File: CHANGES.old

package info (click to toggle)
iptraf-ng 1:1.1.4-6
  • links: PTS, VCS
  • area: main
  • in suites: bullseye, buster, sid, stretch
  • size: 2,856 kB
  • ctags: 1,289
  • sloc: ansic: 11,913; makefile: 367; sh: 31; awk: 1
file content (960 lines) | stat: -rw-r--r-- 37,436 bytes parent folder | download | duplicates (7)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
CHANGES File for IPTraf 3.0.0

Changes to IPTraf 2.7.0 and new features in IPTraf 3.0.0

	New filter behavior.  Except for TCP traffic in the IP traffic
	monitor, filters now do not automatically match reverse packets
	for TCP and UDP IPTraf-wide.  Rather, each filter entry has
	a field which tells IPTraf whether to match packets flowing
	in the direction opposite that specified.

	The filters for non-TCP, non-UDP IP traffic (ICMP, IGRP, OSPF,
	etc.) which never automatically matched packets flowing in the
	opposite direction, now have that same option field.  This way
	related packets (like ICMP echo request/echo reply) can be
	matched with a single entry.

	Because reverse-matching is no longer the default IPTraf-wide,
	the labels are now changed to read Source and Destination.

        Default value for blank address filter fields is now 0.0.0.0,
	rather than 255.255.255.255. Fields are therefore no longer
	pre-filled with 0.0.0.0.

	Miscellaneous IP filter entries feature a field for other IP
	protocols not specifically indicated in the dialog.  The user
	must enter a comma-separated list of individual protocols or a 
	range.  IP protocols are defined in the /etc/protocols file.

	The IP traffic monitor consults the /etc/protocols file for 
	miscellaneous IP packets for the protocol names.  Previously
	recognized protocols (ICMP, UDP, OSPF, etc) are still looked up 
	internally for performance reasons.

        The filter rule selection now indicates the mask in CIDR format
	(e.g. 10.1.0.0/16) for clarity and to save screen space.

        Filter selection list box is now alphabetically sorted.

	Likewise, the CIDR notation can be used when entering IP address
	data.  However the CIDR notation is translated into a mask and
	discarded.  Subsequent editing of the filter will show the 
	corresponding mask.

	Changed color coding for unknown IP packets (those looked up
	from /etc/services to bright white on blue (instead of yellow on
	red, which looked like "errors").

	Added internal recognition for L2TP, IPSec AH, and IPSec ESP
	packets.

        Changed size of the IP traffic monitor's TCP hash table to 1033
	buckets.  Prime number used to improve hash efficiency.  

	A new function tx_box() has been added to the screen support
	library as a solution to the ncurses box() function not accepting
	the color set by wattrset(), at least on Red Hat 7.3.  All calls
	to box() have been replaced with this tx_box() instead.  It takes
	exactly the same parameters.

	Added support for tun and brg (tunneling and bridging) interfaces.
	Thanks to Marcio Gomes <tecnica_at_microlink.com.br>.

	Modified logging options.  The -L parameter now works with any
	command-line invocation of a facility, even in foreground mode.

	Added -I command-line parameter to override logging interval
	configuration option.

	(Thanks to the contributors of the -I and -L patches. I lost your
 	emails when SEUL reinstalled. Please acknowledge. Thanks.
	
	Corrected promiscuous mode control code.  It ignored Token Ring 
	interfaces.

Changes to IPTraf 2.6.1 and new features in IPTraf 2.7.0

	Corrected bug wherein the detailed interface statistics
	did not filter out the packets based on the selected
	interface.  Thanks to the members of the mailing list for
	this.

	Corrected minor interface name comparison bugs in the
	general interface statistics and TCP/UDP service statistics.

	Corrected stale locks when IPTraf did not start due to an
	improper terminal size.

	Added support for additional DVB interfaces sm2*, sm3*, penta*.

	Added support for wireless LAN interfaces (wlan*, wvlan*).

	Fixed segfault that occurs when /proc/net/dev is empty or
	contains no active interfaces.  Thanks to Chris Armstrong 
	<wolfwings_at_zana.changa.nu> for actually trying it out.

	Added error box to handle the /proc/net/dev error condition
	mentioned above.

	Added error box when tx_operate_listbox is invoked on an empty
	list.
	
Changes to IPTraf 2.6.0

	Corrected a segfault in the IP traffic monitor and TCP/UDP service
	breakdown when a sort is attempted on an empty screen.  Thanks
	to <lord_at_elreyforce.org> for the report.

	Corrected segfaults in the TCP/UDP service monitor when
	scrolling using PgUp and PgDn (or space and '-').  Thanks
	to Ross Gibson <windows_at_prefixservice.com>.

