[Winpcap-users] [ANNOUNCE] WinPcap 4.1 has been released

Mark Bednarczyk voytechs at yahoo.com
Tue Oct 20 15:55:11 PDT 2009


The exported function (from change log):

>
> - Bug fixing:
>   + Exported pcap_setdirection()
>

Is not in the 4.1 documentation as a standard function. Will it be added to
it for official support?

http://www.winpcap.org/docs/docs_41/html/group__wpcapfunc.html

My users are asking for it and I will be adding it into the java wrapper,
but can't find it in official documentation.

Cheers,
mark...
http://jnetpcap.com



> -----Original Message-----
> From: winpcap-users-bounces at winpcap.org
> [mailto:winpcap-users-bounces at winpcap.org] On Behalf Of
> Gianluca Varenni
> Sent: Tuesday, October 20, 2009 12:36 PM
> To: winpcap-users at winpcap.org
> Subject: [Winpcap-users] [ANNOUNCE] WinPcap 4.1 has been released
>
> As of today, WinPcap 4.1 is available in the download section
> of the WinPcap website.
>
> This release contains a large series of improvements that
> were gradually added to WinPcap during the various beta's.
>
> First of all, this version includes full support for x64
> platforms, both in the driver and in the user level libraries.
> Also, the long awaited support for Windows 7 (and Windows
> Server 2008 R2) has been added to the long list of supported
> flavors of Windows.
> The installer has been greatly improved and partially
> rewritten to better handle error conditions and non-standard
> Windows configurations.
> Finally, it included the latest version of libpcap (from
> http://www.tcpdump.org/) in the 1.0 branch.
> Full details of the changes can be found in the change log below.
>
> As always, we profoundly thank all the users that tested the
> development versions of WinPcap 4.1. Thanks!
>
> Gianluca Varenni
> WinPcap Team
>
>
>
> Changelog from WinPcap 4.1 beta5
> ================================
>
> - Several fixes and updates to the installer:
>   + Added installation support for Windows 7 and Server 2008 R2
>   + Added a new wizard page to choose if the driver should be started
>     automatically on boot.
>   + Fixed some issues when upgrading WinPcap on Windows Vista
> and Server
>     2008 x64.
>   + Better handle errors when Microsoft NetMon 2.x is not available.
>   + Better detection of the target operating system,
> especially when the
>     installer is run in compatibility mode.
>
> - wpcap.dll has been updated to the 1.0 branch of libpcap from
>   http://www.tcpdump.org.
>
> - Updated the tools used for the compilation (WDK 6001.18002).
>
> - Bug fixing:
>   + Exported pcap_setdirection()
>   + Fixed a bug in the compilation of rpcapd. This bug was causing the
>     daemon not to capture any packets.
>
>
> Changelog between WinPcap 4.1 beta4 and  WinPcap 4.1 beta5
> ==========================================================
>
> - Starting from this build, WinPcap is completely compiled with Visual
>   Studio 2005 SP1 (in order to have a single build environment for x86
>   and x64) and WDK6000. While the projects for Visual Studio
> 6 are still
>   available in the source package, they are no longer maintained.
>
> - wpcap.dll has been updated to libpcap 1.0.0 from
> http://www.tcpdump.org.
>
> - The new VS2005 project files for wpcap.dll and packet.dll have been
>   simplified a lot (i.e. less configurations!).
>
> - Big parts of the installer have been rewritten and cleaned
> up to account
>   for the x64 binaries installation.
>
> - The old WanPacket DLL has been removed. The code has been
> merged into
>   packet.dll.
>
> - The developer's pack includes LIB files for both x86 and
> x64 (for Visual
>   Studio). At the moment we don't have the LIB files for
> Cygwin under x64.
>
> - The samples have been ported to Visual Studio 2005, and
> they compile for
>   both x86 and x64 architectures. The old Visual Studio 6 projects are
>   still available but not actively maintained.
>
> - Bug fixing:
