| |
| AC_INIT([iptables], [1.8.3]) |
| |
| # See libtool.info "Libtool's versioning system" |
| libxtables_vcurrent=14 |
| libxtables_vage=2 |
| |
| AC_CONFIG_AUX_DIR([build-aux]) |
| AC_CONFIG_HEADERS([config.h]) |
| AC_CONFIG_MACRO_DIR([m4]) |
| AC_PROG_INSTALL |
| AM_INIT_AUTOMAKE([-Wall]) |
| AC_PROG_CC |
| AM_PROG_CC_C_O |
| AC_DISABLE_STATIC |
| m4_ifdef([AM_PROG_AR], [AM_PROG_AR]) |
| AM_PROG_LIBTOOL |
| |
| AC_ARG_WITH([kernel], |
| AS_HELP_STRING([--with-kernel=PATH], |
| [Path to kernel source/build directory]), |
| [kbuilddir="$withval"; ksourcedir="$withval";]) |
| AC_ARG_WITH([kbuild], |
| AS_HELP_STRING([--with-kbuild=PATH], |
| [Path to kernel build directory [[/lib/modules/CURRENT/build]]]), |
| [kbuilddir="$withval"]) |
| AC_ARG_WITH([ksource], |
| AS_HELP_STRING([--with-ksource=PATH], |
| [Path to kernel source directory [[/lib/modules/CURRENT/source]]]), |
| [ksourcedir="$withval"]) |
| AC_ARG_WITH([xtlibdir], |
| AS_HELP_STRING([--with-xtlibdir=PATH], |
| [Path where to install Xtables extensions [[LIBEXECDIR/xtables]]]), |
| [xtlibdir="$withval"], |
| [xtlibdir="${libdir}/xtables"]) |
| AC_ARG_ENABLE([ipv4], |
| AS_HELP_STRING([--disable-ipv4], [Do not build iptables]), |
| [enable_ipv4="$enableval"], [enable_ipv4="yes"]) |
| AC_ARG_ENABLE([ipv6], |
| AS_HELP_STRING([--disable-ipv6], [Do not build ip6tables]), |
| [enable_ipv6="$enableval"], [enable_ipv6="yes"]) |
| AC_ARG_ENABLE([largefile], |
| AS_HELP_STRING([--disable-largefile], [Do not build largefile support]), |
| [enable_largefile="$enableval"], |
| [enable_largefile="yes"]) |
| AS_IF([test "$enable_largefile" = "yes"], [largefile_cppflags='-D_LARGEFILE_SOURCE=1 -D_LARGE_FILES -D_FILE_OFFSET_BITS=64']) |
| |
| AC_ARG_ENABLE([devel], |
| AS_HELP_STRING([--enable-devel], |
| [Install Xtables development headers]), |
| [enable_devel="$enableval"], [enable_devel="yes"]) |
| AC_ARG_ENABLE([libipq], |
| AS_HELP_STRING([--enable-libipq], [Build and install libipq]), |
| [enable_libipq="$enableval"], [enable_libipq="no"]) |
| AC_ARG_ENABLE([bpf-compiler], |
| AS_HELP_STRING([--enable-bpf-compiler], [Build bpf compiler]), |
| [enable_bpfc="$enableval"], [enable_bpfc="no"]) |
| AC_ARG_ENABLE([nfsynproxy], |
| AS_HELP_STRING([--enable-nfsynproxy], [Build SYNPROXY configuration tool]), |
| [enable_nfsynproxy="$enableval"], [enable_nfsynproxy="no"]) |
| AC_ARG_WITH([pkgconfigdir], AS_HELP_STRING([--with-pkgconfigdir=PATH], |
| [Path to the pkgconfig directory [[LIBDIR/pkgconfig]]]), |
| [pkgconfigdir="$withval"], [pkgconfigdir='${libdir}/pkgconfig']) |
| AC_ARG_ENABLE([nftables], |
| AS_HELP_STRING([--disable-nftables], [Do not build nftables compat]), |
| [enable_nftables="$enableval"], [enable_nftables="yes"]) |
| AC_ARG_ENABLE([connlabel], |
| AS_HELP_STRING([--disable-connlabel], |
| [Do not build libnetfilter_conntrack]), |
| [enable_connlabel="$enableval"], [enable_connlabel="yes"]) |
| AC_ARG_WITH([xt-lock-name], AS_HELP_STRING([--with-xt-lock-name=PATH], |
| [Path to the xtables lock [[/run/xtables.lock]]]), |
| [xt_lock_name="$withval"], |
| [xt_lock_name="/run/xtables.lock"]) |
| |
| AC_MSG_CHECKING([whether $LD knows -Wl,--no-undefined]) |
| saved_LDFLAGS="$LDFLAGS"; |
| LDFLAGS="-Wl,--no-undefined"; |
| AC_LINK_IFELSE([AC_LANG_SOURCE([int main(void) {}])], |
| [noundef_LDFLAGS="$LDFLAGS"; AC_MSG_RESULT([yes])], |
| [AC_MSG_RESULT([no])] |
