configure.ac

   1
   2 AC_INIT([iptables], [1.6.1])
   3
   4 # See libtool.info "Libtool's versioning system"
   5 libxtables_vcurrent=12
   6 libxtables_vage=0
   7
   8 AC_CONFIG_AUX_DIR([build-aux])
   9 AC_CONFIG_HEADERS([config.h])
  10 AC_CONFIG_MACRO_DIR([m4])
  11 AC_PROG_INSTALL
  12 AM_INIT_AUTOMAKE([-Wall])
  13 AC_PROG_CC
  14 AM_PROG_CC_C_O
  15 AC_DISABLE_STATIC
  16 m4_ifdef([AM_PROG_AR], [AM_PROG_AR])
  17 AM_PROG_LIBTOOL
  18
  19 AC_ARG_WITH([kernel],
  20         AS_HELP_STRING([--with-kernel=PATH],
  21         [Path to kernel source/build directory]),
  22         [kbuilddir="$withval"; ksourcedir="$withval";])
  23 AC_ARG_WITH([kbuild],
  24         AS_HELP_STRING([--with-kbuild=PATH],
  25         [Path to kernel build directory [[/lib/modules/CURRENT/build]]]),
  26         [kbuilddir="$withval"])
  27 AC_ARG_WITH([ksource],
  28         AS_HELP_STRING([--with-ksource=PATH],
  29         [Path to kernel source directory [[/lib/modules/CURRENT/source]]]),
  30         [ksourcedir="$withval"])
  31 AC_ARG_WITH([xtlibdir],
  32         AS_HELP_STRING([--with-xtlibdir=PATH],
  33         [Path where to install Xtables extensions [[LIBEXECDIR/xtables]]]),
  34         [xtlibdir="$withval"],
  35         [xtlibdir="${libdir}/xtables"])
  36 AC_ARG_ENABLE([ipv4],
  37         AS_HELP_STRING([--disable-ipv4], [Do not build iptables]),
  38         [enable_ipv4="$enableval"], [enable_ipv4="yes"])
  39 AC_ARG_ENABLE([ipv6],
  40         AS_HELP_STRING([--disable-ipv6], [Do not build ip6tables]),
  41         [enable_ipv6="$enableval"], [enable_ipv6="yes"])
  42 AC_ARG_ENABLE([largefile],
  43         AS_HELP_STRING([--disable-largefile], [Do not build largefile support]),
  44         [enable_largefile="$enableval"],
  45         [enable_largefile="yes";
  46         largefile_cppflags='-D_LARGEFILE_SOURCE=1 -D_LARGE_FILES -D_FILE_OFFSET_BITS=64'])
  47 AC_ARG_ENABLE([devel],
  48         AS_HELP_STRING([--enable-devel],
  49         [Install Xtables development headers]),
  50         [enable_devel="$enableval"], [enable_devel="yes"])
  51 AC_ARG_ENABLE([libipq],
  52         AS_HELP_STRING([--enable-libipq], [Build and install libipq]),
  53         [enable_libipq="$enableval"], [enable_libipq="no"])
  54 AC_ARG_ENABLE([bpf-compiler],
  55         AS_HELP_STRING([--enable-bpf-compiler], [Build bpf compiler]),
  56         [enable_bpfc="$enableval"], [enable_bpfc="no"])
  57 AC_ARG_ENABLE([nfsynproxy],
  58         AS_HELP_STRING([--enable-nfsynproxy], [Build SYNPROXY configuration tool]),
  59         [enable_nfsynproxy="$enableval"], [enable_nfsynproxy="no"])
  60 AC_ARG_WITH([pkgconfigdir], AS_HELP_STRING([--with-pkgconfigdir=PATH],
  61         [Path to the pkgconfig directory [[LIBDIR/pkgconfig]]]),
  62         [pkgconfigdir="$withval"], [pkgconfigdir='${libdir}/pkgconfig'])
  63 AC_ARG_ENABLE([nftables],
  64         AS_HELP_STRING([--disable-nftables], [Do not build nftables compat]),
