* iptables

- version bump - install procedure reworked and fixed - IPv6 is an option now git-svn-id: https://svn.pengutronix.de/svn/ptxdist/trunks/ptxdist-trunk@10277 33e552b5-05e3-0310-8538-816dae2090ed
author: Juergen Beisert <j.beisert@pengutronix.de> 2009-04-09 08:25:21 +0000
committer: Juergen Beisert <j.beisert@pengutronix.de> 2009-04-09 08:25:21 +0000
commit: 290d3e62d7fa402be65bf5a2b26a4daf2d3a6304 (patch)
tree: bfbc808d34119cd5a400d6a58b40bf11ee192854 /rules
parent: 94da84b7ff99053c925b8797b7e3ef2378fafaf7 (diff)
download: ptxdist-290d3e62d7fa402be65bf5a2b26a4daf2d3a6304.tar.gz
ptxdist-290d3e62d7fa402be65bf5a2b26a4daf2d3a6304.tar.xz
2 files changed, 100 insertions, 576 deletions
diff --git a/rules/iptables.in b/rules/iptables.in
index bcd96a234..ceab90cf9 100644
--- a/rules/iptables.in
+++ b/rules/iptables.in
@@ -1,9 +1,9 @@
 ## SECTION=networking
-# FIXME: audit which extensions are still there
 
 menuconfig IPTABLES
 	tristate
 	prompt "iptables                      "
+	select KERNEL
 	help
 	  Iptables  is used to set up, maintain, and inspect the
 	  tables of IP packet filter rules in the Linux kernel.
@@ -13,369 +13,85 @@ menuconfig IPTABLES
 
 if IPTABLES
 
-config IPTABLES_INSTALL_IP6TABLES
-	bool
-	prompt "install ip6tables"
-	help
-	  install the IPv6 Version of iptables
-
-config IPTABLES_INSTALL_IPTABLES
-	bool
-	prompt "install iptables"
-	help
-	  install the IPv4 Version of iptables
-
-config IPTABLES_INSTALL_IPTABLES_RESTORE
-	bool
-	prompt "install iptables-restore"
-	help
-	  The iptables-restore command is used to restore
-	  the iptables rule-set that was saved with the
-	  iptables-save command.
-
-config IPTABLES_INSTALL_IPTABLES_SAVE
-	bool
-	prompt "install iptables-save"
-	help
-	  The iptables-save command is a tool to save
-	  the current rule-set into a file that
-	  iptables-restore can use.
-
-comment "----------------------------------"
-
-config IPTABLES_INSTALL_libipt_addrtype
-	bool
-	prompt "install libipt_addrtype.so"
-	depends on IPTABLES_INSTALL_IPTABLES
-	help
-	  FIXME: This item needs to be documented
-
-config IPTABLES_INSTALL_libipt_ah
-	bool
-	prompt "install libipt_ah.so"
-	depends on IPTABLES_INSTALL_IPTABLES
-	help
-	  FIXME: This item needs to be documented
-
-config IPTABLES_INSTALL_libipt_CLUSTERIP
-	bool
-	depends on BROKEN
-	prompt "install libipt_CLUSTERIP.so"
-	depends on IPTABLES_INSTALL_IPTABLES
-	help
-	  FIXME: This item needs to be documented
-
-config IPTABLES_INSTALL_libipt_connbytes
+config IPTABLES_INSTALL_IPV6_TOOLS
 	bool
-	depends on BROKEN
-	prompt "install libipt_connbytes.so"
-	depends on IPTABLES_INSTALL_IPTABLES
-	help
-	  FIXME: This item needs to be documented
-
-config IPTABLES_INSTALL_libipt_dccp
-	bool
-	depends on BROKEN
-	prompt "install libipt_dccp.so"
-	depends on IPTABLES_INSTALL_IPTABLES
-	help
-	  FIXME: This item needs to be documented
-
-config IPTABLES_INSTALL_libipt_DF
-	bool
-	depends on BROKEN
-	prompt "install libipt_DF.so"
-	depends on IPTABLES_INSTALL_IPTABLES
-	help
-	  FIXME: This item needs to be documented
-
-config IPTABLES_INSTALL_libipt_DNAT
-	bool
-	prompt "install libipt_DNAT.so"
-	depends on IPTABLES_INSTALL_IPTABLES
-	help
-	  FIXME: This item needs to be documented
-
-config IPTABLES_INSTALL_libipt_ecn
-	bool
-	prompt "install libipt_ecn.so"
-	depends on IPTABLES_INSTALL_IPTABLES
-	help
-	  FIXME: This item needs to be documented
-
-config IPTABLES_INSTALL_libipt_ECN
-	bool
-	prompt "install libipt_ECN.so"
-	depends on IPTABLES_INSTALL_IPTABLES
-	help
-	  FIXME: This item needs to be documented
-
-config IPTABLES_INSTALL_libipt_icmp
-	bool
-	prompt "install libipt_icmp.so"
-	depends on IPTABLES_INSTALL_IPTABLES
-	help
-	  FIXME: This item needs to be documented
-
-config IPTABLES_INSTALL_libipt_LOG
-	bool
-	prompt "install libipt_LOG.so"
-	depends on IPTABLES_INSTALL_IPTABLES
-	help
-	  FIXME: This item needs to be documented
-
-config IPTABLES_INSTALL_libipt_MASQUERADE
-	bool
-	prompt "install libipt_MASQUERADE.so"
-	depends on IPTABLES_INSTALL_IPTABLES
-	help
-	  FIXME: This item needs to be documented
-
-config IPTABLES_INSTALL_libipt_MIRROR
-	bool
-	prompt "install libipt_MIRROR.so"
-	depends on IPTABLES_INSTALL_IPTABLES
-	help
-	  FIXME: This item needs to be documented
-
-config IPTABLES_INSTALL_libipt_NETMAP
-	bool
-	prompt "install libipt_NETMAP.so"
-	depends on IPTABLES_INSTALL_IPTABLES
-	help
-	  FIXME: This item needs to be documented
-
-config IPTABLES_INSTALL_libipt_NFLOG
-	bool
-	depends on BROKEN
-	prompt "install libipt_NFLOG.so"
-	depends on IPTABLES_INSTALL_IPTABLES
-	help
-	  FIXME: This item needs to be documented
-
-config IPTABLES_INSTALL_libipt_policy
-	bool
-	prompt "install libipt_policy.so"
-	depends on IPTABLES_INSTALL_IPTABLES
-	help
-	  FIXME: This item needs to be documented
+	prompt "IPv6 tools"
 
-config IPTABLES_INSTALL_libipt_quota
-	bool
-	depends on BROKEN
-	prompt "install libipt_quota.so"
-	depends on IPTABLES_INSTALL_IPTABLES
-	help
-	  FIXME: This item needs to be documented
-
-config IPTABLES_INSTALL_libipt_realm
-	bool
-	prompt "install libipt_realm.so"
-	depends on IPTABLES_INSTALL_IPTABLES
-	help
-	  FIXME: This item needs to be documented
-
-config IPTABLES_INSTALL_libipt_recent
-	bool
-	depends on BROKEN
-	prompt "install libipt_recent.so"
-	depends on IPTABLES_INSTALL_IPTABLES
-	help
-	  FIXME: This item needs to be documented
-
-config IPTABLES_INSTALL_libipt_REDIRECT
-	bool
-	prompt "install libipt_REDIRECT.so"
-	depends on IPTABLES_INSTALL_IPTABLES
-	help
-	  FIXME: This item needs to be documented
-
-config IPTABLES_INSTALL_libipt_REJECT
-	bool
-	prompt "install libipt_REJECT.so"
-	depends on IPTABLES_INSTALL_IPTABLES
-	help
-	  FIXME: This item needs to be documented
-
-config IPTABLES_INSTALL_libipt_SAME
-	bool
-	prompt "install libipt_SAME.so"
-	depends on IPTABLES_INSTALL_IPTABLES
-	help
-	  FIXME: This item needs to be documented
-
-config IPTABLES_INSTALL_libipt_SNAT
-	bool
-	prompt "install libipt_SNAT.so"
-	depends on IPTABLES_INSTALL_IPTABLES
-	help
-	  FIXME: This item needs to be documented
-
-config IPTABLES_INSTALL_libipt_statistics
-	bool
-	prompt "install libipt_statistics.so"
-	depends on IPTABLES_INSTALL_IPTABLES
-	help
-	  FIXME: This item needs to be documented
-
-config IPTABLES_INSTALL_libipt_string
-	bool
-	depends on BROKEN
-	prompt "install libipt_string.so"
-	depends on IPTABLES_INSTALL_IPTABLES
-	help
-	  FIXME: This item needs to be documented
-
-config IPTABLES_INSTALL_libipt_ttl
-	bool
-	prompt "install libipt_ttl.so"
-	depends on IPTABLES_INSTALL_IPTABLES
-	help
-	  FIXME: This item needs to be documented
-
-config IPTABLES_INSTALL_libipt_TTL
-	bool
-	prompt "install libipt_TTL.so"
-	depends on IPTABLES_INSTALL_IPTABLES
-	help
-	  FIXME: This item needs to be documented
-
-config IPTABLES_INSTALL_libipt_ULOG
-	bool
-	prompt "install libipt_ULOG.so"
-	depends on IPTABLES_INSTALL_IPTABLES
-	help
-	  FIXME: This item needs to be documented
-
-config IPTABLES_INSTALL_libipt_unclean
-	bool
-	prompt "install libipt_unclean.so"
-	depends on IPTABLES_INSTALL_IPTABLES
-	help
-	  FIXME: This item needs to be documented
-
-comment "----------------------------------"
-
-config IPTABLES_INSTALL_libip6t_ah
-	bool
-	depends on BROKEN
-	prompt "install libip6t_ah.so"
-	depends on IPTABLES_INSTALL_IP6TABLES
-	help
-	  FIXME: This item needs to be documented
-
-config IPTABLES_INSTALL_libip6t_esp
-	bool
-	depends on BROKEN
-	prompt "install libip6t_esp.so"
-	depends on IPTABLES_INSTALL_IP6TABLES
-	help
-	  FIXME: This item needs to be documented
-
-config IPTABLES_INSTALL_libip6t_eui64
-	bool
-	prompt "install libip6t_eui64.so"
-	depends on IPTABLES_INSTALL_IP6TABLES
-	help
-	  FIXME: This item needs to be documented
-
-config IPTABLES_INSTALL_libip6t_frag
-	bool
-	depends on BROKEN
-	prompt "install libip6t_frag.so"
-	depends on IPTABLES_INSTALL_IP6TABLES
-	help
-	  FIXME: This item needs to be documented
-
-config IPTABLES_INSTALL_libip6t_hashlimit
-	bool
-	depends on BROKEN
-	prompt "install libip6t_hashlimit.so"
-	depends on IPTABLES_INSTALL_IP6TABLES
-	help
-	  FIXME: This item needs to be documented
-
-config IPTABLES_INSTALL_libip6t_hl
+if IPTABLES_INSTALL_IPV6_TOOLS
+config IPTABLES_INSTALL_IP6TABLES
 	bool
-	prompt "install libip6t_hl.so"
-	depends on IPTABLES_INSTALL_IP6TABLES
+	prompt "install ip6tables"
 	help
-	  FIXME: This item needs to be documented
+	  Install the IPv6 Version of iptables
 
