NetworkExpect relies on some key libraries to achieve good portability across different platforms. These libraries are:
libpcap (http://www.tcpdump.org/) - used for packet reception
libdnet (http://libdnet.sourceforge.net/) - used for packet transmission and for getting interface and routing information
Tcl (http://www.tcl.tk/) - this provides the high level scripting language that NetworkExpect uses
In addition to these, there may be a requirement to use another library depending on the NetworkExpect version used: I am currently experimenting with the use of Wireshark for all packet dissection tasks instead of writing my own packet dissection code, as is the case in early NetworkExpect versions. Basically, the idea is to use the packet dissection services offered by the libwireshark library, which is part of the Wireshark project. The first public release of NetworkExpect using libwireshark for packet dissection is version 0.12libwireshark. This version requires that libwireshark be installed on the system where NetworkExpect will be built and used. Please note that this is still a work in progress/proof-of-concept, and I have not yet decided whether to totally commit to this.
In most cases your chosen platform should have binary packages for some of these libraries. If not, they will need to be built from sources.
What follows are some notes about installing NetworkExpect on some platforms. Please feel free to add your own experiences.
Note: the notes for Debian are the only ones that have been updated to account for the experimental dependency on libwireshark. If you manage to build a libwireshark-enabled version of NetworkExpect on something other than Debian please update the instructions or drop me a note telling me how you did it.
Debian
shell# apt-get install libpcap0.8-dev libdumbnet-dev tcl8.4-dev shell# ./configure && make
If using a version of NetworkExpect that uses libwireshark for packet dissection then the wireshark-dev package also needs to be installed:
shell# apt-get install wireshark-dev
Note that Debian binary packages for NetworkExpect will be provided at some point. However, for now, building NetworkExpect from sources is the way to go.
Ubuntu
- Flex and Bison
shell# apt-get install flex bison
- Tcl
shell# apt-get install tcl8.4 tcl8.4-dev
- Pcap and friends
shell# apt-get install libpcap-dev libdumbnet-dev libnet1-dev shell# ./configure && make
If using a version of NetworkExpect that uses libwireshark for packet dissection then the wireshark-dev package also needs to be installed:
shell# apt-get install wireshark-dev
Note that NetworkExpect has been successfully built on Hardy and Gutsy.
FreeBSD
Need to install libpcap and libdnet from sources.
Mac OS X
Mac OS X ships with libpcap and tcl libraries by default. You will need to install libdnet from sources.
Alternatively, if you use DarwinPorts, you can follow these steps:
shell$ sudo port install libpcap libdnet tcl shell$ ./configure --prefix=/opt/local --with-tcl=/opt/local/include \ --with-pcap=/opt/local/include --with-libdnet=/opt/local && make && sudo make install
If you use Fink unstable you can follow these steps to be able to compile Network Expect:
shell$ fink install libdnet libdnet1-ssl libdnet1-shlibs
Please note that layer 2 injection does not work in Mac OS X version 10.3 and earlier. See http://slagheap.net/etherspoof/ for further information.
Windows
NetworkExpect does not currently run on Windows, and I have not even tried to build it there.
I am not a Windows user, but I do recognize the need to have NetworkExpect running on it since lots of users don't have anything else. The NetworkExpect code itself should be highly portable. However, the problem is some of the libraries that NetworkExpect relies on and some of the features of these libraries that networkExpect relies on. For example, NetworkExpect uses the pcap_get_selectable_fd() function so it can use select() on a Packet Capture descriptor - this feature is not available under Windows.
The three key libraries that NetworkExpect can't live without (libpcap, libdnet, and Tcl) have been ported to Windows so I think it is only a matter of rewriting some very specific areas of NetworkExpect to make use of functionality that is available on Windows. Volunteers to look into this are welcome.
Solaris
I had to apply the following patch to libpcap to be able to get a working shared libpcap library:
--- x/libpcap-0.9.5/Makefile.in Sun Dec 14 20:35:03 2003
+++ libpcap-0.9.5/Makefile.in Tue Feb 13 12:32:12 2007
@@ -112,7 +112,8 @@
#
libpcap.so: $(OBJ)
@rm -f $@
- ld -shared -o $@.`cat VERSION` $(OBJ)
+ ld -L `pwd` -G -o $@.shared -lsocket -lnsl -lresolv -lc -z allextract -lpcap -zdefaultextract
+ mv $@.shared $@
# the following rule succeeds, but the result is untested.
libpcap.dylib: $(OBJ)
@@ -189,7 +190,7 @@
install-shared: install-shared-$(DYEXT)
install-shared-so: libpcap.so
- $(INSTALL_PROGRAM) libpcap.so.`cat VERSION` $(DESTDIR)$(libdir)/libpcap.so.`cat VERSION`
+ $(INSTALL_PROGRAM) libpcap.so $(DESTDIR)$(libdir)/libpcap.so
install-shared-dylib: libpcap.dylib
$(INSTALL_PROGRAM) libpcap.`cat VERSION`.dylib $(DESTDIR)$(libdir)/libpcap.`cat VERSION`.dylib
VER=`cat VERSION`; cd $(DESTDIR)$(libdir) && ln -sf libpcap.$$VER.dylib libpcap.0.dylib; ln -sf libpcap.0.dylib libpcap.dylibOn Solaris I've had some issues. See http://blogs.sun.com/avalon/entry/solaris_packet_capture.
OpenBSD
(need instructions on how to get it to build there.)