projects / openwrt / staging / ansuel.git / blob
? search:


78d29089a3fd080122da9289649f5352d4da34af
[openwrt/staging/ansuel.git] / package / network / utils / iptables / Makefile
1 #
2 # Copyright (C) 2006-2016 OpenWrt.org
3 #
4 # This is free software, licensed under the GNU General Public License v2.
5 # See /LICENSE for more information.
6 #
7
8 include $(TOPDIR)/rules.mk
9 include $(INCLUDE_DIR)/kernel.mk
10
11 PKG_NAME:=iptables
12 PKG_VERSION:=1.8.7
13 PKG_RELEASE:=2
14
15 PKG_SOURCE_URL:=https://netfilter.org/projects/iptables/files
16 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
17 PKG_HASH:=c109c96bb04998cd44156622d36f8e04b140701ec60531a10668cfdff5e8d8f0
18
19 PKG_FIXUP:=autoreconf
20 PKG_FLAGS:=nonshared
21
22 PKG_INSTALL:=1
23 PKG_BUILD_PARALLEL:=1
24 PKG_LICENSE:=GPL-2.0
25 PKG_CPE_ID:=cpe:/a:netfilter_core_team:iptables
26
27 include $(INCLUDE_DIR)/package.mk
28 ifeq ($(DUMP),)
29 -include $(LINUX_DIR)/.config
30 include $(INCLUDE_DIR)/netfilter.mk
31 STAMP_CONFIGURED:=$(strip $(STAMP_CONFIGURED))_$(shell grep 'NETFILTER' $(LINUX_DIR)/.config | $(MKHASH) md5)
32 endif
33
34
35 define Package/iptables/Default
36 SECTION:=net
37 CATEGORY:=Network
38 SUBMENU:=Firewall
39 URL:=https://netfilter.org/
40 endef
41
42 define Package/iptables/Module
43 $(call Package/iptables/Default)
44 DEPENDS:=+libxtables $(1)
45 endef
46
47 define Package/iptables
48 $(call Package/iptables/Default)
49 TITLE:=IP firewall administration tool
50 DEPENDS+= +kmod-ipt-core +libip4tc +IPV6:libip6tc +libxtables
51 ALTERNATIVES:=\
52 200:/usr/sbin/iptables:/usr/sbin/xtables-legacy-multi \
53 200:/usr/sbin/iptables-restore:/usr/sbin/xtables-legacy-multi \
54 200:/usr/sbin/iptables-save:/usr/sbin/xtables-legacy-multi
55 endef
56
57 define Package/iptables/description
58 IP firewall administration tool.
59
60 Matches:
61 - icmp
62 - tcp
63 - udp
64 - comment
65 - conntrack
66 - limit
67 - mac
68 - mark
69 - multiport
70 - set
71 - state
72 - time
73
74 Targets:
75 - ACCEPT
76 - CT
77 - DNAT
78 - DROP
79 - REJECT
80 - FLOWOFFLOAD
81 - LOG
82 - MARK
83 - MASQUERADE
84 - REDIRECT
85 - SET
86 - SNAT
87 - TCPMSS
88
89 Tables:
90 - filter
91 - mangle
92 - nat
93 - raw
94
95 endef
96
97 define Package/iptables-nft
98 $(call Package/iptables/Default)
