Merge branch 'master' of github.com:radiolover/packet-agent

softwarelanguagebs · Jan 18, 2019 · 97670b9 · 97670b9
2 parents 4946e3e + 667ce20
commit 97670b9
Show file tree

Hide file tree

Showing 3 changed files with 39 additions and 11 deletions.
diff --git a/README-zh-Hans.md b/README-zh-Hans.md
@@ -48,6 +48,27 @@ rpm -ivh netis-packet-agent-0.3.1.el6.x86_64.rpm
 ** 如果安装过程中提示libboost库的版本号不正确，请下载安装boost_1_59_0或者之后的版本。如果问题依然无法解决，可以尝试从源代码直接编译安装。<br/>
 ** 现在仅支持 CentOS 6/7版本和RedHat 7版本
 
+#### Windows 7/8/10 x64
+1. 下载并安装[WinPcap](https://www.winpcap.org/install/bin/WinPcap_4_1_3.exe)
+2. 下载并安装[Microsoft Visual C++ Redistributable for Visual Studio 2017 x64](https://aka.ms/vs/15/release/vc_redist.x64.exe)
+3. 从zip文件解压pktminerg和其他utilities，并在命令行界面运行（需管理员模式）.
+
+备注：在Windows平台运行时，命令的interface选项参数需要使用网卡的NT Device Name，形如"\Device\UPF_{UUID}"。可使用如下命令获取
+```
+    C:\> getmac /fo csv /v 
+    "Connection Name","Network Adapter","Physical Address","Transport Name" 
+    "Ethernet","Intel(R) Ethernet Connection (4) I219-V","8C-16-45-6B-53-B5","\Device\Tcpip_{4C25EA92-09DF-4FD3-A8B3-1B68E57443E2}" 
+```
+将Transport Name字段里的"Tcpip_"替换为"NPF_"，作为-i参数：
+```
+    \Device\NPF_{4C25EA92-09DF-4FD3-A8B3-1B68E57443E2} 
+```
+使用示例：
+```
+    C:\> pktminerg -i \Device\NPF_{4C25EA92-09DF-4FD3-A8B3-1B68E57443E2} -r 172.24.103.201 
+    C:\> gredump -i \Device\NPF_{4C25EA92-09DF-4FD3-A8B3-1B68E57443E2} -o capture.pcap
+```
+
 
 ### 使用 
 ```bash

diff --git a/README.md b/README.md
@@ -54,6 +54,24 @@ Remarks: Now only support CentOS 6/7, RedHat 7, SUSE 12.
 2. Download and Install [Microsoft Visual C++ Redistributable for Visual Studio 2017 x64](https://aka.ms/vs/15/release/vc_redist.x64.exe).
 3. Extract pktminerg and other utilities from zip,  and run it in cmd in Administrator Mode.
 
+Note: On Windows platform, you must use NIC's NT Device Name with format "\Device\NPF_{UUID}" as interface param. You can get it with following command: 
+```
+    C:\> getmac /fo csv /v 
+    "Connection Name","Network Adapter","Physical Address","Transport Name" 
+    "Ethernet","Intel(R) Ethernet Connection (4) I219-V","8C-16-45-6B-53-B5","\Device\Tcpip_{4C25EA92-09DF-4FD3-A8B3-1B68E57443E2}" 
+``` 
+Take last field(Transport Name) and replace "Tcpip_" with "NPF_" as follow, then you can get interface param of Windows. 
+```
+    \Device\NPF_{4C25EA92-09DF-4FD3-A8B3-1B68E57443E2} 
+``` 
+Use example:
+```
+    C:\> pktminerg -i \Device\NPF_{4C25EA92-09DF-4FD3-A8B3-1B68E57443E2} -r 172.24.103.201 
+    C:\> gredump -i \Device\NPF_{4C25EA92-09DF-4FD3-A8B3-1B68E57443E2} -o capture.pcap
+```
+
+
+<br>
 
 ### Usage
 ```bash

diff --git a/USAGE.md b/USAGE.md
@@ -36,17 +36,6 @@ Allowed options:
 * interface<br>
 Network interface to capture packets (eth0, eth1...). Required in live mode.
 <br>
-On Windows platform, you must use NIC's NT Device Name with format "\Device\NPF_{UUID}", you can get it with following command: 
-```
-    C:\> getmac /fo csv /v 
-    "Connection Name","Network Adapter","Physical Address","Transport Name" 
-    "Ethernet","Intel(R) Ethernet Connection (4) I219-V","8C-16-45-6B-53-B5","\Device\Tcpip_{4C25EA92-09DF-4FD3-A8B3-1B68E57443E2}" 
-``` 
-Take last field(Transport Name) and replace "Tcpip_" with "NPF_" as follow, then you can get interface param of Windows. 
-```
-    \Device\NPF_{4C25EA92-09DF-4FD3-A8B3-1B68E57443E2} 
-``` 
-<br>
 
 * remoteip, keybit<br>
 Parameters of GRE channel: