commit 4edb46e9a85ca35d3bed523171d11a748861ce82
Author: Paul Traina <pst@FreeBSD.org>
Date:   Mon Aug 19 20:34:12 1996 +0000

    Virgin import of unmodified tcpdump v3.2.1 distribution from LBL.
    Obtained from: ftp://ftp.ee.lbl.gov/tcpdump.tar.Z on 19-Aug-1996.

Notes:
    svn path=/vendor/tcpdump/dist/; revision=17680
    svn path=/vendor/tcpdump/3.2.1/; revision=17682; tag=vendor/tcpdump/3.2.1

diff --git a/contrib/tcpdump/CHANGES b/contrib/tcpdump/CHANGES
new file mode 100644
index 000000000000..d98f03313ece
--- /dev/null
+++ b/contrib/tcpdump/CHANGES
@@ -0,0 +1,402 @@
+@(#) $Header: CHANGES,v 1.42 96/07/23 14:36:37 leres Exp $ (LBL)
+
+v3.2.1 Sun Jul 14 03:02:26 PDT 1996
+
+- Added rfc1716 icmp codes as suggested by Martin Fredriksson
+  (martin@msp.se)
+
+- Print mtu for icmp unreach need frag packets. Thanks to John
+  Hawkinson (jhawk@mit.edu)
+
+- Decode icmp router discovery messages. Thanks to Jeffrey Honig
+  (jch@bsdi.com)
+
+- Added a printer entry for DLT_IEEE802 as suggested by Tak Kushida
+  (kushida@trl.ibm.co.jp)
+
+- Check igmp checksum if possible. Thanks to John Hawkinson.
+
+- Made changes for SINIX. Thanks to Andrej Borsenkow
+  (borsenkow.msk@sni.de)
+
+- Use autoconf's idea of the top level directory in install targets.
+  Thanks to John Hawkinson.
+
+- Avoid infinite loop in tcp options printing code. Thanks to Jeffrey
+  Mogul (mogul@pa.dec.com)
+
+- Avoid using -lsocket in IRIX 5.2 and earlier since it breaks snoop.
+  Thanks to John Hawkinson.
+
+- Added some more packet truncation checks.
+
+- On systems that have it, use sigset() instead of signal() since
+  signal() has different semantics on these systems.
+
+- Fixed some more alignment problems on the alpha.
+
+- Add code to massage unprintable characters in the domain and ipx
+  printers. Thanks to John Hawkinson.
+
+- Added explicit netmask support. Thanks to Steve Nuchia
+  (steve@research.oknet.com)
+
+- Add "sca" keyword (for DEC cluster services) as suggested by Terry
+  Kennedy (terry@spcvxa.spc.edu)
+
+- Add "atalk" keyword as suggested by John Hawkinson.
+
+- Added an igrp printer. Thanks to Francis Dupont
+  (francis.dupont@inria.fr)
+
+- Print IPX net numbers in hex a la Novell Netware. Thanks to Terry
+  Kennedy (terry@spcvxa.spc.edu)
+
+- Fixed snmp extended tag field parsing bug. Thanks to Pascal Hennequin
+  (pascal.hennequin@hugo.int-evry.fr)
+
+- Added some ETHERTYPEs missing on some systems.
+
+- Added truncated packet macros and various checks.
+
+- Fixed endian problems with the DECnet printer.
+
+- Use $CC when checking gcc version. Thanks to Carl Lindberg
+  (carl_lindberg@blacksmith.com)
+
+- Fixes for AIX (although this system is not yet supported). Thanks to
+  John Hawkinson.
+
+- Fix bugs in the autoconf misaligned accesses code fragment.
+
+- Include sys/param.h to get BYTE_ORDER in a few places. Thanks to
+  Pavlin Ivanov Radoslavov (pavlin@cs.titech.ac.jp)
+
+v3.2 Sun Jun 23 02:28:10 PDT 1996
+
+- Print new icmp unreachable codes as suggested by Martin Fredriksson
+  (martin@msp.se). Also print code value when unknown for icmp redirect
+  and time exceeded.
+
+- Fix an alignment endian bug in getname(). Thanks to John Hawkinson.
+
+- Define "new" domain record types if not found in arpa/nameserv.h.
+  Resulted from a suggestion from John Hawkinson (jhawk@mit.edu). Also
+  fixed an endian bug when printing mx record and added some new record
+  types.
+
+- Added RIP V2 support. Thanks to Jeffrey Honig (jch@bsdi.com)
+
+- Added T/TCP options printing. As suggested by Richard Stevens
+  (rstevens@noao.edu)
+
+- Use autoconf to detect architectures that can't handle misaligned
+  accesses.
+
+v3.1 Thu Jun 13 20:59:32 PDT 1996
+
+- Changed u_int32/int32 to u_int32_t/int32_t to be consistent with bsd
+  and bind (as suggested by Charles Hannum).
+
+- Port to GNU autoconf.
+
+- Add support for printing DVMRP and PIM traffic thanks to
+  Havard Eidnes (Havard.Eidnes@runit.sintef.no).
+
+- Fix AppleTalk, IPX and DECnet byte order problems due to wrong endian
+  define being referenced. Reported by Terry Kennedy.
+
+- Minor fixes to the man page thanks to Mark Andrews.
+
+- Endian fixes to RTP and vat packet dumpers, thanks to Bruce Mah
+  (bmah@cs.berkeley.edu).
+
+- Added support for new dns types, thanks to Rainer Orth.
+
+- Fixed tftp_print() to print the block number for ACKs.
+
+- Document -dd and -ddd. Resulted from a bug report from Charlie Slater
+  (cslater@imatek.com).
+
+- Check return status from malloc/calloc/etc.
+
+- Check return status from pcap_loop() so we can print an error and
+  exit with a bad status if there were problems.
+
+- Bail if ip option length is <= 0. Resulted from a bug report from
+  Darren Reed (darrenr@vitruvius.arbld.unimelb.edu.au).
+
+- Print out a little more information for sun rpc packets.
+
+- Add suport for Kerberos 4 thanks to John Hawkinson (jhawk@mit.edu).
+
+- Fixed the Fix EXTRACT_SHORT() and EXTRACT_LONG() macros (which were
+  wrong on little endian machines).
+
+- Fixed alignment bug in ipx_decode(). Thanks to Matt Crawford
+  (crawdad@fnal.gov).
+
+- Fix ntp_print() to not print garbage when the stratum is
+  "unspecified." Thanks to Deus Ex Machina (root@belle.bork.com).
+
+- Rewrote tcp options printer code to check for truncation. Added
+  selective acknowledgment case.
+
+- Fixed an endian bug in the ospf printer. Thanks to Jeffrey C Honig
+  (jch@bsdi.com)
+
+- Fix rip printer to handle 4.4 BSD sockaddr struct which only uses one
+  octet for the sa_family member. Thanks to Yoshitaka Tokugawa
+  (toku@dit.co.jp)
+
+- Don't checksum ip header if we don't have all of it. Thanks to John
+  Hawkinson (jhawk@mit.edu).
+ 
+- Print out hostnames if possible in egp printer. Thanks to Jeffrey
+  Honig (jhc@bsdi.com)
+
+
+v3.1a1 Wed May  3 19:21:11 PDT 1995
+
+- Include time.h when SVR4 is defined to avoid problems under Solaris
+  2.3.
+
+- Fix etheraddr_string() in the ETHER_SERVICE to return the saved
+  strings, not the local buffer. Thanks to Stefan Petri
+  (petri@ibr.cs.tu-bs.de).
+
+- Detect when pcap raises the snaplen (e.g. with snit). Print a warning
+  that the selected value was not used. Thanks to Pascal Hennequin
+  (Pascal.Hennequin@hugo.int-evry.fr).
+
+- Add a truncated packet test to print-nfs.c. Thanks to Pascal Hennequin.
+
+- BYTEORDER -> BYTE_ORDER Thanks to Terry Kennedy (terry@spcvxa.spc.edu).
+
+v3.0.3 Sun Oct  1 18:35:00 GMT 1995
+
+- Although there never was a 3.0.3 release, the linux boys cleverly
+  "released" one in late 1995.
+
+v3.0.2 Thu Apr 20 21:28:16 PDT 1995
+
+- Change configuration to not use gcc v2 flags with gcc v1.
+
+- Redo gmt2local() so that it works under BSDI (which seems to return
+  an empty timezone struct from gettimeofday()). Based on report from
+  Terry Kennedy (terry@spcvxa.spc.edu).
+
+- Change configure to recognize IP[0-9]* as "mips" SGI hardware. Based
+  on report from Mark Andrews (mandrews@alias.com).
+
+- Don't pass cc flags to gcc. Resulted from a bug report from Rainer
+  Orth (ro@techfak.uni-bielefeld.de).
+
+- Fixed printout of connection id for uncompressed tcp slip packets.
+  Resulted from a bug report from Richard Stevens (rstevens@noao.edu).
+
+- Hack around deficiency in Ultrix's make.
+
+- Add ETHERTYPE_TRAIL define which is missing from irix5.
+
+v3.0.1 Wed Aug 31 22:42:26 PDT 1994
+
+- Fix problems with gcc2 vs. malloc() and read() prototypes under SunOS 4.
+
+v3.0 Mon Jun 20 19:23:27 PDT 1994
+
+- Added support for printing tcp option timestamps thanks to
+  Mark Andrews (mandrews@alias.com).
+
+- Reorganize protocol dumpers to take const pointers to packets so they
+  never change the contents (i.e., they used to do endian conversions
+  in place).  Previously, whenever more than one pass was taken over
+  the packet, the packet contents would be dumped incorrectly (i.e.,
+  the output form -x would be wrong on little endian machines because
+  the protocol dumpers would modify the data).  Thanks to Charles Hannum
+  (mycroft@gnu.ai.mit.edu) for reporting this problem.
+
+- Added support for decnet protocol dumping thanks to Jeff Mogul
+  (mogul@pa.dec.com).
+
+- Fix bug that caused length of packet to be incorrectly printed
+  (off by ether header size) for unknown ethernet types thanks
+  to Greg Miller (gmiller@kayak.mitre.org).
+
+- Added support for IPX protocol dumping thanks to Brad Parker
+  (brad@fcr.com).
+
+- Added check to verify IP header checksum under -v thanks to
+  Brad Parker (brad@fcr.com).
+
+- Move packet capture code to new libpcap library (which is
+  packaged separately).
+
+- Prototype everything and assume an ansi compiler.
+
+- print-arp.c: Print hardware ethernet addresses if they're not
+  what we expect.
+
+- print-bootp.c: Decode the cmu vendor field. Add RFC1497 tags.
+  Many helpful suggestions from Gordon Ross (gwr@jericho.mc.com).
+
+- print-fddi.c: Improvements. Thanks to Jeffrey Mogul
+  (mogul@pa.dec.com).
+
+- print-icmp.c: Byte swap netmask before printing. Thanks to
+  Richard Stevens (rstevens@noao.edu). Print icmp type when unknown.
+
+- print-ip.c: Print the inner ip datagram of ip-in-ip encapsulated packets.
+  By default, only the inner packet is dumped, appended with the token
+  "(encap)".  Under -v, both the inner and output packets are dumped
+  (on the same line).  Note that the filter applies to the original packet,
+  not the encapsulated packet.  So if you run tcpdump on a net with an
+  IP Multicast tunnel, you cannot filter out the datagrams using the
+  conventional syntax.  (You can filter away all the ip-in-ip traffic
+  with "not ip proto 4".)
+
+- print-nfs.c: Keep pending rpc's in circular table. Add generic
+  nfs header and remove os dependences. Thanks to Jeffrey Mogul.
+
+- print-ospf.c: Improvements. Thanks to Jeffrey Mogul.
+
+- tcpdump.c: Add -T flag allows interpretation of "vat", "wb", "rpc"
+  (sunrpc) and rtp packets. Added "inbound" and "outbound" keywords
+  Add && and || operators
+
+v2.2.1 Tue Jun 6 17:57:22 PDT 1992
+
+- Fix bug with -c flag.
+
+v2.2 Fri May 22 17:19:41 PDT 1992
+
+- savefile.c: Remove hack that shouldn't have been exported. Add
+  truncate checks.
+
+- Added the 'icmp' keyword.  For example, 'icmp[0] != 8 and icmp[0] != 0'
+  matches non-echo/reply ICMP packets.
+
+- Many improvements to filter code optimizer.
+
+- Added 'multicast' keyword and extended the 'broadcast' keyword can now be
+  so that protocol qualifications are allowed. For example, "ip broadcast"
+  and "ether multicast" are valid filters.
+
+- Added support for monitoring the loopback interface (i.e. 'tcpdump -i lo').
+  Jeffrey Honig (jch@MITCHELL.CIT.CORNELL.EDU) contributed the kernel
+  patches to netinet/if_loop.c.
+
+- Added support for the Ungermann-Bass Ethernet on IBM/PC-RTs running AOS.
+  Contact Jeffrey Honig (jch@MITCHELL.CIT.CORNELL.EDU) for the diffs.
+
+- Added EGP and OSPF printers, thanks to Jeffrey Honig.
+
+v2.1 Tue Jan 28 11:00:14 PST 1992
+
+- Internal release (never publically exported).
+
+v2.0.1 Sun Jan 26 21:10:10 PDT
+
+- Various byte ordering fixes.
+
+- Add truncation checks.
+
+- inet.c: Support BSD style SIOCGIFCONF.
+
+- nametoaddr.c: Handle multi addresses for single host.
+
+- optimize.c: Rewritten.
+
+- pcap-bpf.c: don't choke when we get ptraced. only set promiscuous
+  for broadcast nets.
+
+- print-atal.c: Fix an alignment bug (thanks to
+  stanonik@nprdc.navy.mil) Add missing printf() argument.
+
+- print-bootp.c: First attempt at decoding the vendor buffer.
+
+- print-domain.c: Fix truncation checks.
+
+- print-icmp.c: Calculate length of packets from the ip header.
+
+- print-ip.c: Print frag id in decimal (so it's easier to match up
+  with non-frags). Add support for ospf, egp and igmp.
+
+- print-nfs.c: Lots of changes.
+
+- print-ntp.c: Make some verbose output depend on -v.
+
+- print-snmp.c: New version from John LoVerso.
+
+- print-tcp.c: Print rfc1072 tcp options.
+
+- tcpdump.c: Print "0x" prefix for %x formats. Always print 6 digits
+  (microseconds) worth of precision. Fix uid bugs.
+
+- A packet dumper has been added (thanks to Jeff Mogul of DECWRL).
+  With this option, you can create an architecture independent binary
+  trace file in real time, without the overhead of the packet printer.
+  At a later time, the packets can be filtered (again) and printed.
+
+- BSD is supported.  You must have BPF in your kernel.
+  Since the filtering is now done in the kernel, fewer packets are
+  dropped.  In fact, with BPF and the packet dumper option, a measly
+  Sun 3/50 can keep up with a busy network.
+
+- Compressed SLIP packets can now be dumped, provided you use our
+  SLIP software and BPF.  These packets are dumped as any other IP
+  packet; the compressed headers are dumped with the '-e' option.