99 TITLE:=IP firewall administration tool nft
100 DEPENDS:=@IPTABLES_NFTABLES +libnftnl +libxtables-nft +libip4tc +IPV6:libip6tc +kmod-ipt-core +kmod-nft-compat
101 ALTERNATIVES:=\
102 300:/usr/sbin/iptables:/usr/sbin/xtables-nft-multi \
103 300:/usr/sbin/iptables-restore:/usr/sbin/xtables-nft-multi \
104 300:/usr/sbin/iptables-save:/usr/sbin/xtables-nft-multi
105 endef
106
107 define Package/iptables-nft/description
108 Extra iptables nftables nft binaries.
109 iptables-nft
110 iptables-nft-restore
111 iptables-nft-save
112 iptables-translate
113 iptables-restore-translate
114 endef
115
116 define Package/iptables-mod-conntrack-extra
117 $(call Package/iptables/Module, +kmod-ipt-conntrack-extra +kmod-ipt-raw)
118 TITLE:=Extra connection tracking extensions
119 endef
120
121 define Package/iptables-mod-conntrack-extra/description
122 Extra iptables extensions for connection tracking.
123
124 Matches:
125 - connbytes
126 - connlimit
127 - connmark
128 - recent
129 - helper
130
131 Targets:
132 - CONNMARK
133
134 endef
135
136 define Package/iptables-mod-conntrack-label
137 $(call Package/iptables/Module, +kmod-ipt-conntrack-label @IPTABLES_CONNLABEL)
138 TITLE:=Connection tracking labeling extension
139 DEFAULT:=y if IPTABLES_CONNLABEL
140 endef
141
142 define Package/iptables-mod-conntrack-label/description
143 Match and set label(s) on connection tracking entries
144
145 Matches:
146 - connlabel
147
148 endef
149
150 define Package/iptables-mod-filter
151 $(call Package/iptables/Module, +kmod-ipt-filter)
152 TITLE:=Content inspection extensions
153 endef
154
155 define Package/iptables-mod-filter/description
156 iptables extensions for packet content inspection.
157 Includes support for:
158
159 Matches:
160 - string
161 - bpf
162
163 endef
164
165 define Package/iptables-mod-ipopt
166 $(call Package/iptables/Module, +kmod-ipt-ipopt)
167 TITLE:=IP/Packet option extensions
168 endef
169
170 define Package/iptables-mod-ipopt/description
171 iptables extensions for matching/changing IP packet options.
172
173 Matches:
174 - dscp
175 - ecn
176 - length
177 - statistic
178 - tcpmss
179 - unclean
180 - hl
181
182 Targets:
183 - DSCP
184 - CLASSIFY
185 - ECN
186 - HL
187
188 endef
189
190 define Package/iptables-mod-ipsec
191 $(call Package/iptables/Module, +kmod-ipt-ipsec)
192 TITLE:=IPsec extensions
193 endef
194
195 define Package/iptables-mod-ipsec/description
196 iptables extensions for matching ipsec traffic.
197
198 Matches:
199 - ah
200 - esp
201 - policy
202
203 endef
204
205 define Package/iptables-mod-nat-extra
206 $(call Package/iptables/Module, +kmod-ipt-nat-extra)
207 TITLE:=Extra NAT extensions
208 endef
209
210 define Package/iptables-mod-nat-extra/description
211 iptables extensions for extra NAT targets.
212
213 Targets:
214 - MIRROR
215 - NETMAP
216 endef
217
218 define Package/iptables-mod-ulog
219 $(call Package/iptables/Module, +kmod-ipt-ulog)
220 TITLE:=user-space packet logging
221 endef
222
223 define Package/iptables-mod-ulog/description
224 iptables extensions for user-space packet logging.
225
226 Targets:
227 - ULOG
228
229 endef
230
231 define Package/iptables-mod-nflog
232 $(call Package/iptables/Module, +kmod-nfnetlink-log +kmod-ipt-nflog)
233 TITLE:=Netfilter NFLOG target
234 endef
235
236 define Package/iptables-mod-nflog/description
237 iptables extension for user-space logging via NFNETLINK.
238
239 Includes:
240 - libxt_NFLOG
241
242 endef
243
244 define Package/iptables-mod-trace
245 $(call Package/iptables/Module, +kmod-ipt-debug)
246 TITLE:=Netfilter TRACE target
247 endef
248
249 define Package/iptables-mod-trace/description
250 iptables extension for TRACE target
251
252 Includes:
253 - libxt_TRACE
254
255 endef
256
257
258 define Package/iptables-mod-nfqueue
259 $(call Package/iptables/Module, +kmod-nfnetlink-queue +kmod-ipt-nfqueue)
260 TITLE:=Netfilter NFQUEUE target
261 endef
262
263 define Package/iptables-mod-nfqueue/description
264 iptables extension for user-space queuing via NFNETLINK.
