HPE Community
Operating System - HP-UX
1820699 Members
2740 Online
109627 Solutions
New Discussion юеВ

ethereal like packet capture on HP-UX (native s/w)

 
SOLVED
Go to solution
Banibrata Dutta_1
Occasional Contributor

тАО10-06-2004 02:32 AM

тАО10-06-2004 02:32 AM

ethereal like packet capture on HP-UX (native s/w)

Hi,

I've attempted installing ethereal (0.9.15), libpcap (0.8.3), and openssl (0.9.7d) depots on the following machine (with uname -a) =
HP-UX bugs B.11.11 U 9000/800 185404661 unlimited-user license

For some reason it's still not usable, and dumps core, saying that it cannot find libz.sl. Dunno, where to find it. Anyway, thinking of giving up on ethereal, and looking for any native software which can take the raw-packet dump (like tcpdump), s.t. i can analyze it offline using ethereal on my windows host.
any such native s/w is available ? (like the "snoop" tool on Solaris, or "tcpdump" on linux).

tnx,
bdutta.
0 Kudos
Reply
9 REPLIES 9
Mark Greene_1
Honored Contributor

тАО10-06-2004 02:34 AM

тАО10-06-2004 02:34 AM

Re: ethereal like packet capture on HP-UX (native s/w)

You can download snort from here:

http://hpux.cs.utah.edu/hppd/hpux/Networking/Admin/snort-2.2.0/

mark
the future will be a lot like now, only later
0 Kudos
Reply
Mark Greene_1
Honored Contributor

тАО10-06-2004 02:40 AM

тАО10-06-2004 02:40 AM

Re: ethereal like packet capture on HP-UX (native s/w)

Apparently there has not yet been a binary distribution of ethereal for HP-UX 11.11 created:

http://hpux.cs.utah.edu/hppd/hpux/Gtk/Applications/ethereal-0.9.15/


the future will be a lot like now, only later
0 Kudos
Reply
A. Clay Stephenson
Acclaimed Contributor

тАО10-06-2004 02:41 AM

тАО10-06-2004 02:41 AM

Solution

Re: ethereal like packet capture on HP-UX (native s/w)

You missed some the the dependencies for ethereal. You need to download and install expat, gettext,glib,gtk+,libiconv,libpcal, and zlib before installing ethereal. These are all available (as is ethereal) from any of the HP-UX Porting Centre's.

I would try to get ehtereal going because it's power is quite amazing. There's almost nothing you cannot do using its filters.
If it ain't broke, I can fix that.
Reply
Banibrata Dutta_1
Occasional Contributor

тАО10-06-2004 02:46 AM

тАО10-06-2004 02:46 AM

Re: ethereal like packet capture on HP-UX (native s/w)

i will check out snort, but i hope that it doesn't have any dependencies on other depots!

as far as ethereal is concerned, i agree 100% about it's power & ease of use, but downloading & installing all dependent depots one by one (i.e. after failing), is a rather painful task on this host, as there's a huge network RTT.

thanks.
0 Kudos
Reply
John Payne_2
Honored Contributor

тАО10-06-2004 02:47 AM

тАО10-06-2004 02:47 AM

Re: ethereal like packet capture on HP-UX (native s/w)

Or you can go get tcpdump and install it. (Works just like tcpdump on Linux.) It is found in the "Internet Express" bundle. search for tcpdump at software.hp.com

Hope it helps

John
Spoon!!!!
0 Kudos
Reply
Dave Unverhau_1
Honored Contributor

тАО10-06-2004 04:00 AM

тАО10-06-2004 04:00 AM

Re: ethereal like packet capture on HP-UX (native s/w)

John mentioned the "Internet Express" bundle, and you will find Ethereal in that bundle. The current version of the bundle for 11.11 is A.03.00 and the version of Ethereal in that bundle is 0.10.5a. You can download the bundle from this location:

http://software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=HPUXIEXP1111

Once you install Ethereal, check the README and README.hp files located in /opt/iexpress/ethereal for configuration info.

Best Regards,

Dave
Romans 8:28
0 Kudos
Reply
Bill Hassell
Honored Contributor

тАО10-06-2004 04:26 AM

тАО10-06-2004 04:26 AM

Re: ethereal like packet capture on HP-UX (native s/w)

One aditional feature about Ethereal is that it can read and format nettl (HP's net trace facility) traces too.


Bill Hassell, sysadmin
0 Kudos
Reply
MAUCCI_2
Frequent Advisor

тАО10-07-2004 09:34 AM

тАО10-07-2004 09:34 AM

Re: ethereal like packet capture on HP-UX (native s/w)

Hi Bani,

why don't you simply use nettl?

++Cyrille
0 Kudos
Reply
Bill Hassell
Honored Contributor

тАО10-07-2004 03:31 PM

тАО10-07-2004 03:31 PM

Re: ethereal like packet capture on HP-UX (native s/w)

Once you use Ethereal to look at traces, you'll never use nettl to format your traces again. Ethereal provides detailed field analysis of each packet, broken down into categories. Ethereal replaces a pile of reference papers for all the different protocols.


Bill Hassell, sysadmin
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.