+
+- Machines with little-endian byte ordering are supported (thanks to
+  Jeff Mogul).
+
+- Ultrix 4.0 is supported (also thanks to Jeff Mogul).
+
+- IBM RT and Stanford Enetfilter support has been added by
+  Rayan Zachariassen <rayan@canet.ca>.  Tcpdump has been tested under
+  both the vanilla Enetfilter interface, and the extended interface
+  (#ifdef'd by IBMRTPC) present in the MERIT version of the Enetfilter.
+
+- TFTP packets are now printed (requests only).
+
+- BOOTP packets are now printed.
+
+- SNMP packets are now printed. (thanks to John LoVerso of Xylogics).
+
+- Sparc architectures, including the Sparcstation-1, are now
+  supported thanks to Steve McCanne and Craig Leres.
+
+- SunOS 4 is now supported thanks to Micky Liu of Columbia
+  University (micky@cunixc.cc.columbia.edu).
+
+- IP options are now printed.
+
+- RIP packets are now printed.
+
+- There's a -v flag that prints out more information than the
+  default (e.g., it will enable printing of IP ttl, tos and id)
+  and -q flag that prints out less (e.g., it will disable
+  interpretation of AppleTalk-in-UDP).
+
+- The grammar has undergone substantial changes (if you have an
+  earlier version of tcpdump, you should re-read the manual
+  entry).
+
+  The most useful change is the addition of an expression
+  syntax that lets you filter on arbitrary fields or values in the
+  packet.  E.g., "ip[0] > 0x45" would print only packets with IP
+  options, "tcp[13] & 3 != 0" would print only TCP SYN and FIN
+  packets.
+
+  The most painful change is that concatenation no longer means
+  "and" -- e.g., you have to say "host foo and port bar" instead
+  of "host foo port bar".  The up side to this down is that
+  repeated qualifiers can be omitted, making most filter
+  expressions shorter.  E.g., you can now say "ip host foo and
+  (bar or baz)" to look at ip traffic between hosts foo and bar or
+  between hosts foo and baz.  [The old way of saying this was "ip
+  host foo and (ip host bar or ip host baz)".]
+
+v2.0 Sun Jan 13 12:20:40 PST 1991
+
+- Initial public release.
diff --git a/contrib/tcpdump/FILES b/contrib/tcpdump/FILES
new file mode 100644
index 000000000000..5d4c3387ee51
--- /dev/null
+++ b/contrib/tcpdump/FILES
@@ -0,0 +1,80 @@
+CHANGES
+FILES
+INSTALL
+Makefile.in
+README
+VERSION
+aclocal.m4
+addrtoname.c
+addrtoname.h
+appletalk.h
+atime.awk
+bootp.h
+bpf_dump.c
+config.guess
+config.sub
+configure
+configure.in
+decnet.h
+ethertype.h
+extract.h
+fddi.h
+igrp.h
+install-sh
+interface.h
+ipx.h
+lbl/gnuc.h
+lbl/os-solaris2.h
+lbl/os-sunos4.h
+llc.h
+machdep.c
+machdep.h
+makemib
+mib.h
+mkdep
+netbios.h
+nfsfh.h
+nfsv2.h
+ntp.h
+ospf.h
+packetdat.awk
+parsenfsfh.c
+print-arp.c
+print-atalk.c
+print-atm.c
+print-bootp.c
+print-decnet.c
+print-domain.c
+print-dvmrp.c
+print-egp.c
+print-ether.c
+print-fddi.c
+print-icmp.c
+print-igrp.c
+print-ip.c
+print-ipx.c
+print-isoclns.c
+print-krb.c
+print-llc.c
+print-netbios.c
+print-nfs.c
+print-ntp.c
+print-null.c
+print-ospf.c
+print-pim.c
+print-ppp.c
+print-rip.c
+print-sl.c
+print-snmp.c
+print-sunrpc.c
+print-tcp.c
+print-tftp.c
+print-udp.c
+print-wb.c
+send-ack.awk
+stime.awk
+strcasecmp.c
+tcpdump.1
+tcpdump.c
+util.c
+vfprintf.c
diff --git a/contrib/tcpdump/INSTALL b/contrib/tcpdump/INSTALL
new file mode 100644
index 000000000000..c5512c00b1be
--- /dev/null
+++ b/contrib/tcpdump/INSTALL
@@ -0,0 +1,116 @@
+@(#) $Header: INSTALL,v 1.25 96/07/21 04:02:01 leres Exp $ (LBL)
+
+If you have not built libpcap, do so first.  See the README
+file in this directory for the ftp location.
+
+You will need an ANSI C compiler to build tcpdump. The configure script
+will abort if your compiler is not ANSI compliant. If this happens, use
+the GNU C compiler, available via anonymous ftp:
+
+	ftp://prep.ai.mit.edu/pub/gnu/gcc-*.tar.gz
+
+After libpcap has been built (either install it with "make install" and
+"make install-incl" or make sure both the libpcap and tcpdump source
+trees are in the same directory), edit the BINDEST and MANDEST paths in
+Makefile.in and run ./configure (a shell script).  "configure" will
+determine your system attributes and generate an appropriate Makefile
+from Makefile.in.  Now build tcpdump by running "make".
+
+If everything builds ok, su and type "make install" (and optionally
+"make install-man). This will install tcpdump and the manual entry. By
+default, tcpdump is installed with group execute permissions. The group
+used depends on your os. In addition, BPF packet access is controlled
+by permissions to /dev/bpf0. In any case, DO NOT give untrusted users
+the capability of running tcpdump. Tcpdump can capture any traffic on
+your net, including passwords.
+
+Note that tcpdump is shipped with some systems, for example, DEC/OSF
+and BSD/386.  Remember to remove or rename the installed binary
+when upgrading.
+
+If your system is not one which we have tested tcpdump on, you may have
+to modify the configure script and Makefile.in. Please send us patches
+for any modifications you need to make. However, we are not interested
+in ascii packet printer patches. We believe adding this feature would
+make it too easy for crackers who do not have the programming skills
+needed to write a password sniffer to grab clear text passwords.
+
+FILES
+-----
+CHANGES         - description of differences between releases
+FILES		- list of files exported as part of the distribution
+INSTALL         - this file
+Makefile.in	- compilation rules (input to the configure script)
+README		- description of distribution
+VERSION		- version of this release
+aclocal.m4	- autoconf macros
+addrtoname.c	- address to hostname routines
+addrtoname.h	- address to hostname definitions
+appletalk.h	- AppleTalk definitions
+atime.awk	- tcp ack awk script
+bootp.h		- BOOTP definitions
+bpf_dump.c	- bpf instruction pretty-printer routine
+config.guess	- autoconf support
+config.sub	- autoconf support
+configure	- configure script (run this first)
+configure.in	- configure script source
+decnet.h	- DECnet definitions
+ethertype.h	- ethernet definitions
+extract.h	- alignment definitions
+fddi.h		- FDDI definitions
+igrp.h		- Interior Gateway Routing Protoco definitions
+install-sh	- BSD style install script
+interface.h	- globals, prototypes and definitions
+ipx.h		- IPX definitions
+lbl/gnuc.h	- gcc macros and defines
+lbl/os-*.h	- os dependent defines and prototypes
+llc.h		- LLC definitions
+machdep.c	- machine dependent routines
+machdep.h	- machine dependent definitions
+makemib		- mib to header script
+mib.h		- mib definitions
+mkdep		- construct Makefile dependency list
+netbios.h	- NETBIOS definitions
+nfsfh.h		- NFS file handle definitions
+nfsv2.h		- NFS V2 definitions
+ntp.h		- NTP definitions
+ospf.h		- OSPF definitions
+packetdat.awk	- tcp chunk summary awk script
+parsenfsfh.c	- NFS file parser routines
+print-arp.c	- ARP printer routines
+print-atalk.c	- AppleTalk printer routines
+print-atm.c	- atm printer routines
+print-bootp.c	- BOOTP printer routines
+print-decnet.c	- DECnet printer routines
+print-domain.c	- Domain Name System printer routines
+print-egp.c	- EGP printer routines
+print-ether.c	- ethernet printer routines
+print-fddi.c	- FDDI printer routines
+print-icmp.c	- ICMP printer routines
+print-igrp.c	- Interior Gateway Routing Protoco printer routines
+print-ip.c	- ip printer routines
+print-ipx.c	- IPX printer routines
+print-isoclns.c	- isoclns printer routines
+print-krb.c	- Kerberos printer routines
+print-llc.c	- llc printer routines
+print-netbios.c	- netbios printer routines
+print-nfs.c	- NFS printer routines
+print-ntp.c	- NTP printer routines
+print-null.c	- null printer routines
+print-ospf.c	- ospf printer routines
+print-pim.c	- Protocol Independent Multicast printer routines
+print-ppp.c	- PPP printer routines
+print-rip.c	- RIP printer routines
+print-sl.c	- CSLIP printer routines
+print-snmp.c	- SNMP printer routines
+print-sunrpc.c	- Sun RPC printer routines
+print-tcp.c	- TCP printer routines
+print-tftp.c	- TFTP printer routines
+print-udp.c	- UDP printer routines
+print-wb.c	- white board printer routines
+send-ack.awk	- unidirectional tcp send/ack awk script
+stime.awk	- tcp send awk script
+tcpdump.1	- manual entry
+tcpdump.c	- main program
+util.c		- utility routines
+vfprintf.c	- emulation routine
diff --git a/contrib/tcpdump/Makefile.in b/contrib/tcpdump/Makefile.in
new file mode 100644
index 000000000000..f4490ba03592
--- /dev/null
+++ b/contrib/tcpdump/Makefile.in
@@ -0,0 +1,140 @@
+#  Copyright (c) 1988, 1989, 1990, 1991, 1992, 1993, 1994, 1995, 1996
+# 	The Regents of the University of California.  All rights reserved.
+#
+#  Redistribution and use in source and binary forms, with or without
+#  modification, are permitted provided that: (1) source code distributions
+#  retain the above copyright notice and this paragraph in its entirety, (2)
+#  distributions including binary code include the above copyright notice and
+#  this paragraph in its entirety in the documentation or other materials
+#  provided with the distribution, and (3) all advertising materials mentioning
+#  features or use of this software display the following acknowledgement:
+#  ``This product includes software developed by the University of California,
+#  Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
+#  the University nor the names of its contributors may be used to endorse
+#  or promote products derived from this software without specific prior
+#  written permission.
+#  THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
+#  WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
+#  MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
+#
+# @(#) $Header: Makefile.in,v 1.195 96/07/16 23:52:06 leres Exp $ (LBL)
+
+#
+# Various configurable paths (remember to edit Makefile.in, not Makefile)
+#
+
+# Top level hierarchy
+prefix = @prefix@
+exec_prefix = @exec_prefix@
+# Pathname of directory to install the binary
+BINDEST = @sbindir@
+# Pathname of directory to install the man page
+MANDEST = @mandir@
+
+#
+# You shouldn't need to edit anything below here.
+#
+
+CC = @CC@
+CCOPT = @V_CCOPT@
+INCLS = -I. @V_INCLS@
+DEFS = @DEFS@ -DPPP -DHAVE_FDDI
+
+# Standard CFLAGS
+CFLAGS = $(CCOPT) $(DEFS) $(INCLS)
+
+# Standard LIBS
+LIBS = @LIBS@
+
+INSTALL = @INSTALL@
+
+# Explicitly define compilation rule since SunOS 4's make doesn't like gcc.
+# Also, gcc does not remove the .o before forking 'as', which can be a
+# problem if you don't own the file but can write to the directory.
+.c.o:
+	@rm -f $@
+	$(CC) $(CFLAGS) -c $*.c
+
+CSRC =	tcpdump.c addrtoname.c \
+	print-ether.c print-ip.c print-arp.c print-tcp.c \
+	print-udp.c print-atalk.c print-domain.c print-tftp.c \
+	print-bootp.c print-nfs.c print-icmp.c print-igrp.c \
+	print-sl.c print-ppp.c print-rip.c print-snmp.c \
+	print-ntp.c print-null.c print-egp.c print-ospf.c \
+	print-fddi.c print-llc.c print-sunrpc.c print-wb.c \
+	print-decnet.c print-isoclns.c print-ipx.c \
+	print-atm.c print-dvmrp.c print-pim.c print-krb.c \
+	util.c machdep.c bpf_dump.c parsenfsfh.c
+LOCALSRC =
+GENSRC = version.c
+
+SRC =	$(CSRC) $(GENSRC) $(LOCALSRC)
+
+# We would like to say "OBJ = $(SRC:.c=.o)" but Ultrix's make cannot
+# hack the extra indirection
+OBJ =	$(CSRC:.c=.o) $(GENSRC:.c=.o) $(LOCALSRC:.c=.o) @LIBOBJS@
+HDR =   addrtoname.h appletalk.h bootp.h decnet.h \
+	ethertype.h extract.h fddi.h interface.h igrp.h ipx.h \
+	llc.h machdep.h mib.h nfsfh.h nfsv2.h ntp.h ospf.h
+
+TAGHDR = \
+	/usr/include/arpa/tftp.h \
+	/usr/include/net/slip.h \
+	/usr/include/netinet/if_ether.h \
+	/usr/include/netinet/in.h \
+	/usr/include/netinet/ip_icmp.h \
+	/usr/include/netinet/tcp.h \
+	/usr/include/netinet/udp.h \
+	/usr/include/protocols/routed.h
+
+TAGFILES = $(SRC) $(HDR) $(TAGHDR)
+
+CLEANFILES = $(OBJ) tcpdump $(GENSRC)
+
+tcpdump: $(OBJ) @V_PCAPDEP@
+	@rm -f $@
+	$(CC) $(CFLAGS) -o $@ $(OBJ) $(LIBS)
+
+version.o: version.c
+version.c: VERSION
+	@rm -f $@
+	sed -e 's/.*/char version[] = "&";/' VERSION > $@
+
+install: force
+	$(INSTALL) -m 550 -o bin -g @V_GROUP@ tcpdump $(DESTDIR)$(BINDEST)
+
+install-man: force
+	$(INSTALL) -m 444 -o bin -g bin tcpdump.1 $(DESTDIR)$(MANDEST)/man1
+
+lint:	$(GENSRC) force
+	lint -hbxn $(SRC) | \
+	    grep -v 'struct/union .* never defined' | \
+	    grep -v 'possible pointer alignment problem'
+
+clean:
+	rm -f $(CLEANFILES)
+
+distclean:
+	rm -f $(CLEANFILES) Makefile config.cache config.log config.status \
+	    gnuc.h os-proto.h
+
+tags:	$(TAGFILES)
+	ctags -wtd $(TAGFILES)
+
+tar:	force
+	@cwd=`pwd` ; dir=`basename $$cwd` ; name=tcpdump-`cat VERSION` ; \
+	    list="" ; tar="tar chFFf" ; \
+	    for i in `cat FILES` ; do list="$$list $$name/$$i" ; done; \
+	    echo \
+	    "rm -f ../$$name; ln -s $$dir ../$$name" ; \
+	     rm -f ../$$name; ln -s $$dir ../$$name ; \
+	    echo \
+	    "(cd .. ; $$tar - [lots of files]) | compress > /tmp/$$name.tar.Z" ; \
+	     (cd .. ; $$tar - $$list) | compress > /tmp/$$name.tar.Z ; \
+	    echo \
+	    "rm -f ../$$name" ; \
+	     rm -f ../$$name
+
+force:	/tmp
+depend:	$(GENSRC) force
+	./mkdep -c $(CC) $(DEFS) $(INCLS) $(SRC)
diff --git a/contrib/tcpdump/README b/contrib/tcpdump/README
new file mode 100644
index 000000000000..49a4578b82ab
--- /dev/null
+++ b/contrib/tcpdump/README
@@ -0,0 +1,203 @@
+@(#) $Header: README,v 1.49 96/07/15 18:28:23 leres Exp $ (LBL)
+
+TCPDUMP 3.2.1
+Lawrence Berkeley National Laboratory
+Network Research Group
+tcpdump@ee.lbl.gov
+ftp://ftp.ee.lbl.gov/tcpdump.tar.Z
+
+This directory contains source code for tcpdump, a tool for network
+monitoring and data acquisition.  The original distribution is
+available via anonymous ftp to ftp.ee.lbl.gov, in tcpdump.tar.Z.
