tcpflow-1.6.1.tar.gz: tcpflow-1.6.1/ChangeLog

"Fossies" - the Fresh Open Source Software Archive

Member "tcpflow-1.6.1/ChangeLog" (19 Feb 2021, 25986 Bytes) of package /linux/misc/tcpflow-1.6.1.tar.gz:

As a special service "Fossies" has tried to format the requested text file into HTML format (style: standard) with prefixed line numbers. Alternatively you can here view or download the uninterpreted source code file. See also the latest Fossies "Diffs" side-by-side code changes report for "ChangeLog":

1.5.0_vs_1.6.1.

A hint: This file contains one or more very long lines, so maybe it is better readable using the pure text view mode that shows the contents as wrapped lines within the browser window.

1 2018-11-18 Simson Garfinkel <simsong@acm.org> 2 * updated for pcap_findalldevs 3 * added -Wno-address-of-packed-member to avoid error 4 5 2017-07-12 Simson Garfinkel <simsong@acm.org> 6 * updated to work with Fedora 26 compilers 7 * Found bug in sbuf.cpp 8 * Fixed C++ warnings in hash 9 * Now works with OpenSSL 1.1.0f-fips 25 May 2017 10 11 2014-02-24 Man Page <simsong@mncrnpsedu.local> 12 13 * src/tcpflow.cpp (main): alternating color output option changed from -J to -g 14 15 2013-12-06 Basic <simsong@ncr.nps.edu> 16 17 * configure.ac: upped version number to 1.4.3 18 19 * tests/test-multifile.sh (OUT): now handles multifile and nitroba packets not being present. 20 21 2013-11-28 Basic <simsong@Mucha.local> 22 23 * src/scan_http.cpp (scan_http): BUGFIX: was not clearing byte_run DFXML between each attachment. Now does. 24 25 2013-11-18 Basic <simsong@Mucha.local> 26 27 * src/wifipcap/wifipcap.cpp (WifipcapCallbacks::decode_data_frame): now calls Handle80211Data() for all data packets 28 29 * configure.ac: changes to test per Ryan Schmidt <notifications@github.com> 30 31 2013-11-17 Basic <simsong@Mucha.local> 32 33 * configure.ac: updated to 1.4.2 34 35 * src/be13_api/be13_configure.m4: fixed so that it still compiles on MacOS 10.8. 36 37 2013-11-15 Basic <simsong@Mucha.local> 38 39 * src/datalink.cpp (dl_null): removed DLT_NULL_BROKEN; it's not needed anymore. 40 41 2013-10-21 Man Page <simsong@mncrnpsedu.local> 42 43 * src/flow.cpp (flow::filename): Since some people don't understand what %c and %C do, they don't provide it. It is required, so now a %c is appended if it is not specified. 44 45 2013-06-11 Basic <simsong@Mucha.local> 46 47 * doc/tcpflow.1.in (std): removed explaination of filtering expressions 48 49 2013-05-26 Basic <simsong@Mucha.local> 50 51 * src/tcpip.cpp (tcpip::print_packet): implemented hex dump 52 53 * src/scan_netviz.cpp (scan_netviz): disabled by default for now. 54 55 * src/tcpip.cpp (tcpip::print_packet): now prints 'filename' with console output (wasn't working due to bug). 56 57 2013-04-17 Simson Garfinkel <simsong@mncrnpsedu.local> 58 59 * src/iptree.h (template): changed inc() to add() 60 2013-04-16 Simson Garfinkel <simsong@Mucha.local> 61 62 * src/iptree.h: changed 'trim' to 'prune' for correct terminology. 63 64 2013-03-30 Simson Garfinkel <simsong@Mucha.local> 65 66 * src/scan_tcpdemux.cpp (scan_tcpdemux): added -S tcp_timeout 67 68 2013-03-03 Simson Garfinkel <simsong@Mucha.local> 69 70 * src/scan_netviz.cpp (scan_netviz): scan_netviz enabled by default 71 72 2013-02-27 Simson Garfinkel <simsong@Mucha.local> 73 74 * configure.ac: added /usr/boost/include to search path 75 76 2013-01-27 Simson Garfinkel <simsong@FC17> 77 78 * src/tcpdemux.cpp (close_all_fd): now calls close_file(false), to preven openflows from being modified while it is being iterated. 