From Manu Pathak: add support for LMP Service Discovery extensions

[tcpdump] / tcpdump.c
diff --git a/tcpdump.c b/tcpdump.c

index d596dbe846cfe5d81ed836ad8e3a1efb1985ea5e..9348bd380b2d70db5d6c6d860cee133c528c4f84 100644 (file)
--- a/tcpdump.c
+++ b/tcpdump.c
@@ -26,11 +26,11 @@
   */
  
  #ifndef lint
   */
  
  #ifndef lint
-static const char copyright[] =
+static const char copyright[] _U_ =
      "@(#) Copyright (c) 1988, 1989, 1990, 1991, 1992, 1993, 1994, 1995, 1996, 1997, 2000\n\
  The Regents of the University of California.  All rights reserved.\n";
      "@(#) Copyright (c) 1988, 1989, 1990, 1991, 1992, 1993, 1994, 1995, 1996, 1997, 2000\n\
  The Regents of the University of California.  All rights reserved.\n";
-static const char rcsid[] =
-    "@(#) $Header: /tcpdump/master/tcpdump/tcpdump.c,v 1.197 2003-01-07 09:51:20 hannes Exp $ (LBL)";
+static const char rcsid[] _U_ =
+    "@(#) $Header: /tcpdump/master/tcpdump/tcpdump.c,v 1.256 2005-05-12 07:10:55 hannes Exp $ (LBL)";
  #endif
  
  /*
  #endif
  
  /*
@@ -56,12 +56,22 @@ extern int SIZE_BUF;
  #define uint UINT
  #endif /* WIN32 */
  
  #define uint UINT
  #endif /* WIN32 */
  
+#ifdef HAVE_SMI_H
+#include <smi.h>
+#endif
+
  #include <pcap.h>
  #include <signal.h>
  #include <stdio.h>
  #include <stdlib.h>
  #include <string.h>
  #include <pcap.h>
  #include <signal.h>
  #include <stdio.h>
  #include <stdlib.h>
  #include <string.h>
+#ifndef WIN32
+#include <pwd.h>
+#include <grp.h>
+#include <errno.h>
+#endif /* WIN32 */
  
  
+#include "netdissect.h"
  #include "interface.h"
  #include "addrtoname.h"
  #include "machdep.h"
  #include "interface.h"
  #include "addrtoname.h"
  #include "machdep.h"
@@ -69,34 +79,19 @@ extern int SIZE_BUF;
  #include "gmt2local.h"
  #include "pcap-missing.h"
  
  #include "gmt2local.h"
  #include "pcap-missing.h"
  
-int aflag;                     /* translate network and broadcast addresses */
+netdissect_options Gndo;
+netdissect_options *gndo = &Gndo;
+
+/*
+ * Define the maximum number of files for the -C flag, and how many
+ * characters can be added to a filename for the -C flag (which
+ * should be enough to handle MAX_CFLAG - 1).
+ */
+#define MAX_CFLAG      1000000
+#define MAX_CFLAG_CHARS        6
+
  int dflag;                     /* print filter code */
  int dflag;                     /* print filter code */
-int eflag;                     /* print ethernet header */
-int fflag;                     /* don't translate "foreign" IP address */
  int Lflag;                     /* list available data link types and exit */
  int Lflag;                     /* list available data link types and exit */
-int nflag;                     /* leave addresses as numbers */
-int Nflag;                     /* remove domains from printed host names */
-int Oflag = 1;                 /* run filter code optimizer */
-int pflag;                     /* don't go promiscuous */
-int qflag;                     /* quick (shorter) output */
-int Rflag = 1;                 /* print sequence # field in AH/ESP*/
-int sflag = 0;                 /* use the libsmi to translate OIDs */
-int Sflag;                     /* print raw TCP sequence numbers */
-int tflag = 1;                 /* print packet arrival time */
-int Uflag = 0;                 /* "unbuffered" output of dump files */
-int uflag = 0;                 /* Print undecoded NFS handles */
-int vflag;                     /* verbose */
-int xflag;                     /* print packet in hex */
-int Xflag;                     /* print packet in ascii as well as hex */
-off_t Cflag = 0;                /* rotate dump files after this many bytes */
-int Aflag = 0;                  /* print packet only in ascii observing LF, CR, TAB, SPACE */
-int dlt = -1;          /* if != -1, ask libpcap for the DLT it names */
-
-const char *dlt_name = NULL;
-
-char *espsecret = NULL;                /* ESP secret key */
-
-int packettype;
  
  static int infodelay;
  static int infoprint;
  
  static int infodelay;
  static int infoprint;
@@ -111,17 +106,27 @@ static void usage(void) __attribute__((noreturn));
  static void show_dlts_and_exit(pcap_t *pd) __attribute__((noreturn));
  
  static void print_packet(u_char *, const struct pcap_pkthdr *, const u_char *);
  static void show_dlts_and_exit(pcap_t *pd) __attribute__((noreturn));
  
  static void print_packet(u_char *, const struct pcap_pkthdr *, const u_char *);
+static void ndo_default_print(netdissect_options *, const u_char *, u_int);
  static void dump_packet_and_trunc(u_char *, const struct pcap_pkthdr *, const u_char *);
  static void dump_packet(u_char *, const struct pcap_pkthdr *, const u_char *);
  static void dump_packet_and_trunc(u_char *, const struct pcap_pkthdr *, const u_char *);
  static void dump_packet(u_char *, const struct pcap_pkthdr *, const u_char *);
+static void droproot(const char *, const char *);
+static void ndo_error(netdissect_options *ndo, const char *fmt, ...);
+static void ndo_warning(netdissect_options *ndo, const char *fmt, ...);
  
  #ifdef SIGINFO
  RETSIGTYPE requestinfo(int);
  #endif
  
  
  #ifdef SIGINFO
  RETSIGTYPE requestinfo(int);
  #endif
  
-static void info(int);
+#if defined(USE_WIN32_MM_TIMER)
+  #include <MMsystem.h>
+  static UINT timer_id;
+  static void CALLBACK verbose_stats_dump(UINT, UINT, DWORD_PTR, DWORD_PTR, DWORD_PTR);
+#elif defined(HAVE_ALARM)
+  static void verbose_stats_dump(int sig);
+#endif
  
  
-/* Length of saved portion of packet. */
-int snaplen = DEFAULT_SNAPLEN;
+static void info(int);
+static u_int packets_captured;
  
  typedef u_int (*if_printer)(const struct pcap_pkthdr *, const u_char *);
  
  
  typedef u_int (*if_printer)(const struct pcap_pkthdr *, const u_char *);
  
