Главная Обзор Помощь
Вход
OpenWrt
/
openwrt
зеркало из https://github.com/openwrt/openwrt.git
2
0
Ответвить 0
Файлы Задачи 0 Вики
Дерево: c536c50171
Ветки Метки
openwrt
/
package
/
network
/
utils
/
iptables
/
Makefile

Makefile 14 KB
История Исходник

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580 
  1. #
    2. 

  2. # Copyright (C) 2006-2016 OpenWrt.org
    3. 

  3. #
    4. 

  4. # This is free software, licensed under the GNU General Public License v2.
    5. 

  5. # See /LICENSE for more information.
    6. 

  6. #
    7. 

  7. 

  8. include $(TOPDIR)/rules.mk
    9. 

  9. include $(INCLUDE_DIR)/kernel.mk
    10. 

  10. 

  11. PKG_NAME:=iptables
    12. 

  12. PKG_VERSION:=1.6.1
    13. 

  13. PKG_RELEASE:=1
    14. 

  14. 

  15. PKG_SOURCE_PROTO:=git
    16. 

  16. PKG_SOURCE_URL:=https://git.netfilter.org/iptables
    17. 

  17. PKG_SOURCE_VERSION:=7df66f1c13563cfbab75246b009ce36f69ee4487
    18. 

  18. PKG_MIRROR_HASH:=22f15ef41fd8e3724bedcee666b7b6a3491d2d038d580ef1fb032718dcb73f14
    19. 

  19. 

  20. PKG_FIXUP:=autoreconf
    21. 

  21. 

  22. PKG_INSTALL:=1
    23. 

  23. PKG_BUILD_PARALLEL:=1
    24. 

  24. PKG_LICENSE:=GPL-2.0
    25. 

  25. 

  26. include $(INCLUDE_DIR)/package.mk
    27. 

  27. ifeq ($(DUMP),)
    28. 

  28.   -include $(LINUX_DIR)/.config
    29. 

  29.   include $(INCLUDE_DIR)/netfilter.mk
    30. 

  30.   STAMP_CONFIGURED:=$(strip $(STAMP_CONFIGURED))_$(shell grep 'NETFILTER' $(LINUX_DIR)/.config | mkhash md5)
    31. 

  31. endif
    32. 

  32. 

  33. 

  34. define Package/iptables/Default
    35. 

  35.   SECTION:=net
    36. 

  36.   CATEGORY:=Network
    37. 

  37.   SUBMENU:=Firewall
    38. 

  38.   URL:=http://netfilter.org/
    39. 

  39. endef
    40. 

  40. 

  41. define Package/iptables/Module
    42. 

  42. $(call Package/iptables/Default)
    43. 

  43.   DEPENDS:=iptables $(1)
    44. 

  44. endef
    45. 

  45. 

  46. define Package/iptables
    47. 

  47. $(call Package/iptables/Default)
    48. 

  48.   TITLE:=IP firewall administration tool
    49. 

  49.   MENU:=1
    50. 

  50.   DEPENDS+= +kmod-ipt-core +libip4tc +IPV6:libip6tc +libxtables
    51. 

  51. endef
    52. 

  52. 

  53. define Package/iptables/config
    54. 

  54.   config IPTABLES_CONNLABEL
    55. 

  55. 	bool "Enable Connlabel support"
    56. 

  56. 	default n
    57. 

  57. 	help
    58. 

  58. 		This enable connlabel support in iptables.
    59. 

  59. 

  60.   config IPTABLES_NFTABLES
    61. 

  61. 	bool "Enable Nftables support"
    62. 

  62. 	default n
    63. 

  63. 	help
    64. 

  64. 		This enable nftables support in iptables.
    65. 

  65. endef
    66. 

  66. 

  67. define Package/iptables/description
    68. 

  68. IP firewall administration tool.
    69. 

  69. 

  70.  Matches:
    71. 

  71.   - icmp
    72. 

  72.   - tcp
    73. 

  73.   - udp
    74. 

  74.   - comment
    75. 

  75.   - conntrack
    76. 

  76.   - limit
    77. 

  77.   - mac
    78. 

  78.   - mark
    79. 

  79.   - multiport
    80. 

  80.   - set
    81. 

  81.   - state
    82. 

  82.   - time
    83. 

  83. 

  84.  Targets:
    85. 

  85.   - ACCEPT
    86. 

  86.   - CT
    87. 

  87.   - DNAT
    88. 

  88.   - DROP
    89. 

  89.   - REJECT
    90. 

  90.   - LOG
    91. 

  91.   - MARK
    92. 

  92.   - MASQUERADE
    93. 

  93.   - REDIRECT
    94. 

  94.   - SET
    95. 

  95.   - SNAT
    96. 

  96.   - TCPMSS
    97. 

  97. 

  98.  Tables:
    99. 

  99.   - filter
    100. 

  100.   - mangle
    101. 

  101.   - nat
    102. 

  102.   - raw
    103. 

  103. 

  104. endef
    105. 

  105. 

  106. define Package/iptables-mod-conntrack-extra
    107. 

  107. $(call Package/iptables/Module, +kmod-ipt-conntrack-extra)
    108. 

  108.   TITLE:=Extra connection tracking extensions
    109. 

  109. endef
    110. 

  110. 

  111. define Package/iptables-mod-conntrack-extra/description
    112. 

  112. Extra iptables extensions for connection tracking.
    113. 

  113. 

  114.  Matches:
    115. 

  115.   - connbytes
    116. 

  116.   - connlimit
    117. 

  117.   - connmark
    118. 

  118.   - recent
    119. 

  119.   - helper
    120. 

  120. 

  121.  Targets:
    122. 

  122.   - CONNMARK
    123. 

  123. 

  124. endef
    125. 

  125. 

  126. define Package/iptables-mod-filter
    127. 

  127. $(call Package/iptables/Module, +kmod-ipt-filter)
    128. 

  128.   TITLE:=Content inspection extensions
    129. 

  129. endef
    130. 

  130. 

  131. define Package/iptables-mod-filter/description
    132. 

  132. iptables extensions for packet content inspection.
    133. 

  133. Includes support for:
    134. 

  134. 

  135.  Matches:
    136. 

  136.   - string
    137. 

  137. 

  138. endef
    139. 

  139. 

  140. define Package/iptables-mod-ipopt
    141. 

  141. $(call Package/iptables/Module, +kmod-ipt-ipopt)
    142. 

  142.   TITLE:=IP/Packet option extensions
    143. 

  143. endef
    144. 

  144. 

  145. define Package/iptables-mod-ipopt/description
    146. 

  146. iptables extensions for matching/changing IP packet options.
    147. 

  147. 

  148.  Matches:
    149. 

  149.   - dscp
    150. 

  150.   - ecn
    151. 

  151.   - length
    152. 

  152.   - statistic
    153. 

  153.   - tcpmss
    154. 

  154.   - unclean
    155. 

  155.   - hl
    156. 

  156. 

  157.  Targets:
    158. 

  158.   - DSCP
    159. 

  159.   - CLASSIFY
    160. 

  160.   - ECN
    161. 

  161.   - HL
    162. 

  162. 

  163. endef
    164. 

  164. 

  165. define Package/iptables-mod-ipsec
    166. 

  166. $(call Package/iptables/Module, +kmod-ipt-ipsec)
    167. 

  167.   TITLE:=IPsec extensions
    168. 

  168. endef
    169. 

  169. 

  170. define Package/iptables-mod-ipsec/description
    171. 

  171. iptables extensions for matching ipsec traffic.
    172. 

  172. 

  173.  Matches:
    174. 

  174.   - ah
    175. 

  175.   - esp
    176. 

  176.   - policy
    177. 

  177. 

  178. endef
    179. 

