Optimized iptables

adblockplus · Jun 1, 2012 · 77df31a · 77df31a
1 parent c58ef0e
commit 77df31a
Show file tree

Hide file tree

Showing 2 changed files with 44 additions and 19 deletions.
diff --git a/assets/install/iptables b/assets/install/iptables
diff --git a/iptables.patch b/iptables.patch
@@ -1,4 +1,4 @@
-diff -u -r --unidirectional-new-file android-source/external/iptables/Android.mk iptables/Android.mk
+diff -u -r --unidirectional-new-file '--exclude=libxt_*.c' '--exclude=libipt_*.c' '--exclude=libip6t_*.c' android-source/external/iptables/Android.mk iptables/Android.mk
 --- android-source/external/iptables/Android.mk	2012-05-30 14:16:39.408709076 +0400
 +++ iptables/Android.mk	2012-05-30 18:50:01.378032668 +0400
 @@ -1,5 +1,3 @@
@@ -7,18 +7,25 @@ diff -u -r --unidirectional-new-file android-source/external/iptables/Android.mk
  LOCAL_PATH:= $(call my-dir)
 
  include $(call all-subdir-makefiles)
-diff -u -r --unidirectional-new-file android-source/external/iptables/build-iptables.sh iptables/build-iptables.sh
---- android-source/external/iptables/build-iptables.sh	1970-01-01 03:00:00.000000000 +0300
-+++ iptables/build-iptables.sh	2012-05-31 11:25:18.739892204 +0400
-@@ -0,0 +1,4 @@
-+#/bin/sh
-+
-+python extensions/fixinit.py
-+ndk-build NDK_PROJECT_PATH=. APP_BUILD_SCRIPT=./Android.mk
-diff -u -r --unidirectional-new-file android-source/external/iptables/extensions/Android.mk iptables/extensions/Android.mk
+diff -u -r --unidirectional-new-file '--exclude=libxt_*.c' '--exclude=libipt_*.c' '--exclude=libip6t_*.c' android-source/external/iptables/extensions/Android.mk iptables/extensions/Android.mk
 --- android-source/external/iptables/extensions/Android.mk	2012-05-30 14:16:39.411709447 +0400
-+++ iptables/extensions/Android.mk	2012-05-31 11:28:15.873306310 +0400
-@@ -46,7 +46,8 @@
++++ iptables/extensions/Android.mk	2012-06-01 12:24:42.946696872 +0400
+@@ -4,7 +4,13 @@
+
+ MY_srcdir:=$(LOCAL_PATH)
+ # Exclude some modules that are problematic to compile (types/header).
+-MY_excluded_modules:=TCPOPTSTRIP
++MY_excluded_modules:=TCPOPTSTRIP MIRROR LOG TTL NETMAP ULOG MASQUERADE icmp ecn SAME realm \
++	SNAT CLUSTERIP ah ECN unclean addrtype ttl dscp NFQUEUE NFLOG physdev TEE CONNSECMARK \
++	SECMARK string recent hashlimit cpu CT sctp AUDIT osf connmark CONNMARK conntrack \
++	quota2 quota TRACE policy u32 udp cluster tos CLASSIFY comment TPROXY RATEEST time \
++	set mark MARK IDLETIMER state devgroup limit LED connlimit pkttype TCPMSS TOS esp \
++	CHECKSUM socket statistic connbytes NOTRACK DSCP iprange length tcpmss mac rateest \
++	helper
+
+ MY_pfx_build_mod := $(patsubst ${MY_srcdir}/libxt_%.c,%,$(wildcard ${MY_srcdir}/libxt_*.c))
+ MY_pf4_build_mod := $(patsubst ${MY_srcdir}/libipt_%.c,%,$(wildcard ${MY_srcdir}/libipt_*.c))
+@@ -46,7 +52,8 @@
 
  MY_initext_func := $(addprefix xt_,${MY_pfx_build_mod})
  MY_GEN_INITEXT:= $(MY_intermediates)/initext.c
@@ -28,7 +35,7 @@ diff -u -r --unidirectional-new-file android-source/external/iptables/extensions
  	@mkdir -p $(dir $@)
  	@( \
  	echo "" >$@; \
-@@ -76,7 +77,7 @@
+@@ -76,7 +83,7 @@
 
  $(MY_intermediates)/initext.o : $(MY_GEN_INITEXT) $(MY_gen_lib_sources)
 
@@ -37,7 +44,7 @@ diff -u -r --unidirectional-new-file android-source/external/iptables/extensions
 
  include $(BUILD_STATIC_LIBRARY)
 
-@@ -109,7 +110,8 @@
+@@ -109,7 +116,8 @@
 
  MY_initext4_func  := $(addprefix ipt_,${MY_pf4_build_mod})
  MY_GEN_INITEXT4:= $(MY_intermediates)/initext4.c
@@ -47,7 +54,7 @@ diff -u -r --unidirectional-new-file android-source/external/iptables/extensions
  	@mkdir -p $(dir $@)
  	@( \
  	echo "" >$@; \
-@@ -139,7 +141,7 @@
+@@ -139,7 +147,7 @@
 
  $(MY_intermediates)/initext4.o : $(MY_GEN_INITEXT4) $(MY_gen_lib_sources)
 
@@ -56,18 +63,17 @@ diff -u -r --unidirectional-new-file android-source/external/iptables/extensions
 
  include $(BUILD_STATIC_LIBRARY)
 
-@@ -172,7 +174,9 @@
+@@ -172,7 +180,8 @@
 
  MY_initext6_func := $(addprefix ip6t_,${MY_pf6_build_mod})
  MY_GEN_INITEXT6:= $(MY_intermediates)/initext6.c
 -$(MY_GEN_INITEXT6):
 +LOCAL_GEN_INITEXT6:= $(LOCAL_PATH)/$(MY_GEN_INITEXT6)
 +$(LOCAL_GEN_INITEXT6):
-+	echo $(dir $@)
  	@mkdir -p $(dir $@)
  	@( \
  	echo "" >$@; \
-@@ -202,7 +206,7 @@
+@@ -202,7 +211,7 @@
 
  $(MY_intermediates)/initext6.o : $(MY_GEN_INITEXT6) $(MY_gen_lib_sources)
 
@@ -76,7 +82,7 @@ diff -u -r --unidirectional-new-file android-source/external/iptables/extensions
 
  include $(BUILD_STATIC_LIBRARY)
 
-diff -u -r --unidirectional-new-file android-source/external/iptables/extensions/fixinit.py iptables/extensions/fixinit.py
+diff -u -r --unidirectional-new-file '--exclude=libxt_*.c' '--exclude=libipt_*.c' '--exclude=libip6t_*.c' android-source/external/iptables/extensions/fixinit.py iptables/extensions/fixinit.py
 --- android-source/external/iptables/extensions/fixinit.py	1970-01-01 03:00:00.000000000 +0300
 +++ iptables/extensions/fixinit.py	2012-05-31 00:35:59.927307126 +0400
 @@ -0,0 +1,31 @@
@@ -111,3 +117,22 @@ diff -u -r --unidirectional-new-file android-source/external/iptables/extensions
 +if __name__=="__main__":
 +    main()
 +
+diff -u -r --unidirectional-new-file '--exclude=libxt_*.c' '--exclude=libipt_*.c' '--exclude=libip6t_*.c' android-source/external/iptables/Makefile iptables/Makefile
+--- android-source/external/iptables/Makefile	1970-01-01 03:00:00.000000000 +0300
++++ iptables/Makefile	2012-06-01 11:48:49.180876859 +0400
+@@ -0,0 +1,15 @@
++all:	fixextensions build release 
++
++clean:
++	rm extensions/initext*
++	rm -rf obj/
++
++fixextensions:
++	python extensions/fixinit.py
++
++build:
++	ndk-build NDK_PROJECT_PATH=. APP_BUILD_SCRIPT=./Android.mk
++
++release:
++	strip obj/local/armeabi/iptables
++	strip obj/local/armeabi/ip6tables