source: trunk/package/iptables/Makefile @ 11325

Last change on this file since 11325 was 11325, checked in by florian, 8 years ago

We do not need to make the experimental/install-experimental targets starting with 1.4.x version

  • Property svn:copyright set to Copyright (C) 2006 OpenWrt.org
  • Property svn:eol-style set to native
  • Property svn:keywords set to Author Date Id Revision
File size: 8.1 KB
Line 
1#
2# Copyright (C) 2006-2008 OpenWrt.org
3#
4# This is free software, licensed under the GNU General Public License v2.
5# See /LICENSE for more information.
6#
7# $Id$
8
9include $(TOPDIR)/rules.mk
10include $(INCLUDE_DIR)/kernel.mk
11
12PKG_NAME:=iptables
13
14ifeq ($(CONFIG_LINUX_2_4),y)
15  PKG_VERSION:=1.3.8
16  PKG_RELEASE:=3
17  PKG_MD5SUM:=0a9209f928002e5eee9cdff8fef4d4b3
18  MAKE_TARGETS:=experimental install-experimental
19endif
20
21ifeq ($(CONFIG_LINUX_2_6),y)
22  PKG_VERSION:=1.4.0
23  PKG_RELEASE:=1
24  PKG_MD5SUM:=90cfa8a554a29b0b859a625e701af2a7
25endif
26
27PKG_VERSION?=<IPTABLES_VERSION>
28
29PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
30PKG_SOURCE_URL:=http://www.netfilter.org/projects/iptables/files \
31        ftp://ftp.be.netfilter.org/pub/netfilter/iptables/ \
32        ftp://ftp.de.netfilter.org/pub/netfilter/iptables/ \
33        ftp://ftp.no.netfilter.org/pub/netfilter/iptables/
34
35PATCH_DIR:=./patches/$(PKG_VERSION)
36
37include $(INCLUDE_DIR)/package.mk
38ifeq ($(DUMP),)
39  -include $(LINUX_DIR)/.config
40  include $(INCLUDE_DIR)/netfilter.mk
41  STAMP_CONFIGURED:=$(strip $(STAMP_CONFIGURED))_$(shell grep 'NETFILTER' $(LINUX_DIR)/.config | md5s)
42endif
43
44define Package/iptables/Default
45  SECTION:=net
46  CATEGORY:=Base system
47  URL:=http://netfilter.org/
48endef
49
50define Package/iptables/Module
51$(call Package/iptables/Default)
52  DEPENDS:=iptables $(1)
53endef
54
55define Package/iptables
56$(call Package/iptables/Default)
57  TITLE:=IPv4 firewall administration tool
58  MENU:=1
59endef
60
61define Package/iptables/conffiles
62/etc/firewall.config
63/etc/firewall.user
64endef
65
66define Package/iptables-mod-conntrack
67$(call Package/iptables/Module, +kmod-ipt-conntrack)
68  TITLE:=connection tracking modules
69endef
70
71define Package/iptables-mod-conntrack/description
72 iptables extensions for connection tracking.
73 Includes:
74 - libipt_conntrack
75 - libipt_helper
76 - libipt_connmark/CONNMARK
77endef
78
79define Package/iptables-mod-filter
80$(call Package/iptables/Module, +kmod-ipt-filter)
81  TITLE:=filter modules
82endef
83
84define Package/iptables-mod-filter/description
85 iptables extensions for packet content inspection.
86 Includes:
87 - libipt_ipp2p
88 - libipt_layer7
89endef
90
91define Package/iptables-mod-imq
92$(call Package/iptables/Module, +kmod-ipt-imq @!LINUX_2_6_25)
93  TITLE:=IMQ support
94endef
95
96define Package/iptables-mod-imq/description
97 iptables extension for IMQ support.
98 Includes:
99 - libipt_IMQ
100endef
101
102define Package/iptables-mod-ipopt
103$(call Package/iptables/Module, +kmod-ipt-ipopt)
104  TITLE:=IP/Packet option modules
105endef
106
107define Package/iptables-mod-ipopt/description
108 iptables extensions for matching/changing IP packet options.\\\
109 Includes:
110 - libipt_CLASSIFY
111 - libipt_dscp/DSCP
112 - libipt_ecn/ECN
113 - libipt_length
114 - libipt_mac
115 - libipt_mark/MARK
116 - libipt_statistic
117 - libipt_tcpmms
118 - libipt_tos/TOS
119 - libipt_ttl/TTL
120 - libipt_unclean
121endef
122
123define Package/iptables-mod-ipsec
124$(call Package/iptables/Module, +kmod-ipt-ipsec)
125  TITLE:=IPSec extensions
126endef
127
128define Package/iptables-mod-ipsec/description
129 iptables extensions for matching ipsec traffic.
130 Includes:
131 - libipt_ah
132 - libipt_esp
133 - libipt_policy
134endef
135
136define Package/iptables-mod-nat
137$(call Package/iptables/Module, +kmod-ipt-nat)
138  TITLE:=extra NAT targets
139endef
140
141define Package/iptables-mod-nat/description
142 iptables extensions for different NAT targets.
143 Includes:
144 - libipt_REDIRECT
145endef
146
147define Package/iptables-mod-ulog
148$(call Package/iptables/Module, +kmod-ipt-ulog)
149  TITLE:=user-space packet logging
150endef
151
152define Package/iptables-mod-ulog/description
153 iptables extensions for user-space packet logging.
154 Includes:
155 - libipt_ULOG
156endef
157
158define Package/iptables-mod-iprange
159$(call Package/iptables/Module, +kmod-ipt-iprange)
160  TITLE:=ip range module
161endef
162
163define Package/iptables-mod-iprange/description
164 iptables extensions for matching ip ranges.
165 Includes:
166 - libipt_iprange
167endef
168
169define Package/iptables-mod-extra
170$(call Package/iptables/Module, +kmod-ipt-extra)
171  TITLE:=other extra iptables extensions
172endef
173
174define Package/iptables-mod-extra/description
175 other extra iptables extensions.
176 Includes:
177 - libipt_limit
178 - libipt_owner
179 - libipt_physdev
180 - libipt_pkttype
181 - libipt_recent
182 - iptable_raw
183 - libipt_NOTRACK
184 - libipt_TARPIT
185 - libipt_DELUDE
186 - libipt_CHAOS
187endef
188
189define Package/iptables-mod-ipset
190$(call Package/iptables/Module, +kmod-ipt-ipset)
191  TITLE:=ipset iptables extension
192endef
193
194define Package/iptables-utils
195$(call Package/iptables/Module, )
196  TITLE:=iptables save and restore utilities
197endef
198
199define Package/ip6tables
200$(call Package/iptables/Default)
201  DEPENDS:=+kmod-ip6tables
202  CATEGORY:=IPv6
203  TITLE:=IPv6 firewall administration tool
204  MENU:=1
205endef
206
207define Package/ip6tables-utils
208 $(call Package/iptables/Default)
209 DEPENDS:=ip6tables
210 CATEGORY:=IPv6
211 TITLE:=ip6tables save and restore utilities
212endef
213
214define Build/Prepare
215        $(call Build/Prepare/Default)
216endef
217
218define Build/Configure
219        chmod a+x $(PKG_BUILD_DIR)/extensions/.*-test*
220        rm -f $(PKG_BUILD_DIR)/.configured*
221        $(MAKE) -C $(PKG_BUILD_DIR) \
222                clean
223endef
224
225define Build/Compile
226        mkdir -p $(PKG_INSTALL_DIR)
227        $(MAKE) -C $(PKG_BUILD_DIR) \
228                $(TARGET_CONFIGURE_OPTS) \
229                COPT_FLAGS="$(TARGET_CFLAGS)" \
230                LDFLAGS="-rdynamic -static-libgcc" \
231                KERNEL_DIR="$(LINUX_DIR)" PREFIX=/usr \
232                KBUILD_OUTPUT="$(LINUX_DIR)" \
233                DESTDIR="$(PKG_INSTALL_DIR)" \
234                all install $(MAKE_TARGETS)
235endef
236
237define Build/InstallDev
238        $(MAKE) -C $(PKG_BUILD_DIR) \
239                $(TARGET_CONFIGURE_OPTS) \
240                COPT_FLAGS="$(TARGET_CFLAGS)" \
241                KERNEL_DIR="$(LINUX_DIR)" PREFIX=/usr \
242                KBUILD_OUTPUT="$(LINUX_DIR)" \
243                DESTDIR="$(1)" \
244                install-devel
245        $(CP) $(PKG_BUILD_DIR)/include $(1)/usr
246        $(CP) $(PKG_BUILD_DIR)/libiptc/libiptc.a $(1)/usr/lib
247endef
248
249define Package/iptables/install
250        $(INSTALL_DIR) $(1)/etc/config
251        $(INSTALL_DATA) ./files/firewall.config $(1)/etc/
252        $(INSTALL_DIR) $(1)/etc/init.d
253        $(INSTALL_BIN) ./files/firewall.init $(1)/etc/init.d/firewall
254        $(INSTALL_BIN) ./files/firewall.user $(1)/etc/
255        $(INSTALL_DIR) $(1)/usr/lib
256        $(INSTALL_DATA) ./files/firewall.awk $(1)/usr/lib
257        $(INSTALL_DIR) $(1)/usr/sbin
258        $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/iptables $(1)/usr/sbin/
259        $(INSTALL_DIR) $(1)/usr/lib/iptables
260        (cd $(PKG_INSTALL_DIR)/usr/lib/iptables ; \
261                for m in $(patsubst xt_%,ipt_%,$(IPT_BUILTIN)) $(patsubst ipt_%,xt_%,$(IPT_BUILTIN)); do \
262                        if [ -f $(PKG_INSTALL_DIR)/usr/lib/iptables/lib$$$${m}.so ]; then \
263                                $(CP) $(PKG_INSTALL_DIR)/usr/lib/iptables/lib$$$${m}.so $(1)/usr/lib/iptables/ ;\
264                        fi; \
265                done \
266        )
267endef
268
269define Package/iptables-utils/install
270        $(INSTALL_DIR) $(1)/usr/sbin
271        $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/iptables-{save,restore} $(1)/usr/sbin/
272endef
273
274define Package/ip6tables/install
275        $(INSTALL_DIR) $(1)/usr/sbin
276        $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/ip6tables $(1)/usr/sbin/
277        $(INSTALL_DIR) $(1)/usr/lib/iptables
278        (cd $(PKG_INSTALL_DIR)/usr/lib/iptables ; \
279                $(CP) libip6t_*.so $(1)/usr/lib/iptables/ \
280        )
281endef
282
283define Package/ip6tables-utils/install
284        $(INSTALL_DIR) $(1)/usr/sbin
285        $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/ip6tables-{save,restore} $(1)/usr/sbin/
286endef
287
288define BuildPlugin
289  define Package/$(1)/install
290        $(INSTALL_DIR) $$(1)/usr/lib/iptables
291        for m in $(patsubst xt_%,ipt_%,$(2)) $(patsubst ipt_%,xt_%,$(2)); do \
292                if [ -f $(PKG_INSTALL_DIR)/usr/lib/iptables/lib$$$$$$$${m}.so ]; then \
293                        $(CP) $(PKG_INSTALL_DIR)/usr/lib/iptables/lib$$$$$$$${m}.so $$(1)/usr/lib/iptables/ ; \
294                fi; \
295        done
296        $(3)
297  endef
298
299  $$(eval $$(call BuildPackage,$(1)))
300endef
301
302L7_INSTALL:=\
303        $(INSTALL_DIR) $$(1)/etc/l7-protocols; \
304        $(CP) files/l7/*.pat $$(1)/etc/l7-protocols/
305
306$(eval $(call BuildPackage,iptables))
307$(eval $(call BuildPackage,iptables-utils))
308$(eval $(call BuildPlugin,iptables-mod-conntrack,$(IPT_CONNTRACK-m)))
309$(eval $(call BuildPlugin,iptables-mod-extra,$(IPT_EXTRA-m)))
310$(eval $(call BuildPlugin,iptables-mod-ipset,$(IPT_IPSET-m)))
311$(eval $(call BuildPlugin,iptables-mod-filter,$(IPT_FILTER-m),$(L7_INSTALL)))
312$(eval $(call BuildPlugin,iptables-mod-imq,$(IPT_IMQ-m)))
313$(eval $(call BuildPlugin,iptables-mod-ipopt,$(IPT_IPOPT-m)))
314$(eval $(call BuildPlugin,iptables-mod-ipsec,$(IPT_IPSEC-m)))
315$(eval $(call BuildPlugin,iptables-mod-nat,$(IPT_NAT-m)))
316$(eval $(call BuildPlugin,iptables-mod-iprange,$(IPT_IPRANGE-m)))
317$(eval $(call BuildPlugin,iptables-mod-ulog,$(IPT_ULOG-m)))
318$(eval $(call BuildPackage,ip6tables))
319$(eval $(call BuildPackage,ip6tables-utils))
Note: See TracBrowser for help on using the repository browser.