diff options
| author | Izorkin <izorkin@elven.pw> | 2019-08-19 20:20:27 +0300 |
|---|---|---|
| committer | Izorkin <izorkin@elven.pw> | 2019-09-03 21:49:55 +0300 |
| commit | 4deb74b760d43d28e9ce6c32fc54aa83cfffa684 (patch) | |
| tree | 6640bf504e1e9b5d7768cd64cb4cb9c615611696 /pkgs/os-specific/linux/iptables | |
| parent | fae906073fa9adcae380bcdecfddfb360878af43 (diff) | |
| download | nixpkgs-4deb74b760d43d28e9ce6c32fc54aa83cfffa684.tar nixpkgs-4deb74b760d43d28e9ce6c32fc54aa83cfffa684.tar.gz nixpkgs-4deb74b760d43d28e9ce6c32fc54aa83cfffa684.tar.bz2 nixpkgs-4deb74b760d43d28e9ce6c32fc54aa83cfffa684.tar.lz nixpkgs-4deb74b760d43d28e9ce6c32fc54aa83cfffa684.tar.xz nixpkgs-4deb74b760d43d28e9ce6c32fc54aa83cfffa684.tar.zst nixpkgs-4deb74b760d43d28e9ce6c32fc54aa83cfffa684.zip | |
iptables-compat: init iptables with nftables compatibility
Diffstat (limited to 'pkgs/os-specific/linux/iptables')
| -rw-r--r-- | pkgs/os-specific/linux/iptables/default.nix | 32 |
1 files changed, 24 insertions, 8 deletions
diff --git a/pkgs/os-specific/linux/iptables/default.nix b/pkgs/os-specific/linux/iptables/default.nix index cf06ff35325..6b25342ed4c 100644 --- a/pkgs/os-specific/linux/iptables/default.nix +++ b/pkgs/os-specific/linux/iptables/default.nix @@ -1,32 +1,48 @@ -{ stdenv, fetchurl, bison, flex, pkgconfig, pruneLibtoolFiles -, libnetfilter_conntrack, libnftnl, libmnl, libpcap }: +{ stdenv, fetchurl, pkgconfig, pruneLibtoolFiles, flex, bison +, libmnl, libnetfilter_conntrack, libnfnetlink, libnftnl, libpcap +, modeCompat ? false +}: + +with stdenv.lib; stdenv.mkDerivation rec { - pname = "iptables"; version = "1.8.3"; + pname = "iptables"; src = fetchurl { url = "https://www.netfilter.org/projects/${pname}/files/${pname}-${version}.tar.bz2"; sha256 = "106xkkg5crsscjlinxvqvprva23fwwqfgrzl8m2nn841841sqg52"; }; - nativeBuildInputs = [ bison flex pkgconfig pruneLibtoolFiles ]; + nativeBuildInputs = [ pkgconfig pruneLibtoolFiles flex bison ]; - buildInputs = [ libnetfilter_conntrack libnftnl libmnl libpcap ]; + buildInputs = [ libmnl libnetfilter_conntrack libnfnetlink libnftnl libpcap ]; preConfigure = '' export NIX_LDFLAGS="$NIX_LDFLAGS -lmnl -lnftnl" ''; configureFlags = [ + "--enable-bpf-compiler" "--enable-devel" + "--enable-libipq" + "--enable-nfsynproxy" "--enable-shared" - "--enable-bpf-compiler" - ]; + ] ++ optional (!modeCompat) "--disable-nftables"; outputs = [ "out" "dev" ]; - meta = with stdenv.lib; { + postInstall = optional modeCompat '' + rm $out/sbin/{iptables,iptables-restore,iptables-save,ip6tables,ip6tables-restore,ip6tables-save} + ln -sv xtables-nft-multi $out/bin/iptables + ln -sv xtables-nft-multi $out/bin/iptables-restore + ln -sv xtables-nft-multi $out/bin/iptables-save + ln -sv xtables-nft-multi $out/bin/ip6tables + ln -sv xtables-nft-multi $out/bin/ip6tables-restore + ln -sv xtables-nft-multi $out/bin/ip6tables-save + ''; + + meta = { description = "A program to configure the Linux IP packet filtering ruleset"; homepage = https://www.netfilter.org/projects/iptables/index.html; platforms = platforms.linux; |