	Corrected post-sorting PgUp problem in TCP/UDP monitor.

	Corrected inaccuracies in the IP traffic monitor's TCP byte
	counts and flow rates.  *** THE BUG ADDRESSED BY THIS CORRECTION
	DEFERS IPTRAF 2.6.0. ***

	Adjusted black-and-white color scheme.

	Minor adjustments to the printlargenumber() function.

	Minor cosmetic adjustments.

New features in IPTraf 2.6.0 and changes to IPTraf 2.5.0

	Added support for Token Ring interfaces.  Thanks to many people
	for help with patches and testing, including J. Kahn Koontz
	<csjmk_at_eiu.edu>, Dan Seto <mail_at_seto.org>, and Tomas Dvorak
	<avatar_at_kanal.ucw.cz>.

        Added support for sbni long-range modem interfaces (Dmitry
        Sergienko <trooper_at_dolphin.unity.net>).

	Added support for Free s/WAN IPSec logical interfaces (Doug Nazar
        <nazard_at_dragoninc.on.ca>).

	Code cleanup.  Got rid of an ugly goto in itrafmon.c.  I hate
	goto no matter what.

	Moved write_timeout_log.c to tcptable.c.

	Recoded the PgUp/PgDn routines in the IP traffic monitor,
	TCP/UDP service monitor, and LAN station monitor.  These
	routines now directly manipulate the table pointers instead
	of merely calling the single-line scrolling routines repeatedly.
	Faster.  More efficient.

	Added a highlight bar to the IP traffic monitor, allowing better
	readability, especially on long-line screens (> 80 characters),
        and individual flow rate computation.

	Added flow rates for the highlighted TCP flows (IP traffic
	monitor) and TCP/UDP ports (TCP/UDP statistical breakdown) I
	believe this is the best way to allow viewing of data rates
	without excessively sacrificing CPU time for packet capture.

        Filters now apply to all facilities except the packet size
	breakdown and LAN station monitor.  You can now view the loads
	and protocol breakdowns on selected packets only using the
	filters.

	No more byte counters in the IP traffic monitor.  This line now
	just contains a simple packet counter at one end, and the TCP
	flow rate information at the other.

	Moved menu, selection listbox, and dialog box functions to a
	separate support/ directory.  These routines are first compiled
	into a library and later on linked into iptraf.

        Added a confirmation box to the main menu's Exit command.  This
	is as much for me as it is for a lot of people.  I accidentaly
	exit too.

	Added broadcast packet and byte counts to the detailed interface
	statistics log.

	Some cosmetic adjustment.

	Added 5-minute timeout for rvnamed child processes.

New features in IPTraf 2.5.0 and changes to IPTraf 2.4.0

	Now includes a more specific dialog for non-TCP and non-UDP
	filters.  Allows specification of packets by source and
	destination IP addresses.

	Better organized the filter management and manipulation
	functions in fltedit.c, fltselect.c, othipflt.c, and utfilter.c.
	
	othfilter.c renamed to fltselect.c, same thing with the .h.

	All filters are now unified in a single data structure allowing
	handling of TCP, UDP, misc IP, and non-IP toggles with one set
	of functions.

	Separate TCP and non-TCP filter menus abolished, everything
	is now grouped under a Filters... submenu under the main menu.

	Corrected wrong placement of timer in the packet size breakdown.

	Corrected scanning code for timed out entries in the IP traffic
	monitor sort function.  Wrong computation for elapsed time
	resulted in active connections being placed in the list of
	closed entries.  Thanks to Gal Laszlo <slowTCP_at_hotmail.com> for
	pointing out the symptom.

        Added support for Frame Relay FRAD/DLCI interfaces.  Thanks to
        Raffaele Gariboldi <lele_at_italynetwork.it> for the information
        and testing.

	Sorting is now done with the Quicksort algorithm.

	IP Traffic Monitor now adds connection entries to the TCP window
	upon the receipt of header-only packets.  There are cases in which
        we have to check for possible TCP scans which are implemented with
        non-SYN packets.

	The reverse DNS lookup function revname() now times out after
        five seconds, and stops reverse lookups for that session in case
        rvnamed dies.

	Added some notes to the packet size breakdown window.

	Moved rvnamed cache index update code such that updating of the
	cache indexes will only be performed once fork() succeeds,
	otherwise, the allocated slot will just be reallocated for
	the next queries.  This is so that should the fork() fail,
	future invocations for that IP address won't have the rvnamed
	parent thinking its resolving when there actually wasn't a child
	performing the resolution.  If the fork() problem condition was
	temporary, the next invocation can still have rvnamed fork() off
	to resolve the address.  This of course assumes the IP address
	hasn't expired from the cache.

