Using libpcap/Jpcap to capture and send packets on Solaris version (10/11)
Library used:
1. Libpcap (http://www.tcpdump.org) Version 1.2
2. Jpcap(http://netresearch.i
Prerequisite:
1. GCC
2. Make
Notes:
1. Verify if these software’s are installed by writing #gcc and #make at the command prompt.
2. See appendix to install these software.
Libpcap (version 1.2)
Installation
Download libpcap-1.2.0.tar.gz from http://www.tcpdump.org/#la
Library used:
1. Libpcap (http://www.tcpdump.org) Version 1.2
2. Jpcap(http://netresearch.i
Prerequisite:
1. GCC
2. Make
Notes:
1. Verify if these software’s are installed by writing #gcc and #make at the command prompt.
2. See appendix to install these software.
Libpcap (version 1.2)
Installation
Download libpcap-1.2.0.tar.gz from http://www.tcpdump.org/#la
Configure it for your OS, few files will be generated
Specific to Solaris 11 - Start
This section (Marked in italcs) can be skipped if OS is solaris 10.
In case of Solaris 11 the configuration doesn’t work properly so do the following.
1. config.h
Replace the following line
/* define if you have a cloning BPF device */
#define HAVE_CLONING_BPF 1
With
/* define if you have a cloning BPF device */
/* #undef HAVE_CLONING_BPF */
Replace the following line
/* #undef HAVE_DLPI_PASSIVE */
With
#define HAVE_DLPI_PASSIVE 1
Replace the following line
/* Define to 1 if you have the <netpacket/packet.h> header file. */
#define HAVE_NETPACKET_PACKET_H 1
With
/* Define to 1 if you have the <netpacket/packet.h> header file. */
/* #undef HAVE_NETPACKET_PACKET_H */
Replace the following line
/* Define to 1 if you have the <sys/bufmod.h> header file. */
/* #undef HAVE_SYS_BUFMOD_H */
With
/* Define to 1 if you have the <sys/bufmod.h> header file. */
#define HAVE_SYS_BUFMOD_H 1
2. MakeFile
Replace
INSTALL = /usr/bin/ginstall –c
With
INSTALL = ./install-sh -c
Replace the following lines
PSRC = pcap-bpf.c
FSRC = fad-getad.c
SSRC =
With
PSRC = pcap-dlpi.c
FSRC = fad-glifc.c
SSRC = dlpisubs.c
Specific to Solaris 11 - End
Upgrade or Update
If libpcap is already installed, then uninstall it before re-installing.
New Installation
Verify if libpcap is correctly installed by running some sample tests.
Findalldevtest list all network interface device.
NonBlocktest will start listening to the first network interface device.
Verify that the shared object file is created and installed.
Setting the library path (Path were libpcap.so is present)
Exercise:
1. Write a program to capture packets for a given network interface card.
2. Write a program to broadcast packets through a given network interface card.
3. Verify packets using snoop –d <NetworkInterfaceName> command.
Common Errors:
1. Check LD_LIBRARY_PATH It should be set to where shared library is installed.
JPCap
Jpcap is a Java library for capturing and sending network packets. It internally uses libpcap/winpcap.
Installation
Download jpcap-0.6.zip (http://netresearch.ics.uc
You can observe lots of errors, so lets configure Makefile. Set JAVA_HOME to correct path
Correct Option: Uncomment the following lines and comment out the respective other lines.
Save this file and again execute make
It will still have few more errors in Jpcap.c file.
Changes:
Solaris 10 and Solaris 11
1. Replace the word “ifr.ifr_ifrn.ifrn_name” with “ifr.ifr_name”
2. Replace the word “ifr.ifr_ifru.ifru_hwaddr.
Solaris 10 only
Post making these changes it will generate libjpcap.so file.
Move the shared library to /usr/local/lib
Verify that LD_LIBRARY_PATH is already set to /usr/local/lib.
Compile all the programs in sample directory and verify running each of them.
Exercise:
1. Write a program to capture packets for a given network interface card using Jpcap.
2. Write a program to broadcast packets through a given network interface card using jpcap.
Appendix:
Installation of Make and GCC
GCC
Verify if gcc is already installed
If it is not installed
Append it to the path (Ex: /usr/sfw/bin)
Make
Verify if make is already installed
Append it to the path (Ex:/usr/ccs/bin)
by: 2sbsbsb on 2011-10-17 at 10:14:52ID: 32576
In this article which is Part 1 is an installation guide with few exercise. In Part 2 of this article i will discuss Ethernet frame, packet capture/send over Ethernet with examples
Please feel free to ask any questions based on this article or in general issues regarding libpcap/jpcap. I would also appreciate comments by subject area experts in these software.