add new package nftables

package/libnftnl/Makefile

@@ -0,0 +1,25 @@
+# This file is part of the OpenADK project. OpenADK is copyrighted
+# material, please see the LICENCE file in the top-level directory.
+
+include $(ADK_TOPDIR)/rules.mk
+
+PKG_NAME:=		libnftnl
+PKG_VERSION:=		1.3.1
+PKG_RELEASE:=		1
+PKG_HASH:=		607da28dba66fbdeccf8ef1395dded9077e8d19f2995f9a4d45a9c2f0bcffba8
+PKG_DESCR:=		low-level netlink programming interface to the in-kernel nf_tables subsystem
+PKG_SECTION:=		libs/misc
+PKG_URL:=		https://www.netfilter.org/projects/libnftnl/index.html
+PKG_SITES:=		https://www.netfilter.org/projects/libnftnl/files/
+PKG_OPTS:=		dev
+
+include $(ADK_TOPDIR)/mk/package.mk
+
+$(eval $(call PKG_template,LIBNFTNL,libnftnl,$(PKG_VERSION)-$(PKG_RELEASE),$(PKG_DEPENDS),$(PKG_DESCR),$(PKG_SECTION),$(PKG_OPTS)))
+
+libnftnl-install:
+	$(INSTALL_DIR) $(IDIR_LIBNFTNL)/usr/lib
+	$(CP) $(WRKINST)/usr/lib/libnftnl*.so* \
+		$(IDIR_LIBNFTNL)/usr/lib
+
+include $(ADK_TOPDIR)/mk/pkg-bottom.mk

package/nftables/Makefile

@@ -0,0 +1,33 @@
+# This file is part of the OpenADK project. OpenADK is copyrighted
+# material, please see the LICENCE file in the top-level directory.
+
+include $(ADK_TOPDIR)/rules.mk
+
+PKG_NAME:=		nftables
+PKG_VERSION:=		1.1.6
+PKG_RELEASE:=		1
+PKG_HASH:=		372931bda8556b310636a2f9020adc710f9bab66f47efe0ce90bff800ac2530c
+PKG_DESCR:=		firewall framework utils for linux
+PKG_SECTION:=		net/firewall
+PKG_DEPENDS:=		libmnl libnftnl libgmp libreadline libncurses
+PKG_KDEPENDS:=		nf-conntrack nf-tables nf-nat
+PKG_BUILDDEP:=		libmnl libnftnl gmp readline ncurses
+PKG_URL:=		https://www.netfilter.org
+PKG_SITES:=		https://www.netfilter.org/projects/nftables/files/
+
+include $(ADK_TOPDIR)/mk/package.mk
+
+$(eval $(call PKG_template,NFTABLES,nftables,$(PKG_VERSION)-$(PKG_RELEASE),$(PKG_DEPENDS),$(PKG_DESCR),$(PKG_SECTION)))
+
+TARGET_LDFLAGS+=	-ltinfow
+CONFIGURE_ARGS+=	--with-cli=readline
+
+nftables-install:
+	$(INSTALL_DIR) $(IDIR_NFTABLES)/usr/lib
+	$(CP) $(WRKINST)/usr/lib/libnftables.so.* \
+		$(IDIR_NFTABLES)/usr/lib
+	$(INSTALL_DIR) $(IDIR_NFTABLES)/usr/sbin
+	$(INSTALL_BIN) $(WRKINST)/usr/sbin/nft \
+		$(IDIR_NFTABLES)/usr/sbin
+
+include $(ADK_TOPDIR)/mk/pkg-bottom.mk

target/linux/config/Config.in.netfilter

@@ -13,6 +13,17 @@ config ADK_LINUX_KERNEL_NETFILTER_ADVANCED
 config ADK_LINUX_KERNEL_BRIDGE_NETFILTER
 	bool
 
+config ADK_LINUX_KERNEL_NF_DEFRAG_IPV4
+	tristate
+
+config ADK_LINUX_KERNEL_NF_DEFRAG_IPV6
+	tristate
+
+config ADK_LINUX_KERNEL_NETFILTER_NETLINK
+	select ADK_LINUX_KERNEL_NETFILTER
+	select ADK_LINUX_KERNEL_NETFILTER_ADVANCED
+	tristate
+
 config ADK_LINUX_KERNEL_NETFILTER_XTABLES
 	tristate
 	select ADK_LINUX_KERNEL_NETFILTER

target/linux/config/Config.in.netfilter.core

@@ -3,16 +3,14 @@
 
 config ADK_LINUX_KERNEL_NF_CONNTRACK
 	tristate 'Netfilter connection tracking support'
-	select ADK_LINUX_KERNEL_NETFILTER_XTABLES
+	select ADK_LINUX_KERNEL_NF_DEFRAG_IPV4
+	select ADK_LINUX_KERNEL_NF_DEFRAG_IPV6
 	default n
 	help
 	  Connection tracking keeps a record of what packets have passed
 	  through your machine, in order to figure out how they are related
 	  into connections.
 
-	  Layer 3 independent connection tracking is experimental scheme
-	  which generalize ip_conntrack to support other layer 3 protocols.
-
 menu "Netfilter connection tracking support for special protocols"
 depends on ADK_LINUX_KERNEL_NF_CONNTRACK
 
@@ -127,6 +125,19 @@ config ADK_LINUX_KERNEL_NF_CONNTRACK_SIP
 
 endmenu
 
+config ADK_LINUX_KERNEL_NF_TABLES
+	tristate "Netfilter nf_tables support"
+	select ADK_LINUX_KERNEL_NETFILTER_NETLINK
+	help
+	  nftables is the new packet classification framework that intends to
+	  replace the existing {ip,ip6,arp,eb}_tables infrastructure. It
+	  provides a pseudo-state machine with an extensible instruction-set
+	  (also known as expressions) that the userspace 'nft' utility
+	  (https://www.netfilter.org/projects/nftables) uses to build the
+	  rule-set. It also comes with the generic set infrastructure that
+	  allows you to construct mappings between matchings and actions
+	  for performance lookups.
+
 config ADK_LINUX_KERNEL_NETFILTER_NETLINK_LOG
 	tristate 'Netfilter LOG over NFNETLINK interface'
 	help