Home Explore Help
Register Sign In
wareck
/
openwrt_lede
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 488fc98adf
Branches Tags
openwrt_lede
/
package
/
network
/
utils
/
iptables
/
Makefile

Makefile 14 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587 
  1. #
    2. 

  2. # Copyright (C) 2006-2016 OpenWrt.org
    3. 

  3. #
    4. 

  4. # This is free software, licensed under the GNU General Public License v2.
    5. 

  5. # See /LICENSE for more information.
    6. 

  6. #
    7. 

  7. 

  8. include $(TOPDIR)/rules.mk
    9. 

  9. include $(INCLUDE_DIR)/kernel.mk
    10. 

  10. 

  11. PKG_NAME:=iptables
    12. 

  12. PKG_VERSION:=1.4.21
    13. 

  13. PKG_RELEASE:=3
    14. 

  14. 

  15. PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
    16. 

  16. PKG_SOURCE_URL:=http://www.netfilter.org/projects/iptables/files \
    17. 

  17. 	ftp://ftp.be.netfilter.org/pub/netfilter/iptables/ \
    18. 

  18. 	ftp://ftp.de.netfilter.org/pub/netfilter/iptables/ \
    19. 

  19. 	ftp://ftp.no.netfilter.org/pub/netfilter/iptables/
    20. 

  20. PKG_HASH:=52004c68021da9a599feed27f65defcfb22128f7da2c0531c0f75de0f479d3e0
    21. 

  21. 

  22. PKG_FIXUP:=autoreconf
    23. 

  23. PKG_INSTALL:=1
    24. 

  24. PKG_BUILD_PARALLEL:=1
    25. 

  25. PKG_LICENSE:=GPL-2.0
    26. 

  26. 

  27. include $(INCLUDE_DIR)/package.mk
    28. 

  28. ifeq ($(DUMP),)
    29. 

  29.   -include $(LINUX_DIR)/.config
    30. 

  30.   include $(INCLUDE_DIR)/netfilter.mk
    31. 

  31.   STAMP_CONFIGURED:=$(strip $(STAMP_CONFIGURED))_$(shell grep 'NETFILTER' $(LINUX_DIR)/.config | mkhash md5)
    32. 

  32. endif
    33. 

  33. 

  34. 

  35. define Package/iptables/Default
    36. 

  36.   SECTION:=net
    37. 

  37.   CATEGORY:=Network
    38. 

  38.   SUBMENU:=Firewall
    39. 

  39.   URL:=http://netfilter.org/
    40. 

  40. endef
    41. 

  41. 

  42. define Package/iptables/Module
    43. 

  43. $(call Package/iptables/Default)
    44. 

  44.   DEPENDS:=iptables $(1)
    45. 

  45. endef
    46. 

  46. 

  47. define Package/iptables
    48. 

  48. $(call Package/iptables/Default)
    49. 

  49.   TITLE:=IP firewall administration tool
    50. 

  50.   MENU:=1
    51. 

  51.   DEPENDS+= +kmod-ipt-core +libip4tc +IPV6:libip6tc +libxtables
    52. 

  52. endef
    53. 

  53. 

  54. define Package/iptables/description
    55. 

  55. IP firewall administration tool.
    56. 

  56. 

  57.  Matches:
    58. 

  58.   - icmp
    59. 

  59.   - tcp
    60. 

  60.   - udp
    61. 

  61.   - comment
    62. 

  62.   - conntrack
    63. 

  63.   - limit
    64. 

  64.   - mac
    65. 

  65.   - mark
    66. 

  66.   - multiport
    67. 

  67.   - set
    68. 

  68.   - state
    69. 

  69.   - time
    70. 

  70. 

  71.  Targets:
    72. 

  72.   - ACCEPT
    73. 

  73.   - CT
    74. 

  74.   - DNAT
    75. 

  75.   - DROP
    76. 

  76.   - REJECT
    77. 

  77.   - LOG
    78. 

  78.   - MARK
    79. 

  79.   - MASQUERADE
    80. 

  80.   - REDIRECT
    81. 

  81.   - SET
    82. 

  82.   - SNAT
    83. 

  83.   - TCPMSS
    84. 

  84. 

  85.  Tables:
    86. 

  86.   - filter
    87. 

  87.   - mangle
    88. 

  88.   - nat
    89. 

  89.   - raw
    90. 

  90. 

  91. endef
    92. 

  92. 

  93. define Package/iptables-mod-conntrack-extra
    94. 

  94. $(call Package/iptables/Module, +kmod-ipt-conntrack-extra)
    95. 

  95.   TITLE:=Extra connection tracking extensions
    96. 

  96. endef
    97. 

  97. 

  98. define Package/iptables-mod-conntrack-extra/description
    99. 

  99. Extra iptables extensions for connection tracking.
    100. 

  100. 

  101.  Matches:
    102. 

  102.   - connbytes
    103. 

  103.   - connlimit
    104. 

  104.   - connmark
    105. 

  105.   - recent
    106. 

  106.   - helper
    107. 

  107. 

  108.  Targets:
    109. 

  109.   - CONNMARK
    110. 

  110. 

  111. endef
    112. 

  112. 

  113. define Package/iptables-mod-filter
    114. 

  114. $(call Package/iptables/Module, +kmod-ipt-filter)
    115. 

  115.   TITLE:=Content inspection extensions
    116. 

  116. endef
    117. 

  117. 

  118. define Package/iptables-mod-filter/description
    119. 

  119. iptables extensions for packet content inspection.
    120. 

  120. Includes support for:
    121. 

  121. 

  122.  Matches:
    123. 

  123.   - string
    124. 

  124. 

  125. endef
    126. 

  126. 

  127. define Package/iptables-mod-ipopt
    128. 

  128. $(call Package/iptables/Module, +kmod-ipt-ipopt)
    129. 

  129.   TITLE:=IP/Packet option extensions
    130. 

  130. endef
    131. 

  131. 

  132. define Package/iptables-mod-ipopt/description
    133. 

  133. iptables extensions for matching/changing IP packet options.
    134. 

  134. 

  135.  Matches:
    136. 

  136.   - dscp
    137. 

  137.   - ecn
    138. 

  138.   - length
    139. 

  139.   - statistic
    140. 

  140.   - tcpmss
    141. 

  141.   - unclean
    142. 

  142.   - hl
    143. 

  143. 

  144.  Targets:
    145. 

  145.   - DSCP
    146. 

  146.   - CLASSIFY
    147. 

  147.   - ECN
    148. 

  148.   - HL
    149. 

  149. 

  150. endef
    151. 

  151. 

  152. define Package/iptables-mod-ipsec
    153. 

  153. $(call Package/iptables/Module, +kmod-ipt-ipsec)
    154. 

  154.   TITLE:=IPsec extensions
    155. 

  155. endef
    156. 

  156. 

  157. define Package/iptables-mod-ipsec/description
    158. 

  158. iptables extensions for matching ipsec traffic.
    159. 

  159. 

  160.  Matches:
    161. 

  161.   - ah
    162. 

  162.   - esp
    163. 

  163.   - policy
    164. 

  164. 

  165. endef
    166. 

  166. 

  167. define Package/iptables-mod-nat-extra
    168. 

  168. $(call Package/iptables/Module, +kmod-ipt-nat-extra)
    169. 

  169.   TITLE:=Extra NAT extensions
    170. 

  170. endef
    171. 

  171. 

  172. define Package/iptables-mod-nat-extra/description
    173. 

  173. iptables extensions for extra NAT targets.
    174. 

  174. 

  175.  Targets:
    176. 

  176.   - MIRROR
    177. 

  177.   - NETMAP
    178. 

  178. endef
    179. 

  179. 

  180. define Package/iptables-mod-ulog
    181. 

  181. $(call Package/iptables/Module, +kmod-ipt-ulog)
    182. 

  182.   TITLE:=user-space packet logging
    183. 

  183. endef
    184. 

  184. 

  185. define Package/iptables-mod-ulog/description
    186. 

  186. iptables extensions for user-space packet logging.
    187. 

  187. 

  188.  Targets:
    189. 

  189.   - ULOG
    190. 

  190. 

  191. endef
    192. 

  192. 

  193. define Package/iptables-mod-nflog
    194. 

  194. $(call Package/iptables/Module, +kmod-nfnetlink-log +kmod-ipt-nflog)
    195. 

  195.   TITLE:=Netfilter NFLOG target
    196. 

  196. endef
    197. 

  197. 

  198. define Package/iptables-mod-nflog/description
    199. 

  199.  iptables extension for user-space logging via NFNETLINK.
    200. 

  200. 

  201.  Includes:
    202. 

  202.   - libxt_NFLOG
    203. 

  203. 

  204. endef
    205. 

  205. 

  206. define Package/iptables-mod-trace
    207. 

  207. $(call Package/iptables/Module, +kmod-ipt-debug)
    208. 

  208.   TITLE:=Netfilter TRACE target
    209. 

  209. endef
    210. 

  210. 

  211. define Package/iptables-mod-trace/description
    212. 

  212.  iptables extension for TRACE target
    213. 

  213. 

  214.  Includes:
    215. 

  215.   - libxt_TRACE
    216. 

  216. 

  217. endef
    218. 

  218. 

  219. 

  220. define Package/iptables-mod-nfqueue
    221. 

  221. $(call Package/iptables/Module, +kmod-nfnetlink-queue +kmod-ipt-nfqueue)
    222. 

  222.   TITLE:=Netfilter NFQUEUE target
    223. 

  223. endef
    224. 

  224. 

  225. define Package/iptables-mod-nfqueue/description
    226. 

  226.  iptables extension for user-space queuing via NFNETLINK.
    227. 

  227. 

  228.  Includes:
    229. 

  229.   - libxt_NFQUEUE
    230. 

  230. 

  231. endef
    232. 

  232. 

  233. define Package/iptables-mod-hashlimit
    234. 

  234. $(call Package/iptables/Module, +kmod-ipt-hashlimit)
    235. 

  235.   TITLE:=hashlimit matching
    236. 

  236. endef
    237. 

  237. 

  238. define Package/iptables-mod-hashlimit/description
    239. 

  239. iptables extensions for hashlimit matching
    240. 

  240. 

  241.  Matches:
    242. 

  242.   - hashlimit
    243. 

  243. 

  244. endef
    245. 

  245. 

  246. define Package/iptables-mod-rpfilter
    247. 

  247. $(call Package/iptables/Module, +kmod-ipt-rpfilter)
    248. 

  248.   TITLE:=rpfilter iptables extension
    249. 

  249. endef
    250. 

  250. 

  251. define Package/iptables-mod-rpfilter/description
    252. 

  252. iptables extensions for reverse path filter test on a packet
    253. 

  253. 

  254.  Matches:
    255. 

  255.   - rpfilter
    256. 

  256. 

  257. endef
    258. 

  258. 

  259. define Package/iptables-mod-iprange
    260. 

  260. $(call Package/iptables/Module, +kmod-ipt-iprange)
    261. 

  261.   TITLE:=IP range extension
    262. 

  262. endef
    263. 

  263. 

  264. define Package/iptables-mod-iprange/description
    265. 

  265. iptables extensions for matching ip ranges.
    266. 

  266. 

  267.  Matches:
    268. 

  268.   - iprange
    269. 

  269. 

  270. endef
    271. 

  271. 

  272. define Package/iptables-mod-cluster
    273. 

  273. $(call Package/iptables/Module, +kmod-ipt-cluster)
    274. 

  274.   TITLE:=Match cluster extension
    275. 

  275. endef
    276. 

  276. 

  277. define Package/iptables-mod-cluster/description
    278. 

  278. iptables extensions for matching cluster.
    279. 

  279. 

  280.  Netfilter (IPv4/IPv6) module for matching cluster
    281. 

  281.  This option allows you to build work-load-sharing clusters of
    282. 

  282.  network servers/stateful firewalls without having a dedicated
    283. 

  283.  load-balancing router/server/switch. Basically, this match returns
    284. 

  284.  true when the packet must be handled by this cluster node. Thus,
    285. 

  285.  all nodes see all packets and this match decides which node handles
    286. 

  286.  what packets. The work-load sharing algorithm is based on source
    287. 

  287.  address hashing.
    288. 

  288. 

  289.  This module is usable for ipv4 and ipv6.
    290. 

  290. 

  291.  If you select it, it enables kmod-ipt-cluster.
    292. 

  292. 

  293.  see `iptables -m cluster --help` for more information.
    294. 

  294. endef
    295. 

  295. 

  296. define Package/iptables-mod-clusterip
    297. 

  297. $(call Package/iptables/Module, +kmod-ipt-clusterip)
    298. 

  298.   TITLE:=Clusterip extension
    299. 

  299. endef
    300. 

  300. 

  301. define Package/iptables-mod-clusterip/description
    302. 

  302. iptables extensions for CLUSTERIP.
    303. 

  303.  The CLUSTERIP target allows you to build load-balancing clusters of
    304. 

  304.  network servers without having a dedicated load-balancing
    305. 

  305.  router/server/switch.
    306. 

  306. 

  307.  If you select it, it enables kmod-ipt-clusterip.
    308. 

  308. 

  309.  see `iptables -j CLUSTERIP --help` for more information.
    310. 

  310. endef
    311. 

  311. 

  312. define Package/iptables-mod-extra
    313. 

  313. $(call Package/iptables/Module, +kmod-ipt-extra)
    314. 

  314.   TITLE:=Other extra iptables extensions
    315. 

  315. endef
    316. 

  316. 

  317. define Package/iptables-mod-extra/description
    318. 

  318. Other extra iptables extensions.
    319. 

  319. 

  320.  Matches:
    321. 

  321.   - addrtype
    322. 

  322.   - condition
    323. 

  323.   - owner
    324. 

  324.   - physdev (if ebtables is enabled)
    325. 

  325.   - pkttype
    326. 

  326.   - quota
    327. 

  327. 

  328. endef
    329. 

  329. 

  330. define Package/iptables-mod-led
    331. 

  331. $(call Package/iptables/Module, +kmod-ipt-led)
    332. 

  332.   TITLE:=LED trigger iptables extension
    333. 

  333. endef
    334. 

  334. 

  335. define Package/iptables-mod-led/description
    336. 

  336. iptables extension for triggering a LED.
    337. 

  337. 

  338.  Targets:
    339. 

  339.   - LED
    340. 

  340. 

  341. endef
    342. 

  342. 

  343. define Package/iptables-mod-tproxy
    344. 

  344. $(call Package/iptables/Module, +kmod-ipt-tproxy)
    345. 

  345.   TITLE:=Transparent proxy iptables extensions
    346. 

  346. endef
    347. 

  347. 

  348. define Package/iptables-mod-tproxy/description
    349. 

  349. Transparent proxy iptables extensions.
    350. 

  350. 

  351.  Matches:
    352. 

  352.   - socket
    353. 

  353. 

  354.  Targets:
    355. 

  355.   - TPROXY
    356. 

  356. 

  357. endef
    358. 

  358. 

  359. define Package/iptables-mod-tee
    360. 

  360. $(call Package/iptables/Module, +kmod-ipt-tee)
    361. 

  361.   TITLE:=TEE iptables extensions
    362. 

  362. endef
    363. 

  363. 

