Added support to install some 'nft' scripts under
'${sysconfdir}/nftables', typically '/etc/nftables'.
Signed-off-by: Giorgio Dal Molin <giorgio.nicole@arcor.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
13 files changed:
SUBDIRS = src \
include \
- doc
+ doc \
+ files
include/linux/Makefile \
include/linux/netfilter/Makefile \
doc/Makefile \
+ files/Makefile \
+ files/nftables/Makefile \
])
AC_OUTPUT
--- /dev/null
+SUBDIRS = nftables
+++ /dev/null
-install:
- @echo -e " INSTALL\tfiles"
- $(MKDIR_P) $(DESTDIR)/$(confdir)
- $(INSTALL) -m 755 -p $(SUBDIR)nftables/* $(DESTDIR)/$(confdir)/
- $(SED) -i "s~#\! nft~#\!@sbindir@/nft~" $(DESTDIR)/$(confdir)/*
--- /dev/null
+
+pkgsysconfdir = ${sysconfdir}/nftables
+dist_pkgsysconf_DATA = bridge-filter \
+ inet-filter \
+ ipv4-filter \
+ ipv4-mangle \
+ ipv4-nat \
+ ipv6-filter \
+ ipv6-mangle \
+ ipv6-nat
+
+install-data-hook:
+ ${SED} -i 's|@sbindir[@]|${sbindir}/|g' ${DESTDIR}${pkgsysconfdir}/*
-#! nft -f
+#! @sbindir@nft -f
table bridge filter {
chain input { type filter hook input priority -200; }
-#! nft -f
+#! @sbindir@nft -f
table inet filter {
chain input { type filter hook input priority 0; }
-#! nft -f
+#! @sbindir@nft -f
table filter {
chain input { type filter hook input priority 0; }
-#! nft -f
+#! @sbindir@nft -f
table mangle {
chain output { type route hook output priority -150; }
-#! nft -f
+#! @sbindir@nft -f
table nat {
chain prerouting { type nat hook prerouting priority -150; }
-#! nft -f
+#! @sbindir@nft -f
table ip6 filter {
chain input { type filter hook input priority 0; }
-#! nft -f
+#! @sbindir@nft -f
table ip6 mangle {
chain output { type route hook output priority -150; }
-#! nft -f
+#! @sbindir@nft -f
table ip6 nat {
chain prerouting { type nat hook prerouting priority -150; }
projects / thirdparty / nftables.git / commitdiff
