1Installation instructions for iptables 2====================================== 3 4iptables uses the well-known configure(autotools) infrastructure. 5 6 $ ./configure 7 $ make 8 # make install 9 10 11Prerequisites 12============= 13 14 * no kernel-source required 15 16 * but obviously a compiler, glibc-devel and linux-kernel-headers 17 (/usr/include/linux) 18 19 20Configuring and compiling 21========================= 22 23./configure [options] 24 25--prefix= 26 27 The prefix to put all installed files under. It defaults to 28 /usr/local, so the binaries will go into /usr/local/bin, sbin, 29 manpages into /usr/local/share/man, etc. 30 31--with-xtlibdir= 32 33 The path to where Xtables extensions should be installed to. It 34 defaults to ${prefix}/libexec/xtables. 35 36--enable-devel (or --disable-devel) 37 38 This option causes development files to be installed to 39 ${includedir}, which is needed for building additional packages, 40 such as Xtables-addons or other 3rd-party extensions. 41 42 It is enabled by default. 43 44--enable-static 45 46 Produce additional binaries, iptables-static/ip6tables-static, 47 which have all shipped extensions compiled in. 48 49--disable-shared 50 51 Produce binaries that have dynamic loading of extensions disabled. 52 This implies --enable-static. 53 (See some details below.) 54 55--enable-libipq 56 57 This option causes libipq to be installed into ${libdir} and 58 ${includedir}. 59 60--with-ksource= 61 62 Xtables does not depend on kernel headers anymore, but you can 63 optionally specify a search path to include anyway. This is 64 probably only useful for development. 65 66If you want to enable debugging, use 67 68 ./configure CFLAGS="-ggdb3 -O0" 69 70(-O0 is used to turn off instruction reordering, which makes debugging 71much easier.) 72 73 74Other notes 75=========== 76 77The make process will automatically build multipurpose binaries. 78These have the core (iptables), -save, -restore and -xml code 79compiled into one binary, but extensions remain as modules. 80 81 82Static and shared 83================= 84 85Basically there are three configuration modes defined: 86 87 --disable-static --enable-shared (this is the default) 88 89 Build a binary that relies upon dynamic loading of extensions. 90 91 --enable-static --enable-shared 92 93 Build a binary that has the shipped extensions built-in, but 94 is still capable of loading additional extensions. 95 96 --enable-static --disable-shared 97 98 Shipped extensions are built-in, and dynamic loading is 99 deactivated. 100