rpms/tcpdump
6
0
Fork 0
Code Issues Pull Requests Releases Activity

import tcpdump-4.9.2-5.el8

Browse Source
This commit is contained in:
CentOS Sources 2019-08-02 12:09:47 -04:00 committed by Stepan Oksanichenko
commit a0c4b540cd
17 changed files with 1691 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.gitignore vendored Normal file
View File

@ -0,0 +1,2 @@
SOURCES/tcpdump-4.9.2.tar.gz
SOURCES/tcpslice-1.2a3.tar.gz

2
.tcpdump.metadata Normal file
View File

@ -0,0 +1,2 @@
f7dccebe94c3d07ac8744d43297ea2b98b35a13f SOURCES/tcpdump-4.9.2.tar.gz
98790301cb1bf4399a95153bc62d49b3f5808994 SOURCES/tcpslice-1.2a3.tar.gz

26
SOURCES/0001-icmp6-print-Reachable-Time-and-Retransmit-Time-from-.patch Normal file
View File

@ -0,0 +1,26 @@
From f19e0376b8e98b38240d28eb9e6f78c465bb1c6e Mon Sep 17 00:00:00 2001
From: rpm-build <rpm-build>
Date: Mon, 20 Oct 2014 13:34:24 +0200
Subject: [PATCH 1/8] icmp6: print Reachable Time and Retransmit Time from
ICMPv6 as milliseconds
---
print-icmp6.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/print-icmp6.c b/print-icmp6.c
index 7fe639d..cfaa2df 100644
--- a/print-icmp6.c
+++ b/print-icmp6.c
@@ -1034,7 +1034,7 @@ icmp6_print(netdissect_options *ndo,
p = (const struct nd_router_advert *)dp;
ND_TCHECK(p->nd_ra_retransmit);
ND_PRINT((ndo,"\n\thop limit %u, Flags [%s]" \
- ", pref %s, router lifetime %us, reachable time %us, retrans time %us",
+ ", pref %s, router lifetime %us, reachable time %ums, retrans time %ums",
(u_int)p->nd_ra_curhoplimit,
bittok2str(icmp6_opt_ra_flag_values,"none",(p->nd_ra_flags_reserved)),
get_rtpref(p->nd_ra_flags_reserved),
--
2.9.3

106
SOURCES/0002-Use-getnameinfo-instead-of-gethostbyaddr.patch Normal file
View File

@ -0,0 +1,106 @@
From c48fba64fbbff9c75c79e32ab33aa65742c197d9 Mon Sep 17 00:00:00 2001
From: rpm-build <rpm-build>
Date: Mon, 20 Oct 2014 14:12:46 +0200
Subject: [PATCH 2/8] Use getnameinfo instead of gethostbyaddr
---
addrtoname.c | 48 ++++++++++++++++++++++++++++++++++++++++++++++--
1 file changed, 46 insertions(+), 2 deletions(-)
diff --git a/addrtoname.c b/addrtoname.c
index 6975b71..949acb7 100644
--- a/addrtoname.c
+++ b/addrtoname.c
@@ -220,7 +220,6 @@ static uint32_t f_localnet;
const char *
getname(netdissect_options *ndo, const u_char *ap)
{
- register struct hostent *hp;
uint32_t addr;
struct hnamemem *p;
@@ -242,6 +241,28 @@ getname(netdissect_options *ndo, const u_char *ap)
*/
if (!ndo->ndo_nflag &&
(addr & f_netmask) == f_localnet) {
+#ifdef HAVE_GETNAMEINFO
+ struct sockaddr_in sa;
+ char hbuf[NI_MAXHOST];
+
+ memset(&sa, 0, sizeof (sa));
+ sa.sin_family = AF_INET;
+ sa.sin_addr.s_addr = addr;
+ if (!getnameinfo((struct sockaddr *)&sa, sizeof (sa),
+ hbuf, sizeof (hbuf), NULL, 0, 0)) {
+ if (ndo->ndo_Nflag) {
+ char *dotp;
+
+ /* Remove domain qualifications */
+ dotp = strchr(hbuf, '.');
+ if (dotp)
+ *dotp = '\0';
+ }
+ p->name = strdup(hbuf);
+ return p->name;
+ }
+#else
+ register struct hostent *hp;
hp = gethostbyaddr((char *)&addr, 4, AF_INET);
if (hp) {
char *dotp;
@@ -258,6 +279,7 @@ getname(netdissect_options *ndo, const u_char *ap)
}
return (p->name);
}
+#endif
}
p->name = strdup(intoa(addr));
if (p->name == NULL)
@@ -272,7 +294,6 @@ getname(netdissect_options *ndo, const u_char *ap)
const char *
getname6(netdissect_options *ndo, const u_char *ap)
{
- register struct hostent *hp;
union {
struct in6_addr addr;
struct for_hash_addr {
@@ -297,6 +318,28 @@ getname6(netdissect_options *ndo, const u_char *ap)
* Do not print names if -n was given.
*/
if (!ndo->ndo_nflag) {
+#ifdef HAVE_GETNAMEINFO
+ struct sockaddr_in6 sa;
+ char hbuf[NI_MAXHOST];
+
+ memset(&sa, 0, sizeof (sa));
+ sa.sin6_family = AF_INET6;
+ sa.sin6_addr = addr.addr;
+ if (!getnameinfo((struct sockaddr *)&sa, sizeof (sa),
+ hbuf, sizeof (hbuf), NULL, 0, 0)) {
+ if (ndo->ndo_Nflag) {
+ char *dotp;
+
+ /* Remove domain qualifications */
+ dotp = strchr(hbuf, '.');
+ if (dotp)
+ *dotp = '\0';
+ }
+ p->name = strdup(hbuf);
+ return p->name;
+ }
+#else
+ register struct hostent *hp;
hp = gethostbyaddr((char *)&addr, sizeof(addr), AF_INET6);
if (hp) {
char *dotp;
@@ -313,6 +356,7 @@ getname6(netdissect_options *ndo, const u_char *ap)
}
return (p->name);
}
+#endif
}
cp = addrtostr6(ap, ntop_buf, sizeof(ntop_buf));
p->name = strdup(cp);
--
2.9.3

94
SOURCES/0003-Drop-root-priviledges-before-opening-first-savefile-.patch Normal file
View File

@ -0,0 +1,94 @@
From 9bee0dffaebbc53b9762df7a6d84a553969e7b00 Mon Sep 17 00:00:00 2001
From: rpm-build <rpm-build>
Date: Fri, 3 Feb 2017 09:36:26 +0100
Subject: [PATCH 3/8] Drop root priviledges before opening first savefile if
running with -Z root
---
tcpdump.1.in | 7 ++++++-
tcpdump.c | 30 ++++++++++++++++++++++++++++++
2 files changed, 36 insertions(+), 1 deletion(-)
diff --git a/tcpdump.1.in b/tcpdump.1.in
index f04a579..ca5cff2 100644
--- a/tcpdump.1.in
+++ b/tcpdump.1.in
@@ -249,6 +249,9 @@ have the name specified with the
flag, with a number after it, starting at 1 and continuing upward.
The units of \fIfile_size\fP are millions of bytes (1,000,000 bytes,
not 1,048,576 bytes).
+
+Note that when used with \fB\-Z\fR option (enabled by default), privileges
+are dropped before opening first savefile.
.TP
.B \-d
Dump the compiled packet-matching code in a human readable form to
@@ -860,7 +863,9 @@ but before opening any savefiles for output, change the user ID to
and the group ID to the primary group of
.IR user .
.IP
-This behavior can also be enabled by default at compile time.
+This behavior is enabled by default (\fB\-Z tcpdump\fR), and can
+be disabled by \fB\-Z root\fR.
+
.IP "\fI expression\fP"
.RS
selects which packets will be dumped.
diff --git a/tcpdump.c b/tcpdump.c
index 73bf138..29f7f87 100644
--- a/tcpdump.c
+++ b/tcpdump.c
@@ -1133,6 +1133,7 @@ main(int argc, char **argv)
cap_rights_t rights;
int cansandbox;
#endif /* HAVE_CAPSICUM */
+ int chown_flag = 0;
int Oflag = 1; /* run filter code optimizer */
int yflag_dlt = -1;
const char *yflag_dlt_name = NULL;
@@ -1843,6 +1844,19 @@ main(int argc, char **argv)
}
capng_apply(CAPNG_SELECT_BOTH);
#endif /* HAVE_LIBCAP_NG */
+ /* If user is running tcpdump as root and wants to write to the savefile,
+ * we will check if -C is set and if it is, we will drop root
+ * privileges right away and consequent call to>pcap_dump_open()
+ * will most likely fail for the first file. If -C flag is not set we
+ * will create file as root then change ownership of file to proper
+ * user(default tcpdump) and drop root privileges.
+ */
+ if (WFileName)
+ if (Cflag && (username || chroot_dir))
+ droproot(username, chroot_dir);
+ else
+ chown_flag = 1;
+ else
if (username || chroot_dir)
droproot(username, chroot_dir);
@@ -1881,6 +1895,22 @@ main(int argc, char **argv)
MakeFilename(dumpinfo.CurrentFileName, WFileName, 0, 0);
p = pcap_dump_open(pd, dumpinfo.CurrentFileName);
+
+ /* Change ownership of file and drop root privileges */
+ if (chown_flag) {
+ struct passwd *pwd;
+
+ pwd = getpwnam(username);
+ if (!pwd)
+ error("Couldn't find user '%s'", username);
+
+ if (strcmp(WFileName, "-") && chown(dumpinfo.CurrentFileName, pwd->pw_uid, pwd->pw_gid) < 0)
+ error("Couldn't change ownership of savefile");
+
+ if (username || chroot_dir)
+ droproot(username, chroot_dir);
+ }
+
#ifdef HAVE_LIBCAP_NG
/* Give up CAP_DAC_OVERRIDE capability.
* Only allow it to be restored if the -C or -G flag have been
--
2.9.3

