Home | History | Annotate | Download | only in iptables
      1 Installation instructions for iptables
      2 ======================================
      3 
      4 iptables uses the well-known configure(autotools) infrastructure.
      5 
      6 	$ ./configure
      7 	$ make
      8 	# make install
      9 
     10 
     11 Prerequisites
     12 =============
     13 
     14 	* no kernel-source required
     15 
     16 	* but obviously a compiler, glibc-devel and linux-kernel-headers
     17 	  (/usr/include/linux)
     18 
     19 
     20 Configuring and compiling
     21 =========================
     22 
     23 ./configure [options]
     24 
     25 --prefix=
     26 
     27 	The prefix to put all installed files under. It defaults to
     28 	/usr/local, so the binaries will go into /usr/local/bin, sbin,
     29 	manpages into /usr/local/share/man, etc.
     30 
     31 --with-xtlibdir=
     32 
     33 	The path to where Xtables extensions should be installed to. It
     34 	defaults to ${libdir}/xtables.
     35 
     36 --enable-devel (or --disable-devel)
     37 
     38 	This option causes development files to be installed to
     39 	${includedir}, which is needed for building additional packages,
     40 	such as Xtables-addons or other 3rd-party extensions.
     41 
     42 	It is enabled by default.
     43 
     44 --enable-static
     45 
     46 	Produce additional binaries, iptables-static/ip6tables-static,
     47 	which have all shipped extensions compiled in.
     48 
     49 --disable-shared
     50 
     51 	Produce binaries that have dynamic loading of extensions disabled.
     52 	This implies --enable-static.
     53 	(See some details below.)
     54 
     55 --enable-libipq
     56 
     57 	This option causes libipq to be installed into ${libdir} and
     58 	${includedir}.
     59 
     60 --with-ksource=
     61 
     62 	Xtables does not depend on kernel headers anymore, but you can
     63 	optionally specify a search path to include anyway. This is
     64 	probably only useful for development.
     65 
     66 If you want to enable debugging, use
     67 
     68 	./configure CFLAGS="-ggdb3 -O0"
     69 
     70 (-O0 is used to turn off instruction reordering, which makes debugging
     71 much easier.)
     72 
     73 To show debug traces you can add -DDEBUG to CFLAGS option
     74 
     75 
     76 Other notes
     77 ===========
     78 
     79 The make process will automatically build multipurpose binaries.
     80 These have the core (iptables), -save, -restore and -xml code
     81 compiled into one binary, but extensions remain as modules.
     82 
     83 
     84 Static and shared
     85 =================
     86 
     87 Basically there are three configuration modes defined:
     88 
     89  --disable-static --enable-shared (this is the default)
     90 
     91 	Build a binary that relies upon dynamic loading of extensions.
     92 
     93  --enable-static --enable-shared
     94 
     95 	Build a binary that has the shipped extensions built-in, but
     96 	is still capable of loading additional extensions.
     97 
     98  --enable-static --disable-shared
     99 
    100 	Shipped extensions are built-in, and dynamic loading is
    101 	deactivated.
    102