+# $Id$
+
include $(TOPDIR)/rules.mk
-include kernelconfig.mk
-
-PKG_NAME := iptables
-PKG_VERSION := 1.2.11
-PKG_RELEASE := 1
-
-PKG_SOURCE_SITE := http://www.netfilter.org/files
-PKG_SOURCE_FILE := $(PKG_NAME)-$(PKG_VERSION).tar.bz2
-PKG_SOURCE_CAT := bzcat
-PKG_SOURCE_DIR := $(PKG_NAME)-$(PKG_VERSION)
-
-PKG_BUILD_DIR := $(BUILD_DIR)/$(PKG_SOURCE_DIR)
-
-PKG_IPT := $(PACKAGE_DIR)/iptables_$(PKG_VERSION)-$(PKG_RELEASE)_$(ARCH).ipk
-PKG_IPT_EXTRA := $(PACKAGE_DIR)/iptables-extra_$(PKG_VERSION)-$(PKG_RELEASE)_$(ARCH).ipk
-PKG_IP6T := $(PACKAGE_DIR)/ip6tables_$(PKG_VERSION)-$(PKG_RELEASE)_$(ARCH).ipk
-
-I_IPT := $(PKG_BUILD_DIR)/ipkg/iptables
-I_IPT_EXTRA := $(PKG_BUILD_DIR)/ipkg/iptables-extra
-I_IP6T := $(PKG_BUILD_DIR)/ipkg/ip6tables
-
-TARGETS := $(PKG_IPT)
-ifneq ($(BR2_PACKAGE_IPTABLES_EXTRA),)
-TARGETS += $(PKG_IPT_EXTRA)
-endif
-ifneq ($(BR2_PACKAGE_IP6TABLES),)
-TARGETS += $(PKG_IP6T)
-endif
-
-INSTALL_TARGETS := $(IPKG_STATE_DIR)/info/iptables.list
-ifeq ($(BR2_PACKAGE_IPTABLES_EXTRA),y)
-INSTALL_TARGETS += $(IPKG_STATE_DIR)/info/iptables-extra.list
-endif
-ifeq ($(BR2_PACKAGE_IP6TABLES),y)
-INSTALL_TARGETS += $(IPKG_STATE_DIR)/info/ip6tables.list
-endif
-
-$(DL_DIR)/$(PKG_SOURCE_FILE):
- mkdir -p $(DL_DIR)
- $(WGET) -P $(DL_DIR) $(PKG_SOURCE_SITE)/$(PKG_SOURCE_FILE)
-
-$(PKG_BUILD_DIR)/.patched: $(DL_DIR)/$(PKG_SOURCE_FILE)
- mkdir -p $(PKG_BUILD_DIR)/modules
- $(PKG_SOURCE_CAT) $(DL_DIR)/$(PKG_SOURCE_FILE) | tar -C $(BUILD_DIR) $(TAR_OPTIONS) -
- $(PATCH) $(PKG_BUILD_DIR) ./patches
- touch $(PKG_BUILD_DIR)/.patched
-
-$(PKG_BUILD_DIR)/iptables: $(PKG_BUILD_DIR)/.patched
- $(TARGET_CONFIGURE_OPTS) \
+
+PKG_NAME:=iptables
+PKG_VERSION:=1.3.3
+PKG_RELEASE:=2
+PKG_MD5SUM:=86d88455520cfdc56fd7ae27897a80a4
+
+PKG_SOURCE_URL:=http://www.netfilter.org/files \
+ ftp://ftp.be.netfilter.org/pub/netfilter/iptables/ \
+ ftp://ftp.de.netfilter.org/pub/netfilter/iptables/ \
+ ftp://ftp.no.netfilter.org/pub/netfilter/iptables/
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
+PKG_CAT:=bzcat
+
+PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION)
+PKG_INSTALL_DIR:=$(PKG_BUILD_DIR)/ipkg-install
+
+define IPKG_plugin_template
+
+$$(IPKG_$(1)):
+ install -m0755 -d $$(IDIR_$(1))/usr/lib/iptables
+ for m in $(2); do \
+ cp -fpR $(PKG_INSTALL_DIR)/usr/lib/iptables/lib$$$${m}.so $$(IDIR_$(1))/usr/lib/iptables/ ; \
+ done
+ @[ -z "$(3)" ] || $(MAKE) $(3)
+ $(RSTRIP) $$(IDIR_$(1))
+ $(IPKG_BUILD) $$(IDIR_$(1)) $(PACKAGE_DIR)
+
+endef
+
+include $(TOPDIR)/package/rules.mk
+include $(LINUX_DIR)/.config
+include $(TOPDIR)/target/linux/netfilter.mk
+
+$(eval $(call PKG_template,IPTABLES,iptables,$(PKG_VERSION)-$(PKG_RELEASE),$(ARCH)))
+$(eval $(call PKG_template,IPTABLES_EXTRA,iptables-extra,$(PKG_VERSION)-$(PKG_RELEASE),$(ARCH)))
+$(eval $(call PKG_template,IPTABLES_UTILS,iptables-utils,$(PKG_VERSION)-$(PKG_RELEASE),$(ARCH)))
+$(eval $(call PKG_template,IP6TABLES,ip6tables,$(PKG_VERSION)-$(PKG_RELEASE),$(ARCH)))
+
+$(eval $(call PKG_template,IPTABLES_MOD_CONNTRACK,iptables-mod-conntrack,$(PKG_VERSION)-$(PKG_RELEASE),$(ARCH)))
+$(eval $(call PKG_template,IPTABLES_MOD_EXTRA,iptables-mod-extra,$(PKG_VERSION)-$(PKG_RELEASE),$(ARCH)))
+$(eval $(call PKG_template,IPTABLES_MOD_FILTER,iptables-mod-filter,$(PKG_VERSION)-$(PKG_RELEASE),$(ARCH)))
+$(eval $(call PKG_template,IPTABLES_MOD_IMQ,iptables-mod-img,$(PKG_VERSION)-$(PKG_RELEASE),$(ARCH)))
+$(eval $(call PKG_template,IPTABLES_MOD_IPOPT,iptables-mod-ipopt,$(PKG_VERSION)-$(PKG_RELEASE),$(ARCH)))
+$(eval $(call PKG_template,IPTABLES_MOD_IPSEC,iptables-mod-ipsec,$(PKG_VERSION)-$(PKG_RELEASE),$(ARCH)))
+$(eval $(call PKG_template,IPTABLES_MOD_NAT,iptables-mod-nat,$(PKG_VERSION)-$(PKG_RELEASE),$(ARCH)))
+$(eval $(call PKG_template,IPTABLES_MOD_ULOG,iptables-mod-ulog,$(PKG_VERSION)-$(PKG_RELEASE),$(ARCH)))
+
+$(eval $(call IPKG_plugin_template,IPTABLES_MOD_CONNTRACK,$(IPT_CONNTRACK-m)))
+$(eval $(call IPKG_plugin_template,IPTABLES_MOD_EXTRA,$(IPT_EXTRA-m)))
+$(eval $(call IPKG_plugin_template,IPTABLES_MOD_FILTER,$(IPT_FILTER-m),layer7-install))
+$(eval $(call IPKG_plugin_template,IPTABLES_MOD_IMQ,$(IPT_IMQ-m)))
+$(eval $(call IPKG_plugin_template,IPTABLES_MOD_IPOPT,$(IPT_IPOPT-m)))
+$(eval $(call IPKG_plugin_template,IPTABLES_MOD_IPSEC,$(IPT_IPSEC-m)))
