1 2AC_INIT([iptables], [1.6.1]) 3 4# See libtool.info "Libtool's versioning system" 5libxtables_vcurrent=12 6libxtables_vage=0 7 8AC_CONFIG_AUX_DIR([build-aux]) 9AC_CONFIG_HEADERS([config.h]) 10AC_CONFIG_MACRO_DIR([m4]) 11AC_PROG_INSTALL 12AM_INIT_AUTOMAKE([-Wall]) 13AC_PROG_CC 14AM_PROG_CC_C_O 15AC_DISABLE_STATIC 16m4_ifdef([AM_PROG_AR], [AM_PROG_AR]) 17AM_PROG_LIBTOOL 18 19AC_ARG_WITH([kernel], 20 AS_HELP_STRING([--with-kernel=PATH], 21 [Path to kernel source/build directory]), 22 [kbuilddir="$withval"; ksourcedir="$withval";]) 23AC_ARG_WITH([kbuild], 24 AS_HELP_STRING([--with-kbuild=PATH], 25 [Path to kernel build directory [[/lib/modules/CURRENT/build]]]), 26 [kbuilddir="$withval"]) 27AC_ARG_WITH([ksource], 28 AS_HELP_STRING([--with-ksource=PATH], 29 [Path to kernel source directory [[/lib/modules/CURRENT/source]]]), 30 [ksourcedir="$withval"]) 31AC_ARG_WITH([xtlibdir], 32 AS_HELP_STRING([--with-xtlibdir=PATH], 33 [Path where to install Xtables extensions [[LIBEXECDIR/xtables]]]), 34 [xtlibdir="$withval"], 35 [xtlibdir="${libdir}/xtables"]) 36AC_ARG_ENABLE([ipv4], 37 AS_HELP_STRING([--disable-ipv4], [Do not build iptables]), 38 [enable_ipv4="$enableval"], [enable_ipv4="yes"]) 39AC_ARG_ENABLE([ipv6], 40 AS_HELP_STRING([--disable-ipv6], [Do not build ip6tables]), 41 [enable_ipv6="$enableval"], [enable_ipv6="yes"]) 42AC_ARG_ENABLE([largefile], 43 AS_HELP_STRING([--disable-largefile], [Do not build largefile support]), 44 [enable_largefile="$enableval"], 45 [enable_largefile="yes"; 46 largefile_cppflags='-D_LARGEFILE_SOURCE=1 -D_LARGE_FILES -D_FILE_OFFSET_BITS=64']) 47AC_ARG_ENABLE([devel], 48 AS_HELP_STRING([--enable-devel], 49 [Install Xtables development headers]), 50 [enable_devel="$enableval"], [enable_devel="yes"]) 51AC_ARG_ENABLE([libipq], 52 AS_HELP_STRING([--enable-libipq], [Build and install libipq]), 53 [enable_libipq="$enableval"], [enable_libipq="no"]) 54AC_ARG_ENABLE([bpf-compiler], 55 AS_HELP_STRING([--enable-bpf-compiler], [Build bpf compiler]), 56 [enable_bpfc="$enableval"], [enable_bpfc="no"]) 57AC_ARG_ENABLE([nfsynproxy], 58 AS_HELP_STRING([--enable-nfsynproxy], [Build SYNPROXY configuration tool]), 59 [enable_nfsynproxy="$enableval"], [enable_nfsynproxy="no"]) 60AC_ARG_WITH([pkgconfigdir], AS_HELP_STRING([--with-pkgconfigdir=PATH], 61 [Path to the pkgconfig directory [[LIBDIR/pkgconfig]]]), 62 [pkgconfigdir="$withval"], [pkgconfigdir='${libdir}/pkgconfig']) 63AC_ARG_ENABLE([nftables], 64 AS_HELP_STRING([--disable-nftables], [Do not build nftables compat]), 65 [enable_nftables="$enableval"], [enable_nftables="yes"]) 66AC_ARG_ENABLE([connlabel], 67 AS_HELP_STRING([--disable-connlabel], 68 [Do not build libnetfilter_conntrack]), 69 [enable_connlabel="$enableval"], [enable_connlabel="yes"]) 70AC_ARG_WITH([xt-lock-name], AS_HELP_STRING([--with-xt-lock-name=PATH], 71 [Path to the xtables lock [[/run/xtables.lock]]]), 72 [xt_lock_name="$withval"], 73 [xt_lock_name="/run/xtables.lock"]) 74 75libiptc_LDFLAGS2=""; 76AX_CHECK_LINKER_FLAGS([-Wl,--no-as-needed], 77 [libiptc_LDFLAGS2="-Wl,--no-as-needed"]) 78AC_SUBST([libiptc_LDFLAGS2]) 79 80AC_MSG_CHECKING([whether $LD knows -Wl,--no-undefined]) 81saved_LDFLAGS="$LDFLAGS"; 82LDFLAGS="-Wl,--no-undefined"; 83AC_LINK_IFELSE([AC_LANG_SOURCE([int main(void) {}])], 84 [noundef_LDFLAGS="$LDFLAGS"; AC_MSG_RESULT([yes])], 85 [AC_MSG_RESULT([no])] 86) 87LDFLAGS="$saved_LDFLAGS"; 88 89blacklist_modules="" 90blacklist_x_modules="" 