Главная Обзор Помощь
Регистрация Вход
OpenWrt
/
openwrt
зеркало из https://github.com/openwrt/openwrt.git
2
0
Ответвить 0
Файлы Задачи 0 Вики
Дерево: 8d755ef052
Ветки Метки
openwrt
/
package
/
network
/
utils
/
iptables
/
Makefile

Makefile 15 KB
История Исходник

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620 
  1. #
    2. 

  2. # Copyright (C) 2006-2016 OpenWrt.org
    3. 

  3. #
    4. 

  4. # This is free software, licensed under the GNU General Public License v2.
    5. 

  5. # See /LICENSE for more information.
    6. 

  6. #
    7. 

  7. 

  8. include $(TOPDIR)/rules.mk
    9. 

  9. include $(INCLUDE_DIR)/kernel.mk
    10. 

  10. 

  11. PKG_NAME:=iptables
    12. 

  12. PKG_VERSION:=1.6.1
    13. 

  13. PKG_RELEASE:=1
    14. 

  14. 

  15. PKG_SOURCE_PROTO:=git
    16. 

  16. PKG_SOURCE_URL:=https://git.netfilter.org/iptables
    17. 

  17. PKG_SOURCE_VERSION:=7df66f1c13563cfbab75246b009ce36f69ee4487
    18. 

  18. PKG_MIRROR_HASH:=22f15ef41fd8e3724bedcee666b7b6a3491d2d038d580ef1fb032718dcb73f14
    19. 

  19. 

  20. PKG_FIXUP:=autoreconf
    21. 

  21. 

  22. PKG_INSTALL:=1
    23. 

  23. PKG_BUILD_PARALLEL:=1
    24. 

  24. PKG_LICENSE:=GPL-2.0
    25. 

  25. PKG_CPE_ID:=cpe:/a:netfilter_core_team:iptables
    26. 

  26. 

  27. include $(INCLUDE_DIR)/package.mk
    28. 

  28. ifeq ($(DUMP),)
    29. 

  29.   -include $(LINUX_DIR)/.config
    30. 

  30.   include $(INCLUDE_DIR)/netfilter.mk
    31. 

  31.   STAMP_CONFIGURED:=$(strip $(STAMP_CONFIGURED))_$(shell grep 'NETFILTER' $(LINUX_DIR)/.config | mkhash md5)
    32. 

  32. endif
    33. 

  33. 

  34. 

  35. define Package/iptables/Default
    36. 

  36.   SECTION:=net
    37. 

  37.   CATEGORY:=Network
    38. 

  38.   SUBMENU:=Firewall
    39. 

  39.   URL:=http://netfilter.org/
    40. 

  40. endef
    41. 

  41. 

  42. define Package/iptables/Module
    43. 

  43. $(call Package/iptables/Default)
    44. 

  44.   DEPENDS:=iptables $(1)
    45. 

  45. endef
    46. 

  46. 

  47. define Package/iptables
    48. 

  48. $(call Package/iptables/Default)
    49. 

  49.   TITLE:=IP firewall administration tool
    50. 

  50.   MENU:=1
    51. 

  51.   DEPENDS+= +kmod-ipt-core +libip4tc +IPV6:libip6tc +libxtables
    52. 

  52. endef
    53. 

  53. 

  54. define Package/iptables/config
    55. 

  55.   config IPTABLES_CONNLABEL
    56. 

  56. 	bool "Enable Connlabel support"
    57. 

  57. 	default n
    58. 

  58. 	help
    59. 

  59. 		This enable connlabel support in iptables.
    60. 

  60. 

  61.   config IPTABLES_NFTABLES
    62. 

  62. 	bool "Enable Nftables support"
    63. 

  63. 	default n
    64. 

  64. 	help
    65. 

  65. 		This enable nftables support in iptables.
    66. 

  66. endef
    67. 

  67. 

  68. define Package/iptables/description
    69. 

  69. IP firewall administration tool.
    70. 

  70. 

  71.  Matches:
    72. 

  72.   - icmp
    73. 

  73.   - tcp
    74. 

  74.   - udp
    75. 

  75.   - comment
    76. 

  76.   - conntrack
    77. 