88
SOURCES/0004-tcpslice-update-tcpslice-patch-to-1.2a3.patch Normal file
View File

@ -0,0 +1,88 @@
From 954c235f6db6f601d732b6fce48d2e8183c05d49 Mon Sep 17 00:00:00 2001
From: rpm-build <rpm-build>
Date: Mon, 20 Oct 2014 14:43:04 +0200
Subject: [PATCH 4/8] tcpslice: update tcpslice patch to 1.2a3
---
tcpslice-1.2a3/search.c | 22 +++++++++++++++-------
tcpslice-1.2a3/tcpslice.h | 20 ++++++++++++++++++++
2 files changed, 35 insertions(+), 7 deletions(-)
diff --git a/tcpslice-1.2a3/search.c b/tcpslice-1.2a3/search.c
index 1e2d051..23aa105 100644
--- a/tcpslice-1.2a3/search.c
+++ b/tcpslice-1.2a3/search.c
@@ -53,7 +53,7 @@ static const char rcsid[] =
/* Size of a packet header in bytes; easier than typing the sizeof() all
* the time ...
*/
-#define PACKET_HDR_LEN (sizeof( struct pcap_pkthdr ))
+#define PACKET_HDR_LEN (sizeof( struct pcap_sf_pkthdr ))
extern int snaplen;
@@ -111,16 +111,24 @@ reasonable_header( struct pcap_pkthdr *hdr, time_t first_time, time_t last_time
static void
extract_header( pcap_t *p, u_char *buf, struct pcap_pkthdr *hdr )
{
- memcpy((char *) hdr, (char *) buf, sizeof(struct pcap_pkthdr));
+ struct pcap_sf_pkthdr hdri;
+
+ memcpy((char *) &hdri, (char *) buf, sizeof(struct pcap_sf_pkthdr));
if ( pcap_is_swapped( p ) )
{
- hdr->ts.tv_sec = SWAPLONG(hdr->ts.tv_sec);
- hdr->ts.tv_usec = SWAPLONG(hdr->ts.tv_usec);
- hdr->len = SWAPLONG(hdr->len);
- hdr->caplen = SWAPLONG(hdr->caplen);
+ hdr->ts.tv_sec = SWAPLONG(hdri.ts.tv_sec);
+ hdr->ts.tv_usec = SWAPLONG(hdri.ts.tv_usec);
+ hdr->len = SWAPLONG(hdri.len);
+ hdr->caplen = SWAPLONG(hdri.caplen);
+ }
+ else
+ {
+ hdr->ts.tv_sec = hdri.ts.tv_sec;
+ hdr->ts.tv_usec = hdri.ts.tv_usec;
+ hdr->len = hdri.len;
+ hdr->caplen = hdri.caplen;
}
-
/*
* From bpf/libpcap/savefile.c:
*
diff --git a/tcpslice-1.2a3/tcpslice.h b/tcpslice-1.2a3/tcpslice.h
index de4a01c..9dcd1a1 100644
--- a/tcpslice-1.2a3/tcpslice.h
+++ b/tcpslice-1.2a3/tcpslice.h
@@ -20,6 +20,26 @@
*/
+#include <time.h>
+/* #include <net/bpf.h> */
+
+/*
+ * This is a timeval as stored in disk in a dumpfile.
+ * It has to use the same types everywhere, independent of the actual
+ * `struct timeval'
+ */
+
+struct pcap_timeval {
+ bpf_int32 tv_sec; /* seconds */
+ bpf_int32 tv_usec; /* microseconds */
+};
+
+struct pcap_sf_pkthdr {
+ struct pcap_timeval ts; /* time stamp */
+ bpf_u_int32 caplen; /* length of portion present */
+ bpf_u_int32 len; /* length this packet (off wire) */
+};
+
time_t gwtm2secs( struct tm *tm );
int sf_find_end( struct pcap *p, struct timeval *first_timestamp,
--
2.9.3

26
SOURCES/0005-tcpslice-remove-unneeded-include.patch Normal file
View File

@ -0,0 +1,26 @@
From d32956586bfb50b189132d5a15db8a50ef871278 Mon Sep 17 00:00:00 2001
From: rpm-build <rpm-build>
Date: Mon, 20 Oct 2014 15:06:54 +0200
Subject: [PATCH 5/8] tcpslice: remove unneeded include
net/bpf.h doesn't exist on Linux.
---
tcpslice-1.2a3/tcpslice.c | 2 --
1 file changed, 2 deletions(-)
diff --git a/tcpslice-1.2a3/tcpslice.c b/tcpslice-1.2a3/tcpslice.c
index e73d76f..895e54f 100644
--- a/tcpslice-1.2a3/tcpslice.c
+++ b/tcpslice-1.2a3/tcpslice.c
@@ -35,8 +35,6 @@ static const char rcsid[] =
#include <sys/file.h>
#include <sys/stat.h>
-#include <net/bpf.h>
-
#include <ctype.h>
#ifdef HAVE_FCNTL_H
#include <fcntl.h>
--
2.9.3

27
SOURCES/0006-tcpslice-don-t-test-the-pointer-but-pointee-for-NULL.patch Normal file
View File

@ -0,0 +1,27 @@
From e159008d2f126d92112858269fb6b2fbca63ffc2 Mon Sep 17 00:00:00 2001
From: rpm-build <rpm-build>
Date: Mon, 20 Oct 2014 15:19:44 +0200
Subject: [PATCH 6/8] tcpslice: don't test the pointer but pointee for NULL
---
tcpslice-1.2a3/tcpslice.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/tcpslice-1.2a3/tcpslice.c b/tcpslice-1.2a3/tcpslice.c
index 895e54f..a91439b 100644
--- a/tcpslice-1.2a3/tcpslice.c
+++ b/tcpslice-1.2a3/tcpslice.c
@@ -402,7 +402,9 @@ fill_tm(char *time_string, int is_delta, struct tm *t, time_t *usecs_addr)
while (isdigit(*t_stop))
++t_stop;
- if (! t_stop)
+
+ if (!(*t_stop))
+ /* we've reached end of string -> bad date format */
error("bad date format %s, problem starting at %s",
time_string, t_start);
--
2.9.3

55
SOURCES/0007-Introduce-nn-option.patch Normal file
View File

@ -0,0 +1,55 @@
From 9ea43c6c97d3653cb58c1934f8770b951917bf9a Mon Sep 17 00:00:00 2001
From: rpm-build <rpm-build>
Date: Mon, 20 Oct 2014 13:26:38 +0200
Subject: [PATCH 7/8] Introduce -nn option
This changes the semantics on -n option so only namelookups are skipped. Port
numbers *are* translated to their string representations. Option -nn then has
the same semantics as -n had originally.
---
addrtoname.c | 4 ++--
tcpdump.1.in | 6 +++++-
2 files changed, 7 insertions(+), 3 deletions(-)
diff --git a/addrtoname.c b/addrtoname.c
index 949acb7..9dd78d8 100644
--- a/addrtoname.c
+++ b/addrtoname.c
@@ -810,7 +810,7 @@ init_servarray(netdissect_options *ndo)
while (table->name)
table = table->nxt;
- if (ndo->ndo_nflag) {
+ if (ndo->ndo_nflag > 1) {
(void)snprintf(buf, sizeof(buf), "%d", port);
table->name = strdup(buf);
} else
@@ -1233,7 +1233,7 @@ init_addrtoname(netdissect_options *ndo, uint32_t localnet, uint32_t mask)
f_localnet = localnet;
f_netmask = mask;
}
- if (ndo->ndo_nflag)
+ if (ndo->ndo_nflag > 1)
/*
* Simplest way to suppress names.
*/
diff --git a/tcpdump.1.in b/tcpdump.1.in
index ca5cff2..c711a24 100644
--- a/tcpdump.1.in
+++ b/tcpdump.1.in
@@ -547,7 +547,11 @@ Use \fIsecret\fP as a shared secret for validating the digests found in
TCP segments with the TCP-MD5 option (RFC 2385), if present.
.TP
.B \-n
-Don't convert addresses (i.e., host addresses, port numbers, etc.) to names.
+Don't convert host addresses to names. This can be used to avoid
+DNS lookups.
+.TP
+.B \-nn
+Don't convert protocol and port numbers etc. to names either.
.TP
.B \-N
Don't print domain name qualification of host names.
--
2.9.3

