Compiling tcpdstat on Mac OSX (quick fix)

Lee — Thu, 29 Nov 2007 23:29:23 +0000

Quick fix for compiling tcpdstat on Mac OSX (Leopard, although probably works for Tiger too).

If you get this error:

cc -I. -I../libpcap-0.7.1 -DLINUX -D__FAVOR_BSD -D_LARGEFILE_SOURCE=1 -D_FILE_OFFSET_BITS=64 -L../libpcap-0.7.1 -c stat.c cc -I. -I../libpcap-0.7.1 -DLINUX -D__FAVOR_BSD -D_LARGEFILE_SOURCE=1 -D_FILE_OFFSET_BITS=64 -L../libpcap-0.7.1 -c net_read.c net_read.c:74:1: warning: "__FAVOR_BSD" redefined :1:1: warning: this is the location of the previous definition net_read.c:149: error: static declaration of ‘packet_length’ follows non-static declaration tcpdstat.h:415: error: previous declaration of ‘packet_length’ was here make: *** [net_read.o] Error 1

Edit the net_read.c file and change line 149 from this:

static int packet_length; /* length of current packet */

to this:

int packet_length; /* length of current packet */

Simple eh? Just type “make” again and tcpdstat should compile just fine. Simple fix.

NSM Console projected module list

Lee — Wed, 28 Nov 2007 21:43:28 +0000

Here’s a list of all the planned modules and completed (struck-out) modules for nsm-console: (if a module is struck out, it’s because I’ve finished making a module for it, it isn’t necessarily in the tarball for download)

aimsnarf
ngrep (gif/jpg/pdf/exe/pe/ne/elf/3pg/torrent)
tcpxtract
tcpflow
chaosreader
bro-IDS
snort
tcpdstat
capinfos
tshark
argus
ragator
racount
rahosts
hash (md5 & sha256)
ra
honeysnap
p0f
pads
fl0p
iploc
foremost – thanks shadowbq!
flowgrep
tcptrace
tcpick
flowtime
flowtag
harimau
clamscan

Think of any other useful modules? Leave me a comment and let me know!

P.S. I’m also brainstorming for some pcap/real-time network visualization tools, stay tuned!

:wq - blog » tcpdstat

Compiling tcpdstat on Mac OSX (quick fix)

NSM Console projected module list