Free Downloads, Community Forum,
FAQs and Developer Resources


Make /Tools Your Home | Link to us

Today's posts | Posts since last visit | Most Active Topics

All Forums Register Login Search Subscriptions My Profile Inbox
Tool Warehouse FAQs Resources Help Member List Address Book Logout

libpcap?

  		Logged in as: Guest
Users viewing this topic: none
  Printable Version
All Forums >> [SFU / Interix / SUA Technology] >> Interix Advanced Forum >> libpcap? Page: [1]
Login
Message << Older Topic   Newer Topic >>
libpcap? - Jun. 28, '04, 9:56:11 PM   
breiter

 

Posts: 300
Joined: Jun. 14, '04,
From: Washington, DC
Status: online 		I'm not having much luck compiling libpcap 0.8.1 on SFU/Interix 3.5. Any suggestions?

It seems like some key IP stack header files are missing. Is this an example of something that really can't work because the IP stack is an NT kernel-mode driver beneath the Interix subsystem: %SYSTEMROOT%\system32\drivers\tcpip.sys? If so that's a bummer because a lot of network security utilities rely on libpcap.

$ ./configure
creating cache ./config.cache
checking host system type... i586-pc-interix3
checking target system type... i586-pc-interix3
checking build system type... i586-pc-interix3
checking for gcc... gcc
 -L/usr/local/lib) works... yes (gcc -D_ALL_SOURCE
 -L/usr/local/lib) is a cross-compiler... noSOURCE
checking whether we are using GNU C... yes
checking whether gcc accepts -g... yes
checking gcc version... 3
checking for inline... inline
checking for __attribute__... yes
checking for u_int8_t using gcc... yes
checking for u_int16_t using gcc... yes
checking for u_int32_t using gcc... yes
checking how to run the C preprocessor... gcc -E
checking for sys/ioccom.h... no
checking for sys/sockio.h... no
checking for ifaddrs.h... no
checking for limits.h... yes
checking for netinet/if_ether.h... no
checking for ANSI ioctl definitions... yes
checking for ether_hostton... no
checking for strerror... yes
checking for strlcpy... yes
checking for vsnprintf... yes
checking for snprintf... yes
checking if --disable-protochain option is specified... enabled
checking packet capture type... null
checking for getifaddrs... no
checking if --enable-ipv6 option is specified... no
checking whether to build optimizer debugging code... no
checking whether to build parser debugging code... no
configure: warning: cannot determine packet capture interface
configure: warning: (see the INSTALL doc for more info)
checking whether we have /proc/net/dev... no
checking whether we have DAG API... no
checking for flex... flex
checking for flex 2.4 or higher... yes
checking for bison... bison
checking for ranlib... ranlib
checking if sockaddr struct has sa_len member... no
checking if sockaddr_storage struct exists... no
checking if dl_hp_ppa_info_t struct has dl_module_id_1 member... no
checking if unaligned accesses fail... no
checking for a BSD compatible install... /bin/install -c
updating cache ./config.cache
creating ./config.status
creating Makefile
creating config.h
$ make
gcc -O2 -D_ALL_SOURCE -I. -DHAVE_CONFIG_H  -D_U_="__attribute__((unused))" -c ./pcap-null.c
gcc -O2 -D_ALL_SOURCE -I. -DHAVE_CONFIG_H  -D_U_="__attribute__((unused))" -c ./fad-null.c
sed -e 's/.*/static const char pcap_version_string[] = "libpcap version &";/' ./VERSION > version.h
gcc -O2 -D_ALL_SOURCE -I. -DHAVE_CONFIG_H  -D_U_="__attribute__((unused))" -c ./pcap.c
gcc -O2 -D_ALL_SOURCE -I. -DHAVE_CONFIG_H  -D_U_="__attribute__((unused))" -c ./inet.c
inet.c:59:20: net/if.h: No such file or directory
inet.c: In function `pcap_lookupdev':
inet.c:469: error: `IFNAMSIZ' undeclared (first use in this function)
inet.c:469: error: (Each undeclared identifier is reported only once
inet.c:469: error: for each function it appears in.)
inet.c:469: error: storage size of `device' isn't known
inet.c: In function `pcap_lookupnet':
inet.c:510: error: storage size of `ifr' isn't known
inet.c:538: error: `SIOCGIFADDR' undeclared (first use in this function)
inet.c:552: error: `SIOCGIFNETMASK' undeclared (first use in this function)
*** Error code 1

