* [ptxdist] [PATCH 2/5] libnfnetlink: bump version to 1.01
2016-04-06 15:20 [ptxdist] [PATCH 1/5] iptables: bump version to 1.6.0 and update compile switches Andreas Geisenhainer
@ 2016-04-06 15:20 ` Andreas Geisenhainer
2016-04-06 15:20 ` [ptxdist] [PATCH 3/5] libnftnl: resolves new dependency on libnftnl by iptables Andreas Geisenhainer
` (3 subsequent siblings)
4 siblings, 0 replies; 9+ messages in thread
From: Andreas Geisenhainer @ 2016-04-06 15:20 UTC (permalink / raw)
To: ptxdist
Signed-off-by: Andreas Geisenhainer <Andreas.Geisenhainer@atsonline.de>
---
rules/libnfnetlink.in | 1 -
rules/libnfnetlink.make | 4 ++--
2 files changed, 2 insertions(+), 3 deletions(-)
diff --git a/rules/libnfnetlink.in b/rules/libnfnetlink.in
index 8684131..91e68a5 100644
--- a/rules/libnfnetlink.in
+++ b/rules/libnfnetlink.in
@@ -12,4 +12,3 @@ config LIBNFNETLINK
This library is not meant as a public API for application
developers. It is only used by other netfilter.org projects,
such as libnetfilter_log,
-
diff --git a/rules/libnfnetlink.make b/rules/libnfnetlink.make
index bde7316..a9fc6e1 100644
--- a/rules/libnfnetlink.make
+++ b/rules/libnfnetlink.make
@@ -16,8 +16,8 @@ PACKAGES-$(PTXCONF_LIBNFNETLINK) += libnfnetlink
#
# Paths and names
#
-LIBNFNETLINK_VERSION := 1.0.0
-LIBNFNETLINK_MD5 := 016fdec8389242615024c529acc1adb8
+LIBNFNETLINK_VERSION := 1.0.1
+LIBNFNETLINK_MD5 := 98927583d2016a9fb1936fed992e2c5e
LIBNFNETLINK := libnfnetlink-$(LIBNFNETLINK_VERSION)
LIBNFNETLINK_SUFFIX := tar.bz2
LIBNFNETLINK_URL := http://ftp.netfilter.org/pub/libnfnetlink/$(LIBNFNETLINK).$(LIBNFNETLINK_SUFFIX)
--
2.8.0.rc3
____________
Virus checked by G Data MailSecurity
Version: AVA 25.6071 dated 06.04.2016
Virus news: www.antiviruslab.com.
_______________________________________________
ptxdist mailing list
ptxdist@pengutronix.de
^ permalink raw reply [flat|nested] 9+ messages in thread
* [ptxdist] [PATCH 3/5] libnftnl: resolves new dependency on libnftnl by iptables
2016-04-06 15:20 [ptxdist] [PATCH 1/5] iptables: bump version to 1.6.0 and update compile switches Andreas Geisenhainer
2016-04-06 15:20 ` [ptxdist] [PATCH 2/5] libnfnetlink: bump version to 1.01 Andreas Geisenhainer
@ 2016-04-06 15:20 ` Andreas Geisenhainer
2016-04-07 10:59 ` Michael Olbrich
2016-04-06 15:20 ` [ptxdist] [PATCH 4/5] nftables: adds new package nftables in version 0.5 Andreas Geisenhainer
` (2 subsequent siblings)
4 siblings, 1 reply; 9+ messages in thread
From: Andreas Geisenhainer @ 2016-04-06 15:20 UTC (permalink / raw)
To: ptxdist
Signed-off-by: Andreas Geisenhainer <Andreas.Geisenhainer@atsonline.de>
---
rules/libnftnl.in | 26 +++++++++++++++++++++++++
rules/libnftnl.make | 56 +++++++++++++++++++++++++++++++++++++++++++++++++++++
2 files changed, 82 insertions(+)
create mode 100644 rules/libnftnl.in
create mode 100644 rules/libnftnl.make
diff --git a/rules/libnftnl.in b/rules/libnftnl.in
new file mode 100644
index 0000000..190e645
--- /dev/null
+++ b/rules/libnftnl.in
@@ -0,0 +1,26 @@
+## SECTION=networking
+
+menuconfig LIBNFTNL
+ tristate
+ select LIBMXML if LIBNFTNL_XML
+ select JANSSON if LIBNFTNL_JSON
+ prompt "libnftnl "
+ help
+ libnftnl is a userspace library providing a low-level netlink
+ programming interface (API) to the in-kernel nf_tables subsystem.
+ The library libnftnl has been previously known as libnftables.
+ This library is currently used by nftables.
+
+if LIBNFTNL
+
+config LIBNFTNL_XML
+ bool
+ depends on LIBNFTNL
+ prompt "XML parsing support "
+
+config LIBNFTNL_JSON
+ bool
+ depends on LIBNFTNL
+ prompt "JSON parsing support "
+
+endif
diff --git a/rules/libnftnl.make b/rules/libnftnl.make
new file mode 100644
index 0000000..614c1ef
--- /dev/null
+++ b/rules/libnftnl.make
@@ -0,0 +1,56 @@
+# -*-makefile-*-
+#
+# Copyright (C) 2016 by Andreas Geisenhainer <andreas.geisenhainer@atsonline.de>
+#
+# See CREDITS for details about who has contributed to this project.