  179. 

  180. define Package/iptables-mod-nat-extra
    181. 

  181. $(call Package/iptables/Module, +kmod-ipt-nat-extra)
    182. 

  182.   TITLE:=Extra NAT extensions
    183. 

  183. endef
    184. 

  184. 

  185. define Package/iptables-mod-nat-extra/description
    186. 

  186. iptables extensions for extra NAT targets.
    187. 

  187. 

  188.  Targets:
    189. 

  189.   - MIRROR
    190. 

  190.   - NETMAP
    191. 

  191. endef
    192. 

  192. 

  193. define Package/iptables-mod-ulog
    194. 

  194. $(call Package/iptables/Module, +kmod-ipt-ulog)
    195. 

  195.   TITLE:=user-space packet logging
    196. 

  196. endef
    197. 

  197. 

  198. define Package/iptables-mod-ulog/description
    199. 

  199. iptables extensions for user-space packet logging.
    200. 

  200. 

  201.  Targets:
    202. 

  202.   - ULOG
    203. 

  203. 

  204. endef
    205. 

  205. 

  206. define Package/iptables-mod-nflog
    207. 

  207. $(call Package/iptables/Module, +kmod-nfnetlink-log +kmod-ipt-nflog)
    208. 

  208.   TITLE:=Netfilter NFLOG target
    209. 

  209. endef
    210. 

  210. 

  211. define Package/iptables-mod-nflog/description
    212. 

  212.  iptables extension for user-space logging via NFNETLINK.
    213. 

  213. 

  214.  Includes:
    215. 

  215.   - libxt_NFLOG
    216. 

  216. 

  217. endef
    218. 

  218. 

  219. define Package/iptables-mod-nfqueue
    220. 

  220. $(call Package/iptables/Module, +kmod-nfnetlink-queue +kmod-ipt-nfqueue)
    221. 

  221.   TITLE:=Netfilter NFQUEUE target
    222. 

  222. endef
    223. 

  223. 

  224. define Package/iptables-mod-nfqueue/description
    225. 

  225.  iptables extension for user-space queuing via NFNETLINK.
    226. 

  226. 

  227.  Includes:
    228. 

  228.   - libxt_NFQUEUE
    229. 

  229. 

  230. endef
    231. 

  231. 

  232. define Package/iptables-mod-hashlimit
    233. 

  233. $(call Package/iptables/Module, +kmod-ipt-hashlimit)
    234. 

  234.   TITLE:=hashlimit matching
    235. 

  235. endef
    236. 

  236. 

  237. define Package/iptables-mod-hashlimit/description
    238. 

  238. iptables extensions for hashlimit matching
    239. 

  239. 

  240.  Matches:
    241. 

  241.   - hashlimit
    242. 

  242. 

  243. endef
    244. 

  244. 

  245. define Package/iptables-mod-iprange
    246. 

  246. $(call Package/iptables/Module, +kmod-ipt-iprange)
    247. 

  247.   TITLE:=IP range extension
    248. 

  248. endef
    249. 

  249. 

  250. define Package/iptables-mod-iprange/description
    251. 

  251. iptables extensions for matching ip ranges.
    252. 

  252. 

  253.  Matches:
    254. 

  254.   - iprange
    255. 

  255. 

  256. endef
    257. 

  257. 

  258. define Package/iptables-mod-cluster
    259. 

  259. $(call Package/iptables/Module, +kmod-ipt-cluster)
    260. 

  260.   TITLE:=Match cluster extension
    261. 

  261. endef
    262. 

  262. 

  263. define Package/iptables-mod-cluster/description
    264. 

  264. iptables extensions for matching cluster.
    265. 

  265. 

  266.  Netfilter (IPv4/IPv6) module for matching cluster
    267. 

  267.  This option allows you to build work-load-sharing clusters of
    268. 

  268.  network servers/stateful firewalls without having a dedicated
    269. 

