1libpcap for DOS 2--------------- 3 4This file contains some notes on building and using libpcap for MS-DOS. 5Look in `README' and `pcap.man' for usage and details. These targets are 6supported: 7 8 - Borland C 4.0+ small or large model. 9 - Metaware HighC 3.1+ with PharLap DOS-extender 10 - GNU C 2.7+ with djgpp 2.01+ DOS extender 11 - Watcom C 11.x with DOS4GW extender 12 13Note: the files in the libpcap.zip contains short truncated filenames. 14 So for djgpp to work with these, disable the use of long file names by 15 setting "LFN=n" in the environment. On the other hand, if you get libpcap 16 from GitHub or the official libpcap.tar.gz, some filenames are beyond 8+3. 17 In this case set "LFN=y". 18 19Files specific to DOS are pcap-dos.[ch] and the assembly and C files in 20the MSDOS sub-directory. Remember to built the libpcap library from the top 21install directory. And not from the MSDOS sub-directory. 22 23Note for djgpp users: 24 If you got the libpcap from the official site www.tcpdump, then that 25 distribution does NOT contain any sources for building 32-bit drivers. 26 Instead get the full version at 27 https://www.watt-32.net/pcap/libpcap.zip 28 29 and set "USE_32BIT_DRIVERS = 1" in msdos\common.dj. 30 31 32 33Requirements 34------------ 35 36DOS-libpcap currently only works reliably with a real-mode Ethernet packet- 37driver. This driver must be installed prior to using any program (e.g. 38tcpdump) compiled with libpcap. Work is underway to implement protected- 39mode drivers for 32-bit targets (djgpp only). The 3Com 3c509 driver is 40working almost perfectly. Due to lack of LAN-cards, I've not had the 41opportunity to test other drivers. These 32-bit drivers are modified 42Linux drivers. 43 44 45Required packages 46----------------- 47 48The following packages and tools must be present for all targets. 49 501. Watt-32 tcp/ip library. This library is *not* used to send or 51 receive network data. It's mostly used to access the 'hosts' 52 file and other <netdb.h> features. Get 'watt32s*.zip' at: 53 54 https://www.watt-32.net 55 562. Exception handler and disassembler library (libexc.a) is needed if 57 "USE_EXCEPT = 1" in common.dj. Available at: 58 59 https://www.watt-32.net/misc/exc_dx07.zip 60 613. Flex & Bison is used to generate parser for the filter handler 62 pcap_compile: 63 ftp://ftp.delorie.com/pub/djgpp/current/v2gnu/flx254b.zip 64 ftp://ftp.delorie.com/pub/djgpp/current/v2gnu/bsn241b.zip 65 664. NASM assembler v 0.98 or later is required when building djgpp and 67 Watcom targets: 68 https://www.nasm.us/ 69 705. sed (Stream Editor) is required for doing `make depend'. 71 It's available at: 72 ftp://ftp.delorie.com/pub/djgpp/current/v2gnu/sed422b.zip 73 74 A touch tool to update the time-stamp of a file. E.g.: 75 ftp://ftp.delorie.com/pub/djgpp/current/v2gnu/grep29b.zip 76 776. For djgpp rm.exe and cp.exe are required. These should already be 78 part of your djgpp installation. Also required (experimental at the 79 time) for djgpp is DLX 2.91 or later. This tool is for the generation 80 of dynamically loadable modules. 81 82 83Compiling libpcap 84----------------- 85 86Follow these steps in building libpcap: 87 881. Make sure you've installed Watt-32 properly (see it's `INSTALL' file). 89 During that installation a environment variable `WATT_ROOT' is set. 90 This variable is used for building libpcap also (`WATT_INC' is 91 deducted from `WATT_ROOT'). djgpp users should also define environment 92 variables `C_INCLUDE_PATH' and `LIBRARY_PATH' to point to the include 93 directory and library directory respectively. E.g. put this in your 94 AUTOEXEC.BAT: 95 set C_INCLUDE_PATH=c:/net/watt/inc 96 set LIBRARY_PATH=c:/net/watt/lib 97 982. Revise the msdos/common.dj file for your djgpp/gcc installation; 99 - change the value of `GCCLIB' to match location of libgcc.a. 100 - set `USE_32BIT_DRIVERS = 1' to build 32-bit driver objects. 101 102 1033. Build pcap by using appropriate makefile. For djgpp, use: 104 `make -f msdos/makefile.dj' (i.e. GNU `make') 105 106 For a Watcom target say: 107 `wmake -f msdos\makefile.wc' 108 109 For a Borland target say: 110 `maker -f msdos\Makefile pcap_bc.lib' (Borland's `maker.exe') 111 112 And for a HighC/Pharlap target say: 113 `maker -f msdos\Makefile pcap_hc.lib' (Borland's `maker.exe') 114 115 You might like to change some `CFLAGS' -- only `DEBUG' define currently 116 have any effect. It shows a rotating "fan" in upper right corner of 117 screen. Remove `DEBUG' if you don't like it. You could add 118 `-fomit-frame-pointer' to `CFLAGS' to speed up the generated code. 119 But note, this makes debugging and crash-traceback difficult. Only 120 add it if you're fully confident your application is 100% stable. 121 122 Note: Code in `USE_NDIS2' does not work at the moment. 123 1244. The resulting library is put in current directory. There's some 125 test-program for `libpcap': `filtertest.exe', `findalldevstest.exe', 126 `nonblocktest.exe' and `opentest.exe'. 127 128 But linking the library with `tcpdump' is the ultimate test. DOS/djgpp 129 should now hopefully be a supported target. Get the sources at: 130 https://www.tcpdump.org/ 131 or 132 https://github.com/the-tcpdump-group/tcpdump/ 133 134 (click on the 'Download ZIP' on the right side of that page.) 135 136 137Extensions to libpcap 138--------------------- 139 140I've included some extra functions to DOS-libpcap: 141 142 `pcap_config_hook (const char *keyword, const char *value)' : 143 144 Allows an application to set values of internal libpcap variables. 145 `keyword' and an associated `value' should be present in the `debug_tab[]' 146 array in pcap-dos.c (currently only used to set debug-levels and parameters 147 for the 32-bit network drivers.) Thus an application using DOS-libpcap can 148 override the default value during it's configure process (see tcpdump's 149 msdos/config.c file for an extended example). 150 151 `pcap_set_wait (pcap_t *, void (*)(void), int)' : 152 153 Only effective when reading offline traffic from dump-files. 154 Function `pcap_offline_read()' will wait (and optionally yield) 155 before printing next packet. This will simulate the pace the packets 156 where actually recorded. 157 158 159 160Happy sniffing ! 161 162 163Gisle Vanem <gvanem@yahoo.no> 164 165October 1999, 2004, 2006, 2013 166 167