Home Explore Help
Register Sign In
wareck
/
openwrt-archive
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 2f76d8f3a7
Branches Tags
openwrt-archive
/
package
/
network
/
utils
/
iptables
/
Makefile

Makefile 14 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568 
  1. #
    2. 

  2. # Copyright (C) 2006-2016 OpenWrt.org
    3. 

  3. #
    4. 

  4. # This is free software, licensed under the GNU General Public License v2.
    5. 

  5. # See /LICENSE for more information.
    6. 

  6. #
    7. 

  7. 

  8. include $(TOPDIR)/rules.mk
    9. 

  9. include $(INCLUDE_DIR)/kernel.mk
    10. 

  10. 

  11. PKG_NAME:=iptables
    12. 

  12. PKG_VERSION:=1.4.21
    13. 

  13. PKG_RELEASE:=2
    14. 

  14. 

  15. PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
    16. 

  16. PKG_SOURCE_URL:=http://www.netfilter.org/projects/iptables/files \
    17. 

  17. 	ftp://ftp.be.netfilter.org/pub/netfilter/iptables/ \
    18. 

  18. 	ftp://ftp.de.netfilter.org/pub/netfilter/iptables/ \
    19. 

  19. 	ftp://ftp.no.netfilter.org/pub/netfilter/iptables/
    20. 

  20. PKG_MD5SUM:=536d048c8e8eeebcd9757d0863ebb0c0
    21. 

  21. 

  22. PKG_FIXUP:=autoreconf
    23. 

  23. PKG_INSTALL:=1
    24. 

  24. PKG_BUILD_PARALLEL:=1
    25. 

  25. PKG_LICENSE:=GPL-2.0
    26. 

  26. 

  27. include $(INCLUDE_DIR)/package.mk
    28. 

  28. ifeq ($(DUMP),)
    29. 

  29.   -include $(LINUX_DIR)/.config
    30. 

  30.   include $(INCLUDE_DIR)/netfilter.mk
    31. 

  31.   STAMP_CONFIGURED:=$(strip $(STAMP_CONFIGURED))_$(shell $(SH_FUNC) grep 'NETFILTER' $(LINUX_DIR)/.config | md5s)
    32. 

  32. endif
    33. 

  33. 

  34. 

  35. define Package/iptables/Default
    36. 

  36.   SECTION:=net
    37. 

  37.   CATEGORY:=Network
    38. 

  38.   SUBMENU:=Firewall
    39. 

  39.   URL:=http://netfilter.org/
    40. 

  40. endef
    41. 

  41. 

  42. define Package/iptables/Module
    43. 

  43. $(call Package/iptables/Default)
    44. 

  44.   DEPENDS:=iptables $(1)
    45. 

  45. endef
    46. 

  46. 

  47. define Package/iptables
    48. 

  48. $(call Package/iptables/Default)
    49. 

  49.   TITLE:=IP firewall administration tool
    50. 

  50.   MENU:=1
    51. 

  51.   DEPENDS+= +kmod-ipt-core +libip4tc +IPV6:libip6tc +libxtables
    52. 

  52. endef
    53. 

  53. 

  54. define Package/iptables/description
    55. 

  55. IP firewall administration tool.
    56. 

  56. 

  57.  Matches:
    58. 

  58.   - icmp
    59. 

  59.   - tcp
    60. 

  60.   - udp
    61. 

  61.   - comment
    62. 

  62.   - conntrack
    63. 

  63.   - limit
    64. 

  64.   - mac
    65. 

  65.   - mark
    66. 

  66.   - multiport
    67. 

  67.   - set
    68. 

  68.   - state
    69. 

  69.   - time
    70. 

  70. 

  71.  Targets:
    72. 

  72.   - ACCEPT
    73. 

  73.   - CT
    74. 

  74.   - DNAT
    75. 

  75.   - DROP
    76. 

  76.   - REJECT
    77. 

  77.   - LOG
    78. 

  78.   - MARK
    79. 

  79.   - MASQUERADE
    80. 

  80.   - REDIRECT
    81. 

  81.   - SET
    82. 

  82.   - SNAT
    83. 

  83.   - TCPMSS
    84. 

  84. 

  85.  Tables:
    86. 

  86.   - filter
    87. 

  87.   - mangle
    88. 

  88.   - nat
    89. 

  89.   - raw
    90. 

  90. 

