https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2809
--- Comment #2 from Paul <paul.gallant.iit@xxxxxxxxx> 2008-08-17 13:21:25 PDT ---
I found that the libpcap (0.9.5) that is included in the WinPCAP source package
is not the same as the libpcap (0.9.5) for Linux. The one included in WinPCAP
has support for remote packet capture (RPCAP). There are instruction to build
this special version on Linux. I successfully compiled it and installed it.
Unfortunately, when I want to recompile Wireshark using this special version of
libpcap, ./configure reports the following problems:
checking for pcap_open_live in -lpcap... no
checking for pcap_open_live in -lpcap with lcfg -lodm... no
checking for pcap_open_live in -lpcap with lpfring... no
configure: error: Can't link with library libpcap.
I also performed a file compare between the libpcap (0.9.5) included in WinPCAP
and the same version for Linux and the only differences I found were related to
remote packet capture...
I compiled Wireshark using the Linux library (that does not support remote
packet capture) but I added --with-pcap-remote in the configure statement. I
replaced the libpcap library by the one from WinPCAP. I run WireShark and now
I can perform remote packet capture using rpcap://172.31.4.16/eth1 !
It looks like the libpcap code forked between Linux and Windows. Any clues why?
Any explanations why I was unable to compile Wireshark using the libpcap from
WinPCAP? Shouldn't we put some efforts to merge these two versions of libpcap
in a more coherent project?
Paul
--
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
