diff options
| author | Roman Yeryomin <roman@advem.lv> | 2013-05-26 01:02:55 +0300 |
|---|---|---|
| committer | Roman Yeryomin <roman@advem.lv> | 2013-05-26 01:02:55 +0300 |
| commit | 342045a35b1981a89e4bc80842b10c065e1050da (patch) | |
| tree | 4140720b20e8d641c11da882010d6130a75fef21 /package/network/utils/iptables/Makefile | |
| parent | 7338133dde8238afce34676214b494c8db96689b (diff) | |
| parent | 1a116ce7818ecee5d167a9c0ebb1a0feca9120e6 (diff) | |
Merge trunk into realtek-unstable
Conflicts:
Config.in
feeds.conf.default
package/base-files/files/etc/hotplug2-common.rules
package/network/config/netifd/files/etc/init.d/network
Diffstat (limited to 'package/network/utils/iptables/Makefile')
| -rw-r--r-- | package/network/utils/iptables/Makefile | 80 |
1 files changed, 35 insertions, 45 deletions
diff --git a/package/network/utils/iptables/Makefile b/package/network/utils/iptables/Makefile index a3d8864c3..1b6a4cf79 100644 --- a/package/network/utils/iptables/Makefile +++ b/package/network/utils/iptables/Makefile @@ -1,5 +1,5 @@ # -# Copyright (C) 2006-2012 OpenWrt.org +# Copyright (C) 2006-2013 OpenWrt.org # # This is free software, licensed under the GNU General Public License v2. # See /LICENSE for more information. @@ -9,15 +9,15 @@ include $(TOPDIR)/rules.mk include $(INCLUDE_DIR)/kernel.mk PKG_NAME:=iptables -PKG_VERSION:=1.4.10 +PKG_VERSION:=1.4.18 PKG_RELEASE:=4 -PKG_MD5SUM:=f382fe693f0b59d87bd47bea65eca198 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2 PKG_SOURCE_URL:=http://www.netfilter.org/projects/iptables/files \ ftp://ftp.be.netfilter.org/pub/netfilter/iptables/ \ ftp://ftp.de.netfilter.org/pub/netfilter/iptables/ \ ftp://ftp.no.netfilter.org/pub/netfilter/iptables/ +PKG_MD5SUM:=a819199d5ec013b82da13a8ffbba857e PKG_FIXUP:=autoreconf PKG_INSTALL:=1 @@ -49,33 +49,47 @@ endef define Package/iptables $(call Package/iptables/Default) - TITLE:=IPv4 firewall administration tool + TITLE:=IP firewall administration tool MENU:=1 - DEPENDS+= +kmod-ipt-core +libip4tc +libxtables + DEPENDS+= +kmod-ipt-core +libip4tc +IPV6:libip6tc +libxtables endef define Package/iptables/description -IPv4 firewall administration tool. +IP firewall administration tool. Matches: - icmp - tcp - udp - comment + - conntrack - limit - mac + - mark - multiport + - set + - state + - time Targets: - ACCEPT + - CT + - DNAT - DROP - REJECT - LOG + - MARK + - MASQUERADE + - REDIRECT + - SET + - SNAT - TCPMSS Tables: - filter - mangle + - nat + - raw endef @@ -125,10 +139,8 @@ iptables extensions for matching/changing IP packet options. - dscp - ecn - length - - mark - statistic - tcpmss - - time - unclean - hl @@ -136,7 +148,6 @@ iptables extensions for matching/changing IP packet options. - DSCP - CLASSIFY - ECN - - MARK - HL endef @@ -156,22 +167,6 @@ iptables extensions for matching ipsec traffic. endef -define Package/iptables-mod-ipset -$(call Package/iptables/Module,) - TITLE:=IPset iptables extensions -endef - -define Package/iptables-mod-ipset/description -IPset iptables extensions. - - Matches: - - set - - Targets: - - SET - -endef - define Package/iptables-mod-nat-extra $(call Package/iptables/Module, +kmod-ipt-nat-extra) TITLE:=Extra NAT extensions @@ -183,7 +178,6 @@ iptables extensions for extra NAT targets. Targets: - MIRROR - NETMAP - - REDIRECT endef define Package/iptables-mod-ulog @@ -234,6 +228,7 @@ define Package/iptables-mod-extra/description Other extra iptables extensions. Matches: + - addrtype - condition - owner - physdev (if ebtables is enabled) @@ -299,8 +294,8 @@ endef define Package/ip6tables $(call Package/iptables/Default) - DEPENDS:=+kmod-ip6tables +libip6tc +libxtables - CATEGORY:=IPv6 + DEPENDS:=@IPV6 +kmod-ip6tables +iptables + CATEGORY:=Network TITLE:=IPv6 firewall administration tool MENU:=1 endef @@ -341,12 +336,15 @@ TARGET_CPPFLAGS := \ TARGET_CFLAGS += \ -I$(PKG_BUILD_DIR)/include \ - -I$(LINUX_DIR)/user_headers/include + -I$(LINUX_DIR)/user_headers/include \ + -ffunction-sections -fdata-sections + +TARGET_LDFLAGS += \ + -Wl,--gc-sections CONFIGURE_ARGS += \ --enable-shared \ --enable-devel \ - $(if $(CONFIG_IPV6),--enable-ipv6,--disable-ipv6) \ --with-kernel="$(LINUX_DIR)/user_headers" \ --with-xtlibdir=/usr/lib/iptables \ --enable-static @@ -356,7 +354,7 @@ MAKE_FLAGS := \ COPT_FLAGS="$(TARGET_CFLAGS)" \ KERNEL_DIR="$(LINUX_DIR)/user_headers/" PREFIX=/usr \ KBUILD_OUTPUT="$(LINUX_DIR)" \ - BUILTIN_MODULES="$(patsubst ipt_%,%,$(patsubst xt_%,%,$(IPT_BUILTIN) $(IPT_CONNTRACK-m) $(IPT_NAT-m)))" + BUILTIN_MODULES="$(patsubst ip6t_%,%,$(patsubst ipt_%,%,$(patsubst xt_%,%,$(IPT_BUILTIN) $(IPT_CONNTRACK-m) $(IPT_NAT-m))))" define Build/InstallDev $(INSTALL_DIR) $(1)/usr/include @@ -364,9 +362,9 @@ define Build/InstallDev $(INSTALL_DIR) $(1)/usr/include/net/netfilter # XXX: iptables header fixup, some headers are not installed by iptables anymore - $(CP) $(PKG_BUILD_DIR)/include/net/netfilter/*.h $(1)/usr/include/net/netfilter/ $(CP) $(PKG_BUILD_DIR)/include/iptables/*.h $(1)/usr/include/iptables/ $(CP) $(PKG_BUILD_DIR)/include/iptables.h $(1)/usr/include/ + $(CP) $(PKG_BUILD_DIR)/include/ip6tables.h $(1)/usr/include/ $(CP) $(PKG_BUILD_DIR)/include/libipulog $(1)/usr/include/ $(CP) $(PKG_BUILD_DIR)/include/libiptc $(1)/usr/include/ @@ -376,26 +374,19 @@ define Build/InstallDev $(CP) $(PKG_INSTALL_DIR)/usr/lib/libip*tc.so* $(1)/usr/lib/ $(INSTALL_DIR) $(1)/usr/lib/pkgconfig $(CP) $(PKG_INSTALL_DIR)/usr/lib/pkgconfig/xtables.pc $(1)/usr/lib/pkgconfig/ - $(CP) $(PKG_INSTALL_DIR)/usr/lib/pkgconfig/libiptc.pc $(1)/usr/lib/pkgconfig/ + $(CP) $(PKG_INSTALL_DIR)/usr/lib/pkgconfig/libip*tc.pc $(1)/usr/lib/pkgconfig/ endef define Package/iptables/install $(INSTALL_DIR) $(1)/usr/sbin - $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/iptables $(1)/usr/sbin/ - $(LN) iptables $(1)/usr/sbin/iptables-save - $(LN) iptables $(1)/usr/sbin/iptables-restore + $(CP) $(PKG_INSTALL_DIR)/usr/sbin/xtables-multi $(1)/usr/sbin/ + $(CP) $(PKG_INSTALL_DIR)/usr/sbin/iptables{,-restore,-save} $(1)/usr/sbin/ $(INSTALL_DIR) $(1)/usr/lib/iptables endef define Package/ip6tables/install $(INSTALL_DIR) $(1)/usr/sbin - $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/ip6tables $(1)/usr/sbin/ - $(LN) ip6tables $(1)/usr/sbin/ip6tables-save - $(LN) ip6tables $(1)/usr/sbin/ip6tables-restore - $(INSTALL_DIR) $(1)/usr/lib/iptables - (cd $(PKG_INSTALL_DIR)/usr/lib/iptables ; \ - $(CP) libip6t_*.so $(1)/usr/lib/iptables/ \ - ) + $(CP) $(PKG_INSTALL_DIR)/usr/sbin/ip6tables{,-restore,-save} $(1)/usr/sbin/ endef define Package/libiptc/install @@ -421,7 +412,7 @@ endef define BuildPlugin define Package/$(1)/install $(INSTALL_DIR) $$(1)/usr/lib/iptables - for m in $(patsubst xt_%,ipt_%,$(2)) $(patsubst ipt_%,xt_%,$(2)); do \ + for m in $(patsubst xt_%,ipt_%,$(2)) $(patsubst ipt_%,xt_%,$(2)) $(patsubst xt_%,ip6t_%,$(2)) $(patsubst ip6t_%,xt_%,$(2)); do \ if [ -f $(PKG_INSTALL_DIR)/usr/lib/iptables/lib$$$$$$$${m}.so ]; then \ $(CP) $(PKG_INSTALL_DIR)/usr/lib/iptables/lib$$$$$$$${m}.so $$(1)/usr/lib/iptables/ ; \ fi; \ @@ -443,7 +434,6 @@ $(eval $(call BuildPlugin,iptables-mod-extra,$(IPT_EXTRA-m))) $(eval $(call BuildPlugin,iptables-mod-filter,$(IPT_FILTER-m),$(L7_INSTALL))) $(eval $(call BuildPlugin,iptables-mod-ipopt,$(IPT_IPOPT-m))) $(eval $(call BuildPlugin,iptables-mod-ipsec,$(IPT_IPSEC-m))) -$(eval $(call BuildPlugin,iptables-mod-ipset,ipt_set ipt_SET)) $(eval $(call BuildPlugin,iptables-mod-nat-extra,$(IPT_NAT_EXTRA-m))) $(eval $(call BuildPlugin,iptables-mod-iprange,$(IPT_IPRANGE-m))) $(eval $(call BuildPlugin,iptables-mod-ulog,$(IPT_ULOG-m))) |