Lawrence Teo wrote: > On Mon, Mar 05, 2012 at 12:43:07AM +0100, Ingo Schwarze wrote: > > > http://www.manpagez.com/man/7/pcap-filter/ > > > http://www.tcpdump.org/release/libpcap-1.2.1.tar.gz > > > > > > Please consider adding it to the distribution. > > > > From cursory inspection, it looks like OpenBSD is using a fork of > > libpcap 0.4 or 0.5, selectively including later tcpdump.org > > additions, but not tracking upstream development closely, > > so including parts of the libpcap 1.2.1 manual would seem wrong. > > Yes, the last "selective sync" was with libpcap 0.9.4 in 2006. > > On a related note, I sent a diff to tech@ back in November 2011 that > imports a number of core functions from libpcap 1.2.0 to libpcap in > base. It makes it easier to port programs that need the newer libpcap > (like Snort 2.9.x) to OpenBSD. > > The diff could use some testing if anyone's interested. :) > > http://marc.info/?l=openbsd-tech&m=132029368027597&w=2
My remark was based on a late night thinko. Indeed libpcap included with openbsd is rather old. This patch seems to be the proper answer. # Han
