Installing libpcap
You can obtain the latest version of libpcap from http://www.tcpdump.org. libpcap is easy to compile from the source code:
> tar zxvf libpcap-0.8.3.tar.gz > cd libpcap-0.8.3 > ./configure > make > make install
Many Linux distributions also include libpcap as an optional package that you can install with the distribution, or add afterward. Because libpcap’s functionality changes between versions, you should use the latest version of the libraries available for your distribution or compile the library from source for your own development.
Warning
If you are compiling libpcap from source, make sure you uninstall previous versions of libpcap to avoid problems with mismatched files. You will need to remove the following files from the libraries directory (commonly /usr/lib/ or /usr/local/lib/ ):
libpcap.a
libpcap.so.*.*
You will also need to remove the following files from the include files directory (commonly /usr/include/ or /usr/local/include/ ):
pcap.h
pcap-bpf.h
pcap-namedb.h
You might also have to add the path the libpcap libraries are installed to into the library search path (commonly /etc/ld.so.conf for Linux systems).
To develop the examples in this chapter, we’ll be using libpcap Version 0.8.3. Although many of the examples work with earlier versions of libpcap, some functionality might not be available.
Get Network Security Tools now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
