diff --git a/net/miniupnpd/Makefile b/net/miniupnpd/Makefile index 41113edb9..deeac1ccd 100644 --- a/net/miniupnpd/Makefile +++ b/net/miniupnpd/Makefile @@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=miniupnpd PKG_VERSION:=2.2.3 -PKG_RELEASE:=1 +PKG_RELEASE:=2 PKG_SOURCE_URL:=https://miniupnp.tuxfamily.org/files PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz @@ -26,27 +26,47 @@ PKG_BUILD_PARALLEL:=1 include $(INCLUDE_DIR)/package.mk include $(INCLUDE_DIR)/version.mk -define Package/miniupnpd +define Package/miniupnpd/Default SECTION:=net CATEGORY:=Network DEPENDS:= \ - +IPV6:ip6tables \ - +IPV6:libip6tc \ - +iptables \ +libcap-ng \ - +libip4tc \ +libmnl \ - +libnetfilter-conntrack \ +libuuid + PROVIDES:=miniupnpd TITLE:=Lightweight UPnP IGD, NAT-PMP & PCP daemon SUBMENU:=Firewall URL:=https://miniupnp.tuxfamily.org/ endef -define Package/miniupnpd/conffiles +define Package/miniupnpd-iptables + $(call Package/miniupnpd/Default) + CONFLICTS:=miniupnpd-nftables + DEPENDS+= \ + +IPV6:ip6tables \ + +IPV6:libip6tc \ + +iptables \ + +libip4tc \ + +libnetfilter-conntrack + TITLE+= (iptables) + VARIANT:=iptables +endef + +define Package/miniupnpd-nftables + $(call Package/miniupnpd/Default) + DEPENDS+= \ + +libnftnl + TITLE+= (nftables) + VARIANT:=nftables +endef + +define Package/miniupnpd/conffiles/Default /etc/config/upnpd endef +Package/miniupnpd-iptables/conffiles = $(Package/miniupnpd/conffiles/Default) +Package/miniupnpd-nftables/conffiles = $(Package/miniupnpd/conffiles/Default) + define Build/Prepare $(call Build/Prepare/Default) echo "$(VERSION_NUMBER)" | tr '() ' '_' >$(PKG_BUILD_DIR)/os.openwrt @@ -57,26 +77,38 @@ CONFIGURE_ARGS = \ --igd2 \ --leasefile \ --portinuse \ - --firewall=iptables \ + --firewall=$(BUILD_VARIANT) \ --disable-fork -TARGET_CFLAGS += $(FPIC) -flto +TARGET_CFLAGS += $(FPIC) TARGET_LDFLAGS += -Wl,--gc-sections,--as-needed -define Package/miniupnpd/install +ifeq ($(BUILD_VARIANT),iptables) + TARGET_CFLAGS += -flto +endif + +define Package/miniupnpd/install/Default $(INSTALL_DIR) $(1)/usr/sbin $(INSTALL_DIR) $(1)/etc/init.d $(INSTALL_DIR) $(1)/etc/config $(INSTALL_DIR) $(1)/etc/hotplug.d/iface - $(INSTALL_DIR) $(1)/etc/uci-defaults - $(INSTALL_DIR) $(1)/usr/share/miniupnpd - $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/miniupnpd $(1)/usr/sbin/miniupnpd $(INSTALL_BIN) ./files/miniupnpd.init $(1)/etc/init.d/miniupnpd $(INSTALL_CONF) ./files/upnpd.config $(1)/etc/config/upnpd $(INSTALL_DATA) ./files/miniupnpd.hotplug $(1)/etc/hotplug.d/iface/50-miniupnpd - $(INSTALL_BIN) ./files/miniupnpd.defaults $(1)/etc/uci-defaults/99-miniupnpd - $(INSTALL_DATA) ./files/firewall.include $(1)/usr/share/miniupnpd/firewall.include endef -$(eval $(call BuildPackage,miniupnpd)) +define Package/miniupnpd-iptables/install + $(call Package/miniupnpd/install/Default,$1) + $(INSTALL_DIR) $(1)/etc/uci-defaults + $(INSTALL_DIR) $(1)/usr/share/miniupnpd + $(INSTALL_BIN) ./files/miniupnpd.defaults.iptables $(1)/etc/uci-defaults/99-miniupnpd + $(INSTALL_DATA) ./files/firewall3.include $(1)/usr/share/miniupnpd/firewall.include +endef + +define Package/miniupnpd-nftables/install + $(call Package/miniupnpd/install/Default,$1) +endef + +$(eval $(call BuildPackage,miniupnpd-iptables)) +$(eval $(call BuildPackage,miniupnpd-nftables)) diff --git a/net/miniupnpd/files/firewall.include b/net/miniupnpd/files/firewall3.include similarity index 100% rename from net/miniupnpd/files/firewall.include rename to net/miniupnpd/files/firewall3.include diff --git a/net/miniupnpd/files/miniupnpd.defaults b/net/miniupnpd/files/miniupnpd.defaults.iptables similarity index 100% rename from net/miniupnpd/files/miniupnpd.defaults rename to net/miniupnpd/files/miniupnpd.defaults.iptables diff --git a/net/miniupnpd/patches/100-miniupnpd-configure-don-t-hardcode-iptables.patch b/net/miniupnpd/patches/100-miniupnpd-configure-don-t-hardcode-iptables.patch new file mode 100644 index 000000000..c6f24b282 --- /dev/null +++ b/net/miniupnpd/patches/100-miniupnpd-configure-don-t-hardcode-iptables.patch @@ -0,0 +1,25 @@ +From 51a422407b22f0cb7188ea4bfb3867b2bbfcfe68 Mon Sep 17 00:00:00 2001 +From: Stijn Tintel +Date: Sun, 7 Nov 2021 20:24:29 +0200 +Subject: [PATCH] miniupnpd/configure: don't hardcode iptables + +The OpenWrt Makefile that builds miniupnpd passes the firewall argument +to the configure script, so this is not needed and it is blocking us +from using nftables instead, which will be the default backend for +firewall4 to be used in the next OpenWrt stable release. + +Signed-off-by: Stijn Tintel +--- + configure | 1 - + 1 file changed, 1 deletion(-) + +--- a/configure ++++ b/configure +@@ -387,7 +387,6 @@ case $OS_NAME in + OpenWRT) + OS_URL=http://www.openwrt.org/ + echo "#define USE_IFACEWATCHER 1" >> ${CONFIGFILE} +- FW=iptables + ;; + OpenEmbedded) + OS_URL=http://www.openembedded.org/