  77.   - limit
    78. 

  78.   - mac
    79. 

  79.   - mark
    80. 

  80.   - multiport
    81. 

  81.   - set
    82. 

  82.   - state
    83. 

  83.   - time
    84. 

  84. 

  85.  Targets:
    86. 

  86.   - ACCEPT
    87. 

  87.   - CT
    88. 

  88.   - DNAT
    89. 

  89.   - DROP
    90. 

  90.   - REJECT
    91. 

  91.   - LOG
    92. 

  92.   - MARK
    93. 

  93.   - MASQUERADE
    94. 

  94.   - REDIRECT
    95. 

  95.   - SET
    96. 

  96.   - SNAT
    97. 

  97.   - TCPMSS
    98. 

  98. 

  99.  Tables:
    100. 

  100.   - filter
    101. 

  101.   - mangle
    102. 

  102.   - nat
    103. 

  103.   - raw
    104. 

  104. 

  105. endef
    106. 

  106. 

  107. define Package/iptables-mod-conntrack-extra
    108. 

  108. $(call Package/iptables/Module, +kmod-ipt-conntrack-extra)
    109. 

  109.   TITLE:=Extra connection tracking extensions
    110. 

  110. endef
    111. 

  111. 

  112. define Package/iptables-mod-conntrack-extra/description
    113. 

  113. Extra iptables extensions for connection tracking.
    114. 

  114. 

  115.  Matches:
    116. 

  116.   - connbytes
    117. 

  117.   - connlimit
    118. 

  118.   - connmark
    119. 

  119.   - recent
    120. 

  120.   - helper
    121. 

  121. 

  122.  Targets:
    123. 

  123.   - CONNMARK
    124. 

  124. 

  125. endef
    126. 

  126. 

  127. define Package/iptables-mod-filter
    128. 

  128. $(call Package/iptables/Module, +kmod-ipt-filter)
    129. 

  129.   TITLE:=Content inspection extensions
    130. 

  130. endef
    131. 

  131. 

  132. define Package/iptables-mod-filter/description
    133. 

  133. iptables extensions for packet content inspection.
    134. 

  134. Includes support for:
    135. 

  135. 

  136.  Matches:
    137. 

  137.   - string
    138. 

  138. 

  139. endef
    140. 

  140. 

  141. define Package/iptables-mod-ipopt
    142. 

  142. $(call Package/iptables/Module, +kmod-ipt-ipopt)
    143. 

  143.   TITLE:=IP/Packet option extensions
    144. 

  144. endef
    145. 

  145. 

  146. define Package/iptables-mod-ipopt/description
    147. 

  147. iptables extensions for matching/changing IP packet options.
    148. 

  148. 

  149.  Matches:
    150. 

  150.   - dscp
    151. 

  151.   - ecn
    152. 

  152.   - length
    153. 

  153.   - statistic
    154. 

  154.   - tcpmss
    155. 

  155.   - unclean
    156. 

  156.   - hl
    157. 

  157. 

  158.  Targets:
    159. 

  159.   - DSCP
    160. 

  160.   - CLASSIFY
    161. 

  161.   - ECN
    162. 

  162.   - HL
    163. 

  163. 

  164. endef
    165. 

  165. 

  166. define Package/iptables-mod-ipsec
    167. 

  167. $(call Package/iptables/Module, +kmod-ipt-ipsec)
    168. 

  168.   TITLE:=IPsec extensions
    169. 

  169. endef
    170. 

  170. 

  171. define Package/iptables-mod-ipsec/description
    172. 

  172. iptables extensions for matching ipsec traffic.
    173. 

  173. 

  174.  Matches:
    175. 

  175.   - ah
    176. 

  176.   - esp
    177. 

  177.   - policy
    178. 

  178. 

  179. endef
    180. 

  180. 

  181. define Package/iptables-mod-nat-extra
    182. 

  182. $(call Package/iptables/Module, +kmod-ipt-nat-extra)
    183. 

  183.   TITLE:=Extra NAT extensions
    184. 

  184. endef
    185. 

  185. 

  186. define Package/iptables-mod-nat-extra/description
    187. 

  187. iptables extensions for extra NAT targets.
    188. 