91blacklist_b_modules="" 92blacklist_a_modules="" 93blacklist_4_modules="" 94blacklist_6_modules="" 95 96AC_CHECK_HEADERS([linux/dccp.h linux/ip_vs.h linux/magic.h linux/proc_fs.h linux/bpf.h]) 97if test "$ac_cv_header_linux_dccp_h" != "yes"; then 98 blacklist_modules="$blacklist_modules dccp"; 99fi; 100if test "$ac_cv_header_linux_ip_vs_h" != "yes"; then 101 blacklist_modules="$blacklist_modules ipvs"; 102fi; 103 104AC_CHECK_SIZEOF([struct ip6_hdr], [], [#include <netinet/ip6.h>]) 105 106AM_CONDITIONAL([ENABLE_STATIC], [test "$enable_static" = "yes"]) 107AM_CONDITIONAL([ENABLE_SHARED], [test "$enable_shared" = "yes"]) 108AM_CONDITIONAL([ENABLE_IPV4], [test "$enable_ipv4" = "yes"]) 109AM_CONDITIONAL([ENABLE_IPV6], [test "$enable_ipv6" = "yes"]) 110AM_CONDITIONAL([ENABLE_LARGEFILE], [test "$enable_largefile" = "yes"]) 111AM_CONDITIONAL([ENABLE_DEVEL], [test "$enable_devel" = "yes"]) 112AM_CONDITIONAL([ENABLE_LIBIPQ], [test "$enable_libipq" = "yes"]) 113AM_CONDITIONAL([ENABLE_BPFC], [test "$enable_bpfc" = "yes"]) 114AM_CONDITIONAL([ENABLE_SYNCONF], [test "$enable_nfsynproxy" = "yes"]) 115AM_CONDITIONAL([ENABLE_NFTABLES], [test "$enable_nftables" = "yes"]) 116AM_CONDITIONAL([ENABLE_CONNLABEL], [test "$enable_connlabel" = "yes"]) 117 118if test "x$enable_bpfc" = "xyes" || test "x$enable_nfsynproxy" = "xyes"; then 119 AC_CHECK_LIB(pcap, pcap_compile,, AC_MSG_ERROR(missing libpcap library required by bpf compiler or nfsynproxy tool)) 120fi 121 122PKG_CHECK_MODULES([libnfnetlink], [libnfnetlink >= 1.0], 123 [nfnetlink=1], [nfnetlink=0]) 124AM_CONDITIONAL([HAVE_LIBNFNETLINK], [test "$nfnetlink" = 1]) 125 126if test "x$enable_nftables" = "xyes"; then 127 PKG_CHECK_MODULES([libmnl], [libmnl >= 1.0], [mnl=1], [mnl=0]) 128 129 if test "$mnl" = 0; 130 then 131 echo "*** Error: No suitable libmnl found. ***" 132 echo " Please install the 'libmnl' package" 133 echo " Or consider --disable-nftables to skip" 134 echo " iptables-compat over nftables support." 135 exit 1 136 fi 137 138 PKG_CHECK_MODULES([libnftnl], [libnftnl >= 1.0.5], [nftables=1], [nftables=0]) 139 140 if test "$nftables" = 0; 141 then 142 echo "*** Error: no suitable libnftnl found. ***" 143 echo " Please install the 'libnftnl' package" 144 echo " Or consider --disable-nftables to skip" 145 echo " iptables-compat over nftables support." 146 exit 1 147 fi 148 149 AM_PROG_LEX 150 AC_PROG_YACC 151 152 if test -z "$ac_cv_prog_YACC" 153 then 154 echo "*** Error: No suitable bison/yacc found. ***" 155 echo " Please install the 'bison' package." 156 exit 1 157 fi 158 if test -z "$ac_cv_prog_LEX" 159 then 160 echo "*** Error: No suitable flex/lex found. ***" 161 echo " Please install the 'flex' package." 162 exit 1 163 fi 164fi 165 166AM_CONDITIONAL([HAVE_LIBMNL], [test "$mnl" = 1]) 167AM_CONDITIONAL([HAVE_LIBNFTNL], [test "$nftables" = 1]) 168 169if test "$nftables" != 1; then 170 blacklist_b_modules="$blacklist_b_modules limit mark nflog mangle" 171 blacklist_a_modules="$blacklist_a_modules mangle" 172fi 173 174if test "x$enable_connlabel" = "xyes"; then 175 PKG_CHECK_MODULES([libnetfilter_conntrack], 176 [libnetfilter_conntrack >= 1.0.6], 177 [nfconntrack=1], [nfconntrack=0]) 178 179 if test "$nfconntrack" -ne 1; then 180 blacklist_modules="$blacklist_modules connlabel"; 181 echo "WARNING: libnetfilter_conntrack not found, connlabel match will not be built"; 182 enable_connlabel="no"; 183 fi; 184else 185 blacklist_modules="$blacklist_modules connlabel"; 186fi; 187 188AM_CONDITIONAL([HAVE_LIBNETFILTER_CONNTRACK], [test "$nfconntrack" = 1]) 189 190AC_SUBST([blacklist_modules]) 191AC_SUBST([blacklist_x_modules]) 192AC_SUBST([blacklist_b_modules]) 193AC_SUBST([blacklist_a_modules]) 194AC_SUBST([blacklist_4_modules]) 195AC_SUBST([blacklist_6_modules]) 196 197regular_CFLAGS="-Wall -Waggregate-return -Wmissing-declarations \ 198 -Wmissing-prototypes -Wredundant-decls -Wshadow -Wstrict-prototypes \ 199 -Winline -pipe"; 200regular_CPPFLAGS="${largefile_cppflags} -D_REENTRANT \ 201 -DXTABLES_LIBDIR=\\\"\${xtlibdir}\\\" -DXTABLES_INTERNAL"; 202kinclude_CPPFLAGS=""; 203if [[ -n "$kbuilddir" ]]; then 204 kinclude_CPPFLAGS="$kinclude_CPPFLAGS -I$kbuilddir/include/uapi -I$kbuilddir/include"; 205fi; 206if [[ -n "$ksourcedir" ]]; then 207 kinclude_CPPFLAGS="$kinclude_CPPFLAGS -I$ksourcedir/include/uapi -I$ksourcedir/include"; 208fi; 209pkgdatadir='${datadir}/xtables'; 210 211define([EXPAND_VARIABLE], 212[$2=[$]$1 213if test $prefix = 'NONE'; then 214 prefix="/usr/local" 215fi 216while true; do 217 case "[$]$2" in 218 *\[$]* ) eval "$2=[$]$2" ;; 219 *) break ;; 220 esac 221done 222eval "$2=[$]$2" 223])dnl EXPAND_VARIABLE 224 225AC_SUBST([regular_CFLAGS]) 226AC_SUBST([regular_CPPFLAGS]) 227AC_SUBST([noundef_LDFLAGS]) 228AC_SUBST([kinclude_CPPFLAGS]) 229AC_SUBST([kbuilddir]) 230AC_SUBST([ksourcedir]) 231AC_SUBST([xtlibdir]) 232AC_SUBST([pkgconfigdir]) 233AC_SUBST([pkgdatadir]) 234AC_SUBST([libxtables_vcurrent]) 235AC_SUBST([libxtables_vage]) 236libxtables_vmajor=$(($libxtables_vcurrent - $libxtables_vage)); 237AC_SUBST([libxtables_vmajor]) 238 239AC_DEFINE_UNQUOTED([XT_LOCK_NAME], "${xt_lock_name}", 240 [Location of the iptables lock file]) 241 242AC_CONFIG_FILES([Makefile extensions/GNUmakefile include/Makefile 243 iptables/Makefile iptables/xtables.pc 244 iptables/iptables.8 iptables/iptables-extensions.8.tmpl 245 iptables/iptables-save.8 iptables/iptables-restore.8 246 iptables/iptables-apply.8 iptables/iptables-xml.1 247 libipq/Makefile libipq/libipq.pc 248 libiptc/Makefile libiptc/libiptc.pc 249 libiptc/libip4tc.pc libiptc/libip6tc.pc 250 libxtables/Makefile utils/Makefile 251 include/xtables-version.h include/iptables/internal.h]) 252AC_OUTPUT 253 254 255EXPAND_VARIABLE(xtlibdir, e_xtlibdir) 256EXPAND_VARIABLE(pkgconfigdir, e_pkgconfigdir) 257 258echo " 259Iptables Configuration: 260 IPv4 support: ${enable_ipv4} 261 IPv6 support: ${enable_ipv6} 262 Devel support: ${enable_devel} 263 IPQ support: ${enable_libipq} 264 Large file support: ${enable_largefile} 265 BPF utils support: ${enable_bpfc} 266 nfsynproxy util support: ${enable_nfsynproxy} 267 nftables support: ${enable_nftables} 268 connlabel support: ${enable_connlabel} 269 270Build parameters: 271 Put plugins into executable (static): ${enable_static} 272 Support plugins via dlopen (shared): ${enable_shared} 273 Installation prefix (--prefix): ${prefix} 274 Xtables extension directory: ${e_xtlibdir} 275 Pkg-config directory: ${e_pkgconfigdir} 276 Xtables lock file: ${xt_lock_name}" 277 278if [[ -n "$ksourcedir" ]]; then 279 echo " Kernel source directory: ${ksourcedir}" 280fi; 281if [[ -n "$kbuilddir" ]]; then 282 echo " Kernel build directory: ${kbuilddir}" 283fi; 284 285echo " Host: ${host} 286 GCC binary: ${CC}" 287 288test x"$blacklist_modules" = "x" || echo " 289Iptables modules that will not be built: $blacklist_modules" 290