projects / openwrt / staging / dedeckeh.git / blob
? search:


4c1119e84f4ab34ab420ddbd67357213a0d704b4
[openwrt/staging/dedeckeh.git] / package / network / utils / iptables / Makefile
1 #
2 # Copyright (C) 2006-2016 OpenWrt.org
3 #
4 # This is free software, licensed under the GNU General Public License v2.
5 # See /LICENSE for more information.
6 #
7
8 include $(TOPDIR)/rules.mk
9 include $(INCLUDE_DIR)/kernel.mk
10
11 PKG_NAME:=iptables
12 PKG_VERSION:=1.8.7
13 PKG_RELEASE:=5
14
15 PKG_SOURCE_URL:=https://netfilter.org/projects/iptables/files
16 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
17 PKG_HASH:=c109c96bb04998cd44156622d36f8e04b140701ec60531a10668cfdff5e8d8f0
18
19 PKG_FIXUP:=autoreconf
20 PKG_FLAGS:=nonshared
21
22 PKG_INSTALL:=1
23 PKG_BUILD_PARALLEL:=1
24 PKG_LICENSE:=GPL-2.0
25 PKG_CPE_ID:=cpe:/a:netfilter_core_team:iptables
26
27 include $(INCLUDE_DIR)/package.mk
28 ifeq ($(DUMP),)
29 -include $(LINUX_DIR)/.config
30 include $(INCLUDE_DIR)/netfilter.mk
31 STAMP_CONFIGURED:=$(strip $(STAMP_CONFIGURED))_$(shell grep 'NETFILTER' $(LINUX_DIR)/.config | $(MKHASH) md5)
32 endif
33
34
35 define Package/iptables/Default
36 SECTION:=net
37 CATEGORY:=Network
38 SUBMENU:=Firewall
39 URL:=https://netfilter.org/
40 endef
41
42 define Package/iptables/Module
43 $(call Package/iptables/Default)
44 DEPENDS:=+libxtables $(1)
45 endef
46
47 define Package/xtables-legacy
48 $(call Package/iptables/Default)
49 TITLE:=IP firewall administration tool
50 DEPENDS+= +kmod-ipt-core +libip4tc +IPV6:libip6tc +libiptext +IPV6:libiptext6 +libxtables
51 endef
52
53 define Package/iptables-legacy
54 $(call Package/iptables/Default)
55 TITLE:=IP firewall administration tool
56 DEPENDS+= +xtables-legacy
57 PROVIDES:=iptables
58 ALTERNATIVES:=\
59 200:/usr/sbin/iptables:/usr/sbin/xtables-legacy-multi \
60 200:/usr/sbin/iptables-restore:/usr/sbin/xtables-legacy-multi \
61 200:/usr/sbin/iptables-save:/usr/sbin/xtables-legacy-multi
62 endef
63
64 define Package/iptables-legacy/description
65 IP firewall administration tool.
66
67 Matches:
68 - icmp
69 - tcp
70 - udp
71 - comment
72 - conntrack
73 - limit
74 - mac
75 - mark
76 - multiport
77 - set
78 - state
79 - time
80
81 Targets:
82 - ACCEPT
83 - CT
84 - DNAT
85 - DROP
86 - REJECT
87 - FLOWOFFLOAD
88 - LOG
89 - MARK
90 - MASQUERADE
91 - REDIRECT
92 - SET
93 - SNAT
94 - TCPMSS
95
96 Tables:
97 - filter
98 - mangle
99 - nat
100 - raw
101
102 endef
103
104 define Package/iptables-nft
105 $(call Package/iptables/Default)