@@ -132,6 +137,9 @@ struct printer {
  
  static struct printer printers[] = {
         { arcnet_if_print,      DLT_ARCNET },
  
  static struct printer printers[] = {
         { arcnet_if_print,      DLT_ARCNET },
+#ifdef DLT_ARCNET_LINUX
+       { arcnet_linux_if_print, DLT_ARCNET_LINUX },
+#endif
         { ether_if_print,       DLT_EN10MB },
         { token_if_print,       DLT_IEEE802 },
  #ifdef DLT_LANE8023
         { ether_if_print,       DLT_EN10MB },
         { token_if_print,       DLT_IEEE802 },
  #ifdef DLT_LANE8023
@@ -144,9 +152,16 @@ static struct printer printers[] = {
         { cip_if_print,         DLT_ATM_CLIP },
  #endif
         { sl_if_print,          DLT_SLIP },
         { cip_if_print,         DLT_ATM_CLIP },
  #endif
         { sl_if_print,          DLT_SLIP },
+#ifdef DLT_SLIP_BSDOS
         { sl_bsdos_if_print,    DLT_SLIP_BSDOS },
         { sl_bsdos_if_print,    DLT_SLIP_BSDOS },
+#endif
         { ppp_if_print,         DLT_PPP },
         { ppp_if_print,         DLT_PPP },
+#ifdef DLT_PPP_WITHDIRECTION
+       { ppp_if_print,         DLT_PPP_WITHDIRECTION },
+#endif
+#ifdef DLT_PPP_BSDOS
         { ppp_bsdos_if_print,   DLT_PPP_BSDOS },
         { ppp_bsdos_if_print,   DLT_PPP_BSDOS },
+#endif
         { fddi_if_print,        DLT_FDDI },
         { null_if_print,        DLT_NULL },
  #ifdef DLT_LOOP
         { fddi_if_print,        DLT_FDDI },
         { null_if_print,        DLT_NULL },
  #ifdef DLT_LOOP
@@ -195,6 +210,36 @@ static struct printer printers[] = {
  #endif
  #ifdef DLT_IEEE802_11_RADIO
         { ieee802_11_radio_if_print,    DLT_IEEE802_11_RADIO },
  #endif
  #ifdef DLT_IEEE802_11_RADIO
         { ieee802_11_radio_if_print,    DLT_IEEE802_11_RADIO },
+#endif
+#ifdef DLT_ENC
+       { enc_if_print,         DLT_ENC },
+#endif
+#ifdef DLT_SYMANTEC_FIREWALL
+       { symantec_if_print,    DLT_SYMANTEC_FIREWALL },
+#endif
+#ifdef DLT_APPLE_IP_OVER_IEEE1394
+       { ap1394_if_print,      DLT_APPLE_IP_OVER_IEEE1394 },
+#endif
+#ifdef DLT_JUNIPER_ATM1
+       { juniper_atm1_print,   DLT_JUNIPER_ATM1 },
+#endif
+#ifdef DLT_JUNIPER_ATM2
+       { juniper_atm2_print,   DLT_JUNIPER_ATM2 },
+#endif
+#ifdef DLT_JUNIPER_MFR
+       { juniper_mfr_print,    DLT_JUNIPER_MFR },
+#endif
+#ifdef DLT_JUNIPER_MLFR
+       { juniper_mlfr_print,   DLT_JUNIPER_MLFR },
+#endif
+#ifdef DLT_JUNIPER_MLPPP
+       { juniper_mlppp_print,  DLT_JUNIPER_MLPPP },
+#endif
+#ifdef DLT_JUNIPER_PPPOE
+       { juniper_pppoe_print,  DLT_JUNIPER_PPPOE },
+#endif
+#ifdef DLT_JUNIPER_PPPOE_ATM
+       { juniper_pppoe_atm_print, DLT_JUNIPER_PPPOE_ATM },
  #endif
         { NULL,                 0 },
  };
  #endif
         { NULL,                 0 },
  };
@@ -246,7 +291,8 @@ show_dlts_and_exit(pcap_t *pd)
         while (--n_dlts >= 0) {
                 dlt_name = pcap_datalink_val_to_name(dlts[n_dlts]);
                 if (dlt_name != NULL) {
         while (--n_dlts >= 0) {
                 dlt_name = pcap_datalink_val_to_name(dlts[n_dlts]);
                 if (dlt_name != NULL) {
-                       (void) fprintf(stderr, "  %s", dlt_name);
+                       (void) fprintf(stderr, "  %s (%s)", dlt_name,
+                           pcap_datalink_val_to_description(dlts[n_dlts]));
  
                         /*
                          * OK, does tcpdump handle that type?
  
                         /*
                          * OK, does tcpdump handle that type?
@@ -275,6 +321,12 @@ show_dlts_and_exit(pcap_t *pd)
  #define B_FLAG_USAGE
  #endif /* WIN32 */
  
  #define B_FLAG_USAGE
  #endif /* WIN32 */
  
+#ifdef HAVE_PCAP_FINDALLDEVS
+#ifndef HAVE_PCAP_IF_T
+#undef HAVE_PCAP_FINDALLDEVS
+#endif
+#endif
+
  #ifdef HAVE_PCAP_FINDALLDEVS
  #define D_FLAG "D"
  #else
  #ifdef HAVE_PCAP_FINDALLDEVS
  #define D_FLAG "D"
  #else
@@ -287,12 +339,89 @@ show_dlts_and_exit(pcap_t *pd)
  #define U_FLAG
  #endif
  