  65         [enable_nftables="$enableval"], [enable_nftables="yes"])
  66 AC_ARG_ENABLE([connlabel],
  67         AS_HELP_STRING([--disable-connlabel],
  68         [Do not build libnetfilter_conntrack]),
  69         [enable_connlabel="$enableval"], [enable_connlabel="yes"])
  70
  71 libiptc_LDFLAGS2="";
  72 AX_CHECK_LINKER_FLAGS([-Wl,--no-as-needed],
  73         [libiptc_LDFLAGS2="-Wl,--no-as-needed"])
  74 AC_SUBST([libiptc_LDFLAGS2])
  75
  76 AC_MSG_CHECKING([whether $LD knows -Wl,--no-undefined])
  77 saved_LDFLAGS="$LDFLAGS";
  78 LDFLAGS="-Wl,--no-undefined";
  79 AC_LINK_IFELSE([AC_LANG_SOURCE([int main(void) {}])],
  80         [noundef_LDFLAGS="$LDFLAGS"; AC_MSG_RESULT([yes])],
  81         [AC_MSG_RESULT([no])]
  82 )
  83 LDFLAGS="$saved_LDFLAGS";
  84
  85 blacklist_modules=""
  86 blacklist_x_modules=""
  87 blacklist_b_modules=""
  88 blacklist_a_modules=""
  89 blacklist_4_modules=""
  90 blacklist_6_modules=""
  91
  92 AC_CHECK_HEADERS([linux/dccp.h linux/ip_vs.h linux/magic.h linux/proc_fs.h linux/bpf.h])
  93 if test "$ac_cv_header_linux_dccp_h" != "yes"; then
  94         blacklist_modules="$blacklist_modules dccp";
  95 fi;
  96 if test "$ac_cv_header_linux_ip_vs_h" != "yes"; then
  97         blacklist_modules="$blacklist_modules ipvs";
  98 fi;
  99
 100 AC_CHECK_SIZEOF([struct ip6_hdr], [], [#include <netinet/ip6.h>])
 101
 102 AM_CONDITIONAL([ENABLE_STATIC], [test "$enable_static" = "yes"])
 103 AM_CONDITIONAL([ENABLE_SHARED], [test "$enable_shared" = "yes"])
 104 AM_CONDITIONAL([ENABLE_IPV4], [test "$enable_ipv4" = "yes"])
 105 AM_CONDITIONAL([ENABLE_IPV6], [test "$enable_ipv6" = "yes"])
 106 AM_CONDITIONAL([ENABLE_LARGEFILE], [test "$enable_largefile" = "yes"])
 107 AM_CONDITIONAL([ENABLE_DEVEL], [test "$enable_devel" = "yes"])
 108 AM_CONDITIONAL([ENABLE_LIBIPQ], [test "$enable_libipq" = "yes"])
 109 AM_CONDITIONAL([ENABLE_BPFC], [test "$enable_bpfc" = "yes"])
 110 AM_CONDITIONAL([ENABLE_SYNCONF], [test "$enable_nfsynproxy" = "yes"])
 111 AM_CONDITIONAL([ENABLE_NFTABLES], [test "$enable_nftables" = "yes"])
 112 AM_CONDITIONAL([ENABLE_CONNLABEL], [test "$enable_connlabel" = "yes"])
 113
 114 if test "x$enable_bpfc" = "xyes" || test "x$enable_nfsynproxy" = "xyes"; then
 115         AC_CHECK_LIB(pcap, pcap_compile,, AC_MSG_ERROR(missing libpcap library required by bpf compiler or nfsynproxy tool))
 116 fi
 117
 118 PKG_CHECK_MODULES([libnfnetlink], [libnfnetlink >= 1.0],
 119         [nfnetlink=1], [nfnetlink=0])
 120 AM_CONDITIONAL([HAVE_LIBNFNETLINK], [test "$nfnetlink" = 1])
 121
 122 if test "x$enable_nftables" = "xyes"; then
 123         PKG_CHECK_MODULES([libmnl], [libmnl >= 1.0], [mnl=1], [mnl=0])
 124
 125         if test "$mnl" = 0;
 126         then
 127                 echo "*** Error: No suitable libmnl found. ***"
 128                 echo "    Please install the 'libmnl' package"
 129                 echo "    Or consider --disable-nftables to skip"
 130                 echo "    iptables-compat over nftables support."
