1 # Copyright 2017-2022 Stan Grishin (stangri@melmac.ca)
2 # This is free software, licensed under the GNU General Public License v3.
4 include $(TOPDIR
)/rules.mk
9 PKG_LICENSE
:=GPL-3.0
-or-later
10 PKG_MAINTAINER
:=Stan Grishin
<stangri@melmac.ca
>
12 include $(INCLUDE_DIR
)/package.mk
14 define Package
/pbr
/default
19 TITLE
:=Policy Based Routing Service
20 URL
:=https
://docs.openwrt.melmac.net
/pbr
/
21 DEPENDS
:=+ip-full
+jshn
+jsonfilter
+resolveip
22 CONFLICTS
:=vpnbypass vpn-policy-routing
27 $(call Package
/pbr
/default
)
28 TITLE
+= with nft
/nft set support
29 DEPENDS
+=+firewall4
+kmod-nft-core
+kmod-nft-nat
+nftables-json
30 PROVIDES
:=vpnbypass vpn-policy-routing
33 define Package
/pbr-iptables
34 $(call Package
/pbr
/default
)
35 TITLE
+= with iptables
/ipset support
36 DEPENDS
+=+ipset
+iptables
+kmod-ipt-ipset
+iptables-mod-ipopt
37 PROVIDES
:=pbr vpnbypass vpn-policy-routing
40 define Package
/pbr-netifd
41 $(call Package
/pbr
/default
)
42 TITLE
+= with netifd support
43 PROVIDES
:=pbr vpnbypass vpn-policy-routing
46 define Package
/pbr
/description
47 This service enables policy-based routing for WAN interfaces and various VPN tunnels.
48 This version supports OpenWrt with both fw3
/ipset
/iptables and fw4
/nft.
51 define Package
/pbr-iptables
/description
52 This service enables policy-based routing for WAN interfaces and various VPN tunnels.
53 This version supports OpenWrt with fw3
/ipset
/iptables.
56 define Package
/pbr-netifd
/description
57 This service enables policy-based routing for WAN interfaces and various VPN tunnels.
58 This version supports OpenWrt with both fw3
/ipset
/iptables and fw4
/nft.
59 This version uses OpenWrt native netifd
/tables to set up interfaces. This is WIP.
62 define Package
/pbr
/conffiles
66 Package
/pbr-iptables
/conffiles
= $(Package
/pbr
/conffiles
)
67 Package
/pbr-netifd
/conffiles
= $(Package
/pbr
/conffiles
)
69 define Build
/Configure
75 define Package
/pbr
/default
/install
76 $(INSTALL_DIR
) $(1)/etc
/init.d
77 $(INSTALL_BIN
) .
/files
/etc
/init.d
/pbr.init
$(1)/etc
/init.d
/pbr
78 $(SED
) "s|^\(readonly PKG_VERSION\).*|\1='$(PKG_VERSION)-$(PKG_RELEASE)'|" $(1)/etc
/init.d
/pbr
79 $(INSTALL_DIR
) $(1)/etc
/hotplug.d
/firewall
80 $(INSTALL_DIR
) $(1)/etc
/hotplug.d
/iface
81 $(INSTALL_DATA
) .
/files
/etc
/hotplug.d
/iface
/70-pbr
$(1)/etc
/hotplug.d
/iface
/70-pbr
82 $(INSTALL_DIR
) $(1)/etc
/uci-defaults
83 $(INSTALL_BIN
) .
/files
/etc
/uci-defaults
/90-pbr
$(1)/etc
/uci-defaults
/90-pbr
84 $(INSTALL_DIR
) $(1)/usr
/share
/pbr
85 $(INSTALL_DATA
) .
/files
/usr
/share
/pbr
/pbr.firewall.
include $(1)/usr
/share
/pbr
/pbr.firewall.
include
86 $(INSTALL_DATA
) .
/files
/usr
/share
/pbr
/pbr.user.aws
$(1)/usr
/share
/pbr
/pbr.user.aws
87 $(INSTALL_DATA
) .
/files
/usr
/share
/pbr
/pbr.user.netflix
$(1)/usr
/share
/pbr
/pbr.user.netflix
90 define Package
/pbr
/install
91 $(call Package
/pbr
/default
/install,$(1))
92 $(INSTALL_DIR
) $(1)/etc
/config
93 $(INSTALL_CONF
) .