  188. 

  189.  Targets:
    190. 

  190.   - MIRROR
    191. 

  191.   - NETMAP
    192. 

  192. endef
    193. 

  193. 

  194. define Package/iptables-mod-ulog
    195. 

  195. $(call Package/iptables/Module, +kmod-ipt-ulog)
    196. 

  196.   TITLE:=user-space packet logging
    197. 

  197. endef
    198. 

  198. 

  199. define Package/iptables-mod-ulog/description
    200. 

  200. iptables extensions for user-space packet logging.
    201. 

  201. 

  202.  Targets:
    203. 

  203.   - ULOG
    204. 

  204. 

  205. endef
    206. 

  206. 

  207. define Package/iptables-mod-nflog
    208. 

  208. $(call Package/iptables/Module, +kmod-nfnetlink-log +kmod-ipt-nflog)
    209. 

  209.   TITLE:=Netfilter NFLOG target
    210. 

  210. endef
    211. 

  211. 

  212. define Package/iptables-mod-nflog/description
    213. 

  213.  iptables extension for user-space logging via NFNETLINK.
    214. 

  214. 

  215.  Includes:
    216. 

  216.   - libxt_NFLOG
    217. 

  217. 

  218. endef
    219. 

  219. 

  220. define Package/iptables-mod-trace
    221. 

  221. $(call Package/iptables/Module, +kmod-ipt-debug +kmod-ipt-raw)
    222. 

  222.   TITLE:=Netfilter TRACE target
    223. 

  223. endef
    224. 

  224. 

  225. define Package/iptables-mod-trace/description
    226. 

  226.  iptables extension for TRACE target
    227. 

  227. 

  228.  Includes:
    229. 

  229.   - libxt_TRACE
    230. 

  230. 

  231. endef
    232. 

  232. 

  233. 

  234. define Package/iptables-mod-nfqueue
    235. 

  235. $(call Package/iptables/Module, +kmod-nfnetlink-queue +kmod-ipt-nfqueue)
    236. 

  236.   TITLE:=Netfilter NFQUEUE target
    237. 

  237. endef
    238. 

  238. 

  239. define Package/iptables-mod-nfqueue/description
    240. 

  240.  iptables extension for user-space queuing via NFNETLINK.
    241. 

  241. 

  242.  Includes:
    243. 

  243.   - libxt_NFQUEUE
    244. 

  244. 

  245. endef
    246. 

  246. 

  247. define Package/iptables-mod-hashlimit
    248. 

  248. $(call Package/iptables/Module, +kmod-ipt-hashlimit)
    249. 

  249.   TITLE:=hashlimit matching
    250. 

  250. endef
    251. 

  251. 

  252. define Package/iptables-mod-hashlimit/description
    253. 

  253. iptables extensions for hashlimit matching
    254. 

  254. 

  255.  Matches:
    256. 

  256.   - hashlimit
    257. 

  257. 

  258. endef
    259. 

  259. 

  260. define Package/iptables-mod-rpfilter
    261. 

  261. $(call Package/iptables/Module, +kmod-ipt-rpfilter)
    262. 

  262.   TITLE:=rpfilter iptables extension
    263. 

  263. endef
    264. 

  264. 

  265. define Package/iptables-mod-rpfilter/description
    266. 

  266. iptables extensions for reverse path filter test on a packet
    267. 

  267. 

  268.  Matches:
    269. 

  269.   - rpfilter
    270. 

  270. 

  271. endef
    272. 

  272. 

  273. define Package/iptables-mod-iprange
    274. 

  274. $(call Package/iptables/Module, +kmod-ipt-iprange)
    275. 

  275.   TITLE:=IP range extension
    276. 

  276. endef
    277. 

  277. 

  278. define Package/iptables-mod-iprange/description
    279. 

  279. iptables extensions for matching ip ranges.
    280. 

  280. 

  281.  Matches:
    282. 

  282.   - iprange
    283. 

  283. 

  284. endef
    285. 

  285. 

  286. define Package/iptables-mod-cluster
    287. 

  287. $(call Package/iptables/Module, +kmod-ipt-cluster)
    288. 

  288.   TITLE:=Match cluster extension
    289. 

  289. endef
    290. 

  290. 

  291. define Package/iptables-mod-cluster/description
    292. 

  292. iptables extensions for matching cluster.
    293. 

  293. 

  294.  Netfilter (IPv4/IPv6) module for matching cluster
    295. 

  295.  This option allows you to build work-load-sharing clusters of
    296. 

  296.  network servers/stateful firewalls without having a dedicated
    297. 

  297.  load-balancing router/server/switch. Basically, this match returns
    298. 

  298.  true when the packet must be handled by this cluster node. Thus,
    299. 

  299.  all nodes see all packets and this match decides which node handles
    300. 

  300.  what packets. The work-load sharing algorithm is based on source
    301. 

  301.  address hashing.
    302. 

  302. 

  303.  This module is usable for ipv4 and ipv6.
    304. 

  304. 

  305.  If you select it, it enables kmod-ipt-cluster.
    306. 

  306. 

  307.  see `iptables -m cluster --help` for more information.
    308. 

  308. endef
    309. 

  309. 

  310. define Package/iptables-mod-clusterip
    311. 

  311. $(call Package/iptables/Module, +kmod-ipt-clusterip)
    312. 

  312.   TITLE:=Clusterip extension
    313. 

  313. endef
    314. 

  314. 

  315. define Package/iptables-mod-clusterip/description
    316. 

  316. iptables extensions for CLUSTERIP.
    317. 

  317.  The CLUSTERIP target allows you to build load-balancing clusters of
    318. 

  318.  network servers without having a dedicated load-balancing
    319. 

  319.  router/server/switch.
    320. 

  320. 

  321.  If you select it, it enables kmod-ipt-clusterip.
    322. 

  322. 

  323.  see `iptables -j CLUSTERIP --help` for more information.
    324. 

  324. endef
    325. 

  325. 

  326. define Package/iptables-mod-extra
    327. 

  327. $(call Package/iptables/Module, +kmod-ipt-extra)
    328. 

  328.   TITLE:=Other extra iptables extensions
    329. 

  329. endef
    330. 

  330. 

  331. define Package/iptables-mod-extra/description
    332. 

  332. Other extra iptables extensions.
    333. 

  333. 

  334.  Matches:
    335. 

  335.   - addrtype
    336. 

  336.   - condition
    337. 

  337.   - owner
    338. 

  338.   - physdev (if ebtables is enabled)
    339. 

  339.   - pkttype
    340. 

  340.   - quota
    341. 

  341. 

  342. endef
    343. 

  343. 

  344. define Package/iptables-mod-led
    345. 

  345. $(call Package/iptables/Module, +kmod-ipt-led)
    346. 

  346.   TITLE:=LED trigger iptables extension
    347. 

  347. endef
    348. 

  348. 

  349. define Package/iptables-mod-led/description
    350. 

  350. iptables extension for triggering a LED.
    351. 

  351. 

  352.  Targets:
    353. 

  353.   - LED
    354. 

  354. 

  355. endef
    356. 

  356. 

  357. define Package/iptables-mod-tproxy
    358. 

  358. $(call Package/iptables/Module, +kmod-ipt-tproxy)
    359. 

  359.   TITLE:=Transparent proxy iptables extensions
    360. 

  360. endef
    361. 

  361. 

  362. define Package/iptables-mod-tproxy/description
    363. 

  363. Transparent proxy iptables extensions.
    364. 

  364. 

  365.  Matches:
    366. 

  366.   - socket
    367. 

  367. 

  368.  Targets:
    369. 

  369.   - TPROXY
    370. 

  370. 

  371. endef
    372. 

  372. 

  373. define Package/iptables-mod-tee
    374. 

  374. $(call Package/iptables/Module, +kmod-ipt-tee)
    375. 

  375.   TITLE:=TEE iptables extensions
    376. 

  376. endef
    377. 

  377. 

  378. define Package/iptables-mod-tee/description
    379. 

  379. TEE iptables extensions.
    380. 

  380. 

  381.  Targets:
    382. 

  382.   - TEE
    383. 

  383. 

  384. endef
    385. 

  385. 

  386. define Package/iptables-mod-u32
    387. 

  387. $(call Package/iptables/Module, +kmod-ipt-u32)
    388. 

  388.   TITLE:=U32 iptables extensions
    389. 

  389. endef
    390. 

  390. 

  391. define Package/iptables-mod-u32/description
    392. 

  392. U32 iptables extensions.
    393. 

  393. 

  394.  Matches:
    395. 

  395.   - u32
    396. 

  396. 

  397. endef
    398. 

  398. 

  399. define Package/iptables-mod-checksum
    400. 

  400. $(call Package/iptables/Module, +kmod-ipt-checksum)
    401. 

  401.   TITLE:=IP CHECKSUM target extension
    402. 

  402. endef
    403. 

  403. 

  404. define Package/iptables-mod-checksum/description
    405. 

  405. iptables extension for the CHECKSUM calculation target
    406. 

  406. endef
    407. 

  407. 

  408. define Package/ip6tables
    409. 

  409. $(call Package/iptables/Default)
    410. 

  410.   DEPENDS:=@IPV6 +kmod-ip6tables +iptables
    411. 

  411.   CATEGORY:=Network
    412. 

  412.   TITLE:=IPv6 firewall administration tool
    413. 

  413.   MENU:=1
    414. 

  414. endef
    415. 

  415. 

  416. 

  417. define Package/ip6tables-extra
    418. 

  418. $(call Package/iptables/Default)
    419. 

  419.   DEPENDS:=ip6tables +kmod-ip6tables-extra
    420. 

  420.   TITLE:=IPv6 header matching modules
    421. 

  421. endef
    422. 

  422. 

  423. define Package/ip6tables-mod-extra/description
    424. 

  424. iptables header matching modules for IPv6
    425. 

  425. endef
    426. 

  426. 

  427. define Package/ip6tables-mod-nat
    428. 

  428. $(call Package/iptables/Default)
    429. 

  429.   DEPENDS:=ip6tables +kmod-ipt-nat6
    430. 

  430.   TITLE:=IPv6 NAT extensions
    431. 

  431. endef
    432. 

  432. 

  433. define Package/ip6tables-mod-nat/description
    434. 

  434. iptables extensions for IPv6-NAT targets.
    435. 

  435. endef
    436. 

  436. 

  437. define Package/libiptc
    438. 

  438. $(call Package/iptables/Default)
    439. 

  439.   SECTION:=libs
    440. 

  440.   CATEGORY:=Libraries
    441. 

  441.   DEPENDS:=+libip4tc +libip6tc +libxtables
    442. 

  442.   ABI_VERSION:=$(PKG_VERSION)
    443. 

  443.   TITLE:=IPv4/IPv6 firewall - shared libiptc library (compatibility stub)
    444. 

  444. endef
    445. 

  445. 

  446. define Package/libip4tc
    447. 

  447. $(call Package/iptables/Default)
    448. 

  448.   SECTION:=libs
    449. 

  449.   CATEGORY:=Libraries
    450. 

  450.   TITLE:=IPv4 firewall - shared libiptc library
    451. 

  451.   ABI_VERSION:=$(PKG_VERSION)
    452. 

  452.   DEPENDS:=+libxtables
    453. 

  453. endef
    454. 

  454. 

  455. define Package/libip6tc
    456. 

  456. $(call Package/iptables/Default)
    457. 

  457.   SECTION:=libs
    458. 

  458.   CATEGORY:=Libraries
    459. 

  459.   TITLE:=IPv6 firewall - shared libiptc library
    460. 

  460.   ABI_VERSION:=$(PKG_VERSION)
    461. 

  461.   DEPENDS:=+libxtables
    462. 

  462. endef
    463. 

  463. 

  464. define Package/libxtables
    465. 

  465.  $(call Package/iptables/Default)
    466. 

  466.  SECTION:=libs
    467. 

  467.  CATEGORY:=Libraries
    468. 

  468.  TITLE:=IPv4/IPv6 firewall - shared xtables library
    469. 

  469.  ABI_VERSION:=$(PKG_VERSION)
    470. 

  470.  DEPENDS:= \
    471. 

  471. 	+IPTABLES_CONNLABEL:libnetfilter-conntrack \
    472. 

