@(#) $Header: /tcpdump/master/tcpdump/INSTALL,v 1.36.1.1.2.2 2000/01/29 17:02:09 itojun Exp $ (LBL) If you have not built libpcap, do so first. See the README file in this directory for the ftp location. You will need an ANSI C compiler to build tcpdump. The configure script will abort if your compiler is not ANSI compliant. If this happens, use the GNU C compiler, available via anonymous ftp: ftp://prep.ai.mit.edu/pub/gnu/gcc.tar.gz After libpcap has been built (either install it with "make install" and "make install-incl" or make sure both the libpcap and tcpdump source trees are in the same directory), edit the BINDEST and MANDEST paths in Makefile.in and run ./configure (a shell script). "configure" will determine your system attributes and generate an appropriate Makefile from Makefile.in. Now build tcpdump by running "make". If everything builds ok, su and type "make install" (and optionally "make install-man). This will install tcpdump and the manual entry. By default, tcpdump is installed with group execute permissions. The group used depends on your os. In addition, BPF packet access is controlled by permissions to /dev/bpf0. In any case, DO NOT give untrusted users the capability of running tcpdump. Tcpdump can capture any traffic on your net, including passwords. Note that tcpdump is shipped with some systems, for example, DEC/OSF and BSD/386. Remember to remove or rename the installed binary when upgrading. If you use Linux, this version of libpcap is known to compile and run under Red Hat 4.0 with the 2.0.25 kernel. It may work with earlier 2.X versions but is guaranteed not to work with 1.X kernels. If you use OSF 4, note that that there appears to be some serious bugs with the stock C compiler. The configure code fragments that detect if the ether_header and ether_arp structs use the ether_addr struct generates warnings instead of fatal errors (?!?!) This makes configure think that the ether_arp struct is used when in fact it is not. To get around this, comment out: #define ETHER_HEADER_HAS_EA 1 and #define ETHER_ARP_HAS_EA 1 from config.h after running configure (and before attempting to compile tcpdump). Another workaround is to use gcc. If your system is not one which we have tested tcpdump on, you may have to modify the configure script and Makefile.in. Please send us patches for any modifications you need to make. == Tested platforms == NetBSD 1.4.1/i386 (mcr) RedHat Linux 6.1/i386 (assar) FILES ----- CHANGES - description of differences between releases FILES - list of files exported as part of the distribution INSTALL - this file Makefile.in - compilation rules (input to the configure script) README - description of distribution README-AFS - VERSION - version of this release acconfig.h - autoconf input aclocal.m4 - autoconf macros addrtoname.c - address to hostname routines addrtoname.h - address to hostname definitions appletalk.h - AppleTalk definitions atime.awk - TCP ack awk script bootp.h - BOOTP definitions bpf_dump.c - bpf instruction pretty-printer routine config.guess - autoconf support config.h.in - autoconf input config.sub - autoconf support configure - configure script (run this first) configure.in - configure script source decnet.h - DECnet definitions dhcp6.h - IPv6 DHCP definitions dhcp6opt.h - IPv6 DHCP options ethertype.h - ethernet definitions extract.h - alignment definitions fddi.h - Fiber Distributed Data Interface definitions gmt2local.c - time conversion routines gmt2local.h - time conversion prototypes igrp.h - Interior Gateway Routing Protocol definitions install-sh - BSD style install script interface.h - globals, prototypes and definitions ipsec_doi.h - ISAKMP packet definitions - RFC2407 ipx.h - IPX definitions isakmp.h - ISAKMP packet definitions - RFC2408 l2tp.h - lane.h - lbl/gnuc.h - gcc macros and defines lbl/os-*.h - os dependent defines and prototypes linux-include/* - network include files missing on Linux llc.h - LLC definitions machdep.c - machine dependent routines machdep.h - machine dependent definitions makemib - mib to header script mib.h - mib definitions missing/* - replacements for missing library functions mkdep - construct Makefile dependency list netbios.h - NETBIOS definitions nfs.h - Network File System V2 definitions nfsfh.h - Network File System file handle definitions ntp.h - Network Time Protocol definitions oakley.h - ISAKMP packet definitions - RFC2409 ospf.h - Open Shortest Path First definitions ospf6.h - IPv6 Open Shortest Path First definitions packetdat.awk - TCP chunk summary awk script parsenfsfh.c - Network File System file parser routines ppp.h - Point to Point Protocol definitions print-ah.c - IPSEC Authentication Header printer routines print-arp.c - Address Resolution Protocol printer routines print-ascii.c - ASCII packet dump routines print-atalk.c - AppleTalk printer routines print-atm.c - atm printer routines print-bgp.c - Border Gateway Protocol printer routines print-bootp.c - BOOTP and IPv4 DHCP printer routines print-chdlc.c - CHDLC printer routines print-cip.c - print-decnet.c - DECnet printer routines print-dhcp6.c - IPv6 DHCP printer routines print-domain.c - Domain Name System printer routines print-dvmrp.c - Distance Vector Multicast Routing Protocol printer routines print-egp.c - External Gateway Protocol printer routines print-esp.c - IPSEC Encapsulating Security Payload printer routines print-ether.c - ethernet printer routines print-fddi.c - Fiber Distributed Data Interface printer routines print-frag6.c - IPv6 fragmentation header printer routines print-gre.c - Generic Routing Encapsulation printer routines print-icmp.c - Internet Control Message Protocol printer routines print-icmp6.c - IPv6 Internet Control Message Protocol printer routines print-igrp.c - Interior Gateway Routing Protocol printer routines print-ip.c - ip printer routines print-ip6.c - IPv6 printer routines print-ip6opts.c - IPv6 header option printer routines print-ipcomp.c - IP Payload Compression Protocol printer routines print-ipx.c - IPX printer routines print-isakmp.c - Internet Security Association and Key Management Protocol print-isoclns.c - isoclns printer routines print-krb.c - Kerberos printer routines print-l2tp.c - Layer Two Tunneling Protocol printer routines print-lane.c - print-lcp.c - print-llc.c - llc printer routines print-mobile.c - IPv4 mobility printer routines print-netbios.c - netbios printer routines print-nfs.c - Network File System printer routines print-ntp.c - Network Time Protocol printer routines print-null.c - null printer routines print-ospf.c - Open Shortest Path First printer routines print-ospf6.c - IPv6 Open Shortest Path First printer routines print-pim.c - Protocol Independent Multicast printer routines print-ppp.c - Point to Point Protocol printer routines print-pppoe.c - print-raw.c - raw printer routines print-rip.c - Routing Information Protocol printer routines print-ripng.c - IPv6 Routing Information Protocol printer routines print-rt6.c - IPv6 routing header printer routines print-rx.c - AFS RX printer routines print-sl.c - Compressed Serial Line Internet Protocol printer routines print-smb.c - SMB (samba) printer routines print-snmp.c - Simple Network Management Protocol printer routines print-sunrpc.c - Sun Remote Procedure Call printer routines print-tcp.c - TCP printer routines print-telnet.c - Telnet option printer routines print-tftp.c - Trivial File Transfer Protocol printer routines print-udp.c - UDP printer routines print-vjc.c - PPP Van Jacovson compression (RFC1144) printer routines print-wb.c - white board printer routines route6d.h - packet definition for IPv6 Routing Information Protocol rx.h - savestr.c - strdup() replacement savestr.h - savestr prototypes send-ack.awk - unidirectional tcp send/ack awk script setsignal.c - os independent signal routines setsignal.h - os independent signal prototypes smb.h - smbutil.c - stime.awk - TCP send awk script strcasecmp.c - missing routine tcpdump.1 - manual entry tcpdump.c - main program util.c - utility routines vfprintf.c - emulation routine