106 TITLE:=IP firewall administration tool nft
107 DEPENDS:=@IPTABLES_NFTABLES +libnftnl +libiptext +IPV6:libiptext6 +libiptext-nft +kmod-ipt-core +kmod-nft-compat
108 PROVIDES:=iptables
109 ALTERNATIVES:=\
110 300:/usr/sbin/iptables:/usr/sbin/xtables-nft-multi \
111 300:/usr/sbin/iptables-restore:/usr/sbin/xtables-nft-multi \
112 300:/usr/sbin/iptables-save:/usr/sbin/xtables-nft-multi
113 endef
114
115 define Package/iptables-nft/description
116 Extra iptables nftables nft binaries.
117 iptables-nft
118 iptables-nft-restore
119 iptables-nft-save
120 iptables-translate
121 iptables-restore-translate
122 endef
123
124 define Package/iptables-mod-conntrack-extra
125 $(call Package/iptables/Module, +kmod-ipt-conntrack-extra +kmod-ipt-raw)
126 TITLE:=Extra connection tracking extensions
127 endef
128
129 define Package/iptables-mod-conntrack-extra/description
130 Extra iptables extensions for connection tracking.
131
132 Matches:
133 - connbytes
134 - connlimit
135 - connmark
136 - recent
137 - helper
138
139 Targets:
140 - CONNMARK
141
142 endef
143
144 define Package/iptables-mod-conntrack-label
145 $(call Package/iptables/Module, +kmod-ipt-conntrack-label @IPTABLES_CONNLABEL)
146 TITLE:=Connection tracking labeling extension
147 DEFAULT:=y if IPTABLES_CONNLABEL
148 endef
149
150 define Package/iptables-mod-conntrack-label/description
151 Match and set label(s) on connection tracking entries
152
153 Matches:
154 - connlabel
155
156 endef
157
158 define Package/iptables-mod-filter
159 $(call Package/iptables/Module, +kmod-ipt-filter)
160 TITLE:=Content inspection extensions
161 endef
162
163 define Package/iptables-mod-filter/description
164 iptables extensions for packet content inspection.
165 Includes support for:
166
167 Matches:
168 - string
169 - bpf
170
171 endef
172
173 define Package/iptables-mod-ipopt
174 $(call Package/iptables/Module, +kmod-ipt-ipopt)
175 TITLE:=IP/Packet option extensions
176 endef
177
178 define Package/iptables-mod-ipopt/description
179 iptables extensions for matching/changing IP packet options.
180
181 Matches:
182 - dscp
183 - ecn
184 - length
185 - statistic
186 - tcpmss
187 - unclean
188 - hl
189
190 Targets:
191 - DSCP
192 - CLASSIFY
193 - ECN
194 - HL
195
196 endef
197
198 define Package/iptables-mod-ipsec
199 $(call Package/iptables/Module, +kmod-ipt-ipsec)
200 TITLE:=IPsec extensions
201 endef
202
203 define Package/iptables-mod-ipsec/description
204 iptables extensions for matching ipsec traffic.
205
206 Matches:
207 - ah
208 - esp
209 - policy
210
211 endef
212
213 define Package/iptables-mod-nat-extra
214 $(call Package/iptables/Module, +kmod-ipt-nat-extra)
215 TITLE:=Extra NAT extensions
216 endef
217
218 define Package/iptables-mod-nat-extra/description
219 iptables extensions for extra NAT targets.
220
221 Targets:
222 - MIRROR
223 - NETMAP
224 endef
225
226 define Package/iptables-mod-ulog
227 $(call Package/iptables/Module, +kmod-ipt-ulog)
228 TITLE:=user-space packet logging
229 endef
230
231 define Package/iptables-mod-ulog/description
232 iptables extensions for user-space packet logging.
233
234 Targets:
235 - ULOG
236
237 endef
238
239 define Package/iptables-mod-nflog
240 $(call Package/iptables/Module, +kmod-nfnetlink-log +kmod-ipt-nflog)
241 TITLE:=Netfilter NFLOG target
242 endef
243
244 define Package/iptables-mod-nflog/description
245 iptables extension for user-space logging via NFNETLINK.
246
247 Includes:
248 - libxt_NFLOG
249
250 endef
251
252 define Package/iptables-mod-trace
253 $(call Package/iptables/Module, +kmod-ipt-debug)
254 TITLE:=Netfilter TRACE target
255 endef
256
257 define Package/iptables-mod-trace/description
258 iptables extension for TRACE target
259
260 Includes:
261 - libxt_TRACE
262
263 endef
264
265
266 define Package/iptables-mod-nfqueue
267 $(call Package/iptables/Module, +kmod-nfnetlink-queue +kmod-ipt-nfqueue)
268 TITLE:=Netfilter NFQUEUE target
269 endef
270
271 define Package/iptables-mod-nfqueue/description
272 iptables extension for user-space queuing via NFNETLINK.
273
274 Includes:
275 - libxt_NFQUEUE
276
277 endef
278
279 define Package/iptables-mod-hashlimit
280 $(call Package/iptables/Module, +kmod-ipt-hashlimit)
281 TITLE:=hashlimit matching
282 endef
283
284 define Package/iptables-mod-hashlimit/description
285 iptables extensions for hashlimit matching
286
287 Matches:
288 - hashlimit
289
290 endef
291
292 define Package/iptables-mod-rpfilter
293 $(call Package/iptables/Module, +kmod-ipt-rpfilter)
294 TITLE:=rpfilter iptables extension
295 endef
296
297 define Package/iptables-mod-rpfilter/description
298 iptables extensions for reverse path filter test on a packet
299
300 Matches:
301 - rpfilter
302
303 endef
304
305 define Package/iptables-mod-iprange
306 $(call Package/iptables/Module, +kmod-ipt-iprange)
307 TITLE:=IP range extension
308 endef
309
310 define Package/iptables-mod-iprange/description
311 iptables extensions for matching ip ranges.
312
313 Matches:
314 - iprange
315
316 endef
317
318 define Package/iptables-mod-cluster
319 $(call Package/iptables/Module, +kmod-ipt-cluster)
320 TITLE:=Match cluster extension
321 endef
322
323 define Package/iptables-mod-cluster/description
324 iptables extensions for matching cluster.
325
326 Netfilter (IPv4/IPv6) module for matching cluster
327 This option allows you to build work-load-sharing clusters of
328 network servers/stateful firewalls without having a dedicated
329 load-balancing router/server/switch. Basically, this match returns
330 true when the packet must be handled by this cluster node. Thus,
331 all nodes see all packets and this match decides which node handles
332 what packets. The work-load sharing algorithm is based on source
333 address hashing.
334
335 This module is usable for ipv4 and ipv6.
336
337 If you select it, it enables kmod-ipt-cluster.
338
339 see `iptables -m cluster --help` for more information.
340 endef
341
342 define Package/iptables-mod-clusterip
343 $(call Package/iptables/Module, +kmod-ipt-clusterip)
344 TITLE:=Clusterip extension
345 endef
346
347 define Package/iptables-mod-clusterip/description
348 iptables extensions for CLUSTERIP.
349 The CLUSTERIP target allows you to build load-balancing clusters of
350 network servers without having a dedicated load-balancing
351 router/server/switch.
352
353 If you select it, it enables kmod-ipt-clusterip.
354
355 see `iptables -j CLUSTERIP --help` for more information.
356 endef
357
358 define Package/iptables-mod-extra
359 $(call Package/iptables/Module, +kmod-ipt-extra)
360 TITLE:=Other extra iptables extensions
361 endef
362
363 define Package/iptables-mod-extra/description
364 Other extra iptables extensions.
365
366 Matches:
367 - addrtype
368 - condition
369 - owner
370 - pkttype
371 - quota
372
373 endef
374
375 define Package/iptables-mod-physdev
376 $(call Package/iptables/Module, +kmod-ipt-physdev)
377 TITLE:=physdev iptables extension
378 endef
379
380 define Package/iptables-mod-physdev/description
381 The iptables physdev match.
382 endef
383
384 define Package/iptables-mod-led
385 $(call Package/iptables/Module, +kmod-ipt-led)
386 TITLE:=LED trigger iptables extension
387 endef
388
389 define Package/iptables-mod-led/description
390 iptables extension for triggering a LED.
391
392 Targets:
393 - LED
394
395 endef
396
397 define Package/iptables-mod-socket
398 $(call Package/iptables/Module, +kmod-ipt-socket)
399 TITLE:=Socket match iptables extensions
400 endef
401
402 define Package/iptables-mod-socket/description
403 Socket match iptables extensions.
404
405 Matches:
406 - socket
407
408 endef
409
410 define Package/iptables-mod-tproxy
411 $(call Package/iptables/Module, +kmod-ipt-tproxy)
412 TITLE:=Transparent proxy iptables extensions
413 endef
414
415 define Package/iptables-mod-tproxy/description
416 Transparent proxy iptables extensions.
417
418 Targets:
419 - TPROXY
420
421 endef
422
423 define Package/iptables-mod-tee
424 $(call Package/iptables/Module, +kmod-ipt-tee)
