summaryrefslogtreecommitdiffstats
path: root/INSTALL.md
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--INSTALL.md126
1 files changed, 126 insertions, 0 deletions
diff --git a/INSTALL.md b/INSTALL.md
new file mode 100644
index 0000000..b3fbf42
--- /dev/null
+++ b/INSTALL.md
@@ -0,0 +1,126 @@
+# tcpdump installation notes
+If you have not built libpcap, and your system does not have libpcap
+installed, install libpcap first. Your system might provide a version
+of libpcap that can be installed; if so, to compile tcpdump you might
+need to install a "developer" version of libpcap as well as the
+"run-time" version. You can also install tcpdump.org's version of
+libpcap; see [this file](README.md) for the location.
+
+You will need a C99 compiler to build tcpdump. The build system
+will abort if your compiler is not C99 compliant. If this happens, use
+the generally available GNU C compiler (GCC) or Clang.
+
+After libpcap has been built (either install it with `make install` or
+make sure both the libpcap and tcpdump source trees are in the same
+directory), run `./configure` (a shell script). `configure` will
+determine your system attributes and generate an appropriate `Makefile`
+from `Makefile.in`. Now build tcpdump by running `make`.
+
+If everything builds ok, `su` and type `make install`. This will install
+tcpdump and the manual entry. Any user will be able to use tcpdump to
+read saved captures. Whether a user will be able to capture traffic
+depends on the OS and the configuration of the system; see the
+[tcpdump man page](https://www.tcpdump.org/manpages/tcpdump.1.html)
+for details. DO NOT give untrusted users the ability to
+capture traffic. If a user can capture traffic, he or she could use
+utilities such as tcpdump to capture any traffic on your net, including
+passwords.
+
+Note that most systems ship tcpdump, but usually an older version.
+Building tcpdump from source as explained above will usually install the
+binary as `/usr/local/bin/tcpdump`. If your system has other tcpdump
+binaries, you might need to deinstall these or to set the PATH environment
+variable if you need the `tcpdump` command to run the new binary
+(`tcpdump --version` can be used to tell different versions apart).
+
+If your system is not one which we have tested tcpdump on, you may have
+to modify the `configure` script and `Makefile.in`. Please
+[send us patches](https://www.tcpdump.org/index.html#patches)
+for any modifications you need to make.
+
+Please see [this file](README.md) for notes about tested platforms.
+
+
+## Description of files
+```
+CHANGES - description of differences between releases
+CONTRIBUTING.md - guidelines for contributing
+CREDITS - people that have helped tcpdump along
+INSTALL.md - this file
+LICENSE - the license under which tcpdump is distributed
+Makefile.in - compilation rules (input to the configure script)
+README.md - description of distribution
+VERSION - version of this release
+aclocal.m4 - autoconf macros
+addrtoname.c - address to hostname routines
+addrtoname.h - address to hostname definitions
+addrtostr.c - address to printable string routines
+addrtostr.h - address to printable string definitions
+ah.h - IPSEC Authentication Header definitions
+appletalk.h - AppleTalk definitions
+ascii_strcasecmp.c - locale-independent case-independent string comparison
+ routines
+atime.awk - TCP ack awk script
+atm.h - ATM traffic type definitions
+bpf_dump.c - BPF program printing routines, in case libpcap doesn't
+ have them
+chdlc.h - Cisco HDLC definitions
+cpack.c - functions to extract packed data
+cpack.h - declarations of functions to extract packed data
+config.guess - autoconf support
+config.h.in - autoconf input
+config.sub - autoconf support
+configure - configure script (run this first)
+configure.ac - configure script source
+doc/README.* - some building documentation
+ethertype.h - Ethernet type value definitions
+extract.h - alignment definitions
+gmpls.c - GMPLS definitions
+gmpls.h - GMPLS declarations
+install-sh - BSD style install script
+interface.h - globals, prototypes and definitions
+ip.h - IP definitions
+ip6.h - IPv6 definitions
+ipproto.c - IP protocol type value-to-name table
+ipproto.h - IP protocol type value definitions
+l2vpn.c - L2VPN encapsulation value-to-name table
+l2vpn.h - L2VPN encapsulation definitions
+lbl/os-*.h - OS-dependent defines and prototypes
+llc.h - LLC definitions
+machdep.c - machine dependent routines
+machdep.h - machine dependent definitions
+makemib - mib to header script
+mib.h - mib definitions
+missing/* - replacements for missing library functions
+ntp.c - functions to handle ntp structs
+ntp.h - declarations of functions to handle ntp structs
+mkdep - construct Makefile dependency list
+mpls.h - MPLS definitions
+nameser.h - DNS definitions
+netdissect.h - definitions and declarations for tcpdump-as-library
+ (under development)
+nfs.h - Network File System V2 definitions
+nfsfh.h - Network File System file handle definitions
+nlpid.c - OSI NLPID value-to-name table
+nlpid.h - OSI NLPID definitions
+ospf.h - Open Shortest Path First definitions
+packetdat.awk - TCP chunk summary awk script
+parsenfsfh.c - Network File System file parser routines
+pcap-missing.h - declarations of functions possibly missing from libpcap
+ppp.h - Point to Point Protocol definitions
+print.c - Top-level routines for protocol printing
+print-*.c - The netdissect printers
+rpc_auth.h - definitions for ONC RPC authentication
+rpc_msg.h - definitions for ONC RPC messages
+send-ack.awk - unidirectional tcp send/ack awk script
+slcompress.h - SLIP/PPP Van Jacobson compression (RFC1144) definitions
+smb.h - SMB/CIFS definitions
+smbutil.c - SMB/CIFS utility routines
+stime.awk - TCP send awk script
+tcp.h - TCP definitions
+tcpdump.1 - manual entry
+tcpdump.c - main program
+timeval-operations.h - timeval operations macros
+udp.h - UDP definitions
+util-print.c - utility routines for protocol printers
+```