| blob | 2d38a4d4a7850c7850b020c27c7d162c38885c14 |
2 AC_INIT([iptables], [1.8.11])
4 # See libtool.info "Libtool's versioning system"
5 libxtables_vcurrent=19
6 libxtables_vage=7
8 AC_CONFIG_AUX_DIR([build-aux])
9 AC_CONFIG_HEADERS([config.h])
10 AC_CONFIG_MACRO_DIR([m4])
11 AC_PROG_INSTALL
12 AM_INIT_AUTOMAKE([-Wall])
13 AC_PROG_CC
14 AM_PROG_CC_C_O
15 m4_ifdef([AM_PROG_AR], [AM_PROG_AR])
16 LT_INIT([disable-static])
18 AC_ARG_WITH([kernel],
19 AS_HELP_STRING([--with-kernel=PATH],
20 [Path to kernel source/build directory]),
21 [kbuilddir="$withval"; ksourcedir="$withval";])
22 AC_ARG_WITH([kbuild],
23 AS_HELP_STRING([--with-kbuild=PATH],
24 [Path to kernel build directory [[/lib/modules/CURRENT/build]]]),
25 [kbuilddir="$withval"])
26 AC_ARG_WITH([ksource],
27 AS_HELP_STRING([--with-ksource=PATH],
28 [Path to kernel source directory [[/lib/modules/CURRENT/source]]]),
29 [ksourcedir="$withval"])
30 AC_ARG_WITH([xtlibdir],
31 AS_HELP_STRING([--with-xtlibdir=PATH],
32 [Path where to install Xtables extensions [[LIBEXECDIR/xtables]]]),
33 [xtlibdir="$withval"],
34 [xtlibdir="${libdir}/xtables"])
35 AC_ARG_ENABLE([ipv4],
36 AS_HELP_STRING([--disable-ipv4], [Do not build iptables]),
37 [enable_ipv4="$enableval"], [enable_ipv4="yes"])
38 AC_ARG_ENABLE([ipv6],
39 AS_HELP_STRING([--disable-ipv6], [Do not build ip6tables]),
40 [enable_ipv6="$enableval"], [enable_ipv6="yes"])
41 AC_ARG_ENABLE([largefile],
42 AS_HELP_STRING([--disable-largefile], [Do not build largefile support]),
43 [enable_largefile="$enableval"],
44 [enable_largefile="yes"])
45 AS_IF([test "$enable_largefile" = "yes"], [largefile_cppflags='-D_LARGEFILE_SOURCE=1 -D_LARGE_FILES -D_FILE_OFFSET_BITS=64'])
47 AC_ARG_ENABLE([devel],
48 AS_HELP_STRING([--enable-devel],
49 [Install Xtables development headers]),
50 [enable_devel="$enableval"], [enable_devel="yes"])
51 AC_ARG_ENABLE([libipq],
52 AS_HELP_STRING([--enable-libipq], [Build and install libipq]),
53 [enable_libipq="$enableval"], [enable_libipq="no"])
54 AC_ARG_ENABLE([bpf-compiler],
55 AS_HELP_STRING([--enable-bpf-compiler], [Build bpf compiler]),
56 [enable_bpfc="$enableval"], [enable_bpfc="no"])
57 AC_ARG_ENABLE([nfsynproxy],
58 AS_HELP_STRING([--enable-nfsynproxy], [Build SYNPROXY configuration tool]),
59 [enable_nfsynproxy="$enableval"], [enable_nfsynproxy="no"])
60 AC_ARG_WITH([pkgconfigdir], AS_HELP_STRING([--with-pkgconfigdir=PATH],
61 [Path to the pkgconfig directory [[LIBDIR/pkgconfig]]]),
62 [pkgconfigdir="$withval"], [pkgconfigdir='${libdir}/pkgconfig'])
63 AC_ARG_ENABLE([nftables],
64 AS_HELP_STRING([--disable-nftables], [Do not build nftables compat]),
65 [enable_nftables="$enableval"], [enable_nftables="yes"])
66 AC_ARG_ENABLE([libnfnetlink],
67 AS_HELP_STRING([--disable-libnfnetlink], [Do not use netfilter netlink library]),
68 [enable_libnfnetlink="$enableval"], [enable_libnfnetlink="auto"])
69 AC_ARG_ENABLE([connlabel],
70 AS_HELP_STRING([--disable-connlabel],
71 [Do not build libnetfilter_conntrack]),
72 [enable_connlabel="$enableval"], [enable_connlabel="yes"])
