[OE-core] [PATCH] iptables: Split the iptables modules into separate packages
Peter Kjellerstedt
peter.kjellerstedt at axis.com
Wed Dec 6 10:02:46 UTC 2017
By splitting the iptables modules into separate packages it is
possible to pick and choose the modules to install and thereby reduce
the total size of the installed modules.
Backwards compatibility is maintained by adding a recommendation of
iptables-modules, which is a meta package that depends on all the
generated packages.
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt at axis.com>
---
In our case we could save more than 1 MB by removing modules we do not
use.
meta/recipes-extended/iptables/iptables_1.6.1.bb | 43 +++++++++++++++++-------
1 file changed, 30 insertions(+), 13 deletions(-)
diff --git a/meta/recipes-extended/iptables/iptables_1.6.1.bb b/meta/recipes-extended/iptables/iptables_1.6.1.bb
index b37c55a64e..b6e6cbe8a3 100644
--- a/meta/recipes-extended/iptables/iptables_1.6.1.bb
+++ b/meta/recipes-extended/iptables/iptables_1.6.1.bb
@@ -7,17 +7,6 @@ LICENSE = "GPLv2+"
LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263\
file://iptables/iptables.c;beginline=13;endline=25;md5=c5cffd09974558cf27d0f763df2a12dc"
-RRECOMMENDS_${PN} = "kernel-module-x-tables \
- kernel-module-ip-tables \
- kernel-module-iptable-filter \
- kernel-module-iptable-nat \
- kernel-module-nf-defrag-ipv4 \
- kernel-module-nf-conntrack \
- kernel-module-nf-conntrack-ipv4 \
- kernel-module-nf-nat \
- kernel-module-ipt-masquerade"
-FILES_${PN} =+ "${libdir}/xtables/ ${datadir}/xtables"
-
SRC_URI = "http://netfilter.org/projects/iptables/files/iptables-${PV}.tar.bz2 \
file://types.h-add-defines-that-are-required-for-if_packet.patch \
file://0001-configure-Add-option-to-enable-disable-libnfnetlink.patch \
@@ -30,8 +19,8 @@ SRC_URI[sha256sum] = "0fc2d7bd5d7be11311726466789d4c65fb4c8e096c9182b56ce9744086
inherit autotools pkgconfig
-EXTRA_OECONF = "--with-kernel=${STAGING_INCDIR} \
- "
+EXTRA_OECONF = "--with-kernel=${STAGING_INCDIR}"
+
PACKAGECONFIG ?= "${@bb.utils.filter('DISTRO_FEATURES', 'ipv6', d)}"
PACKAGECONFIG[ipv6] = "--enable-ipv6,--disable-ipv6,"
@@ -47,3 +36,31 @@ do_configure_prepend() {
# Keep ax_check_linker_flags.m4 which belongs to autoconf-archive.
rm -f libtool.m4 lt~obsolete.m4 ltoptions.m4 ltsugar.m4 ltversion.m4
}
+
+PACKAGES += "${PN}-modules"
+PACKAGES_DYNAMIC += "^${PN}-module-.*"
+
+python populate_packages_prepend() {
+ modules = do_split_packages(d, '${libdir}/xtables', 'lib(.*)\.so$', '${PN}-module-%s', '${PN} module %s', extra_depends='')
+ if modules:
+ metapkg = d.getVar('PN') + '-modules'
+ d.appendVar('RDEPENDS_' + metapkg, ' ' + ' '.join(modules))
+}
+
+FILES_${PN} += "${datadir}/xtables"
+
+ALLOW_EMPTY_${PN}-modules = "1"
+
+RDEPENDS_${PN} = "iptables-module-xt-standard"
+RRECOMMENDS_${PN} = " \
+ ${PN}-modules \
+ kernel-module-x-tables \
+ kernel-module-ip-tables \
+ kernel-module-iptable-filter \
+ kernel-module-iptable-nat \
+ kernel-module-nf-defrag-ipv4 \
+ kernel-module-nf-conntrack \
+ kernel-module-nf-conntrack-ipv4 \
+ kernel-module-nf-nat \
+ kernel-module-ipt-masquerade \
+"
--
2.12.0
More information about the Openembedded-core
mailing list