  364. define Package/iptables-mod-tee/description
    365. 

  365. TEE iptables extensions.
    366. 

  366. 

  367.  Targets:
    368. 

  368.   - TEE
    369. 

  369. 

  370. endef
    371. 

  371. 

  372. define Package/iptables-mod-u32
    373. 

  373. $(call Package/iptables/Module, +kmod-ipt-u32)
    374. 

  374.   TITLE:=U32 iptables extensions
    375. 

  375. endef
    376. 

  376. 

  377. define Package/iptables-mod-u32/description
    378. 

  378. U32 iptables extensions.
    379. 

  379. 

  380.  Matches:
    381. 

  381.   - u32
    382. 

  382. 

  383. endef
    384. 

  384. 

  385. define Package/ip6tables
    386. 

  386. $(call Package/iptables/Default)
    387. 

  387.   DEPENDS:=@IPV6 +kmod-ip6tables +iptables
    388. 

  388.   CATEGORY:=Network
    389. 

  389.   TITLE:=IPv6 firewall administration tool
    390. 

  390.   MENU:=1
    391. 

  391. endef
    392. 

  392. 

  393. 

  394. define Package/ip6tables-extra
    395. 

  395. $(call Package/iptables/Default)
    396. 

  396.   DEPENDS:=ip6tables +kmod-ip6tables-extra
    397. 

  397.   TITLE:=IPv6 header matching modules
    398. 

  398. endef
    399. 

  399. 

  400. define Package/ip6tables-mod-extra/description
    401. 

  401. iptables header matching modules for IPv6
    402. 

  402. endef
    403. 

  403. 

  404. define Package/ip6tables-mod-nat
    405. 

  405. $(call Package/iptables/Default)
    406. 

  406.   DEPENDS:=ip6tables +kmod-ipt-nat6
    407. 

  407.   TITLE:=IPv6 NAT extensions
    408. 

  408. endef
    409. 

  409. 

  410. define Package/ip6tables-mod-nat/description
    411. 

  411. iptables extensions for IPv6-NAT targets.
    412. 

  412. endef
    413. 

  413. 

  414. define Package/libiptc
    415. 

  415. $(call Package/iptables/Default)
    416. 

  416.   SECTION:=libs
    417. 

  417.   CATEGORY:=Libraries
    418. 

  418.   DEPENDS:=+libip4tc +libip6tc +libxtables
    419. 

  419.   TITLE:=IPv4/IPv6 firewall - shared libiptc library (compatibility stub)
    420. 

  420. endef
    421. 

  421. 

  422. define Package/libip4tc
    423. 

  423. $(call Package/iptables/Default)
    424. 

  424.   SECTION:=libs
    425. 

  425.   CATEGORY:=Libraries
    426. 

  426.   TITLE:=IPv4 firewall - shared libiptc library
    427. 

  427.   DEPENDS:=+libxtables
    428. 

  428. endef
    429. 

  429. 

  430. define Package/libip6tc
    431. 

  431. $(call Package/iptables/Default)
    432. 

  432.   SECTION:=libs
    433. 

  433.   CATEGORY:=Libraries
    434. 

  434.   TITLE:=IPv6 firewall - shared libiptc library
    435. 

  435.   DEPENDS:=+libxtables
    436. 

  436. endef
    437. 

  437. 

  438. define Package/libxtables
    439. 

  439.  $(call Package/iptables/Default)
    440. 

  440.  SECTION:=libs
    441. 

  441.  CATEGORY:=Libraries
    442. 

  442.  TITLE:=IPv4/IPv6 firewall - shared xtables library
    443. 

  443. endef
    444. 

  444. 

  445. TARGET_CPPFLAGS := \
    446. 

  446. 	-I$(PKG_BUILD_DIR)/include \
    447. 

  447. 	-I$(LINUX_DIR)/user_headers/include \
    448. 

  448. 	$(TARGET_CPPFLAGS)
    449. 

  449. 

  450. TARGET_CFLAGS += \
    451. 

  451. 	-I$(PKG_BUILD_DIR)/include \
    452. 

  452. 	-I$(LINUX_DIR)/user_headers/include \
    453. 

  453. 	-ffunction-sections -fdata-sections \
    454. 

  454. 	-DNO_LEGACY
    455. 

  455. 

  456. TARGET_LDFLAGS += \
    457. 

  457. 	-Wl,--gc-sections
    458. 

  458. 

  459. CONFIGURE_ARGS += \
    460. 

  460. 	--enable-shared \
    461. 

  461. 	--enable-devel \
    462. 

  462. 	--with-kernel="$(LINUX_DIR)/user_headers" \
    463. 

  463. 	--with-xtlibdir=/usr/lib/iptables \
    464. 

  464. 	--enable-static \
    465. 

  465. 	$(if $(CONFIG_IPV6),,--disable-ipv6)
    466. 

  466. 

  467. MAKE_FLAGS := \
    468. 

  468. 	$(TARGET_CONFIGURE_OPTS) \
    469. 

  469. 	COPT_FLAGS="$(TARGET_CFLAGS)" \
    470. 

  470. 	KERNEL_DIR="$(LINUX_DIR)/user_headers/" PREFIX=/usr \
    471. 

  471. 	KBUILD_OUTPUT="$(LINUX_DIR)" \
    472. 

  472. 	BUILTIN_MODULES="$(patsubst ip6t_%,%,$(patsubst ipt_%,%,$(patsubst xt_%,%,$(IPT_BUILTIN) $(IPT_CONNTRACK-m) $(IPT_NAT-m))))"
    473. 

  473. 

  474. ifneq ($(wildcard $(PKG_BUILD_DIR)/.config_*),$(subst .configured_,.config_,$(STAMP_CONFIGURED)))
    475. 

  475.   define Build/Configure/rebuild
    476. 

  476. 	$(FIND) $(PKG_BUILD_DIR) -name \*.o -or -name \*.\?o -or -name \*.a | $(XARGS) rm -f
    477. 

  477. 	rm -f $(PKG_BUILD_DIR)/.config_*
    478. 

  478. 	rm -f $(PKG_BUILD_DIR)/.configured_*
    479. 

  479. 	touch $(subst .configured_,.config_,$(STAMP_CONFIGURED))
    480. 

  480.   endef
    481. 

  481. endif
    482. 

  482. 

  483. define Build/Configure
    484. 

  484. $(Build/Configure/rebuild)
    485. 

  485. $(Build/Configure/Default)
    486. 

  486. endef
    487. 

  487. 

  488. define Build/InstallDev
    489. 

  489. 	$(INSTALL_DIR) $(1)/usr/include
    490. 

  490. 	$(INSTALL_DIR) $(1)/usr/include/iptables
    491. 

  491. 	$(INSTALL_DIR) $(1)/usr/include/net/netfilter
    492. 

  492. 

  493. 	# XXX: iptables header fixup, some headers are not installed by iptables anymore
    494. 

  494. 	$(CP) $(PKG_BUILD_DIR)/include/iptables/*.h $(1)/usr/include/iptables/
    495. 

  495. 	$(CP) $(PKG_BUILD_DIR)/include/iptables.h $(1)/usr/include/
    496. 

  496. 	$(CP) $(PKG_BUILD_DIR)/include/ip6tables.h $(1)/usr/include/
    497. 

  497. 	$(CP) $(PKG_BUILD_DIR)/include/libipulog $(1)/usr/include/
    498. 

  498. 	$(CP) $(PKG_BUILD_DIR)/include/libiptc $(1)/usr/include/
    499. 

  499. 

  500. 	$(CP) $(PKG_INSTALL_DIR)/usr/include/* $(1)/usr/include/
    501. 

  501. 	$(INSTALL_DIR) $(1)/usr/lib
    502. 