79 80 * src/tcpflow.h: removed SET_BIT as it wasn't being used 81 82 * configure.ac: removed bcopy & bzero 83 84 2013-01-26 Simson Garfinkel <simsong@npsair.local> 85 86 2013-01-08 Simson Garfinkel <simsong@mncrnpsedu.local> 87 88 * src/scan_netviz.cpp (th_shutdown): th_one_page is now lazily created and destroyed at end 89 90 2013-01-03 Simson Garfinkel <simsong@Mucha.local> 91 92 * src/tcpflow.cpp (main): opt_gzip_decompress renamed to gzip_decompress and implemented. 93 94 * src/flow.cpp (flow::new_filename): now automatically makes subdirectories if necessary 95 96 2013-01-02 Simson Garfinkel <simsong@mncrnpsedu.local> 97 98 * src/scan_http.cpp: zero-length attachments are no longer created on disk. 99 100 * src/tcpip.cpp (tcpip::store_packet): zero-length flows are no longer created on disk. 101 102 2012-12-27 Simson Garfinkel <simsong@Mucha.local> 103 104 * renamed stored_flow as saved_flow becuase they are all stored, but only some are saved in the ring bufer. 105 106 * src/tcpdemux.cpp (tcpdemux::close_all): renamed close_all_fd(). close_tcpip renamed close_tcpip_fd; close_oldest renamed close_oldest_fd() 107 (tcpdemux::remove_all_flows): renamed. 108 109 2012-12-24 Simson Garfinkel <simsong@Mucha.local> 110 111 * src/tcpip.h (class flow): removed connection_count from flow identifier becuase it cannot be derrived from the flow. We really should have the LSN as part of the flow or something. The connection_count will be found when the filename is made. 112 113 2012-12-23 Simson Garfinkel <simsong@Mucha.local> 114 115 * src/tcpdemux.cpp (tcpdemux::process_tcp): option output_enabled changed to store_output 116 117 2012-12-22 Simson Garfinkel <simsong@Mucha.local> 118 119 * src/be13_api/sbuf.cpp (sbuf_t::map_file): 120 121 * src/scan_http.cpp (scan_http_cbo::on_headers_complete): changed retrying_open to open() to eliminate dependency on tcpdemux 122 123 * src/tcpip.h: put in its own file 124 125 * src/util.cpp (mmap): moved fake mmap() cover to util.cpp 126 127 * src/tcpip.cpp (tcpip): no longer closes the file at the end of every tcpip and then re-opens it if there is post-processing. Now it re-uses the same fd. 128 (tcpip): renamed opt_after_header to opt_post_processing 129 130 2012-12-18 Simson Garfinkel <simsong@Mucha.local> 131 132 * src/tcpflow.cpp (main): fixed opt_all; it was always true, but it shoudln't be. 133 134 2012-12-16 Simson Garfinkel <simsong@Mucha.local> 135 136 * src/tcpdemux.h (class tcpdemux): removed write_to_file 137 (class tcpdemux): removed struct packet_info_t 138 * src/tcpdemux.cpp (tcpdemux::post_process_capture_flow): added delete of sbuf 139 140 * src/scan_http.cpp (scan_http_cbo::on_headers_complete): changed O_APPEND to O_TRUNC 141 142 * src/tcpdemux.cpp: removed process_gzip, since it is now done in scan_http 143 144 2012-12-07 Simson Garfinkel <simsong@Mucha.local> 145 146 * src/tcpdemux.h (class flow_addr): fixed operator< type 147 148 2012-11-17 Simson Garfinkel <simsong@npsair.local> 149 150 * src/tcpflow.cpp (usage): usage now goes to stdout and not stderr. 151 152 2012-11-15 Simson Garfinkel <simsong@npsair.local> 153 154 * src/tcpdemux.h (class tcpdemux): retrying_open now takes a std:;string 155 156 2012-11-14 Simson Garfinkel <simsong@npsair.local> 157 158 * src/tcpip.cpp (tcpip::store_packet): added bytes_processed addition so that <fileobject> <filesize> is properly updated. 159 160 * src/be13_api/bulk_extractor_i.h: renamed histograms to be feature_histograms 161 162 * src/plugin.cpp (process_sbuf): renamed process_extract to process_sbuf and put it here. 163 164 2012-11-06 Simson Garfinkel <simsong@mncrnpsedu.local> 165 166 * src/tcpdemux.cpp (tcpdemux::process_tcp): first packet sense was inverted. Fixed. 167 168 * src/main.cpp (main): renamed main.cpp to tcpflow.cpp 169 170 2012-11-05 Simson Garfinkel <simsong@npsair.local> 171 172 * src/main.cpp (main): print_usage() renamed usage() for consistency with bulk_extractor 173 (usage): usage made static 174 175 2012-10-28 Simson Garfinkel <simsong@npsair.local> 176 177 * src/pcb_timehistogram.cpp: made histograms static 178 179 * src/tcpip.cpp (tcpip::store_packet): debug_level changed to debug in all files. 180 181 2012-10-26 Simson Garfinkel <simsong@npsair.local> 182 183 * src/flow.cpp (flow::print_usage): shortened filename template usage. 184 185 * src/tcpip.cpp (insert): added this function to insert a space at the beginning of a file. Now tcpflow can handle a flow with missing SYNs and out-of-order packets. 186 187 2012-10-25 Simson Garfinkel <simsong@npsair.local> 188 189 * src/tcpip.cpp (tcpip::print_packet): implemented strip-on-fputc 190 191 * src/tcpdemux.cpp (do_strip_nonprint): removed this function, as it could be replaced with strip-on-fputc 192 193 2012-10-24 Simson Garfinkel <simsong@npsair.local> 194 195 * src/tcpdemux.cpp (tcpdemux::open_tcpfile): now asserts that file is not open 196 (tcpdemux::open_tcpfile): retrying_fopen changed to retrying_open 197 (tcpdemux::process_tcp): completely rewrote the TCP implementation 198 (tcpdemux::process_ip4): 199 200 The old state machine kept tract of each flow's initial sequence 201 number (ISN) and computed the absolute 32-bit position within the 202 TCP flow for each TCP segment. The problem with this approach is 203 that it would not handle segments larger than 4GiB. The new state 204 machine computes what it expects the Next Sequence Number (NSN) to 205 be based on the previously processed segment in the flow. If there 206 is a difference between the actual NSN and the predicted NSN then 207 there is a relative seek done in the file. If I file needs to be 208 closed (due to file handle exhaustion) and re-opened (because a 209 segment on the flow shows up), the file pointer is put at the end 210 of the file and the NSN is predicted from the ISN (which was 211 cached). This will allow closing and re-opening flows bigger than 212 4GiB because the bits over 32 bit will be ignored in the NSN 213 calculation. 214 215 * src/tcpdemux.h (class tcpip): store_packet modified to take a delta rather than a sequence number 216 (class tcpip): changed from FILE* to fd for all i/o 217 218 * src/tcpdemux.cpp (tcpdemux::process_tcp): renamed console_only 219 to console_output; modified order of stripping and console_output 220 checking to check first for console output before checking to see if data should be stripped 221 222 2012-10-23 Simson Garfinkel <simsong@mncrnpsedu.local> 223 224 * src/tcpdemux.cpp (tcpdemux::tcpdemux): packet_time renamed packet_counter 225 226 * src/tcpdemux.h (class tcpip): renamed last_packet_time to be last_packet_number as it was not being used 227 228 * src/tcpip.cpp (tcpip::store_packet): removed the 'finished' flag from the tcpip:: class. It was being set when the flow went over demux.max_bytes_per_flow. However, if a packet was then received which was less than max_bytes_per_flow the bytes would not be recorded, because the max had already been passed. 