Commit 94a79394 authored by Mike Hibler's avatar Mike Hibler

Total reorg of sensorts/nfstrace/nfsdump2 directory.

Previously it contained a copy of the nfsdump utility with local changes.
The actual build of the tool would also happen in the source tree.

This has now been changed to be more like tg/iperf/rude, where it downloads
(in the build tree) the appropriate distribution, applies our patches, and
then builds.  The "patch" includes several new, local files and rather than
literally using patch to create those, there is now a subdir in source tree
called "files" that contains those.  After patch runs, these files are
symlinked into the build tree (symlinking was easier than mucking with the
Makefile to do a VPATH thing).
parent ef6b8346
version.c
Makefile
Makefile-devel.in
config.status
config.log
config.cache
config.h
.devel
stamp-h
stamp-h.in
tcpdump
This diff is collapsed.
This file lists people who have contributed to tcpdump:
The current maintainers:
Bill Fenner <fenner@research.att.com>
Assar Westerlund <assar@sics.se>
Alexey Kuznetsov <kuznet@ms2.inr.ac.ru>
Jun-ichiro itojun Hagino <itojun@iijlab.net>
Guy Harris <guy@alum.mit.edu>
Torsten Landschoff <t.landschoff@gmx.net>
Michael Richardson <mcr@sandelman.ottawa.on.ca>
Ken Hornstein <kenh@cmf.nrl.navy.mil>
Additional people who have contributed patches:
Alfredo Andres <aandres@s21sec.com>
Andrew Tridgell <tridge@linuxcare.com>
Arkadiusz Miskiewicz <misiek@pld.org.pl>
Chris G. Demetriou <cgd@netbsd.org>
Craig Rodrigues <rodrigc@mediaone.net>
Daniel Hagerty <hag@ai.mit.edu>
Francisco Matias Cuenca-Acuna <mcuenca@george.rutgers.edu>
Frank Volf <volf@oasis.IAEhv.nl>
Gert Doering <gert@greenie.muc.de>
Gilbert Ramirez Jr. <gram@xiexie.org>
Gisle Vanem <gvanem@eunet.no>
JINMEI Tatuya <jinmei@kame.net>
Jefferson Ogata <jogata@nodc.noaa.gov>
Jeffrey Hutzelman <jhutz@cmu.edu>
Juergen Schoenwaelder <schoenw@ibr.cs.tu-bs.de>
Ken Hornstein <kenh@cmf.nrl.navy.mil>
Kevin Steves <stevesk@sweden.hp.com>
Larry Lile <lile@stdio.com>
Lennert Buytenhek <buytenh@gnu.org>
Love Hrnquist-strand <lha@stacken.kth.se>
Marko Kiiskila <carnil@cs.tut.fi>
Michael Shalayeff <mickey@openbsd.org>
Michael T. Stolarchuk <mts@off.to>
Monroe Williams <monroe@pobox.com>
Motonori Shindo <mshindo@mshindo.net>
Olaf Kirch <okir@caldera.de>
Onno van der Linden <onno@simplex.nl>
Pascal Hennequin <pascal.hennequin@int-evry.fr>
Pasvorn Boonmark <boonmark@juniper.net>
Pekka Savola <pekkas@netcore.fi>
Peter Jeremy <peter.jeremy@alcatel.com.au>
Rafal Maszkowski <rzm@icm.edu.pl>
Rick Jones <raj@cup.hp.com>
Roderick Schertler <roderick@argon.org>
Sebastian Krahmer <krahmer@cs.uni-potsdam.de>
Timo Koskiahde
Tony Li <tli@jnx.com>
Wilbert de Graaf <wilbertdg@hetnet.nl>
Kris Kennaway <kris@freebsd.org>
Ben Smithurst <ben@scientia.demon.co.uk>
The original LBL crew:
Steve McCanne
Craig Leres
Van Jacobson
CHANGES
CREDITS
FILES
INSTALL
LICENSE
Makefile.in
README
VERSION
acconfig.h
aclocal.m4
addrtoname.c
addrtoname.h
ah.h
appletalk.h
atime.awk
bootp.h
chdlc.h
config.guess
config.h.in
config.sub
configure
configure.in
decnet.h
dhcp6.h
dhcp6opt.h
esp.h
ether.h
ethertype.h
extract.h
fddi.h
gmt2local.c
gmt2local.h
igrp.h
install-sh
interface.h
ip.h
ipsec_doi.h
ipx.h
isakmp.h
l2tp.h
lane.h
lbl/os-solaris2.h
lbl/os-sunos4.h
lbl/os-ultrix4.h
llc.h
machdep.c
machdep.h
makemib
mib.h
missing/addrinfo.h
missing/addrsize.h
missing/bittypes.h
missing/getaddrinfo.c
missing/getnameinfo.c
missing/inet_aton.c
missing/inet_ntop.c
missing/inet_pton.c
missing/resolv6.h
missing/resolv_ext.h
missing/snprintf.c
missing/sockstorage.h
missing/strlcat.c
missing/strlcpy.c
mkdep
nameser.h
netbios.h
nfs.h
nfsfh.h
ntp.h
oakley.h
ospf.h
ospf6.h
packetdat.awk
parsenfsfh.c
ppp.h
print-ah.c
print-arp.c
print-ascii.c
print-atalk.c
print-atm.c
print-bgp.c
print-bootp.c
print-bxxp.c
print-cdp.c
print-chdlc.c
print-cip.c
print-cnfp.c
print-decnet.c
print-dhcp6.c
print-domain.c
print-dvmrp.c
print-egp.c
print-esp.c
print-ether.c
print-fddi.c
print-frag6.c
print-gre.c
print-icmp.c
print-icmp6.c
print-igmp.c
print-igrp.c
print-ip.c
print-ip6.c
print-ip6opts.c
print-ipcomp.c
print-ipx.c
print-isakmp.c
print-isoclns.c
print-krb.c
print-l2tp.c
print-lane.c
print-lcp.c
print-llc.c
print-mobile.c
print-netbios.c
print-nfs.c
print-ntp.c
print-null.c
print-ospf.c
print-ospf6.c
print-pim.c
print-ppp.c
print-pppoe.c
print-radius.c
print-raw.c
print-rip.c
print-ripng.c
print-rt6.c
print-rx.c
print-sl.c
print-sll.c
print-smb.c
print-snmp.c
print-stp.c
print-sunrpc.c
print-tcp.c
print-telnet.c
print-tftp.c
print-timed.c
print-token.c
print-udp.c
print-vjc.c
print-vrrp.c
print-wb.c
route6d.h
rx.h
savestr.c
savestr.h
send-ack.awk
setsignal.c
setsignal.h
slip.h
slcompress.h
sll.h
smb.h
smbutil.c
stime.awk
strcasecmp.c
tcp.h
tcpdump.1
tcpdump.c
timed.h
token.h
udp.h
util.c
vfprintf.c
Mon Jul 9 14:30:36 EDT 2001
Several fixes:
1. The format for read responses (v3) was missing the "count"
before the actual number.
2. The info printed for write requests (v3) was truncated, so
the count (and following info) was lost.
3. Fixed numerous problems in the v2 protocol, where field
names were missing. This will require massive changes
in the parsing of v2 requests/responses.
Sun Jul 15 10:21:21 EDT 2001
Changed "FROM" and "TO" in the v3 rename to the usual syntax.
Removed extra keywords (redundancies).
Tue Jul 17 15:14:22 EDT 2001
Many small changes (see fixer2.pl) and fixed the fn in rename
(which was being given as a fh-- oops!). This might cause
problems: it will need to be checked carefully everywhere the
conversion is done.
#
# EMULAB-COPYRIGHT
# Copyright (c) 2000-2010 University of Utah and the Flux Group.
# All rights reserved.
#
SRCDIR = @srcdir@
TESTBED_SRCDIR = @top_srcdir@
OBJDIR = ../../..
SUBDIR = sensors/nfstrace/nfsdump2
ND2SRCDIR = nfsdump2
PROGRAMS = nfsdump2/nfsdump2
TARBALL = nfsdump-v1.01-031204.tgz
include $(OBJDIR)/Makeconf
all: $(SRCDIR)/GNUmakefile.in $(PROGRAMS)
include $(TESTBED_SRCDIR)/GNUmakerules
$(ND2SRCDIR)/Makefile:
$(SRCDIR)/nfsdump2-install $(SRCDIR) $(TARBALL)
cd $(ND2SRCDIR) && ./configure
nfsdump2/nfsdump2: $(ND2SRCDIR)/Makefile
cd $(ND2SRCDIR) && ./config.status
cd $(ND2SRCDIR) && $(MAKE)
clean:
-@if [ -d "$(ND2SRCDIR)" ]; then \
cd $(ND2SRCDIR) && $(MAKE) clean; \
fi
reallyclean:
/bin/rm -rf $(ND2SRCDIR) $(TARBALL)
@(#) $Header: /home/cvs_mirrors/cvs-public.flux.utah.edu/CVS/testbed/sensors/nfstrace/nfsdump2/INSTALL,v 1.1 2005-11-28 15:44:00 stack Exp $ (LBL)
If you have not built libpcap, do so first. See the README
file in this directory for the ftp location.
You will need an ANSI C compiler to build tcpdump. The configure script
will abort if your compiler is not ANSI compliant. If this happens, use
the GNU C compiler, available via anonymous ftp:
ftp://ftp.gnu.org/pub/gnu/gcc/
After libpcap has been built (either install it with "make install" or
make sure both the libpcap and tcpdump source trees are in the same
directory), run ./configure (a shell script). "configure" will
determine your system attributes and generate an appropriate Makefile
from Makefile.in. Now build tcpdump by running "make".
If everything builds ok, su and type "make install". This will install
tcpdump and the manual entry. By default, tcpdump is installed with
group execute permissions. The group used depends on your os. In
addition, BPF packet access is controlled by permissions to
/dev/bpf0. In any case, DO NOT give untrusted users the capability of
running tcpdump. Tcpdump can capture any traffic on your net,
including passwords.
Note that most systems ship tcpdump, but usually an older version.
Remember to remove or rename the installed binary when upgrading.
If you use Linux, this version of libpcap is known to compile and run
with 2.0.25 and more modern, and 2.2.x kernels. It is guaranteed not
to work with 1.X kernels.
If your system is not one which we have tested tcpdump on, you may have
to modify the configure script and Makefile.in. Please send us patches
for any modifications you need to make.
Please see "PLATFORMS" for notes about tested platforms.
FILES
-----
CHANGES - description of differences between releases
CREDITS - people that have helped tcpdump along
FILES - list of files exported as part of the distribution
INSTALL - this file
Makefile.in - compilation rules (input to the configure script)
README - description of distribution
VERSION - version of this release
acconfig.h - autoconf input
aclocal.m4 - autoconf macros
addrtoname.c - address to hostname routines
addrtoname.h - address to hostname definitions
appletalk.h - AppleTalk definitions
atime.awk - TCP ack awk script
bootp.h - BOOTP definitions
config.guess - autoconf support
config.h.in - autoconf input
config.sub - autoconf support
configure - configure script (run this first)
configure.in - configure script source
decnet.h - DECnet definitions
dhcp6.h - IPv6 DHCP definitions
dhcp6opt.h - IPv6 DHCP options
ethertype.h - ethernet definitions
extract.h - alignment definitions
fddi.h - Fiber Distributed Data Interface definitions
gmt2local.c - time conversion routines
gmt2local.h - time conversion prototypes
igrp.h - Interior Gateway Routing Protocol definitions
install-sh - BSD style install script
interface.h - globals, prototypes and definitions
ipsec_doi.h - ISAKMP packet definitions - RFC2407
ipx.h - IPX definitions
isakmp.h - ISAKMP packet definitions - RFC2408
l2tp.h -
lane.h -
lbl/gnuc.h - gcc macros and defines
lbl/os-*.h - os dependent defines and prototypes
llc.h - LLC definitions
machdep.c - machine dependent routines
machdep.h - machine dependent definitions
makemib - mib to header script
mib.h - mib definitions
missing/* - replacements for missing library functions
mkdep - construct Makefile dependency list
nameser.h - DNS definitions
netbios.h - NETBIOS definitions
nfs.h - Network File System V2 definitions
nfsfh.h - Network File System file handle definitions
ntp.h - Network Time Protocol definitions
oakley.h - ISAKMP packet definitions - RFC2409
ospf.h - Open Shortest Path First definitions
ospf6.h - IPv6 Open Shortest Path First definitions
packetdat.awk - TCP chunk summary awk script
parsenfsfh.c - Network File System file parser routines
ppp.h - Point to Point Protocol definitions
print-ah.c - IPSEC Authentication Header printer routines
print-arp.c - Address Resolution Protocol printer routines
print-ascii.c - ASCII packet dump routines
print-atalk.c - AppleTalk printer routines
print-atm.c - atm printer routines
print-bgp.c - Border Gateway Protocol printer routines
print-bootp.c - BOOTP and IPv4 DHCP printer routines
print-chdlc.c - CHDLC printer routines
print-cip.c - Classical-IP over ATM routines
print-cnfp.c - Cisco NetFlow printer routines
print-decnet.c - DECnet printer routines
print-dhcp6.c - IPv6 DHCP printer routines
print-domain.c - Domain Name System printer routines
print-dvmrp.c - Distance Vector Multicast Routing Protocol printer routines
print-egp.c - External Gateway Protocol printer routines
print-esp.c - IPSEC Encapsulating Security Payload printer routines
print-ether.c - ethernet printer routines
print-fddi.c - Fiber Distributed Data Interface printer routines
print-frag6.c - IPv6 fragmentation header printer routines
print-gre.c - Generic Routing Encapsulation printer routines
print-icmp.c - Internet Control Message Protocol printer routines
print-icmp6.c - IPv6 Internet Control Message Protocol printer routines
print-igrp.c - Interior Gateway Routing Protocol printer routines
print-ip.c - ip printer routines
print-ip6.c - IPv6 printer routines
print-ip6opts.c - IPv6 header option printer routines
print-ipcomp.c - IP Payload Compression Protocol printer routines
print-ipx.c - IPX printer routines
print-isakmp.c - Internet Security Association and Key Management Protocol
print-isoclns.c - isoclns printer routines
print-krb.c - Kerberos printer routines
print-l2tp.c - Layer Two Tunneling Protocol printer routines
print-lane.c -
print-lcp.c -
print-llc.c - llc printer routines
print-mobile.c - IPv4 mobility printer routines
print-netbios.c - netbios printer routines
print-nfs.c - Network File System printer routines
print-ntp.c - Network Time Protocol printer routines
print-null.c - null printer routines
print-ospf.c - Open Shortest Path First printer routines
print-ospf6.c - IPv6 Open Shortest Path First printer routines
print-pim.c - Protocol Independent Multicast printer routines
print-ppp.c - Point to Point Protocol printer routines
print-pppoe.c -
print-raw.c - raw printer routines
print-rip.c - Routing Information Protocol printer routines
print-ripng.c - IPv6 Routing Information Protocol printer routines
print-rt6.c - IPv6 routing header printer routines
print-rx.c - AFS RX printer routines
print-sl.c - Compressed Serial Line Internet Protocol printer routines
print-smb.c - SMB (samba) printer routines
print-snmp.c - Simple Network Management Protocol printer routines
print-stp.c - IEEE 802.1d spanning tree protocol printer routines
print-sunrpc.c - Sun Remote Procedure Call printer routines
print-tcp.c - TCP printer routines
print-telnet.c - Telnet option printer routines
print-tftp.c - Trivial File Transfer Protocol printer routines
print-token.c - Token Ring printer routines
print-udp.c - UDP printer routines
print-vjc.c - PPP Van Jacovson compression (RFC1144) printer routines
print-vrrp.c - Virtual Router Redundancy Protocol
print-wb.c - white board printer routines
route6d.h - packet definition for IPv6 Routing Information Protocol
rx.h -
savestr.c - strdup() replacement
savestr.h - savestr prototypes
send-ack.awk - unidirectional tcp send/ack awk script
setsignal.c - os independent signal routines
setsignal.h - os independent signal prototypes
smb.h -
smbutil.c -
stime.awk - TCP send awk script
strcasecmp.c - missing routine
tcpdump.1 - manual entry
tcpdump.c - main program
util.c - utility routines
vfprintf.c - emulation routine
Prior to 9/9/2003:
- the size in the setattr call had its bytes reversed.
License: BSD
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
1. Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in
the documentation and/or other materials provided with the
distribution.
3. The names of the authors may not be used to endorse or promote
products derived from this software without specific prior
written permission.
THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
#
# Auto-regenerate configure script or Makefile when things change.
# From autoconf.info . Works best with GNU Make.
#
${srcdir}/configure: configure.in
cd ${srcdir} && autoconf
# autoheader might not change config.h.in, so touch a stamp file.
${srcdir}/config.h.in: ${srcdir}/stamp-h.in
${srcdir}/stamp-h.in: configure.in acconfig.h
cd ${srcdir} && autoheader
echo timestamp > ${srcdir}/stamp-h.in
config.h: stamp-h
stamp-h: ${srcdir}/config.h.in config.status
./config.status
Makefile: Makefile.in config.status
./config.status
config.status: ${srcdir}/configure
./config.status --recheck
# Copyright (c) 1988, 1989, 1990, 1991, 1992, 1993, 1994, 1995, 1996, 1997
# The Regents of the University of California. All rights reserved.
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that: (1) source code distributions
# retain the above copyright notice and this paragraph in its entirety, (2)
# distributions including binary code include the above copyright notice and
# this paragraph in its entirety in the documentation or other materials
# provided with the distribution, and (3) all advertising materials mentioning
# features or use of this software display the following acknowledgement:
# ``This product includes software developed by the University of California,
# Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
# the University nor the names of its contributors may be used to endorse
# or promote products derived from this software without specific prior
# written permission.
# THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
# WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
#
# @(#) $Header: /home/cvs_mirrors/cvs-public.flux.utah.edu/CVS/testbed/sensors/nfstrace/nfsdump2/Makefile.in,v 1.2 2006-02-02 16:16:17 stack Exp $ (LBL)
#
# Various configurable paths (remember to edit Makefile.in, not Makefile)
#
# VPATH
srcdir = @srcdir@
VPATH = @srcdir@
#
# You shouldn't need to edit anything below here.
#
CC = @CC@
PROG = nfsdump
CCOPT = @V_CCOPT@
INCLS = -I. @V_INCLS@
DEFS = @DEFS@
# Standard CFLAGS
CFLAGS = $(CCOPT) $(DEFS) $(INCLS) -g -I/usr/local/include/pthread -I/usr/local/include/pthread/linuxthreads
# Standard LDFLAGS
#LDFLAGS = @LDFLAGS@ -pthread
LDFLAGS = @LDFLAGS@ -L/usr/local/lib -llthread -llgcc_r
# Standard LIBS
LIBS = @LIBS@
INSTALL = @INSTALL@
INSTALL_PROGRAM = @INSTALL_PROGRAM@
INSTALL_DATA = @INSTALL_DATA@
# Explicitly define compilation rule since SunOS 4's make doesn't like gcc.
# Also, gcc does not remove the .o before forking 'as', which can be a
# problem if you don't own the file but can write to the directory.
.c.o:
@rm -f $@
$(CC) $(CFLAGS) -c $(srcdir)/$*.c
CSRC = nfsdump.c machdep.c \
util.c gmt2local.c setsignal.c \
nfsrecord.c nfs_v3.c nfs_v2.c nfs_prot_xdr.c packetTable.c mypcap.c \
listNode.c
LOCALSRC = @LOCALSRC@
GENSRC = version.c
LIBOBJS = @LIBOBJS@
SRC = $(CSRC) $(GENSRC)
OBJ = $(SRC:.c=.o) $(LIBOBJS)
CLEANFILES = $(PROG) $(OBJ) $(GENSRC) \
nfs_prot_xdr.c nfs_prot.h nfs_prot_svc.c nfs_prot_clnt.c
all: $(PROG)
install: $(PROG)
cp $(PROG) ../scripts ; chmod 755 ../scripts/$(PROG)
$(PROG): nfs_prot.h nfs_prot_xdr.c $(OBJ) @V_PCAPDEP@
@rm -f $@
$(CC) $(CFLAGS) $(LDFLAGS) -o $@ $(OBJ) $(LIBS)
nfs_prot_xdr.c: nfs_prot.x
rpcgen nfs_prot.x
nfs_prot.h: nfs_prot.x
rpcgen nfs_prot.x
getnameinfo.o: $(srcdir)/missing/getnameinfo.c
$(CC) $(CFLAGS) -o $@ -c $(srcdir)/missing/getnameinfo.c
getaddrinfo.o: $(srcdir)/missing/getaddrinfo.c
$(CC) $(CFLAGS) -o $@ -c $(srcdir)/missing/getaddrinfo.c
inet_pton.o: $(srcdir)/missing/inet_pton.c
$(CC) $(CFLAGS) -o $@ -c $(srcdir)/missing/inet_pton.c
inet_ntop.o: $(srcdir)/missing/inet_ntop.c
$(CC) $(CFLAGS) -o $@ -c $(srcdir)/missing/inet_ntop.c
inet_aton.o: $(srcdir)/missing/inet_aton.c
$(CC) $(CFLAGS) -o $@ -c $(srcdir)/missing/inet_aton.c
snprintf.o: $(srcdir)/missing/snprintf.c
$(CC) $(CFLAGS) -o $@ -c $(srcdir)/missing/snprintf.c
strlcat.o: $(srcdir)/missing/strlcat.c
$(CC) $(CFLAGS) -o $@ -c $(srcdir)/missing/strlcat.c
strlcpy.o: $(srcdir)/missing/strlcpy.c
$(CC) $(CFLAGS) -o $@ -c $(srcdir)/missing/strlcpy.c
version.o: version.c
$(CC) $(CFLAGS) -c version.c
version.c: $(srcdir)/VERSION
@rm -f $@
sed -e 's/.*/char version[] = "&";/' $(srcdir)/VERSION > $@
clean:
rm -f $(CLEANFILES)
distclean:
rm -f $(CLEANFILES) Makefile config.cache config.log config.status \
config.h gnuc.h os-proto.h stamp-h stamp-h.in
depend: $(GENSRC)
${srcdir}/mkdep -c $(CC) $(DEFS) $(INCLS) $(SRC)
== Tested platforms ==
NetBSD 1.5/i386 (mcr - 2000/12/8)
---
RedHat Linux 6.1/i386 (assar)
FreeBSD 2.2.8/i386 (itojun)
@(#) $Header: /home/cvs_mirrors/cvs-public.flux.utah.edu/CVS/testbed/sensors/nfstrace/nfsdump2/README,v 1.1 2005-11-28 15:44:00 stack Exp $ (LBL)
TCPDUMP 3.6
Now maintained by "The Tcpdump Group"
See www.tcpdump.org
Please send inquiries/comments/reports to tcpdump-workers@tcpdump.org
Anonymous CVS is available via:
cvs -d cvs.tcpdump.org:/tcpdump/master login
(password "anoncvs")
cvs -d cvs.tcpdump.org:/tcpdump/master checkout tcpdump
Version 3.6 of TCPDUMP can be retrived with the CVS tag "tcpdump_3_6":
cvs -d cvs.tcpdump.org:/tcpdump/master checkout -r tcpdump_3_6 tcpdump
Please send patches against the master copy to patches@tcpdump.org.
formerly from Lawrence Berkeley National Laboratory
Network Research Group <tcpdump@ee.lbl.gov>
ftp://ftp.ee.lbl.gov/tcpdump.tar.Z (3.4)
This directory contains source code for tcpdump, a tool for network
monitoring and data acquisition. This software was originally
developed by the Network Research Group at the Lawrence Berkeley
National Laboratory. The original distribution is available via
anonymous ftp to ftp.ee.lbl.gov, in tcpdump.tar.Z. More recent
development is performed at tcpdump.org, http://www.tcpdump.org/
Tcpdump uses libpcap, a system-independent interface for user-level
packet capture. Before building tcpdump, you must first retrieve and
build libpcap, also originally from LBL and now being maintained by
tcpdump.org; see http://www.tcpdump.org/ .
Once libpcap is built (either install it or make sure it's in
../libpcap), you can build tcpdump using the procedure in the INSTALL
file.
The program is loosely based on SMI's "etherfind" although none of the
etherfind code remains. It was originally written by Van Jacobson as
part of an ongoing research project to investigate and improve tcp and
internet gateway performance. The parts of the program originally
taken from Sun's etherfind were later re-written by Steven McCanne of
LBL. To insure that there would be no vestige of proprietary code in
tcpdump, Steve wrote these pieces from the specification given by the
manual entry, with no access to the source of tcpdump or etherfind.
Over the past few years, tcpdump has been steadily improved by the
excellent contributions from the Internet community (just browse
through the CHANGES file). We are grateful for all the input.
Richard Stevens gives an excellent treatment of the Internet protocols
in his book ``TCP/IP Illustrated, Volume 1''. If you want to learn more
about tcpdump and how to interpret its output, pick up this book.
Some tools for viewing and analyzing tcpdump trace files are available
from the Internet Traffic Archive:
http://www.acm.org/sigcomm/ITA/
Another tool that tcpdump users might find useful is tcpslice:
ftp://ftp.ee.lbl.gov/tcpslice.tar.Z
It is a program that can be used to extract portions of tcpdump binary
trace files. See the above distribution for further details and