<html>WinPCap Team,<br>
<br>
Thanks for all your hard work on this project!<br>
<br>
Michael Ryan<br>
PCSentinelSoftware<br>
www.pcsentinelsoftware.com<br>
<br>
>-----Original Message-----<br>
>From: Gianluca Varenni [mailto:gianluca.varenni@gmail.com]<br>
>Sent: Friday, August 5, 2005 05:15 PM<br>
>To: winpcap-users@winpcap.org<br>
>Subject: [Winpcap-users] [ANNOUNCE] WinPcap 3.1 has been released<br>
><br>
>After more than two years of hard work, the final version of WinPcap 3.1 is
<br>
>available from today in the download section of the WinPcap website,
<br>
>http://www.winpcap.org/install/.
<br>
>This new release represents an important milestone for the project: major
<br>
>improvements and bug fixes have been carried out during this long period of
<br>
>time, and the result is the most stable and reliable version of WinPcap in
<br>
>its history. Thanks to all the users that contributed to this result by
<br>
>submitting bug reports and thoroughly testing the several betas that were
<br>
>made available.
<br>
>
<br>
>Gianluca Varenni
<br>
>WinPcap Team
<br>
>
<br>
>
<br>
>
<br>
>Changelog from WinPcap 3.1 beta4
<br>
>================================
<br>
>
<br>
>- New installation script based on the NSIS installer. The new installer
<br>
> should be able to detect any previous version of WinPcap, remove it on
<br>
> request and install the new version, decreasing the number of situations
<br>
> in which a reboot is necessary. Moreover, by connecting to the WinPcap
<br>
> website, the installer is able to tell the user if more recent versions of
<br>
> WinPcap are available.
<br>
>
<br>
>- wpcap.dll has been updated to libpcap 0.9.3 from http://www.tcpdump.org.
<br>
>
<br>
>- General cleanup of the documentation (now aligned to libpcap 0.9.3).
<br>
>
<br>
>- Modified the documentation, so that packet.dll is no longer available in
<br>
> the standard developer's pack.
<br>
>
<br>
>- Added to the developer's pack a set of libpcap-compatible samples,
<br>
> suitable to be compiled against vanilla libpcap
<br>
>
<br>
>- Exported the following new functions from wpcap.dll: pcap_list_datalinks()
<br>
> and pcap_dump_ftell().
<br>
>
<br>
>- Removed pcap_file() from the exports because of incompatibilities with the
<br>
> Microsoft C runtime (CRT).
<br>
>
<br>
>- General cleanup of the existing samples.
<br>
>
<br>
>- Renamed the NdisWanAdapter to GenericDialupAdapter, to make the use of
<br>
> this adapter more clear for the users.
<br>
>
<br>
>- Removed some useless files in the source tree and in the documentation.
<br>
>
<br>
>- Bug fixing:
<br>
> + Fixed several bugs in the kernel BPF filter function when the packet is
<br>
> stored into two not contiguous buffers. This bug shows up as missing
<br>
> packets in the capture while the machine is using personal firewalls and
<br>
> certain antivirus softwares.
<br>
> + Fixed a problem related to the NetMon COM component initialization. This
<br>
> bug caused random access violation errors while listing the adapters.
<br>
> + Removed a duplicated initialization of an event in the driver.
<br>
> + Added a check in packet.dll that prevents listing and opening of
<br>
> FireWire adapters, since they have a broken interface with NDIS and can
<br>
> cause blue screens.
<br>
> + Fixed a memory leak in PacketGetAdaptersIPH().
<br>
> + Fixed a check that could cause PacketSendPackets() to crash packet.dll.
<br>
> + Minor fixes.
<br>
>
<br>
>=========
<br>
>
<br>
>
<br>
>Changelog from WinPcap 3.1 beta3 to WinPcap 3.1 beta4
<br>
>=====================================================
<br>
>
<br>
>- wpcap.dll has been updated to libpcap 0.8.3 from http://www.tcpdump.org.
<br>
>
<br>
>- Added a note in the documentation that states that the kernel dump feature
<br>
> is disabled due to incompatibilities with the new kernel buffer.
<br>
>
<br>
>- Minor fixes to the documentation
<br>
>
<br>
>- Removed some useless files.
<br>
>
<br>
>- Bug fixing:
<br>
> + Fixed a bug related to COM initialization in WanPacket, by which
<br>
> WanAdapters were not working correctly if the calling thread was using
<br>
> COM with a different threading model.
<br>
> + Fixed a problem in AddAdapterIPH(), by which no adapter was actually
<br>
> added with this function because of a UNICODE/ASCII mismatch. Basically,
<br>
> AddAdapterIPH received an ASCII adapter name, and tried to open it with
<br>
> PacketOpenAdapterNPF, which accepts UNICODE strings, only.
<br>
> + Fixed a bug in the remote capture code due to concurrency issues when
<br>
> spawning a new thread
<br>
> + Fixed a problem related to the generation of grammar files with flex
<br>
> in the CygWin makefile.
<br>
> + Fixed a couple of memory leaks in PacketGetAdapterNames().
<br>
> PacketGetAdapterNames() seems to be still leaky, but the source of the
<br>
> leak seems to be a leaky API in the Microsoft IpHelperAPI, at least on
<br>
> WinXP SP1.
<br>
> + Added some code that frees the global list of adapters when packet.dll
<br>
> is unloaded (i.e. when DllMain is called with DLL_PROCESS_DETACH)
<br>
> + Fixed a bug that caused the adapters not to be listed on terminal
<br>
> services. The bug was caused by the lack of the "\\global" prefix in
<br>
> front of the adapter names.
<br>
> + Fixed a bug related to adapter opening in the pcap_filter example. Fixed
<br>
> the usage string that was wrong.
<br>
> + Fixed a bug in the JIT code of the driver that could potentially cause a
<br>
> BSOD if two threads try to set a filter (that will be jitted) at the
<br>
> same time.
<br>
> + Fixed a bug by which the driver fails to return any packet with a read
<br>
> after an IOCTL_SETBUFFER has changed the buffer size. The bug is due to
<br>
> some missing counter resets.
<br>
> + Fixed some debugging messages in the NT driver that were not macroed
<br>
> with IF_LOUD
<br>
>
<br>
>=========
<br>
>
<br>
>
<br>
>Changelog from WinPcap 3.1 beta2 to WinPcap 3.1 beta3
<br>
>=====================================================
<br>
>
<br>
>- Bug fixing:
<br>
> + Fixed a bug related to device listing if TCP/IP is not installed: on
<br>
> 2000/XP if TCP is not installed, it reported "you must install TCP/IP",
<br>
> and this was plain wrong.
<br>
> + Added PacketSetSnapLen() under Win9x. Without this function, wpcap.dll
<br>
> fails to load on Win9x.
<br>
> + PacketGetAdapterNames() has been rewritten under Win9x, in order to
<br>
> comply to the correct behavior specified in the documentation.
<br>
>
<br>
>=========
<br>
>
<br>
>
<br>
>Changelog from WinPcap 3.1 beta to WinPcap 3.1 beta2
<br>
>=====================================================
<br>
>
<br>
>- Added some code to show a fake NdisWan adapter, useful to capture LCP/NCP
<br>
> packets. This adapter is always listed on 2000/XP/2003 (if you have enough
<br>
> privileges), even if you don't have any PPP/VPN/... connection
<br>
> established.
<br>
>
<br>
>- Added a check in the installer, so that the installation fails if you
<br>
> don't have administrator privileges.
<br>
>
<br>
>- Added a check so that NdisWan adapters (PPP, VPN, ...) are listed only if
<br>
> you can capture from them.
<br>
>
<br>
>- Added a new sample program, which gets the MAC address of an interface
<br>
> using packet.dll
<br>
>
<br>
>- Modified the access to the global list of adapters in packet.dll under
<br>
> NT4/2000/XP/2003. Now packet.dll should be thread-safe.
<br>
>
<br>
>- Bug fixing:
<br>
> + fixed some resource leaks in the remote capture daemon (rpcapd).
<br>
> + fixed a couple of resource leaks in packet.dll.
