Commit d1754fe7 authored by gauthier's avatar gauthier

first commit

parents
Installation instructions for Xtables-addons
============================================
Xtables-addons uses the well-known configure(autotools) infrastructure
in combination with the kernel's Kbuild system.
$ ./configure
$ make
# make install
Supported configurations for this release
=========================================
* iptables >= 1.4.5
* kernel-devel >= 3.7
with prepared build/output directory
- CONFIG_NF_CONNTRACK
- CONFIG_NF_CONNTRACK_MARK enabled =y or as module (=m)
- CONFIG_CONNECTOR y/m if you wish to receive userspace
notifications from pknock through netlink/connector
(Use xtables-addons-1.x if you need support for Linux < 3.7.)
Selecting extensions
====================
You can edit the "mconfig" file to select what modules to build and
install. By default, all modules are enabled.
Configuring and compiling
=========================
./configure [options]
--without-kbuild
Deactivate building kernel modules, and just do userspace parts.
--with-kbuild=
Specifies the path to the kernel build output directory. We need
it for building the kernel extensions. It defaults to
/lib/modules/$(running version)/build, which usually points to
the right directory. (If not, you need to install something.)
For RPM building, it should be /usr/src/linux-obj/...
or whatever location the distro makes use of.
--with-xtlibdir=
Specifies the path to where the newly built extensions should
be installed when `make install` is run. The default is to
use the same path that Xtables/iptables modules use, as
determined by `pkg-config xtables --variable xtlibdir`.
Thus, this option normally does NOT need to be specified
anymore, even if your distribution put modules in a strange
location.
If you want to enable debugging, use
./configure CFLAGS="-ggdb3 -O0"
(-O0 is used to turn off instruction reordering, which makes debugging
much easier.)
To make use of a libxtables that is not in the default path, either
a) append the location of the pkg-config files like:
PKG_CONFIG_PATH=/usr/local/lib/pkgconfig
(Assuming that files have been installed)
or,
b) override the pkg-config variables, for example:
./configure libxtables_CFLAGS="-I../iptables/include" \
libxtables_LIBS="-L../iptables/.libs \
-Wl,-rpath,../iptables/.libs -lxtables"
(Use this in case you wish to use it without having to
run `make install`. This is because the libxtables.pc pkgconfig
file in ../iptables would already point to e.g. /usr/local.)
Build-time options
==================
V= controls the verbosity of make commands.
V=0 "silent" (output filename)
V=1 "verbose" (entire gcc command line)
Note to distribution packagers
==============================
Except for --with-kbuild, distributions should not have a need to
supply any other flags (besides --prefix=/usr and perhaps
--libdir=/usr/lib64, etc.) to configure when all prerequired packages
are installed. If iptables-devel is installed, necessary headers should
already be in /usr/include, so that overriding PKG_CONFIG_PATH,
libxtables_CFLAGS and libxtables_LIBS variables should not be needed.
This diff is collapsed.
# -*- Makefile -*-
ACLOCAL_AMFLAGS = -I m4
SUBDIRS = extensions geoip
man_MANS := xtables-addons.8
.PHONY: FORCE
FORCE:
xtables-addons.8: FORCE
${MAKE} -f Makefile.mans all;
clean-local-mans:
${MAKE} -f Makefile.mans clean;
clean-local: clean-local-mans
config.status: Makefile.iptrules.in
tmpdir := $(shell mktemp -dtu)
packer = xz
packext = .tar.xz
.PHONY: tarball
tarball:
# do not use mkdir_p here.
mkdir ${tmpdir}
pushd ${top_srcdir} && git archive --prefix=${PACKAGE_NAME}-${PACKAGE_VERSION}/ HEAD | tar -C ${tmpdir} -x && popd;
pushd ${tmpdir}/${PACKAGE_NAME}-${PACKAGE_VERSION} && ./autogen.sh && popd;
tar --use=${packer} -C ${tmpdir} -cf ${PACKAGE_NAME}-${PACKAGE_VERSION}${packext} --owner=root --group=root ${PACKAGE_NAME}-${PACKAGE_VERSION}/;
rm -Rf ${tmpdir};
# -*- Makefile -*-
# AUTOMAKE
export AM_CPPFLAGS
export AM_CFLAGS
XA_SRCDIR = ${srcdir}
XA_TOPSRCDIR = ${top_srcdir}
XA_ABSTOPSRCDIR = ${abs_top_srcdir}
export XA_SRCDIR
export XA_TOPSRCDIR
export XA_ABSTOPSRCDIR
_mcall = -f ${top_builddir}/Makefile.iptrules
all-local: user-all-local
install-exec-local: user-install-local
clean-local: user-clean-local
user-all-local:
${MAKE} ${_mcall} all;
# Have no user-install-data-local ATM
user-install-local: user-install-exec-local
user-install-exec-local:
${MAKE} ${_mcall} install;
user-clean-local:
${MAKE} ${_mcall} clean;
This diff is collapsed.
# -*- Makefile -*-
# MANUAL
abs_top_srcdir = @abs_top_srcdir@
prefix = @prefix@
exec_prefix = @exec_prefix@
libexecdir = @libexecdir@
xtlibdir = @xtlibdir@
CC = @CC@
CCLD = ${CC}
CFLAGS = @CFLAGS@
LDFLAGS = @LDFLAGS@
libxtables_CFLAGS = @libxtables_CFLAGS@
libxtables_LIBS = @libxtables_LIBS@
AM_DEPFLAGS = -Wp,-MMD,$(@D)/.$(@F).d,-MT,$@
AM_DEFAULT_VERBOSITY = 0
am__v_CC_0 = @echo " CC " $@;
am__v_CCLD_0 = @echo " CCLD " $@;
am__v_GEN_0 = @echo " GEN " $@;
am__v_SILENT_0 = @
am__v_CC_ = ${am__v_CC_${AM_DEFAULT_VERBOSITY}}
am__v_CCLD_ = ${am__v_CCLD_${AM_DEFAULT_VERBOSITY}}
am__v_GEN_ = ${am__v_GEN_${AM_DEFAULT_VERBOSITY}}
am__v_SILENT_ = ${am__v_SILENT_${AM_DEFAULT_VERBOSITY}}
AM_V_CC = ${am__v_CC_${V}}
AM_V_CCLD = ${am__v_CCLD_${V}}
AM_V_GEN = ${am__v_GEN_${V}}
AM_V_silent = ${am__v_GEN_${V}}
include ${XA_TOPSRCDIR}/mconfig
-include ${XA_TOPSRCDIR}/mconfig.*
include ${XA_SRCDIR}/Mbuild
-include ${XA_SRCDIR}/Mbuild.*
targets := $(filter-out %/,${obj-m})
subdirs_list := $(filter %/,${obj-m})
.SECONDARY:
.PHONY: all install clean
all: ${targets}
@for i in ${subdirs_list}; do ${MAKE} -C $$i || exit $$?; done;
install: ${targets}
@for i in ${subdirs_list}; do ${MAKE} -C $$i $@ || exit $$?; done;
install -dm0755 "${DESTDIR}/${xtlibdir}";
@for i in $^; do install -pm0755 $$i "${DESTDIR}/${xtlibdir}"; done;
clean:
@for i in ${subdirs_list}; do ${MAKE} -C $$i $@ || exit $$?; done;
rm -f *.oo *.so;
lib%.so: lib%.oo
${AM_V_CCLD}${CCLD} ${AM_LDFLAGS} -shared ${LDFLAGS} -o $@ $< ${libxtables_LIBS} ${LDLIBS};
%.oo: ${XA_SRCDIR}/%.c
${AM_V_CC}${CC} ${AM_DEPFLAGS} ${AM_CPPFLAGS} ${AM_CFLAGS} -DPIC -fPIC ${CPPFLAGS} ${CFLAGS} -o $@ -c $<;
# -*- Makefile -*-
# MANUAL
srcdir := @srcdir@
wcman_matches := $(shell find "${srcdir}/extensions" -name 'libxt_[a-z]*.man' -print | sort)
wcman_targets := $(shell find "${srcdir}/extensions" -name 'libxt_[A-Z]*.man' -print | sort)
wlist_matches := $(patsubst ${srcdir}/libxt_%.man,%,${wcman_matches})
wlist_targets := $(patsubst ${srcdir}/libxt_%.man,%,${wcman_targets})
.PHONY: FORCE
FORCE:
.manpages.lst: FORCE
@echo "${wlist_targets} ${wlist_matches}" >$@.tmp; \
cmp -s $@ $@.tmp || mv $@.tmp $@; \
rm -f $@.tmp;
man_run = \
${AM_V_GEN}for ext in $(1); do \
name="$${ext%.man}"; \
name="$${name\#\#*/libxt_}"; \
if [ -f "$$ext" ]; then \
echo ".SS $$name"; \
cat "$$ext" || exit $$?; \
continue; \
fi; \
done >$@;
all: xtables-addons.8
xtables-addons.8: ${srcdir}/xtables-addons.8.in matches.man targets.man
${AM_V_GEN}sed -e '/@MATCHES@/ r matches.man' -e '/@TARGET@/ r targets.man' $< >$@;
matches.man: .manpages.lst ${wcman_matches}
$(call man_run,${wlist_matches})
targets.man: .manpages.lst ${wcman_targets}
$(call man_run,${wlist_targets})
clean:
rm -f xtables-addons.8 matches.man targets.man
Xtables-addons
==============
Xtables-addons is the proclaimed successor to patch-o-matic(-ng). It
contains extensions that were not accepted in the main Xtables
package.
Xtables-addons is different from patch-o-matic in that you do not
have to patch or recompile either kernel or Xtables(iptables). But
please see the INSTALL file for the minimum requirements of this
package.
All code imported from patch-o-matic has been reviewed and all
apparent bugs like binary stability across multiarches, missing
sanity checks and incorrect endianess handling have been fixed,
simplified, and sped up.
Included in this package
========================
- xt_ACCOUNT 1.16, libxt_ACCOUNT 1.3
Inclusion into a kernel tree
============================
External extensions
===================
The program "xa-download-more" can be used to download more
extensions from 3rd parties into the source tree. The URLs are listed
in the "sources" file. If the "sources" file contains an entry like
http://foobar.org/xa/
xa-download-more will inspect http://foobar.org/xa/xa-index.txt for
files to download. That file may contain
foobar.tar.bz2
and xa-download-more will then retrieve and unpack
http://foobar.org/xa/foobar.tar.bz2.
Files that should be contained in the tarball are an mconfig and
Kbuild files to control building the extension, libxt_foobar.c for
the userspace extension and xt_foobar.c for the kernel extension.
mconfig.foobar
extensions/Kbuild.foobar
extensions/Mbuild.foobar
extensions/libxt_foobar.c
extensions/libxt_foobar.man
extensions/xt_foobar.c
extensions/xt_foobar.h
This diff is collapsed.
#!/bin/bash
autoreconf -fi;
rm -Rf autom4te*.cache;
#! /bin/sh
# Wrapper for Microsoft lib.exe
me=ar-lib
scriptversion=2012-03-01.08; # UTC
# Copyright (C) 2010-2013 Free Software Foundation, Inc.
# Written by Peter Rosin <peda@lysator.liu.se>.
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2, or (at your option)
# any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
# As a special exception to the GNU General Public License, if you
# distribute this file as part of a program that contains a
# configuration script generated by Autoconf, you may include it under
# the same distribution terms that you use for the rest of that program.
# This file is maintained in Automake, please report
# bugs to <bug-automake@gnu.org> or send patches to
# <automake-patches@gnu.org>.
# func_error message
func_error ()
{
echo "$me: $1" 1>&2
exit 1
}
file_conv=
# func_file_conv build_file
# Convert a $build file to $host form and store it in $file
# Currently only supports Windows hosts.
func_file_conv ()
{
file=$1
case $file in
/ | /[!/]*) # absolute file, and not a UNC file
if test -z "$file_conv"; then
# lazily determine how to convert abs files
case `uname -s` in
MINGW*)
file_conv=mingw
;;
CYGWIN*)
file_conv=cygwin
;;
*)
file_conv=wine
;;
esac
fi
case $file_conv in
mingw)
file=`cmd //C echo "$file " | sed -e 's/"\(.*\) " *$/\1/'`
;;
cygwin)
file=`cygpath -m "$file" || echo "$file"`
;;
wine)
file=`winepath -w "$file" || echo "$file"`
;;
esac
;;