/files
/etc
/config
/pbr
$(1)/etc
/config
/pbr
94 $(INSTALL_DIR
) $(1)/usr
/share
/nftables.d
95 $(CP
) .
/files
/usr
/share
/nftables.d
/* $(1)/usr
/share
/nftables.d
/
98 define Package
/pbr-iptables
/install
99 $(call Package
/pbr
/default
/install,$(1))
100 $(INSTALL_DIR
) $(1)/etc
/config
101 $(INSTALL_CONF
) .
/files
/etc
/config
/pbr.iptables
$(1)/etc
/config
/pbr
104 define Package
/pbr-netifd
/install
105 $(call Package
/pbr
/default
/install,$(1))
106 $(INSTALL_DIR
) $(1)/etc
/config
107 $(INSTALL_CONF
) .
/files
/etc
/config
/pbr
$(1)/etc
/config
/pbr
108 $(INSTALL_DIR
) $(1)/etc
/uci-defaults
109 $(INSTALL_BIN
) .
/files
/etc
/uci-defaults
/91-pbr
$(1)/etc
/uci-defaults
/91-pbr
112 define Package
/pbr
/postinst
114 # check if we are on real system
115 if
[ -z
"$${IPKG_INSTROOT}" ]; then
116 chmod
-x
/etc
/init.d
/pbr || true
117 fw4
-q reload || true
118 chmod
+x
/etc
/init.d
/pbr || true
119 echo
-n
"Installing rc.d symlink for pbr... "
120 /etc
/init.d
/pbr enable
&& echo
"OK" || echo
"FAIL"
125 define Package
/pbr
/prerm
127 # check if we are on real system
128 if
[ -z
"$${IPKG_INSTROOT}" ]; then
129 uci
-q delete firewall.pbr || true
130 echo
"Stopping pbr service... "
131 /etc
/init.d
/pbr stop || true
132 echo
-n
"Removing rc.d symlink for pbr... "
133 /etc
/init.d
/pbr disable
&& echo
"OK" || echo
"FAIL"
138 define Package
/pbr
/postrm
140 # check if we are on real system
141 if
[ -z
"$${IPKG_INSTROOT}" ]; then
142 fw4
-q reload || true
147 define Package
/pbr-iptables
/postinst
149 # check if we are on real system
150 if
[ -z
"$${IPKG_INSTROOT}" ]; then
151 echo
-n
"Installing rc.d symlink for pbr... "
152 /etc
/init.d
/pbr enable
&& echo
"OK" || echo
"FAIL"
157 define Package
/pbr-iptables
/prerm
159 # check if we are on real system
160 if
[ -z
"$${IPKG_INSTROOT}" ]; then
161 uci
-q delete firewall.pbr || true
162 echo
"Stopping pbr service... "
163 /etc
/init.d
/pbr stop || true
164 echo
-n
"Removing rc.d symlink for pbr... "
165 /etc
/init.d
/pbr disable
&& echo
"OK" || echo
"FAIL"
170 define Package
/pbr-netifd
/postinst
172 # check if we are on real system
173 if
[ -z
"$${IPKG_INSTROOT}" ]; then
174 echo
-n
"Installing rc.d symlink for pbr... "
175 /etc
/init.d
/pbr enable
&& echo
"OK" || echo
"FAIL"
176 # echo -n "Installing netifd support for pbr... "
177 # /etc/init.d/pbr netifd install && echo "OK" || echo "FAIL"
178 # echo -n "Restarting network... "
179 # /etc/init.d/network restart && echo "OK" || echo "FAIL"
184 define Package
/pbr-netifd
/prerm
186 # check if we are on real system
187 if
[ -z
"$${IPKG_INSTROOT}" ]; then
188 uci
-q delete firewall.pbr || true
189 echo
"Stopping pbr service... "
190 /etc
/init.d
/pbr stop || true
191 # echo -n "Removing netifd support for pbr... "
192 # /etc/init.d/pbr netifd remove && echo "OK" || echo "FAIL"
193 echo
-n
"Removing rc.d symlink for pbr... "
194 /etc
/init.d
/pbr disable
&& echo
"OK" || echo
"FAIL"
195 # echo -n "Restarting network... "
196 # /etc/init.d/network restart && echo "OK" || echo "FAIL"
201 $(eval
$(call BuildPackage
,pbr
))
202 $(eval
$(call BuildPackage
,pbr-iptables
))
203 #$(eval $(call BuildPackage,pbr-netifd))