+#
+# For further information about the PTXdist project and license conditions
+# see the README file.
+#
+
+#
+# We provide this package
+#
+PACKAGES-$(PTXCONF_LIBNFTNL) += libnftnl
+
+#
+# Paths and names
+#
+LIBNFTNL_VERSION := 1.0.5
+LIBNFTNL_MD5 := af0c62ce6bbd7a7d39def0996c1c17c9
+LIBNFTNL := libnftnl-$(LIBNFTNL_VERSION)
+LIBNFTNL_SUFFIX := tar.bz2
+LIBNFTNL_URL := http://ftp.netfilter.org/pub/libnftnl/$(LIBNFTNL).$(LIBNFTNL_SUFFIX)
+LIBNFTNL_SOURCE := $(SRCDIR)/$(LIBNFTNL).$(LIBNFTNL_SUFFIX)
+LIBNFTNL_DIR := $(BUILDDIR)/$(LIBNFTNL)
+LIBNFTNL_LICENSE := GPL2
+
+#
+# autoconf
+#
+LIBNFTNL_CONF_TOOL := autoconf
+LIBNFTNL_CONF_OPT := \
+ $(CROSS_AUTOCONF_USR) \
+ --$(call ptx/wwo, PTXCONF_LIBNFTNL_XML)-xml-parsing \
+ --$(call ptx/wwo, PTXCONF_LIBNFTNL_JSON)-json-parsing
+
+# ----------------------------------------------------------------------------
+# Target-Install
+# ----------------------------------------------------------------------------
+
+$(STATEDIR)/libnftnl.targetinstall:
+ @$(call targetinfo)
+
+ @$(call install_init, libnftnl)
+ @$(call install_fixup, libnftnl,PRIORITY,optional)
+ @$(call install_fixup, libnftnl,SECTION,base)
+ @$(call install_fixup, libnftnl,AUTHOR,"Andreas Geisenhainer <andreas.geisenhainer@atsonline.de>")
+ @$(call install_fixup, libnftnl,DESCRIPTION,missing)
+
+ @$(call install_lib, libnftnl, 0, 0, 0644, libnftnl)
+
+ @$(call install_finish, libnftnl)
+
+ @$(call touch)
+
+# vim: syntax=make
--
2.8.0.rc3
____________
Virus checked by G Data MailSecurity
Version: AVA 25.6071 dated 06.04.2016
Virus news: www.antiviruslab.com.
_______________________________________________
ptxdist mailing list
ptxdist@pengutronix.de
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [ptxdist] [PATCH 3/5] libnftnl: resolves new dependency on libnftnl by iptables
2016-04-06 15:20 ` [ptxdist] [PATCH 3/5] libnftnl: resolves new dependency on libnftnl by iptables Andreas Geisenhainer
@ 2016-04-07 10:59 ` Michael Olbrich
0 siblings, 0 replies; 9+ messages in thread
From: Michael Olbrich @ 2016-04-07 10:59 UTC (permalink / raw)
To: ptxdist
On Wed, Apr 06, 2016 at 05:20:25PM +0200, Andreas Geisenhainer wrote:
> Signed-off-by: Andreas Geisenhainer <Andreas.Geisenhainer@atsonline.de>
> ---
> rules/libnftnl.in | 26 +++++++++++++++++++++++++
> rules/libnftnl.make | 56 +++++++++++++++++++++++++++++++++++++++++++++++++++++
> 2 files changed, 82 insertions(+)
> create mode 100644 rules/libnftnl.in
> create mode 100644 rules/libnftnl.make
>
> diff --git a/rules/libnftnl.in b/rules/libnftnl.in
> new file mode 100644
> index 0000000..190e645
> --- /dev/null
> +++ b/rules/libnftnl.in
> @@ -0,0 +1,26 @@
> +## SECTION=networking
> +
> +menuconfig LIBNFTNL
> + tristate
> + select LIBMXML if LIBNFTNL_XML
> + select JANSSON if LIBNFTNL_JSON
> + prompt "libnftnl "
> + help
> + libnftnl is a userspace library providing a low-level netlink
> + programming interface (API) to the in-kernel nf_tables subsystem.
> + The library libnftnl has been previously known as libnftables.
> + This library is currently used by nftables.
> +
> +if LIBNFTNL
> +
> +config LIBNFTNL_XML
> + bool
> + depends on LIBNFTNL
Indent with <tab>.
> + prompt "XML parsing support "
No spaces at the end of the prompt. That is only used to align the '-->'
for 'menuconfig'.
> +
> +config LIBNFTNL_JSON
> + bool
> + depends on LIBNFTNL
Same here.
> + prompt "JSON parsing support "
Same here.
> +
> +endif
> diff --git a/rules/libnftnl.make b/rules/libnftnl.make
> new file mode 100644
> index 0000000..614c1ef
> --- /dev/null
> +++ b/rules/libnftnl.make
> @@ -0,0 +1,56 @@
> +# -*-makefile-*-
> +#
> +# Copyright (C) 2016 by Andreas Geisenhainer <andreas.geisenhainer@atsonline.de>
> +#
> +# See CREDITS for details about who has contributed to this project.
> +#
> +# For further information about the PTXdist project and license conditions
> +# see the README file.
