diff options
author | Andrew Geissler <geissonator@yahoo.com> | 2020-06-13 18:46:56 +0300 |
---|---|---|
committer | Andrew Geissler <geissonator@yahoo.com> | 2020-06-13 18:49:06 +0300 |
commit | 5a43b434bfdf1be10819414433f28984670a6549 (patch) | |
tree | b9c9bcff18ecf82739c258dbf73c23f23ba545e4 /poky/meta/recipes-extended/iptables/iptables_1.8.5.bb | |
parent | 89770b09490d616883ab728cc628a844ca0e1150 (diff) | |
download | openbmc-5a43b434bfdf1be10819414433f28984670a6549.tar.xz |
poky: subtree update:b66b9f7548..26ae42ded7
Adrian Bunk (1):
dpkg: Remove workaound patch for host tar < 1.27
Alexander Kanavin (39):
linux-yocto: exclude from version checks/automated version updates
pciutils: upgrade 3.6.4 -> 3.7.0
createrepo-c: upgrade 0.15.10 -> 0.15.11
librepo: upgrade 1.11.3 -> 1.12.0
pkgconf: upgrade 1.6.3 -> 1.7.3
python3-numpy: upgrade 1.18.4 -> 1.18.5
python3-git: upgrade 3.1.2 -> 3.1.3
strace: upgrade 5.6 -> 5.7
acpica: upgrade 20200430 -> 20200528
man-db: upgrade 2.9.1 -> 2.9.2
msmtp: upgrade 1.8.10 -> 1.8.11
epiphany: upgrade 3.36.1 -> 3.36.2
cogl-1.0: upgrade 1.22.6 -> 1.22.8
libdrm: upgrade 2.4.101 -> 2.4.102
vulkan-demos: upgrade to latest revision
xkeyboard-config: upgrade 2.29 -> 2.30
linux-firmware: upgrade 20200421 -> 20200519
babeltrace2: upgrade 2.0.2 -> 2.0.3
lttng-tools: upgrade 2.12.0 -> 2.12.1
ffmpeg: upgrade 4.2.2 -> 4.2.3
wpebackend-fdo: upgrade 1.6.0 -> 1.6.1
gnutls: upgrade 3.6.13 -> 3.6.14
libcap: upgrade 2.34 -> 2.36
bison: upgrade 3.6.2 -> 3.6.3
asciidoc: 8.6.10 -> 9.0.0
debianutils: 4.9.1 -> 4.11
git: upgrade 2.26.2 -> 2.27.0
go: 1.14.3 -> 1.14.4
iproute2: upgrade 5.6.0 -> 5.7.0
libksba: 1.3.5 -> 1.4.0
lttng-modules: update to 2.12.1
mpg123: update to 1.26.1
ovmf: update to 202005
shared-mime-info: upgrade 1.15 -> 2.0
subversion: upgrade 1.13.0 -> 1.14.0
xinetd: 2.3.15 -> 2.3.15.4
init-system-helpers: use https for fetching
ca-certificates: correct upstream version check
build-sysroots: add sysroot paths with native binaries to PATH
Andreas Müller (4):
vte: tiny cleanup / renumber patch
vte: upgrade 0.60.2 -> 0.60.3
harfbuzz: upgrade 2.6.4 -> 2.6.7
sqlite3: upgrade 3.32.1 -> 3.32.2
Changqing Li (1):
cups.inc: remove template service from SYSTEMD_SERVICE
Chen Qi (2):
db: do not install db_verify if 'verify' is not enabled
vim: restore the 'chmod -x' workaround in do_install
Hongxu Jia (1):
glib-networking/btrfs-tools/dosfstools/parted/bmap-tools/libsoup-2.4: add nativesdk support
Jacob Kroon (4):
features_check: Factorize code for checking features
meta: Don't inherit 'features_check' in recipes that don't utilize it
features_check: Warn if not used
insane: Check for feature check variables not being used
Joe Slater (2):
qemu: force build type to production
vim: _FORTIFY_SOURCE=2 be gone
Joshua Watt (12):
bitbake: bitbake: cooker: Split file collections per multiconfig
bitbake: bitbake: cache: Use multiconfig aware caches
bitbake: bitbake: lib: Add support for Logging Adapters