<br>
> + fixed some meaningless last error messages set by PacketOpenAdapter
<br>
> (e.g. "The operation completed successfully").
<br>
> + fixed a shortcoming in pcap_findalldevs, by which the adapters where not
<br>
> listed if they couldn't fit into a 8kB buffer.
<br>
> + fixed a memory leak in pcap_lookupdev.
<br>
> + fixed some bugs related to adapters listing:
<br>
> * some adapters were not listed, especially if some registry keys are
<br>
> messed up.
<br>
> * in some situations the listing failed with the message "Attempt to
<br>
> release a mutex not owned by caller"
<br>
> * if PacketGetAdapterNames() failed, it returned the wrong number of
<br>
> needed bytes for the input buffer.
<br>
> + fixed a buffer overrun in npf.sys that caused crashes (BSODs) when
<br>
> there are too many adapters in the registry.
<br>
> + fixed a bug in npf.sys that caused blue screens (BSODs) when you try to
<br>
> send "jumbo" packets, i.e. packets bigger than the maximum frame size
<br>
> for the selected link type.
<br>
> + minor bug fixes.
<br>
>
<br>
>=========
<br>
>
<br>
>
<br>
>Changelog from WinPcap 3.01 alpha to WinPcap 3.1 beta
<br>
>=====================================================
<br>
>
<br>
>- Support for capture on NdisWan, with the following features:
<br>
> + Based on the NetMon API, does NOT use NPF.sys
<br>
> + Works with PPP (dial-up) and VPN links
<br>
> + Works on Windows 2000 and XP, only
<br>
> + Packet transmission is not supported
<br>
> + packet filtering is done at user level
<br>
>
<br>
>- wpcap.dll has been updated to libpcap 0.8.1 from www.tcpdump.org.
<br>
>
<br>
>- Support for DAG cards, based on the Windows version of the 2.5 Endace Dag
<br>
> driver.
<br>
>
<br>
>- The method used by the driver to timestamp packets can now be changed
<br>
> without recompiling the driver, modifying a registry key:
<br>
> HKLM\System\CurrentControlSet\Services\NPF\TimestampMode
<br>
> Possible values are
<br>
> - 0 (default) -> Timestamps generated through KeQueryPerformanceCounter,
<br>
> less reliable on SMP/HyperThreading machines,
<br>
> precision = some microseconds
<br>
> - 2 -> Timestamps generated through KeQuerySystemTime,
<br>
> more reliable on SMP/HyperThreading machines,
<br>
> precision = scheduling quantum (10/15 ms)
<br>
> - 3 -> Timestamps generated through the i386 instruction RDTSC,
<br>
> less reliable on SMP/HyperThreading/SpeedStep machines,
<br>
> precision = some microseconds
<br>
>
<br>
>- The driver is now started by the SCM with GENERIC_READ privileges rather
<br>
> than ALL_ACCESS. This allows not-administrator users to start and run
<br>
> WinPcap.
<br>
>
<br>
>- Changes to the wpcap.dll API:
<br>
> + pcap_findalldevs() and pcap_findalldevs_ex() return IPv6 addresses
<br>
> + pcap_findalldevs_ex() is now able to list local adapters, remote
<br>
> adapters, and the list of capture files present in a given folder.
<br>
>
<br>
>- Changes/additions to the Packet.dll API:
<br>
> + The code to gather interface information has been mostly rewritten, in
<br>
> order to be more modular and source independent. IP Helper API is now
<br>
> used in addition to registry scanning.
<br>
> + PacketGetNetInfoEx() now returns IPv6 addresses besides IPv4 ones.
<br>
> + modified the format of the npf_if_addr structure, that
<br>
> PacketGetNetInfoEx() uses to return the network address of an
<br>
> interface. In order to provide enough space for an IPv6 address,
<br>
> npf_if_addr is now made of three struct sockaddr_storage rather than
<br>
> three struct sockaddr.
<br>
> Since the former is 128 bytes while the latter is 16 bytes, old
<br>
> applications will not be compatible with the new PacketGetNetInfoEx().
<br>
> + PacketGetAdapterNames() now returns the names of the adapter in ASCII
<br>
> rather than in Unicode.
<br>
> Since the main purpose of PacketGetAdapterNames() is feeding data to
<br>
> pcap_findalldevs() and since pcap_findalldevs() needs ASCII names, the
<br>
> new PacketGetAdapterNames() avoids a conversion in wpcap.dll and
<br>
> uniforms the data format with the one of Windows 9x (this potentially
<br>
> simplifies the code of the applications). As a consequence to
<br>
> this modification, old applications won't work properly with the new
<br>
> PacketGetAdapteNames() on NT/2k/XP/2k3.
<br>
> + PacketOpenAdapter() now takes an ascii adapter rather than a UNICODE
<br>
> one. This is a consequence of the fact that PacketGetAdapterNames()
<br>
> returns ASCII strings: they can be immediately passed to
<br>
> PacketOpenAdapter(). (note: internal conversion is provided so that a
<br>
> UNICODE adapter name will be correctly opened, however the prototype
<br>
> changes and this could generate warning when compiling old
<br>
> applications)
<br>
> + For the same reason, PacketGetNetInfoEx() takes an ASCII adapter
<br>
> string rather than a UNICODE one. Internal conversion is provided for
<br>
> backward compatibility in this case, too.
<br>
> + PacketGetVersion() now retrieves the version number from the dll
<br>
> binary.
<br>
> + Added a PacketGetDriverVersion() function that returns the version
<br>
> number of NPF.sys.
<br>
>
<br>
>- Packet sampling
<br>
> + added the capability to perform packet sampling instead of just packet
<br>
> capture. This feature can be turned on through the new
<br>
> pcap_setsampling() function.
<br>
> + This feature is available on local captures, offline captures, and
<br>
> remote captures.
<br>
> + Please note that this feature is highly experimental.
<br>
>
<br>
>- Remote capture
<br>
> + Improved support on FreeBSD and Linux.
<br>
> + Fixed a bug in UDP data trasfer
<br>
> + Support for packet sampling (only if the remote daemon runs on a Win32
<br>
> machine; it does not work on Linux and FreeBSD).
<br>
>
<br>
> - Updated the documentation
<br>
> + Many examples have been rewritten in order to use the new pcap_open()
<br>
> and pcap_findalldevs_ex() functions.
<br>
>
<br>
>=========
<br>
>
<br>
>
<br>
>Changelog from WinPcap 3.0 to WinPcap 3.01 alpha
<br>
>================================================
<br>
>
<br>
>- Modified interface for function pcap_findalldevs_ex in order to support
<br>
> local files listing
<br>
>
<br>
>- pcap_findalldevs_ex supports local device, remote device, and local file
<br>
> listing
<br>
>
<br>
>- Updated makefiles in order to compile on UNIX
<br>
>
<br>
>- Support for remote capture (and remote daemon) in Linux and BSD (in
<br>
> addiction to Win32)
<br>
>
<br>
>- Simplified architecture for the remote capture; now pthreads are needed
<br>
> only by the rpcapd daemon; standard libpcap does no longer need phtreads
<br>
>
<br>
>- Added initial support for remote packet sampling (local packet sampling is
<br>
> still to be done)
<br>
>
<br>
>- pcap_fileno returns a valid description also in case of a remote capture,
<br>
> so that the 'select()' function can be used to check if packets are
<br>
> waiting to be read
<br>
>
<br>
>- Improved docs
<br>
>
<br>
>- Started modifying the Developer's Pack examples in order to use the new
<br>
> system calls (pcap_open, pcap_findalldevs_ex, etc), although this process
<br>
> has not been completed
<br>
>
<br>
>- Bug fixing:
<br>
> + Fixed a bug that prevented the remote capture (active mode) working in
<br>
> Windows XP
<br>
> + Fixed a bug that caused the driver not to list any adapter under
<br>
> NT4/2k/XP/2k3.
<br>
>
<br>
>=========
<br>
>
<br>
>_______________________________________________
<br>
>Winpcap-users mailing list
<br>
>Winpcap-users@winpcap.org
<br>
>https://www.winpcap.org/mailman/listinfo/winpcap-users
<br>
></html>