* [PATCH] iptables: Split the iptables modules into separate packages
@ 2017-12-06 10:02 Peter Kjellerstedt
0 siblings, 0 replies; only message in thread
From: Peter Kjellerstedt @ 2017-12-06 10:02 UTC (permalink / raw)
To: openembedded-core
By splitting the iptables modules into separate packages it is
possible to pick and choose the modules to install and thereby reduce
the total size of the installed modules.
Backwards compatibility is maintained by adding a recommendation of
iptables-modules, which is a meta package that depends on all the
generated packages.
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
---
In our case we could save more than 1 MB by removing modules we do not
use.
meta/recipes-extended/iptables/iptables_1.6.1.bb | 43 +++++++++++++++++-------
1 file changed, 30 insertions(+), 13 deletions(-)
diff --git a/meta/recipes-extended/iptables/iptables_1.6.1.bb b/meta/recipes-extended/iptables/iptables_1.6.1.bb
index b37c55a64e..b6e6cbe8a3 100644
--- a/meta/recipes-extended/iptables/iptables_1.6.1.bb
+++ b/meta/recipes-extended/iptables/iptables_1.6.1.bb
@@ -7,17 +7,6 @@ LICENSE = "GPLv2+"
LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263\
file://iptables/iptables.c;beginline=13;endline=25;md5=c5cffd09974558cf27d0f763df2a12dc"
-RRECOMMENDS_${PN} = "kernel-module-x-tables \
- kernel-module-ip-tables \
- kernel-module-iptable-filter \
- kernel-module-iptable-nat \
- kernel-module-nf-defrag-ipv4 \
- kernel-module-nf-conntrack \
- kernel-module-nf-conntrack-ipv4 \
- kernel-module-nf-nat \
- kernel-module-ipt-masquerade"
-FILES_${PN} =+ "${libdir}/xtables/ ${datadir}/xtables"
-
SRC_URI = "http://netfilter.org/projects/iptables/files/iptables-${PV}.tar.bz2 \
file://types.h-add-defines-that-are-required-for-if_packet.patch \
file://0001-configure-Add-option-to-enable-disable-libnfnetlink.patch \
@@ -30,8 +19,8 @@ SRC_URI[sha256sum] = "0fc2d7bd5d7be11311726466789d4c65fb4c8e096c9182b56ce9744086
inherit autotools pkgconfig
-EXTRA_OECONF = "--with-kernel=${STAGING_INCDIR} \
- "
+EXTRA_OECONF = "--with-kernel=${STAGING_INCDIR}"
+
PACKAGECONFIG ?= "${@bb.utils.filter('DISTRO_FEATURES', 'ipv6', d)}"
PACKAGECONFIG[ipv6] = "--enable-ipv6,--disable-ipv6,"
@@ -47,3 +36,31 @@ do_configure_prepend() {
# Keep ax_check_linker_flags.m4 which belongs to autoconf-archive.
rm -f libtool.m4 lt~obsolete.m4 ltoptions.m4 ltsugar.m4 ltversion.m4
}
+
+PACKAGES += "${PN}-modules"
+PACKAGES_DYNAMIC += "^${PN}-module-.*"
+
+python populate_packages_prepend() {
+ modules = do_split_packages(d, '${libdir}/xtables', 'lib(.*)\.so$', '${PN}-module-%s', '${PN} module %s', extra_depends='')
+ if modules:
+ metapkg = d.getVar('PN') + '-modules'
+ d.appendVar('RDEPENDS_' + metapkg, ' ' + ' '.join(modules))
+}
+
+FILES_${PN} += "${datadir}/xtables"
+
+ALLOW_EMPTY_${PN}-modules = "1"
+
+RDEPENDS_${PN} = "iptables-module-xt-standard"
+RRECOMMENDS_${PN} = " \
+ ${PN}-modules \
+ kernel-module-x-tables \
+ kernel-module-ip-tables \
+ kernel-module-iptable-filter \
+ kernel-module-iptable-nat \
+ kernel-module-nf-defrag-ipv4 \
+ kernel-module-nf-conntrack \
+ kernel-module-nf-conntrack-ipv4 \
+ kernel-module-nf-nat \
+ kernel-module-ipt-masquerade \
+"
--
2.12.0
^ permalink raw reply related [flat|nested] only message in thread
only message in thread, other threads:[~2017-12-06 10:02 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2017-12-06 10:02 [PATCH] iptables: Split the iptables modules into separate packages Peter Kjellerstedt
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox