* [Buildroot] [PATCH 1/3] libnfnetlink: new package
@ 2012-03-19 12:17 Gustavo Zacarias
2012-03-19 12:17 ` [Buildroot] [PATCH 2/3] libnetfilter_conntrack: " Gustavo Zacarias
` (2 more replies)
0 siblings, 3 replies; 6+ messages in thread
From: Gustavo Zacarias @ 2012-03-19 12:17 UTC (permalink / raw)
To: buildroot
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
---
package/Config.in | 1 +
package/libnfnetlink/Config.in | 11 +++++++++++
package/libnfnetlink/libnfnetlink.mk | 12 ++++++++++++
3 files changed, 24 insertions(+), 0 deletions(-)
create mode 100644 package/libnfnetlink/Config.in
create mode 100644 package/libnfnetlink/libnfnetlink.mk
diff --git a/package/Config.in b/package/Config.in
index 8a29867..e7ee86b 100644
--- a/package/Config.in
+++ b/package/Config.in
@@ -362,6 +362,7 @@ source "package/neon/Config.in"
source "package/libmnl/Config.in"
source "package/libmodbus/Config.in"
source "package/libmbus/Config.in"
+source "package/libnfnetlink/Config.in"
source "package/libnl/Config.in"
source "package/libpcap/Config.in"
source "package/libosip2/Config.in"
diff --git a/package/libnfnetlink/Config.in b/package/libnfnetlink/Config.in
new file mode 100644
index 0000000..fa247c5
--- /dev/null
+++ b/package/libnfnetlink/Config.in
@@ -0,0 +1,11 @@
+config BR2_PACKAGE_LIBNFNETLINK
+ bool "libnfnetlink"
+ help
+ libnfnetlink is the low-level library for netfilter related
+ kernel/userspace communication.
+ It provides a generic messaging infrastructure for in-kernel
+ netfilter subsystems (such as nfnetlink_log, nfnetlink_queue,
+ nfnetlink_conntrack) and their respective users
+ and/or management tools in userspace.
+
+ http://www.netfilter.org/projects/libnfnetlink/
diff --git a/package/libnfnetlink/libnfnetlink.mk b/package/libnfnetlink/libnfnetlink.mk
new file mode 100644
index 0000000..67ea266
--- /dev/null
+++ b/package/libnfnetlink/libnfnetlink.mk
@@ -0,0 +1,12 @@
+#############################################################
+#
+# libnfnetlink
+#
+#############################################################
+
+LIBNFNETLINK_VERSION = 1.0.0
+LIBNFNETLINK_SOURCE = libnfnetlink-$(LIBNFNETLINK_VERSION).tar.bz2
+LIBNFNETLINK_SITE = http://www.netfilter.org/projects/libnfnetlink/files
+LIBNFNETLINK_INSTALL_STAGING = YES
+
+$(eval $(call AUTOTARGETS))
--
1.7.3.4
^ permalink raw reply related [flat|nested] 6+ messages in thread
* [Buildroot] [PATCH 2/3] libnetfilter_conntrack: new package
2012-03-19 12:17 [Buildroot] [PATCH 1/3] libnfnetlink: new package Gustavo Zacarias
@ 2012-03-19 12:17 ` Gustavo Zacarias
2012-03-19 22:23 ` Arnout Vandecappelle
2012-03-19 12:17 ` [Buildroot] [PATCH 3/3] dnsmasq: add option to support conntrack Gustavo Zacarias
2012-03-19 22:23 ` [Buildroot] [PATCH 1/3] libnfnetlink: new package Arnout Vandecappelle
2 siblings, 1 reply; 6+ messages in thread
From: Gustavo Zacarias @ 2012-03-19 12:17 UTC (permalink / raw)
To: buildroot
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
---
package/Config.in | 1 +
package/libnetfilter_conntrack/Config.in | 9 +++++++++
.../libnetfilter-conntrack.mk | 13 +++++++++++++
3 files changed, 23 insertions(+), 0 deletions(-)
create mode 100644 package/libnetfilter_conntrack/Config.in
create mode 100644 package/libnetfilter_conntrack/libnetfilter-conntrack.mk
diff --git a/package/Config.in b/package/Config.in
index e7ee86b..fb0e718 100644
--- a/package/Config.in
+++ b/package/Config.in
@@ -362,6 +362,7 @@ source "package/neon/Config.in"
source "package/libmnl/Config.in"
source "package/libmodbus/Config.in"
source "package/libmbus/Config.in"
+source "package/libnetfilter_conntrack/Config.in"
source "package/libnfnetlink/Config.in"
source "package/libnl/Config.in"
source "package/libpcap/Config.in"
diff --git a/package/libnetfilter_conntrack/Config.in b/package/libnetfilter_conntrack/Config.in
new file mode 100644
index 0000000..caf8a8a
--- /dev/null
+++ b/package/libnetfilter_conntrack/Config.in
@@ -0,0 +1,9 @@
+config BR2_PACKAGE_LIBNETFILTER_CONNTRACK
+ bool "libnetfilter_conntrack"
+ select BR2_PACKAGE_LIBNFNETLINK
+ help
+ libnetfilter_conntrack is a userspace library providing
+ a programming interface (API) to the in-kernel
+ connection tracking state table.
