projects / feed / packages.git / blob
? search:


bbf588b489b7e8f52b5bc62d0e3ab4bdf056bd03
[feed/packages.git] / net / pbr / Makefile
1 # Copyright 2017-2023 MOSSDeF, Stan Grishin (stangri@melmac.ca)
2 # This is free software, licensed under the GNU General Public License v3.
3
4 include $(TOPDIR)/rules.mk
5
6 PKG_NAME:=pbr
7 PKG_VERSION:=1.1.4
8 PKG_RELEASE:=r15
9 PKG_LICENSE:=GPL-3.0-or-later
10 PKG_MAINTAINER:=Stan Grishin <stangri@melmac.ca>
11
12 include $(INCLUDE_DIR)/package.mk
13
14 define Package/pbr/default
15 SECTION:=net
16 CATEGORY:=Network
17 SUBMENU:=Routing and Redirection
18 TITLE:=Policy Based Routing Service
19 URL:=https://docs.openwrt.melmac.net/pbr/
20 DEPENDS:=+ip-full +jshn +jsonfilter +resolveip
21 DEPENDS+=+!BUSYBOX_DEFAULT_AWK:gawk
22 DEPENDS+=+!BUSYBOX_DEFAULT_GREP:grep
23 DEPENDS+=+!BUSYBOX_DEFAULT_SED:sed
24 CONFLICTS:=vpnbypass vpn-policy-routing
25 PROVIDES:=pbr
26 PKGARCH:=all
27 endef
28
29 define Package/pbr
30 $(call Package/pbr/default)
31 TITLE+= with nft/nft set support
32 DEPENDS+=+kmod-nft-core +kmod-nft-nat +nftables-json
33 VARIANT:=nftables
34 DEFAULT_VARIANT:=1
35 PROVIDES+=vpnbypass vpn-policy-routing
36 endef
37
38 define Package/pbr-iptables
39 $(call Package/pbr/default)
40 TITLE+= with iptables/ipset support
41 DEPENDS+=+ipset +iptables +kmod-ipt-ipset +iptables-mod-ipopt
42 VARIANT:=iptables
43 endef
44
45 define Package/pbr-netifd
46 $(call Package/pbr/default)
47 TITLE+= with netifd support
48 VARIANT:=netifd
49 endef
50
51 define Package/pbr/default/description
52 This service enables policy-based routing for WAN interfaces and various VPN tunnels.
53 endef
54
55 define Package/pbr/description
56 $(call Package/pbr/default/description)
57 This version supports OpenWrt with both firewall3/ipset/iptables and firewall4/nft.
58 endef
59
60 define Package/pbr-iptables/description
61 $(call Package/pbr/default/description)
62 This version supports OpenWrt with firewall3/ipset/iptables.
63 endef
64
65 define Package/pbr-netifd/description
66 $(call Package/pbr/default/description)
67 This version supports OpenWrt with both firewall3/ipset/iptables and firewall4/nft.
68 This version uses OpenWrt native netifd/tables to set up interfaces. This is WIP.
69 endef
70
71 define Package/pbr/default/conffiles
72 /etc/config/pbr
73 endef
74
75 Package/pbr/conffiles = $(Package/pbr/default/conffiles)
76 Package/pbr-iptables/conffiles = $(Package/pbr/default/conffiles)
77 Package/pbr-netifd/conffiles = $(Package/pbr/default/conffiles)
78
79 define Build/Configure
80 endef
81
82 define Build/Compile
83 endef
84
85 define Package/pbr/default/install
86 $(INSTALL_DIR) $(1)/etc/init.d
87 $(INSTALL_BIN) ./files/etc/init.d/pbr $(1)/etc/init.d/pbr
88 $(SED) "s|^\(readonly PKG_VERSION\).*|\1='$(PKG_VERSION)-$(PKG_RELEASE)'|" $(1)/etc/init.d/pbr
89 $(INSTALL_DIR) $(1)/etc/uci-defaults
90 $(INSTALL_BIN) ./files/etc/uci-defaults/90-pbr $(1)/etc/uci-defaults/90-pbr
91 $(INSTALL_DIR) $(1)/usr/share/pbr
92 $(INSTALL_DATA) ./files/usr/share/pbr/.keep $(1)/usr/share/pbr/.keep
93 $(INSTALL_DATA) ./files/usr/share/pbr/pbr.user.aws $(1)/usr/share/pbr/pbr.user.aws
94 $(INSTALL_DATA) ./files/usr/share/pbr/pbr.user.netflix $(1)/usr/share/pbr/pbr.user.netflix
95 $(INSTALL_DATA) ./files/usr/share/pbr/pbr.user.wg_server_and_client $(1)/usr/share/pbr/pbr.user.wg_server_and_client
96 endef
97 # $(INSTALL_DIR) $(1)/etc/hotplug.d/iface
98 # $(INSTALL_DATA) ./files/etc/hotplug.d/iface/70-pbr $(1)/etc/hotplug.d/iface/70-pbr
99
100 define Package/pbr/install
101 $(call Package/pbr/default/install,$(1))
102 $(INSTALL_DIR) $(1)/etc/config
103 $(INSTALL_CONF) ./files/etc/config/pbr $(1)/etc/config/pbr
104 $(INSTALL_DIR) $(1)/usr/share/pbr
105 $(INSTALL_DATA) ./files/usr/share/pbr/firewall.include $(1)/usr/share/pbr/firewall.include
106 $(INSTALL_DIR) $(1)/usr/share/nftables.d
107 $(CP) ./files/usr/share/nftables.d/* $(1)/usr/share/nftables.d/
