1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
|
@(#) $Header: /cvs/OpenBSD/src/usr.sbin/tcpdump/INSTALL,v 1.2 1999/07/28 20:41:34 jakob Exp $ (LBL)
If you have not built libpcap, do so first. See the README
file in this directory for the ftp location.
You will need an ANSI C compiler to build tcpdump. The configure script
will abort if your compiler is not ANSI compliant. If this happens, use
the GNU C compiler, available via anonymous ftp:
ftp://prep.ai.mit.edu/pub/gnu/gcc.tar.gz
After libpcap has been built (either install it with "make install" and
"make install-incl" or make sure both the libpcap and tcpdump source
trees are in the same directory), edit the BINDEST and MANDEST paths in
Makefile.in and run ./configure (a shell script). "configure" will
determine your system attributes and generate an appropriate Makefile
from Makefile.in. Now build tcpdump by running "make".
If everything builds ok, su and type "make install" (and optionally
"make install-man). This will install tcpdump and the manual entry. By
default, tcpdump is installed with group execute permissions. The group
used depends on your os. In addition, BPF packet access is controlled
by permissions to /dev/bpf0. In any case, DO NOT give untrusted users
the capability of running tcpdump. Tcpdump can capture any traffic on
your net, including passwords.
Note that tcpdump is shipped with some systems, for example, DEC/OSF
and BSD/386. Remember to remove or rename the installed binary
when upgrading.
If you use Linux, this version of libpcap is known to compile and run
under Red Hat 4.0 with the 2.0.25 kernel. It may work with earlier 2.X
versions but is guaranteed not to work with 1.X kernels.
If you use OSF 4, note that that there appears to be some serious bugs
with the stock C compiler. The configure code fragments that detect if
the ether_header and ether_arp structs use the ether_addr struct
generates warnings instead of fatal errors (?!?!) This makes configure
think that the ether_arp struct is used when in fact it is not. To get
around this, delete:
-DETHER_HEADER_HAS_EA=1 -DETHER_ARP_HAS_EA=1
from the Makefile after running configure (and before attempting to
compile tcpdump.
Another workaround is to use gcc.
If your system is not one which we have tested tcpdump on, you may have
to modify the configure script and Makefile.in. Please send us patches
for any modifications you need to make. However, we are not interested
in ascii packet printer patches. We believe adding this feature would
make it too easy for crackers who do not have the programming skills
needed to write a password sniffer to grab clear text passwords.
FILES
-----
CHANGES - description of differences between releases
INSTALL - this file
README - description of distribution
VERSION - version of this release
addrtoname.c - address to hostname routines
addrtoname.h - address to hostname definitions
appletalk.h - AppleTalk definitions
atime.awk - TCP ack awk script
bootp.h - BOOTP definitions
bpf_dump.c - bpf instruction pretty-printer routine
decnet.h - DECnet definitions
ethertype.h - ethernet definitions
extract.h - alignment definitions
fddi.h - Fiber Distributed Data Interface definitions
gmt2local.c - time conversion routines
gmt2local.h - time conversion prototypes
gnuc.h - XXX
igrp.h - Interior Gateway Routing Protocol definitions
interface.h - globals, prototypes and definitions
ipx.h - IPX definitions
llc.h - LLC definitions
machdep.c - machine dependent routines
machdep.h - machine dependent definitions
makemib - mib to header script
mib.h - mib definitions
netbios.h - NETBIOS definitions
nfs.h - XXX
nfsfh.h - Network File System file handle definitions
nfsv2.h - Network File System V2 definitions
ntp.h - Network Time Protocol definitions
ospf.h - Open Shortest Path First definitions
packetdat.awk - TCP chunk summary awk script
parsenfsfh.c - Network File System file parser routines
print-arp.c - Address Resolution Protocol printer routines
print-atalk.c - AppleTalk printer routines
print-atm.c - atm printer routines
print-bootp.c - BOOTP printer routines
print-cnfp.c - Cisco NetFlow printer routines
print-decnet.c - DECnet printer routines
print-domain.c - Domain Name System printer routines
print-egp.c - External Gateway Protocol printer routines
print-enc.c - Encapsulated printer routines
print-ether.c - ethernet printer routines
print-fddi.c - Fiber Distributed Data Interface printer routines
print-gre.c - Generic Routing Encapsulation printer routines
print-icmp.c - Internet Control Message Protocol printer routines
print-igrp.c - Interior Gateway Routing Protocol printer routines
print-ike.c - internet key exchange (ike, isakmp/oakley) printer routines
print-ip.c - ip printer routines
print-ipsec.c - ipsec (esp/ah) printer routines
print-ipx.c - IPX printer routines
print-isoclns.c - isoclns printer routines
print-krb.c - Kerberos printer routines
print-llc.c - llc printer routines
print-netbios.c - netbios printer routines
print-nfs.c - Network File System printer routines
print-ntp.c - Network Time Protocol printer routines
print-null.c - null printer routines
print-ospf.c - Open Shortest Path First printer routines
print-pim.c - Protocol Independent Multicast printer routines
print-ppp.c - Point to Point Protocol printer routines
print-raw.c - raw printer routines
print-rip.c - Routing Information Protocol printer routines
print-skip.c - SKIP printer routines
print-sl.c - Compressed Serial Line Internet Protocol printer routines
print-snmp.c - Simple Network Management Protocol printer routines
print-sunrpc.c - Sun Remote Procedure Call printer routines
print-tcp.c - TCP printer routines
print-tftp.c - Trivial File Transfer Protocol printer routines
print-udp.c - UDP printer routines
print-wb.c - white board printer routines
radius.h - XXX
savestr.c - savestr prototypes
savestr.h - strdup() replacement
send-ack.awk - unidirectional tcp send/ack awk script
setsignal.c - os independent signal routines
setsignal.h - os independent signal prototypes
stime.awk - TCP send awk script
tcpdump.8 - manual entry
tcpdump.c - main program
util.c - utility routines
|