1Installation instructions for iptables 2====================================== 3 4iptables uses the well-known configure(autotools) infrastructure. 5 6 $ ./configure 7 $ make 8 # make install 9 10 11Prerequisites 12============= 13 14 * no kernel-source required 15 16 * but obviously a compiler, glibc-devel and linux-kernel-headers 17 (/usr/include/linux) 18 19 20Configuring and compiling 21========================= 22 23./configure [options] 24 25--prefix= 26 27 The prefix to put all installed files under. It defaults to 28 /usr/local, so the binaries will go into /usr/local/bin, sbin, 29 manpages into /usr/local/share/man, etc. 30 31--with-xtlibdir= 32 33 The path to where Xtables extensions should be installed to. It 34 defaults to ${libdir}/xtables. 35 36--enable-devel (or --disable-devel) 37 38 This option causes development files to be installed to 39 ${includedir}, which is needed for building additional packages, 40 such as Xtables-addons or other 3rd-party extensions. 41 42 It is enabled by default. 43 44--enable-static 45 46 Produce additional binaries, iptables-static/ip6tables-static, 47 which have all shipped extensions compiled in. 48 49--disable-shared 50 51 Produce binaries that have dynamic loading of extensions disabled. 52 This implies --enable-static. 53 (See some details below.) 54 55--enable-libipq 56 57 This option causes libipq to be installed into ${libdir} and 58 ${includedir}. 59 60--with-ksource= 61 62 Xtables does not depend on kernel headers anymore, but you can 63 optionally specify a search path to include anyway. This is 64 probably only useful for development. 65 66If you want to enable debugging, use 67 68 ./configure CFLAGS="-ggdb3 -O0" 69 70(-O0 is used to turn off instruction reordering, which makes debugging 71much easier.) 72 73To show debug traces you can add -DDEBUG to CFLAGS option 74 75 76Other notes 77=========== 78 79The make process will automatically build multipurpose binaries. 80These have the core (iptables), -save, -restore and -xml code 81compiled into one binary, but extensions remain as modules. 82 83 84Static and shared 85================= 86 87Basically there are three configuration modes defined: 88 89 --disable-static --enable-shared (this is the default) 90 91 Build a binary that relies upon dynamic loading of extensions. 92 93 --enable-static --enable-shared 94 95 Build a binary that has the shipped extensions built-in, but 96 is still capable of loading additional extensions. 97 98 --enable-static --disable-shared 99 100 Shipped extensions are built-in, and dynamic loading is 101 deactivated. 102