hping wiki

Differences for page Open bugs

Current version compared with version Wed Sep 21 12:57:34 GMT 2005

...
  
  Please write the bug report in any case even if you have only some of this information.
  
+ -----------------------------------
+ ->OS Ubuntu 8.10
+ ->hping version 2.0.0-rc3, 3.0.0-alpha-2
+ ->gcc version 4.3.2 (Ubuntu 4.3.2-1ubuntu12
+ 
+ Buffer overflow is in place when options --scan and -t uses at the same time. At the list below I used ttl 1 (there are two hops to the target 10.201.1.100). But situation is the same for any ttl=target_ttl-1 and less. Also I mentioned that if I use one remote port to scan sometimes issue not shown and I can see the normal output of hping. Situation is the same both for hping2 and hping3.
+ 
+ root@bt:~# traceroute -T 10.201.1.100
+  traceroute to 10.201.1.100 (10.201.1.100), 30 hops max, 40 byte packets
+  1  my.firewall (10.201.2.1)  5.406 ms  10.532 ms  15.561 ms
+  2  10.201.1.100 (10.201.1.100)  58.799 ms  60.190 ms  61.298 ms
+ 
+ root@bt:~# hping -S -p 80 10.201.1.100
+  HPING 10.201.1.100 (eth0 10.201.1.100): S set, 40 headers + 0 data bytes
+  len=46 ip=10.201.1.100 ttl=127 DF id=20607 sport=80 flags=SA seq=0 win=65535 rtt=4.9 ms
+  len=46 ip=10.201.1.100 ttl=127 DF id=20610 sport=80 flags=SA seq=1 win=65535 rtt=4.9 ms
+  ^C
+  --- 10.201.1.100 hping statistic ---
+  2 packets transmitted, 2 packets received, 0% packet loss
+  round-trip min/avg/max = 4.9/4.9/4.9 ms
+ 
+ root@bt:~# hping -S -p 80 -t 1 10.201.1.100
+  HPING 10.201.1.100 (eth0 10.201.1.100): S set, 40 headers + 0 data bytes
+  TTL 0 during transit from ip=10.201.2.1 name=my.firewall
+  TTL 0 during transit from ip=10.201.2.1 name=my.firewall
+  TTL 0 during transit from ip=10.201.2.1 name=my.firewall
+  ^C
+  --- 10.201.1.100 hping statistic ---
+  3 packets transmitted, 3 packets received, 0% packet loss
+  round-trip min/avg/max = 0.0/0.0/0.0 ms
+ 
+ root@bt:~# hping -S --scan 80 -t 1 10.201.1.100
+  Scanning 10.201.1.100 (10.201.1.100), port 80
+  1 ports to scan, use -V to see all the replies
+  +----+-----------+---------+---+-----+-----+
+  |port| serv name |  flags  |ttl| id  | win |
+  +----+-----------+---------+---+-----+-----+
+  *** buffer overflow detected ***: hping terminated
+  ======= Backtrace: =========
+  /lib/tls/i686/cmov/libc.so.6(__fortify_fail+0x48)[0xb7f746d8]
+  /lib/tls/i686/cmov/libc.so.6[0xb7f72800]
+  hping[0x8050529]
+  hping[0x805100a]
+  hping[0x8049be8]
+  /lib/tls/i686/cmov/libc.so.6(__libc_start_main+0xe5)[0xb7e90685]
+  hping[0x8049461]
+  ======= Memory map: ========
+  08048000-08058000 r-xp 00000000 03:05 1058310    /usr/sbin/hping2
+  08058000-0805a000 rw-p 0000f000 03:05 1058310    /usr/sbin/hping2
+  0805a000-08060000 rw-p 00000000 00:00 0
+  080fb000-0811c000 rw-p 00000000 00:00 0          [heap]
+  b7d98000-b7da5000 r-xp 00000000 03:05 1038415    /lib/libgcc_s.so.1
+  b7da5000-b7da6000 r--p 0000c000 03:05 1038415    /lib/libgcc_s.so.1
+  b7da6000-b7da7000 rw-p 0000d000 03:05 1038415    /lib/libgcc_s.so.1
+  b7db9000-b7e7a000 rw-s 00000000 00:08 1736725    /SYSV00000000 (deleted)
+  b7e7a000-b7fd2000 r-xp 00000000 03:05 1048034    /lib/tls/i686/cmov/libc-2.8.90.so
+  b7fd2000-b7fd4000 r--p 00158000 03:05 1048034    /lib/tls/i686/cmov/libc-2.8.90.so
+  b7fd4000-b7fd5000 rw-p 0015a000 03:05 1048034    /lib/tls/i686/cmov/libc-2.8.90.so
+  b7fd5000-b7fd8000 rw-p 00000000 00:00 0
+  b7fea000-b7fec000 rw-p 00000000 00:00 0
+  b7fec000-b8006000 r-xp 00000000 03:05 1038373    /lib/ld-2.8.90.so
+  b8006000-b8007000 rw-p 00000000 00:00 0
+  b8007000-b8008000 r--p 0001a000 03:05 1038373    /lib/ld-2.8.90.so
+  b8008000-b8009000 rw-p 0001b000 03:05 1038373    /lib/ld-2.8.90.so
+  bf8fd000-bf912000 rw-p 00000000 00:00 0          [stack]
+  ffffe000-fffff000 r-xp 00000000 00:00 0          [vdso]
+  Aborted
+  Not responding ports: (80 www)
+  All replies received. Done.
+ 
+ root@bt:~# hping -S --scan 80 10.201.1.100
+  Scanning 10.201.1.100 (10.201.1.100), port 80
+  1 ports to scan, use -V to see all the replies
+  +----+-----------+---------+---+-----+-----+
+  |port| serv name |  flags  |ttl| id  | win |
+  +----+-----------+---------+---+-----+-----+
+     80 www        : .S..A... 127 46672 65535
+  All replies received. Done.
+  Not responding ports:
+ 
+ ------------------------------------------------------------
+ 
+ 
+ ----
+ *FIXME fixed:* The IP id issue for fragments can be resolved with this path. 13.09.2007 (oliver dot stampfli @ epfl dot ch)
+ Index: sendip.c
+  ===================================================================
+  RCS file: /cvsroot/hping2/hping3s/sendip.c,v
+  retrieving revision 1.2
+  diff -r1.2 sendip.c
+  67c67,68
+  < 	else /* if you need fragmentation id must not be randomic */
+  ---
+  > 	else /* if you need fragmentation id must not be random but all fragments belonging to the
+  > 		  * the same IP packet must have the same id that is unique amongst other fragments. */
+  69,73c70,79
+  < 		/* FIXME: when frag. enabled sendip_handler shold inc. ip->id */
+  < 		/*        for every frame sent */
+  < 		ip->id		= (src_id == -1) ?
+  < 			htons(getpid() & 255) :
+  < 			htons((unsigned short) src_id);
+  ---
+  > 		if(src_id == -1)
+  > 		{
+  > 			__u16 b16_counter = (__u16)sent_pkt;
+  > 			__u16 b16_pid = getpid() & 0xff;
+  > 			ip->id = htons(b16_pid + b16_counter);
+  > 		}
+  > 		else
+  > 		{
+  > 			ip->id = htons((unsigned short) src_id);
+  > 		}
+ ----
+ *Bug Report:* Error in computation of checksums for odd packet size. 31.8.2007 (oliver dot stampfli @ epfl dot ch)
+ It is the same bug that was already discovered in the ars.c file but this one is in the cksum.c file:
+ Change line 22 of cksum.c.
+  *((__u16 *) &oddbyte) = *(__u16 *) buf;
+ To
+  *((__u16 *) &oddbyte) = *(__u8 *) buf;
+ ----
+ *Bug Report:* Not possible to send maximal data size. (oliver dot stampfli at epfl dot ch)
+ 
+ One can not send packets with the maximal size of 65535 byte.
+ Patch attached to fix this problem : {patch_maxsize.diff}
+ ----
+ *Bug Report:* Too early auto-fragmentation (oliver dot stampfli at epfl dot ch)
+ 
+ The problem is that if someone wants to send packets with exactly the MTU size of an interface then
+ hping activates auto-fragmentation although it is not needed at this point. The effect is that
+ one cannot send MTU sized packets with the DF bit on.
+ After this patch hping will send packets with exactly the same packet size but it will no more
+ activate the auto-fragment mode too early and therefore one can send packets with MTU size that
+ still have the DF bit set.
+ 
+         diff -urb hping3s/sendip_handler.c hping3.work/sendip_handler.c
+         --- hping3s/sendip_handler.c        2003-09-01 02:22:06.000000000 +0200
+         +++ hping3.work/sendip_handler.c   2007-05-29 11:03:07.000000000 +0200
+         @@ -19,7 +19,7 @@
+          {
+                 ip_optlen = ip_opt_build(ip_opt);
+          
+         -       if (!opt_fragment && (size+ip_optlen+20 >= h_if_mtu))
+         +       if (!opt_fragment && (size+ip_optlen+20 > h_if_mtu))
+                 {
+                         /* auto-activate fragmentation */
+                         virtual_mtu = h_if_mtu-20;
+ 
+ ----
+ *Bug Report:* hping2 and hping3 accepts ICMP error messages which are not meant for it. (oliver dot stampfli at epfl dot ch)
+ 
+ OS: any
+ Hping version: any 
+ GCC: any
+ Tcl/Tk any
+ 
+ When you do with a host H a 'traceroute H' and a 'hping -A -p 22 -fast -q H' at the same time then hping wrongly takes
+ the ICMP ttl exceeded messages meant for traceroute for its own.
+ The problem is that hping machtes these ICMP packets only on the IP addresses and not on other criterias.
+ 
+ From `waitpacket.c` in method `recv_icmp`:
+         /* ------------------------------------ *
+ 	 * ICMP DEST UNREACHABLE, TIME EXCEEDED *
+ 	 * ------------------------------------ */
+ 	else if (icmp.type == 3 || icmp.type == 11) {
+ 		if ((size - ICMPHDR_SIZE) < sizeof(struct myiphdr)) {
+ 			printf("[|icmp quoted ip]\n");
+ 			return 0;
+ 		}
+ 		memcpy(&quoted_ip, packet+ICMPHDR_SIZE, sizeof(quoted_ip));
+ 		if (memcmp(&quoted_ip.daddr, &remote.sin_addr,
+ 			sizeof(quoted_ip.daddr)) ||
+ 		    memcmp(&ip.daddr, &local.sin_addr, sizeof(ip.daddr)))
+ 			return 0; /* addresses don't match */
+ 		/* Now we can handle the specific type */
+ 		switch(icmp.type) {
+ 		case 3:
+ 			if (!opt_quiet)
+ 				log_icmp_unreach(inet_ntoa(src), icmp.code);
+ 			return 1;
+ 		case 11:
+ 			if (opt_traceroute)
+ 				log_traceroute(packet, size, icmp.code);
+ 			else
+ 				log_icmp_timeexc(inet_ntoa(src), icmp.code);
+ 			return 1;
+ 		}
+         }
+ 
+ I don't know if this problem exists also for different packet types but it is very likely.
+ I think this is not too hard to fix:
+ -> if src_id != -1 then compare the src_id with &quoted_ip.id
+ -> if src_id == -1 then you would have to have saved the ids of your previous sent packets (because they were random) and compare &quoted_ip.id to them.
+ 
+ Note that this would not entirely fix the problem because (in this case) traceroute could use the same id numbers by accident but this is not very likely.
+ BEWARE of including a fix signature in the data part and mark all packets from hping this way to can easily recognize them because IDSs and Firewalls could then recognize them too.
+ 
+ Any discussion on this is appreciated... please write me an e-mail.
+ 
+ 
+ ----
  Bug Report: hping2 uses 127.0.0.1 for its source IP for all packets. (erickson at netapp.com)
  
  OS: 2.6.11-1.27_FC3smp
...
  all the source IPs are the loopback IP.
  
  
+ ----
+ *Bug Report:* Hping2-rc3 ALWAYS dies on OS X on Intel Processors with: "\[send_ip\] sendto: Invalid argument" (nathan dot stocks at gmail dot com)
  
+ `Fix is documented here: [link http://lists.apple.com/archives/macnetworkprog/2006/Jun/msg00049.html]`
  
- *Bug Report: Hping3s compile error: ../hping3s/main.c:186: undefined reference to `hping_script' (zarxcky, z4rxcky AT inbox DOT com)
+ *OS:* OS X 10.4 on Intel
  
+ *Hping:* 2.0.0-rc3
+ 
+ *GCC:* i686-apple-darwin8-gcc-4.0.1 (GCC) 4.0.1 (Apple Computer, Inc. build 5363)
+ 
+ *TCL:* 8.4.12
+ 
+ Walking through the fix (documented at the link above), here are the specific patches that need to be applied to hping2-rc3 to make it work on OS X 10.4 on Intel processors:
+ 
+  --- libpcap_stuff.c.org 2006-01-23 17:58:11.000000000 +0100
+  +++ libpcap_stuff.c     2006-01-23 17:58:46.000000000 +0100
+  @@ -16,8 +16,8 @@
+   #include <string.h>
+   #include <stdlib.h>
+   #include <sys/ioctl.h>
+  -#include <pcap.h>
+   #include <net/bpf.h>
+  +#include <pcap.h>
+   
+   #include "globals.h"
+  
+ 
+  --- ars.c.orig  2006-11-20 13:20:01.000000000 -0700
+  +++ ars.c       2006-11-20 13:20:46.000000000 -0700
+  @@ -830,7 +830,7 @@
+                  return -ARS_INVALID;
+          }
+          ip = (struct ars_iphdr*) packet;
+  -#if defined OSTYPE_FREEBSD || defined OSTYPE_NETBSD || defined OSTYPE_BSDI
+  +#if defined OSTYPE_DARWIN || defined  OSTYPE_FREEBSD || defined OSTYPE_NETBSD || defined OSTYPE_BSDI
+          ip->tot_len = ntohs(ip->tot_len);
+          ip->frag_off = ntohs(ip->frag_off);
+   #endif
+ 
+ 
+ 
+  --- sendip.c.orig       2006-11-20 13:23:28.000000000 -0700
+  +++ sendip.c    2006-11-20 13:23:05.000000000 -0700
+  @@ -48,7 +48,8 @@
+          ip->ihl         = (IPHDR_SIZE + optlen + 3) >> 2;
+          ip->tos         = ip_tos;
+   
+  -#if defined OSTYPE_FREEBSD || defined OSTYPE_NETBSD || defined OSTYPE_BSDI
+  +#if defined OSTYPE_DARWIN || defined OSTYPE_FREEBSD || defined OSTYPE_NETBSD || defined OSTYPE_BSDI
+  +/* OS X */
+   /* FreeBSD */
+   /* NetBSD */
+          ip->tot_len     = packetsize;
+  @@ -73,7 +74,8 @@
+                          htons((unsigned short) src_id);
+          }
+   
+  -#if defined OSTYPE_FREEBSD || defined OSTYPE_NETBSD | defined OSTYPE_BSDI
+  +#if defined OSTYPE_DARWIN || defined OSTYPE_FREEBSD || defined OSTYPE_NETBSD | defined OSTYPE_BSDI
+  +/* OS X */
+   /* FreeBSD */
+   /* NetBSD */
+          ip->frag_off    |= more_fragments;
+ 
+ 
+ 
+ ----
+ 
+ *Bug Report: Hping3s compile error: ../hping3s/main.c:186: undefined reference to 'hping_script' (zarxcky, z4rxcky AT inbox DOT com)
+ 
  OS: Suse Linux Pro 9.3
  
  Hping version: Hping3s
...
  
  ./configure does not give any problem, but when trying to run make, there is 1 error which is stated below:
  
- main.o(.text+0x52): In function `main':
- ../../hping3s/main.c:186: undefined reference to `hping_script'
+ main.o(.text+0x52): In function 'main':
+ ../../hping3s/main.c:186: undefined reference to 'hping_script'
  collect2: ld returned 1 exit status
  make: *** [hping3] Error 1
  
...
  So far look like nobody else get the same error as I got. Any ideas?
  
+ {*Solution1:*}
+ {`I was getting the exact same error when trying to compile the source.`}
+ {`I had to do a 'make strip' before 'make' for hping to compile successfully.`}
  
+ {*Solution2:*}
+ I had to do a {'make clean'} before 'make' for hping to compile successfully.
  
+ *Solution3:* [mekanik]
+ 
+ I had to remove the following list of files and then rerun "*./configure && make*" for hping to compile successfully with TCL support.
+  -rw-r--r--  1 root     root     20020 Feb 19 03:04 rapd.o
+  -rw-r--r--  1 root     root     16996 Feb 19 03:04 split.o
+  -rw-r--r--  1 root     root     43840 Feb 19 03:04 apd.o
+  -rw-r--r--  1 root     root     27540 Feb 19 03:04 ars.o
+  -rw-r--r--  1 root     root     19172 Feb 19 03:04 scan.o
+  -rw-r--r--  1 root     root      5044 Feb 19 03:04 arsglue.o
+  -rw-r--r--  1 root     root      8840 Feb 19 03:04 send.o
+  -rw-r--r--  1 root     root      4684 Feb 19 03:04 sendrawip.o
+  -rw-r--r--  1 root     root      6684 Feb 19 03:04 display_ipopt.o
+  -rw-r--r--  1 root     root      5620 Feb 19 03:04 ip_opt_build.o
+  -rw-r--r--  1 root     root      6324 Feb 19 03:04 libpcap_stuff.o
+  -rw-r--r--  1 root     root      6496 Feb 19 03:04 sendip_handler.o
+  -rw-r--r--  1 root     root      4712 Feb 19 03:04 relid.o
+  -rw-r--r--  1 root     root      6968 Feb 19 03:04 rtt.o
+  -rw-r--r--  1 root     root      5708 Feb 19 03:04 sendhcmp.o
+  -rw-r--r--  1 root     root      6516 Feb 19 03:04 listen.o
+  -rw-r--r--  1 root     root      4556 Feb 19 03:04 version.o
+  -rw-r--r--  1 root     root      5788 Feb 19 03:04 statistics.o
+  -rw-r--r--  1 root     root      4504 Feb 19 03:04 cksum.o
+  -rw-r--r--  1 root     root      8344 Feb 19 03:04 sendtcp.o
+  -rw-r--r--  1 root     root      6944 Feb 19 03:04 sendudp.o
+  -rw-r--r--  1 root     root     11872 Feb 19 03:04 sendicmp.o
+  -rw-r--r--  1 root     root      8272 Feb 19 03:04 sendip.o
+  -rw-r--r--  1 root     root     23604 Feb 19 03:04 waitpacket.o
+  -rw-r--r--  1 root     root      6528 Feb 19 03:04 logicmp.o
+  -rw-r--r--  1 root     root      5268 Feb 19 03:04 binding.o
+  -rw-r--r--  1 root     root      5332 Feb 19 03:04 datahandler.o
+  -rw-r--r--  1 root     root      5936 Feb 19 03:04 datafiller.o
+  -rw-r--r--  1 root     root     26008 Feb 19 03:04 parseoptions.o
+  -rw-r--r--  1 root     root      6624 Feb 19 03:04 getlhs.o
+  -rw-r--r--  1 root     root      9932 Feb 19 03:04 getifname.o
+  -rw-r--r--  1 root     root     21200 Feb 19 03:04 main.o
+  -rw-r--r--  1 root     root        86 Feb 19 03:04 systype.h
+  -rw-r--r--  1 root     root      2460 Feb 19 03:04 Makefile
+  -rw-r--r--  1 root     root       177 Feb 19 03:04 byteorder.h
+  -rwxr-xr-x  1 root     root      5458 Feb 19 03:04 byteorder
+ ----
+ 
  *Bug Report: Hping3 does not compile on Solaris 8* (Jim Halfpenny, jim AT watersheep DOT org)
  
  OS: SunOS 5.8 Generic_108528-13 sun4u sparc
...
  -> TCL: 8.5
  -> LIBPCAP: 0.8.3
  
+ 
  This isn't really a bug..more of an incompatibility which can be resolved using the below 
  steps. I didn't find any directions on this site as to which version of TCL should be used
  or is supported.
...
  -> Libpcap 0.9.3
  Error message:
   error: net/bpf.h: No such file or directory
- In last version of libpcap, net/bpf.h has moved to pcap-bpf.h and this file is automatically
- included in pcap.h. So just not include it...
+ In last version of libpcap, net/bpf.h has been moved to pcap-bpf.h and it's automatically
+ included in pcap.h. So net/bpf.h shouldn't be included anymore...
  Patch:
+ 
   --- hping3s/script.c.orig       2005-09-12 00:52:35.000000000 +0200
   +++ hping3s/script.c    2005-09-12 00:53:00.000000000 +0200
   @@ -24,7 +24,6 @@
...
  
  
  
+ *bold* Alternatively:
+     mkdir /usr/local/include/net/
+     ln -sf /usr/include/pcap-bpf.h /usr/local/include/net/bpf.h
  
+ ----
+ 
+ ===Checksum of returned packet===
+ 
+ Hi,
+ 
+ in waitpacket.c
+ the checksum of the `returned` packet (= not the one `generated` by hping2-rc3) is reported not correctly in verbose mode. It should take the bytes the other way round, shouldn't it. The following diff provides me with results that are at least identical to what ethereal tells me.
+ 
+ See waitpacket.c.diff attached below.
+ 
+ Bye, bye,
+ 
+ Juergen
+ 
+ 
+ ----
+ 
+ ===SIGSEGV with hping2-rc3===
+ 
+ here it is - a trivial patch
+ to avoid SIGSEGV on 
+ a rare occasion.
+ 
+ diff -Nurp datafiller.c.orig datafiller.c > datafiller.c.diff
+ 
+ Bye, bye,
+ 
+ Juergen
+ 
+ 
+ ----
+ 
+ ===Error in configure script===
+ (Tue Oct 31 00:32:13 CET 2006)
+ 
+ In ping3-20051105, the configure script states in line 96:
+  echo "==> WARNING: no Tcl header files found!"
+ 
+ which should be:
+  echo "==> WARNING: no Tcl header files found."
+ 
+ because the former one results in:
+  ./configure: line 96: !": event not found
+ 
+ with me.
+ 
+ ----
+ OS: OSX 10.4.8
+ 
+ I know it is mostly tested with Linux, but I figured what the heck???
+ 
+ 
+ 
+  gcc -c -O2 -Wall   -DUSE_TCL -g  main.c
+  gcc -c -O2 -Wall   -DUSE_TCL -g  getifname.c
+  getifname.c: In function 'get_output_if':
+  getifname.c:343: warning: pointer targets in passing argument 3 of 'getsockname' differ in signedness
+  gcc -c -O2 -Wall   -DUSE_TCL -g  getlhs.c
+  gcc -c -O2 -Wall   -DUSE_TCL -g  parseoptions.c
+  gcc -c -O2 -Wall   -DUSE_TCL -g  datafiller.c
+  gcc -c -O2 -Wall   -DUSE_TCL -g  datahandler.c
+  gcc -c -O2 -Wall   -DUSE_TCL -g  binding.c
+  gcc -c -O2 -Wall   -DUSE_TCL -g  logicmp.c
+  gcc -c -O2 -Wall   -DUSE_TCL -g  waitpacket.c
+  gcc -c -O2 -Wall   -DUSE_TCL -g  sendip.c
+  gcc -c -O2 -Wall   -DUSE_TCL -g  sendicmp.c
+  gcc -c -O2 -Wall   -DUSE_TCL -g  sendudp.c
+  gcc -c -O2 -Wall   -DUSE_TCL -g  sendtcp.c
+  gcc -c -O2 -Wall   -DUSE_TCL -g  cksum.c
+  gcc -c -O2 -Wall   -DUSE_TCL -g  statistics.c
+  gcc -c -O2 -Wall   -DUSE_TCL -g  version.c
+  gcc -c -O2 -Wall   -DUSE_TCL -g  listen.c
+  gcc -c -O2 -Wall   -DUSE_TCL -g  sendhcmp.c
+  gcc -c -O2 -Wall   -DUSE_TCL -g  rtt.c
+  gcc -c -O2 -Wall   -DUSE_TCL -g  relid.c
+  gcc -c -O2 -Wall   -DUSE_TCL -g  sendip_handler.c
+  gcc -c -O2 -Wall   -DUSE_TCL -g  libpcap_stuff.c
+  In file included from libpcap_stuff.c:20:
+  /usr/include/net/bpf.h:93: error: redefinition of 'struct bpf_program'
+  /usr/include/net/bpf.h:118: error: redefinition of 'struct bpf_version'
+  /usr/include/net/bpf.h:321: error: redefinition of 'struct bpf_insn'
+  libpcap_stuff.c: In function 'pcap_recv':
+  libpcap_stuff.c:61: warning: pointer targets in assignment differ in signedness
+  make: *** [libpcap_stuff.o] Error 1
+ 
+ 
+ 
+ so it all compiles except the libpcap_stuff.c (obviously).  I am too lazy to figure out why....maybe someone else is motivated enough??? :)
+ 
+ tyler