  269.  load-balancing router/server/switch. Basically, this match returns
    270. 

  270.  true when the packet must be handled by this cluster node. Thus,
    271. 

  271.  all nodes see all packets and this match decides which node handles
    272. 

  272.  what packets. The work-load sharing algorithm is based on source
    273. 

  273.  address hashing.
    274. 

  274. 

  275.  This module is usable for ipv4 and ipv6.
    276. 

  276. 

  277.  If you select it, it enables kmod-ipt-cluster.
    278. 

  278. 

  279.  see `iptables -m cluster --help` for more information.
    280. 

  280. endef
    281. 

  281. 

  282. define Package/iptables-mod-clusterip
    283. 

  283. $(call Package/iptables/Module, +kmod-ipt-clusterip)
    284. 

  284.   TITLE:=Clusterip extension
    285. 

  285. endef
    286. 

  286. 

  287. define Package/iptables-mod-clusterip/description
    288. 

  288. iptables extensions for CLUSTERIP.
    289. 

  289.  The CLUSTERIP target allows you to build load-balancing clusters of
    290. 

  290.  network servers without having a dedicated load-balancing
    291. 

  291.  router/server/switch.
    292. 

  292. 

  293.  If you select it, it enables kmod-ipt-clusterip.
    294. 

  294. 

  295.  see `iptables -j CLUSTERIP --help` for more information.
    296. 

  296. endef
    297. 

  297. 

  298. define Package/iptables-mod-extra
    299. 

  299. $(call Package/iptables/Module, +kmod-ipt-extra)
    300. 

  300.   TITLE:=Other extra iptables extensions
    301. 

  301. endef
    302. 

  302. 

  303. define Package/iptables-mod-extra/description
    304. 

  304. Other extra iptables extensions.
    305. 

  305. 

  306.  Matches:
    307. 

  307.   - addrtype
    308. 

  308.   - condition
    309. 

  309.   - owner
    310. 

  310.   - physdev (if ebtables is enabled)
    311. 

  311.   - pkttype
    312. 

  312.   - quota
    313. 

  313. 

  314. endef
    315. 

  315. 

  316. define Package/iptables-mod-led
    317. 

  317. $(call Package/iptables/Module, +kmod-ipt-led)
    318. 

  318.   TITLE:=LED trigger iptables extension
    319. 

  319. endef
    320. 

  320. 

  321. define Package/iptables-mod-led/description
    322. 

  322. iptables extension for triggering a LED.
    323. 

  323. 

  324.  Targets:
    325. 

  325.   - LED
    326. 

  326. 

  327. endef
    328. 

  328. 

  329. define Package/iptables-mod-tproxy
    330. 

  330. $(call Package/iptables/Module, +kmod-ipt-tproxy)
    331. 

  331.   TITLE:=Transparent proxy iptables extensions
    332. 

  332. endef
    333. 

  333. 

  334. define Package/iptables-mod-tproxy/description
    335. 

  335. Transparent proxy iptables extensions.
    336. 

  336. 

  337.  Matches:
    338. 

  338.   - socket
    339. 

  339. 

  340.  Targets:
    341. 

  341.   - TPROXY
    342. 

  342. 

  343. endef
    344. 

  344. 

  345. define Package/iptables-mod-tee
    346. 

  346. $(call Package/iptables/Module, +kmod-ipt-tee)
    347. 

  347.   TITLE:=TEE iptables extensions
    348. 

  348. endef
    349. 

  349. 

  350. define Package/iptables-mod-tee/description
    351. 

  351. TEE iptables extensions.
    352. 

  352. 

  353.  Targets:
    354. 

  354.   - TEE
    355. 

  355. 

  356. endef
    357. 

  357. 

  358. define Package/iptables-mod-u32
    359. 

  359. $(call Package/iptables/Module, +kmod-ipt-u32)
    360. 

  360.   TITLE:=U32 iptables extensions
    361. 

  361. endef
    362. 

  362. 

