summary refs log tree commit diff
path: root/pkgs/os-specific/linux/nftables/default.nix
diff options
context:
space:
mode:
Diffstat (limited to 'pkgs/os-specific/linux/nftables/default.nix')
-rw-r--r--pkgs/os-specific/linux/nftables/default.nix58
1 files changed, 34 insertions, 24 deletions
diff --git a/pkgs/os-specific/linux/nftables/default.nix b/pkgs/os-specific/linux/nftables/default.nix
index f5fdee14c15..4482170d346 100644
--- a/pkgs/os-specific/linux/nftables/default.nix
+++ b/pkgs/os-specific/linux/nftables/default.nix
@@ -1,50 +1,60 @@
-{ lib, stdenv, fetchurl, pkg-config, bison, file, flex
+{ lib, stdenv, fetchurl, pkg-config, bison, flex
 , asciidoc, libxslt, findXMLCatalogs, docbook_xml_dtd_45, docbook_xsl
 , libmnl, libnftnl, libpcap
-, gmp, jansson, readline
+, gmp, jansson
+, autoreconfHook
 , withDebugSymbols ? false
-, withPython ? false , python3
-, withXtables ? false , iptables
+, withCli ? true, libedit
+, withPython ? false, python3
+, withXtables ? true, iptables
+, nixosTests
 }:
 
-with lib;
-
 stdenv.mkDerivation rec {
-  version = "0.9.9";
+  version = "1.0.9";
   pname = "nftables";
 
   src = fetchurl {
-    url = "https://netfilter.org/projects/nftables/files/${pname}-${version}.tar.bz2";
-    sha256 = "1d7iwc8xlyfsbgn6qx1sdfcq7jhpl8wpfj39hcd06y8dzp3jvvvn";
+    url = "https://netfilter.org/projects/nftables/files/${pname}-${version}.tar.xz";
+    hash = "sha256-o8MEzZugYSOe4EdPmvuTipu5nYm5YCRvZvDDoKheFM0=";
   };
 
   nativeBuildInputs = [
-    pkg-config bison file flex
+    autoreconfHook
+    pkg-config bison flex
     asciidoc docbook_xml_dtd_45 docbook_xsl findXMLCatalogs libxslt
   ];
 
   buildInputs = [
     libmnl libnftnl libpcap
-    gmp jansson readline
-  ] ++ optional withXtables iptables
-    ++ optional withPython python3;
-
-  preConfigure = ''
-    substituteInPlace ./configure --replace /usr/bin/file ${file}/bin/file
-  '';
+    gmp jansson
+  ] ++ lib.optional withCli libedit
+    ++ lib.optional withXtables iptables
+    ++ lib.optionals withPython [
+      python3
+      python3.pkgs.setuptools
+    ];
 
   configureFlags = [
     "--with-json"
-  ] ++ optional (!withDebugSymbols) "--disable-debug"
-    ++ optional (!withPython) "--disable-python"
-    ++ optional withPython "--enable-python"
-    ++ optional withXtables "--with-xtables";
+    (lib.withFeatureAs withCli "cli" "editline")
+  ] ++ lib.optional (!withDebugSymbols) "--disable-debug"
+    ++ lib.optional (!withPython) "--disable-python"
+    ++ lib.optional withPython "--enable-python"
+    ++ lib.optional withXtables "--with-xtables";
+
+  passthru.tests = {
+    inherit (nixosTests) firewall-nftables;
+    lxd-nftables = nixosTests.lxd.nftables;
+    nat = { inherit (nixosTests.nat.nftables) firewall standalone; };
+  };
 
-  meta = {
+  meta = with lib; {
     description = "The project that aims to replace the existing {ip,ip6,arp,eb}tables framework";
     homepage = "https://netfilter.org/projects/nftables/";
-    license = licenses.gpl2;
+    license = licenses.gpl2Only;
     platforms = platforms.linux;
-    maintainers = with maintainers; [ izorkin ];
+    maintainers = with maintainers; [ izorkin ajs124 ];
+    mainProgram = "nft";
   };
 }
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-05-07 17:38:23 +0000