On Sat, Feb 23, 2013 at 9:15 PM, Maciej Żenczykowski <zenczykowski@xxxxxxxxx> wrote: > at a guess, there should be a --with/without option for it, and if > --with=tool is specified build/configure should fail if support > libraries are missing Agreed on the fail hard. After a brief offline discussion on --enable vs --with, will respin with optional --enable-bpf-compiler. The option is disabled by default. If it is enabled and pcap cannot be found, build fails. If no further comments, I'll respin shortly. > > On Sun, Feb 17, 2013 at 7:52 PM, Willem de Bruijn <willemb@xxxxxxxxxx> wrote: >> On Wed, Jan 23, 2013 at 1:56 PM, Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx> wrote: >>> On Wed, Jan 23, 2013 at 11:38:20AM -0500, Willem de Bruijn wrote: >>>> On Wed, Jan 23, 2013 at 11:21 AM, Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx> wrote: >>>> > On Wed, Jan 23 2013 at 10:59:28AM -0500, Willem de Bruijn wrote: >>>> >> >> b) provide a separate utility to generate the BPF filter in text-based >>>> >> >> format from some utility that accepts tcpdump-like syntax. The utility >>>> >> >> can be distributed in the utils directory and it would not be >>>> >> >> mandatory to compile it if libpcap is not present. >>>> > [...] >>>> >> > I would go with b) for now; we can always move to a) later on, but not >>>> >> > the other way around (would kill backwards compatibility). >>>> >> >>>> >> This sounds like the consensus (for the record, I also prefer this less >>>> >> disruptive approach). In that case, I can submit a revised libxt_bpf with your >>>> >> suggested changes right away, Pablo, and we can leave the separate >>>> >> userspace tool for a later commit. >>>> > >>>> > Either way is fine, but please we should have that utility compiler >>>> > integrated in the iptables tree by when 3.9-rc1 is released. >>>> >>>> Okay. I'll prepare a separate patch with the pcap-based utility, then. >> >> Just sent the patch. I'm no expert at autoconf and automake, so the >> build logic can conceivably be shorter, but it works for me and the >> logic is straightforward. I forgot to mention in the commit message >> which versions of the tools I used: tested on a ubuntu 12.04 with >> autoconf 2.68, automake 1.9.6 and libtool 2.4.2. >> >>>> Since utils is built as part of the root make invocation, I think it's >>>> better to test for pcap.h in the root configure.ac and add a test in >>>> utils/Makefile.am to build this tool if found, as opposed to creating >>>> a separate configure.ac under utils. We can also discuss these >>>> details after the first version of the patch, of course. >>> >>> That's fine by now, and it's way less bloat. >> -- >> To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in >> the body of a message to majordomo@xxxxxxxxxxxxxxx >> More majordomo info at http://vger.kernel.org/majordomo-info.html -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