  363. define Package/iptables-mod-u32/description
    364. 

  364. U32 iptables extensions.
    365. 

  365. 

  366.  Matches:
    367. 

  367.   - u32
    368. 

  368. 

  369. endef
    370. 

  370. 

  371. define Package/ip6tables
    372. 

  372. $(call Package/iptables/Default)
    373. 

  373.   DEPENDS:=@IPV6 +kmod-ip6tables +iptables
    374. 

  374.   CATEGORY:=Network
    375. 

  375.   TITLE:=IPv6 firewall administration tool
    376. 

  376.   MENU:=1
    377. 

  377. endef
    378. 

  378. 

  379. 

  380. define Package/ip6tables-extra
    381. 

  381. $(call Package/iptables/Default)
    382. 

  382.   DEPENDS:=ip6tables +kmod-ip6tables-extra
    383. 

  383.   TITLE:=IPv6 header matching modules
    384. 

  384. endef
    385. 

  385. 

  386. define Package/ip6tables-mod-extra/description
    387. 

  387. iptables header matching modules for IPv6
    388. 

  388. endef
    389. 

  389. 

  390. define Package/ip6tables-mod-nat
    391. 

  391. $(call Package/iptables/Default)
    392. 

  392.   DEPENDS:=ip6tables +kmod-ipt-nat6
    393. 

  393.   TITLE:=IPv6 NAT extensions
    394. 

  394. endef
    395. 

  395. 

  396. define Package/ip6tables-mod-nat/description
    397. 

  397. iptables extensions for IPv6-NAT targets.
    398. 

  398. endef
    399. 

  399. 

  400. define Package/libiptc
    401. 

  401. $(call Package/iptables/Default)
    402. 

  402.   SECTION:=libs
    403. 

  403.   CATEGORY:=Libraries
    404. 

  404.   DEPENDS:=+libip4tc +libip6tc +libxtables
    405. 

  405.   ABI_VERSION:=$(PKG_VERSION)
    406. 

  406.   TITLE:=IPv4/IPv6 firewall - shared libiptc library (compatibility stub)
    407. 

  407. endef
    408. 

  408. 

  409. define Package/libip4tc
    410. 

  410. $(call Package/iptables/Default)
    411. 

  411.   SECTION:=libs
    412. 

  412.   CATEGORY:=Libraries
    413. 

  413.   TITLE:=IPv4 firewall - shared libiptc library
    414. 

  414.   ABI_VERSION:=$(PKG_VERSION)
    415. 

  415.   DEPENDS:=+libxtables
    416. 

  416. endef
    417. 

  417. 

  418. define Package/libip6tc
    419. 

  419. $(call Package/iptables/Default)
    420. 

  420.   SECTION:=libs
    421. 

  421.   CATEGORY:=Libraries
    422. 

  422.   TITLE:=IPv6 firewall - shared libiptc library
    423. 

  423.   ABI_VERSION:=$(PKG_VERSION)
    424. 

  424.   DEPENDS:=+libxtables
    425. 

  425. endef
    426. 

  426. 

  427. define Package/libxtables
    428. 

  428.  $(call Package/iptables/Default)
    429. 

  429.  SECTION:=libs
    430. 

  430.  CATEGORY:=Libraries
    431. 

  431.  TITLE:=IPv4/IPv6 firewall - shared xtables library
    432. 

  432.  ABI_VERSION:=$(PKG_VERSION)
    433. 

  433.  DEPENDS:= \
    434. 

  434. 	+IPTABLES_CONNLABEL:libnetfilter-conntrack \
    435. 

  435. 	+IPTABLES_NFTABLES:libnftnl
    436. 

  436. endef
    437. 

  437. 

  438. TARGET_CPPFLAGS := \
    439. 

  439. 	-I$(PKG_BUILD_DIR)/include \
    440. 

  440. 	-I$(LINUX_DIR)/user_headers/include \
    441. 

