On 01/13/2015 04:32 PM, Florian Westphal wrote: > Gustavo Zacarias <gustavo@xxxxxxxxxxxxxxx> wrote: >> Disable connlabel for purely static builds since it pulls in libdl which >> isn't available in such cases causing build breakage. > > What do you mean by 'purely static builds'? > In any case, current iptables master > > ./configure --disable-shared --enable-static && make > > fails to build with your patch applied since configure thinks > that neither libmnl nor libfntnl are present. > > I also don't understand why connlabel should not be built with above > configure options, care to elaborate? See http://autobuild.buildroot.net/results/b45/b45df862a5c7e0a45017d6be33a818c98489b663/ (build-end.log) That's the precise build failure which is triggered when libnetfilter_conntrack is around. When it's not around (nfconntrack=0, from PKG_CHECK_MODULES) it won't try to build it and the result is a proper purely-static build. Hence i set it that way in the patch when the user explicitly says --disable-shared. Purely-static is a toolchain where there is no dlfcn.h and libdl, not something you would see from (e)glibc but normal for uClibc. I haven't tried on iptables master which adds nft functionality yet, but this fixes it for 1.4.21. Regards. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
