Wireshark-dev: [Wireshark-dev] [ANNOUNCE] WinPcap 4.1 beta3 has been released
From: "Gianluca Varenni" <[email protected]>
Date: Thu, 31 Jan 2008 10:09:17 -0800
As of today, WinPcap 4.1 beta3 is available in the download section of
the WinPcap website, http://www.winpcap.org/install/ . This new software release includes a couple fixes to the BPF filter engine in the kernel, as well as several fixes and additions to the BPF compiler for filters on wireless traffic (802.11).
Full details can be found in the change log attached at the end of 
this message. 
Being a beta release, as usual, we encourage people to test it and 
report any anomaly or strange behavior to the WinPcap mailing lists. 

Gianluca Varenni
WinPcap Team

Changelog from WinPcap 4.1 beta2

- (from libpcap) Make some arguments of some pcap functions const pointers if that makes sense. - (from libpcap) Add some additional checks to bpf_validate(), from OpenBSD. - (from libpcap) Use bpf_validate() in install_bpf_program(), so we validate programs even when they're being processed by userland filters. - (from libpcap) Get rid of BPF_MAXINSNS - we don't have a limit on program size in libpcap/WinPcap. - (from libpcap) Support for the "addr1", "addr2", "addr3", and "addr4" link-layer address filtering keywords for 802.11. - (from libpcap) Support for filtering over 802.11 frame types with the keywords "type" and "subtype". - Bug fixing:
 + Fixed a bug when generating wireless filters in the form "link src
host ...". The source address was not retrieved properly. + Added some more logic in the installer to account for errors while installing the Network Monitor component (NetMon). If NetMon is not available, we install a version of packet.dll that doesn't depend on it. + Fixed two bugs in the original OpenBSD filter validation code, one that caused it to reject all filters that used multiply instructions, and another that caused it to reject all filters that used divide instructions. + Fixed a bug in the filter engine in the driver. When the packet to filter is split into two buffers, under some circumstances the engine was not checking the right bytes in the packet.

Attachment: smime.p7s
Description: S/MIME cryptographic signature