projects / feed / packages.git / blob
? search:


ddc8537a7e9b77193f0bd7709b02ea7b7fc91c2e
[feed/packages.git] / net / pbr / Makefile
1 # Copyright 2017-2023 MOSSDeF, Stan Grishin (stangri@melmac.ca)
2 # This is free software, licensed under the GNU General Public License v3.
3
4 include $(TOPDIR)/rules.mk
5
6 PKG_NAME:=pbr
7 PKG_VERSION:=1.1.4
8 PKG_RELEASE:=r7
9 PKG_LICENSE:=GPL-3.0-or-later
10 PKG_MAINTAINER:=Stan Grishin <stangri@melmac.ca>
11
12 include $(INCLUDE_DIR)/package.mk
13
14 define Package/pbr-service/Default
15 SECTION:=net
16 CATEGORY:=Network
17 SUBMENU:=Routing and Redirection
18 TITLE:=Policy Based Routing Service
19 URL:=https://docs.openwrt.melmac.net/pbr/
20 DEPENDS:=+ip-full +jshn +jsonfilter +resolveip
21 DEPENDS+=+!BUSYBOX_DEFAULT_AWK:gawk
22 DEPENDS+=+!BUSYBOX_DEFAULT_GREP:grep
23 DEPENDS+=+!BUSYBOX_DEFAULT_SED:sed
24 PROVIDES:=pbr-service
25 CONFLICTS:=vpnbypass vpn-policy-routing
26 PKGARCH:=all
27 endef
28
29 define Package/pbr
30 $(call Package/pbr-service/Default)
31 TITLE+= with nft/nft set support
32 DEPENDS+=+kmod-nft-core +kmod-nft-nat +nftables-json
33 DEFAULT_VARIANT:=1
34 VARIANT:=nftables
35 PROVIDES+=pbr vpnbypass vpn-policy-routing
36 endef
37
38 define Package/pbr-iptables
39 $(call Package/pbr-service/Default)
40 TITLE+= with iptables/ipset support
41 DEPENDS+=+ipset +iptables +kmod-ipt-ipset +iptables-mod-ipopt
42 VARIANT:=iptables
43 endef
44
45 define Package/pbr-netifd
46 $(call Package/pbr-service/Default)
47 TITLE+= with netifd support
48 VARIANT:=netifd
49 endef
50
51 define Package/pbr-service/description
52 This service enables policy-based routing for WAN interfaces and various VPN tunnels.
53 endef
54
55 define Package/pbr/description
56 $(call Package/pbr-service/description)
57 This version supports OpenWrt with both firewall3/ipset/iptables and firewall4/nft.
58 endef
59
60 define Package/pbr-iptables/description
61 $(call Package/pbr-service/description)
62 This version supports OpenWrt with firewall3/ipset/iptables.
63 endef
64
65 define Package/pbr-netifd/description
66 $(call Package/pbr-service/description)
67 This version supports OpenWrt with both firewall3/ipset/iptables and firewall4/nft.
68 This version uses OpenWrt native netifd/tables to set up interfaces. This is WIP.
69 endef
70
71 define Package/pbr-service/conffiles
72 /etc/config/pbr
73 endef
74
75 Package/pbr/conffiles = $(Package/pbr-service/conffiles)
76 Package/pbr-iptables/conffiles = $(Package/pbr-service/conffiles)
77 Package/pbr-netifd/conffiles = $(Package/pbr-service/conffiles)
78
79 define Build/Configure
80 endef
81
82 define Build/Compile
83 endef
84
85 define Package/pbr-service/install
86 $(INSTALL_DIR) $(1)/etc/init.d
87 $(INSTALL_BIN) ./files/etc/init.d/pbr $(1)/etc/init.d/pbr
88 $(SED) "s|^\(readonly PKG_VERSION\).*|\1='$(PKG_VERSION)-$(PKG_RELEASE)'|" $(1)/etc/init.d/pbr
89 $(INSTALL_DIR) $(1)/etc/uci-defaults
90 $(INSTALL_BIN) ./files/etc/uci-defaults/90-pbr $(1)/etc/uci-defaults/90-pbr
91 $(INSTALL_DIR) $(1)/usr/share/pbr
92 $(INSTALL_DATA) ./files/usr/share/pbr/.keep $(1)/usr/share/pbr/.keep
93 $(INSTALL_DATA) ./files/usr/share/pbr/pbr.user.aws $(1)/usr/share/pbr/pbr.user.aws
94 $(INSTALL_DATA) ./files/usr/share/pbr/pbr.user.netflix $(1)/usr/share/pbr/pbr.user.netflix
95 $(INSTALL_DATA) ./files/usr/share/pbr/pbr.user.wg_server_and_client $(1)/usr/share/pbr/pbr.user.wg_server_and_client
96 endef
97 # $(INSTALL_DIR) $(1)/etc/hotplug.d/iface
98 # $(INSTALL_DATA) ./files/etc/hotplug.d/iface/70-pbr $(1)/etc/hotplug.d/iface/70-pbr
99