  91. endef
    92. 

  92. 

  93. define Package/iptables-mod-conntrack-extra
    94. 

  94. $(call Package/iptables/Module, +kmod-ipt-conntrack-extra)
    95. 

  95.   TITLE:=Extra connection tracking extensions
    96. 

  96. endef
    97. 

  97. 

  98. define Package/iptables-mod-conntrack-extra/description
    99. 

  99. Extra iptables extensions for connection tracking.
    100. 

  100. 

  101.  Matches:
    102. 

  102.   - connbytes
    103. 

  103.   - connlimit
    104. 

  104.   - connmark
    105. 

  105.   - recent
    106. 

  106.   - helper
    107. 

  107. 

  108.  Targets:
    109. 

  109.   - CONNMARK
    110. 

  110. 

  111. endef
    112. 

  112. 

  113. define Package/iptables-mod-filter
    114. 

  114. $(call Package/iptables/Module, +kmod-ipt-filter)
    115. 

  115.   TITLE:=Content inspection extensions
    116. 

  116. endef
    117. 

  117. 

  118. define Package/iptables-mod-filter/description
    119. 

  119. iptables extensions for packet content inspection.
    120. 

  120. Includes support for:
    121. 

  121. 

  122.  Matches:
    123. 

  123.   - string
    124. 

  124. 

  125. endef
    126. 

  126. 

  127. define Package/iptables-mod-ipopt
    128. 

  128. $(call Package/iptables/Module, +kmod-ipt-ipopt)
    129. 

  129.   TITLE:=IP/Packet option extensions
    130. 

  130. endef
    131. 

  131. 

  132. define Package/iptables-mod-ipopt/description
    133. 

  133. iptables extensions for matching/changing IP packet options.
    134. 

  134. 

  135.  Matches:
    136. 

  136.   - dscp
    137. 

  137.   - ecn
    138. 

  138.   - length
    139. 

  139.   - statistic
    140. 

  140.   - tcpmss
    141. 

  141.   - unclean
    142. 

  142.   - hl
    143. 

  143. 

  144.  Targets:
    145. 

  145.   - DSCP
    146. 

  146.   - CLASSIFY
    147. 

  147.   - ECN
    148. 

  148.   - HL
    149. 

  149. 

  150. endef
    151. 

  151. 

  152. define Package/iptables-mod-ipsec
    153. 

  153. $(call Package/iptables/Module, +kmod-ipt-ipsec)
    154. 

  154.   TITLE:=IPsec extensions
    155. 

  155. endef
    156. 

  156. 

  157. define Package/iptables-mod-ipsec/description
    158. 

  158. iptables extensions for matching ipsec traffic.
    159. 

  159. 

  160.  Matches:
    161. 

  161.   - ah
    162. 

  162.   - esp
    163. 

  163.   - policy
    164. 

  164. 

  165. endef
    166. 

  166. 

  167. define Package/iptables-mod-nat-extra
    168. 

  168. $(call Package/iptables/Module, +kmod-ipt-nat-extra)
    169. 

  169.   TITLE:=Extra NAT extensions
    170. 

  170. endef
    171. 

  171. 

  172. define Package/iptables-mod-nat-extra/description
    173. 

  173. iptables extensions for extra NAT targets.
    174. 

  174. 

  175.  Targets:
    176. 

  176.   - MIRROR
    177. 

  177.   - NETMAP
    178. 

  178. endef
    179. 

  179. 

  180. define Package/iptables-mod-ulog
    181. 

  181. $(call Package/iptables/Module, +kmod-ipt-ulog)
    182. 

  182.   TITLE:=user-space packet logging
    183. 

  183. endef
    184. 

  184. 

  185. define Package/iptables-mod-ulog/description
    186. 

  186. iptables extensions for user-space packet logging.
    187. 

  187. 

  188.  Targets:
    189. 

  189.   - ULOG
    190. 

  190. 

  191. endef
    192. 

  192. 

  193. define Package/iptables-mod-nflog
    194. 

  194. $(call Package/iptables/Module, +kmod-nfnetlink-log +kmod-ipt-nflog)
    195. 

  195.   TITLE:=Netfilter NFLOG target
    196. 

  196. endef
    197. 

  197. 

  198. define Package/iptables-mod-nflog/description
    199. 

  199.  iptables extension for user-space logging via NFNETLINK.
    200. 