	Some cosmetic updates (as always).

	The manual features a new format for the sidebars.  Corrected
	typos and spelling errors.

	iptraf-x.y.z.tar.gz no longer comes with precompiled
	binaries.  However a separate iptraf-x.y.z.i386.bin.tar.gz will
	come only with the precompiled x86 executable programs
	(i386/glibc-2.1/ncurses-5.0).

New features in IPTraf 2.4.0 and changes to IPTraf 2.3.1

	This version now allows multiple instances of the same facility
	in different processes, but only one instance can monitor an
	interface.  Please see the RELEASE-NOTES file.

	As a consequence of the above changes, the default names of the
	logfiles then reflect the instance or interface being
	monitored.  See the RELEASE-NOTES file.
	
	Implemented a dialog box allowing the user to log to a custom
	log file.

	Implemented -L command-line parameter to allow specification of
	the log file name when IPTraf is started with the -B parameter.

	Removed hardcoded UNIX-domain socket name bound by IPTraf, instead
	a socket name is generated from the current time and pid.  Also
        removed hardcoded socket name in rvnamed, to which it directs
        replies to IPTraf.  rvnamed still binds to hardcoded socket names
	though.

	IP Traffic Monitor can optionally display the source MAC addresses
	for LAN-based packets.  Added appropriate configuration item.

	IPTraf now reads /etc/ethers in addition to its own database of
	MAC addresses.  Thanks to Frederic Peters <fpeters_at_debian.org> for
	the patch.

	Moved time-related configuration items to a Timers... submenu to
	save on screen space.

	The version.h file no longer exists, rather, a plain version file
	is in place containing merely the version number.  The Makefile
	reads this file, determines the target machine information
	and passes this data to the compiler with -D parameters.

	Imposed an upper limit of 200 on rvnamed child  processes.
	rvnamed should really not go runaway with a normally-functioning
	DNS server, but I had the good fortune of experiencing a dead DNS
	server while monitoring.  Took my machine down real fast.

	Precompiled executables now require glibc-2.1 dynamic libaries.

	Included a Setup installation script to ease somewhat the
	installation process (installation can still be done the old way
	though).

	Cosmetic/color changes.

	Reflected changes to manual.

Changes to IPTraf 2.3.0

	Fixed segfault bug when sorting is attempted on an empty TCP
	window.  Thanks to Ramon van Elten <mainwave_at_datura.cx> for the
	report and for the assistance in diagnosis.

	Fixed cosmetic error (sort progress window doesn't disappear)
	when attempt is made to sort a TCP window with only 1 entry.
	Thanks again to Ramon for the report.

	Updated some comments.

New features in IPTraf 2.3.0 and changes to IPTraf 2.2.2

	Implemented sorting in the IP traffic monitor, TCP/UDP statistical
	breakdown, and LAN station monitor.  Great thanks go to Gal Laszlo
	<slowTCP_at_hotmail.com> for the patch.  (Note to Gal: I had to do a
	heck of a lot of overhaul, and had to implement a clearer screen
	design, but your patch provided the basis :) Thanks a lot.)

	Implemented better bounds checking in the text input routine.

	Added information boxes to TCP/UDP delete and detach filter
	functions.

	Added recognition of GRE packets.  Modified non-TCP display filters
	accordingly.

	Fixed bug in unrecognized IP display and filter code.

	Added filter item for unrecognized IP packets.

	Removed leftover code from the old warning on IP masquerading.

	Reflected changes and corrected typos in manual.

Changes to IPTraf 2.2.1

	Fixed recognition problem with DVB interfaces.

	Fixed small buffer overrun in TCP timeout log routine, which can
	cause a segmentation fault under certain conditions.

	Minor cosmetic adjustment in TCP connection window.

Changes to IPTraf 2.2.0

	Fixed segfault in IP Traffic Monitor due to packets from an
	unsupported link type.

	Fixed segfault in promiscuous mode management module in the (rare)
	case of a failure to save or load the interface flags from the
	temporary storage files. Normally due to a bad installation.
	Thanks to Udo A. Steinberg <sorisor_at_Hell.WH8.TU-Dresden.De> for
	the report.

	Added support for Ethernet-emulated FDDI interfaces. Thanks to Udo
	A. Steinberg <sorisor_at_Hell.WH8.TU-Dresden.De> for the report and
	help with the testing.

	Added support for DVB interfaces, thanks to Alex
	<vasile_at_keeper.meganet.ro> for the notification and the help.