73 AC_ARG_WITH([xt-lock-name], AS_HELP_STRING([--with-xt-lock-name=PATH],
74 [Path to the xtables lock [[/run/xtables.lock]]]),
75 [xt_lock_name="$withval"],
76 [xt_lock_name="/run/xtables.lock"])
77 AC_ARG_ENABLE([profiling],
78 AS_HELP_STRING([--enable-profiling], [build for use of gcov/gprof]),
79 [enable_profiling="$enableval"], [enable_profiling="no"])
81 AC_MSG_CHECKING([whether $LD knows -Wl,--no-undefined])
82 saved_LDFLAGS="$LDFLAGS";
83 LDFLAGS="-Wl,--no-undefined";
84 AC_LINK_IFELSE([AC_LANG_SOURCE([int main(void) {}])],
85 [noundef_LDFLAGS="$LDFLAGS"; AC_MSG_RESULT([yes])],
86 [AC_MSG_RESULT([no])]
87 )
88 LDFLAGS="$saved_LDFLAGS";
90 blacklist_modules=""
91 blacklist_x_modules=""
92 blacklist_b_modules=""
93 blacklist_a_modules=""
94 blacklist_4_modules=""
95 blacklist_6_modules=""
97 AC_CHECK_HEADERS([linux/dccp.h linux/ip_vs.h linux/magic.h linux/proc_fs.h linux/bpf.h])
98 if test "$ac_cv_header_linux_dccp_h" != "yes"; then
99 blacklist_modules="$blacklist_modules dccp";
100 fi;
101 if test "$ac_cv_header_linux_ip_vs_h" != "yes"; then
102 blacklist_modules="$blacklist_modules ipvs";
103 fi;
105 AC_CHECK_SIZEOF([struct ip6_hdr], [], [#include <netinet/ip6.h>])
107 AM_CONDITIONAL([ENABLE_STATIC], [test "$enable_static" = "yes"])
108 AM_CONDITIONAL([ENABLE_SHARED], [test "$enable_shared" = "yes"])
109 AM_CONDITIONAL([ENABLE_IPV4], [test "$enable_ipv4" = "yes"])
110 AM_CONDITIONAL([ENABLE_IPV6], [test "$enable_ipv6" = "yes"])
111 AM_CONDITIONAL([ENABLE_LARGEFILE], [test "$enable_largefile" = "yes"])
112 AM_CONDITIONAL([ENABLE_DEVEL], [test "$enable_devel" = "yes"])
113 AM_CONDITIONAL([ENABLE_LIBIPQ], [test "$enable_libipq" = "yes"])
114 AM_CONDITIONAL([ENABLE_BPFC], [test "$enable_bpfc" = "yes"])
115 AM_CONDITIONAL([ENABLE_SYNCONF], [test "$enable_nfsynproxy" = "yes"])
116 AM_CONDITIONAL([ENABLE_NFTABLES], [test "$enable_nftables" = "yes"])
117 AM_CONDITIONAL([ENABLE_CONNLABEL], [test "$enable_connlabel" = "yes"])
119 # If specified explicitly on the command line, error out when library was not found
120 # Otherwise, disable and continue
121 AS_IF([test "x$enable_libnfnetlink" = "xyes"],
122 [PKG_CHECK_MODULES([libnfnetlink], [libnfnetlink >= 1.0],
123 [nfnetlink=1])],
124 [test "x$enable_libnfnetlink" = "xauto"],
125 [PKG_CHECK_MODULES([libnfnetlink], [libnfnetlink >= 1.0],
126 [nfnetlink=1], [nfnetlink=0])])
127 AM_CONDITIONAL([HAVE_LIBNFNETLINK], [test "$nfnetlink" = 1])
129 if test "x$enable_bpfc" = "xyes" || test "x$enable_nfsynproxy" = "xyes"; then
130 PKG_CHECK_MODULES([libpcap], [libpcap], [], [
131 AC_MSG_ERROR(missing libpcap library required by bpf compiler or nfsynproxy tool)])
132 fi
134 if test "x$enable_nftables" = "xyes"; then
135 PKG_CHECK_MODULES([libmnl], [libmnl >= 1.0], [mnl=1], [mnl=0])
137 if test "$mnl" = 0;
138 then
139 echo "*** Error: No suitable libmnl found. ***"
140 echo " Please install the 'libmnl' package"
141 echo " Or consider --disable-nftables to skip"
142 echo " iptables-compat over nftables support."