  200. 

  201.  Includes:
    202. 

  202.   - libxt_NFLOG
    203. 

  203. 

  204. endef
    205. 

  205. 

  206. define Package/iptables-mod-nfqueue
    207. 

  207. $(call Package/iptables/Module, +kmod-nfnetlink-queue +kmod-ipt-nfqueue)
    208. 

  208.   TITLE:=Netfilter NFQUEUE target
    209. 

  209. endef
    210. 

  210. 

  211. define Package/iptables-mod-nfqueue/description
    212. 

  212.  iptables extension for user-space queuing via NFNETLINK.
    213. 

  213. 

  214.  Includes:
    215. 

  215.   - libxt_NFQUEUE
    216. 

  216. 

  217. endef
    218. 

  218. 

  219. define Package/iptables-mod-hashlimit
    220. 

  220. $(call Package/iptables/Module, +kmod-ipt-hashlimit)
    221. 

  221.   TITLE:=hashlimit matching
    222. 

  222. endef
    223. 

  223. 

  224. define Package/iptables-mod-hashlimit/description
    225. 

  225. iptables extensions for hashlimit matching
    226. 

  226. 

  227.  Matches:
    228. 

  228.   - hashlimit
    229. 

  229. 

  230. endef
    231. 

  231. 

  232. define Package/iptables-mod-iprange
    233. 

  233. $(call Package/iptables/Module, +kmod-ipt-iprange)
    234. 

  234.   TITLE:=IP range extension
    235. 

  235. endef
    236. 

  236. 

  237. define Package/iptables-mod-iprange/description
    238. 

  238. iptables extensions for matching ip ranges.
    239. 

  239. 

  240.  Matches:
    241. 

  241.   - iprange
    242. 

  242. 

  243. endef
    244. 

  244. 

  245. define Package/iptables-mod-cluster
    246. 

  246. $(call Package/iptables/Module, +kmod-ipt-cluster)
    247. 

  247.   TITLE:=Match cluster extension
    248. 

  248. endef
    249. 

  249. 

  250. define Package/iptables-mod-cluster/description
    251. 

  251. iptables extensions for matching cluster.
    252. 

  252. 

  253.  Netfilter (IPv4/IPv6) module for matching cluster
    254. 

  254.  This option allows you to build work-load-sharing clusters of
    255. 

  255.  network servers/stateful firewalls without having a dedicated
    256. 

  256.  load-balancing router/server/switch. Basically, this match returns
    257. 

  257.  true when the packet must be handled by this cluster node. Thus,
    258. 

  258.  all nodes see all packets and this match decides which node handles
    259. 

  259.  what packets. The work-load sharing algorithm is based on source
    260. 

  260.  address hashing.
    261. 

  261. 

  262.  This module is usable for ipv4 and ipv6.
    263. 

  263. 

  264.  If you select it, it enables kmod-ipt-cluster.
    265. 

  265. 

  266.  see `iptables -m cluster --help` for more information.
    267. 

  267. endef
    268. 

  268. 

  269. define Package/iptables-mod-clusterip
    270. 

  270. $(call Package/iptables/Module, +kmod-ipt-clusterip)
    271. 

  271.   TITLE:=Clusterip extension
    272. 

  272. endef
    273. 

  273. 

  274. define Package/iptables-mod-clusterip/description
    275. 

  275. iptables extensions for CLUSTERIP.
    276. 

  276.  The CLUSTERIP target allows you to build load-balancing clusters of
    277. 

  277.  network servers without having a dedicated load-balancing
    278. 

  278.  router/server/switch.
    279. 

  279. 

  280.  If you select it, it enables kmod-ipt-clusterip.
    281. 

  281. 

  282.  see `iptables -j CLUSTERIP --help` for more information.
    283. 

  283. endef
    284. 

  284. 

  285. define Package/iptables-mod-extra
    286. 

  286. $(call Package/iptables/Module, +kmod-ipt-extra)
    287. 

  287.   TITLE:=Other extra iptables extensions
    288. 

  288. endef
    289. 

  289. 

  290. define Package/iptables-mod-extra/description
    291. 

  291. Other extra iptables extensions.
    292. 

  292. 

  293.  Matches:
    294. 

  294.   - addrtype
    295. 

  295.   - condition
    296. 

  296.   - owner
    297. 

  297.   - physdev (if ebtables is enabled)
    298. 