+ 
+ 
+ This is because some stuff is in pcap-bpf.h AND net/bpf.h IF you have installed libpcap with *fink* (not sure about other setups).
+ A dirty workaround that helped me, was to remove 
+  #include <net/bpf.h> 
+ from the sript.c and libpcap-stuff.c (see sxav comment above).
+ This still leads to a compile error, because pcap.h dont defines a needed constant called  BIOCIMMEDIATE.
+ This can be solved easy by copying the needed constant from net/bpf.h 
+  #define BIOCIMMEDIATE  _IOW('B',112, u_int)
+ now you should be able to compile and run hping3.
+ 
+ `I just wrote this in case other osx users run over the issue. Im not sure how to fix this the "correct way" in the cvs, so i dont change anything.`
+ 
+ `As I am a non-native english speaker, can someone please correct typos, thanks.`
+ 
+ 
+ hanfi
+ 
+ 
+ -------------------------------------
+ 
+ OpenSuSE 10.2 has problems compiling hping 3 with gcc 4.1.2 20061115 (prerelease) (SUSE Linux), tcl-8.4.14-11.  Here are patches that worked for me.
+ 
+  *** Makefile-orig       Wed Aug 22 10:40:02 2007
+  --- Makefile    Wed Aug 22 10:40:17 2007
+  ***************
+  *** 50,56 ****
+          $(RANLIB) $@
+ 
+    hping3: byteorder.h $(OBJ)
+  !       $(CC) -o hping3 $(CCOPT) $(DEBUG) $(OBJ) -L/usr/local/lib $(PCAP)  -ltcl -lm -lpthread
+          @echo
+          ./hping3 -v
+          @echo "use \`make strip' to strip hping3 binary"
+  --- 50,56 ----
+          $(RANLIB) $@
+ 
+    hping3: byteorder.h $(OBJ)
+  !       $(CC) -o hping3 $(CCOPT) $(DEBUG) $(OBJ) -L/usr/local/lib $(PCAP)  -ltcl8.4 -lm -lpthread
+          @echo
+          ./hping3 -v
+          @echo "use \`make strip' to strip hping3 binary"
+  *** bytesex.h-orig      Wed Aug 22 10:43:57 2007
+  --- bytesex.h   Wed Aug 22 10:43:59 2007
+  ***************
+  *** 9,14 ****
+  --- 9,15 ----
+ 
+    #if   defined(__i386__) \
+          || defined(__alpha__) \
+  +       || defined(__x86_64) \
+          || (defined(__mips__) && (defined(MIPSEL) || defined (__MIPSEL__)))
+    #define BYTE_ORDER_LITTLE_ENDIAN
+    #elif         defined(__mc68000__) \
+  *** libpcap_stuff.c-orig        Wed Aug 22 10:38:06 2007
+  --- libpcap_stuff.c     Wed Aug 22 10:38:26 2007
+  ***************
+  *** 17,23 ****
+    #include <stdlib.h>
+    #include <sys/ioctl.h>
+    #include <pcap.h>
+  ! #include <net/bpf.h>
+ 
+    #include "globals.h"
+ 
+  --- 17,23 ----
+    #include <stdlib.h>
+    #include <sys/ioctl.h>
+    #include <pcap.h>
+  ! #include <pcap-bpf.h>
+ 
+    #include "globals.h"
+ 
+  *** script.c-orig       Wed Aug 22 10:38:46 2007
+  --- script.c    Wed Aug 22 10:39:23 2007
+  ***************
+  *** 24,30 ****
+ 
+    #include <sys/ioctl.h>
+    #include <pcap.h>
+  ! #include <net/bpf.h>
+ 
+    #include "release.h"
+    #include "hping2.h"
+  --- 24,30 ----
+ 
+    #include <sys/ioctl.h>
+    #include <pcap.h>
+  ! #include <pcap-bpf.h>
+ 
+    #include "release.h"
+    #include "hping2.h"
+ 
+ -------------------------------------
+ 
  

The following is the old page content