pyrox.dev / nixpkgs
lol
fork atom
nixpkgs / pkgs / os-specific / linux / iptables / default.nix
at 23.11-beta 60 lines 1.9 kB view raw
1{ lib, stdenv, fetchurl 2, autoreconfHook, pkg-config, pruneLibtoolFiles, flex, bison 3, libmnl, libnetfilter_conntrack, libnfnetlink, libnftnl, libpcap 4, nftablesCompat ? true 5, gitUpdater 6}: 7 8stdenv.mkDerivation rec { 9 version = "1.8.10"; 10 pname = "iptables"; 11 12 src = fetchurl { 13 url = "https://www.netfilter.org/projects/${pname}/files/${pname}-${version}.tar.xz"; 14 sha256 = "XMJVwYk1bjF9BwdVzpNx62Oht4PDRJj7jDAmTzzFnJw="; 15 }; 16 17 outputs = [ "out" "dev" "man" ]; 18 19 nativeBuildInputs = [ 20 autoreconfHook pkg-config pruneLibtoolFiles flex bison 21 ]; 22 23 buildInputs = [ libmnl libnetfilter_conntrack libnfnetlink libnftnl libpcap ]; 24 25 configureFlags = [ 26 "--enable-bpf-compiler" 27 "--enable-devel" 28 "--enable-libipq" 29 "--enable-nfsynproxy" 30 "--enable-shared" 31 ] ++ lib.optional (!nftablesCompat) "--disable-nftables"; 32 33 enableParallelBuilding = true; 34 35 postInstall = lib.optionalString nftablesCompat '' 36 rm $out/sbin/{iptables,iptables-restore,iptables-save,ip6tables,ip6tables-restore,ip6tables-save} 37 ln -sv xtables-nft-multi $out/bin/iptables 38 ln -sv xtables-nft-multi $out/bin/iptables-restore 39 ln -sv xtables-nft-multi $out/bin/iptables-save 40 ln -sv xtables-nft-multi $out/bin/ip6tables 41 ln -sv xtables-nft-multi $out/bin/ip6tables-restore 42 ln -sv xtables-nft-multi $out/bin/ip6tables-save 43 ''; 44 45 passthru = { 46 updateScript = gitUpdater { 47 url = "https://git.netfilter.org/iptables"; 48 rev-prefix = "v"; 49 }; 50 }; 51 52 meta = with lib; { 53 description = "A program to configure the Linux IP packet filtering ruleset"; 54 homepage = "https://www.netfilter.org/projects/iptables/index.html"; 55 platforms = platforms.linux; 56 maintainers = with maintainers; [ fpletz ]; 57 license = licenses.gpl2; 58 downloadPage = "https://www.netfilter.org/projects/iptables/files/"; 59 }; 60}