|
# SPDX-License-Identifier: GPL-2.0-only
|
|
#
|
|
# Copyright (C) 2009-2013 OpenWrt.org
|
|
#
|
|
|
|
include $(TOPDIR)/rules.mk
|
|
include $(INCLUDE_DIR)/kernel.mk
|
|
|
|
PKG_NAME:=xtables-addons
|
|
PKG_VERSION:=3.21
|
|
PKG_RELEASE:=$(AUTORELEASE)
|
|
PKG_HASH:=2e09ac129a14f5e9c23b115ebcdfff4aa84e2aeba1268dbdf39b2d752bd71e19
|
|
|
|
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
|
|
PKG_SOURCE_URL:=https://inai.de/files/xtables-addons/
|
|
PKG_BUILD_DEPENDS:=iptables
|
|
|
|
PKG_INSTALL:=1
|
|
PKG_BUILD_PARALLEL:=1
|
|
|
|
PKG_MAINTAINER:=Jo-Philipp Wich <jo@mein.io>
|
|
PKG_LICENSE:=GPL-2.0
|
|
PKG_LICENSE_FILES:=COPYING
|
|
|
|
PKG_FIXUP:=autoreconf
|
|
PKG_ASLR_PIE:=0
|
|
|
|
include $(INCLUDE_DIR)/package.mk
|
|
|
|
define Package/xtables-addons
|
|
SECTION:=net
|
|
CATEGORY:=Network
|
|
SUBMENU:=Firewall
|
|
TITLE:=Extensions not distributed in the main Xtables
|
|
URL:=https://inai.de/projects/xtables-addons/
|
|
endef
|
|
|
|
# uses GNU configure
|
|
|
|
CONFIGURE_ARGS+= \
|
|
--with-kbuild="$(LINUX_DIR)" \
|
|
--with-xtlibdir="/usr/lib/iptables"
|
|
|
|
ifdef CONFIG_EXTERNAL_TOOLCHAIN
|
|
MAKE_FLAGS:= \
|
|
$(patsubst ARCH=%,ARCH=$(LINUX_KARCH),$(MAKE_FLAGS)) \
|
|
DEPMOD="/bin/true"
|
|
|
|
MAKE_INSTALL_FLAGS:= \
|
|
$(patsubst ARCH=%,ARCH=$(LINUX_KARCH),$(MAKE_FLAGS)) \
|
|
DEPMOD="/bin/true"
|
|
else
|
|
define Build/Compile
|
|
+$(MAKE) $(PKG_JOBS) -C $(PKG_BUILD_DIR) \
|
|
$(KERNEL_MAKE_FLAGS) \
|
|
DESTDIR="$(PKG_INSTALL_DIR)" \
|
|
DEPMOD="/bin/true" \
|
|
all
|
|
endef
|
|
|
|
define Build/Install
|
|
$(MAKE) -C $(PKG_BUILD_DIR) \
|
|
$(KERNEL_MAKE_FLAGS) \
|
|
DESTDIR="$(PKG_INSTALL_DIR)" \
|
|
DEPMOD="/bin/true" \
|
|
install
|
|
endef
|
|
endif
|
|
|
|
# 1: extension/module suffix used in package name
|
|
# 2: extension/module display name used in package title/description
|
|
# 3: list of extensions to package
|
|
# 4: list of modules to package
|
|
# 5: module load priority
|
|
# 6: module depends
|
|
define BuildTemplate
|
|
|
|
ifneq ($(3),)
|
|
define Package/iptables-mod-$(1)
|
|
$$(call Package/xtables-addons)
|
|
CATEGORY:=Network
|
|
TITLE:=$(2) iptables extension
|
|
DEPENDS:=iptables $(if $(4),+kmod-ipt-$(1))
|
|
endef
|
|
|
|
define Package/iptables-mod-$(1)/install
|
|
$(INSTALL_DIR) $$(1)/usr/lib/iptables
|
|
for m in $(3); do \
|
|
$(CP) \
|
|
$(PKG_INSTALL_DIR)/usr/lib/iptables/lib$$$$$$$${m}.so \
|
|
$$(1)/usr/lib/iptables/ ; \
|
|
done
|
|
endef
|
|
|
|
$$(eval $$(call BuildPackage,iptables-mod-$(1)))
|
|
endif
|
|
|
|
ifneq ($(4),)
|
|
define KernelPackage/ipt-$(1)
|
|
SUBMENU:=Netfilter Extensions
|
|
TITLE:=$(2) netfilter module
|
|
DEPENDS:=+kmod-ipt-core $(5)
|
|
FILES:=$(foreach mod,$(4),$(PKG_BUILD_DIR)/extensions/$(mod).$(LINUX_KMOD_SUFFIX))
|
|
AUTOLOAD:=$(call AutoProbe,$(notdir $(4)))
|
|
endef
|
|
|
|
$$(eval $$(call KernelPackage,ipt-$(1)))
|
|
endif
|
|
|
|
endef
|
|
|
|
|
|
define Package/iptaccount
|
|
$(call Package/xtables-addons)
|
|
CATEGORY:=Network
|
|
TITLE:=iptables-mod-account control utility
|
|
DEPENDS:=iptables +iptables-mod-account
|
|
endef
|
|
|
|
define Package/iptaccount/install
|
|
$(INSTALL_DIR) $(1)/usr/lib
|
|
$(INSTALL_DIR) $(1)/usr/sbin
|
|
$(CP) \
|
|
$(PKG_INSTALL_DIR)/usr/lib/libxt_ACCOUNT_cl.so* \
|
|
$(1)/usr/lib/
|
|
$(CP) \
|
|
$(PKG_INSTALL_DIR)/usr/sbin/iptaccount \
|
|
$(1)/usr/sbin/
|
|
endef
|
|
|
|
|
|
define Package/iptgeoip
