-
Notifications
You must be signed in to change notification settings - Fork 0
/
INSTALL
139 lines (85 loc) · 3.38 KB
/
INSTALL
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
Installation instructions for nftables
======================================
Prerequisites
=============
- build tooling: glibc headers, gcc, autotools, automake, libtool, pkg-config.
- libmnl: git://git.netfilter.org/libmnl.git
- libnftnl: git://git.netfilter.org/libnftnl.git
- flex
- bison
- libgmp: alternatively, see mini-gmp support below.
- libreadline or libedit or linenoise: required by interactive command line
- optional: libxtables: required to interact with iptables-compat
- optional: libjansson: required to build JSON support
- optional: asciidoc: required for building man-page
- optional: fpm: required for building deb or rpm packages
(See https://fpm.readthedocs.io/en/v1.15.1/index.html)
Configuring and compiling
=========================
Run "sh autogen.sh" to generate the configure script, then:
sh configure [options]
--prefix=
The prefix to put all installed files under. It defaults to
/usr/local, so the binaries will go into /usr/local/bin, sbin,
manpages into /usr/local/share/man, etc.
--datarootdir=
The base directory for arch-independent files. Defaults to
$prefix/share.
--disable-debug
Disable debugging
--with-mini-gmp
Use builtin mini-gmp instead of linking with a shared libgmp.
This is useful for embedded platforms optimizing for size and
having no other use for libgmp.
Note: This decreases the debugging verbosity in some files.
--with-xtables
For libxtables support to interact with the iptables-compat
utility.
--without-cli
To disable interactive command line support, ie. -i/--interactive.
--with-cli=readline
To enable interactive command line support with libreadline.
--with-cli=linenoise
To enable interactive command line support with linenoise.
--with-cli=editline
To enable interactive command line support with libedit.
--with-json
To enable JSON support, this requires libjansson.
--with-build-deb
To enable build with deb package
--with-build-rpm
To enable build with rpm package
--with-pkgdst=
Path where the package will be installed. By default all will be installed
into path determinated by the --prefix option
Run "make" to compile nftables, "make install" to install it in the
configured paths. Before running make you may need to determinate pkgconfig path
for the libnftnl library installed early
(e.g. export PKG_CONFIG_PATH=$PKG_CONFIG_PATH:/opt/swarm/lib/pkgconfig/)
Configuration with package
==========================
To enable build a package just configure one of the option:
./configure --with-build-deb
make build-deb
or
./configure --with-build-rpm
make build-rpm
If you need to install a package to a specific location
you have to specify the path using the --with-pkgdst option:
./configure --with-pkgdst=/opt/swarm/ --with-build-deb
make build-deb
Python support
==============
CPython bindings are available for nftables under the py/ folder. They can be
installed using pip:
python -m pip install py/
A legacy setup.py script can also be used:
( cd py && python setup.py install )
However, this method is deprecated.
Source code
===========
Netfilter's Linux kernel tree can be found at:
git://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf.git/
https://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf.git
The latest version of this code can be found at:
git://git.netfilter.org/nftables.git