# Template file for 'iptables'
pkgname=iptables
version=1.4.12.2
homepage="http://www.iptables.org"
distfiles="$homepage/projects/iptables/files/$pkgname-$version.tar.bz2"
build_style=gnu-configure
configure_args="--enable-devel --enable-libipq --enable-shared --enable-static"
short_desc="Linux IPv[46] packet filtering ruleset"
maintainer="Juan RP <xtraeme@gmail.com>"
homepage="http://www.netfilter.org/"
license="GPL-2"
checksum=09fff7dfe6af95675474fd5d0fc67622fac5a0f3d6e02ee614deae9a2e5dae13
long_desc="
 iptables is the userspace command line program used to configure the Linux
 IPv4 packet filtering ruleset. It is targeted towards system administrators.

 Since Network Address Translation is also configured from the packet filter
 ruleset, iptables is used for this, too.

 The iptables package also includes ip6tables. ip6tables is used for
 configuring the IPv6 packet filter."

subpackages="$pkgname-devel"

Add_dependency build sed

pre_configure() {
	# Fix build with kernel-libc-headers >= 3.2
	sed -i '/if_packet/i#define __aligned_u64 __u64 __attribute__((aligned(8)))' \
		extensions/libxt_pkttype.c
	sed -i '87 i libxt_RATEEST.so: libxt_RATEEST.oo' extensions/GNUmakefile.in
	sed -i '88 i \\t${AM_VERBOSE_CCLD} ${CCLD} ${AM_LDFLAGS} -lm -shared ${LDFLAGS} -o $@ $<;\n' \
		extensions/GNUmakefile.in
}

post_install() {
	vinstall ${FILESDIR}/iptables.service 644 lib/systemd/system
	vinstall ${FILESDIR}/ip6tables.service 644 lib/systemd/system
	vinstall ${FILESDIR}/iptables-flush.scripts 755 \
		lib/systemd/scripts iptables-flush

	for f in empty.rules simple_firewall.rules; do
		vinstall ${FILESDIR}/${f} 644 etc/iptables
	done
	for f in filter mangle nat raw security; do
		vinstall ${FILESDIR}/empty-${f}.rules 644 \
			var/lib/iptables empty-${f}.rules
	done
}