|
|
$(call Package/xtables-addons)
|
|
CATEGORY:=Network
|
|
TITLE:=iptables-mod-geoip support scripts for MaxMind GeoIP databases
|
|
DEPENDS:=iptables +iptables-mod-geoip \
|
|
+perl +perlbase-getopt +perlbase-io +perl-text-csv_xs \
|
|
+perl-net-cidr-lite \
|
|
+wget-ssl +!BUSYBOX_CONFIG_ZCAT:gzip
|
|
endef
|
|
|
|
define Package/iptgeoip/config
|
|
menu "Select iptgeoip options"
|
|
config IPTGEOIP_PRESERVE
|
|
bool "Preserve across sysupgrades"
|
|
default n
|
|
help
|
|
Backup and restore during sysupgrade (requires >7MB)
|
|
endmenu
|
|
endef
|
|
|
|
ifeq ($(CONFIG_IPTGEOIP_PRESERVE),y)
|
|
define Package/iptgeoip/conffiles
|
|
/usr/share/xt_geoip/
|
|
endef
|
|
endif
|
|
|
|
define Package/iptgeoip/install
|
|
$(INSTALL_DIR) $(1)/usr/lib/xtables-addons
|
|
$(CP) \
|
|
$(PKG_INSTALL_DIR)/usr/lib/xtables-addons/xt_geoip_{build,dl} \
|
|
$(1)/usr/lib/xtables-addons/
|
|
$(INSTALL_DIR) $(1)/usr/bin
|
|
$(CP) \
|
|
$(PKG_INSTALL_DIR)/usr/bin/xt_geoip_query \
|
|
$(1)/usr/bin/
|
|
$(INSTALL_DIR) $(1)/usr/share/xt_geoip
|
|
touch $(1)/usr/share/xt_geoip/.keep
|
|
endef
|
|
|
|
|
|
#$(eval $(call BuildTemplate,SUFFIX,DESCRIPTION,EXTENSION,MODULE,PRIORITY,DEPENDS))
|
|
|
|
$(eval $(call BuildTemplate,compat-xtables,API compatibilty layer,,compat_xtables,+IPV6:kmod-ip6tables))
|
|
$(eval $(call BuildTemplate,nathelper-rtsp,RTSP Conntrack and NAT,,rtsp/nf_conntrack_rtsp rtsp/nf_nat_rtsp,+kmod-ipt-conntrack-extra +kmod-ipt-nat))
|
|
|
|
$(eval $(call BuildTemplate,account,ACCOUNT,xt_ACCOUNT,ACCOUNT/xt_ACCOUNT,+kmod-ipt-compat-xtables))
|
|
$(eval $(call BuildTemplate,chaos,CHAOS,xt_CHAOS,xt_CHAOS,+kmod-ipt-compat-xtables +kmod-ipt-delude +kmod-ipt-tarpit))
|
|
$(eval $(call BuildTemplate,condition,Condition,xt_condition,xt_condition,))
|
|
$(eval $(call BuildTemplate,delude,DELUDE,xt_DELUDE,xt_DELUDE,+kmod-ipt-compat-xtables))
|
|
$(eval $(call BuildTemplate,dhcpmac,DHCPMAC,xt_DHCPMAC,xt_DHCPMAC,+kmod-ipt-compat-xtables))
|
|
$(eval $(call BuildTemplate,dnetmap,DNETMAP,xt_DNETMAP,xt_DNETMAP,+kmod-ipt-compat-xtables +kmod-ipt-nat))
|
|
$(eval $(call BuildTemplate,fuzzy,fuzzy,xt_fuzzy,xt_fuzzy,))
|
|
$(eval $(call BuildTemplate,geoip,geoip,xt_geoip,xt_geoip,))
|
|
$(eval $(call BuildTemplate,iface,iface,xt_iface,xt_iface,))
|
|
$(eval $(call BuildTemplate,ipmark,IPMARK,xt_IPMARK,xt_IPMARK,+kmod-ipt-compat-xtables))
|
|
$(eval $(call BuildTemplate,ipp2p,IPP2P,xt_ipp2p,xt_ipp2p,+kmod-ipt-compat-xtables))
|
|
$(eval $(call BuildTemplate,ipv4options,ipv4options,xt_ipv4options,xt_ipv4options,))
|
|
$(eval $(call BuildTemplate,length2,length2,xt_length2,xt_length2,+kmod-ipt-compat-xtables))
|
|
$(eval $(call BuildTemplate,logmark,LOGMARK,xt_LOGMARK,xt_LOGMARK,+kmod-ipt-compat-xtables))
|
|
$(eval $(call BuildTemplate,lscan,lscan,xt_lscan,xt_lscan,))
|
|
$(eval $(call BuildTemplate,lua,Lua PacketScript,xt_LUA,LUA/xt_LUA,+kmod-ipt-conntrack-extra))
|
|
$(eval $(call BuildTemplate,proto,PROTO,xt_PROTO,xt_PROTO,))
|
|
$(eval $(call BuildTemplate,psd,psd,xt_psd,xt_psd,))
|
|
$(eval $(call BuildTemplate,quota2,quota2,xt_quota2,xt_quota2,))
|
|
$(eval $(call BuildTemplate,sysrq,SYSRQ,xt_SYSRQ,xt_SYSRQ,+kmod-ipt-compat-xtables +kmod-crypto-hash))
|
|
$(eval $(call BuildTemplate,tarpit,TARPIT,xt_TARPIT,xt_TARPIT,+kmod-ipt-compat-xtables))
|
|
|
|
$(eval $(call BuildPackage,iptaccount))
|
|
$(eval $(call BuildPackage,iptgeoip))
|