-
Notifications
You must be signed in to change notification settings - Fork 23
/
README
100 lines (68 loc) · 3.28 KB
/
README
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
Getting Started
---------------
See the INSTALL file for instructions on how to build and install
and start using tcptrack.
Known Bugs / Gotchas
--------------------
tcptrack does not compile cleanly with libpcap versions earlier than
0.7.2. See below for a hack to your libpcap <0.7.2 to get tcptrack
to compile on it, or upgrade your libpcap.
On some systems at the end of the build process (after doing make),
you may see "g++: unrecognized option -pthread". This is a problem
with the configure script thinking that your c++ compiler actually
accepts this option. This message isn't actually a fatal error.
Unless some other error occurred, you should have a working tcptrack
binary built and can test it or proceed to 'make install'.
I have had one report that tcptrack will fail to compile on Solaris
giving a ton of errors involving stl include files while doing
'make'. I have not been able to reproduce this on any Solaris
machine that I have access to. I'm not sure if there's a problem in
tcptrack or elsewhere. If you encounter this, please let me know.
Notes
-----
Compilation may fail with errors about multiple declarations of
bpf_validate and bpf_filter. There is a bug in libpcap versions
earlier than 0.7.2 which causes this to happen when using libpcap in
C++ programs. To correct it get libpcap 0.7.2 or higher from
www.tcpdump.org or see the notes at the end of this README file on
how to fix your version.
On Redhat 7.x configure or compilation may fail with errors about
net/bpf.h not existing, or configure may tell you that it cannot
find pcap.h when you in fact have it. I think this is a bug with
Redhat's libpcap packages. See below for instructions on how to fix
it, or install libpcap >= 0.7.2 from source.
Fixing Redhat pcap build/configure problems
-------------------------------------------
As mentioned above in the Notes section, this may be needed if
you're on Redhat 7.x and configure tells you you don't have pcap.h
when in fact you do.
Edit your pcap.h file (/usr/include/pcap/pcap.h on RH 7.x).
Line 42 reads:
#include <net/bpf.h>
Change it to read:
#include <pcap/net/bpf.h>
Now try running configure again. If you get 'previous declaration'
errors while running make, see the next section.
Fixing C++ bug in pcap < 0.7.2
------------------------------
This is a hack that is only needed if you're experiening the build
problems about multiple declarations of bpf_validate and bpf_filter
mentioned above in the Notes section. Note that this may cause other
programs to fail to compile, so you should change it back after
you've built tcptrack (or upgrade your libpcap if posssible).
Edit your pcap.h. It may be in /usr/include or /usr/include/pcap.
Around line 169 (as of libpcap 0.6.2, YMMV) you should see the
following lines:
u_int bpf_filter(struct bpf_insn *, u_char *, u_int, u_int);
int bpf_validate(struct bpf_insn *f, int len);
Comment them out:
/*
u_int bpf_filter(struct bpf_insn *, u_char *, u_int, u_int);
int bpf_validate(struct bpf_insn *f, int len);
*/
Now try building again.
Reporting Bugs / Comments / Requests / Patches
----------------------------------------------
Send me (Steve Benson) an email at
steve@rhythm.REMOVE_THIS_SPAMTRAP.cx if you have questions or find
bugs or anything.