  298.   - pkttype
    299. 

  299.   - quota
    300. 

  300. 

  301. endef
    302. 

  302. 

  303. define Package/iptables-mod-led
    304. 

  304. $(call Package/iptables/Module, +kmod-ipt-led)
    305. 

  305.   TITLE:=LED trigger iptables extension
    306. 

  306. endef
    307. 

  307. 

  308. define Package/iptables-mod-led/description
    309. 

  309. iptables extension for triggering a LED.
    310. 

  310. 

  311.  Targets:
    312. 

  312.   - LED
    313. 

  313. 

  314. endef
    315. 

  315. 

  316. define Package/iptables-mod-tproxy
    317. 

  317. $(call Package/iptables/Module, +kmod-ipt-tproxy)
    318. 

  318.   TITLE:=Transparent proxy iptables extensions
    319. 

  319. endef
    320. 

  320. 

  321. define Package/iptables-mod-tproxy/description
    322. 

  322. Transparent proxy iptables extensions.
    323. 

  323. 

  324.  Matches:
    325. 

  325.   - socket
    326. 

  326. 

  327.  Targets:
    328. 

  328.   - TPROXY
    329. 

  329. 

  330. endef
    331. 

  331. 

  332. define Package/iptables-mod-tee
    333. 

  333. $(call Package/iptables/Module, +kmod-ipt-tee)
    334. 

  334.   TITLE:=TEE iptables extensions
    335. 

  335. endef
    336. 

  336. 

  337. define Package/iptables-mod-tee/description
    338. 

  338. TEE iptables extensions.
    339. 

  339. 

  340.  Targets:
    341. 

  341.   - TEE
    342. 

  342. 

  343. endef
    344. 

  344. 

  345. define Package/iptables-mod-u32
    346. 

  346. $(call Package/iptables/Module, +kmod-ipt-u32)
    347. 

  347.   TITLE:=U32 iptables extensions
    348. 

  348. endef
    349. 

  349. 

  350. define Package/iptables-mod-u32/description
    351. 

  351. U32 iptables extensions.
    352. 

  352. 

  353.  Matches:
    354. 

  354.   - u32
    355. 

  355. 

  356. endef
    357. 

  357. 

  358. define Package/iptables-mod-checksum
    359. 

  359. $(call Package/iptables/Module, +kmod-ipt-checksum)
    360. 

  360.   TITLE:=IP CHECKSUM target extension
    361. 

  361. endef
    362. 

  362. 

  363. define Package/iptables-mod-checksum/description
    364. 

  364. iptables extension for the CHECKSUM calculation target
    365. 

  365. endef
    366. 

  366. 

  367. define Package/ip6tables
    368. 

  368. $(call Package/iptables/Default)
    369. 

  369.   DEPENDS:=@IPV6 +kmod-ip6tables +iptables
    370. 

  370.   CATEGORY:=Network
    371. 

  371.   TITLE:=IPv6 firewall administration tool
    372. 

  372.   MENU:=1
    373. 

  373. endef
    374. 

  374. 

  375. 

  376. define Package/ip6tables-extra
    377. 

  377. $(call Package/iptables/Default)
    378. 

  378.   DEPENDS:=ip6tables +kmod-ip6tables-extra
    379. 

  379.   TITLE:=IPv6 header matching modules
    380. 

  380. endef
    381. 

  381. 

  382. define Package/ip6tables-mod-extra/description
    383. 

  383. iptables header matching modules for IPv6
    384. 

  384. endef
    385. 

  385. 

  386. define Package/ip6tables-mod-nat
    387. 

  387. $(call Package/iptables/Default)
    388. 

  388.   DEPENDS:=ip6tables +kmod-ipt-nat6
    389. 

  389.   TITLE:=IPv6 NAT extensions
    390. 

  390. endef
    391. 

  391. 

  392. define Package/ip6tables-mod-nat/description
    393. 

  393. iptables extensions for IPv6-NAT targets.
    394. 

  394. endef
    395. 

  395. 

  396. define Package/libiptc
    397. 

  397. $(call Package/iptables/Default)
    398. 

  398.   SECTION:=libs
    399. 

  399.   CATEGORY:=Libraries
    400. 

  400.   DEPENDS:=+libip4tc +libip6tc +libxtables
    401. 

  401.   TITLE:=IPv4/IPv6 firewall - shared libiptc library (compatibility stub)
    402. 

  402. endef
    403. 

