Skip to content
Tags give the ability to mark specific points in history as being important
  • tcpdump-4.99.3
    032e4923 · This is tcpdump 4.99.3. ·
  • tcpdump-4.99.2
    296ff0fe · This is tcpdump 4.99.2. ·
  • tcpdump-4.99.1
    tcpdump release 4.99.1 on 2021-06-09
  • tcpdump-4.99.0
    December 30, 2010 by mcr, Denis, and FXL
      Summary for 4.99.0 tcpdump release
        Improve the contents, wording and formatting of the man page.
        Print unsupported link-layer protocol packets in hex.
        Add support for new network protocols and DLTs: Arista, Autosar SOME/IP,
          Broadcom LI and Ethernet switches tag, IEEE 802.15.9, IP-over-InfiniBand
          (IPoIB), Linux SLL2, Linux vsockmon, MACsec, Marvell Distributed Switch
          Architecture, OpenFlow 1.3, Precision Time Protocol (PTP), SSH, WHOIS,
          ZigBee Encapsulation Protocol (ZEP).
        Make protocol-specific updates for: AH, DHCP, DNS, ESP, FRF.16, HNCP,
          ICMP6, IEEE 802.15.4, IPv6, IS-IS, Linux SLL, LLDP, LSP ping, MPTCP, NFS,
        User interface:
          Make SLL2 the default for Linux "any" pseudo-device.
          Add --micro and --nano shorthands.
          Add --count to print a counter only instead of decoding.
          Add --print, to cause packet printing even with -w.
          Add support for remote capture if libpcap supports it.
          Display the "wireless" flag and connection status.
          Flush the output packet buffer on a SIGUSR2.
          Add the snapshot length to the "reading from file ..." message.
          Fix local time printing (DST offset in timestamps).
          Allow -C arguments > 2^31-1 GB if they can fit into a long.
          Handle very large -f files by rejecting them.
          Report periodic stats only when safe to do so.
          Print the number of packets captured only as often as necessary.
          With no -s, or with -s 0, don't specify the snapshot length with newer
            versions of libpcap.
          Improve version and usage message printing.
        Building and testing:
          Install into bindir, not sbindir.
          autoconf: replace --with-system-libpcap with --disable-local-libpcap.
          Require the compiler to support C99.
          Better detect and use various C compilers and their features.
          Add CMake as the second build system.
          Make out-of-tree builds more reliable.
          Use pkg-config to detect libpcap if available.
          Improve Windows support.
          Add more tests and improve the scripts that run them.
          Test both with "normal" and "x87" floating-point.
          Eliminate dependency on libdnet.
          Print a proper error message about monitor mode VAP.
          Use libcasper if available.
          Fix failure to capture on RDMA device.
          Include the correct capsicum header.
        Source code:
          Start the transition to longjmp() for packet truncation handling.
          Introduce new helper functions, including GET_*(), nd_print_protocol(),
            nd_print_invalid(), nd_print_trunc(), nd_trunc_longjmp() and others.
          Put integer signedness right in many cases.
          Introduce nd_uint*, nd_mac_addr, nd_ipv4 and nd_ipv6 types to fix
            alignment issues, especially on SPARC.
          Fix many C compiler, Coverity, UBSan and cppcheck warnings.
          Fix issues detected with AddressSanitizer.
          Remove many workarounds for older compilers and OSes.
          Add a sanity check on packet header length.
          Add and remove plenty of bounds checks.
          Clean up pcap_findalldevs() call to find the first interface.
          Use a short timeout, rather than immediate mode, for text output.
          Handle DLT_ENC files *not* written on the same OS and byte-order host.
          Add, and use, macros to do locale-independent case mapping.
          Use a table instead of getprotobynumber().
          Get rid of ND_UNALIGNED and ND_TCHECK().
          Make roundup2() generally available.
          Resync SMI list against Wireshark.
          Fix many typos.
