    
    dx = int_clamp(s->dx, -128, 127);
    dy = int_clamp(s->dy, -128, 127);
    dz = int_clamp(s->dz, -128, 127);

    s->dx -= dx;
    s->dy -= dy;
    s->dz -= dz;
    
    b = 0;
    if (s->buttons_state & MOUSE_EVENT_LBUTTON)
        b |= 0x01;
    if (s->buttons_state & MOUSE_EVENT_RBUTTON)
        b |= 0x02;
    if (s->buttons_state & MOUSE_EVENT_MBUTTON)
        b |= 0x04;
    
    buf[0] = b;
    buf[1] = dx;
    buf[2] = dy;
    l = 3;
    if (len >= 4) {
        buf[3] = dz;
        l = 4;
    }
    return l;
}

static int usb_tablet_poll(USBMouseState *s, uint8_t *buf, int len)
{
    int dz, b, l;

    if (!s->mouse_grabbed) {
	s->eh_entry = qemu_add_mouse_event_handler(usb_tablet_event, s,
                                                  1, "QEMU USB Tablet");
	s->mouse_grabbed = 1;
    }
    
    dz = int_clamp(s->dz, -128, 127);
    s->dz -= dz;

    /* Appears we have to invert the wheel direction */
    dz = 0 - dz;
    b = 0;
    if (s->buttons_state & MOUSE_EVENT_LBUTTON)
        b |= 0x01;
    if (s->buttons_state & MOUSE_EVENT_RBUTTON)
        b |= 0x02;
    if (s->buttons_state & MOUSE_EVENT_MBUTTON)
        b |= 0x04;

    buf[0] = b;
    buf[1] = s->x & 0xff;
    buf[2] = s->x >> 8;
    buf[3] = s->y & 0xff;
    buf[4] = s->y >> 8;
    buf[5] = dz;
    l = 6;

    return l;
}

static void usb_mouse_handle_reset(USBDevice *dev)
{
    USBMouseState *s = (USBMouseState *)dev;

    s->dx = 0;
    s->dy = 0;
    s->dz = 0;
    s->x = 0;
    s->y = 0;
    s->buttons_state = 0;
}

static int usb_mouse_handle_control(USBDevice *dev, int request, int value,
                                  int index, int length, uint8_t *data)
{
    USBMouseState *s = (USBMouseState *)dev;
    int ret = 0;

    switch(request) {
    case DeviceRequest | USB_REQ_GET_STATUS:
        data[0] = (1 << USB_DEVICE_SELF_POWERED) |
            (dev->remote_wakeup << USB_DEVICE_REMOTE_WAKEUP);
        data[1] = 0x00;
        ret = 2;
        break;
    case DeviceOutRequest | USB_REQ_CLEAR_FEATURE:
        if (value == USB_DEVICE_REMOTE_WAKEUP) {
            dev->remote_wakeup = 0;
        } else {
            goto fail;
        }
        ret = 0;
        break;
    case DeviceOutRequest | USB_REQ_SET_FEATURE:
        if (value == USB_DEVICE_REMOTE_WAKEUP) {
            dev->remote_wakeup = 1;
        } else {
            goto fail;
        }
        ret = 0;
        break;
    case DeviceOutRequest | USB_REQ_SET_ADDRESS:
        dev->addr = value;
        ret = 0;
        break;
    case DeviceRequest | USB_REQ_GET_DESCRIPTOR:
        switch(value >> 8) {
        case USB_DT_DEVICE:
            memcpy(data, qemu_mouse_dev_descriptor, 
                   sizeof(qemu_mouse_dev_descriptor));
            ret = sizeof(qemu_mouse_dev_descriptor);
            break;
        case USB_DT_CONFIG:
	    if (s->kind == USB_MOUSE) {
		memcpy(data, qemu_mouse_config_descriptor, 
		       sizeof(qemu_mouse_config_descriptor));
		ret = sizeof(qemu_mouse_config_descriptor);
	    } else if (s->kind == USB_TABLET) {
		memcpy(data, qemu_tablet_config_descriptor, 
		       sizeof(qemu_tablet_config_descriptor));
		ret = sizeof(qemu_tablet_config_descriptor);
	    }		
            break;
        case USB_DT_STRING:
            switch(value & 0xff) {
            case 0:
                /* language ids */
                data[0] = 4;
                data[1] = 3;
                data[2] = 0x09;
                data[3] = 0x04;
                ret = 4;
                break;
            case 1:
                /* serial number */
                ret = set_usb_string(data, "1");
                break;
            case 2:
                /* product description */
		if (s->kind == USB_MOUSE)
		    ret = set_usb_string(data, "QEMU USB Mouse");
		else if (s->kind == USB_TABLET)
		    ret = set_usb_string(data, "QEMU USB Tablet");
                break;
            case 3:
                /* vendor description */
                ret = set_usb_string(data, "QEMU " QEMU_VERSION);
                break;
            case 4:
                ret = set_usb_string(data, "HID Mouse");
                break;
            case 5:
                ret = set_usb_string(data, "Endpoint1 Interrupt Pipe");
                break;
            default:
                goto fail;
            }
            break;
        default:
            goto fail;
        }
        break;
    case DeviceRequest | USB_REQ_GET_CONFIGURATION:
        data[0] = 1;
        ret = 1;
        break;
    case DeviceOutRequest | USB_REQ_SET_CONFIGURATION:
        ret = 0;
        break;
    case DeviceRequest | USB_REQ_GET_INTERFACE:
        data[0] = 0;
        ret = 1;
        break;
    case DeviceOutRequest | USB_REQ_SET_INTERFACE:
        ret = 0;
        break;
        /* hid specific requests */
    case InterfaceRequest | USB_REQ_GET_DESCRIPTOR:
        switch(value >> 8) {
        case 0x22:
	    if (s->kind == USB_MOUSE) {
		memcpy(data, qemu_mouse_hid_report_descriptor, 
		       sizeof(qemu_mouse_hid_report_descriptor));
		ret = sizeof(qemu_mouse_hid_report_descriptor);
	    } else if (s->kind == USB_TABLET) {
		memcpy(data, qemu_tablet_hid_report_descriptor, 
		       sizeof(qemu_tablet_hid_report_descriptor));
		ret = sizeof(qemu_tablet_hid_report_descriptor);
	    }
	    break;
        default:
            goto fail;
        }
        break;
    case GET_REPORT:
	if (s->kind == USB_MOUSE)
	    ret = usb_mouse_poll(s, data, length);
	else if (s->kind == USB_TABLET)
	    ret = usb_tablet_poll(s, data, length);
        break;
    case SET_IDLE:
        ret = 0;
        break;
    default:
    fail:
        ret = USB_RET_STALL;
        break;
    }
    return ret;
}

static int usb_mouse_handle_data(USBDevice *dev, USBPacket *p)
{
    USBMouseState *s = (USBMouseState *)dev;
    int ret = 0;

    switch(p->pid) {
    case USB_TOKEN_IN:
        if (p->devep == 1) {
            if (s->kind == USB_MOUSE)
                ret = usb_mouse_poll(s, p->data, p->len);
            else if (s->kind == USB_TABLET)
                ret = usb_tablet_poll(s, p->data, p->len);

            if (!s->status_changed)
                ret = USB_RET_NAK;
            else
                s->status_changed = 0;

        } else {
            goto fail;
        }
        break;
    case USB_TOKEN_OUT:
    default:
    fail:
        ret = USB_RET_STALL;
        break;
    }
    return ret;
}

static void usb_mouse_handle_destroy(USBDevice *dev)
{
    USBMouseState *s = (USBMouseState *)dev;

    qemu_remove_mouse_event_handler(s->eh_entry);
    qemu_free(s);
}

void usb_mouse_save(QEMUFile *f, void *opaque)
{
    USBMouseState *s = (USBMouseState*)opaque;

    qemu_put_be32s(f, &s->dx);
    qemu_put_be32s(f, &s->dy);
    qemu_put_be32s(f, &s->dz);
    qemu_put_be32s(f, &s->buttons_state);
    qemu_put_be32s(f, &s->x);
    qemu_put_be32s(f, &s->y);
    qemu_put_be32s(f, &s->kind);
    qemu_put_be32s(f, &s->mouse_grabbed);
    qemu_put_be32s(f, &s->status_changed);

}

int usb_mouse_load(QEMUFile *f, void *opaque, int version_id)
{
    USBMouseState *s = (USBMouseState*)opaque;

    if (version_id != 1)
        return -EINVAL;

    qemu_get_be32s(f, &s->dx);
    qemu_get_be32s(f, &s->dy);
    qemu_get_be32s(f, &s->dz);
    qemu_get_be32s(f, &s->buttons_state);
    qemu_get_be32s(f, &s->x);
    qemu_get_be32s(f, &s->y);
    qemu_get_be32s(f, &s->kind);
    qemu_get_be32s(f, &s->mouse_grabbed);
    qemu_get_be32s(f, &s->status_changed);

    if ( s->kind == USB_TABLET) {
        fprintf(logfile, "usb_mouse_load:add usb_tablet_event.\n");
        qemu_add_mouse_event_handler(usb_tablet_event, s, 1, "QEMU USB Tablet");
    } else if ( s->kind == USB_MOUSE) {
        fprintf(logfile, "usb_mouse_load:add usb_mouse_event.\n");
        qemu_add_mouse_event_handler(usb_mouse_event, s, 0, "QEMU USB MOUSE");
    }

    return 0;
}


USBDevice *usb_tablet_init(void)
{
    USBMouseState *s;

    s = qemu_mallocz(sizeof(USBMouseState));
    if (!s)
        return NULL;
    s->dev.speed = USB_SPEED_FULL;
    s->dev.handle_packet = usb_generic_handle_packet;

    s->dev.handle_reset = usb_mouse_handle_reset;
    s->dev.handle_control = usb_mouse_handle_control;
    s->dev.handle_data = usb_mouse_handle_data;
    s->dev.handle_destroy = usb_mouse_handle_destroy;
    s->kind = USB_TABLET;
    s->status_changed = 0;

    pstrcpy(s->dev.devname, sizeof(s->dev.devname), "QEMU USB Tablet");

    register_savevm("USB tablet dev", 0, 1, usb_mouse_save, usb_mouse_load, s);

    return (USBDevice *)s;
}

USBDevice *usb_mouse_init(void)
{
    USBMouseState *s;

    s = qemu_mallocz(sizeof(USBMouseState));
    if (!s)
        return NULL;
    s->dev.speed = USB_SPEED_FULL;
    s->dev.handle_packet = usb_generic_handle_packet;

    s->dev.handle_reset = usb_mouse_handle_reset;
    s->dev.handle_control = usb_mouse_handle_control;
    s->dev.handle_data = usb_mouse_handle_data;
    s->dev.handle_destroy = usb_mouse_handle_destroy;
    s->kind = USB_MOUSE;
    s->status_changed = 0;

    pstrcpy(s->dev.devname, sizeof(s->dev.devname), "QEMU USB Mouse");

    register_savevm("USB mouse dev", 0, 1, usb_mouse_save, usb_mouse_load, s);