36
SOURCES/0008-Don-t-print-out-we-dropped-root-we-are-always-droppi.patch Normal file
View File

@ -0,0 +1,36 @@
From d5508c13119404102104a3935e7445c9fddf79b5 Mon Sep 17 00:00:00 2001
From: rpm-build <rpm-build>
Date: Fri, 3 Feb 2017 09:43:03 +0100
Subject: [PATCH 8/8] Don't print out we dropped root, we are always dropping
it
---
tcpdump.c | 5 -----
1 file changed, 5 deletions(-)
diff --git a/tcpdump.c b/tcpdump.c
index 29f7f87..18c4a5c 100644
--- a/tcpdump.c
+++ b/tcpdump.c
@@ -618,8 +618,6 @@ droproot(const char *username, const char *chroot_dir)
int ret = capng_change_id(pw->pw_uid, pw->pw_gid, CAPNG_NO_FLAG);
if (ret < 0) {
fprintf(stderr, "error : ret %d\n", ret);
- } else {
- fprintf(stderr, "dropped privs to %s\n", username);
}
}
#else
@@ -632,9 +630,6 @@ droproot(const char *username, const char *chroot_dir)
pcap_strerror(errno));
exit_tcpdump(1);
}
- else {
- fprintf(stderr, "dropped privs to %s\n", username);
- }
#endif /* HAVE_LIBCAP_NG */
}
else {
--
2.9.3

27
SOURCES/0009-Change-n-flag-to-nn-in-TESTonce.patch Normal file
View File

@ -0,0 +1,27 @@
From 04e23aa3f91ff137237daf68f02e7b3c0c1a9168 Mon Sep 17 00:00:00 2001
From: rpm-build <rpm-build>
Date: Tue, 11 Apr 2017 09:19:48 +0200
Subject: [PATCH 09/13] Change -n flag to -nn in TESTonce
We need to change this because we have a different meaning of -n
flag than upstream does. We use -nn in those cases.
---
tests/TESTonce | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tests/TESTonce b/tests/TESTonce
index 7026624..e348701 100755
--- a/tests/TESTonce
+++ b/tests/TESTonce
@@ -21,7 +21,7 @@ if ($^O eq 'MSWin32') {
else {
# we used to do this as a nice pipeline, but the problem is that $r fails to
# to be set properly if the tcpdump core dumps.
- $r = system "../tcpdump 2>/dev/null -n -t -r $input $options >NEW/$output";
+ $r = system "../tcpdump 2>/dev/null -nn -t -r $input $options >NEW/$output";
if($r != 0) {
# this means tcpdump failed.
open(OUTPUT, ">>"."NEW/$output") || die "fail to open $output\n";
--
2.13.5

45
SOURCES/0010-Expect-miliseconds-instead-of-seconds-in-icmp-captur.patch Normal file
View File

@ -0,0 +1,45 @@
From 0ae4aa1881bbe40443bff802b5e4aa6ca0696dd9 Mon Sep 17 00:00:00 2001
From: rpm-build <rpm-build>
Date: Tue, 11 Apr 2017 09:37:53 +0200
Subject: [PATCH 10/13] Expect miliseconds instead of seconds in icmp capture.
Again this is caused by our patch, so we need to modify tests
accordingly.
---
tests/icmpv6.out | 2 +-
tests/icmpv6_opt24-v.out | 4 ++--
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/tests/icmpv6.out b/tests/icmpv6.out
index bb7775e..8979540 100644
--- a/tests/icmpv6.out
+++ b/tests/icmpv6.out
@@ -1,5 +1,5 @@
IP6 (hlim 255, next-header ICMPv6 (58) payload length: 176) fe80::b299:28ff:fec8:d66c > ff02::1: [icmp6 sum ok] ICMP6, router advertisement, length 176
- hop limit 64, Flags [home agent], pref medium, router lifetime 15s, reachable time 0s, retrans time 0s
+ hop limit 64, Flags [home agent], pref medium, router lifetime 15s, reachable time 0ms, retrans time 0ms
prefix info option (3), length 32 (4): 2222:3333:4444:5555:6600::/72, Flags [onlink, auto], valid time 2592000s, pref. time 604800s
0x0000: 48c0 0027 8d00 0009 3a80 0000 0000 2222
0x0010: 3333 4444 5555 6600 0000 0000 0000
diff --git a/tests/icmpv6_opt24-v.out b/tests/icmpv6_opt24-v.out
index 2b7cf09..00512df 100644
--- a/tests/icmpv6_opt24-v.out
+++ b/tests/icmpv6_opt24-v.out
@@ -1,5 +1,5 @@
IP6 (hlim 255, next-header ICMPv6 (58) payload length: 120) fe80::16cf:92ff:fe87:23d6 > ff02::1: [icmp6 sum ok] ICMP6, router advertisement, length 120
- hop limit 0, Flags [managed, other stateful], pref medium, router lifetime 0s, reachable time 0s, retrans time 0s
+ hop limit 0, Flags [managed, other stateful], pref medium, router lifetime 0s, reachable time 0ms, retrans time 0ms
source link-address option (1), length 8 (1): 14:cf:92:87:23:d6
mtu option (5), length 8 (1): 1500
prefix info option (3), length 32 (4): fd8d:4fb3:5b2e::/64, Flags [onlink, auto], valid time 7200s, pref. time 1800s
@@ -7,7 +7,7 @@ IP6 (hlim 255, next-header ICMPv6 (58) payload length: 120) fe80::16cf:92ff:fe87
rdnss option (25), length 24 (3): lifetime 1800s, addr: fd8d:4fb3:5b2e::1
dnssl option (31), length 16 (2): lifetime 1800s, domain(s): lan.
IP6 (hlim 255, next-header ICMPv6 (58) payload length: 120) fe80::16cf:92ff:fe87:23d6 > ff02::1: [icmp6 sum ok] ICMP6, router advertisement, length 120
- hop limit 0, Flags [managed, other stateful], pref medium, router lifetime 0s, reachable time 0s, retrans time 0s
+ hop limit 0, Flags [managed, other stateful], pref medium, router lifetime 0s, reachable time 0ms, retrans time 0ms
source link-address option (1), length 8 (1): 14:cf:92:87:23:d6
mtu option (5), length 8 (1): 1500
prefix info option (3), length 32 (4): fd8d:4fb3:5b2e::/64, Flags [onlink, auto], valid time 7200s, pref. time 1800s
--
2.13.5

133
SOURCES/0011-Evp-cipher-buffers.patch Normal file
View File

@ -0,0 +1,133 @@
diff --git a/print-esp.c b/print-esp.c
index 511ee8a3..5b282526 100644
--- a/print-esp.c
+++ b/print-esp.c
@@ -192,8 +192,8 @@ int esp_print_decrypt_buffer_by_ikev2(netdissect_options *ndo,
const u_char *iv;
unsigned int len;
EVP_CIPHER_CTX *ctx;
- unsigned int block_size, output_buffer_size;
- u_char *output_buffer;
+ unsigned int block_size, buffer_size;
+ u_char *input_buffer, *output_buffer;
/* initiator arg is any non-zero value */
if(initiator) initiator=1;
@@ -228,19 +228,41 @@ int esp_print_decrypt_buffer_by_ikev2(netdissect_options *ndo,
(*ndo->ndo_warning)(ndo, "espkey init failed");
set_cipher_parameters(ctx, NULL, NULL, iv, 0);
/*
- * Allocate a buffer for the decrypted data.
- * The output buffer must be separate from the input buffer, and
- * its size must be a multiple of the cipher block size.
+ * Allocate buffers for the encrypted and decrypted data.
+ * Both buffers' sizes must be a multiple of the cipher block
+ * size, and the output buffer must be separate from the input
+ * buffer.
*/
block_size = (unsigned int)EVP_CIPHER_CTX_block_size(ctx);
- output_buffer_size = len + (block_size - len % block_size);
- output_buffer = (u_char *)malloc(output_buffer_size);
+ buffer_size = len + (block_size - len % block_size);
+
+ /*
+ * Attempt to allocate the input buffer.
+ */
+ input_buffer = (u_char *)malloc(buffer_size);
+ if (input_buffer == NULL) {
+ (*ndo->ndo_warning)(ndo, "can't allocate memory for encrypted data buffer");
+ EVP_CIPHER_CTX_free(ctx);
+ return 0;
+ }
+ /*
+ * Copy the input data to the encrypted data buffer, and pad it
+ * with zeroes.
+ */
+ memcpy(input_buffer, buf, len);
+ memset(input_buffer + len, 0, buffer_size - len);
+
+ /*
+ * Attempt to allocate the output buffer.
+ */
+ output_buffer = (u_char *)malloc(buffer_size);
if (output_buffer == NULL) {
(*ndo->ndo_warning)(ndo, "can't allocate memory for decryption buffer");
+ free(input_buffer);
EVP_CIPHER_CTX_free(ctx);
return 0;
}
- EVP_Cipher(ctx, output_buffer, buf, len);
+ EVP_Cipher(ctx, output_buffer, input_buffer, buffer_size);
EVP_CIPHER_CTX_free(ctx);
/*
@@ -249,6 +272,7 @@ int esp_print_decrypt_buffer_by_ikev2(netdissect_options *ndo,
* but changing this would require a more complicated fix.
*/
memcpy(buf, output_buffer, len);
+ free(input_buffer);
free(output_buffer);
ndo->ndo_packetp = buf;
@@ -666,8 +690,8 @@ esp_print(netdissect_options *ndo,
const u_char *ivoff;
const u_char *p;
EVP_CIPHER_CTX *ctx;
- unsigned int block_size, output_buffer_size;
- u_char *output_buffer;
+ unsigned int block_size, buffer_size;
+ u_char *input_buffer, *output_buffer;
#endif
esp = (const struct newesp *)bp;
@@ -784,21 +808,43 @@ esp_print(netdissect_options *ndo,
len = ep - (p + ivlen);
/*
- * Allocate a buffer for the decrypted data.
- * The output buffer must be separate from the
- * input buffer, and its size must be a multiple
- * of the cipher block size.
+ * Allocate buffers for the encrypted and decrypted
+ * data. Both buffers' sizes must be a multiple of
+ * the cipher block size, and the output buffer must
+ * be separate from the input buffer.
*/
block_size = (unsigned int)EVP_CIPHER_CTX_block_size(ctx);
- output_buffer_size = len + (block_size - len % block_size);
- output_buffer = (u_char *)malloc(output_buffer_size);
+ buffer_size = len + (block_size - len % block_size);
+
+ /*
+ * Attempt to allocate the input buffer.
+ */
+ input_buffer = (u_char *)malloc(buffer_size);
+ if (input_buffer == NULL) {
+ (*ndo->ndo_warning)(ndo, "can't allocate memory for encrypted data buffer");
+ EVP_CIPHER_CTX_free(ctx);
+ return 0;
+ }
+ /*
+ * Copy the input data to the encrypted data buffer,
+ * and pad it with zeroes.
+ */
+ memcpy(input_buffer, p + ivlen, len);
+ memset(input_buffer + len, 0, buffer_size - len);
+
+ /*
+ * Attempt to allocate the output buffer.
+ */
+ output_buffer = (u_char *)malloc(buffer_size);
if (output_buffer == NULL) {
(*ndo->ndo_warning)(ndo, "can't allocate memory for decryption buffer");
+ free(input_buffer);
EVP_CIPHER_CTX_free(ctx);
return -1;
}
- EVP_Cipher(ctx, output_buffer, p + ivlen, len);
+ EVP_Cipher(ctx, output_buffer, input_buffer, len);
+ free(input_buffer);
EVP_CIPHER_CTX_free(ctx);
/*
* XXX - of course this is wrong, because buf is a

318
SOURCES/0012-Add-printing-support-for-vsockmon-devices.patch Normal file
View File

@ -0,0 +1,318 @@
From 66a5b93dee386bc2f57033a150341752923b8b41 Mon Sep 17 00:00:00 2001
From: Gerard Garcia <ggarcia@deic.uab.cat>
Date: Tue, 14 Jun 2016 16:45:44 +0200
Subject: [PATCH 13/13] Add printing support for vsockmon devices.
Print Linux 4.12 vsockmon captures:
# modprobe vsockmon
# ip link add type vsockmon
# ip link set vsockmon0 up
# tcpdump -i vsockmon0
16:25:24.987917 VIRTIO 3.1025 > 2.1234 CONNECT, length 76
16:25:24.987963 VIRTIO 2.1234 > 3.1025 CONNECT, length 76
16:25:26.568271 VIRTIO 3.1025 > 2.1234 PAYLOAD, length 82
16:25:26.568512 VIRTIO 2.1234 > 3.1025 CONTROL, length 76
16:25:28.411335 VIRTIO 3.1025 > 2.1234 DISCONNECT, length 76
16:25:28.411628 VIRTIO 2.1234 > 3.1025 DISCONNECT, length 76
For more information about vsock see:
http://wiki.qemu.org/Features/VirtioVsock
---
Makefile.in | 1 +
netdissect.h | 1 +
print-vsock.c | 243 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
print.c | 3 +
4 files changed, 248 insertions(+)
create mode 100644 print-vsock.c
diff --git a/Makefile.in b/Makefile.in
index 0941f0e..a301878 100644
--- a/Makefile.in
+++ b/Makefile.in
@@ -226,6 +226,7 @@ LIBNETDISSECT_SRC=\
print-vjc.c \
print-vqp.c \
print-vrrp.c \
+ print-vsock.c \
print-vtp.c \
print-vxlan.c \
print-vxlan-gpe.c \
diff --git a/netdissect.h b/netdissect.h
index 089b040..c89fcf1 100644
--- a/netdissect.h
+++ b/netdissect.h
@@ -444,6 +444,7 @@ extern u_int symantec_if_print IF_PRINTER_ARGS;
extern u_int token_if_print IF_PRINTER_ARGS;
extern u_int usb_linux_48_byte_print IF_PRINTER_ARGS;
extern u_int usb_linux_64_byte_print IF_PRINTER_ARGS;
+extern u_int vsock_print IF_PRINTER_ARGS;
/*
* Structure passed to some printers to allow them to print
diff --git a/print-vsock.c b/print-vsock.c
new file mode 100644
index 0000000..fc5694d
--- /dev/null
+++ b/print-vsock.c
@@ -0,0 +1,243 @@
+/*
+ * Copyright (c) 2016 Gerard Garcia <nouboh@gmail.com>
+ * Copyright (c) 2017 Red Hat, Inc.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ * 3. The names of the authors may not be used to endorse or promote
+ * products derived from this software without specific prior
+ * written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
+ * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
+ */
+
+/* \summary: Linux vsock printer */
+
+#ifdef HAVE_CONFIG_H
+#include "config.h"
+#endif
+
+#include <netdissect-stdinc.h>
+#include <stddef.h>
+
+#include "netdissect.h"
+#include "extract.h"
+
+static const char tstr[] = " [|vsock]";
+
+enum af_vsockmon_transport {
+ AF_VSOCK_TRANSPORT_UNKNOWN = 0,
+ AF_VSOCK_TRANSPORT_NO_INFO = 1, /* No transport information */
+ AF_VSOCK_TRANSPORT_VIRTIO = 2, /* Virtio transport header */
+};
+
+static const struct tok vsock_transport[] = {
+ {AF_VSOCK_TRANSPORT_UNKNOWN, "UNKNOWN"},
+ {AF_VSOCK_TRANSPORT_NO_INFO, "NO_INFO"},
+ {AF_VSOCK_TRANSPORT_VIRTIO, "VIRTIO"},
+ { 0, NULL }
+};
+
+enum af_vsockmon_op {
+ AF_VSOCK_OP_UNKNOWN = 0,
+ AF_VSOCK_OP_CONNECT = 1,
+ AF_VSOCK_OP_DISCONNECT = 2,
+ AF_VSOCK_OP_CONTROL = 3,
+ AF_VSOCK_OP_PAYLOAD = 4,
+};
+
+static const struct tok vsock_op[] = {
+ {AF_VSOCK_OP_UNKNOWN, "UNKNOWN"},
+ {AF_VSOCK_OP_CONNECT, "CONNECT"},
+ {AF_VSOCK_OP_DISCONNECT, "DISCONNECT"},
+ {AF_VSOCK_OP_CONTROL, "CONTROL"},
+ {AF_VSOCK_OP_PAYLOAD, "PAYLOAD"},
+ { 0, NULL }
+};
+
+enum virtio_vsock_type {
+ VIRTIO_VSOCK_TYPE_STREAM = 1,
+};
+
+static const struct tok virtio_type[] = {
+ {VIRTIO_VSOCK_TYPE_STREAM, "STREAM"},
+ { 0, NULL }
+};
+
+enum virtio_vsock_op {
+ VIRTIO_VSOCK_OP_INVALID = 0,
+ VIRTIO_VSOCK_OP_REQUEST = 1,
+ VIRTIO_VSOCK_OP_RESPONSE = 2,
+ VIRTIO_VSOCK_OP_RST = 3,
+ VIRTIO_VSOCK_OP_SHUTDOWN = 4,
+ VIRTIO_VSOCK_OP_RW = 5,
+ VIRTIO_VSOCK_OP_CREDIT_UPDATE = 6,
+ VIRTIO_VSOCK_OP_CREDIT_REQUEST = 7,
+};
+
+static const struct tok virtio_op[] = {
+ {VIRTIO_VSOCK_OP_INVALID, "INVALID"},
+ {VIRTIO_VSOCK_OP_REQUEST, "REQUEST"},
+ {VIRTIO_VSOCK_OP_RESPONSE, "RESPONSE"},
+ {VIRTIO_VSOCK_OP_RST, "RST"},
+ {VIRTIO_VSOCK_OP_SHUTDOWN, "SHUTDOWN"},
+ {VIRTIO_VSOCK_OP_RW, "RW"},
+ {VIRTIO_VSOCK_OP_CREDIT_UPDATE, "CREDIT UPDATE"},
+ {VIRTIO_VSOCK_OP_CREDIT_REQUEST, "CREDIT REQUEST"},
+ { 0, NULL }
+};
+
+/* All fields are little-endian */
+
+struct virtio_vsock_hdr {
+ uint64_t src_cid;
+ uint64_t dst_cid;
+ uint32_t src_port;
+ uint32_t dst_port;
+ uint32_t len;
+ uint16_t type; /* enum virtio_vsock_type */
+ uint16_t op; /* enum virtio_vsock_op */
+ uint32_t flags;
+ uint32_t buf_alloc;
+ uint32_t fwd_cnt;
+} UNALIGNED;
+
+struct af_vsockmon_hdr {
+ uint64_t src_cid;
+ uint64_t dst_cid;
+ uint32_t src_port;
+ uint32_t dst_port;
+ uint16_t op; /* enum af_vsockmon_op */
+ uint16_t transport; /* enum af_vosckmon_transport */
+ uint16_t len; /* size of transport header */
+ uint8_t reserved[2];
+};
+
+static void
+vsock_virtio_hdr_print(netdissect_options *ndo, const struct virtio_vsock_hdr *hdr)
+{
+ uint16_t u16_v;
+ uint32_t u32_v;
+
+ u32_v = EXTRACT_LE_32BITS(&hdr->len);
+ ND_PRINT((ndo, "len %u", u32_v));
+
+ u16_v = EXTRACT_LE_16BITS(&hdr->type);
+ ND_PRINT((ndo, ", type %s",
+ tok2str(virtio_type, "Invalid type (%hu)", u16_v)));
+
+ u16_v = EXTRACT_LE_16BITS(&hdr->op);
+ ND_PRINT((ndo, ", op %s",
+ tok2str(virtio_op, "Invalid op (%hu)", u16_v)));
+
+ u32_v = EXTRACT_LE_32BITS(&hdr->flags);
+ ND_PRINT((ndo, ", flags %x", u32_v));
+
+ u32_v = EXTRACT_LE_32BITS(&hdr->buf_alloc);
+ ND_PRINT((ndo, ", buf_alloc %u", u32_v));
+
+ u32_v = EXTRACT_LE_32BITS(&hdr->fwd_cnt);
+ ND_PRINT((ndo, ", fwd_cnt %u", u32_v));
+}
+
+static size_t
+vsock_transport_hdr_size(uint16_t transport)
+{
+ switch (transport) {
+ case AF_VSOCK_TRANSPORT_VIRTIO:
+ return sizeof(struct virtio_vsock_hdr);
+ default:
+ return 0;
+ }
+}
+
+static void
+vsock_transport_hdr_print(netdissect_options *ndo, uint16_t transport,
+ const u_char *p, const u_int len)
+{
+ size_t transport_size = vsock_transport_hdr_size(transport);
+ const void *hdr;
+
+ if (len < sizeof(struct af_vsockmon_hdr) + transport_size)
+ return;
+
+ hdr = p + sizeof(struct af_vsockmon_hdr);
+ switch (transport) {
+ case AF_VSOCK_TRANSPORT_VIRTIO:
+ ND_PRINT((ndo, " ("));
+ vsock_virtio_hdr_print(ndo, hdr);
+ ND_PRINT((ndo, ")"));
+ break;
+ default:
+ break;
+ }
+}
+
+static void
+vsock_hdr_print(netdissect_options *ndo, const u_char *p, const u_int len)
+{
+ uint16_t hdr_transport, hdr_op;
+ uint32_t hdr_src_port, hdr_dst_port;
+ uint64_t hdr_src_cid, hdr_dst_cid;
+ size_t total_hdr_size;
+
+ const struct af_vsockmon_hdr *hdr = (struct af_vsockmon_hdr *)p;
+
+ hdr_transport = EXTRACT_LE_16BITS(&hdr->transport);
+ ND_PRINT((ndo, "%s",
+ tok2str(vsock_transport, "Invalid transport (%u)",
+ hdr_transport)));
+
+ /* If verbose level is more than 0 print transport details */
+ if (ndo->ndo_vflag) {
+ vsock_transport_hdr_print(ndo, hdr_transport, p, len);
+ ND_PRINT((ndo, "\n\t"));
+ } else
+ ND_PRINT((ndo, " "));
+
+ hdr_src_cid = EXTRACT_LE_64BITS(&hdr->src_cid);
+ hdr_dst_cid = EXTRACT_LE_64BITS(&hdr->dst_cid);
+ hdr_src_port = EXTRACT_LE_32BITS(&hdr->src_port);
+ hdr_dst_port = EXTRACT_LE_32BITS(&hdr->dst_port);
+ hdr_op = EXTRACT_LE_16BITS(&hdr->op);
+ ND_PRINT((ndo, "%lu.%hu > %lu.%hu %s, length %u",
+ hdr_src_cid, hdr_src_port,
+ hdr_dst_cid, hdr_dst_port,
+ tok2str(vsock_op, " invalid op (%u)", hdr_op),
+ len));
+
+ /* If debug level is more than 1 print payload contents */
+ total_hdr_size = sizeof(struct af_vsockmon_hdr) +
+ vsock_transport_hdr_size(hdr_transport);
+ if (ndo->ndo_vflag > 1 &&
+ hdr_op == AF_VSOCK_OP_PAYLOAD &&
+ len > total_hdr_size) {
+ const u_char *payload = p + total_hdr_size;
+
+ ND_PRINT((ndo, "\n"));
+ print_unknown_data(ndo, payload, "\t", len - total_hdr_size);
+ }
+}
+
+u_int
+vsock_print(netdissect_options *ndo, const struct pcap_pkthdr *h, const u_char *cp)
+{
+ u_int len = h->len;
+
+ if (len < sizeof(struct af_vsockmon_hdr))
+ ND_PRINT((ndo, "%s", tstr));
+ else
+ vsock_hdr_print(ndo, cp, len);
+
+ return len;
+}
diff --git a/print.c b/print.c
index c76f344..1945cfd 100644
--- a/print.c
+++ b/print.c
@@ -220,6 +220,9 @@ static const struct printer printers[] = {
#ifdef DLT_PPP_SERIAL
{ ppp_hdlc_if_print, DLT_PPP_SERIAL },
#endif
+#ifdef DLT_VSOCK
+ { vsock_print, DLT_VSOCK },
+#endif
{ NULL, 0 },
};
--
2.13.5