>   + Fixed the remote code to make it compile properly on Linux.
>   + Fixed a problem with the icon in the windows control panel.
>   + Fixed an installation bug under x64 for rpcapd.exe. When
> installing
>     rpcapd on an x64 machine, the executable is located in
> c:\program files
>     (x86), not in c:\program files.
>   + Support an indefinite number of IP (v4 and v6) addresses
> associated with
>     an adapter.
>   + Check that IPv4 is bound to an adapter before getting the
> IPv4 addresses
>     from the registry.
>   + Fixed several compilation warnings in the samples.
>   + Exported pcap_hopen_offline.
>   + Added a missing definition of HAVE_UINT64 in the bittypes.h.
>   + Fixed a bug in the filtering code for TurboCap adapters.
> The snaplen was
>     completely ignored.
>
>
> Changelog between WinPcap 4.1 beta3 and  WinPcap 4.1 beta4
> ==========================================================
>
> - Added support for the CACE TurboCap boards within wpcap.dll.
>
> - (from libpcap) Added the new functions pcap_create(),
>   pcap_activate(), pcap_set_XXX() (still not completely documented on
>   Windows).
>
> - (from libpcap) Added support for various MAC addresses' syntaxes.
>   Now the following syntaxes are supported:
>   + 00:11:22:33:44:55
>   + 00-11-22-33-44-55
>   + 00.11.22.33.44.55
>   + 001122334455.
>
> - Bug fixing:
>   + Use FILE_DEVICE_SECURE_OPEN as a parameter to IoCreateDevice()
>     when creating the I/O device from within the driver on the OSes
>     that support it.
>   + Fixed a bug in pcap_open_live() and pcap_activate(). They were
>     failing if called on a local adapter with the syntax
>     rpcap://\\Device....
>   + Added a missing input buffer check in the read handler of the
>     driver when working in statistics mode.
>   + Optimized the code in the driver that handles the BIOCGSTATS
>     control code (map only the needed portion of the user buffer into
>     an MDL).
>   + Fixed a possible memory leak in one of the error paths of the
>     driver when enumerating the available adapters.
>   + Cleaned up some global variable names in the driver.
>
>
> Changelog between WinPcap 4.1 beta2 and  WinPcap 4.1 beta3
> ==========================================================
>
> - (from libpcap) Make some arguments of some pcap functions const
>   pointers if that makes sense.
>
> - (from libpcap) Add some additional checks to bpf_validate(), from
>   OpenBSD.
>
> - (from libpcap) Use bpf_validate() in install_bpf_program(), so we
>   validate programs even when they're being processed by userland
>   filters.
>
> - (from libpcap) Get rid of BPF_MAXINSNS - we don't have a limit on
>   program size in libpcap/WinPcap.
>
> - (from libpcap) Support for the "addr1", "addr2", "addr3", and
>   "addr4" link-layer address filtering keywords for 802.11.
>
> - (from libpcap) Support for filtering over 802.11 frame types with
>   the keywords "type" and "subtype".
>
> - Bug fixing:
>   + Fixed a bug when generating wireless filters in the form "link src
>     host ...". The source address was not retrieved properly.
>   + Added some more logic in the installer to account for errors while
>     installing the Network Monitor component (NetMon). If NetMon is
>     not available, we install a version of packet.dll that doesn't
>     depend on it.
>   + Fixed two bugs in the original OpenBSD filter validation code, one
>     that caused it to reject all filters that used multiply
>     instructions, and another that caused it to reject all filters
>     that used divide instructions.
>   + Fixed a bug in the filter engine in the driver. When the packet to
>     filter is split into two buffers, under some circumstances the
>     engine was not checking the right bytes in the packet.
>
>
> Changelog between WinPcap 4.1 beta and  WinPcap 4.1 beta2
> =========================================================
>