+
+Tcpdump now uses libcap, a system-independent interface for user-level
+packet capture.  Before building tcpdump, you must first retrieve and
+build libpcap, also from LBL, in:
+
+	ftp://ftp.ee.lbl.gov/libpcap.tar.Z
+
+Once libpcap is built (either install it or make sure it's in
+../libpcap), you can build tcpdump using the procedure in the INSTALL
+file.
+
+The program is loosely based on SMI's "etherfind" although none
+of the etherfind code remains.  It was originally written by Van
+Jacobson as part of an ongoing research project to investigate and
+improve tcp and internet gateway performance.  The parts of the
+program originally taken from Sun's etherfind were later re-written
+by Steven McCanne of LBL.  To insure that there would be no vestige
+of proprietary code in tcpdump, Steve wrote these pieces from the
+specification given by the manual entry, with no access to the
+source of tcpdump or etherfind.
+
+Over the past few years, tcpdump has been steadily improved
+by the excellent contributions from the Internet community
+(just browse through the CHANGES file).  We are grateful for
+all the input.
+
+Richard Stevens gives an excellent treatment of the Internet
+protocols in his book ``TCP/IP Illustrated, Volume 1''.
+If you want to learn more about tcpdump and how to interpret
+its output, pick up this book.
+
+Some tools for viewing and analyzing tcpdump trace files are available
+from the Internet Traffic Archive:
+
+	http://town.hall.org/Archives/pub/ITA/
+
+Problems, bugs, questions, desirable enhancements, source code
+contributions, etc., should be sent to the email address
+"tcpdump@ee.lbl.gov".
+
+ - Steve McCanne
+   Craig Leres
+   Van Jacobson
+-------------------------------------
+This directory also contains some short awk programs intended as
+examples of ways to reduce tcpdump data when you're tracking
+particular network problems:
+
+send-ack.awk
+	Simplifies the tcpdump trace for an ftp (or other unidirectional
+	tcp transfer).  Since we assume that one host only sends and
+	the other only acks, all address information is left off and
+	we just note if the packet is a "send" or an "ack".
+
+	There is one output line per line of the original trace.
+	Field 1 is the packet time in decimal seconds, relative
+	to the start of the conversation.  Field 2 is delta-time
+	from last packet.  Field 3 is packet type/direction.
+	"Send" means data going from sender to receiver, "ack"
+	means an ack going from the receiver to the sender.  A
+	preceding "*" indicates that the data is a retransmission.
+	A preceding "-" indicates a hole in the sequence space
+	(i.e., missing packet(s)), a "#" means an odd-size (not max
+	seg size) packet.  Field 4 has the packet flags
+	(same format as raw trace).  Field 5 is the sequence
+	number (start seq. num for sender, next expected seq number
+	for acks).  The number in parens following an ack is
+	the delta-time from the first send of the packet to the
+	ack.  A number in parens following a send is the
+	delta-time from the first send of the packet to the
+	current send (on duplicate packets only).  Duplicate
+	sends or acks have a number in square brackets showing
+	the number of duplicates so far.
+
+	Here is a short sample from near the start of an ftp:
+		3.00    0.20   send . 512
+		3.20    0.20    ack . 1024  (0.20)
+		3.20    0.00   send P 1024
+		3.40    0.20    ack . 1536  (0.20)
+		3.80    0.40 * send . 0  (3.80) [2]
+		3.82    0.02 *  ack . 1536  (0.62) [2]
+	Three seconds into the conversation, bytes 512 through 1023
+	were sent.  200ms later they were acked.  Shortly thereafter
+	bytes 1024-1535 were sent and again acked after 200ms.
+	Then, for no apparent reason, 0-511 is retransmitted, 3.8
+	seconds after its initial send (the round trip time for this
+	ftp was 1sec, +-500ms).  Since the receiver is expecting
+	1536, 1536 is re-acked when 0 arrives.
+
+packetdat.awk
+	Computes chunk summary data for an ftp (or similar
+	unidirectional tcp transfer). [A "chunk" refers to
+	a chunk of the sequence space -- essentially the packet
+	sequence number divided by the max segment size.]
+
+	A summary line is printed showing the number of chunks,
+	the number of packets it took to send that many chunks
+	(if there are no lost or duplicated packets, the number
+	of packets should equal the number of chunks) and the
+	number of acks.
+
+	Following the summary line is one line of information
+	per chunk.  The line contains eight fields:
+	   1 - the chunk number
+	   2 - the start sequence number for this chunk
+	   3 - time of first send
+	   4 - time of last send
+	   5 - time of first ack
+	   6 - time of last ack
+	   7 - number of times chunk was sent
+	   8 - number of times chunk was acked
+	(all times are in decimal seconds, relative to the start
+	of the conversation.)
+
+	As an example, here is the first part of the output for
+	an ftp trace:
+
+	# 134 chunks.  536 packets sent.  508 acks.
+	1       1       0.00    5.80    0.20    0.20    4       1
+	2       513     0.28    6.20    0.40    0.40    4       1
+	3       1025    1.16    6.32    1.20    1.20    4       1
+	4       1561    1.86    15.00   2.00    2.00    6       1
+	5       2049    2.16    15.44   2.20    2.20    5       1
+	6       2585    2.64    16.44   2.80    2.80    5       1
+	7       3073    3.00    16.66   3.20    3.20    4       1
+	8       3609    3.20    17.24   3.40    5.82    4       11
+	9       4097    6.02    6.58    6.20    6.80    2       5
+
+	This says that 134 chunks were transferred (about 70K
+	since the average packet size was 512 bytes).  It took
+	536 packets to transfer the data (i.e., on the average
+	each chunk was transmitted four times).  Looking at,
+	say, chunk 4, we see it represents the 512 bytes of
+	sequence space from 1561 to 2048.  It was first sent
+	1.86 seconds into the conversation.  It was last
+	sent 15 seconds into the conversation and was sent
+	a total of 6 times (i.e., it was retransmitted every
+	2 seconds on the average).  It was acked once, 140ms
+	after it first arrived.
+
+stime.awk
+atime.awk
+	Output one line per send or ack, respectively, in the form
+		<time> <seq. number>
+	where <time> is the time in seconds since the start of the
+	transfer and <seq. number> is the sequence number being sent
+	or acked.  I typically plot this data looking for suspicious
+	patterns.
+
+
+The problem I was looking at was the bulk-data-transfer
+throughput of medium delay network paths (1-6 sec.  round trip
+time) under typical DARPA Internet conditions.  The trace of the
+ftp transfer of a large file was used as the raw data source.
+The method was:
+
+  - On a local host (but not the Sun running tcpdump), connect to
+    the remote ftp.
+
+  - On the monitor Sun, start the trace going.  E.g.,
+      tcpdump host local-host and remote-host and port ftp-data >tracefile
+
+  - On local, do either a get or put of a large file (~500KB),
+    preferably to the null device (to minimize effects like
+    closing the receive window while waiting for a disk write).
+
+  - When transfer is finished, stop tcpdump.  Use awk to make up
+    two files of summary data (maxsize is the maximum packet size,
+    tracedata is the file of tcpdump tracedata):
+      awk -f send-ack.awk packetsize=avgsize tracedata >sa
+      awk -f packetdat.awk packetsize=avgsize tracedata >pd
+
+  - While the summary data files are printing, take a look at
+    how the transfer behaved:
+      awk -f stime.awk tracedata | xgraph
+    (90% of what you learn seems to happen in this step).
+
+  - Do all of the above steps several times, both directions,
+    at different times of day, with different protocol
+    implementations on the other end.
+
+  - Using one of the Unix data analysis packages (in my case,
+    S and Gary Perlman's Unix|Stat), spend a few months staring
+    at the data.
+
+  - Change something in the local protocol implementation and
+    redo the steps above.
+
+  - Once a week, tell your funding agent that you're discovering
+    wonderful things and you'll write up that research report
+    "real soon now".
+
diff --git a/contrib/tcpdump/VERSION b/contrib/tcpdump/VERSION
new file mode 100644
index 000000000000..e4604e3afd0d
--- /dev/null
+++ b/contrib/tcpdump/VERSION
@@ -0,0 +1 @@
+3.2.1
diff --git a/contrib/tcpdump/aclocal.m4 b/contrib/tcpdump/aclocal.m4
new file mode 100644
index 000000000000..2c017f6c3488
--- /dev/null
+++ b/contrib/tcpdump/aclocal.m4
@@ -0,0 +1,505 @@
+dnl @(#) $Header: aclocal.m4,v 1.32 96/07/23 22:55:48 leres Exp $ (LBL)
+dnl
+dnl Copyright (c) 1995, 1996
+dnl	The Regents of the University of California.  All rights reserved.
+dnl
+dnl Redistribution and use in source and binary forms, with or without
+dnl modification, are permitted provided that: (1) source code distributions
+dnl retain the above copyright notice and this paragraph in its entirety, (2)
+dnl distributions including binary code include the above copyright notice and
+dnl this paragraph in its entirety in the documentation or other materials
+dnl provided with the distribution, and (3) all advertising materials mentioning
+dnl features or use of this software display the following acknowledgement:
+dnl ``This product includes software developed by the University of California,
+dnl Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
+dnl the University nor the names of its contributors may be used to endorse
+dnl or promote products derived from this software without specific prior
+dnl written permission.
+dnl THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
+dnl WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
+dnl MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
+dnl
+dnl LBL autoconf macros
+dnl
+
+dnl
+dnl Determine which compiler we're using (cc or gcc)
+dnl If using gcc, determine the version number
+dnl If using cc, require that it support ansi prototypes
+dnl If using gcc, use -O2 (otherwise use -O)
+dnl If using cc, explicitly specify /usr/local/include
+dnl
+dnl usage:
+dnl
+dnl	AC_LBL_C_INIT(copt, incls)
+dnl
+dnl results:
+dnl
+dnl	$1 (copt set)
+dnl	$2 (incls set)
+dnl	CC
+dnl	ac_cv_gcc_vers
+dnl
+AC_DEFUN(AC_LBL_C_INIT,
+    [$1=-O
+    $2=""
+    if test -z "$CC" ; then
+	    case "$target_os" in
+
+	    bsdi*)
+		    AC_CHECK_PROG(SHLICC2, shlicc2, yes, no)
+		    if test $SHLICC2 = yes ; then
+			    CC=shlicc2
+			    export CC
+		    fi
+		    ;;
+	    esac
+    fi
+    AC_PROG_CC
+    if test $ac_cv_prog_gcc = yes ; then
+	    if test "$SHLICC2" = yes ; then
+		    ac_cv_gcc_vers=2
+		    $1=-O2
+	    else
+		    AC_MSG_CHECKING(gcc version)
+		    AC_CACHE_VAL(ac_cv_gcc_vers,
+			ac_cv_gcc_vers=`$CC -v 2>&1 | \
+			    sed -n -e '$s/.* //' -e '$s/\..*//p'`)
+		    AC_MSG_RESULT($ac_cv_gcc_vers)
+		    if test $ac_cv_gcc_vers -gt 1 ; then
+			    $1=-O2
+		    fi
+	    fi
+    else
+	    AC_MSG_CHECKING(that $CC handles ansi prototypes)
+	    AC_CACHE_VAL(ac_cv_cc_ansi_prototypes,
+		AC_TRY_COMPILE(
+		    [#include <sys/types.h>],
+		    [int frob(int, char *)],
+		    ac_cv_cc_ansi_prototypes=yes,
+		    ac_cv_cc_ansi_prototypes=no))
+	    AC_MSG_RESULT($ac_cv_cc_ansi_prototypes)
+	    if test $ac_cv_cc_ansi_prototypes = no ; then
+		    case "$target_os" in
+
+		    hpux*)
+			    AC_MSG_CHECKING(for HP-UX ansi compiler ($CC -Aa -D_HPUX_SOURCE))
+			    savedcflags="$CFLAGS"
+			    CFLAGS="-Aa -D_HPUX_SOURCE $CFLAGS"
+			    AC_CACHE_VAL(ac_cv_cc_hpux_cc_aa,
+				AC_TRY_COMPILE(
+				    [#include <sys/types.h>],
+				    [int frob(int, char *)],
+				    ac_cv_cc_hpux_cc_aa=yes,
+				    ac_cv_cc_hpux_cc_aa=no))
+			    AC_MSG_RESULT($ac_cv_cc_hpux_cc_aa)
+			    if test $ac_cv_cc_hpux_cc_aa = no ; then
+				    AC_MSG_ERROR(see the INSTALL for more info)
+			    fi
+			    CFLAGS="$savedcflags"
+			    V_CCOPT="-Aa $V_CCOPT"
+			    AC_DEFINE(_HPUX_SOURCE)
+			    ;;
+
+		    sni*)
+			    AC_MSG_CHECKING(for SINIX ansi compiler ($CC -kansi))
+			    savedcflags="$CFLAGS"
+			    CFLAGS="-kansi"
+			    AC_CACHE_VAL(ac_cv_cc_sinix_kansi,
+				AC_TRY_COMPILE(
+				    [#include <sys/types.h>],
+				    [int frob(int, char *)],
+				    ac_cv_cc_sinix_kansi=yes,
+				    ac_cv_cc_sinix_kansi=no))
+			    AC_MSG_RESULT($ac_cv_cc_sinix_kansi)
+			    if test $ac_cv_cc_sinix_kansi = no ; then
+				    AC_MSG_ERROR(see the INSTALL for more info)
+			    fi
+			    CFLAGS="$savedcflags"
+			    V_CCOPT="-kansi $V_CCOPT"
+			    ;;
+
+		    *)
+			    AC_MSG_ERROR(see the INSTALL for more info)
+			    ;;
+		    esac
+	    fi
+	    $2=-I/usr/local/include
+
+	    case "$target_os" in
+
+	    irix*)
+		    V_CCOPT="$V_CCOPT -xansi -signed -g3"
+		    ;;
+
+	    osf*)
+		    V_CCOPT="$V_CCOPT -g3"
+		    ;;
+
+	    ultrix*)
+		    AC_MSG_CHECKING(that Ultrix $CC hacks const in prototypes)
+		    AC_CACHE_VAL(ac_cv_cc_const_proto,
+			AC_TRY_COMPILE(
+			    [#include <sys/types.h>],
+			    [struct a { int b; };
+			    void c(const struct a *)],
+			    ac_cv_cc_const_proto=yes,
+			    ac_cv_cc_const_proto=no))
+		    AC_MSG_RESULT($ac_cv_cc_const_proto)
+		    if test $ac_cv_cc_const_proto = no ; then
+			    AC_DEFINE(const,)
+		    fi
+		    ;;
+	    esac
+    fi
+])
+
+dnl
+dnl Use pfopen.c if available and pfopen() not in standard libraries
+dnl Require libpcap
+dnl Look for libpcap in ..
+dnl Use the installed libpcap if there is no local version
+dnl
+dnl usage:
+dnl
+dnl	AC_LBL_LIBPCAP(pcapdep, incls)
+dnl
+dnl results:
+dnl
+dnl	$1 (pcapdep set)
+dnl	$2 (incls appended)
+dnl	LIBS
+dnl
+AC_DEFUN(AC_LBL_LIBPCAP,
+    [pfopen=/usr/examples/packetfilter/pfopen.c
+    if test -f $pfopen ; then
+	    AC_CHECK_FUNCS(pfopen)
+	    if test $ac_cv_func_pfopen = "no" ; then
+		    AC_MSG_RESULT(Using $pfopen)
+		    LIBS="$LIBS $pfopen"
+	    fi
+    fi
+    AC_MSG_CHECKING(for local pcap library)
+    libpcap=FAIL
+    places=`ls .. | sed -e 's,/$,,' -e 's,^,../,' | \
+	egrep '/libpcap-[[0-9]]*\.[[0-9]]*(\.[[0-9]]*)?([[ab]][[0-9]]*)?$'`
+    for dir in ../libpcap $places libpcap ; do
+	    if test -r $dir/pcap.c ; then
+		    libpcap=$dir/libpcap.a
+		    d=$dir
+		    dnl continue and select the last one that exists
+	    fi
+    done
+    if test $libpcap = FAIL ; then
+	    AC_MSG_RESULT(not found)
+	    AC_CHECK_LIB(pcap, main, libpcap="-lpcap")
+	    if test $libpcap = FAIL ; then
+		    AC_MSG_ERROR(see the INSTALL doc for more info)
+	    fi
+    else
+	    $1=$libpcap
+	    $2="-I$d $$2"
+	    AC_MSG_RESULT($libpcap)
+    fi
+    LIBS="$libpcap $LIBS"])
+
+dnl
+dnl Define RETSIGTYPE and RETSIGVAL
+dnl
+dnl usage:
+dnl
+dnl	AC_LBL_TYPE_SIGNAL
+dnl
+dnl results:
+dnl
+dnl	RETSIGTYPE (defined)
+dnl	RETSIGVAL (defined)
+dnl
+AC_DEFUN(AC_LBL_TYPE_SIGNAL,
+    [AC_TYPE_SIGNAL
+    if test "$ac_cv_type_signal" = void ; then
+	    AC_DEFINE(RETSIGVAL,)
+    else
+	    AC_DEFINE(RETSIGVAL,(0))
+    fi
+    case "$target_os" in
+
+    irix*)
+	    AC_DEFINE(_BSD_SIGNALS)
+	    ;;
+
+    *)
+	    AC_CHECK_FUNCS(sigset)
+	    if test $ac_cv_func_sigset = yes ; then
+		    AC_DEFINE(signal, sigset)
+	    fi
+	    ;;
+    esac])
+
+dnl
+dnl If using gcc, see if fixincludes should be run
+dnl
+dnl usage:
+dnl
+dnl	AC_LBL_FIXINCLUDES
+dnl
+AC_DEFUN(AC_LBL_FIXINCLUDES,
+    [if test $ac_cv_prog_gcc = yes ; then
+	    AC_MSG_CHECKING(if fixincludes is needed)
+	    AC_CACHE_VAL(ac_cv_gcc_fixincludes,
+		AC_TRY_COMPILE(
+		    [/*
+		     * This generates a "duplicate case value" when fixincludes
+		     * has not be run.
+		     */
+#		include <sys/types.h>
+#		include <sys/time.h>
+#		include <sys/ioctl.h>
+#		ifdef HAVE_SYS_IOCCOM_H
+#		include <sys/ioccom.h>
+#		endif],
+		    [switch (0) {
+		    case _IO('A', 1):;
+		    case _IO('B', 1):;
+		    }],
+		    ac_cv_gcc_fixincludes=yes,
+		    ac_cv_gcc_fixincludes=no))
+	    AC_MSG_RESULT($ac_cv_gcc_fixincludes)
+	    if test $ac_cv_gcc_fixincludes = no ; then
+		    # Don't cache failure
+		    unset ac_cv_gcc_fixincludes
+		    AC_MSG_ERROR(see the INSTALL for more info)
+	    fi
+    fi])
+
+dnl
+dnl Check for flex, default to lex
+dnl Require flex 2.4 or higher
+dnl Check for bison, default to yacc
+dnl Default to lex/yacc if both flex and bison are not available
+dnl Define the yy prefix string if using flex and bison
+dnl
+dnl usage:
+dnl
+dnl	AC_LBL_LEX_AND_YACC(lex, yacc, yyprefix)
+dnl
+dnl results:
+dnl
+dnl	$1 (lex set)
+dnl	$2 (yacc appended)
+dnl	$3 (optional flex and bison -P prefix)
+dnl
+AC_DEFUN(AC_LBL_LEX_AND_YACC,
+    [AC_CHECK_PROGS($1, flex, lex)
+    if test "$$1" = flex ; then
+	    # The -V flag was added in 2.4
+	    AC_MSG_CHECKING(for flex 2.4 or higher)
+	    AC_CACHE_VAL(ac_cv_flex_v24,
+		if flex -V >/dev/null 2>&1; then
+			ac_cv_flex_v24=yes
+		else
+			ac_cv_flex_v24=no
+		fi)
+	    AC_MSG_RESULT($ac_cv_flex_v24)
+	    if test $ac_cv_flex_v24 = no ; then
+		    s="2.4 or higher required"
+		    AC_MSG_WARN(ignoring obsolete flex executable ($s))
+		    $1=lex
+	    fi
+    fi
+    AC_CHECK_PROGS($2, bison, yacc)
+    if test "$$2" = bison ; then
+	    $2="$$2 -y"
+    fi
+    if test "$$1" != lex -a "$$2" = yacc -o "$$1" = lex -a "$$2" != yacc ; then
+	    AC_MSG_WARN(don't have both flex and bison; reverting to lex/yacc)
+	    $1=lex
+	    $2=yacc
+    fi
+    if test "$$1" = flex -a -n "$3" ; then
+	    $1="$$1 -P$3"
+	    $2="$$2 -p $3"
+    fi])
+
+dnl
+dnl Checks to see if union wait is used with WEXITSTATUS()
+dnl
+dnl usage:
+dnl
+dnl	AC_LBL_UNION_WAIT
+dnl
+dnl results:
+dnl
+dnl	DECLWAITSTATUS (defined)
+dnl
+AC_DEFUN(AC_LBL_UNION_WAIT,
+    [AC_MSG_CHECKING(if union wait is used)
+    AC_CACHE_VAL(ac_cv_union_wait,
+	AC_TRY_COMPILE([
+    #	include <sys/types.h>
+    #	include <sys/wait.h>],
+	    [int status;
+	    u_int i = WEXITSTATUS(status);
+	    u_int j = waitpid(0, &status, 0);],
+	    ac_cv_union_wait=no,
+	    ac_cv_union_wait=yes))
+    AC_MSG_RESULT($ac_cv_union_wait)
+    if test $ac_cv_union_wait = yes ; then
+	    AC_DEFINE(DECLWAITSTATUS,union wait)
+    else
+	    AC_DEFINE(DECLWAITSTATUS,int)
+    fi])
+
+dnl
+dnl Checks to see if the sockaddr struct has the 4.4 BSD sa_len member
+dnl
+dnl usage:
+dnl
+dnl	AC_LBL_SOCKADDR_SA_LEN
+dnl
+dnl results:
+dnl
+dnl	HAVE_SOCKADDR_SA_LEN (defined)
+dnl
+AC_DEFUN(AC_LBL_SOCKADDR_SA_LEN,
+    [AC_MSG_CHECKING(if sockaddr struct has sa_len member)
+    AC_CACHE_VAL(ac_cv_sockaddr_has_sa_len,
+	AC_TRY_COMPILE([
+#	include <sys/types.h>
+#	include <sys/socket.h>],
+	[u_int i = sizeof(((struct sockaddr *)0)->sa_len)],
+	ac_cv_sockaddr_has_sa_len=yes,
+	ac_cv_sockaddr_has_sa_len=no))
+    AC_MSG_RESULT($ac_cv_sockaddr_has_sa_len)
+    if test $ac_cv_sockaddr_has_sa_len = yes ; then
+	    AC_DEFINE(HAVE_SOCKADDR_SA_LEN)
+    fi])
+
+dnl
+dnl Checks to see if -R is used
+dnl
+dnl usage:
+dnl
+dnl	AC_LBL_HAVE_RUN_PATH
+dnl
+dnl results:
+dnl
+dnl	ac_cv_have_run_path (yes or no)
+dnl
+AC_DEFUN(AC_LBL_HAVE_RUN_PATH,
+    [AC_MSG_CHECKING(for ${CC-cc} -R)
+    AC_CACHE_VAL(ac_cv_have_run_path,
+	[echo 'main(){}' > conftest.c
+	${CC-cc} -o conftest conftest.c -R/a1/b2/c3 >conftest.out 2>&1
+	if test ! -s conftest.out ; then
+		ac_cv_have_run_path=yes
+	else
+		ac_cv_have_run_path=no
+	fi
+	rm -f conftest*])
+    AC_MSG_RESULT($ac_cv_have_run_path)
+    ])
+
+dnl
+dnl Checks to see if unaligned memory accesses fail
+dnl
+dnl usage:
+dnl
+dnl	AC_LBL_UNALIGNED_ACCESS
+dnl
+dnl results:
+dnl
+dnl	LBL_ALIGN (DEFINED)
+dnl
+AC_DEFUN(AC_LBL_UNALIGNED_ACCESS,
+    [AC_MSG_CHECKING(if unaligned accesses fail)
+    AC_CACHE_VAL(ac_cv_unaligned_fail,
+	[case "$target_cpu" in
+
+	alpha|hp*|mips|sparc)
+		ac_cv_unaligned_fail=yes
+		;;
+
+	*)
+		cat >conftest.c <<EOF
+#		include <sys/types.h>
+#		include <sys/wait.h>
+#		include <stdio.h>
+		unsigned char a[[5]] = { 1, 2, 3, 4, 5 };
+		main() {
+		unsigned int i;
+		pid_t pid;
+		int status;
+		/* avoid "core dumped" message */
+		pid = fork();
+		if (pid <  0)
+			exit(2);
+		if (pid > 0) {
+			/* parent */
+			pid = waitpid(pid, &status, 0);
+			if (pid < 0)
+				exit(3);
+			exit(!WIFEXITED(status));
+		}
+		/* child */
+		i = *(unsigned int *)&a[1];
+		printf("%d\n", i);
+		exit(0);
+		}
+EOF
+		${CC-cc} -o conftest $CFLAGS $CPPFLAGS $LDFLAGS \
+		    conftest.c $LIBS >/dev/null 2>&1
+		if test ! -x conftest ; then
+			dnl failed to compile for some reason
+			ac_cv_unaligned_fail=yes
+		else
+			./conftest >conftest.out
+			if test ! -s conftest.out ; then
+				ac_cv_unaligned_fail=yes
+			else
+				ac_cv_unaligned_fail=no
+			fi
+		fi
+		rm -f conftest* core core.conftest
+		;;
+	esac])
+    AC_MSG_RESULT($ac_cv_unaligned_fail)
+    if test $ac_cv_unaligned_fail = yes ; then
+	    AC_DEFINE(LBL_ALIGN)
+    fi])
+
+dnl
+dnl If using gcc and the file .devel exists:
+dnl	Compile with -g (if supported) and -Wall
+dnl	If using gcc 2, do extra prototype checking
+dnl	If an os prototype include exists, symlink os-proto.h to it
+dnl
+dnl usage:
+dnl
+dnl	AC_LBL_DEVEL(copt)
+dnl
+dnl results:
+dnl
+dnl	$1 (copt appended)
+dnl	HAVE_OS_PROTO_H (defined)
+dnl	os-proto.h (symlinked)
+dnl
+AC_DEFUN(AC_LBL_DEVEL,
+    [rm -f os-proto.h
+    if test $ac_cv_prog_gcc = yes -a -f .devel ; then
+	    if test $ac_cv_prog_gcc_g = yes ; then
+		    $1="-g $$1"
+	    fi
+	    $1="$$1 -Wall"
+	    if test $ac_cv_gcc_vers -gt 1 ; then
+		    $1="$$1 -Wmissing-prototypes -Wstrict-prototypes"
+	    fi
+	    os=`echo $target_os | sed -e 's/\([[0-9]]\)[[0-9.]][[0-9.]]*$/\1/'`
+	    name="lbl/os-$os.h"
+	    if test -f $name ; then
+		    ln -s $name os-proto.h
+		    AC_DEFINE(HAVE_OS_PROTO_H)
+	    else
+		    AC_MSG_WARN(can't find $name)
+	    fi
+    fi])
diff --git a/contrib/tcpdump/addrtoname.c b/contrib/tcpdump/addrtoname.c
new file mode 100644
index 000000000000..af2a757325f0
--- /dev/null
+++ b/contrib/tcpdump/addrtoname.c
@@ -0,0 +1,756 @@
+/*
+ * Copyright (c) 1990, 1991, 1992, 1993, 1994, 1995, 1996
+ *	The Regents of the University of California.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that: (1) source code distributions
+ * retain the above copyright notice and this paragraph in its entirety, (2)
+ * distributions including binary code include the above copyright notice and
+ * this paragraph in its entirety in the documentation or other materials
+ * provided with the distribution, and (3) all advertising materials mentioning
+ * features or use of this software display the following acknowledgement:
+ * ``This product includes software developed by the University of California,
+ * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
+ * the University nor the names of its contributors may be used to endorse
+ * or promote products derived from this software without specific prior
+ * written permission.