    return (USBDevice *)s;
}
447' href='#n447'>447</a>
<a id='n448' href='#n448'>448</a>
<a id='n449' href='#n449'>449</a>
<a id='n450' href='#n450'>450</a>
<a id='n451' href='#n451'>451</a>
<a id='n452' href='#n452'>452</a>
<a id='n453' href='#n453'>453</a>
<a id='n454' href='#n454'>454</a>
<a id='n455' href='#n455'>455</a>
<a id='n456' href='#n456'>456</a>
<a id='n457' href='#n457'>457</a>
<a id='n458' href='#n458'>458</a>
<a id='n459' href='#n459'>459</a>
<a id='n460' href='#n460'>460</a>
<a id='n461' href='#n461'>461</a>
<a id='n462' href='#n462'>462</a>
<a id='n463' href='#n463'>463</a>
<a id='n464' href='#n464'>464</a>
<a id='n465' href='#n465'>465</a>
<a id='n466' href='#n466'>466</a>
<a id='n467' href='#n467'>467</a>
<a id='n468' href='#n468'>468</a>
<a id='n469' href='#n469'>469</a>
<a id='n470' href='#n470'>470</a>
<a id='n471' href='#n471'>471</a>
<a id='n472' href='#n472'>472</a>
<a id='n473' href='#n473'>473</a>
<a id='n474' href='#n474'>474</a>
<a id='n475' href='#n475'>475</a>
<a id='n476' href='#n476'>476</a>
<a id='n477' href='#n477'>477</a>
<a id='n478' href='#n478'>478</a>
<a id='n479' href='#n479'>479</a>
<a id='n480' href='#n480'>480</a>
<a id='n481' href='#n481'>481</a>
<a id='n482' href='#n482'>482</a>
<a id='n483' href='#n483'>483</a>
<a id='n484' href='#n484'>484</a>
<a id='n485' href='#n485'>485</a>
<a id='n486' href='#n486'>486</a>
<a id='n487' href='#n487'>487</a>
<a id='n488' href='#n488'>488</a>
<a id='n489' href='#n489'>489</a>
<a id='n490' href='#n490'>490</a>
<a id='n491' href='#n491'>491</a>
<a id='n492' href='#n492'>492</a>
<a id='n493' href='#n493'>493</a>
<a id='n494' href='#n494'>494</a>
<a id='n495' href='#n495'>495</a>
<a id='n496' href='#n496'>496</a>
<a id='n497' href='#n497'>497</a>
<a id='n498' href='#n498'>498</a>
<a id='n499' href='#n499'>499</a>
<a id='n500' href='#n500'>500</a>
<a id='n501' href='#n501'>501</a>
<a id='n502' href='#n502'>502</a>
<a id='n503' href='#n503'>503</a>
<a id='n504' href='#n504'>504</a>
<a id='n505' href='#n505'>505</a>
<a id='n506' href='#n506'>506</a>
<a id='n507' href='#n507'>507</a>
<a id='n508' href='#n508'>508</a>
<a id='n509' href='#n509'>509</a>
<a id='n510' href='#n510'>510</a>
<a id='n511' href='#n511'>511</a>
<a id='n512' href='#n512'>512</a>
<a id='n513' href='#n513'>513</a>
<a id='n514' href='#n514'>514</a>
<a id='n515' href='#n515'>515</a>
<a id='n516' href='#n516'>516</a>
<a id='n517' href='#n517'>517</a>
<a id='n518' href='#n518'>518</a>
<a id='n519' href='#n519'>519</a>
<a id='n520' href='#n520'>520</a>
<a id='n521' href='#n521'>521</a>
<a id='n522' href='#n522'>522</a>
<a id='n523' href='#n523'>523</a>
<a id='n524' href='#n524'>524</a>
<a id='n525' href='#n525'>525</a>
<a id='n526' href='#n526'>526</a>
<a id='n527' href='#n527'>527</a>
<a id='n528' href='#n528'>528</a>
<a id='n529' href='#n529'>529</a>
<a id='n530' href='#n530'>530</a>
<a id='n531' href='#n531'>531</a>
<a id='n532' href='#n532'>532</a>
<a id='n533' href='#n533'>533</a>
<a id='n534' href='#n534'>534</a>
<a id='n535' href='#n535'>535</a>
<a id='n536' href='#n536'>536</a>
<a id='n537' href='#n537'>537</a>
<a id='n538' href='#n538'>538</a>
<a id='n539' href='#n539'>539</a>
<a id='n540' href='#n540'>540</a>
<a id='n541' href='#n541'>541</a>
<a id='n542' href='#n542'>542</a>
<a id='n543' href='#n543'>543</a>
<a id='n544' href='#n544'>544</a>
<a id='n545' href='#n545'>545</a>
<a id='n546' href='#n546'>546</a>
<a id='n547' href='#n547'>547</a>
<a id='n548' href='#n548'>548</a>
<a id='n549' href='#n549'>549</a>
<a id='n550' href='#n550'>550</a>
<a id='n551' href='#n551'>551</a>
<a id='n552' href='#n552'>552</a>
<a id='n553' href='#n553'>553</a>
<a id='n554' href='#n554'>554</a>
<a id='n555' href='#n555'>555</a>
<a id='n556' href='#n556'>556</a>
<a id='n557' href='#n557'>557</a>
<a id='n558' href='#n558'>558</a>
<a id='n559' href='#n559'>559</a>
<a id='n560' href='#n560'>560</a>
<a id='n561' href='#n561'>561</a>
<a id='n562' href='#n562'>562</a>
<a id='n563' href='#n563'>563</a>
<a id='n564' href='#n564'>564</a>
<a id='n565' href='#n565'>565</a>
<a id='n566' href='#n566'>566</a>
<a id='n567' href='#n567'>567</a>
<a id='n568' href='#n568'>568</a>
<a id='n569' href='#n569'>569</a>
<a id='n570' href='#n570'>570</a>
<a id='n571' href='#n571'>571</a>
<a id='n572' href='#n572'>572</a>
<a id='n573' href='#n573'>573</a>
<a id='n574' href='#n574'>574</a>
<a id='n575' href='#n575'>575</a>
<a id='n576' href='#n576'>576</a>
<a id='n577' href='#n577'>577</a>
<a id='n578' href='#n578'>578</a>
<a id='n579' href='#n579'>579</a>
<a id='n580' href='#n580'>580</a>
<a id='n581' href='#n581'>581</a>
<a id='n582' href='#n582'>582</a>
<a id='n583' href='#n583'>583</a>
<a id='n584' href='#n584'>584</a>
<a id='n585' href='#n585'>585</a>
<a id='n586' href='#n586'>586</a>
<a id='n587' href='#n587'>587</a>
<a id='n588' href='#n588'>588</a>
<a id='n589' href='#n589'>589</a>
<a id='n590' href='#n590'>590</a>
<a id='n591' href='#n591'>591</a>
<a id='n592' href='#n592'>592</a>
<a id='n593' href='#n593'>593</a>
<a id='n594' href='#n594'>594</a>
<a id='n595' href='#n595'>595</a>
<a id='n596' href='#n596'>596</a>
<a id='n597' href='#n597'>597</a>
<a id='n598' href='#n598'>598</a>
<a id='n599' href='#n599'>599</a>
<a id='n600' href='#n600'>600</a>
<a id='n601' href='#n601'>601</a>
<a id='n602' href='#n602'>602</a>
<a id='n603' href='#n603'>603</a>
<a id='n604' href='#n604'>604</a>
<a id='n605' href='#n605'>605</a>
<a id='n606' href='#n606'>606</a>
<a id='n607' href='#n607'>607</a>
<a id='n608' href='#n608'>608</a>
<a id='n609' href='#n609'>609</a>
<a id='n610' href='#n610'>610</a>
<a id='n611' href='#n611'>611</a>
<a id='n612' href='#n612'>612</a>
<a id='n613' href='#n613'>613</a>
<a id='n614' href='#n614'>614</a>
<a id='n615' href='#n615'>615</a>
<a id='n616' href='#n616'>616</a>
<a id='n617' href='#n617'>617</a>
<a id='n618' href='#n618'>618</a>
<a id='n619' href='#n619'>619</a>
<a id='n620' href='#n620'>620</a>
<a id='n621' href='#n621'>621</a>
<a id='n622' href='#n622'>622</a>
<a id='n623' href='#n623'>623</a>
<a id='n624' href='#n624'>624</a>
<a id='n625' href='#n625'>625</a>
<a id='n626' href='#n626'>626</a>
<a id='n627' href='#n627'>627</a>
<a id='n628' href='#n628'>628</a>
<a id='n629' href='#n629'>629</a>
<a id='n630' href='#n630'>630</a>
<a id='n631' href='#n631'>631</a>
<a id='n632' href='#n632'>632</a>
<a id='n633' href='#n633'>633</a>
<a id='n634' href='#n634'>634</a>
<a id='n635' href='#n635'>635</a>
<a id='n636' href='#n636'>636</a>
<a id='n637' href='#n637'>637</a>
<a id='n638' href='#n638'>638</a>
<a id='n639' href='#n639'>639</a>
<a id='n640' href='#n640'>640</a>
<a id='n641' href='#n641'>641</a>
<a id='n642' href='#n642'>642</a>
<a id='n643' href='#n643'>643</a>
<a id='n644' href='#n644'>644</a>
<a id='n645' href='#n645'>645</a>
<a id='n646' href='#n646'>646</a>
<a id='n647' href='#n647'>647</a>
<a id='n648' href='#n648'>648</a>
<a id='n649' href='#n649'>649</a>
<a id='n650' href='#n650'>650</a>
<a id='n651' href='#n651'>651</a>
<a id='n652' href='#n652'>652</a>
<a id='n653' href='#n653'>653</a>
<a id='n654' href='#n654'>654</a>
<a id='n655' href='#n655'>655</a>
<a id='n656' href='#n656'>656</a>
<a id='n657' href='#n657'>657</a>
<a id='n658' href='#n658'>658</a>
<a id='n659' href='#n659'>659</a>
<a id='n660' href='#n660'>660</a>
<a id='n661' href='#n661'>661</a>
<a id='n662' href='#n662'>662</a>
<a id='n663' href='#n663'>663</a>
<a id='n664' href='#n664'>664</a>
<a id='n665' href='#n665'>665</a>
<a id='n666' href='#n666'>666</a>
<a id='n667' href='#n667'>667</a>
<a id='n668' href='#n668'>668</a>
<a id='n669' href='#n669'>669</a>
<a id='n670' href='#n670'>670</a>
<a id='n671' href='#n671'>671</a>
<a id='n672' href='#n672'>672</a>
<a id='n673' href='#n673'>673</a>
<a id='n674' href='#n674'>674</a>
<a id='n675' href='#n675'>675</a>
<a id='n676' href='#n676'>676</a>
<a id='n677' href='#n677'>677</a>
<a id='n678' href='#n678'>678</a>
<a id='n679' href='#n679'>679</a>
<a id='n680' href='#n680'>680</a>
<a id='n681' href='#n681'>681</a>
<a id='n682' href='#n682'>682</a>
<a id='n683' href='#n683'>683</a>
<a id='n684' href='#n684'>684</a>
<a id='n685' href='#n685'>685</a>
<a id='n686' href='#n686'>686</a>
<a id='n687' href='#n687'>687</a>
<a id='n688' href='#n688'>688</a>
<a id='n689' href='#n689'>689</a>
<a id='n690' href='#n690'>690</a>
<a id='n691' href='#n691'>691</a>
<a id='n692' href='#n692'>692</a>
<a id='n693' href='#n693'>693</a>
<a id='n694' href='#n694'>694</a>
<a id='n695' href='#n695'>695</a>
<a id='n696' href='#n696'>696</a>
<a id='n697' href='#n697'>697</a>
<a id='n698' href='#n698'>698</a>
<a id='n699' href='#n699'>699</a>
<a id='n700' href='#n700'>700</a>
<a id='n701' href='#n701'>701</a>
<a id='n702' href='#n702'>702</a>
<a id='n703' href='#n703'>703</a>
<a id='n704' href='#n704'>704</a>
<a id='n705' href='#n705'>705</a>
<a id='n706' href='#n706'>706</a>
<a id='n707' href='#n707'>707</a>
<a id='n708' href='#n708'>708</a>
<a id='n709' href='#n709'>709</a>
<a id='n710' href='#n710'>710</a>
<a id='n711' href='#n711'>711</a>
<a id='n712' href='#n712'>712</a>
<a id='n713' href='#n713'>713</a>
<a id='n714' href='#n714'>714</a>
<a id='n715' href='#n715'>715</a>
<a id='n716' href='#n716'>716</a>
<a id='n717' href='#n717'>717</a>
<a id='n718' href='#n718'>718</a>
<a id='n719' href='#n719'>719</a>
<a id='n720' href='#n720'>720</a>
<a id='n721' href='#n721'>721</a>
<a id='n722' href='#n722'>722</a>
<a id='n723' href='#n723'>723</a>
<a id='n724' href='#n724'>724</a>
<a id='n725' href='#n725'>725</a>
<a id='n726' href='#n726'>726</a>
<a id='n727' href='#n727'>727</a>
<a id='n728' href='#n728'>728</a>
<a id='n729' href='#n729'>729</a>
<a id='n730' href='#n730'>730</a>
<a id='n731' href='#n731'>731</a>
<a id='n732' href='#n732'>732</a>
<a id='n733' href='#n733'>733</a>
<a id='n734' href='#n734'>734</a>
<a id='n735' href='#n735'>735</a>
<a id='n736' href='#n736'>736</a>
<a id='n737' href='#n737'>737</a>
<a id='n738' href='#n738'>738</a>
<a id='n739' href='#n739'>739</a>
<a id='n740' href='#n740'>740</a>
<a id='n741' href='#n741'>741</a>
<a id='n742' href='#n742'>742</a>
<a id='n743' href='#n743'>743</a>
<a id='n744' href='#n744'>744</a>
<a id='n745' href='#n745'>745</a>
<a id='n746' href='#n746'>746</a>
<a id='n747' href='#n747'>747</a>
<a id='n748' href='#n748'>748</a>
<a id='n749' href='#n749'>749</a>
<a id='n750' href='#n750'>750</a>
<a id='n751' href='#n751'>751</a>
<a id='n752' href='#n752'>752</a>
<a id='n753' href='#n753'>753</a>
<a id='n754' href='#n754'>754</a>
<a id='n755' href='#n755'>755</a>
<a id='n756' href='#n756'>756</a>
<a id='n757' href='#n757'>757</a>
<a id='n758' href='#n758'>758</a>
<a id='n759' href='#n759'>759</a>
<a id='n760' href='#n760'>760</a>
<a id='n761' href='#n761'>761</a>
<a id='n762' href='#n762'>762</a>
<a id='n763' href='#n763'>763</a>
<a id='n764' href='#n764'>764</a>
<a id='n765' href='#n765'>765</a>
<a id='n766' href='#n766'>766</a>
<a id='n767' href='#n767'>767</a>
<a id='n768' href='#n768'>768</a>
<a id='n769' href='#n769'>769</a>
<a id='n770' href='#n770'>770</a>
<a id='n771' href='#n771'>771</a>
<a id='n772' href='#n772'>772</a>
<a id='n773' href='#n773'>773</a>
<a id='n774' href='#n774'>774</a>
<a id='n775' href='#n775'>775</a>
<a id='n776' href='#n776'>776</a>
<a id='n777' href='#n777'>777</a>
<a id='n778' href='#n778'>778</a>
<a id='n779' href='#n779'>779</a>
<a id='n780' href='#n780'>780</a>
<a id='n781' href='#n781'>781</a>
<a id='n782' href='#n782'>782</a>
<a id='n783' href='#n783'>783</a>
<a id='n784' href='#n784'>784</a>
<a id='n785' href='#n785'>785</a>
</pre></td>
<td class='lines'><pre><code><style>pre { line-height: 125%; margin: 0; }
td.linenos pre { color: #000000; background-color: #f0f0f0; padding: 0 5px 0 5px; }
span.linenos { color: #000000; background-color: #f0f0f0; padding: 0 5px 0 5px; }
td.linenos pre.special { color: #000000; background-color: #ffffc0; padding: 0 5px 0 5px; }
span.linenos.special { color: #000000; background-color: #ffffc0; padding: 0 5px 0 5px; }
.highlight .hll { background-color: #ffffcc }
.highlight { background: #ffffff; }
.highlight .c { color: #888888 } /* Comment */
.highlight .err { color: #a61717; background-color: #e3d2d2 } /* Error */
.highlight .k { color: #008800; font-weight: bold } /* Keyword */
.highlight .ch { color: #888888 } /* Comment.Hashbang */
.highlight .cm { color: #888888 } /* Comment.Multiline */
.highlight .cp { color: #cc0000; font-weight: bold } /* Comment.Preproc */
.highlight .cpf { color: #888888 } /* Comment.PreprocFile */
.highlight .c1 { color: #888888 } /* Comment.Single */
.highlight .cs { color: #cc0000; font-weight: bold; background-color: #fff0f0 } /* Comment.Special */
.highlight .gd { color: #000000; background-color: #ffdddd } /* Generic.Deleted */
.highlight .ge { font-style: italic } /* Generic.Emph */
.highlight .gr { color: #aa0000 } /* Generic.Error */
.highlight .gh { color: #333333 } /* Generic.Heading */
.highlight .gi { color: #000000; background-color: #ddffdd } /* Generic.Inserted */
.highlight .go { color: #888888 } /* Generic.Output */
.highlight .gp { color: #555555 } /* Generic.Prompt */
.highlight .gs { font-weight: bold } /* Generic.Strong */
.highlight .gu { color: #666666 } /* Generic.Subheading */
.highlight .gt { color: #aa0000 } /* Generic.Traceback */
.highlight .kc { color: #008800; font-weight: bold } /* Keyword.Constant */
.highlight .kd { color: #008800; font-weight: bold } /* Keyword.Declaration */
.highlight .kn { color: #008800; font-weight: bold } /* Keyword.Namespace */
.highlight .kp { color: #008800 } /* Keyword.Pseudo */
.highlight .kr { color: #008800; font-weight: bold } /* Keyword.Reserved */
.highlight .kt { color: #888888; font-weight: bold } /* Keyword.Type */
.highlight .m { color: #0000DD; font-weight: bold } /* Literal.Number */
.highlight .s { color: #dd2200; background-color: #fff0f0 } /* Literal.String */
.highlight .na { color: #336699 } /* Name.Attribute */
.highlight .nb { color: #003388 } /* Name.Builtin */
.highlight .nc { color: #bb0066; font-weight: bold } /* Name.Class */
.highlight .no { color: #003366; font-weight: bold } /* Name.Constant */
.highlight .nd { color: #555555 } /* Name.Decorator */
.highlight .ne { color: #bb0066; font-weight: bold } /* Name.Exception */
.highlight .nf { color: #0066bb; font-weight: bold } /* Name.Function */
.highlight .nl { color: #336699; font-style: italic } /* Name.Label */
.highlight .nn { color: #bb0066; font-weight: bold } /* Name.Namespace */
.highlight .py { color: #336699; font-weight: bold } /* Name.Property */
.highlight .nt { color: #bb0066; font-weight: bold } /* Name.Tag */
.highlight .nv { color: #336699 } /* Name.Variable */
.highlight .ow { color: #008800 } /* Operator.Word */
.highlight .w { color: #bbbbbb } /* Text.Whitespace */
.highlight .mb { color: #0000DD; font-weight: bold } /* Literal.Number.Bin */
.highlight .mf { color: #0000DD; font-weight: bold } /* Literal.Number.Float */
.highlight .mh { color: #0000DD; font-weight: bold } /* Literal.Number.Hex */
.highlight .mi { color: #0000DD; font-weight: bold } /* Literal.Number.Integer */
.highlight .mo { color: #0000DD; font-weight: bold } /* Literal.Number.Oct */
.highlight .sa { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Affix */
.highlight .sb { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Backtick */
.highlight .sc { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Char */
.highlight .dl { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Delimiter */
.highlight .sd { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Doc */
.highlight .s2 { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Double */
.highlight .se { color: #0044dd; background-color: #fff0f0 } /* Literal.String.Escape */
.highlight .sh { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Heredoc */
.highlight .si { color: #3333bb; background-color: #fff0f0 } /* Literal.String.Interpol */
.highlight .sx { color: #22bb22; background-color: #f0fff0 } /* Literal.String.Other */
.highlight .sr { color: #008800; background-color: #fff0ff } /* Literal.String.Regex */
.highlight .s1 { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Single */
.highlight .ss { color: #aa6600; background-color: #fff0f0 } /* Literal.String.Symbol */
.highlight .bp { color: #003388 } /* Name.Builtin.Pseudo */
.highlight .fm { color: #0066bb; font-weight: bold } /* Name.Function.Magic */
.highlight .vc { color: #336699 } /* Name.Variable.Class */
.highlight .vg { color: #dd7700 } /* Name.Variable.Global */
.highlight .vi { color: #3333bb } /* Name.Variable.Instance */
.highlight .vm { color: #336699 } /* Name.Variable.Magic */
.highlight .il { color: #0000DD; font-weight: bold } /* Literal.Number.Integer.Long */</style><div class="highlight"><pre><span></span><span class="c">#</span>
<span class="c"># Copyright (C) 2006-2016 OpenWrt.org</span>
<span class="c">#</span>
<span class="c"># This is free software, licensed under the GNU General Public License v2.</span>
<span class="c"># See /LICENSE for more information.</span>
<span class="c">#</span>

