nexmon – Blame information for rev 1
?pathlinks?
| Rev | Author | Line No. | Line |
|---|---|---|---|
| 1 | office | 1 | libpcap for DOS |
| 2 | --------------- |
||
| 3 | |||
| 4 | This file contains some notes on building and using libpcap for MS-DOS. |
||
| 5 | Look in `README' and `pcap.man' for usage and details. These targets are |
||
| 6 | supported: |
||
| 7 | |||
| 8 | - Borland C 4.0+ small or large model. |
||
| 9 | - Metaware HighC 3.1+ with PharLap DOS-extender |
||
| 10 | - GNU C 2.7+ with djgpp 2.01+ DOS extender |
||
| 11 | - Watcom C 11.x with DOS4GW extender |
||
| 12 | |||
| 13 | Note: the files in the libpcap.zip contains short trucated filenames. |
||
| 14 | So for djgpp to work with these, disable the use of long file names by |
||
| 15 | setting "LFN=n" in the environment. |
||
| 16 | |||
| 17 | Files specific to DOS are pcap-dos.[ch] and the assembly and C files in |
||
| 18 | the MSDOS sub-directory. Remember to built lipcap libraries from the top |
||
| 19 | install directory. And not from the MSDOS sub-directory. |
||
| 20 | |||
| 21 | Note for djgpp users: |
||
| 22 | If you got the libpcap from the official site www.tcpdump, then that |
||
| 23 | distribution does NOT contain any sources for building 32-bit drivers. |
||
| 24 | Instead get the full version at |
||
| 25 | http://www.bgnett.no/~giva/pcap/libpcap.zip |
||
| 26 | |||
| 27 | and set "USE_32BIT_DRIVERS = 1" in msdos\common.dj. |
||
| 28 | |||
| 29 | |||
| 30 | |||
| 31 | Requirements |
||
| 32 | ------------ |
||
| 33 | |||
| 34 | DOS-libpcap currently only works reliably with a real-mode Ethernet packet- |
||
| 35 | driver. This driver must be installed prior to using any program (e.g. |
||
| 36 | tcpdump) compiled with libpcap. Work is underway to implement protected- |
||
| 37 | mode drivers for 32-bit targets (djgpp only). The 3Com 3c509 driver is |
||
| 38 | working almost perfectly. Due to lack of LAN-cards, I've not had the |
||
| 39 | opportunity to test other drivers. These 32-bit drivers are modified |
||
| 40 | Linux drivers. |
||
| 41 | |||
| 42 | |||
| 43 | Required packages |
||
| 44 | ----------------- |
||
| 45 | |||
| 46 | The following packages and tools must be present for all targets. |
||
| 47 | |||
| 48 | 1. Watt-32 tcp/ip library. This library is *not* used to send or |
||
| 49 | receive network data. It's mostly used to access the 'hosts' |
||
| 50 | file and other <netdb.h> features. Get 'watt32s*.zip' at: |
||
| 51 | |||
| 52 | http://www.bgnett.no/~giva/ |
||
| 53 | |||
| 54 | 2. Exception handler and disassember library (libexc.a) is needed if |
||
| 55 | "USE_EXCEPT = 1" in common.dj. Available at: |
||
| 56 | |||
| 57 | http://www.bgnett.no/~giva/misc/exc_dx07.zip |
||
| 58 | |||
| 59 | 3. Flex & Bison is used to generate parser for the filter handler |
||
| 60 | pcap_compile: |
||
| 61 | |||
| 62 | ftp://ftp.simtel.net/pub/simtelnet/gnu/djgpp/v2gnu/flx254b.zip |
||
| 63 | ftp://ftp.simtel.net/pub/simtelnet/gnu/djgpp/v2gnu/bsn128b.zip |
||
| 64 | |||
| 65 | 4. NASM assembler v 0.98 or later is required when building djgpp and |
||
| 66 | Watcom targets: |
||
| 67 | |||
| 68 | ftp://ftp.simtel.net/pub/simtelnet/gnu/djgpp/v2tk/nasm098p.zip |
||
| 69 | |||
| 70 | 5. sed (Stream Editor) is required for doing `make depend'. |
||
| 71 | It's available at |
||
| 72 | ftp://ftp.simtel.net/pub/simtelnet/gnu/djgpp/v2gnu/sed*.zip |
||
| 73 | |||
| 74 | A touch tool to update the time-stamp of a file. E.g. |
||
| 75 | ftp://ftp.simtel.net/pub/simtelnet/gnu/djgpp/v2gnu/grep*.zip |
||
| 76 | |||
| 77 | 6. For djgpp rm.exe and cp.exe are required. These should already be |
||
| 78 | part of your djgpp installation. Also required (experimental at the |