 131                 exit 1
 132         fi
 133
 134         PKG_CHECK_MODULES([libnftnl], [libnftnl >= 1.0.5], [nftables=1], [nftables=0])
 135
 136         if test "$nftables" = 0;
 137         then
 138                 echo "*** Error: no suitable libnftnl found. ***"
 139                 echo "    Please install the 'libnftnl' package"
 140                 echo "    Or consider --disable-nftables to skip"
 141                 echo "    iptables-compat over nftables support."
 142                 exit 1
 143         fi
 144
 145         AM_PROG_LEX
 146         AC_PROG_YACC
 147
 148         if test -z "$ac_cv_prog_YACC"
 149         then
 150                 echo "*** Error: No suitable bison/yacc found. ***"
 151                 echo "    Please install the 'bison' package."
 152                 exit 1
 153         fi
 154         if test -z "$ac_cv_prog_LEX"
 155         then
 156                 echo "*** Error: No suitable flex/lex found. ***"
 157                 echo "    Please install the 'flex' package."
 158                 exit 1
 159         fi
 160 fi
 161
 162 AM_CONDITIONAL([HAVE_LIBMNL], [test "$mnl" = 1])
 163 AM_CONDITIONAL([HAVE_LIBNFTNL], [test "$nftables" = 1])
 164
 165 if test "$nftables" != 1; then
 166         blacklist_b_modules="$blacklist_b_modules limit mark nflog mangle"
 167         blacklist_a_modules="$blacklist_a_modules mangle"
 168 fi
 169
 170 if test "x$enable_connlabel" = "xyes"; then
 171         PKG_CHECK_MODULES([libnetfilter_conntrack],
 172                 [libnetfilter_conntrack >= 1.0.6],
 173                 [nfconntrack=1], [nfconntrack=0])
 174
 175         if test "$nfconntrack" -ne 1; then
 176                 blacklist_modules="$blacklist_modules connlabel";
 177                 echo "WARNING: libnetfilter_conntrack not found, connlabel match will not be built";
 178                 enable_connlabel="no";
 179         fi;
 180 else
 181         blacklist_modules="$blacklist_modules connlabel";
 182 fi;
 183
 184 AM_CONDITIONAL([HAVE_LIBNETFILTER_CONNTRACK], [test "$nfconntrack" = 1])
 185
 186 AC_SUBST([blacklist_modules])
 187 AC_SUBST([blacklist_x_modules])
 188 AC_SUBST([blacklist_b_modules])
 189 AC_SUBST([blacklist_a_modules])
 190 AC_SUBST([blacklist_4_modules])
 191 AC_SUBST([blacklist_6_modules])
 192
 193 regular_CFLAGS="-Wall -Waggregate-return -Wmissing-declarations \
 194         -Wmissing-prototypes -Wredundant-decls -Wshadow -Wstrict-prototypes \
 195         -Winline -pipe";
 196 regular_CPPFLAGS="${largefile_cppflags} -D_REENTRANT \
 197         -DXTABLES_LIBDIR=\\\"\${xtlibdir}\\\" -DXTABLES_INTERNAL";
 198 kinclude_CPPFLAGS="";
 199 if [[ -n "$kbuilddir" ]]; then
 200         kinclude_CPPFLAGS="$kinclude_CPPFLAGS -I$kbuilddir/include/uapi -I$kbuilddir/include";
 201 fi;
 202 if [[ -n "$ksourcedir" ]]; then
 203         kinclude_CPPFLAGS="$kinclude_CPPFLAGS -I$ksourcedir/include/uapi -I$ksourcedir/include";
