Главная Обзор Помощь
Регистрация Вход
OpenWrt
/
openwrt
зеркало из https://github.com/openwrt/openwrt.git
2
0
Ответвить 0
Файлы Задачи 0 Вики
Дерево: 6c0d6a3cb3
Ветки Метки
openwrt
/
package
/
network
/
utils
/
iptables
/
Makefile

Makefile 13 KB
История Исходник

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549 
  1. #
    2. 

  2. # Copyright (C) 2006-2013 OpenWrt.org
    3. 

  3. #
    4. 

  4. # This is free software, licensed under the GNU General Public License v2.
    5. 

  5. # See /LICENSE for more information.
    6. 

  6. #
    7. 

  7. 

  8. include $(TOPDIR)/rules.mk
    9. 

  9. include $(INCLUDE_DIR)/kernel.mk
    10. 

  10. 

  11. PKG_NAME:=iptables
    12. 

  12. PKG_VERSION:=1.4.21
    13. 

  13. PKG_RELEASE:=1
    14. 

  14. 

  15. PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
    16. 

  16. PKG_SOURCE_URL:=http://www.netfilter.org/projects/iptables/files \
    17. 

  17. 	ftp://ftp.be.netfilter.org/pub/netfilter/iptables/ \
    18. 

  18. 	ftp://ftp.de.netfilter.org/pub/netfilter/iptables/ \
    19. 

  19. 	ftp://ftp.no.netfilter.org/pub/netfilter/iptables/
    20. 

  20. PKG_MD5SUM:=536d048c8e8eeebcd9757d0863ebb0c0
    21. 

  21. 

  22. PKG_FIXUP:=autoreconf
    23. 

  23. PKG_INSTALL:=1
    24. 

  24. PKG_BUILD_PARALLEL:=1
    25. 

  25. PKG_LICENSE:=GPL-2.0
    26. 

  26. 

  27. ifneq ($(CONFIG_EXTERNAL_KERNEL_TREE),"")
    28. 

  28. PATCH_DIR:=
    29. 

  29. endif
    30. 

  30. 

  31. include $(INCLUDE_DIR)/package.mk
    32. 

  32. ifeq ($(DUMP),)
    33. 

  33.   -include $(LINUX_DIR)/.config
    34. 

  34.   include $(INCLUDE_DIR)/netfilter.mk
    35. 

  35.   STAMP_CONFIGURED:=$(strip $(STAMP_CONFIGURED))_$(shell $(SH_FUNC) grep 'NETFILTER' $(LINUX_DIR)/.config | md5s)
    36. 

  36. endif
    37. 

  37. 

  38. 

  39. define Package/iptables/Default
    40. 

  40.   SECTION:=net
    41. 

  41.   CATEGORY:=Network
    42. 

  42.   SUBMENU:=Firewall
    43. 

  43.   URL:=http://netfilter.org/
    44. 

  44. endef
    45. 

  45. 

  46. define Package/iptables/Module
    47. 

  47. $(call Package/iptables/Default)
    48. 

  48.   DEPENDS:=iptables $(1)
    49. 

  49. endef
    50. 

  50. 

  51. define Package/iptables
    52. 

  52. $(call Package/iptables/Default)
    53. 

  53.   TITLE:=IP firewall administration tool
    54. 

  54.   MENU:=1
    55. 

  55.   DEPENDS+= +kmod-ipt-core +libip4tc +IPV6:libip6tc +libxtables
    56. 

  56. endef
    57. 

  57. 

  58. define Package/iptables/description
    59. 

  59. IP firewall administration tool.
    60. 

  60. 

  61.  Matches:
    62. 

  62.   - icmp
    63. 

  63.   - tcp
    64. 

  64.   - udp
    65. 

  65.   - comment
    66. 

  66.   - conntrack
    67. 

  67.   - limit
    68. 

  68.   - mac
    69. 

  69.   - mark
    70. 

  70.   - multiport
    71. 

  71.   - set
    72. 

  72.   - state
    73. 

  73.   - time
    74. 

  74. 

  75.  Targets:
    76. 

  76.   - ACCEPT
    77. 

  77.   - CT
    78. 

  78.   - DNAT
    79. 

