1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
|
Installation instructions for Xtables-addons
============================================
Xtables-addons uses the well-known configure(autotools) infrastructure
in combination with the kernel's Kbuild system.
$ ./configure
$ make
# make install
Supported configurations for this release
=========================================
* iptables >= 1.6.0
* kernel-devel >= 4.15
with prepared build/output directory
- CONFIG_NF_CONNTRACK
- CONFIG_NF_CONNTRACK_MARK enabled =y or as module (=m)
- CONFIG_CONNECTOR y/m if you wish to receive userspace
notifications from pknock through netlink/connector
(Use xtables-addons-1.x if you need support for Linux < 3.7.
Use xtables-addons-2.x if you need support for Linux < 4.15.)
Selecting extensions
====================
You can edit the "mconfig" file to select what modules to build and
install. By default, all modules are enabled.
Configuring and compiling
=========================
./configure [options]
--without-kbuild
Deactivate building kernel modules, and just do userspace parts.
--with-kbuild=
Specifies the path to the kernel build output directory. We need
it for building the kernel extensions. It defaults to
/lib/modules/$(running version)/build, which usually points to
the right directory. (If not, you need to install something.)
For RPM building, it should be /usr/src/linux-obj/...
or whatever location the distro makes use of.
--with-xtlibdir=
Specifies the path to where the newly built extensions should
be installed when `make install` is run. The default is to
use the same path that Xtables/iptables modules use, as
determined by `pkg-config xtables --variable xtlibdir`.
Thus, this option normally does NOT need to be specified
anymore, even if your distribution put modules in a strange
location.
If you want to enable debugging, use
./configure CFLAGS="-ggdb3 -O0"
(-O0 is used to turn off instruction reordering, which makes debugging
much easier.)
To make use of a libxtables that is not in the default path, either
a) append the location of the pkg-config files like:
PKG_CONFIG_PATH=/usr/local/lib/pkgconfig
(Assuming that files have been installed)
or,
b) override the pkg-config variables, for example:
./configure libxtables_CFLAGS="-I../iptables/include" \
libxtables_LIBS="-L../iptables/.libs \
-Wl,-rpath,../iptables/.libs -lxtables"
(Use this in case you wish to use it without having to
run `make install`. This is because the libxtables.pc pkgconfig
file in ../iptables would already point to e.g. /usr/local.)
Build-time options
==================
V= controls the verbosity of make commands.
V=0 "silent" (output filename)
V=1 "verbose" (entire gcc command line)
Note to distribution packagers
==============================
Except for --with-kbuild, distributions should not have a need to
supply any other flags (besides --prefix=/usr and perhaps
--libdir=/usr/lib64, etc.) to configure when all prerequired packages
are installed. If iptables-devel is installed, necessary headers should
already be in /usr/include, so that overriding PKG_CONFIG_PATH,
libxtables_CFLAGS and libxtables_LIBS variables should not be needed.
|