-config IPTABLES_INSTALL_libip6t_HL
+config IPTABLES_INSTALL_IP6TABLES_MULTI
 	bool
-	prompt "install libip6t_HL.so"
-	depends on IPTABLES_INSTALL_IP6TABLES
+	prompt "install ip6tables-multi"
 	help
-	  FIXME: This item needs to be documented
+	  FIXME
 
-config IPTABLES_INSTALL_libip6t_icmp6
+config IPTABLES_INSTALL_IP6TABLES_RESTORE
 	bool
-	prompt "install libip6t_icmp6.so"
-	depends on IPTABLES_INSTALL_IP6TABLES
+	prompt "install ip6tables-restore"
 	help
-	  FIXME: This item needs to be documented
+	  The ip6tables-restore command is used to restore
+	  the ip6tables rule-set that was saved with the
+	  ip6tables-save command.
 
-config IPTABLES_INSTALL_libip6t_ipv6header
+config IPTABLES_INSTALL_IP6TABLES_SAVE
 	bool
-	depends on BROKEN
-	prompt "install libip6t_ipv6header.so"
-	depends on IPTABLES_INSTALL_IP6TABLES
+	prompt "install ip6tables-save"
 	help
-	  FIXME: This item needs to be documented
+	  The ip6tables-save command is a tool to save the current rule-set
+	  into a file that ip6tables-restore can use.
 
-config IPTABLES_INSTALL_libip6t_LOG
-	bool
-	prompt "install libip6t_LOG.so"
-	depends on IPTABLES_INSTALL_IP6TABLES
-	help
-	  FIXME: This item needs to be documented
+endif
 
-config IPTABLES_INSTALL_libip6t_mh
+config IPTABLES_INSTALL_IPTABLES
 	bool
-	depends on BROKEN
-	prompt "install libip6t_mh.so"
-	depends on IPTABLES_INSTALL_IP6TABLES
+	prompt "install iptables"
 	help
-	  FIXME: This item needs to be documented
+	  install the IPv4 Version of iptables
 
-config IPTABLES_INSTALL_libip6t_NFLOG
+config IPTABLES_INSTALL_IPTABLES_MULTI
 	bool
-	depends on BROKEN
-	prompt "install libip6t_NFLOG.so"
-	depends on IPTABLES_INSTALL_IP6TABLES
+	prompt "install iptables-multi"
 	help
-	  FIXME: This item needs to be documented
+	  FIXME
 
-config IPTABLES_INSTALL_libip6t_policy
+config IPTABLES_INSTALL_IPTABLES_RESTORE
 	bool
-	prompt "install libip6t_policy.so"
-	depends on IPTABLES_INSTALL_IP6TABLES
+	prompt "install iptables-restore"
 	help
-	  FIXME: This item needs to be documented
+	  The iptables-restore command is used to restore
+	  the iptables rule-set that was saved with the
+	  iptables-save command.
 
-config IPTABLES_INSTALL_libip6t_REJECT
+config IPTABLES_INSTALL_IPTABLES_SAVE
 	bool
-	depends on BROKEN
-	prompt "install libip6t_REJECT.so"
-	depends on IPTABLES_INSTALL_IP6TABLES
+	prompt "install iptables-save"
 	help
-	  FIXME: This item needs to be documented
+	  The iptables-save command is a tool to save
+	  the current rule-set into a file that
+	  iptables-restore can use.
 
