@(#) $Header: INSTALL,v 1.12 91/10/15 14:23:33 vern Exp $ (LBL) To build tcpdump, edit the Makefile to make appropriate changes for your site. Things you may have to change are: - Define "CC = cc" if you don't have gcc. - Define "YACC = yacc" if you don't have bison. Bison is available via anonymous ftp from prep.ai.mit.edu (18.71.0.38), in the directory pub/gnu. Set binary mode and retrieve the compressed tarchive pub/gnu/bison-1.11.tar.Z (or whatever the highest version is). - Redefine BINDEST and/or MANDEST if you want the binary or manual entry installed somewhere else. Similarly, redefined TCPSLICE_BINDEST and TCPSLICE_MANDEST to control where tcpslice is installed. - Remove -DCSLIP from DEFINES unless you have BPF and SLIP in your kernel, and net/if_sl.c has been modified to interact with BPF (or you have installed our SLIP software). - Remove -DPPP from DEFINES unless you have BPF in your kernel, and any point-to-point drivers have been modified to interact with BPF. - On IBM RTs running 4.3BSD and enet, these defines have been known to work: DEFINES = -DNOVFPRINTF -DIBMRTPC CFLAGS = $(STANDARD_CFLAGS) -U__STDC__ MD = echo rt - Define GROUP to the group name that tcpdump should be installed under. For security reasons, we have found it convenient to create a group associated with raw network access. Since tcpdump now uses the BPF packet filtering machinery, it includes some files that may not be present your system (i.e., ). To get around this, we have placed copies of the required files in tcpdump/net, and added '-I..' to the Makefile INCLUDES so 'cc' can find them. Once the Makefile is right, just type "make". This will create a subdirectory appropriate for the architecture and OS you're building on (i.e., "sun3-sunos3", "sun4-sunos4", "hp300-bsd", etc.) by setting up appropriate links. If the file /dev/bpf0 exists, the make procedure assumes you want to use BPF. If /usr/include/net/enet.h exists, then enet is assumed. Otherwise, the packet capture interface is deduced from the OS as follows: BSD - BPF SunOS 3 - NIT SunOS 4 - STREAMS NIT Ultrix - DEC Packetfilter We use separate subdirectories so we can support multiple platforms from one copy of the source. DON'T say "make tcpdump" in the top level directory -- it won't work and it will leave a lot of useless .o's around. If linking tcpdump fails with "Undefined: _alloca" when using bison on a Sun4, your version of bison is broken. To fix it, insert the lines: #ifdef __GNUC__ #define alloca __builtin_alloca #else #ifdef sparc #include #else char *alloca (); #endif #endif right after the (100 line!) GNU license comment in bison.simple, remove sun4-sunos4/tcpgram.[co], and fire up make again. If you are running a version of SunOS earlier than 4.1, you will need to replace the Sun supplied /sys/sun{3,4,4c}/OBJ/nit_if.o with the appropriate version from this distribution's SUNOS4 subdirectory and build a new kernel: nit_if.o.sun3-sunos4 (any flavor of sun3) nit_if.o.sun4c-sunos4.0.3c (SS1, SS1+, IPC, SLC, etc.) nit_if.o.sun4-sunos4 (Sun4's not covered by nit_if.o.sun4c-sunos4.0.3c) These nit replacements fix a bug that makes nit essentially unusable in pre-SunOS 4.1. In addition, our sun4c-sunos4.0.3c nit gives you timestamps to the resolution of the SS-1 clock (1 us) rather than the lousy 20ms timestamps Sun gives you (tcpdump will print out the full timestamp resolution if it finds it's running on a SS-1). If everything builds ok, su and type "make install". This will install tcpdump and tcpslice along with their manual entries. Note that since NIT can only be used by root, tcpdump is installed setuid to root. As a security measure, we install it exectuable only by group wheel. On the other hand, BPF packet access is controlled by permissions to /dev/bpf0 etc., and in this case, tcpdump does not have to be setuid. If you're running a BSD system or would like to replace Sun's NIT interface, you need to install our packet filter in your kernel. See bpf/README for more details.