Shulou(Shulou.com)06/01 Report--

Xplico is a tool to parse IP traffic data from pcap files, parsing every mailbox (POP, IMAP, and SMTP protocol), all HTTP content, as the product may need to be used, so I studied it. The version of linux used in the product is centos, which was thought to be very simple, but the actual situation is more complicated than expected.

The first solution is to see if you can find the rpm package, which is the simplest, but not from the official website. The official deb package is only available. So one idea is to install the deb package under centos. The online idea is as follows:

[root@localhost tmp] # tar zxvf alien_ 8.88.tar.gz [root @ localhost alien] # perl Makefile.PL [root@localhost alien] # make [root@localhost alien] # make instal [root@localhost alien] # yum-y install rpm-build [root@Master Downloads] # alien-r libbz2-dev_1.0.6-5_i386.deb libbz2-dev-1.0.6-6.i386.rpm generated [root@Master Downloads] # rpm- ivh libbz2-dev-1.0.6-6.i386.rpm

But did not verify the success, less package.

The second scheme is compiled by source code.

Downloaded xplico1.1.0 and executed make

Error report, probably missing a few header files of ndpi, read the next prompt and found that you need to refer to another project ndpi.

But this situation also encountered more troublesome things, the official version of ndpi is 1. 7. Download after the reference found to be also a small header file, ndis_structs.h. It feels like it's wrong.

But ndpi's open source website has been ported to github, and the minimum version on github is 1.6 and there is no such file, so look for a version prior to 1.6. I've been looking for this for a long time. Http://sourceforge.net/projects/ntop/files/nDPI/old/ found a version 1.4.

After finding it, download it and compile it. This problem is solved and new problems are introduced. Is the lack of sqlite3.h

Find the sqlite3 source code on the Internet, copy where the compiler can find it. Found another mistake.

/ usr/bin/ld: cannot find-llibsqlite.so

The bag is missing. Then install

Yum install libsqlite-devel

Then compile without the perl library, and then download

Yum install perl-ExtUtils-CBuilder perl-ExtUtils-MakeMaker

After installation, it is basically compiled.

It is not easy to compile through, but run .xplico, prompt the following information, do not know how to use, web website port 9876 is not open, do not know why?

Xplico v1.1.0

Internet Traffic Decoder (NFAT).

See http://www.xplico.org for more information.

Copyright 2007-2013 Gianluca Costa & Andrea de Franceschi and contributors.

This is free software; see the source for copying conditions. There is NO

Warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

This product includes GeoLite data created by MaxMind, available from http://www.maxmind.com/.

Limits changed

Configuration file (config/xplico_cli.cfg) found!

Author: Sekland. Please retain the author and provenance for reprint.

Note: find a good website to download the address of rpm package http://www.rpmfind.net/linux/rpm2html/ basically commonly used packages can be found in it

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.