-config IPTABLES_INSTALL_libip6t_rt
+config IPTABLES_INSTALL_IPTABLES_XML
 	bool
-	depends on BROKEN
-	prompt "install libip6t_rt.so"
-	depends on IPTABLES_INSTALL_IP6TABLES
+	prompt "install iptables-xml"
+	depends on IPTABLES_INSTALL_IPTABLES_SAVE
 	help
-	  FIXME: This item needs to be documented
+	  iptables-xml is used to convert the output of iptables-save into an
+	  easily manipulatable XML format to STDOUT. Use I/O-redirection
+	  provided by your shell to write to a file.
 
-config IPTABLES_INSTALL_libip6t_sctp
+config IPTABLES_INSTALL_IPTABLES_APPLY
 	bool
-	depends on BROKEN
-	prompt "install libip6t_sctp.so"
-	depends on IPTABLES_INSTALL_IP6TABLES
+	prompt "install iptables-apply"
 	help
-	  FIXME: This item needs to be documented
+	  iptables-apply will try to apply a new ruleset (as output by
+	  iptables-save/read by iptables-restore) to iptables, then prompt the
+	  user whether the changes are okay. If the new ruleset cut the
+	  existing connection, the user will not be able to answer
+	  affirmatively.
 
 endif
diff --git a/rules/iptables.make b/rules/iptables.make
index 2f95e685c..65493002c 100644
--- a/rules/iptables.make
+++ b/rules/iptables.make
@@ -3,6 +3,7 @@
 #
 # Copyright (C) 2004 by Robert Schwebel
 # Copyright (C) 2007 by Carsten Schlote, konzeptpark
+# Copyright (C) 2008 by Juergen Beisert
 #
 # See CREDITS for details about who has contributed to this project.
 #
@@ -18,7 +19,7 @@ PACKAGES-$(PTXCONF_IPTABLES) += iptables
 #
 # Paths and names
 #
-IPTABLES_VERSION	= 1.4.1.1
+IPTABLES_VERSION	= 1.4.3
 IPTABLES		= iptables-$(IPTABLES_VERSION)
 IPTABLES_SUFFIX		= tar.bz2
 IPTABLES_URL		= http://ftp.netfilter.org/pub/iptables/$(IPTABLES).$(IPTABLES_SUFFIX)
@@ -30,81 +31,27 @@ IPTABLES_DIR		= $(BUILDDIR)/$(IPTABLES)
 # Get
 # ----------------------------------------------------------------------------
 
-iptables_get: $(STATEDIR)/iptables.get
-
-$(STATEDIR)/iptables.get: $(iptables_get_deps_default)
-	@$(call targetinfo, $@)
-	@$(call touch, $@)
-
 $(IPTABLES_SOURCE):
 	@$(call targetinfo, $@)
 	@$(call get, IPTABLES)
 
 # ----------------------------------------------------------------------------
-# Extract
-# ----------------------------------------------------------------------------
-
-iptables_extract: $(STATEDIR)/iptables.extract
-
-$(STATEDIR)/iptables.extract: $(iptables_extract_deps_default)
-	@$(call targetinfo, $@)
-	@$(call clean, $(IPTABLES_DIR))
-	@$(call extract, IPTABLES)
-	@$(call patchin, IPTABLES)
-	@$(call touch, $@)
-
-# ----------------------------------------------------------------------------
 # Prepare
 # ----------------------------------------------------------------------------
 
-iptables_prepare: $(STATEDIR)/iptables.prepare
-
 IPTABLES_PATH	=  PATH=$(CROSS_PATH)
 IPTABLES_ENV 	=  $(CROSS_ENV)
-
-#
-# autoconf
-#
-IPTABLES_AUTOCONF =  $(CROSS_AUTOCONF_USR)
-
-$(STATEDIR)/iptables.prepare: $(iptables_prepare_deps_default)
-	@$(call targetinfo, $@)
-	@$(call clean, $(IPTABLES_DIR)/config.cache)
-	cd $(IPTABLES_DIR) && \
-		$(IPTABLES_PATH) $(IPTABLES_ENV) \
-		./configure $(IPTABLES_AUTOCONF)
-	@$(call touch, $@)
-
-# ----------------------------------------------------------------------------
-# Compile
-# ----------------------------------------------------------------------------
-
-iptables_compile: $(STATEDIR)/iptables.compile
-
-$(STATEDIR)/iptables.compile: $(iptables_compile_deps_default)
-	@$(call targetinfo, $@)
-	cd $(IPTABLES_DIR) && $(IPTABLES_ENV) $(IPTABLES_PATH) \
-		make KERNEL_DIR=$(KERNEL_DIR) PREFIX=/usr
-	@$(call touch, $@)
-
-# ----------------------------------------------------------------------------
-# Install
-# ----------------------------------------------------------------------------
-
-iptables_install: $(STATEDIR)/iptables.install
-
-$(STATEDIR)/iptables.install: $(iptables_install_deps_default)
-	@$(call targetinfo, $@)
-	@$(call install, IPTABLES,,, KERNEL_DIR=$(KERNEL_DIR) PREFIX=/usr)
-	@$(call touch, $@)
+IPTABLES_AUTOCONF = \
+	$(CROSS_AUTOCONF_USR) \
+	--disable-dependency-tracking \
+	--with-kernel=$(KERNEL_DIR) \
+	--with-xtlibdir=/usr/lib
 
 # ----------------------------------------------------------------------------
 # Target-Install
 # ----------------------------------------------------------------------------
 
-iptables_targetinstall: $(STATEDIR)/iptables.targetinstall
-
-$(STATEDIR)/iptables.targetinstall: $(iptables_targetinstall_deps_default)
+$(STATEDIR)/iptables.targetinstall:
 	@$(call targetinfo, $@)
 
 	@$(call install_init, iptables)
@@ -112,206 +59,67 @@ $(STATEDIR)/iptables.targetinstall: $(iptables_targetinstall_deps_default)
 	@$(call install_fixup, iptables,PRIORITY,optional)
 	@$(call install_fixup, iptables,VERSION,$(IPTABLES_VERSION))
 	@$(call install_fixup, iptables,SECTION,base)
-	@$(call install_fixup, iptables,AUTHOR,"Robert Schwebel <r.schwebel\@pengutronix.de>")
+	@$(call install_fixup, iptables,AUTHOR,"Robert Schwebel <r.schwebel@pengutronix.de>")
 	@$(call install_fixup, iptables,DEPENDS,)
 	@$(call install_fixup, iptables,DESCRIPTION,missing)
 
-ifdef PTXCONF_IPTABLES_INSTALL_IP6TABLES
-	@$(call install_copy, iptables, 0, 0, 0755, $(IPTABLES_DIR)/ip6tables, /sbin/ip6tables)
-endif
-ifdef PTXCONF_IPTABLES_INSTALL_IPTABLES
-	@$(call install_copy, iptables, 0, 0, 0755, $(IPTABLES_DIR)/iptables, /sbin/iptables)
-endif
-ifdef PTXCONF_IPTABLES_INSTALL_IPTABLES_RESTORE
-	@$(call install_copy, iptables, 0, 0, 0755, $(IPTABLES_DIR)/iptables-restore, /sbin/iptables-restore)
-endif
-ifdef PTXCONF_IPTABLES_INSTALL_IPTABLES_SAVE
-	@$(call install_copy, iptables, 0, 0, 0755, $(IPTABLES_DIR)/iptables-save, /sbin/iptables-save)
-endif
-
-# --- iptables stuff - commented entries no longer available
-
-ifdef PTXCONF_IPTABLES_INSTALL_libipt_addrtype
-	@$(call install_copy, iptables, 0, 0, 0755, $(IPTABLES_DIR)/extensions/libipt_addrtype.so, /usr/lib/iptables/libipt_addrtype.so, n)
-endif
-
-ifdef PTXCONF_IPTABLES_INSTALL_libipt_ah
-	@$(call install_copy, iptables, 0, 0, 0755, $(IPTABLES_DIR)/extensions/libipt_ah.so, /usr/lib/iptables/libipt_ah.so, n)
-endif
-
-ifdef PTXCONF_IPTABLES_INSTALL_libipt_CLUSTERIP
-	@$(call install_copy, iptables, 0, 0, 0755, $(IPTABLES_DIR)/extensions/libipt_CLUSTERIP.so, /usr/lib/iptables/libipt_CLUSTERIP.so, n)
-endif
-
-ifdef PTXCONF_IPTABLES_INSTALL_libipt_connbytes
-	@$(call install_copy, iptables, 0, 0, 0755, $(IPTABLES_DIR)/extensions/libipt_connbytes.so, /usr/lib/iptables/libipt_connbytes.so, n)
-endif
-
-ifdef PTXCONF_IPTABLES_INSTALL_libipt_dccp
-	@$(call install_copy, iptables, 0, 0, 0755, $(IPTABLES_DIR)/extensions/libipt_dccp.so, /usr/lib/iptables/libipt_dccp.so, n)
