Add information about the application/vnd.tcpdump.pcap MIME type.

diff --git a/tcpdump.1.in b/tcpdump.1.in
index a9387f102a8d651230b5002c372b1e1133b6e982..f78cf12e787cf02fa35476314af3d3dab80dc82e 100644 (file)
--- a/tcpdump.1.in
+++ b/tcpdump.1.in
@@ -22,7 +22,7 @@
 .\" WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
 .\" MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
 .\"
-.TH TCPDUMP 1  "05 March 2009"
+.TH TCPDUMP 1  "12 July 2012"
 .SH NAME
 tcpdump \- dump traffic on a network
 .SH SYNOPSIS
@@ -276,7 +276,7 @@ The default is \fBdes-cbc\fP.
 The ability to decrypt packets is only present if \fItcpdump\fP was compiled
 with cryptography enabled.
 .IP
-\fIsecret\fP is the ASCII text for ESP secret key. 
+\fIsecret\fP is the ASCII text for ESP secret key.
 If preceded by 0x, then a hex value will be read.
 .IP
 The option assumes RFC2406 ESP, not RFC1827 ESP.
@@ -288,7 +288,7 @@ you make it visible to others, via
 and other occasions.
 .IP
 In addition to the above syntax, the syntax \fIfile name\fP may be used
-to have tcpdump read the provided file in. The file is opened upon 
+to have tcpdump read the provided file in. The file is opened upon
 receiving the first ESP packet, so any special permissions that tcpdump
 may have been given should already have been given up.
 .TP
@@ -602,21 +602,30 @@ amount of time after they are received.  Use the
 .B \-U
 flag to cause packets to be written as soon as they are received.
 .IP
+The MIME type \fIapplication/vnd.tcpdump.pcap\fP has been registered
+with IANA for \fIpcap\fP files. The filename extension \fI.pcap\fP
+appears to be the most commonly used along with \fI.cap\fP and
+\fI.dmp\fP. \fITcpdump\fP itself doesn't check the extension when
+reading capture files and doesn't add an extension when writing them
+(it uses magic numbers in the file header instead). However, many
+operating systems and applications will use the extension if it is
+present and adding one (e.g. .pcap) is recommended.
+.IP
 See
 .BR pcap-savefile (@MAN_FILE_FORMATS@)
 for a description of the file format.
 .TP
 .B \-W
-Used in conjunction with the 
-.B \-C 
+Used in conjunction with the
+.B \-C
 option, this will limit the number
 of files created to the specified number, and begin overwriting files
-from the beginning, thus creating a 'rotating' buffer. 
+from the beginning, thus creating a 'rotating' buffer.
 In addition, it will name
 the files with enough leading 0s to support the maximum number of
 files, allowing them to sort correctly.
 .IP
-Used in conjunction with the 
+Used in conjunction with the
 .B \-G
 option, this will limit the number of rotated dump files that get
 created, exiting with status 0 when reaching the limit. If used with
@@ -626,7 +635,7 @@ as well, the behavior will result in cyclical files per timeslice.
 .B \-x
 When parsing and printing,
 in addition to printing the headers of each packet, print the data of
-each packet (minus its link level header) in hex. 
+each packet (minus its link level header) in hex.
 The smaller of the entire packet or
 .I snaplen
 bytes will be printed.  Note that this is the entire link-layer
@@ -1225,7 +1234,7 @@ tcp-push, tcp-act, tcp-urg.
 .PP
 This can be demonstrated as:
 .RS
-.B 
+.B
      tcpdump -i xl0 'tcp[tcpflags] & tcp-push != 0'
 .RE
 .PP
@@ -1708,6 +1717,11 @@ serviced the `new packet' interrupt.
 .SH "SEE ALSO"
 stty(1), pcap(3PCAP), bpf(4), nit(4P), pcap-savefile(@MAN_FILE_FORMATS@),
 pcap-filter(@MAN_MISC_INFO@), pcap-tstamp-type(@MAN_MISC_INFO@)
+.LP
+.RS
+.I http://www.iana.org/assignments/media-types/application/vnd.tcpdump.pcap
+.RE
+.LP
 .SH AUTHORS
 The original authors are:
 .LP