229 230 2012-10-21 Simson Garfinkel <simsong@air2.local> 231 232 * src/tcpip.cpp (tcpip::store_packet): removed syn_set parameter and put in tcpdemux::process_tcp 233 234 * configure.ac: changed version number to 1.3.1devel 235 236 2012-10-20 Simson Garfinkel <simsong@air2.local> 237 238 * src/tcpdemux.h (class tcpdemux): process_tcp, process_ip, process_ip4 and process_ip6 now take const struct timeval &ts instead of const struct timeval *ts as their first argument, becuase ts should never be NULL. 239 240 2012-09-16 Simson Garfinkel <simsong@Mucha.local> 241 242 * src/flow.cpp (flow::filename): TM_FORMAT is now "%Y-%m-%dT%H:%M:%SZ" 243 244 * src/xml.cpp (xml::add_DFXML_execution_environment): TM_FORMAT is now always "%Y-%m-%dT%H:%M:%SZ" 245 246 2012-09-11 Simson Garfinkel <simsong@Mucha.local> 247 248 * src/datalink.cpp (dl_ethernet): now handles ETHERTYPE_LOOPBACK not defined. 249 250 2012-08-20 Simson Garfinkel <simsong@FC17> 251 252 * configure.ac: increased version number to 1.3.0 253 254 2012-08-16 Simson Garfinkel <simsong@mucha.lan> 255 256 * src/tcpdemux.cpp (tcpdemux::process_tcp): fixed bug in which myflow.tlast wasn't being set. 257 258 2012-08-16 Simson Garfinkel <simsong@Mucha.local> 259 260 * configure.ac: Increased version number to 1.2.9 261 262 263 * src/main.cpp (main): fixed compile bugs that resulted from adoption of standard DFXML header. 264 265 2012-08-10 Simson Garfinkel <simsong@imac3.local> 266 267 * configure.ac (HAVE_PTHREAD): fixed typo in configure.ac 268 269 2012-08-08 Simson Garfinkel <simsong@FC17> 270 271 * src/tcpdemux.h: removed struct ip as it was redundent to struct iphdr 272 273 * configure.ac: tcpflow now compiles under mingw for Windows 274 275 * src/tcpdemux.cpp: moved tcpdemux class methods into this new file. 276 277 2012-08-03 Simson Garfinkel <simsong@mncrnpsedu.local> 278 279 * src/tcpip.cpp (tcpip::close_file): added support for FUTIMENS, but I don't yet have a system on which to test it. Hope that it's good. 280 281 2012-07-23 Simson Garfinkel <simsong@Mucha.local> 282 283 * src/main.cpp (main): added calling process_infile(expression,device,"",true) when no files are provided to fix bug of no live capture. 284 285 * configure.ac: version 1.2.8 286 287 2012-07-02 Simson Garfinkel <simsong@mncrnpsedu.local> 288 289 * src/sysdep.h: removed; put code in tcpflow.h for simplicity 290 291 2012-06-26 mike <mike@reem> 292 293 * src/datalink.cpp (dl_null): moved ETHERTYPE_IPV6 from sysdep.h 294 to datalink.cpp 295 296 2012-06-18 Simson Garfinkel <simsong@mncrnpsedu.local> 297 298 * bootstrap.sh: added --add-missing to bootstrap.sh 299 300 2012-05-24 Simson Garfinkel <simsong@it153582.ern.nps.edu> 301 302 * configure.ac: increased version to 1.2.7. 303 304 * src/main.cpp (main): -r option now allows for multiple files to be specified. 305 306 * src/main.cpp (main): -R option now allows for incomplete tcp connections to be finished. 307 308 2012-05-16 Simson Garfinkel <simsong@Mucha.local> 309 310 * src/main.cpp (main): removed global "tcpdemux demux" 311 variable. Now it's passed as *user in the datalink methods, as it 312 should be. 313 314 * src/tcpdemux.h (class tcpip): bytes_printed renamed to bytes_processed, as it will be used in packet processing as well. 315 316 2012-04-19 Simson Garfinkel <simsong@imac3.home> 317 318 * configure.ac: incremented version to 1.2.6 (1.2.5 had a bad tag) 319 320 321 * src/tcpip.cpp (tcpip::print_packet): fixed error in fwrite(). 322 323 2012-04-11 Simson Garfinkel <simsong@mncrnpsedu.local> 324 325 * created version 1.2.4 tag 326 327 2012-04-03 Simson Garfinkel <simsong@imac3.home> 328 329 * src/main.cpp (print_usage): fixed misspelling of name 330 331 * src/tcpip.cpp (tcpdemux::tcpdemux): default outdir is now "." 332 333 2012-03-26 Simson Garfinkel <simsong@imac3.home> 334 335 * src/xml.cpp (xml::add_cpuid): better handling of CPUID instruction. Now it really should not show up on non-Intel architectures. 336 337 2012-03-19 Simson Garfinkel <simsong@imac3.home> 338 339 * src/xml.cpp: added unistd.h 340 341 2012-03-18 Simson Garfinkel <simsong@imac3.local> 342 343 * src/main.cpp (main): added printing stats for debug level 3. 344 345 * src/datalink.cpp (find_handler): changed 'looking for handler' to debug level 2. 346 347 2012-03-18 Simson Garfinkel <simsong@imac3.home> 348 349 * src/tcpip.cpp (tcpdemux::close_all): Jeremey's FD ring has been replaced with an unordere dset. 350 351 * src/tcpdemux.h (class tcpdemux): tcpdemux is now a class. By 1.3 it will be a linkable class separate from this program. 352 353 2012-03-11 Simson L. Garfinkel <simsong@ps14412.dreamhostps.com> 354 355 * configure.ac: added -funit-at-a-time 356 357 2012-03-10 Simson Garfinkel <simsong@imac3.home> 358 359 * COPYING: updated to GPLv3 360 361 2012-03-10 Simson Garfinkel <simsong@mucha> 362 363 * src/xml.cpp (xml::xmlout): writing with size-length tag just outputs the value now. 364 365 2012-03-03 Simson Garfinkel <simsong@it152983.ern.nps.edu> 366 367 * configure.ac: changed verison number to 1.2.1 368 369 * src/xml.cpp (xml::cpuid): added another #if defined(HAVE_ASM_CPUID) to protect another __asm__("cpuid") 370 371 2012-03-03 Simson Garfinkel <simsong@imac3.home> 372 373 * configure.ac: changed version number to 1.2.0 374 375 2012-03-09 Simson Garfinkel <simsong@Mucha.local> 376 377 * src/tcpip.cpp (tcpip::attempt_fopen): output files now opened in binary mode 378 (tcpip::store_packet): added error message for packet received after flow finished 379 380 * src/md5.c: added file. 381 382 * src/md5.h: added file. 383 384 * src/tcpip.cpp (tcpip::open_file): removed "done" variable, as it was not needed. 385 (tcpip): string constants that are converted to strings are now const statics. 386 387 2012-02-26 Simson Garfinkel <simsong@mucha> 388 389 * src/flow.cpp (flow::filename): completely rewrote to support templates. 390 (flow::print_usage): added to give information on templates. 391 392 * src/flow.h (class flow): renamed flow_t to flow 393 394 * src/main.cpp (main): removed last vistaves of DEFAULT_FILTER 395 (main): error is now a local variable. 396 397 2012-02-23 Simson Garfinkel <simsong@mucha> 398 399 * src/sysdep.h: changed to C++ headers for stdio, stdlib, cctype, cstdarg and cerrorno 400 401 * src/tcpip.cpp (tcpip::tcpip): outdir changed from const char * 402 to std::string. Flow names no longer have ./ prepended if outdir 403 is ".". 404 405 2012-01-18 Simson Garfinkel <simsong@Mucha.local> 406 407 * src/tcpip.cpp (tcpip::process_tcp): converted dir_cs and dir_sc to a single dir enum type. 408 409 2012-01-15 Simson Garfinkel <simsong@mucha.home> 410 411 * src/tcpip.cpp (tcpip): fixed crashing bug when no XML file was being generated. 412 413 2012-01-06 Simson Garfinkel <simsong@mncrnpsedu.local> 414 415 * src/flow.h (class tcpip): replaced std::map with std::tr1::unordered_map. Old performance: 416 <rusage> 417 <utime>2.879478</utime> 418 <stime>3.227067</stime> 419 <maxrss>7675904</maxrss> 420 <minflt>1953</minflt> 421 <majflt>26</majflt> 422 <nswap>0</nswap> 423 <inblock>3</inblock> 424 <oublock>4649</oublock> 425 <clocktime>14.634266</clocktime> 426 </rusage> 427 428 new performance: 429 <rusage> 430 <utime>1.323023</utime> 431 <stime>2.676657</stime> 432 <maxrss>7430144</maxrss> 433 <minflt>1921</minflt> 434 <majflt>0</majflt> 435 <nswap>0</nswap> 436 <inblock>0</inblock> 437 <oublock>4739</oublock> 438 <clocktime>8.399374</clocktime> 439 </rusage> 440 441 442 2012-01-05 Simson Garfinkel <simsong@mncrnpsedu.local> 443 444 * src/tcpip.cpp (do_strip_nonprint): do_strip_nonprint is now threadsafe 445 446 * src/flow.h (class tcpip): pos changed from long to uint64_t 447 448 * src/tcpip.cpp (tcpip::process_tcp): whoops; only drop the connection if the seek is bigger than min_offset 449 450 2012-01-04 Simson Garfinkel <simsong@mncrnpsedu.local> 451 452 * configure.ac: incremented version counter to beta2 453 454 * src/main.cpp (main): fixed option parsing bug. 455 456 2012-01-03 Simson Garfinkel <simsong@mncrnpsedu.local> 457 458 * src/tcpip.cpp (do_strip_nonprint): removed; do_strip_nonprint is now embedded in the caller, and is now thread-safe. 459 460 * src/util.cpp (check_malloc): removed 461 462 * src/tcpip.cpp (tcpip::store_packet): flow_state renamed tcpip (because it is). 463 464 * src/flow.h (class flow_state): first is now called tstart and appears in the flow_t. 465 (class flow_addr): renamed flow_t to flow_addr; it's the flow address. 466 (class flow_t): created this class which has additional per-flow information 467 (class flow_addr): moved vlan to flow_t from flow_addr 468 469 2012-01-01 Simson Garfinkel <simsong@Mucha.local> 470 471 * src/tcpflow.h (struct): flow_t renamed to be the flow class. 472 (class ipaddr): created class for IP addresses 473 (class flow_state_struct): created class from struct 474 475 * src/main.cpp (print_usage): -X added for XML output. 476 477 2011-12-29 Simson Garfinkel <simsong@Mucha.local> 478 479 * src/main.cpp (main): changed bytes_per_flow from int to uint64_t 480 progname is now a global. 481 482 added support for named semaphores to lock output between invocations. 483 484 * src/util.cpp: removed cvsid 485 486 * src/tcpip.cpp: removed cvsid 487 488 * src/datalink.cpp: removed cvsid 489 490 * src/flow.cpp: removed cvsid 491 492 * Makefile.am (EXTRA_DIST): added m4/ax_pthread.m4 to EXTRA_DIST 493 494 * configure.ac: increased version number to 1.0.7 495 496 * src/main.cpp (main): added -B option to force binary output. 497 498 * doc/tcpflow.1: corrected typo in -c/-C which crept it. 499 500 2011-12-23 Simson Garfinkel <simsong@Mucha.local> 501 502 * src/util.cpp: removed copy_argv(); replaced with a simple std::string manipulation. 503 (flow_filename): modified to work with outdir 504 505 * src/tcpip.cpp: renamed from tcpip.c to tcpip.cpp 506 507 * src/main.cpp: renamed from main.c to main.cpp; 508 509 * src/util.cpp: renamed util.c; changed most "char *" to "const char *" 510 511 * src/flow.cpp: renamed flow.c to flow.cpp 512 513 2011-12-04 Simson Garfinkel <simsong@Alphonse-Mucha.local> 514 515 516 * configure.ac: increased version counter to 1.0.6 517 518 * src/tcpflow.h (flow_state_struct): added bytes_printed counter 519 520 * src/tcpip.c (print_packet): modified to respect bytes_per_flow 521 522 * configure.ac: increased version counter to 1.0.5 523 524 * src/sysdep.h: added #ifndef for ETHERTYPE_VLAN for Oracle Enterprise Linux. 525 526 2011-11-24 Simson Garfinkel <simsong@it006834.ern.nps.edu> 527 528 * configure.ac: increased version counter to 1.0.4 529 530 2011-10-13 Simson Garfinkel <simsong@alphonse-mucha.home> 531 532 * src/main.c (main): removed prepending of (ip or ip6 or vlan) from user expressions. We now just use what the user provided. 533 534 2011-09-30 Simson Garfinkel <simsong@alphonse-mucha.home> 535 536 * configure.ac: incremented version counter to 1.0.2 and re-released. 537 538 2011-09-20 Simson Garfinkel <simsong@alphonse-mucha> 539 540 * src/flow.c (open_file): replaced FGETPOS(flow_state->fp, &(flow_state->pos)) with ftell() 541 542 * src/tcpip.c (store_packet): FSETPOS replaced with fseek (it's better now than in 1999) 543 544 2011-09-20 Simson Garfinkel <simsong@Alphonse-Mucha.local> 545 546 * src/util.c: applied ipv6 patches 547 548 * src/tcpip.c: applied ipv6 patches 549 550 * src/tcpflow.h: applied ipv6 patches 551 552 * src/sysdep.h: applied ipv6 patches 553 554 * src/main.c: applied ipv6 patches 555 556 * src/datalink.c: applied ipv6 patches 557 558 * configure.ac: applied ipv6 patches. 559 560 * src/sysdep.h: removed standards.h and added sys/cdefs.h. 561 562 2011-04-14 Simson Garfinkel <simsong@Magneto.local> 563 564 * Makefile.am (EXTRA_DIST): added TODO.txt 565 566 2011-03-12 Simson Garfinkel <simsong@imac3.home> 567 568 * doc/tcpflow.1.in: updated doc to reflect new author and distribution point. 569 570 * src/main.c (print_usage): removed "by Jeremy Elson <jelson@circlemud.org>" from usage. 571 572 * src/util.c (flow_filename): vlan changed from [42] to --42 to avoid some shell issues. 573 574 * Applied debian patch 20_fix-usage, which fixed the usage statement. 575 576 2011-02-27 Simson Garfinkel <simsong@Silver-Surfer.local> 577 578 * manually applied debian patch 10_extra-opts, which improves color rendering and passes the state structure, rather than forcing it to be re-calculated. 579 580 2008-10-06 Simson Garfinkel <simsong@Silver-Surfer.local> 581 582 * src/flow.c (flow_same): created a flow_same() function to return true if two flows are the same (because we will be adding additional information to the flow) 583 (close_file): modified so that flows are timestamped with the time of the closing 584 585 * src/tcpflow.h: reimplemented portable_signal to return void, rather than RETSIGTYPE, since RETSIGTYPE hasn't been used for at least 15 years. 586 587 * src/sysdep.h: added #include <net/if_var.h> before #include <net/if.h> 588 589 * configure.ac: rewrote to remove patches for circa 2002 Linux bugs. Fixed prerequisite header for net/if.h 590 591 2003-08-07 Jeremy Elson <jelson@circlemud.org> 592 * Released v0.21. Sticking to my strict schedule of releasing at 593 least one minor release per year. :-) 594 595 2003-08-07 Jeremy Elson <jelson@circlemud.org> 596 597 * src/main.c: Fixed format string attack. Found by David 598 Goldsmith of atstake.com. 599 600 2002-03-29 Jeremy Elson <jelson@concorde.cs.ucla.edu> 601 602 * configure.in: Fixed --with-pcap (was broken since moving sources 603 into src) 604 605 2002-03-29 Jeremy Elson <jelson@circlemud.org> 606 607 * src/datalink.c: Added support for ISDN (/dev/ippp0), datalink 608 handler for DLT_LINUX_SLL. Contributed by Detlef Conradin 609 <dconradin at gmx.net> 610 611 2001-08-23 Jeremy Elson <jelson@circlemud.org> 612 613 * src/tcpip.c: fflush stdout in console print mode, from 614 suggestion of Andreas Schweitzer <andy at physast.uga.edu>, who 615 says "Otherwise, I can't redirect or pipe the console output. At 616 least on FreeBSD. I will check later today if this also cures the 617 same problems I had on OpenBSD." 618 619 620 2001-02-26 Jeremy Elson <jelson@circlemud.org> 621 622 * Released version 0.20. 623 624 * util.c, main.c: we now catch SIGTERM, SIGINT and SIGHUP, and 625 call exit(). Should give libpcap a chance to reset the interface 626 state (it calls onexit()). 627 628 * main.c, tcpflow.1.in: Added patch from "Jose M. Alcaide" <jose 629 at we.lc.ehu.es> (FreeBSD port maintainer) so that tcpflow can 630 read from tcpdump output files. 