  79.   - DROP
    80. 

  80.   - REJECT
    81. 

  81.   - LOG
    82. 

  82.   - MARK
    83. 

  83.   - MASQUERADE
    84. 

  84.   - REDIRECT
    85. 

  85.   - SET
    86. 

  86.   - SNAT
    87. 

  87.   - TCPMSS
    88. 

  88. 

  89.  Tables:
    90. 

  90.   - filter
    91. 

  91.   - mangle
    92. 

  92.   - nat
    93. 

  93.   - raw
    94. 

  94. 

  95. endef
    96. 

  96. 

  97. define Package/iptables-mod-conntrack-extra
    98. 

  98. $(call Package/iptables/Module, +kmod-ipt-conntrack-extra)
    99. 

  99.   TITLE:=Extra connection tracking extensions
    100. 

  100. endef
    101. 

  101. 

  102. define Package/iptables-mod-conntrack-extra/description
    103. 

  103. Extra iptables extensions for connection tracking.
    104. 

  104. 

  105.  Matches:
    106. 

  106.   - connbytes
    107. 

  107.   - connlimit
    108. 

  108.   - connmark
    109. 

  109.   - recent
    110. 

  110.   - helper
    111. 

  111. 

  112.  Targets:
    113. 

  113.   - CONNMARK
    114. 

  114. 

  115. endef
    116. 

  116. 

  117. define Package/iptables-mod-filter
    118. 

  118. $(call Package/iptables/Module, +kmod-ipt-filter)
    119. 

  119.   TITLE:=Content inspection extensions
    120. 

  120. endef
    121. 

  121. 

  122. define Package/iptables-mod-filter/description
    123. 

  123. iptables extensions for packet content inspection.
    124. 

  124. Includes support for:
    125. 

  125. 

  126.  Matches:
    127. 

  127.   - layer7
    128. 

  128.   - string
    129. 

  129. 

  130. endef
    131. 

  131. 

  132. define Package/iptables-mod-ipopt
    133. 

  133. $(call Package/iptables/Module, +kmod-ipt-ipopt)
    134. 

  134.   TITLE:=IP/Packet option extensions
    135. 

  135. endef
    136. 

  136. 

  137. define Package/iptables-mod-ipopt/description
    138. 

  138. iptables extensions for matching/changing IP packet options.
    139. 

  139. 

  140.  Matches:
    141. 

  141.   - dscp
    142. 

  142.   - ecn
    143. 

  143.   - length
    144. 

  144.   - statistic
    145. 

  145.   - tcpmss
    146. 

  146.   - unclean
    147. 

  147.   - hl
    148. 

  148. 

  149.  Targets:
    150. 

  150.   - DSCP
    151. 

  151.   - CLASSIFY
    152. 

  152.   - ECN
    153. 

  153.   - HL
    154. 

  154. 

  155. endef
    156. 

  156. 

  157. define Package/iptables-mod-ipsec
    158. 

  158. $(call Package/iptables/Module, +kmod-ipt-ipsec)
    159. 

  159.   TITLE:=IPsec extensions
    160. 

  160. endef
    161. 

  161. 

  162. define Package/iptables-mod-ipsec/description
    163. 

  163. iptables extensions for matching ipsec traffic.
    164. 

  164. 

  165.  Matches:
    166. 

  166.   - ah
    167. 

  167.   - esp
    168. 

  168.   - policy
    169. 

  169. 

  170. endef
    171. 

  171. 

  172. define Package/iptables-mod-nat-extra
    173. 

  173. $(call Package/iptables/Module, +kmod-ipt-nat-extra)
    174. 

  174.   TITLE:=Extra NAT extensions
    175. 

  175. endef
    176. 

  176. 

  177. define Package/iptables-mod-nat-extra/description
    178. 

  178. iptables extensions for extra NAT targets.
    179. 

  179. 

  180.  Targets:
    181. 

  181.   - MIRROR
    182. 

  182.   - NETMAP
    183. 

  183. endef
    184. 

  184. 

  185. define Package/iptables-mod-ulog
    186. 

  186. $(call Package/iptables/Module, +kmod-ipt-ulog)
    187. 