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
+ *
+ *  Internet, ethernet, port, and protocol string to address
+ *  and address to string conversion routines
+ */
+#ifndef lint
+static char rcsid[] =
+    "@(#) $Header: addrtoname.c,v 1.49 96/07/02 00:19:35 leres Exp $ (LBL)";
+#endif
+
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <sys/time.h>
+
+#if __STDC__
+struct mbuf;
+struct rtentry;
+#endif
+#include <net/if.h>
+
+#include <netinet/in.h>
+#include <netinet/if_ether.h>
+
+#include <arpa/inet.h>
+
+#include <ctype.h>
+#include <netdb.h>
+#include <pcap.h>
+#include <pcap-namedb.h>
+#include <signal.h>
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include <unistd.h>
+
+#include "interface.h"
+#include "addrtoname.h"
+#include "llc.h"
+
+/* Forwards */
+static RETSIGTYPE nohostname(int);
+
+/*
+ * hash tables for whatever-to-name translations
+ */
+
+#define HASHNAMESIZE 4096
+
+struct hnamemem {
+	u_int32_t addr;
+	char *name;
+	struct hnamemem *nxt;
+};
+
+struct hnamemem hnametable[HASHNAMESIZE];
+struct hnamemem tporttable[HASHNAMESIZE];
+struct hnamemem uporttable[HASHNAMESIZE];
+struct hnamemem eprototable[HASHNAMESIZE];
+struct hnamemem dnaddrtable[HASHNAMESIZE];
+struct hnamemem llcsaptable[HASHNAMESIZE];
+
+struct enamemem {
+	u_short e_addr0;
+	u_short e_addr1;
+	u_short e_addr2;
+	char *e_name;
+	u_char *e_nsap;			/* used only for nsaptable[] */
+	struct enamemem *e_nxt;
+};
+
+struct enamemem enametable[HASHNAMESIZE];
+struct enamemem nsaptable[HASHNAMESIZE];
+
+struct protoidmem {
+	u_int32_t p_oui;
+	u_short p_proto;
+	char *p_name;
+	struct protoidmem *p_nxt;
+};
+
+struct protoidmem protoidtable[HASHNAMESIZE];
+
+/*
+ * A faster replacement for inet_ntoa().
+ */
+char *
+intoa(u_int32_t addr)
+{
+	register char *cp;
+	register u_int byte;
+	register int n;
+	static char buf[sizeof(".xxx.xxx.xxx.xxx")];
+
+	NTOHL(addr);
+	cp = &buf[sizeof buf];
+	*--cp = '\0';
+
+	n = 4;
+	do {
+		byte = addr & 0xff;
+		*--cp = byte % 10 + '0';
+		byte /= 10;
+		if (byte > 0) {
+			*--cp = byte % 10 + '0';
+			byte /= 10;
+			if (byte > 0)
+				*--cp = byte + '0';
+		}
+		*--cp = '.';
+		addr >>= 8;
+	} while (--n > 0);
+
+	return cp + 1;
+}
+
+static u_int32_t f_netmask;
+static u_int32_t f_localnet;
+static u_int32_t netmask;
+
+/*
+ * "getname" is written in this atrocious way to make sure we don't
+ * wait forever while trying to get hostnames from yp.
+ */
+#include <setjmp.h>
+
+jmp_buf getname_env;
+
+static RETSIGTYPE
+nohostname(int signo)
+{
+	longjmp(getname_env, 1);
+}
+
+/*
+ * Return a name for the IP address pointed to by ap.  This address
+ * is assumed to be in network byte order.
+ */
+char *
+getname(const u_char *ap)
+{
+	register struct hostent *hp;
+	u_int32_t addr;
+	static struct hnamemem *p;		/* static for longjmp() */
+
+#ifndef LBL_ALIGN
+	addr = *(const u_int32_t *)ap;
+#else
+	/*
+	 * Deal with alignment.
+	 */
+	switch ((long)ap & 3) {
+
+	case 0:
+		addr = *(u_int32_t *)ap;
+		break;
+
+	case 2:
+#if BYTE_ORDER == LITTLE_ENDIAN
+		addr = ((u_int32_t)*(u_short *)(ap + 2) << 16) |
+			(u_int32_t)*(u_short *)ap;
+#else
+		addr = ((u_int32_t)*(u_short *)ap << 16) |
+			(u_int32_t)*(u_short *)(ap + 2);
+#endif
+		break;
+
+	default:
+#if BYTE_ORDER == LITTLE_ENDIAN
+		addr = ((u_int32_t)ap[3] << 24) |
+			((u_int32_t)ap[2] << 16) |
+			((u_int32_t)ap[1] << 8) |
+			(u_int32_t)ap[0];
+#else
+		addr = ((u_int32_t)ap[0] << 24) |
+			((u_int32_t)ap[1] << 16) |
+			((u_int32_t)ap[2] << 8) |
+			(u_int32_t)ap[3];
+#endif
+		break;
+	}
+#endif
+	p = &hnametable[addr & (HASHNAMESIZE-1)];
+	for (; p->nxt; p = p->nxt) {
+		if (p->addr == addr)
+			return (p->name);
+	}
+	p->addr = addr;
+	p->nxt = newhnamemem();
+
+	/*
+	 * Only print names when:
+	 *	(1) -n was not given.
+	 *	(2) Address is foreign and -f was given.  If -f was not
+	 *	    present, f_netmask and f_local are 0 and the second
+	 *	    test will succeed.
+	 *	(3) The host portion is not 0 (i.e., a network address).
+	 *	(4) The host portion is not broadcast.
+	 */
+	if (!nflag && (addr & f_netmask) == f_localnet
+	    && (addr &~ netmask) != 0 && (addr | netmask) != 0xffffffff) {
+		if (!setjmp(getname_env)) {
+			(void)signal(SIGALRM, nohostname);
+			(void)alarm(20);
+			hp = gethostbyaddr((char *)&addr, 4, AF_INET);
+			(void)alarm(0);
+			if (hp) {
+				char *dotp;
+
+				p->name = savestr(hp->h_name);
+				if (Nflag) {
+					/* Remove domain qualifications */
+					dotp = strchr(p->name, '.');
+					if (dotp)
+						*dotp = '\0';
+				}
+				return (p->name);
+			}
+		}
+	}
+	p->name = savestr(intoa(addr));
+	return (p->name);
+}
+
+static char hex[] = "0123456789abcdef";
+
+
+/* Find the hash node that corresponds the ether address 'ep' */
+
+static inline struct enamemem *
+lookup_emem(const u_char *ep)
+{
+	register u_int i, j, k;
+	struct enamemem *tp;
+
+	k = (ep[0] << 8) | ep[1];
+	j = (ep[2] << 8) | ep[3];
+	i = (ep[4] << 8) | ep[5];
+
+	tp = &enametable[(i ^ j) & (HASHNAMESIZE-1)];
+	while (tp->e_nxt)
+		if (tp->e_addr0 == i &&
+		    tp->e_addr1 == j &&
+		    tp->e_addr2 == k)
+			return tp;
+		else
+			tp = tp->e_nxt;
+	tp->e_addr0 = i;
+	tp->e_addr1 = j;
+	tp->e_addr2 = k;
+	tp->e_nxt = (struct enamemem *)calloc(1, sizeof(*tp));
+	if (tp->e_nxt == NULL)
+		error("lookup_emem: calloc");
+
+	return tp;
+}
+
+/* Find the hash node that corresponds the NSAP 'nsap' */
+
+static inline struct enamemem *
+lookup_nsap(register const u_char *nsap)
+{
+	register u_int i, j, k;
+	int nlen = *nsap;
+	struct enamemem *tp;
+	const u_char *ensap = nsap + nlen - 6;
+
+	if (nlen > 6) {
+		k = (ensap[0] << 8) | ensap[1];
+		j = (ensap[2] << 8) | ensap[3];
+		i = (ensap[4] << 8) | ensap[5];
+	}
+	else
+		i = j = k = 0;
+
+	tp = &nsaptable[(i ^ j) & (HASHNAMESIZE-1)];
+	while (tp->e_nxt)
+		if (tp->e_addr0 == i &&
+		    tp->e_addr1 == j &&
+		    tp->e_addr2 == k &&
+		    tp->e_nsap[0] == nlen &&
+		    memcmp((char *)&(nsap[1]),
+			(char *)&(tp->e_nsap[1]), nlen) == 0)
+			return tp;
+		else
+			tp = tp->e_nxt;
+	tp->e_addr0 = i;
+	tp->e_addr1 = j;
+	tp->e_addr2 = k;
+	tp->e_nsap = (u_char *)malloc(nlen + 1);
+	if (tp->e_nsap == NULL)
+		error("lookup_nsap: malloc");
+	memcpy(tp->e_nsap, nsap, nlen + 1);
+	tp->e_nxt = (struct enamemem *)calloc(1, sizeof(*tp));
+	if (tp->e_nxt == NULL)
+		error("lookup_nsap: calloc");
+
+	return tp;
+}
+
+/* Find the hash node that corresponds the protoid 'pi'. */
+
+static inline struct protoidmem *
+lookup_protoid(const u_char *pi)
+{
+	register u_int i, j;
+	struct protoidmem *tp;
+
+	/* 5 octets won't be aligned */
+	i = (((pi[0] << 8) + pi[1]) << 8) + pi[2];
+	j =   (pi[3] << 8) + pi[4];
+	/* XXX should be endian-insensitive, but do big-endian testing  XXX */
+
+	tp = &protoidtable[(i ^ j) & (HASHNAMESIZE-1)];
+	while (tp->p_nxt)
+		if (tp->p_oui == i && tp->p_proto == j)
+			return tp;
+		else
+			tp = tp->p_nxt;
+	tp->p_oui = i;
+	tp->p_proto = j;
+	tp->p_nxt = (struct protoidmem *)calloc(1, sizeof(*tp));
+	if (tp->p_nxt == NULL)
+		error("lookup_protoid: calloc");
+
+	return tp;
+}
+
+char *
+etheraddr_string(register const u_char *ep)
+{
+	register u_int i, j;
+	register char *cp;
+	register struct enamemem *tp;
+	char buf[sizeof("00:00:00:00:00:00")];
+
+	tp = lookup_emem(ep);
+	if (tp->e_name)
+		return (tp->e_name);
+#ifdef HAVE_ETHER_NTOHOST
+	if (!nflag) {
+		char buf[128];
+		if (ether_ntohost(buf, (struct ether_addr *)ep) == 0) {
+			tp->e_name = savestr(buf);
+			return (tp->e_name);
+		}
+	}
+#endif
+	cp = buf;
+	if ((j = *ep >> 4) != 0)
+		*cp++ = hex[j];
+	*cp++ = hex[*ep++ & 0xf];
+	for (i = 5; (int)--i >= 0;) {
+		*cp++ = ':';
+		if ((j = *ep >> 4) != 0)
+			*cp++ = hex[j];
+		*cp++ = hex[*ep++ & 0xf];
+	}
+	*cp = '\0';
+	tp->e_name = savestr(buf);
+	return (tp->e_name);
+}
+
+char *
+etherproto_string(u_short port)
+{
+	register char *cp;
+	register struct hnamemem *tp;
+	register u_int32_t i = port;
+	char buf[sizeof("0000")];
+
+	for (tp = &eprototable[i & (HASHNAMESIZE-1)]; tp->nxt; tp = tp->nxt)
+		if (tp->addr == i)
+			return (tp->name);
+
+	tp->addr = i;
+	tp->nxt = newhnamemem();
+
+	cp = buf;
+	NTOHS(port);
+	*cp++ = hex[port >> 12 & 0xf];
+	*cp++ = hex[port >> 8 & 0xf];
+	*cp++ = hex[port >> 4 & 0xf];
+	*cp++ = hex[port & 0xf];
+	*cp++ = '\0';
+	tp->name = savestr(buf);
+	return (tp->name);
+}
+
+char *
+protoid_string(register const u_char *pi)
+{
+	register u_int i, j;
+	register char *cp;
+	register struct protoidmem *tp;
+	char buf[sizeof("00:00:00:00:00")];
+
+	tp = lookup_protoid(pi);
+	if (tp->p_name)
+		return tp->p_name;
+
+	cp = buf;
+	if ((j = *pi >> 4) != 0)
+		*cp++ = hex[j];
+	*cp++ = hex[*pi++ & 0xf];
+	for (i = 4; (int)--i >= 0;) {
+		*cp++ = ':';
+		if ((j = *pi >> 4) != 0)
+			*cp++ = hex[j];
+		*cp++ = hex[*pi++ & 0xf];
+	}
+	*cp = '\0';
+	tp->p_name = savestr(buf);
+	return (tp->p_name);
+}
+
+char *
+llcsap_string(u_char sap)
+{
+	register char *cp;
+	register struct hnamemem *tp;
+	register u_int32_t i = sap;
+	char buf[sizeof("sap 00")];
+
+	for (tp = &llcsaptable[i & (HASHNAMESIZE-1)]; tp->nxt; tp = tp->nxt)
+		if (tp->addr == i)
+			return (tp->name);
+
+	tp->addr = i;
+	tp->nxt = newhnamemem();
+
+	cp = buf;
+	(void)strcpy(cp, "sap ");
+	cp += strlen(cp);
+	*cp++ = hex[sap >> 4 & 0xf];
+	*cp++ = hex[sap & 0xf];
+	*cp++ = '\0';
+	tp->name = savestr(buf);
+	return (tp->name);
+}
+
+char *
+isonsap_string(const u_char *nsap)
+{
+	register u_int i, nlen = nsap[0];
+	register char *cp;
+	register struct enamemem *tp;
+
+	tp = lookup_nsap(nsap);
+	if (tp->e_name)
+		return tp->e_name;
+
+	tp->e_name = cp = (char *)malloc(nlen * 2 + 2);
+	if (cp == NULL)
+		error("isonsap_string: malloc");
+
+	nsap++;
+	*cp++ = '/';
+	for (i = nlen; (int)--i >= 0;) {
+		*cp++ = hex[*nsap >> 4];
+		*cp++ = hex[*nsap++ & 0xf];
+	}
+	*cp = '\0';
+	return (tp->e_name);
+}
+
+char *
+tcpport_string(u_short port)
+{
+	register struct hnamemem *tp;
+	register u_int32_t i = port;
+	char buf[sizeof("00000")];
+
+	for (tp = &tporttable[i & (HASHNAMESIZE-1)]; tp->nxt; tp = tp->nxt)
+		if (tp->addr == i)
+			return (tp->name);
+
+	tp->addr = i;
+	tp->nxt = newhnamemem();
+
+	(void)sprintf(buf, "%u", i);
+	tp->name = savestr(buf);
+	return (tp->name);
+}
+
+char *
+udpport_string(register u_short port)
+{
+	register struct hnamemem *tp;
+	register u_int32_t i = port;
+	char buf[sizeof("00000")];
+
+	for (tp = &uporttable[i & (HASHNAMESIZE-1)]; tp->nxt; tp = tp->nxt)
+		if (tp->addr == i)
+			return (tp->name);
+
+	tp->addr = i;
+	tp->nxt = newhnamemem();
+
+	(void)sprintf(buf, "%u", i);
+	tp->name = savestr(buf);
+	return (tp->name);
+}
+
+static void
+init_servarray(void)
+{
+	struct servent *sv;
+	register struct hnamemem *table;
+	register int i;
+	char buf[sizeof("0000000000")];
+
+	while ((sv = getservent()) != NULL) {
+		int port = ntohs(sv->s_port);
+		i = port & (HASHNAMESIZE-1);
+		if (strcmp(sv->s_proto, "tcp") == 0)
+			table = &tporttable[i];
+		else if (strcmp(sv->s_proto, "udp") == 0)
+			table = &uporttable[i];
+		else
+			continue;
+
+		while (table->name)
+			table = table->nxt;
+		if (nflag) {
+			(void)sprintf(buf, "%d", port);
+			table->name = savestr(buf);
+		} else
+			table->name = savestr(sv->s_name);
+		table->addr = port;
+		table->nxt = newhnamemem();
+	}
+	endservent();
+}
+
+/*XXX from libbpfc.a */
+extern struct eproto {
+	char *s;
+	u_short p;
+} eproto_db[];
+
+static void
+init_eprotoarray(void)
+{
+	register int i;
+	register struct hnamemem *table;
+
+	for (i = 0; eproto_db[i].s; i++) {
+		int j = ntohs(eproto_db[i].p) & (HASHNAMESIZE-1);
+		table = &eprototable[j];
+		while (table->name)
+			table = table->nxt;
+		table->name = eproto_db[i].s;
+		table->addr = ntohs(eproto_db[i].p);
+		table->nxt = newhnamemem();
+	}
+}
+
+/*
+ * SNAP proto IDs with org code 0:0:0 are actually encapsulated Ethernet
+ * types.