<span class="cp">include $(TOPDIR)/rules.mk</span>
<span class="cp">include $(INCLUDE_DIR)/kernel.mk</span>

<span class="nv">PKG_NAME</span><span class="o">:=</span>iptables
<span class="nv">PKG_VERSION</span><span class="o">:=</span><span class="m">1</span>.8.7
<span class="nv">PKG_RELEASE</span><span class="o">:=</span><span class="m">7</span>

<span class="nv">PKG_SOURCE_URL</span><span class="o">:=</span>https://netfilter.org/projects/iptables/files
<span class="nv">PKG_SOURCE</span><span class="o">:=</span><span class="k">$(</span>PKG_NAME<span class="k">)</span>-<span class="k">$(</span>PKG_VERSION<span class="k">)</span>.tar.bz2
<span class="nv">PKG_HASH</span><span class="o">:=</span>c109c96bb04998cd44156622d36f8e04b140701ec60531a10668cfdff5e8d8f0

<span class="nv">PKG_FIXUP</span><span class="o">:=</span>autoreconf
<span class="nv">PKG_FLAGS</span><span class="o">:=</span>nonshared

<span class="nv">PKG_INSTALL</span><span class="o">:=</span><span class="m">1</span>
<span class="nv">PKG_BUILD_PARALLEL</span><span class="o">:=</span><span class="m">1</span>
<span class="nv">PKG_LICENSE</span><span class="o">:=</span>GPL-2.0
<span class="nv">PKG_CPE_ID</span><span class="o">:=</span>cpe:/a:netfilter_core_team:iptables

<span class="cp">include $(INCLUDE_DIR)/package.mk</span>
<span class="cp">ifeq ($(DUMP),)</span>
<span class="cp">  -include $(LINUX_DIR)/.config</span>
<span class="cp">  include $(INCLUDE_DIR)/netfilter.mk</span>
  STAMP_CONFIGURED:<span class="o">=</span><span class="k">$(</span>strip <span class="k">$(</span>STAMP_CONFIGURED<span class="k">))</span>_<span class="k">$(</span>shell grep <span class="s1">&#39;NETFILTER&#39;</span> <span class="k">$(</span>LINUX_DIR<span class="k">)</span>/.config <span class="p">|</span> <span class="k">$(</span>MKHASH<span class="k">)</span> md5<span class="k">)</span>
<span class="cp">endif</span>


<span class="cp">define Package/iptables/Default</span>
  SECTION:<span class="o">=</span>net
  CATEGORY:<span class="o">=</span>Network
  SUBMENU:<span class="o">=</span>Firewall
  URL:<span class="o">=</span>https://netfilter.org/
<span class="cp">endef</span>

<span class="cp">define Package/iptables/Module</span>
<span class="k">$(</span><span class="nv">call</span> <span class="nv">Package</span>/<span class="nv">iptables</span>/<span class="nv">Default</span><span class="k">)</span>
  <span class="nv">DEPENDS</span><span class="o">:=</span>+libxtables <span class="k">$(</span><span class="m">1</span><span class="k">)</span>
<span class="cp">endef</span>

<span class="cp">define Package/xtables-legacy</span>
<span class="k">$(</span><span class="nv">call</span> <span class="nv">Package</span>/<span class="nv">iptables</span>/<span class="nv">Default</span><span class="k">)</span>
  <span class="nv">TITLE</span><span class="o">:=</span>IP firewall administration tool
  <span class="nv">DEPENDS</span><span class="o">+=</span> +kmod-ipt-core +libip4tc +IPV6:libip6tc +libiptext +IPV6:libiptext6 +libxtables
<span class="cp">endef</span>

<span class="cp">define Package/iptables-zz-legacy</span>
<span class="k">$(</span><span class="nv">call</span> <span class="nv">Package</span>/<span class="nv">iptables</span>/<span class="nv">Default</span><span class="k">)</span>
  <span class="nv">TITLE</span><span class="o">:=</span>IP firewall administration tool
  <span class="nv">DEPENDS</span><span class="o">+=</span> +xtables-legacy
  PROVIDES:<span class="o">=</span>iptables iptables-legacy
  ALTERNATIVES:<span class="o">=</span><span class="se">\</span>
    <span class="m">200</span>:/usr/sbin/iptables:/usr/sbin/xtables-legacy-multi <span class="se">\</span>
    <span class="m">200</span>:/usr/sbin/iptables-restore:/usr/sbin/xtables-legacy-multi <span class="se">\</span>
    <span class="m">200</span>:/usr/sbin/iptables-save:/usr/sbin/xtables-legacy-multi
<span class="cp">endef</span>

<span class="cp">define Package/iptables-zz-legacy/description</span>
<span class="err">IP</span> <span class="err">firewall</span> <span class="err">administration</span> <span class="err">tool.</span>

 <span class="nf">Matches</span><span class="o">:</span>
  - icmp
  - tcp
  - udp
  - comment
  - conntrack
  - limit
  - mac
  - mark
  - multiport
  - <span class="nb">set</span>
  - state
  - <span class="nb">time</span>

 Targets:
  - ACCEPT
  - CT
  - DNAT
  - DROP
  - REJECT
  - FLOWOFFLOAD
  - LOG
  - MARK
  - MASQUERADE
  - REDIRECT
  - SET
  - SNAT
  - TCPMSS

 Tables:
  - filter
  - mangle
  - nat
  - raw

<span class="cp">endef</span>

<span class="cp">define Package/xtables-nft</span>
<span class="k">$(</span><span class="nv">call</span> <span class="nv">Package</span>/<span class="nv">iptables</span>/<span class="nv">Default</span><span class="k">)</span>
  <span class="nv">TITLE</span><span class="o">:=</span>IP firewall administration tool nft
  DEPENDS:<span class="o">=</span>+libnftnl +libiptext +IPV6:libiptext6 +libiptext-nft +kmod-nft-compat
<span class="cp">endef</span>

