Updated dontfragment build to not require iptables sources

Author: lschlesinger-dn

.gitignore

@@ -3,3 +3,6 @@
 *.mod.*
 modules.order
 Module.symvers
+extensions/**/*.so
+extensions/**/*.ko
+out

extensions/dontfragment/Makefile

@@ -1,39 +1,23 @@
 obj-m += ipt_DF.o
-#IPT_CFLAGS = -fPIC -Wall -Wextra -pedantic
-IPT_CFLAGS = -fPIC
-IPTABLES_VERSION = 1.6.2
+IPT_CFLAGS = -Wall -Wextra -pedantic -O2
 
 all: kernel-module iptables-module
 
-iptables: iptables-$(IPTABLES_VERSION) ipt_DF.h
-	cp ipt_DF.h iptables-$(IPTABLES_VERSION)/include/linux/netfilter_ipv4/ipt_DF.h
-
-iptables-$(IPTABLES_VERSION): iptables-$(IPTABLES_VERSION).tar.bz2
-	tar -xf iptables-$(IPTABLES_VERSION).tar.bz2
-
-iptables-$(IPTABLES_VERSION).tar.bz2:
-	wget http://www.netfilter.org/projects/iptables/files/iptables-$(IPTABLES_VERSION).tar.bz2
-	md5sum -c iptables-$(IPTABLES_VERSION).tar.bz2.md5 || (rm -f iptables-$(IPTABLES_VERSION).tar.bz2 && exit 1)
-
 kernel-module:
-	make -C /lib/modules/$(shell uname -r)/build M=$(PWD) modules
+	make -C /lib/modules/$(shell uname -r)/build M=$(CURDIR) modules
 
-iptables-module: iptables libipt_DF.c
-	$(CC) $(CFLAGS) $(IPT_CFLAGS) -I iptables-$(IPTABLES_VERSION)/include libipt_DF.c -c
-	$(CC) $(CFLAGS) $(IPT_CFLAGS) -shared -o libipt_DF.so libipt_DF.o
+iptables-module: libipt_DF.so
 
-clean-all: clean clean-iptables-archive
+libipt_DF.so: libipt_DF.o
+	gcc -shared -fPIC ${IPT_CFLAGS} -o $@ $^;
 
-clean: clean-kernel-module clean-iptables-module clean-iptables
+libipt_DF.o: libipt_DF.c
+	gcc ${IPT_CFLAGS} -D_INIT=lib$*_init -fPIC -c -o $@ $<;
+
+clean: clean-kernel-module clean-iptables-module
 
 clean-kernel-module:
-	make -C /lib/modules/$(shell uname -r)/build M=$(PWD) clean
+	make -C /lib/modules/$(shell uname -r)/build M=$(CURDIR) clean
 
 clean-iptables-module:
 	rm -f libipt_DF.o libipt_DF.so
-
-clean-iptables:
-	rm -rf iptables-$(IPTABLES_VERSION)
-
-clean-iptables-archive:
-	rm -f iptables-$(IPTABLES_VERSION).tar.bz2

extensions/dontfragment/libipt_DF.c

@@ -2,7 +2,9 @@
 #include <xtables.h>
 
 #include <linux/netfilter_ipv4/ip_tables.h>
-#include <linux/netfilter_ipv4/ipt_DF.h>
+#include "ipt_DF.h"
+
+#define __maybe_unused __attribute__((__unused__))
 
 enum {
 	O_DF_SET = 0,
@@ -52,7 +54,7 @@ static void DF_check(struct xt_fcheck_call *cb)
         "DF: You must specify an action");
 }
 
-static void DF_save(const void *ip, const struct xt_entry_target *target)
+static void DF_save(__maybe_unused const void *ip, const struct xt_entry_target *target)
 {
 	const struct xt_df_tginfo *info = (struct xt_df_tginfo *) target->data;
 
@@ -67,7 +69,7 @@ static void DF_save(const void *ip, const struct xt_entry_target *target)
 	}
 }
 
-static void DF_print(const void *ip, const struct xt_entry_target *target, int numeric)
+static void DF_print(__maybe_unused const void *ip, const struct xt_entry_target *target, __maybe_unused int numeric)
 {
 	const struct xt_df_tginfo *info = (struct xt_df_tginfo *) target->data;