blob: eb70bd118ad0c3a72e1983faa323c62f8a15f342 [file] [log] [blame]
AC_INIT([iptables], [1.8.3])
# See libtool.info "Libtool's versioning system"
libxtables_vcurrent=14
libxtables_vage=2
AC_CONFIG_AUX_DIR([build-aux])
AC_CONFIG_HEADERS([config.h])
AC_CONFIG_MACRO_DIR([m4])
AC_PROG_INSTALL
AM_INIT_AUTOMAKE([-Wall])
AC_PROG_CC
AM_PROG_CC_C_O
AC_DISABLE_STATIC
m4_ifdef([AM_PROG_AR], [AM_PROG_AR])
AM_PROG_LIBTOOL
AC_ARG_WITH([kernel],
AS_HELP_STRING([--with-kernel=PATH],
[Path to kernel source/build directory]),
[kbuilddir="$withval"; ksourcedir="$withval";])
AC_ARG_WITH([kbuild],
AS_HELP_STRING([--with-kbuild=PATH],
[Path to kernel build directory [[/lib/modules/CURRENT/build]]]),
[kbuilddir="$withval"])
AC_ARG_WITH([ksource],
AS_HELP_STRING([--with-ksource=PATH],
[Path to kernel source directory [[/lib/modules/CURRENT/source]]]),
[ksourcedir="$withval"])
AC_ARG_WITH([xtlibdir],
AS_HELP_STRING([--with-xtlibdir=PATH],
[Path where to install Xtables extensions [[LIBEXECDIR/xtables]]]),
[xtlibdir="$withval"],
[xtlibdir="${libdir}/xtables"])
AC_ARG_ENABLE([ipv4],
AS_HELP_STRING([--disable-ipv4], [Do not build iptables]),
[enable_ipv4="$enableval"], [enable_ipv4="yes"])
AC_ARG_ENABLE([ipv6],
AS_HELP_STRING([--disable-ipv6], [Do not build ip6tables]),
[enable_ipv6="$enableval"], [enable_ipv6="yes"])
AC_ARG_ENABLE([largefile],
AS_HELP_STRING([--disable-largefile], [Do not build largefile support]),
[enable_largefile="$enableval"],
[enable_largefile="yes"])
AS_IF([test "$enable_largefile" = "yes"], [largefile_cppflags='-D_LARGEFILE_SOURCE=1 -D_LARGE_FILES -D_FILE_OFFSET_BITS=64'])
AC_ARG_ENABLE([devel],
AS_HELP_STRING([--enable-devel],
[Install Xtables development headers]),
[enable_devel="$enableval"], [enable_devel="yes"])
AC_ARG_ENABLE([libipq],
AS_HELP_STRING([--enable-libipq], [Build and install libipq]),
[enable_libipq="$enableval"], [enable_libipq="no"])
AC_ARG_ENABLE([bpf-compiler],
AS_HELP_STRING([--enable-bpf-compiler], [Build bpf compiler]),
[enable_bpfc="$enableval"], [enable_bpfc="no"])
AC_ARG_ENABLE([nfsynproxy],
AS_HELP_STRING([--enable-nfsynproxy], [Build SYNPROXY configuration tool]),
[enable_nfsynproxy="$enableval"], [enable_nfsynproxy="no"])
AC_ARG_WITH([pkgconfigdir], AS_HELP_STRING([--with-pkgconfigdir=PATH],
[Path to the pkgconfig directory [[LIBDIR/pkgconfig]]]),
[pkgconfigdir="$withval"], [pkgconfigdir='${libdir}/pkgconfig'])
AC_ARG_ENABLE([nftables],
AS_HELP_STRING([--disable-nftables], [Do not build nftables compat]),
[enable_nftables="$enableval"], [enable_nftables="yes"])
AC_ARG_ENABLE([connlabel],
AS_HELP_STRING([--disable-connlabel],
[Do not build libnetfilter_conntrack]),
[enable_connlabel="$enableval"], [enable_connlabel="yes"])
