ChangeLog for LANtern
---------------------


10/11/2005

	- Removed the part of regex.c that printed out the matched data. I forgot to take it out for
	  the release of v1.0. Some people had all ready downloaded v1.0, so I'm releasing this now
	  as v1.0.1. Sorry.

	- Released v1.0.1

10/10/2005

	Code Changes
	------------

	- ANSIfied
	- macaddr() is now the MACADDR() macro which is just a sprintf() with the formatting done
	- Split into separate files: badhost.c, filter.c, init.c, main.c, pkt.c, regex.c, filter.h,
          lantern.h, linux.h, and pkthdrs.h

	New options, features, etc.
	---------------------------

	- Added support for GRE, IP-in-IP, MLPS, OSPF, Reverse ARP, and IPsec AH/ESP/IPComp headers
	- Protocols for the ignore options (-I and -R) are no longer case sensitive
	- Now catches SIGSEGV and tries to exit normally
	- Prints packet info to stdout, everything else (banner, error messages) to stderr. Uses the
	  macros PRINT (fprintf(stderr)), PUTS (fprintf(stderr) with "\n" appended), and PUTS2
	  (fprintf(stderr) with "\n" and two args).

	- Defaults to using PF_PACKET sockets, setsockopt to go into promisc mode, and BPF/LSF to
	  filter out packets at kernel level. If PF_PACKET isn't defined, a AF_INET/SOCK_PACKET
	  socket will be used and ioctl()s will be used to go into promisc mode. And if
	  SO_ATTACH_FILTER isn't defined, packets will be filtered in userland.

		- Compile with USE_SOCK_PACKET defined to use a AF_INET/SOCK_PACKET socket

		- Compile with IOCTL_PROMISC defined to use ioctl()s to go into promisc mode when
		  using a PF_PACKET socket

		- Compile with NO_KERNEL_FILTER to filter packets in userland

	- Now caches all addresses whose hostnames don't resolve so they won't be looked up again over
	  the network

	- Removed -a
	- Added -b and -bb options to dump filter code to stdout
	- Added -C to disable caching of addresses whose hostnames don't resolve
	- Added -D to daemonize and log to a file
	- Changed -e to -i for interface selection; -e now prints MAC addresses for frames
	- Added -k option to, if kernel filtering was compiled in, filter in userland instead
	- Added -r to only print packets that match a POSIX regular expression. Defaults to extended regexes.

		- Compile with USE_BASIC_REGEX defined to use "basic" regular expressions

	- Added -s for short hostnames (stops at first period)
	- Added -t and -tt to change timestamp formats. The default is ISO 8601 format (YYYY-MM-DD hh:mm:ss),
	  -t doesn't print a timestamp, -tt prints the unformatted timestamp (seconds since UNIX epoch)
	- Added -v for slightly more verbose output

	- Released v1.0 (the first one that doesn't totally suck)

7/9/2005

	Code Changes
	------------

	- Defined header struct for ip
	- Made all header struct definitions (not actual pointers) global
	- Renamed quite a bit of the variables and macros
	- Put total_pkts and prntd_pkts into globally defined "struct pkt"
	- Changed the array of strings for icmp types to an igmp_pkt switch(->type)
	  style
	- Now using an array of function pointers instead of the switch(ip->proto)
	  statement for calling the *_pkt ip functions. (I felt like playing around)

	New options, Visual/Other Changes
	---------------------------------

	- Drops egid and euid to 1000 when we don't need root privileges anymore

		- Added `-g' and `-u' options to change to a different egid and euid

	- Shortened description of `-m' in the help/usage screen
	- Now prints udp/udplite checksum even if it's 0
	- Added new "ROUTER (ADVERTISEMENT|SOLICITATION|TERMINATION)" numbers for
	  igmp. Now 0x24-0x26 and the newer 0x30-0x32 are used. Change seen on IANA's
	  igmp type list
	- Fixed a mistake where if you ignored every protocol with `-I', but
	  still used `-a', LANtern would keep running instead of giving an
	  error message. Now it just makes sure at least one "supported" protocol
	  is selected (like before)
	- Instead of printing "ipv4/(proto <num>)" for "unsupported" ip protocols, we
	  just print "ipv4/((<num>))"

	- Released v0.6

6/16/2005

	- Made options and mac addresses global
	- Added `-a' option to print protocol numbers for "unsupported"
	  ip protocols

		- Dropped raw ip protocol

	- Split ipv4_pkt() into separate functions for each protocol
	  (with udp and udp-lite sharing one function)
	- Merged arp_pkt() with getpkt()
	- Defined header structs for all protocols except ip
	- Released v0.5

6/11/2005

	- Added IGMP support (includes DVMRP, PIM, and RGMP types)
	- Released v0.4


6/7/2005

	- Added UDP-Lite support
	- Simplified options for selecting protocols
	- Created man page
	- Released v0.3


6/3/2005

	- Lots of little changes

		- Removed some extra code v0.1 had left over from the
		  "experimentation" stage
		- Shortened lookuphost() (just combined a few lines)
		- ipaddr() returns "struct in_addr *" instead of "char *"
		  (it doesn't call lookuphost() anymore)
		- Changed "sizeof(*ip)" to "ip->ip_hl*4" in ipv4_pkt()
		- Modified section involving promisc mode in init_if()
		- Changed some of the text in usage()
		- (plus some more)

	- Released v0.2


5/21/2005

	- Released v0.1