PKG_NAME:=iptables
PKG_VERSION:=1.8.7
-PKG_RELEASE:=6
+PKG_RELEASE:=7
PKG_SOURCE_URL:=https://netfilter.org/projects/iptables/files
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
DEPENDS+= +kmod-ipt-core +libip4tc +IPV6:libip6tc +libiptext +IPV6:libiptext6 +libxtables
endef
-define Package/iptables-legacy
+define Package/iptables-zz-legacy
$(call Package/iptables/Default)
TITLE:=IP firewall administration tool
DEPENDS+= +xtables-legacy
- PROVIDES:=iptables
+ PROVIDES:=iptables iptables-legacy
ALTERNATIVES:=\
200:/usr/sbin/iptables:/usr/sbin/xtables-legacy-multi \
200:/usr/sbin/iptables-restore:/usr/sbin/xtables-legacy-multi \
200:/usr/sbin/iptables-save:/usr/sbin/xtables-legacy-multi
endef
-define Package/iptables-legacy/description
+define Package/iptables-zz-legacy/description
IP firewall administration tool.
Matches:
define Package/xtables-nft
$(call Package/iptables/Default)
TITLE:=IP firewall administration tool nft
- DEPENDS:=@IPTABLES_NFTABLES +libnftnl +libiptext +IPV6:libiptext6 +libiptext-nft +kmod-nft-compat
+ DEPENDS:=+libnftnl +libiptext +IPV6:libiptext6 +libiptext-nft +kmod-nft-compat
endef
define Package/arptables-nft
iptables extension for the CHECKSUM calculation target
endef
-define Package/ip6tables-legacy
+define Package/ip6tables-zz-legacy
$(call Package/iptables/Default)
DEPENDS:=@IPV6 +kmod-ip6tables +xtables-legacy
CATEGORY:=Network
TITLE:=IPv6 firewall administration tool
- PROVIDES:=ip6tables
+ PROVIDES:=ip6tables ip6tables-legacy
ALTERNATIVES:=\
200:/usr/sbin/ip6tables:/usr/sbin/xtables-legacy-multi \
200:/usr/sbin/ip6tables-restore:/usr/sbin/xtables-legacy-multi \
CATEGORY:=Libraries
TITLE:=IPv4/IPv6 firewall - shared libiptext nft library
ABI_VERSION:=0
- DEPENDS:=@IPTABLES_NFTABLES +libxtables
+ DEPENDS:=+libxtables
endef
define Package/libxtables
default n
help
This enable connlabel support in iptables.
-
- config IPTABLES_NFTABLES
- bool "Enable Nftables support"
- default y
- help
- This enable nftables support in iptables.
endef
TARGET_CPPFLAGS := \
--with-xtlibdir=/usr/lib/iptables \
--with-xt-lock-name=/var/run/xtables.lock \
$(if $(CONFIG_IPTABLES_CONNLABEL),,--disable-connlabel) \
- $(if $(CONFIG_IPTABLES_NFTABLES),,--disable-nftables) \
$(if $(CONFIG_IPV6),,--disable-ipv6)
MAKE_FLAGS := \
$(CP) $(PKG_INSTALL_DIR)/usr/sbin/xtables-legacy-multi $(1)/usr/sbin/
endef
-define Package/iptables-legacy/install
+define Package/iptables-zz-legacy/install
$(INSTALL_DIR) $(1)/usr/sbin
$(CP) $(PKG_INSTALL_DIR)/usr/sbin/iptables-legacy{,-restore,-save} $(1)/usr/sbin/
$(INSTALL_DIR) $(1)/usr/lib/iptables
$(CP) $(PKG_INSTALL_DIR)/usr/sbin/iptables{,-restore}-translate $(1)/usr/sbin/
endef
-define Package/ip6tables-legacy/install
+define Package/ip6tables-zz-legacy/install
$(INSTALL_DIR) $(1)/usr/sbin
$(CP) $(PKG_INSTALL_DIR)/usr/sbin/ip6tables-legacy{,-restore,-save} $(1)/usr/sbin/
endef
$(eval $(call BuildPackage,libiptext6))
$(eval $(call BuildPackage,libiptext-nft))
$(eval $(call BuildPackage,xtables-legacy))
-$(eval $(call BuildPackage,iptables-legacy))
+$(eval $(call BuildPackage,iptables-zz-legacy))
$(eval $(call BuildPackage,xtables-nft))
$(eval $(call BuildPackage,arptables-nft))
$(eval $(call BuildPackage,ebtables-nft))
$(eval $(call BuildPlugin,iptables-mod-trace,$(IPT_DEBUG-m)))
$(eval $(call BuildPlugin,iptables-mod-nfqueue,$(IPT_NFQUEUE-m)))
$(eval $(call BuildPlugin,iptables-mod-checksum,$(IPT_CHECKSUM-m)))
-$(eval $(call BuildPackage,ip6tables-legacy))
+$(eval $(call BuildPackage,ip6tables-zz-legacy))
$(eval $(call BuildPackage,ip6tables-nft))
$(eval $(call BuildPlugin,ip6tables-extra,$(IPT_IPV6_EXTRA-m)))
$(eval $(call BuildPlugin,ip6tables-mod-nat,$(IPT_NAT6-m)))