Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. NTop>
  3. Users
How to compile standard tcpdump with pf_ring support?
traiano at gmail
Nov 10, 2017, 10:29 AM
Post #1 of 3 (509 views)
Permalink
Hi List

I'm trying to compile the standard distribution of tcpdump with pf_ring support:

tcpdump-4.9.2
libpcap-1.7.4 (libpcap patched for pf_ring)
Ubuntu 16.04.3 LTS
4.11.0-14-generic #20~16.04.1-Ubuntu SMP


I do not want to use the version of tcpdump that ships with pf_ring.

However when I attempt configuration before running make, I get the
following error:

-----
root@hotbox:/opt/tcpdump/tcpdump-4.9.2# ./configure
.
.

configure: WARNING: The SMB printer may have exploitable buffer overflows!!!
configure: error: This is a bug, please follow the guidelines in
CONTRIBUTING and include the
config.log file in your report. If you have downloaded libpcap from
tcpdump.org, and built it yourself, please also include the config.log
file from the libpcap source directory, the Makefile from the libpcap
source directory, and the output of the make process for libpcap, as
this could be a problem with the libpcap that was built, and we will
not be able to determine why this is happening, and thus will not be
able to fix it, without that information, as we have not been able to
reproduce this problem ourselves.

-----

Has any pf_ring user on the list encountered this before and possibly
know of a fix?

Many thanks in advance,
Traiano
_______________________________________________
Ntop mailing list
Ntop@listgateway.unipi.it
http://listgateway.unipi.it/mailman/listinfo/ntop
Re: How to compile standard tcpdump with pf_ring support? [ In reply to ]
cardigliano at ntop
Nov 11, 2017, 1:55 AM
Post #2 of 3 (506 views)
Permalink
Hi Traiano
you get the error below in case of linking errors with libpcap (there is a failure checking the pcap_loop symbol),
it’s the first time I see this error, and it’s working for me on the same system, not sure what steps you followed..

Alfredo

> On 10 Nov 2017, at 19:29, Traiano Welcome <traiano@gmail.com> wrote:
>
> Hi List
>
> I'm trying to compile the standard distribution of tcpdump with pf_ring support:
>
> tcpdump-4.9.2
> libpcap-1.7.4 (libpcap patched for pf_ring)
> Ubuntu 16.04.3 LTS
> 4.11.0-14-generic #20~16.04.1-Ubuntu SMP
>
>
> I do not want to use the version of tcpdump that ships with pf_ring.
>
> However when I attempt configuration before running make, I get the
> following error:
>
> -----
> root@hotbox:/opt/tcpdump/tcpdump-4.9.2# ./configure
> .
> .
>
> configure: WARNING: The SMB printer may have exploitable buffer overflows!!!
> configure: error: This is a bug, please follow the guidelines in
> CONTRIBUTING and include the
> config.log file in your report. If you have downloaded libpcap from
> tcpdump.org, and built it yourself, please also include the config.log
> file from the libpcap source directory, the Makefile from the libpcap
> source directory, and the output of the make process for libpcap, as
> this could be a problem with the libpcap that was built, and we will
> not be able to determine why this is happening, and thus will not be
> able to fix it, without that information, as we have not been able to
> reproduce this problem ourselves.
>
> -----
>
> Has any pf_ring user on the list encountered this before and possibly
> know of a fix?
>
> Many thanks in advance,
> Traiano
> _______________________________________________
> Ntop mailing list
> Ntop@listgateway.unipi.it
> http://listgateway.unipi.it/mailman/listinfo/ntop

Attached Files:

Re: How to compile standard tcpdump with pf_ring support? [ In reply to ]
cardigliano at ntop
Nov 11, 2017, 1:55 AM
Post #3 of 3 (506 views)
Permalink
Hi Traiano
you get the error below in case of linking errors with libpcap (there is a failure checking the pcap_loop symbol),
it’s the first time I see this error, and it’s working for me on the same system, not sure what steps you followed..

Alfredo

> On 10 Nov 2017, at 19:29, Traiano Welcome <traiano@gmail.com> wrote:
>
> Hi List
>
> I'm trying to compile the standard distribution of tcpdump with pf_ring support:
>
> tcpdump-4.9.2
> libpcap-1.7.4 (libpcap patched for pf_ring)
> Ubuntu 16.04.3 LTS
> 4.11.0-14-generic #20~16.04.1-Ubuntu SMP
>
>
> I do not want to use the version of tcpdump that ships with pf_ring.
>
> However when I attempt configuration before running make, I get the
> following error:
>
> -----
> root@hotbox:/opt/tcpdump/tcpdump-4.9.2# ./configure
> .
> .
>
> configure: WARNING: The SMB printer may have exploitable buffer overflows!!!
> configure: error: This is a bug, please follow the guidelines in
> CONTRIBUTING and include the
> config.log file in your report. If you have downloaded libpcap from
> tcpdump.org, and built it yourself, please also include the config.log
> file from the libpcap source directory, the Makefile from the libpcap
> source directory, and the output of the make process for libpcap, as
> this could be a problem with the libpcap that was built, and we will
> not be able to determine why this is happening, and thus will not be
> able to fix it, without that information, as we have not been able to
> reproduce this problem ourselves.
>
> -----
>
> Has any pf_ring user on the list encountered this before and possibly
> know of a fix?
>
> Many thanks in advance,
> Traiano
> _______________________________________________
> Ntop mailing list
> Ntop@listgateway.unipi.it
> http://listgateway.unipi.it/mailman/listinfo/ntop

Attached Files:

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal