summaryrefslogtreecommitdiff
path: root/package/iptables/Makefile
diff options
context:
space:
mode:
authornbd <nbd@3c298f89-4303-0410-b956-a3cf2f4a3e73>2012-02-22 01:47:48 +0000
committernbd <nbd@3c298f89-4303-0410-b956-a3cf2f4a3e73>2012-02-22 01:47:48 +0000
commit22c94fc859c7834b1c074ba492af6b514e694117 (patch)
tree195e45596c6b824409d70e9190a0d838871d50a3 /package/iptables/Makefile
parent417df6b3c30b2160d12ee8cc0c18648389de286f (diff)
iptables: make it possible to dynamically configure built-in statically linked extensions, fold -mod-conntrack and -mod-nat into the default package. saves about 8k on an ar71xx default squashfs
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@30676 3c298f89-4303-0410-b956-a3cf2f4a3e73
Diffstat (limited to 'package/iptables/Makefile')
-rw-r--r--package/iptables/Makefile51
1 files changed, 3 insertions, 48 deletions
diff --git a/package/iptables/Makefile b/package/iptables/Makefile
index 24c428c4fe..026df266ba 100644
--- a/package/iptables/Makefile
+++ b/package/iptables/Makefile
@@ -79,26 +79,6 @@ IPv4 firewall administration tool.
endef
-define Package/iptables-mod-conntrack
-$(call Package/iptables/Module, +kmod-ipt-conntrack)
- TITLE:=Basic connection tracking extensions
-endef
-
-define Package/iptables-mod-conntrack/description
-Basic iptables extensions for connection tracking.
-
- Matches:
- - state
- - conntrack
-
- Targets:
- - NOTRACK
-
- Tables:
- - raw
-
-endef
-
define Package/iptables-mod-conntrack-extra
$(call Package/iptables/Module, +kmod-ipt-conntrack-extra)
TITLE:=Extra connection tracking extensions
@@ -192,24 +172,6 @@ IPset iptables extensions.
endef
-define Package/iptables-mod-nat
-$(call Package/iptables/Module, +kmod-ipt-nat)
- TITLE:=Basic NAT extensions
-endef
-
-define Package/iptables-mod-nat/description
-iptables extensions for basic NAT targets.
-
- Targets:
- - SNAT
- - DNAT
- - MASQUERADE
-
- Tables:
- - nat
-
-endef
-
define Package/iptables-mod-nat-extra
$(call Package/iptables/Module, +kmod-ipt-nat-extra)
TITLE:=Extra NAT extensions
@@ -394,13 +356,15 @@ CONFIGURE_ARGS += \
$(if $(CONFIG_IPV6),--enable-ipv6,--disable-ipv6) \
--enable-libipq \
--with-kernel="$(LINUX_DIR)" \
- --with-xtlibdir=/usr/lib/iptables
+ --with-xtlibdir=/usr/lib/iptables \
+ --enable-static
MAKE_FLAGS := \
$(TARGET_CONFIGURE_OPTS) \
COPT_FLAGS="$(TARGET_CFLAGS)" \
KERNEL_DIR="$(LINUX_DIR)" PREFIX=/usr \
KBUILD_OUTPUT="$(LINUX_DIR)" \
+ BUILTIN_MODULES="$(patsubst ipt_%,%,$(patsubst xt_%,%,$(IPT_BUILTIN) $(IPT_CONNTRACK-m) $(IPT_NAT-m)))"
define Build/InstallDev
$(INSTALL_DIR) $(1)/usr/include
@@ -431,13 +395,6 @@ define Package/iptables/install
$(LN) iptables $(1)/usr/sbin/iptables-save
$(LN) iptables $(1)/usr/sbin/iptables-restore
$(INSTALL_DIR) $(1)/usr/lib/iptables
- (cd $(PKG_INSTALL_DIR)/usr/lib/iptables ; \
- for m in $(patsubst xt_%,ipt_%,$(IPT_BUILTIN)) $(patsubst ipt_%,xt_%,$(IPT_BUILTIN)); do \
- if [ -f $(PKG_INSTALL_DIR)/usr/lib/iptables/lib$$$${m}.so ]; then \
- $(CP) $(PKG_INSTALL_DIR)/usr/lib/iptables/lib$$$${m}.so $(1)/usr/lib/iptables/ ;\
- fi; \
- done \
- )
endef
define Package/ip6tables/install
@@ -496,14 +453,12 @@ L7_INSTALL:=\
$(eval $(call BuildPackage,iptables))
-$(eval $(call BuildPlugin,iptables-mod-conntrack,$(IPT_CONNTRACK-m)))
$(eval $(call BuildPlugin,iptables-mod-conntrack-extra,$(IPT_CONNTRACK_EXTRA-m)))
$(eval $(call BuildPlugin,iptables-mod-extra,$(IPT_EXTRA-m)))
$(eval $(call BuildPlugin,iptables-mod-filter,$(IPT_FILTER-m),$(L7_INSTALL)))
$(eval $(call BuildPlugin,iptables-mod-ipopt,$(IPT_IPOPT-m)))
$(eval $(call BuildPlugin,iptables-mod-ipsec,$(IPT_IPSEC-m)))
$(eval $(call BuildPlugin,iptables-mod-ipset,ipt_set ipt_SET))
-$(eval $(call BuildPlugin,iptables-mod-nat,$(IPT_NAT-m)))
$(eval $(call BuildPlugin,iptables-mod-nat-extra,$(IPT_NAT_EXTRA-m)))
$(eval $(call BuildPlugin,iptables-mod-iprange,$(IPT_IPRANGE-m)))
$(eval $(call BuildPlugin,iptables-mod-ulog,$(IPT_ULOG-m)))