bitbake: bitbake: lib: Add PrefixLoggerAdapter helper
bitbake: bitbake: cache: Improve logging
bitbake: bitbake: cache: Cache size optimization
bitbake: bitbake: tests: Add tests for BBMASK in multiconfig
bitbake: bitbake: command: Move split_mc_pn to runqueue
bitbake: bitbake: cache: Fix error when cache is rebuilt
wic: Fix --extra-space argument handling
bitbake: bitbake: siggen: Pass all data caches to hash functions
bitbake: bitbake: tests: Add mcdepends test
Kai Kang (4):
mdadm: remove service template from SYSTEMD_SERVICE
wpa-supplicant: remove service templates from SYSTEMD_SERVICE
encodings: clear postinst script
avahi-dnsconfd: rdepends on avahi-daemon
Khem Raj (2):
libunwind: Fix build on aarch64/musl
stress-ng: Fix build on musl
Lee Chee Yang (1):
qemu: fix CVE-2020-13361
Ming Liu (1):
u-boot: support merging .cfg files for UBOOT_CONFIG
Mingli Yu (2):
python3-magic: add the missing rdepends
python3-setuptools: add missing rdepends for python3-pkg-resources
Paul Barker (5):
selftest: git-submodule-test: New recipe for testing a gitsm SRC_URI
archiver: Capture git submodules in mirror archiver
selftest-ed: Support native builds
selftest-nopackages: New recipe in meta-selftest
archiver: Speed up tests
Pierre-Jean Texier (2):
libarchive: upgrade 3.4.2 -> 3.4.3
iptables: upgrade 1.8.4 -> 1.8.5
Rasmus Villemoes (1):
glibc: move ld.so.conf back to main package
Richard Purdie (1):
Revert "bitbake.conf: Remove unused DEPLOY_DIR_TOOLS variable"
Stefan Agner (1):
initramfs-framework: check successful mount using mountpoint
Signed-off-by: Andrew Geissler <geissonator@yahoo.com>
Change-Id: I047d0fa664dcc2864fd7c1a09d124e3d8c197e9f
Diffstat (limited to 'poky/meta/recipes-extended/iptables/iptables_1.8.5.bb')
-rw-r--r-- | poky/meta/recipes-extended/iptables/iptables_1.8.5.bb | 107 |
1 files changed, 107 insertions, 0 deletions
diff --git a/poky/meta/recipes-extended/iptables/iptables_1.8.5.bb b/poky/meta/recipes-extended/iptables/iptables_1.8.5.bb new file mode 100644 index 0000000000..fa1e5c229d --- /dev/null +++ b/poky/meta/recipes-extended/iptables/iptables_1.8.5.bb @@ -0,0 +1,107 @@ +SUMMARY = "Tools for managing kernel packet filtering capabilities" +DESCRIPTION = "iptables is the userspace command line program used to configure and control network packet \ +filtering code in Linux." +HOMEPAGE = "http://www.netfilter.org/" +BUGTRACKER = "http://bugzilla.netfilter.org/" +LICENSE = "GPLv2+" +LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263 \ + file://iptables/iptables.c;beginline=13;endline=25;md5=c5cffd09974558cf27d0f763df2a12dc \ +" + +SRC_URI = "http://netfilter.org/projects/iptables/files/iptables-${PV}.tar.bz2 \ + file://0001-configure-Add-option-to-enable-disable-libnfnetlink.patch \ + file://0002-configure.ac-only-check-conntrack-when-libnfnetlink-enabled.patch \ + file://iptables.service \ + file://iptables.rules \ + file://ip6tables.service \ + file://ip6tables.rules \ +" +SRC_URI[sha256sum] = "d457d74512e63aa3f50336e0597d4023c0e3c6845594d38532efb6ebcb294309" + +SYSTEMD_SERVICE_${PN} = "\ + iptables.service \ + ${@bb.utils.contains('PACKAGECONFIG', 'ipv6', 'ip6tables.service', '', d)} \ +" + +inherit autotools pkgconfig systemd + +EXTRA_OECONF = "--with-kernel=${STAGING_INCDIR}" + +PACKAGECONFIG ?= "${@bb.utils.filter('DISTRO_FEATURES', 'ipv6', d)}" +PACKAGECONFIG[ipv6] = "--enable-ipv6,--disable-ipv6," + +# libnfnetlink recipe is in meta-networking layer +PACKAGECONFIG[libnfnetlink] = "--enable-libnfnetlink,--disable-libnfnetlink,libnfnetlink libnetfilter-conntrack" + +# libnftnl recipe is in meta-networking layer(previously known as libnftables) +PACKAGECONFIG[libnftnl] = "--enable-nftables,--disable-nftables,libnftnl" + +do_configure_prepend() { + # Remove some libtool m4 files + # Keep ax_check_linker_flags.m4 which belongs to autoconf-archive. + rm -f libtool.m4 lt~obsolete.m4 ltoptions.m4 ltsugar.m4 ltversion.m4 +} + +IPTABLES_RULES_DIR ?= "${sysconfdir}/${BPN}" + +do_install_append() { + install -d ${D}${IPTABLES_RULES_DIR} + install -m 0644 ${WORKDIR}/iptables.rules ${D}${IPTABLES_RULES_DIR} + + install -d ${D}${systemd_system_unitdir} + install -m 0644 ${WORKDIR}/iptables.service ${D}${systemd_system_unitdir} + + sed -i \ + -e 's,@SBINDIR@,${sbindir},g' \ + -e 's,@RULESDIR@,${IPTABLES_RULES_DIR},g' \ + ${D}${systemd_system_unitdir}/iptables.service + + if ${@bb.utils.contains('PACKAGECONFIG', 'ipv6', 'true', 'false', d)} ; then + install -m 0644 ${WORKDIR}/ip6tables.rules ${D}${IPTABLES_RULES_DIR} + install -m 0644 ${WORKDIR}/ip6tables.service ${D}${systemd_system_unitdir} + + sed -i \ + -e 's,@SBINDIR@,${sbindir},g' \ + -e 's,@RULESDIR@,${IPTABLES_RULES_DIR},g' \ + ${D}${systemd_system_unitdir}/ip6tables.service + fi +} + +PACKAGES += "${PN}-modules" +PACKAGES_DYNAMIC += "^${PN}-module-.*" + +python populate_packages_prepend() { + modules = do_split_packages(d, '${libdir}/xtables', r'lib(.*)\.so$', '${PN}-module-%s', '${PN} module %s', extra_depends='') + if modules: + metapkg = d.getVar('PN') + '-modules' + d.appendVar('RDEPENDS_' + metapkg, ' ' + ' '.join(modules)) +} + +RDEPENDS_${PN} = "${PN}-module-xt-standard" +RRECOMMENDS_${PN} = " \ + ${PN}-modules \ + kernel-module-x-tables \ + kernel-module-ip-tables \ + kernel-module-iptable-filter \ + kernel-module-iptable-nat \ + kernel-module-nf-defrag-ipv4 \ + kernel-module-nf-conntrack \ + kernel-module-nf-conntrack-ipv4 \ + kernel-module-nf-nat \ + kernel-module-ipt-masquerade \ + ${@bb.utils.contains('PACKAGECONFIG', 'ipv6', '\ + kernel-module-ip6table-filter \ + kernel-module-ip6-tables \ + ', '', d)} \ +" + +FILES_${PN} += "${datadir}/xtables" + +# Include the symlinks as well in respective packages +FILES_${PN}-module-xt-conntrack += "${libdir}/xtables/libxt_state.so" +FILES_${PN}-module-xt-ct += "${libdir}/xtables/libxt_NOTRACK.so" + +ALLOW_EMPTY_${PN}-modules = "1" + +INSANE_SKIP_${PN}-module-xt-conntrack = "dev-so" +INSANE_SKIP_${PN}-module-xt-ct = "dev-so" |