+
+ http://www.netfilter.org/projects/libnetfilter_conntrack/
diff --git a/package/libnetfilter_conntrack/libnetfilter-conntrack.mk b/package/libnetfilter_conntrack/libnetfilter-conntrack.mk
new file mode 100644
index 0000000..66f0f69
--- /dev/null
+++ b/package/libnetfilter_conntrack/libnetfilter-conntrack.mk
@@ -0,0 +1,13 @@
+#############################################################
+#
+# libnetfilter-conntrack
+#
+#############################################################
+
+LIBNETFILTER_CONNTRACK_VERSION = 1.0.0
+LIBNETFILTER_CONNTRACK_SOURCE = libnetfilter_conntrack-$(LIBNETFILTER_CONNTRACK_VERSION).tar.bz2
+LIBNETFILTER_CONNTRACK_SITE = http://www.netfilter.org/projects/libnetfilter_conntrack/files
+LIBNETFILTER_CONNTRACK_INSTALL_STAGING = YES
+LIBNETFILTER_CONNTRACK_DEPENDENCIES = host-pkg-config libnfnetlink
+
+$(eval $(call AUTOTARGETS))
--
1.7.3.4
^ permalink raw reply related [flat|nested] 6+ messages in thread
* [Buildroot] [PATCH 3/3] dnsmasq: add option to support conntrack
2012-03-19 12:17 [Buildroot] [PATCH 1/3] libnfnetlink: new package Gustavo Zacarias
2012-03-19 12:17 ` [Buildroot] [PATCH 2/3] libnetfilter_conntrack: " Gustavo Zacarias
@ 2012-03-19 12:17 ` Gustavo Zacarias
2012-03-19 22:24 ` Arnout Vandecappelle
2012-03-19 22:23 ` [Buildroot] [PATCH 1/3] libnfnetlink: new package Arnout Vandecappelle
2 siblings, 1 reply; 6+ messages in thread
From: Gustavo Zacarias @ 2012-03-19 12:17 UTC (permalink / raw)
To: buildroot
Add an option to support conntrack marking of DNS packets.
This allows for more sturdy firewall setups and/or accounting.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
---
package/dnsmasq/Config.in | 6 ++++++
package/dnsmasq/dnsmasq.mk | 12 ++++++++++++
2 files changed, 18 insertions(+), 0 deletions(-)
diff --git a/package/dnsmasq/Config.in b/package/dnsmasq/Config.in
index f434b8b..fa2499e 100644
--- a/package/dnsmasq/Config.in
+++ b/package/dnsmasq/Config.in
@@ -35,4 +35,10 @@ config BR2_PACKAGE_DNSMASQ_LUA
help
Enable lua scripting for dnsmasq
+config BR2_PACKAGE_DNSMASQ_CONNTRACK
+ bool "conntrack marking support"
+ select BR2_PACKAGE_LIBNETFILTER_CONNTRACK
+ help
+ Enable DNS query connection marking in netfilter.
