On Thu, Nov 26, 2015 at 07:42:26AM +0100, Daniel Wagner wrote:
> On 11/25/2015 08:45 PM, Pablo Neira Ayuso wrote:
> > On Mon, Nov 23, 2015 at 11:18:47AM +0100, Daniel Wagner wrote:
> >> The libext_arpt is not included when linking the static version of
> >> iptables.
> >>
> >> Signed-off-by: Daniel Wagner <daniel.wagner@xxxxxxxxxxxx>
> >> ---
> >> Hi,
> >>
> >> I had some troubles getting a static version of iptables. Not sure
> >> if I fixed it correctly. Anyway I am able to proceed with testing.
> >
> > Could you tell me what options you're using to compile iptables so I
> > can try to reproduce it?
>
> Yes, sure. I am using this simple toy script to build:
>
> declare -a arr=("libmnl" "libnl" "libnftnl" "libnfnetlink"
> "libnetfilter" "libnetfilter_acct" "libnetfilter_conntrack"
> "libnetfilter_cthelper" "libnetfilter_cttimeout" "libnetfilter_queue"
> "iptables")
>
> NFPATH=/home/wagi/connman/netfilter
> export PKG_CONFIG_PATH=$NFPATH/lib/pkgconfig
> export LD_LIBRARY_PATH=$NFPATH/lib
>
> ## now loop through the above array
> for i in "${arr[@]}"
> do
> echo "$i"
> (
> cd $i
> ./configure --prefix=$NFPATH --enable-static
I can reproduce this, thanks.
We also need to include libnetfilter_conntrack otherwise static builds
also break when connlabel support is on.
diff --git a/iptables/Makefile.am b/iptables/Makefile.am
index 132fe5f..3c0faa5 100644
--- a/iptables/Makefile.am
+++ b/iptables/Makefile.am
@@ -1,7 +1,7 @@
# -*- Makefile -*-
AM_CFLAGS = ${regular_CFLAGS}
-AM_CPPFLAGS = ${regular_CPPFLAGS} -I${top_builddir}/include -I${top_srcdir}/include ${kinclude_CPPFLAGS} ${libmnl_CFLAGS} ${libnftnl_CFLAGS}
+AM_CPPFLAGS = ${regular_CPPFLAGS} -I${top_builddir}/include -I${top_srcdir}/include ${kinclude_CPPFLAGS} ${libmnl_CFLAGS} ${libnftnl_CFLAGS} ${libnetfilter_conntrack_CFLAGS}
AM_YFLAGS = -d
xtables_multi_SOURCES = xtables-multi.c iptables-xml.c
@@ -41,7 +41,7 @@ xtables_compat_multi_SOURCES += xtables-save.c xtables-restore.c \
xtables-arp-standalone.c xtables-arp.c \
getethertype.c nft-bridge.c \
xtables-eb-standalone.c xtables-eb.c
-xtables_compat_multi_LDADD += ${libmnl_LIBS} ${libnftnl_LIBS} ../extensions/libext4.a ../extensions/libext6.a ../extensions/libext_ebt.a
+xtables_compat_multi_LDADD += ${libmnl_LIBS} ${libnftnl_LIBS} ${libnetfilter_conntrack_LIBS} ../extensions/libext4.a ../extensions/libext6.a ../extensions/libext_ebt.a ../extensions/libext_arpt.a
# yacc and lex generate dirty code
xtables_compat_multi-xtables-config-parser.o xtables_compat_multi-xtables-config-syntax.o: AM_CFLAGS += -Wno-missing-prototypes -Wno-missing-declarations -Wno-implicit-function-declaration -Wno-nested-externs -Wno-undef -Wno-redundant-decls
xtables_compat_multi_SOURCES += xshared.c
