1################################################################################
2#
3# iptables
4#
5################################################################################
6
7IPTABLES_VERSION = 1.8.10
8IPTABLES_SOURCE = iptables-$(IPTABLES_VERSION).tar.xz
9IPTABLES_SITE = https://netfilter.org/projects/iptables/files
10IPTABLES_INSTALL_STAGING = YES
11IPTABLES_DEPENDENCIES = host-pkgconf
12IPTABLES_LICENSE = GPL-2.0
13IPTABLES_LICENSE_FILES = COPYING
14IPTABLES_CPE_ID_VENDOR = netfilter
15IPTABLES_SELINUX_MODULES = iptables
16
17# Building static causes ugly warnings on some plugins
18IPTABLES_CONF_OPTS = --libexecdir=/usr/lib --with-kernel=$(STAGING_DIR)/usr \
19	$(if $(BR2_STATIC_LIBS),,--disable-static)
20
21# For connlabel match
22ifeq ($(BR2_PACKAGE_LIBNETFILTER_CONNTRACK),y)
23IPTABLES_DEPENDENCIES += libnetfilter_conntrack
24endif
25
26# For nfnl_osf
27ifeq ($(BR2_PACKAGE_LIBNFNETLINK),y)
28IPTABLES_DEPENDENCIES += libnfnetlink
29endif
30
31# For iptables-compat tools
32ifeq ($(BR2_PACKAGE_IPTABLES_NFTABLES),y)
33IPTABLES_CONF_OPTS += --enable-nftables
34IPTABLES_DEPENDENCIES += host-bison host-flex libmnl libnftnl
35else
36IPTABLES_CONF_OPTS += --disable-nftables
37endif
38
39# bpf compiler support and nfsynproxy tool
40ifeq ($(BR2_PACKAGE_IPTABLES_BPF_NFSYNPROXY),y)
41# libpcap is tricky for static-only builds and needs help
42ifeq ($(BR2_STATIC_LIBS),y)
43IPTABLES_LIBS_FOR_STATIC_LINK += `$(STAGING_DIR)/usr/bin/pcap-config --static --additional-libs`
44IPTABLES_CONF_OPTS += LIBS="$(IPTABLES_LIBS_FOR_STATIC_LINK)"
45endif
46IPTABLES_CONF_OPTS += --enable-bpf-compiler --enable-nfsynproxy
47IPTABLES_DEPENDENCIES += libpcap
48else
49IPTABLES_CONF_OPTS += --disable-bpf-compiler --disable-nfsynproxy
50endif
51
52define IPTABLES_LINUX_CONFIG_FIXUPS
53	$(call KCONFIG_ENABLE_OPT,CONFIG_IP_NF_IPTABLES)
54	$(call KCONFIG_ENABLE_OPT,CONFIG_IP_NF_FILTER)
55	$(call KCONFIG_ENABLE_OPT,CONFIG_NETFILTER)
56	$(call KCONFIG_ENABLE_OPT,CONFIG_NETFILTER_XTABLES)
57endef
58
59define IPTABLES_INSTALL_INIT_SYSV
60	$(INSTALL) -m 0755 -D package/iptables/S35iptables \
61		$(TARGET_DIR)/etc/init.d/S35iptables
62	touch $(TARGET_DIR)/etc/iptables.conf
63endef
64
65$(eval $(autotools-package))
66