  187.   TITLE:=user-space packet logging
    188. 

  188. endef
    189. 

  189. 

  190. define Package/iptables-mod-ulog/description
    191. 

  191. iptables extensions for user-space packet logging.
    192. 

  192. 

  193.  Targets:
    194. 

  194.   - ULOG
    195. 

  195. 

  196. endef
    197. 

  197. 

  198. define Package/iptables-mod-nflog
    199. 

  199. $(call Package/iptables/Module, +kmod-nfnetlink-log +kmod-ipt-nflog)
    200. 

  200.   TITLE:=Netfilter NFLOG target
    201. 

  201. endef
    202. 

  202. 

  203. define Package/iptables-mod-nflog/description
    204. 

  204.  iptables extension for user-space logging via NFNETLINK.
    205. 

  205. 

  206.  Includes:
    207. 

  207.   - libxt_NFLOG
    208. 

  208. 

  209. endef
    210. 

  210. 

  211. define Package/iptables-mod-nfqueue
    212. 

  212. $(call Package/iptables/Module, +kmod-nfnetlink-queue +kmod-ipt-nfqueue)
    213. 

  213.   TITLE:=Netfilter NFQUEUE target
    214. 

  214. endef
    215. 

  215. 

  216. define Package/iptables-mod-nfqueue/description
    217. 

  217.  iptables extension for user-space queuing via NFNETLINK.
    218. 

  218. 

  219.  Includes:
    220. 

  220.   - libxt_NFQUEUE
    221. 

  221. 

  222. endef
    223. 

  223. 

  224. define Package/iptables-mod-hashlimit
    225. 

  225. $(call Package/iptables/Module, +kmod-ipt-hashlimit)
    226. 

  226.   TITLE:=hashlimit matching
    227. 

  227. endef
    228. 

  228. 

  229. define Package/iptables-mod-hashlimit/description
    230. 

  230. iptables extensions for hashlimit matching
    231. 

  231. 

  232.  Matches:
    233. 

  233.   - hashlimit
    234. 

  234. 

  235. endef
    236. 

  236. 

  237. define Package/iptables-mod-iprange
    238. 

  238. $(call Package/iptables/Module, +kmod-ipt-iprange)
    239. 

  239.   TITLE:=IP range extension
    240. 

  240. endef
    241. 

  241. 

  242. define Package/iptables-mod-iprange/description
    243. 

  243. iptables extensions for matching ip ranges.
    244. 

  244. 

  245.  Matches:
    246. 

  246.   - iprange
    247. 

  247. 

  248. endef
    249. 

  249. 

  250. define Package/iptables-mod-cluster
    251. 

  251. $(call Package/iptables/Module, +kmod-ipt-cluster)
    252. 

  252.   TITLE:=Match cluster extension
    253. 

  253. endef
    254. 

  254. 

  255. define Package/iptables-mod-cluster/description
    256. 

  256. iptables extensions for matching cluster.
    257. 

  257. 

  258.  Netfilter (IPv4/IPv6) module for matching cluster
    259. 

  259.  This option allows you to build work-load-sharing clusters of
    260. 

  260.  network servers/stateful firewalls without having a dedicated
    261. 

  261.  load-balancing router/server/switch. Basically, this match returns
    262. 

  262.  true when the packet must be handled by this cluster node. Thus,
    263. 

  263.  all nodes see all packets and this match decides which node handles
    264. 

  264.  what packets. The work-load sharing algorithm is based on source
    265. 

  265.  address hashing.
    266. 

  266. 

  267.  This module is usable for ipv4 and ipv6.
    268. 

  268. 

  269.  If you select it, it enables kmod-ipt-cluster.
    270. 

  270. 

  271.  see `iptables -m cluster --help` for more information.
    272. 

  272. endef
    273. 

  273. 

  274. define Package/iptables-mod-clusterip
    275. 

  275. $(call Package/iptables/Module, +kmod-ipt-clusterip)
    276. 

  276.   TITLE:=Clusterip extension
    277. 

  277. endef
    278. 

  278. 

  279. define Package/iptables-mod-clusterip/description
    280. 

  280. iptables extensions for CLUSTERIP.
    281. 

  281.  The CLUSTERIP target allows you to build load-balancing clusters of
    282. 

  282.  network servers without having a dedicated load-balancing
    283. 

  283.  router/server/switch.
    284. 

  284. 

  285.  If you select it, it enables kmod-ipt-clusterip.
    286. 

  286. 

  287.  see `iptables -j CLUSTERIP --help` for more information.
    288. 

  288. endef
    289. 

  289. 

  290. define Package/iptables-mod-extra
    291. 

  291. $(call Package/iptables/Module, +kmod-ipt-extra)
    292. 

  292.   TITLE:=Other extra iptables extensions
    293. 

  293. endef
    294. 

  294. 

  295. define Package/iptables-mod-extra/description
    296. 

  296. Other extra iptables extensions.
    297. 

  297. 

  298.  Matches:
    299. 

  299.   - addrtype
    300. 

  300.   - condition
    301. 

  301.   - owner
    302. 

  302.   - physdev (if ebtables is enabled)
    303. 

  303.   - pkttype
    304. 

  304.   - quota
    305. 

  305. 

  306. endef
    307. 

  307. 

  308. define Package/iptables-mod-led
    309. 

  309. $(call Package/iptables/Module, +kmod-ipt-led)
    310. 

  310.   TITLE:=LED trigger iptables extension
    311. 

  311. endef
    312. 

  312. 

  313. define Package/iptables-mod-led/description
    314. 

  314. iptables extension for triggering a LED.
    315. 

  315. 

  316.  Targets:
    317. 

  317.   - LED
    318. 

  318. 

  319. endef
    320. 

  320. 

  321. define Package/iptables-mod-tproxy
    322. 

  322. $(call Package/iptables/Module, +kmod-ipt-tproxy)
    323. 

  323.   TITLE:=Transparent proxy iptables extensions
    324. 

  324. endef
    325. 

  325. 

  326. define Package/iptables-mod-tproxy/description
    327. 

  327. Transparent proxy iptables extensions.
    328. 

  328. 

  329.  Matches:
    330. 

  330.   - socket
    331. 

  331. 

  332.  Targets:
    333. 

  333.   - TPROXY
    334. 

  334. 

  335. endef
    336. 

  336. 

  337. define Package/iptables-mod-tee
    338. 

  338. $(call Package/iptables/Module, +kmod-ipt-tee)
    339. 

  339.   TITLE:=TEE iptables extensions
    340. 

  340. endef
    341. 

  341. 

  342. define Package/iptables-mod-tee/description
    343. 

  343. TEE iptables extensions.
    344. 

  344. 

  345.  Targets:
    346. 

  346.   - TEE
    347. 

  347. 

  348. endef
    349. 

  349. 

  350. define Package/iptables-mod-u32
    351. 

  351. $(call Package/iptables/Module, +kmod-ipt-u32)
    352. 

  352.   TITLE:=U32 iptables extensions
    353. 

  353. endef
    354. 

  354. 

  355. define Package/iptables-mod-u32/description
    356. 

  356. U32 iptables extensions.
    357. 

  357. 

  358.  Matches:
    359. 

  359.   - u32
    360. 

  360. 

  361. endef
    362. 

  362. 

  363. define Package/ip6tables
    364. 

  364. $(call Package/iptables/Default)
    365. 

  365.   DEPENDS:=@IPV6 +kmod-ip6tables +iptables
    366. 

  366.   CATEGORY:=Network
    367. 

  367.   TITLE:=IPv6 firewall administration tool
    368. 

  368.   MENU:=1
    369. 

  369. endef
    370. 

  370. 

  371. 

  372. define Package/ip6tables-extra
    373. 

  373. $(call Package/iptables/Default)
    374. 

  374.   DEPENDS:=ip6tables +kmod-ip6tables-extra
    375. 

  375.   TITLE:=IPv6 header matching modules
    376. 

  376. endef
    377. 

  377. 

  378. define Package/ip6tables-mod-extra/description
    379. 

  379. iptables header matching modules for IPv6
    380. 

  380. endef
    381. 

  381. 

  382. define Package/ip6tables-mod-nat
    383. 

  383. $(call Package/iptables/Default)
    384. 

  384.   DEPENDS:=ip6tables +kmod-ipt-nat6
    385. 

  385.   TITLE:=IPv6 NAT extensions
    386. 

  386. endef
    387. 

  387. 

  388. define Package/ip6tables-mod-nat/description
    389. 

  389. iptables extensions for IPv6-NAT targets.
    390. 

  390. endef
    391. 

  391. 

  392. define Package/libiptc
    393. 

  393. $(call Package/iptables/Default)
    394. 

  394.   SECTION:=libs
    395. 

  395.   CATEGORY:=Libraries
    396. 

  396.   DEPENDS:=+libip4tc +IPV6:libip6tc
    397. 

  397.   TITLE:=IPv4/IPv6 firewall - shared libiptc library (compatibility stub)
    398. 

  398. endef
    399. 

  399. 

  400. define Package/libip4tc
    401. 

  401. $(call Package/iptables/Default)
    402. 

  402.   SECTION:=libs
    403. 

  403.   CATEGORY:=Libraries
    404. 

  404.   TITLE:=IPv4 firewall - shared libiptc library
    405. 

  405. endef
    406. 

  406. 

  407. define Package/libip6tc
    408. 

  408. $(call Package/iptables/Default)
    409. 

  409.   SECTION:=libs
    410. 

  410.   CATEGORY:=Libraries
    411. 

  411.   TITLE:=IPv6 firewall - shared libiptc library
    412. 

  412. endef
    413. 

  413. 

  414. define Package/libxtables
    415. 

  415.  $(call Package/iptables/Default)
    416. 

  416.  SECTION:=libs
    417. 

  417.  CATEGORY:=Libraries
    418. 

  418.  TITLE:=IPv4/IPv6 firewall - shared xtables library
    419. 

  419. endef
    420. 

  420. 

  421. TARGET_CPPFLAGS := \
    422. 

  422. 	-I$(PKG_BUILD_DIR)/include \
    423. 

  423. 	-I$(LINUX_DIR)/user_headers/include \
    424. 

  424. 	$(TARGET_CPPFLAGS)
    425. 

  425. 

  426. TARGET_CFLAGS += \
    427. 

  427. 	-I$(PKG_BUILD_DIR)/include \
    428. 

  428. 	-I$(LINUX_DIR)/user_headers/include \
    429. 

  429. 	-ffunction-sections -fdata-sections
    430. 

  430. 

  431. TARGET_LDFLAGS += \
    432. 

  432. 	-Wl,--gc-sections
    433. 

  433. 

  434. CONFIGURE_ARGS += \
    435. 

  435. 	--enable-shared \
    436. 

  436. 	--enable-devel \
    437. 

  437. 	--with-kernel="$(LINUX_DIR)/user_headers" \
    438. 

  438. 	--with-xtlibdir=/usr/lib/iptables \
    439. 

  439. 	--enable-static \
    440. 

  440. 	$(if $(CONFIG_IPV6),,--disable-ipv6)
    441. 

  441. 

  442. MAKE_FLAGS := \
    443. 

  443. 	$(TARGET_CONFIGURE_OPTS) \
    444. 

  444. 	COPT_FLAGS="$(TARGET_CFLAGS)" \
    445. 

  445. 	KERNEL_DIR="$(LINUX_DIR)/user_headers/" PREFIX=/usr \
    446. 

  446. 	KBUILD_OUTPUT="$(LINUX_DIR)" \
    447. 

  447. 	BUILTIN_MODULES="$(patsubst ip6t_%,%,$(patsubst ipt_%,%,$(patsubst xt_%,%,$(IPT_BUILTIN) $(IPT_CONNTRACK-m) $(IPT_NAT-m))))"
    448. 

  448. 

  449. define Build/InstallDev
    450. 

  450. 	$(INSTALL_DIR) $(1)/usr/include
    451. 

  451. 	$(INSTALL_DIR) $(1)/usr/include/iptables
    452. 

  452. 	$(INSTALL_DIR) $(1)/usr/include/net/netfilter
    453. 

  453. 

  454. 	# XXX: iptables header fixup, some headers are not installed by iptables anymore
    455. 

  455. 	$(CP) $(PKG_BUILD_DIR)/include/iptables/*.h $(1)/usr/include/iptables/
    456. 

  456. 	$(CP) $(PKG_BUILD_DIR)/include/iptables.h $(1)/usr/include/
    457. 

  457. 	$(CP) $(PKG_BUILD_DIR)/include/ip6tables.h $(1)/usr/include/
    458. 

  458. 	$(CP) $(PKG_BUILD_DIR)/include/libipulog $(1)/usr/include/
    459. 

  459. 	$(CP) $(PKG_BUILD_DIR)/include/libiptc $(1)/usr/include/
    460. 

  460. 

  461. 	$(CP) $(PKG_INSTALL_DIR)/usr/include/* $(1)/usr/include/
    462. 

  462. 	$(INSTALL_DIR) $(1)/usr/lib
    463. 

  463. 	$(CP) $(PKG_INSTALL_DIR)/usr/lib/libxtables.so* $(1)/usr/lib/
    464. 

  464. 	$(CP) $(PKG_INSTALL_DIR)/usr/lib/libip*tc.so* $(1)/usr/lib/
    465. 

  465. 	$(INSTALL_DIR) $(1)/usr/lib/pkgconfig
    466. 

  466. 	$(CP) $(PKG_INSTALL_DIR)/usr/lib/pkgconfig/xtables.pc $(1)/usr/lib/pkgconfig/
    467. 

  467. 	$(CP) $(PKG_INSTALL_DIR)/usr/lib/pkgconfig/libip*tc.pc $(1)/usr/lib/pkgconfig/
    468. 

  468. 

  469. 	# XXX: needed by firewall3
    470. 

  470. 	$(INSTALL_DIR) $(1)/usr/lib/iptables
    471. 

  471. 	$(CP) $(PKG_BUILD_DIR)/extensions/libext*.a $(1)/usr/lib/iptables/
    472. 

  472. endef
    473. 

  473. 

  474. define Package/iptables/install
    475. 

  475. 	$(INSTALL_DIR) $(1)/usr/sbin
    476. 

  476. 	$(CP) $(PKG_INSTALL_DIR)/usr/sbin/xtables-multi $(1)/usr/sbin/
    477. 

  477. 	$(CP) $(PKG_INSTALL_DIR)/usr/sbin/iptables{,-restore,-save} $(1)/usr/sbin/
    478. 

  478. 	$(INSTALL_DIR) $(1)/usr/lib/iptables
    479. 

  479. endef
    480. 

  480. 

  481. define Package/ip6tables/install
    482. 

  482. 	$(INSTALL_DIR) $(1)/usr/sbin
    483. 

  483. 	$(CP) $(PKG_INSTALL_DIR)/usr/sbin/ip6tables{,-restore,-save} $(1)/usr/sbin/
    484. 

  484. endef
    485. 

  485. 

  486. define Package/libiptc/install
    487. 

  487. 	$(INSTALL_DIR) $(1)/usr/lib
    488. 

  488. 	$(CP) $(PKG_INSTALL_DIR)/usr/lib/libiptc.so* $(1)/usr/lib/
    489. 

  489. endef
    490. 

  490. 

  491. define Package/libip4tc/install
    492. 

  492. 	$(INSTALL_DIR) $(1)/usr/lib
    493. 

  493. 	$(CP) $(PKG_INSTALL_DIR)/usr/lib/libip4tc.so* $(1)/usr/lib/
    494. 

  494. endef
    495. 

  495. 

  496. define Package/libip6tc/install
    497. 

  497. 	$(INSTALL_DIR) $(1)/usr/lib
    498. 

  498. 	$(CP) $(PKG_INSTALL_DIR)/usr/lib/libip6tc.so* $(1)/usr/lib/
    499. 

  499. endef
    500. 

  500. 

  501. define Package/libxtables/install
    502. 

  502. 	$(INSTALL_DIR) $(1)/usr/lib
    503. 

  503. 	$(CP) $(PKG_INSTALL_DIR)/usr/lib/libxtables.so* $(1)/usr/lib/
    504. 

  504. endef
    505. 

  505. 

  506. define BuildPlugin
    507. 

  507.   define Package/$(1)/install
    508. 

