diff options
Diffstat (limited to 'pkgs/os-specific/linux/iptables')
| -rw-r--r-- | pkgs/os-specific/linux/iptables/default.nix | 32 |
1 files changed, 12 insertions, 20 deletions
diff --git a/pkgs/os-specific/linux/iptables/default.nix b/pkgs/os-specific/linux/iptables/default.nix index 9d2848556ea..b82484514e5 100644 --- a/pkgs/os-specific/linux/iptables/default.nix +++ b/pkgs/os-specific/linux/iptables/default.nix @@ -2,31 +2,18 @@ , autoreconfHook, pkg-config, pruneLibtoolFiles, flex, bison , libmnl, libnetfilter_conntrack, libnfnetlink, libnftnl, libpcap , nftablesCompat ? true -, fetchpatch +, gitUpdater }: stdenv.mkDerivation rec { - version = "1.8.9"; + version = "1.8.10"; pname = "iptables"; src = fetchurl { url = "https://www.netfilter.org/projects/${pname}/files/${pname}-${version}.tar.xz"; - sha256 = "72Y5pDvoMlpPjqaBI/+sI2y2lujHhQG2ToEGr7AIyH8="; + sha256 = "XMJVwYk1bjF9BwdVzpNx62Oht4PDRJj7jDAmTzzFnJw="; }; - patches = [ - (fetchpatch { - name = "format-security.patch"; - url = "https://git.netfilter.org/iptables/patch/?id=ed4082a7405a5838c205a34c1559e289949200cc"; - sha256 = "OdytFmHk+3Awu+sDQpGTl5/qip4doRblmW2vQzfNZiU="; - }) - (fetchurl { - name = "static.patch"; - url = "https://lore.kernel.org/netfilter-devel/20230402232939.1060151-1-hi@alyssa.is/raw"; - sha256 = "PkH+1HbJjBb3//ffBe0XUQok1lBwgj/STL8Ppu/28f4="; - }) - ]; - outputs = [ "out" "dev" "man" ]; nativeBuildInputs = [ @@ -35,10 +22,6 @@ stdenv.mkDerivation rec { buildInputs = [ libmnl libnetfilter_conntrack libnfnetlink libnftnl libpcap ]; - preConfigure = '' - export NIX_LDFLAGS="$NIX_LDFLAGS -lmnl -lnftnl" - ''; - configureFlags = [ "--enable-bpf-compiler" "--enable-devel" @@ -47,6 +30,8 @@ stdenv.mkDerivation rec { "--enable-shared" ] ++ lib.optional (!nftablesCompat) "--disable-nftables"; + enableParallelBuilding = true; + postInstall = lib.optionalString nftablesCompat '' rm $out/sbin/{iptables,iptables-restore,iptables-save,ip6tables,ip6tables-restore,ip6tables-save} ln -sv xtables-nft-multi $out/bin/iptables @@ -57,6 +42,13 @@ stdenv.mkDerivation rec { ln -sv xtables-nft-multi $out/bin/ip6tables-save ''; + passthru = { + updateScript = gitUpdater { + url = "https://git.netfilter.org/iptables"; + rev-prefix = "v"; + }; + }; + meta = with lib; { description = "A program to configure the Linux IP packet filtering ruleset"; homepage = "https://www.netfilter.org/projects/iptables/index.html"; |