-endif
-
-ifdef PTXCONF_IPTABLES_INSTALL_libipt_DF
-	@$(call install_copy, iptables, 0, 0, 0755, $(IPTABLES_DIR)/extensions/libipt_DF.so, /usr/lib/iptables/libipt_DF.so, n)
-endif
-
-ifdef PTXCONF_IPTABLES_INSTALL_libipt_DNAT
-	@$(call install_copy, iptables, 0, 0, 0755, $(IPTABLES_DIR)/extensions/libipt_DNAT.so, /usr/lib/iptables/libipt_DNAT.so, n)
-endif
-
-ifdef PTXCONF_IPTABLES_INSTALL_libipt_ecn
-	@$(call install_copy, iptables, 0, 0, 0755, $(IPTABLES_DIR)/extensions/libipt_ecn.so, /usr/lib/iptables/libipt_ecn.so, n)
-endif
-
-ifdef PTXCONF_IPTABLES_INSTALL_libipt_ECN
-	@$(call install_copy, iptables, 0, 0, 0755, $(IPTABLES_DIR)/extensions/libipt_ECN.so, /usr/lib/iptables/libipt_ECN.so, n)
-endif
-
-ifdef PTXCONF_IPTABLES_INSTALL_libipt_icmp
-	@$(call install_copy, iptables, 0, 0, 0755, $(IPTABLES_DIR)/extensions/libipt_icmp.so, /usr/lib/iptables/libipt_icmp.so, n)
-endif
-
-ifdef PTXCONF_IPTABLES_INSTALL_libipt_LOG
-	@$(call install_copy, iptables, 0, 0, 0755, $(IPTABLES_DIR)/extensions/libipt_LOG.so, /usr/lib/iptables/libipt_LOG.so, n)
-endif
-
-ifdef PTXCONF_IPTABLES_INSTALL_libipt_MASQUERADE
-	@$(call install_copy, iptables, 0, 0, 0755, $(IPTABLES_DIR)/extensions/libipt_MASQUERADE.so, /usr/lib/iptables/libipt_MASQUERADE.so, n)
-endif
-
-ifdef PTXCONF_IPTABLES_INSTALL_libipt_MIRROR
-	@$(call install_copy, iptables, 0, 0, 0755, $(IPTABLES_DIR)/extensions/libipt_MIRROR.so, /usr/lib/iptables/libipt_MIRROR.so, n)
-endif
-
-ifdef PTXCONF_IPTABLES_INSTALL_libipt_NETMAP
-	@$(call install_copy, iptables, 0, 0, 0755, $(IPTABLES_DIR)/extensions/libipt_NETMAP.so, /usr/lib/iptables/libipt_NETMAP.so, n)
-endif
-
-ifdef PTXCONF_IPTABLES_INSTALL_libipt_NFLOG
-	@$(call install_copy, iptables, 0, 0, 0755, $(IPTABLES_DIR)/extensions/libipt_NFLOG.so, /usr/lib/iptables/libipt_NFLOG.so, n)
-endif
-
-ifdef PTXCONF_IPTABLES_INSTALL_libipt_policy
-	@$(call install_copy, iptables, 0, 0, 0755, $(IPTABLES_DIR)/extensions/libipt_policy.so, /usr/lib/iptables/libipt_policy.so, n)
-endif
-
-ifdef PTXCONF_IPTABLES_INSTALL_libipt_quota
-	@$(call install_copy, iptables, 0, 0, 0755, $(IPTABLES_DIR)/extensions/libipt_quota.so, /usr/lib/iptables/libipt_quota.so, n)
-endif
+# install the basic libraries
+	@$(call install_copy, iptables, 0, 0, 0644, -, \
+		/usr/lib/libiptc.so.0.0.0)
+	@$(call install_link, iptables, libiptc.so.0.0.0, /usr/lib/libiptc.so)
+	@$(call install_link, iptables, libiptc.so.0.0.0, /usr/lib/libiptc.so.0)
 