  441. 	$(TARGET_CPPFLAGS)
    442. 

  442. 

  443. TARGET_CFLAGS += \
    444. 

  444. 	-I$(PKG_BUILD_DIR)/include \
    445. 

  445. 	-I$(LINUX_DIR)/user_headers/include \
    446. 

  446. 	-ffunction-sections -fdata-sections \
    447. 

  447. 	-DNO_LEGACY
    448. 

  448. 

  449. TARGET_LDFLAGS += \
    450. 

  450. 	-Wl,--gc-sections
    451. 

  451. 

  452. CONFIGURE_ARGS += \
    453. 

  453. 	--enable-shared \
    454. 

  454. 	--enable-static \
    455. 

  455. 	--enable-devel \
    456. 

  456. 	--with-kernel="$(LINUX_DIR)/user_headers" \
    457. 

  457. 	--with-xtlibdir=/usr/lib/iptables \
    458. 

  458. 	$(if $(CONFIG_IPTABLES_CONNLABEL),,--disable-connlabel) \
    459. 

  459. 	$(if $(CONFIG_IPTABLES_NFTABLES),,--disable-nftables) \
    460. 

  460. 	$(if $(CONFIG_IPV6),,--disable-ipv6)
    461. 

  461. 

  462. MAKE_FLAGS := \
    463. 

  463. 	$(TARGET_CONFIGURE_OPTS) \
    464. 

  464. 	COPT_FLAGS="$(TARGET_CFLAGS)" \
    465. 

  465. 	KERNEL_DIR="$(LINUX_DIR)/user_headers/" PREFIX=/usr \
    466. 

  466. 	KBUILD_OUTPUT="$(LINUX_DIR)" \
    467. 

  467. 	BUILTIN_MODULES="$(patsubst ip6t_%,%,$(patsubst ipt_%,%,$(patsubst xt_%,%,$(IPT_BUILTIN) $(IPT_CONNTRACK-m) $(IPT_NAT-m))))"
    468. 

  468. 

  469. ifneq ($(wildcard $(PKG_BUILD_DIR)/.config_*),$(subst .configured_,.config_,$(STAMP_CONFIGURED)))
    470. 

  470.   define Build/Configure/rebuild
    471. 

  471. 	$(FIND) $(PKG_BUILD_DIR) -name \*.o -or -name \*.\?o -or -name \*.a | $(XARGS) rm -f
    472. 

  472. 	rm -f $(PKG_BUILD_DIR)/.config_*
    473. 

  473. 	rm -f $(PKG_BUILD_DIR)/.configured_*
    474. 

  474. 	touch $(subst .configured_,.config_,$(STAMP_CONFIGURED))
    475. 

  475.   endef
    476. 

  476. endif
    477. 

  477. 

  478. define Build/Configure
    479. 

  479. $(Build/Configure/rebuild)
    480. 

  480. $(Build/Configure/Default)
    481. 

  481. endef
    482. 

  482. 

  483. define Build/InstallDev
    484. 

  484. 	$(INSTALL_DIR) $(1)/usr/include
    485. 

  485. 	$(INSTALL_DIR) $(1)/usr/include/iptables
    486. 

  486. 	$(INSTALL_DIR) $(1)/usr/include/net/netfilter
    487. 

  487. 

  488. 	# XXX: iptables header fixup, some headers are not installed by iptables anymore
    489. 

  489. 	$(CP) $(PKG_BUILD_DIR)/include/iptables/*.h $(1)/usr/include/iptables/
    490. 

  490. 	$(CP) $(PKG_BUILD_DIR)/include/iptables.h $(1)/usr/include/
    491. 

  491. 	$(CP) $(PKG_BUILD_DIR)/include/ip6tables.h $(1)/usr/include/
    492. 

  492. 	$(CP) $(PKG_BUILD_DIR)/include/libipulog $(1)/usr/include/
    493. 

