Главная Обзор Помощь
Регистрация Вход
OpenWrt
/
openwrt
зеркало из https://github.com/openwrt/openwrt.git
2
0
Ответвить 0
Файлы Задачи 0 Вики
Дерево: d3a7587eb9
Ветки Метки
openwrt
/
package
/
network
/
utils
/
iptables
/
Makefile

Makefile 16 KB
История Исходник

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648 
  1. #
    2. 

  2. # Copyright (C) 2006-2016 OpenWrt.org
    3. 

  3. #
    4. 

  4. # This is free software, licensed under the GNU General Public License v2.
    5. 

  5. # See /LICENSE for more information.
    6. 

  6. #
    7. 

  7. 

  8. include $(TOPDIR)/rules.mk
    9. 

  9. include $(INCLUDE_DIR)/kernel.mk
    10. 

  10. 

  11. PKG_NAME:=iptables
    12. 

  12. PKG_VERSION:=1.6.2
    13. 

  13. PKG_RELEASE:=2
    14. 

  14. 

  15. PKG_SOURCE_PROTO:=git
    16. 

  16. PKG_SOURCE_URL:=https://git.netfilter.org/iptables
    17. 

  17. PKG_SOURCE_VERSION:=c16bdec15137b241586310d0e61bc88cc3726004
    18. 

  18. PKG_MIRROR_HASH:=72e4bec94a56dd600097846c773e1074ff705e38f800ef221db646c064371a53
    19. 

  19. 

  20. PKG_FIXUP:=autoreconf
    21. 

  21. PKG_FLAGS:=nonshared
    22. 

  22. 

  23. PKG_INSTALL:=1
    24. 

  24. PKG_BUILD_PARALLEL:=1
    25. 

  25. PKG_LICENSE:=GPL-2.0
    26. 

  26. PKG_CPE_ID:=cpe:/a:netfilter_core_team:iptables
    27. 

  27. 

  28. include $(INCLUDE_DIR)/package.mk
    29. 

  29. ifeq ($(DUMP),)
    30. 

  30.   -include $(LINUX_DIR)/.config
    31. 

  31.   include $(INCLUDE_DIR)/netfilter.mk
    32. 

  32.   STAMP_CONFIGURED:=$(strip $(STAMP_CONFIGURED))_$(shell grep 'NETFILTER' $(LINUX_DIR)/.config | mkhash md5)
    33. 

  33. endif
    34. 

  34. 

  35. 

  36. define Package/iptables/Default
    37. 

  37.   SECTION:=net
    38. 

  38.   CATEGORY:=Network
    39. 

  39.   SUBMENU:=Firewall
    40. 

  40.   URL:=http://netfilter.org/
    41. 

  41. endef
    42. 

  42. 

  43. define Package/iptables/Module
    44. 

  44. $(call Package/iptables/Default)
    45. 

  45.   DEPENDS:=iptables $(1)
    46. 

  46. endef
    47. 

  47. 

  48. define Package/iptables
    49. 

  49. $(call Package/iptables/Default)
    50. 

  50.   TITLE:=IP firewall administration tool
    51. 

  51.   MENU:=1
    52. 

  52.   DEPENDS+= +kmod-ipt-core +libip4tc +IPV6:libip6tc +libxtables
    53. 

  53. endef
    54. 

  54. 

  55. define Package/iptables/config
    56. 

  56.   config IPTABLES_CONNLABEL
    57. 

  57. 	bool "Enable Connlabel support"
    58. 

  58. 	default n
    59. 

  59. 	help
    60. 

  60. 		This enable connlabel support in iptables.
    61. 

  61. 

  62.   config IPTABLES_NFTABLES
    63. 

  63. 	bool "Enable Nftables support"
    64. 

  64. 	default n
    65. 

  65. 	help
    66. 

  66. 		This enable nftables support in iptables.
    67. 

  67. endef
    68. 

  68. 

  69. define Package/iptables/description
    70. 

  70. IP firewall administration tool.
    71. 

  71. 

  72.  Matches:
    73. 

  73.   - icmp
    74. 

  74.   - tcp
    75. 

  75.   - udp
    76. 

  76.   - comment
    77. 

  77.   - conntrack
    78. 

  78.   - limit
    79. 

  79.   - mac
    80. 

  80.   - mark
    81. 

  81.   - multiport
    82. 

  82.   - set
    83. 

  83.   - state
    84. 

  84.   - time
    85. 

  85. 

  86.  Targets:
    87. 

  87.   - ACCEPT
    88. 

  88.   - CT
    89. 

  89.   - DNAT
    90. 

  90.   - DROP
    91. 

  91.   - REJECT
    92. 

  92.   - FLOWOFFLOAD
    93. 

  93.   - LOG
    94. 

  94.   - MARK
    95. 

  95.   - MASQUERADE
    96. 

  96.   - REDIRECT
    97. 

  97.   - SET
    98. 

  98.   - SNAT
    99. 

  99.   - TCPMSS
    100. 

  100. 

  101.  Tables:
    102. 

  102.   - filter
    103. 

  103.   - mangle
    104. 

  104.   - nat
    105. 

  105.   - raw
    106. 

  106. 

  107. endef
    108. 

  108. 

  109. define Package/iptables-mod-conntrack-extra
    110. 

  110. $(call Package/iptables/Module, +kmod-ipt-conntrack-extra)
    111. 

  111.   TITLE:=Extra connection tracking extensions
    112. 

  112. endef
    113. 

  113. 

  114. define Package/iptables-mod-conntrack-extra/description
    115. 

  115. Extra iptables extensions for connection tracking.
    116. 

  116. 

  117.  Matches:
    118. 

  118.   - connbytes
    119. 

  119.   - connlimit
    120. 

  120.   - connmark
    121. 

  121.   - recent
    122. 

  122.   - helper
    123. 

  123. 

  124.  Targets:
    125. 

  125.   - CONNMARK
    126. 

  126. 

  127. endef
    128. 

  128. 

  129. define Package/iptables-mod-conntrack-label
    130. 

  130. $(call Package/iptables/Module, +kmod-ipt-conntrack-label @IPTABLES_CONNLABEL)
    131. 

  131.   TITLE:=Connection tracking labeling extension
    132. 

  132.   DEFAULT:=y if IPTABLES_CONNLABEL
    133. 

  133. endef
    134. 

  134. 

  135. define Package/iptables-mod-conntrack-label/description
    136. 

  136. Match and set label(s) on connection tracking entries
    137. 

  137. 

  138.  Matches:
    139. 

  139.   - connlabel
    140. 

  140. 

  141. endef
    142. 

  142. 

  143. define Package/iptables-mod-filter
    144. 

  144. $(call Package/iptables/Module, +kmod-ipt-filter)
    145. 

  145.   TITLE:=Content inspection extensions
    146. 

  146. endef
    147. 

  147. 

  148. define Package/iptables-mod-filter/description
    149. 

  149. iptables extensions for packet content inspection.
    150. 

  150. Includes support for:
    151. 

  151. 

  152.  Matches:
    153. 

  153.   - string
    154. 

  154.   - bpf
    155. 

  155. 

  156. endef
    157. 

  157. 

  158. define Package/iptables-mod-ipopt
    159. 

  159. $(call Package/iptables/Module, +kmod-ipt-ipopt)
    160. 

  160.   TITLE:=IP/Packet option extensions
    161. 

  161. endef
    162. 

  162. 

  163. define Package/iptables-mod-ipopt/description
    164. 

  164. iptables extensions for matching/changing IP packet options.
    165. 

  165. 

  166.  Matches:
    167. 

  167.   - dscp
    168. 

  168.   - ecn
    169. 

  169.   - length
    170. 

  170.   - statistic
    171. 

  171.   - tcpmss
    172. 

  172.   - unclean
    173. 

  173.   - hl
    174. 

  174. 

  175.  Targets:
    176. 

  176.   - DSCP
    177. 

  177.   - CLASSIFY
    178. 

  178.   - ECN
    179. 

  179.   - HL
    180. 

  180. 

  181. endef
    182. 

  182. 

  183. define Package/iptables-mod-ipsec
    184. 

  184. $(call Package/iptables/Module, +kmod-ipt-ipsec)
    185. 

  185.   TITLE:=IPsec extensions
    186. 

  186. endef
    187. 

  187. 

  188. define Package/iptables-mod-ipsec/description
    189. 

  189. iptables extensions for matching ipsec traffic.
    190. 

  190. 

  191.  Matches:
    192. 

  192.   - ah
    193. 

  193.   - esp
    194. 

  194.   - policy
    195. 

  195. 

  196. endef
    197. 

  197. 

  198. define Package/iptables-mod-nat-extra
    199. 

  199. $(call Package/iptables/Module, +kmod-ipt-nat-extra)
    200. 

  200.   TITLE:=Extra NAT extensions
    201. 

  201. endef
    202. 

  202. 

  203. define Package/iptables-mod-nat-extra/description
    204. 

  204. iptables extensions for extra NAT targets.
    205. 

  205. 

  206.  Targets:
    207. 

  207.   - MIRROR
    208. 

  208.   - NETMAP
    209. 

  209. endef
    210. 

  210. 

  211. define Package/iptables-mod-ulog
    212. 

  212. $(call Package/iptables/Module, +kmod-ipt-ulog)
    213. 

  213.   TITLE:=user-space packet logging
    214. 

  214. endef
    215. 

  215. 

  216. define Package/iptables-mod-ulog/description
    217. 

  217. iptables extensions for user-space packet logging.
    218. 

  218. 

  219.  Targets:
    220. 

  220.   - ULOG
    221. 

  221. 

  222. endef
    223. 

  223. 

  224. define Package/iptables-mod-nflog
    225. 

  225. $(call Package/iptables/Module, +kmod-nfnetlink-log +kmod-ipt-nflog)
    226. 

  226.   TITLE:=Netfilter NFLOG target
    227. 

  227. endef
    228. 

  228. 

  229. define Package/iptables-mod-nflog/description
    230. 

  230.  iptables extension for user-space logging via NFNETLINK.
    231. 

  231. 

  232.  Includes:
    233. 

  233.   - libxt_NFLOG
    234. 

  234. 

  235. endef
    236. 

  236. 

  237. define Package/iptables-mod-trace
    238. 

  238. $(call Package/iptables/Module, +kmod-ipt-debug)
    239. 

  239.   TITLE:=Netfilter TRACE target
    240. 

  240. endef
    241. 

  241. 

  242. define Package/iptables-mod-trace/description
    243. 

  243.  iptables extension for TRACE target
    244. 

  244. 

  245.  Includes:
    246. 

  246.   - libxt_TRACE
    247. 

  247. 

  248. endef
    249. 

  249. 

  250. 

  251. define Package/iptables-mod-nfqueue
    252. 

  252. $(call Package/iptables/Module, +kmod-nfnetlink-queue +kmod-ipt-nfqueue)
    253. 

  253.   TITLE:=Netfilter NFQUEUE target
    254. 

  254. endef
    255. 

  255. 

  256. define Package/iptables-mod-nfqueue/description
    257. 

  257.  iptables extension for user-space queuing via NFNETLINK.
    258. 

  258. 

  259.  Includes:
    260. 

  260.   - libxt_NFQUEUE
    261. 

  261. 

  262. endef
    263. 

  263. 

  264. define Package/iptables-mod-hashlimit
    265. 

  265. $(call Package/iptables/Module, +kmod-ipt-hashlimit)
    266. 

  266.   TITLE:=hashlimit matching
    267. 

  267. endef
    268. 

  268. 

  269. define Package/iptables-mod-hashlimit/description
    270. 

  270. iptables extensions for hashlimit matching
    271. 

  271. 

  272.  Matches:
    273. 

  273.   - hashlimit
    274. 

  274. 

  275. endef
    276. 

  276. 

  277. define Package/iptables-mod-rpfilter
    278. 

  278. $(call Package/iptables/Module, +kmod-ipt-rpfilter)
    279. 

  279.   TITLE:=rpfilter iptables extension
    280. 

  280. endef
    281. 

  281. 

  282. define Package/iptables-mod-rpfilter/description
    283. 

  283. iptables extensions for reverse path filter test on a packet
    284. 

  284. 

  285.  Matches:
    286. 

  286.   - rpfilter
    287. 

  287. 

  288. endef
    289. 

  289. 

  290. define Package/iptables-mod-iprange
    291. 

  291. $(call Package/iptables/Module, +kmod-ipt-iprange)
    292. 

  292.   TITLE:=IP range extension
    293. 

  293. endef
    294. 

  294. 

  295. define Package/iptables-mod-iprange/description
    296. 

  296. iptables extensions for matching ip ranges.
    297. 

  297. 

  298.  Matches:
    299. 

  299.   - iprange
    300. 

  300. 

  301. endef
    302. 

  302. 

  303. define Package/iptables-mod-cluster
    304. 

  304. $(call Package/iptables/Module, +kmod-ipt-cluster)
    305. 

  305.   TITLE:=Match cluster extension
    306. 

  306. endef
    307. 

  307. 

  308. define Package/iptables-mod-cluster/description
    309. 

  309. iptables extensions for matching cluster.
    310. 

  310. 

  311.  Netfilter (IPv4/IPv6) module for matching cluster
    312. 

  312.  This option allows you to build work-load-sharing clusters of
    313. 

  313.  network servers/stateful firewalls without having a dedicated
    314. 

  314.  load-balancing router/server/switch. Basically, this match returns
    315. 

  315.  true when the packet must be handled by this cluster node. Thus,
    316. 

  316.  all nodes see all packets and this match decides which node handles
    317. 

  317.  what packets. The work-load sharing algorithm is based on source
    318. 

  318.  address hashing.
    319. 

  319. 

  320.  This module is usable for ipv4 and ipv6.
    321. 

  321. 

  322.  If you select it, it enables kmod-ipt-cluster.
    323. 

  323. 

  324.  see `iptables -m cluster --help` for more information.
    325. 

  325. endef
    326. 

  326. 

  327. define Package/iptables-mod-clusterip
    328. 

  328. $(call Package/iptables/Module, +kmod-ipt-clusterip)
    329. 

  329.   TITLE:=Clusterip extension
    330. 

  330. endef
    331. 

  331. 

  332. define Package/iptables-mod-clusterip/description
    333. 

  333. iptables extensions for CLUSTERIP.
    334. 

  334.  The CLUSTERIP target allows you to build load-balancing clusters of
    335. 

  335.  network servers without having a dedicated load-balancing
    336. 

  336.  router/server/switch.
    337. 

  337. 

  338.  If you select it, it enables kmod-ipt-clusterip.
    339. 

  339. 

  340.  see `iptables -j CLUSTERIP --help` for more information.
    341. 

  341. endef
    342. 

  342. 

  343. define Package/iptables-mod-extra
    344. 

  344. $(call Package/iptables/Module, +kmod-ipt-extra)
    345. 

  345.   TITLE:=Other extra iptables extensions
    346. 

  346. endef
    347. 

  347. 

  348. define Package/iptables-mod-extra/description
    349. 

  349. Other extra iptables extensions.
    350. 

  350. 

  351.  Matches:
    352. 

  352.   - addrtype
    353. 

  353.   - condition
    354. 

  354.   - owner
    355. 

  355.   - pkttype
    356. 

  356.   - quota
    357. 

  357. 

  358. endef
    359. 

  359. 

  360. define Package/iptables-mod-physdev
    361. 

  361. $(call Package/iptables/Module, +kmod-ipt-physdev)
    362. 

  362.   TITLE:=physdev iptables extension
    363. 

  363. endef
    364. 

  364. 

  365. define Package/iptables-mod-physdev/description
    366. 

  366. The iptables physdev match.
    367. 

  367. endef
    368. 

  368. 

  369. define Package/iptables-mod-led
    370. 

  370. $(call Package/iptables/Module, +kmod-ipt-led)
    371. 

  371.   TITLE:=LED trigger iptables extension
    372. 

  372. endef
    373. 

  373. 

  374. define Package/iptables-mod-led/description
    375. 

  375. iptables extension for triggering a LED.
    376. 

  376. 

  377.  Targets:
    378. 

  378.   - LED
    379. 

  379. 

  380. endef
    381. 

  381. 

  382. define Package/iptables-mod-tproxy
    383. 

  383. $(call Package/iptables/Module, +kmod-ipt-tproxy)
    384. 

  384.   TITLE:=Transparent proxy iptables extensions
    385. 

  385. endef
    386. 

  386. 

  387. define Package/iptables-mod-tproxy/description
    388. 

  388. Transparent proxy iptables extensions.
    389. 

  389. 

  390.  Matches:
    391. 

  391.   - socket
    392. 

  392. 

  393.  Targets:
    394. 

  394.   - TPROXY
    395. 

  395. 

  396. endef
    397. 

  397. 

  398. define Package/iptables-mod-tee
    399. 

  399. $(call Package/iptables/Module, +kmod-ipt-tee)
    400. 

  400.   TITLE:=TEE iptables extensions
    401. 

  401. endef
    402. 

  402. 

  403. define Package/iptables-mod-tee/description
    404. 

  404. TEE iptables extensions.
    405. 

  405. 

  406.  Targets:
    407. 

  407.   - TEE
    408. 

  408. 

  409. endef
    410. 

  410. 

  411. define Package/iptables-mod-u32
    412. 

  412. $(call Package/iptables/Module, +kmod-ipt-u32)
    413. 

  413.   TITLE:=U32 iptables extensions
    414. 

  414. endef
    415. 

  415. 

  416. define Package/iptables-mod-u32/description
    417. 

  417. U32 iptables extensions.
    418. 

  418. 

  419.  Matches:
    420. 

  420.   - u32
    421. 

  421. 

  422. endef
    423. 

  423. 

  424. define Package/iptables-mod-checksum
    425. 

  425. $(call Package/iptables/Module, +kmod-ipt-checksum)
    426. 

  426.   TITLE:=IP CHECKSUM target extension
    427. 

  427. endef
    428. 

  428. 

  429. define Package/iptables-mod-checksum/description
    430. 

  430. iptables extension for the CHECKSUM calculation target
    431. 

  431. endef
    432. 

  432. 

  433. define Package/ip6tables
    434. 

  434. $(call Package/iptables/Default)
    435. 

  435.   DEPENDS:=@IPV6 +kmod-ip6tables +iptables
    436. 

  436.   CATEGORY:=Network
    437. 

  437.   TITLE:=IPv6 firewall administration tool
    438. 

  438.   MENU:=1
    439. 

  439. endef
    440. 

  440. 

  441. 

  442. define Package/ip6tables-extra
    443. 

  443. $(call Package/iptables/Default)
    444. 

  444.   DEPENDS:=ip6tables +kmod-ip6tables-extra
    445. 

  445.   TITLE:=IPv6 header matching modules
    446. 

  446. endef
    447. 

  447. 

  448. define Package/ip6tables-mod-extra/description
    449. 

  449. iptables header matching modules for IPv6
    450. 

  450. endef
    451. 

  451. 

  452. define Package/ip6tables-mod-nat
    453. 

  453. $(call Package/iptables/Default)
    454. 

  454.   DEPENDS:=ip6tables +kmod-ipt-nat6
    455. 

  455.   TITLE:=IPv6 NAT extensions
    456. 

  456. endef
    457. 

  457. 

  458. define Package/ip6tables-mod-nat/description
    459. 

  459. iptables extensions for IPv6-NAT targets.
    460. 

  460. endef
    461. 

  461. 

  462. define Package/libiptc
    463. 

  463. $(call Package/iptables/Default)
    464. 

  464.   SECTION:=libs
    465. 

  465.   CATEGORY:=Libraries
    466. 

  466.   DEPENDS:=+libip4tc +libip6tc +libxtables
    467. 

  467.   ABI_VERSION:=$(PKG_VERSION)
    468. 

  468.   TITLE:=IPv4/IPv6 firewall - shared libiptc library (compatibility stub)
    469. 

  469. endef
    470. 

  470. 

  471. define Package/libip4tc
    472. 

  472. $(call Package/iptables/Default)
    473. 

  473.   SECTION:=libs
    474. 

  474.   CATEGORY:=Libraries
    475. 

  475.   TITLE:=IPv4 firewall - shared libiptc library
    476. 

  476.   ABI_VERSION:=$(PKG_VERSION)
    477. 

  477.   DEPENDS:=+libxtables
    478. 

  478. endef
    479. 

  479. 

  480. define Package/libip6tc
    481. 

  481. $(call Package/iptables/Default)
    482. 

  482.   SECTION:=libs
    483. 

  483.   CATEGORY:=Libraries
    484. 

  484.   TITLE:=IPv6 firewall - shared libiptc library
    485. 

  485.   ABI_VERSION:=$(PKG_VERSION)
    486. 

  486.   DEPENDS:=+libxtables
    487. 

  487. endef
    488. 

  488. 

  489. define Package/libxtables
    490. 

  490.  $(call Package/iptables/Default)
    491. 

  491.  SECTION:=libs
    492. 

  492.  CATEGORY:=Libraries
    493. 

  493.  TITLE:=IPv4/IPv6 firewall - shared xtables library
    494. 

  494.  ABI_VERSION:=$(PKG_VERSION)
    495. 

  495.  DEPENDS:= \
    496. 

  496. 	+IPTABLES_CONNLABEL:libnetfilter-conntrack \
    497. 

  497. 	+IPTABLES_NFTABLES:libnftnl
    498. 

  498. endef
    499. 

  499. 

  500. TARGET_CPPFLAGS := \
    501. 

  501. 	-I$(PKG_BUILD_DIR)/include \
    502. 

  502. 	-I$(LINUX_DIR)/user_headers/include \
    503. 

  503. 	$(TARGET_CPPFLAGS)
    504. 

  504. 

  505. TARGET_CFLAGS += \
    506. 

  506. 	-I$(PKG_BUILD_DIR)/include \
    507. 

  507. 	-I$(LINUX_DIR)/user_headers/include \
    508. 

  508. 	-ffunction-sections -fdata-sections \
    509. 

  509. 	-DNO_LEGACY
    510. 

  510. 

  511. TARGET_LDFLAGS += \
    512. 

  512. 	-Wl,--gc-sections
    513. 

  513. 

  514. CONFIGURE_ARGS += \
    515. 

  515. 	--enable-shared \
    516. 

  516. 	--enable-static \
    517. 

  517. 	--enable-devel \
    518. 

  518. 	--with-kernel="$(LINUX_DIR)/user_headers" \
    519. 

  519. 	--with-xtlibdir=/usr/lib/iptables \
    520. 

  520. 	--with-xt-lock-name=/var/run/xtables.lock \
    521. 

  521. 	$(if $(CONFIG_IPTABLES_CONNLABEL),,--disable-connlabel) \
    522. 

  522. 	$(if $(CONFIG_IPTABLES_NFTABLES),,--disable-nftables) \
    523. 

  523. 	$(if $(CONFIG_IPV6),,--disable-ipv6)
    524. 

  524. 

  525. MAKE_FLAGS := \
    526. 

  526. 	$(TARGET_CONFIGURE_OPTS) \
    527. 

  527. 	COPT_FLAGS="$(TARGET_CFLAGS)" \
    528. 

  528. 	KERNEL_DIR="$(LINUX_DIR)/user_headers/" PREFIX=/usr \
    529. 

  529. 	KBUILD_OUTPUT="$(LINUX_DIR)" \
    530. 

  530. 	BUILTIN_MODULES="$(patsubst ip6t_%,%,$(patsubst ipt_%,%,$(patsubst xt_%,%,$(IPT_BUILTIN) $(IPT_CONNTRACK-m) $(IPT_NAT-m))))"
    531. 

  531. 

  532. ifneq ($(wildcard $(PKG_BUILD_DIR)/.config_*),$(subst .configured_,.config_,$(STAMP_CONFIGURED)))
    533. 

  533.   define Build/Configure/rebuild
    534. 

  534. 	$(FIND) $(PKG_BUILD_DIR) -name \*.o -or -name \*.\?o -or -name \*.a | $(XARGS) rm -f
    535. 

  535. 	rm -f $(PKG_BUILD_DIR)/.config_*
    536. 

  536. 	rm -f $(PKG_BUILD_DIR)/.configured_*
    537. 

  537. 	touch $(subst .configured_,.config_,$(STAMP_CONFIGURED))
    538. 

  538.   endef
    539. 

  539. endif
    540. 

  540. 

  541. define Build/Configure
    542. 

  542. $(Build/Configure/rebuild)
    543. 

  543. $(Build/Configure/Default)
    544. 

  544. endef
    545. 

  545. 

  546. define Build/InstallDev
    547. 

  547. 	$(INSTALL_DIR) $(1)/usr/include
    548. 

  548. 	$(INSTALL_DIR) $(1)/usr/include/iptables
    549. 

  549. 	$(INSTALL_DIR) $(1)/usr/include/net/netfilter
    550. 

  550. 

  551. 	# XXX: iptables header fixup, some headers are not installed by iptables anymore
    552. 

  552. 	$(CP) $(PKG_BUILD_DIR)/include/iptables/*.h $(1)/usr/include/iptables/
    553. 

  553. 	$(CP) $(PKG_BUILD_DIR)/include/iptables.h $(1)/usr/include/
    554. 

  554. 	$(CP) $(PKG_BUILD_DIR)/include/ip6tables.h $(1)/usr/include/
    555. 

