From 917b5c1fd9db540b74f66a47488f21b191e163b6 Mon Sep 17 00:00:00 2001
From: David Black <david8black@gmail.com>
Date: Sun, 21 Apr 2013 15:49:15 +0100
Subject: [PATCH] REFRESH pls (as a precaution): build iptables via
 googlesource.com for com.googlecode.droidwall

---
 metadata/com.googlecode.droidwall.txt         |  11 +-
 .../com.googlecode.droidwall/iptables.patch   | 119 ++++++++++++++++++
 2 files changed, 125 insertions(+), 5 deletions(-)
 create mode 100644 metadata/com.googlecode.droidwall/iptables.patch

diff --git a/metadata/com.googlecode.droidwall.txt b/metadata/com.googlecode.droidwall.txt
index a00c24b7ae..b5b47636ca 100644
--- a/metadata/com.googlecode.droidwall.txt
+++ b/metadata/com.googlecode.droidwall.txt
@@ -24,13 +24,14 @@ Requires Root:Yes
 Repo Type:svn
 Repo:http://droidwall.googlecode.com/svn/tags/v1.5.7
 
-Build Version:1.5.7,157,!/bin/sh: 1: ./extensions/create_initext4: Permission Denied 250,target=android-8,\
-srclibs=Busybox@83785f0,prebuild=rm -rf res/raw/busybox_g1 res/raw/iptables_armv5 \
-external/busybox external/iptables/extensions/initext* external/iptables/obj/ && \
+Build Version:1.5.7,157,250,target=android-8,init=\
+rm -rf external/iptables && cd external && \
+git clone https://android.googlesource.com/platform/external/iptables,\
+patch=iptables.patch,srclibs=Busybox@83785f0;BusyboxConfigs@bd2bf4f3,prebuild=\
+rm -rf res/raw/busybox_g1 res/raw/iptables_armv5 external/busybox && \
 sed -i 's/android:minSdkVersion=\"3\"/android:minSdkVersion=\"4\" \
 android:maxSdkVersion=\"10\"/g' AndroidManifest.xml && \
-wget https://raw.github.com/tias/android-busybox-ndk/bd2bf4f384350a2bb2f8144401\
-2a882ddd48662a/android_ndk_defconfigPlus -O $$Busybox$$/.config,build=\
+cp $$BusyboxConfigs$$/android_ndk_defconfigPlus $$Busybox$$/.config,build=\
 export PATH=$$NDK$$/toolchains/arm-linux-androideabi-4.4.3/prebuilt/linux-x86/bin:$PATH && \
 make CONFIG_SYSROOT="$$NDK$$/platforms/android-9/arch-arm" -C $$Busybox$$ && \
 mv $$Busybox$$/busybox res/raw/busybox_g1 && \
diff --git a/metadata/com.googlecode.droidwall/iptables.patch b/metadata/com.googlecode.droidwall/iptables.patch
new file mode 100644
index 0000000000..1722077de0
--- /dev/null
+++ b/metadata/com.googlecode.droidwall/iptables.patch
@@ -0,0 +1,119 @@
+diff --git a/external/iptables/Android.mk b/external/iptables/Android.mk
+--- a/external/iptables/Android.mk	2012-05-30 14:16:39.408709076 +0400
++++ b/external/iptables/Android.mk	2012-05-30 18:50:01.378032668 +0400
+@@ -1,5 +1,3 @@
+-BUILD_IPTABLES_V14 := 1
+-
+ LOCAL_PATH:= $(call my-dir)
+ 
+ include $(call all-subdir-makefiles)
+diff --git a/external/iptables/extensions/Android.mk b/external/iptables/extensions/Android.mk
+--- a/external/iptables/extensions/Android.mk	2012-05-30 14:16:39.411709447 +0400
++++ b/external/iptables/extensions/Android.mk	2012-06-01 12:24:42.946696872 +0400
+@@ -4,7 +4,13 @@
+ 
+ MY_srcdir:=$(LOCAL_PATH)
+ # Exclude some modules that are problematic to compile (types/header).
+-MY_excluded_modules:=TCPOPTSTRIP
++MY_excluded_modules:=TCPOPTSTRIP MIRROR LOG TTL NETMAP ULOG MASQUERADE icmp ecn SAME realm \
++	SNAT CLUSTERIP ah ECN unclean addrtype ttl dscp NFQUEUE NFLOG physdev TEE CONNSECMARK \
++	SECMARK string recent hashlimit cpu CT sctp AUDIT osf connmark CONNMARK conntrack \
++	quota2 quota TRACE policy u32 udp cluster tos CLASSIFY comment TPROXY RATEEST time \
