# Template file for 'iptables'
pkgname=iptables
version=1.4.13
homepage="http://www.iptables.org"
distfiles="$homepage/projects/iptables/files/$pkgname-$version.tar.bz2"
build_style=gnu-configure
configure_args="--enable-devel --enable-libipq --enable-shared --enable-static"
short_desc="Linux IPv[46] packet filtering ruleset"
maintainer="Juan RP <xtraeme@gmail.com>"
homepage="http://www.netfilter.org/"
license="GPL-2"
checksum=321e2600fc4541a958e44cafd85a42864b0035404097e0f2e082d474029b9ded
long_desc="
 iptables is the userspace command line program used to configure the Linux
 IPv4 packet filtering ruleset. It is targeted towards system administrators.

 Since Network Address Translation is also configured from the packet filter
 ruleset, iptables is used for this, too.

 The iptables package also includes ip6tables. ip6tables is used for
 configuring the IPv6 packet filter."

subpackages="$pkgname-devel"

pre_configure() {
	# Fix build with kernel-libc-headers >= 3.2
	sed -i '/if_packet/i#define __aligned_u64 __u64 __attribute__((aligned(8)))' \
		extensions/libxt_pkttype.c
	sed -i '87 i libxt_RATEEST.so: libxt_RATEEST.oo' extensions/GNUmakefile.in
	sed -i '88 i \\t${AM_VERBOSE_CCLD} ${CCLD} ${AM_LDFLAGS} -lm -shared ${LDFLAGS} -o $@ $<;\n' \
		extensions/GNUmakefile.in
}

post_install() {
	vinstall ${FILESDIR}/iptables.service 644 lib/systemd/system
	vinstall ${FILESDIR}/ip6tables.service 644 lib/systemd/system
	vinstall ${FILESDIR}/iptables-flush.scripts 755 \
		lib/systemd/scripts iptables-flush

	for f in empty.rules simple_firewall.rules; do
		vinstall ${FILESDIR}/${f} 644 etc/iptables
	done
	for f in filter mangle nat raw security; do
		vinstall ${FILESDIR}/empty-${f}.rules 644 \
			var/lib/iptables empty-${f}.rules
	done
}