From f3cc98651b738ac7f2dc56ea772afa9f874b9d3b Mon Sep 17 00:00:00 2001 From: Waldemar Brodkorb Date: Mon, 7 Apr 2014 17:23:11 +0200 Subject: allow to enable daemons on startup via menuconfig --- package/iptables/Makefile | 20 ++++++++++++++------ package/iptables/files/firewall6.init | 2 +- 2 files changed, 15 insertions(+), 7 deletions(-) (limited to 'package/iptables') diff --git a/package/iptables/Makefile b/package/iptables/Makefile index d9fa9fd2a..fe2d9404b 100644 --- a/package/iptables/Makefile +++ b/package/iptables/Makefile @@ -7,7 +7,7 @@ PKG_NAME:= iptables PKG_VERSION:= 1.4.21 PKG_RELEASE:= 2 PKG_MD5SUM:= 536d048c8e8eeebcd9757d0863ebb0c0 -PKG_DESCR:= The netfilter firewalling software +PKG_DESCR:= netfilter firewalling software PKG_SECTION:= firewall PKG_DEPENDS:= kmod-ip-nf-iptables kmod-nf-conntrack PKG_DEPENDS+= kmod-nf-conntrack-ipv4 kmod-full-nat @@ -22,13 +22,19 @@ PKG_OPTS:= dev DISTFILES:= ${PKG_NAME}-${PKG_VERSION}.tar.bz2 +PKG_SUBPKGS:= IPTABLES IP6TABLES +PKGSD_IPTABLES:= iptables for IPv4 +PKGSD_IP6TABLES:= iptables for IPv6 +PKGSS_IP6TABLES:= iptables + include ${TOPDIR}/mk/package.mk # right now default extensions are builtin # use --disable-static in CONFIGURE_ARGS to change and optimize package #include ${LINUX_DIR}/.config -$(eval $(call PKG_template,IPTABLES,iptables,${PKG_VERSION}-${PKG_RELEASE},${PKG_DEPENDS},${PKG_DESCR},${PKG_SECTION},${PKG_OPTS})) +$(eval $(call PKG_template,IPTABLES,iptables,${PKG_VERSION}-${PKG_RELEASE},${PKG_DEPENDS},${PKGSD_IPTABLES},${PKG_SECTION},${PKG_OPTS})) +$(eval $(call PKG_template,IP6TABLES,ip6tables,${PKG_VERSION}-${PKG_RELEASE},${PKGSS_IP6TABLES},${PKGSD_IP6TABLES},${PKG_SECTION},${PKG_OPTS})) TARGET_LDFLAGS+= -fPIC CONFIGURE_ARGS+= --enable-devel @@ -41,9 +47,11 @@ iptables-install: ${CP} ${WRKINST}/usr/lib/libiptc.so* ${IDIR_IPTABLES}/usr/lib ${CP} ${WRKINST}/usr/lib/libip4tc.so* ${IDIR_IPTABLES}/usr/lib ${CP} ${WRKINST}/usr/lib/libxtables.so* ${IDIR_IPTABLES}/usr/lib - ${INSTALL_DIR} ${IDIR_IPTABLES}/{usr/lib,etc,usr/sbin} - ${INSTALL_DATA} ./files/firewall6.conf ${IDIR_IPTABLES}/etc - ${CP} ${WRKINST}/usr/sbin/ip6tables ${IDIR_IPTABLES}/usr/sbin - ${CP} ${WRKINST}/usr/lib/libip6tc.so* ${IDIR_IPTABLES}/usr/lib + +ip6tables-install: + ${INSTALL_DIR} ${IDIR_IP6TABLES}/{usr/lib,etc,usr/sbin} + ${INSTALL_DATA} ./files/firewall6.conf ${IDIR_IP6TABLES}/etc + ${CP} ${WRKINST}/usr/sbin/ip6tables ${IDIR_IP6TABLES}/usr/sbin + ${CP} ${WRKINST}/usr/lib/libip6tc.so* ${IDIR_IP6TABLES}/usr/lib include ${TOPDIR}/mk/pkg-bottom.mk diff --git a/package/iptables/files/firewall6.init b/package/iptables/files/firewall6.init index bedb639a9..162b98a4f 100755 --- a/package/iptables/files/firewall6.init +++ b/package/iptables/files/firewall6.init @@ -1,5 +1,5 @@ #!/bin/sh -#PKG iptables +#PKG ip6tables #INIT 45 . /etc/rc.conf -- cgit v1.2.3 From e465135180c4370c7b9fe730972d73afab1a7499 Mon Sep 17 00:00:00 2001 From: Waldemar Brodkorb Date: Mon, 7 Apr 2014 21:40:01 +0200 Subject: add separate postinst --- package/iptables/Makefile | 2 +- package/iptables/files/ip6tables.postinst | 4 ++++ package/iptables/files/iptables.postinst | 1 - 3 files changed, 5 insertions(+), 2 deletions(-) create mode 100644 package/iptables/files/ip6tables.postinst (limited to 'package/iptables') diff --git a/package/iptables/Makefile b/package/iptables/Makefile index fe2d9404b..297b8adeb 100644 --- a/package/iptables/Makefile +++ b/package/iptables/Makefile @@ -5,7 +5,7 @@ include ${TOPDIR}/rules.mk PKG_NAME:= iptables PKG_VERSION:= 1.4.21 -PKG_RELEASE:= 2 +PKG_RELEASE:= 3 PKG_MD5SUM:= 536d048c8e8eeebcd9757d0863ebb0c0 PKG_DESCR:= netfilter firewalling software PKG_SECTION:= firewall diff --git a/package/iptables/files/ip6tables.postinst b/package/iptables/files/ip6tables.postinst new file mode 100644 index 000000000..09645104b --- /dev/null +++ b/package/iptables/files/ip6tables.postinst @@ -0,0 +1,4 @@ +#!/bin/sh +. $IPKG_INSTROOT/etc/functions.sh + +add_rcconf iptables firewall6 NO diff --git a/package/iptables/files/iptables.postinst b/package/iptables/files/iptables.postinst index b418e73f9..89b0af164 100644 --- a/package/iptables/files/iptables.postinst +++ b/package/iptables/files/iptables.postinst @@ -2,4 +2,3 @@ . $IPKG_INSTROOT/etc/functions.sh add_rcconf iptables firewall NO -add_rcconf iptables firewall6 NO -- cgit v1.2.3 From 532ef799b07e4496f3437e8ecc598a2f77d922c7 Mon Sep 17 00:00:00 2001 From: Waldemar Brodkorb Date: Tue, 8 Apr 2014 08:14:30 +0200 Subject: adjust dependencies --- package/iptables/Makefile | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) (limited to 'package/iptables') diff --git a/package/iptables/Makefile b/package/iptables/Makefile index 297b8adeb..c44e66ec3 100644 --- a/package/iptables/Makefile +++ b/package/iptables/Makefile @@ -5,7 +5,7 @@ include ${TOPDIR}/rules.mk PKG_NAME:= iptables PKG_VERSION:= 1.4.21 -PKG_RELEASE:= 3 +PKG_RELEASE:= 4 PKG_MD5SUM:= 536d048c8e8eeebcd9757d0863ebb0c0 PKG_DESCR:= netfilter firewalling software PKG_SECTION:= firewall @@ -14,8 +14,6 @@ PKG_DEPENDS+= kmod-nf-conntrack-ipv4 kmod-full-nat PKG_DEPENDS+= kmod-ip-nf-target-masquerade