> - Disabled support for monitor mode (also called TME, Table Management
>   Extensions) in the driver. This module suffers from several security
>   vulnerabilities that could result in BSODs or privilege escalation
>   attacks. This fix addresses a security vulnerability reported by the
>   iDefense Labs at
>
> http://labs.idefense.com/intelligence/vulnerabilities/display.
> php?id=625
>
> - Added a small script to integrate the libpcap sources into the
>   WinPcap tree automatically.
>
> - Moved the definition of all the I/O control codes to ioctls.h.
>
> - Cleaned up and removed some build scripts for the developer's pack.
>
> - Migrated the driver compilation environment to WDK 6000.
>
> - Enabled PreFAST driver compilation for the x64 build.
>
> - Added some doxygen directives to group the IOCTL codes and JIT
>   definitions in proper groups.
>
> - Integrated the IOCTL codes into one single set shared by packet.dll
>   and driver.
>
> - Modified the installer to return the win32 error code instead of -1
>   in case of failure in the error messages.
>
> - Added some #define directives to selectively disable the TME
>   functionality for WAN (i.e. Netmon-assisted) devices.
>
> - Added a VS2005 project to easily edit the files of the driver.
>
> - Removed some useless #include directives in the driver and
>   packet.dll.
>
> - Migrated several conditional directives (#ifdef/#endif) to the
>   defines of the DDK/WDK e.g. _X86_ and _AMD64_.
>
> - Added a check to warn users that remote-ext.h should not be included
>   directly.
>
> - Removed ntddndis.h from the WinPcap sources. It's included into the
>   Microsoft Platform SDK.
>
> - Removed devioctl.h from the WinPcap sources. It's included into the
>   Microsoft DDK/WDK.
>
> - Removed ntddpack.h from the WinPcap sources. It's an old header file
>   from the original DDK Packet sample, and it's not used by WinPcap.
>
> - Removed several useless files from the WinPcap developer's pack:
>   + all the TME extension header files
>   + devioctl.h
>   + gnuc.h
>   + ntddndis.h
>   + ntddpack.h
>   + pcap-int.h.
>
> - Bug fixing:
>   + Fixed a possible buffer overrun on x64 machines with more that 32
>     CPUs/cores.
>   + Fixed an implicit cast problem compiling the driver on x64.
>   + Fixed a bug in the installer causing a mis-detection of a previous
>     WinPcap installation.
>   + Fixed two bugs related to memory deallocation in packet.dll. We
>     were using free() instead of GlobalFreePtr(), and there was a
>     missing check as to when to deallocate a chunk of memory.
>   + Added a missing NULL pointer check in pcap_open().
>   + Moved a misplaced #ifdef WIN32 in pcap_open().
>   + Fixed a bug in the send routine of the driver that could cause a
>     crash under low resources conditions.
>
>
> Changelog between WinPcap 4.0.1 and  WinPcap 4.1 beta
> =====================================================
>
> - Added support for the Per Packet Info (PPI) link type.
>
> - wpcap.dll has been updated to the libpcap 0.9.6 branch from
>   http://www.tcpdump.org.
>
> - Bug fixing:
>   + Fixed a bug in pcap_open_live() by which we were silently ignoring
>     a failure when switching into promiscuous mode. This fix solves
>     the outstanding issue of wireless cards that fail to go into
>     promiscuous mode and do not capture any packet.
>   + Experimental fixes to the BPF compiler (pcap_compile()) to better
>     support filters over 802.11.
>   + Minor fixes to remove several PFD (PreFAST for Drivers) warnings.
>   + (from libpcap 0.9.6) added additional filter operations for 802.11
>     frame types
>   + (from libpcap 0.9.6) fixes to discard unread packets when changing
>     filters.
>
>
>
> _______________________________________________
> Winpcap-users mailing list
> Winpcap-users at winpcap.org
> https://www.winpcap.org/mailman/listinfo/winpcap-users




More information about the Winpcap-users mailing list