[Tcpick-project] Tcpick 0.1.23-test11 released: so many changes from 0.1.22!

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Hi,
tcpick version 0.1.23-test11 has been released.
It was necessary to let it in the testing branch for this big amount of
time because of I have rewritten most of the code and I wanted to be
sure tcpick was really stable.
I have changed my coding style and the indentation (that is now
the 8-spaces style, typical of the code of the linux kernel).
Now the code should be very clear. In that way I am encouraging more
developer to work on tcpick to run something like a community, with
patches, feature requests and so on.
Now tcpick is able to download entire files transmitted via ftp, and the
md5sums should be equal for every file downloaded in such way; if not,
please send a bug report.
There are some changes in the options: the options to display the
payload of each packet sniffed by tcpick are now prefixed with `-y'. Now
it is available another set of options, prefixed by `-b': these options
are useful if you want to print only the acknowledged stream (it works
like `-w' but in the stdout). Please read the manpage for other details.
Do you think tcpick is stable? Try it, and let me know!

regards,
- Francesco Stablum

Here is the Changelog:

   * pflog support added by kirash

   * patch by Sebastian Prause: "I've created a little patch to make
     tcpick work with pppoe interfaces on NetBSD (which use
     DLT_PPP_ETHER) and wanted to share it, so here it is..."

   * now the options for displaying the payload should be prefixed by -y
     I have added another set of displaying option, that are prefixed
     with -b. The -b options are useful to view data only when
     acknowledged (exactly like data written to files) and with this is
     particulary useful the raw mode (-bR) that you can use if you want
     to redirect data with a pipe to another software.

   * The newline carachter is suppressed when displaying the payload of
     the packet or an acknowledged stream in the case there are no
     banners except the case of the hexdump's.

   * Many, many changes, code cleanups and improvement made by whyx in
     fragments.c and lookup.c

   * With the new option `-T<number>', it is now possible to track only
     the first <number> connections, the following will be discarded by
     the tracker engine. This is useful for the `-w' and `-b' options;
     for `-y' and `-h' it has no effect, because they aren't part of
     the tracker.

   * In the hexdump+ascii red dots rapresents now the unprintable
     carachter.

   * the lenght of the payload is now displayed in the packet banner

   * rewritten the core of verify.c and fragments.c

   * now connections with equal ip addresses and ports are stored in
     different files

   * files dumped with tcpick -w* options are now saved vith ".tcpick"
     extension

   * bugfix on datalink.c by kirash

   * deleted alloc.c and match.c

   * used the "linux" 8-spaces indentation

   * added packet separator (by a Simone Gianni's wish)

   * added the `-p' flag to avoid to put the network interface in
     promiscuous mode (I'm not sure it works) (by a Simone Gianni's
     wish)

   * Rewritten manpage. Read it! There are lots of changes in the
     options!

   * I have tested tcpick to sniff a file via ftp, and the md5sums were
     equal. The tar.gz archive I have downloaded was more than 2MB
     long. Other tests are confirming me that the newly-written code
     works in the right way.