<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body>
Is this going in slightly the wrong direction? Documenting the
variables may be a nice idea, but isn't the method of setting them
by editing the config.mk a bit off? Can't you just do something
like:<br>
<br>
HAVE_NFTABLES=true make<br>
<br>
or<br>
<br>
export HAVE_NFTABLES=true<br>
make<br>
<br>
<div class="moz-cite-prefix">On 23/09/2023 15:58, manfred wrote:<br>
</div>
<blockquote type="cite"
cite="mid:6f68992c-2946-09cf-17a8-31e4920a984e@gmail.com">As a
suggestion, it may be useful for config.mk to have a comment list
of USE_* and HAVE_* variables that may be enabled in the right
place.
<br>
<br>
<br>
On 9/23/2023 10:50 AM, manfred wrote:
<br>
<blockquote type="cite">mk/defaults/linux.mk has this:
<br>
<br>
ifneq ($(HAVE_NFTABLES), true)
<br>
HAVE_IPTABLES ?= true
<br>
endif
<br>
<br>
So, most likely you have to define:
<br>
<br>
HAVE_NFTABLES ?= true
<br>
<br>
early in config.mk.
<br>
<br>
<br>
On 9/23/2023 8:49 AM, Armen Dilanyan wrote:
<br>
<blockquote type="cite">Can you please specify what needs to be
edited in the mk/config.mk file?
<br>
Remove the lines from the file:
<br>
/*-e "s:@HAVE_IPTABLES@:$(HAVE_IPTABLES):g" \*/
<br>
and
<br>
/*# iptables for CAT, or NFLOG, look, barf, verify*/
<br>
/*HAVE_IPTABLES ?= false*/
<br>
/*ifeq ($(HAVE_IPTABLES),true)*/
<br>
/*USERLAND_CFLAGS += -DHAVE_IPTABLES*/
<br>
/*endif*/
<br>
23.09.2023, 18:24, "Paul Wouters" <a class="moz-txt-link-rfc2396E" href="mailto:paul@nohats.ca"><paul@nohats.ca></a>:
<br>
<br>
There is an option to build with nftables that can be
enabled. See
<br>
mk/config.mk
<br>
<br>
Sent using a virtual keyboard on a phone
<br>
<br>
On Sep 23, 2023, at 05:24, Armen Dilanyan
<<a class="moz-txt-link-abbreviated" href="mailto:ad@2ip.am">ad@2ip.am</a>
<br>
<a class="moz-txt-link-rfc2396E" href="mailto:ad@2ip.am"><mailto:ad@2ip.am></a>> wrote:
<br>
<br>
<br>
Hello dear community,
<br>
<br>
I would like to discuss an important matter with
you.
<br>
<br>
Currently, Libreswan has a dependency on the
iptables package.
<br>
However, in recent versions of the GNU/Debian
operating system,
<br>
iptables is no longer installed by default, and it has
been
<br>
replaced by nftables. The developers of netfilter are
planning
<br>
to fully replace iptables with nftables in the future.
<br>
Installing both iptables and nftables simultaneously
may not be
<br>
practical.
<br>
<br>
My question is whether Libreswan is considering the
<br>
possibility of removing its dependency on iptables and
<br>
transitioning to using nftables. Is it possible to
build the
<br>
Libreswan package from source without the iptables
dependency?
<br>
<br>
I appreciate your attention to this matter and look
forward to
<br>
hearing your insights.
<br>
_______________________________________________
<br>
Swan mailing list
<br>
<a class="moz-txt-link-abbreviated" href="mailto:Swan@lists.libreswan.org">Swan@lists.libreswan.org</a>
<a class="moz-txt-link-rfc2396E" href="mailto:Swan@lists.libreswan.org"><mailto:Swan@lists.libreswan.org></a>
<br>
<a class="moz-txt-link-freetext" href="https://lists.libreswan.org/mailman/listinfo/swan">https://lists.libreswan.org/mailman/listinfo/swan</a>
<br>
<a class="moz-txt-link-rfc2396E" href="https://lists.libreswan.org/mailman/listinfo/swan"><https://lists.libreswan.org/mailman/listinfo/swan></a>
<br>
<br>
<br>
_______________________________________________
<br>
Swan mailing list
<br>
<a class="moz-txt-link-abbreviated" href="mailto:Swan@lists.libreswan.org">Swan@lists.libreswan.org</a>
<br>
<a class="moz-txt-link-freetext" href="https://lists.libreswan.org/mailman/listinfo/swan">https://lists.libreswan.org/mailman/listinfo/swan</a>
<br>
</blockquote>
</blockquote>
_______________________________________________
<br>
Swan mailing list
<br>
<a class="moz-txt-link-abbreviated" href="mailto:Swan@lists.libreswan.org">Swan@lists.libreswan.org</a>
<br>
<a class="moz-txt-link-freetext" href="https://lists.libreswan.org/mailman/listinfo/swan">https://lists.libreswan.org/mailman/listinfo/swan</a>
<br>
</blockquote>
<br>
</body>
</html>