<HTML ><HEAD ><TITLE >Installing iptables + libiptc</TITLE ><META NAME="GENERATOR" CONTENT="Modular DocBook HTML Stylesheet Version 1.76b+ "><LINK REL="HOME" TITLE="Querying libiptc HOWTO" HREF="index.html"><LINK REL="PREVIOUS" TITLE="Previous knowledge and system requirements" HREF="previous.html"><LINK REL="NEXT" TITLE="How to create your program(s)" HREF="howtoprg.html"></HEAD ><BODY CLASS="SECT1" BGCOLOR="#FFFFFF" TEXT="#000000" LINK="#0000FF" VLINK="#840084" ALINK="#0000FF" ><DIV CLASS="NAVHEADER" ><TABLE SUMMARY="Header navigation table" WIDTH="100%" BORDER="0" CELLPADDING="0" CELLSPACING="0" ><TR ><TH COLSPAN="3" ALIGN="center" >Querying libiptc HOWTO</TH ></TR ><TR ><TD WIDTH="10%" ALIGN="left" VALIGN="bottom" ><A HREF="previous.html" ACCESSKEY="P" >Prev</A ></TD ><TD WIDTH="80%" ALIGN="center" VALIGN="bottom" ></TD ><TD WIDTH="10%" ALIGN="right" VALIGN="bottom" ><A HREF="howtoprg.html" ACCESSKEY="N" >Next</A ></TD ></TR ></TABLE ><HR ALIGN="LEFT" WIDTH="100%"></DIV ><DIV CLASS="SECT1" ><H1 CLASS="SECT1" ><A NAME="INSTALL">9. Installing iptables + libiptc</H1 ><P >To install <EM >libiptc</EM > follow these steps:</P ><P ></P ><OL TYPE="1" ><LI ><P >Download <EM >iptables-1.2.6.tar.bz2</EM > from <A HREF="http://netfilter.samba.org/" TARGET="_top" >http://netfilter.samba.org/</A >.</P ></LI ><LI ><P >Copy the <EM >iptables</EM > tar file into <TT CLASS="FILENAME" >/usr/local/src</TT >:</P ><TABLE BORDER="1" BGCOLOR="#E0E0E0" WIDTH="90%" ><TR ><TD ><FONT COLOR="#000000" ><PRE CLASS="SCREEN" >bash# <B CLASS="COMMAND" >cp iptables-1.2.6.tar.bz2 /usr/local/src</B ></PRE ></FONT ></TD ></TR ></TABLE ></LI ><LI ><P > Unpack:</P ><TABLE BORDER="1" BGCOLOR="#E0E0E0" WIDTH="90%" ><TR ><TD ><FONT COLOR="#000000" ><PRE CLASS="SCREEN" >bash# <B CLASS="COMMAND" >tar xjvf iptables-1.2.6.tar.bz2</B ></PRE ></FONT ></TD ></TR ></TABLE ></LI ><LI ><P > Go into the iptables directory:</P ><TABLE BORDER="1" BGCOLOR="#E0E0E0" WIDTH="90%" ><TR ><TD ><FONT COLOR="#000000" ><PRE CLASS="SCREEN" >bash# <B CLASS="COMMAND" >cd iptables-1.2.6</B ></PRE ></FONT ></TD ></TR ></TABLE ></LI ><LI ><P >Check to see if your kernel needs some aditional patches with:</P ><TABLE BORDER="1" BGCOLOR="#E0E0E0" WIDTH="90%" ><TR ><TD ><FONT COLOR="#000000" ><PRE CLASS="SCREEN" >bash# <B CLASS="COMMAND" >make pending-patches</B > <EM >KERNEL_DIR=/usr/src/linux</EM ></PRE ></FONT ></TD ></TR ></TABLE ><P >If your kernel source is located somewhere other than in <TT CLASS="FILENAME" >/usr/src/linux</TT >, replace the kernel source directory in the command line above with your source directory.</P ><P >Be careful with this option. This command invokes <EM >patch-o-matic</EM >, a new patch verification utility by Rusty Russell. The utility will show you a list of new patches (some proposed, some submitted, some accepted) available for your kernel source. As Rusty himself says, <SPAN CLASS="QUOTE" >"Some of these new patches have bugs"</SPAN >, and you do not have to apply all of them.</P ><P >Read the information showed for each patch carefully and answer with <B CLASS="KEYCAP" >y</B > (apply the patch) or <B CLASS="KEYCAP" >N</B > (skip this patch). In some cases answering <B CLASS="KEYCAP" >y</B > will try to apply the patch, but if the patch finds some differences between your sources, it will be skipped and the next new one presented.</P ><P >I did not apply any of the proposed patches and kept my kernel in its original state before continuing to the next step.</P ></LI ><LI ><P >Make the iptables package with:</P ><TABLE BORDER="1" BGCOLOR="#E0E0E0" WIDTH="90%" ><TR ><TD ><FONT COLOR="#000000" ><PRE CLASS="SCREEN" >bash# <B CLASS="COMMAND" >make</B > <EM >KERNEL_DIR=/usr/src/linux</EM ></PRE ></FONT ></TD ></TR ></TABLE ><P >Again, if your kernel source is not at <TT CLASS="FILENAME" >/usr/src/linux</TT >, replace the kernel source directory in the command above.