> +#
> +
> +#
> +# We provide this package
> +#
> +PACKAGES-$(PTXCONF_LIBNFTNL) += libnftnl
> +
> +#
> +# Paths and names
> +#
> +LIBNFTNL_VERSION := 1.0.5
> +LIBNFTNL_MD5 := af0c62ce6bbd7a7d39def0996c1c17c9
> +LIBNFTNL := libnftnl-$(LIBNFTNL_VERSION)
> +LIBNFTNL_SUFFIX := tar.bz2
> +LIBNFTNL_URL := http://ftp.netfilter.org/pub/libnftnl/$(LIBNFTNL).$(LIBNFTNL_SUFFIX)
> +LIBNFTNL_SOURCE := $(SRCDIR)/$(LIBNFTNL).$(LIBNFTNL_SUFFIX)
> +LIBNFTNL_DIR := $(BUILDDIR)/$(LIBNFTNL)
> +LIBNFTNL_LICENSE := GPL2
Use the SPDX identifier: GPL-2.0
Michael
> +
> +#
> +# autoconf
> +#
> +LIBNFTNL_CONF_TOOL := autoconf
> +LIBNFTNL_CONF_OPT := \
> + $(CROSS_AUTOCONF_USR) \
> + --$(call ptx/wwo, PTXCONF_LIBNFTNL_XML)-xml-parsing \
> + --$(call ptx/wwo, PTXCONF_LIBNFTNL_JSON)-json-parsing
> +
> +# ----------------------------------------------------------------------------
> +# Target-Install
> +# ----------------------------------------------------------------------------
> +
> +$(STATEDIR)/libnftnl.targetinstall:
> + @$(call targetinfo)
> +
> + @$(call install_init, libnftnl)
> + @$(call install_fixup, libnftnl,PRIORITY,optional)
> + @$(call install_fixup, libnftnl,SECTION,base)
> + @$(call install_fixup, libnftnl,AUTHOR,"Andreas Geisenhainer <andreas.geisenhainer@atsonline.de>")
> + @$(call install_fixup, libnftnl,DESCRIPTION,missing)
> +
> + @$(call install_lib, libnftnl, 0, 0, 0644, libnftnl)
> +
> + @$(call install_finish, libnftnl)
> +
> + @$(call touch)
> +
> +# vim: syntax=make
> --
> 2.8.0.rc3
>
> ____________
> Virus checked by G Data MailSecurity
> Version: AVA 25.6071 dated 06.04.2016
> Virus news: www.antiviruslab.com.
>
> _______________________________________________
> ptxdist mailing list
> ptxdist@pengutronix.de
--
Pengutronix e.K. | |
Industrial Linux Solutions | http://www.pengutronix.de/ |
Peiner Str. 6-8, 31137 Hildesheim, Germany | Phone: +49-5121-206917-0 |
Amtsgericht Hildesheim, HRA 2686 | Fax: +49-5121-206917-5555 |
_______________________________________________
ptxdist mailing list
ptxdist@pengutronix.de
^ permalink raw reply [flat|nested] 9+ messages in thread
* [ptxdist] [PATCH 4/5] nftables: adds new package nftables in version 0.5
2016-04-06 15:20 [ptxdist] [PATCH 1/5] iptables: bump version to 1.6.0 and update compile switches Andreas Geisenhainer
2016-04-06 15:20 ` [ptxdist] [PATCH 2/5] libnfnetlink: bump version to 1.01 Andreas Geisenhainer
2016-04-06 15:20 ` [ptxdist] [PATCH 3/5] libnftnl: resolves new dependency on libnftnl by iptables Andreas Geisenhainer
@ 2016-04-06 15:20 ` Andreas Geisenhainer
2016-04-07 11:17 ` Michael Olbrich
2016-04-06 15:20 ` [ptxdist] [PATCH 5/5] libmnl: resolvs dependency to libmnl by nftables by adding libmnl-package Andreas Geisenhainer
2016-04-07 10:55 ` [ptxdist] [PATCH 1/5] iptables: bump version to 1.6.0 and update compile switches Michael Olbrich
4 siblings, 1 reply; 9+ messages in thread
From: Andreas Geisenhainer @ 2016-04-06 15:20 UTC (permalink / raw)
To: ptxdist
Signed-off-by: Andreas Geisenhainer <Andreas.Geisenhainer@atsonline.de>
---
rules/nftables.in | 35 ++++++++++++++++++++++++++++++
rules/nftables.make | 62 +++++++++++++++++++++++++++++++++++++++++++++++++++++
2 files changed, 97 insertions(+)
create mode 100644 rules/nftables.in
create mode 100644 rules/nftables.make
diff --git a/rules/nftables.in b/rules/nftables.in
new file mode 100644
index 0000000..630530f
--- /dev/null
+++ b/rules/nftables.in
@@ -0,0 +1,35 @@
+## SECTION=networking
+
+menuconfig NFTABLES
+ tristate
+ prompt "nftables "
+ select LIBGMP if !NFTABLES_MGMP
+ select READLINE
+ select LIBMNL
+ select LIBNFTNL
+ help
+ nftables is the project that aims to replace the existing
+ {ip,ip6,arp,eb}tables framework. Basically, this project provides
+ a new packet filtering framework, a new userspace utility and also
+ a compatibility layer for {ip,ip6}tables. nftables is built upon
+ the building blocks of the Netfilter infrastructure such as the
+ existing hooks, the connection tracking system, the userspace
+ queueing component and the logging subsystem.
+ Don't forget to enable nf_tables in kernel.