-ifdef PTXCONF_IPTABLES_INSTALL_libipt_realm
-	@$(call install_copy, iptables, 0, 0, 0755, $(IPTABLES_DIR)/extensions/libipt_realm.so, /usr/lib/iptables/libipt_realm.so, n)
-endif
+	@$(call install_copy, iptables, 0, 0, 0644, -, \
+		/usr/lib/libxtables.so.1.0.0)
+	@$(call install_link, iptables, libxtables.so.1.0.0, /usr/lib/libxtables.so)
+	@$(call install_link, iptables, libxtables.so.1.0.0, /usr/lib/libiptc.so.1)
 
-ifdef PTXCONF_IPTABLES_INSTALL_libipt_recent
-	@$(call install_copy, iptables, 0, 0, 0755, $(IPTABLES_DIR)/extensions/libipt_recent.so, /usr/lib/iptables/libipt_recent.so, n)
-endif
-
-ifdef PTXCONF_IPTABLES_INSTALL_libipt_REDIRECT
-	@$(call install_copy, iptables, 0, 0, 0755, $(IPTABLES_DIR)/extensions/libipt_REDIRECT.so, /usr/lib/iptables/libipt_REDIRECT.so, n)
-endif
-
-ifdef PTXCONF_IPTABLES_INSTALL_libipt_REJECT
-	@$(call install_copy, iptables, 0, 0, 0755, $(IPTABLES_DIR)/extensions/libipt_REJECT.so, /usr/lib/iptables/libipt_REJECT.so, n)
-endif
-
-ifdef PTXCONF_IPTABLES_INSTALL_libipt_SAME
-	@$(call install_copy, iptables, 0, 0, 0755, $(IPTABLES_DIR)/extensions/libipt_SAME.so, /usr/lib/iptables/libipt_SAME.so, n)
-endif
-
-ifdef PTXCONF_IPTABLES_INSTALL_libipt_SNAT
-	@$(call install_copy, iptables, 0, 0, 0755, $(IPTABLES_DIR)/extensions/libipt_SNAT.so, /usr/lib/iptables/libipt_SNAT.so, n)
-endif
-
-ifdef PTXCONF_IPTABLES_INSTALL_libipt_statistic
-	@$(call install_copy, iptables, 0, 0, 0755, $(IPTABLES_DIR)/extensions/libipt_statistic.so, /usr/lib/iptables/libipt_statistic.so, n)
-endif
-
-ifdef PTXCONF_IPTABLES_INSTALL_libipt_string
-	@$(call install_copy, iptables, 0, 0, 0755, $(IPTABLES_DIR)/extensions/libipt_string.so, /usr/lib/iptables/libipt_string.so, n)
-endif
-
-ifdef PTXCONF_IPTABLES_INSTALL_libipt_ttl
-	@$(call install_copy, iptables, 0, 0, 0755, $(IPTABLES_DIR)/extensions/libipt_ttl.so, /usr/lib/iptables/libipt_ttl.so, n)
-endif
-
-ifdef PTXCONF_IPTABLES_INSTALL_libipt_TTL
-	@$(call install_copy, iptables, 0, 0, 0755, $(IPTABLES_DIR)/extensions/libipt_TTL.so, /usr/lib/iptables/libipt_TTL.so, n)
-endif
-
-ifdef PTXCONF_IPTABLES_INSTALL_libipt_ULOG
-	@$(call install_copy, iptables, 0, 0, 0755, $(IPTABLES_DIR)/extensions/libipt_ULOG.so, /usr/lib/iptables/libipt_ULOG.so, n)
-endif
-
-ifdef PTXCONF_IPTABLES_INSTALL_libipt_unclean
-	@$(call install_copy, iptables, 0, 0, 0755, $(IPTABLES_DIR)/extensions/libipt_unclean.so, /usr/lib/iptables/libipt_unclean.so, n)
-endif
-
-# --- ip6tables stuff
-
-ifdef PTXCONF_IPTABLES_INSTALL_libip6t_ah
-	@$(call install_copy, iptables, 0, 0, 0755, $(IPTABLES_DIR)/extensions/libip6t_ah.so, /usr/lib/iptables/libip6t_ah.so, n)
-endif
-
-ifdef PTXCONF_IPTABLES_INSTALL_libip6t_esp
-	@$(call install_copy, iptables, 0, 0, 0755, $(IPTABLES_DIR)/extensions/libip6t_esp.so, /usr/lib/iptables/libip6t_esp.so, n)
-endif
-
-ifdef PTXCONF_IPTABLES_INSTALL_libip6t_eui64
-	@$(call install_copy, iptables, 0, 0, 0755, $(IPTABLES_DIR)/extensions/libip6t_eui64.so, /usr/lib/iptables/libip6t_eui64.so, n)
-endif
-
-ifdef PTXCONF_IPTABLES_INSTALL_libip6t_frag
-	@$(call install_copy, iptables, 0, 0, 0755, $(IPTABLES_DIR)/extensions/libip6t_frag.so, /usr/lib/iptables/libip6t_frag.so, n)
-endif
-
-ifdef PTXCONF_IPTABLES_INSTALL_libip6t_hashlimit
-	@$(call install_copy, iptables, 0, 0, 0755, $(IPTABLES_DIR)/extensions/libip6t_hashlimit.so, /usr/lib/iptables/libip6t_hashlimit.so, n)
-endif
-
-ifdef PTXCONF_IPTABLES_INSTALL_libip6t_hl
-	@$(call install_copy, iptables, 0, 0, 0755, $(IPTABLES_DIR)/extensions/libip6t_hl.so, /usr/lib/iptables/libip6t_hl.so, n)
+# IPv6 part
+ifdef PTXCONF_IPTABLES_INSTALL_IPV6_TOOLS
+ifdef PTXCONF_IPTABLES_INSTALL_IP6TABLES
+	@$(call install_copy, iptables, 0, 0, 0755, -, /usr/sbin/ip6tables)
 endif
-
-ifdef PTXCONF_IPTABLES_INSTALL_libip6t_HL
-	@$(call install_copy, iptables, 0, 0, 0755, $(IPTABLES_DIR)/extensions/libip6t_HL.so, /usr/lib/iptables/libip6t_HL.so, n)
+ifdef PTXCONF_IPTABLES_INSTALL_IP6TABLES_MULTI
+	@$(call install_copy, iptables, 0, 0, 0755, -, /usr/sbin/ip6tables-multi)
 endif
-
-ifdef PTXCONF_IPTABLES_INSTALL_libip6t_icmp6
-	@$(call install_copy, iptables, 0, 0, 0755, $(IPTABLES_DIR)/extensions/libip6t_icmp6.so, /usr/lib/iptables/libip6t_icmp6.so, n)
+ifdef PTXCONF_IPTABLES_INSTALL_IP6TABLES_RESTORE
+	@$(call install_copy, iptables, 0, 0, 0755, -, /usr/sbin/ip6tables-restore)
 endif
-
-ifdef PTXCONF_IPTABLES_INSTALL_libip6t_ipv6header
-	@$(call install_copy, iptables, 0, 0, 0755, $(IPTABLES_DIR)/extensions/libip6t_ipv6header.so, /usr/lib/iptables/libip6t_ipv6header.so, n)
+ifdef PTXCONF_IPTABLES_INSTALL_IP6TABLES_SAVE
+	@$(call install_copy, iptables, 0, 0, 0755, -, /usr/sbin/ip6tables-save)
 endif
 