| ) |
| LDFLAGS="$saved_LDFLAGS"; |
| |
| blacklist_modules="" |
| blacklist_x_modules="" |
| blacklist_b_modules="" |
| blacklist_a_modules="" |
| blacklist_4_modules="" |
| blacklist_6_modules="" |
| |
| AC_CHECK_HEADERS([linux/dccp.h linux/ip_vs.h linux/magic.h linux/proc_fs.h linux/bpf.h]) |
| if test "$ac_cv_header_linux_dccp_h" != "yes"; then |
| blacklist_modules="$blacklist_modules dccp"; |
| fi; |
| if test "$ac_cv_header_linux_ip_vs_h" != "yes"; then |
| blacklist_modules="$blacklist_modules ipvs"; |
| fi; |
| |
| AC_CHECK_SIZEOF([struct ip6_hdr], [], [#include <netinet/ip6.h>]) |
| |
| AM_CONDITIONAL([ENABLE_STATIC], [test "$enable_static" = "yes"]) |
| AM_CONDITIONAL([ENABLE_SHARED], [test "$enable_shared" = "yes"]) |
| AM_CONDITIONAL([ENABLE_IPV4], [test "$enable_ipv4" = "yes"]) |
| AM_CONDITIONAL([ENABLE_IPV6], [test "$enable_ipv6" = "yes"]) |
| AM_CONDITIONAL([ENABLE_LARGEFILE], [test "$enable_largefile" = "yes"]) |
| AM_CONDITIONAL([ENABLE_DEVEL], [test "$enable_devel" = "yes"]) |
| AM_CONDITIONAL([ENABLE_LIBIPQ], [test "$enable_libipq" = "yes"]) |
| AM_CONDITIONAL([ENABLE_BPFC], [test "$enable_bpfc" = "yes"]) |
| AM_CONDITIONAL([ENABLE_SYNCONF], [test "$enable_nfsynproxy" = "yes"]) |
| AM_CONDITIONAL([ENABLE_NFTABLES], [test "$enable_nftables" = "yes"]) |
| AM_CONDITIONAL([ENABLE_CONNLABEL], [test "$enable_connlabel" = "yes"]) |
| |
| if test "x$enable_bpfc" = "xyes" || test "x$enable_nfsynproxy" = "xyes"; then |
| AC_CHECK_LIB(pcap, pcap_compile,, AC_MSG_ERROR(missing libpcap library required by bpf compiler or nfsynproxy tool)) |
| fi |
| |
| PKG_CHECK_MODULES([libnfnetlink], [libnfnetlink >= 1.0], |
| [nfnetlink=1], [nfnetlink=0]) |
| AM_CONDITIONAL([HAVE_LIBNFNETLINK], [test "$nfnetlink" = 1]) |
| |
| if test "x$enable_nftables" = "xyes"; then |
| PKG_CHECK_MODULES([libmnl], [libmnl >= 1.0], [mnl=1], [mnl=0]) |
| |
| if test "$mnl" = 0; |
| then |
| echo "*** Error: No suitable libmnl found. ***" |
| echo " Please install the 'libmnl' package" |
| echo " Or consider --disable-nftables to skip" |
| echo " iptables-compat over nftables support." |
| exit 1 |
| fi |
| |
| PKG_CHECK_MODULES([libnftnl], [libnftnl >= 1.1.3], [nftables=1], [nftables=0]) |
| |
| if test "$nftables" = 0; |
| then |
| echo "*** Error: no suitable libnftnl found. ***" |
| echo " Please install the 'libnftnl' package" |
| echo " Or consider --disable-nftables to skip" |
| echo " iptables-compat over nftables support." |
| exit 1 |
| fi |
| fi |
| |
| AM_CONDITIONAL([HAVE_LIBMNL], [test "$mnl" = 1]) |
| AM_CONDITIONAL([HAVE_LIBNFTNL], [test "$nftables" = 1]) |
| |
| if test "$nftables" != 1; then |
| blacklist_b_modules="$blacklist_b_modules limit mark nflog mangle" |
| blacklist_a_modules="$blacklist_a_modules mangle" |
| fi |
| |
| if test "x$enable_connlabel" = "xyes"; then |
| PKG_CHECK_MODULES([libnetfilter_conntrack], |
| [libnetfilter_conntrack >= 1.0.6], |
| [nfconntrack=1], [nfconntrack=0]) |
| |
| if test "$nfconntrack" -ne 1; then |
| blacklist_modules="$blacklist_modules connlabel"; |
| echo "WARNING: libnetfilter_conntrack not found, connlabel match will not be built"; |
| enable_connlabel="no"; |
| fi; |
| else |
| blacklist_modules="$blacklist_modules connlabel"; |
| fi; |
| |
| AM_CONDITIONAL([HAVE_LIBNETFILTER_CONNTRACK], [test "$nfconntrack" = 1]) |
| |
| AC_SUBST([blacklist_modules]) |
