-----BEGIN PGP SIGNED MESSAGE-----
The latest versions of tcpdump (3.3), libpcap (0.3) and bpf (1.1.1)
from the Network Research Group at the Lawrence Berkeley National
Laboratory are now available via anonymous ftp:
The main feature of these releases is the addition of Linux support.
See the libpcap INSTALL document for more detailed information.
This release does not support AIX. Although we have integrated patches
from several contributors, it is reported that the current versions are
not quite there yet. The INSTALL document has more information; if you
manage to figure this out, please send mail to the mailing list found
in the README document. (Which, by the way, consists of a tiny number
of developers who don't appreciate receiving spam.)
Another important feature is that bpf now includes support for kernel
tcp and udp connection filters. Briefly, this feature is similar to
tcp_wrappers but is implemented in the kernel (and is more powerful).
It allows the system administrator to specify general bpf filters that
reject tcp and udp connections. When a filter rejects a connection, it
is as if there was no server listening on the port. For example, it is
possible to restrict portmapper and nfs accesses to a particular subnet
or list of hosts or disallow telnet connections from off site. See the
bpf README and setbpfilter(8) man page for more information.
Each package has a CHANGES file that documents the important fixes and
enhancements in each release. In summary:
Libpcap supports Linux. Solaris x86 problems were fixed.
Tcpdump supports Linux. The routine gmt2local() was rewritten to
avoid problematic os dependencies. Aligned access and byte order
problems were fixed.
Bpf kernel tcp and udp connection filters were added.
As usual, please direct bug reports, enhancements and comments to the
mailing list found in the README files.
-----BEGIN PGP SIGNATURE-----
-----END PGP SIGNATURE-----