  • tcpdump-4.99-bp
    f736ac0b · Update my email address. ·
  • tcpdump-4.99.0-bp
    f736ac0b · Update my email address. ·
  • tcpdump-4.9.3
    d9a693b0 · VERSION set for release ·
    release 4.9.3, out on 2019-10-30.
  • tcpdump-4.9.2
  • tcpdump-4.9.1
  • tcpdump-4.9.0
  • tcpdump-4.9.0-bp
  • tcpdump-4.8.1
    af974494 · updated version ·
    Tuesday October 25, 2016
      Summary for 4.8.1 tcpdump release
    	Fix "-x" for Apple PKTAP and PPI packets
            Use PRIx64 to print a 64-bit number in hex.
            Printer for HNCP (RFCs 7787 and 7788).
            dagid is always an IPv6 address, not an opaque 128-bit string, and other fixes to RPL printer.
            RSVP: Add bounds and length checks
            OSPF: Do more bounds checking
            Handle OpenSSL 1.1.x.
            Initial support for the REdis Serialization Protocol known as RESP.
            Add printing function for Generic Protocol Extension for VXLAN
            Network Service Header: draft-ietf-sfc-nsh-01
            Don't recompile the filter if the new file has the same DLT.
            Pass an adjusted struct pcap_pkthdr to the sub-printer.
            Add three test cases for already fixed CVEs
               CVE-2014-8767: OLSR
               CVE-2014-8768: Geonet
               CVE-2014-8769: AODV
            Don't do the DDP-over-UDP heuristic first: GitHub issue #499.
            Use the new debugging routines in libpcap.
            Harmonize TCP source or destination ports tests with UDP ones
            Introduce data types to use for integral values in packet structures.
            RSVP: Fix an infinite loop
            Support of Type 3 and Type 4 LISP packets.
            Don't require IPv6 library support in order to support IPv6 addresses.
            Many many changes to support libnetdissect usage.
            Add a test that makes unaligned accesses: GitHub issue #478.
            add a DNSSEC test case: GH #445 and GH #467.
            BGP: add decoding of ADD-PATH capability
            fixes to LLC header printing, and RFC948-style IP packets
  • tcpdump-4.8.0-bp
    9871c5c5 · updated CHANGES for 1.8.0 ·
  • tcpdump-4.8.0
    2b60127b · bumped VERSION ·
  • tcpdump-4.7.4
    Friday April 10, 2015
      Summary for 4.7.4 tcpdump release
    	RPKI to Router Protocol: Fix Segmentation Faults and other problems
    	RPKI to Router Protocol: print strings with fn_printn()
    	wb: fix some bounds checks
    (replaces errant tcpdump-1.7.4 tag)
  • tcpdump-4.7.3
    4f824b27 · updated version to 4.7.3 ·
  • tcpdump-4.7.2
    Monday March 9, 2015
      Summary for 4.7.2 tcpdump release
    	DCCP: update Packet Types with RFC4340/IANA names
            fixes for CVE-2015-0261: IPv6 mobility header check issue
            fixes for CVE-2015-2153: kday packets -- TCP printer issues
            fixes for CVE-2015-2154: kday packets -- ethernet printer issues
            fixes for CVE-2015-2155: kday packets -- FORCES printer issues
    Friday Nov. 12, 2014
      Summary for 4.7.0 tcpdump release
            changes to hex printing of CDP packets
    	Fix PPI printing
    	Radius: update Packet Type Codes and Attribute Types with RFC/IANA names
    	Add a routine to print "text protocols", and add FTP/HTTP/SMTP/RTSP support.
    	improvements to telnet printer, even if not -v
    	omit length for bcp, print-tcp uses it
    	formatting fixes for a bunch of protocols
    	new bounds checks for a number of protocols
    	split netflow 1,6, and 6 dissector up.
    	added geneve dissector
            CVE-2014-9140 PPP dissector fixed.
  • tcpdump-4.7.0-bp
  • tcpdump-4.6.1
    25fdee76 · note changes ·
    release 4.6.1: minor changes from rc version
  • tcpdump-4.6.0