265
266 Includes:
267 - libxt_NFQUEUE
268
269 endef
270
271 define Package/iptables-mod-hashlimit
272 $(call Package/iptables/Module, +kmod-ipt-hashlimit)
273 TITLE:=hashlimit matching
274 endef
275
276 define Package/iptables-mod-hashlimit/description
277 iptables extensions for hashlimit matching
278
279 Matches:
280 - hashlimit
281
282 endef
283
284 define Package/iptables-mod-rpfilter
285 $(call Package/iptables/Module, +kmod-ipt-rpfilter)
286 TITLE:=rpfilter iptables extension
287 endef
288
289 define Package/iptables-mod-rpfilter/description
290 iptables extensions for reverse path filter test on a packet
291
292 Matches:
293 - rpfilter
294
295 endef
296
297 define Package/iptables-mod-iprange
298 $(call Package/iptables/Module, +kmod-ipt-iprange)
299 TITLE:=IP range extension
300 endef
301
302 define Package/iptables-mod-iprange/description
303 iptables extensions for matching ip ranges.
304
305 Matches:
306 - iprange
307
308 endef
309
310 define Package/iptables-mod-cluster
311 $(call Package/iptables/Module, +kmod-ipt-cluster)
312 TITLE:=Match cluster extension
313 endef
314
315 define Package/iptables-mod-cluster/description
316 iptables extensions for matching cluster.
317
318 Netfilter (IPv4/IPv6) module for matching cluster
319 This option allows you to build work-load-sharing clusters of
320 network servers/stateful firewalls without having a dedicated
321 load-balancing router/server/switch. Basically, this match returns
322 true when the packet must be handled by this cluster node. Thus,
323 all nodes see all packets and this match decides which node handles
324 what packets. The work-load sharing algorithm is based on source
325 address hashing.
326
327 This module is usable for ipv4 and ipv6.
328
329 If you select it, it enables kmod-ipt-cluster.
330
331 see `iptables -m cluster --help` for more information.
332 endef
333
334 define Package/iptables-mod-clusterip
335 $(call Package/iptables/Module, +kmod-ipt-clusterip)
336 TITLE:=Clusterip extension
337 endef
338
339 define Package/iptables-mod-clusterip/description
340 iptables extensions for CLUSTERIP.
341 The CLUSTERIP target allows you to build load-balancing clusters of
342 network servers without having a dedicated load-balancing
343 router/server/switch.
344
345 If you select it, it enables kmod-ipt-clusterip.
346
347 see `iptables -j CLUSTERIP --help` for more information.
348 endef
349
350 define Package/iptables-mod-extra
351 $(call Package/iptables/Module, +kmod-ipt-extra)
352 TITLE:=Other extra iptables extensions
353 endef
354
355 define Package/iptables-mod-extra/description
356 Other extra iptables extensions.
357
358 Matches:
359 - addrtype
360 - condition
361 - owner
362 - pkttype
363 - quota
364
365 endef
366
367 define Package/iptables-mod-physdev
368 $(call Package/iptables/Module, +kmod-ipt-physdev)
369 TITLE:=physdev iptables extension
370 endef
371
372 define Package/iptables-mod-physdev/description
373 The iptables physdev match.
374 endef
375
376 define Package/iptables-mod-led
377 $(call Package/iptables/Module, +kmod-ipt-led)
378 TITLE:=LED trigger iptables extension
379 endef
380
381 define Package/iptables-mod-led/description
382 iptables extension for triggering a LED.
383
384 Targets:
385 - LED
386
387 endef
388
389 define Package/iptables-mod-tproxy
390 $(call Package/iptables/Module, +kmod-ipt-tproxy)
391 TITLE:=Transparent proxy iptables extensions
392 endef
393
394 define Package/iptables-mod-tproxy/description
395 Transparent proxy iptables extensions.
396
397 Matches:
398 - socket
399
400 Targets:
401 - TPROXY
402
403 endef
404
405 define Package/iptables-mod-tee
406 $(call Package/iptables/Module, +kmod-ipt-tee)
407 TITLE:=TEE iptables extensions
408 endef
409
410 define Package/iptables-mod-tee/description
411 TEE iptables extensions.
412
413 Targets:
414 - TEE
415
416 endef
417
418 define Package/iptables-mod-u32
419 $(call Package/iptables/Module, +kmod-ipt-u32)
420 TITLE:=U32 iptables extensions
421 endef
422
423 define Package/iptables-mod-u32/description
424 U32 iptables extensions.
425
426 Matches:
427 - u32
428
429 endef
430
431 define Package/iptables-mod-checksum
432 $(call Package/iptables/Module, +kmod-ipt-checksum)
433 TITLE:=IP CHECKSUM target extension
434 endef
435
436 define Package/iptables-mod-checksum/description
437 iptables extension for the CHECKSUM calculation target
438 endef
439
440 define Package/ip6tables
441 $(call Package/iptables/Default)
442 DEPENDS:=@IPV6 +kmod-ip6tables +iptables
443 CATEGORY:=Network
444 TITLE:=IPv6 firewall administration tool
445 ALTERNATIVES:=\
446 200:/usr/sbin/ip6tables:/usr/sbin/xtables-legacy-multi \
447 200:/usr/sbin/ip6tables-restore:/usr/sbin/xtables-legacy-multi \
448 200:/usr/sbin/ip6tables-save:/usr/sbin/xtables-legacy-multi
449 endef
450
451 define Package/ip6tables-nft
452 $(call Package/iptables/Default)
453 DEPENDS:=@IPV6 +kmod-ip6tables +iptables-nft
454 TITLE:=IP firewall administration tool nft
455 ALTERNATIVES:=\
456 300:/usr/sbin/ip6tables:/usr/sbin/xtables-nft-multi \
457 300:/usr/sbin/ip6tables-restore:/usr/sbin/xtables-nft-multi \
458 300:/usr/sbin/ip6tables-save:/usr/sbin/xtables-nft-multi
459 endef
460
461 define Package/ip6tables-nft/description
462 Extra ip6tables nftables nft binaries.
463 ip6tables-nft
464 ip6tables-nft-restore
465 ip6tables-nft-save
466 ip6tables-translate
467 ip6tables-restore-translate
468 endef
469
470 define Package/ip6tables-extra
471 $(call Package/iptables/Default)
472 DEPENDS:=+libxtables +kmod-ip6tables-extra
473 TITLE:=IPv6 header matching modules
474 endef
475
476 define Package/ip6tables-extra/description
477 iptables header matching modules for IPv6
478 endef
479
480 define Package/ip6tables-mod-nat
481 $(call Package/iptables/Default)
482 DEPENDS:=+libxtables +kmod-ipt-nat6
483 TITLE:=IPv6 NAT extensions
484 endef
485
486 define Package/ip6tables-mod-nat/description
487 iptables extensions for IPv6-NAT targets.
488 endef
489
490 define Package/libip4tc
491 $(call Package/iptables/Default)
492 SECTION:=libs
493 CATEGORY:=Libraries
494 TITLE:=IPv4 firewall - shared libiptc library
495 ABI_VERSION:=2
496 DEPENDS:=+libxtables
497 endef
498
499 define Package/libip6tc
500 $(call Package/iptables/Default)
501 SECTION:=libs
502 CATEGORY:=Libraries
503 TITLE:=IPv6 firewall - shared libiptc library
504 ABI_VERSION:=2
505 DEPENDS:=+libxtables
506 endef
507
508 define Package/libxtables
509 $(call Package/iptables/Default)
510 SECTION:=libs
511 CATEGORY:=Libraries
512 TITLE:=IPv4/IPv6 firewall - shared xtables library
513 MENU:=1
514 ABI_VERSION:=12
515 DEPENDS:=+IPTABLES_CONNLABEL:libnetfilter-conntrack
516 endef
517
518 define Package/libxtables/config
519 config IPTABLES_CONNLABEL
520 bool "Enable Connlabel support"
