From 82230772a13343d3feca3a08eb91b649c9eda4e9 Mon Sep 17 00:00:00 2001
From: Steven Barth <steven@midlink.org>
Date: Wed, 17 Sep 2014 12:11:06 +0000
Subject: [PATCH] nftables: introduce experimental nftables

Signed-off-by: Steven Barth <steven@midlink.org>

git-svn-id: svn://svn.openwrt.org/openwrt/trunk@42598 3c298f89-4303-0410-b956-a3cf2f4a3e73
---
 package/network/utils/nftables/Makefile            | 39 ++++++++++++++++++++++
 .../nftables/patches/100-no-interactive.patch      | 38 +++++++++++++++++++++
 2 files changed, 77 insertions(+)
 create mode 100644 package/network/utils/nftables/Makefile
 create mode 100644 package/network/utils/nftables/patches/100-no-interactive.patch

diff --git a/package/network/utils/nftables/Makefile b/package/network/utils/nftables/Makefile
new file mode 100644
index 0000000000..8fccc65cc6
--- /dev/null
+++ b/package/network/utils/nftables/Makefile
@@ -0,0 +1,39 @@
+# Copyright (C) 2014 OpenWrt.org
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=nftables
+PKG_VERSION:=0.3+2014-09-11
+PKG_RELEASE:=1
+
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
+PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)
+PKG_SOURCE_URL:=git://git.netfilter.org/nftables
+PKG_SOURCE_PROTO:=git
+PKG_SOURCE_VERSION:=ae355b89e7b74c28de753bf2878a8e189030ad47
+PKG_MAINTAINER:=Steven Barth <steven@midlink.org>
+
+PKG_FIXUP:=autoreconf
+
+include $(INCLUDE_DIR)/package.mk
+
+define Package/nftables
+  SECTION:=net
+  CATEGORY:=Network
+  SUBMENU:=Firewall
+  TITLE:=nftables packet filtering userspace utility
+  DEPENDS:=+kmod-nft-core +kmod-nft-nat +libnftnl +libgmp
+  URL:=http://netfilter.org/projects/nftables/
+endef
+
+
+define Package/nftables/install
+	$(INSTALL_DIR) $(1)/usr/sbin
+	$(CP) $(PKG_BUILD_DIR)/src/nft $(1)/usr/sbin/
+endef
+
+$(eval $(call BuildPackage,nftables))
diff --git a/package/network/utils/nftables/patches/100-no-interactive.patch b/package/network/utils/nftables/patches/100-no-interactive.patch
new file mode 100644
index 0000000000..47eb32c1c8
--- /dev/null
+++ b/package/network/utils/nftables/patches/100-no-interactive.patch
@@ -0,0 +1,38 @@
+--- a/src/Makefile.in
++++ b/src/Makefile.in
+@@ -3,7 +3,6 @@ PROGRAMS		+= nft
+ nft-destdir		:= @sbindir@
+ 
+ nft-obj			+= main.o
+-nft-obj			+= cli.o
+ nft-obj			+= rule.o
+ nft-obj			+= statement.o
+ nft-obj			+= datatype.o
+--- a/src/main.c
++++ b/src/main.c
+@@ -334,7 +334,7 @@ int main(int argc, char * const *argv)
+ 		if (scanner_read_file(scanner, filename, &internal_location) < 0)
+ 			goto out;
+ 	} else if (interactive) {
+-		cli_init(&state);
++		fprintf(stderr, "%s: interactive mode not supported\n", argv[0]);
+ 		return 0;
+ 	} else {
+ 		fprintf(stderr, "%s: no command specified\n", argv[0]);
+--- a/configure.ac
++++ b/configure.ac
+@@ -71,13 +71,11 @@ AC_CHECK_LIB([nftnl], [nft_rule_alloc],
+ AC_CHECK_LIB([gmp], [__gmpz_init], ,
+ 	     AC_MSG_ERROR([No suitable version of libgmp found]))
+ 
+-AC_CHECK_LIB([readline], [readline], ,
+-	     AC_MSG_ERROR([No suitable version of libreadline found]))
+ 
+ # Checks for header files.
+ AC_HEADER_STDC
+ AC_HEADER_ASSERT
+-AC_CHECK_HEADERS([arpa/inet.h fcntl.h inttypes.h libintl.h limits.h malloc.h \
++AC_CHECK_HEADERS([arpa/inet.h fcntl.h inttypes.h limits.h malloc.h \
+ 		  netdb.h netinet/in.h netinet/ip.h netinet/ip6.h \
+ 		  netinet/tcp.h netinet/udp.h netinet/ip_icmp.h \
+ 		  stddef.h stdint.h stdlib.h string.h unistd.h], ,
-- 
2.11.0