tcpdump rpcapd 相关编译方法

# 安装编译环境
sudo apt install build-essential
sudo apt install crossbuild-essential-arm64 byacc flex
# arm旧版交叉编译环境
# crossbuild-essential-armhf

# 下载源码
wget http://www.tcpdump.org/release/tcpdump-4.99.1.tar.gz
wget http://www.tcpdump.org/release/libpcap-1.10.1.tar.gz

# 解压
tar zxvf tcpdump-4.99.1.tar.gz
tar zxvf libpcap-1.10.1.tar.gz

# miss libcrypt 处理（ubuntu22默认没有arm的libcrypt，lcrypt参数编译会报错，需要单独下载）
wget http://ports.ubuntu.com/ubuntu-ports/pool/main/libx/libxcrypt/libcrypt-dev_4.4.28-2_arm64.deb
mkdir libcrypt-dev
ar -x libcrypt-dev_4.4.28-2_arm64.deb --output=libcrypt-dev
cd libcrypt-dev
tar -I zstd -xvf data.tar.zst

# arm编译设置环境变量
# export CC=arm-linux-gnueabi-gcc
export CC=aarch64-linux-gnu-gcc

# 先编译libpcap
# arm编译添加参数LDFLAGS
cd libpcap-1.10.1
./configure --host=arm-linux --with-pcap=linux --enable-remote  LDFLAGS=-L/home/work/tcpdump/libcrypt-dev/usr/lib/aarch64-linux-gnu
make

cd tcpdump-4.99.1

# get kernel version number
uname -a
export ac_cs_linux_vers=5

# libpcap编译静态编译会报错
export CFLAGS=-static
export CPPFLAGS=-static
export LDFLAGS=-static

./configure --host=arm-linux --disable-ipv6

make
# arm处理
# arm-linux-gnueabi-strip tcpdump
aarch64-linux-gnu-strip tcpdump

# 核实输出文件支持架构
file tcpdump

# 编译rpcapd
cd libpcap-1.10.1
cd rpcapd

file rpcapd

# 静态编译最后的文件，arm需要用-L加上libcrypt路径
aarch64-linux-gnu-gcc -fvisibility=hidden -g -O2 -o rpcapd daemon.o \
    fileconf.o log.o rpcapd.o ../rpcap-protocol.o ../sockutils.o ../fmtutils.o ../sslutils.o ../libpcap.a \
    -lcrypt -lpthread -static -L/home/work/tcpdump/libcrypt-dev/usr/lib/aarch64-linux-gnu

file rpcapd

# x86_64的静态编译
# ./configure --with-pcap=linux --enable-remote  
# gcc -fvisibility=hidden -g -O2  -o rpcapd daemon.o \
#     fileconf.o log.o rpcapd.o ../rpcap-protocol.o ../sockutils.o ../fmtutils.o ../sslutils.o ../libpcap.a  -lcrypt

# tcpdump 单独静态编译
gcc -static -DHAVE_CONFIG_H -static  -I. -I../libpcap-1.10.1  -static -static -o tcpdump fptype.o tcpdump.o libnetdissect.a ../libpcap-1.10.1/libpcap.a