-ifdef PTXCONF_IPTABLES_INSTALL_libip6t_LOG
-	@$(call install_copy, iptables, 0, 0, 0755, $(IPTABLES_DIR)/extensions/libip6t_LOG.so, /usr/lib/iptables/libip6t_LOG.so, n)
-endif
+# install the IPv6 relevant shared feature libraries
+	@cd $(IPTABLES_DIR)/extensions && \
+		for file in libip6t_*.so; do \
+			$(call install_copy, iptables, 0, 0, 0644, \
+				$(IPTABLES_DIR)/extensions/$$file, \
+				/usr/lib/$$file); \
+		done
 
-ifdef PTXCONF_IPTABLES_INSTALL_libip6t_mh
-	@$(call install_copy, iptables, 0, 0, 0755, $(IPTABLES_DIR)/extensions/libip6t_mh.so, /usr/lib/iptables/libip6t_mh.so, n)
 endif
 
-ifdef PTXCONF_IPTABLES_INSTALL_libip6t_NFLOG
-	@$(call install_copy, iptables, 0, 0, 0755, $(IPTABLES_DIR)/extensions/libip6t_NFLOG.so, /usr/lib/iptables/libip6t_NFLOG.so, n)
+# IPv4 part
+ifdef PTXCONF_IPTABLES_INSTALL_IPTABLES
+	@$(call install_copy, iptables, 0, 0, 0755, -, /usr/sbin/iptables)
 endif
-
-ifdef PTXCONF_IPTABLES_INSTALL_libip6t_policy
-	@$(call install_copy, iptables, 0, 0, 0755, $(IPTABLES_DIR)/extensions/libip6t_policy.so, /usr/lib/iptables/libip6t_policy.so, n)
+ifdef PTXCONF_IPTABLES_INSTALL_IPTABLES_MULTI
+	@$(call install_copy, iptables, 0, 0, 0755, -, /usr/sbin/iptables-multi)
 endif
-
-ifdef PTXCONF_IPTABLES_INSTALL_libip6t_REJECT
-	@$(call install_copy, iptables, 0, 0, 0755, $(IPTABLES_DIR)/extensions/libip6t_REJECT.so, /usr/lib/iptables/libip6t_REJECT.so, n)
+ifdef PTXCONF_IPTABLES_INSTALL_IPTABLES_RESTORE
+	@$(call install_copy, iptables, 0, 0, 0755, -, /usr/sbin/iptables-restore)
 endif
-
-ifdef PTXCONF_IPTABLES_INSTALL_libip6t_rt
-	@$(call install_copy, iptables, 0, 0, 0755, $(IPTABLES_DIR)/extensions/libip6t_rt.so, /usr/lib/iptables/libip6t_rt.so, n)
+ifdef PTXCONF_IPTABLES_INSTALL_IPTABLES_SAVE
+	@$(call install_copy, iptables, 0, 0, 0755, -, /usr/sbin/iptables-save)
 endif
 
-ifdef PTXCONF_IPTABLES_INSTALL_libip6t_sctp
-	@$(call install_copy, iptables, 0, 0, 0755, $(IPTABLES_DIR)/extensions/libip6t_sctp.so, /usr/lib/iptables/libip6t_sctp.so, n)
-endif
+# install all shared feature libraries to get full runtime support
+	@cd $(IPTABLES_DIR)/extensions && \
+		for file in libipt_*.so libxt_*.so; do \
+			$(call install_copy, iptables, 0, 0, 0644, \
+				$(IPTABLES_DIR)/extensions/$$file, \
+				/usr/lib/$$file); \
+		done
 
 	@$(call install_finish, iptables)
author	Juergen Beisert <j.beisert@pengutronix.de>	2009-04-09 08:25:21 +0000
committer	Juergen Beisert <j.beisert@pengutronix.de>	2009-04-09 08:25:21 +0000
commit	290d3e62d7fa402be65bf5a2b26a4daf2d3a6304 (patch)
tree	bfbc808d34119cd5a400d6a58b40bf11ee192854 /rules
parent	94da84b7ff99053c925b8797b7e3ef2378fafaf7 (diff)
download	ptxdist-290d3e62d7fa402be65bf5a2b26a4daf2d3a6304.tar.gz ptxdist-290d3e62d7fa402be65bf5a2b26a4daf2d3a6304.tar.xz