安装
下好源码包,输入 1
2
3./configure
make
make install
进行安装,./configure的过程中可能出错,缺什么库就装什么,比如libpcap和libnet等等,glib也有版本要求,不够再装,glib的安装也比较麻烦,总说少这少那,在ubuntu下可以尽量用apt-get install装,如果不知道库的名字,apt-cache serach libname可以搜索指定的lib。
编译
装完后去samples下面测试,直接make应该会出错。Makefile加上-lglib-2.0之后可以正常编译: 1
gcc test.c -o test -lnids -lpcap -lnet -lgthread-2.0 -lglib-2.0
运行
运行printall可能没有任何输出,在参考网址中找到了解决办法。 Libnids的API.html里似乎有个相关的说明: 1
2Q.1 For a connection X, my tcp callback gets only the data sent by the server ?
A.1 You probably run a libnids app on a host that is the client side of X; and your NIC driver offloads checksums computing to the hardware. So, when libnids sees packets sent by the client, their checksum is not computed, and they are dropped. See the API.html file on the description of the nids_register_chksum_ctl(), and configure libnids app to skip checksum verification of packets sent by the host you run libnids on.
但如果没有关闭校验和计算,运行libnids的不管是作为client还是作为server,都没有任何数据输出。