1 Currently only operating systems running on Linux kernels with the option
2 CONFIG_PACKET_MMAP enabled. This feature can be found even back to the days of
3 2.4 kernels. Most operating systems ship pre-compiled kernels that have this
4 config option enabled and even the latest kernel versions got rid of this
5 option and have this functionality already built-in. However, we recommend a
6 kernel >= 2.6.31, because the TX_RING is officially integrated since then. In
7 any case, if you have the possibility, consider getting the latest kernel from
8 Linus' Git repository, tweak and compile it, and run this one! A note for
9 distribution package maintainers is at the end of this document.
11 What tools are required to build netsniff-ng?
14 - flex, bison (bpfc, trafgen)
15 - pod2man (all, only for manpages)
17 What libraries are required?
20 - libncurses (ifpps, flowtop)
21 - libGeoIP >=1.4.8 (astraceroute, flowtop)
23 - libnetfilter-conntrack (flowtop)
25 - libnl3 (netsniff-ng, trafgen)
29 What additional tools are recommended after the build?
31 - ntpd, tlsdate or equivalent (curvetun)
34 It is common, that these libraries are shipped as distribution packages
35 for an easy installation. We try to keep this as minimal as possible.
37 For downloading the latest GeoIP database, you should use the script that
38 is located at scripts/geoip-database-update.
40 The installation process done by cmake is fairly simple:
49 In order to build curvetun, libnacl must be built first. A helper script
50 called build_nacl.sh is there to facilitate this process. If you want to
51 build NaCl in the directory ~/nacl, the script should be called this way:
54 $ ./build_nacl.sh ~/nacl
56 This gives an initial output such as "Building NaCl for arch amd64 on host
57 fuuubar (grab a coffee, this takes a while) ...". If the automatically
58 detected architecture (such as amd64) is not the one you intend to compile
59 for, then edit the (cc="gcc") variable within the build_nacl.sh script to
60 your cross compiler. Yes, we know, the build system of NaCl is a bit of a
61 pain, so you might check for a pre-built package from your distribution in
62 case you are not cross compiling.
64 If NaCl already has been built on the target, it is quicker to use
65 nacl_path.sh this way:
68 $ ./nacl_path.sh ~/nacl/build/include/x86 ~/nacl/build/lib/x86
70 When done, netsniff-ng build infrastructure will read nacl_path.cmake to get
71 the needed paths to NaCl.
73 In case you have to manually install libgeoip in version 1.4.8 or higher, you
74 can also use the provided helper script called build_geoip.sh from the
75 src/astraceroute directory (depending on your distribution, you might want to
76 adapt paths within the script):
81 In order to run the toolkit as a normal user, set the following privilege
82 separation after the build/installation:
84 $ sudo setcap cap_net_raw,cap_ipc_lock,cap_net_admin=eip {toolname}
86 Man pages are generated out of the files from Documentation/Manpages dir.
87 They are written in POD format. For this, you need the tool pod2man which
88 is distributed with Perl and should therefore be available on most systems.
90 For bpfc, we also have a Vim syntax highlighting file. Have a look at
91 scripts/bpf.vim for installation instructions.
93 To uninstall, simply remove all files referred in install_manifest.txt, e.g.
94 by running 'xargs rm < install_manifest.txt'.
99 netsniff-ng has been successfully tested on x86 and x86_64. It should also run
100 on most other major architectures. However, since we don't have a possibility
101 to test it, please drop us a short mail, if it runs successfully on hardware
102 other than x86/x86_64.
104 For using TUN/TAP devices as a user, e.g. create a file called
105 src/50-tuntap.rules in /etc/udev/rules.d/ with ...
107 KERNEL=="tun",NAME="net/%k",GROUP="netdev",MODE="0660",OPTIONS+="ignore_remove"
109 ... and restart the udev daemon. Add yourself to the "netdev" group.
111 Add the flag -D__WITH_HARDWARE_TIMESTAMPING=1 into src/CMakeLists.txt for
112 hardware timestamping support. Note that your kernel must be configured for
113 this (e.g. to ship the linux/net_tstamp.h header file). However, it is likely
114 that our cmake module will detect this automatically for you.
116 If you are a package distribution maintainer, have a look at the patch set
117 under contrib/patches which makes packaging a little easier for you. In case
118 you want cmake to install manpages under /usr/share/man/, apply the following
119 patch from Emmanuel Roullit:
121 --- a/src/cmake/modules/Pod2Man.cmake
122 +++ b/src/cmake/modules/Pod2Man.cmake
126 FILES ${CMAKE_CURRENT_BINARY_DIR}/${MANFILE}.${SECTION}.gz
127 - DESTINATION share/man/man${SECTION}
128 + DESTINATION /usr/share/man/man${SECTION}
130 ENDMACRO(POD2MAN PODFILE MANFILE SECTION)
132 The same thing counts for installing relevant files from the documentation:
134 --- a/src/CMakeLists.txt
135 +++ b/src/CMakeLists.txt
136 @@ -5,7 +5,7 @@ cmake_minimum_required(VERSION 2.6)
137 set(CMAKE_MODULE_PATH ${CMAKE_SOURCE_DIR}/cmake/modules)
138 set(EXECUTABLE_INSTALL_PATH /usr/sbin)
139 set(CONFIG_INSTALL_PATH /etc/netsniff-ng)
140 -set(DOC_INSTALL_PATH share/doc/netsniff-ng)
141 +set(DOC_INSTALL_PATH /usr/share/doc/netsniff-ng)
145 In case there is already a NaCl library version shipped with your distribution
146 so that you only need to tell cmake pointers to the library and include path,
147 you can add a new cmake file into src/curvetun and apply the patch from Kartik
148 Mistry with perhaps changed paths:
151 +++ b/src/curvetun/nacl_path.cmake
153 +SET(NACL_INCLUDE_DIR /usr/include/nacl)
154 +SET(NACL_LIB_DIR /usr/lib)
156 Last but not least, if you package a binary distribution, make sure that
157 architecture specific tuning has been turned off. You can do this by changing
158 the following flags in the src/CMakeLists.txt file:
160 --- a/src/CMakeLists.txt
161 +++ b/src/CMakeLists.txt
162 @@ -16,15 +16,13 @@ include(CheckHwTimestamp)
180 If you are a developer and would like to add unit tests, forget CMake's
181 'make test', it's seriously broken! CMake developers obviously thought that
182 the output of a CTest program is something noone should care about. This is
183 why they not only print nothing on default, but they also did not think of
184 adding an option for lets say 'power-users' to enable output. This is why we
185 recommend to leave this brain damage aside and use a small helper script by
186 Emmanuel Roullit that is able to show you libtap's output:
189 # ctest --verbose prints all output from tests programs, something that CMake's
190 # 'make test' heavily fails; 'sed' removes the heading test number ("5:" for
191 # instance); 'grep' removes all lines which does not contains TAP output lines
192 # starting with 'ok','nok','1..*' and '#' are considered TAP output
193 ctest --verbose | sed -e 's/^[0-9]*: //g' | grep -E '^nok|^ok|^#|^[0-9]+\.\.'
195 The following warnings can be seen when compiling bpfc with flex 2.5.35 and
197 - redundant redeclaration of ‘isatty’
198 - cannot optimize loop, the loop counter may overflow
200 Those two warnings occur on generated C code produced by flex and bison and
201 there is no possibility on our side to fix them while staying with both tools.
203 Similar to that, gcc will throw a warning on strchr(3) which is a false
204 positive (http://gcc.gnu.org/bugzilla/show_bug.cgi?id=36513) from glibc:
205 - warning: logical ‘&&’ with non-zero constant will always evaluate as true