AC_ARG_WITH([xt-lock-name], AS_HELP_STRING([--with-xt-lock-name=PATH],
[Path to the xtables lock [[/run/xtables.lock]]]),
[xt_lock_name="$withval"],
[xt_lock_name="/run/xtables.lock"])
AC_MSG_CHECKING([whether $LD knows -Wl,--no-undefined])
saved_LDFLAGS="$LDFLAGS";
LDFLAGS="-Wl,--no-undefined";
AC_LINK_IFELSE([AC_LANG_SOURCE([int main(void) {}])],
[noundef_LDFLAGS="$LDFLAGS"; AC_MSG_RESULT([yes])],
[AC_MSG_RESULT([no])]
)
LDFLAGS="$saved_LDFLAGS";
blacklist_modules=""
blacklist_x_modules=""
blacklist_b_modules=""
blacklist_a_modules=""
blacklist_4_modules=""
blacklist_6_modules=""
AC_CHECK_HEADERS([linux/dccp.h linux/ip_vs.h linux/magic.h linux/proc_fs.h linux/bpf.h])
if test "$ac_cv_header_linux_dccp_h" != "yes"; then
blacklist_modules="$blacklist_modules dccp";
fi;
if test "$ac_cv_header_linux_ip_vs_h" != "yes"; then
blacklist_modules="$blacklist_modules ipvs";
fi;
AC_CHECK_SIZEOF([struct ip6_hdr], [], [#include <netinet/ip6.h>])
AM_CONDITIONAL([ENABLE_STATIC], [test "$enable_static" = "yes"])
AM_CONDITIONAL([ENABLE_SHARED], [test "$enable_shared" = "yes"])
AM_CONDITIONAL([ENABLE_IPV4], [test "$enable_ipv4" = "yes"])
AM_CONDITIONAL([ENABLE_IPV6], [test "$enable_ipv6" = "yes"])
AM_CONDITIONAL([ENABLE_LARGEFILE], [test "$enable_largefile" = "yes"])
AM_CONDITIONAL([ENABLE_DEVEL], [test "$enable_devel" = "yes"])
AM_CONDITIONAL([ENABLE_LIBIPQ], [test "$enable_libipq" = "yes"])
AM_CONDITIONAL([ENABLE_BPFC], [test "$enable_bpfc" = "yes"])
AM_CONDITIONAL([ENABLE_SYNCONF], [test "$enable_nfsynproxy" = "yes"])
AM_CONDITIONAL([ENABLE_NFTABLES], [test "$enable_nftables" = "yes"])
AM_CONDITIONAL([ENABLE_CONNLABEL], [test "$enable_connlabel" = "yes"])
if test "x$enable_bpfc" = "xyes" || test "x$enable_nfsynproxy" = "xyes"; then
AC_CHECK_LIB(pcap, pcap_compile,, AC_MSG_ERROR(missing libpcap library required by bpf compiler or nfsynproxy tool))
fi
PKG_CHECK_MODULES([libnfnetlink], [libnfnetlink >= 1.0],
[nfnetlink=1], [nfnetlink=0])
AM_CONDITIONAL([HAVE_LIBNFNETLINK], [test "$nfnetlink" = 1])
if test "x$enable_nftables" = "xyes"; then
PKG_CHECK_MODULES([libmnl], [libmnl >= 1.0], [mnl=1], [mnl=0])
if test "$mnl" = 0;
then
echo "*** Error: No suitable libmnl found. ***"
echo " Please install the 'libmnl' package"
echo " Or consider --disable-nftables to skip"
echo " iptables-compat over nftables support."
exit 1
fi
PKG_CHECK_MODULES([libnftnl], [libnftnl >= 1.1.3], [nftables=1], [nftables=0])
if test "$nftables" = 0;
then
echo "*** Error: no suitable libnftnl found. ***"
echo " Please install the 'libnftnl' package"
echo " Or consider --disable-nftables to skip"
echo " iptables-compat over nftables support."