12
SOURCES/0013-tcpslice-stdlib.patch Normal file
View File

@ -0,0 +1,12 @@
diff --git a/tcpslice-1.2a3/util.c b/tcpslice-1.2a3/util.c
index cebaa5b..cada4c1 100644
--- a/tcpslice-1.2a3/util.c
+++ b/tcpslice-1.2a3/util.c
@@ -27,6 +27,7 @@ static const char rcsid[] =
#include <sys/types.h>
#include <stdio.h>
+#include <stdlib.h>
#if __STDC__
#include <stdarg.h>
#else

BIN
SOURCES/tcpdump-4.9.2.tar.gz.sig Normal file
View File

Binary file not shown.

694
SPECS/tcpdump.spec Normal file
View File

@ -0,0 +1,694 @@
Summary: A network traffic monitoring tool
Name: tcpdump
Epoch: 14
Version: 4.9.2
Release: 5%{?dist}
License: BSD with advertising
URL: http://www.tcpdump.org
Group: Applications/Internet
Requires(pre): shadow-utils
BuildRequires: automake openssl-devel libpcap-devel git-core
Source0: http://www.tcpdump.org/release/tcpdump-%{version}.tar.gz
Source1: ftp://ftp.ee.lbl.gov/tcpslice-1.2a3.tar.gz
Source2: http://www.tcpdump.org/release/tcpdump-%{version}.tar.gz.sig
Patch0001: 0001-icmp6-print-Reachable-Time-and-Retransmit-Time-from-.patch
Patch0002: 0002-Use-getnameinfo-instead-of-gethostbyaddr.patch
Patch0003: 0003-Drop-root-priviledges-before-opening-first-savefile-.patch
Patch0004: 0004-tcpslice-update-tcpslice-patch-to-1.2a3.patch
Patch0005: 0005-tcpslice-remove-unneeded-include.patch
Patch0006: 0006-tcpslice-don-t-test-the-pointer-but-pointee-for-NULL.patch
Patch0007: 0007-Introduce-nn-option.patch
Patch0008: 0008-Don-t-print-out-we-dropped-root-we-are-always-droppi.patch
Patch0009: 0009-Change-n-flag-to-nn-in-TESTonce.patch
Patch0010: 0010-Expect-miliseconds-instead-of-seconds-in-icmp-captur.patch
Patch0011: 0011-Evp-cipher-buffers.patch
Patch0012: 0012-Add-printing-support-for-vsockmon-devices.patch
Patch0013: 0013-tcpslice-stdlib.patch
%define tcpslice_dir tcpslice-1.2a3
%description
Tcpdump is a command-line tool for monitoring network traffic.
Tcpdump can capture and display the packet headers on a particular
network interface or on all interfaces. Tcpdump can display all of
the packet headers, or just the ones that match particular criteria.
Install tcpdump if you need a program to monitor network traffic.
%prep
%autosetup -a 1 -S git
%build
export CFLAGS="$RPM_OPT_FLAGS $(getconf LFS_CFLAGS) -fno-strict-aliasing"
pushd %{tcpslice_dir}
# update config.{guess,sub}
automake -a -f 2> /dev/null || :
%configure
make %{?_smp_mflags}
popd
%configure --with-crypto --with-user=tcpdump --without-smi
make %{?_smp_mflags}
%check
make check
%install
mkdir -p ${RPM_BUILD_ROOT}%{_libdir}
mkdir -p ${RPM_BUILD_ROOT}%{_mandir}/man8
mkdir -p ${RPM_BUILD_ROOT}%{_sbindir}
pushd %{tcpslice_dir}
install -m755 tcpslice ${RPM_BUILD_ROOT}%{_sbindir}
install -m644 tcpslice.1 ${RPM_BUILD_ROOT}%{_mandir}/man8/tcpslice.8
popd
install -m755 tcpdump ${RPM_BUILD_ROOT}%{_sbindir}
install -m644 tcpdump.1 ${RPM_BUILD_ROOT}%{_mandir}/man8/tcpdump.8
# fix section numbers
sed -i 's/\(\.TH[a-zA-Z ]*\)[1-9]\(.*\)/\18\2/' \
${RPM_BUILD_ROOT}%{_mandir}/man8/*
%pre
/usr/sbin/groupadd -g 72 tcpdump 2> /dev/null
/usr/sbin/useradd -u 72 -g 72 -s /sbin/nologin -M -r \
-d / tcpdump 2> /dev/null
exit 0
%files
%defattr(-,root,root)
%license LICENSE
%doc README.md CHANGES CREDITS
%{_sbindir}/tcpdump
%{_sbindir}/tcpslice
%{_mandir}/man8/tcpslice.8*
%{_mandir}/man8/tcpdump.8*
%changelog
* Wed Sep 26 2018 Michal Ruprich <mruprich@redhat.com> - 14:4.9.2-5
- Resolves: #1602710 - Please review important issues found by covscan
* Thu Jun 21 2018 Michal Ruprich <mruprich@redhat.com> - 14:4.9.2-4
- Removing build-time dependency on sharutils(rhbz#1587877)
- Changing git dependency to smaller git-core
* Thu Jun 07 2018 Michal Ruprich <mruprich@redhat.com> - 14:4.9.2-3
- Adding support for VSOCK (rhbz#1587831)
* Fri Feb 09 2018 Fedora Release Engineering <releng@fedoraproject.org> - 14:4.9.2-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
* Tue Sep 05 2017 Martin Sehnoutka <msehnout@redhat.com> - 14:4.9.2-1
- New upstream release 4.9.2
* Thu Aug 03 2017 Fedora Release Engineering <releng@fedoraproject.org> - 14:4.9.1-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
* Mon Jul 31 2017 Florian Weimer <fweimer@redhat.com> - 14:4.9.1-2
- Rebuild with binutils fix for ppc64le (#1475636)
* Wed Jul 26 2017 Martin Sehnoutka <msehnout@redhat.com> - 14:4.9.1-1
- New upstream release 4.9.1
* Sat Feb 11 2017 Fedora Release Engineering <releng@fedoraproject.org> - 14:4.9.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
* Fri Feb 03 2017 Martin Sehnoutka <msehnout@redhat.com> - 14:4.9.0-1
- New upstream version 4.9.0
* Mon Oct 31 2016 Luboš Uhliarik <luhliari@redhat.com> - 14:4.8.1-1
- new version 4.8.1
* Tue Aug 09 2016 Luboš Uhliarik <luhliari@redhat.com> - 14:4.8.0-1
- new version 4.8.0
* Fri Feb 05 2016 Fedora Release Engineering <releng@fedoraproject.org> - 14:4.7.4-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
* Mon Jun 29 2015 Michal Sekletar <msekleta@redhat.com> - 14:4.7.4-3
- prevent sefaulting by properly initializing chown_flag variable (#1223329)
* Fri Jun 19 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 14:4.7.4-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
* Tue May 5 2015 Michal Sekletar <msekleta@redhat.com> - 14:4.7.4-1
- rebase to 4.7.4 (#1214753)
* Wed Mar 25 2015 Michal Sekletar <msekleta@redhat.com> - 14:4.7.3-1
- rebase to 4.7.3 (#1201573)
- contains fixes for CVE-2015-0261 CVE-2015-2154 CVE-2015-2153 CVE-2015-2155 (#1201799,#1201792,#1201795,#1201797)
* Wed Dec 03 2014 Michal Sekletar <msekleta@redhat.com> - 14:4.6.2-3
- fix for CVE-2014-9140
* Thu Nov 20 2014 Michal Sekletar <msekleta@redhat.com> - 14:4.6.2-2
- fix for CVE-2014-8767 (#1165160)
- fix for CVE-2014-8768 (#1165161)
- fix for CVE-2014-8769 (#1165162)
* Mon Oct 20 2014 Michal Sekletar <msekleta@redhat.com> - 14:4.6.2-1
- update to 4.6.2 (#1124289)
* Mon Aug 18 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 14:4.5.1-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Sun Jun 08 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 14:4.5.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Thu Nov 28 2013 Michal Sekletar <msekleta@redhat.com> - 14:4.5.1-1
- update to 4.5.1
* Fri Nov 08 2013 Michal Sekletar <msekleta@redhat.com> - 14:4.5.0-1.20131108gitb07944a
- update to snaphot gitb07944a
* Mon Oct 7 2013 Michal Sekletar <msekleta@redhat.com> - 14:4.4.0-3
- don't try to change ownership of stdout (#1015767)
* Sun Aug 04 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 14:4.4.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Thu Jun 06 2013 Michal Sekletar <msekleta@redhat.com> - 14:4.4.0-1
- update to 4.4.0
* Fri Feb 15 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 14:4.3.0-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
* Sat Jul 21 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 14:4.3.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
* Wed Jun 13 2012 Michal Sekletar <msekleta@redhat.com> - 14:4.3.0-1
- Update to 4.3.0
* Wed May 16 2012 Michal Sekletar <msekleta@redhat.com>
- Resolves: #809638
- created savefile has proper owner
* Sat Jan 14 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 14:4.2.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
* Tue Jan 03 2012 Jan Synáček <jsynacek@redhat.com> - 14:4.2.1-1
- Update to 4.2.1
- Remove ppi.h from sources (readded again in upstream tarball)
* Fri Dec 02 2011 Michal Sekletar <msekleta@redhat.com> - 14:4.2.0-1
- updated to 4.2.0
- added new source file ppi.h, missing in upstream tarball
- disabled make check because of missing .pcap files in testsuite
- dropped unnecessary patches
* Wed Aug 24 2011 Michal Sekletar <msekleta@redhat.com> - 14:4.1.1-3
- Fix manpage (#663739)
- Fix improper handling of bad date format in tcpslice (#684005)
- Spec file clean up
* Wed Feb 09 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 14:4.1.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
* Tue Apr 06 2010 Miroslav Lichvar <mlichvar@redhat.com> - 14:4.1.1-1
- update to 4.1.1
- add %%check
* Wed Sep 23 2009 Miroslav Lichvar <mlichvar@redhat.com> - 14:4.0.0-3.20090921gitdf3cb4
- update to snapshot 20090921gitdf3cb4
* Fri Aug 21 2009 Tomas Mraz <tmraz@redhat.com> - 14:4.0.0-2.20090818git832d2c
- rebuilt with new openssl
* Thu Aug 20 2009 Miroslav Lichvar <mlichvar@redhat.com> - 14:4.0.0-1.20090818git832d2c
- update to post 4.0.0 git snapshot 20090818git832d2c
- print retrans and reachable times in ICMPv6 as milliseconds (#474264)
* Sun Jul 26 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 14:3.9.8-9
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
* Wed Feb 25 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 14:3.9.8-8
- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
* Tue Jan 20 2009 Miroslav Lichvar <mlichvar@redhat.com> - 14:3.9.8-7
- rebuild for new openssl
- convert CREDITS to UTF-8 (#226481)
* Fri Aug 29 2008 Miroslav Lichvar <mlichvar@redhat.com> - 14:3.9.8-6
- rediff patches with fuzz
- add -fno-strict-aliasing to CFLAGS
* Mon Jun 02 2008 Miroslav Lichvar <mlichvar@redhat.com> - 14:3.9.8-5
- update config.{guess,sub} when building tcpslice
- remove -D_GNU_SOURCE from CFLAGS
- disable libsmi check in configure
* Wed Feb 13 2008 Miroslav Lichvar <mlichvar@redhat.com> - 14:3.9.8-4
- fix building with new glibc headers
* Thu Dec 06 2007 Miroslav Lichvar <mlichvar@redhat.com> - 14:3.9.8-3
- update IKEv2 support
* Thu Dec 6 2007 Jeremy Katz <katzj@redhat.com> - 14:3.9.8-2
- rebuild for new openssl
* Wed Oct 24 2007 Miroslav Lichvar <mlichvar@redhat.com> - 14:3.9.8-1
- update to 3.9.8
- don't use gethostbyaddr
- fix default user in man page
* Tue Sep 18 2007 Miroslav Lichvar <mlichvar@redhat.com> - 14:3.9.7-5
- support decoding IKEv2 packets
* Wed Aug 22 2007 Miroslav Lichvar <mlichvar@redhat.com> - 14:3.9.7-4
- rebuild
* Thu Aug 09 2007 Miroslav Lichvar <mlichvar@redhat.com> - 14:3.9.7-3
- enable crypto support on 64-bit architectures
- update license tag
* Wed Jul 25 2007 Jeremy Katz <katzj@redhat.com> - 14:3.9.7-2
- rebuild for toolchain bug
* Tue Jul 24 2007 Miroslav Lichvar <mlichvar@redhat.com> - 14:3.9.7-1
- update to 3.9.7
- with -C option, drop root privileges before opening first savefile (#244860)
- update tcpslice to 1.2a3
- include time patch from Debian to fix tcpslice on 64-bit architectures
* Thu Mar 15 2007 Miroslav Lichvar <mlichvar@redhat.com> - 14:3.9.5-3
- fix buffer overflow in 802.11 printer (#232349, CVE-2007-1218)
- spec cleanup (#226481)
* Tue Dec 12 2006 Miroslav Lichvar <mlichvar@redhat.com> - 14:3.9.5-2
- use tcpdump user, fix scriptlet (#219268)
* Wed Nov 29 2006 Miroslav Lichvar <mlichvar@redhat.com> - 14:3.9.5-1
- split off libpcap and arpwatch (#193657)
- update to 3.9.5
- force linking with system libpcap
* Fri Nov 17 2006 Miroslav Lichvar <mlichvar@redhat.com> - 14:3.9.4-9
- fix processing of Prism and AVS headers (#206686)
- fix arp2ethers script
- update ethercodes.dat
- move pcap man page to devel package
* Wed Jul 12 2006 Jesse Keating <jkeating@redhat.com> - 14:3.9.4-8.1
- rebuild
* Thu Jun 22 2006 Martin Stransky <stransky@redhat.com> - 14:3.9.4-8
- more ipv6 flags
* Sun Jun 4 2006 Jeremy Katz <katzj@redhat.com> - 14:3.9.4-7
- fix libpcap-devel inclusion of .so and its deps (#193189)
* Thu Jun 1 2006 Martin Stransky <stransky@redhat.com> - 14:3.9.4-6
- added release to arpwatch package name
* Wed May 31 2006 Martin Stransky <stransky@redhat.com> - 14:3.9.4-5
- removed libpcap-devel dependency from libpcap
* Mon May 29 2006 Martin Stransky <stransky@redhat.com> - 14:3.9.4-4
- added libpcap-devel package (#193189)
* Tue Mar 28 2006 Martin Stransky <stransky@redhat.com> - 14:3.9.4-3
- updated ethernet codes (#186633)
* Fri Feb 10 2006 Jesse Keating <jkeating@redhat.com> - 14:3.9.4-2.2
- bump again for double-long bug on ppc(64)
* Tue Feb 07 2006 Jesse Keating <jkeating@redhat.com> - 14:3.9.4-2.1
- rebuilt for new gcc4.1 snapshot and glibc changes
* Tue Dec 20 2005 Martin Stransky <stransky@redhat.com> - 14:3.9.4-2
- fix for #176010 - file owner problem when using 'ring buffer
* Fri Dec 09 2005 Jesse Keating <jkeating@redhat.com>
- rebuilt
* Thu Nov 10 2005 Martin Stransky <stransky@redhat.com> - 14:3.9.4-1
- new upstream