  403. 

  404. define Package/libip4tc
    405. 

  405. $(call Package/iptables/Default)
    406. 

  406.   SECTION:=libs
    407. 

  407.   CATEGORY:=Libraries
    408. 

  408.   TITLE:=IPv4 firewall - shared libiptc library
    409. 

  409.   DEPENDS:=+libxtables
    410. 

  410. endef
    411. 

  411. 

  412. define Package/libip6tc
    413. 

  413. $(call Package/iptables/Default)
    414. 

  414.   SECTION:=libs
    415. 

  415.   CATEGORY:=Libraries
    416. 

  416.   TITLE:=IPv6 firewall - shared libiptc library
    417. 

  417.   DEPENDS:=+libxtables
    418. 

  418. endef
    419. 

  419. 

  420. define Package/libxtables
    421. 

  421.  $(call Package/iptables/Default)
    422. 

  422.  SECTION:=libs
    423. 

  423.  CATEGORY:=Libraries
    424. 

  424.  TITLE:=IPv4/IPv6 firewall - shared xtables library
    425. 

  425. endef
    426. 

  426. 

  427. TARGET_CPPFLAGS := \
    428. 

  428. 	-I$(PKG_BUILD_DIR)/include \
    429. 

  429. 	-I$(LINUX_DIR)/user_headers/include \
    430. 

  430. 	$(TARGET_CPPFLAGS)
    431. 

  431. 

  432. TARGET_CFLAGS += \
    433. 

  433. 	-I$(PKG_BUILD_DIR)/include \
    434. 

  434. 	-I$(LINUX_DIR)/user_headers/include \
    435. 

  435. 	-ffunction-sections -fdata-sections \
    436. 

  436. 	-DNO_LEGACY
    437. 

  437. 

  438. TARGET_LDFLAGS += \
    439. 

  439. 	-Wl,--gc-sections
    440. 

  440. 

  441. CONFIGURE_ARGS += \
    442. 

  442. 	--enable-shared \
    443. 

  443. 	--enable-devel \
    444. 

  444. 	--with-kernel="$(LINUX_DIR)/user_headers" \
    445. 

  445. 	--with-xtlibdir=/usr/lib/iptables \
    446. 

  446. 	--enable-static \
    447. 

  447. 	$(if $(CONFIG_IPV6),,--disable-ipv6)
    448. 

  448. 

  449. MAKE_FLAGS := \
    450. 

  450. 	$(TARGET_CONFIGURE_OPTS) \
    451. 

  451. 	COPT_FLAGS="$(TARGET_CFLAGS)" \
    452. 

  452. 	KERNEL_DIR="$(LINUX_DIR)/user_headers/" PREFIX=/usr \
    453. 

  453. 	KBUILD_OUTPUT="$(LINUX_DIR)" \
    454. 

  454. 	BUILTIN_MODULES="$(patsubst ip6t_%,%,$(patsubst ipt_%,%,$(patsubst xt_%,%,$(IPT_BUILTIN) $(IPT_CONNTRACK-m) $(IPT_NAT-m))))"
    455. 

  455. 

  456. ifneq ($(wildcard $(PKG_BUILD_DIR)/.config_*),$(subst .configured_,.config_,$(STAMP_CONFIGURED)))
    457. 

  457.   define Build/Configure/rebuild
    458. 

  458. 	$(FIND) $(PKG_BUILD_DIR) -name \*.o -or -name \*.\?o -or -name \*.a | $(XARGS) rm -f
    459. 

  459. 	rm -f $(PKG_BUILD_DIR)/.config_*
    460. 

  460. 	rm -f $(PKG_BUILD_DIR)/.configured_*
    461. 

  461. 	touch $(subst .configured_,.config_,$(STAMP_CONFIGURED))
    462. 

  462.   endef
    463. 

  463. endif
    464. 

  464. 

  465. define Build/Configure
    466. 

  466. $(Build/Configure/rebuild)
    467. 

  467. $(Build/Configure/Default)
    468. 

  468. endef
    469. 

  469. 

  470. define Build/InstallDev
    471. 

  471. 	$(INSTALL_DIR) $(1)/usr/include
    472. 

  472. 	$(INSTALL_DIR) $(1)/usr/include/iptables
    473. 

