diff options
Diffstat (limited to 'INSTALL')
| -rw-r--r-- | INSTALL | 99 |
1 files changed, 99 insertions, 0 deletions
@@ -0,0 +1,99 @@ +Installation instructions for iptables +====================================== + +iptables uses the well-known configure(autotools) infrastructure. + + $ ./configure + $ make + # make install + + +Prerequisites +============= + + * no kernel-source required + + * but obviously a compiler, glibc-devel and linux-kernel-headers + (/usr/include/linux) + + +Configuring and compiling +========================= + +./configure [options] + +--prefix= + + The prefix to put all installed files under. It defaults to + /usr/local, so the binaries will go into /usr/local/bin, sbin, + manpages into /usr/local/share/man, etc. + +--with-xtlibdir= + + The path to where Xtables extensions should be installed to. It + defaults to ${prefix}/libexec/xtables. + +--enable-devel (or --disable-devel) + + This option causes development files to be installed to + ${includedir}, which is needed for building additional packages, + such as Xtables-addons or other 3rd-party extensions. + + It is enabled by default. + +--enable-static + + Produce additional binaries, iptables-static/ip6tables-static, + which have all shipped extensions compiled in. + +--disable-shared + + Produce binaries that have dynamic loading of extensions disabled. + This implies --enable-static. + (See some details below.) + +--enable-libipq + + This option causes libipq to be installed into ${libdir} and + ${includedir}. + +--with-ksource= + + Xtables does not depend on kernel headers anymore, but you can + optionally specify a search path to include anyway. This is + probably only useful for development. + +If you want to enable debugging, use + + ./configure CFLAGS="-ggdb3 -O0" + +(-O0 is used to turn off instruction reordering, which makes debugging +much easier.) + + +Other notes +=========== + +The make process will automatically build multipurpose binaries. +These have the core (iptables), -save, -restore and -xml code +compiled into one binary, but extensions remain as modules. + + +Static and shared +================= + +Basically there are three configuration modes defined: + + --disable-static --enable-shared (this is the default) + + Build a binary that relies upon dynamic loading of extensions. + + --enable-static --enable-shared + + Build a binary that has the shipped extensions built-in, but + is still capable of loading additional extensions. + + --enable-static --disable-shared + + Shipped extensions are built-in, and dynamic loading is + deactivated. |