Re: compilation status of current (2004-09-13) on HP-UX 11.11

[rick jones <rick.jones2 () hp com>]

> > /usr/ccs/bin/ld: Duplicate symbol "pcap_list_datalinks" in files 
> > datalinks.o and ./../libpcap/libpcap.a(pcap.o)
> > /usr/ccs/bin/ld: Duplicate symbol "pcap_datalink_val_to_name" in 
> > files dlnames.o and ./../libpcap/libpcap.a(pcap.o)
> > /usr/ccs/bin/ld: Duplicate symbol "pcap_datalink_name_to_val" in 
> > files dlnames.o and ./../libpcap/libpcap.a(pcap.o)
> > /usr/ccs/bin/ld: Duplicate symbol "pcap_datalink_val_to_description" 
> > in files dlnames.o and ./../libpcap/libpcap.a(pcap.o)
>
> It appears that the configure script did not correctly determine that 
> the libpcap with which to link tcpdump already had the functions in 
> question, so it set up the Makefile to build tcpdump's fallback 
> implementations of them.

That may be operator error on my part - the libpcap symlink may not 
have been there at configure time.

> Could you send us the config.log file from the tcpdump directory?

if it still happens after a make distclean;./configure; make i'll send 
the config.log

> > PS - I'm looking for worked examples of reconstructing a TCP stream 
> > (separate each way is fine/preferred) from a tcpdump format (binary) 
> > trace.
>
> Well, there's the Ethereal code for "Follow TCP Stream", but it drags 
> in a lot of the Ethereal framework.
>
> You might look at tcpflow:
>
>         http://www.circlemud.org/~jelson/software/tcpflow/

thanks.  the end goal is to look at NFS over TCP traffic where the 
traffic may have nfs messages split across segments, several in a 
segment, that sort of thing.

rick jones

-
This is the tcpdump-workers list.
Visit https://lists.sandelman.ca/ to unsubscribe.