|
Packit |
7b22a4 |
Installation instructions for iptables
|
|
Packit |
7b22a4 |
======================================
|
|
Packit |
7b22a4 |
|
|
Packit |
7b22a4 |
iptables uses the well-known configure(autotools) infrastructure.
|
|
Packit |
7b22a4 |
|
|
Packit |
7b22a4 |
$ ./configure
|
|
Packit |
7b22a4 |
$ make
|
|
Packit |
7b22a4 |
# make install
|
|
Packit |
7b22a4 |
|
|
Packit |
7b22a4 |
|
|
Packit |
7b22a4 |
Prerequisites
|
|
Packit |
7b22a4 |
=============
|
|
Packit |
7b22a4 |
|
|
Packit |
7b22a4 |
* no kernel-source required
|
|
Packit |
7b22a4 |
|
|
Packit |
7b22a4 |
* but obviously a compiler, glibc-devel and linux-kernel-headers
|
|
Packit |
7b22a4 |
(/usr/include/linux)
|
|
Packit |
7b22a4 |
|
|
Packit |
7b22a4 |
|
|
Packit |
7b22a4 |
Configuring and compiling
|
|
Packit |
7b22a4 |
=========================
|
|
Packit |
7b22a4 |
|
|
Packit |
7b22a4 |
./configure [options]
|
|
Packit |
7b22a4 |
|
|
Packit |
7b22a4 |
--prefix=
|
|
Packit |
7b22a4 |
|
|
Packit |
7b22a4 |
The prefix to put all installed files under. It defaults to
|
|
Packit |
7b22a4 |
/usr/local, so the binaries will go into /usr/local/bin, sbin,
|
|
Packit |
7b22a4 |
manpages into /usr/local/share/man, etc.
|
|
Packit |
7b22a4 |
|
|
Packit |
7b22a4 |
--with-xtlibdir=
|
|
Packit |
7b22a4 |
|
|
Packit |
7b22a4 |
The path to where Xtables extensions should be installed to. It
|
|
Packit |
7b22a4 |
defaults to ${libdir}/xtables.
|
|
Packit |
7b22a4 |
|
|
Packit |
7b22a4 |
--enable-devel (or --disable-devel)
|
|
Packit |
7b22a4 |
|
|
Packit |
7b22a4 |
This option causes development files to be installed to
|
|
Packit |
7b22a4 |
${includedir}, which is needed for building additional packages,
|
|
Packit |
7b22a4 |
such as Xtables-addons or other 3rd-party extensions.
|
|
Packit |
7b22a4 |
|
|
Packit |
7b22a4 |
It is enabled by default.
|
|
Packit |
7b22a4 |
|
|
Packit |
7b22a4 |
--enable-static
|
|
Packit |
7b22a4 |
|
|
Packit |
7b22a4 |
Produce additional binaries, iptables-static/ip6tables-static,
|
|
Packit |
7b22a4 |
which have all shipped extensions compiled in.
|
|
Packit |
7b22a4 |
|
|
Packit |
7b22a4 |
--disable-shared
|
|
Packit |
7b22a4 |
|
|
Packit |
7b22a4 |
Produce binaries that have dynamic loading of extensions disabled.
|
|
Packit |
7b22a4 |
This implies --enable-static.
|
|
Packit |
7b22a4 |
(See some details below.)
|
|
Packit |
7b22a4 |
|
|
Packit |
7b22a4 |
--enable-libipq
|
|
Packit |
7b22a4 |
|
|
Packit |
7b22a4 |
This option causes libipq to be installed into ${libdir} and
|
|
Packit |
7b22a4 |
${includedir}.
|
|
Packit |
7b22a4 |
|
|
Packit |
7b22a4 |
--with-ksource=
|
|
Packit |
7b22a4 |
|
|
Packit |
7b22a4 |
Xtables does not depend on kernel headers anymore, but you can
|
|
Packit |
7b22a4 |
optionally specify a search path to include anyway. This is
|
|
Packit |
7b22a4 |
probably only useful for development.
|
|
Packit |
7b22a4 |
|
|
Packit |
7b22a4 |
If you want to enable debugging, use
|
|
Packit |
7b22a4 |
|
|
Packit |
7b22a4 |
./configure CFLAGS="-ggdb3 -O0"
|
|
Packit |
7b22a4 |
|
|
Packit |
7b22a4 |
(-O0 is used to turn off instruction reordering, which makes debugging
|
|
Packit |
7b22a4 |
much easier.)
|
|
Packit |
7b22a4 |
|
|
Packit |
7b22a4 |
To show debug traces you can add -DDEBUG to CFLAGS option
|
|
Packit |
7b22a4 |
|
|
Packit |
7b22a4 |
|
|
Packit |
7b22a4 |
Other notes
|
|
Packit |
7b22a4 |
===========
|
|
Packit |
7b22a4 |
|
|
Packit |
7b22a4 |
The make process will automatically build multipurpose binaries.
|
|
Packit |
7b22a4 |
These have the core (iptables), -save, -restore and -xml code
|
|
Packit |
7b22a4 |
compiled into one binary, but extensions remain as modules.
|
|
Packit |
7b22a4 |
|
|
Packit |
7b22a4 |
|
|
Packit |
7b22a4 |
Static and shared
|
|
Packit |
7b22a4 |
=================
|
|
Packit |
7b22a4 |
|
|
Packit |
7b22a4 |
Basically there are three configuration modes defined:
|
|
Packit |
7b22a4 |
|
|
Packit |
7b22a4 |
--disable-static --enable-shared (this is the default)
|
|
Packit |
7b22a4 |
|
|
Packit |
7b22a4 |
Build a binary that relies upon dynamic loading of extensions.
|
|
Packit |
7b22a4 |
|
|
Packit |
7b22a4 |
--enable-static --enable-shared
|
|
Packit |
7b22a4 |
|
|
Packit |
7b22a4 |
Build a binary that has the shipped extensions built-in, but
|
|
Packit |
7b22a4 |
is still capable of loading additional extensions.
|
|
Packit |
7b22a4 |
|
|
Packit |
7b22a4 |
--enable-static --disable-shared
|
|
Packit |
7b22a4 |
|
|
Packit |
7b22a4 |
Shipped extensions are built-in, and dynamic loading is
|
|
Packit |
7b22a4 |
deactivated.
|