  473. 	$(INSTALL_DIR) $(1)/usr/include/net/netfilter
    474. 

  474. 

  475. 	# XXX: iptables header fixup, some headers are not installed by iptables anymore
    476. 

  476. 	$(CP) $(PKG_BUILD_DIR)/include/iptables/*.h $(1)/usr/include/iptables/
    477. 

  477. 	$(CP) $(PKG_BUILD_DIR)/include/iptables.h $(1)/usr/include/
    478. 

  478. 	$(CP) $(PKG_BUILD_DIR)/include/ip6tables.h $(1)/usr/include/
    479. 

  479. 	$(CP) $(PKG_BUILD_DIR)/include/libipulog $(1)/usr/include/
    480. 

  480. 	$(CP) $(PKG_BUILD_DIR)/include/libiptc $(1)/usr/include/
    481. 

  481. 

  482. 	$(CP) $(PKG_INSTALL_DIR)/usr/include/* $(1)/usr/include/
    483. 

  483. 	$(INSTALL_DIR) $(1)/usr/lib
    484. 

  484. 	$(CP) $(PKG_INSTALL_DIR)/usr/lib/libxtables.so* $(1)/usr/lib/
    485. 

  485. 	$(CP) $(PKG_INSTALL_DIR)/usr/lib/libip*tc.so* $(1)/usr/lib/
    486. 

  486. 	$(INSTALL_DIR) $(1)/usr/lib/pkgconfig
    487. 

  487. 	$(CP) $(PKG_INSTALL_DIR)/usr/lib/pkgconfig/xtables.pc $(1)/usr/lib/pkgconfig/
    488. 

  488. 	$(CP) $(PKG_INSTALL_DIR)/usr/lib/pkgconfig/libip*tc.pc $(1)/usr/lib/pkgconfig/
    489. 

  489. 

  490. 	# XXX: needed by firewall3
    491. 

  491. 	$(CP) $(PKG_BUILD_DIR)/extensions/libiptext*.so $(1)/usr/lib/
    492. 

  492. endef
    493. 

  493. 

  494. define Package/iptables/install
    495. 

  495. 	$(INSTALL_DIR) $(1)/usr/sbin
    496. 

  496. 	$(CP) $(PKG_INSTALL_DIR)/usr/sbin/xtables-multi $(1)/usr/sbin/
    497. 

  497. 	$(CP) $(PKG_INSTALL_DIR)/usr/sbin/iptables{,-restore,-save} $(1)/usr/sbin/
    498. 

  498. 	$(INSTALL_DIR) $(1)/usr/lib/iptables
    499. 

  499. endef
    500. 

  500. 

  501. define Package/ip6tables/install
    502. 

  502. 	$(INSTALL_DIR) $(1)/usr/sbin
    503. 

  503. 	$(CP) $(PKG_INSTALL_DIR)/usr/sbin/ip6tables{,-restore,-save} $(1)/usr/sbin/
    504. 

  504. endef
    505. 

  505. 

  506. define Package/libiptc/install
    507. 

  507. 	$(INSTALL_DIR) $(1)/usr/lib
    508. 

  508. 	$(CP) $(PKG_INSTALL_DIR)/usr/lib/libiptc.so* $(1)/usr/lib/
    509. 

  509. endef
    510. 

  510. 

  511. define Package/libip4tc/install
    512. 

  512. 	$(INSTALL_DIR) $(1)/usr/lib
    513. 

  513. 	$(CP) $(PKG_INSTALL_DIR)/usr/lib/libip4tc.so* $(1)/usr/lib/
    514. 

  514. 	$(CP) $(PKG_BUILD_DIR)/extensions/libiptext4.so $(1)/usr/lib/
    515. 

  515. endef
    516. 

  516. 

  517. define Package/libip6tc/install
    518. 

  518. 	$(INSTALL_DIR) $(1)/usr/lib
    519. 

  519. 	$(CP) $(PKG_INSTALL_DIR)/usr/lib/libip6tc.so* $(1)/usr/lib/
    520. 

  520. 	$(CP) $(PKG_BUILD_DIR)/extensions/libiptext6.so $(1)/usr/lib/
    521. 

  521. endef
    522. 

  522. 

  523. define Package/libxtables/install
    524. 

  524. 	$(INSTALL_DIR) $(1)/usr/lib
    525. 

