forked from freifunk-franken/firmware
Fabian Bläse
86c893161f
When switching from ebtables to nftables, the --logical-in and
--logical-out selectors of some rules were missed. This might have been
caused by kmod-nft-bridge not being installed, which is required for the
ibrname and obrname selectors, so it is possible that the migration
(using ebtables-nft) did not apply these selectors.
Add the ibrname and obrname selectors and add the required kernel
module.
Fixes: #315
Fixes: 157fa4eac5 ("fff-firewall: Switch from ip/ebtables to nftables")
Reported-by: Robert Langhammer <rlanghammer@web.de>
Signed-off-by: Fabian Bläse <fabian@blaese.de>
Tested-by: Robert Langhammer <rlanghammer@web.de>
31 lines
587 B
Makefile
31 lines
587 B
Makefile
include $(TOPDIR)/rules.mk
|
|
|
|
PKG_NAME:=fff-firewall
|
|
PKG_RELEASE:=$(COMMITCOUNT)
|
|
|
|
include $(INCLUDE_DIR)/package.mk
|
|
|
|
define Package/$(PKG_NAME)
|
|
SECTION:=base
|
|
CATEGORY:=Freifunk
|
|
TITLE:=Freifunk-Franken firewall
|
|
URL:=https://www.freifunk-franken.de
|
|
DEPENDS:=+kmod-nft-bridge \
|
|
+nftables
|
|
endef
|
|
|
|
define Package/$(PKG_NAME)/description
|
|
This is the firewall for the Freifunk Franken Firmware
|
|
It is used to configure firewall.
|
|
endef
|
|
|
|
define Build/Compile
|
|
# nothing
|
|
endef
|
|
|
|
define Package/$(PKG_NAME)/install
|
|
$(CP) ./files/* $(1)/
|
|
endef
|
|
|
|
$(eval $(call BuildPackage,$(PKG_NAME)))
|