[Tcpick-project] tcpick 0.1.23 is out!
Status: Beta
Brought to you by:
duskdruid
Menu
▾
▴
[Tcpick-project] tcpick 0.1.23 is out!
|
From: Francesco S. <dus...@in...> - 2004-06-03 16:37:26
|
Notes:
03/06/04 0.1.23
===============
I have rewritten most of the source code of tcpick. Now it is really a
good thing. If you want to work on tcpick, join the mailing list and let
me know :^) I have changed my coding style and the indentation (that is
now the 8-spaces style, typical of the code of the linux kernel).
You will find the code really more clear than before.
In that way I am encouraging more developer to work on tcpick to
run something like a community, with patches, feature requests and
so on.
Now tcpick is able to download entire files transmitted via ftp, and
the md5sums should be equal for every file downloaded in such
way; if not, please send a bug report.
There are some changes in the options: the options to display the
payload of each packet sniffed by tcpick are now prefixed with `-y'.
Now it is available another set of options, prefixed by `-b': these
options are useful if you want to print only the acknowledged stream
(it works like `-w' but in the stdout). Please read the newly-written
manpage for other details.
Changes:
03/06/04 0.1.23
===============
* PFLOG support added by kirash
* patch by Sebastian Prause: "I've created a little patch to make
tcpick work with pppoe interfaces on NetBSD (which use
DLT_PPP_ETHER) and wanted to share it, so here it is..."
* now the options for displaying the payload should be prefixed by -y
I have added another set of displaying option, that are prefixed
with -b. The -b options are useful to view data only when
acknowledged (exactly like data written to files) and with this is
particulary useful the raw mode (-bR) that you can use if you want
to redirect data with a pipe to another software.
* The newline carachter is suppressed when displaying the payload of
the packet or an acknowledged stream in the case there are no
banners except the case of the hexdump's.
* Added the "-pipe" option, by a wish of loopback. See manpage for
details.
* Now you are able to choose to write to file only data of clients or
servers or both, with the additional flags `C' and `S' to the
option `-w' (omitted means "both").
* Many, many changes, code cleanups and improvement made by whyx in
fragments.c and lookup.c
* With the new option `-T<number>', it is now possible to track only
the first <number> connections, the following will be discarded by
the tracker engine. This is useful for the `-w' and `-b' options;
for `-y' and `-h' it has no effect, because they aren't part of
the tracker.
* In the hexdump+ascii red dots rapresents now the unprintable
carachter.
* the lenght of the payload is now displayed in the packet banner
* rewritten the core of verify.c and fragments.c
* now connections with equal ip addresses and ports are stored in
different files
* files dumped with tcpick -w* options are now saved vith ".tcpick"
extension
* bugfix on datalink.c by kirash
* deleted alloc.c and match.c
* used the "linux" 8-spaces indentation
* added packet separator (by a Simone Gianni's wish)
* added the `-p' flag to avoid to put the network interface in
promiscuous mode (I'm not sure it works) (by a Simone Gianni's
wish)
* Rewritten manpage. Read it! There are lots of changes in the
options!
* I have tested tcpick to sniff a file via ftp, and the md5sums were
equal. The tar.gz archive I have downloaded was more than 2MB
long. Other tests are confirming me that the newly-written code
works in the right way.
--
http://francesco.stablum.info http://wecanstopspam.org
Non accetto allegati in formati proprietari (msword, excel ecc.)
utilizzate formati quali pdf, html e testo semplice (txt)
http://www.fsf.org/philosophy/no-word-attachments.it.html
|
