readme.dos
1 libpcap for DOS
2 ---------------
3
4 This file contains some notes on building and using libpcap for MS-DOS.
5 Look in `README' and `pcap.man' for usage and details. These targets are
6 supported:
7
8 - Borland C 4.0+ small or large model.
9 - Metaware HighC 3.1+ with PharLap DOS-extender
10 - GNU C 2.7+ with djgpp 2.01+ DOS extender
11 - Watcom C 11.x with DOS4GW extender
12
13 Note: the files in the libpcap.zip contains short truncated filenames.
14 So for djgpp to work with these, disable the use of long file names by
15 setting "LFN=n" in the environment. On the other hand, if you get libpcap
16 from Github or the official libpcap.tar.gz, some filenames are beyond 8+3.
17 In this case set "LFN=y".
18
19 Files specific to DOS are pcap-dos.[ch] and the assembly and C files in
20 the MSDOS sub-directory. Remember to built the libpcap library from the top
21 install directory. And not from the MSDOS sub-directory.
22
23 Note for djgpp users:
24 If you got the libpcap from the official site www.tcpdump, then that
25 distribution does NOT contain any sources for building 32-bit drivers.
26 Instead get the full version at
27 http://www.watt-32.net/pcap/libpcap.zip
28
29 and set "USE_32BIT_DRIVERS = 1" in msdos\common.dj.
30
31
32
33 Requirements
34 ------------
35
36 DOS-libpcap currently only works reliably with a real-mode Ethernet packet-
37 driver. This driver must be installed prior to using any program (e.g.
38 tcpdump) compiled with libpcap. Work is underway to implement protected-
39 mode drivers for 32-bit targets (djgpp only). The 3Com 3c509 driver is
40 working almost perfectly. Due to lack of LAN-cards, I've not had the
41 opportunity to test other drivers. These 32-bit drivers are modified
42 Linux drivers.
43
44
45 Required packages
46 -----------------
47
48 The following packages and tools must be present for all targets.
49
50 1. Watt-32 tcp/ip library. This library is *not* used to send or
51 receive network data. It's mostly used to access the 'hosts'
52 file and other <netdb.h> features. Get 'watt32s*.zip' at:
53
54 http://www.watt-32.net
55
56 2. Exception handler and disassember library (libexc.a) is needed if
57 "USE_EXCEPT = 1" in common.dj. Available at:
58
59 http://www.watt-32.net/misc/exc_dx07.zip
60
61 3. Flex & Bison is used to generate parser for the filter handler
62 pcap_compile:
63 ftp://ftp.delorie.com/pub/djgpp/current/v2gnu/flx254b.zip
64 ftp://ftp.delorie.com/pub/djgpp/current/v2gnu/bsn241b.zip
65
66 4. NASM assembler v 0.98 or later is required when building djgpp and
67 Watcom targets:
68 http://www.nasm.us/
69
70 5. sed (Stream Editor) is required for doing `make depend'.
71 It's available at:
72 ftp://ftp.delorie.com/pub/djgpp/current/v2gnu/sed422b.zip
73
74 A touch tool to update the time-stamp of a file. E.g.:
75 ftp://ftp.delorie.com/pub/djgpp/current/v2gnu/grep29b.zip
76
77 6. For djgpp rm.exe and cp.exe are required. These should already be
78 part of your djgpp installation. Also required (experimental at the
79 time) for djgpp is DLX 2.91 or later. This tool is for the generation
80 of dynamically loadable modules.
81
82
83 Compiling libpcap
84 -----------------
85
86 Follow these steps in building libpcap:
87
88 1. Make sure you've installed Watt-32 properly (see it's `INSTALL' file).
89 During that installation a environment variable `WATT_ROOT' is set.
90 This variable is used for building libpcap also (`WATT_INC' is
91 deducted from `WATT_ROOT'). djgpp users should also define environment
92 variables `C_INCLUDE_PATH' and `LIBRARY_PATH' to point to the include
93 directory and library directory respectively. E.g. put this in your
94 AUTOEXEC.BAT:
95 set C_INCLUDE_PATH=c:/net/watt/inc
96 set LIBRARY_PATH=c:/net/watt/lib
97
98 2. Revise the msdos/common.dj file for your djgpp/gcc installation;
99 - change the value of `GCCLIB' to match location of libgcc.a.
100 - set `USE_32BIT_DRIVERS = 1' to build 32-bit driver objects.
101
102
103 3. Build pcap by using appropriate makefile. For djgpp, use:
104 `make -f msdos/makefile.dj' (i.e. GNU `make')
105
106 For a Watcom target say:
107 `wmake -f msdos\makefile.wc'
108
109 For a Borland target say:
110 `maker -f msdos\Makefile pcap_bc.lib' (Borland's `maker.exe')
111
112 And for a HighC/Pharlap target say:
113 `maker -f msdos\Makefile pcap_hc.lib' (Borland's `maker.exe')
114
115 You might like to change some `CFLAGS' -- only `DEBUG' define currently
116 have any effect. It shows a rotating "fan" in upper right corner of
117 screen. Remove `DEBUG' if you don't like it. You could add
118 `-fomit-frame-pointer' to `CFLAGS' to speed up the generated code.
119 But note, this makes debugging and crash-traceback difficult. Only
120 add it if you're fully confident your application is 100% stable.
121
122 Note: Code in `USE_NDIS2' does not work at the moment.
123
124 4. The resulting library is put in current directory. There's some
125 test-program for `libpcap': `filtertest.exe', `findalldevstest.exe',
126 `nonblocktest.exe' and `opentest.exe'.
127
128 But linking the library with `tcpdump' is the ultimate test. DOS/djgpp
129 should now hopefully be a supported target. Get the sources at:
130 http://www.tcpdump.org/
131 or
132 https://github.com/the-tcpdump-group/tcpdump/
133
134 (click on the 'Download ZIP' on the right side of that page.)
135
136
137 Extensions to libpcap
138 ---------------------
139
140 I've included some extra functions to DOS-libpcap:
141
142 `pcap_config_hook (const char *keyword, const char *value)' :
143
144 Allows an application to set values of internal libpcap variables.
145 `keyword' and an associated `value' should be present in the `debug_tab[]'
146 array in pcap-dos.c (currently only used to set debug-levels and parameters
147 for the 32-bit network drivers.) Thus an application using DOS-libpcap can
148 override the default value during it's configure process (see tcpdump's
149 msdos/config.c file for an extended example).
150
151 `pcap_set_wait (pcap_t *, void (*)(void), int)' :
152
153 Only effective when reading offline traffic from dump-files.
154 Function `pcap_offline_read()' will wait (and optionally yield)
155 before printing next packet. This will simulate the pace the packets
156 where actually recorded.
157
158
159
160 Happy sniffing !
161
162
163 Gisle Vanem <gvanem (a] yahoo.no>
164
165 October 1999, 2004, 2006, 2013
166
167