package/connman: add iptables/nftables selection

This allows to use nftables instead of the default iptables. Signed-off-by: Petr Vorel <petr.vorel@gmail.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-02-28 00:29:54 +01:00 · 2020-02-28 00:29:54 +01:00 · ba0c0e5281
commit ba0c0e5281
parent c121114ad2
2 changed files with 29 additions and 1 deletions
--- a/package/connman/Config.in
+++ b/package/connman/Config.in
@ -8,7 +8,6 @@ config BR2_PACKAGE_CONNMAN
 	depends on !BR2_TOOLCHAIN_USES_MUSL # missing res_ninit()
 	select BR2_PACKAGE_DBUS
 	select BR2_PACKAGE_LIBGLIB2
-	select BR2_PACKAGE_IPTABLES
 	help
 	  The Connection Manager (ConnMan) project provides a daemon
 	  for managing internet connections within embedded devices
@ -18,6 +17,27 @@ config BR2_PACKAGE_CONNMAN

 if BR2_PACKAGE_CONNMAN

+choice
+	prompt "Firewall type"
+	default BR2_PACKAGE_CONNMAN_IPTABLES
+	help
+	  Select which firewall type is used.
+
+config BR2_PACKAGE_CONNMAN_IPTABLES
+	bool "iptables"
+	select BR2_PACKAGE_IPTABLES
+	help
+	  Use iptables as firewall.
+
+config BR2_PACKAGE_CONNMAN_NFTABLES
+	bool "nftables"
+	depends on BR2_USE_WCHAR
+	depends on BR2_TOOLCHAIN_HEADERS_AT_LEAST_3_12
+	select BR2_PACKAGE_NFTABLES
+	help
+	  Use nftables as firewall.
+endchoice
+
 config BR2_PACKAGE_CONNMAN_ETHERNET
 	bool "enable Ethernet support"
 	default y
--- a/package/connman/connman.mk
+++ b/package/connman/connman.mk
@ -36,6 +36,14 @@ else
 CONNMAN_CONF_OPTS += --disable-ethernet
 endif

+ifeq ($(BR2_PACKAGE_CONNMAN_IPTABLES),y)
+CONNMAN_CONF_OPTS += --with-firewall=iptables
+CONNMAN_DEPENDENCIES += iptables
+else ifeq ($(BR2_PACKAGE_CONNMAN_NFTABLES),y)
+CONNMAN_CONF_OPTS += --with-firewall=nftables
+CONNMAN_DEPENDENCIES += nftables
+endif
+
 ifeq ($(BR2_PACKAGE_CONNMAN_LOOPBACK),y)
 CONNMAN_CONF_OPTS += --enable-loopback
 else