How to compile WinPcap
[WinPcap internals]

This section explains how to compile WinPcap, both the kernel level and the user-level portion, on the various Win32 platforms. The source code can be found on the WinPcap website.

Compiling the driver

Two main NPF source trees are available for compilation:  Windows NTx and Windows 9x. Note that, since the NPF Driver is platform-dependent, it is STRONGLY suggested to compile it for the OS where it will be used, in order to link the correct DDK libraries. For example, if you compile the driver with the Windows NT 4 DDK, it will not work properly on Windows 2000 and vice versa.

Compiling the driver for Windows NT4

Software requirements:

If your system satisfies these requirements, follow these steps:

  1. From the Windows NT Start menu, select the folder Programs and then Development Kits, then Windows NT4 DDK. From here select the voice Checked Build Environment if you want to build a debug version, or Free Build Environment if you want to build a release version.
  2. A command prompt will be opened. Move to the directory PacketNTx inside the WinPcap source folder and type the command

    CompileDriver

    This script will generate the driver (npf.sys). The binary will be put in one of these folders
    • Free Build Environment: winpcap\PacketNTx\driver\bin\NT4\i386\free
    • Checked Build Environment: winpcap\PacketNTx\driver\bin\NT4\i386\checked

Warning: sometimes, during the compilation of the driver, a lot of 'last line incomplete' errors are generated. Ignore these errors and let the compilation process continue, they are due to bugs in some DDK versions.

Compiling the driver for Windows 2000/XP/2003/Vista/2008 (x86 and x64)

Software requirements:

NOTE: it should be possible to use older DDKs to compile WinPcap, but you might need to manually modify the compilation scripts in order to disable PREfast (PREfast is a static code analysis tool shipped with recent versions of the DDK/WDK).

If your system satisfies these requirements, follow these steps:

  1. From the Windows Start menu, select the folder Programs and then Windows Driver K, then WDK 6000, then Build Environments.
    • x86 driver: Choose Windows 2000 and then Windows 2000 x86 Free Build Environment if you want to build a release version or Windows 2000 x86 Checked Build Environment if you want to build a debug version.
    • x64 driver: Choose Windows Server 2003 and then Windows Server 2003 x64 Free Build Environment if you want to build a release version or Windows Server 2003 x64 Checked Build Environment if you want to build a debug version.
  2. A command prompt will be opened. Move to the directory PacketNTx inside the WinPcap source folder and type the command

    CompileDriver

    This script will generate the driver (npf.sys). The binary will be put in one of these folders
    • x86 driver (both Free and Checked Build): winpcap\PacketNTx\driver\bin\i386
    • x64 driver (both Free and Checked Build): winpcap\PacketNTx\driver\bin\amd64

Compiling the driver on Windows 9x

NOTE: this Windows platform is no longer supported by WinPcap. However, the sources for these operating systems are still available in the sources package.

To compile the driver for Windows 9x you will need:

The steps to follow are:

  1. Open a DOS shell
  2. Go to the VisualC++ BIN directory (for example C:\DEVSTUDIO\VC\BIN) and execute the command

    Vcvars32
  3. Go to the SDK directory (for example C:\MSSDK) and execute the command

    Setenv sdk_path

    where sdk_path is the directory of SDK (for example Setenv C:\MSSDK)
  4. Go to the DDK directory (for example C:\DDK) and execute the command

    Ddkenv 32 net
  5. Move to the directory whit the driver's source code and type the command

    nmake rtl

    to obtain a release version, or

    nmake

    to obtain a debug version.
    The release version of packet.vxd will be placed in the retail directory, the debug version in the debug directory.

Warning: On some systems the NMAKE utility is not able to launch ADRC2VXD, this means that the driver binary is generated correctly, but without the copyright information. We don't know the cause of this problem.

Compiling packet.dll

The source tree for this DLL is located in PacketNTx\dll\.

NOTE: the 9x family of Windows operating systems is no longer supported by WinPcap. However, the sources for these operating systems are still available in the sources package.

Software requirements:

To compile the PACKET.DLL, load the project packet.sln contained in the directory PacketNTx\dll\project in Visual Studio 2005. There are several project configurations, each of them available for the x86 (Win32) and x64 platforms:

Choose the desired configuration and build the project to obtain the binary files.

Compiling wpcap.dll

wpcap.dll can be compiled for any Win32 platform and the generated dll is system independent.

System Requirements:

To compile the wpcap.dll, load the project wpcap.sln contained in the directory wpcap\PRJ in Visual Studio 2005. There are several project configurations, each of them available for the x86 (Win32) and x64 platforms:

Choose the desired configuration and build the project to obtain the binary files.

Note: wpcap.dll contains the source code of libpcap from www.tcpdump.org, with some modifications for remote capture. You will be able to include and build a different libpcap version simply copying it in the directory winpcap\wpcap\prj of the WinPcap source code distribution, but you must use the "Debug" or "Release" build configurations.
 


documentation. Copyright (c) 2002-2005 Politecnico di Torino. Copyright (c) 2005-2008 CACE Technologies. All rights reserved.