tcpdump静态编译

Cross-Compiling or Building Android tcpdump?

Building

There are multiple ways of building or compiling Android tcpdump. The one outlined below is the method we use to build the Androidtcpdump binary that you will find in our downloads section. You can also try using the NDK from Google. The NDK uses a different set of libraries, tool-chains, and compile tools.

The tcpdump we offer in our downloads section was compiled with a method called Cross-Compiling. Cross-Compiling is a method of compiling one operating system binary on another operating system. In our instance we are cross-compiling the Android binary on an Ubuntu Linux system targetting the ARM architecture. Once the binary or program is created, it can only run on the targetted operating system. So the binary can only run on Android devices running on the ARM architecture.

Aside Note: The Architecture could be ARM, i386 or MIPS. The ARM architecture is used in 95% of the Androids in the market, so the binary you will find in our downloads is for the ARM architecture. Also, we only have access to devices with the ARM architecture, so we cannot confirm whether binaries compiled for other architectures will work.

Steps to Compile Android tcpdump

1. Download the latest tcpdump source code from http://www.tcpdump.org. In this case, we will compile the latest version, tcpdump-4.7.4.

   wget http://www.tcpdump.org/release/tcpdump-4.7.4.tar.gz

   
   
2. Since tcpdump is dependent on the libpcap, we will need to download this as well. Download the latest libpcap source code fromhttp://www.tcpdump.org

   wget http://www.tcpdump.org/release/libpcap-1.7.4.tar.gz

   
   
3. Extract the source code into the respective directories.

   tar zxvf tcpdump-4.7.4.tar.gz
   tar zxvf libpcap-1.7.4.tar.gz

   
   
4. Export your compiler to point to the ARM Linux build tool. Note: These libraries may not be available by default on your linux operating system. You may need to "yum" or "apt-get" the appropriate building libraries or toolchains.

   export CC=arm-linux-gnueabi-gcc

   
   
5. We need to compile the LIBPCAP first. Change your directory to where you extracted your LIBPCAP

   cd libpcap-1.7.4

   
   
6. Execute the configure file which came with LIBPCAP with a few switches. The "--host=arm-linux" tells the compiler that we are cross compiling to ARM. The "--with-pcap=linux" will tell the compiler which packet capture type we are compiling.

   ./configure --host=arm-linux --with-pcap=linux

   config.status: creating Makefileconfig.status: creating pcap-filter.manmiscconfig.status: creating pcap-linktype.manmiscconfig.status: creating pcap-tstamp.manmiscconfig.status: creating pcap-savefile.manfileconfig.status: creating pcap.3pcapconfig.status: creating pcap_compile.3pcapconfig.status: creating pcap_datalink.3pcapconfig.status: creating pcap_dump_open.3pcapconfig.status: creating pcap_get_tstamp_precision.3pcapconfig.status: creating pcap_list_datalinks.3pcapconfig.status: creating pcap_list_tstamp_types.3pcapconfig.status: creating pcap_open_dead.3pcapconfig.status: creating pcap_open_offline.3pcapconfig.status: creating pcap_set_tstamp_precision.3pcapconfig.status: creating pcap_set_tstamp_type.3pcapconfig.status: creating config.hconfig.status: config.h is unchangedconfig.status: executing default-1 commands出现上述输出则是正确的。

   
   
   
7. Then execute the "make" command. This should create the libpcap library.

   make

   
   
8. Now, change your directory to where you extracted your TCPDUMP file

   cd tcpdump-4.7.4

   
   
9. We need to find out what major version our Ubuntu (or Linux) operation system kernel is running. Execute the uname -a command. Note: Your output may be different, but look for something which looks like a version number. Below, mine is 2.6.32-042stab094.8. We grab the first "2".

   uname -a
   

   The above command produced the following output:
   Linux androidtcpdump 2.6.32-042stab094.8 #1 SMP Tue Dec 16 20:36:56 MSK 2014 i686 i686 i686 GNU/Linux
   

10. Set the ac_cv_linux_vers variable to the major number of your release Kernel version from the previous command.

    export ac_cs_linux_vers=2

    
    
11. Export the following variables required for compiling. Since we want the executable to be self-contain (ie. not reliant on external libraries, we provide the following flags to build it statically.

    export CFLAGS=-static
    export CPPFLAGS=-static
    export LDFLAGS=-static

    
    
12. Execute the configure file which came with TCPDUMP with a few switches. The "--host=arm-linux" is telling the compiler we are cross-compiling, and the "--disable-ipv6" to disable IP Version 6.

    ./configure --host=arm-linux --disable-ipv6

    
    
13. Execute the "make" command. This will build the tcpdump binary.

    make

    
    
14. Strip the symbol information to make the binary even smaller. These symbols are only useful in debugging the application.

    arm-linux-gnueabi-strip tcpdump

    
    
15. Done. Your finished binary should be in your tcpdump directory.

All-In-One Script

Below are all the steps listed above in an easy script. You only need to change the versioning information and perhaps your linux Kernel version in the "ac_cv_linux_vers" variable

export TCPDUMP=4.7.4
export LIBPCAP=1.7.4

wget http://www.tcpdump.org/release/tcpdump-$TCPDUMP.tar.gz
wget http://www.tcpdump.org/release/libpcap-$LIBPCAP.tar.gz

tar zxvf tcpdump-$TCPDUMP.tar.gz
tar zxvf libpcap-$LIBPCAP.tar.gz
export CC=arm-linux-gnueabi-gcc
cd libpcap-$LIBPCAP
./configure --host=arm-linux --with-pcap=linux
make
cd ..

cd tcpdump-$TCPDUMP
export ac_cv_linux_vers=2
export CFLAGS=-static
export CPPFLAGS=-static
export LDFLAGS=-static

./configure --host=arm-linux --disable-ipv6
make

arm-linux-gnueabi-strip tcpdump

Your Done.

Now you have the instructions we use to build android tcpdump. But there are alternatives to compiling/building. If you do not have access to a Linux system, or ran into difficulties compiling, you can always just download the latest version from our Downloads area. It is just that easy.