old-www/HOWTO/Querying-libiptc-HOWTO/install.html

<HTML
><HEAD
><TITLE
>Installing iptables + libiptc</TITLE
><META
NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.76b+
"><LINK
REL="HOME"
TITLE="Querying libiptc HOWTO"
HREF="index.html"><LINK
REL="PREVIOUS"
TITLE="Previous knowledge and system requirements"
HREF="previous.html"><LINK
REL="NEXT"
TITLE="How to create your program(s)"
HREF="howtoprg.html"></HEAD
><BODY
CLASS="SECT1"
BGCOLOR="#FFFFFF"
TEXT="#000000"
LINK="#0000FF"
VLINK="#840084"
ALINK="#0000FF"
><DIV
CLASS="NAVHEADER"
><TABLE
SUMMARY="Header navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TH
COLSPAN="3"
ALIGN="center"
>Querying libiptc HOWTO</TH
></TR
><TR
><TD
WIDTH="10%"
ALIGN="left"
VALIGN="bottom"
><A
HREF="previous.html"
ACCESSKEY="P"
>Prev</A
></TD
><TD
WIDTH="80%"
ALIGN="center"
VALIGN="bottom"
></TD
><TD
WIDTH="10%"
ALIGN="right"
VALIGN="bottom"
><A
HREF="howtoprg.html"
ACCESSKEY="N"
>Next</A
></TD
></TR
></TABLE
><HR
ALIGN="LEFT"
WIDTH="100%"></DIV
><DIV
CLASS="SECT1"
><H1
CLASS="SECT1"
><A
NAME="INSTALL">9. Installing iptables + libiptc</H1
><P
>To install <EM
>libiptc</EM
> follow these steps:</P
><P
></P
><OL
TYPE="1"
><LI
><P
>Download <EM
>iptables-1.2.6.tar.bz2</EM
> from 
<A
HREF="http://netfilter.samba.org/"
TARGET="_top"
>http://netfilter.samba.org/</A
>.</P
></LI
><LI
><P
>Copy the <EM
>iptables</EM
> tar file into 
<TT
CLASS="FILENAME"
>/usr/local/src</TT
>:</P
><TABLE
BORDER="1"
BGCOLOR="#E0E0E0"
WIDTH="90%"
><TR
><TD
><FONT
COLOR="#000000"
><PRE
CLASS="SCREEN"
>bash# <B
CLASS="COMMAND"
>cp iptables-1.2.6.tar.bz2 /usr/local/src</B
></PRE
></FONT
></TD
></TR
></TABLE
></LI
><LI
><P
> Unpack:</P
><TABLE
BORDER="1"
BGCOLOR="#E0E0E0"
WIDTH="90%"
><TR
><TD
><FONT
COLOR="#000000"
><PRE
CLASS="SCREEN"
>bash# <B
CLASS="COMMAND"
>tar xjvf iptables-1.2.6.tar.bz2</B
></PRE
></FONT
></TD
></TR
></TABLE
></LI
><LI
><P
> Go into the iptables directory:</P
><TABLE
BORDER="1"
BGCOLOR="#E0E0E0"
WIDTH="90%"
><TR
><TD
><FONT
COLOR="#000000"
><PRE
CLASS="SCREEN"
>bash# <B
CLASS="COMMAND"
>cd iptables-1.2.6</B
></PRE
></FONT
></TD
></TR
></TABLE
></LI
><LI
><P
>Check to see if your kernel needs some aditional patches with:</P
><TABLE
BORDER="1"
BGCOLOR="#E0E0E0"
WIDTH="90%"
><TR
><TD
><FONT
COLOR="#000000"
><PRE
CLASS="SCREEN"
>bash# <B
CLASS="COMMAND"
>make pending-patches</B
> <EM
>KERNEL_DIR=/usr/src/linux</EM
></PRE
></FONT
></TD
></TR
></TABLE
><P
>If your kernel source is located somewhere other than in 
<TT
CLASS="FILENAME"
>/usr/src/linux</TT
>, replace the kernel source directory in 
the command line above with your source directory.</P
><P
>Be careful with this option. This command invokes 
<EM
>patch-o-matic</EM
>, a new patch verification utility by 
Rusty Russell. The utility will show you a list of new patches (some 
proposed, some submitted, some accepted) available for your kernel source. 
As Rusty himself says, <SPAN
CLASS="QUOTE"
>"Some of these new patches have bugs"</SPAN
>, 
and you do not have to apply all of them.</P
><P
>Read the information showed for each patch carefully and answer with 
<B
CLASS="KEYCAP"
>y</B
> (apply the patch) or <B
CLASS="KEYCAP"
>N</B
> (skip this patch). 