+
+if NFTABLES
+
+config NFTABLES_DEBUG
+ bool
+ default y
+ prompt "enable debug"
+
+# broken in v0.5 (seems to be fixed some time after)
+# config NFTABLES_MGMP
+# bool
+# prompt "use mini-GMP"
+# help
+# use the nftables build-in mini-GMP instead of linking to the shared
+# libgmp. (may reduce debugging verbosity on some files)
+
+endif
diff --git a/rules/nftables.make b/rules/nftables.make
new file mode 100644
index 0000000..f5c94f1
--- /dev/null
+++ b/rules/nftables.make
@@ -0,0 +1,62 @@
+# -*-makefile-*-
+#
+# Copyright (C) 2016 by Andreas Geisenhainer <andreas.geisenhainer@atsonline.de>
+#
+# See CREDITS for details about who has contributed to this project.
+#
+# For further information about the PTXdist project and license conditions
+# see the README file.
+#
+
+#
+# We provide this package
+#
+PACKAGES-$(PTXCONF_NFTABLES) += nftables
+
+#
+# Paths and names
+#
+NFTABLES_VERSION := 0.5
+NFTABLES_MD5 := 94bfe1c54bcb9f6ed974835f2fca8069
+NFTABLES := nftables-$(NFTABLES_VERSION)
+NFTABLES_SUFFIX := tar.bz2
+NFTABLES_URL := http://ftp.netfilter.org/pub/nftables/$(NFTABLES).$(NFTABLES_SUFFIX)
+NFTABLES_SOURCE := $(SRCDIR)/$(NFTABLES).$(NFTABLES_SUFFIX)
+NFTABLES_DIR := $(BUILDDIR)/$(NFTABLES)
+NFTABLES_LICENSE := GPL-2.0
+
+# ----------------------------------------------------------------------------
+# Prepare
+# ----------------------------------------------------------------------------
+
+#
+# autoconf
+#
+NFTABLES_CONF_TOOL := autoconf
+NFTABLES_CONF_OPT := \
+ $(CROSS_AUTOCONF_USR) \
+ --$(call ptx/endis, PTXCONF_NFTABLES_DEBUG)-debug
+
+# broken in v0.5 (mini-gmp.h missing), seems to be fixed in newer releases
+# --$(call ptx/wwo, PTXCONF_NFTABLES_MGMP)-mini-gmp
+
+# ----------------------------------------------------------------------------
+# Target-Install
+# ----------------------------------------------------------------------------
+
+$(STATEDIR)/nftables.targetinstall:
+ @$(call targetinfo)
+
+ @$(call install_init, nftables)
+ @$(call install_fixup, nftables,PRIORITY,optional)
+ @$(call install_fixup, nftables,SECTION,base)
+ @$(call install_fixup, nftables,AUTHOR,"Andreas Geisenhainer <andreas.geisenhainer@atsonline.de")
+ @$(call install_fixup, nftables,DESCRIPTION,missing)
+
+ @$(call install_copy, nftables, 0, 0, 0755, $(NFTABLES_DIR)/src/nft, /usr/sbin/nft)
+
+ @$(call install_finish, nftables)
+
+ @$(call touch)
+
+# vim: syntax=make
--
2.8.0.rc3
____________
Virus checked by G Data MailSecurity
Version: AVA 25.6071 dated 06.04.2016
Virus news: www.antiviruslab.com.
_______________________________________________
ptxdist mailing list
ptxdist@pengutronix.de
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [ptxdist] [PATCH 4/5] nftables: adds new package nftables in version 0.5
2016-04-06 15:20 ` [ptxdist] [PATCH 4/5] nftables: adds new package nftables in version 0.5 Andreas Geisenhainer
@ 2016-04-07 11:17 ` Michael Olbrich
0 siblings, 0 replies; 9+ messages in thread
From: Michael Olbrich @ 2016-04-07 11:17 UTC (permalink / raw)
To: ptxdist
On Wed, Apr 06, 2016 at 05:20:26PM +0200, Andreas Geisenhainer wrote:
> Signed-off-by: Andreas Geisenhainer <Andreas.Geisenhainer@atsonline.de>
> ---
> rules/nftables.in | 35 ++++++++++++++++++++++++++++++
> rules/nftables.make | 62 +++++++++++++++++++++++++++++++++++++++++++++++++++++
> 2 files changed, 97 insertions(+)
> create mode 100644 rules/nftables.in
> create mode 100644 rules/nftables.make
>
> diff --git a/rules/nftables.in b/rules/nftables.in
> new file mode 100644
> index 0000000..630530f
> --- /dev/null
> +++ b/rules/nftables.in
> @@ -0,0 +1,35 @@
> +## SECTION=networking
> +
> +menuconfig NFTABLES
> + tristate
> + prompt "nftables "
> + select LIBGMP if !NFTABLES_MGMP
> + select READLINE
Indent with <tab>
> + select LIBMNL
> + select LIBNFTNL
> + help
> + nftables is the project that aims to replace the existing
> + {ip,ip6,arp,eb}tables framework. Basically, this project provides
> + a new packet filtering framework, a new userspace utility and also
> + a compatibility layer for {ip,ip6}tables. nftables is built upon
> + the building blocks of the Netfilter infrastructure such as the
> + existing hooks, the connection tracking system, the userspace
> + queueing component and the logging subsystem.
> + Don't forget to enable nf_tables in kernel.
