Difuse/packages
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

strongswan: do not force to use iptable-legacy

Browse source 
The default firewall is the fw4, which uses nft. In order to not
install the legacy implementation when installing strongswan, the build
system should decide which firewall backend to use.

While we are at it, I have also added the dependency packages for IPV6.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
This commit is contained in:
Florian Eckert 2022-04-05 14:30:35 +02:00
parent ac670e8095
commit fdeaa02ccf
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
net/strongswan/Makefile
View file

@ -732,7 +732,7 @@ $(eval $(call BuildPlugin,stroke,Stroke,+strongswan-charon +strongswan-ipsec))
$(eval $(call BuildPlugin,test-vectors,crypto test vectors,)) $(eval $(call BuildPlugin,test-vectors,crypto test vectors,))
$(eval $(call BuildPlugin,uci,UCI config interface,+PACKAGE_strongswan-mod-uci:libuci)) $(eval $(call BuildPlugin,uci,UCI config interface,+PACKAGE_strongswan-mod-uci:libuci))
$(eval $(call BuildPlugin,unity,Cisco Unity extension,)) $(eval $(call BuildPlugin,unity,Cisco Unity extension,))
$(eval $(call BuildPlugin,updown,updown firewall,+iptables-legacy +iptables-mod-ipsec +kmod-ipt-ipsec)) $(eval $(call BuildPlugin,updown,updown firewall,+iptables +IPV6:ip6tables +iptables-mod-ipsec +kmod-ipt-ipsec))
$(eval $(call BuildPlugin,vici,Versatile IKE Configuration Interface,)) $(eval $(call BuildPlugin,vici,Versatile IKE Configuration Interface,))
$(eval $(call BuildPlugin,whitelist,peer identity whitelisting,)) $(eval $(call BuildPlugin,whitelist,peer identity whitelisting,))
$(eval $(call BuildPlugin,x509,x509 certificate,)) $(eval $(call BuildPlugin,x509,x509 certificate,))