CHANGES (10904B)
1 v1.47 2 3 o Fix "no VLAN support for XXX"-related problems 4 5 o Fix truncated/garbled output (e.g. SIP over SLL/Linux cooked sockets) 6 7 o Change exit behavior to match BSD & GNU grep (see manpage) 8 9 o Add Solaris IPnet support 10 11 o Update to use 32bit values where relevant 12 13 o Emit frame # in header, useful for reference/analysis 14 15 o Emit total received, matched upon exit (dropped unreliable PCAP stats) 16 17 o Import debian patches related to autotools, manpage, and compilation 18 on other platforms 19 20 o Fix build clean/distclean when not linked against provided GNU regex 21 22 o Fix build --enable/--disable flag processing 23 24 o Fix building under MS VS2012 / Win32 25 26 o Update to latest autotools (2017) 27 28 v1.46.1 29 30 o actual bugfix for the VLAN parsing issue. prior version 1.46 expanded 31 the BPF filter to include IPv4/6 traffic, but the offset calculation 32 forgot to account for the variable presence of VLAN headers. now 33 ngrep detects VLAN frames in every packet and adjusts the offset on 34 the fly. 35 36 v1.46 37 38 o configure.in: re-organized, in part to sync with downstream patches 39 (which were never sent upstream) 40 41 o configure.in: removed included PCRE library, now builds against system 42 version when specified (default is included GNU Regex) 43 44 o configure.in: fixed duplicate PCAP header check, which broke with the 45 release of libpcap 1.0 46 47 o configure.in: prefixed all tack-on autoconf variables from _FOO -> EXTRA_FOO 48 49 o Makefile.in: capitulated to Debian: use tar.gz instead of tar.bz2 :-( 50 51 o ngrep.c: Call setlocale to make isprint() work based on current 52 locale. See https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=307496++ 53 54 o include tcpkill functionality (-K), a long-standing downstream patch 55 under Debian 56 57 o updated to latest autoconf 58 59 o updated copyrights to 2014 60 61 v1.45 62 63 o fixed bug where setting the snaplen smaller than the minimum 64 necessary to read the full headres would cause garbage to be 65 fed into the pattern matcher 66 67 o fixed unreported bug in IPv6/TCP packet length calculation 68 69 o relocated the privilege-dropping routine to be invoked right 70 before entering the packet processing loop, to prevent 71 interference with necessary permissions to read or write 72 dumpfiles/etc. 73 74 o fixed integer overflow with the snaplen that resulted from 75 an implicit signed/unsigned conversion 76 77 o minor change to compensate for some broken compiler 78 optimizers 79 80 o fixed double-free race condition during ngrep termination 81 82 o reworked packet length calculation in the main processing 83 loop, improving performance and readability 84 85 o simplified regex build logic in configure and Makefile 86 87 o updated Win32 version to use config.h for preprocessor 88 definitions instead of the Visual Studio project files, 89 making manual tweaking and config of ngrep for Win32 90 consistent with *NIX and more obvious 91 92 o changed third-party Makefiles to properly clean up after 93 themselves 94 95 o added support for radiotap (IEEE802_11_RADIO) 96 97 o changed ``-s 0'' invocation to mimic the equivalent of tcpdump 98 99 v1.44 100 o added post-config section to configure: emit important 101 config option settings that weren't previously indicated 102 103 o for BSD platforms, only emit pcap_restart warning from 104 configure if ``--disable-pcap-restart'' hasn't been 105 specified 106 107 o added IPv6 and ICMPv6 support (all platforms); disabled by 108 default for common case where libpcap wasn't compiled with 109 IPv6 support 110 111 o added support for displaying protocol number (``-N''), 112 useful for when observing raw packets 113 114 o added support for new display method ``single'', similar to 115 ``byline'' but both header and data occupy one single line 116 117 o introduced multiple levels of quiet (``-q''); the more it is 118 specified the more quiet ngrep becomes 119 120 o reorganization of some internal support headers and core 121 code to eliminate redundancy, improve readability and 122 efficiency, and support new features 123 124 o changed all integer types to be bit- and sign-explicit 125 126 v1.43 127 o healed the win32 code fork: ngrep now builds from the same 128 source tree for all platforms including Windows 129 130 o re-wrote the privilege revocation logic after problems were 131 reported with the SPC version, and removed non-root 132 drop_privs capability altogether 133 134 o fix off-by-one bug which caused ngrep to exit 1 packet early 135 when ``-A'' as invoked 136 137 o Fixed problematic configtest for old broken-redhat-glibc UDP 138 header 139 140 o ngrep now sets a pcap filter "ip" by default, if one is not 141 specified 142 143 o header offset fix to 802.11 processing 144 145 o support IGMP and Raw (unknown IP protocol) type packets 146 147 o support for latest versions of libpcap (0.8.3) and winpcap 148 (3.1 beta 4) 149 150 o updated configure to autoconf 2.59, and config.guess and 151 config.sub to latest versions 152 153 o updated PCRE from 3.4 to 5.0 154 155 o and various minor changes and updates to improve ngrep 156 157 v1.42 158 o rewrote the entire configure.in/config.h.in to autoconf 2.57 159 to be more consistent with normal autoconf'd programs. 