[[tutorial:1.0.1]]
 
Trace: 1.0.1
You are here: xplico » tutorial » 1.0.1

Step by Step Xplico 1.0.1 Installation

sudo su -
apt-get install tcpdump tshark apache2 php5 php5-sqlite build-essential perl libzip-dev libpcap-dev libsqlite3-dev php5-cli libapache2-mod-php5  libx11-dev libxt-dev libxaw7-dev python3.2 python3-httplib2 sqlite3 recode sox lame libnet1 libnet1-dev libmysqlclient-dev binfmt-support libssl-dev
mkdir xbuild
cd xbuild

Download (from svn) and compile nDPI library: 

svn co https://svn.ntop.org/svn/ntop/trunk/nDPI
cd nDPI
./configure --with-pic
make
cd ..

Download Xplico source code from SorceForge 

tar zxvf xplico-1.0.x.tgz

wget http://geolite.maxmind.com/download/geoip/api/c/GeoIP-1.4.8.tar.gz 
tar zxvf GeoIP-1.4.8.tar.gz 

cd GeoIP-1.4.8
libtoolize -f
./configure
make

cd ..
rm -f *.tar.gz

cd xplico
wget http://geolite.maxmind.com/download/geoip/database/GeoLiteCity.dat.gz
gzip -d GeoLiteCity.dat.gz
rm -f *dat.gz
make

cd ..
wget http://mirror.cs.wisc.edu/pub/mirrors/ghost/GPL/ghostpdl/ghostpdl-8.70.tar.bz2
tar jxvf ghostpdl-8.70.tar.bz2

The ghostpcl contains the pcl6 application that it is necessary to “network printer job” 

rm -f *.bz2
cd ghostpdl-8.70
make

Wait for some time 

cd ..
cp ghostpdl-8.70/main/obj/pcl6 xplico-1.0.x
rm -rf ghostpdl-8.70

Download videosnarf from http://ucsniff.sourceforge.net/videosnarf.html. Note for 64 bits architectures: Some codec libraries are proprietary and are only for 32bits architecture. The only solution in this case is this: http://forum.xplico.org/viewtopic.php?p=453#p453 

wget http://downloads.sourceforge.net/project/ucsniff/videosnarf/videosnarf-0.63.tar.gz
tar xvzf videosnarf-0.63.tar.gz
cd videosnarf-0.63
./configure
make
cd ..
cp videosnarf-0.63/src/videosnarf xplico-1.0.x

If you want update your DB without lose your data the steps to follow are here.

Install Xplico 

cd xplico-1.0.x
make install

Copy Apache configuration file 

cp /opt/xplico/cfg/apache_xi /etc/apache2/sites-enabled/xplico

After this we have to change Apache ports file to add port of XI. Then, in /etc/apache2/ports.conf add: 

# xplico Host port
NameVirtualHost *:9876
Listen 9876

The directory /opt/xplico/cfg must be read/write for Apache webserver.
We must also modify the php.ini file to allow uploads (pcap) files. Edit /etc/php5/apache2/php.ini. 

The lines to modify are:
post_max_size = 100M
upload_max_filesize = 100M

Enable mode rewrite in Apache: 

a2enmod rewrite

And finally restart Apache: 

/etc/init.d/apache2 restart

Run Xplico with web interface: 

/opt/xplico/script/sqlite_demo.sh
 
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution 4.0 International
Recent changes RSS feed Donate Powered by PHP Valid XHTML 1.0 Valid CSS Driven by DokuWiki