New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
IPv6 Fails to Compile #91
Comments
Could you please try to build libnet 1.1.6 and build again? I think I remember that libnet 1.1.4 doesn't build correctly so we disabled ipv6 until 1.1.6 hits debian/ubuntu. The debian mantainer of libnet is aware of this |
You are correct. Everything compiles with 1.1.6 installed. |
Ettercap is available with ipv6 enabled in my ppa, with the new libnet too (from debian experimental) |
Can this issue be closed? |
I would say that is up to you guys. The original issue still stands. There appears to be no documentation / indication to a developer using a Debian distro that they need to use libnet 1.1.6 or above. Ideally, specifying a minimum version in CMake would be great, but I couldn't seem to make that work. Perhaps somewhere in the install documentation a note should be dropped? I'm happy to write the proper blurb if someone points me to the correct location. |
@jacob-baines Good point on requiring at least 1.1.6, perhaps what I can add is some logic to CMake to determine whether 1.1.6 was not found and IPv6 is enabled and print out a warning message. |
@jacob-baines Thanks for the contribution! |
Submitted pull request for #104 this should error out if IPV6 is enabled and libnet 1.1.5 (or higher) was not found. |
Any reason we can't simply bundle libnet with Ettercap? By extension, we could do the same for libpcap, libpcre, and others. Nmap actually bundles libnet, lua, liblinear, libpcap, AND libpcre with its distribution. When configuring the build, one can specify '--with-libdnet=included'. If they want to use a user/distro-specified lib, they could provide '--with-libdnet=/usr/local/bla/bla/bla'. I used cmake's ExternalProject command to bundle luajit with my lua build of ettercap here. It worked really well, and I'll be very happy to spend some time bundling all the stuff that Ettercap is dependent upon. Proposal:
This would mean that the Debian distro (as well as users) would have the following choices:
Here are the pros/cons:
CONS:
|
Considering the amount of "issues" reported dealing with wrong versions of libnet, I would suggest to go ahead and work on this. I like the idea, thanks! |
Cons: libraries are usually HARD customized for linux distros, I don't like this approach. I could like it only if it is disabled by default. |
First, a correction: nmap bundles libdnet, not libnet. My bad. @LocutusOfBorg What I'm proposing explicitly requires that distros/users are able to specify their own builds of libraries. We aren't dictating anything; the choice as to whether they would use the included libs (or not) is entirely up to the user/packager. To be clear:
I want users on Distros like Debian-stable to be able to attack IPV6 without having to jump through a bunch of hoops. Remember: they'll come to us asking why they are getting build-errors, not the Debian folks. Ettercap isn't a normal application. It's a security tool. Let's follow in Nmap's footsteps and make it super easy to build. |
@justfalter You were clear enough, don't worry! Another point: ettercap is a security tool (you said). Let us assume libnet has a CVE. ETTERCAP WILL STILL BE VULNERABLE. Another point, we will need to take care of updating them every time a new version comes out, or to patch them. My point is: good to give this possibility, but the DEFAULT should be to use the shared library, and to move to our customization in a future (maybe after more than one year of testing) Just my .02$ |
I'm not complaining, I just want to give a point of view that a security tool mantainer should be aware of. |
@LocutusOfBorg All of those are totally fair points that I agree with. Let's continue the discussion when I submit a pull for the libnet stuff. I want to make sure that you and I have something that we can agree upon. I agree on defaulting to system shared libs. At the end of this, it is vital that we produce good documentation that clearly explains the build options along with their impacts. Oh, by the way, should we be closing this issue? I feel like I've hijacked things. |
For me the point is already clear, I agree with you and you with me, we do not differ in thoughts, I was just saying something you maybe missed on your first post. :) I agree with the pull request, I'm pretty sure the developers will like this too. |
Can we close this issue? :) |
System: Ubuntu 12.10 32 bit using libnet version 1.1.4
When IPv6 is enabled Ettercap fails to compile due to undeclared variables. A bunch of these values are defined in netinet/icmp6.h. Also, it appears that some of the values used to be defined in earlier versions of libnet/libnet-headers.h but the values were changed or removed? Finally, some of the definitions have the correct values in ec_proto.h but the wrong name (ie. ICMP6_ECHO is defined in ec_proto.h but ettercap uses ICMP6_ECHO_REQUEST in ec_send.c).
The text was updated successfully, but these errors were encountered: