• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: TCPDump porting issues
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: TCPDump porting issues

  • Subject: Re: TCPDump porting issues
  • From: Todd Heberlein <email@hidden>
  • Date: Tue, 14 Aug 2001 19:59:05 -0700
On 8/14/01 11:39 AM, "Chilton Webb" <email@hidden> wrote:

> Just curious if anyone else has tried to bring TCPDump to OSX. I'm doing
> that right now, and experiencing a world of hurt. Here's my latest
> problem, any suggestions welcome:

As has already been pointed our, MacOS X already has tcpdump installed. So
you can always just use that binary if you want. If you want a fresh
version you can tweak yourself, there are a couple of approaches you can
take.

One is to use a nicely packaged tcpdump installer that someone else has
already mention. Another is to pull down libpcap and tcpdump and do a
manual build from a shell. This is *not* Mac friendly, but I ended up doing
this :-) Below are some general notes followed by the actual command to
build the package.

First, tcpdump requires libpcap, and while Apple has provided this library
itself, I cannot find the libpcap include files anywhere. In the end I
installed both new versions of libpcap and tcpdump.

Second, get libpcap and tcpdump from www.tcpdump.org. I went to my old
friend lbl.gov only later to discover that life had moved beyond them.

Third, I was not happy with the way tcpdump found a copy of libpcap (it
didn't seem to support a nice --with-pcap=DIR). Fortunately the tcpdump
configure script found my source files. I build all packages I pull off the
network in a common directory tree (e.g., ~/Packages), and you might want to
do the same thing. It might help tcpdump find libpcap.

Fourth, unpacking the gzipped tarball generated an error message about the
directory already existing, but you can ignore this.

Fifth, there is a stupid problem when running "make install". It turns out
libpcap and tcpdump already have a file called "install", so make says
install is already made. I solved this by moving "install" to
"install.stupid". [Note, I put all my locally build libraries and tools in
/usr/local/<pkg>/]

Whew. An actual example would be better:

Building libpcap:
% gzip -cd libpcap-0.6.2.tar.gz | tar xf -
tar: Could not create: libpcap-0.6.2/. <File exists> <-- stupid error
% cd libpcap-0.6.2
% ./configure --prefix=/usr/local/pcap
% make
% mv install install.stupid
% sudo make install

Building tcpdump:
% gzip -cd tcpdump-3.6.2.tar.gz | tar xf -
tar: Could not create: tcpdump-3.6.2/. <File exists> <-- stupid error
% cd tcpdump-3.6.2
% ./configure --prefix=/usr/local/tcpdump
% make
% mv install install.stupid
% sudo make install

Running tcpdump:
% sudo /usr/local/tcpdump/sbin/tcpdump


Cheers,

Todd

References: 
 >TCPDump porting issues (From: Chilton Webb <email@hidden>)

  • Prev by Date: Re: classes chart
  • Next by Date: Threads, safeness, and AutoreleasePools
  • Previous by thread: Re: TCPDump porting issues
  • Next by thread: Re: TCPDump porting issues
  • Index(es):
    • Date
    • Thread