<span class="cp">define Package/arptables-nft</span>
<span class="k">$(</span><span class="nv">call</span> <span class="nv">Package</span>/<span class="nv">iptables</span>/<span class="nv">Default</span><span class="k">)</span>
  <span class="nv">DEPENDS</span><span class="o">:=</span>+kmod-nft-arp +xtables-nft +kmod-arptables
  TITLE:<span class="o">=</span>ARP firewall administration tool nft
  PROVIDES:<span class="o">=</span>arptables
  ALTERNATIVES:<span class="o">=</span><span class="se">\</span>
    <span class="m">300</span>:/usr/sbin/arptables:/usr/sbin/xtables-nft-multi <span class="se">\</span>
    <span class="m">300</span>:/usr/sbin/arptables-restore:/usr/sbin/xtables-nft-multi <span class="se">\</span>
    <span class="m">300</span>:/usr/sbin/arptables-save:/usr/sbin/xtables-nft-multi
<span class="cp">endef</span>

<span class="cp">define Package/ebtables-nft</span>
<span class="k">$(</span><span class="nv">call</span> <span class="nv">Package</span>/<span class="nv">iptables</span>/<span class="nv">Default</span><span class="k">)</span>
  <span class="nv">DEPENDS</span><span class="o">:=</span>+kmod-nft-bridge +xtables-nft +kmod-ebtables
  TITLE:<span class="o">=</span>Bridge firewall administration tool nft
  PROVIDES:<span class="o">=</span>ebtables
  ALTERNATIVES:<span class="o">=</span><span class="se">\</span>
    <span class="m">300</span>:/usr/sbin/ebtables:/usr/sbin/xtables-nft-multi <span class="se">\</span>
    <span class="m">300</span>:/usr/sbin/ebtables-restore:/usr/sbin/xtables-nft-multi <span class="se">\</span>
    <span class="m">300</span>:/usr/sbin/ebtables-save:/usr/sbin/xtables-nft-multi
<span class="cp">endef</span>

<span class="cp">define Package/iptables-nft</span>
<span class="k">$(</span><span class="nv">call</span> <span class="nv">Package</span>/<span class="nv">iptables</span>/<span class="nv">Default</span><span class="k">)</span>
  <span class="nv">TITLE</span><span class="o">:=</span>IP firewall administration tool nft
  DEPENDS:<span class="o">=</span>+kmod-ipt-core +xtables-nft
  PROVIDES:<span class="o">=</span>iptables
  ALTERNATIVES:<span class="o">=</span><span class="se">\</span>
    <span class="m">300</span>:/usr/sbin/iptables:/usr/sbin/xtables-nft-multi <span class="se">\</span>
    <span class="m">300</span>:/usr/sbin/iptables-restore:/usr/sbin/xtables-nft-multi <span class="se">\</span>
    <span class="m">300</span>:/usr/sbin/iptables-save:/usr/sbin/xtables-nft-multi
<span class="cp">endef</span>

<span class="cp">define Package/iptables-nft/description</span>
<span class="err">Extra</span> <span class="err">iptables</span> <span class="err">nftables</span> <span class="err">nft</span> <span class="err">binaries.</span>
  <span class="err">iptables-nft</span>
  <span class="err">iptables-nft-restore</span>
  <span class="err">iptables-nft-save</span>
  <span class="err">iptables-translate</span>
  <span class="err">iptables-restore-translate</span>
<span class="cp">endef</span>

<span class="cp">define Package/iptables-mod-conntrack-extra</span>
<span class="k">$(</span><span class="nv">call</span> <span class="nv">Package</span>/<span class="nv">iptables</span>/<span class="nv">Module</span>, +<span class="nv">kmod-ipt-conntrack-extra</span> +<span class="nv">kmod-ipt-raw</span><span class="k">)</span>
  <span class="nv">TITLE</span><span class="o">:=</span>Extra connection tracking extensions
<span class="cp">endef</span>

<span class="cp">define Package/iptables-mod-conntrack-extra/description</span>
<span class="err">Extra</span> <span class="err">iptables</span> <span class="err">extensions</span> <span class="err">for</span> <span class="err">connection</span> <span class="err">tracking.</span>

 <span class="nf">Matches</span><span class="o">:</span>
  - connbytes
  - connlimit
  - connmark
  - recent
  - helper

 Targets:
  - CONNMARK

<span class="cp">endef</span>

<span class="cp">define Package/iptables-mod-conntrack-label</span>
<span class="k">$(</span><span class="nv">call</span> <span class="nv">Package</span>/<span class="nv">iptables</span>/<span class="nv">Module</span>, +<span class="nv">kmod-ipt-conntrack-label</span> @<span class="nv">IPTABLES_CONNLABEL</span><span class="k">)</span>
  <span class="nv">TITLE</span><span class="o">:=</span>Connection tracking labeling extension
  DEFAULT:<span class="o">=</span>y <span class="k">if</span> IPTABLES_CONNLABEL
<span class="cp">endef</span>

<span class="cp">define Package/iptables-mod-conntrack-label/description</span>
<span class="err">Match</span> <span class="err">and</span> <span class="err">set</span> <span class="err">label(s)</span> <span class="err">on</span> <span class="err">connection</span> <span class="err">tracking</span> <span class="err">entries</span>

 <span class="nf">Matches</span><span class="o">:</span>
  - connlabel

<span class="cp">endef</span>

<span class="cp">define Package/iptables-mod-filter</span>
<span class="k">$(</span><span class="nv">call</span> <span class="nv">Package</span>/<span class="nv">iptables</span>/<span class="nv">Module</span>, +<span class="nv">kmod-ipt-filter</span><span class="k">)</span>
  <span class="nv">TITLE</span><span class="o">:=</span>Content inspection extensions
<span class="cp">endef</span>

<span class="cp">define Package/iptables-mod-filter/description</span>
<span class="err">iptables</span> <span class="err">extensions</span> <span class="err">for</span> <span class="err">packet</span> <span class="err">content</span> <span class="err">inspection.</span>
<span class="nf">Includes support for</span><span class="o">:</span>

 Matches:
  - string
  - bpf

<span class="cp">endef</span>

<span class="cp">define Package/iptables-mod-ipopt</span>
<span class="k">$(</span><span class="nv">call</span> <span class="nv">Package</span>/<span class="nv">iptables</span>/<span class="nv">Module</span>, +<span class="nv">kmod-ipt-ipopt</span><span class="k">)</span>
  <span class="nv">TITLE</span><span class="o">:=</span>IP/Packet option extensions
<span class="cp">endef</span>

<span class="cp">define Package/iptables-mod-ipopt/description</span>
<span class="err">iptables</span> <span class="err">extensions</span> <span class="err">for</span> <span class="err">matching/changing</span> <span class="err">IP</span> <span class="err">packet</span> <span class="err">options.</span>

 <span class="nf">Matches</span><span class="o">:</span>
  - dscp
  - ecn
  - length
  - statistic
  - tcpmss
  - unclean
  - hl

 Targets:
  - DSCP
  - CLASSIFY
  - ECN
  - HL

<span class="cp">endef</span>

<span class="cp">define Package/iptables-mod-ipsec</span>
<span class="k">$(</span><span class="nv">call</span> <span class="nv">Package</span>/<span class="nv">iptables</span>/<span class="nv">Module</span>, +<span class="nv">kmod-ipt-ipsec</span><span class="k">)</span>
  <span class="nv">TITLE</span><span class="o">:=</span>IPsec extensions
<span class="cp">endef</span>

<span class="cp">define Package/iptables-mod-ipsec/description</span>
<span class="err">iptables</span> <span class="err">extensions</span> <span class="err">for</span> <span class="err">matching</span> <span class="err">ipsec</span> <span class="err">traffic.</span>

 <span class="nf">Matches</span><span class="o">:</span>
  - ah
  - esp
  - policy

<span class="cp">endef</span>

<span class="cp">define Package/iptables-mod-nat-extra</span>
<span class="k">$(</span><span class="nv">call</span> <span class="nv">Package</span>/<span class="nv">iptables</span>/<span class="nv">Module</span>, +<span class="nv">kmod-ipt-nat-extra</span><span class="k">)</span>
  <span class="nv">TITLE</span><span class="o">:=</span>Extra NAT extensions
<span class="cp">endef</span>

<span class="cp">define Package/iptables-mod-nat-extra/description</span>
<span class="err">iptables</span> <span class="err">extensions</span> <span class="err">for</span> <span class="err">extra</span> <span class="err">NAT</span> <span class="err">targets.</span>

 <span class="nf">Targets</span><span class="o">:</span>
  - MIRROR
  - NETMAP
<span class="cp">endef</span>

<span class="cp">define Package/iptables-mod-nflog</span>
<span class="k">$(</span><span class="nv">call</span> <span class="nv">Package</span>/<span class="nv">iptables</span>/<span class="nv">Module</span>, +<span class="nv">kmod-nfnetlink-log</span> +<span class="nv">kmod-ipt-nflog</span><span class="k">)</span>
  <span class="nv">TITLE</span><span class="o">:=</span>Netfilter NFLOG target
<span class="cp">endef</span>

<span class="cp">define Package/iptables-mod-nflog/description</span>
 iptables extension <span class="k">for</span> user-space logging via NFNETLINK.

 Includes:
  - libxt_NFLOG

<span class="cp">endef</span>

<span class="cp">define Package/iptables-mod-trace</span>
<span class="k">$(</span><span class="nv">call</span> <span class="nv">Package</span>/<span class="nv">iptables</span>/<span class="nv">Module</span>, +<span class="nv">kmod-ipt-debug</span><span class="k">)</span>
  <span class="nv">TITLE</span><span class="o">:=</span>Netfilter TRACE target
<span class="cp">endef</span>

<span class="cp">define Package/iptables-mod-trace/description</span>
 iptables extension <span class="k">for</span> TRACE target

 Includes:
  - libxt_TRACE

<span class="cp">endef</span>


<span class="cp">define Package/iptables-mod-nfqueue</span>
<span class="k">$(</span><span class="nv">call</span> <span class="nv">Package</span>/<span class="nv">iptables</span>/<span class="nv">Module</span>, +<span class="nv">kmod-nfnetlink-queue</span> +<span class="nv">kmod-ipt-nfqueue</span><span class="k">)</span>
  <span class="nv">TITLE</span><span class="o">:=</span>Netfilter NFQUEUE target
<span class="cp">endef</span>

<span class="cp">define Package/iptables-mod-nfqueue/description</span>
 iptables extension <span class="k">for</span> user-space queuing via NFNETLINK.

 Includes:
  - libxt_NFQUEUE

<span class="cp">endef</span>

<span class="cp">define Package/iptables-mod-hashlimit</span>
<span class="k">$(</span><span class="nv">call</span> <span class="nv">Package</span>/<span class="nv">iptables</span>/<span class="nv">Module</span>, +<span class="nv">kmod-ipt-hashlimit</span><span class="k">)</span>
  <span class="nv">TITLE</span><span class="o">:=</span>hashlimit matching
<span class="cp">endef</span>

<span class="cp">define Package/iptables-mod-hashlimit/description</span>
<span class="err">iptables</span> <span class="err">extensions</span> <span class="err">for</span> <span class="err">hashlimit</span> <span class="err">matching</span>

 <span class="nf">Matches</span><span class="o">:</span>
  - hashlimit

<span class="cp">endef</span>

<span class="cp">define Package/iptables-mod-rpfilter</span>
<span class="k">$(</span><span class="nv">call</span> <span class="nv">Package</span>/<span class="nv">iptables</span>/<span class="nv">Module</span>, +<span class="nv">kmod-ipt-rpfilter</span><span class="k">)</span>
  <span class="nv">TITLE</span><span class="o">:=</span>rpfilter iptables extension
<span class="cp">endef</span>

<span class="cp">define Package/iptables-mod-rpfilter/description</span>
<span class="err">iptables</span> <span class="err">extensions</span> <span class="err">for</span> <span class="err">reverse</span> <span class="err">path</span> <span class="err">filter</span> <span class="err">test</span> <span class="err">on</span> <span class="err">a</span> <span class="err">packet</span>

 <span class="nf">Matches</span><span class="o">:</span>
  - rpfilter

<span class="cp">endef</span>

<span class="cp">define Package/iptables-mod-iprange</span>
<span class="k">$(</span><span class="nv">call</span> <span class="nv">Package</span>/<span class="nv">iptables</span>/<span class="nv">Module</span>, +<span class="nv">kmod-ipt-iprange</span><span class="k">)</span>
  <span class="nv">TITLE</span><span class="o">:=</span>IP range extension
<span class="cp">endef</span>

<span class="cp">define Package/iptables-mod-iprange/description</span>
<span class="err">iptables</span> <span class="err">extensions</span> <span class="err">for</span> <span class="err">matching</span> <span class="err">ip</span> <span class="err">ranges.</span>

 <span class="nf">Matches</span><span class="o">:</span>
  - iprange

<span class="cp">endef</span>

<span class="cp">define Package/iptables-mod-cluster</span>
<span class="k">$(</span><span class="nv">call</span> <span class="nv">Package</span>/<span class="nv">iptables</span>/<span class="nv">Module</span>, +<span class="nv">kmod-ipt-cluster</span><span class="k">)</span>
  <span class="nv">TITLE</span><span class="o">:=</span>Match cluster extension
<span class="cp">endef</span>

<span class="cp">define Package/iptables-mod-cluster/description</span>
<span class="err">iptables</span> <span class="err">extensions</span> <span class="err">for</span> <span class="err">matching</span> <span class="err">cluster.</span>

 <span class="err">Netfilter</span> <span class="err">(IPv4/IPv6)</span> <span class="err">module</span> <span class="err">for</span> <span class="err">matching</span> <span class="err">cluster</span>
 <span class="err">This</span> <span class="err">option</span> <span class="err">allows</span> <span class="err">you</span> <span class="err">to</span> <span class="err">build</span> <span class="err">work-load-sharing</span> <span class="err">clusters</span> <span class="err">of</span>
 <span class="err">network</span> <span class="err">servers/stateful</span> <span class="err">firewalls</span> <span class="err">without</span> <span class="err">having</span> <span class="err">a</span> <span class="err">dedicated</span>
 <span class="err">load-balancing</span> <span class="err">router/server/switch.</span> <span class="err">Basically,</span> <span class="err">this</span> <span class="err">match</span> <span class="err">returns</span>
 <span class="err">true</span> <span class="err">when</span> <span class="err">the</span> <span class="err">packet</span> <span class="err">must</span> <span class="err">be</span> <span class="err">handled</span> <span class="err">by</span> <span class="err">this</span> <span class="err">cluster</span> <span class="err">node.</span> <span class="err">Thus,</span>
 <span class="err">all</span> <span class="err">nodes</span> <span class="err">see</span> <span class="err">all</span> <span class="err">packets</span> <span class="err">and</span> <span class="err">this</span> <span class="err">match</span> <span class="err">decides</span> <span class="err">which</span> <span class="err">node</span> <span class="err">handles</span>
 <span class="err">what</span> <span class="err">packets.</span> <span class="err">The</span> <span class="err">work-load</span> <span class="err">sharing</span> <span class="err">algorithm</span> <span class="err">is</span> <span class="err">based</span> <span class="err">on</span> <span class="err">source</span>
 <span class="err">address</span> <span class="err">hashing.</span>

 <span class="err">This</span> <span class="err">module</span> <span class="err">is</span> <span class="err">usable</span> <span class="err">for</span> <span class="err">ipv4</span> <span class="err">and</span> <span class="err">ipv6.</span>

 <span class="err">If</span> <span class="err">you</span> <span class="err">select</span> <span class="err">it,</span> <span class="err">it</span> <span class="err">enables</span> <span class="err">kmod-ipt-cluster.</span>

 <span class="err">see</span> <span class="err">`iptables</span> <span class="err">-m</span> <span class="err">cluster</span> <span class="err">--help`</span> <span class="err">for</span> <span class="err">more</span> <span class="err">information.</span>
<span class="cp">endef</span>

<span class="cp">define Package/iptables-mod-clusterip</span>
<span class="k">$(</span><span class="nv">call</span> <span class="nv">Package</span>/<span class="nv">iptables</span>/<span class="nv">Module</span>, +<span class="nv">kmod-ipt-clusterip</span><span class="k">)</span>
  <span class="nv">TITLE</span><span class="o">:=</span>Clusterip extension
<span class="cp">endef</span>

<span class="cp">define Package/iptables-mod-clusterip/description</span>
<span class="err">iptables</span> <span class="err">extensions</span> <span class="err">for</span> <span class="err">CLUSTERIP.</span>
 <span class="err">The</span> <span class="err">CLUSTERIP</span> <span class="err">target</span> <span class="err">allows</span> <span class="err">you</span> <span class="err">to</span> <span class="err">build</span> <span class="err">load-balancing</span> <span class="err">clusters</span> <span class="err">of</span>
 <span class="err">network</span> <span class="err">servers</span> <span class="err">without</span> <span class="err">having</span> <span class="err">a</span> <span class="err">dedicated</span> <span class="err">load-balancing</span>
 <span class="err">router/server/switch.</span>

 <span class="err">If</span> <span class="err">you</span> <span class="err">select</span> <span class="err">it,</span> <span class="err">it</span> <span class="err">enables</span> <span class="err">kmod-ipt-clusterip.</span>

 <span class="err">see</span> <span class="err">`iptables</span> <span class="err">-j</span> <span class="err">CLUSTERIP</span> <span class="err">--help`</span> <span class="err">for</span> <span class="err">more</span> <span class="err">information.</span>
<span class="cp">endef</span>

<span class="cp">define Package/iptables-mod-extra</span>
<span class="k">$(</span><span class="nv">call</span> <span class="nv">Package</span>/<span class="nv">iptables</span>/<span class="nv">Module</span>, +<span class="nv">kmod-ipt-extra</span><span class="k">)</span>
  <span class="nv">TITLE</span><span class="o">:=</span>Other extra iptables extensions
<span class="cp">endef</span>

<span class="cp">define Package/iptables-mod-extra/description</span>
<span class="err">Other</span> <span class="err">extra</span> <span class="err">iptables</span> <span class="err">extensions.</span>

 <span class="nf">Matches</span><span class="o">:</span>
  - addrtype
  - condition
  - owner
  - pkttype
  - quota

<span class="cp">endef</span>

<span class="cp">define Package/iptables-mod-physdev</span>
<span class="k">$(</span><span class="nv">call</span> <span class="nv">Package</span>/<span class="nv">iptables</span>/<span class="nv">Module</span>, +<span class="nv">kmod-ipt-physdev</span><span class="k">)</span>
  <span class="nv">TITLE</span><span class="o">:=</span>physdev iptables extension
<span class="cp">endef</span>

<span class="cp">define Package/iptables-mod-physdev/description</span>
<span class="err">The</span> <span class="err">iptables</span> <span class="err">physdev</span> <span class="err">match.</span>
<span class="cp">endef</span>

<span class="cp">define Package/iptables-mod-led</span>
<span class="k">$(</span><span class="nv">call</span> <span class="nv">Package</span>/<span class="nv">iptables</span>/<span class="nv">Module</span>, +<span class="nv">kmod-ipt-led</span><span class="k">)</span>
  <span class="nv">TITLE</span><span class="o">:=</span>LED trigger iptables extension
<span class="cp">endef</span>

<span class="cp">define Package/iptables-mod-led/description</span>
<span class="err">iptables</span> <span class="err">extension</span> <span class="err">for</span> <span class="err">triggering</span> <span class="err">a</span> <span class="err">LED.</span>

 <span class="nf">Targets</span><span class="o">:</span>
  - LED

<span class="cp">endef</span>

<span class="cp">define Package/iptables-mod-socket</span>
<span class="k">$(</span><span class="nv">call</span> <span class="nv">Package</span>/<span class="nv">iptables</span>/<span class="nv">Module</span>, +<span class="nv">kmod-ipt-socket</span><span class="k">)</span>
  <span class="nv">TITLE</span><span class="o">:=</span>Socket match iptables extensions
<span class="cp">endef</span>

<span class="cp">define Package/iptables-mod-socket/description</span>
<span class="err">Socket</span> <span class="err">match</span> <span class="err">iptables</span> <span class="err">extensions.</span>

 <span class="nf">Matches</span><span class="o">:</span>
  - socket

<span class="cp">endef</span>

<span class="cp">define Package/iptables-mod-tproxy</span>
<span class="k">$(</span><span class="nv">call</span> <span class="nv">Package</span>/<span class="nv">iptables</span>/<span class="nv">Module</span>, +<span class="nv">kmod-ipt-tproxy</span><span class="k">)</span>
  <span class="nv">TITLE</span><span class="o">:=</span>Transparent proxy iptables extensions
<span class="cp">endef</span>

<span class="cp">define Package/iptables-mod-tproxy/description</span>
<span class="err">Transparent</span> <span class="err">proxy</span> <span class="err">iptables</span> <span class="err">extensions.</span>

 <span class="nf">Targets</span><span class="o">:</span>
  - TPROXY

<span class="cp">endef</span>

<span class="cp">define Package/iptables-mod-tee</span>
<span class="k">$(</span><span class="nv">call</span> <span class="nv">Package</span>/<span class="nv">iptables</span>/<span class="nv">Module</span>, +<span class="nv">kmod-ipt-tee</span><span class="k">)</span>
  <span class="nv">TITLE</span><span class="o">:=</span>TEE iptables extensions
<span class="cp">endef</span>

<span class="cp">define Package/iptables-mod-tee/description</span>
<span class="err">TEE</span> <span class="err">iptables</span> <span class="err">extensions.</span>

 <span class="nf">Targets</span><span class="o">:</span>
  - TEE

<span class="cp">endef</span>

<span class="cp">define Package/iptables-mod-u32</span>
<span class="k">$(</span><span class="nv">call</span> <span class="nv">Package</span>/<span class="nv">iptables</span>/<span class="nv">Module</span>, +<span class="nv">kmod-ipt-u32</span><span class="k">)</span>
  <span class="nv">TITLE</span><span class="o">:=</span>U32 iptables extensions
<span class="cp">endef</span>

<span class="cp">define Package/iptables-mod-u32/description</span>
<span class="err">U32</span> <span class="err">iptables</span> <span class="err">extensions.</span>

 <span class="nf">Matches</span><span class="o">:</span>
  - u32

<span class="cp">endef</span>

<span class="cp">define Package/iptables-mod-checksum</span>
<span class="k">$(</span><span class="nv">call</span> <span class="nv">Package</span>/<span class="nv">iptables</span>/<span class="nv">Module</span>, +<span class="nv">kmod-ipt-checksum</span><span class="k">)</span>
  <span class="nv">TITLE</span><span class="o">:=</span>IP CHECKSUM target extension
<span class="cp">endef</span>

<span class="cp">define Package/iptables-mod-checksum/description</span>
<span class="err">iptables</span> <span class="err">extension</span> <span class="err">for</span> <span class="err">the</span> <span class="err">CHECKSUM</span> <span class="err">calculation</span> <span class="err">target</span>
<span class="cp">endef</span>

<span class="cp">define Package/ip6tables-zz-legacy</span>
<span class="k">$(</span><span class="nv">call</span> <span class="nv">Package</span>/<span class="nv">iptables</span>/<span class="nv">Default</span><span class="k">)</span>
  <span class="nv">DEPENDS</span><span class="o">:=</span>@IPV6 +kmod-ip6tables +xtables-legacy
  CATEGORY:<span class="o">=</span>Network
  TITLE:<span class="o">=</span>IPv6 firewall administration tool
  PROVIDES:<span class="o">=</span>ip6tables ip6tables-legacy
  ALTERNATIVES:<span class="o">=</span><span class="se">\</span>
    <span class="m">200</span>:/usr/sbin/ip6tables:/usr/sbin/xtables-legacy-multi <span class="se">\</span>
    <span class="m">200</span>:/usr/sbin/ip6tables-restore:/usr/sbin/xtables-legacy-multi <span class="se">\</span>
    <span class="m">200</span>:/usr/sbin/ip6tables-save:/usr/sbin/xtables-legacy-multi
<span class="cp">endef</span>

<span class="cp">define Package/ip6tables-nft</span>
<span class="k">$(</span><span class="nv">call</span> <span class="nv">Package</span>/<span class="nv">iptables</span>/<span class="nv">Default</span><span class="k">)</span>
  <span class="nv">DEPENDS</span><span class="o">:=</span>@IPV6 +kmod-ip6tables +xtables-nft
  TITLE:<span class="o">=</span>IP firewall administration tool nft
  PROVIDES:<span class="o">=</span>ip6tables
  ALTERNATIVES:<span class="o">=</span><span class="se">\</span>
    <span class="m">300</span>:/usr/sbin/ip6tables:/usr/sbin/xtables-nft-multi <span class="se">\</span>
    <span class="m">300</span>:/usr/sbin/ip6tables-restore:/usr/sbin/xtables-nft-multi <span class="se">\</span>
    <span class="m">300</span>:/usr/sbin/ip6tables-save:/usr/sbin/xtables-nft-multi
<span class="cp">endef</span>

<span class="cp">define Package/ip6tables-nft/description</span>
<span class="err">Extra</span> <span class="err">ip6tables</span> <span class="err">nftables</span> <span class="err">nft</span> <span class="err">binaries.</span>
  <span class="err">ip6tables-nft</span>
  <span class="err">ip6tables-nft-restore</span>
  <span class="err">ip6tables-nft-save</span>
  <span class="err">ip6tables-translate</span>
  <span class="err">ip6tables-restore-translate</span>
<span class="cp">endef</span>

<span class="cp">define Package/ip6tables-extra</span>
<span class="k">$(</span><span class="nv">call</span> <span class="nv">Package</span>/<span class="nv">iptables</span>/<span class="nv">Default</span><span class="k">)</span>
  <span class="nv">DEPENDS</span><span class="o">:=</span>+libxtables +kmod-ip6tables-extra
  TITLE:<span class="o">=</span>IPv6 header matching modules
<span class="cp">endef</span>

<span class="cp">define Package/ip6tables-extra/description</span>
<span class="err">iptables</span> <span class="err">header</span> <span class="err">matching</span> <span class="err">modules</span> <span class="err">for</span> <span class="err">IPv6</span>
<span class="cp">endef</span>