108 $(INSTALL_DIR) $(1)/etc/uci-defaults
109 $(INSTALL_BIN) ./files/etc/uci-defaults/91-pbr-nft $(1)/etc/uci-defaults/91-pbr-nft
110 endef
111
112 define Package/pbr-iptables/install
113 $(call Package/pbr/default/install,$(1))
114 $(INSTALL_DIR) $(1)/etc/hotplug.d/firewall
115 $(INSTALL_DATA) ./files/etc/hotplug.d/firewall/70-pbr $(1)/etc/hotplug.d/firewall/70-pbr
116 $(INSTALL_DIR) $(1)/etc/config
117 $(INSTALL_CONF) ./files/etc/config/pbr.iptables $(1)/etc/config/pbr
118 $(INSTALL_DIR) $(1)/etc/uci-defaults
119 $(INSTALL_BIN) ./files/etc/uci-defaults/91-pbr-iptables $(1)/etc/uci-defaults/91-pbr-iptables
120 endef
121
122 define Package/pbr-netifd/install
123 $(call Package/pbr/default/install,$(1))
124 $(INSTALL_DIR) $(1)/etc/config
125 $(INSTALL_CONF) ./files/etc/config/pbr $(1)/etc/config/pbr
126 $(INSTALL_DIR) $(1)/etc/uci-defaults
127 $(INSTALL_BIN) ./files/etc/uci-defaults/91-pbr-netifd $(1)/etc/uci-defaults/91-pbr-netifd
128 endef
129
130 define Package/pbr/postinst
131 #!/bin/sh
132 # check if we are on real system
133 if [ -z "$${IPKG_INSTROOT}" ]; then
134 chmod -x /etc/init.d/pbr || true
135 fw4 -q reload || true
136 chmod +x /etc/init.d/pbr || true
137 echo -n "Installing rc.d symlink for pbr... "
138 /etc/init.d/pbr enable && echo "OK" || echo "FAIL"
139 fi
140 exit 0
141 endef
142
143 define Package/pbr/prerm
144 #!/bin/sh
145 # check if we are on real system
146 if [ -z "$${IPKG_INSTROOT}" ]; then
147 uci -q delete firewall.pbr || true
148 echo -n "Stopping pbr service... "
149 /etc/init.d/pbr stop quiet >/dev/null 2>&1 && echo "OK" || echo "FAIL"
150 echo -n "Removing rc.d symlink for pbr... "
151 /etc/init.d/pbr disable && echo "OK" || echo "FAIL"
152 fi
153 exit 0
154 endef
155
156 define Package/pbr/postrm
157 #!/bin/sh
158 # check if we are on real system
159 if [ -z "$${IPKG_INSTROOT}" ]; then
160 fw4 -q reload || true
161 fi
162 exit 0
163 endef
164
165 define Package/pbr-iptables/postinst
166 #!/bin/sh
167 # check if we are on real system
168 if [ -z "$${IPKG_INSTROOT}" ]; then
169 echo -n "Installing rc.d symlink for pbr-iptables... "
170 /etc/init.d/pbr enable && echo "OK" || echo "FAIL"
171 fi
172 exit 0
173 endef
174
175 define Package/pbr-iptables/prerm
176 #!/bin/sh
177 # check if we are on real system
178 if [ -z "$${IPKG_INSTROOT}" ]; then
179 uci -q delete firewall.pbr || true
180 echo -n "Stopping pbr-iptables service... "
181 /etc/init.d/pbr stop quiet >/dev/null 2>&1 && echo "OK" || echo "FAIL"
182 echo -n "Removing rc.d symlink for pbr-iptables... "
183 /etc/init.d/pbr disable && echo "OK" || echo "FAIL"
184 fi
185 exit 0
186 endef
187
188 define Package/pbr-netifd/postinst
189 #!/bin/sh
190 # check if we are on real system
191 if [ -z "$${IPKG_INSTROOT}" ]; then
192 echo -n "Installing rc.d symlink for pbr-netifd... "
193 /etc/init.d/pbr enable && echo "OK" || echo "FAIL"
194 fi
195 exit 0
196 endef
197
198 define Package/pbr-netifd/prerm
199 #!/bin/sh
200 # check if we are on real system
201 if [ -z "$${IPKG_INSTROOT}" ]; then
202 uci -q delete firewall.pbr || true
203 echo -n "Stopping pbr-netifd service... "
204 /etc/init.d/pbr stop quiet >/dev/null 2>&1 && echo "OK" || echo "FAIL"
205 echo -n "Removing rc.d symlink for pbr... "
206 /etc/init.d/pbr disable && echo "OK" || echo "FAIL"
207 echo -n "Cleaning up /etc/iproute2/rt_tables... "
208 if sed -i '/pbr_/d' /etc/iproute2/rt_tables; then
209 echo "OK"
210 else
211 echo "FAIL"
212 fi
213 echo -n "Cleaning up /etc/config/network... "
214 if sed -i '/ip.table.*pbr_/d' /etc/config/network; then
215 echo "OK"
216 else
217 echo "FAIL"
218 fi
219 echo -n "Restarting Network... "
220 if /etc/init.d/network restart >/dev/null 2>&1; then
221 echo "OK"
222 else
223 echo "FAIL"
224 fi
225
226 fi
227 exit 0
228 endef
229
230 $(eval $(call BuildPackage,pbr))
231 $(eval $(call BuildPackage,pbr-iptables))
232 #$(eval $(call BuildPackage,pbr-netifd))
Mirror of packages feed