Feb. 15, 2001
Logging and Netwatch Simulation added...
Allows command line specified hosts to log...
       config file specified hosts to log...
	all
	all remote
	all local
	individual tracking of ALL hosts
Allows playback of ANY log file (indiv. hosts etc...
	either in REAL TIME or packet by packet)

Feb. 9, 2001
Fixed Bugs in Scan host option ( was missing some chars for display
	and was not working with PGUP and PGDN properly)
Fixed compile problem for RH7.0 and other glibc2.2 brethren
Updated the IANA settings for display.
Changed the tmpnam() call to a specific file... in /root directory

Mar. 31, 2000
Added -b  for TRANSPARENT bridge... (ignores every other packet)
Added kbits per sec... display on hosts screen
Added -i to FAKE the INET address (used with MASK to monitor class C net)
Added all the new command line options to configuration file options 

Mar. 6, 2000
Fixed FTP/HTTP scanning code for possible seg. fault
Added -n for no name resolution
Added -m mask   for forcing netmask on a router/bridge
Reworked the read for new kernels so "obsolete" packet read is
	removed... (will now work on ANY kernel compiles... not just
		SOCK_PACKET type compiles)
Fixed the interface selection code for working with a specific I/F
	instead of all I/F cards (causing duplicate counts on 
	bridges and erroneous info on routers)

June 30th, 1999
Bug fix on signal handling in "netresolv"...
ie. don't do a kill with SIGUSR2 or SIGUSR1 with PID=0.... oops

June 22nd, 1999
Added routing stats array and plot ( "w" "r" "s" ... watch route summary)
and the "d" command active to summarize via 60/30/15/1 min intervals
CHILD termination fixes

June 15th, 1999
Revamped the passage of messages to Netresolv and through Netresolv
to make this MUCH less likely to fail (hopefully never!!).

Put a switch in Netwatch to turn off NAME checking in CONFIG file AND 
automatically if Netresolv turns off

Added STATUS line support with the 's' command (when NOT in the
WATCH mode (i.e. select host in that mode). 12 different status lines
are available... 's' cycles through them and  5s  will move 5 status
lines ahead... etc.. (repeat the command)...

June 5th, 1999
OK... this core dump business is moving into the stats process
so I have protected it (I think)

June 1st, 1999
OK, another more serious "netresolv" generated core dump was handled
(it was feeding data after an "n" command destroyed the list...)

May 30th, 1999
Fixed "annoying" core dump... lockout check for reload

May 25th, 1999
Added "ppp" device support ( use  -e ppp0     or  any other #)
Fixed display in freeze exit... to show help or routing screen 
	properly
Added a lockout of keyins during reload time... (hope this helps)
Burst stats disabled after return from freeze

May 20th, 1999
Adding (by request) a display freeze for remote screen access
(allowing bandwidth conservation)

Adding a periodic Logging for netwatch configurable via a 
configuration entry....
reload 60
(means reload & LOG every 60 minutes)

May 18th, 1999
For 0.8g release
Bug fix release... hopefully the config file works NOW!!!!

May 16th, 1999
For 0.8f release
Bug fix for Netwatch Configuration File... it will read it NOW!!!
Time Fix for Display of Statistics

March 15th, 1999
For 0.8e release

SMALLER package due to removal of IANA data from subdirectory...
(used in production of code... but obtained directly from the net
 by developer    www.iana.org )

IANA update for newest port names and ICMP numbers

Fix to pesky screen problem on exit....

Added config file option for making some configurations
customizable via a file... easier...

"fishstring" for spotting special packets with strings to HIGHLIGHT!!!
Actually mails packet (HEX) to the customizable user

B.O. and NetWatch attack spot checks (Note: don't get to self-assured...
this isn't the end-of-the-road for these attacks)

Jan. 17th, 1999
64-bit patches courtesy of Paul Slootman
Repeat of commands allowed by preceding commands by a number
(i.e.    5<UP>  repeats <UP> 5 times)
Symbolic link security problem fixed... home directory of root used
Extra keyboard functionality for keyboards without good access
        > right  < left  ^ up  v down  - previous_page + next_page