exit 1
fi
fi
AM_CONDITIONAL([HAVE_LIBMNL], [test "$mnl" = 1])
AM_CONDITIONAL([HAVE_LIBNFTNL], [test "$nftables" = 1])
if test "$nftables" != 1; then
blacklist_b_modules="$blacklist_b_modules limit mark nflog mangle"
blacklist_a_modules="$blacklist_a_modules mangle"
fi
if test "x$enable_connlabel" = "xyes"; then
PKG_CHECK_MODULES([libnetfilter_conntrack],
[libnetfilter_conntrack >= 1.0.6],
[nfconntrack=1], [nfconntrack=0])
if test "$nfconntrack" -ne 1; then
blacklist_modules="$blacklist_modules connlabel";
echo "WARNING: libnetfilter_conntrack not found, connlabel match will not be built";
enable_connlabel="no";
fi;
else
blacklist_modules="$blacklist_modules connlabel";
fi;
AM_CONDITIONAL([HAVE_LIBNETFILTER_CONNTRACK], [test "$nfconntrack" = 1])
AC_SUBST([blacklist_modules])
AC_SUBST([blacklist_x_modules])
AC_SUBST([blacklist_b_modules])
AC_SUBST([blacklist_a_modules])
AC_SUBST([blacklist_4_modules])
AC_SUBST([blacklist_6_modules])
regular_CFLAGS="-Wall -Waggregate-return -Wmissing-declarations \
-Wmissing-prototypes -Wredundant-decls -Wshadow -Wstrict-prototypes \
-Wlogical-op \
-Winline -pipe";
regular_CPPFLAGS="${largefile_cppflags} -D_REENTRANT \
-DXTABLES_LIBDIR=\\\"\${xtlibdir}\\\" -DXTABLES_INTERNAL";
kinclude_CPPFLAGS="";
if [[ -n "$kbuilddir" ]]; then
kinclude_CPPFLAGS="$kinclude_CPPFLAGS -I$kbuilddir/include/uapi -I$kbuilddir/include";
fi;
if [[ -n "$ksourcedir" ]]; then
kinclude_CPPFLAGS="$kinclude_CPPFLAGS -I$ksourcedir/include/uapi -I$ksourcedir/include";
fi;
pkgdatadir='${datadir}/xtables';
define([EXPAND_VARIABLE],
[$2=[$]$1
if test $prefix = 'NONE'; then
prefix="/usr/local"
fi
while true; do
case "[$]$2" in
*\[$]* ) eval "$2=[$]$2" ;;
*) break ;;
esac
done
eval "$2=[$]$2"
])dnl EXPAND_VARIABLE
AC_SUBST([regular_CFLAGS])
AC_SUBST([regular_CPPFLAGS])
AC_SUBST([noundef_LDFLAGS])
AC_SUBST([kinclude_CPPFLAGS])
AC_SUBST([kbuilddir])
AC_SUBST([ksourcedir])
AC_SUBST([xtlibdir])
AC_SUBST([pkgconfigdir])
AC_SUBST([pkgdatadir])
AC_SUBST([libxtables_vcurrent])
AC_SUBST([libxtables_vage])
libxtables_vmajor=$(($libxtables_vcurrent - $libxtables_vage));
AC_SUBST([libxtables_vmajor])
AC_DEFINE_UNQUOTED([XT_LOCK_NAME], "${xt_lock_name}",
[Location of the iptables lock file])
AC_CONFIG_FILES([Makefile extensions/GNUmakefile include/Makefile
iptables/Makefile iptables/xtables.pc
iptables/iptables.8 iptables/iptables-extensions.8.tmpl
iptables/iptables-save.8 iptables/iptables-restore.8
iptables/iptables-apply.8 iptables/iptables-xml.1
libipq/Makefile libipq/libipq.pc
libiptc/Makefile libiptc/libiptc.pc
libiptc/libip4tc.pc libiptc/libip6tc.pc
libxtables/Makefile utils/Makefile
include/xtables-version.h
iptables/xtables-monitor.8
utils/nfnl_osf.8
utils/nfbpf_compile.8])
AC_OUTPUT
EXPAND_VARIABLE(xtlibdir, e_xtlibdir)
EXPAND_VARIABLE(pkgconfigdir, e_pkgconfigdir)
echo "
Iptables Configuration:
IPv4 support: ${enable_ipv4}
IPv6 support: ${enable_ipv6}
Devel support: ${enable_devel}
IPQ support: ${enable_libipq}
Large file support: ${enable_largefile}
BPF utils support: ${enable_bpfc}
nfsynproxy util support: ${enable_nfsynproxy}
nftables support: ${enable_nftables}
connlabel support: ${enable_connlabel}
Build parameters:
Put plugins into executable (static): ${enable_static}
Support plugins via dlopen (shared): ${enable_shared}
Installation prefix (--prefix): ${prefix}
Xtables extension directory: ${e_xtlibdir}
Pkg-config directory: ${e_pkgconfigdir}
Xtables lock file: ${xt_lock_name}"
if [[ -n "$ksourcedir" ]]; then
echo " Kernel source directory: ${ksourcedir}"
fi;
if [[ -n "$kbuilddir" ]]; then
echo " Kernel build directory: ${kbuilddir}"
fi;
echo " Host: ${host}
GCC binary: ${CC}"
test x"$blacklist_modules" = "x" || echo "
Iptables modules that will not be built: $blacklist_modules"