  502. 	$(CP) $(PKG_INSTALL_DIR)/usr/lib/libxtables.so* $(1)/usr/lib/
    503. 

  503. 	$(CP) $(PKG_INSTALL_DIR)/usr/lib/libip*tc.so* $(1)/usr/lib/
    504. 

  504. 	$(INSTALL_DIR) $(1)/usr/lib/pkgconfig
    505. 

  505. 	$(CP) $(PKG_INSTALL_DIR)/usr/lib/pkgconfig/xtables.pc $(1)/usr/lib/pkgconfig/
    506. 

  506. 	$(CP) $(PKG_INSTALL_DIR)/usr/lib/pkgconfig/libip*tc.pc $(1)/usr/lib/pkgconfig/
    507. 

  507. 

  508. 	# XXX: needed by firewall3
    509. 

  509. 	$(CP) $(PKG_BUILD_DIR)/extensions/libiptext*.so $(1)/usr/lib/
    510. 

  510. endef
    511. 

  511. 

  512. define Package/iptables/install
    513. 

  513. 	$(INSTALL_DIR) $(1)/usr/sbin
    514. 

  514. 	$(CP) $(PKG_INSTALL_DIR)/usr/sbin/xtables-multi $(1)/usr/sbin/
    515. 

  515. 	$(CP) $(PKG_INSTALL_DIR)/usr/sbin/iptables{,-restore,-save} $(1)/usr/sbin/
    516. 

  516. 	$(INSTALL_DIR) $(1)/usr/lib/iptables
    517. 

  517. endef
    518. 

  518. 

  519. define Package/ip6tables/install
    520. 

  520. 	$(INSTALL_DIR) $(1)/usr/sbin
    521. 

  521. 	$(CP) $(PKG_INSTALL_DIR)/usr/sbin/ip6tables{,-restore,-save} $(1)/usr/sbin/
    522. 

  522. endef
    523. 

  523. 

  524. define Package/libiptc/install
    525. 

  525. 	$(INSTALL_DIR) $(1)/usr/lib
    526. 

  526. 	$(CP) $(PKG_INSTALL_DIR)/usr/lib/libiptc.so* $(1)/usr/lib/
    527. 

  527. endef
    528. 

  528. 

  529. define Package/libip4tc/install
    530. 

  530. 	$(INSTALL_DIR) $(1)/usr/lib
    531. 

  531. 	$(CP) $(PKG_INSTALL_DIR)/usr/lib/libip4tc.so* $(1)/usr/lib/
    532. 

  532. 	$(CP) $(PKG_BUILD_DIR)/extensions/libiptext4.so $(1)/usr/lib/
    533. 

  533. endef
    534. 

  534. 

  535. define Package/libip6tc/install
    536. 

  536. 	$(INSTALL_DIR) $(1)/usr/lib
    537. 

  537. 	$(CP) $(PKG_INSTALL_DIR)/usr/lib/libip6tc.so* $(1)/usr/lib/
    538. 

  538. 	$(CP) $(PKG_BUILD_DIR)/extensions/libiptext6.so $(1)/usr/lib/
    539. 

  539. endef
    540. 

  540. 

  541. define Package/libxtables/install
    542. 

  542. 	$(INSTALL_DIR) $(1)/usr/lib
    543. 

  543. 	$(CP) $(PKG_INSTALL_DIR)/usr/lib/libxtables.so* $(1)/usr/lib/
    544. 

  544. 	$(CP) $(PKG_BUILD_DIR)/extensions/libiptext.so $(1)/usr/lib/
    545. 

  545. endef
    546. 

  546. 

  547. define BuildPlugin
    548. 

  548.   define Package/$(1)/install
    549. 

  549. 	$(INSTALL_DIR) $$(1)/usr/lib/iptables
    550. 