	Replaced inet_addr() references on filter address entries with
	inet_aton().  This fixes failure of filters on packets with
	255.255.255.255 in their source or destination address fields.
	Thanks for Peter Magnusson for the report and the test
	environment.

	Overhauled TCP/UDP editing facility.  Fixed bug wherein garbage
	entries remain in the filter's parameter list even if an insert/
	add dialog is aborted.

        Fixed detailed interface statistics logging bug (activity and
	packets-per-second figures were the same).

	Apologies to Dustin Trammell for my failure to credit him for his
	report on the behavior of IPTraf on bridges.

Changes to IPTraf 2.1.1 and new features in IPTraf 2.2.0

	Immediate flushing of disk buffers after a log file write to
	better accomodate separate logfile parsing scripts.

	Addition of a manual and automatic clearing of closed and idle
	TCP entries in the IP Traffic Monitor

	Added a TCP closed/idle persistence configuration option to
	control the TCP closed/idle clearing interval.

	Clarified TCP timeout logfile entries.

	Saves the state of the interface flags at startup of a facility,
        and restores them on exit, allowing interfaces previously set to
        promiscuous mode to retain that state.  Important on bridges.
	Thanks to Dustin D. Trammell <dtrammell_at_cautech.com> and Holger Friese
	<evildead_at_bs-pc5.et-inf.fho-emden.de> for the patch.  However, I had
	to modify it a little more than a bit and had to overhaul quite a
	good deal of the rest of the software to better accomodate
	multiple instances.

	Promiscuous mode is set only when a facility is started, and
	restored when it exits.  Promiscuous mode is no longer forced at
	menus.  Restoration is not performed though if there is still
	another facility running, but the interface state remains saved.

	Fixed a minor bug in the LAN station monitor.  The raw socket is
	now closed when the facility exits. duh.

	Fixed rare bug in the packet size distribution.  The lock file didn't
	get deleted if the raw socket open failed.

	Changed the promiscuous mode option to "Force promiscuous".
	Cosmetic.

	Added PID's (a la syslog) to daemon log entries.
 
	Minor cosmetic adjustments.

Changes to IPTraf 2.1.0

	Fixed bug in the packet size statistical breakdown.  The facility
	didn't filter packets based on interface name, thus causing
	inaccurate counts on systems with multiple network interfaces.

	Fixed a few minor cosmetic errors.

	Corrected some typographical errors in the manual.

	Added a FAQ (or the beginnings thereof).

	Added a spec file for RPM generation.  Thanks to Dag Wieers
	<dag_at_life.be>.  I'm not a really good RPM'er beyond RPM
	installation and removal.  :)
 
Changes to IPTraf 2.0.2 and new features in IPTraf 2.1.0

	Added non-IP to the display/logging filter selections

	Added interface selection to the IP Traffic Monitor and LAN
	Station Monitor (with an "All Interfaces" option).

	Related to the above: now requires an interface name as an
	argument to the -i and -l command-line parameters.  'all' may be
	specified for monitoring all interfaces.

	Added -B command-line parameter to fork program into the
	background solely for logging purposes.  Several people had
	requested this.

	Corrected TCP/UDP filter file placement error.  Included cfconv
	program to move files to the proper place.

	Added program-wide Ctrl+L sequence to redraw the screen if
	corrupted by outside factors (write, talk, syslog).

	Added TCP/UDP filter editing facility.

	Corrected several possible buffer overruns in TCP/UDP filter
	module.

	Corrected errors and reflected changes to manual and man pages.

Changes to IPTraf 2.0.1

	Fixed a rarely-occuring but nevertheless severe segmentation fault
	bug when long hostnames are coupled with long service names.
	Great thanks go to Ronald Wahl <rwahl_at_gmx.net> for the advice and
	the help.  Ron, I'm really gonna find the time to do the code the
	Right Way  :)

Changes to IPTraf 2.0.0

	Fixed minor non-IP byte count bug in detailed interface statistics.

	Fixed minor cosmetic bug causing elapsed time indicator to appear
	in the wrong line on screens not containing 25 lines.  Thanks to
	Uwe Storbeck <uwe_at_datacomm.ch> for the patch.

New features/changes in IPTraf 2.0 from 1.4.2

	Now uses the new PF_PACKET socket family as its packet capture
	mechanism.  Requires Linux 2.2.

	Added target/source IP addresses in ARP packet
	request/reply packet entries in the IP traffic monitor.  Also
	added target/source MAC addresses to RARP request/reply entries.

	Reorganized menu structure, see the README file for details.

	Moved packet counts by size to a facility of its own.  Added
	corresponding -z command-line option.

	New incoming/outgoing packet and byte counts and activity rates in
	the detailed interface statistics facility.

	Corrected a bug in the FDDI packet parsing code (wrong link type).

	Added a check for the IFF_UP flag when generating interface
	lists, to omit inactive interfaces (but still in /proc/net/dev).
	This covers the General Interface Statistics and all interface
	selection lists.
 
	Now uses the maximum number of columns on the screen.  High thanks
	to Michael "M." Brown <m2brown_at_waterloo.ca> for the patch.  Saved
        me a lot of tedious work. :)

	Reformatted TCP screen to show only one hostname:port per line,
	with connections indicated by the green "brackets".  I think
	that's clear enough.

	Added ARP/RARP opcode and target addresses in the ARP/RARP
	indicator lines.

	Added vertical scrolling to the lower (non-TCP) window in the
	IP traffic monitor to allow for long lines (ICMP, OSPF, some UDP).

	Allowed for slightly longer host names in the lower IP traffic
	monitor window.

	Still increased the rvnamed cache size to 2048 entries.

	Miscellaneous cosmetic changes.

	Manual now includes screen shots and comes in HTML format only.

Changes to IPTraf 1.4.1

	Fixed SEGV condition when attempts are made to load a filter list
	application or deletion with a zero-length filter list file, which
	could be caused by deleting the last filter.  Thanks to Daniel
	Savard <daniel.savard_at_gespro.com> for the report.

	Makefile comes with the -m486 option commented out

Changes to IPTraf 1.4.0

	Moved configuration status window to unobscure a long menu option.

Changes to IPTraf 1.3.0 and new features in 1.4.0

	Support for PLIP interfaces.

	Support for other ISDN encapsulations (specifically raw IP and 
	Cisco HDLC) high thanks to Gerald Richter <richter_at_ecos.de> for
	the information and testing.

	Added -q parameter to suppress the 1.3.0 masquerading warning for
	users who wish to automate the various facilities from their
	inittab and similar non-interactive fashions.  Incorporated into
	the Debian version of 1.3.0 by Debian maintainer Frederic Peters
	(<fpeters_at_debian.org>, carried over to general release 1.4.0.

	Added an option to change activity indications between kbits/s and
	kbytes/s.  On a suggestion by Paul G. Fitzgerald
	<pgfitzgerald_at_buckman.com>.

	Incorporated more flexible compile-time control of directories for
	configuration, log, and other files.  Thanks to Stefan Luethje
	<luethje_at_sl-gw.lake.de> for the patch.
	
	Corrected minor flaws in the default screen update delay code
 	(visually insignificant), that led to occasional skips of the
	delays.  (Call it nitpicking if you will.  :))
	
	Moved signal() calls to after terminal checks in iptraf.c,
	allowing standard behavior of signals when error/warning messages
	may still be sent to stderr.  Allows the user to break out of it
	with Ctrl+C at the terminal warning if so desired. 

	Reformatted IP traffic monitor log entries on Gerald Richter's
	<richter_at_ecos.de> suggestions for easier processing with Perl 
	scripts.

	Included logfile rotation with the USR1 signal.  Again on Gerald
	Richter's <richter_at_ecos.de> suggestion.

	Moved first-instance tag sequence to after the initscr() call.

	Indicated IP fragments with no additional information in the lower
	traffic monitor window.  Datagram size, addresses, and interface
	are still indicated.

	Changed Non-IP count in IP traffic monitor to byte count
	(including data-link header lengths) from packet counts.
	Consistency purposes.

	Added some extra information for certain non-IP packets.  These
	may eventually grow, but not in too much detail, since this is an
	IP-oriented utility.  Thanks to David Harbaugh
 	<dlh_at_linux.cayuga-cc.edu> for the patch.

	Removed bind() operation on raw socket to address a condition in
	which the detailed interface statistics and TCP/UDP statistics
	stop counting if an interface goes down then up again.  This will
	be studied further.  Symptom report sent in by Roeland Jansen
	<bengel_at_xs4all.nl>.

	Changed Ethernet/FDDI/PLIP description file formats from binary to
	plain text, allowing database appends.  Other files (configuration
	and filters) are still binary.  On a suggestion by David Harbaugh
	<dlh_at_linux.cayuga-cc.edu>.

	Copied IP and upper-layer headers and some data from Ethernet, 
	PLIP, FDDI, and loopback frames into an aligned buffer.  Avoids
	SIGBUS on picky systems (like SPARCs) and general alignment
	problems.  I don't know yet which is worse, the overhead of
	a 96-byte transfer or the performance hit with misaligned reads.
	Thanks to Jonas Majauskas <jmajau_at_soften.ktu.lt> for reports and
	tests.

	Replaced __-type references with u_int-type references.