521 default n
522 help
523 This enable connlabel support in iptables.
524
525 config IPTABLES_NFTABLES
526 bool "Enable Nftables support"
527 default y
528 help
529 This enable nftables support in iptables.
530 endef
531
532 define Package/libxtables-nft
533 $(call Package/iptables/Default)
534 SECTION:=libs
535 CATEGORY:=Libraries
536 TITLE:=IPv4/IPv6 firewall - shared xtables nft library
537 ABI_VERSION:=12
538 DEPENDS:=@IPTABLES_NFTABLES +libxtables
539 endef
540
541 TARGET_CPPFLAGS := \
542 -I$(PKG_BUILD_DIR)/include \
543 -I$(LINUX_DIR)/user_headers/include \
544 $(TARGET_CPPFLAGS)
545
546 TARGET_CFLAGS += \
547 -I$(PKG_BUILD_DIR)/include \
548 -I$(LINUX_DIR)/user_headers/include \
549 -ffunction-sections -fdata-sections \
550 -DNO_LEGACY
551
552 TARGET_LDFLAGS += \
553 -Wl,--gc-sections
554
555 CONFIGURE_ARGS += \
556 --enable-shared \
557 --enable-static \
558 --enable-devel \
559 --with-kernel="$(LINUX_DIR)/user_headers" \
560 --with-xtlibdir=/usr/lib/iptables \
561 --with-xt-lock-name=/var/run/xtables.lock \
562 $(if $(CONFIG_IPTABLES_CONNLABEL),,--disable-connlabel) \
563 $(if $(CONFIG_IPTABLES_NFTABLES),,--disable-nftables) \
564 $(if $(CONFIG_IPV6),,--disable-ipv6)
565
566 MAKE_FLAGS := \
567 $(TARGET_CONFIGURE_OPTS) \
568 COPT_FLAGS="$(TARGET_CFLAGS)" \
569 KERNEL_DIR="$(LINUX_DIR)/user_headers/" PREFIX=/usr \
570 KBUILD_OUTPUT="$(LINUX_DIR)" \
571 BUILTIN_MODULES="$(patsubst ip6t_%,%,$(patsubst ipt_%,%,$(patsubst xt_%,%,$(IPT_BUILTIN) $(IPT_CONNTRACK-m) $(IPT_NAT-m))))"
572
573 ifneq ($(wildcard $(PKG_BUILD_DIR)/.config_*),$(subst .configured_,.config_,$(STAMP_CONFIGURED)))
574 define Build/Configure/rebuild
575 $(FIND) $(PKG_BUILD_DIR) -name \*.o -or -name \*.\?o -or -name \*.a | $(XARGS) rm -f
576 rm -f $(PKG_BUILD_DIR)/.config_*
577 rm -f $(PKG_BUILD_DIR)/.configured_*
578 touch $(subst .configured_,.config_,$(STAMP_CONFIGURED))
579 endef
580 endif
581
582 define Build/Configure
583 $(Build/Configure/rebuild)
584 $(Build/Configure/Default)
585 endef
586
587 define Build/InstallDev
588 $(INSTALL_DIR) $(1)/usr/include
589 $(INSTALL_DIR) $(1)/usr/include/iptables
590 $(INSTALL_DIR) $(1)/usr/include/net/netfilter
591
592 # XXX: iptables header fixup, some headers are not installed by iptables anymore
593 $(CP) $(PKG_BUILD_DIR)/include/iptables/*.h $(1)/usr/include/iptables/
594 $(CP) $(PKG_BUILD_DIR)/include/iptables.h $(1)/usr/include/
595 $(CP) $(PKG_BUILD_DIR)/include/ip6tables.h $(1)/usr/include/
596 $(CP) $(PKG_BUILD_DIR)/include/libipulog $(1)/usr/include/