  525. 	$(CP) $(PKG_INSTALL_DIR)/usr/lib/libxtables.so* $(1)/usr/lib/
    526. 

  526. 	$(CP) $(PKG_BUILD_DIR)/extensions/libiptext.so $(1)/usr/lib/
    527. 

  527. endef
    528. 

  528. 

  529. define BuildPlugin
    530. 

  530.   define Package/$(1)/install
    531. 

  531. 	$(INSTALL_DIR) $$(1)/usr/lib/iptables
    532. 

  532. 	for m in $(patsubst xt_%,ipt_%,$(2)) $(patsubst ipt_%,xt_%,$(2)) $(patsubst xt_%,ip6t_%,$(2)) $(patsubst ip6t_%,xt_%,$(2)); do \
    533. 

  533. 		if [ -f $(PKG_INSTALL_DIR)/usr/lib/iptables/lib$$$$$$$${m}.so ]; then \
    534. 

  534. 			$(CP) $(PKG_INSTALL_DIR)/usr/lib/iptables/lib$$$$$$$${m}.so $$(1)/usr/lib/iptables/ ; \
    535. 

  535. 		fi; \
    536. 

  536. 	done
    537. 

  537. 	$(3)
    538. 

  538.   endef
    539. 

  539. 

  540.   $$(eval $$(call BuildPackage,$(1)))
    541. 

  541. endef
    542. 

  542. 

  543. $(eval $(call BuildPackage,iptables))
    544. 

  544. $(eval $(call BuildPlugin,iptables-mod-conntrack-extra,$(IPT_CONNTRACK_EXTRA-m)))
    545. 

  545. $(eval $(call BuildPlugin,iptables-mod-extra,$(IPT_EXTRA-m)))
    546. 

  546. $(eval $(call BuildPlugin,iptables-mod-filter,$(IPT_FILTER-m)))
    547. 

  547. $(eval $(call BuildPlugin,iptables-mod-ipopt,$(IPT_IPOPT-m)))
    548. 

  548. $(eval $(call BuildPlugin,iptables-mod-ipsec,$(IPT_IPSEC-m)))
    549. 

  549. $(eval $(call BuildPlugin,iptables-mod-nat-extra,$(IPT_NAT_EXTRA-m)))
    550. 

  550. $(eval $(call BuildPlugin,iptables-mod-iprange,$(IPT_IPRANGE-m)))
    551. 

  551. $(eval $(call BuildPlugin,iptables-mod-cluster,$(IPT_CLUSTER-m)))
    552. 

  552. $(eval $(call BuildPlugin,iptables-mod-clusterip,$(IPT_CLUSTERIP-m)))
    553. 

  553. $(eval $(call BuildPlugin,iptables-mod-ulog,$(IPT_ULOG-m)))
    554. 

  554. $(eval $(call BuildPlugin,iptables-mod-hashlimit,$(IPT_HASHLIMIT-m)))
    555. 

  555. $(eval $(call BuildPlugin,iptables-mod-led,$(IPT_LED-m)))
    556. 

  556. $(eval $(call BuildPlugin,iptables-mod-tproxy,$(IPT_TPROXY-m)))
    557. 

  557. $(eval $(call BuildPlugin,iptables-mod-tee,$(IPT_TEE-m)))
    558. 

  558. $(eval $(call BuildPlugin,iptables-mod-u32,$(IPT_U32-m)))
    559. 

  559. $(eval $(call BuildPlugin,iptables-mod-nflog,$(IPT_NFLOG-m)))
    560. 

  560. $(eval $(call BuildPlugin,iptables-mod-nfqueue,$(IPT_NFQUEUE-m)))
    561. 

  561. $(eval $(call BuildPlugin,iptables-mod-checksum,$(IPT_CHECKSUM-m)))
    562. 

  562. $(eval $(call BuildPackage,ip6tables))
    563. 

  563. $(eval $(call BuildPlugin,ip6tables-extra,$(IPT_IPV6_EXTRA-m)))
    564. 

  564. $(eval $(call BuildPlugin,ip6tables-mod-nat,$(IPT_NAT6-m)))
    565. 

  565. $(eval $(call BuildPackage,libiptc))
    566. 

  566. $(eval $(call BuildPackage,libip4tc))
    567. 

  567. $(eval $(call BuildPackage,libip6tc))
    568. 

  568. $(eval $(call BuildPackage,libxtables))
    569.