diff options
author | Jan Luebbe <jlu@pengutronix.de> | 2012-02-16 16:35:06 +0100 |
---|---|---|
committer | Michael Olbrich <m.olbrich@pengutronix.de> | 2012-03-12 09:52:53 +0100 |
commit | b1742717807c787868ce2f916297872d49bf78d8 (patch) | |
tree | ba2262f2daac6e46644b35603eae18bba025d733 /rules | |
parent | e6eb0c0788b54712179a298b9528126b16e0a47c (diff) | |
download | ptxdist-b1742717807c787868ce2f916297872d49bf78d8.tar.gz ptxdist-b1742717807c787868ce2f916297872d49bf78d8.tar.xz |
iptables: clean up
The ip(6)tables-* tools are only links to xtables-multi, so leaving them
out doesn't save much space.
Only four options are left now:
IPTABLES_IPV4
IPTABLES_IPV6
IPTABLES_INSTALL_TOOLS
IPTABLES_INSTALL_IPTABLES_APPLY
iptables-apply is kept separate as it depends on bash.
Signed-off-by: Jan Luebbe <jlu@pengutronix.de>
Signed-off-by: Michael Olbrich <m.olbrich@pengutronix.de>
Diffstat (limited to 'rules')
-rw-r--r-- | rules/iptables.in | 76 | ||||
-rw-r--r-- | rules/iptables.make | 68 |
2 files changed, 34 insertions, 110 deletions
diff --git a/rules/iptables.in b/rules/iptables.in index 1440c3820..b7bc47838 100644 --- a/rules/iptables.in +++ b/rules/iptables.in @@ -16,76 +16,21 @@ menuconfig IPTABLES if IPTABLES -config IPTABLES_INSTALL_IPV6_TOOLS +config IPTABLES_IPV6 bool - prompt "IPv6 tools" + prompt "IPv6 support" -if IPTABLES_INSTALL_IPV6_TOOLS - -config IPTABLES_INSTALL_XTABLES_MULTI +config IPTABLES_IPV4 bool + prompt "IPv4 support" -config IPTABLES_INSTALL_IP6TABLES - select IPTABLES_INSTALL_XTABLES_MULTI - bool "install ip6tables" - help - Install the IPv6 Version of iptables - -config IPTABLES_INSTALL_IP6TABLES_RESTORE - select IPTABLES_INSTALL_XTABLES_MULTI - bool "install ip6tables-restore" - help - The ip6tables-restore command is used to restore - the ip6tables rule-set that was saved with the - ip6tables-save command. - -config IPTABLES_INSTALL_IP6TABLES_SAVE - select IPTABLES_INSTALL_XTABLES_MULTI - bool "install ip6tables-save" - help - The ip6tables-save command is a tool to save the current rule-set - into a file that ip6tables-restore can use. - -endif - - -config IPTABLES_INSTALL_IPV4_TOOLS - bool - prompt "IPv4 tools" - -if IPTABLES_INSTALL_IPV4_TOOLS - -config IPTABLES_INSTALL_IPTABLES - select IPTABLES_INSTALL_XTABLES_MULTI - bool "install iptables" - help - install the IPv4 Version of iptables - -config IPTABLES_INSTALL_IPTABLES_RESTORE - select IPTABLES_INSTALL_XTABLES_MULTI - bool "install iptables-restore" - help - The iptables-restore command is used to restore - the iptables rule-set that was saved with the - iptables-save command. - -config IPTABLES_INSTALL_IPTABLES_SAVE - select IPTABLES_INSTALL_XTABLES_MULTI - bool "install iptables-save" - help - The iptables-save command is a tool to save - the current rule-set into a file that - iptables-restore can use. - -endif - -config IPTABLES_INSTALL_IPTABLES_XML - select IPTABLES_INSTALL_XTABLES_MULTI - bool "install iptables-xml" +config IPTABLES_INSTALL_TOOLS + bool "install executables" help - iptables-xml is used to convert the output of iptables-save into an - easily manipulatable XML format to STDOUT. Use I/O-redirection - provided by your shell to write to a file. + depending on the selected protocols install the links to + xtables-multi: + IPv4: iptables, iptables-save, iptables-restore + IPv6: ip6tables, ip6tables-save, ip6tables-restore comment "iptables-apply depends on bash" depends on !BASH @@ -93,6 +38,7 @@ comment "iptables-apply depends on bash" config IPTABLES_INSTALL_IPTABLES_APPLY bool prompt "install iptables-apply" + select IPTABLES_INSTALL_TOOLS depends on BASH help iptables-apply will try to apply a new ruleset (as output by diff --git a/rules/iptables.make b/rules/iptables.make index 64b08c901..e7f6ceb87 100644 --- a/rules/iptables.make +++ b/rules/iptables.make @@ -51,20 +51,10 @@ IPTABLES_AUTOCONF := \ --with-kernel=$(KERNEL_HEADERS_DIR) \ --with-xtlibdir=/usr/lib \ --enable-devel \ + --$(call ptx/endis, PTXCONF_IPTABLES_IPV4)-ipv4 \ + --$(call ptx/endis, PTXCONF_IPTABLES_IPV6)-ipv6 \ --disable-libipq -ifdef PTXCONF_IPTABLES_INSTALL_IPV4_TOOLS -IPTABLES_AUTOCONF += --enable-ipv4 -else -IPTABLES_AUTOCONF += --disable-ipv4 -endif - -ifdef PTXCONF_IPTABLES_INSTALL_IPV6_TOOLS -IPTABLES_AUTOCONF += --enable-ipv6 -else -IPTABLES_AUTOCONF += --disable-ipv6 -endif - # ---------------------------------------------------------------------------- # Install # ---------------------------------------------------------------------------- @@ -93,31 +83,14 @@ $(STATEDIR)/iptables.targetinstall: @$(call install_lib, iptables, 0, 0, 0644, libiptc) @$(call install_lib, iptables, 0, 0, 0644, libxtables) -ifdef PTXCONF_IPTABLES_INSTALL_XTABLES_MULTI - @$(call install_copy, iptables, 0, 0, 0755, -, /usr/sbin/xtables-multi) - @$(call install_lib, iptables, 0, 0, 0644, libxtables) - @cd $(IPTABLES_PKGDIR)/usr/lib && \ for file in libxt_*.so; do \ $(call install_copy, iptables, 0, 0, 0644, -,\ /usr/lib/$$file); \ done - $(call install_lib, iptables, 0, 0, 0644, libiptc) -endif - -# # IPv6 part -ifdef PTXCONF_IPTABLES_INSTALL_IP6TABLES - @$(call install_link, iptables, xtables-multi, /usr/sbin/ip6tables) -endif -ifdef PTXCONF_IPTABLES_INSTALL_IP6TABLES_RESTORE - @$(call install_link, iptables, xtables-multi, /usr/sbin/ip6tables-restore) -endif -ifdef PTXCONF_IPTABLES_INSTALL_IP6TABLES_SAVE - @$(call install_link, iptables, xtables-multi, /usr/sbin/ip6tables-save) -endif -# install the IPv6 relevant shared feature libraries -ifdef PTXCONF_IPTABLES_INSTALL_IPV6_TOOLS +ifdef PTXCONF_IPTABLES_IPV6 +# # install the IPv6 relevant shared libraries @cd $(IPTABLES_PKGDIR)/usr/lib && \ for file in libip6t_*.so; do \ $(call install_copy, iptables, 0, 0, 0644, -, \ @@ -127,19 +100,8 @@ ifdef PTXCONF_IPTABLES_INSTALL_IPV6_TOOLS endif -# IPv4 part -ifdef PTXCONF_IPTABLES_INSTALL_IPTABLES - @$(call install_link, iptables, xtables-multi, /usr/sbin/iptables) -endif -ifdef PTXCONF_IPTABLES_INSTALL_IPTABLES_RESTORE - @$(call install_link, iptables, xtables-multi, /usr/sbin/iptables-restore) -endif -ifdef PTXCONF_IPTABLES_INSTALL_IPTABLES_SAVE - @$(call install_link, iptables, xtables-multi, /usr/sbin/iptables-save) -endif - -# install all shared feature libraries to get full runtime support -ifdef PTXCONF_IPTABLES_INSTALL_IPV4_TOOLS +ifdef PTXCONF_IPTABLES_IPV4 +# # install the IPv4 relevant shared libraries @cd $(IPTABLES_PKGDIR)/usr/lib && \ for file in libipt_*.so; do \ $(call install_copy, iptables, 0, 0, 0644, -,\ @@ -148,8 +110,24 @@ ifdef PTXCONF_IPTABLES_INSTALL_IPV4_TOOLS $(call install_lib, iptables, 0, 0, 0644, libip4tc) endif -ifdef PTXCONF_IPTABLES_INSTALL_IPTABLES_XML +ifdef PTXCONF_IPTABLES_INSTALL_TOOLS + @$(call install_copy, iptables, 0, 0, 0755, -, /usr/sbin/xtables-multi) + @$(call install_link, iptables, ../sbin/xtables-multi, /usr/bin/iptables-xml) + +ifdef PTXCONF_IPTABLES_IPV6 +# # IPv6 part + @$(call install_link, iptables, xtables-multi, /usr/sbin/ip6tables) + @$(call install_link, iptables, xtables-multi, /usr/sbin/ip6tables-restore) + @$(call install_link, iptables, xtables-multi, /usr/sbin/ip6tables-save) +endif + +ifdef PTXCONF_IPTABLES_IPV4 +# # IPv4 part + @$(call install_link, iptables, xtables-multi, /usr/sbin/iptables) + @$(call install_link, iptables, xtables-multi, /usr/sbin/iptables-restore) + @$(call install_link, iptables, xtables-multi, /usr/sbin/iptables-save) +endif endif ifdef PTXCONF_IPTABLES_INSTALL_IPTABLES_APPLY |