X-Git-Url: http://git.rohieb.name/openwrt.git/blobdiff_plain/0b0afa4d818ec18187b09055fbb8d84a01590d6e..88c477db442f35aa26d312751150c120963debd3:/package/iptables/Makefile

diff --git a/package/iptables/Makefile b/package/iptables/Makefile
index f1a7de1f4..83f615250 100644
--- a/package/iptables/Makefile
+++ b/package/iptables/Makefile
@@ -1,38 +1,42 @@
+# 
+# Copyright (C) 2006 OpenWrt.org
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
 # $Id$
 
 include $(TOPDIR)/rules.mk
 include $(INCLUDE_DIR)/kernel.mk
 
 PKG_NAME:=iptables
-PKG_VERSION:=1.3.5
+PKG_VERSION:=1.3.8
 PKG_RELEASE:=1
 
-PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION)
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
 PKG_SOURCE_URL:=http://www.netfilter.org/projects/iptables/files \
 	ftp://ftp.be.netfilter.org/pub/netfilter/iptables/ \
 	ftp://ftp.de.netfilter.org/pub/netfilter/iptables/ \
 	ftp://ftp.no.netfilter.org/pub/netfilter/iptables/
-PKG_MD5SUM:=00fb916fa8040ca992a5ace56d905ea5
-PKG_CAT:=bzcat
-
-PKG_INSTALL_DIR:=$(PKG_BUILD_DIR)/ipkg-install
-
-PKG_MENU:=IPv4 / IPv6 firewall administration
+PKG_MD5SUM:=0a9209f928002e5eee9cdff8fef4d4b3
 
 include $(INCLUDE_DIR)/package.mk
 ifeq ($(DUMP),)
-include $(LINUX_DIR)/.config
-include $(INCLUDE_DIR)/netfilter.mk
+  -include $(LINUX_DIR)/.config
+  include $(INCLUDE_DIR)/netfilter.mk
+  STAMP_CONFIGURED:=$(strip $(STAMP_CONFIGURED))_$(shell grep 'NETFILTER' $(LINUX_DIR)/.config | md5s)
 endif
 
+define Package/iptables/Default
+  SECTION:=net
+  CATEGORY:=Base system
+  URL:=http://netfilter.org/
+endef
+
 define Package/iptables
-SECTION:=net
-CATEGORY:=Base system
-MENU:=1
-DEFAULT:=y
-TITLE:=IPv4 firewall administration tool
-URL:=http://netfilter.org/
+  $(call Package/iptables/Default)
+  TITLE:=IPv4 firewall administration tool
+  MENU:=1
 endef
 
 define Package/iptables/conffiles
@@ -41,115 +45,146 @@ define Package/iptables/conffiles
 endef
 
 define Package/iptables-mod-conntrack
-SECTION:=net
-CATEGORY:=Base system
-DEPENDS:=iptables
-TITLE:=connection tracking modules
-DESCRIPTION:=iptables extensions for connection tracking \\\
-Includes: \\\
-	* libipt_conntrack \\\
-	* libipt_helper \\\
-	* libipt_connmark/CONNMARK
+  $(call Package/iptables/Default)
+  DEPENDS:=iptables +kmod-ipt-conntrack
+  TITLE:=connection tracking modules
+  DESCRIPTION:=\
+	iptables extensions for connection tracking.\\\
+	\\\
+	Includes: \\\
+	- libipt_conntrack \\\
+	- libipt_helper \\\
+	- libipt_connmark/CONNMARK
 endef
 
 define Package/iptables-mod-filter
-SECTION:=net
-CATEGORY:=Base system
-DEPENDS:=iptables
-TITLE:=filter modules
-DESCRIPTION:=iptables extensions for packet content inspection\\\
-Includes: \\\
-	* libipt_ipp2p \\\
-	* libipt_layer7 
+  $(call Package/iptables/Default)
+  DEPENDS:=iptables +kmod-ipt-filter
+  TITLE:=filter modules
+  DESCRIPTION:=\
+	iptables extensions for packet content inspection.\\\
+	\\\
+	Includes: \\\
+	- libipt_ipp2p \\\
+	- libipt_layer7 
 endef
 
 define Package/iptables-mod-imq
-SECTION:=net
-CATEGORY:=Base system
-DEPENDS:=iptables
-TITLE:=IMQ support
-DESCRIPTION:=iptables extension for IMQ support\\\
-Includes: \\\
-	* libipt_IMQ
+  $(call Package/iptables/Default)
+  DEPENDS:=iptables +kmod-ipt-imq
+  TITLE:=IMQ support
+  DESCRIPTION:=\
+	iptables extension for IMQ support.\\\
+	\\\
+	Includes: \\\
+	- libipt_IMQ
 endef
 
 define Package/iptables-mod-ipopt
-SECTION:=net
-CATEGORY:=Base system
-DEPENDS:=iptables
-TITLE:=IP/Packet option modules
-DESCRIPTION:=iptables extensions for matching/changing IP packet options\\\
-Includes: \\\
-	* libipt_dscp/DSCP \\\
-	* libipt_ecn/ECN \\\
-	* libipt_length \\\
-	* libipt_mac \\\
-	* libipt_tos/TOS \\\
-	* libipt_tcpmms \\\
-	* libipt_ttl/TTL \\\
-	* libipt_unclean 
+  $(call Package/iptables/Default)
+  DEPENDS:=iptables +kmod-ipt-ipopt
+  TITLE:=IP/Packet option modules
+  DESCRIPTION:=\
+	iptables extensions for matching/changing IP packet options.\\\
+	\\\
+	Includes: \\\
+	- libipt_CLASSIFY \\\
+	- libipt_dscp/DSCP \\\
+	- libipt_ecn/ECN \\\
+	- libipt_length \\\
+	- libipt_mac \\\
+	- libipt_tos/TOS \\\
+	- libipt_tcpmms \\\
+	- libipt_ttl/TTL \\\
+	- libipt_unclean 
 endef
 
 define Package/iptables-mod-ipsec
-SECTION:=net
-CATEGORY:=Base system
-DEPENDS:=iptables
-TITLE:=IPSec extensions
-DESCRIPTION:=iptables extensions for matching ipsec traffic\\\
-Includes: \\\
-	* libipt_ah \\\
-	* libipt_esp
+  $(call Package/iptables/Default)
+  DEPENDS:=iptables +kmod-ipt-ipsec
+  TITLE:=IPSec extensions
+  DESCRIPTION:=\
+	iptables extensions for matching ipsec traffic.\\\
+	\\\
+	Includes: \\\
+	- libipt_ah \\\
+	- libipt_esp
 endef
 
 define Package/iptables-mod-nat
-SECTION:=net
-CATEGORY:=Base system
-DEPENDS:=iptables
-TITLE:=extra NAT targets
-DESCRIPTION:=iptables extensions for different NAT targets\\\
-Includes: \\\
-	* libipt_REDIRECT
+  $(call Package/iptables/Default)
+  DEPENDS:=iptables +kmod-ipt-nat
+  TITLE:=extra NAT targets
+  DESCRIPTION:=\
+	iptables extensions for different NAT targets.\\\
+	\\\
+	Includes: \\\
+	- libipt_REDIRECT
 endef
 
 define Package/iptables-mod-ulog
-SECTION:=net
-CATEGORY:=Base system
-DEPENDS:=iptables
-TITLE:=user-space packet logging
-DESCRIPTION:=iptables extensions for user-space packet logging\\\
-Includes: \\\
-	* libipt_ULOG
+  $(call Package/iptables/Default)
+  DEPENDS:=iptables +kmod-ipt-ulog
+  TITLE:=user-space packet logging
+  DESCRIPTION:=\
+	iptables extensions for user-space packet logging.\\\
+	\\\
+	Includes: \\\
+	- libipt_ULOG
+endef
+
+define Package/iptables-mod-iprange
+  $(call Package/iptables/Default)
+  DEPENDS:=iptables +kmod-ipt-iprange
+  TITLE:=ip range module
+  DESCRIPTION:=\
+	iptables extensions for matching ip ranges.\\\
+	\\\
+	Includes: \\\
+	- libipt_iprange
 endef
 
 define Package/iptables-mod-extra
-SECTION:=net
-CATEGORY:=Base system
-DEPENDS:=iptables
-TITLE:=other extra iptables extensions
-DESCRIPTION:=other extra iptables extensions\\\
-Includes: \\\
-	* libipt_limit \\\
-	* libipt_owner \\\
-	* libipt_physdev \\\
-	* libipt_pkttype \\\
-	* libipt_recent
+  $(call Package/iptables/Default)
+  DEPENDS:=iptables +kmod-ipt-extra
+  TITLE:=other extra iptables extensions
+  DESCRIPTION:=\
+	other extra iptables extensions.\\\
+	\\\
+	Includes: \\\
+	- libipt_limit \\\
+	- libipt_owner \\\
+	- libipt_physdev \\\
+	- libipt_pkttype \\\
+	- libipt_recent \\\
+	- libipt_NOTRACK
+endef
+
+define Package/iptables-mod-ipset
+  $(call Package/iptables/Default)
+  DEPENDS:=iptables +kmod-ipt-ipset
+  TITLE:=ipset iptables extension
+  DESCRIPTION:=\
+    ipset
 endef
 
 define Package/iptables-utils
-SECTION:=net
-CATEGORY:=Base system
-DEPENDS:=iptables
-TITLE:=iptables save and restore utilities
+  $(call Package/iptables/Default)
+  DEPENDS:=iptables
+  TITLE:=iptables save and restore utilities
 endef
 
 define Package/ip6tables
-SECTION:=net
-CATEGORY:=Base system
-TITLE:=IPv6 firewall administration tool
+  $(call Package/iptables/Default)
+  DEPENDS:=+kmod-ipv6
+  CATEGORY:=Network
+  TITLE:=IPv6 firewall administration tool
 endef
 
-
 define Build/Configure
+	rm -f $(PKG_BUILD_DIR)/.configured*
+	$(MAKE) -C $(PKG_BUILD_DIR) \
+		clean
 endef
 
 define Build/Compile
@@ -157,85 +192,92 @@ define Build/Compile
 	mkdir -p $(PKG_INSTALL_DIR)
 	$(MAKE) -C $(PKG_BUILD_DIR) \
 		$(TARGET_CONFIGURE_OPTS) \
-		CC=$(TARGET_CC) COPT_FLAGS="$(TARGET_CFLAGS)" \
-		KERNEL_DIR=$(LINUX_DIR) PREFIX=/usr \
+		COPT_FLAGS="$(TARGET_CFLAGS)" \
+		LDFLAGS="-rdynamic -static-libgcc" \
+		KERNEL_DIR="$(LINUX_DIR)" PREFIX=/usr \
 		DESTDIR="$(PKG_INSTALL_DIR)" \
-		all install install-devel
+		all install
 endef
 
-
 define Build/InstallDev
 	$(MAKE) -C $(PKG_BUILD_DIR) \
 		$(TARGET_CONFIGURE_OPTS) \
-		CC=$(TARGET_CC) COPT_FLAGS="$(TARGET_CFLAGS)" \
-		KERNEL_DIR=$(LINUX_DIR) PREFIX=/usr \
+		COPT_FLAGS="$(TARGET_CFLAGS)" \
+		KERNEL_DIR="$(LINUX_DIR)" PREFIX=/usr \
 		DESTDIR="$(STAGING_DIR)" \
-		install install-devel
+		install-devel
+	$(CP) $(PKG_BUILD_DIR)/include $(STAGING_DIR)/usr
+	$(CP) $(PKG_BUILD_DIR)/libiptc/libiptc.a $(STAGING_DIR)/usr/lib
 endef
 
 define Build/UninstallDev
 	rm -rf $(STAGING_DIR)/usr/include/libipq.h
+	rm -rf $(STAGING_DIR)/usr/include/libipulog
+	rm -rf $(STAGING_DIR)/usr/include/libipq
+	rm -rf $(STAGING_DIR)/usr/include/libiptc
+	rm -rf $(STAGING_DIR)/usr/include/linux/netfilter*
+	rm -rf $(STAGING_DIR)/usr/include/iptables*
+	rm -rf $(STAGING_DIR)/usr/include/ip6tables*
 	rm -rf $(STAGING_DIR)/usr/lib/libipq.a
+	rm -rf $(STAGING_DIR)/usr/lib/libiptc.a
 endef
 