425 TITLE:=TEE iptables extensions
426 endef
427
428 define Package/iptables-mod-tee/description
429 TEE iptables extensions.
430
431 Targets:
432 - TEE
433
434 endef
435
436 define Package/iptables-mod-u32
437 $(call Package/iptables/Module, +kmod-ipt-u32)
438 TITLE:=U32 iptables extensions
439 endef
440
441 define Package/iptables-mod-u32/description
442 U32 iptables extensions.
443
444 Matches:
445 - u32
446
447 endef
448
449 define Package/iptables-mod-checksum
450 $(call Package/iptables/Module, +kmod-ipt-checksum)
451 TITLE:=IP CHECKSUM target extension
452 endef
453
454 define Package/iptables-mod-checksum/description
455 iptables extension for the CHECKSUM calculation target
456 endef
457
458 define Package/ip6tables-legacy
459 $(call Package/iptables/Default)
460 DEPENDS:=@IPV6 +kmod-ip6tables +xtables-legacy
461 CATEGORY:=Network
462 TITLE:=IPv6 firewall administration tool
463 PROVIDES:=ip6tables
464 ALTERNATIVES:=\
465 200:/usr/sbin/ip6tables:/usr/sbin/xtables-legacy-multi \
466 200:/usr/sbin/ip6tables-restore:/usr/sbin/xtables-legacy-multi \
467 200:/usr/sbin/ip6tables-save:/usr/sbin/xtables-legacy-multi
468 endef
469
470 define Package/ip6tables-nft
471 $(call Package/iptables/Default)
472 DEPENDS:=@IPV6 +kmod-ip6tables +iptables-nft
473 TITLE:=IP firewall administration tool nft
474 PROVIDES:=ip6tables
475 ALTERNATIVES:=\
476 300:/usr/sbin/ip6tables:/usr/sbin/xtables-nft-multi \
477 300:/usr/sbin/ip6tables-restore:/usr/sbin/xtables-nft-multi \
478 300:/usr/sbin/ip6tables-save:/usr/sbin/xtables-nft-multi
479 endef
480
481 define Package/ip6tables-nft/description
482 Extra ip6tables nftables nft binaries.
483 ip6tables-nft
484 ip6tables-nft-restore
485 ip6tables-nft-save
486 ip6tables-translate
487 ip6tables-restore-translate
488 endef
489
490 define Package/ip6tables-extra
491 $(call Package/iptables/Default)
492 DEPENDS:=+libxtables +kmod-ip6tables-extra
493 TITLE:=IPv6 header matching modules
494 endef
495
496 define Package/ip6tables-extra/description
497 iptables header matching modules for IPv6
498 endef
499
500 define Package/ip6tables-mod-nat
501 $(call Package/iptables/Default)
502 DEPENDS:=+libxtables +kmod-ipt-nat6
503 TITLE:=IPv6 NAT extensions
504 endef
505
506 define Package/ip6tables-mod-nat/description
507 iptables extensions for IPv6-NAT targets.
508 endef
509
510 define Package/libip4tc
511 $(call Package/iptables/Default)
512 SECTION:=libs
513 CATEGORY:=Libraries
514 TITLE:=IPv4 firewall - shared libiptc library
515 ABI_VERSION:=2
516 endef
517
518 define Package/libip6tc
519 $(call Package/iptables/Default)
520 SECTION:=libs
521 CATEGORY:=Libraries
522 TITLE:=IPv6 firewall - shared libiptc library
523 ABI_VERSION:=2
524 endef
525
526 define Package/libiptext
527 $(call Package/iptables/Default)
528 SECTION:=libs
529 CATEGORY:=Libraries
530 TITLE:=IPv4 firewall - shared libiptext library
531 ABI_VERSION:=0
532 DEPENDS:=+libxtables
533 endef
534
535 define Package/libiptext6
536 $(call Package/iptables/Default)
537 SECTION:=libs
538 CATEGORY:=Libraries
539 TITLE:=IPv6 firewall - shared libiptext library
540 ABI_VERSION:=0
541 DEPENDS:=+libxtables
542 endef
543
544 define Package/libiptext-nft
545 $(call Package/iptables/Default)
546 SECTION:=libs
547 CATEGORY:=Libraries
548 TITLE:=IPv4/IPv6 firewall - shared libiptext nft library
549 ABI_VERSION:=0
550 DEPENDS:=@IPTABLES_NFTABLES +libxtables
551 endef
552
553 define Package/libxtables
554 $(call Package/iptables/Default)
555 SECTION:=libs
556 CATEGORY:=Libraries
557 TITLE:=IPv4/IPv6 firewall - shared xtables library
558 MENU:=1
559 ABI_VERSION:=12
560 DEPENDS:=+IPTABLES_CONNLABEL:libnetfilter-conntrack
561 endef
562
563 define Package/libxtables/config
564 config IPTABLES_CONNLABEL
565 bool "Enable Connlabel support"