+$(eval $(call IPKG_plugin_template,IPTABLES_MOD_NAT,$(IPT_NAT-m)))
+$(eval $(call IPKG_plugin_template,IPTABLES_MOD_ULOG,$(IPT_ULOG-m)))
+
+$(PKG_BUILD_DIR)/.configured:
+ touch $@
+
+$(PKG_BUILD_DIR)/.built:
+ chmod a+x $(PKG_BUILD_DIR)/extensions/.*-test*
+ mkdir -p $(PKG_INSTALL_DIR)
$(MAKE) -C $(PKG_BUILD_DIR) \
+ $(TARGET_CONFIGURE_OPTS) \
+ CC=$(TARGET_CC) COPT_FLAGS="$(TARGET_CFLAGS)" \
KERNEL_DIR=$(LINUX_DIR) PREFIX=/usr \
- CC=$(TARGET_CC) COPT_FLAGS="$(TARGET_CFLAGS)"
-
-$(PKG_IPT): $(PKG_BUILD_DIR)/iptables
- $(SCRIPT_DIR)/make-ipkg-dir.sh $(I_IPT) control/iptables.control $(PKG_VERSION)-$(PKG_RELEASE) $(ARCH)
- mkdir -p $(I_IPT)/usr/sbin
- cp -af $(PKG_BUILD_DIR)/iptables $(I_IPT)/usr/sbin/
- $(STRIP) $(I_IPT)/usr/sbin/iptables
- mkdir -p $(I_IPT)/usr/lib/iptables
- (cd $(PKG_BUILD_DIR)/extensions; \
- cp $(patsubst %,libipt_%.so,$(ext-y)) $(I_IPT)/usr/lib/iptables)
- -$(STRIP) $(I_IPT)/usr/lib/iptables/*.so
- mkdir -p $(I_IPT_EXTRA)/$(MODULES_SUBDIR)
- cp $(MODULES_DIR)/kernel/net/ipv6/netfilter/*.o $(I_IPT_EXTRA)/$(MODULES_SUBDIR)
- mkdir -p $(PACKAGE_DIR)
- $(IPKG_BUILD) $(I_IPT) $(PACKAGE_DIR)
-
-$(IPKG_STATE_DIR)/info/iptables.list: $(PKG_IPT)
- $(IPKG) install $(PKG_IPT)
-
-$(PKG_IPT_EXTRA): $(PKG_BUILD_DIR)/iptables
- $(SCRIPT_DIR)/make-ipkg-dir.sh $(I_IPT_EXTRA) control/iptables-extra.control $(PKG_VERSION)-$(PKG_RELEASE) $(ARCH)
- mkdir -p $(I_IPT_EXTRA)/usr/lib/iptables
- (cd $(PKG_BUILD_DIR)/extensions; \
- cp $(patsubst %,libipt_%.so,$(ext-m)) $(I_IPT_EXTRA)/usr/lib/iptables)
- -$(STRIP) $(I_IPT_EXTRA)/usr/lib/iptables/*.so
- mkdir -p $(PACKAGE_DIR)
- $(IPKG_BUILD) $(I_IPT_EXTRA) $(PACKAGE_DIR)
-
-$(IPKG_STATE_DIR)/info/iptables-extra.list: $(PKG_IPT)
- $(IPKG) install $(PKG_IPT_EXTRA)
-
-$(PKG_IP6T): $(PKG_BUILD_DIR)/iptables
- $(SCRIPT_DIR)/make-ipkg-dir.sh $(I_IP6T) control/ip6tables.control $(PKG_VERSION)-$(PKG_RELEASE) $(ARCH)
- mkdir -p $(I_IP6T)/usr/sbin
- cp -af $(PKG_BUILD_DIR)/ip6tables $(I_IP6T)/usr/sbin/
- $(STRIP) $(I_IP6T)/usr/sbin/ip6tables
- mkdir -p $(I_IP6T)/usr/lib/iptables
- (cd $(PKG_BUILD_DIR)/extensions; \
- cp libip6t_*.so $(I_IP6T)/usr/lib/iptables)
- -$(STRIP) $(I_IP6T)/usr/lib/iptables/*.so
- mkdir -p $(PACKAGE_DIR)
- $(IPKG_BUILD) $(I_IP6T) $(PACKAGE_DIR)
-
-$(IPKG_STATE_DIR)/info/ip6tables.list: $(PKG_IP6T)
- $(IPKG) install $(PKG_IP6T)
-
-
-source: $(DL_DIR)/$(PKG_SOURCE_FILE)
-prepare: $(PKG_BUILD_DIR)/.patched
-compile: $(TARGETS)
-install: $(INSTALL_TARGETS)
-
-clean:
- rm -rf $(PKG_BUILD_DIR)
- rm -f $(PKG_IPT) $(PKG_IPT_EXTRA) $(PKG_IP6T)
+ DESTDIR="$(PKG_INSTALL_DIR)" \
+ all install install-devel
+ touch $@
+
+$(IPKG_IPTABLES):
+ install -d -m0755 $(IDIR_IPTABLES)/usr/sbin
+ cp -fpR $(PKG_INSTALL_DIR)/usr/sbin/iptables $(IDIR_IPTABLES)/usr/sbin/
+ install -d -m0755 $(IDIR_IPTABLES)/usr/lib/iptables
+ (cd $(PKG_INSTALL_DIR)/usr/lib/iptables ; \
+ cp -fpR $(patsubst %,lib%.so,$(IPT_BUILTIN)) $(IDIR_IPTABLES)/usr/lib/iptables/ \
+ )
+ $(RSTRIP) $(IDIR_IPTABLES)
+ $(IPKG_BUILD) $(IDIR_IPTABLES) $(PACKAGE_DIR)
+
+$(IPKG_IPTABLES_UTILS):
+ install -d -m0755 $(IDIR_IPTABLES_UTILS)/usr/sbin
+ cp -fpR $(PKG_INSTALL_DIR)/usr/sbin/iptables-{save,restore} $(IDIR_IPTABLES_UTILS)/usr/sbin/
+ $(RSTRIP) $(IDIR_IPTABLES_UTILS)
+ $(IPKG_BUILD) $(IDIR_IPTABLES_UTILS) $(PACKAGE_DIR)
+
+$(IPKG_IP6TABLES):
+ install -d -m0755 $(IDIR_IP6TABLES)/usr/sbin
+ cp -fpR $(PKG_INSTALL_DIR)/usr/sbin/ip6tables $(IDIR_IP6TABLES)/usr/sbin/
+ install -d -m0755 $(IDIR_IP6TABLES)/usr/lib/iptables
+ (cd $(PKG_INSTALL_DIR)/usr/lib/iptables ; \
+ cp -fpR libip6t_*.so $(IDIR_IP6TABLES)/usr/lib/iptables/ \
+ )
+ $(RSTRIP) $(IDIR_IP6TABLES)
+ $(IPKG_BUILD) $(IDIR_IP6TABLES) $(PACKAGE_DIR)
+
+$(STAGING_DIR)/usr/lib/libipq.a: $(PKG_BUILD_DIR)/.built
+ mkdir -p $(STAGING_DIR)/usr/include
+ cp -fpR $(PKG_INSTALL_DIR)/usr/include/libipq.h $(STAGING_DIR)/usr/include/
+ mkdir -p $(STAGING_DIR)/usr/lib
+ cp -fpR $(PKG_INSTALL_DIR)/usr/lib/libipq.a $(STAGING_DIR)/usr/lib/
+
+layer7-install:
+ mkdir -p $(IDIR_IPTABLES_MOD_FILTER)/etc/l7-protocols
+ cp files/l7/*.pat $(IDIR_IPTABLES_MOD_FILTER)/etc/l7-protocols/
+
+install-dev: $(STAGING_DIR)/usr/lib/libipq.a
+
+uninstall-dev:
+ rm -rf $(STAGING_DIR)/usr/include/libipq.h
+ rm -rf $(STAGING_DIR)/usr/lib/libipq.a
+
+compile-targets: install-dev
+clean-targets: uninstall-dev