+ */
+static void
+init_protoidarray(void)
+{
+	register int i;
+	register struct protoidmem *tp;
+	u_char protoid[5];
+
+	protoid[0] = 0;
+	protoid[1] = 0;
+	protoid[2] = 0;
+	for (i = 0; eproto_db[i].s; i++) {
+		u_short etype = htons(eproto_db[i].p);
+
+		memcpy((char *)&protoid[3], (char *)&etype, 2);
+		tp = lookup_protoid(protoid);
+		tp->p_name = savestr(eproto_db[i].s);
+	}
+}
+
+static struct etherlist {
+	u_char addr[6];
+	char *name;
+} etherlist[] = {
+	{{ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff }, "Broadcast" },
+	{{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, NULL }
+};
+
+/*
+ * Initialize the ethers hash table.  We take two different approaches
+ * depending on whether or not the system provides the ethers name
+ * service.  If it does, we just wire in a few names at startup,
+ * and etheraddr_string() fills in the table on demand.  If it doesn't,
+ * then we suck in the entire /etc/ethers file at startup.  The idea
+ * is that parsing the local file will be fast, but spinning through
+ * all the ethers entries via NIS & next_etherent might be very slow.
+ *
+ * XXX pcap_next_etherent doesn't belong in the pcap interface, but
+ * since the pcap module already does name-to-address translation,
+ * it's already does most of the work for the ethernet address-to-name
+ * translation, so we just pcap_next_etherent as a convenience.
+ */
+static void
+init_etherarray(void)
+{
+	register struct etherlist *el;
+	register struct enamemem *tp;
+#ifdef HAVE_ETHER_NTOHOST
+	char name[256];
+#else
+	register struct pcap_etherent *ep;
+	register FILE *fp;
+
+	/* Suck in entire ethers file */
+	fp = fopen(PCAP_ETHERS_FILE, "r");
+	if (fp != NULL) {
+		while ((ep = pcap_next_etherent(fp)) != NULL) {
+			tp = lookup_emem(ep->addr);
+			tp->e_name = savestr(ep->name);
+		}
+		(void)fclose(fp);
+	}
+#endif
+
+	/* Hardwire some ethernet names */
+	for (el = etherlist; el->name != NULL; ++el) {
+		tp = lookup_emem(el->addr);
+		/* Don't override existing name */
+		if (tp->e_name != NULL)
+			continue;
+
+#ifdef HAVE_ETHER_NTOHOST
+                /* Use yp/nis version of name if available */
+                if (ether_ntohost(name, (struct ether_addr *)el->addr) == 0) {
+                        tp->e_name = savestr(name);
+			continue;
+		}
+#endif
+		tp->e_name = el->name;
+	}
+}
+
+static struct tok llcsap_db[] = {
+	{ LLCSAP_NULL,		"null" },
+	{ LLCSAP_8021B_I,	"802.1b-gsap" },
+	{ LLCSAP_8021B_G,	"802.1b-isap" },
+	{ LLCSAP_IP,		"ip-sap" },
+	{ LLCSAP_PROWAYNM,	"proway-nm" },
+	{ LLCSAP_8021D,		"802.1d" },
+	{ LLCSAP_RS511,		"eia-rs511" },
+	{ LLCSAP_ISO8208,	"x.25/llc2" },
+	{ LLCSAP_PROWAY,	"proway" },
+	{ LLCSAP_ISONS,		"iso-clns" },
+	{ LLCSAP_GLOBAL,	"global" },
+	{ 0,			NULL }
+};
+
+static void
+init_llcsaparray(void)
+{
+	register int i;
+	register struct hnamemem *table;
+
+	for (i = 0; llcsap_db[i].s != NULL; i++) {
+		table = &llcsaptable[llcsap_db[i].v];
+		while (table->name)
+			table = table->nxt;
+		table->name = llcsap_db[i].s;
+		table->addr = llcsap_db[i].v;
+		table->nxt = newhnamemem();
+	}
+}
+
+/*
+ * Initialize the address to name translation machinery.  We map all
+ * non-local IP addresses to numeric addresses if fflag is true (i.e.,
+ * to prevent blocking on the nameserver).  localnet is the IP address
+ * of the local network.  mask is its subnet mask.
+ */
+void
+init_addrtoname(int fflag, u_int32_t localnet, u_int32_t mask)
+{
+	netmask = mask;
+	if (fflag) {
+		f_localnet = localnet;
+		f_netmask = mask;
+	}
+	if (nflag)
+		/*
+		 * Simplest way to suppress names.
+		 */
+		return;
+
+	init_etherarray();
+	init_servarray();
+	init_eprotoarray();
+	init_llcsaparray();
+	init_protoidarray();
+}
+
+char *
+dnaddr_string(u_short dnaddr)
+{
+	register struct hnamemem *tp;
+
+	for (tp = &dnaddrtable[dnaddr & (HASHNAMESIZE-1)]; tp->nxt != 0;
+	     tp = tp->nxt)
+		if (tp->addr == dnaddr)
+			return (tp->name);
+
+	tp->addr = dnaddr;
+	tp->nxt = newhnamemem();
+	if (nflag)
+		tp->name = dnnum_string(dnaddr);
+	else
+		tp->name = dnname_string(dnaddr);
+
+	return(tp->name);
+}
+
+/* Return a zero'ed hnamemem struct and cuts down on calloc() overhead */
+struct hnamemem *
+newhnamemem()
+{
+	register struct hnamemem *p;
+	static struct hnamemem *ptr = NULL;
+	static u_int num = 0;
+
+	if (num  <= 0) {
+		num = 64;
+		ptr = (struct hnamemem *)calloc(num, sizeof (*ptr));
+		if (ptr == NULL)
+			error("newhnamemem: calloc");
+	}
+	--num;
+	p = ptr++;
+	return (p);
+}
diff --git a/contrib/tcpdump/addrtoname.h b/contrib/tcpdump/addrtoname.h
new file mode 100644
index 000000000000..1754ee030216
--- /dev/null
+++ b/contrib/tcpdump/addrtoname.h
@@ -0,0 +1,36 @@
+/*
+ * Copyright (c) 1990, 1992, 1993, 1994, 1995
+ *	The Regents of the University of California.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that: (1) source code distributions
+ * retain the above copyright notice and this paragraph in its entirety, (2)
+ * distributions including binary code include the above copyright notice and
+ * this paragraph in its entirety in the documentation or other materials
+ * provided with the distribution, and (3) all advertising materials mentioning
+ * features or use of this software display the following acknowledgement:
+ * ``This product includes software developed by the University of California,
+ * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
+ * the University nor the names of its contributors may be used to endorse
+ * or promote products derived from this software without specific prior
+ * written permission.
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
+ *
+ * @(#) $Header: addrtoname.h,v 1.13 95/05/04 17:52:44 mccanne Exp $ (LBL)
+ */
+
+/* Name to address translation routines. */
+
+extern char *etheraddr_string(const u_char *);
+extern char *etherproto_string(u_short);
+extern char *tcpport_string(u_short);
+extern char *udpport_string(u_short);
+extern char *getname(const u_char *);
+extern char *intoa(u_int32_t);
+
+extern void init_addrtoname(int, u_int32_t, u_int32_t);
+extern struct hnamemem *newhnamemem(void);
+
+#define ipaddr_string(p) getname((const u_char *)(p))
diff --git a/contrib/tcpdump/appletalk.h b/contrib/tcpdump/appletalk.h
new file mode 100644
index 000000000000..4f690f9a2465
--- /dev/null
+++ b/contrib/tcpdump/appletalk.h
@@ -0,0 +1,167 @@
+/*
+ * Copyright (c) 1988, 1989, 1990, 1993, 1994, 1995, 1996
+ *	The Regents of the University of California.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that: (1) source code distributions
+ * retain the above copyright notice and this paragraph in its entirety, (2)
+ * distributions including binary code include the above copyright notice and
+ * this paragraph in its entirety in the documentation or other materials
+ * provided with the distribution, and (3) all advertising materials mentioning
+ * features or use of this software display the following acknowledgement:
+ * ``This product includes software developed by the University of California,
+ * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
+ * the University nor the names of its contributors may be used to endorse
+ * or promote products derived from this software without specific prior
+ * written permission.
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
+ *
+ * AppleTalk protocol formats (courtesy Bill Croft of Stanford/SUMEX).
+ *
+ * @(#) $Header: appletalk.h,v 1.12 96/06/03 02:54:24 leres Exp $ (LBL)
+ */
+
+struct LAP {
+	u_char	dst;
+	u_char	src;
+	u_char	type;
+};
+#define lapShortDDP	1	/* short DDP type */
+#define lapDDP		2	/* DDP type */
+#define lapKLAP		'K'	/* Kinetics KLAP type */
+
+/* Datagram Delivery Protocol */
+
+struct atDDP {
+	u_short	length;
+	u_short	checksum;
+	u_short	dstNet;
+	u_short	srcNet;
+	u_char	dstNode;
+	u_char	srcNode;
+	u_char	dstSkt;
+	u_char	srcSkt;
+	u_char	type;
+};
+
+struct atShortDDP {
+	u_short	length;
+	u_char	dstSkt;
+	u_char	srcSkt;
+	u_char	type;
+};
+
+#define	ddpMaxWKS	0x7F
+#define	ddpMaxData	586
+#define	ddpLengthMask	0x3FF
+#define	ddpHopShift	10
+#define	ddpSize		13	/* size of DDP header (avoid struct padding) */
+#define	ddpSSize	5
+#define	ddpWKS		128	/* boundary of DDP well known sockets */
+#define	ddpRTMP		1	/* RTMP type */
+#define	ddpRTMPrequest	5	/* RTMP request type */
+#define	ddpNBP		2	/* NBP type */
+#define	ddpATP		3	/* ATP type */
+#define	ddpECHO		4	/* ECHO type */
+#define	ddpIP		22	/* IP type */
+#define	ddpARP		23	/* ARP type */
+#define	ddpKLAP		0x4b	/* Kinetics KLAP type */
+
+
+/* AppleTalk Transaction Protocol */
+
+struct atATP {
+	u_char	control;
+	u_char	bitmap;
+	u_short	transID;
+	int32_t userData;
+};
+
+#define	atpReqCode	0x40
+#define	atpRspCode	0x80
+#define	atpRelCode	0xC0
+#define	atpXO		0x20
+#define	atpEOM		0x10
+#define	atpSTS		0x08
+#define	atpFlagMask	0x3F
+#define	atpControlMask	0xF8
+#define	atpMaxNum	8
+#define	atpMaxData	578
+
+
+/* AppleTalk Echo Protocol */
+
+struct atEcho {
+	u_char	echoFunction;
+	u_char	*echoData;
+};
+
+#define echoSkt		4		/* the echoer socket */
+#define echoSize	1		/* size of echo header */
+#define echoRequest	1		/* echo request */
+#define echoReply	2		/* echo request */
+
+
+/* Name Binding Protocol */
+
+struct atNBP {
+	u_char	control;
+	u_char	id;
+};
+
+struct atNBPtuple {
+	u_short	net;
+	u_char	node;
+	u_char	skt;
+	u_char	enumerator;
+};
+
+#define	nbpBrRq		0x10
+#define	nbpLkUp		0x20
+#define	nbpLkUpReply	0x30
+
+#define	nbpNIS		2
+#define	nbpTupleMax	15
+
+#define	nbpHeaderSize	2
+#define nbpTupleSize	5
+
+#define nbpSkt		2		/* NIS */
+
+
+/* Routing Table Maint. Protocol */
+
+#define	rtmpSkt		1	/* number of RTMP socket */
+#define	rtmpSize	4	/* minimum size */
+#define	rtmpTupleSize	3
+
+
+/* Zone Information Protocol */
+
+struct zipHeader {
+	u_char	command;
+	u_char	netcount;
+};
+
+#define	zipHeaderSize	2
+#define	zipQuery	1
+#define	zipReply	2
+#define	zipTakedown	3
+#define	zipBringup	4
+#define	ddpZIP		6
+#define	zipSkt		6
+#define	GetMyZone	7
+#define	GetZoneList	8
+
+/*
+ * UDP port range used for ddp-in-udp encapsulation is 16512-16639
+ * for client sockets (128-255) and 200-327 for server sockets
+ * (0-127).  We also try to recognize the pre-April 88 server
+ * socket range of 768-895.
+ */
+#define atalk_port(p) \
+	(((unsigned)((p) - 16512) < 128) || \
+	 ((unsigned)((p) - 200) < 128) || \
+	 ((unsigned)((p) - 768) < 128))
diff --git a/contrib/tcpdump/atime.awk b/contrib/tcpdump/atime.awk
new file mode 100644
index 000000000000..b42dec240186
--- /dev/null
+++ b/contrib/tcpdump/atime.awk
@@ -0,0 +1,18 @@
+$6 ~ /^ack/ && $5 !~ /[SFR]/ 	{
+	# given a tcpdump ftp trace, output one line for each ack
+	# in the form
+	#   <ack time> <seq no>
+	# where <ack time> is the time packet was acked (in seconds with
+	# zero at time of first packet) and <seq no> is the tcp sequence
+	# number of the ack divided by 1024 (i.e., Kbytes acked).
+	#
+	# convert time to seconds
+	n = split ($1,t,":")
+	tim = t[1]*3600 + t[2]*60 + t[3]
+	if (! tzero) {
+		tzero = tim
+		OFS = "\t"
+	}
+	# get packet sequence number
+	printf "%7.2f\t%g\n", tim-tzero, $7/1024
+	}
diff --git a/contrib/tcpdump/bootp.h b/contrib/tcpdump/bootp.h
new file mode 100644
index 000000000000..bb872c23786f
--- /dev/null
+++ b/contrib/tcpdump/bootp.h
@@ -0,0 +1,109 @@
+/* @(#) $Header: bootp.h,v 1.7 95/05/04 17:52:46 mccanne Exp $ (LBL) */
+/*
+ * Bootstrap Protocol (BOOTP).  RFC951 and RFC1048.