631 632 2000-01-12 Jeremy Elson <jelson@circlemud.org> 633 634 * tcpflow.spec.in: New file for creating RPMs, submitted by Ross 635 Golder <rossigee at bigfoot.com>. 636 637 * configure.in: Added generation of tcpflow.spec 638 * Makefile.am: Added distribution of tcpflow.spec.in 639 640 1999-04-20 Jeremy Elson <jelson@circlemud.org> 641 642 * Released version 0.12. 643 644 1999-04-20 Jeremy Elson <jelson@circlemud.org> 645 646 * tcpflow.1.in: Updated man page. 647 648 * main.c (main): libpcap, when running under Linux, doesn't seem 649 to be able to handle filtering expressions when using DLT_NULL 650 (usually the loopback interface -- i.e. "localhost"), so we don't 651 allow those expressions and print a warning if the user is trying 652 to use one. Controlled via the DLT_NULL_BROKEN define in conf.h. 653 * datalink.c (dl_null): We no longer check that the datalink type 654 is AF_INET if DLT_NULL_BROKEN is defined. 655 * configure.in: Added AC_CANONICAL_SYSTEM, and define 656 DLT_NO_BROKEN if we are using Linux. 657 * acconfig.h: Added entry for DLT_NULL_BROKEN. 658 659 * tcpflow.h: We use __attribute__ now only if __GNUC__ is defined, 660 so that the code compiles on non-GCC compilers. 661 662 * configure.in: Check for standards.h, for IRIX compatibility. 663 (I have a custom autoconf that I changed to automatically #include 664 standards.h, if the check succeeds, in future header file checks.) 665 * sysdep.h: Conditional #include <standards.h> added. 666 667 * configure.in: Only check for -lnsl if gethostbyaddr() doesn't 668 work without it; same for -lsocket and socket(). 669 670 * tcpip.c (process_ip, process_tcp, do_strip_nonprint, 671 print_packet, store_packet): Changed to take a u_char. 672 * tcpflow.h: Changed packet handling function argument prototypes 673 and return values to use u_char instead of char. 674 * configure.in: Added checking for u_char. 675 * acconfig.h: Added entry for u_char. 676 677 * tcpip.c (process_ip, process_tcp): Added debugging messages. 678 679 * tcpip.c (store_packet): Changed debug level of messages. 680 681 1999-04-14 Jeremy Elson <jelson@circlemud.org> 682 683 * tcpip.c (store_packet): Now correctly checking the return value 684 of fwrite(). Pointed out by Johnny Tevessen <j.tevessen at gmx.net>. 685 686 1999-04-13 Jeremy Elson <jelson@circlemud.org> 687 688 * Released version 0.11. 689 690 1999-04-13 Jeremy Elson <jelson@circlemud.org> 691 692 * tcpip.c (process_ip): Portability: added typecast of an int to a 693 long, and changed the printf format to use a long (%ld) instead of 694 an int (%d). This is because some systems define these variables 695 as long to begin with. 696 * tcpip.c (store_packet): Same thing. 697 * util.c (init_debug): Same thing. 698 699 * main.c (print_usage): Added function to give help. 700 701 * sysdep.h: Linux libc5 systems have different names for certain 702 structures. Patch sent by Johnny Tevessen <j.tevessen at gmx.net> 703 704 * configure.in: All system header files are now detected by 705 autoconf and conditionally included in sysdep.h. 706 * sydep.h: Same. 707 * main.c: Same. 708 * tcpip.c: Same. 709 710 * Makefile.am (EXTRA_DIST): Changed from tcpflow.1 to tcpflow.1.in 711 to reflect the fact that tcpflow.1 is now created by 'configure'. 712 * configure.in: Same. 713 * tcpflow.1.in: Same. 714 715 * AUTHORS: Created & added initial entries. 716 717 1999-04-12 Jeremy Elson <jelson@circlemud.org> 718 719 * Initial public release. 720 721 722 723