package/iptables: add nf_log.h

iptables generally bundles the netfilter header files inside its own
tar-ball.

Since iptables 1.8.8, it started to make use of netfilter/nf_log.h, but
didn't include it in the iptables tar-ball. This can lead to build
failures.

Add a patch that rectifies this for iptables 1.8.8.

Signed-off-by: Markus Mayer <mmayer@broadcom.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/iptables/0003-netfilter-add-nf_log.h.patch

@@ -0,0 +1,38 @@
+From 15ea3fa147dea25d8cae3c2ac417142f2e0f029e Mon Sep 17 00:00:00 2001
+From: Markus Mayer <mmayer@broadcom.com>
+To: Netfilter Mailing List <netfilter-devel@vger.kernel.org>
+Date: Thu, 16 Jun 2022 15:29:58 -0700
+Subject: [PATCH] netfilter: add nf_log.h
+
+Since libxt_NFLOG is now using the UAPI version of nf_log.h, it should
+be bundled alongside the other netfilter kernel headers.
+
+This copy of nf_log.h was taken from Linux 5.18.
+
+Signed-off-by: Markus Mayer <mmayer@broadcom.com>
+Upstream: https://git.netfilter.org/iptables/commit/?id=9ea7e6aa638d0dfa14613f6f97e6dc06c857e609
+---
+diff --git a/include/linux/netfilter/nf_log.h b/include/linux/netfilter/nf_log.h
+new file mode 100644
+index 000000000000..2ae00932d3d2
+--- /dev/null
++++ b/include/linux/netfilter/nf_log.h
+@@ -0,0 +1,15 @@
++/* SPDX-License-Identifier: GPL-2.0 WITH Linux-syscall-note */
++#ifndef _NETFILTER_NF_LOG_H
++#define _NETFILTER_NF_LOG_H
++
++#define NF_LOG_TCPSEQ		0x01	/* Log TCP sequence numbers */
++#define NF_LOG_TCPOPT		0x02	/* Log TCP options */
++#define NF_LOG_IPOPT		0x04	/* Log IP options */
++#define NF_LOG_UID		0x08	/* Log UID owning local socket */
++#define NF_LOG_NFLOG		0x10	/* Unsupported, don't reuse */
++#define NF_LOG_MACDECODE	0x20	/* Decode MAC header */
++#define NF_LOG_MASK		0x2f
++
++#define NF_LOG_PREFIXLEN	128
++
++#endif /* _NETFILTER_NF_LOG_H */
+-- 
+2.25.1
+