kmod-ip-nf-target-reject PKG_DEPENDS+= kmod-ip-nf-filter kmod-ip-nf-match-state PKG_DEPENDS+= kmod-netfilter-xt-target-tcpmss -PKG_DEPENDS+= kmod-ip6-nf-iptables kmod-nf-conntrack-ipv6 -PKG_DEPENDS+= kmod-ip6-nf-filter kmod-ip6-nf-target-reject PKG_URL:= http://www.netfilter.org/ PKG_SITES:= http://www.netfilter.org/projects/iptables/files/ PKG_OPTS:= dev @@ -25,7 +23,7 @@ DISTFILES:= ${PKG_NAME}-${PKG_VERSION}.tar.bz2 PKG_SUBPKGS:= IPTABLES IP6TABLES PKGSD_IPTABLES:= iptables for IPv4 PKGSD_IP6TABLES:= iptables for IPv6 -PKGSS_IP6TABLES:= iptables +PKGSS_IP6TABLES:= iptables kmod-ip6-nf-iptables kmod-nf-conntrack-ipv6 kmod-ip6-nf-filter kmod-ip6-nf-target-reject include ${TOPDIR}/mk/package.mk -- cgit v1.2.3 From 7278a08f25737560c9d3ebeb8b51c040bd8df613 Mon Sep 17 00:00:00 2001 From: Waldemar Brodkorb Date: Tue, 8 Apr 2014 11:58:04 +0200 Subject: fix iptables build, when conntrack lib is found, form buildroot --- package/iptables/Makefile | 4 +++- .../patches/patch-extensions_GNUmakefile_in | 28 ++++++++++++++++++++++ .../iptables/patches/patch-libxtables_Makefile_am | 11 +++++++++ 3 files changed, 42 insertions(+), 1 deletion(-) create mode 100644 package/iptables/patches/patch-extensions_GNUmakefile_in create mode 100644 package/iptables/patches/patch-libxtables_Makefile_am (limited to 'package/iptables') diff --git a/package/iptables/Makefile b/package/iptables/Makefile index c44e66ec3..93e8500d0 100644 --- a/package/iptables/Makefile +++ b/package/iptables/Makefile @@ -5,7 +5,7 @@ include ${TOPDIR}/rules.mk PKG_NAME:= iptables PKG_VERSION:= 1.4.21 -PKG_RELEASE:= 4 +PKG_RELEASE:= 5 PKG_MD5SUM:= 536d048c8e8eeebcd9757d0863ebb0c0 PKG_DESCR:= netfilter firewalling software PKG_SECTION:= firewall @@ -14,6 +14,7 @@ PKG_DEPENDS+= kmod-nf-conntrack-ipv4 kmod-full-nat PKG_DEPENDS+= kmod-ip-nf-target-masquerade kmod-ip-nf-target-reject PKG_DEPENDS+= kmod-ip-nf-filter kmod-ip-nf-match-state PKG_DEPENDS+= kmod-netfilter-xt-target-tcpmss +PKG_BUILDDEP:= autotool libnetfilter_conntrack PKG_URL:= http://www.netfilter.org/ PKG_SITES:= http://www.netfilter.org/projects/iptables/files/ PKG_OPTS:= dev @@ -34,6 +35,7 @@ include ${TOPDIR}/mk/package.mk $(eval $(call PKG_template,IPTABLES,iptables,${PKG_VERSION}-${PKG_RELEASE},${PKG_DEPENDS},${PKGSD_IPTABLES},${PKG_SECTION},${PKG_OPTS})) $(eval $(call PKG_template,IP6TABLES,ip6tables,${PKG_VERSION}-${PKG_RELEASE},${PKGSS_IP6TABLES},${PKGSD_IP6TABLES},${PKG_SECTION},${PKG_OPTS})) +AUTOTOOL_STYLE:= autoreconf TARGET_LDFLAGS+= -fPIC CONFIGURE_ARGS+= --enable-devel diff --git a/package/iptables/patches/patch-extensions_GNUmakefile_in b/package/iptables/patches/patch-extensions_GNUmakefile_in new file mode 100644 index 000000000..cc922cc28 --- /dev/null +++ b/package/iptables/patches/patch-extensions_GNUmakefile_in @@ -0,0 +1,28 @@ +--- iptables-1.4.21.orig/extensions/GNUmakefile.in 2013-11-22 12:18:13.000000000 +0100 ++++ iptables-1.4.21/extensions/GNUmakefile.in 2014-04-08 11:49:28.000000000 +0200 +@@ -21,7 +21,7 @@ regular_CPPFLAGS = @regular_CPPFLAGS@ + kinclude_CPPFLAGS = @kinclude_CPPFLAGS@ + + AM_CFLAGS = ${regular_CFLAGS} +-AM_CPPFLAGS = ${regular_CPPFLAGS} -I${top_builddir}/include -I${top_builddir} -I${top_srcdir}/include ${kinclude_CPPFLAGS} ${CPPFLAGS} ++AM_CPPFLAGS = ${regular_CPPFLAGS} -I${top_builddir}/include -I${top_builddir} -I${top_srcdir}/include ${kinclude_CPPFLAGS} ${CPPFLAGS} @libnetfilter_conntrack_CFLAGS@ + AM_DEPFLAGS = -Wp,-MMD,$(@D)/.$(@F).d,-MT,$@ + AM_LDFLAGS = @noundef_LDFLAGS@ + +@@ -93,7 +93,7 @@ lib%.so: lib%.oo + ${AM_VERBOSE_CCLD} ${CCLD} ${AM_LDFLAGS} -shared ${LDFLAGS} -o $@ $< -L../libxtables/.libs -lxtables ${$*_LIBADD}; + + lib%.oo: ${srcdir}/lib%.c +- ${AM_VERBOSE_CC} ${CC} ${AM_CPPFLAGS} ${AM_DEPFLAGS} ${AM_CFLAGS} -D_INIT=lib$*_init -DPIC -fPIC ${CFLAGS} ${$*_CFLAGADD} -o $@ -c $<; ++ ${AM_VERBOSE_CC} ${CC} ${AM_CPPFLAGS} ${AM_DEPFLAGS} ${AM_CFLAGS} -D_INIT=lib$*_init -DPIC -fPIC ${CFLAGS} -o $@ -c $<; + + libxt_NOTRACK.so: libxt_CT.so + ln -fs $< $@ +@@ -106,6 +106,7 @@ xt_statistic_LIBADD = -lm + @HAVE_LIBNETFILTER_CONNTRACK_TRUE@xt_connlabel_LIBADD = @libnetfilter_conntrack_LIBS@ + + @HAVE_LIBNETFILTER_CONNTRACK_TRUE@xt_connlabel_CFLAGADD = @libnetfilter_conntrack_CFLAGS@ ++xt_connlabel_LIBADD = @libnetfilter_conntrack_LIBS@ + + # + # Static bits diff --git a/package/iptables/patches/patch-libxtables_Makefile_am b/package/iptables/patches/patch-libxtables_Makefile_am new file mode 100644 index 000000000..d05a100aa --- /dev/null +++ b/package/iptables/patches/patch-libxtables_Makefile_am @@ -0,0 +1,11 @@ +--- iptables-1.4.21.orig/libxtables/Makefile.am 2013-11-22 12:18:13.000000000 +0100 ++++ iptables-1.4.21/libxtables/Makefile.am 2014-04-08 11:51:20.000000000 +0200 +@@ -10,7 +10,7 @@ libxtables_la_LIBADD = + if ENABLE_STATIC + # With --enable-static, shipped extensions are linked into the main executable, + # so we need all the LIBADDs here too +-libxtables_la_LIBADD += -lm ++libxtables_la_LIBADD += -lm ${libnetfilter_conntrack_LIBS} + endif + if ENABLE_SHARED + libxtables_la_CFLAGS = ${AM_CFLAGS} -- cgit v1.2.3