597 $(CP) $(PKG_BUILD_DIR)/include/libiptc $(1)/usr/include/
598
599 $(CP) $(PKG_INSTALL_DIR)/usr/include/* $(1)/usr/include/
600 $(INSTALL_DIR) $(1)/usr/lib
601 $(CP) $(PKG_INSTALL_DIR)/usr/lib/libxtables.so* $(1)/usr/lib/
602 $(CP) $(PKG_INSTALL_DIR)/usr/lib/libip*tc.so* $(1)/usr/lib/
603 $(INSTALL_DIR) $(1)/usr/lib/pkgconfig
604 $(CP) $(PKG_INSTALL_DIR)/usr/lib/pkgconfig/xtables.pc $(1)/usr/lib/pkgconfig/
605 $(CP) $(PKG_INSTALL_DIR)/usr/lib/pkgconfig/libip*tc.pc $(1)/usr/lib/pkgconfig/
606
607 # XXX: needed by firewall3
608 $(CP) $(PKG_BUILD_DIR)/extensions/libiptext*.so $(1)/usr/lib/
609 endef
610
611 define Package/iptables/install
612 $(INSTALL_DIR) $(1)/usr/sbin
613 $(CP) $(PKG_INSTALL_DIR)/usr/sbin/xtables-legacy-multi $(1)/usr/sbin/
614 $(CP) $(PKG_INSTALL_DIR)/usr/sbin/iptables-legacy{,-restore,-save} $(1)/usr/sbin/
615 $(INSTALL_DIR) $(1)/usr/lib/iptables
616 endef
617
618 define Package/iptables-nft/install
619 $(INSTALL_DIR) $(1)/usr/sbin
620 $(CP) $(PKG_INSTALL_DIR)/usr/sbin/xtables-nft-multi $(1)/usr/sbin/
621 $(CP) $(PKG_INSTALL_DIR)/usr/sbin/iptables-nft{,-restore,-save} $(1)/usr/sbin/
622 $(CP) $(PKG_INSTALL_DIR)/usr/sbin/iptables{,-restore}-translate $(1)/usr/sbin/
623 endef
624
625 define Package/ip6tables/install
626 $(INSTALL_DIR) $(1)/usr/sbin
627 $(CP) $(PKG_INSTALL_DIR)/usr/sbin/ip6tables-legacy{,-restore,-save} $(1)/usr/sbin/
628 endef
629
630 define Package/ip6tables-nft/install
631 $(INSTALL_DIR) $(1)/usr/sbin
632 $(CP) $(PKG_INSTALL_DIR)/usr/sbin/ip6tables-nft{,-restore,-save} $(1)/usr/sbin/
633 $(CP) $(PKG_INSTALL_DIR)/usr/sbin/ip6tables{,-restore}-translate $(1)/usr/sbin/
634 endef
635
636 define Package/libip4tc/install
637 $(INSTALL_DIR) $(1)/usr/lib
638 $(CP) $(PKG_INSTALL_DIR)/usr/lib/libip4tc.so.* $(1)/usr/lib/
639 $(CP) $(PKG_BUILD_DIR)/extensions/libiptext4.so $(1)/usr/lib/
640 endef
641
642 define Package/libip6tc/install
643 $(INSTALL_DIR) $(1)/usr/lib
644 $(CP) $(PKG_INSTALL_DIR)/usr/lib/libip6tc.so.* $(1)/usr/lib/
645 $(CP) $(PKG_BUILD_DIR)/extensions/libiptext6.so $(1)/usr/lib/
646 endef
647
648 define Package/libxtables/install
649 $(INSTALL_DIR) $(1)/usr/lib
650 $(CP) $(PKG_INSTALL_DIR)/usr/lib/libxtables.so.* $(1)/usr/lib/
651 $(CP) $(PKG_BUILD_DIR)/extensions/libiptext.so $(1)/usr/lib/
652 endef
653
654 define Package/libxtables-nft/install
655 $(INSTALL_DIR) $(1)/usr/lib
656 $(CP) $(PKG_BUILD_DIR)/extensions/libiptext_*.so $(1)/usr/lib/
657 endef
658
659 define BuildPlugin
660 define Package/$(1)/install