 204 fi;
 205 pkgdatadir='${datadir}/xtables';
 206
 207 define([EXPAND_VARIABLE],
 208 [$2=[$]$1
 209 if test $prefix = 'NONE'; then
 210         prefix="/usr/local"
 211 fi
 212 while true; do
 213   case "[$]$2" in
 214     *\[$]* ) eval "$2=[$]$2" ;;
 215     *) break ;;
 216   esac
 217 done
 218 eval "$2=[$]$2"
 219 ])dnl EXPAND_VARIABLE
 220
 221 AC_SUBST([regular_CFLAGS])
 222 AC_SUBST([regular_CPPFLAGS])
 223 AC_SUBST([noundef_LDFLAGS])
 224 AC_SUBST([kinclude_CPPFLAGS])
 225 AC_SUBST([kbuilddir])
 226 AC_SUBST([ksourcedir])
 227 AC_SUBST([xtlibdir])
 228 AC_SUBST([pkgconfigdir])
 229 AC_SUBST([pkgdatadir])
 230 AC_SUBST([libxtables_vcurrent])
 231 AC_SUBST([libxtables_vage])
 232 libxtables_vmajor=$(($libxtables_vcurrent - $libxtables_vage));
 233 AC_SUBST([libxtables_vmajor])
 234
 235 AC_CONFIG_FILES([Makefile extensions/GNUmakefile include/Makefile
 236         iptables/Makefile iptables/xtables.pc
 237         iptables/iptables.8 iptables/iptables-extensions.8.tmpl
 238         iptables/iptables-save.8 iptables/iptables-restore.8
 239         iptables/iptables-apply.8 iptables/iptables-xml.1
 240         libipq/Makefile libipq/libipq.pc
 241         libiptc/Makefile libiptc/libiptc.pc
 242         libiptc/libip4tc.pc libiptc/libip6tc.pc
 243         libxtables/Makefile utils/Makefile
 244         include/xtables-version.h include/iptables/internal.h])
 245 AC_OUTPUT
 246
 247
 248 EXPAND_VARIABLE(xtlibdir, e_xtlibdir)
 249 EXPAND_VARIABLE(pkgconfigdir, e_pkgconfigdir)
 250
 251 echo "
 252 Iptables Configuration:
 253   IPv4 support:                         ${enable_ipv4}
 254   IPv6 support:                         ${enable_ipv6}
 255   Devel support:                        ${enable_devel}
 256   IPQ support:                          ${enable_libipq}
 257   Large file support:                   ${enable_largefile}
 258   BPF utils support:                    ${enable_bpfc}
 259   nfsynproxy util support:              ${enable_nfsynproxy}
 260   nftables support:                     ${enable_nftables}
 261   connlabel support:                    ${enable_connlabel}
 262
 263 Build parameters:
 264   Put plugins into executable (static): ${enable_static}
 265   Support plugins via dlopen (shared):  ${enable_shared}
 266   Installation prefix (--prefix):       ${prefix}
 267   Xtables extension directory:          ${e_xtlibdir}
 268   Pkg-config directory:                 ${e_pkgconfigdir}"
 269
 270 if [[ -n "$ksourcedir" ]]; then
 271         echo "  Kernel source directory:                ${ksourcedir}"
 272 fi;
 273 if [[ -n "$kbuilddir" ]]; then
 274         echo "  Kernel build directory:         ${kbuilddir}"
 275 fi;
 276
 277 echo "  Host:                                   ${host}
 278   GCC binary:                           ${CC}"
 279
 280 test x"$blacklist_modules" = "x" || echo "
 281 Iptables modules that will not be built: $blacklist_modules"