network device, so that
1) you can infer from the message whether the program is using
the old version of the code to get the PPA (which didn't work
all that well) or the newer version, without having to prod a
user complaining about tcpdump/Ethereal/whatever not working
to tell you which version of libpcap they're using;
2) programs can perhaps check the error message returned by
libpcap and, if it's the old error message, tell the user
that the problem may be that they're using an old libpcap.
#ifdef __cplusplus
extern "C" {
#endif
...
#ifdef __cplusplus
}
#endif
so that C++ code can include these header files and correctly call the
C-language routines they declare.
Kuznetzov's patched version of libpcap; we ignore the additional fields
it adds to the per-packet header. Red Hat Linux 6.2 uses that patched
version, and some other Linux distributions might do so as well.
(This won't handle an early version of his patch, which changed the
per-packet header but didn't change the magic number; that early version
appears in Red Hat Linux 6.1.
Doing that requires a heuristic test, wherein we assume the file is
standard libpcap and try to read the first and second records, and, if
the header of the second record looks like garbage, assume that the file
came from that early version, and that we're therefore reading random
packet data when we think we're reading the header of the second packet.
As we don't then want to seek back to the first packet, because we want
to continue to allow libpcap-based programs such as tcpdump to read from
pipes, we'd have to buffer data from the file so that we can go back and
re-read it. I leave this for later.)
Don't put the entire SUNOS4 directory into the tarball, as that may drag
in the CVS directories; instead, put in the files that actually belong
there.
Put "config.h.in" into the list in sort order.
the classic BSD "F" flag, which tells it to *exclude* certain files, is
unnecessary; furthermore, some versions of tar may not support it, and
GNU tar, as appears in FreeBSD and perhaps other BSDs, and in Linux,
interprets the "F" flag as meaning "run, at the end of each archive
volume, the script whose name is given as an argument to the flag", so
it's not even syntactically compatible with the classic "F" flag.
The latter problem causes "make tar" to fail; we remove the "F" flags to
fix the problem.
core if the YY_FLUSH_BUFFER macro is called when there's no current
buffer (e.g., before any scanning has been done).
So, instead, when using Flex, we use "yy_scan_string()" to specify that
the scanner should read from the filter expression string, rather than
defining our own YY_INPUT macro, and we add a "lex_cleanup()" routine,
called after parsing is complete, to delete the buffer allocated by
"yy_scan_string()", which arranges that, when we next hand the scanner a
string, it doesn't then return to the parser cruft left over from the
previous parse.
itojun