  493. 	$(CP) $(PKG_BUILD_DIR)/include/libiptc $(1)/usr/include/
    494. 

  494. 

  495. 	$(CP) $(PKG_INSTALL_DIR)/usr/include/* $(1)/usr/include/
    496. 

  496. 	$(INSTALL_DIR) $(1)/usr/lib
    497. 

  497. 	$(CP) $(PKG_INSTALL_DIR)/usr/lib/libxtables.so* $(1)/usr/lib/
    498. 

  498. 	$(CP) $(PKG_INSTALL_DIR)/usr/lib/libip*tc.so* $(1)/usr/lib/
    499. 

  499. 	$(INSTALL_DIR) $(1)/usr/lib/pkgconfig
    500. 

  500. 	$(CP) $(PKG_INSTALL_DIR)/usr/lib/pkgconfig/xtables.pc $(1)/usr/lib/pkgconfig/
    501. 

  501. 	$(CP) $(PKG_INSTALL_DIR)/usr/lib/pkgconfig/libip*tc.pc $(1)/usr/lib/pkgconfig/
    502. 

  502. 

  503. 	# XXX: needed by firewall3
    504. 

  504. 	$(CP) $(PKG_BUILD_DIR)/extensions/libiptext*.so $(1)/usr/lib/
    505. 

  505. endef
    506. 

  506. 

  507. define Package/iptables/install
    508. 

  508. 	$(INSTALL_DIR) $(1)/usr/sbin
    509. 

  509. 	$(CP) $(PKG_INSTALL_DIR)/usr/sbin/xtables-multi $(1)/usr/sbin/
    510. 

  510. 	$(CP) $(PKG_INSTALL_DIR)/usr/sbin/iptables{,-restore,-save} $(1)/usr/sbin/
    511. 

  511. 	$(INSTALL_DIR) $(1)/usr/lib/iptables
    512. 

  512. endef
    513. 

  513. 

  514. define Package/ip6tables/install
    515. 

  515. 	$(INSTALL_DIR) $(1)/usr/sbin
    516. 

  516. 	$(CP) $(PKG_INSTALL_DIR)/usr/sbin/ip6tables{,-restore,-save} $(1)/usr/sbin/
    517. 

  517. endef
    518. 

  518. 

  519. define Package/libiptc/install
    520. 

  520. 	$(INSTALL_DIR) $(1)/usr/lib
    521. 

  521. 	$(CP) $(PKG_INSTALL_DIR)/usr/lib/libiptc.so* $(1)/usr/lib/
    522. 

  522. endef
    523. 

  523. 

  524. define Package/libip4tc/install
    525. 

  525. 	$(INSTALL_DIR) $(1)/usr/lib
    526. 

  526. 	$(CP) $(PKG_INSTALL_DIR)/usr/lib/libip4tc.so* $(1)/usr/lib/
    527. 

  527. 	$(CP) $(PKG_BUILD_DIR)/extensions/libiptext4.so $(1)/usr/lib/
    528. 

  528. endef
    529. 

  529. 

  530. define Package/libip6tc/install
    531. 

  531. 	$(INSTALL_DIR) $(1)/usr/lib
    532. 

  532. 	$(CP) $(PKG_INSTALL_DIR)/usr/lib/libip6tc.so* $(1)/usr/lib/
    533. 

  533. 	$(CP) $(PKG_BUILD_DIR)/extensions/libiptext6.so $(1)/usr/lib/
    534. 

  534. endef
    535. 

  535. 

  536. define Package/libxtables/install
    537. 

  537. 	$(INSTALL_DIR) $(1)/usr/lib
    538. 

  538. 	$(CP) $(PKG_INSTALL_DIR)/usr/lib/libxtables.so* $(1)/usr/lib/
    539. 

  539. 	$(CP) $(PKG_BUILD_DIR)/extensions/libiptext.so $(1)/usr/lib/
    540. 

  540. endef
    541. 

  541. 

  542. define BuildPlugin
    543. 

