p0f 2.0.8 on openWRT

First, read the posting by David about nepenthes on openWRT. Then get p0f from here http://lcamtuf.coredump.cx/p0f.tgz.

cd kamikaze_9.04/dl
tar zxf ~/p0f.tgz
cd p0f
vi mk/Linux

#change these lines to the full path to your compiler, include and library dirs
# probably a nicer way to do it, but i'm in a hurry :) 
CC      = /home/jamie/slug/kamikaze_7.09/staging_dir_armeb/bin/armeb-linux-uclibc-gcc
LIBS    = -lpcap -I/usr/include/pcap -I/usr/local/include/pcap -I/home/jamie/slug/kamikaze_7.09/build_armeb/libpcap-0.9.4/ -L/home/jamie/slug/kamikaze_7.09/build_armeb/libpcap-0.9.4/

cd ..
mv p0f p0f-2.0.8
tar zcvf p0f-2.0.8.tgz p0f-2.0.8

cd ..

Now, create the Makefile below in packages/p0f/Makefile – remember to make sure it has tabs, not spaces! Then compile:

make package/p0f-compile V=99

Copy the ipkg file onto your openWRT box and install, the just type p0f to run:

== output ==

root@OpenWrt:~# p0f -l
p0f - passive os fingerprinting utility, version 2.0.8
(C) M. Zalewski <lcamtuf@dione.cc>, W. Stearns <wstearns@pobox.com>
p0f: listening (SYN) on 'eth0', 262 sigs (14 generic, cksum 0F1F5CA2), rule: 'all'.
77.a.b.c:59460 - Linux 2.6 (newer, 2) (NAT!) (up: 200 hrs) -> 88.x.y.z:22 (distance 14, link: BT DSL (?))

== Makefile for p0f ==
#
# Copyright (C) 2006 OpenWrt.org
#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
#
# $Id: Makefile 9695 2007-12-09 18:59:01Z nbd $

include $(TOPDIR)/rules.mk

PKG_NAME:=p0f
PKG_VERSION:=2.0.8
PKG_RELEASE:=1

PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tgz
PKG_SOURCE_URL:=http://www.stearns.org/p0f
PKG_MD5SUM:=unknown

include $(INCLUDE_DIR)/package.mk

define Package/p0f
SECTION:=net
CATEGORY:=Network
DEPENDS:=+libpcap
TITLE:=P0f
URL:=http://http://www.stearns.org/p0f/
endef

define Package/p0f/description
P0f
endef

CONFIGURE_VARS += \
CPPFLAGS="$$$$CPPFLAGS -g " \
LIBS="-nodefaultlibs" \

define Build/Configure
$(call Build/Configure/Default,)
endef

define Build/Compile
$(MAKE) -C $(PKG_BUILD_DIR) DESTDIR="$(PKG_INSTALL_DIR)"
endef


define Package/p0f/install
install -d -m0755 $(1)/usr
install -d -m0755 $(1)/usr/bin
install -d -m0755 $(1)/etc
install -d -m0755 $(1)/etc/p0f
install -m0755 $(PKG_BUILD_DIR)/p0f $(1)/usr/bin
cp -R $(PKG_BUILD_DIR)/p0f.fp $(1)/etc/p0f
endef
#
$(eval $(call BuildPackage,p0f))

Comments are closed.