1 Installation instructions for iptables 2 ====================================== 3 4 iptables uses the well-known configure(autotools) infrastructure. 5 6 $ ./configure 7 $ make 8 # make install 9 10 11 Prerequisites 12 ============= 13 14 * no kernel-source required 15 16 * but obviously a compiler, glibc-devel and linux-kernel-headers 17 (/usr/include/linux) 18 19 20 Configuring and compiling 21 ========================= 22 23 ./configure [options] 24 25 --prefix= 26 27 The prefix to put all installed files under. It defaults to 28 /usr/local, so the binaries will go into /usr/local/bin, sbin, 29 manpages into /usr/local/share/man, etc. 30 31 --with-xtlibdir= 32 33 The path to where Xtables extensions should be installed to. It 34 defaults to ${libdir}/xtables. 35 36 --enable-devel (or --disable-devel) 37 38 This option causes development files to be installed to 39 ${includedir}, which is needed for building additional packages, 40 such as Xtables-addons or other 3rd-party extensions. 41 42 It is enabled by default. 43 44 --enable-static 45 46 Produce additional binaries, iptables-static/ip6tables-static, 47 which have all shipped extensions compiled in. 48 49 --disable-shared 50 51 Produce binaries that have dynamic loading of extensions disabled. 52 This implies --enable-static. 53 (See some details below.) 54 55 --enable-libipq 56 57 This option causes libipq to be installed into ${libdir} and 58 ${includedir}. 59 60 --with-ksource= 61 62 Xtables does not depend on kernel headers anymore, but you can 63 optionally specify a search path to include anyway. This is 64 probably only useful for development. 65 66 If you want to enable debugging, use 67 68 ./configure CFLAGS="-ggdb3 -O0" 69 70 (-O0 is used to turn off instruction reordering, which makes debugging 71 much easier.) 72 73 To show debug traces you can add -DDEBUG to CFLAGS option 74 75 76 Other notes 77 =========== 78 79 The make process will automatically build multipurpose binaries. 80 These have the core (iptables), -save, -restore and -xml code 81 compiled into one binary, but extensions remain as modules. 82 83 84 Static and shared 85 ================= 86 87 Basically there are three configuration modes defined: 88 89 --disable-static --enable-shared (this is the default) 90 91 Build a binary that relies upon dynamic loading of extensions. 92 93 --enable-static --enable-shared 94 95 Build a binary that has the shipped extensions built-in, but 96 is still capable of loading additional extensions. 97 98 --enable-static --disable-shared 99 100 Shipped extensions are built-in, and dynamic loading is 101 deactivated. 102