  #define U_FLAG
  #endif
  
+#ifndef WIN32
+/* Drop root privileges and chroot if necessary */
+static void
+droproot(const char *username, const char *chroot_dir)
+{
+       struct passwd *pw = NULL;
+
+       if (chroot_dir && !username) {
+               fprintf(stderr, "tcpdump: Chroot without dropping root is insecure\n");
+               exit(1);
+       }
+       
+       pw = getpwnam(username);
+       if (pw) {
+               if (chroot_dir) {
+                       if (chroot(chroot_dir) != 0 || chdir ("/") != 0) {
+                               fprintf(stderr, "tcpdump: Couldn't chroot/chdir to '%.64s': %s\n",
+                                   chroot_dir, pcap_strerror(errno));
+                               exit(1);
+                       }
+               }
+               if (initgroups(pw->pw_name, pw->pw_gid) != 0 ||
+                   setgid(pw->pw_gid) != 0 || setuid(pw->pw_uid) != 0) {
+                       fprintf(stderr, "tcpdump: Couldn't change to '%.32s' uid=%lu gid=%lu: %s\n",
+                           username, 
+                           (unsigned long)pw->pw_uid,
+                           (unsigned long)pw->pw_gid,
+                           pcap_strerror(errno));
+                       exit(1);
+               }
+       }
+       else {
+               fprintf(stderr, "tcpdump: Couldn't find user '%.32s'\n",
+                   username);
+               exit(1);
+       }
+}
+#endif /* WIN32 */
+
+static int
+getWflagChars(int x)
+{
+       int c = 0;
+
+       x -= 1;
+       while (x > 0) {
+               c += 1;
+               x /= 10;
+       }
+
+       return c;
+}
+
+
+static void
+MakeFilename(char *buffer, char *orig_name, int cnt, int max_chars)
+{
+       if (cnt == 0 && max_chars == 0)
+               strcpy(buffer, orig_name);
+       else
+               sprintf(buffer, "%s%0*d", orig_name, max_chars, cnt);
+}
+
+static int tcpdump_printf(netdissect_options *ndo _U_,
+                         const char *fmt, ...)
+{
+  
+  va_list args;
+  int ret;
+
+  va_start(args, fmt);
+  ret=vfprintf(stdout, fmt, args);
+  va_end(args);
+
+  return ret;
+}
+
  int
  main(int argc, char **argv)
  {
         register int cnt, op, i;
         bpf_u_int32 localnet, netmask;
  int
  main(int argc, char **argv)
  {
         register int cnt, op, i;
         bpf_u_int32 localnet, netmask;
-       register char *cp, *infile, *cmdbuf, *device, *RFileName, *WFileName;
+       register char *cp, *infile, *cmdbuf, *device, *RFileName, *WFileName, *WFileNameAlt;
         pcap_handler callback;
         int type;
         struct bpf_program fcode;
         pcap_handler callback;
         int type;
         struct bpf_program fcode;
@@ -303,22 +432,27 @@ main(int argc, char **argv)
         struct dump_info dumpinfo;
         u_char *pcap_userdata;
         char ebuf[PCAP_ERRBUF_SIZE];
         struct dump_info dumpinfo;
         u_char *pcap_userdata;
         char ebuf[PCAP_ERRBUF_SIZE];
+       char *username = NULL;
+       char *chroot_dir = NULL;
  #ifdef HAVE_PCAP_FINDALLDEVS
         pcap_if_t *devpointer;
         int devnum;
  #endif
  #ifdef HAVE_PCAP_FINDALLDEVS
         pcap_if_t *devpointer;
         int devnum;
  #endif
+       int status;
  #ifdef WIN32
  #ifdef WIN32
-       DWORD dwVersion;
-       DWORD dwWindowsMajorVersion;
-       u_int UserBufferSize=1000000;
-#endif
-
-#ifdef WIN32
-       dwVersion=GetVersion();         /* get the OS version */
-       dwWindowsMajorVersion =  (DWORD)(LOBYTE(LOWORD(dwVersion)));
-       if(wsockinit()!=0) return 1;
+       u_int UserBufferSize = 1000000;
+       if(wsockinit() != 0) return 1;
  #endif /* WIN32 */
  
  #endif /* WIN32 */
  
+        gndo->ndo_Oflag=1;
+       gndo->ndo_Rflag=1;
+       gndo->ndo_dlt=-1;
+       gndo->ndo_default_print=ndo_default_print;
+       gndo->ndo_printf=tcpdump_printf;
+       gndo->ndo_error=ndo_error;
+       gndo->ndo_warning=ndo_warning;
+       gndo->ndo_snaplen = DEFAULT_SNAPLEN;
+  
         cnt = -1;
         device = NULL;
         infile = NULL;
         cnt = -1;
         device = NULL;
         infile = NULL;
@@ -338,11 +472,11 @@ main(int argc, char **argv)
  
         opterr = 0;
         while (
  
         opterr = 0;
         while (
-           (op = getopt(argc, argv, "aA" B_FLAG "c:C:d" D_FLAG "eE:fF:i:lLm:nNOpqr:Rs:StT:u" U_FLAG "vw:xXy:Y")) != -1)
+           (op = getopt(argc, argv, "aA" B_FLAG "c:C:d" D_FLAG "eE:fF:i:lLm:M:nNOpqr:Rs:StT:u" U_FLAG "vw:W:xXy:YZ:")) != -1)
                 switch (op) {
  
                 case 'a':
                 switch (op) {
  
                 case 'a':
-                       ++aflag;
+                       /* compatibility for old -a */
                         break;
  
                 case 'A':
                         break;
  
                 case 'A':
@@ -403,7 +537,7 @@ main(int argc, char **argv)
  #ifndef HAVE_LIBCRYPTO
                         warning("crypto code not compiled in");
  #endif
  #ifndef HAVE_LIBCRYPTO
                         warning("crypto code not compiled in");
  #endif
-                       espsecret = optarg;
+                       gndo->ndo_espsecret = optarg;
                         break;
  
                 case 'f':
                         break;
  
                 case 'f':
@@ -450,11 +584,24 @@ main(int argc, char **argv)
                         break;
  
                 case 'l':
                         break;
  
                 case 'l':
+#ifdef WIN32
+                       /*
+                        * _IOLBF is the same as _IOFBF in Microsoft's C
+                        * libraries; the only alternative they offer
+                        * is _IONBF.
+                        *
+                        * XXX - this should really be checking for MSVC++,
+                        * not WIN32, if, for example, MinGW has its own
+                        * C library that is more UNIX-compatible.
+                        */
+                       setvbuf(stdout, NULL, _IONBF, 0);
+#else /* WIN32 */
  #ifdef HAVE_SETLINEBUF
                         setlinebuf(stdout);
  #else
                         setvbuf(stdout, NULL, _IOLBF, 0);
  #endif
  #ifdef HAVE_SETLINEBUF
                         setlinebuf(stdout);
  #else
                         setvbuf(stdout, NULL, _IOLBF, 0);
  #endif
+#endif /* WIN32 */
                         break;
  
                 case 'n':
                         break;
  
                 case 'n':
@@ -476,6 +623,15 @@ main(int argc, char **argv)
                                       program_name, optarg);
                         (void)fprintf(stderr, "(no libsmi support)\n");
  #endif
                                       program_name, optarg);
                         (void)fprintf(stderr, "(no libsmi support)\n");
  #endif
+                       break;
+
+               case 'M':
+                       /* TCP-MD5 shared secret */
+#ifndef HAVE_LIBCRYPTO
+                       warning("crypto code not compiled in");
+#endif
+                       tcpmd5secret = optarg;
+                       break;
  
                 case 'O':
                         Oflag = 0;
  
                 case 'O':
                         Oflag = 0;
@@ -514,7 +670,7 @@ main(int argc, char **argv)
                         break;
  
                 case 't':
                         break;
  
                 case 't':
-                       --tflag;
+                       ++tflag;
                         break;
  
                 case 'T':
                         break;
  
                 case 'T':
@@ -532,6 +688,10 @@ main(int argc, char **argv)
                                 packettype = PT_SNMP;
                         else if (strcasecmp(optarg, "cnfp") == 0)
                                 packettype = PT_CNFP;
                                 packettype = PT_SNMP;
                         else if (strcasecmp(optarg, "cnfp") == 0)
                                 packettype = PT_CNFP;
+                       else if (strcasecmp(optarg, "tftp") == 0)
+                               packettype = PT_TFTP;
+                       else if (strcasecmp(optarg, "aodv") == 0)
+                               packettype = PT_AODV;
                         else
                                 error("unknown packet type `%s'", optarg);
                         break;
                         else
                                 error("unknown packet type `%s'", optarg);
                         break;
@@ -554,20 +714,27 @@ main(int argc, char **argv)
                         WFileName = optarg;
                         break;
  
                         WFileName = optarg;
                         break;
  
+               case 'W':
+                       Wflag = atoi(optarg);
+                       if (Wflag < 0) 
+                               error("invalid number of output files %s", optarg);
+                       WflagChars = getWflagChars(Wflag);
+                       break;
+
                 case 'x':
                         ++xflag;
                         break;
  
                 case 'X':
                 case 'x':
                         ++xflag;
                         break;
  
                 case 'X':
-                       ++xflag;
                         ++Xflag;
                         break;
  
                 case 'y':
                         ++Xflag;
                         break;
  
                 case 'y':
-                       dlt_name = optarg;
-                       dlt = pcap_datalink_name_to_val(dlt_name);
-                       if (dlt < 0)
-                               error("invalid data link type %s", dlt_name);
+                       gndo->ndo_dltname = optarg;
+                       gndo->ndo_dlt =
+                         pcap_datalink_name_to_val(gndo->ndo_dltname);
+                       if (gndo->ndo_dlt < 0)
+                               error("invalid data link type %s", gndo->ndo_dltname);
                         break;
  
  #if defined(HAVE_PCAP_DEBUG) || defined(HAVE_YYDEBUG)
                         break;
  
  #if defined(HAVE_PCAP_DEBUG) || defined(HAVE_YYDEBUG)
@@ -584,30 +751,87 @@ main(int argc, char **argv)
                         }
                         break;
  #endif
                         }
                         break;
  #endif
+               case 'Z':
+                       if (optarg) {
+                               username = strdup(optarg);
+                       }
+                       else {
+                               usage();
+                               /* NOTREACHED */
+                       }
+                       break;
+
                 default:
                         usage();
                         /* NOTREACHED */
                 }
  
                 default:
                         usage();
                         /* NOTREACHED */
                 }
  
-       if (aflag && nflag)
-               error("-a and -n options are incompatible");
+       switch (tflag) {
  
  
-       if (tflag > 0)
+       case 0: /* Default */
+       case 4: /* Default + Date*/
                 thiszone = gmt2local(0);
                 thiszone = gmt2local(0);
+               break;
+
+       case 1: /* No time stamp */
+       case 2: /* Unix timeval style */
+       case 3: /* Microseconds since previous packet */
+               break;
+
+       default: /* Not supported */
+               error("only -t, -tt, -ttt, and -tttt are supported");
+               break;
+       }
+
+#ifdef WITH_CHROOT
+       /* if run as root, prepare for chrooting */
+       if (getuid() == 0 || geteuid() == 0) {
+               /* future extensibility for cmd-line arguments */
+               if (!chroot_dir)
+                       chroot_dir = WITH_CHROOT;
+       }
+#endif
+
+#ifdef WITH_USER
+       /* if run as root, prepare for dropping root privileges */
+       if (getuid() == 0 || geteuid() == 0) {
+               /* Run with '-Z root' to restore old behaviour */ 
+               if (!username)
+                       username = WITH_USER;
+       }
+#endif
  
         if (RFileName != NULL) {
  
         if (RFileName != NULL) {
+               int dlt;
+               const char *dlt_name;
+
+#ifndef WIN32
                 /*
                 /*
-                * We don't need network access, so set it back to the user id.
-                * Also, this prevents the user from reading anyone's
-                * trace file.
+                * We don't need network access, so relinquish any set-UID
+                * or set-GID privileges we have (if any).
+                *
+                * We do *not* want set-UID privileges when opening a
+                * trace file, as that might let the user read other
+                * people's trace files (especially if we're set-UID
+                * root).
                  */
                  */
-#ifndef WIN32
-               setuid(getuid());
+               if (setgid(getgid()) != 0 || setuid(getuid()) != 0 )
+                       fprintf(stderr, "Warning: setgid/setuid failed !\n");
  #endif /* WIN32 */
  #endif /* WIN32 */
-
                 pd = pcap_open_offline(RFileName, ebuf);
                 if (pd == NULL)
                         error("%s", ebuf);
                 pd = pcap_open_offline(RFileName, ebuf);
                 if (pd == NULL)
                         error("%s", ebuf);
+               dlt = pcap_datalink(pd);
+               dlt_name = pcap_datalink_val_to_name(dlt);
+               if (dlt_name == NULL) {
+                       fprintf(stderr, "reading from file %s, link-type %u\n",
+                           RFileName, dlt);
+               } else {
+                       fprintf(stderr,
+                           "reading from file %s, link-type %s (%s)\n",
+                           RFileName, dlt_name,
+                           pcap_datalink_val_to_description(dlt));
+               }
                 localnet = 0;
                 netmask = 0;
                 if (fflag != 0)
                 localnet = 0;
                 netmask = 0;
                 if (fflag != 0)
@@ -619,7 +843,16 @@ main(int argc, char **argv)
                                 error("%s", ebuf);
                 }
  #ifdef WIN32
                                 error("%s", ebuf);
                 }
  #ifdef WIN32
-               PrintCapBegins(program_name,device);
+               if(strlen(device) == 1) //we assume that an ASCII string is always longer than 1 char
+               {                                               //a Unicode string has a \0 as second byte (so strlen() is 1)
+                       fprintf(stderr, "%s: listening on %ws\n", program_name, device);
+               }
+               else
+               {
+                       fprintf(stderr, "%s: listening on %s\n", program_name, device);
+               }
+
+               fflush(stderr); 
  #endif /* WIN32 */
                 *ebuf = '\0';
                 pd = pcap_open_live(device, snaplen, !pflag, 1000, ebuf);
  #endif /* WIN32 */
                 *ebuf = '\0';
                 pd = pcap_open_live(device, snaplen, !pflag, 1000, ebuf);
@@ -627,6 +860,13 @@ main(int argc, char **argv)
                         error("%s", ebuf);
                 else if (*ebuf)
                         warning("%s", ebuf);
                         error("%s", ebuf);
                 else if (*ebuf)
                         warning("%s", ebuf);
+               /*
+                * Let user own process after socket has been opened.
+                */
+#ifndef WIN32
+               if (setgid(getgid()) != 0 || setuid(getuid()) != 0)
+                       fprintf(stderr, "Warning: setgid/setuid failed !\n");
+#endif /* WIN32 */
  #ifdef WIN32
                 if(UserBufferSize != 1000000)
                         if(pcap_setbuff(pd, UserBufferSize)==-1){
  #ifdef WIN32
                 if(UserBufferSize != 1000000)
                         if(pcap_setbuff(pd, UserBufferSize)==-1){
@@ -635,9 +875,9 @@ main(int argc, char **argv)
  #endif /* WIN32 */
                 if (Lflag)
                         show_dlts_and_exit(pd);
  #endif /* WIN32 */
                 if (Lflag)
                         show_dlts_and_exit(pd);
-               if (dlt >= 0) {
+               if (gndo->ndo_dlt >= 0) {
  #ifdef HAVE_PCAP_SET_DATALINK
  #ifdef HAVE_PCAP_SET_DATALINK
-                       if (pcap_set_datalink(pd, dlt) < 0)
+                       if (pcap_set_datalink(pd, gndo->ndo_dlt) < 0)
                                 error("%s", pcap_geterr(pd));
  #else
                         /*
                                 error("%s", pcap_geterr(pd));
  #else
                         /*
@@ -645,13 +885,13 @@ main(int argc, char **argv)
                          * data link type, so we only let them
                          * set it to what it already is.
                          */
                          * data link type, so we only let them
                          * set it to what it already is.
                          */
-                       if (dlt != pcap_datalink(pd)) {
+                       if (gndo->ndo_dlt != pcap_datalink(pd)) {
                                 error("%s is not one of the DLTs supported by this device\n",
                                 error("%s is not one of the DLTs supported by this device\n",
-                                   dlt_name);
+                                     gndo->ndo_dltname);
                         }
  #endif
                         (void)fprintf(stderr, "%s: data link type %s\n",
                         }
  #endif
                         (void)fprintf(stderr, "%s: data link type %s\n",
-                                     program_name, dlt_name);
+                                     program_name, gndo->ndo_dltname);
                         (void)fflush(stderr);
                 }
                 i = pcap_snapshot(pd);
                         (void)fflush(stderr);
                 }
                 i = pcap_snapshot(pd);
@@ -664,12 +904,6 @@ main(int argc, char **argv)
                         netmask = 0;
                         warning("%s", ebuf);
                 }
                         netmask = 0;
                         warning("%s", ebuf);
                 }
-               /*
-                * Let user own process after socket has been opened.
-                */
-#ifndef WIN32
-               setuid(getuid());
-#endif /* WIN32 */
         }
         if (infile)
                 cmdbuf = read_infile(infile);
         }
         if (infile)
                 cmdbuf = read_infile(infile);
@@ -685,6 +919,9 @@ main(int argc, char **argv)
         }
         init_addrtoname(localnet, netmask);
  
         }
         init_addrtoname(localnet, netmask);
  
+#ifndef WIN32  
+       (void)setsignal(SIGPIPE, cleanup);
+#endif /* WIN32 */
         (void)setsignal(SIGTERM, cleanup);
         (void)setsignal(SIGINT, cleanup);
         /* Cooperate with nohup(1) */
         (void)setsignal(SIGTERM, cleanup);
         (void)setsignal(SIGINT, cleanup);
         /* Cooperate with nohup(1) */
@@ -696,7 +933,13 @@ main(int argc, char **argv)
         if (pcap_setfilter(pd, &fcode) < 0)
                 error("%s", pcap_geterr(pd));
         if (WFileName) {
         if (pcap_setfilter(pd, &fcode) < 0)
                 error("%s", pcap_geterr(pd));
         if (WFileName) {
-               pcap_dumper_t *p = pcap_dump_open(pd, WFileName);
+               pcap_dumper_t *p;
+
+               WFileNameAlt = (char *)malloc(strlen(WFileName) + MAX_CFLAG_CHARS + 1);
+               if (WFileNameAlt == NULL)
+                       error("malloc of WFileNameAlt");
+               MakeFilename(WFileNameAlt, WFileName, 0, WflagChars);
+               p = pcap_dump_open(pd, WFileNameAlt);
                 if (p == NULL)
                         error("%s", pcap_geterr(pd));
                 if (Cflag != 0) {
                 if (p == NULL)
                         error("%s", pcap_geterr(pd));
                 if (Cflag != 0) {
@@ -713,52 +956,143 @@ main(int argc, char **argv)
                 type = pcap_datalink(pd);
                 printinfo.printer = lookup_printer(type);
                 if (printinfo.printer == NULL) {
                 type = pcap_datalink(pd);
                 printinfo.printer = lookup_printer(type);
                 if (printinfo.printer == NULL) {
-                       dlt_name = pcap_datalink_val_to_name(type);
-                       if (dlt_name != NULL)
-                               error("unsupported data link type %s", dlt_name);
+                       gndo->ndo_dltname = pcap_datalink_val_to_name(type);
+                       if (gndo->ndo_dltname != NULL)
+                               error("unsupported data link type %s",
+                                     gndo->ndo_dltname);
                         else
                                 error("unsupported data link type %d", type);
                 }
                 callback = print_packet;
                 pcap_userdata = (u_char *)&printinfo;
         }
                         else
                                 error("unsupported data link type %d", type);
                 }
                 callback = print_packet;
                 pcap_userdata = (u_char *)&printinfo;
         }
+#ifndef WIN32
+       /*
+        * We cannot do this earlier, because we want to be able to open
+        * the file (if done) for writing before giving up permissions.
+        */
+       if (getuid() == 0 || geteuid() == 0) {
+               if (username || chroot_dir)
+                       droproot(username, chroot_dir);
+       }
+#endif /* WIN32 */
  #ifdef SIGINFO
         (void)setsignal(SIGINFO, requestinfo);
  #endif
  #ifdef SIGINFO
         (void)setsignal(SIGINFO, requestinfo);
  #endif
+
+       if (vflag > 0 && WFileName) {
+               /*
+                * When capturing to a file, "-v" means tcpdump should,
+                * every 10 secodns, "v"erbosely report the number of
+                * packets captured.
+                */
+#ifdef USE_WIN32_MM_TIMER
+               /* call verbose_stats_dump() each 1000 +/-100msec */
+               timer_id = timeSetEvent(1000, 100, verbose_stats_dump, 0, TIME_PERIODIC);
+               setvbuf(stderr, NULL, _IONBF, 0);
+#elif defined(HAVE_ALARM)
+               (void)setsignal(SIGALRM, verbose_stats_dump);
+               alarm(1);
+#endif
+       }
+
  #ifndef WIN32
         if (RFileName == NULL) {
  #ifndef WIN32
         if (RFileName == NULL) {
-            if (vflag == 0)
-                (void)fprintf(stderr, "%s: verbose output suppressed, use -v or -vv for full protocol decode\n",program_name);
-            (void)fprintf(stderr, "listening on %s, capture size %u bytes\n", device, snaplen);
-            (void)fflush(stderr);
+               int dlt;
+               const char *dlt_name;
+
+               if (!vflag && !WFileName) {
+                       (void)fprintf(stderr,
+                           "%s: verbose output suppressed, use -v or -vv for full protocol decode\n",
+                           program_name);
+               } else
+                       (void)fprintf(stderr, "%s: ", program_name);
+               dlt = pcap_datalink(pd);
+               dlt_name = pcap_datalink_val_to_name(dlt);
+               if (dlt_name == NULL) {
+                       (void)fprintf(stderr, "listening on %s, link-type %u, capture size %u bytes\n",
+                           device, dlt, snaplen);
+               } else {
+                       (void)fprintf(stderr, "listening on %s, link-type %s (%s), capture size %u bytes\n",
+                           device, dlt_name,
+                           pcap_datalink_val_to_description(dlt), snaplen);
+               }
+               (void)fflush(stderr);
         }
  #endif /* WIN32 */
         }
  #endif /* WIN32 */
-       if (pcap_loop(pd, cnt, callback, pcap_userdata) < 0) {
+       status = pcap_loop(pd, cnt, callback, pcap_userdata);
+       if (WFileName == NULL) {
+               /*
+                * We're printing packets.  Flush the printed output,
+                * so it doesn't get intermingled with error output.
+                */
+               if (status == -2) {
+                       /*
+                        * We got interrupted, so perhaps we didn't
+                        * manage to finish a line we were printing.
+                        * Print an extra newline, just in case.
+                        */
+                       putchar('\n');
+               }
+               (void)fflush(stdout);
+       }
+       if (status == -1) {
+               /*
+                * Error.  Report it.
+                */
                 (void)fprintf(stderr, "%s: pcap_loop: %s\n",
                     program_name, pcap_geterr(pd));
                 (void)fprintf(stderr, "%s: pcap_loop: %s\n",
                     program_name, pcap_geterr(pd));
-               cleanup(0);
-               pcap_close(pd);
-               exit(1);
         }
         }
-       if (RFileName == NULL)
+       if (RFileName == NULL) {
+               /*
+                * We're doing a live capture.  Report the capture
+                * statistics.
+                */
                 info(1);
                 info(1);
+       }
         pcap_close(pd);
         pcap_close(pd);
-       exit(0);
+       exit(status == -1 ? 1 : 0);
  }
  
  /* make a clean exit on interrupts */
  static RETSIGTYPE
  }
  
  /* make a clean exit on interrupts */
  static RETSIGTYPE
-cleanup(int signo)
+cleanup(int signo _U_)
  {
  {
+#ifdef USE_WIN32_MM_TIMER
+       if (timer_id)
+               timeKillEvent(timer_id);
+       timer_id = 0;
+#elif defined(HAVE_ALARM)
+       alarm(0);
+#endif
  
  
-       /* Can't print the summary if reading from a savefile */
+#ifdef HAVE_PCAP_BREAKLOOP
+       /*
+        * We have "pcap_breakloop()"; use it, so that we do as little
+        * as possible in the signal handler (it's probably not safe
+        * to do anything with standard I/O streams in a signal handler -
+        * the ANSI C standard doesn't say it is).
+        */
+       pcap_breakloop(pd);
+#else
+       /*
+        * We don't have "pcap_breakloop()"; this isn't safe, but
+        * it's the best we can do.  Print the summary if we're
+        * not reading from a savefile - i.e., if we're doing a
+        * live capture - and exit.
+        */
         if (pd != NULL && pcap_file(pd) == NULL) {
         if (pd != NULL && pcap_file(pd) == NULL) {
+               /*
+                * We got interrupted, so perhaps we didn't
+                * manage to finish a line we were printing.
+                * Print an extra newline, just in case.
+                */
+               putchar('\n');
                 (void)fflush(stdout);
                 (void)fflush(stdout);
-               putc('\n', stderr);
                 info(1);
         }
                 info(1);
         }
-       if (signo)
-               exit(0);
+       exit(0);
+#endif
  }
  
  static void
  }
  
  static void
@@ -774,6 +1108,11 @@ info(register int verbose)
         if (!verbose)
                 fprintf(stderr, "%s: ", program_name);
  
         if (!verbose)
                 fprintf(stderr, "%s: ", program_name);
  
+       (void)fprintf(stderr, "%u packets captured", packets_captured);
+       if (!verbose)
+               fputs(", ", stderr);
+       else
+               putc('\n', stderr);
         (void)fprintf(stderr, "%d packets received by filter", stat.ps_recv);
         if (!verbose)
                 fputs(", ", stderr);
         (void)fprintf(stderr, "%d packets received by filter", stat.ps_recv);
         if (!verbose)
                 fputs(", ", stderr);
@@ -783,40 +1122,14 @@ info(register int verbose)
         infoprint = 0;
  }
  
         infoprint = 0;
  }
  
-static void
-reverse(char *s)
-{
-       int i, j, c;
-
-       for (i = 0, j = strlen(s) - 1; i < j; i++, j--) {
-               c = s[i];
-               s[i] = s[j];
-               s[j] = c;
-       }
-}
-
-
-static void
-swebitoa(unsigned int n, char *s)
-{
-       unsigned int i;
-
-       i = 0;
-       do {
-               s[i++] = n % 10 + '0';
-       } while ((n /= 10) > 0);
-
-       s[i] = '\0';
-       reverse(s);
-}
-
  static void
  dump_packet_and_trunc(u_char *user, const struct pcap_pkthdr *h, const u_char *sp)
  {
         struct dump_info *dump_info;
  static void
  dump_packet_and_trunc(u_char *user, const struct pcap_pkthdr *h, const u_char *sp)
  {
         struct dump_info *dump_info;
-       static uint cnt = 2;
         char *name;
  
         char *name;
  
