jcgruenhage/void-packages
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
void-packages/srcpkgs/iptables/template
Christopher Brannon d107bcebc8 iptables: split out an iptables-nft subpackage with nftables-based wrappers. 
Possibly this could be useful for people who use iptables and want to run
docker on Void.  Docker tries to add firewall rules with iptables, but
mixing iptables and nftables is a bad idea.
In my brief experimentation, the nftables-based wrappers for iptables
solve that problem for me.
2019-08-10 00:33:34 +02:00

68 lines
2.2 KiB
Bash
Raw Blame History

# Template file for 'iptables'
pkgname=iptables
version=1.8.3
revision=2
build_style=gnu-configure
configure_args="--enable-libipq --enable-shared --enable-devel --enable-bpf-compiler"
hostmakedepends="pkg-config flex"
makedepends="libpcap-devel libfl-devel libmnl-devel libnfnetlink-devel
libnetfilter_conntrack-devel libnftnl-devel"
short_desc="Linux IPv[46] packet filtering ruleset"
maintainer="Juan RP <xtraeme@voidlinux.org>"
license="GPL-2.0-or-later"
homepage="https://www.netfilter.org/"
distfiles="https://www.netfilter.org/projects/iptables/files/iptables-${version}.tar.bz2"
checksum=a23cac034181206b4545f4e7e730e76e08b5f3dd78771ba9645a6756de9cdd80
alternatives="
iptables:ip6tables:/usr/bin/xtables-legacy-multi
iptables:ip6tables-restore:/usr/bin/xtables-legacy-multi
iptables:ip6tables-save:/usr/bin/xtables-legacy-multi
iptables:iptables:/usr/bin/xtables-legacy-multi
iptables:iptables-restore:/usr/bin/xtables-legacy-multi
iptables:iptables-save:/usr/bin/xtables-legacy-multi"
pre_build() {
rm include/linux/types.h
}
post_install() {
vsv iptables
vsv ip6tables
vinstall ${FILESDIR}/iptables-flush.scripts 755 usr/libexec iptables-flush
# Configuration files and rules.
for f in empty.rules simple_firewall.rules; do
vinstall ${FILESDIR}/${f} 644 etc/iptables
done
for f in filter mangle nat raw security; do
vinstall ${FILESDIR}/empty-${f}.rules 644 \
var/lib/iptables empty-${f}.rules
done
for i in ip{6,}tables{-save,-restore,} ; do
rm -f "usr/bin/${i}"
done
}
iptables-devel_package() {
depends="${sourcepkg}>=${version}_${revision}"
short_desc+=" - development files"
pkg_install() {
vmove "usr/lib/*.so"
vmove usr/include
vmove usr/lib/pkgconfig
vmove usr/share/man/man3
}
}
iptables-nft_package() {
build_style=meta
depends="${sourcepkg}>=${version}_${revision}"
short_desc="Iptables-compatible wrapper commands for nftables"
alternatives="
iptables:ip6tables:/usr/bin/xtables-nft-multi
iptables:ip6tables-restore:/usr/bin/xtables-nft-multi
iptables:ip6tables-save:/usr/bin/xtables-nft-multi
iptables:iptables:/usr/bin/xtables-nft-multi
iptables:iptables-restore:/usr/bin/xtables-nft-multi
iptables:iptables-save:/usr/bin/xtables-nft-multi"
}
Reference in a new issue View git blame Copy permalink