Commit Graph

40 Commits

Author SHA1 Message Date
Jo-Philipp Wich
469db326ac nftables: fix parsing date expressions
Musl libc does not support the non-POSIX "%F" format for strptime() so
replace all occurrences of it with an equivalent "%Y-%m-%d" format.

Fixes: #10419
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(backported from commit e6e4f97999)
2022-08-25 10:30:46 +02:00
Eneas U de Queiroz
fb597a9d4c nftables: add CONFLICT between versions
Have nftables-json conflict with nftables-nojson.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit 1135b75d1f)
2022-04-11 22:45:16 +02:00
Josef Schlehofer
d71928c1e3 nftables: update to version 1.0.2
Changelog:
https://lwn.net/ml/netdev/YhO5Pn+6+dgAgSd9@salvia/

Patches:

removed:
- 001-parser-allow-quoted-string-in-flowtable_expr_member:
it is now part of upstream release [1]

added:
- 001-examples-compile-with-make-check.patch:
backported from [2], it fixes:

nft-json-file.c:3:10: fatal error: nftables/libnftables.h: No such file or directory
    3 | #include <nftables/libnftables.h>
      |          ^~~~~~~~~~~~~~~~~~~~~~~~
compilation terminated.

[1] https://git.netfilter.org/nftables/commit/?h=v1.0.2&id=07af4429241c9832a613cb8620331ac54257d9df
[2] https://git.netfilter.org/nftables/commit/?id=18a08fb7f0443f8bde83393bd6f69e23a04246b3

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
2022-03-07 21:44:53 +01:00
Stijn Tintel
9ba6ee4e25 nftables: allow quoted string in flowtable_expr_member
This is required to be able to use flow offloading on devices with
ifnames that start with a digit, like 6in4-wan6.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2021-12-31 02:07:13 +02:00
Stijn Tintel
6832271ee7 nftables: bump to 1.0.1
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2021-12-01 00:39:36 +02:00
Kevin Darbyshire-Bryant
7a48dfc90c nftables: install package file
Install pc file so dnsmasq can find libnftables

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2021-11-30 15:16:17 +00:00
Daniel Danzberger
0e96e06867 nftables: install libnftables to staging dir
Makes libnftables library and headers available for other packages.

Signed-off-by: Daniel Danzberger <daniel@dd-wrt.com>
2021-11-20 21:08:25 +01:00
Stijn Tintel
dbb0019cbe nftables: bump to 1.0.0
This introduces support for hardware flow offloading, which was added in
in nftables 0.9.9.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Acked-by: Jo-Philipp Wich <jo@mein.io>
2021-10-19 00:12:13 +02:00
Hauke Mehrtens
103225b412 nftables: Activate link time optimization (LTO)
The ipk sizes for mips_24Kc change like this:
old:
nftables-json_0.9.6-1_mips_24kc.ipk	231.968
nftables-nojson_0.9.6-1_mips_24kc.ipk	204.731

new:
nftables-json_0.9.6-2_mips_24kc.ipk	221.894
nftables-nojson_0.9.6-2_mips_24kc.ipk	193.932

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2020-09-06 20:30:18 +02:00
Hauke Mehrtens
13b4ed4cf4 nftables: Update to version 0.9.6
The ipk sizes for mips_24Kc change like this:
old:
nftables-json_0.9.3-1_mips_24kc.ipk	220.262
nftables-nojson_0.9.3-1_mips_24kc.ipk	192.937

new:
nftables-json_0.9.6-1_mips_24kc.ipk	231.968
nftables-nojson_0.9.6-1_mips_24kc.ipk	204.731

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2020-09-06 20:30:18 +02:00
Kevin Darbyshire-Bryant
94dae0f191 nftables: implement no/json variants
Replace the build time choice of json support with a package based
choice.  Users requiring a json aware version of 'nft' may now install
nftables-json.

The default choice to fulfill the 'nftables' package dependency is
'nftables-nojson'

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2020-03-29 17:27:54 +01:00
Kevin Darbyshire-Bryant
9b0290ffbd nftables: bump to 0.9.3
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2020-03-24 14:42:48 +00:00
Konstantin Demin
b74f1f335a nftables: bump to version 0.9.2
- exclude Python-related stuff from build
- drop patches:
  * 010-uclibc-ng.patch, applied upstream

ipkg size decrease by 2.8%:
old:
194.851 nftables_0.9.0-2_arm_cortex-a7_neon-vfpv4.ipk
new:
189.581 nftables_0.9.2-1_arm_cortex-a7_neon-vfpv4.ipk

Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
2019-09-01 18:38:04 +02:00
Rosen Penev
2f97797471 nftables: Fix compilation with uClibc-ng
Missing header for va_list.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
[updated with upstream version of the patch]
2019-05-15 13:34:23 +02:00
Rosy Song
f30583c41d nftables: allow to build with json support
Signed-off-by: Rosy Song <rosysong@rosinson.com>
2018-08-01 11:25:04 +02:00
Rosy Song
1ee98fdef3 nftables: bump to version 0.9.0
Signed-off-by: Rosy Song <rosysong@rosinson.com>
2018-06-18 18:21:20 +02:00
Rosy Song
39e87e0ffc nftables: bump to 0.8.5 version
Signed-off-by: Rosy Song <rosysong@rosinson.com>
2018-05-21 18:07:47 +02:00
Hauke Mehrtens
95745516a2 nftables: update to version 0.8.2
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2018-02-15 23:31:23 +01:00
Matthias Schiffer
bbef76f1b1
nftables: remove dependency on kmod-nf-nat
For minimal firewall setups, NAT support may be unnecessary.

It would be possible to further reduce the minimum number of installed
modules, e.g. by separating IPv4 and IPv6 support or moving conntrack
support into a separate kmod package. We go with a more complete
kmod-nft-core for now, until a concrete usecase for smaller packages
arises.

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2018-01-31 13:32:40 +01:00
Philip Prindeville
a30791242b nftables: update to 0.8.1
Note this requires libnftnl-1.0.8 or higher, so that update needs
to be merged first.

Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
2018-01-20 20:22:01 +01:00
Hauke Mehrtens
9f626501cb nftables: fix sha256sum
The mirror was delivering a file with a different hash.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2017-12-31 18:46:13 +01:00
Stijn Tintel
9e9696afc8 treewide: switch git.netfilter.org to HTTPS
As git.netfilter.org seems to support HTTPS, use that instead of HTTP
which is insecure, or GIT which is blocked on many corporate networks.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2017-10-08 21:10:36 +03:00
Hauke Mehrtens
779227d5ee nftables: remove date from version
We are using the normal 0.7 version of nftables, do not add an
additional date to the version number.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2017-08-09 23:20:56 +02:00
Nick Brassel
eaf6f1532d nftables: Update to 0.7
Updated nftables to latest.

Signed-off-by: Nick Brassel <nick@tzarc.org>
2017-07-15 00:17:49 +02:00
Felix Fietkau
c7c1cf5618 treewide: clean up and unify PKG_VERSION for git based downloads
Also use default defintions for PKG_SOURCE_SUBDIR, PKG_SOURCE

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-22 16:42:21 +01:00
Felix Fietkau
720b99215d treewide: clean up download hashes
Replace *MD5SUM with *HASH, replace MD5 hashes with SHA256

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-16 22:39:22 +01:00
Daniel Engberg
9edfe7dd13 source: Switch to xz for packages and tools where possible
* Change git packages to xz
* Update mirror checksums in packages where they are used
* Change a few source tarballs to xz if available upstream
* Remove unused lines in packages we're touching, requested by jow- and blogic
* We're relying more on xz-utils so add official mirror as primary source, master site as secondary.
* Add SHA256 checksums to multiple git tarball packages

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2016-10-06 12:16:56 +02:00
Steven Barth
9715e1d520 nftables: bump version
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 45513
2015-04-20 06:30:34 +00:00
Steven Barth
23db1800f8 nftables: bump to 2015-03-24
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 45158
2015-03-30 17:04:14 +00:00
Steven Barth
fd0e95fe7b nftables: bump for minor fixes
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 44062
2015-01-20 13:42:47 +00:00
Steven Barth
05220c415c nftables: bump again and disable building docs
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 43948
2015-01-12 12:39:14 +00:00
Steven Barth
6150714eb0 nftables: bump to latest and enable debugging
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 43944
2015-01-12 06:16:51 +00:00
Steven Barth
afff105706 nftables: bump to latest git / all patches upstreamed
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 43870
2015-01-08 11:31:36 +00:00
Steven Barth
5628648f87 nftables: bump to release 0.4, cleanup our patches
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 43730
2014-12-16 09:28:59 +00:00
Steven Barth
8aa9160274 nftables: mini-bump and patch cleanup
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 43710
2014-12-15 09:41:47 +00:00
Steven Barth
c927daaf76 nftables: bump to latest git, fix mini-gmp patches
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 43707
2014-12-14 16:03:45 +00:00
Steven Barth
71d05d211d nftables: bump to latest, fix minigmp
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 43013
2014-10-21 20:00:56 +00:00
Steven Barth
8243e57167 nftables: bump to 2014-09-30, disable gmp
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 42802
2014-10-06 06:24:53 +00:00
Steven Barth
c2f510f2bd nftables: bump for bugfixes
SVN-Revision: 42698
2014-09-29 08:35:18 +00:00
Steven Barth
72e6e0b85b nftables: introduce experimental nftables
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 42598
2014-09-17 12:11:06 +00:00