-		
 define Package/iptables/install
-	install -d -m0755 $(1)/etc/config
-	install -m0644 ./files/firewall.config $(1)/etc/config/firewall
-	install -d -m0755 $(1)/etc/init.d
-	install -m0755 ./files/firewall.init $(1)/etc/init.d/S45firewall
-	install -m0755 ./files/firewall.user $(1)/etc/
-	install -d -m0755 $(1)/usr/lib
-	install -m0644 ./files/firewall.awk $(1)/usr/lib
-	install -d -m0755 $(1)/usr/sbin
+	$(INSTALL_DIR) $(1)/etc/config
+	$(INSTALL_DATA) ./files/firewall.config $(1)/etc/config/firewall
+	$(INSTALL_DIR) $(1)/etc/init.d
+	$(INSTALL_BIN) ./files/firewall.init $(1)/etc/init.d/firewall
+	$(INSTALL_BIN) ./files/firewall.user $(1)/etc/
+	$(INSTALL_DIR) $(1)/usr/lib
+	$(INSTALL_DATA) ./files/firewall.awk $(1)/usr/lib
+	$(INSTALL_DIR) $(1)/usr/sbin
 	$(CP) $(PKG_INSTALL_DIR)/usr/sbin/iptables $(1)/usr/sbin/
-	install -d -m0755 $(1)/usr/lib/iptables
+	$(INSTALL_DIR) $(1)/usr/lib/iptables
 	(cd $(PKG_INSTALL_DIR)/usr/lib/iptables ; \
 		$(CP) $(patsubst %,lib%.so,$(IPT_BUILTIN:xt_%=ipt_%)) $(1)/usr/lib/iptables/ \
 	)
-	$(RSTRIP) $(1)
 endef
 
 define Package/iptables-utils/install
-	install -d -m0755 $(1)/usr/sbin
+	$(INSTALL_DIR) $(1)/usr/sbin
 	$(CP) $(PKG_INSTALL_DIR)/usr/sbin/iptables-{save,restore} $(1)/usr/sbin/
-	$(RSTRIP) $(1)
 endef
 
 define Package/ip6tables/install
-	install -d -m0755 $(1)/usr/sbin
+	$(INSTALL_DIR) $(1)/usr/sbin
 	$(CP) $(PKG_INSTALL_DIR)/usr/sbin/ip6tables $(1)/usr/sbin/
-	install -d -m0755 $(1)/usr/lib/iptables
+	$(INSTALL_DIR) $(1)/usr/lib/iptables
 	(cd $(PKG_INSTALL_DIR)/usr/lib/iptables ; \
 		$(CP) libip6t_*.so $(1)/usr/lib/iptables/ \
 	)
-	$(RSTRIP) $(1)
 endef
 
 define BuildPlugin
-define Package/$(1)/install
-	install -m0755 -d $$(1)/usr/lib/iptables
+  define Package/$(1)/install
+	$(INSTALL_DIR) $$(1)/usr/lib/iptables
 	for m in $$(patsubst xt_%,ipt_%,$(2)); do \
 		$(CP) $(PKG_INSTALL_DIR)/usr/lib/iptables/lib$$$$$$$${m}.so $$(1)/usr/lib/iptables/ ; \
 	done
 	$(3)
-	$(RSTRIP) $$(1)
-endef
+  endef
 
-$$(eval $$(call BuildPackage,$(1)))
+  $$(eval $$(call BuildPackage,$(1)))
 endef
 
-L7_INSTALL:=mkdir -p $$(1)/etc/l7-protocols; \
+L7_INSTALL:=\
+	$(INSTALL_DIR) $$(1)/etc/l7-protocols; \
 	$(CP) files/l7/*.pat $$(1)/etc/l7-protocols/
 
 $(eval $(call BuildPackage,iptables))
 $(eval $(call BuildPackage,iptables-utils))
 $(eval $(call BuildPlugin,iptables-mod-conntrack,$(IPT_CONNTRACK-m)))
 $(eval $(call BuildPlugin,iptables-mod-extra,$(IPT_EXTRA-m)))
+$(eval $(call BuildPlugin,iptables-mod-ipset,$(IPT_IPSET-m)))
 $(eval $(call BuildPlugin,iptables-mod-filter,$(IPT_FILTER-m),$(L7_INSTALL)))
 $(eval $(call BuildPlugin,iptables-mod-imq,$(IPT_IMQ-m)))
 $(eval $(call BuildPlugin,iptables-mod-ipopt,$(IPT_IPOPT-m)))
 $(eval $(call BuildPlugin,iptables-mod-ipsec,$(IPT_IPSEC-m)))
 $(eval $(call BuildPlugin,iptables-mod-nat,$(IPT_NAT-m)))
+$(eval $(call BuildPlugin,iptables-mod-iprange,$(IPT_IPRANGE-m)))
 $(eval $(call BuildPlugin,iptables-mod-ulog,$(IPT_ULOG-m)))
 $(eval $(call BuildPackage,ip6tables))