  550. 	for m in $(patsubst xt_%,ipt_%,$(2)) $(patsubst ipt_%,xt_%,$(2)) $(patsubst xt_%,ip6t_%,$(2)) $(patsubst ip6t_%,xt_%,$(2)); do \
    551. 

  551. 		if [ -f $(PKG_INSTALL_DIR)/usr/lib/iptables/lib$$$$$$$${m}.so ]; then \
    552. 

  552. 			$(CP) $(PKG_INSTALL_DIR)/usr/lib/iptables/lib$$$$$$$${m}.so $$(1)/usr/lib/iptables/ ; \
    553. 

  553. 		fi; \
    554. 

  554. 	done
    555. 

  555. 	$(3)
    556. 

  556.   endef
    557. 

  557. 

  558.   $$(eval $$(call BuildPackage,$(1)))
    559. 

  559. endef
    560. 

  560. 

  561. $(eval $(call BuildPackage,iptables))
    562. 

  562. $(eval $(call BuildPlugin,iptables-mod-conntrack-extra,$(IPT_CONNTRACK_EXTRA-m)))
    563. 

  563. $(eval $(call BuildPlugin,iptables-mod-extra,$(IPT_EXTRA-m)))
    564. 

  564. $(eval $(call BuildPlugin,iptables-mod-filter,$(IPT_FILTER-m)))
    565. 

  565. $(eval $(call BuildPlugin,iptables-mod-ipopt,$(IPT_IPOPT-m)))
    566. 

  566. $(eval $(call BuildPlugin,iptables-mod-ipsec,$(IPT_IPSEC-m)))
    567. 

  567. $(eval $(call BuildPlugin,iptables-mod-nat-extra,$(IPT_NAT_EXTRA-m)))
    568. 

  568. $(eval $(call BuildPlugin,iptables-mod-iprange,$(IPT_IPRANGE-m)))
    569. 

  569. $(eval $(call BuildPlugin,iptables-mod-cluster,$(IPT_CLUSTER-m)))
    570. 

  570. $(eval $(call BuildPlugin,iptables-mod-clusterip,$(IPT_CLUSTERIP-m)))
    571. 

  571. $(eval $(call BuildPlugin,iptables-mod-ulog,$(IPT_ULOG-m)))
    572. 

  572. $(eval $(call BuildPlugin,iptables-mod-hashlimit,$(IPT_HASHLIMIT-m)))
    573. 

  573. $(eval $(call BuildPlugin,iptables-mod-rpfilter,$(IPT_RPFILTER-m)))
    574. 

  574. $(eval $(call BuildPlugin,iptables-mod-led,$(IPT_LED-m)))
    575. 

  575. $(eval $(call BuildPlugin,iptables-mod-tproxy,$(IPT_TPROXY-m)))
    576. 

  576. $(eval $(call BuildPlugin,iptables-mod-tee,$(IPT_TEE-m)))
    577. 

  577. $(eval $(call BuildPlugin,iptables-mod-u32,$(IPT_U32-m)))
    578. 

  578. $(eval $(call BuildPlugin,iptables-mod-nflog,$(IPT_NFLOG-m)))
    579. 

  579. $(eval $(call BuildPlugin,iptables-mod-trace,$(IPT_DEBUG-m)))
    580. 

  580. $(eval $(call BuildPlugin,iptables-mod-nfqueue,$(IPT_NFQUEUE-m)))
    581. 

  581. $(eval $(call BuildPackage,ip6tables))
    582. 

  582. $(eval $(call BuildPlugin,ip6tables-extra,$(IPT_IPV6_EXTRA-m)))
    583. 

  583. $(eval $(call BuildPlugin,ip6tables-mod-nat,$(IPT_NAT6-m)))
    584. 

  584. $(eval $(call BuildPackage,libiptc))
    585. 

  585. $(eval $(call BuildPackage,libip4tc))
    586. 

  586. $(eval $(call BuildPackage,libip6tc))
    587. 

  587. $(eval $(call BuildPackage,libxtables))
    588.