+ *
+ * This file specifies the "implementation-independent" BOOTP protocol
+ * information which is common to both client and server.
+ *
+ * Copyright 1988 by Carnegie Mellon.
+ *
+ * Permission to use, copy, modify, and distribute this program for any
+ * purpose and without fee is hereby granted, provided that this copyright
+ * and permission notice appear on all copies and supporting documentation,
+ * the name of Carnegie Mellon not be used in advertising or publicity
+ * pertaining to distribution of the program without specific prior
+ * permission, and notice be given in supporting documentation that copying
+ * and distribution is by permission of Carnegie Mellon and Stanford
+ * University.  Carnegie Mellon makes no representations about the
+ * suitability of this software for any purpose.  It is provided "as is"
+ * without express or implied warranty.
+ */
+
+
+struct bootp {
+	unsigned char	bp_op;		/* packet opcode type */
+	unsigned char	bp_htype;	/* hardware addr type */
+	unsigned char	bp_hlen;	/* hardware addr length */
+	unsigned char	bp_hops;	/* gateway hops */
+	u_int32_t	bp_xid;		/* transaction ID */
+	unsigned short	bp_secs;	/* seconds since boot began */
+	unsigned short	bp_unused;
+	struct in_addr	bp_ciaddr;	/* client IP address */
+	struct in_addr	bp_yiaddr;	/* 'your' IP address */
+	struct in_addr	bp_siaddr;	/* server IP address */
+	struct in_addr	bp_giaddr;	/* gateway IP address */
+	unsigned char	bp_chaddr[16];	/* client hardware address */
+	unsigned char	bp_sname[64];	/* server host name */
+	unsigned char	bp_file[128];	/* boot file name */
+	unsigned char	bp_vend[64];	/* vendor-specific area */
+};
+
+/*
+ * UDP port numbers, server and client.
+ */
+#define	IPPORT_BOOTPS		67
+#define	IPPORT_BOOTPC		68
+
+#define BOOTREPLY		2
+#define BOOTREQUEST		1
+
+
+/*
+ * Vendor magic cookie (v_magic) for CMU
+ */
+#define VM_CMU		"CMU"
+
+/*
+ * Vendor magic cookie (v_magic) for RFC1048
+ */
+#define VM_RFC1048	{ 99, 130, 83, 99 }
+
+
+
+/*
+ * RFC1048 tag values used to specify what information is being supplied in
+ * the vendor field of the packet.
+ */
+
+#define TAG_PAD			((unsigned char)   0)
+#define TAG_SUBNET_MASK		((unsigned char)   1)
+#define TAG_TIME_OFFSET		((unsigned char)   2)
+#define TAG_GATEWAY		((unsigned char)   3)
+#define TAG_TIME_SERVER		((unsigned char)   4)
+#define TAG_NAME_SERVER		((unsigned char)   5)
+#define TAG_DOMAIN_SERVER	((unsigned char)   6)
+#define TAG_LOG_SERVER		((unsigned char)   7)
+#define TAG_COOKIE_SERVER	((unsigned char)   8)
+#define TAG_LPR_SERVER		((unsigned char)   9)
+#define TAG_IMPRESS_SERVER	((unsigned char)  10)
+#define TAG_RLP_SERVER		((unsigned char)  11)
+#define TAG_HOSTNAME		((unsigned char)  12)
+#define TAG_BOOTSIZE		((unsigned char)  13)
+#define TAG_END			((unsigned char) 255)
+/* RFC1497 tags */
+#define	TAG_DUMPPATH		((unsigned char)  14)
+#define	TAG_DOMAINNAME		((unsigned char)  15)
+#define	TAG_SWAP_SERVER		((unsigned char)  16)
+#define	TAG_ROOTPATH		((unsigned char)  17)
+#define	TAG_EXTPATH		((unsigned char)  18)
+
+
+
+/*
+ * "vendor" data permitted for CMU bootp clients.
+ */
+
+struct cmu_vend {
+	unsigned char	v_magic[4];	/* magic number */
+	u_int32_t	v_flags;	/* flags/opcodes, etc. */
+	struct in_addr	v_smask;	/* Subnet mask */
+	struct in_addr	v_dgate;	/* Default gateway */
+	struct in_addr	v_dns1, v_dns2; /* Domain name servers */
+	struct in_addr	v_ins1, v_ins2; /* IEN-116 name servers */
+	struct in_addr	v_ts1, v_ts2;	/* Time servers */
+	unsigned char	v_unused[24];	/* currently unused */
+};
+
+
+/* v_flags values */
+#define VF_SMASK	1	/* Subnet mask field contains valid data */
diff --git a/contrib/tcpdump/bpf_dump.c b/contrib/tcpdump/bpf_dump.c
new file mode 100644
index 000000000000..cc345cf25645
--- /dev/null
+++ b/contrib/tcpdump/bpf_dump.c
@@ -0,0 +1,65 @@
+/*
+ * Copyright (c) 1992, 1993, 1994, 1995
+ *	The Regents of the University of California.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that: (1) source code distributions
+ * retain the above copyright notice and this paragraph in its entirety, (2)
+ * distributions including binary code include the above copyright notice and
+ * this paragraph in its entirety in the documentation or other materials
+ * provided with the distribution, and (3) all advertising materials mentioning
+ * features or use of this software display the following acknowledgement:
+ * ``This product includes software developed by the University of California,
+ * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
+ * the University nor the names of its contributors may be used to endorse
+ * or promote products derived from this software without specific prior
+ * written permission.
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
+ */
+#ifndef lint
+static char rcsid[] =
+    "@(#) $Header: bpf_dump.c,v 1.8 95/10/19 20:28:00 leres Exp $ (LBL)";
+#endif
+
+#include <sys/types.h>
+#include <sys/time.h>
+
+#include <pcap.h>
+#include <stdio.h>
+
+#include "interface.h"
+
+extern void bpf_dump(struct bpf_program *, int);
+
+void
+bpf_dump(struct bpf_program *p, int option)
+{
+	struct bpf_insn *insn;
+	int i;
+	int n = p->bf_len;
+
+	insn = p->bf_insns;
+	if (option > 2) {
+		printf("%d\n", n);
+		for (i = 0; i < n; ++insn, ++i) {
+			printf("%u %u %u %u\n", insn->code,
+			       insn->jt, insn->jf, insn->k);
+		}
+		return ;
+	}
+	if (option > 1) {
+		for (i = 0; i < n; ++insn, ++i)
+			printf("{ 0x%x, %d, %d, 0x%08x },\n",
+			       insn->code, insn->jt, insn->jf, insn->k);
+		return;
+	}
+	for (i = 0; i < n; ++insn, ++i) {
+#ifdef BDEBUG
+		extern int bids[];
+		printf(bids[i] > 0 ? "[%02d]" : " -- ", bids[i] - 1);
+#endif
+		puts(bpf_image(insn, i));
+	}
+}
diff --git a/contrib/tcpdump/config.guess b/contrib/tcpdump/config.guess
new file mode 100755
index 000000000000..d8c24708afe6
--- /dev/null
+++ b/contrib/tcpdump/config.guess
@@ -0,0 +1,600 @@
+#! /bin/sh
+# Attempt to guess a canonical system name.
+#   Copyright (C) 1992, 93, 94, 95, 1996 Free Software Foundation, Inc.
+#
+# This file is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
+#
+# As a special exception to the GNU General Public License, if you
+# distribute this file as part of a program that contains a
+# configuration script generated by Autoconf, you may include it under
+# the same distribution terms that you use for the rest of that program.
+
+# Written by Per Bothner <bothner@cygnus.com>.
+# The master version of this file is at the FSF in /home/gd/gnu/lib.
+#
+# This script attempts to guess a canonical system name similar to
+# config.sub.  If it succeeds, it prints the system name on stdout, and
+# exits with 0.  Otherwise, it exits with 1.
+#
+# The plan is that this can be called by configure scripts if you
+# don't specify an explicit system type (host/target name).
+#
+# Only a few systems have been added to this list; please add others
+# (but try to keep the structure clean).
+#
+
+# This is needed to find uname on a Pyramid OSx when run in the BSD universe.
+# (ghazi@noc.rutgers.edu 8/24/94.)
+if (test -f /.attbin/uname) >/dev/null 2>&1 ; then
+	PATH=$PATH:/.attbin ; export PATH
+fi
+
+UNAME_MACHINE=`(uname -m) 2>/dev/null` || UNAME_MACHINE=unknown
+UNAME_RELEASE=`(uname -r) 2>/dev/null` || UNAME_RELEASE=unknown
+UNAME_SYSTEM=`(uname -s) 2>/dev/null` || UNAME_SYSTEM=unknown
+UNAME_VERSION=`(uname -v) 2>/dev/null` || UNAME_VERSION=unknown
+
+trap 'rm -f dummy.c dummy.o dummy; exit 1' 1 2 15
+
+# Note: order is significant - the case branches are not exclusive.
+
+case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in
+    alpha:OSF1:*:*)
+	# A Vn.n version is a released version.
+	# A Tn.n version is a released field test version.
+	# A Xn.n version is an unreleased experimental baselevel.
+	# 1.2 uses "1.2" for uname -r.
+	echo alpha-dec-osf`echo ${UNAME_RELEASE} | sed -e 's/^[VTX]//'`
+	exit 0 ;;
+    21064:Windows_NT:50:3)
+	echo alpha-dec-winnt3.5
+	exit 0 ;;
+    Amiga*:UNIX_System_V:4.0:*)
+	echo m68k-cbm-sysv4
+	exit 0;;
+    amiga:NetBSD:*:*)
+      echo m68k-cbm-netbsd${UNAME_RELEASE}
+      exit 0 ;;
+    arm:RISC*:1.[012]*:*|arm:riscix:1.[012]*:*)
+	echo arm-acorn-riscix${UNAME_RELEASE}
+	exit 0;;
+    Pyramid*:OSx*:*:*)
+	if test "`(/bin/universe) 2>/dev/null`" = att ; then
+		echo pyramid-pyramid-sysv3
+	else
+		echo pyramid-pyramid-bsd
+	fi
+	exit 0 ;;
+    sun4*:SunOS:5.*:*)
+	echo sparc-sun-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'`
+	exit 0 ;;
+    i86pc:SunOS:5.*:*)
+	echo i386-unknown-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'`
+	exit 0 ;;
+    sun4*:SunOS:6*:*)
+	# According to config.sub, this is the proper way to canonicalize
+	# SunOS6.  Hard to guess exactly what SunOS6 will be like, but
+	# it's likely to be more like Solaris than SunOS4.
+	echo sparc-sun-solaris3`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'`
+	exit 0 ;;
+    sun4*:SunOS:*:*)
+	case "`/usr/bin/arch -k`" in
+	    Series*|S4*)
+		UNAME_RELEASE=`uname -v`
+		;;
+	esac
+	# Japanese Language versions have a version number like `4.1.3-JL'.
+	echo sparc-sun-sunos`echo ${UNAME_RELEASE}|sed -e 's/-/_/'`
+	exit 0 ;;
+    sun3*:SunOS:*:*)
+	echo m68k-sun-sunos${UNAME_RELEASE}
+	exit 0 ;;
+    atari*:NetBSD:*:*)
+	echo m68k-atari-netbsd${UNAME_RELEASE}
+	exit 0 ;;
+    sun3*:NetBSD:*:*)
+	echo m68k-sun-netbsd${UNAME_RELEASE}
+	exit 0 ;;
+    mac68k:NetBSD:*:*)
+	echo m68k-apple-netbsd${UNAME_RELEASE}
+	exit 0 ;;
+    RISC*:ULTRIX:*:*)
+	echo mips-dec-ultrix${UNAME_RELEASE}
+	exit 0 ;;
+    VAX*:ULTRIX*:*:*)
+	echo vax-dec-ultrix${UNAME_RELEASE}
+	exit 0 ;;
+    mips:*:4*:UMIPS)
+	echo mips-mips-riscos4sysv
+	exit 0 ;;
+    mips:*:5*:RISCos)
+	echo mips-mips-riscos${UNAME_RELEASE}
+	exit 0 ;;
+    Night_Hawk:Power_UNIX:*:*)
+	echo powerpc-harris-powerunix
+	exit 0 ;;
+    m88k:CX/UX:7*:*)
+	echo m88k-harris-cxux7
+	exit 0 ;;
+    m88k:*:4*:R4*)
+	echo m88k-motorola-sysv4
+	exit 0 ;;
+    m88k:*:3*:R3*)
+	echo m88k-motorola-sysv3
+	exit 0 ;;
+    AViiON:dgux:*:*)
+        # DG/UX returns AViiON for all architectures
+        UNAME_PROCESSOR=`/usr/bin/uname -p`
+        if [ $UNAME_PROCESSOR = mc88100 -o $UNAME_PROCESSOR = mc88100 ] ; then
+	if [ ${TARGET_BINARY_INTERFACE}x = m88kdguxelfx \
+	     -o ${TARGET_BINARY_INTERFACE}x = x ] ; then
+		echo m88k-dg-dgux${UNAME_RELEASE}
+	else
+		echo m88k-dg-dguxbcs${UNAME_RELEASE}
+	fi
+        else echo i586-dg-dgux${UNAME_RELEASE}
+        fi
+ 	exit 0 ;;
+    M88*:DolphinOS:*:*)	# DolphinOS (SVR3)
+	echo m88k-dolphin-sysv3
+	exit 0 ;;
+    M88*:*:R3*:*)
+	# Delta 88k system running SVR3
+	echo m88k-motorola-sysv3
+	exit 0 ;;
+    XD88*:*:*:*) # Tektronix XD88 system running UTekV (SVR3)
+	echo m88k-tektronix-sysv3
+	exit 0 ;;
+    Tek43[0-9][0-9]:UTek:*:*) # Tektronix 4300 system running UTek (BSD)
+	echo m68k-tektronix-bsd
+	exit 0 ;;
+    *:IRIX*:*:*)
+	echo mips-sgi-irix`echo ${UNAME_RELEASE}|sed -e 's/-/_/g'`
+	exit 0 ;;
+   ????????:AIX?:[12].1:2)   # AIX 2.2.1 or AIX 2.1.1 is RT/PC AIX.