  555. 	$(CP) $(PKG_BUILD_DIR)/include/libipulog $(1)/usr/include/
    556. 

  556. 	$(CP) $(PKG_BUILD_DIR)/include/libiptc $(1)/usr/include/
    557. 

  557. 

  558. 	$(CP) $(PKG_INSTALL_DIR)/usr/include/* $(1)/usr/include/
    559. 

  559. 	$(INSTALL_DIR) $(1)/usr/lib
    560. 

  560. 	$(CP) $(PKG_INSTALL_DIR)/usr/lib/libxtables.so* $(1)/usr/lib/
    561. 

  561. 	$(CP) $(PKG_INSTALL_DIR)/usr/lib/libip*tc.so* $(1)/usr/lib/
    562. 

  562. 	$(INSTALL_DIR) $(1)/usr/lib/pkgconfig
    563. 

  563. 	$(CP) $(PKG_INSTALL_DIR)/usr/lib/pkgconfig/xtables.pc $(1)/usr/lib/pkgconfig/
    564. 

  564. 	$(CP) $(PKG_INSTALL_DIR)/usr/lib/pkgconfig/libip*tc.pc $(1)/usr/lib/pkgconfig/
    565. 

  565. 

  566. 	# XXX: needed by firewall3
    567. 

  567. 	$(CP) $(PKG_BUILD_DIR)/extensions/libiptext*.so $(1)/usr/lib/
    568. 

  568. endef
    569. 

  569. 

  570. define Package/iptables/install
    571. 

  571. 	$(INSTALL_DIR) $(1)/usr/sbin
    572. 

  572. 	$(CP) $(PKG_INSTALL_DIR)/usr/sbin/xtables-multi $(1)/usr/sbin/
    573. 

  573. 	$(CP) $(PKG_INSTALL_DIR)/usr/sbin/iptables{,-restore,-save} $(1)/usr/sbin/
    574. 

  574. 	$(INSTALL_DIR) $(1)/usr/lib/iptables
    575. 

  575. endef
    576. 

  576. 

  577. define Package/ip6tables/install
    578. 

  578. 	$(INSTALL_DIR) $(1)/usr/sbin
    579. 

  579. 	$(CP) $(PKG_INSTALL_DIR)/usr/sbin/ip6tables{,-restore,-save} $(1)/usr/sbin/
    580. 

  580. endef
    581. 

  581. 

  582. define Package/libiptc/install
    583. 

  583. 	$(INSTALL_DIR) $(1)/usr/lib
    584. 

  584. 	$(CP) $(PKG_INSTALL_DIR)/usr/lib/libiptc.so* $(1)/usr/lib/
    585. 

  585. endef
    586. 

  586. 

  587. define Package/libip4tc/install
    588. 

  588. 	$(INSTALL_DIR) $(1)/usr/lib
    589. 

  589. 	$(CP) $(PKG_INSTALL_DIR)/usr/lib/libip4tc.so* $(1)/usr/lib/
    590. 

  590. 	$(CP) $(PKG_BUILD_DIR)/extensions/libiptext4.so $(1)/usr/lib/
    591. 

  591. endef
    592. 

  592. 

  593. define Package/libip6tc/install
    594. 

  594. 	$(INSTALL_DIR) $(1)/usr/lib
    595. 

  595. 	$(CP) $(PKG_INSTALL_DIR)/usr/lib/libip6tc.so* $(1)/usr/lib/
    596. 

  596. 	$(CP) $(PKG_BUILD_DIR)/extensions/libiptext6.so $(1)/usr/lib/
    597. 

  597. endef
    598. 

  598. 

  599. define Package/libxtables/install
    600. 

  600. 	$(INSTALL_DIR) $(1)/usr/lib
    601. 

  601. 	$(CP) $(PKG_INSTALL_DIR)/usr/lib/libxtables.so* $(1)/usr/lib/
    602. 

  602. 	$(CP) $(PKG_BUILD_DIR)/extensions/libiptext.so $(1)/usr/lib/
    603. 

  603. endef
    604. 

  604. 

  605. define BuildPlugin
    606. 

  606.   define Package/$(1)/install
    607. 

  607. 	$(INSTALL_DIR) $$(1)/usr/lib/iptables
    608. 