+
endif
diff --git a/package/dnsmasq/dnsmasq.mk b/package/dnsmasq/dnsmasq.mk
index c1995a0..205921f 100644
--- a/package/dnsmasq/dnsmasq.mk
+++ b/package/dnsmasq/dnsmasq.mk
@@ -28,6 +28,17 @@ ifeq ($(BR2_PACKAGE_DNSMASQ_IDN),y)
DNSMASQ_MAKE_OPT += LDFLAGS+="-lintl -lidn"
endif
+ifeq ($(BR2_PACKAGE_DNSMASQ_CONNTRACK),y)
+ DNSMASQ_DEPENDENCIES += host-pkg-config libnetfilter_conntrack
+endif
+
+ifeq ($(BR2_PACKAGE_DNSMASQ_CONNTRACK),y)
+define DNSMASQ_ENABLE_CONNTRACK
+ $(SED) 's^.*#define HAVE_CONNTRACK.*^#define HAVE_CONNTRACK^' \
+ $(DNSMASQ_DIR)/src/config.h
+endef
+endif
+
ifeq ($(BR2_PACKAGE_DNSMASQ_LUA),y)
DNSMASQ_DEPENDENCIES += lua
DNSMASQ_MAKE_OPT += LDFLAGS+="-ldl"
@@ -70,6 +81,7 @@ define DNSMASQ_BUILD_CMDS
$(DNSMASQ_FIX_PKGCONFIG)
$(DNSMASQ_ENABLE_DBUS)
$(DNSMASQ_ENABLE_LUA)
+ $(DNSMASQ_ENABLE_CONNTRACK)
$(DNSMASQ_MAKE_ENV) $(MAKE) -C $(@D) $(DNSMASQ_MAKE_OPT)
endef
--
1.7.3.4
^ permalink raw reply related [flat|nested] 6+ messages in thread
* [Buildroot] [PATCH 1/3] libnfnetlink: new package
2012-03-19 12:17 [Buildroot] [PATCH 1/3] libnfnetlink: new package Gustavo Zacarias
2012-03-19 12:17 ` [Buildroot] [PATCH 2/3] libnetfilter_conntrack: " Gustavo Zacarias
2012-03-19 12:17 ` [Buildroot] [PATCH 3/3] dnsmasq: add option to support conntrack Gustavo Zacarias
@ 2012-03-19 22:23 ` Arnout Vandecappelle
2 siblings, 0 replies; 6+ messages in thread
From: Arnout Vandecappelle @ 2012-03-19 22:23 UTC (permalink / raw)
To: buildroot
On Monday 19 March 2012 13:17:48 Gustavo Zacarias wrote:
> Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Acked-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Tested-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
(compile tested only)
--
Arnout Vandecappelle arnout at mind be
Senior Embedded Software Architect +32-16-286540
Essensium/Mind http://www.mind.be
G.Geenslaan 9, 3001 Leuven, Belgium BE 872 984 063 RPR Leuven
LinkedIn profile: http://www.linkedin.com/in/arnoutvandecappelle
GPG fingerprint: 7CB5 E4CC 6C2E EFD4 6E3D A754 F963 ECAB 2450 2F1F
^ permalink raw reply [flat|nested] 6+ messages in thread
* [Buildroot] [PATCH 2/3] libnetfilter_conntrack: new package
2012-03-19 12:17 ` [Buildroot] [PATCH 2/3] libnetfilter_conntrack: " Gustavo Zacarias
@ 2012-03-19 22:23 ` Arnout Vandecappelle
0 siblings, 0 replies; 6+ messages in thread
From: Arnout Vandecappelle @ 2012-03-19 22:23 UTC (permalink / raw)
To: buildroot
On Monday 19 March 2012 13:17:49 Gustavo Zacarias wrote:
> Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Acked-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Tested-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
(compile tested only)
--
Arnout Vandecappelle arnout at mind be
Senior Embedded Software Architect +32-16-286540
Essensium/Mind http://www.mind.be
G.Geenslaan 9, 3001 Leuven, Belgium BE 872 984 063 RPR Leuven
LinkedIn profile: http://www.linkedin.com/in/arnoutvandecappelle
GPG fingerprint: 7CB5 E4CC 6C2E EFD4 6E3D A754 F963 ECAB 2450 2F1F
^ permalink raw reply [flat|nested] 6+ messages in thread
* [Buildroot] [PATCH 3/3] dnsmasq: add option to support conntrack
2012-03-19 12:17 ` [Buildroot] [PATCH 3/3] dnsmasq: add option to support conntrack Gustavo Zacarias
@ 2012-03-19 22:24 ` Arnout Vandecappelle
0 siblings, 0 replies; 6+ messages in thread
From: Arnout Vandecappelle @ 2012-03-19 22:24 UTC (permalink / raw)
To: buildroot
On Monday 19 March 2012 13:17:50 Gustavo Zacarias wrote:
> Add an option to support conntrack marking of DNS packets.
> This allows for more sturdy firewall setups and/or accounting.
>
> Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Acked-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Tested-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
(compile tested only)
--
Arnout Vandecappelle arnout at mind be
Senior Embedded Software Architect +32-16-286540
Essensium/Mind http://www.mind.be
G.Geenslaan 9, 3001 Leuven, Belgium BE 872 984 063 RPR Leuven
LinkedIn profile: http://www.linkedin.com/in/arnoutvandecappelle
GPG fingerprint: 7CB5 E4CC 6C2E EFD4 6E3D A754 F963 ECAB 2450 2F1F
^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2012-03-19 22:24 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2012-03-19 12:17 [Buildroot] [PATCH 1/3] libnfnetlink: new package Gustavo Zacarias
2012-03-19 12:17 ` [Buildroot] [PATCH 2/3] libnetfilter_conntrack: " Gustavo Zacarias
2012-03-19 22:23 ` Arnout Vandecappelle
2012-03-19 12:17 ` [Buildroot] [PATCH 3/3] dnsmasq: add option to support conntrack Gustavo Zacarias
2012-03-19 22:24 ` Arnout Vandecappelle
2012-03-19 22:23 ` [Buildroot] [PATCH 1/3] libnfnetlink: new package Arnout Vandecappelle
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox