[netfilter-cvslog] r7488 - trunk/iptables

kaber at trash.net kaber at trash.net
Tue Apr 15 13:52:38 CEST 2008

Author: kaber at trash.net
Date: 2008-04-15 13:52:38 +0200 (Tue, 15 Apr 2008)
New Revision: 7488

[PATCH 05/10] Update documentation about building the package

Modified: trunk/iptables/INSTALL
--- trunk/iptables/INSTALL	2008-04-15 11:51:33 UTC (rev 7487)
+++ trunk/iptables/INSTALL	2008-04-15 11:52:38 UTC (rev 7488)
@@ -1,52 +1,80 @@
+Installation instructions for iptables
-0) There may be some outstanding bugfixes or tweaks which are not yet
-   in the official kernel.  Those are now (as of iptables-1.2.7) kept
-   in a seperate package, called patch-o-matic.  It is available from
-   ftp://ftp.netfilter.org/pub/patch-o-matic/
+iptables uses the well-known configure(autotools) infrastructure.
-1) Next, make the package. If you use a standard distribution kernel,
-   just run ./configure.
+	$ ./configure
+	$ make
+	# make install
-   If you want to build against an own kernel tree:
-	$ ./configure --with-kernel=/home/jengelh/mykernel
-   or whereever you put it. If you are using a dedicated kernel build
-   directory, you use:
+	* no kernel-source required
-	$ ./configure --with-kbuild=<<where-built>> --with-ksource=<<source>>
+	* but obviously a compiler, glibc-devel and linux-kernel-headers
+	  (/usr/include/linux)
-2) Finally, you need to install the binaries and shared libraries:
-	# make install
+Configuring and compiling
-That's it!
+./configure [options]
-1) This package requires a 2.4.4 kernel, or above.
-2) If you get the kernel directory wrong, you may get compile failures.
+	The prefix to put all installed files under. It defaults to
+	/usr/local, so the binaries will go into /usr/local/bin, sbin,
+	manpages into /usr/local/share/man, etc.
-3) If you want to specify alternate directories for installation
-(instead of /usr/local/ bin lib man), do this:
-	$ ./configure --prefix=/usr
-	$ make
-	# make install
+	The path to where Xtables extensions should be installed to. It
+	defaults to ${prefix}/libexec/xtables.
-4) The make process will automatically build a multipurpose binary under the
-   names iptables-multi and ip6tables-multi.
+--enable-devel (or --disable-devel)
-5) If you want to build a statically linked version of the iptables binary,
-   without the need for loading the plugins at runtime (e.g. for an embedded
-   device or router-on-a-disk), please use
+	This option causes development files to be installed to
+	${includedir}, which is needed for building additional packages,
+	such as Xtables-addons or other 3rd-party extensions.
-	$ ./configure --enable-static
+	It is enabled by default.
-   which will build both a semi-static multi binary (iptables-mtss, uses
-   libc but not plugins) and a fully static multi binary (iptables-static).
-6) If you want to install libipq (old interface), add --enable-devel to
-   ./configure.
+	This option causes libipq to be installed into ${libdir} and
+	${includedir}.
+	Enable building single standalone multipurpose binaries,
+	(iptables-static and ip6tables-static), which contain every
+	extension compiled-in (and does not support additional
+	extensions).
+	Xtables does not depend on kernel headers anymore, but you can
+	optionally specify a search path to include anyway. This is
+	probably only useful for development.
+If you want to enable debugging, use
+	./configure CFLAGS="-ggdb3 -O0"
+(-O0 is used to turn off instruction reordering, which makes debugging
+much easier.)
+Other notes
+The make process will automatically build multipurpose binaries.
+These have the core (iptables), -save, -restore and -xml code
+compiled into one binary, but extensions remain as modules.
+If you want to build a statically linked version of the iptables binary,
+without the need for loading the plugins at runtime (e.g. for an
+embedded device or router-on-a-disk), you can use the --enable-static
+configure flag.

Modified: trunk/iptables/configure.ac
--- trunk/iptables/configure.ac	2008-04-15 11:51:33 UTC (rev 7487)
+++ trunk/iptables/configure.ac	2008-04-15 11:52:38 UTC (rev 7488)
@@ -22,9 +22,9 @@
-	[Path to iptables modules [[LIBEXECDIR/iptables]]]),
+	[Path where to install Xtables extensions [[LIBEXECDIR/xtables]]]),
-	[xtlibdir="${libexecdir}/iptables"])
+	[xtlibdir="${libexecdir}/xtables"])
 	[Install Xtables development headers]),

More information about the netfilter-cvslog mailing list