++	set mark MARK IDLETIMER state devgroup limit LED connlimit pkttype TCPMSS TOS esp \
++	CHECKSUM socket statistic connbytes NOTRACK DSCP iprange length tcpmss mac rateest \
++	helper
+ 
+ MY_pfx_build_mod := $(patsubst ${MY_srcdir}/libxt_%.c,%,$(wildcard ${MY_srcdir}/libxt_*.c))
+ MY_pf4_build_mod := $(patsubst ${MY_srcdir}/libipt_%.c,%,$(wildcard ${MY_srcdir}/libipt_*.c))
+@@ -46,7 +52,8 @@
+ 
+ MY_initext_func := $(addprefix xt_,${MY_pfx_build_mod})
+ MY_GEN_INITEXT:= $(MY_intermediates)/initext.c
+-$(MY_GEN_INITEXT):
++LOCAL_GEN_INITEXT:= $(LOCAL_PATH)/$(MY_GEN_INITEXT)
++$(LOCAL_GEN_INITEXT):
+ 	@mkdir -p $(dir $@)
+ 	@( \
+ 	echo "" >$@; \
+@@ -76,7 +83,7 @@
+ 
+ $(MY_intermediates)/initext.o : $(MY_GEN_INITEXT) $(MY_gen_lib_sources)
+ 
+-LOCAL_GENERATED_SOURCES:= $(MY_GEN_INITEXT) $(MY_gen_lib_sources)
++LOCAL_SRC_FILES:= $(MY_GEN_INITEXT) $(MY_gen_lib_sources)
+ 
+ include $(BUILD_STATIC_LIBRARY)
+ 
+@@ -109,7 +116,8 @@
+ 
+ MY_initext4_func  := $(addprefix ipt_,${MY_pf4_build_mod})
+ MY_GEN_INITEXT4:= $(MY_intermediates)/initext4.c
+-$(MY_GEN_INITEXT4):
++LOCAL_GEN_INITEXT4:= $(LOCAL_PATH)/$(MY_GEN_INITEXT4)
++$(LOCAL_GEN_INITEXT4):
+ 	@mkdir -p $(dir $@)
+ 	@( \
+ 	echo "" >$@; \
+@@ -139,7 +147,7 @@
+ 
+ $(MY_intermediates)/initext4.o : $(MY_GEN_INITEXT4) $(MY_gen_lib_sources)
+ 
+-LOCAL_GENERATED_SOURCES:= $(MY_GEN_INITEXT4) ${MY_gen_lib_sources}
++LOCAL_SRC_FILES:= $(MY_GEN_INITEXT4) ${MY_gen_lib_sources}
+ 
+ include $(BUILD_STATIC_LIBRARY)
+ 
+@@ -172,7 +180,8 @@
+ 
+ MY_initext6_func := $(addprefix ip6t_,${MY_pf6_build_mod})
+ MY_GEN_INITEXT6:= $(MY_intermediates)/initext6.c
+-$(MY_GEN_INITEXT6):
++LOCAL_GEN_INITEXT6:= $(LOCAL_PATH)/$(MY_GEN_INITEXT6)
++$(LOCAL_GEN_INITEXT6):
+ 	@mkdir -p $(dir $@)
+ 	@( \
+ 	echo "" >$@; \
+@@ -202,7 +211,7 @@
+ 
+ $(MY_intermediates)/initext6.o : $(MY_GEN_INITEXT6) $(MY_gen_lib_sources)
+ 
+-LOCAL_GENERATED_SOURCES:= $(MY_GEN_INITEXT6) $(MY_gen_lib_sources)
++LOCAL_SRC_FILES:= $(MY_GEN_INITEXT6) $(MY_gen_lib_sources)
+ 
+ include $(BUILD_STATIC_LIBRARY)
+ 
+diff --git a/external/iptables/extensions/fixinit.py b/external/iptables/extensions/fixinit.py
+--- a/iptables/extensions/fixinit.py	1970-01-01 03:00:00.000000000 +0300
++++ b/external/iptables/extensions/fixinit.py	2012-05-31 00:35:59.927307126 +0400
+@@ -0,0 +1,30 @@
++#!/usr/bin/python
++# Author: Rodrigo Zechin Rosauro
++"""
++This script will convert all _init() functions on iptables extension sources in order
++to compile then on Android.
++This will for example, convert "void _init(void)" on libipt_LOG.c to "void libipt_LOG_init(void)".
++This is necessary because we cannot use the "-D_INIT=$*_init" on LOCAL_CFLAGS due to the way NDK works.
++"""
++
++import sys, os, glob, re
++
++def main():
++    regex=re.compile(r"[^\w]_init\s*\(")
++    os.chdir(os.path.dirname(os.path.abspath(__file__)))
++    for prefix in ("libxt", "libipt", "libip6t"):
++        for src in glob.glob("%s_*.c"%prefix):
++            name = src.replace(".c","")
++            f=open(src, "r")
++            data=f.read()
++            f.close()
++            if regex.search(data):
++                print "Converting %s..."%src
++                data=regex.sub(" %s_init("%name, data)
++                f=open(src, "w")
++                f.write(data)
++                f.close()
++    print "DONE!"
++
++if __name__=="__main__":
++    main()
++