100 define Package/pbr/install
101 $(call Package/pbr-service/install,$(1))
102 $(INSTALL_DIR) $(1)/etc/config
103 $(INSTALL_CONF) ./files/etc/config/pbr $(1)/etc/config/pbr
104 $(INSTALL_DIR) $(1)/usr/share/pbr
105 $(INSTALL_DATA) ./files/usr/share/pbr/firewall.include $(1)/usr/share/pbr/firewall.include
106 $(INSTALL_DIR) $(1)/usr/share/nftables.d
107 $(CP) ./files/usr/share/nftables.d/* $(1)/usr/share/nftables.d/
108 endef
109
110 define Package/pbr-iptables/install
111 $(call Package/pbr-service/install,$(1))
112 $(INSTALL_DIR) $(1)/etc/hotplug.d/firewall
113 $(INSTALL_DATA) ./files/etc/hotplug.d/firewall/70-pbr $(1)/etc/hotplug.d/firewall/70-pbr
114 $(INSTALL_DIR) $(1)/etc/config
115 $(INSTALL_CONF) ./files/etc/config/pbr.iptables $(1)/etc/config/pbr
116 endef
117
118 define Package/pbr-netifd/install
119 $(call Package/pbr-service/install,$(1))
120 $(INSTALL_DIR) $(1)/etc/config
121 $(INSTALL_CONF) ./files/etc/config/pbr $(1)/etc/config/pbr
122 $(INSTALL_DIR) $(1)/etc/uci-defaults
123 $(INSTALL_BIN) ./files/etc/uci-defaults/91-pbr $(1)/etc/uci-defaults/91-pbr
124 endef
125
126 define Package/pbr/postinst
127 #!/bin/sh
128 # check if we are on real system
129 if [ -z "$${IPKG_INSTROOT}" ]; then
130 chmod -x /etc/init.d/pbr || true
131 fw4 -q reload || true
132 chmod +x /etc/init.d/pbr || true
133 echo -n "Installing rc.d symlink for pbr... "
134 /etc/init.d/pbr enable && echo "OK" || echo "FAIL"
135 fi
136 exit 0
137 endef
138
139 define Package/pbr/prerm
140 #!/bin/sh
141 # check if we are on real system
142 if [ -z "$${IPKG_INSTROOT}" ]; then
143 uci -q delete firewall.pbr || true
144 echo "Stopping pbr service... "
145 /etc/init.d/pbr stop quiet && echo "OK" || echo "FAIL"
146 echo -n "Removing rc.d symlink for pbr... "
147 /etc/init.d/pbr disable && echo "OK" || echo "FAIL"
148 fi
149 exit 0
150 endef
151
152 define Package/pbr/postrm
153 #!/bin/sh
154 # check if we are on real system
155 if [ -z "$${IPKG_INSTROOT}" ]; then
156 fw4 -q reload || true
157 fi
158 exit 0
159 endef
160
161 define Package/pbr-iptables/postinst
162 #!/bin/sh
163 # check if we are on real system
164 if [ -z "$${IPKG_INSTROOT}" ]; then
165 echo -n "Installing rc.d symlink for pbr-iptables... "
166 /etc/init.d/pbr enable && echo "OK" || echo "FAIL"
167 fi
168 exit 0
169 endef
170
171 define Package/pbr-iptables/prerm
172 #!/bin/sh
173 # check if we are on real system
174 if [ -z "$${IPKG_INSTROOT}" ]; then
175 uci -q delete firewall.pbr || true
176 echo "Stopping pbr-iptables service... "
177 /etc/init.d/pbr stop quiet && echo "OK" || echo "FAIL"
178 echo -n "Removing rc.d symlink for pbr-iptables... "
179 /etc/init.d/pbr disable && echo "OK" || echo "FAIL"
180 fi
181 exit 0
182 endef
183
184 define Package/pbr-netifd/postinst
185 #!/bin/sh
186 # check if we are on real system
187 if [ -z "$${IPKG_INSTROOT}" ]; then
188 echo -n "Installing rc.d symlink for pbr-netifd... "
189 /etc/init.d/pbr enable && echo "OK" || echo "FAIL"
190 fi
191 exit 0
192 endef
193
194 define Package/pbr-netifd/prerm
195 #!/bin/sh
196 # check if we are on real system
197 if [ -z "$${IPKG_INSTROOT}" ]; then
198 uci -q delete firewall.pbr || true
199 echo "Stopping pbr-netifd service... "
200 /etc/init.d/pbr stop quiet && echo "OK" || echo "FAIL"
201 echo -n "Removing rc.d symlink for pbr... "
202 /etc/init.d/pbr disable && echo "OK" || echo "FAIL"
203 fi
204 exit 0
205 endef
206
207 $(eval $(call BuildPackage,pbr))
208 $(eval $(call BuildPackage,pbr-iptables))
209 #$(eval $(call BuildPackage,pbr-netifd))
Mirror of packages feed