o fixed bug where setting the snaplen smaller than the minimum
necessary to read the full headres would cause garbage to be
fed into the pattern matcher
o fixed unreported bug in IPv6/TCP packet length calculation
o relocated the privilege-dropping routine to be invoked right
before entering the packet processing loop, to prevent
interference with necessary permissions to read or write
dumpfiles/etc.
o fixed integer overflow with the snaplen that resulted from
an implicit signed/unsigned conversion
o minor change to compensate for some broken compiler
optimizers
o fixed double-free race condition during ngrep termination
o reworked packet length calculation in the main processing
loop, improving performance and readability
o simplified regex build logic in configure and Makefile
o updated Win32 version to use config.h for preprocessor
definitions instead of the Visual Studio project files,
making manual tweaking and config of ngrep for Win32
consistent with *NIX and more obvious
o changed third-party Makefiles to properly clean up after
themselves
o added support for radiotap (IEEE802_11_RADIO)
o changed ``-s 0'' invocation to mimic the equivalent of tcpdump
* healed the win32 code fork: ngrep now builds from the same
source tree for all platforms including Windows
* re-wrote the privilege revocation logic after problems were
reported with the SPC version, and removed non-root
drop_privs capability altogether
* fix off-by-one bug which caused ngrep to exit 1 packet early
when ``-A'' as invoked
* Fixed problematic configtest for old broken-redhat-glibc UDP header
* ngrep now sets a pcap filter "ip" by default, if one is not specified
* header offset fix to 802.11 processing
* support IGMP and Raw (unknown IP protocol) type packets
* support for latest versions of libpcap (0.8.3) and winpcap (3.1 beta 4)
* updated configure to autoconf 2.59, and config.guess and
config.sub to latest versions
* updated PCRE from 3.4 to 5.0
* and various minor changes and updates to improve ngrep
* rewrote the entire configure.in/config.h.in to autoconf 2.57
to be more consistent with normal autoconf'd programs.
corrects bugs around packaging impediments and typos.
* improved privilege dropping code and added more options to
configure to govern its behaviour
* added flag to turn off privilege revocation logic
* added multiline match as default and ability to enforce
previous default single-line match (bugfix + feature)
* added ability to read bpf filter expression from file
* added ability to force the column width to a certain size
* added two new output modes: ``byline'', whose output
respects embedded carriage returns (useful for http dumps),
and ``none'', which prints out each dump as a single line no
matter what.
* added ability to specify alternate nonprintable character
(default is ``.'').
* made ``-q'' effects more consistent and usable for scenarios
where ``-I'' and/or ``-O'' are being employed
* documentation updated
* improved support for a few OSes
* 802.11 support
Changes 1.40:
* OpenBSD tun device support
* MacOS X support
* ISDN (SLL) support
* fixed bug from not considering caplen in payload length calculations
