This section explains how to compile WinPcap, both the kernel level and
the user-level portion, on the various Win32 platforms. The source code can be
found on the WinPcap website.
Compiling the driver
Two main NPF source trees are available for compilation: Windows NTx and Windows 9x. Note that, since the NPF
Driver is platform-dependent, it is STRONGLY suggested to compile it for the OS where it will be used, in order to
link the correct DDK libraries. For example, if you compile the
driver with the Windows NT 4 DDK, it will not work properly on Windows 2000 and
vice versa.
Compiling the driver for Windows NT4
Software requirements:
- Microsoft Driver Developer Kit (DDK) for Windows NT4
- A recent version of the Microsoft Platform Software Development Kit
(SDK) that is compatible with Visual Studio 6 (the latest compatible one is
Platform SDK February 2003). This version of the PSDK is available on the
Microsoft web site at
http://www.microsoft.com/msdownload/platformsdk/sdkupdate/psdk-full.htm.
It can be ordered online at
http://www.qmedia.ca/launch/psdk.htm, and it's also available to
Microsoft MSDN subscribers on the Subscribers Downloads web site.
- Microsoft Visual C++ 6.0
with Service Pack 5 or 6 (both the service packs are available online on the
Microsoft web site).
If your system satisfies these requirements, follow these steps:
- From the Windows NT Start menu, select the folder Programs and
then Development Kits, then Windows NT4 DDK. From here select the voice
Checked Build
Environment if you want to build a debug version, or Free Build
Environment if you want to build a release version.
- A command prompt will be opened. Move to the directory PacketNTx inside the
WinPcap source folder and type the command
CompileDriver
This script will generate the driver (npf.sys). The binary will be put in
one of these folders
- Free Build Environment: winpcap\PacketNTx\driver\bin\NT4\i386\free
- Checked Build Environment: winpcap\PacketNTx\driver\bin\NT4\i386\checked
Warning: sometimes, during the compilation of the driver, a lot of
'last line incomplete' errors are generated. Ignore these errors and let the
compilation process continue, they are due to bugs in some DDK versions.
Compiling the driver for Windows 2000/XP/2003/Vista/2008/Win7/2008R2 (x86 and x64)
Software requirements:
- Microsoft Windows Driver Kit (WDK) 6001.18002. As of release 4.1,
WinPcap is compiled with WDK 6001.18002.
NOTE: it should be possible to use older DDKs to compile WinPcap, but you
might need to
manually modify the compilation scripts in order to disable PREfast (PREfast is
a static code analysis tool shipped with recent versions of the DDK/WDK).
If your system satisfies these requirements, follow these steps:
- From the Windows Start menu, select the folder Programs and
then Windows Driver K, then WDK 6001.18002, then Build Environments.
- x86 driver: Choose Windows 2000 and then Windows 2000 x86 Free Build Environment if you want to build a release version or Windows 2000
x86 Checked Build Environment if you want to build a debug version.
- x64 driver: Choose Windows Server 2003 and then Windows
Server 2003 x64 Free Build Environment if you want to build a release version or
Windows Server 2003
x64 Checked Build Environment if you want to build a debug version.
- A command prompt will be opened. Move to the directory PacketNTx inside the
WinPcap source folder and type the command
CompileDriver
This script will generate the driver (npf.sys). The binary will be put in
one of these folders
- x86 driver (both Free and Checked Build): winpcap\PacketNTx\driver\bin\i386
- x64 driver (both Free and Checked Build): winpcap\PacketNTx\driver\bin\amd64
Compiling the driver on Windows 9x
NOTE: this Windows platform is no longer supported by
WinPcap. However, the sources for these operating systems are still available in
the sources package.
To compile the driver for Windows 9x you will need:
- Driver Developer Kit (DDK) for Windows 95/98/ME
- A recent version of the Microsoft Platform Software Development Kit (SDK)
that is compatible with Visual Studio 6 (the latest compatible one is
Platform SDK February 2003). This version of the PSDK is available on the
Microsoft web site at
http://www.microsoft.com/msdownload/platformsdk/sdkupdate/psdk-full.htm.