+       ++packets_captured;
+
         ++infodelay;
  
         dump_info = (struct dump_info *)user;
         ++infodelay;
  
         dump_info = (struct dump_info *)user;
@@ -827,13 +1140,22 @@ dump_packet_and_trunc(u_char *user, const struct pcap_pkthdr *h, const u_char *s
          * file could put it over Cflag.
          */
         if (ftell((FILE *)dump_info->p) > Cflag) {
          * file could put it over Cflag.
          */
         if (ftell((FILE *)dump_info->p) > Cflag) {
-               name = (char *) malloc(strlen(dump_info->WFileName) + 4);
+               /*
+                * Close the current file and open a new one.
+                */
+               pcap_dump_close(dump_info->p);
+               Cflag_count++;
+               if (Wflag > 0) {
+                       if (Cflag_count >= Wflag)
+                               Cflag_count = 0;
+               } else {
+                       if (Cflag_count >= MAX_CFLAG)
+                               error("too many output files");
+               }
+               name = (char *)malloc(strlen(dump_info->WFileName) + MAX_CFLAG_CHARS + 1);
                 if (name == NULL)
                         error("dump_packet_and_trunc: malloc");
                 if (name == NULL)
                         error("dump_packet_and_trunc: malloc");
-               strcpy(name, dump_info->WFileName);
-               swebitoa(cnt, name + strlen(dump_info->WFileName));
-               cnt++;
-               pcap_dump_close(dump_info->p);
+               MakeFilename(name, dump_info->WFileName, Cflag_count, WflagChars);
                 dump_info->p = pcap_dump_open(dump_info->pd, name);
                 free(name);
                 if (dump_info->p == NULL)
                 dump_info->p = pcap_dump_open(dump_info->pd, name);
                 free(name);
                 if (dump_info->p == NULL)
@@ -854,6 +1176,8 @@ dump_packet_and_trunc(u_char *user, const struct pcap_pkthdr *h, const u_char *s
  static void
  dump_packet(u_char *user, const struct pcap_pkthdr *h, const u_char *sp)
  {
  static void
  dump_packet(u_char *user, const struct pcap_pkthdr *h, const u_char *sp)
  {
+       ++packets_captured;
+
         ++infodelay;
  
         pcap_dump(user, h, sp);
         ++infodelay;
  
         pcap_dump(user, h, sp);
@@ -873,6 +1197,8 @@ print_packet(u_char *user, const struct pcap_pkthdr *h, const u_char *sp)
         struct print_info *print_info;
         u_int hdrlen;
  
         struct print_info *print_info;
         u_int hdrlen;
  
+       ++packets_captured;
+
         ++infodelay;
         ts_print(&h->ts);
  
         ++infodelay;
         ts_print(&h->ts);
  
@@ -894,7 +1220,7 @@ print_packet(u_char *user, const struct pcap_pkthdr *h, const u_char *sp)
                         /*
                          * Include the link-layer header.
                          */
                         /*
                          * Include the link-layer header.
                          */
-                       default_print_unaligned(sp, h->caplen);
+                       hex_print("\n\t", sp, h->caplen);
                 } else {
                         /*
                          * Don't include the link-layer header - and if
                 } else {
                         /*
                          * Don't include the link-layer header - and if
@@ -902,7 +1228,26 @@ print_packet(u_char *user, const struct pcap_pkthdr *h, const u_char *sp)
                          * print nothing.
                          */
                         if (h->caplen > hdrlen)
                          * print nothing.
                          */
                         if (h->caplen > hdrlen)
-                               default_print_unaligned(sp + hdrlen,
+                               hex_print("\n\t", sp + hdrlen,
+                                   h->caplen - hdrlen);
+               }
+       } else if (Xflag) {
+               /*
+                * Print the raw packet data.
+                */
+               if (Xflag > 1) {
+                       /*
+                        * Include the link-layer header.
+                        */
+                       ascii_print("\n\t", sp, h->caplen);
+               } else {
+                       /*
+                        * Don't include the link-layer header - and if
+                        * we have nothing past the link-layer header,
+                        * print nothing.
+                        */
+                       if (h->caplen > hdrlen)
+                               ascii_print("\n\t", sp + hdrlen,
                                     h->caplen - hdrlen);
                 }
         }
                                     h->caplen - hdrlen);
                 }
         }
@@ -914,32 +1259,6 @@ print_packet(u_char *user, const struct pcap_pkthdr *h, const u_char *sp)
                 info(0);
  }
  
                 info(0);
  }
  
-/* Like default_print() but data need not be aligned */
-void
-default_print_unaligned(register const u_char *cp, register u_int length)
-{
-       register u_int i, s;
-       register int nshorts;
-
-       if (Xflag) {
-               ascii_print(cp, length);
-               return;
-       }
-       nshorts = (u_int) length / sizeof(u_short);
-       i = 0;
-       while (--nshorts >= 0) {
-               if ((i++ % 8) == 0)
-                       (void)printf("\n\t\t\t");
-               s = *cp++;
-               (void)printf(" %02x%02x", s, *cp++);
-       }
-       if (length & 1) {
-               if ((i % 8) == 0)
-                       (void)printf("\n\t\t\t");
-               (void)printf(" %02x", *cp);
-       }
-}
-
  #ifdef WIN32
         /*
          * XXX - there should really be libpcap calls to get the version
  #ifdef WIN32
         /*
          * XXX - there should really be libpcap calls to get the version
@@ -960,18 +1279,26 @@ default_print_unaligned(register const u_char *cp, register u_int length)
          * "Wpcap_version" information on Windows.
          */
         char WDversion[]="current-cvs.tcpdump.org";
          * "Wpcap_version" information on Windows.
          */
         char WDversion[]="current-cvs.tcpdump.org";
+#if !defined(HAVE_GENERATED_VERSION)
         char version[]="current-cvs.tcpdump.org";
         char version[]="current-cvs.tcpdump.org";
+#endif
         char pcap_version[]="current-cvs.tcpdump.org";
         char pcap_version[]="current-cvs.tcpdump.org";
-       char Wpcap_version[]="3.0 alpha";
+       char Wpcap_version[]="3.1";
  #endif
  