| AC_SUBST([blacklist_x_modules]) |
| AC_SUBST([blacklist_b_modules]) |
| AC_SUBST([blacklist_a_modules]) |
| AC_SUBST([blacklist_4_modules]) |
| AC_SUBST([blacklist_6_modules]) |
| |
| regular_CFLAGS="-Wall -Waggregate-return -Wmissing-declarations \ |
| -Wmissing-prototypes -Wredundant-decls -Wshadow -Wstrict-prototypes \ |
| -Wlogical-op \ |
| -Winline -pipe"; |
| regular_CPPFLAGS="${largefile_cppflags} -D_REENTRANT \ |
| -DXTABLES_LIBDIR=\\\"\${xtlibdir}\\\" -DXTABLES_INTERNAL"; |
| kinclude_CPPFLAGS=""; |
| if [[ -n "$kbuilddir" ]]; then |
| kinclude_CPPFLAGS="$kinclude_CPPFLAGS -I$kbuilddir/include/uapi -I$kbuilddir/include"; |
| fi; |
| if [[ -n "$ksourcedir" ]]; then |
| kinclude_CPPFLAGS="$kinclude_CPPFLAGS -I$ksourcedir/include/uapi -I$ksourcedir/include"; |
| fi; |
| pkgdatadir='${datadir}/xtables'; |
| |
| define([EXPAND_VARIABLE], |
| [$2=[$]$1 |
| if test $prefix = 'NONE'; then |
| prefix="/usr/local" |
| fi |
| while true; do |
| case "[$]$2" in |
| *\[$]* ) eval "$2=[$]$2" ;; |
| *) break ;; |
| esac |
| done |
| eval "$2=[$]$2" |
| ])dnl EXPAND_VARIABLE |
| |
| AC_SUBST([regular_CFLAGS]) |
| AC_SUBST([regular_CPPFLAGS]) |
| AC_SUBST([noundef_LDFLAGS]) |
| AC_SUBST([kinclude_CPPFLAGS]) |
| AC_SUBST([kbuilddir]) |
| AC_SUBST([ksourcedir]) |
| AC_SUBST([xtlibdir]) |
| AC_SUBST([pkgconfigdir]) |
| AC_SUBST([pkgdatadir]) |
| AC_SUBST([libxtables_vcurrent]) |
| AC_SUBST([libxtables_vage]) |
| libxtables_vmajor=$(($libxtables_vcurrent - $libxtables_vage)); |
| AC_SUBST([libxtables_vmajor]) |
| |
| AC_DEFINE_UNQUOTED([XT_LOCK_NAME], "${xt_lock_name}", |
| [Location of the iptables lock file]) |
| |
| AC_CONFIG_FILES([Makefile extensions/GNUmakefile include/Makefile |
| iptables/Makefile iptables/xtables.pc |
| iptables/iptables.8 iptables/iptables-extensions.8.tmpl |
| iptables/iptables-save.8 iptables/iptables-restore.8 |
| iptables/iptables-apply.8 iptables/iptables-xml.1 |
| libipq/Makefile libipq/libipq.pc |
| libiptc/Makefile libiptc/libiptc.pc |
| libiptc/libip4tc.pc libiptc/libip6tc.pc |
| libxtables/Makefile utils/Makefile |
| include/xtables-version.h |
| iptables/xtables-monitor.8 |
| utils/nfnl_osf.8 |
| utils/nfbpf_compile.8]) |
| AC_OUTPUT |
| |
| |
| EXPAND_VARIABLE(xtlibdir, e_xtlibdir) |
| EXPAND_VARIABLE(pkgconfigdir, e_pkgconfigdir) |
| |
| echo " |
| Iptables Configuration: |
| IPv4 support: ${enable_ipv4} |
| IPv6 support: ${enable_ipv6} |
| Devel support: ${enable_devel} |
| IPQ support: ${enable_libipq} |
| Large file support: ${enable_largefile} |
| BPF utils support: ${enable_bpfc} |
| nfsynproxy util support: ${enable_nfsynproxy} |
| nftables support: ${enable_nftables} |
| connlabel support: ${enable_connlabel} |
| |
| Build parameters: |
| Put plugins into executable (static): ${enable_static} |
| Support plugins via dlopen (shared): ${enable_shared} |
| Installation prefix (--prefix): ${prefix} |
| Xtables extension directory: ${e_xtlibdir} |
| Pkg-config directory: ${e_pkgconfigdir} |
| Xtables lock file: ${xt_lock_name}" |
| |
| if [[ -n "$ksourcedir" ]]; then |
| echo " Kernel source directory: ${ksourcedir}" |
| fi; |
| if [[ -n "$kbuilddir" ]]; then |
| echo " Kernel build directory: ${kbuilddir}" |
| fi; |
| |
| echo " Host: ${host} |
| GCC binary: ${CC}" |
| |
| test x"$blacklist_modules" = "x" || echo " |
| Iptables modules that will not be built: $blacklist_modules" |