	Increased cache array size in rvnamed to 1024 entries from the
	previous 512, to better handle combinations of busy networks and
	slow DNS servers.
	
	Cleared up a few instructions in the Makefile, thanks to Arjan
	Opmeer <a.d.opmeer_at_student.utwente.nl>

New features in IPTraf 1.3.0 and changes to IPTraf 1.2.0

	Experimental FDDI support.  High thanks to Paonia Ezrine 
	<paonia_at_massart.edu> for the initial tests on the FDDI code.  More 
	feedback is requested on the FDDI functionality.  Bugs may still
	be present.

	Reestablished ippp interfaces (synchronous PPP over ISDN) after
	reports that the ISDN problem was fixed with Linux 2.0.34.

	Fixed fragmentation oversight in TCP/UDP service monitor.

	Applied the bind() system call to the raw socket to have the
	kernel filter out packets from interfaces we're not interested in.
	Makes for better capture times on multiple-interfaced machines.
	However, a strncmp() is still performed on the returned interface
	name to counter the race condition between the socket() and bind()
	calls.
	
	Fixed interface statistics print routines to print unsigned
	rather than signed numbers.

	Added additional option to adjust screen updates.  Useful for
	IPTraf sessions run on remote terminals (thanks to Lutz Vieweg
	<lkv_at_isg.de> for the suggestion and Dean Gaudet
	<dgaudet_at_arctic.org> for the base patch.  I modified it a bit,
	Dean.)

	Discovered terrible performance penalty due to screen refresh with
	heavily loaded LAN segments.  Therefore, with the new screen
	update interval option set to 0, all facilities have a 50 ms delay
	between refreshes (exception: the LAN station monitor has a delay 
	of 100 ms). This is still visually fast (although updates
	look kinda slower), but this gives more time to packet capture,
	therefore increasing accuracy and capture performance.  Thanks to
	everyone who responded to my request for advice on this matter and
	to Ronald Wahl <rwahl_at_gmx.net> for giving me the symptom report.

	Modified IP traffic monitor to mark TCP connection entries for reuse
	once one side is fully closed and acknowledged ("CLOSED" on the
	screen) and the other closed but even if not acknowledged ("DONE" 
	on the screen.  This is because many times, the last ACK gets lost.
	
	Included an additional parameter used together with the other
	command-line arguments to specify an amount of time for which the
	selected facility would run before automatically terminating (on a
	suggestion by Linux HOWTO coordinator Tim Bynum
	<tjbynum_at_wallybox.cei.net)>.

	Supplemented the main data structure for the IP traffic monitor
	with an open hash table for increased search efficiency,
	especially after the facility has been running for quite some
	time (the other facilities, which don't grow as much still use
	linearly-searched linked lists.  I'll probably hash them depending
	on feedback.)

	Fixed rare bugs in various facilities that caused IPTraf to
	attempt to proceed even in the event of a raw socket open failure.

	Fixed SEGV condition when IPTraf is invoked with a command-line
	parameter that cannot be parsed with getopt().

	Added labels to LAN address description selection box.

	Fixed unsightly LAN address description dialog scrolling.

	Added a separator feature to the menurt.c module, allowing
	separation lines within menus.

	Added separator lines between related groups of menu items in both
	main and configuration menus.

	Changed the Options main menu item to Configure.

	Added the space bar and the '-' key as "unofficial" alternates to
	the PgUp and PgDn keys (it's not in the manual).

	Transferred Ethernet description facility option to the Configure
	submenu, and added a related facility for FDDI addresses.

	Removed Ethernet-specific references where FDDI and (potentially)
	other LAN technologies also fit.  We'll just use "LAN" as a
	general term.

	Adjusted detailed statistics screen to automatically generate the
	appropriate packet size distribution brackets based on interface
	MTU.  This means the brackets may no longer end on numbers
	divisible by 10, but rather on boundaries based on the MTU divided
	by 16 (the number of brackets).  But at least 1500 is not
	hardcoded anymore as the maximum.

	Related to the immediately preceeding change: packet size
	distribution updates are done one at a time now, no longer as a
	whole bunch.  In other words, as a frame arrives, only the
	appropriate bracket is updated.

	Also related to previous two: changed basis for packet size
	distribution to the Ethernet frame length from the IP datagram
	length (which really doesn't matter except for a few frames).

	Fixed bug which causes the existing log interval to multiply by 60
	when the dialog is aborted (instead of retaining the current
	setting).  Thanks to Chris Higgins <chiggins_at_pobox.com> for the
	bug report and the patch.  (I had to modify it a bit to fit in
	with the screen update interval patch sent in by Dean Gaudet.)

	Potentially large counts have been changed to type "unsigned long
	long" to significantly increase running time on heavily loaded
	networks, plus automatic switching of denominations (from exact
	counts to K(ilo) to M(ega) to G(iga) to T(era)) to prevent screen
	disruption (on a suggestion by Lutz Vieweg <lkv_at_isg.de>).
	
	Separated log file into different logs for each facility.

	Moved log files to /var/log/iptraf to avoid mixing them with the
	mess in the /var/local/iptraf directory.  At least that way,
	we humans don't have to look in /var/local/iptraf anymore.

	Relaxed multiple-instance restriction from a
	no-multiple-instances-of-IPTraf requirement to a
	no-multiple-instance-of-the-same-facility.  In other words,
	several copies of IPTraf can run, but only one instance of each 
	facility can run at any one time.  The -f parameter removes the
	tags, overriding the restrictions on that IPTraf instance.  This 
	modification was done to  address needs indicated by Chris Panayis
	<chris_at_freedom2surf.net>).

	Added a startup warning box if IPTraf detects IP Masquerading 
	enabled on the computer.  IPTraf will continue to work, but its
	results may be quite confusing.  The detection is done by
	opening /proc/net/ip_masquerade.
	
	Modified additional port facility to accept ranges of ports rather
	than several single port numbers (on a suggestion by Lutz Vieweg
	<lkv_at_isg.de>)

	Reduced minimum number of lines from 25 to 24 for better VT100
	terminal compliance.

	Miscellaneous cosmetic retouches.  (I consider user interface an
	important factor too, ya know!  :)

	Distribution binary now comes statically linked with ncurses 4.2.
	You may recompile to suit your system.

	Included manual pages derived from the Debian GNU/Linux 2.0
	distribution.  Man pages written by Frederic Peters
	<fpeters_at_debian.org> who is now maintaining the Debian IPTraf
	package.

	Reversed version order (newest first) in the CHANGES file.

New features in IPTraf 1.2.0 and changes to IPTraf 1.1.0 

	Increased buffer size in ifstats.c for /proc/net/dev lines to 161
	to better accomodate the longer lines in the new 2.1.x kernels
	(which will be carried over to the new stable kernel series).  
	Based on bug reports by Dop Ganger <DopG_at_sprint.ca> and Christoph
	Lameter <christoph_at_lameter.com> et al. 

	Fixed rarely occuring high CPU utilization bug occuring whenever
	a terminal connection is lost, resulting in a SIGHUP which is 
	ignored.  (This is an example of a software author's temporary 
	insanity.  I mean, what sane programmer would set SIGHUP to 
	SIG_IGN for a terminal-based program huh?  Thought so :) Thanks
	to Dop Ganger <DopG_at_sprint.ca> for the symptom report.

	Refined Ethernet station monitor rate updates and scrolling code.

	Fixed autosave bug for non-TCP filters (this was working before
	1.1.0.  All of a sudden, the function call disappeared
	mysteriously.  Must have been sleepy that time :)

	Fixed bug in UDP filter default settings.

	Added option to display TCP and UDP ports in either name form or
	numeric form (on a suggestion by Felix von Leitner
	<leitner_at_math.fu-berlin.de> and others).

	Added facility to describe Ethernet addresses for the Ethernet
	station monitor (to address needs as presented by Erlend Middtun
	<erlendbm_at_funcom.com> via James Ullman <james_at_irc.ingok.hitos.no>)

	Added an additional field to the TCP/UDP filter dialogs to allow
	the user to "exclude" certain addresses from the display allowing
	all others.  Details on the new behavior are in the manual (on a
	suggestion by Sean Hough <seh_at_javanet.com>)

	Relaxed screen management code to better adjust to the number of
	lines on the screen.  As of this release, columns are still based
	on a maximum number of 80 though.  Also under study is a
	SIGWINCH handler, but this will have to come later (on comments and
	suggestions by a *lot* of users...thanks guys :-) ).

	Fixed a subtle bug in the rvnamed interface IPC code, resulting in 
	an accurate transfer of data but causing recvfrom() to return an
	EINVAL at unpredictable intervals.  Bug was an uninitialized address
	structure length parameter.  Code in both iptraf and rvnamed was
	fixed.

	Eliminated unsupported interfaces from interface selection lists.

	Included enforced restriction disallowng multiple instances of
	IPTraf and an overriding command-line parameter.  (This may
	just be temporary, in lieu of a more elegant solution).

	Included autosave for TCP and UDP filters.  Filters now survive
	IPTraf exits and restarts without requiring manual reapplication
	(on a suggestion by Chad Clark <cclark_at_comstar.net>).