566 default n
567 help
568 This enable connlabel support in iptables.
569
570 config IPTABLES_NFTABLES
571 bool "Enable Nftables support"
572 default y
573 help
574 This enable nftables support in iptables.
575 endef
576
577 TARGET_CPPFLAGS := \
578 -I$(PKG_BUILD_DIR)/include \
579 -I$(LINUX_DIR)/user_headers/include \
580 $(TARGET_CPPFLAGS)
581
582 TARGET_CFLAGS += \
583 -I$(PKG_BUILD_DIR)/include \
584 -I$(LINUX_DIR)/user_headers/include \
585 -ffunction-sections -fdata-sections \
586 -DNO_LEGACY
587
588 TARGET_LDFLAGS += \
589 -Wl,--gc-sections
590
591 CONFIGURE_ARGS += \
592 --enable-shared \
593 --enable-static \
594 --enable-devel \
595 --with-kernel="$(LINUX_DIR)/user_headers" \
596 --with-xtlibdir=/usr/lib/iptables \
597 --with-xt-lock-name=/var/run/xtables.lock \
598 $(if $(CONFIG_IPTABLES_CONNLABEL),,--disable-connlabel) \
599 $(if $(CONFIG_IPTABLES_NFTABLES),,--disable-nftables) \
600 $(if $(CONFIG_IPV6),,--disable-ipv6)
601
602 MAKE_FLAGS := \
603 $(TARGET_CONFIGURE_OPTS) \
604 COPT_FLAGS="$(TARGET_CFLAGS)" \
605 KERNEL_DIR="$(LINUX_DIR)/user_headers/" PREFIX=/usr \
606 KBUILD_OUTPUT="$(LINUX_DIR)" \
607 BUILTIN_MODULES="$(patsubst ip6t_%,%,$(patsubst ipt_%,%,$(patsubst xt_%,%,$(IPT_BUILTIN) $(IPT_CONNTRACK-m) $(IPT_NAT-m))))"
608
609 ifneq ($(wildcard $(PKG_BUILD_DIR)/.config_*),$(subst .configured_,.config_,$(STAMP_CONFIGURED)))
610 define Build/Configure/rebuild
611 $(FIND) $(PKG_BUILD_DIR) -name \*.o -or -name \*.\?o -or -name \*.a | $(XARGS) rm -f
612 rm -f $(PKG_BUILD_DIR)/.config_*
613 rm -f $(PKG_BUILD_DIR)/.configured_*
614 touch $(subst .configured_,.config_,$(STAMP_CONFIGURED))
615 endef
616 endif
617
618 define Build/Configure
619 $(Build/Configure/rebuild)
620 $(Build/Configure/Default)
621 endef
622
623 define Build/InstallDev
624 $(INSTALL_DIR) $(1)/usr/include
625 $(INSTALL_DIR) $(1)/usr/include/iptables
626 $(INSTALL_DIR) $(1)/usr/include/net/netfilter
627
628 # XXX: iptables header fixup, some headers are not installed by iptables anymore
629 $(CP) $(PKG_BUILD_DIR)/include/iptables/*.h $(1)/usr/include/iptables/
630 $(CP) $(PKG_BUILD_DIR)/include/iptables.h $(1)/usr/include/
631 $(CP) $(PKG_BUILD_DIR)/include/ip6tables.h $(1)/usr/include/
632 $(CP) $(PKG_BUILD_DIR)/include/libipulog $(1)/usr/include/
633 $(CP) $(PKG_BUILD_DIR)/include/libiptc $(1)/usr/include/
634
635 $(CP) $(PKG_INSTALL_DIR)/usr/include/* $(1)/usr/include/
636 $(INSTALL_DIR) $(1)/usr/lib
637 $(CP) $(PKG_INSTALL_DIR)/usr/lib/libxtables.so* $(1)/usr/lib/
638 $(CP) $(PKG_INSTALL_DIR)/usr/lib/libip*tc.so* $(1)/usr/lib/
639 $(INSTALL_DIR) $(1)/usr/lib/pkgconfig
640 $(CP) $(PKG_INSTALL_DIR)/usr/lib/pkgconfig/xtables.pc $(1)/usr/lib/pkgconfig/
641 $(CP) $(PKG_INSTALL_DIR)/usr/lib/pkgconfig/libip*tc.pc $(1)/usr/lib/pkgconfig/
642
643 # XXX: needed by firewall3
644 $(CP) $(PKG_BUILD_DIR)/extensions/libiptext*.so $(1)/usr/lib/
645 endef
646
647 define Package/xtables-legacy/install
648 $(INSTALL_DIR) $(1)/usr/sbin
649 $(CP) $(PKG_INSTALL_DIR)/usr/sbin/xtables-legacy-multi $(1)/usr/sbin/
650 endef
651
652 define Package/iptables-legacy/install
653 $(INSTALL_DIR) $(1)/usr/sbin
654 $(CP) $(PKG_INSTALL_DIR)/usr/sbin/iptables-legacy{,-restore,-save} $(1)/usr/sbin/
655 $(INSTALL_DIR) $(1)/usr/lib/iptables
656 endef
657
658 define Package/iptables-nft/install
659 $(INSTALL_DIR) $(1)/usr/sbin
660 $(CP) $(PKG_INSTALL_DIR)/usr/sbin/xtables-nft-multi $(1)/usr/sbin/
661 $(CP) $(PKG_INSTALL_DIR)/usr/sbin/iptables-nft{,-restore,-save} $(1)/usr/sbin/
662 $(CP) $(PKG_INSTALL_DIR)/usr/sbin/iptables{,-restore}-translate $(1)/usr/sbin/
663 endef
664
665 define Package/ip6tables-legacy/install
666 $(INSTALL_DIR) $(1)/usr/sbin
667 $(CP) $(PKG_INSTALL_DIR)/usr/sbin/ip6tables-legacy{,-restore,-save} $(1)/usr/sbin/
668 endef
669
670 define Package/ip6tables-nft/install
671 $(INSTALL_DIR) $(1)/usr/sbin
672 $(CP) $(PKG_INSTALL_DIR)/usr/sbin/ip6tables-nft{,-restore,-save} $(1)/usr/sbin/
673 $(CP) $(PKG_INSTALL_DIR)/usr/sbin/ip6tables{,-restore}-translate $(1)/usr/sbin/
674 endef
675
676 define Package/libip4tc/install
677 $(INSTALL_DIR) $(1)/usr/lib
678 $(CP) $(PKG_INSTALL_DIR)/usr/lib/libip4tc.so.* $(1)/usr/lib/
679 endef
680
681 define Package/libip6tc/install
682 $(INSTALL_DIR) $(1)/usr/lib
683 $(CP) $(PKG_INSTALL_DIR)/usr/lib/libip6tc.so.* $(1)/usr/lib/
684 endef
685
686 define Package/libiptext/install
687 $(INSTALL_DIR) $(1)/usr/lib
688 $(CP) $(PKG_BUILD_DIR)/extensions/libiptext.so $(1)/usr/lib/
689 $(CP) $(PKG_BUILD_DIR)/extensions/libiptext4.so $(1)/usr/lib/
690 endef
691
692 define Package/libiptext6/install
693 $(INSTALL_DIR) $(1)/usr/lib
694 $(CP) $(PKG_BUILD_DIR)/extensions/libiptext6.so $(1)/usr/lib/
695 endef
696
697 define Package/libiptext-nft/install
698 $(INSTALL_DIR) $(1)/usr/lib
699 $(CP) $(PKG_BUILD_DIR)/extensions/libiptext_*.so $(1)/usr/lib/
700 endef
701
702 define Package/libxtables/install
703 $(INSTALL_DIR) $(1)/usr/lib
704 $(CP) $(PKG_INSTALL_DIR)/usr/lib/libxtables.so.* $(1)/usr/lib/
705 endef
706
707 define BuildPlugin
708 define Package/$(1)/install
709 $(INSTALL_DIR) $$(1)/usr/lib/iptables
710 for m in $(patsubst xt_%,ipt_%,$(2)) $(patsubst ipt_%,xt_%,$(2)) $(patsubst xt_%,ip6t_%,$(2)) $(patsubst ip6t_%,xt_%,$(2)); do \