  472. 	+IPTABLES_NFTABLES:libnftnl
    473. 

  473. endef
    474. 

  474. 

  475. TARGET_CPPFLAGS := \
    476. 

  476. 	-I$(PKG_BUILD_DIR)/include \
    477. 

  477. 	-I$(LINUX_DIR)/user_headers/include \
    478. 

  478. 	$(TARGET_CPPFLAGS)
    479. 

  479. 

  480. TARGET_CFLAGS += \
    481. 

  481. 	-I$(PKG_BUILD_DIR)/include \
    482. 

  482. 	-I$(LINUX_DIR)/user_headers/include \
    483. 

  483. 	-ffunction-sections -fdata-sections \
    484. 

  484. 	-DNO_LEGACY
    485. 

  485. 

  486. TARGET_LDFLAGS += \
    487. 

  487. 	-Wl,--gc-sections
    488. 

  488. 

  489. CONFIGURE_ARGS += \
    490. 

  490. 	--enable-shared \
    491. 

  491. 	--enable-static \
    492. 

  492. 	--enable-devel \
    493. 

  493. 	--with-kernel="$(LINUX_DIR)/user_headers" \
    494. 

  494. 	--with-xtlibdir=/usr/lib/iptables \
    495. 

  495. 	$(if $(CONFIG_IPTABLES_CONNLABEL),,--disable-connlabel) \
    496. 

  496. 	$(if $(CONFIG_IPTABLES_NFTABLES),,--disable-nftables) \
    497. 

  497. 	$(if $(CONFIG_IPV6),,--disable-ipv6)
    498. 

  498. 

  499. MAKE_FLAGS := \
    500. 

  500. 	$(TARGET_CONFIGURE_OPTS) \
    501. 

  501. 	COPT_FLAGS="$(TARGET_CFLAGS)" \
    502. 

  502. 	KERNEL_DIR="$(LINUX_DIR)/user_headers/" PREFIX=/usr \
    503. 

  503. 	KBUILD_OUTPUT="$(LINUX_DIR)" \
    504. 

  504. 	BUILTIN_MODULES="$(patsubst ip6t_%,%,$(patsubst ipt_%,%,$(patsubst xt_%,%,$(IPT_BUILTIN) $(IPT_CONNTRACK-m) $(IPT_NAT-m))))"
    505. 

  505. 

  506. ifneq ($(wildcard $(PKG_BUILD_DIR)/.config_*),$(subst .configured_,.config_,$(STAMP_CONFIGURED)))
    507. 

  507.   define Build/Configure/rebuild
    508. 

  508. 	$(FIND) $(PKG_BUILD_DIR) -name \*.o -or -name \*.\?o -or -name \*.a | $(XARGS) rm -f
    509. 

  509. 	rm -f $(PKG_BUILD_DIR)/.config_*
    510. 

  510. 	rm -f $(PKG_BUILD_DIR)/.configured_*
    511. 

  511. 	touch $(subst .configured_,.config_,$(STAMP_CONFIGURED))
    512. 

  512.   endef
    513. 

  513. endif
    514. 

  514. 

  515. define Build/Configure
    516. 

  516. $(Build/Configure/rebuild)
    517. 

  517. $(Build/Configure/Default)
    518. 

  518. endef
    519. 

  519. 

  520. define Build/InstallDev
    521. 

  521. 	$(INSTALL_DIR) $(1)/usr/include
    522. 

  522. 	$(INSTALL_DIR) $(1)/usr/include/iptables
    523. 

  523. 	$(INSTALL_DIR) $(1)/usr/include/net/netfilter
    524. 

  524. 

  525. 	# XXX: iptables header fixup, some headers are not installed by iptables anymore
    526. 

  526. 	$(CP) $(PKG_BUILD_DIR)/include/iptables/*.h $(1)/usr/include/iptables/
    527. 

  527. 	$(CP) $(PKG_BUILD_DIR)/include/iptables.h $(1)/usr/include/
    528. 

  528. 	$(CP) $(PKG_BUILD_DIR)/include/ip6tables.h $(1)/usr/include/
    529. 