It can be ordered online at
http://www.qmedia.ca/launch/psdk.htm, and it's also available to
Microsoft MSDN subscribers on the Subscribers Downloads web site.
- Microsoft Visual C++ 6.0
with Service Pack 5 or 6 (both the service packs are available online on the
Microsoft web site).
The steps to follow are:
- Open a DOS shell
- Go to the VisualC++ BIN directory (for example C:\DEVSTUDIO\VC\BIN) and
execute the command
Vcvars32
- Go to the SDK directory (for example C:\MSSDK) and execute the command
Setenv sdk_path
where sdk_path is the directory of SDK (for example Setenv C:\MSSDK)
- Go to the DDK directory (for example C:\DDK) and execute the command
Ddkenv 32 net
- Move to the directory whit the driver's source code and type the command
nmake rtl
to obtain a release version, or
nmake
to obtain a debug version.
The release version of packet.vxd will be placed in the
retail
directory, the debug version in the debug directory.
Warning: On some systems the NMAKE utility is not able to
launch ADRC2VXD, this means that the driver binary is generated correctly, but
without the copyright information. We don't know the cause of this problem.
Compiling packet.dll
The source tree for this DLL is located in PacketNTx\dll\.
NOTE: the 9x family of Windows operating systems is no longer supported
by WinPcap. However, the sources for these operating systems are still available
in the sources package.
Software requirements:
- Microsoft Visual Studio 2005 SP1. It's theoretically possible to compile
the x86 version with Visual Studio 6, but the project files are no longer
maintained.
- The AirPcap developer's pack from
http://www.cacetech.com/downloads.html. The AirPcap developer's
pack needs to be unzipped in a folder in the same folder where the WinPcap
sources have been unzipped.
To compile the PACKET.DLL, load the project packet.sln contained in the directory PacketNTx\dll\project
in Visual Studio 2005. There are several project
configurations, each of them available for the x86 (Win32) and x64 platforms:
- Release: standard release configuration
- Debug: standard debug configuration
- Release NT4: release configuration able to run on
NT4. It does not include Wan and IP helper API support.
- Debug NT4: debug configuration able to run on
NT4. It does not include Wan and IP helper API support.
- Release No NetMon: release configuration able to run on
Vista. It
does not include Wan support (with the NetMon API).
- Debug No NetMon: debug configuration able to run on
Vista. It
does not include Wan support (with the NetMon API).
- Release LOG_TO_FILE: standard release configuration with tracing to
file enabled.
- Release NT4 LOG_TO_FILE: release configuration able to run on
NT4 with tracing to file enabled. It does not include Wan and IP helper API support.
- Release No NetMon LOG_TO_FILE: release configuration able to run on
Vista with tracing to file enabled. It
does not include Wan support (with the NetMon API).
Choose the desired configuration and build the project to obtain the binary
files.
Compiling wpcap.dll
wpcap.dll can be compiled for any Win32 platform and the generated dll is system independent.
System Requirements:
- Microsoft Visual Studio 2005 SP1. It's theoretically possible to compile
the x86 version with Visual Studio 6, but the project files are no longer
maintained.
- The AirPcap developer's pack from
http://www.cacetech.com/downloads.html. The AirPcap developer's
pack needs to be unzipped in a folder in the same folder where the WinPcap
sources have been unzipped.There are eight build project configurations:
To compile the wpcap.dll, load the project wpcap.sln contained in the directory
wpcap\PRJ
in Visual Studio 2005. There are several project
configurations, each of them available for the x86 (Win32) and x64 platforms:
- Release: standard release configuration
- Debug: standard debug configuration
- Release No AirPcap: release configuration without support for
AirPcap adapters.
- Debug No AirPcap: debug configuration without support for AirPcap
adapters.
Choose the desired configuration and build the project to obtain the binary
files.
Note: wpcap.dll contains the source code of libpcap from
www.tcpdump.org, with some modifications
for remote capture. You will be able to include and build a different libpcap
version simply copying it in the directory winpcap\wpcap\prj of the
WinPcap source code distribution, but you must use the "Debug" or "Release"
build configurations.