diff options
author | Martin Strobel <arctus@crza.de> | 2018-07-07 09:24:30 +0200 |
---|---|---|
committer | John Crispin <john@phrozen.org> | 2018-07-30 10:43:36 +0200 |
commit | 7d7323bccd6df4917f3a97e54cb237ee3849ca17 (patch) | |
tree | c53d3d9fdca0408218af0cd1ca1da7107e3018b1 /package/network | |
parent | 7bbd1855cd06db7552c14d91f1151c8100e8813e (diff) | |
download | upstream-7d7323bccd6df4917f3a97e54cb237ee3849ca17.tar.gz upstream-7d7323bccd6df4917f3a97e54cb237ee3849ca17.tar.bz2 upstream-7d7323bccd6df4917f3a97e54cb237ee3849ca17.zip |
iptables: add ip[6|]tables-compat packages + libxtables-compat depends on IPTABLES_NFTABLES
allows iptables-compat to use nft packet filtering
allows to translate iptables-style to nft-style
Signed-off-by: Martin Strobel <arctus@crza.de>
Diffstat (limited to 'package/network')
-rw-r--r-- | package/network/utils/iptables/Makefile | 59 |
1 files changed, 59 insertions, 0 deletions
diff --git a/package/network/utils/iptables/Makefile b/package/network/utils/iptables/Makefile index 8423701f07..9bcb864b97 100644 --- a/package/network/utils/iptables/Makefile +++ b/package/network/utils/iptables/Makefile @@ -106,6 +106,21 @@ IP firewall administration tool. endef +define Package/iptables-compat +$(call Package/iptables/Default) + TITLE:=IP firewall administration tool compat + DEPENDS:=iptables @IPTABLES_NFTABLES +libxtables-compat +endef + +define Package/iptables-compat/description +Extra iptables nftables compat binaries. + iptables-compat + iptables-compat-restore + iptables-compat-save + iptables-translate + iptables-restore-translate +endef + define Package/iptables-mod-conntrack-extra $(call Package/iptables/Module, +kmod-ipt-conntrack-extra) TITLE:=Extra connection tracking extensions @@ -438,6 +453,20 @@ $(call Package/iptables/Default) MENU:=1 endef +define Package/ip6tables-compat +$(call Package/iptables/Default) + DEPENDS:=ip6tables @IPTABLES_NFTABLES +libxtables-compat + TITLE:=IP firewall administration tool compat +endef + +define Package/ip6tables-compat/description +Extra ip6tables nftables compat binaries. + iptables-compat + iptables-compat-restore + iptables-compat-save + iptables-translate + iptables-restore-translate +endef define Package/ip6tables-extra $(call Package/iptables/Default) @@ -497,6 +526,15 @@ define Package/libxtables +IPTABLES_NFTABLES:libnftnl endef +define Package/libxtables-compat + $(call Package/iptables/Default) + SECTION:=libs + CATEGORY:=Libraries + TITLE:=IPv4/IPv6 firewall - shared xtables compat library + ABI_VERSION:=$(PKG_VERSION) + DEPENDS:=libxtables +endef + TARGET_CPPFLAGS := \ -I$(PKG_BUILD_DIR)/include \ -I$(LINUX_DIR)/user_headers/include \ @@ -574,11 +612,24 @@ define Package/iptables/install $(INSTALL_DIR) $(1)/usr/lib/iptables endef +define Package/iptables-compat/install + $(INSTALL_DIR) $(1)/usr/sbin + $(CP) $(PKG_INSTALL_DIR)/usr/sbin/xtables-compat-multi $(1)/usr/sbin/ + $(CP) $(PKG_INSTALL_DIR)/usr/sbin/iptables-compat{,-restore,-save} $(1)/usr/sbin/ + $(CP) $(PKG_INSTALL_DIR)/usr/sbin/iptables{,-restore}-translate $(1)/usr/sbin/ +endef + define Package/ip6tables/install $(INSTALL_DIR) $(1)/usr/sbin $(CP) $(PKG_INSTALL_DIR)/usr/sbin/ip6tables{,-restore,-save} $(1)/usr/sbin/ endef +define Package/ip6tables-compat/install + $(INSTALL_DIR) $(1)/usr/sbin + $(CP) $(PKG_INSTALL_DIR)/usr/sbin/ip6tables-compat{,-restore,-save} $(1)/usr/sbin/ + $(CP) $(PKG_INSTALL_DIR)/usr/sbin/ip6tables{,-restore}-translate $(1)/usr/sbin/ +endef + define Package/libiptc/install $(INSTALL_DIR) $(1)/usr/lib $(CP) $(PKG_INSTALL_DIR)/usr/lib/libiptc.so* $(1)/usr/lib/ @@ -602,6 +653,11 @@ define Package/libxtables/install $(CP) $(PKG_BUILD_DIR)/extensions/libiptext.so $(1)/usr/lib/ endef +define Package/libxtables-compat/install + $(INSTALL_DIR) $(1)/usr/lib + $(CP) $(PKG_BUILD_DIR)/extensions/libiptext_*.so $(1)/usr/lib/ +endef + define BuildPlugin define Package/$(1)/install $(INSTALL_DIR) $$(1)/usr/lib/iptables @@ -617,6 +673,7 @@ define BuildPlugin endef $(eval $(call BuildPackage,iptables)) +$(eval $(call BuildPackage,iptables-compat)) $(eval $(call BuildPlugin,iptables-mod-conntrack-extra,$(IPT_CONNTRACK_EXTRA-m))) $(eval $(call BuildPlugin,iptables-mod-conntrack-label,$(IPT_CONNTRACK_LABEL-m))) $(eval $(call BuildPlugin,iptables-mod-extra,$(IPT_EXTRA-m))) @@ -640,9 +697,11 @@ $(eval $(call BuildPlugin,iptables-mod-trace,$(IPT_DEBUG-m))) $(eval $(call BuildPlugin,iptables-mod-nfqueue,$(IPT_NFQUEUE-m))) $(eval $(call BuildPlugin,iptables-mod-checksum,$(IPT_CHECKSUM-m))) $(eval $(call BuildPackage,ip6tables)) +$(eval $(call BuildPackage,ip6tables-compat)) $(eval $(call BuildPlugin,ip6tables-extra,$(IPT_IPV6_EXTRA-m))) $(eval $(call BuildPlugin,ip6tables-mod-nat,$(IPT_NAT6-m))) $(eval $(call BuildPackage,libiptc)) $(eval $(call BuildPackage,libip4tc)) $(eval $(call BuildPackage,libip6tc)) $(eval $(call BuildPackage,libxtables)) +$(eval $(call BuildPackage,libxtables-compat)) |