  529. 	$(CP) $(PKG_BUILD_DIR)/include/libipulog $(1)/usr/include/
    530. 

  530. 	$(CP) $(PKG_BUILD_DIR)/include/libiptc $(1)/usr/include/
    531. 

  531. 

  532. 	$(CP) $(PKG_INSTALL_DIR)/usr/include/* $(1)/usr/include/
    533. 

  533. 	$(INSTALL_DIR) $(1)/usr/lib
    534. 

  534. 	$(CP) $(PKG_INSTALL_DIR)/usr/lib/libxtables.so* $(1)/usr/lib/
    535. 

  535. 	$(CP) $(PKG_INSTALL_DIR)/usr/lib/libip*tc.so* $(1)/usr/lib/
    536. 

  536. 	$(INSTALL_DIR) $(1)/usr/lib/pkgconfig
    537. 

  537. 	$(CP) $(PKG_INSTALL_DIR)/usr/lib/pkgconfig/xtables.pc $(1)/usr/lib/pkgconfig/
    538. 

  538. 	$(CP) $(PKG_INSTALL_DIR)/usr/lib/pkgconfig/libip*tc.pc $(1)/usr/lib/pkgconfig/
    539. 

  539. 

  540. 	# XXX: needed by firewall3
    541. 

  541. 	$(CP) $(PKG_BUILD_DIR)/extensions/libiptext*.so $(1)/usr/lib/
    542. 

  542. endef
    543. 

  543. 

  544. define Package/iptables/install
    545. 

  545. 	$(INSTALL_DIR) $(1)/usr/sbin
    546. 

  546. 	$(CP) $(PKG_INSTALL_DIR)/usr/sbin/xtables-multi $(1)/usr/sbin/
    547. 

  547. 	$(CP) $(PKG_INSTALL_DIR)/usr/sbin/iptables{,-restore,-save} $(1)/usr/sbin/
    548. 

  548. 	$(INSTALL_DIR) $(1)/usr/lib/iptables
    549. 

  549. endef
    550. 

  550. 

  551. define Package/ip6tables/install
    552. 

  552. 	$(INSTALL_DIR) $(1)/usr/sbin
    553. 

  553. 	$(CP) $(PKG_INSTALL_DIR)/usr/sbin/ip6tables{,-restore,-save} $(1)/usr/sbin/
    554. 

  554. endef
    555. 

  555. 

  556. define Package/libiptc/install
    557. 

  557. 	$(INSTALL_DIR) $(1)/usr/lib
    558. 

  558. 	$(CP) $(PKG_INSTALL_DIR)/usr/lib/libiptc.so* $(1)/usr/lib/
    559. 

  559. endef
    560. 

  560. 

  561. define Package/libip4tc/install
    562. 

  562. 	$(INSTALL_DIR) $(1)/usr/lib
    563. 

  563. 	$(CP) $(PKG_INSTALL_DIR)/usr/lib/libip4tc.so* $(1)/usr/lib/
    564. 

  564. 	$(CP) $(PKG_BUILD_DIR)/extensions/libiptext4.so $(1)/usr/lib/
    565. 

  565. endef
    566. 

  566. 

  567. define Package/libip6tc/install
    568. 

  568. 	$(INSTALL_DIR) $(1)/usr/lib
    569. 

  569. 	$(CP) $(PKG_INSTALL_DIR)/usr/lib/libip6tc.so* $(1)/usr/lib/
    570. 

  570. 	$(CP) $(PKG_BUILD_DIR)/extensions/libiptext6.so $(1)/usr/lib/
    571. 

  571. endef
    572. 

  572. 

  573. define Package/libxtables/install
    574. 

  574. 	$(INSTALL_DIR) $(1)/usr/lib
    575. 

  575. 	$(CP) $(PKG_INSTALL_DIR)/usr/lib/libxtables.so* $(1)/usr/lib/
    576. 

  576. 	$(CP) $(PKG_BUILD_DIR)/extensions/libiptext.so $(1)/usr/lib/
    577. 

  577. endef
    578. 

  578. 

  579. define BuildPlugin
    580. 

  580.   define Package/$(1)/install
    581. 

  581. 	$(INSTALL_DIR) $$(1)/usr/lib/iptables
    582. 