143 exit 1
144 fi
146 PKG_CHECK_MODULES([libnftnl], [libnftnl >= 1.2.6], [nftables=1], [nftables=0])
148 if test "$nftables" = 0;
149 then
150 echo "*** Error: no suitable libnftnl found. ***"
151 echo " Please install the 'libnftnl' package"
152 echo " Or consider --disable-nftables to skip"
153 echo " iptables-compat over nftables support."
154 exit 1
155 fi
156 fi
158 AM_CONDITIONAL([HAVE_LIBMNL], [test "$mnl" = 1])
159 AM_CONDITIONAL([HAVE_LIBNFTNL], [test "$nftables" = 1])
161 if test "$nftables" != 1; then
162 blacklist_b_modules="$blacklist_b_modules limit mark nflog mangle"
163 blacklist_a_modules="$blacklist_a_modules mangle"
164 fi
166 if test "x$enable_connlabel" = "xyes"; then
167 PKG_CHECK_MODULES([libnetfilter_conntrack],
168 [libnetfilter_conntrack >= 1.0.6],
169 [nfconntrack=1], [nfconntrack=0])
171 if test "$nfconntrack" -ne 1; then
172 blacklist_modules="$blacklist_modules connlabel";
173 echo "WARNING: libnetfilter_conntrack not found, connlabel match will not be built";
174 enable_connlabel="no";
175 fi;
176 else
177 blacklist_modules="$blacklist_modules connlabel";
178 fi;
180 AM_CONDITIONAL([HAVE_LIBNETFILTER_CONNTRACK], [test "$nfconntrack" = 1])
182 AC_SUBST([blacklist_modules])
183 AC_SUBST([blacklist_x_modules])
184 AC_SUBST([blacklist_b_modules])
185 AC_SUBST([blacklist_a_modules])
186 AC_SUBST([blacklist_4_modules])
187 AC_SUBST([blacklist_6_modules])
189 regular_CFLAGS="-Wall -Waggregate-return -Wmissing-declarations \
190 -Wmissing-prototypes -Wredundant-decls -Wshadow -Wstrict-prototypes \
191 -Wlogical-op \
192 -Winline -pipe";
193 regular_CPPFLAGS="${largefile_cppflags} -D_REENTRANT \
194 -DXTABLES_LIBDIR=\\\"\${xtlibdir}\\\" -DXTABLES_INTERNAL";
195 kinclude_CPPFLAGS="";
196 if [[ -n "$kbuilddir" ]]; then
197 kinclude_CPPFLAGS="$kinclude_CPPFLAGS -I$kbuilddir/include/uapi -I$kbuilddir/include";
198 fi;
199 if [[ -n "$ksourcedir" ]]; then
200 kinclude_CPPFLAGS="$kinclude_CPPFLAGS -I$ksourcedir/include/uapi -I$ksourcedir/include";
201 fi;
202 pkgdatadir='${datadir}/xtables';
204 if test "x$enable_profiling" = "xyes"; then
205 regular_CFLAGS+=" -fprofile-arcs -ftest-coverage"
206 regular_LDFLAGS+=" -lgcov --coverage"
207 fi
209 AC_MSG_CHECKING([whether the build is using musl-libc])
210 enable_musl_build=""
212 AC_COMPILE_IFELSE(
213 [AC_LANG_PROGRAM([[#include <netinet/if_ether.h>]],
214 [[
215 #if ! defined(__UAPI_DEF_ETHHDR) || __UAPI_DEF_ETHHDR != 0
216 #error error trying musl...
