mirror of
https://git.freestone.net/cramer/pcapmirror.git
synced 2025-12-31 03:50:27 +01:00
Radme and install target
This commit is contained in:
11
Makefile
11
Makefile
@@ -18,6 +18,9 @@ OBJS = $(SRCS:.c=.o)
|
|||||||
# Executable name
|
# Executable name
|
||||||
TARGET = pcapmirror
|
TARGET = pcapmirror
|
||||||
|
|
||||||
|
# Installation directory
|
||||||
|
PREFIX = /usr/local
|
||||||
|
|
||||||
# Default rule
|
# Default rule
|
||||||
all: $(TARGET)
|
all: $(TARGET)
|
||||||
|
|
||||||
@@ -33,6 +36,14 @@ $(TARGET): $(OBJS)
|
|||||||
clean:
|
clean:
|
||||||
rm -f $(OBJS) $(TARGET)
|
rm -f $(OBJS) $(TARGET)
|
||||||
|
|
||||||
|
# Install the executable
|
||||||
|
install: $(TARGET)
|
||||||
|
sudo install -D $(TARGET) $(PREFIX)/bin/$(TARGET)
|
||||||
|
|
||||||
|
# Uninstall the executable
|
||||||
|
uninstall:
|
||||||
|
sudo rm -f $(PREFIX)/bin/$(TARGET)
|
||||||
|
|
||||||
# Run the executable (example)
|
# Run the executable (example)
|
||||||
run: $(TARGET)
|
run: $(TARGET)
|
||||||
sudo ./$(TARGET) -i eth0 -f "tcp port 80" -v
|
sudo ./$(TARGET) -i eth0 -f "tcp port 80" -v
|
||||||
52
README.md
Normal file
52
README.md
Normal file
@@ -0,0 +1,52 @@
|
|||||||
|
# pcapmirror
|
||||||
|
|
||||||
|
pcapmirror is a command-line tool for capturing network traffic and mirroring it to a remote destination using TZSP encapsulation. It leverages the `libpcap` library for packet capture and provides options for filtering traffic based on BPF syntax. This tool is useful for network monitoring, intrusion detection, and remote packet analysis.
|
||||||
|
|
||||||
|
## Usage
|
||||||
|
|
||||||
|
```bash
|
||||||
|
pcapmirror [options]
|
||||||
|
```
|
||||||
|
|
||||||
|
Options:
|
||||||
|
|
||||||
|
-i <interface>: Specify the capture interface (e.g., eth0).
|
||||||
|
-f <filter>: Specify the capture filter in BPF syntax (e.g., tcp port 80).
|
||||||
|
-v: Enable verbose mode (prints packet information).
|
||||||
|
-h: Show this help message.
|
||||||
|
Example:
|
||||||
|
|
||||||
|
To capture traffic on the eth0 interface, filter for TCP port 80, and send it to the destination, use the following command:
|
||||||
|
|
||||||
|
```bash
|
||||||
|
sudo pcapmirror -i eth0 -f "tcp port 80" -v
|
||||||
|
```
|
||||||
|
|
||||||
|
Note: Running pcapmirror typically requires root privileges due to the use of libpcap for capturing network traffic.
|
||||||
|
|
||||||
|
## Compile and Install
|
||||||
|
|
||||||
|
Compile the program:
|
||||||
|
```bash
|
||||||
|
make
|
||||||
|
```
|
||||||
|
|
||||||
|
Install the program:
|
||||||
|
```bash
|
||||||
|
make install
|
||||||
|
```
|
||||||
|
|
||||||
|
This will copy the pcapmirror executable to bin. You may need to adjust the PREFIX variable in the Makefile if you want to install it to a different location.
|
||||||
|
|
||||||
|
Dependencies
|
||||||
|
libpcap: You need to have libpcap installed on your system. On Debian/Ubuntu systems, you can install it using:
|
||||||
|
```bash
|
||||||
|
sudo apt-get install libpcap-dev
|
||||||
|
```
|
||||||
|
|
||||||
|
On Fedora/CentOS/RHEL systems, you can install it using:
|
||||||
|
```bash
|
||||||
|
sudo yum install libpcap-devel
|
||||||
|
```
|
||||||
|
|
||||||
|
|
||||||
Reference in New Issue
Block a user