Stop.
$
Post #: 1
RE: libpcap? - Jun. 28, '04, 11:39:48 PM   
markfunk

 

Posts: 623
Joined: Mar. 31, '03,
Status: offline 		First, look at Winsock specs and header files.
If what you want to do is supported via Winsock, then chances are
you can do it using Interix. But you'll have to provide the header
files yourself (ie copy the relevant structs and constants from the
Winsock header files).
This won't work if you need a special networking api which Interix
doesn't already support.

We only provided enough networking support in Interix to satisfy
mainstream UNIX networking communications that were current 4-5 years ago.
We didn't care about specialty support for utils like traceroute
or multi-casting.

(in reply to breiter)
Post #: 2
RE: libpcap? - Jun. 28, '04, 11:55:49 PM   
breiter

 

Posts: 300
Joined: Jun. 14, '04,
From: Washington, DC
Status: online 		Oy.

It is definitely supported by Winsock. There's a libpcap port for Win32 called winpcap. But there's ony a subset of utilities (like nmap) ported for Win32 and winpcap.

Digging into Winsock isn't that high on my list of things to do.


(in reply to markfunk)
Post #: 3
RE: libpcap? - Jul. 22, '04, 2:42:09 PM   
breiter

 

Posts: 300
Joined: Jun. 14, '04,
From: Washington, DC
Status: online 		I actually was able to work around this to get the utility I wanted to work on Interix via aliasing the Win32 console utility--nmap.exe--which using Winpcap. It's not ideal but works:

I added my alias definition to csh.cshrc:
alias nmap "/dev/fs/C/Program\ Files/nmap/nmap.exe"

And viola:
% nmap
Nmap 3.50 Usage: nmap [Scan Type(s)] [Options] <host or net list>
Some Common Scan Types ('*' options require root privileges)
* -sS TCP SYN stealth port scan (default if privileged (root))
-sT TCP connect() port scan (default for unprivileged users)
* -sU UDP port scan
-sP ping scan (Find any reachable machines)
* -sF,-sX,-sN Stealth FIN, Xmas, or Null scan (experts only)
-sV Version scan probes open ports determining service & app names/versions
-sR/-I RPC/Identd scan (use with other scan types)
Some Common Options (none are required, most can be combined):
* -O Use TCP/IP fingerprinting to guess remote operating system
-p <range> ports to scan. Example range: '1-1024,1080,6666,31337'
-F Only scans ports listed in nmap-services
-v Verbose. Its use is recommended. Use twice for greater effect.
-P0 Don't ping hosts (needed to scan www.microsoft.com and others)
* -Ddecoy_host1,decoy2[,...] Hide scan using many decoys
-6 scans via IPv6 rather than IPv4
-T <Paranoid|Sneaky|Polite|Normal|Aggressive|Insane> General timing policy
-n/-R Never do DNS resolution/Always resolve [default: sometimes resolve]
-oN/-oX/-oG <logfile> Output normal/XML/grepable scan logs to <logfile>
-iL <inputfile> Get targets from file; Use '-' for stdin
* -S <your_IP>/-e <devicename> Specify source address or network interface
--interactive Go into interactive mode (then press h for help)
--win_help Windows-specific features
Example: nmap -v -sS -O www.my.com 192.168.0.0/16 '192.88-90.*.*'
SEE THE MAN PAGE FOR MANY MORE OPTIONS, DESCRIPTIONS, AND EXAMPLES

(in reply to breiter)
Post #: 4
Page:   [1]
All Forums >> [SFU / Interix / SUA Technology] >> Interix Advanced Forum >> libpcap? Page: [1]
Jump to:





New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts


Search All Forums -

Advanced search


SPONSORS

Forum Software © ASPPlayground.NET Advanced Edition 2.5 ANSI

0.031