160 corrects bugs around packaging impediments and typos 161 162 o improved privilege dropping code and added more options to 163 configure to govern its behaviour 164 165 o added flag to turn off privilege revocation logic 166 167 o added multiline match as default and ability to enforce 168 previous default single-line match (bugfix + feature) 169 170 o added ability to read bpf filter expression from file 171 172 o added ability to force the column width to a certain size 173 174 o added two new output modes: ``byline'', whose output 175 respects embedded carriage returns (useful for http dumps), 176 and ``none'', which prints out each dump as a single line no 177 matter what 178 179 o added ability to specify alternate nonprintable character 180 (default is ``.'') 181 182 o made ``-q'' effects more consistent and usable for scenarios 183 where ``-I'' and/or ``-O'' are being employed 184 185 o documentation updated 186 187 v1.41 188 o added -S (set limitlen) 189 o added LOOP and SLL tests for portability/old libpcap'en 190 o added configure --safe-user and dropprivs code 191 o added TCP ECN congestion header recognition 192 o improved support for a few OSes 193 o relaxed some restrictions in the license (COPYRIGHT -> LICENSE) 194 o 802.11 support 195 196 v1.40.1 197 o MacOS X support 198 o ISDN (SLL) support 199 o OpenBSD tun device support 200 o updated configure.in to support specifying pcap directory 201 o updated config.sub and config.guess 202 o added scripts/multi.pl, parallel ngrep perl script 203 o very minor change to documentation 204 205 v1.40 206 o license change, amends the BSD advertising clause 207 o fixed bug from not considering caplen in payload length 208 calculations 209 o added -s (set bpf caplen) 210 o fixed header include for linux glibc 2.2 (time.h wasn't 211 being included) 212 213 v1.39.2 214 o typographical error, -p works now 215 216 v1.39.1 217 o added in AIX includes 218 o added BSD* includes for display updates 219 o added -p (don't go into promiscuous mode) 220 221 v1.39 222 o in standard match mode, the display now updates when window 223 sizes change 224 o configure now gives the user the option to compile with the 225 pcre library, which is more license-friendly (albeit slower) 226 o fixed minor bug in date printing with -t 227 o added configure option '--without-restart', which will 228 remove the pcap restart API call. Newer versions of libpcap 229 don't need it, and on certain platforms the API call 230 segfaults 231 o win32: compiled with winpcap's pcap.h, which apparently 232 breaks the pcap standard and introduces its own data link 233 layer types. fixes the 'unsupported interface' error folks 234 sometimes got when used with a 100bT adapter 235 236 v1.38 237 o binary matching 238 o windows compilation support 239 o 64-bit clean patch to regex.c 240 o dump and replay pcap_dump files 241 o officially licensed under the BSD license 242 o normal and diff/delta timestamps 243 244 v1.37 245 o added FDDI support 246 247 v1.36 248 o added -l (line buffer stdout) 249 o a few optimizations were made to shave off some cpu cycles 250 spent on processing each packet 251 o fixed bug where the blank regex algorithm wasn't even being 252 used 253 o fixed bug in blank regex algorithm that was preventing '-n' 254 from working 255 o change to compile on LinuxPPC 256 o change to nix potential warnings on other OSes 257 o change to not exit if pcap_lookupnet fails 258 259 v1.35 260 o appears that the release of 1.34 had only one of the 261 match optimizations: somehow only the tcp match was updated; 262 udp change was omitted. fixed 263 o moved -v (version) to -V 264 o added -v (grep -v), invert match 265 o added -d lo (null linktype) 266 o added ability to match proto icmp 267 o updated configure.in to handle old installations of pcap 268 more gracefully (i.e. continue on by adding the necessary 269 defines and just gripe) 270 271 v1.34 272 o merged in patch from Andrew W. Flury <aflury@nas.nasa.gov> 273 for hex printing, made minor modification to patch to not 274 print off the end of the buffer 275 o added an optimization for the case where no regex was 276 specified; should account for a little speed up 277 278 v1.33 279 o fragment changes, this should be it 280 281 v1.32 282 o switched around regex -w/-i logic 283 o fragment bugfixes 284 285 v1.31 286 o added -A (match after) 287 o Makefile.in changes 288 o configure.in changes for solaris 289 o added manpage (ngrep.8) 290 291 v1.30 292 293 o bugfix: wasn't malloc'ing enough for word_regex 294 o bugfix: case-insensitive was tolower()ing the word_regex 295 itself 296 297 v1.29 298 299 o added -e (show empty) 300 o one or two safe, preemptive changes catching possible int 301 overflows 302 303 v1.28 304 305 o added -n 306 o no required arguments anymore 307 o regex's are not required anymore, can just be bpf logic 308 o probably a bugfix or two