<span class="cp">define Package/ip6tables-mod-nat</span>
<span class="k">$(</span><span class="nv">call</span> <span class="nv">Package</span>/<span class="nv">iptables</span>/<span class="nv">Default</span><span class="k">)</span>
  <span class="nv">DEPENDS</span><span class="o">:=</span>+libxtables +kmod-ipt-nat6
  TITLE:<span class="o">=</span>IPv6 NAT extensions
<span class="cp">endef</span>

<span class="cp">define Package/ip6tables-mod-nat/description</span>
<span class="err">iptables</span> <span class="err">extensions</span> <span class="err">for</span> <span class="err">IPv6-NAT</span> <span class="err">targets.</span>
<span class="cp">endef</span>

<span class="cp">define Package/libip4tc</span>
<span class="k">$(</span><span class="nv">call</span> <span class="nv">Package</span>/<span class="nv">iptables</span>/<span class="nv">Default</span><span class="k">)</span>
  <span class="nv">SECTION</span><span class="o">:=</span>libs
  CATEGORY:<span class="o">=</span>Libraries
  TITLE:<span class="o">=</span>IPv4 firewall - shared libiptc library
  ABI_VERSION:<span class="o">=</span><span class="m">2</span>
<span class="cp">endef</span>

<span class="cp">define Package/libip6tc</span>
<span class="k">$(</span><span class="nv">call</span> <span class="nv">Package</span>/<span class="nv">iptables</span>/<span class="nv">Default</span><span class="k">)</span>
  <span class="nv">SECTION</span><span class="o">:=</span>libs
  CATEGORY:<span class="o">=</span>Libraries
  TITLE:<span class="o">=</span>IPv6 firewall - shared libiptc library
  ABI_VERSION:<span class="o">=</span><span class="m">2</span>
<span class="cp">endef</span>

<span class="cp">define Package/libiptext</span>
 <span class="k">$(</span>call Package/iptables/Default<span class="k">)</span>
 SECTION:<span class="o">=</span>libs
 CATEGORY:<span class="o">=</span>Libraries
 TITLE:<span class="o">=</span>IPv4 firewall - shared libiptext library
 ABI_VERSION:<span class="o">=</span><span class="m">0</span>
 DEPENDS:<span class="o">=</span>+libxtables
<span class="cp">endef</span>

<span class="cp">define Package/libiptext6</span>
 <span class="k">$(</span>call Package/iptables/Default<span class="k">)</span>
 SECTION:<span class="o">=</span>libs
 CATEGORY:<span class="o">=</span>Libraries
 TITLE:<span class="o">=</span>IPv6 firewall - shared libiptext library
 ABI_VERSION:<span class="o">=</span><span class="m">0</span>
 DEPENDS:<span class="o">=</span>+libxtables
<span class="cp">endef</span>

<span class="cp">define Package/libiptext-nft</span>
 <span class="k">$(</span>call Package/iptables/Default<span class="k">)</span>
 SECTION:<span class="o">=</span>libs
 CATEGORY:<span class="o">=</span>Libraries
 TITLE:<span class="o">=</span>IPv4/IPv6 firewall - shared libiptext nft library
 ABI_VERSION:<span class="o">=</span><span class="m">0</span>
 DEPENDS:<span class="o">=</span>+libxtables
<span class="cp">endef</span>

<span class="cp">define Package/libxtables</span>
 <span class="k">$(</span>call Package/iptables/Default<span class="k">)</span>
 SECTION:<span class="o">=</span>libs
 CATEGORY:<span class="o">=</span>Libraries
 TITLE:<span class="o">=</span>IPv4/IPv6 firewall - shared xtables library
 MENU:<span class="o">=</span><span class="m">1</span>
 ABI_VERSION:<span class="o">=</span><span class="m">12</span>
 DEPENDS:<span class="o">=</span>+IPTABLES_CONNLABEL:libnetfilter-conntrack
<span class="cp">endef</span>

<span class="cp">define Package/libxtables/config</span>
  config IPTABLES_CONNLABEL
	bool <span class="s2">&quot;Enable Connlabel support&quot;</span>
	default n
	<span class="nb">help</span>
		This <span class="nb">enable</span> connlabel support in iptables.
<span class="cp">endef</span>

<span class="nv">TARGET_CPPFLAGS</span> <span class="o">:=</span> <span class="se">\</span>
	-I<span class="k">$(</span>PKG_BUILD_DIR<span class="k">)</span>/include <span class="se">\</span>
	-I<span class="k">$(</span>LINUX_DIR<span class="k">)</span>/user_headers/include <span class="se">\</span>
	<span class="k">$(</span>TARGET_CPPFLAGS<span class="k">)</span>

<span class="nv">TARGET_CFLAGS</span> <span class="o">+=</span> <span class="se">\</span>
	-I<span class="k">$(</span>PKG_BUILD_DIR<span class="k">)</span>/include <span class="se">\</span>
	-I<span class="k">$(</span>LINUX_DIR<span class="k">)</span>/user_headers/include <span class="se">\</span>
	-ffunction-sections -fdata-sections <span class="se">\</span>
	-DNO_LEGACY

<span class="nv">TARGET_LDFLAGS</span> <span class="o">+=</span> <span class="se">\</span>
	-Wl,--gc-sections

<span class="nv">CONFIGURE_ARGS</span> <span class="o">+=</span> <span class="se">\</span>
	--enable-shared <span class="se">\</span>
	--enable-static <span class="se">\</span>
	--enable-devel <span class="se">\</span>
	--with-kernel<span class="o">=</span><span class="s2">&quot;</span><span class="k">$(</span>LINUX_DIR<span class="k">)</span><span class="s2">/user_headers&quot;</span> <span class="se">\</span>
	--with-xtlibdir<span class="o">=</span>/usr/lib/iptables <span class="se">\</span>
	--with-xt-lock-name<span class="o">=</span>/var/run/xtables.lock <span class="se">\</span>
	<span class="k">$(if</span> <span class="k">$(</span>CONFIG_IPTABLES_CONNLABEL<span class="k">)</span>,,--disable-connlabel<span class="k">)</span> <span class="se">\</span>
	<span class="k">$(if</span> <span class="k">$(</span>CONFIG_IPV6<span class="k">)</span>,,--disable-ipv6<span class="k">)</span>

<span class="nv">MAKE_FLAGS</span> <span class="o">:=</span> <span class="se">\</span>
	<span class="k">$(</span>TARGET_CONFIGURE_OPTS<span class="k">)</span> <span class="se">\</span>
	<span class="nv">COPT_FLAGS</span><span class="o">=</span><span class="s2">&quot;</span><span class="k">$(</span>TARGET_CFLAGS<span class="k">)</span><span class="s2">&quot;</span> <span class="se">\</span>
	<span class="nv">KERNEL_DIR</span><span class="o">=</span><span class="s2">&quot;</span><span class="k">$(</span>LINUX_DIR<span class="k">)</span><span class="s2">/user_headers/&quot;</span> <span class="nv">PREFIX</span><span class="o">=</span>/usr <span class="se">\</span>
	<span class="nv">KBUILD_OUTPUT</span><span class="o">=</span><span class="s2">&quot;</span><span class="k">$(</span>LINUX_DIR<span class="k">)</span><span class="s2">&quot;</span> <span class="se">\</span>
	<span class="nv">BUILTIN_MODULES</span><span class="o">=</span><span class="s2">&quot;</span><span class="k">$(</span>patsubst ip6t_%,%,<span class="k">$(</span>patsubst ipt_%,%,<span class="k">$(</span>patsubst xt_%,%,<span class="k">$(</span>IPT_BUILTIN<span class="k">)</span> <span class="k">$(</span>IPT_CONNTRACK-m<span class="k">)</span> <span class="k">$(</span>IPT_NAT-m<span class="k">))))</span><span class="s2">&quot;</span>

<span class="cp">ifneq ($(wildcard $(PKG_BUILD_DIR)/.config_*),$(subst .configured_,.config_,$(STAMP_CONFIGURED)))</span>
<span class="cp">  define Build/Configure/rebuild</span>
	<span class="k">$(</span>FIND<span class="k">)</span> <span class="k">$(</span>PKG_BUILD_DIR<span class="k">)</span> -name <span class="se">\*</span>.o -or -name <span class="se">\*</span>.<span class="se">\?</span>o -or -name <span class="se">\*</span>.a <span class="p">|</span> <span class="k">$(</span>XARGS<span class="k">)</span> rm -f
	rm -f <span class="k">$(</span>PKG_BUILD_DIR<span class="k">)</span>/.config_*
	rm -f <span class="k">$(</span>PKG_BUILD_DIR<span class="k">)</span>/.configured_*
	touch <span class="k">$(</span>subst .configured_,.config_,<span class="k">$(</span>STAMP_CONFIGURED<span class="k">))</span>
<span class="cp">  endef</span>
<span class="cp">endif</span>

<span class="cp">define Build/Configure</span>
<span class="k">$(</span><span class="nv">Build</span>/<span class="nv">Configure</span>/<span class="nv">rebuild</span><span class="k">)</span>
<span class="k">$(</span><span class="nv">Build</span>/<span class="nv">Configure</span>/<span class="nv">Default</span><span class="k">)</span>
<span class="cp">endef</span>

<span class="cp">define Build/InstallDev</span>
	<span class="k">$(</span><span class="nv">INSTALL_DIR</span><span class="k">)</span> <span class="k">$(</span><span class="nv">1</span><span class="k">)</span><span class="err">/usr/include</span>
	<span class="k">$(</span><span class="nv">INSTALL_DIR</span><span class="k">)</span> <span class="k">$(</span><span class="nv">1</span><span class="k">)</span><span class="err">/usr/include/iptables</span>
	<span class="k">$(</span><span class="nv">INSTALL_DIR</span><span class="k">)</span> <span class="k">$(</span><span class="nv">1</span><span class="k">)</span><span class="err">/usr/include/net/netfilter</span>

<span class="c">	# XXX: iptables header fixup, some headers are not installed by iptables anymore</span>
	<span class="k">$(</span><span class="nv">CP</span><span class="k">)</span> <span class="k">$(</span><span class="nv">PKG_BUILD_DIR</span><span class="k">)</span><span class="err">/include/iptables/*.h</span> <span class="k">$(</span><span class="nv">1</span><span class="k">)</span><span class="err">/usr/include/iptables/</span>
	<span class="k">$(</span><span class="nv">CP</span><span class="k">)</span> <span class="k">$(</span><span class="nv">PKG_BUILD_DIR</span><span class="k">)</span><span class="err">/include/iptables.h</span> <span class="k">$(</span><span class="nv">1</span><span class="k">)</span><span class="err">/usr/include/</span>
	<span class="k">$(</span><span class="nv">CP</span><span class="k">)</span> <span class="k">$(</span><span class="nv">PKG_BUILD_DIR</span><span class="k">)</span><span class="err">/include/ip6tables.h</span> <span class="k">$(</span><span class="nv">1</span><span class="k">)</span><span class="err">/usr/include/</span>
	<span class="k">$(</span><span class="nv">CP</span><span class="k">)</span> <span class="k">$(</span><span class="nv">PKG_BUILD_DIR</span><span class="k">)</span><span class="err">/include/libipulog</span> <span class="k">$(</span><span class="nv">1</span><span class="k">)</span><span class="err">/usr/include/</span>
	<span class="k">$(</span><span class="nv">CP</span><span class="k">)</span> <span class="k">$(</span><span class="nv">PKG_BUILD_DIR</span><span class="k">)</span><span class="err">/include/libiptc</span> <span class="k">$(</span><span class="nv">1</span><span class="k">)</span><span class="err">/usr/include/</span>

	<span class="k">$(</span><span class="nv">CP</span><span class="k">)</span> <span class="k">$(</span><span class="nv">PKG_INSTALL_DIR</span><span class="k">)</span><span class="err">/usr/include/*</span> <span class="k">$(</span><span class="nv">1</span><span class="k">)</span><span class="err">/usr/include/</span>
	<span class="k">$(</span><span class="nv">INSTALL_DIR</span><span class="k">)</span> <span class="k">$(</span><span class="nv">1</span><span class="k">)</span><span class="err">/usr/lib</span>
	<span class="k">$(</span><span class="nv">CP</span><span class="k">)</span> <span class="k">$(</span><span class="nv">PKG_INSTALL_DIR</span><span class="k">)</span><span class="err">/usr/lib/libxtables.so*</span> <span class="k">$(</span><span class="nv">1</span><span class="k">)</span><span class="err">/usr/lib/</span>
	<span class="k">$(</span><span class="nv">CP</span><span class="k">)</span> <span class="k">$(</span><span class="nv">PKG_INSTALL_DIR</span><span class="k">)</span><span class="err">/usr/lib/libip*tc.so*</span> <span class="k">$(</span><span class="nv">1</span><span class="k">)</span><span class="err">/usr/lib/</span>
	<span class="k">$(</span><span class="nv">INSTALL_DIR</span><span class="k">)</span> <span class="k">$(</span><span class="nv">1</span><span class="k">)</span><span class="err">/usr/lib/pkgconfig</span>
	<span class="k">$(</span><span class="nv">CP</span><span class="k">)</span> <span class="k">$(</span><span class="nv">PKG_INSTALL_DIR</span><span class="k">)</span><span class="err">/usr/lib/pkgconfig/xtables.pc</span> <span class="k">$(</span><span class="nv">1</span><span class="k">)</span><span class="err">/usr/lib/pkgconfig/</span>
	<span class="k">$(</span><span class="nv">CP</span><span class="k">)</span> <span class="k">$(</span><span class="nv">PKG_INSTALL_DIR</span><span class="k">)</span><span class="err">/usr/lib/pkgconfig/libip*tc.pc</span> <span class="k">$(</span><span class="nv">1</span><span class="k">)</span><span class="err">/usr/lib/pkgconfig/</span>