	Included upgrade program and makefile rule to convert IPTraf 1.1.0 
	configuration and filter files to 1.2.0 format.

	Clarified TCP/UDP and non-TCP/UDP filter error messages.

	Color-coded the TCP and UDP protocol/port indicators in the
	TCP/UDP service monitor for better identification.

	Revised IP traffic monitor to query rvnamed only once per
	invocation of the facility.  Less overhead.

	Revised IP traffic monitor to open and close the rvnamed 
	communication socket only once per invocation of the facility.
	Less overhead.

	Added a 2-second delay after the rvnamed invocation to give
	the daemon more than enough time to open its sockets.

	Fixed SEGV condition which occurs when an attempt is made to
	destroy an interface list never loaded (which could only occur
	if the /proc system is unreadable, something which shouldn't
	happen on any decent Linux system).

	Moved filter list load routine to fltmgr.c, for better linking with
	the cfconv module.

	Makefile now installs rvnamed together with the iptraf executable
	in /usr/local/bin by default.

	Added table of contents (hyperlinked in the HTML version) to the
	manual.

	Cleaned up the Makefile.

New features in IPTraf 1.1.0 and changes to IPTraf 1.0.3

	Added command-line options for direct facility access from the
	shell, and an appropriate help screen for IPTraf invocation (on a
	suggestion by BJ Goodwin <latency_at_radiolink.net>).

	Added separate DNS reverse name lookup program (rvnamed) for
	quicker response time on reverse DNS lookups.  Subsequently
        modified the revname function to use the new functionality.
	This also required additions of address resolution state fields 
	to struct tcptableent in tcptable.h.

	Added checkrvnamed() and killrvnamed() to revname.c, used by
	itrafmon.c to query and stop the rvnamed daemon.

	Added scrolling capability to the general interface statistics.
	Interface list will now grow as packets from newly created
	interfaces are received (e.g. PPP interfaces).  This now makes
	IPTraf better suited to monitor Linux machines configured as
	access servers.
	
	Interface selection lists can now be scrolled.

	Increased maximum number of entries in for the non-TCP window
	in the IP traffic monitor from 256 to 512.

	Fixed SEGV condition in itrafmon.c that happens whenever the
	Down cursor key is pressed with the lower window active, but
	not yet full.

	Added elapsed time indicators to each facility, showing the
	hours and minutes that have passed since the start of the
        monitor (on a suggestion by James Ullman
	<james_at_irc.Ingok.Hitos.No>)

	Changed ncurses include file references from <ncurses.h>
	to <curses.h>

	Cleaned up preprocessor code for glibc2 support.  Thanks for
	help and suggestions from John Labovitz <johnl_at_meer.net>.  Thanks 
	also for a test account on debs.fuller.edu opened by Christoph 
	Lameter <christoph_at_lameter.com>.

	Fixed SEGV condition which may occur when trying to close the
	log file which may never have opened (thanks to John Labovitz
	<johnl_at_meer.net> for the patch).

	Adjusted cosmetic code to better indicate the closed status in
	the TCP monitor.

	TCP and UDP filters now accept host names in in place of IP
	addresses.  Host names will be resolved and can still be used
	with wildcard masks (may be useful for names that resolve to
  	several IP addresses)

	Distribution now includes an HTML-formatted manual.

Changes to IPTraf 1.0.2

	Fixed SEGV condition when scrolling commands are applied to
	an empty Ethernet station monitor

	Distribution executable now comes compiled with -m486 by default.
	Binary will still execute on a 386, but a 486 or higher is still
	preferred.

Changes to IPTraf 1.0.1

	Fixed conflicting hotkey for non-TCP filter menu items RARP and
	IGRP  (the "R" key).  Changed the shortcut key for RARP to "P".

	Modified layer-2 header stripping code to cleanly ignore packets
	from unrecognized interfaces (see README).

	Fixed "duplicate port" misbehavior for the "Additional port"
	dialog's Cancel command

	Added error-checking for the port list file open sequence.
 
	Added PgUp/PgDn capability to the facilities that can be scrolled
	(IP traffic monitor, TCP/UDP services, and Ethernet station
	monitor).

	Cleaned up scrolling code a bit.

	Fixed bug in the non-TCP logging facility that caused extraneous
	log entries whenever the window is scrolled.

	Sent non-fancy messages to standard error rather than standard
	output.

	Changed a few messages

Changes to IPTraf 1.0.0

	Fixed X/Ctrl-X keystroke bug in the General Interface Statistics
	module (thanks to BJ Goodwin <latency_at_radiolink.net>).  This was
	kinda an emergency, so I fixed this and released 1.0.1 
	immediately.