  /*
   * By default, print the specified data out in hex.
   */
  #endif
  
  /*
   * By default, print the specified data out in hex.
   */
+static void
+ndo_default_print(netdissect_options *ndo _U_, const u_char *bp, u_int length)
+{
+       ascii_print("\n\t", bp, length); /* pass on lf and identation string */
+}
+
  void
  void
-default_print(register const u_char *bp, register u_int length)
+default_print(const u_char *bp, u_int length)
  {
  {
-       default_print_unaligned(bp, length);
+       ndo_default_print(gndo, bp, length);
  }
  
  #ifdef SIGINFO
  }
  
  #ifdef SIGINFO
@@ -984,30 +1311,105 @@ RETSIGTYPE requestinfo(int signo _U_)
  }
  #endif
  
  }
  #endif
  
+/*
+ * Called once each second in verbose mode while dumping to file
+ */
+#ifdef USE_WIN32_MM_TIMER
+void CALLBACK verbose_stats_dump (UINT timer_id _U_, UINT msg _U_, DWORD_PTR arg _U_,
+                                  DWORD_PTR dw1 _U_, DWORD_PTR dw2 _U_)
+{
+       struct pcap_stat stat;
+
+       if (infodelay == 0 && pcap_stats(pd, &stat) >= 0)
+               fprintf(stderr, "Got %u\r", packets_captured);
+}
+#elif defined(HAVE_ALARM)
+static void verbose_stats_dump(int sig _U_)
+{
+       struct pcap_stat stat;
+
+       if (infodelay == 0 && pcap_stats(pd, &stat) >= 0)
+               fprintf(stderr, "Got %u\r", packets_captured);
+       alarm(1);
+}
+#endif
+
  static void
  usage(void)
  {
         extern char version[];
  static void
  usage(void)
  {
         extern char version[];
+#ifndef HAVE_PCAP_LIB_VERSION
  #if defined(WIN32) || defined(HAVE_PCAP_VERSION)
         extern char pcap_version[];
  #if defined(WIN32) || defined(HAVE_PCAP_VERSION)
         extern char pcap_version[];
-#else
+#else /* defined(WIN32) || defined(HAVE_PCAP_VERSION) */
         static char pcap_version[] = "unknown";
         static char pcap_version[] = "unknown";
-#endif
+#endif /* defined(WIN32) || defined(HAVE_PCAP_VERSION) */
+#endif /* HAVE_PCAP_LIB_VERSION */
  
  
+#ifdef HAVE_PCAP_LIB_VERSION
+#ifdef WIN32
+       (void)fprintf(stderr, "%s version %s, based on tcpdump version %s\n", program_name, WDversion, version);
+#else /* WIN32 */
+       (void)fprintf(stderr, "%s version %s\n", program_name, version);
+#endif /* WIN32 */
+       (void)fprintf(stderr, "%s\n",pcap_lib_version());
+#else /* HAVE_PCAP_LIB_VERSION */
  #ifdef WIN32
         (void)fprintf(stderr, "%s version %s, based on tcpdump version %s\n", program_name, WDversion, version);
         (void)fprintf(stderr, "WinPcap version %s, based on libpcap version %s\n",Wpcap_version, pcap_version);
  #ifdef WIN32
         (void)fprintf(stderr, "%s version %s, based on tcpdump version %s\n", program_name, WDversion, version);
         (void)fprintf(stderr, "WinPcap version %s, based on libpcap version %s\n",Wpcap_version, pcap_version);
-#else  
+#else /* WIN32 */
         (void)fprintf(stderr, "%s version %s\n", program_name, version);
         (void)fprintf(stderr, "libpcap version %s\n", pcap_version);
  #endif /* WIN32 */
         (void)fprintf(stderr, "%s version %s\n", program_name, version);
         (void)fprintf(stderr, "libpcap version %s\n", pcap_version);
  #endif /* WIN32 */
+#endif /* HAVE_PCAP_LIB_VERSION */
+       (void)fprintf(stderr,
+"Usage: %s [-aAd" D_FLAG "eflLnNOpqRStu" U_FLAG "vxX]" B_FLAG_USAGE " [-c count] [ -C file_size ]\n", program_name);
         (void)fprintf(stderr,
         (void)fprintf(stderr,
-"Usage: %s [-aAd" D_FLAG "eflLnNOpqRStu" U_FLAG "vxXy]" B_FLAG_USAGE " [-c count] [ -C file_size ]\n", program_name);
+"\t\t[ -E algo:secret ] [ -F file ] [ -i interface ] [ -M secret ]\n");
         (void)fprintf(stderr,
         (void)fprintf(stderr,
-"\t\t[ -E algo:secret ] [ -F file ] [ -i interface ] [ -r file ]\n");
+"\t\t[ -r file ] [ -s snaplen ] [ -T type ] [ -w file ]\n");
         (void)fprintf(stderr,
         (void)fprintf(stderr,
-"\t\t[ -s snaplen ] [ -T type ] [ -w file ] [ -y datalinktype ]\n");
+"\t\t[ -W filecount ] [ -y datalinktype ] [ -Z user ]\n");
         (void)fprintf(stderr,
  "\t\t[ expression ]\n");
         exit(1);
  }
         (void)fprintf(stderr,
  "\t\t[ expression ]\n");
         exit(1);
  }
+
+
+
+/* VARARGS */
+static void
+ndo_error(netdissect_options *ndo _U_, const char *fmt, ...)
+{
+       va_list ap;
+
+       (void)fprintf(stderr, "%s: ", program_name);
+       va_start(ap, fmt);
+       (void)vfprintf(stderr, fmt, ap);
+       va_end(ap);
+       if (*fmt) {
+               fmt += strlen(fmt);
+               if (fmt[-1] != '\n')
+                       (void)fputc('\n', stderr);
+       }
+       exit(1);
+       /* NOTREACHED */
+}
+
+/* VARARGS */
+static void
+ndo_warning(netdissect_options *ndo _U_, const char *fmt, ...)
+{
+       va_list ap;
+
+       (void)fprintf(stderr, "%s: WARNING: ", program_name);
+       va_start(ap, fmt);
+       (void)vfprintf(stderr, fmt, ap);
+       va_end(ap);
+       if (*fmt) {
+               fmt += strlen(fmt);
+               if (fmt[-1] != '\n')
+                       (void)fputc('\n', stderr);
+       }
+}
+