  543.   define Package/$(1)/install
    544. 

  544. 	$(INSTALL_DIR) $$(1)/usr/lib/iptables
    545. 

  545. 	for m in $(patsubst xt_%,ipt_%,$(2)) $(patsubst ipt_%,xt_%,$(2)) $(patsubst xt_%,ip6t_%,$(2)) $(patsubst ip6t_%,xt_%,$(2)); do \
    546. 

  546. 		if [ -f $(PKG_INSTALL_DIR)/usr/lib/iptables/lib$$$$$$$${m}.so ]; then \
    547. 

  547. 			$(CP) $(PKG_INSTALL_DIR)/usr/lib/iptables/lib$$$$$$$${m}.so $$(1)/usr/lib/iptables/ ; \
    548. 

  548. 		fi; \
    549. 

  549. 	done
    550. 

  550. 	$(3)
    551. 

  551.   endef
    552. 

  552. 

  553.   $$(eval $$(call BuildPackage,$(1)))
    554. 

  554. endef
    555. 

  555. 

  556. $(eval $(call BuildPackage,iptables))
    557. 

  557. $(eval $(call BuildPlugin,iptables-mod-conntrack-extra,$(IPT_CONNTRACK_EXTRA-m)))
    558. 

  558. $(eval $(call BuildPlugin,iptables-mod-extra,$(IPT_EXTRA-m)))
    559. 

  559. $(eval $(call BuildPlugin,iptables-mod-filter,$(IPT_FILTER-m)))
    560. 

  560. $(eval $(call BuildPlugin,iptables-mod-ipopt,$(IPT_IPOPT-m)))
    561. 

  561. $(eval $(call BuildPlugin,iptables-mod-ipsec,$(IPT_IPSEC-m)))
    562. 

  562. $(eval $(call BuildPlugin,iptables-mod-nat-extra,$(IPT_NAT_EXTRA-m)))
    563. 

  563. $(eval $(call BuildPlugin,iptables-mod-iprange,$(IPT_IPRANGE-m)))
    564. 

  564. $(eval $(call BuildPlugin,iptables-mod-cluster,$(IPT_CLUSTER-m)))
    565. 

  565. $(eval $(call BuildPlugin,iptables-mod-clusterip,$(IPT_CLUSTERIP-m)))
    566. 

  566. $(eval $(call BuildPlugin,iptables-mod-ulog,$(IPT_ULOG-m)))
    567. 

  567. $(eval $(call BuildPlugin,iptables-mod-hashlimit,$(IPT_HASHLIMIT-m)))
    568. 

  568. $(eval $(call BuildPlugin,iptables-mod-led,$(IPT_LED-m)))
    569. 

  569. $(eval $(call BuildPlugin,iptables-mod-tproxy,$(IPT_TPROXY-m)))
    570. 

  570. $(eval $(call BuildPlugin,iptables-mod-tee,$(IPT_TEE-m)))
    571. 

  571. $(eval $(call BuildPlugin,iptables-mod-u32,$(IPT_U32-m)))
    572. 

  572. $(eval $(call BuildPlugin,iptables-mod-nflog,$(IPT_NFLOG-m)))
    573. 

  573. $(eval $(call BuildPlugin,iptables-mod-nfqueue,$(IPT_NFQUEUE-m)))
    574. 

  574. $(eval $(call BuildPackage,ip6tables))
    575. 

  575. $(eval $(call BuildPlugin,ip6tables-extra,$(IPT_IPV6_EXTRA-m)))
    576. 

  576. $(eval $(call BuildPlugin,ip6tables-mod-nat,$(IPT_NAT6-m)))
    577. 

  577. $(eval $(call BuildPackage,libiptc))
    578. 

  578. $(eval $(call BuildPackage,libip4tc))
    579. 

  579. $(eval $(call BuildPackage,libip6tc))
    580. 

  580. $(eval $(call BuildPackage,libxtables))
    581.