<span class="c">	# XXX: needed by firewall3</span>
	<span class="k">$(</span><span class="nv">CP</span><span class="k">)</span> <span class="k">$(</span><span class="nv">PKG_BUILD_DIR</span><span class="k">)</span><span class="err">/extensions/libiptext*.so</span> <span class="k">$(</span><span class="nv">1</span><span class="k">)</span><span class="err">/usr/lib/</span>
<span class="cp">endef</span>

<span class="cp">define Package/xtables-legacy/install</span>
	<span class="k">$(</span><span class="nv">INSTALL_DIR</span><span class="k">)</span> <span class="k">$(</span><span class="nv">1</span><span class="k">)</span><span class="err">/usr/sbin</span>
	<span class="k">$(</span><span class="nv">CP</span><span class="k">)</span> <span class="k">$(</span><span class="nv">PKG_INSTALL_DIR</span><span class="k">)</span><span class="err">/usr/sbin/xtables-legacy-multi</span> <span class="k">$(</span><span class="nv">1</span><span class="k">)</span><span class="err">/usr/sbin/</span>
<span class="cp">endef</span>

<span class="cp">define Package/iptables-zz-legacy/install</span>
	<span class="k">$(</span><span class="nv">INSTALL_DIR</span><span class="k">)</span> <span class="k">$(</span><span class="nv">1</span><span class="k">)</span><span class="err">/usr/sbin</span>
	<span class="k">$(</span><span class="nv">CP</span><span class="k">)</span> <span class="k">$(</span><span class="nv">PKG_INSTALL_DIR</span><span class="k">)</span><span class="err">/usr/sbin/iptables-legacy{,-restore,-save}</span> <span class="k">$(</span><span class="nv">1</span><span class="k">)</span><span class="err">/usr/sbin/</span>
	<span class="k">$(</span><span class="nv">INSTALL_DIR</span><span class="k">)</span> <span class="k">$(</span><span class="nv">1</span><span class="k">)</span><span class="err">/usr/lib/iptables</span>
<span class="cp">endef</span>

<span class="cp">define Package/xtables-nft/install</span>
	<span class="k">$(</span><span class="nv">INSTALL_DIR</span><span class="k">)</span> <span class="k">$(</span><span class="nv">1</span><span class="k">)</span><span class="err">/usr/sbin</span>
	<span class="k">$(</span><span class="nv">CP</span><span class="k">)</span> <span class="k">$(</span><span class="nv">PKG_INSTALL_DIR</span><span class="k">)</span><span class="err">/usr/sbin/xtables-nft-multi</span> <span class="k">$(</span><span class="nv">1</span><span class="k">)</span><span class="err">/usr/sbin/</span>
<span class="cp">endef</span>

<span class="cp">define Package/arptables-nft/install</span>
	<span class="k">$(</span><span class="nv">INSTALL_DIR</span><span class="k">)</span> <span class="k">$(</span><span class="nv">1</span><span class="k">)</span><span class="err">/usr/sbin</span>
	<span class="k">$(</span><span class="nv">CP</span><span class="k">)</span> <span class="k">$(</span><span class="nv">PKG_INSTALL_DIR</span><span class="k">)</span><span class="err">/usr/sbin/arptables-nft{,-restore,-save}</span> <span class="k">$(</span><span class="nv">1</span><span class="k">)</span><span class="err">/usr/sbin/</span>
	<span class="k">$(</span><span class="nv">INSTALL_DIR</span><span class="k">)</span> <span class="k">$(</span><span class="nv">1</span><span class="k">)</span><span class="err">/usr/lib/iptables</span>
	<span class="k">$(</span><span class="nv">CP</span><span class="k">)</span> <span class="k">$(</span><span class="nv">PKG_BUILD_DIR</span><span class="k">)</span><span class="err">/extensions/libarpt_*.so</span> <span class="k">$(</span><span class="nv">1</span><span class="k">)</span><span class="err">/usr/lib/iptables/</span>
<span class="cp">endef</span>

<span class="cp">define Package/ebtables-nft/install</span>
	<span class="k">$(</span><span class="nv">INSTALL_DIR</span><span class="k">)</span> <span class="k">$(</span><span class="nv">1</span><span class="k">)</span><span class="err">/usr/sbin</span>
	<span class="k">$(</span><span class="nv">CP</span><span class="k">)</span> <span class="k">$(</span><span class="nv">PKG_INSTALL_DIR</span><span class="k">)</span><span class="err">/usr/sbin/ebtables-nft{,-restore,-save}</span> <span class="k">$(</span><span class="nv">1</span><span class="k">)</span><span class="err">/usr/sbin/</span>
	<span class="k">$(</span><span class="nv">INSTALL_DIR</span><span class="k">)</span> <span class="k">$(</span><span class="nv">1</span><span class="k">)</span><span class="err">/usr/lib/iptables</span>
	<span class="k">$(</span><span class="nv">CP</span><span class="k">)</span> <span class="k">$(</span><span class="nv">PKG_BUILD_DIR</span><span class="k">)</span><span class="err">/extensions/libebt_*.so</span> <span class="k">$(</span><span class="nv">1</span><span class="k">)</span><span class="err">/usr/lib/iptables/</span>
<span class="cp">endef</span>

<span class="cp">define Package/iptables-nft/install</span>
	<span class="k">$(</span><span class="nv">INSTALL_DIR</span><span class="k">)</span> <span class="k">$(</span><span class="nv">1</span><span class="k">)</span><span class="err">/usr/sbin</span>
	<span class="k">$(</span><span class="nv">CP</span><span class="k">)</span> <span class="k">$(</span><span class="nv">PKG_INSTALL_DIR</span><span class="k">)</span><span class="err">/usr/sbin/iptables-nft{,-restore,-save}</span> <span class="k">$(</span><span class="nv">1</span><span class="k">)</span><span class="err">/usr/sbin/</span>
	<span class="k">$(</span><span class="nv">CP</span><span class="k">)</span> <span class="k">$(</span><span class="nv">PKG_INSTALL_DIR</span><span class="k">)</span><span class="err">/usr/sbin/iptables{,-restore}-translate</span> <span class="k">$(</span><span class="nv">1</span><span class="k">)</span><span class="err">/usr/sbin/</span>
<span class="cp">endef</span>

<span class="cp">define Package/ip6tables-zz-legacy/install</span>
	<span class="k">$(</span><span class="nv">INSTALL_DIR</span><span class="k">)</span> <span class="k">$(</span><span class="nv">1</span><span class="k">)</span><span class="err">/usr/sbin</span>
	<span class="k">$(</span><span class="nv">CP</span><span class="k">)</span> <span class="k">$(</span><span class="nv">PKG_INSTALL_DIR</span><span class="k">)</span><span class="err">/usr/sbin/ip6tables-legacy{,-restore,-save}</span> <span class="k">$(</span><span class="nv">1</span><span class="k">)</span><span class="err">/usr/sbin/</span>
<span class="cp">endef</span>

<span class="cp">define Package/ip6tables-nft/install</span>
	<span class="k">$(</span><span class="nv">INSTALL_DIR</span><span class="k">)</span> <span class="k">$(</span><span class="nv">1</span><span class="k">)</span><span class="err">/usr/sbin</span>
	<span class="k">$(</span><span class="nv">CP</span><span class="k">)</span> <span class="k">$(</span><span class="nv">PKG_INSTALL_DIR</span><span class="k">)</span><span class="err">/usr/sbin/ip6tables-nft{,-restore,-save}</span> <span class="k">$(</span><span class="nv">1</span><span class="k">)</span><span class="err">/usr/sbin/</span>
	<span class="k">$(</span><span class="nv">CP</span><span class="k">)</span> <span class="k">$(</span><span class="nv">PKG_INSTALL_DIR</span><span class="k">)</span><span class="err">/usr/sbin/ip6tables{,-restore}-translate</span> <span class="k">$(</span><span class="nv">1</span><span class="k">)</span><span class="err">/usr/sbin/</span>
<span class="cp">endef</span>

<span class="cp">define Package/libip4tc/install</span>
	<span class="k">$(</span><span class="nv">INSTALL_DIR</span><span class="k">)</span> <span class="k">$(</span><span class="nv">1</span><span class="k">)</span><span class="err">/usr/lib</span>
	<span class="k">$(</span><span class="nv">CP</span><span class="k">)</span> <span class="k">$(</span><span class="nv">PKG_INSTALL_DIR</span><span class="k">)</span><span class="err">/usr/lib/libip4tc.so.*</span> <span class="k">$(</span><span class="nv">1</span><span class="k">)</span><span class="err">/usr/lib/</span>
<span class="cp">endef</span>

<span class="cp">define Package/libip6tc/install</span>
	<span class="k">$(</span><span class="nv">INSTALL_DIR</span><span class="k">)</span> <span class="k">$(</span><span class="nv">1</span><span class="k">)</span><span class="err">/usr/lib</span>
	<span class="k">$(</span><span class="nv">CP</span><span class="k">)</span> <span class="k">$(</span><span class="nv">PKG_INSTALL_DIR</span><span class="k">)</span><span class="err">/usr/lib/libip6tc.so.*</span> <span class="k">$(</span><span class="nv">1</span><span class="k">)</span><span class="err">/usr/lib/</span>
<span class="cp">endef</span>

<span class="cp">define Package/libiptext/install</span>
	<span class="k">$(</span><span class="nv">INSTALL_DIR</span><span class="k">)</span> <span class="k">$(</span><span class="nv">1</span><span class="k">)</span><span class="err">/usr/lib</span>
	<span class="k">$(</span><span class="nv">CP</span><span class="k">)</span> <span class="k">$(</span><span class="nv">PKG_BUILD_DIR</span><span class="k">)</span><span class="err">/extensions/libiptext.so</span> <span class="k">$(</span><span class="nv">1</span><span class="k">)</span><span class="err">/usr/lib/</span>
	<span class="k">$(</span><span class="nv">CP</span><span class="k">)</span> <span class="k">$(</span><span class="nv">PKG_BUILD_DIR</span><span class="k">)</span><span class="err">/extensions/libiptext4.so</span> <span class="k">$(</span><span class="nv">1</span><span class="k">)</span><span class="err">/usr/lib/</span>
<span class="cp">endef</span>

<span class="cp">define Package/libiptext6/install</span>
	<span class="k">$(</span><span class="nv">INSTALL_DIR</span><span class="k">)</span> <span class="k">$(</span><span class="nv">1</span><span class="k">)</span><span class="err">/usr/lib</span>
	<span class="k">$(</span><span class="nv">CP</span><span class="k">)</span> <span class="k">$(</span><span class="nv">PKG_BUILD_DIR</span><span class="k">)</span><span class="err">/extensions/libiptext6.so</span> <span class="k">$(</span><span class="nv">1</span><span class="k">)</span><span class="err">/usr/lib/</span>
<span class="cp">endef</span>

<span class="cp">define Package/libiptext-nft/install</span>
	<span class="k">$(</span><span class="nv">INSTALL_DIR</span><span class="k">)</span> <span class="k">$(</span><span class="nv">1</span><span class="k">)</span><span class="err">/usr/lib</span>
	<span class="k">$(</span><span class="nv">CP</span><span class="k">)</span> <span class="k">$(</span><span class="nv">PKG_BUILD_DIR</span><span class="k">)</span><span class="err">/extensions/libiptext_*.so</span> <span class="k">$(</span><span class="nv">1</span><span class="k">)</span><span class="err">/usr/lib/</span>
<span class="cp">endef</span>

<span class="cp">define Package/libxtables/install</span>
	<span class="k">$(</span><span class="nv">INSTALL_DIR</span><span class="k">)</span> <span class="k">$(</span><span class="nv">1</span><span class="k">)</span><span class="err">/usr/lib</span>
	<span class="k">$(</span><span class="nv">CP</span><span class="k">)</span> <span class="k">$(</span><span class="nv">PKG_INSTALL_DIR</span><span class="k">)</span><span class="err">/usr/lib/libxtables.so.*</span> <span class="k">$(</span><span class="nv">1</span><span class="k">)</span><span class="err">/usr/lib/</span>
<span class="cp">endef</span>