In some cases answering <B
CLASS="KEYCAP"
>y</B
> will try to apply the patch, but 
if the patch finds some differences between your sources, it will be 
skipped and the next new one presented.</P
><P
>I did not apply any of the proposed patches and kept my kernel in its
original state before continuing to the next step.</P
></LI
><LI
><P
>Make the iptables package with:</P
><TABLE
BORDER="1"
BGCOLOR="#E0E0E0"
WIDTH="90%"
><TR
><TD
><FONT
COLOR="#000000"
><PRE
CLASS="SCREEN"
>bash# <B
CLASS="COMMAND"
>make</B
> <EM
>KERNEL_DIR=/usr/src/linux</EM
></PRE
></FONT
></TD
></TR
></TABLE
><P
>Again, if your kernel source is not at <TT
CLASS="FILENAME"
>/usr/src/linux</TT
>, 
replace the kernel source directory in the command above.</P
><P
>If all goes right the compiler will finish without errors.</P
></LI
><LI
><P
>Before the next step, check to see if you have installed iptables package by
typing:</P
><TABLE
BORDER="1"
BGCOLOR="#E0E0E0"
WIDTH="90%"
><TR
><TD
><FONT
COLOR="#000000"
><PRE
CLASS="SCREEN"
>bash# <B
CLASS="COMMAND"
>rpm -q iptables</B
></PRE
></FONT
></TD
></TR
></TABLE
><P
>If the iptables rpm is installed, you will see the name and version of the
package, similar to:</P
><P
><EM
>iptables-1.1.2-13</EM
></P
><P
>In this case un-install with:</P
><TABLE
BORDER="1"
BGCOLOR="#E0E0E0"
WIDTH="90%"
><TR
><TD
><FONT
COLOR="#000000"
><PRE
CLASS="SCREEN"
>bash# <B
CLASS="COMMAND"
>rpm -e iptables</B
></PRE
></FONT
></TD
></TR
></TABLE
></LI
><LI
><P
>Install the new created package:</P
><TABLE
BORDER="1"
BGCOLOR="#E0E0E0"
WIDTH="90%"
><TR
><TD
><FONT
COLOR="#000000"
><PRE
CLASS="SCREEN"
>bash# <B
CLASS="COMMAND"
>make install</B
> <EM
>KERNEL_DIR=/usr/src/linux</EM
></PRE
></FONT
></TD
></TR
></TABLE
><P
>Again, check your kernel source directory.</P
><P
>This command will install the binaries (<EM
>iptables, iptables-save,
iptables-restore</EM
>) in <TT
CLASS="FILENAME"
>/usr/local/sbin</TT
>, the manuals 
in <TT
CLASS="FILENAME"
>/usr/local/man/man8</TT
> and the modules in 
<TT
CLASS="FILENAME"
>/usr/local/lib/iptables</TT
>.</P
></LI
><LI
><P
>Finally install the headers, development libraries and associated
development man pages, with:</P
><TABLE
BORDER="1"
BGCOLOR="#E0E0E0"
WIDTH="90%"
><TR
><TD
><FONT
COLOR="#000000"
><PRE
CLASS="SCREEN"
>bash# <B
CLASS="COMMAND"
>make install-devel</B
></PRE
></FONT
></TD
></TR
></TABLE
><P
>This command will install the <EM
>libiptc</EM
> library 
in <TT
CLASS="FILENAME"
>/usr/local/lib</TT
>.</P
><P
>I think something must be wrong with this command. It does not install all
headers files properly, so you must install them yourself using:</P
><TABLE
BORDER="1"
BGCOLOR="#E0E0E0"
WIDTH="90%"
><TR
><TD
><FONT
COLOR="#000000"
><PRE
CLASS="SCREEN"
>bash# <B
CLASS="COMMAND"
>cd /usr/local/src/iptables-1.2.6</B
>
bash# <B
CLASS="COMMAND"
>cp include/iptables.h /usr/local/include</B
>
bash# <B
CLASS="COMMAND"
>cp include/iptables_common.h /usr/local/include</B
>
bash# <B
CLASS="COMMAND"
>mkdir /usr/local/include/libiptc</B
>
bash# <B
CLASS="COMMAND"
>cp include/libiptc/libiptc.h /usr/local/include/libiptc</B
>
bash# <B
CLASS="COMMAND"
>cp include/libiptc/ipt_kernel_headers.h /usr/local/include/libiptc</B
>
bash# <B
CLASS="COMMAND"
>cp iptables.o /usr/local/lib</B
></PRE
></FONT
></TD
></TR
></TABLE
><P
><TT
CLASS="FILENAME"
>iptables.o</TT
> is needed above to compile programs to get 
rule information from netfilter. </P
><P
>Now you are ready to create programs that can communicate directly with libiptc.</P
></LI
></OL
></DIV
><DIV
CLASS="NAVFOOTER"
><HR
ALIGN="LEFT"
WIDTH="100%"><TABLE
SUMMARY="Footer navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
><A
HREF="previous.html"
ACCESSKEY="P"
>Prev</A
></TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
><A
HREF="index.html"
ACCESSKEY="H"
>Home</A
></TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
><A
HREF="howtoprg.html"
ACCESSKEY="N"
>Next</A
></TD
></TR
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
>Previous knowledge and system requirements</TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
>&nbsp;</TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
>How to create your program(s)</TD
></TR
></TABLE
></DIV
></BODY
></HTML
>