  608. 	for m in $(patsubst xt_%,ipt_%,$(2)) $(patsubst ipt_%,xt_%,$(2)) $(patsubst xt_%,ip6t_%,$(2)) $(patsubst ip6t_%,xt_%,$(2)); do \
    609. 

  609. 		if [ -f $(PKG_INSTALL_DIR)/usr/lib/iptables/lib$$$$$$$${m}.so ]; then \
    610. 

  610. 			$(CP) $(PKG_INSTALL_DIR)/usr/lib/iptables/lib$$$$$$$${m}.so $$(1)/usr/lib/iptables/ ; \
    611. 

  611. 		fi; \
    612. 

  612. 	done
    613. 

  613. 	$(3)
    614. 

  614.   endef
    615. 

  615. 

  616.   $$(eval $$(call BuildPackage,$(1)))
    617. 

  617. endef
    618. 

  618. 

  619. $(eval $(call BuildPackage,iptables))
    620. 

  620. $(eval $(call BuildPlugin,iptables-mod-conntrack-extra,$(IPT_CONNTRACK_EXTRA-m)))
    621. 

  621. $(eval $(call BuildPlugin,iptables-mod-conntrack-label,$(IPT_CONNTRACK_LABEL-m)))
    622. 

  622. $(eval $(call BuildPlugin,iptables-mod-extra,$(IPT_EXTRA-m)))
    623. 

  623. $(eval $(call BuildPlugin,iptables-mod-physdev,$(IPT_PHYSDEV-m)))
    624. 

  624. $(eval $(call BuildPlugin,iptables-mod-filter,$(IPT_FILTER-m)))
    625. 

  625. $(eval $(call BuildPlugin,iptables-mod-ipopt,$(IPT_IPOPT-m)))
    626. 

  626. $(eval $(call BuildPlugin,iptables-mod-ipsec,$(IPT_IPSEC-m)))
    627. 

  627. $(eval $(call BuildPlugin,iptables-mod-nat-extra,$(IPT_NAT_EXTRA-m)))
    628. 

  628. $(eval $(call BuildPlugin,iptables-mod-iprange,$(IPT_IPRANGE-m)))
    629. 

  629. $(eval $(call BuildPlugin,iptables-mod-cluster,$(IPT_CLUSTER-m)))
    630. 

  630. $(eval $(call BuildPlugin,iptables-mod-clusterip,$(IPT_CLUSTERIP-m)))
    631. 

  631. $(eval $(call BuildPlugin,iptables-mod-ulog,$(IPT_ULOG-m)))
    632. 

  632. $(eval $(call BuildPlugin,iptables-mod-hashlimit,$(IPT_HASHLIMIT-m)))
    633. 

  633. $(eval $(call BuildPlugin,iptables-mod-rpfilter,$(IPT_RPFILTER-m)))
    634. 

  634. $(eval $(call BuildPlugin,iptables-mod-led,$(IPT_LED-m)))
    635. 

  635. $(eval $(call BuildPlugin,iptables-mod-tproxy,$(IPT_TPROXY-m)))
    636. 

  636. $(eval $(call BuildPlugin,iptables-mod-tee,$(IPT_TEE-m)))
    637. 

  637. $(eval $(call BuildPlugin,iptables-mod-u32,$(IPT_U32-m)))
    638. 

  638. $(eval $(call BuildPlugin,iptables-mod-nflog,$(IPT_NFLOG-m)))
    639. 

  639. $(eval $(call BuildPlugin,iptables-mod-trace,$(IPT_DEBUG-m)))
    640. 

  640. $(eval $(call BuildPlugin,iptables-mod-nfqueue,$(IPT_NFQUEUE-m)))
    641. 

  641. $(eval $(call BuildPlugin,iptables-mod-checksum,$(IPT_CHECKSUM-m)))
    642. 

  642. $(eval $(call BuildPackage,ip6tables))
    643. 

  643. $(eval $(call BuildPlugin,ip6tables-extra,$(IPT_IPV6_EXTRA-m)))
    644. 

  644. $(eval $(call BuildPlugin,ip6tables-mod-nat,$(IPT_NAT6-m)))
    645. 

  645. $(eval $(call BuildPackage,libiptc))
    646. 

  646. $(eval $(call BuildPackage,libip4tc))
    647. 

  647. $(eval $(call BuildPackage,libip6tc))
    648. 

  648. $(eval $(call BuildPackage,libxtables))
    649.