</P ><P >If all goes right the compiler will finish without errors.</P ></LI ><LI ><P >Before the next step, check to see if you have installed iptables package by typing:</P ><TABLE BORDER="1" BGCOLOR="#E0E0E0" WIDTH="90%" ><TR ><TD ><FONT COLOR="#000000" ><PRE CLASS="SCREEN" >bash# <B CLASS="COMMAND" >rpm -q iptables</B ></PRE ></FONT ></TD ></TR ></TABLE ><P >If the iptables rpm is installed, you will see the name and version of the package, similar to:</P ><P ><EM >iptables-1.1.2-13</EM ></P ><P >In this case un-install with:</P ><TABLE BORDER="1" BGCOLOR="#E0E0E0" WIDTH="90%" ><TR ><TD ><FONT COLOR="#000000" ><PRE CLASS="SCREEN" >bash# <B CLASS="COMMAND" >rpm -e iptables</B ></PRE ></FONT ></TD ></TR ></TABLE ></LI ><LI ><P >Install the new created package:</P ><TABLE BORDER="1" BGCOLOR="#E0E0E0" WIDTH="90%" ><TR ><TD ><FONT COLOR="#000000" ><PRE CLASS="SCREEN" >bash# <B CLASS="COMMAND" >make install</B > <EM >KERNEL_DIR=/usr/src/linux</EM ></PRE ></FONT ></TD ></TR ></TABLE ><P >Again, check your kernel source directory.</P ><P >This command will install the binaries (<EM >iptables, iptables-save, iptables-restore</EM >) in <TT CLASS="FILENAME" >/usr/local/sbin</TT >, the manuals in <TT CLASS="FILENAME" >/usr/local/man/man8</TT > and the modules in <TT CLASS="FILENAME" >/usr/local/lib/iptables</TT >.</P ></LI ><LI ><P >Finally install the headers, development libraries and associated development man pages, with:</P ><TABLE BORDER="1" BGCOLOR="#E0E0E0" WIDTH="90%" ><TR ><TD ><FONT COLOR="#000000" ><PRE CLASS="SCREEN" >bash# <B CLASS="COMMAND" >make install-devel</B ></PRE ></FONT ></TD ></TR ></TABLE ><P >This command will install the <EM >libiptc</EM > library in <TT CLASS="FILENAME" >/usr/local/lib</TT >.</P ><P >I think something must be wrong with this command. It does not install all headers files properly, so you must install them yourself using:</P ><TABLE BORDER="1" BGCOLOR="#E0E0E0" WIDTH="90%" ><TR ><TD ><FONT COLOR="#000000" ><PRE CLASS="SCREEN" >bash# <B CLASS="COMMAND" >cd /usr/local/src/iptables-1.2.6</B > bash# <B CLASS="COMMAND" >cp include/iptables.h /usr/local/include</B > bash# <B CLASS="COMMAND" >cp include/iptables_common.h /usr/local/include</B > bash# <B CLASS="COMMAND" >mkdir /usr/local/include/libiptc</B > bash# <B CLASS="COMMAND" >cp include/libiptc/libiptc.h /usr/local/include/libiptc</B > bash# <B CLASS="COMMAND" >cp include/libiptc/ipt_kernel_headers.h /usr/local/include/libiptc</B > bash# <B CLASS="COMMAND" >cp iptables.o /usr/local/lib</B ></PRE ></FONT ></TD ></TR ></TABLE ><P ><TT CLASS="FILENAME" >iptables.o</TT > is needed above to compile programs to get rule information from netfilter. </P ><P >Now you are ready to create programs that can communicate directly with libiptc.</P ></LI ></OL ></DIV ><DIV CLASS="NAVFOOTER" ><HR ALIGN="LEFT" WIDTH="100%"><TABLE SUMMARY="Footer navigation table" WIDTH="100%" BORDER="0" CELLPADDING="0" CELLSPACING="0" ><TR ><TD WIDTH="33%" ALIGN="left" VALIGN="top" ><A HREF="previous.html" ACCESSKEY="P" >Prev</A ></TD ><TD WIDTH="34%" ALIGN="center" VALIGN="top" ><A HREF="index.html" ACCESSKEY="H" >Home</A ></TD ><TD WIDTH="33%" ALIGN="right" VALIGN="top" ><A HREF="howtoprg.html" ACCESSKEY="N" >Next</A ></TD ></TR ><TR ><TD WIDTH="33%" ALIGN="left" VALIGN="top" >Previous knowledge and system requirements</TD ><TD WIDTH="34%" ALIGN="center" VALIGN="top" > </TD ><TD WIDTH="33%" ALIGN="right" VALIGN="top" >How to create your program(s)</TD ></TR ></TABLE ></DIV ></BODY ></HTML >