<span class="cp">define BuildPlugin</span>
<span class="cp">  define Package/$(1)/install</span>
	<span class="k">$(</span><span class="nv">INSTALL_DIR</span><span class="k">)</span> <span class="k">$$</span><span class="err">(1)/usr/lib/iptables</span>
	<span class="err">for</span> <span class="err">m</span> <span class="err">in</span> <span class="k">$(</span><span class="nv">patsubst</span> <span class="nv">xt_</span>%,<span class="nv">ipt_</span>%,<span class="k">$(</span><span class="nv">2</span><span class="k">))</span> <span class="k">$(</span><span class="nv">patsubst</span> <span class="nv">ipt_</span>%,<span class="nv">xt_</span>%,<span class="k">$(</span><span class="nv">2</span><span class="k">))</span> <span class="k">$(</span><span class="nv">patsubst</span> <span class="nv">xt_</span>%,<span class="nv">ip6t_</span>%,<span class="k">$(</span><span class="nv">2</span><span class="k">))</span> <span class="k">$(</span><span class="nv">patsubst</span> <span class="nv">ip6t_</span>%,<span class="nv">xt_</span>%,<span class="k">$(</span><span class="nv">2</span><span class="k">))</span><span class="err">;</span> <span class="err">do</span> <span class="err">\</span>
<span class="cp">		if [ -f $(PKG_INSTALL_DIR)/usr/lib/iptables/lib$$$$$$$${m}.so ]; then \</span>
<span class="cp">			$(CP) $(PKG_INSTALL_DIR)/usr/lib/iptables/lib$$$$$$$${m}.so $$(1)/usr/lib/iptables/ ; \</span>
<span class="cp">		fi; \</span>
<span class="cp">	done</span>
	<span class="k">$(</span><span class="nv">3</span><span class="k">)</span>
<span class="cp">  endef</span>

  <span class="k">$$</span><span class="err">(eval</span> <span class="k">$$</span><span class="err">(call</span> <span class="err">BuildPackage,</span><span class="k">$(</span><span class="nv">1</span><span class="k">)</span><span class="err">))</span>
<span class="cp">endef</span>

<span class="k">$(</span><span class="nv">eval</span> <span class="k">$(</span><span class="nv">call</span> <span class="nv">BuildPackage</span>,<span class="nv">libxtables</span><span class="k">))</span>
<span class="k">$(</span><span class="nv">eval</span> <span class="k">$(</span><span class="nv">call</span> <span class="nv">BuildPackage</span>,<span class="nv">libip4tc</span><span class="k">))</span>
<span class="k">$(</span><span class="nv">eval</span> <span class="k">$(</span><span class="nv">call</span> <span class="nv">BuildPackage</span>,<span class="nv">libip6tc</span><span class="k">))</span>
<span class="k">$(</span><span class="nv">eval</span> <span class="k">$(</span><span class="nv">call</span> <span class="nv">BuildPackage</span>,<span class="nv">libiptext</span><span class="k">))</span>
<span class="k">$(</span><span class="nv">eval</span> <span class="k">$(</span><span class="nv">call</span> <span class="nv">BuildPackage</span>,<span class="nv">libiptext6</span><span class="k">))</span>
<span class="k">$(</span><span class="nv">eval</span> <span class="k">$(</span><span class="nv">call</span> <span class="nv">BuildPackage</span>,<span class="nv">libiptext-nft</span><span class="k">))</span>
<span class="k">$(</span><span class="nv">eval</span> <span class="k">$(</span><span class="nv">call</span> <span class="nv">BuildPackage</span>,<span class="nv">xtables-legacy</span><span class="k">))</span>
<span class="k">$(</span><span class="nv">eval</span> <span class="k">$(</span><span class="nv">call</span> <span class="nv">BuildPackage</span>,<span class="nv">xtables-nft</span><span class="k">))</span>
<span class="k">$(</span><span class="nv">eval</span> <span class="k">$(</span><span class="nv">call</span> <span class="nv">BuildPackage</span>,<span class="nv">arptables-nft</span><span class="k">))</span>
<span class="k">$(</span><span class="nv">eval</span> <span class="k">$(</span><span class="nv">call</span> <span class="nv">BuildPackage</span>,<span class="nv">ebtables-nft</span><span class="k">))</span>
<span class="k">$(</span><span class="nv">eval</span> <span class="k">$(</span><span class="nv">call</span> <span class="nv">BuildPackage</span>,<span class="nv">iptables-nft</span><span class="k">))</span>
<span class="k">$(</span><span class="nv">eval</span> <span class="k">$(</span><span class="nv">call</span> <span class="nv">BuildPackage</span>,<span class="nv">iptables-zz-legacy</span><span class="k">))</span>
<span class="k">$(</span><span class="nv">eval</span> <span class="k">$(</span><span class="nv">call</span> <span class="nv">BuildPlugin</span>,<span class="nv">iptables-mod-conntrack-extra</span>,<span class="k">$(</span><span class="nv">IPT_CONNTRACK_EXTRA-m</span><span class="k">)))</span>
<span class="k">$(</span><span class="nv">eval</span> <span class="k">$(</span><span class="nv">call</span> <span class="nv">BuildPlugin</span>,<span class="nv">iptables-mod-conntrack-label</span>,<span class="k">$(</span><span class="nv">IPT_CONNTRACK_LABEL-m</span><span class="k">)))</span>
<span class="k">$(</span><span class="nv">eval</span> <span class="k">$(</span><span class="nv">call</span> <span class="nv">BuildPlugin</span>,<span class="nv">iptables-mod-extra</span>,<span class="k">$(</span><span class="nv">IPT_EXTRA-m</span><span class="k">)))</span>
<span class="k">$(</span><span class="nv">eval</span> <span class="k">$(</span><span class="nv">call</span> <span class="nv">BuildPlugin</span>,<span class="nv">iptables-mod-physdev</span>,<span class="k">$(</span><span class="nv">IPT_PHYSDEV-m</span><span class="k">)))</span>
<span class="k">$(</span><span class="nv">eval</span> <span class="k">$(</span><span class="nv">call</span> <span class="nv">BuildPlugin</span>,<span class="nv">iptables-mod-filter</span>,<span class="k">$(</span><span class="nv">IPT_FILTER-m</span><span class="k">)))</span>
<span class="k">$(</span><span class="nv">eval</span> <span class="k">$(</span><span class="nv">call</span> <span class="nv">BuildPlugin</span>,<span class="nv">iptables-mod-ipopt</span>,<span class="k">$(</span><span class="nv">IPT_IPOPT-m</span><span class="k">)))</span>
<span class="k">$(</span><span class="nv">eval</span> <span class="k">$(</span><span class="nv">call</span> <span class="nv">BuildPlugin</span>,<span class="nv">iptables-mod-ipsec</span>,<span class="k">$(</span><span class="nv">IPT_IPSEC-m</span><span class="k">)))</span>
<span class="k">$(</span><span class="nv">eval</span> <span class="k">$(</span><span class="nv">call</span> <span class="nv">BuildPlugin</span>,<span class="nv">iptables-mod-nat-extra</span>,<span class="k">$(</span><span class="nv">IPT_NAT_EXTRA-m</span><span class="k">)))</span>
<span class="k">$(</span><span class="nv">eval</span> <span class="k">$(</span><span class="nv">call</span> <span class="nv">BuildPlugin</span>,<span class="nv">iptables-mod-iprange</span>,<span class="k">$(</span><span class="nv">IPT_IPRANGE-m</span><span class="k">)))</span>
<span class="k">$(</span><span class="nv">eval</span> <span class="k">$(</span><span class="nv">call</span> <span class="nv">BuildPlugin</span>,<span class="nv">iptables-mod-cluster</span>,<span class="k">$(</span><span class="nv">IPT_CLUSTER-m</span><span class="k">)))</span>
<span class="k">$(</span><span class="nv">eval</span> <span class="k">$(</span><span class="nv">call</span> <span class="nv">BuildPlugin</span>,<span class="nv">iptables-mod-clusterip</span>,<span class="k">$(</span><span class="nv">IPT_CLUSTERIP-m</span><span class="k">)))</span>
<span class="k">$(</span><span class="nv">eval</span> <span class="k">$(</span><span class="nv">call</span> <span class="nv">BuildPlugin</span>,<span class="nv">iptables-mod-hashlimit</span>,<span class="k">$(</span><span class="nv">IPT_HASHLIMIT-m</span><span class="k">)))</span>
<span class="k">$(</span><span class="nv">eval</span> <span class="k">$(</span><span class="nv">call</span> <span class="nv">BuildPlugin</span>,<span class="nv">iptables-mod-rpfilter</span>,<span class="k">$(</span><span class="nv">IPT_RPFILTER-m</span><span class="k">)))</span>
<span class="k">$(</span><span class="nv">eval</span> <span class="k">$(</span><span class="nv">call</span> <span class="nv">BuildPlugin</span>,<span class="nv">iptables-mod-led</span>,<span class="k">$(</span><span class="nv">IPT_LED-m</span><span class="k">)))</span>
<span class="k">$(</span><span class="nv">eval</span> <span class="k">$(</span><span class="nv">call</span> <span class="nv">BuildPlugin</span>,<span class="nv">iptables-mod-socket</span>,<span class="k">$(</span><span class="nv">IPT_SOCKET-m</span><span class="k">)))</span>
<span class="k">$(</span><span class="nv">eval</span> <span class="k">$(</span><span class="nv">call</span> <span class="nv">BuildPlugin</span>,<span class="nv">iptables-mod-tproxy</span>,<span class="k">$(</span><span class="nv">IPT_TPROXY-m</span><span class="k">)))</span>
<span class="k">$(</span><span class="nv">eval</span> <span class="k">$(</span><span class="nv">call</span> <span class="nv">BuildPlugin</span>,<span class="nv">iptables-mod-tee</span>,<span class="k">$(</span><span class="nv">IPT_TEE-m</span><span class="k">)))</span>
<span class="k">$(</span><span class="nv">eval</span> <span class="k">$(</span><span class="nv">call</span> <span class="nv">BuildPlugin</span>,<span class="nv">iptables-mod-u32</span>,<span class="k">$(</span><span class="nv">IPT_U32-m</span><span class="k">)))</span>
<span class="k">$(</span><span class="nv">eval</span> <span class="k">$(</span><span class="nv">call</span> <span class="nv">BuildPlugin</span>,<span class="nv">iptables-mod-nflog</span>,<span class="k">$(</span><span class="nv">IPT_NFLOG-m</span><span class="k">)))</span>
<span class="k">$(</span><span class="nv">eval</span> <span class="k">$(</span><span class="nv">call</span> <span class="nv">BuildPlugin</span>,<span class="nv">iptables-mod-trace</span>,<span class="k">$(</span><span class="nv">IPT_DEBUG-m</span><span class="k">)))</span>
<span class="k">$(</span><span class="nv">eval</span> <span class="k">$(</span><span class="nv">call</span> <span class="nv">BuildPlugin</span>,<span class="nv">iptables-mod-nfqueue</span>,<span class="k">$(</span><span class="nv">IPT_NFQUEUE-m</span><span class="k">)))</span>
<span class="k">$(</span><span class="nv">eval</span> <span class="k">$(</span><span class="nv">call</span> <span class="nv">BuildPlugin</span>,<span class="nv">iptables-mod-checksum</span>,<span class="k">$(</span><span class="nv">IPT_CHECKSUM-m</span><span class="k">)))</span>
<span class="k">$(</span><span class="nv">eval</span> <span class="k">$(</span><span class="nv">call</span> <span class="nv">BuildPackage</span>,<span class="nv">ip6tables-nft</span><span class="k">))</span>
<span class="k">$(</span><span class="nv">eval</span> <span class="k">$(</span><span class="nv">call</span> <span class="nv">BuildPackage</span>,<span class="nv">ip6tables-zz-legacy</span><span class="k">))</span>
<span class="k">$(</span><span class="nv">eval</span> <span class="k">$(</span><span class="nv">call</span> <span class="nv">BuildPlugin</span>,<span class="nv">ip6tables-extra</span>,<span class="k">$(</span><span class="nv">IPT_IPV6_EXTRA-m</span><span class="k">)))</span>
<span class="k">$(</span><span class="nv">eval</span> <span class="k">$(</span><span class="nv">call</span> <span class="nv">BuildPlugin</span>,<span class="nv">ip6tables-mod-nat</span>,<span class="k">$(</span><span class="nv">IPT_NAT6-m</span><span class="k">)))</span>
</pre></div>
</code></pre></td></tr></table>
</div> <!-- class=content -->
<div class='footer'>generated by <a href='https://git.zx2c4.com/cgit/about/'>cgit v1.2.3</a> (<a href='https://git-scm.com/'>git 2.25.1</a>) at 2026-02-22 14:39:35 +0000</div>
</div> <!-- id=cgit -->
</body>
</html>