esac
}
# func_at_file at_file operation archive
# Iterate over all members in AT_FILE performing OPERATION on ARCHIVE
# for each of them.
# When interpreting the content of the @FILE, do NOT use func_file_conv,
# since the user would need to supply preconverted file names to
# binutils ar, at least for MinGW.
func_at_file ()
{
operation=$2
archive=$3
at_file_contents=`cat "$1"`
eval set x "$at_file_contents"
shift
for member
do
$AR -NOLOGO $operation:"$member" "$archive" || exit $?
done
}
case $1 in
'')
func_error "no command. Try '$0 --help' for more information."
;;
-h | --h*)
cat <<EOF
Usage: $me [--help] [--version] PROGRAM ACTION ARCHIVE [MEMBER...]
Members may be specified in a file named with @FILE.
EOF
exit $?
;;
-v | --v*)
echo "$me, version $scriptversion"
exit $?
;;
esac
if test $# -lt 3; then
func_error "you must specify a program, an action and an archive"
fi
AR=$1
shift
while :
do
if test $# -lt 2; then
func_error "you must specify a program, an action and an archive"
fi
case $1 in
-lib | -LIB \
| -ltcg | -LTCG \
| -machine* | -MACHINE* \
| -subsystem* | -SUBSYSTEM* \
| -verbose | -VERBOSE \
| -wx* | -WX* )
AR="$AR $1"
shift
;;
*)
action=$1
shift
break
;;
esac
done
orig_archive=$1
shift
func_file_conv "$orig_archive"
archive=$file
# strip leading dash in $action
action=${action#-}
delete=
extract=
list=
quick=
replace=
index=
create=
while test -n "$action"
do
case $action in
d*) delete=yes ;;
x*) extract=yes ;;
t*) list=yes ;;
q*) quick=yes ;;
r*) replace=yes ;;
s*) index=yes ;;
S*) ;; # the index is always updated implicitly
c*) create=yes ;;
u*) ;; # TODO: don't ignore the update modifier
v*) ;; # TODO: don't ignore the verbose modifier
*)
func_error "unknown action specified"
;;
esac
action=${action#?}
done
case $delete$extract$list$quick$replace,$index in
yes,* | ,yes)
;;
yesyes*)
func_error "more than one action specified"
;;
*)
func_error "no action specified"
;;
esac
if test -n "$delete"; then
if test ! -f "$orig_archive"; then
func_error "archive not found"
fi
for member
do
case $1 in
@*)
func_at_file "${1#@}" -REMOVE "$archive"
;;
*)
func_file_conv "$1"
$AR -NOLOGO -REMOVE:"$file" "$archive" || exit $?
;;
esac
done
elif test -n "$extract"; then
if test ! -f "$orig_archive"; then
func_error "archive not found"
fi
if test $# -gt 0; then
for member
do
case $1 in
@*)
func_at_file "${1#@}" -EXTRACT "$archive"
;;
*)
func_file_conv "$1"
$AR -NOLOGO -EXTRACT:"$file" "$archive" || exit $?
;;
esac
done
else
$AR -NOLOGO -LIST "$archive" | sed -e 's/\\/\\\\/g' | while read member
do
$AR -NOLOGO -EXTRACT:"$member" "$archive" || exit $?
done
fi
elif test -n "$quick$replace"; then
if test ! -f "$orig_archive"; then
if test -z "$create"; then
echo "$me: creating $orig_archive"
fi
orig_archive=
else
orig_archive=$archive
fi
for member
do
case $1 in
@*)
func_file_conv "${1#@}"
set x "$@" "@$file"
;;
*)
func_file_conv "$1"
set x "$@" "$file"
;;
esac
shift
shift
done
if test -n "$orig_archive"; then
$AR -NOLOGO -OUT:"$archive" "$orig_archive" "$@" || exit $?
else
$AR -NOLOGO -OUT:"$archive" "$@" || exit $?
fi