  508. 	$(INSTALL_DIR) $$(1)/usr/lib/iptables
    509. 

  509. 	for m in $(patsubst xt_%,ipt_%,$(2)) $(patsubst ipt_%,xt_%,$(2)) $(patsubst xt_%,ip6t_%,$(2)) $(patsubst ip6t_%,xt_%,$(2)); do \
    510. 

  510. 		if [ -f $(PKG_INSTALL_DIR)/usr/lib/iptables/lib$$$$$$$${m}.so ]; then \
    511. 

  511. 			$(CP) $(PKG_INSTALL_DIR)/usr/lib/iptables/lib$$$$$$$${m}.so $$(1)/usr/lib/iptables/ ; \
    512. 

  512. 		fi; \
    513. 

  513. 	done
    514. 

  514. 	$(3)
    515. 

  515.   endef
    516. 

  516. 

  517.   $$(eval $$(call BuildPackage,$(1)))
    518. 

  518. endef
    519. 

  519. 

  520. L7_INSTALL:=\
    521. 

  521. 	$(INSTALL_DIR) $$(1)/etc/l7-protocols; \
    522. 

  522. 	$(CP) files/l7/*.pat $$(1)/etc/l7-protocols/
    523. 

  523. 

  524. 

  525. $(eval $(call BuildPackage,iptables))
    526. 

  526. $(eval $(call BuildPlugin,iptables-mod-conntrack-extra,$(IPT_CONNTRACK_EXTRA-m)))
    527. 

  527. $(eval $(call BuildPlugin,iptables-mod-extra,$(IPT_EXTRA-m)))
    528. 

  528. $(eval $(call BuildPlugin,iptables-mod-filter,$(IPT_FILTER-m),$(L7_INSTALL)))
    529. 

  529. $(eval $(call BuildPlugin,iptables-mod-ipopt,$(IPT_IPOPT-m)))
    530. 

  530. $(eval $(call BuildPlugin,iptables-mod-ipsec,$(IPT_IPSEC-m)))
    531. 

  531. $(eval $(call BuildPlugin,iptables-mod-nat-extra,$(IPT_NAT_EXTRA-m)))
    532. 

  532. $(eval $(call BuildPlugin,iptables-mod-iprange,$(IPT_IPRANGE-m)))
    533. 

  533. $(eval $(call BuildPlugin,iptables-mod-cluster,$(IPT_CLUSTER-m)))
    534. 

  534. $(eval $(call BuildPlugin,iptables-mod-clusterip,$(IPT_CLUSTERIP-m)))
    535. 

  535. $(eval $(call BuildPlugin,iptables-mod-ulog,$(IPT_ULOG-m)))
    536. 

  536. $(eval $(call BuildPlugin,iptables-mod-hashlimit,$(IPT_HASHLIMIT-m)))
    537. 

  537. $(eval $(call BuildPlugin,iptables-mod-led,$(IPT_LED-m)))
    538. 

  538. $(eval $(call BuildPlugin,iptables-mod-tproxy,$(IPT_TPROXY-m)))
    539. 

  539. $(eval $(call BuildPlugin,iptables-mod-tee,$(IPT_TEE-m)))
    540. 

  540. $(eval $(call BuildPlugin,iptables-mod-u32,$(IPT_U32-m)))
    541. 

  541. $(eval $(call BuildPlugin,iptables-mod-nflog,$(IPT_NFLOG-m)))
    542. 

  542. $(eval $(call BuildPlugin,iptables-mod-nfqueue,$(IPT_NFQUEUE-m)))
    543. 

  543. $(eval $(call BuildPackage,ip6tables))
    544. 

  544. $(eval $(call BuildPlugin,ip6tables-extra,$(IPT_IPV6_EXTRA-m)))
    545. 

  545. $(eval $(call BuildPlugin,ip6tables-mod-nat,$(IPT_NAT6-m)))
    546. 

  546. $(eval $(call BuildPackage,libiptc))
    547. 

  547. $(eval $(call BuildPackage,libip4tc))
    548. 

  548. $(eval $(call BuildPackage,libip6tc))
    549. 

  549. $(eval $(call BuildPackage,libxtables))
    550.