From 705babcdf0358e383388771acd0a663f59f05b18 Mon Sep 17 00:00:00 2001
From: c0bw3b <c0bw3b@users.noreply.github.com>
Date: Sun, 9 Dec 2018 17:12:53 +0100
Subject: [PATCH] iptables: prune libtool files after build

Otherwise -lpcap gets propagated to reverse deps
This can break strongswan build for example
https://github.com/NixOS/nixpkgs/pull/51252#issuecomment-445512680
---
 pkgs/os-specific/linux/iptables/default.nix      | 16 ++++++++++++----
 .../iptables/netinet-headers-collision.patch     | 11 -----------
 2 files changed, 12 insertions(+), 15 deletions(-)
 delete mode 100644 pkgs/os-specific/linux/iptables/netinet-headers-collision.patch

diff --git a/pkgs/os-specific/linux/iptables/default.nix b/pkgs/os-specific/linux/iptables/default.nix
index 8f98391021fd..ff6ce3b4889d 100644
--- a/pkgs/os-specific/linux/iptables/default.nix
+++ b/pkgs/os-specific/linux/iptables/default.nix
@@ -1,4 +1,4 @@
-{ stdenv, fetchurl, fetchpatch, bison, flex, pkgconfig
+{ stdenv, fetchurl, fetchpatch, bison, flex, pkgconfig, pruneLibtoolFiles
 , libnetfilter_conntrack, libnftnl, libmnl, libpcap }:
 
 stdenv.mkDerivation rec {
@@ -21,16 +21,24 @@ stdenv.mkDerivation rec {
       url = "https://git.netfilter.org/iptables/patch/?id=51d374ba41ae4f1bb851228c06b030b83dd2092f";
       sha256 = "05fwrq03f9sm0v2bfwshbrg7pi2p978w1460arnmpay3135gj266";
     })
-    # extensions: libip6t_mh: fix bogus translation error
+    # Extensions: libip6t_mh: fix bogus translation error
     (fetchpatch {
       url = "https://git.netfilter.org/iptables/patch/?id=5839d7fe62ff667af7132fc7d589b386951f27b3";
       sha256 = "0578jn1ip710z9kijwg9g2vjq2kfrbafl03m1rgi4fasz215gvkf";
     })
     # Prevent headers collisions between linux and netfilter (in.h and in6.h)
-    (./netinet-headers-collision.patch)
+    # Fixed upstream with two commits
+    (fetchpatch {
+      url = "https://git.netfilter.org/iptables/patch/?id=8d9d7e4b9ef4c6e6abab2cf35c747d7ca36824bd";
+      sha256 = "0q3wcspiqym1r6dg1jhg7h8hpvsjzx1k7cs39z36mzlbmj9lm0zb";
+    })
+    (fetchpatch {
+      url = "https://git.netfilter.org/iptables/patch/?id=2908eda10bf9fc81119d4f3ad672c67918ab5955";
+      sha256 = "1dci4c8b7gcdrf77l2aicrcwlbp320xjz76fhavams0b4kgs6yr3";
+    })
   ];
 
-  nativeBuildInputs = [ bison flex pkgconfig ];
+  nativeBuildInputs = [ bison flex pkgconfig pruneLibtoolFiles ];
 
   buildInputs = [ libnetfilter_conntrack libnftnl libmnl libpcap ];
 
diff --git a/pkgs/os-specific/linux/iptables/netinet-headers-collision.patch b/pkgs/os-specific/linux/iptables/netinet-headers-collision.patch
deleted file mode 100644
index 940ffa0c29cc..000000000000
--- a/pkgs/os-specific/linux/iptables/netinet-headers-collision.patch
+++ /dev/null
@@ -1,11 +0,0 @@
---- a/include/linux/netfilter.h
-+++ b/include/linux/netfilter.h
-@@ -3,7 +3,9 @@
- 
- #include <linux/types.h>
- 
-+#ifndef _NETINET_IN_H
- #include <linux/in.h>
- #include <linux/in6.h>
-+#endif
- #include <limits.h>