xref: /OK3568_Linux_fs/buildroot/package/iptables/iptables.mk (revision 4882a59341e53eb6f0b4789bf948001014eff981) 
1################################################################################
2#
3# iptables
4#
5################################################################################
6
7IPTABLES_VERSION = 1.8.7
8IPTABLES_SOURCE = iptables-$(IPTABLES_VERSION).tar.bz2
9IPTABLES_SITE = https://netfilter.org/projects/iptables/files
10IPTABLES_INSTALL_STAGING = YES
11IPTABLES_DEPENDENCIES = host-pkgconf \
12	$(if $(BR2_PACKAGE_LIBNETFILTER_CONNTRACK),libnetfilter_conntrack)
13IPTABLES_LICENSE = GPL-2.0
14IPTABLES_LICENSE_FILES = COPYING
15IPTABLES_CPE_ID_VENDOR = netfilter
16IPTABLES_SELINUX_MODULES = iptables
17
18# Building static causes ugly warnings on some plugins
19IPTABLES_CONF_OPTS = --libexecdir=/usr/lib --with-kernel=$(STAGING_DIR)/usr \
20	$(if $(BR2_STATIC_LIBS),,--disable-static)
21
22# For connlabel match
23ifeq ($(BR2_PACKAGE_LIBNETFILTER_CONNTRACK),y)
24IPTABLES_DEPENDENCIES += libnetfilter_conntrack
25endif
26
27# For nfnl_osf
28ifeq ($(BR2_PACKAGE_LIBNFNETLINK),y)
29IPTABLES_DEPENDENCIES += libnfnetlink
30endif
31
32# For iptables-compat tools
33ifeq ($(BR2_PACKAGE_IPTABLES_NFTABLES),y)
34IPTABLES_CONF_OPTS += --enable-nftables
35IPTABLES_DEPENDENCIES += host-bison host-flex libmnl libnftnl
36else
37IPTABLES_CONF_OPTS += --disable-nftables
38endif
39
40# bpf compiler support and nfsynproxy tool
41ifeq ($(BR2_PACKAGE_IPTABLES_BPF_NFSYNPROXY),y)
42# libpcap is tricky for static-only builds and needs help
43ifeq ($(BR2_STATIC_LIBS),y)
44IPTABLES_LIBS_FOR_STATIC_LINK += `$(STAGING_DIR)/usr/bin/pcap-config --static --additional-libs`
45IPTABLES_CONF_OPTS += LIBS="$(IPTABLES_LIBS_FOR_STATIC_LINK)"
46endif
47IPTABLES_CONF_OPTS += --enable-bpf-compiler --enable-nfsynproxy
48IPTABLES_DEPENDENCIES += libpcap
49else
50IPTABLES_CONF_OPTS += --disable-bpf-compiler --disable-nfsynproxy
51endif
52
53define IPTABLES_LINUX_CONFIG_FIXUPS
54	$(call KCONFIG_ENABLE_OPT,CONFIG_IP_NF_IPTABLES)
55	$(call KCONFIG_ENABLE_OPT,CONFIG_IP_NF_FILTER)
56	$(call KCONFIG_ENABLE_OPT,CONFIG_NETFILTER)
57	$(call KCONFIG_ENABLE_OPT,CONFIG_NETFILTER_XTABLES)
58endef
59
60define IPTABLES_INSTALL_INIT_SYSV
61	$(INSTALL) -m 0755 -D package/iptables/S35iptables \
62		$(TARGET_DIR)/etc/init.d/S35iptables
63	touch $(TARGET_DIR)/etc/iptables.conf
64endef
65
66$(eval $(autotools-package))
67