> +
> +if NFTABLES
> +
> +config NFTABLES_DEBUG
> + bool
> + default y
> + prompt "enable debug"
> +
> +# broken in v0.5 (seems to be fixed some time after)
> +# config NFTABLES_MGMP
> +# bool
> +# prompt "use mini-GMP"
> +# help
> +# use the nftables build-in mini-GMP instead of linking to the shared
> +# libgmp. (may reduce debugging verbosity on some files)
add the option normally and then add:
# broken in v0.5 (seems to be fixed some time after)
depends on BROKEN
> +
> +endif
> diff --git a/rules/nftables.make b/rules/nftables.make
> new file mode 100644
> index 0000000..f5c94f1
> --- /dev/null
> +++ b/rules/nftables.make
> @@ -0,0 +1,62 @@
> +# -*-makefile-*-
> +#
> +# Copyright (C) 2016 by Andreas Geisenhainer <andreas.geisenhainer@atsonline.de>
> +#
> +# See CREDITS for details about who has contributed to this project.
> +#
> +# For further information about the PTXdist project and license conditions
> +# see the README file.
> +#
> +
> +#
> +# We provide this package
> +#
> +PACKAGES-$(PTXCONF_NFTABLES) += nftables
> +
> +#
> +# Paths and names
> +#
> +NFTABLES_VERSION := 0.5
> +NFTABLES_MD5 := 94bfe1c54bcb9f6ed974835f2fca8069
> +NFTABLES := nftables-$(NFTABLES_VERSION)
> +NFTABLES_SUFFIX := tar.bz2
> +NFTABLES_URL := http://ftp.netfilter.org/pub/nftables/$(NFTABLES).$(NFTABLES_SUFFIX)
> +NFTABLES_SOURCE := $(SRCDIR)/$(NFTABLES).$(NFTABLES_SUFFIX)
> +NFTABLES_DIR := $(BUILDDIR)/$(NFTABLES)
> +NFTABLES_LICENSE := GPL-2.0
> +
> +# ----------------------------------------------------------------------------
> +# Prepare
> +# ----------------------------------------------------------------------------
> +
> +#
> +# autoconf
> +#
> +NFTABLES_CONF_TOOL := autoconf
> +NFTABLES_CONF_OPT := \
> + $(CROSS_AUTOCONF_USR) \
> + --$(call ptx/endis, PTXCONF_NFTABLES_DEBUG)-debug
> +
> +# broken in v0.5 (mini-gmp.h missing), seems to be fixed in newer releases
> +# --$(call ptx/wwo, PTXCONF_NFTABLES_MGMP)-mini-gmp
Just add it normally. It will always generate 'without' for now.
> +
> +# ----------------------------------------------------------------------------
> +# Target-Install
> +# ----------------------------------------------------------------------------
> +
> +$(STATEDIR)/nftables.targetinstall:
> + @$(call targetinfo)
> +
> + @$(call install_init, nftables)
> + @$(call install_fixup, nftables,PRIORITY,optional)
> + @$(call install_fixup, nftables,SECTION,base)
> + @$(call install_fixup, nftables,AUTHOR,"Andreas Geisenhainer <andreas.geisenhainer@atsonline.de")
> + @$(call install_fixup, nftables,DESCRIPTION,missing)
> +
> + @$(call install_copy, nftables, 0, 0, 0755, $(NFTABLES_DIR)/src/nft, /usr/sbin/nft)
Don't use NFTABLES_DIR here. "make install" should produce something useful
in the install stage.
Michael
> +
> + @$(call install_finish, nftables)
> +
> + @$(call touch)
> +
> +# vim: syntax=make
> --
> 2.8.0.rc3
>
> ____________
> Virus checked by G Data MailSecurity
> Version: AVA 25.6071 dated 06.04.2016
> Virus news: www.antiviruslab.com.
>
> _______________________________________________
> ptxdist mailing list
> ptxdist@pengutronix.de
--
Pengutronix e.K. | |
Industrial Linux Solutions | http://www.pengutronix.de/ |
Peiner Str. 6-8, 31137 Hildesheim, Germany | Phone: +49-5121-206917-0 |
Amtsgericht Hildesheim, HRA 2686 | Fax: +49-5121-206917-5555 |
_______________________________________________
ptxdist mailing list
ptxdist@pengutronix.de
^ permalink raw reply [flat|nested] 9+ messages in thread
* [ptxdist] [PATCH 5/5] libmnl: resolvs dependency to libmnl by nftables by adding libmnl-package
2016-04-06 15:20 [ptxdist] [PATCH 1/5] iptables: bump version to 1.6.0 and update compile switches Andreas Geisenhainer
` (2 preceding siblings ...)
2016-04-06 15:20 ` [ptxdist] [PATCH 4/5] nftables: adds new package nftables in version 0.5 Andreas Geisenhainer
@ 2016-04-06 15:20 ` Andreas Geisenhainer
2016-04-07 10:55 ` [ptxdist] [PATCH 1/5] iptables: bump version to 1.6.0 and update compile switches Michael Olbrich
4 siblings, 0 replies; 9+ messages in thread
From: Andreas Geisenhainer @ 2016-04-06 15:20 UTC (permalink / raw)
To: ptxdist
Signed-off-by: Andreas Geisenhainer <Andreas.Geisenhainer@atsonline.de>
---
rules/libmnl.in | 11 +++++++++++
rules/libmnl.make | 52 ++++++++++++++++++++++++++++++++++++++++++++++++++++
2 files changed, 63 insertions(+)
create mode 100644 rules/libmnl.in
create mode 100644 rules/libmnl.make
diff --git a/rules/libmnl.in b/rules/libmnl.in
new file mode 100644
index 0000000..aa71e5d
--- /dev/null
+++ b/rules/libmnl.in
@@ -0,0 +1,11 @@
+## SECTION=networking
+
+config LIBMNL
+ bool
+ prompt "libmnl"
+ help
+ libmnl is a minimalistic user-space library oriented to Netlink
+ developers. There are a lot of common tasks in parsing, validating,
+ constructing of both the Netlink header and TLVs that are repetitive
+ and easy to get wrong. This library aims to provide simple helpers
+ that allows you to re-use code and to avoid re-inventing the wheel.
diff --git a/rules/libmnl.make b/rules/libmnl.make
new file mode 100644
index 0000000..95f68d1
--- /dev/null
+++ b/rules/libmnl.make
@@ -0,0 +1,52 @@
+# -*-makefile-*-
+#
+# Copyright (C) 2016 by Andreas Geisenhainer <andreas.geisenhainer@atsonline.de>
+#
+# See CREDITS for details about who has contributed to this project.
+#
+# For further information about the PTXdist project and license conditions
+# see the README file.
+#
+
+#
+# We provide this package
+#
+PACKAGES-$(PTXCONF_LIBMNL) += libmnl
+
+#
+# Paths and names
+#
+LIBMNL_VERSION := 1.0.3
+LIBMNL_MD5 := 7d95fc3bea3365bc03c48e484224f65f
+LIBMNL := libmnl-$(LIBMNL_VERSION)
+LIBMNL_SUFFIX := tar.bz2
+LIBMNL_URL := http://ftp.netfilter.org/pub/libmnl/$(LIBMNL).$(LIBMNL_SUFFIX)
+LIBMNL_SOURCE := $(SRCDIR)/$(LIBMNL).$(LIBMNL_SUFFIX)
+LIBMNL_DIR := $(BUILDDIR)/$(LIBMNL)
+LIBMNL_LICENSE := GPL2
+
+#
+# autoconf
+#
+LIBMNL_CONF_TOOL := autoconf
+
+# ----------------------------------------------------------------------------
+# Target-Install
+# ----------------------------------------------------------------------------
+
+$(STATEDIR)/libmnl.targetinstall:
+ @$(call targetinfo)
+
+ @$(call install_init, libmnl)
+ @$(call install_fixup, libmnl,PRIORITY,optional)
+ @$(call install_fixup, libmnl,SECTION,base)
+ @$(call install_fixup, libmnl,AUTHOR,"Andreas Geisenhainer <andreas.geisenhainer@atsonline.de>")
+ @$(call install_fixup, libmnl,DESCRIPTION,missing)
+
+ @$(call install_lib, libmnl, 0, 0, 0644, libmnl)
+
+ @$(call install_finish, libmnl)
+
+ @$(call touch)
+
+# vim: syntax=make
--
2.8.0.rc3
____________
Virus checked by G Data MailSecurity
Version: AVA 25.6071 dated 06.04.2016
Virus news: www.antiviruslab.com.
_______________________________________________
ptxdist mailing list
ptxdist@pengutronix.de
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [ptxdist] [PATCH 1/5] iptables: bump version to 1.6.0 and update compile switches
2016-04-06 15:20 [ptxdist] [PATCH 1/5] iptables: bump version to 1.6.0 and update compile switches Andreas Geisenhainer
` (3 preceding siblings ...)
2016-04-06 15:20 ` [ptxdist] [PATCH 5/5] libmnl: resolvs dependency to libmnl by nftables by adding libmnl-package Andreas Geisenhainer
@ 2016-04-07 10:55 ` Michael Olbrich
2016-04-07 14:23 ` [ptxdist] [PATCH 1/5] iptables: bump version to 1.6.0 and updatecompile switches Andreas Geisenhainer
4 siblings, 1 reply; 9+ messages in thread
From: Michael Olbrich @ 2016-04-07 10:55 UTC (permalink / raw)
To: ptxdist
On Wed, Apr 06, 2016 at 05:20:23PM +0200, Andreas Geisenhainer wrote:
> - since iptables 1.6.0 depends on libnftnl, this patchset adds support
> for nftables, too.
> nftables should be used on sufficient new kernel, somewhere around 4.2
> should be ok.
> - new libraries to resolv dependencies are
> - libnftnl
> - libmnl
>
> Signed-off-by: Andreas Geisenhainer <Andreas.Geisenhainer@atsonline.de>
> ---
> rules/iptables.in | 18 ++++++++++++++++++
> rules/iptables.make | 47 +++++++++++++++++++++++++++++++++++++++++------
> 2 files changed, 59 insertions(+), 6 deletions(-)
>
> diff --git a/rules/iptables.in b/rules/iptables.in
> index e6f3699..6e4bc91 100644
> --- a/rules/iptables.in
> +++ b/rules/iptables.in
> @@ -7,6 +7,7 @@ menuconfig IPTABLES
> select LIBC_M
> select LIBC_DL
> select GCCLIBS_GCC_S
> + select LIBNFTNL
Please reorder your patches so libnftnl is actually available.
