Re: [iptables PATCH] configure: exit if libnftnl is not found

Giuseppe Longo <giuseppelng@xxxxxxxxx> · Sat, 9 Apr 2016 10:46:40 +0200

Hi Pablo,

2016-04-08 14:55 GMT+02:00 Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>:
> On Sun, Mar 27, 2016 at 12:05:46PM +0200, Giuseppe Longo wrote:
>> iptables building is broken if libnftnl is not installed
>> on the system, raising up the following errors:
>>
>> nft-shared.c:25:27: fatal error: libnftnl/rule.h: No such file or directory
>>  #include <libnftnl/rule.h>
>>                            ^
>> compilation terminated.
>> nft.c:41:28: fatal error: libnftnl/table.h: No such file or directory
>>  #include <libnftnl/table.h>
>>                             ^
>> compilation terminated.
>> mv -f .deps/xtables_multi-iptables-restore.Tpo .deps/xtables_multi-iptables-restore.Po
>> In file included from nft.h:5:0,
>>                  from nft-ipv6.c:25:
>> nft-shared.h:6:27: fatal error: libnftnl/rule.h: No such file or directory
>>  #include <libnftnl/rule.h>
>>                            ^
>> mv -f .deps/xtables_multi-xshared.Tpo .deps/xtables_multi-xshared.Po
>> compilation terminated.
>> In file included from nft.h:5:0,
>>                  from nft-ipv4.c:26:
>> nft-shared.h:6:27: fatal error: libnftnl/rule.h: No such file or directory
>>  #include <libnftnl/rule.h>
>>
>> configure script checks if libnftnl is installed, but doesn't
>> exit if it is not.
>>
>> Signed-off-by: Giuseppe Longo <giuseppelng@xxxxxxxxx>
>> ---
>>  configure.ac | 7 +++++++
>>  1 file changed, 7 insertions(+)
>>
>> diff --git a/configure.ac b/configure.ac
>> index 33a8f2d..b08ecca 100644
>> --- a/configure.ac
>> +++ b/configure.ac
>> @@ -128,6 +128,13 @@ if test "x$enable_nftables" = "xyes"; then
>>
>>       PKG_CHECK_MODULES([libnftnl], [libnftnl >= 1.0.5], [nftables=1], [nftables=0])
>>
>> +     if test "$nftables" = 0;
>> +     then
>> +             echo "*** Error: No suitable libnftnl found. ***"
>> +             echo "    Please install the 'libnftnl' package."
>
> I'm going to take this patch, but mangle it to include this information too:
>
>                 echo "    Or consider --disable-nftables to skip "
>                 echo "    iptables-compat over nftables support."
>

I can send a v2 of this patch with these changes.
I think a similar patch is needed for libmnl because
there is a same issue.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html