dnl Look for libnetfilter_conntrack options (needed for QOS netfilter marking)
+dnl squid_opt_netfilterconntrack is set only when option is explicity specified
AC_ARG_WITH(netfilter-conntrack,
AS_HELP_STRING([--without-netfilter-conntrack],
[Do not use Netfilter conntrack libraries for packet marking.
using --with-netfilter-conntrack=PATH. Default: auto-detect.]), [
case "$with_netfilter_conntrack" in
yes|no)
- : # Nothing special to do here
+ squid_opt_netfilterconntrack=$with_netfilter_conntrack
;;
*)
if test ! -d "$withval" ; then
LDFLAGS="-L$squid_opt_netfilterconntrackpath/lib $LDFLAGS"
CPPFLAGS="-I$squid_opt_netfilterconntrackpath/include $CPPFLAGS"
with_netfilter_conntrack=yes
+ squid_opt_netfilterconntrack=yes
esac
])
AC_MSG_NOTICE([Linux Netfilter Conntrack support requested: ${with_netfilter_conntrack:=auto}])
with_netfilter_conntrack=yes
fi
fi
-AC_MSG_NOTICE([Linux Netfilter Conntrack support enabled: ${with_netfilter_conntrack} ${squid_opt_netfilterconntrackpath}])
dnl Enable Large file support
AC_MSG_NOTICE([X-Accelerator-Vary support enabled: $enable_x_accelerator_vary])
-AC_ARG_ENABLE(zph-qos,
- AS_HELP_STRING([--enable-zph-qos],[Enable ZPH QOS support]), [
-SQUID_YESNO([$enableval],
- [unrecognized argument to --enable-zph-qos: $enableval])
-])
-SQUID_DEFINE_BOOL(USE_QOS_TOS,${enable_zph_qos:=yes},
- [Enable Zero Penalty Hit QOS. When set, Squid will alter the
- TOS field of HIT responses to help policing network traffic])
-AC_MSG_NOTICE([ZPH QOS enabled: $enable_zph_qos])
-if test x"$enable_zph_qos" = "xyes" ; then
- AC_MSG_NOTICE([QOS netfilter mark preservation enabled: $with_netfilter_conntrack])
- SQUID_DEFINE_BOOL(USE_LIBNETFILTERCONNTRACK,${with_netfilter_conntrack:=no},
- [Enable support for QOS netfilter mark preservation])
-fi
-
if $CPPUNITCONFIG --help >/dev/null; then
squid_cv_cppunit_version="`$CPPUNITCONFIG --version`"
AC_MSG_NOTICE([using system installed cppunit version $squid_cv_cppunit_version])
# AC_DEFINEd later
fi
+if test "x$squid_opt_netfilterconntrack" = "xyes" -a "x$with_libcap" != "xyes" ; then
+ AC_MSG_ERROR([Linux netfilter conntrack requires libcap support (libcap or libcap2)])
+fi
+if test "x$with_netfilter_conntrack" = "xyes" -a "x$with_libcap" != "xyes" ; then
+ AC_MSG_WARN([Missing needed capabilities (libcap or libcap2) for netfilter mark support])
+ AC_MSG_WARN([Linux netfilter marking support WILL NOT be enabled])
+ with_netfilter_conntrack=no
+fi
+AC_MSG_NOTICE([Linux Netfilter Conntrack support enabled: ${with_netfilter_conntrack} ${squid_opt_netfilterconntrackpath}])
+
+
+AC_ARG_ENABLE(zph-qos,
+ AS_HELP_STRING([--enable-zph-qos],[Enable ZPH QOS support]), [
+SQUID_YESNO([$enableval],
+ [unrecognized argument to --enable-zph-qos: $enableval])
+])
+SQUID_DEFINE_BOOL(USE_QOS_TOS,${enable_zph_qos:=yes},
+ [Enable Zero Penalty Hit QOS. When set, Squid will alter the
+ TOS field of HIT responses to help policing network traffic])
+AC_MSG_NOTICE([ZPH QOS enabled: $enable_zph_qos])
+if test x"$enable_zph_qos" = "xyes" ; then
+ AC_MSG_NOTICE([QOS netfilter mark preservation enabled: $with_netfilter_conntrack])
+ SQUID_DEFINE_BOOL(USE_LIBNETFILTERCONNTRACK,${with_netfilter_conntrack:=no},
+ [Enable support for QOS netfilter mark preservation])
+fi
+
+
AC_CHECK_LIB(regex, regexec, [REGEXLIB="-lregex"],[REGEXLIB=''])
AC_ARG_ENABLE(gnuregex,
AS_HELP_STRING([--enable-gnuregex],
tos_t tos = GetTosToServer(request);
-#if SO_MARK
+#if SO_MARK && USE_LIBCAP
nfmark_t mark = GetNfmarkToServer(request);
debugs(17, 3, "fwdConnectStart: got outgoing addr " << outgoing << ", tos " << int(tos)
<< ", netfilter mark " << mark);
tos_t tos = GetTosToServer(request);
Ip::Qos::setSockTos(server_fd, tos);
}
-#if SO_MARK
+#if SO_MARK && USE_LIBCAP
if (Ip::Qos::TheConfig.isAclNfmarkActive()) {
nfmark_t mark = GetNfmarkToServer(request);
Ip::Qos::setSockNfmark(server_fd, mark);
// Work out TOS or mark. Default to TOS for backwards compatibility
if (!(mark || tos)) {
if (strncmp(token, "mark",4) == 0) {
-#if SO_MARK
+#if SO_MARK && USE_LIBCAP
mark = true;
// Assume preserve is true. We don't set at initialisation as this affects isHitNfmarkActive()
#if USE_LIBNETFILTERCONNTRACK
debugs(3, DBG_IMPORTANT, "WARNING: Squid not compiled with Netfilter conntrack library. "
<< "Netfilter mark preservation not available.");
#endif // USE_LIBNETFILTERCONNTRACK
-#else // SO_MARK
+#elif SO_MARK // SO_MARK && USE_LIBCAP
debugs(3, DBG_CRITICAL, "ERROR: Invalid parameter 'mark' in qos_flows option. "
- << "Linux Netfilter marking not available.");
+ << "Linux Netfilter marking not available without LIBCAP support.");
self_destruct();
-#endif // SO_MARK
+#else // SO_MARK && USE_LIBCAP
+ debugs(3, DBG_CRITICAL, "ERROR: Invalid parameter 'mark' in qos_flows option. "
+ << "Linux Netfilter marking not available on this platform.");
+ self_destruct();
+#endif // SO_MARK && USE_LIBCAP
} else if (strncmp(token, "tos",3) == 0) {
preserveMissTos = true;
tos = true;
projects / thirdparty / squid.git / commitdiff