* Thu Nov 10 2005 Tomas Mraz <tmraz@redhat.com> - 14:3.9.3-5
- rebuilt against new openssl
* Wed Nov 9 2005 Martin Stransky <stransky@redhat.com> - 14:3.9.3-4
- rebuilt
* Tue Aug 9 2005 Jeremy Katz <katzj@redhat.com> - 14:3.9.3-3
- remove explicit kernel dep for libpcap too
* Tue Jul 26 2005 Martin Stransky <stransky@redhat.com> - 14:3.9.3-2
- fixed typo in last patch
* Tue Jul 26 2005 Martin Stransky <stransky@redhat.com> - 14:3.9.3-1
- New upstream version - 3.9.3
- fix for #164227 (buffer overflow)
- fix for #164230 (missing debug info)
* Thu Jul 14 2005 Martin Stransky <stransky@redhat.com> - 14:3.9.1-1
- New upstream version
* Tue Jun 21 2005 Martin Stransky <stransky@redhat.com> - 14:3.8.2-14
- add shadow-utils to Prereq (#160643)
* Tue Jun 7 2005 Martin Stransky <stransky@redhat.com> - 14:3.8.2-13
- fix for CAN-2005-1267 - BGP DoS, #159209
* Thu Apr 28 2005 Martin Stransky <stransky@redhat.com> - 14:3.8.2-12
- fix for CAN-2005-1280 Multiple DoS issues in tcpdump
(CAN-2005-1279 CAN-2005-1278), #156041
* Mon Mar 7 2005 Martin Stransky <stransky@redhat.com>
- rebuilt
* Mon Feb 14 2005 Martin Stransky <stransky@redhat.com> - 14:3.8.2-10
- remove explicit kernel dependecy (#146165)
- support for files larger than 2GB (#147840)
* Fri Feb 11 2005 Ivana Varekova <varekova@redhat.com> - 14:3.8.2-9
- added arpsnmp options to specify sender and recipient
and corrected arpwatch and arpsnmp man pages (#70386)
* Thu Feb 10 2005 Ivana Varekova <varekova@redhat.com> - 14:3.8.2-8
- rebuilt
* Tue Oct 12 2004 Harald Hoyer <harald@redhat.com> - 14:3.8.2-7
- fixed nfs protocol parsing for 64 bit architectures (bug 132781)
* Wed Sep 15 2004 Harald Hoyer <harald@redhat.com> - 14:3.8.2-6
- added libpcap-0.8.3-ppp.patch for ppp (bug 128053)
* Wed Jun 23 2004 Elliot Lee <sopwith@redhat.com>
- added flex to BuildRequires
* Tue Jun 15 2004 Elliot Lee <sopwith@redhat.com>
- rebuilt
* Sun May 30 2004 Florian La Roche <Florian.LaRoche@redhat.de>
- simplify rpm scripts
* Tue Apr 6 2004 Harald Hoyer <harald@redhat.com> - 14:3.8.2-3
- added LICENSE files
* Wed Mar 31 2004 Harald Hoyer <harald@redhat.com> - 14:3.8.2-2
- update to libpcap-0.8.3 (tcpdump-3.8.3 seems to be older that 3.8.2!!)
* Tue Mar 30 2004 Harald Hoyer <harald@redhat.com> - 14:3.8.2-1
- update to tcpdump-3.8.2, libpcap-0.8.2, arpwatch-2.1a13
- patched tcpdump configure for gcc34 optimizations
- removed obsolete patches
* Tue Mar 02 2004 Elliot Lee <sopwith@redhat.com>
- rebuilt
* Fri Feb 13 2004 Elliot Lee <sopwith@redhat.com>
- rebuilt
* Fri Jan 23 2004 Harald Hoyer <harald@redhat.de> 14:3.8.1-4/17
- fixed arpwatch version
- fixed libpcap library version
- fixed tcpdump droproot
* Tue Jan 20 2004 Harald Hoyer <harald@redhat.de> 14:3.8.1-3
- corrected tcpslice (bpf.h issue)
* Tue Jan 13 2004 Harald Hoyer <harald@redhat.de> 14:3.8.1-2
- more security issues (patch 18)
* Fri Jan 09 2004 Phil Knirsch <pknirsch@redhat.com> 14:3.8.1-1
- Updated to latest version because of security issue
* Fri Aug 29 2003 Harald Hoyer <harald@redhat.de> 14:3.7.2-7
- build libpcap shared library with gcc and not ld
* Tue Jul 22 2003 Phil Knirsch <pknirsch@redhat.com> 14:3.7.2-6.1
- rebuilt
* Mon Jul 21 2003 Phil Knirsch <pknirsch@redhat.com> 14:3.7.2-6
- rebuilt
* Wed Jun 04 2003 Elliot Lee <sopwith@redhat.com>
- rebuilt
* Wed May 21 2003 Harald Hoyer <harald@redhat.de> 14:3.7.2-5
- add proper attributes for arp.dat, ethercodes
* Tue May 20 2003 Harald Hoyer <harald@redhat.de> 14:3.7.2-4
- take ethercodes.dat from the arpwatch package now
* Tue May 6 2003 Harald Hoyer <harald@redhat.de> 14:3.7.2-3
- compile tcpdump with autoheader #90208
* Thu May 1 2003 Elliot Lee <sopwith@redhat.com> 14:3.7.2-2
- Add sctpdef patch to fix ppc64 builds
* Thu Feb 27 2003 Phil Knirsch <pknirsch@redhat.com> 14:3.7.2-1
- Update to upstream version 3.7.2
* Sat Feb 01 2003 Florian La Roche <Florian.LaRoche@redhat.de>
- sanitized rpm scripts
* Wed Jan 22 2003 Tim Powers <timp@redhat.com> 12:3.6.3-20
- rebuilt
* Tue Jan 7 2003 Nalin Dahyabhai <nalin@redhat.com> 12:3.6.3-19/0.6.2-19/2.1a11-19
- rebuild
* Sat Jan 4 2003 Jeff Johnson <jbj@redhat.com> 12:3.6.3-18/0.6.2-18/2.1a11-18
- set execute bits on library so that requires are generated.
* Wed Dec 11 2002 Harald Hoyer <harald@redhat.de> 12:3.6.3-17/0.6.2-17/2.1a11-17
- common release no. across all subpackages
* Wed Dec 11 2002 Harald Hoyer <harald@redhat.de> 12:3.6.3-5/0.6.2-16/2.1a11-16
- print_bgp security fix
* Mon Nov 18 2002 Tim Powers <timp@redhat.com>
- rebuild on all arches
* Fri Aug 2 2002 Harald Hoyer <harald@redhat.de> 12:3.6.3-3/0.6.2-16/2.1a11-16
- added man page descriptions for the new parameters
* Thu Aug 1 2002 Harald Hoyer <harald@redhat.de> 12:3.6.3-2
- added arpwatch options to specify sender and recipient (#70386)
* Tue Jul 23 2002 Harald Hoyer <harald@redhat.de> 12:3.6.3-1
- removed prestripping
* Thu May 16 2002 Harald Hoyer <harald@redhat.de> 12:3.6.2-13
- added official 3.6.3 fix
- fixed 6.2 compat #63113
* Wed Jan 23 2002 Harald Hoyer <harald@redhat.de> 12:3.6.2-12
- tcpdump-3.6.2-snaplen.patch added to fix #55145
* Tue Dec 18 2001 Harald Hoyer <harald@redhat.de> 12:3.6.2-10
- took old purge patch for filters
- fixed #54225,#58346
- drop root by default #49635
- fixed #54593
- fixed #57711
* Fri Aug 31 2001 Harald Hoyer <harald@redhat.de> 12:3.6.2-9
- took better fix for #52654 from tcpdump cvs
* Thu Aug 30 2001 Harald Hoyer <harald@redhat.de> 11:3.6.2-8
- fixed #52654
* Thu Jul 19 2001 Harald Hoyer <harald@redhat.de> 10:3.6.2-7
- added shared library to libpcap (#47174)
- afs printing security patch (#49294)
* Wed Jun 20 2001 Harald Hoyer <harald@redhat.de>
- use initgroups, instead of setgroups
* Mon Jun 18 2001 Harald Hoyer <harald@redhat.de>
- added dropgroup patches (#44563)
* Mon May 07 2001 Harald Hoyer <harald@redhat.de>
- switched to Pekka's tcpdump-3.6.2 package
- incremented epoch
* Sat Apr 14 2001 Pekka Savola <pekkas@netcore.fi>
- fix building of tcpslice on glibc 2.2.2 (time.h)
- disable /etc/init.d requirement and fix %%post scripts in arpwatch
* Wed Feb 14 2001 Harald Hoyer <harald@redhat.de>
