What is it? It's a very cool network visualization tool. I first encountered the tool when a colleague of mine used it in a Marketing Showcase for a large networking company that we worked for.
Later, I rejoined that same colleague, and he had unleashed the same weapon for marketing demo systems. Interestingly, despite the fact that it was 10 years or so later, the people at this state-of-the-art networking company had not heard of the tool.
So - EtherApe was such a cool tool, that our trade shows and showcases were dependent on it once again. Which meant, that it not only did people want to run it, but inevitably, people wanted to customize it. Myself, I had never ventured into the bowels of EtherApe (we had other engineers doing this, so why duplicate effort?).
Eventually, though, there WAS a need to - a project - that came up, and we did want to customize EtherApe, so I rolled up my sleeves and downloaded EtherApe, and customized it using the Glade software. Unfortunately, I sent the server I did this on out into the field (to the customer), and therefore, although documenting what I did, did not have the actual customizations I had made.
I learned that I got lucky on that initial project. Compiling EtherApe can be difficult enough on a modern system. Customizing it leaves a number of places where someone can go wrong.
So, the objective of this blog is to "recapture the steps" to:
a. Download and Run EtherApe
b. Have the ability to customize EtherApe.
On the Etherape page, it lists the following dependencies:
- The libpcap packet capture library, available from the Lawrence Berkeley National Laboratory.
- GTK+, available from the GTK+ site. Version 2.12 or above is needed.
- Libglade 2, available from ftp://ftp.gnome.org/pub/GNOME/sources/libglade
- Gnome, available from the Gnome site. Version 2 is needed.
- The standard resolver library (exact name varies with OS and distribution)
I checked, and the libpcap package was already installed, thanks to prior installations of things like Wireshark. In fact, not only libpcap was installed, but the libpcap development package is also installed. This is good, because it provides headers and additional packages.
My versions are:
libpcap-1.5.3-8.el7.x86_64
libpcap-devel-1.5.3-8.el7.x86_64
gtk+
Next, I looked at gtk+. The Etherape page states a minimum version of 2.12, which indicates to me that this version was probably tested by the developers. When I go to the website for gtk+, I notice that there is a "gtk+" version 3 branch, and a version 2 branch (see below image). The version 2 has a 2.24 - and when you click on this, the latest version on 2.24 sources is 2.24.31. So - in summary, this is how I wound up installing this particular version of gtk+. I downloaded these sources, compiled them and installed them. This did not install an rpm, by the way - so an rpm -qa would not report this particular package as being installed on the system. One would have to "know", or "remember" that this was installed in a custom way, as is the case when you install sources like this.
NOTE:
Looking around, I do find this 2.12 version sitting on a site called:
https://launchpad.net/gtk/+milestone/2.12.0
This version is hosted as a bzip2 file, which means you must use the bzip utility to download it! And bzip is not like tar - in that it does not, by default, save the original archive. You must use the -dk options to do this, such as:
bzip2 -dk gtk+-2.12.0.tar.bz2
I did go ahead and download the 2.12 version of gtk+, and bzip - figuring it could be good to have, "just in case". You never know when these sites might disappear.
Next, from the gtk+ site, I see that gtk+ also has its list of dependencies:
Now keep in mind, these are dependencies for version 3.22 of GTK+. It doesn't mean an earlier version of GTK+ uses all of these, although it would be reasonable to assume so.
So let's do a quick check on the command line, with rpm -q (query), and see what we get:
rpm -qa | grep glib; reports version 2.46.2-4.el7.x86_64. glib-devel is NOT installed.
rpm -qa | grep pango; reports version 1.36.8-2 of both pango and pango-devel.
rpm -qa | grep pixbuf; reports version 2.31.6-3 of both gdk-pixbuf2 and gdk-pixbuf2-devel.
rpm -qa | grep atk; reports version 2.14.0-1.el7.x86_64 of both atk and atk-devel.
rpm -qa | grep gobj; reports version 1.42.0-1.el7.x86_64 of gobject-introspection.
libglade 2
With glade, we downloaded the 2.6.4 and did a configure/make/install on that package.
Doing a quick check to see what we have on the system:
rpm -qa | grep glade; reports libglade2-2.6.4-11.el7.x86_64 and also the devel package.
Gnome
It is not clear what we need to install for Gnome. Obviously, you need to have the Gnome desktop installed (which we do).
I decided to take a guess, and install libgnome (not sure if this is even a real package or not). So I typed "yum install libgnome", and sure enough, six packages installed. The versions of libgnome and libgnome-devel include libgnome-2.32.1-9.el7.x86_64 and libgnome-devel-2.32.1-9.el7.x86_64.
On to Etherape
So we have all packages necessary, it appears, for Etherape to run.
Do we have the right versions of these packages? Not sure.
Let's check and see if we have Etherape.
rpm -qa | grep Etherape; returns nothing.
What version of Etherape should we download?
You can download binaries, or you can download and compile the source code, from the Sourceforge site. It could be interesting to inspect the source, so let's download that.
It looks like .9.1.4 is the current version (we are not at version 1.0 of this software, which has been around now for years? that seems weird to me). At this version level, it appears they have binary (precompiled) installs for several distribution flavors and versions of Linux, including CentOS 6 and 7.
But we want the source, and there is a source file there as well. We will download the file: etherape-0.9.14.tar.gz . This will download the file into the default browser directory for the user you are running as, and you will probably want to unpack it in another directory (/opt, /usr/local, etc) to compile it.
NOTE: If you get an error about a missing package called ScrollKeeper, install the package rarian. ScrollKeeper is now part of the rarian package, to my understanding.
From here, you can - and should - invoke Etherape to make sure it runs. That's certainly important.
Once you have verified that it runs, the next step is to run glade, and make sure glade launches. Problem is, how to you actually start glade? I wasn't sure - and it wasn't easy to figure out in two seconds. This site here has an example of how to start glade:
https://www-uxsup.csx.cam.ac.uk/courses/moved.Glade/course.pdf
But glade-2 did not start it. Instead, I found a glade-3 binary in /usr/local/bin. It turns out, that I guess Linux installed glade 3.85 on the system.
I did invoke this glade (3.85) and it did read in an Etherape glade file.
To be continued....
No comments:
Post a Comment