From: Francesco Chemolli <kinkie@squid-cache.org>
Date: Fri, 23 Apr 2010 09:44:04 +0000 (+0200)
Subject: Improved --enable-linux-netfilter handling (now defaults to "auto")
X-Git-Tag: SQUID_3_2_0_1~271^2~5
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=4bd144d26142a97d02a7de2361cb7926a8a3d6f2;p=thirdparty%2Fsquid.git

Improved --enable-linux-netfilter handling (now defaults to "auto")
Default-disabled IPF support.
---

diff --git a/configure.in b/configure.in
index 11662ef350..2b51a5d581 100644
--- a/configure.in
+++ b/configure.in
@@ -1287,7 +1287,8 @@ AC_ARG_ENABLE(ipf-transparent,
       [unrecognized argument to --enable-ipf-transparent: $enableval])
 ])
 #will be AC_DEFINE'd later, after checking for appropriate infrastructure
-AC_MSG_NOTICE([IPF-based transparent proxying requested: ${enable_ipf_transparent:=auto}])
+#IPF currently broken. Default-disabled for now.
+AC_MSG_NOTICE([IPF-based transparent proxying requested: ${enable_ipf_transparent:=no}])
 
 dnl Enable PF Transparent Proxy
 AC_ARG_ENABLE(pf-transparent,
@@ -1299,16 +1300,15 @@ AC_ARG_ENABLE(pf-transparent,
 #will be AC_DEFINE'd later, after checking for appropriate infrastructure
 AC_MSG_NOTICE([PF-based transparent proxying requested: ${enable_pf_transparent:=auto}])
 
-# Enable Linux Netfilter Transparent Proxy
-squid_opt_linux_netfilter="auto"
-AH_TEMPLATE(LINUX_NETFILTER,[Enable support for Transparent Proxy on Linux via Netfilter])
+# Linux Netfilter Transparent Proxy
 AC_ARG_ENABLE(linux-netfilter,
   AS_HELP_STRING([--enable-linux-netfilter],
                  [Enable Transparent Proxy support for Linux (Netfilter)]), [
-squid_opt_linux_netfilter=$enableval
-AC_MSG_NOTICE([Linux Transparent Proxy (Netfilter) support requested: $squid_opt_linux_netfilter])
-#will be AC_DEFINE'd later, after checking for appropriate infrastructure
+  SQUID_YESNO([$enableval],
+              [unrecognized argument to --enable-linux-netfilter: $enableval])
 ])
+AC_MSG_NOTICE([Linux Netfilter support requested: ${enable_linux_netfilter:=auto}])
+#will be AC_DEFINE'd later, after checking for appropriate infrastructure
 
 dnl Enable Large file support
 buildmodel=""
@@ -3175,7 +3175,6 @@ fi
 
 dnl PF support requires a header file.
 if test "$enable_pf_transparent" != "no" ; then
-  AC_MSG_CHECKING(for availability of PF header files)
 	if test "$ac_cv_header_net_pfvar_h" = "yes" -o \
     "$ac_cv_header_net_pf_pfvar_h" = "yes"; then
 		if test "$enable_pf_transparent" = "auto" ; then
@@ -3187,28 +3186,30 @@ if test "$enable_pf_transparent" != "no" ; then
 		fi
 		enable_pf_transparent="no"
 	fi
-  AC_MSG_RESULT([$enable_pf_transparent])
 fi
 SQUID_DEFINE_UNQUOTED([PF_TRANSPARENT],$enable_pf_transparent,
   [Enable support for PF-style transparent proxying])
 
-if test "$squid_opt_linux_netfilter" != "no" ; then
-    AC_MSG_CHECKING(if Linux (Netfilter) kernel header files are installed)
-    # hold on to your hats...
-    if test "$ac_cv_header_linux_netfilter_ipv4_h" = "yes"; then
-        AC_DEFINE(LINUX_NETFILTER, 1)
+if test "$enable_linux_netfilter" != "no" ; then
+  if test "$ac_cv_header_linux_netfilter_ipv4_h" = "yes"; then
+    if test "$enable_linux_netfilter" = "auto" ; then
+      enable_linux_netfilter=yes
+    fi
+  else
+    if test "$enable_linux_netfilter" = "auto" ; then
+      enable_linux_netfilter=no
     else
-        squid_opt_linux_netfilter="no"
-        AC_DEFINE(LINUX_NETFILTER, 0)
-        AC_MSG_WARN([Cannot find necessary Linux kernel (Netfilter) header files])
-        AC_MSG_WARN([Linux Transparent and Intercepting Proxy support WILL NOT be enabled])
+      AC_MSG_ERROR([Linux Netfilter support requested but needed headers not found])
     fi
-    AC_MSG_RESULT($squid_opt_linux_netfilter)
+  fi
 fi
+AC_MSG_NOTICE([Linux Netfilter support enabled: $enable_linux_netfilter])
+SQUID_DEFINE_UNQUOTED([LINUX_NETFILTER],$enable_linux_netfilter,
+  [Enable support for Transparent Proxy on Linux via Netfilter])
 
 dnl Netfilter TPROXY depends on libcap but the NAT parts can still work.
-AC_MSG_NOTICE([Support for Netfilter-based interception proxy requested: $squid_opt_linux_netfilter])
-if test "$squid_opt_linux_netfilter" = "yes" && test "$use_libcap" != "yes" ; then
+AC_MSG_NOTICE([Support for Netfilter-based interception proxy requested: $enable_linux_netfilter])
+if test "$enable_linux_netfilter" = "yes" && test "$use_libcap" != "yes" ; then
     AC_MSG_WARN([Missing needed capabilities (libcap or libcap2) for TPROXY])
     AC_MSG_WARN([Linux Transparent Proxy support WILL NOT be enabled])
     AC_MSG_WARN([Reduced support to Interception Proxy])
@@ -3227,8 +3228,8 @@ if test "$squid_opt_linux_tproxy2" = "yes" -a "$use_libcap" != "yes" ; then
 fi
 if test "$squid_opt_linux_tproxy2" = "yes" ; then
   # we already checked that $use_libcap2=yes 
-  if test "$squid_opt_linux_netfilter" = "no" ; then
-    squid_opt_linux_netfilter="yes"
+  if test "$enable_linux_netfilter" = "no" ; then
+    enable_linux_netfilter="yes"
     AC_MSG_NOTICE([Enabling Linux Netfilter support needed by Linux TPROXY v2])
   fi
   AC_MSG_CHECKING([if TPROXYv2 header files are installed])