- glibc sys/time -> time include patch
* Wed Feb 7 2001 Trond Eivind Glomsrød <teg@redhat.com>
- Add space to this check
* Wed Feb 07 2001 Harald Hoyer <harald@redhat.com>
- added check for presence of /etc/sysconfig/arpwatch (#23172)
* Wed Feb 7 2001 Pekka Savola <pekkas@netcore.fi>
- update to 3.6.2, 0.6.2 and new CVS of tcpslice.
- i18n'ize arpwatch init script
* Fri Feb 2 2001 Trond Eivind Glomsrød <teg@redhat.com>
- i18nize initscript
* Mon Jan 29 2001 Harald Hoyer <harald@redhat.com>
- fixed EINTR stopping for e.g. SIGSTOP. (#22008)
- added -u option for tcpdump (#20231)
- new arpwatch version (#23172)
- added "all" and "one" interface for -i (#20907)
- added arpwatch sysconfig (#23172)
* Mon Jan 22 2001 Harald Hoyer <harald@redhat.com>
- more (potential) overflows in libpcap. #21373
- documentation fix for #20906
* Sun Jan 14 2001 Pekka Savola <pekkas@netcore.fi>
- use --enable-ipv6
- Add two patches from CVS to enhance 802.2 printing, and more importantly,
to be able to specify 'no stp'
* Sat Jan 13 2001 Pekka Savola <pekkas@netcore.fi>
- Make SMB printing output a lot more quiet unless in verbose mode.
- Make -n resolve port/protocol numbers but not hostnames, -nn for no
resolving at all
- Separate droproot patch from a more generic man/usage fix one
- Add non-promiscuous mode -by default patch, but don't apply it by default
* Thu Jan 11 2001 Pekka Savola <pekkas@netcore.fi>
- Update to tcpdump 3.6.1 and libpcap 0.6.1 releases.
* Mon Jan 8 2001 Pekka Savola <pekkas@netcore.fi>
- Update to 20010108 CVS, disable some upstreamed patches.
- Change some additional .1 pages to .8.
- Add droproot patch, some --usage and man page fixes.
* Mon Jan 1 2001 Pekka Savola <pekkas@netcore.fi>
- Initial packaging with latest tcpdump.org CVS tcpdump-3.6 and libpcap-0.6.
- add earlier print-domain.c, the latest is segfaulting
- don't unnecesessarily include snprintf.o, it didn't compile with gcc 2.96 anyway
- don't use savestr, require openssl, tweak tweak tweak
- add tcpslice, patch it a bit for egcs detection
* Sun Dec 31 2000 Pekka Savola <pekkas@netcore.fi>
- tcpdump: spice up the manpage about interfaces
- tcpdump: add 'all' and 'any' keywords to -i, saner default behaviour.
- upgrade arpwatch to 2.1a10
* Sun Nov 26 2000 Jeff Johnson <jbj@redhat.com>
- more (potential) overflows in libpcap.
* Sun Nov 12 2000 Jeff Johnson <jbj@redhat.com>
- eliminate still more buffer overflows (from FreeBSD) (#20069).
* Thu Nov 2 2000 Jeff Johnson <jbj@redhat.com>
- eliminate more buffer overflows (from FreeBSD) (#20069).
- 802.1q ether type incorrect (#19850).
- add -u flag to drop arpwatch privs (#19696).
* Sun Oct 15 2000 Jeff Johnson <jbj@redhat.com>
- updated ethercodes.dat
* Thu Oct 12 2000 Jeff Johnson <jbj@redhat.com>
- fix arpwatch tmp race (#18943).
* Fri Aug 11 2000 Bill Nottingham <notting@redhat.com>
- fix condrestart
* Fri Aug 11 2000 Jeff Johnson <jbj@redhat.com>
- correct arpsnmp man pages (#15442).
- don't print harmless ENOPROTOOPT message (#13518).
* Fri Aug 4 2000 Jeff Johnson <jbj@redhat.com>
- rebuild with final kernel headers (#13518).
* Sat Jul 22 2000 Jeff Johnson <jbj@redhat.com>
- add STP patch (#14112).
* Fri Jul 14 2000 Matt Wilson <msw@redhat.com>
- source /etc/init.d/functions
- back out /etc/init.d/arpwatch, place file in /etc/rc.d
- move initscript to /etc/init.d
- changed initscript to use start() and stop() functions
- added condrestart to init script
- added %%post %%preun %%postun scripts to register arpwatch script
- added Prereq: for all things needed in post/preun/postun
* Wed Jul 12 2000 Prospector <bugzilla@redhat.com>
- automatic rebuild
* Tue Jul 11 2000 Jeff Johnson <jbj@redhat.com>
- updated man page and help (pekkas@netcore.fi) (#10739 et al).
* Sun Jun 18 2000 Jeff Johnson <jbj@redhat/com>
- FHS packaging.
* Tue May 9 2000 Bill Nottingham <notting@redhat.com>
- minor tweaks for ia64 (prototypes)
* Thu Feb 17 2000 Bernhard Rosenkraenzer <bero@redhat.com>
- Compile shared libpcap with -fPIC (Bug #6342)
* Wed Feb 02 2000 Cristian Gafton <gafton@redhat.com>
- fix descriptions
- man pages are compressed
* Wed Dec 22 1999 Jeff Johnson <jbj@redhat.com>
- remove sparc64 SIOCGIFNAME hack, not needed with (at least) kernel 2.2.12-40.
- upgrade to ANK ss991030 snapshot with pcap magic fix (#6773).
- add getprotobyname lookup (#6725).
- getservbyname port lookup appears functional (#7569).
- remove uid 2090 backdoor (sorry Dave) (#7116).
* Thu Sep 09 1999 Cristian Gafton <gafton@redhat.com>
- fox the pcap.h header
* Fri Aug 20 1999 Jeff Johnson <jbj@redhat.com>
- prevent segfault on obscure spoofed ip header (#4634).
* Wed Aug 18 1999 Jeff Johnson <jbj@redhat.com>
- add defattr to arpwatch (#4591).
* Mon Aug 16 1999 Bill Nottingham <notting@redhat.com>
- initscript munging
* Sun Aug 8 1999 Jeff Johnson <jbj@redhat.com>
- add -DWORDS_BIGINDIAN to tcpdump compile on sparc sparc61.
* Tue Aug 3 1999 Jeff Johnson <jbj@redhat.com>
- include A. Kuznetsov's patches to libpcap/tcpdump.
- added arpsnmp to package (#3258).
- arp2ethers written for different of awk (#4326).
* Sun Mar 21 1999 Cristian Gafton <gafton@redhat.com>
- auto rebuild in the new build environment (release 10)
* Fri Mar 19 1999 Jeff Johnson <jbj@redhat.com>
- strip binaries.
* Wed Jan 13 1999 Bill Nottingham <notting@redhat.com>
- autoconf fixes for arm
* Tue Sep 29 1998 Jeff Johnson <jbj@redhat.com>
- libpcap description typo.
* Sat Sep 19 1998 Jeff Johnson <jbj@redhat.com>
- fix arpwatch summary line.
* Mon Aug 17 1998 Jeff Johnson <jbj@redhat.com>
- enable arpwatch
* Mon Aug 3 1998 Jeff Johnson <jbj@redhat.com>
- separate package for libpcap.
- update tcpdump to 3.4, libpcap to 0.4.
- added arpwatch (but disabled for now)
* Thu May 07 1998 Prospector System <bugs@redhat.com>
- translations modified for de, fr, tr
* Sat May 2 1998 Alan Cox <alan@rehat.com>
- Added the SACK printing fix so you can dump Linux 2.1+.
* Tue Oct 21 1997 Erik Troan <ewt@redhat.com>
- updated to release 3.4a5
- uses a buildroot and %%attr
* Thu Jul 17 1997 Erik Troan <ewt@redhat.com>
- built against glibc