[Buildroot] [PATCH 3/3] dnsmasq: add option to support conntrack
Gustavo Zacarias
gustavo at zacarias.com.ar
Mon Mar 19 12:17:50 UTC 2012
Add an option to support conntrack marking of DNS packets.
This allows for more sturdy firewall setups and/or accounting.
Signed-off-by: Gustavo Zacarias <gustavo at zacarias.com.ar>
---
package/dnsmasq/Config.in | 6 ++++++
package/dnsmasq/dnsmasq.mk | 12 ++++++++++++
2 files changed, 18 insertions(+), 0 deletions(-)
diff --git a/package/dnsmasq/Config.in b/package/dnsmasq/Config.in
index f434b8b..fa2499e 100644
--- a/package/dnsmasq/Config.in
+++ b/package/dnsmasq/Config.in
@@ -35,4 +35,10 @@ config BR2_PACKAGE_DNSMASQ_LUA
help
Enable lua scripting for dnsmasq
+config BR2_PACKAGE_DNSMASQ_CONNTRACK
+ bool "conntrack marking support"
+ select BR2_PACKAGE_LIBNETFILTER_CONNTRACK
+ help
+ Enable DNS query connection marking in netfilter.
+
endif
diff --git a/package/dnsmasq/dnsmasq.mk b/package/dnsmasq/dnsmasq.mk
index c1995a0..205921f 100644
--- a/package/dnsmasq/dnsmasq.mk
+++ b/package/dnsmasq/dnsmasq.mk
@@ -28,6 +28,17 @@ ifeq ($(BR2_PACKAGE_DNSMASQ_IDN),y)
DNSMASQ_MAKE_OPT += LDFLAGS+="-lintl -lidn"
endif
+ifeq ($(BR2_PACKAGE_DNSMASQ_CONNTRACK),y)
+ DNSMASQ_DEPENDENCIES += host-pkg-config libnetfilter_conntrack
+endif
+
+ifeq ($(BR2_PACKAGE_DNSMASQ_CONNTRACK),y)
+define DNSMASQ_ENABLE_CONNTRACK
+ $(SED) 's^.*#define HAVE_CONNTRACK.*^#define HAVE_CONNTRACK^' \
+ $(DNSMASQ_DIR)/src/config.h
+endef
+endif
+
ifeq ($(BR2_PACKAGE_DNSMASQ_LUA),y)
DNSMASQ_DEPENDENCIES += lua
DNSMASQ_MAKE_OPT += LDFLAGS+="-ldl"
@@ -70,6 +81,7 @@ define DNSMASQ_BUILD_CMDS
$(DNSMASQ_FIX_PKGCONFIG)
$(DNSMASQ_ENABLE_DBUS)
$(DNSMASQ_ENABLE_LUA)
+ $(DNSMASQ_ENABLE_CONNTRACK)
$(DNSMASQ_MAKE_ENV) $(MAKE) -C $(@D) $(DNSMASQ_MAKE_OPT)
endef
--
1.7.3.4
More information about the buildroot
mailing list