661 $(INSTALL_DIR) $$(1)/usr/lib/iptables
662 for m in $(patsubst xt_%,ipt_%,$(2)) $(patsubst ipt_%,xt_%,$(2)) $(patsubst xt_%,ip6t_%,$(2)) $(patsubst ip6t_%,xt_%,$(2)); do \
663 if [ -f $(PKG_INSTALL_DIR)/usr/lib/iptables/lib$$$$$$$${m}.so ]; then \
664 $(CP) $(PKG_INSTALL_DIR)/usr/lib/iptables/lib$$$$$$$${m}.so $$(1)/usr/lib/iptables/ ; \
665 fi; \
666 done
667 $(3)
668 endef
669
670 $$(eval $$(call BuildPackage,$(1)))
671 endef
672
673 $(eval $(call BuildPackage,libxtables))
674 $(eval $(call BuildPackage,libxtables-nft))
675 $(eval $(call BuildPackage,libip4tc))
676 $(eval $(call BuildPackage,libip6tc))
677 $(eval $(call BuildPackage,iptables))
678 $(eval $(call BuildPackage,iptables-nft))
679 $(eval $(call BuildPlugin,iptables-mod-conntrack-extra,$(IPT_CONNTRACK_EXTRA-m)))
680 $(eval $(call BuildPlugin,iptables-mod-conntrack-label,$(IPT_CONNTRACK_LABEL-m)))
681 $(eval $(call BuildPlugin,iptables-mod-extra,$(IPT_EXTRA-m)))
682 $(eval $(call BuildPlugin,iptables-mod-physdev,$(IPT_PHYSDEV-m)))
683 $(eval $(call BuildPlugin,iptables-mod-filter,$(IPT_FILTER-m)))
684 $(eval $(call BuildPlugin,iptables-mod-ipopt,$(IPT_IPOPT-m)))
685 $(eval $(call BuildPlugin,iptables-mod-ipsec,$(IPT_IPSEC-m)))
686 $(eval $(call BuildPlugin,iptables-mod-nat-extra,$(IPT_NAT_EXTRA-m)))
687 $(eval $(call BuildPlugin,iptables-mod-iprange,$(IPT_IPRANGE-m)))
688 $(eval $(call BuildPlugin,iptables-mod-cluster,$(IPT_CLUSTER-m)))
689 $(eval $(call BuildPlugin,iptables-mod-clusterip,$(IPT_CLUSTERIP-m)))
690 $(eval $(call BuildPlugin,iptables-mod-ulog,$(IPT_ULOG-m)))
691 $(eval $(call BuildPlugin,iptables-mod-hashlimit,$(IPT_HASHLIMIT-m)))
692 $(eval $(call BuildPlugin,iptables-mod-rpfilter,$(IPT_RPFILTER-m)))
693 $(eval $(call BuildPlugin,iptables-mod-led,$(IPT_LED-m)))
694 $(eval $(call BuildPlugin,iptables-mod-tproxy,$(IPT_TPROXY-m)))
695 $(eval $(call BuildPlugin,iptables-mod-tee,$(IPT_TEE-m)))
696 $(eval $(call BuildPlugin,iptables-mod-u32,$(IPT_U32-m)))
697 $(eval $(call BuildPlugin,iptables-mod-nflog,$(IPT_NFLOG-m)))
698 $(eval $(call BuildPlugin,iptables-mod-trace,$(IPT_DEBUG-m)))
699 $(eval $(call BuildPlugin,iptables-mod-nfqueue,$(IPT_NFQUEUE-m)))
700 $(eval $(call BuildPlugin,iptables-mod-checksum,$(IPT_CHECKSUM-m)))
701 $(eval $(call BuildPackage,ip6tables))
702 $(eval $(call BuildPackage,ip6tables-nft))
703 $(eval $(call BuildPlugin,ip6tables-extra,$(IPT_IPV6_EXTRA-m)))
704 $(eval $(call BuildPlugin,ip6tables-mod-nat,$(IPT_NAT6-m)))
705
Staging tree of Christian Marangi