  582. 	for m in $(patsubst xt_%,ipt_%,$(2)) $(patsubst ipt_%,xt_%,$(2)) $(patsubst xt_%,ip6t_%,$(2)) $(patsubst ip6t_%,xt_%,$(2)); do \
    583. 

  583. 		if [ -f $(PKG_INSTALL_DIR)/usr/lib/iptables/lib$$$$$$$${m}.so ]; then \
    584. 

  584. 			$(CP) $(PKG_INSTALL_DIR)/usr/lib/iptables/lib$$$$$$$${m}.so $$(1)/usr/lib/iptables/ ; \
    585. 

  585. 		fi; \
    586. 

  586. 	done
    587. 

  587. 	$(3)
    588. 

  588.   endef
    589. 

  589. 

  590.   $$(eval $$(call BuildPackage,$(1)))
    591. 

  591. endef
    592. 

  592. 

  593. $(eval $(call BuildPackage,iptables))
    594. 

  594. $(eval $(call BuildPlugin,iptables-mod-conntrack-extra,$(IPT_CONNTRACK_EXTRA-m)))
    595. 

  595. $(eval $(call BuildPlugin,iptables-mod-extra,$(IPT_EXTRA-m)))
    596. 

  596. $(eval $(call BuildPlugin,iptables-mod-filter,$(IPT_FILTER-m)))
    597. 

  597. $(eval $(call BuildPlugin,iptables-mod-ipopt,$(IPT_IPOPT-m)))
    598. 

  598. $(eval $(call BuildPlugin,iptables-mod-ipsec,$(IPT_IPSEC-m)))
    599. 

  599. $(eval $(call BuildPlugin,iptables-mod-nat-extra,$(IPT_NAT_EXTRA-m)))
    600. 

  600. $(eval $(call BuildPlugin,iptables-mod-iprange,$(IPT_IPRANGE-m)))
    601. 

  601. $(eval $(call BuildPlugin,iptables-mod-cluster,$(IPT_CLUSTER-m)))
    602. 

  602. $(eval $(call BuildPlugin,iptables-mod-clusterip,$(IPT_CLUSTERIP-m)))
    603. 

  603. $(eval $(call BuildPlugin,iptables-mod-ulog,$(IPT_ULOG-m)))
    604. 

  604. $(eval $(call BuildPlugin,iptables-mod-hashlimit,$(IPT_HASHLIMIT-m)))
    605. 

  605. $(eval $(call BuildPlugin,iptables-mod-rpfilter,$(IPT_RPFILTER-m)))
    606. 

  606. $(eval $(call BuildPlugin,iptables-mod-led,$(IPT_LED-m)))
    607. 

  607. $(eval $(call BuildPlugin,iptables-mod-tproxy,$(IPT_TPROXY-m)))
    608. 

  608. $(eval $(call BuildPlugin,iptables-mod-tee,$(IPT_TEE-m)))
    609. 

  609. $(eval $(call BuildPlugin,iptables-mod-u32,$(IPT_U32-m)))
    610. 

  610. $(eval $(call BuildPlugin,iptables-mod-nflog,$(IPT_NFLOG-m)))
    611. 

  611. $(eval $(call BuildPlugin,iptables-mod-trace,$(IPT_DEBUG-m)))
    612. 

  612. $(eval $(call BuildPlugin,iptables-mod-nfqueue,$(IPT_NFQUEUE-m)))
    613. 

  613. $(eval $(call BuildPlugin,iptables-mod-checksum,$(IPT_CHECKSUM-m)))
    614. 

  614. $(eval $(call BuildPackage,ip6tables))
    615. 

  615. $(eval $(call BuildPlugin,ip6tables-extra,$(IPT_IPV6_EXTRA-m)))
    616. 

  616. $(eval $(call BuildPlugin,ip6tables-mod-nat,$(IPT_NAT6-m)))
    617. 

  617. $(eval $(call BuildPackage,libiptc))
    618. 

  618. $(eval $(call BuildPackage,libip4tc))
    619. 

  619. $(eval $(call BuildPackage,libip6tc))
    620. 

  620. $(eval $(call BuildPackage,libxtables))
    621.