217 #endif
218 ]]
219 )],
220 [enable_musl_build="yes"],[enable_musl_build="no"]
221 )
222 AC_MSG_RESULT([${enable_musl_build}])
224 if test "x$enable_musl_build" = "xyes"; then
225 regular_CFLAGS+=" -D__UAPI_DEF_ETHHDR=0"
226 fi
228 define([EXPAND_VARIABLE],
229 [$2=[$]$1
230 if test $prefix = 'NONE'; then
231 prefix="/usr/local"
232 fi
233 while true; do
234 case "[$]$2" in
235 *\[$]* ) eval "$2=[$]$2" ;;
236 *) break ;;
237 esac
238 done
239 eval "$2=[$]$2"
240 ])dnl EXPAND_VARIABLE
242 AC_SUBST([regular_CFLAGS])
243 AC_SUBST([regular_CPPFLAGS])
244 AC_SUBST([noundef_LDFLAGS])
245 AC_SUBST([regular_LDFLAGS])
246 AC_SUBST([kinclude_CPPFLAGS])
247 AC_SUBST([kbuilddir])
248 AC_SUBST([ksourcedir])
249 AC_SUBST([xtlibdir])
250 AC_SUBST([pkgconfigdir])
251 AC_SUBST([pkgdatadir])
252 AC_SUBST([libxtables_vcurrent])
253 AC_SUBST([libxtables_vage])
254 libxtables_vmajor=$(($libxtables_vcurrent - $libxtables_vage));
255 AC_SUBST([libxtables_vmajor])
257 AC_DEFINE_UNQUOTED([XT_LOCK_NAME], "${xt_lock_name}",
258 [Location of the iptables lock file])
259 AC_SUBST([XT_LOCK_NAME], "${xt_lock_name}")
261 AC_CONFIG_FILES([Makefile extensions/GNUmakefile include/Makefile
262 iptables/Makefile iptables/xtables.pc
263 iptables/iptables.8 iptables/iptables-extensions.8.tmpl
264 iptables/iptables-save.8 iptables/iptables-restore.8
265 iptables/iptables-apply.8 iptables/iptables-xml.1
266 libipq/Makefile libipq/libipq.pc
267 libiptc/Makefile libiptc/libiptc.pc
268 libiptc/libip4tc.pc libiptc/libip6tc.pc
269 libxtables/Makefile utils/Makefile
270 include/xtables-version.h
271 iptables/xtables-monitor.8
272 utils/nfnl_osf.8
273 utils/nfbpf_compile.8])
274 AC_OUTPUT
277 EXPAND_VARIABLE(xtlibdir, e_xtlibdir)
278 EXPAND_VARIABLE(pkgconfigdir, e_pkgconfigdir)
280 echo "
281 Iptables Configuration:
282 IPv4 support: ${enable_ipv4}
283 IPv6 support: ${enable_ipv6}
284 Devel support: ${enable_devel}
285 IPQ support: ${enable_libipq}
286 Large file support: ${enable_largefile}
287 BPF utils support: ${enable_bpfc}
288 nfsynproxy util support: ${enable_nfsynproxy}
289 nftables support: ${enable_nftables}
290 connlabel support: ${enable_connlabel}
291 profiling support: ${enable_profiling}
293 Build parameters:
294 Put plugins into executable (static): ${enable_static}
295 Support plugins via dlopen (shared): ${enable_shared}
296 Installation prefix (--prefix): ${prefix}
297 Xtables extension directory: ${e_xtlibdir}
298 Pkg-config directory: ${e_pkgconfigdir}
299 Xtables lock file: ${xt_lock_name}
300 Build against musl-libc: ${enable_musl_build}"
302 if [[ -n "$ksourcedir" ]]; then
303 echo " Kernel source directory: ${ksourcedir}"
304 fi;
305 if [[ -n "$kbuilddir" ]]; then
306 echo " Kernel build directory: ${kbuilddir}"
307 fi;
309 echo " Host: ${host}
310 GCC binary: ${CC}"
312 test x"$blacklist_modules" = "x" || echo "
313 Iptables modules that will not be built: $blacklist_modules"