INSTALL - platform/external/iptables - Gitiles

 Installation instructions for iptables
 ======================================

 iptables uses the well-known configure(autotools) infrastructure.

 	$ ./configure
 	$ make
 	# make install


 Prerequisites
 =============

 	* no kernel-source required

 	* but obviously a compiler, glibc-devel and linux-kernel-headers
 	  (/usr/include/linux)


 Configuring and compiling
 =========================

 ./configure [options]

 --prefix=

 	The prefix to put all installed files under. It defaults to
 	/usr/local, so the binaries will go into /usr/local/bin, sbin,
 	manpages into /usr/local/share/man, etc.

 --with-xtlibdir=

 	The path to where Xtables extensions should be installed to. It
 	defaults to ${libdir}/xtables.

 --enable-devel (or --disable-devel)

 	This option causes development files to be installed to
 	${includedir}, which is needed for building additional packages,
 	such as Xtables-addons or other 3rd-party extensions.

 	It is enabled by default.

 --enable-static

 	Produce additional binaries, iptables-static/ip6tables-static,
 	which have all shipped extensions compiled in.

 --disable-shared

 	Produce binaries that have dynamic loading of extensions disabled.
 	This implies --enable-static.
 	(See some details below.)

 --enable-libipq

 	This option causes libipq to be installed into ${libdir} and
 	${includedir}.

 --with-ksource=

 	Xtables does not depend on kernel headers anymore, but you can
 	optionally specify a search path to include anyway. This is
 	probably only useful for development.

 If you want to enable debugging, use

 	./configure CFLAGS="-ggdb3 -O0"

 (-O0 is used to turn off instruction reordering, which makes debugging
 much easier.)

 To show debug traces you can add -DDEBUG to CFLAGS option


 Other notes
 ===========

 The make process will automatically build multipurpose binaries.
 These have the core (iptables), -save, -restore and -xml code
 compiled into one binary, but extensions remain as modules.


 Static and shared
 =================

 Basically there are three configuration modes defined:

  --disable-static --enable-shared (this is the default)

 	Build a binary that relies upon dynamic loading of extensions.

  --enable-static --enable-shared

 	Build a binary that has the shipped extensions built-in, but
 	is still capable of loading additional extensions.

  --enable-static --disable-shared

 	Shipped extensions are built-in, and dynamic loading is
 	deactivated.
	Installation instructions for iptables
	======================================

	iptables uses the well-known configure(autotools) infrastructure.

	$ ./configure
	$ make
	# make install


	Prerequisites
	=============

	* no kernel-source required

	* but obviously a compiler, glibc-devel and linux-kernel-headers
	(/usr/include/linux)


	Configuring and compiling
	=========================

	./configure [options]

	--prefix=

	The prefix to put all installed files under. It defaults to
	/usr/local, so the binaries will go into /usr/local/bin, sbin,
	manpages into /usr/local/share/man, etc.

	--with-xtlibdir=

	The path to where Xtables extensions should be installed to. It
	defaults to ${libdir}/xtables.

	--enable-devel (or --disable-devel)

	This option causes development files to be installed to
	${includedir}, which is needed for building additional packages,
	such as Xtables-addons or other 3rd-party extensions.

	It is enabled by default.

	--enable-static

	Produce additional binaries, iptables-static/ip6tables-static,
	which have all shipped extensions compiled in.

	--disable-shared

	Produce binaries that have dynamic loading of extensions disabled.
	This implies --enable-static.
	(See some details below.)

	--enable-libipq

	This option causes libipq to be installed into ${libdir} and
	${includedir}.

	--with-ksource=

	Xtables does not depend on kernel headers anymore, but you can
	optionally specify a search path to include anyway. This is
	probably only useful for development.

	If you want to enable debugging, use

	./configure CFLAGS="-ggdb3 -O0"

	(-O0 is used to turn off instruction reordering, which makes debugging
	much easier.)

	To show debug traces you can add -DDEBUG to CFLAGS option


	Other notes
	===========

	The make process will automatically build multipurpose binaries.
	These have the core (iptables), -save, -restore and -xml code
	compiled into one binary, but extensions remain as modules.


	Static and shared
	=================

	Basically there are three configuration modes defined:

	--disable-static --enable-shared (this is the default)

	Build a binary that relies upon dynamic loading of extensions.

	--enable-static --enable-shared

	Build a binary that has the shipped extensions built-in, but
	is still capable of loading additional extensions.

	--enable-static --disable-shared

	Shipped extensions are built-in, and dynamic loading is
	deactivated.