||
| 79 | time) for djgpp is DLX 2.91 or later. This tool is for the generation |
||
| 80 | of dynamically loadable modules. |
||
| 81 | |||
| 82 | |||
| 83 | Compiling libpcap |
||
| 84 | ----------------- |
||
| 85 | |||
| 86 | Follow these steps in building libpcap: |
||
| 87 | |||
| 88 | 1. Make sure you've installed Watt-32 properly (see it's `INSTALL' file). |
||
| 89 | During that installation a environment variable `WATT_ROOT' is set. |
||
| 90 | This variable is used for building libpcap also (`WATT_INC' is |
||
| 91 | deducted from `WATT_ROOT'). djgpp users should also define environment |
||
| 92 | variables `C_INCLUDE_PATH' and `LIBRARY_PATH' to point to the include |
||
| 93 | directory and library directory respectively. E.g. put this in your |
||
| 94 | AUTOEXEC.BAT: |
||
| 95 | set C_INCLUDE_PATH=c:/net/watt/inc |
||
| 96 | set LIBRARY_PATH=c:/net/watt/lib |
||
| 97 | |||
| 98 | 2. Revise the msdos/common.dj file for your djgpp/gcc installation; |
||
| 99 | - change the value of `GCCLIB' to match location of libgcc.a. |
||
| 100 | - set `USE_32BIT_DRIVERS = 1' to build 32-bit driver objects. |
||
| 101 | |||
| 102 | |||
| 103 | 3. Build pcap by using appropriate makefile. For djgpp, use: |
||
| 104 | `make -f msdos/makefile.dj' (i.e. GNU `make') |
||
| 105 | |||
| 106 | For a Watcom target say: |
||
| 107 | `wmake -f msdos\makefile.wc' |
||
| 108 | |||
| 109 | For a Borland target say: |
||
| 110 | `maker -f msdos\Makefile pcap_bc.lib' (Borland's `maker.exe') |
||
| 111 | |||
| 112 | And for a HighC/Pharlap target say: |
||
| 113 | `maker -f msdos\Makefile pcap_hc.lib' (Borland's `maker.exe') |
||
| 114 | |||
| 115 | You might like to change some `CFLAGS' -- only `DEBUG' define currently |
||
| 116 | have any effect. It shows a rotating "fan" in upper right corner of |
||
| 117 | screen. Remove `DEBUG' if you don't like it. You could add |
||
| 118 | `-fomit-frame-pointer' to `CFLAGS' to speed up the generated code. |
||
| 119 | But note, this makes debugging and crash-traceback difficult. Only |
||
| 120 | add it if you're fully confident your application is 100% stable. |
||
| 121 | |||
| 122 | Note: Code in `USE_NDIS2' does not work at the moment. |
||
| 123 | |||
| 124 | 4. The resulting libraries are put in current directory. There's no |
||
| 125 | test-program for `libpcap'. Linking the library with `tcpdump' is |
||
| 126 | the ultimate test anyway. |
||
| 127 | |||
| 128 | |||
| 129 | |||
| 130 | Extensions to libpcap |
||
| 131 | --------------------- |
||
| 132 | |||
| 133 | I've included some extra functions to DOS-libpcap: |
||
| 134 | |||
| 135 | `pcap_config_hook (const char *name, const char *value)' |
||
| 136 | |||
| 137 | Allows an application to set values of internal libpcap variables. |
||
| 138 | `name' is typically a left-side keyword with an associated `value' |
||
| 139 | that is called from application's configure process (see tcpdump's |
||
| 140 | config.c file). libpcap keeps a set of tables that are searched for |
||
| 141 | a name/value match. Currently only used to set debug-levels and |
||
| 142 | parameters for the 32-bit network drivers. |
||
| 143 | |||
| 144 | `pcap_set_wait (pcap_t *, void (*)(void), int)' : |
||
| 145 | |||
| 146 | Only effective when reading offline traffic from dump-files. |
||
| 147 | Function `pcap_offline_read()' will wait (and optionally yield) |
||
| 148 | before printing next packet. This will simulate the pace the packets |
||
| 149 | where actually recorded. |
||
| 150 | |||
| 151 | |||
| 152 | |||
| 153 | Happy sniffing ! |
||
| 154 | |||
| 155 | |||
| 156 | Gisle Vanem <giva@bgnett.no> |
||
| 157 | <gvanem@broadpark.no> |
||
| 158 | |||
| 159 | October 1999, 2004 |
||
| 160 |