Building ATS for transparency¶
In most cases, if your environment supports transparency then
configure
will automatically enable it. For other environments you
may need to twiddle the configure
options.
--enable-posix-cap
This enables POSIX capabilities, which are required for transparency. These are compiled in by default. To check your system, look for the header file
sys/capability.h
and the system librarylibcap
. These are in the packageslibcap
andlibcap-devel
orlibcap-dev
(depending on the Distribution) contra-respectively.--enable-tproxy[=value]
Enable TPROXY support, which is the Linux kernel feature used for transparency. This should be present in the base installation, there is no package associated with it. *
auto
Do automatic checks for the the TPROXY header file (linux/in.h
) and enable TPROXY support if theIP_TRANSPARENT
definition is present. This is the default if this option is not specified orvalue
is omitted. *no
Do not check for TPROXY support, disable support for it. *force
Do not check for TPROXY support, enable it using the $ats@ built in value forIP_TRANSPARENT
. This is useful for systems that have it in the kernel for but some reason do not have the appropriate system header file. * number Do not check for TPROXY support, use number as theIP_TRANSPARENT
value. There are, at present, no known standard distributions of Linux that support TPROXY but use a value different from the built in ATS default. However, a custom built kernel may do so and in that case the specific value can be specified.
In the default case, ATS configuration will automatically check for
TPROXY support via the presence of the linux/in.h
header file and
compile in TPROXY support if it is available. If that fails, you may be
able to recover by using one of the options above. Note that
transparency may be built in by default but it is not active unless
explicitly enabled in the ATS configuration files.