> select LIBNFNETLINK if IPTABLES_LIBNFNETLINK
> help
> Iptables is used to set up, maintain, and inspect the
> @@ -32,6 +33,16 @@ config IPTABLES_LIBIPQ
> Builds and installs libipq (the iptables userspace packet
> queuing library).
>
> +config IPTABLES_BPF_COMPILE
> + bool
> + prompt "install BPF_compile"
Maybe we could enable this unconditionally? I guessing the binary will be
rather small and this doesn't introduce any new external dependencies.
> + help
> + Enable for the Berkeley Packet Filter(BPF) compile helper program.
> +
> +config IPTABLES_NFSYNPROXY
> + bool
> + prompt "install nfsynproxy"
Same here. What's this for anyways?
> +
> config IPTABLES_INSTALL_TOOLS
> bool "install executables"
> help
> @@ -61,4 +72,11 @@ config IPTABLES_LIBNFNETLINK
> help
> Select if iptables should be build against libnfnetlink
>
> +config IPTABLES_NFTABLES_COMPAT
> + bool
> + select NFTABLES
> + prompt "nftables compat"
> + help
> + build with nftables compability support
> +
> endif
> diff --git a/rules/iptables.make b/rules/iptables.make
> index 8a1ea66..90df197 100644
> --- a/rules/iptables.make
> +++ b/rules/iptables.make
> @@ -4,6 +4,8 @@
> # 2007 by Carsten Schlote, konzeptpark
> # 2008 by Juergen Beisert
> # 2009 by Marc Kleine-Budde <mkl@pengutronix.de>
> +# 2016 by Andreas Geisenhainer <andreas.geisenhainer@atsonline.de>
> +#
> #
> # See CREDITS for details about who has contributed to this project.
> #
> @@ -19,8 +21,8 @@ PACKAGES-$(PTXCONF_IPTABLES) += iptables
> #
> # Paths and names
> #
> -IPTABLES_VERSION := 1.4.21
> -IPTABLES_MD5 := 536d048c8e8eeebcd9757d0863ebb0c0
> +IPTABLES_VERSION := 1.6.0
> +IPTABLES_MD5 := 27ba3451cb622467fc9267a176f19a31
> IPTABLES := iptables-$(IPTABLES_VERSION)
> IPTABLES_SUFFIX := tar.bz2
> IPTABLES_URL := http://ftp.netfilter.org/pub/iptables/$(IPTABLES).$(IPTABLES_SUFFIX)
> @@ -43,12 +45,15 @@ IPTABLES_CONF_OPT := \
> $(GLOBAL_LARGE_FILE_OPTION) \
> --enable-devel \
> --$(call ptx/endis, PTXCONF_IPTABLES_LIBIPQ)-libipq \
> + --$(call ptx/endis, PTXCONF_IPTABLES_BPF_COMPILE)-bpf-compiler \
> + --$(call ptx/endis, PTXCONF_IPTABLES_NFTABLES_COMPAT)-nftables \
> + --$(call ptx/endis, PTXCONF_IPTABLES_NFSYNPROXY)-nfsynproxy \
Make sure --disable-* works correctly now. Otherwise you need to use:
$(call ptx/ifdef, PTXCONF_IPTABLES_...,--enable-...)
> --with-kernel=$(KERNEL_HEADERS_DIR) \
> --with-xtlibdir=/usr/lib
>
> -## broken configure.ac, so setting these would _enable_ the options:
> -# --disable-bpf-compiler
> -# --disable-nfsynproxy
> +# static build is possible, but probably not useful. expand with:
> +# --enable-static --disable-shared
No need to comment on shared/static options. It's the same for everything.
Michael
> +
>
> # ----------------------------------------------------------------------------
> # Install
> @@ -110,8 +115,8 @@ endif
>
> ifdef PTXCONF_IPTABLES_INSTALL_TOOLS
> @$(call install_copy, iptables, 0, 0, 0755, -, /usr/sbin/xtables-multi)
> -
> @$(call install_link, iptables, ../sbin/xtables-multi, /usr/bin/iptables-xml)
> + @$(call install_copy, iptables, 0, 0, 0755, -, /usr/sbin/nfnl_osf)
>
> ifdef PTXCONF_IPTABLES_IPV6
> # # IPv6 part
> @@ -132,6 +137,36 @@ ifdef PTXCONF_IPTABLES_INSTALL_IPTABLES_APPLY
> @$(call install_copy, iptables, 0, 0, 0755, -, /usr/sbin/iptables-apply)
> endif
>
> +# # nftables compability layer
> +ifdef PTXCONF_IPTABLES_NFTABLES_COMPAT
> + @$(call install_copy, iptables, 0, 0, 0755, -, /usr/sbin/xtables-compat-multi)
> +
> +ifdef PTXCONF_IPTABLES_IPV4
> +# # IPv4 part
> + @$(call install_link, iptables, xtables-compat-multi, /usr/sbin/iptables-compat)
> + @$(call install_link, iptables, xtables-compat-multi, /usr/sbin/iptables-compat-save)
> + @$(call install_link, iptables, xtables-compat-multi, /usr/sbin/iptables-compat-restore)
> +endif
> +
> +ifdef PTXCONF_IPTABLES_IPV6
> +# # IPv6 part
> + @$(call install_link, iptables, xtables-compat-multi, /usr/sbin/ip6tables-compat)
> + @$(call install_link, iptables, xtables-compat-multi, /usr/sbin/ip6tables-compat-save)
> + @$(call install_link, iptables, xtables-compat-multi, /usr/sbin/ip6tables-compat-restore)
> +endif
> +
> + @$(call install_link, iptables, xtables-compat-multi, /usr/sbin/arptables-compat)
> + @$(call install_link, iptables, xtables-compat-multi, /usr/sbin/ebtables-compat)
> +endif
> +
> +ifdef PTXCONF_IPTABLES_NFSYNPROXY
> + @$(call install_copy, iptables, 0, 0, 0755, -, /usr/sbin/nfsynproxy)
> +endif
> +
> +ifdef PTXCONF_IPTABLES_BPF_COMPILE
> + @$(call install_copy, iptables, 0, 0, 0755, -, /usr/sbin/nfbpf_compile)
> +endif
> +
> @$(call install_finish, iptables)
>
> @$(call touch)
> --
> 2.8.0.rc3
>
> ____________
> Virus checked by G Data MailSecurity
> Version: AVA 25.6071 dated 06.04.2016
> Virus news: www.antiviruslab.com.