Nov. 14th, 1998
Internal 0.8b use
Added config file support for E-mail of suspicious packets
re- B.O. and NETBUS attacks
-
Oct. 17th, 1998
For 0.8a release BETA TESTING
TOP mode provides the dynamic list effect of seeing the high performers
on a 30 second interval (normal functions in the display mode)
(See the 't' key)

REMOTE OR LOCAL List Cleaning via 'N' command
If you are ON the LOCAL list... N will clear it to nothing
If you are ON the REMOTE list... N clears it

New improved Host Packet Examination with a 400 packet buffer.
(PGUP and PGDN in the Watch (S) mode allow browsing back into the buffer)
NOTE: This is still a SMALL buffer... but were are building capability




May 30th, 1998 
For 0.7e Release
Better performance...
Some new features... MAC Address/IP Spoofing monitor/HTTP Server
  watch
TELNET appears in PURPLE (CLIENT only)
XTERM fexible settings for BIG screens (although only set at
START of run)
PORT NUMBERS now from IANA specification (which may include names
that your system does not recognize as the IANA service but... it
could be to another system

./configure added to ease the installation process across dissimilar
linux systems....

For 0.7 Release...
Added a SERVICE process fed by pipes and primed by signals to 
resolve NAMES from ADDRESSES (which has been a HUGE factor in the
Netwatch slowdown in processing). Process is called "netresolv"
and is started via "netwatch" itself... should also be killed via
"netwatch" on exit....

Mar. 15th, 1997
OK... non-blocking "select" call (because Linux seems to MISS certain
packets to get through "select"... causing blocking)

Mar. 14th, 1997
Multitude of Speed Fixes
Removing STATNET specific code
Non-blocking socket usage!!! (Why? Wait at select call... don't wait
	at recvfrom()

Mar. 12th, 1997
Oops..BUG FIX.. SEGV..  fixed bad array lengths in gh.c....

Mar. 12th, 1997
Added Host tracing with FULL screen mode ('z' command while in 's' mode)
Removed -O2 compile option to fix performance problem (??? WHY ???)
Changed old 's' command to be 'l' for logging to file

Feb. 24th, 1997
Changed keyboard handler to be invoked via select call rather than
a polling method...
Added HOST selection for monitoring the last 10 packets of a specific site
Added 's' command for saving (appending to a log file)
Uses /proc/net/route to pick up configuration info... if there
Calls home for simple network registration... packet info restricted to
	very generic info... not even user name

Feb. 15th, 1997
For 0.5c release
Added support for REMOTE/LOCAL packet/byte monitoring
Added command for eliminating DOMAIN service remote sites (Display only)
	'd' command
Added command to eliminate the OLD (i.e. BLUE) sites (local & remote)
			(Display only)
	'b' command

Sept. 27th, 1996
For 0.5b release
Fixed <ncurses.h> missing in the NEW Linux distributions...
MUST #define OLDLINUX to have the old version support... see netwatch.h
and uncomment that line... (if you need ncurses.h)

Aug. 27th, 1996
For 0.5a release

Fixed REDRAW bug... so display is cleaner without refresh problem

Added ^L to allow screen redraw if someone writes to the display
during program execution

Added reliable signal handler to a) use "sigaction" 
				 b) handle INTR and HUP signals gracefully

Vt100 and other B/W ttys should work now...


For 0.5 Release

1.0	Made workaround for NCURSES bug which caused "hang" at a
	"getch()" even though there is a NODELAY option in effect.

2.0	Added HELP feature - displaying HELP pages on request (H or F1 key)

3.0	Added Watch Facility - to display router stats including
	maximum burst rates (on a second interval in BITS/SEC)
	Ability to Clear Burst info ('c' key)

4.0	Added command line argument handling to
	a)	set another config file other than /etc/rc.d/rc.inet1
	b)	handle eth1 or another eth device (No way to verify it
		here!)

Aug. 23rd , 1996

For 0.4 Release...

1.0	Revamped the "processrcinet.c" routine to PARSE the
	"ifconfig" line and be smarter about GLOBAL variables in
	use as opposed to hard coded addresses.

	NOTE: As global variables, it still assumes IPADDR and
	     NETMASK as the names of info that it picks up.

2.0	New Statistics
	- router throughput (updated per minute -- roughly )
	- new option for actual BYTE counts received and transmitted