711 if [ -f $(PKG_INSTALL_DIR)/usr/lib/iptables/lib$$$$$$$${m}.so ]; then \
712 $(CP) $(PKG_INSTALL_DIR)/usr/lib/iptables/lib$$$$$$$${m}.so $$(1)/usr/lib/iptables/ ; \
713 fi; \
714 done
715 $(3)
716 endef
717
718 $$(eval $$(call BuildPackage,$(1)))
719 endef
720
721 $(eval $(call BuildPackage,libxtables))
722 $(eval $(call BuildPackage,libip4tc))
723 $(eval $(call BuildPackage,libip6tc))
724 $(eval $(call BuildPackage,libiptext))
725 $(eval $(call BuildPackage,libiptext6))
726 $(eval $(call BuildPackage,libiptext-nft))
727 $(eval $(call BuildPackage,xtables-legacy))
728 $(eval $(call BuildPackage,iptables-legacy))
729 $(eval $(call BuildPackage,iptables-nft))
730 $(eval $(call BuildPlugin,iptables-mod-conntrack-extra,$(IPT_CONNTRACK_EXTRA-m)))
731 $(eval $(call BuildPlugin,iptables-mod-conntrack-label,$(IPT_CONNTRACK_LABEL-m)))
732 $(eval $(call BuildPlugin,iptables-mod-extra,$(IPT_EXTRA-m)))
733 $(eval $(call BuildPlugin,iptables-mod-physdev,$(IPT_PHYSDEV-m)))
734 $(eval $(call BuildPlugin,iptables-mod-filter,$(IPT_FILTER-m)))
735 $(eval $(call BuildPlugin,iptables-mod-ipopt,$(IPT_IPOPT-m)))
736 $(eval $(call BuildPlugin,iptables-mod-ipsec,$(IPT_IPSEC-m)))
737 $(eval $(call BuildPlugin,iptables-mod-nat-extra,$(IPT_NAT_EXTRA-m)))
738 $(eval $(call BuildPlugin,iptables-mod-iprange,$(IPT_IPRANGE-m)))
739 $(eval $(call BuildPlugin,iptables-mod-cluster,$(IPT_CLUSTER-m)))
740 $(eval $(call BuildPlugin,iptables-mod-clusterip,$(IPT_CLUSTERIP-m)))
741 $(eval $(call BuildPlugin,iptables-mod-ulog,$(IPT_ULOG-m)))
742 $(eval $(call BuildPlugin,iptables-mod-hashlimit,$(IPT_HASHLIMIT-m)))
743 $(eval $(call BuildPlugin,iptables-mod-rpfilter,$(IPT_RPFILTER-m)))
744 $(eval $(call BuildPlugin,iptables-mod-led,$(IPT_LED-m)))
745 $(eval $(call BuildPlugin,iptables-mod-socket,$(IPT_SOCKET-m)))
746 $(eval $(call BuildPlugin,iptables-mod-tproxy,$(IPT_TPROXY-m)))
747 $(eval $(call BuildPlugin,iptables-mod-tee,$(IPT_TEE-m)))
748 $(eval $(call BuildPlugin,iptables-mod-u32,$(IPT_U32-m)))
749 $(eval $(call BuildPlugin,iptables-mod-nflog,$(IPT_NFLOG-m)))
750 $(eval $(call BuildPlugin,iptables-mod-trace,$(IPT_DEBUG-m)))
751 $(eval $(call BuildPlugin,iptables-mod-nfqueue,$(IPT_NFQUEUE-m)))
752 $(eval $(call BuildPlugin,iptables-mod-checksum,$(IPT_CHECKSUM-m)))
753 $(eval $(call BuildPackage,ip6tables-legacy))
754 $(eval $(call BuildPackage,ip6tables-nft))
755 $(eval $(call BuildPlugin,ip6tables-extra,$(IPT_IPV6_EXTRA-m)))
756 $(eval $(call BuildPlugin,ip6tables-mod-nat,$(IPT_NAT6-m)))
757
Staging tree of dedeckeh