>
> _______________________________________________
> ptxdist mailing list
> ptxdist@pengutronix.de
--
Pengutronix e.K. | |
Industrial Linux Solutions | http://www.pengutronix.de/ |
Peiner Str. 6-8, 31137 Hildesheim, Germany | Phone: +49-5121-206917-0 |
Amtsgericht Hildesheim, HRA 2686 | Fax: +49-5121-206917-5555 |
_______________________________________________
ptxdist mailing list
ptxdist@pengutronix.de
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [ptxdist] [PATCH 1/5] iptables: bump version to 1.6.0 and updatecompile switches
2016-04-07 10:55 ` [ptxdist] [PATCH 1/5] iptables: bump version to 1.6.0 and update compile switches Michael Olbrich
@ 2016-04-07 14:23 ` Andreas Geisenhainer
0 siblings, 0 replies; 9+ messages in thread
From: Andreas Geisenhainer @ 2016-04-07 14:23 UTC (permalink / raw)
To: ptxdist
Hello Michael.
On 07/04/16 12:55 PM, Michael Olbrich wrote:
> On Wed, Apr 06, 2016 at 05:20:23PM +0200, Andreas Geisenhainer wrote:
>> @@ -7,6 +7,7 @@ menuconfig IPTABLES
>> select LIBC_M
>> select LIBC_DL
>> select GCCLIBS_GCC_S
>> + select LIBNFTNL
> Please reorder your patches so libnftnl is actually available.
Oh, i see. I didn't think about treating each commit as
separate entity.
>> +config IPTABLES_BPF_COMPILE
>> + bool
>> + prompt "install BPF_compile"
> Maybe we could enable this unconditionally? I guessing the binary will be
> rather small and this doesn't introduce any new external dependencies.
>
>> + help
>> + Enable for the Berkeley Packet Filter(BPF) compile helper program.
>> +
>> +config IPTABLES_NFSYNPROXY
>> + bool
>> + prompt "install nfsynproxy"
> Same here. What's this for anyways?
I have no clue, but i assumed there could be some use for it.
And going with the safe option, I created kconfig selections for
them. There are three tool (nfbpf_compile, nfnl_osf, nfsynproxy),
together these are less than 100kB of data. It should be safe
to just install them.
On the other hand: nobody seemed to miss them for the 1.4.21 release …
>> @@ -43,12 +45,15 @@ IPTABLES_CONF_OPT := \
>> $(GLOBAL_LARGE_FILE_OPTION) \
>> --enable-devel \
>> --$(call ptx/endis, PTXCONF_IPTABLES_LIBIPQ)-libipq \
>> + --$(call ptx/endis, PTXCONF_IPTABLES_BPF_COMPILE)-bpf-compiler \
>> + --$(call ptx/endis, PTXCONF_IPTABLES_NFTABLES_COMPAT)-nftables \
>> + --$(call ptx/endis, PTXCONF_IPTABLES_NFSYNPROXY)-nfsynproxy \
> Make sure --disable-* works correctly now. Otherwise you need to use:
> $(call ptx/ifdef, PTXCONF_IPTABLES_...,--enable-...)
I tested the enable/disable versions for bpf-compile and nfsynproxy, they
seemed to work. Disabling them, stated the correct option after
configuration
and it did not build the corresponding binary.
I just double checked. The nftables support does work as advertised.
Disabling it, does not build the "xtables-compat-multi" binary.
I paraphrased the help text.
>> --with-kernel=$(KERNEL_HEADERS_DIR) \
>> --with-xtlibdir=/usr/lib
>>
>> -## broken configure.ac, so setting these would _enable_ the options:
>> -# --disable-bpf-compiler
>> -# --disable-nfsynproxy
>> +# static build is possible, but probably not useful. expand with:
>> +# --enable-static --disable-shared
> No need to comment on shared/static options. It's the same for everything.
I was stumped, testing this. Using the "--enable-static" switch did not
produce
static binaries. It seems, the build process did favor the "--enable-shared"
default option. So I figured it could be helpful to other. Will remove it.
I'll add your other recommendations and resubmit the patch set.
regards
Andreas
____________
Virus checked by G Data MailSecurity
Version: AVA 25.6081 dated 07.04.2016
Virus news: www.antiviruslab.com
_______________________________________________
ptxdist mailing list
ptxdist@pengutronix.de
^ permalink raw reply [flat|nested] 9+ messages in thread