+	echo romp-ibm-aix      # uname -m gives an 8 hex-code CPU id
+	exit 0 ;;              # Note that: echo "'`uname -s`'" gives 'AIX '
+    i[34]86:AIX:*:*)
+	echo i386-ibm-aix
+	exit 0 ;;
+    *:AIX:2:3)
+	if grep bos325 /usr/include/stdio.h >/dev/null 2>&1; then
+		sed 's/^		//' << EOF >dummy.c
+		#include <sys/systemcfg.h>
+
+		main()
+			{
+			if (!__power_pc())
+				exit(1);
+			puts("powerpc-ibm-aix3.2.5");
+			exit(0);
+			}
+EOF
+		${CC-cc} dummy.c -o dummy && ./dummy && rm dummy.c dummy && exit 0
+		rm -f dummy.c dummy
+		echo rs6000-ibm-aix3.2.5
+	elif grep bos324 /usr/include/stdio.h >/dev/null 2>&1; then
+		echo rs6000-ibm-aix3.2.4
+	else
+		echo rs6000-ibm-aix3.2
+	fi
+	exit 0 ;;
+    *:AIX:*:4)
+	if /usr/sbin/lsattr -EHl proc0 | grep POWER >/dev/null 2>&1; then
+		IBM_ARCH=rs6000
+	else
+		IBM_ARCH=powerpc
+	fi
+	if [ -x /usr/bin/oslevel ] ; then
+		IBM_REV=`/usr/bin/oslevel`
+	else
+		IBM_REV=4.${UNAME_RELEASE}
+	fi
+	echo ${IBM_ARCH}-ibm-aix${IBM_REV}
+	exit 0 ;;
+    *:AIX:*:*)
+	echo rs6000-ibm-aix
+	exit 0 ;;
+    ibmrt:4.4BSD:*|romp-ibm:BSD:*)
+	echo romp-ibm-bsd4.4
+	exit 0 ;;
+    ibmrt:*BSD:*|romp-ibm:BSD:*)            # covers RT/PC NetBSD and
+	echo romp-ibm-bsd${UNAME_RELEASE}   # 4.3 with uname added to 
+	exit 0 ;;                           # report: romp-ibm BSD 4.3
+    *:BOSX:*:*)
+	echo rs6000-bull-bosx
+	exit 0 ;;
+    DPX/2?00:B.O.S.:*:*)
+	echo m68k-bull-sysv3
+	exit 0 ;;
+    9000/[34]??:4.3bsd:1.*:*)
+	echo m68k-hp-bsd
+	exit 0 ;;
+    hp300:4.4BSD:*:* | 9000/[34]??:4.3bsd:2.*:*)
+	echo m68k-hp-bsd4.4
+	exit 0 ;;
+    9000/[3478]??:HP-UX:*:*)
+	case "${UNAME_MACHINE}" in
+	    9000/31? )            HP_ARCH=m68000 ;;
+	    9000/[34]?? )         HP_ARCH=m68k ;;
+	    9000/7?? | 9000/8?[679] ) HP_ARCH=hppa1.1 ;;
+	    9000/8?? )            HP_ARCH=hppa1.0 ;;
+	esac
+	HPUX_REV=`echo ${UNAME_RELEASE}|sed -e 's/[^.]*.[0B]*//'`
+	echo ${HP_ARCH}-hp-hpux${HPUX_REV}
+	exit 0 ;;
+    3050*:HI-UX:*:*)
+	sed 's/^	//' << EOF >dummy.c
+	#include <unistd.h>
+	int
+	main ()
+	{
+	  long cpu = sysconf (_SC_CPU_VERSION);
+	  /* The order matters, because CPU_IS_HP_MC68K erroneously returns
+	     true for CPU_PA_RISC1_0.  CPU_IS_PA_RISC returns correct
+	     results, however.  */
+	  if (CPU_IS_PA_RISC (cpu))
+	    {
+	      switch (cpu)
+		{
+		  case CPU_PA_RISC1_0: puts ("hppa1.0-hitachi-hiuxwe2"); break;
+		  case CPU_PA_RISC1_1: puts ("hppa1.1-hitachi-hiuxwe2"); break;
+		  case CPU_PA_RISC2_0: puts ("hppa2.0-hitachi-hiuxwe2"); break;
+		  default: puts ("hppa-hitachi-hiuxwe2"); break;
+		}
+	    }
+	  else if (CPU_IS_HP_MC68K (cpu))
+	    puts ("m68k-hitachi-hiuxwe2");
+	  else puts ("unknown-hitachi-hiuxwe2");
+	  exit (0);
+	}
+EOF
+	${CC-cc} dummy.c -o dummy && ./dummy && rm dummy.c dummy && exit 0
+	rm -f dummy.c dummy
+	echo unknown-hitachi-hiuxwe2
+	exit 0 ;;
+    9000/7??:4.3bsd:*:* | 9000/8?[79]:4.3bsd:*:* )
+	echo hppa1.1-hp-bsd
+	exit 0 ;;
+    9000/8??:4.3bsd:*:*)
+	echo hppa1.0-hp-bsd
+	exit 0 ;;
+    hp7??:OSF1:*:* | hp8?[79]:OSF1:*:* )
+	echo hppa1.1-hp-osf
+	exit 0 ;;
+    hp8??:OSF1:*:*)
+	echo hppa1.0-hp-osf
+	exit 0 ;;
+    parisc*:Lites*:*:*)
+	echo hppa1.1-hp-lites
+	exit 0 ;;
+    C1*:ConvexOS:*:* | convex:ConvexOS:C1*:*)
+	echo c1-convex-bsd
+        exit 0 ;;
+    C2*:ConvexOS:*:* | convex:ConvexOS:C2*:*)
+	if getsysinfo -f scalar_acc
+	then echo c32-convex-bsd
+	else echo c2-convex-bsd
+	fi
+        exit 0 ;;
+    C34*:ConvexOS:*:* | convex:ConvexOS:C34*:*)
+	echo c34-convex-bsd
+        exit 0 ;;
+    C38*:ConvexOS:*:* | convex:ConvexOS:C38*:*)
+	echo c38-convex-bsd
+        exit 0 ;;
+    C4*:ConvexOS:*:* | convex:ConvexOS:C4*:*)
+	echo c4-convex-bsd
+        exit 0 ;;
+    CRAY*X-MP:*:*:*)
+	echo xmp-cray-unicos
+        exit 0 ;;
+    CRAY*Y-MP:*:*:*)
+	echo ymp-cray-unicos${UNAME_RELEASE}
+	exit 0 ;;
+    CRAY*C90:*:*:*)
+	echo c90-cray-unicos${UNAME_RELEASE}
+	exit 0 ;;
+    CRAY-2:*:*:*)
+	echo cray2-cray-unicos
+        exit 0 ;;
+    hp3[0-9][05]:NetBSD:*:*)
+	echo m68k-hp-netbsd${UNAME_RELEASE}
+	exit 0 ;;
+    i[34]86:BSD/386:*:* | *:BSD/OS:*:*)
+	echo ${UNAME_MACHINE}-unknown-bsdi${UNAME_RELEASE}
+	exit 0 ;;
+    *:FreeBSD:*:*)
+	echo ${UNAME_MACHINE}-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'`
+	exit 0 ;;
+    *:NetBSD:*:*)
+	echo ${UNAME_MACHINE}-unknown-netbsd`echo ${UNAME_RELEASE}|sed -e 's/[-_].*/\./'`
+	exit 0 ;;
+    i*:CYGWIN*:*)
+	echo i386-unknown-cygwin32
+	exit 0 ;;
+    p*:CYGWIN*:*)
+	echo powerpcle-unknown-cygwin32
+	exit 0 ;;
+    prep*:SunOS:5.*:*)
+	echo powerpcle-unknown-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'`
+	exit 0 ;;
+    *:GNU:*:*)
+	echo `echo ${UNAME_MACHINE}|sed -e 's,/.*$,,'`-unknown-gnu`echo ${UNAME_RELEASE}|sed -e 's,/.*$,,'`
+	exit 0 ;;
+    *:Linux:*:*)
+	# The BFD linker knows what the default object file format is, so
+	# first see if it will tell us.
+	ld_help_string=`ld --help 2>&1`
+	if echo "$ld_help_string" | grep >/dev/null 2>&1 "supported emulations: elf_i[345]86"; then
+	  echo "${UNAME_MACHINE}-unknown-linux" ; exit 0
+	elif echo "$ld_help_string" | grep >/dev/null 2>&1 "supported emulations: i[345]86linux"; then
+	  echo "${UNAME_MACHINE}-unknown-linuxaout" ; exit 0
+	elif echo "$ld_help_string" | grep >/dev/null 2>&1 "supported emulations: i[345]86coff"; then
+	  echo "${UNAME_MACHINE}-unknown-linuxcoff" ; exit 0
+	elif echo "$ld_help_string" | grep >/dev/null 2>&1 "supported emulations: m68kelf"; then
+	  echo "${UNAME_MACHINE}-unknown-linux" ; exit 0
+	elif echo "$ld_help_string" | grep >/dev/null 2>&1 "supported emulations: m68klinux"; then
+	  echo "${UNAME_MACHINE}-unknown-linuxaout" ; exit 0
+	elif test "${UNAME_MACHINE}" = "alpha" ; then
+	  echo alpha-unknown-linux ; exit 0
+	else
+	  # Either a pre-BFD a.out linker (linuxoldld) or one that does not give us
+	  # useful --help.  Gcc wants to distinguish between linuxoldld and linuxaout.
+	  test ! -d /usr/lib/ldscripts/. \
+	    && echo "${UNAME_MACHINE}-unknown-linuxoldld" && exit 0
+	  # Determine whether the default compiler is a.out or elf
+	  cat >dummy.c <<EOF
+main(argc, argv)
+int argc;
+char *argv[];
+{
+#ifdef __ELF__
+  printf ("%s-unknown-linux\n", argv[1]);
+#else
+  printf ("%s-unknown-linuxaout\n", argv[1]);
+#endif
+  return 0;
+}
+EOF
+	  ${CC-cc} dummy.c -o dummy 2>/dev/null && ./dummy "${UNAME_MACHINE}" && rm dummy.c dummy && exit 0
+	  rm -f dummy.c dummy
+	fi ;;
+# ptx 4.0 does uname -s correctly, with DYNIX/ptx in there.  earlier versions
+# are messed up and put the nodename in both sysname and nodename.
+    i[34]86:DYNIX/ptx:4*:*)
+	echo i386-sequent-sysv4
+	exit 0 ;;
+    i[34]86:*:4.*:* | i[34]86:SYSTEM_V:4.*:*)
+	if grep Novell /usr/include/link.h >/dev/null 2>/dev/null; then
+		echo ${UNAME_MACHINE}-univel-sysv${UNAME_RELEASE}
+	else
+		echo ${UNAME_MACHINE}-unknown-sysv${UNAME_RELEASE}
+	fi
+	exit 0 ;;
+    i[34]86:*:3.2:*)
+	if test -f /usr/options/cb.name; then
+		UNAME_REL=`sed -n 's/.*Version //p' </usr/options/cb.name`
+		echo ${UNAME_MACHINE}-unknown-isc$UNAME_REL
+	elif /bin/uname -X 2>/dev/null >/dev/null ; then
+		UNAME_REL=`(/bin/uname -X|egrep Release|sed -e 's/.*= //')`
+		(/bin/uname -X|egrep i80486 >/dev/null) && UNAME_MACHINE=i486
+		(/bin/uname -X|egrep '^Machine.*Pentium' >/dev/null) \
+			&& UNAME_MACHINE=i586
+		echo ${UNAME_MACHINE}-unknown-sco$UNAME_REL
+	else
+		echo ${UNAME_MACHINE}-unknown-sysv32
+	fi
+	exit 0 ;;
+    Intel:Mach:3*:*)
+	echo i386-unknown-mach3
+	exit 0 ;;
+    paragon:*:*:*)
+	echo i860-intel-osf1
+	exit 0 ;;
+    i860:*:4.*:*) # i860-SVR4
+	if grep Stardent /usr/include/sys/uadmin.h >/dev/null 2>&1 ; then
+	  echo i860-stardent-sysv${UNAME_RELEASE} # Stardent Vistra i860-SVR4
+	else # Add other i860-SVR4 vendors below as they are discovered.
+	  echo i860-unknown-sysv${UNAME_RELEASE}  # Unknown i860-SVR4
+	fi
+	exit 0 ;;
+    mini*:CTIX:SYS*5:*)
+	# "miniframe"
+	echo m68010-convergent-sysv
+	exit 0 ;;
+    M680[234]0:*:R3V[567]*:*)
+	test -r /sysV68 && echo 'm68k-motorola-sysv' && exit 0 ;;
+    3[34]??:*:4.0:3.0 | 3[34]??,*:*:4.0:3.0)
+        uname -p 2>/dev/null | grep 86 >/dev/null \
+          && echo i486-ncr-sysv4.3 && exit 0 ;;
+    3[34]??:*:4.0:* | 3[34]??,*:*:4.0:*)
+        uname -p 2>/dev/null | grep 86 >/dev/null \
+          && echo i486-ncr-sysv4 && exit 0 ;;
+    m680[234]0:LynxOS:2.[23]*:*)
+	echo m68k-lynx-lynxos${UNAME_RELEASE}
+	exit 0 ;;
+    mc68030:UNIX_System_V:4.*:*)
+	echo m68k-atari-sysv4
+	exit 0 ;;
+    i[34]86:LynxOS:2.[23]*:*)
+	echo i386-lynx-lynxos${UNAME_RELEASE}
+	exit 0 ;;
+    TSUNAMI:LynxOS:2.[23]*:*)
+	echo sparc-lynx-lynxos${UNAME_RELEASE}
+	exit 0 ;;
+    rs6000:LynxOS:2.[23]*:*)
+	echo rs6000-lynx-lynxos${UNAME_RELEASE}
+	exit 0 ;;
+    RM*:SINIX-*:*:*)
+	echo mips-sni-sysv4
+	exit 0 ;;
+    *:SINIX-*:*:*)
+	if uname -p 2>/dev/null >/dev/null ; then
+		UNAME_MACHINE=`(uname -p) 2>/dev/null`
+		echo ${UNAME_MACHINE}-sni-sysv4
+	else
+		echo ns32k-sni-sysv
+	fi
+	exit 0 ;;
+    mc68*:A/UX:*:*)
+	echo m68k-apple-aux${UNAME_RELEASE}
+	exit 0 ;;
+    R3000:*System_V*:*:*)
+	if [ -d /usr/nec ]; then
+	        echo mips-nec-sysv${UNAME_RELEASE}
+	else
+	        echo mips-unknown-sysv${UNAME_RELEASE}
+	fi
+        exit 0 ;;
+esac
+
+#echo '(No uname command or uname output not recognized.)' 1>&2
+#echo "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" 1>&2
+
+cat >dummy.c <<EOF
+#ifdef _SEQUENT_
+# include <sys/types.h>
+# include <sys/utsname.h>
+#endif
+main ()
+{
+#if defined (sony)
+#if defined (MIPSEB)
+  /* BFD wants "bsd" instead of "newsos".  Perhaps BFD should be changed,
+     I don't know....  */
+  printf ("mips-sony-bsd\n"); exit (0);
+#else
+#include <sys/param.h>
+  printf ("m68k-sony-newsos%s\n",
+#ifdef NEWSOS4
+          "4"
+#else
+	  ""
+#endif
+         ); exit (0);
+#endif
+#endif
+
+#if defined (__arm) && defined (__acorn) && defined (__unix)
+  printf ("arm-acorn-riscix"); exit (0);
+#endif
+
+#if defined (hp300) && !defined (hpux)
+  printf ("m68k-hp-bsd\n"); exit (0);
+#endif
+
+#if defined (NeXT)
+#if !defined (__ARCHITECTURE__)
+#define __ARCHITECTURE__ "m68k"
+#endif
+  int version;
+  version=`(hostinfo | sed -n 's/.*NeXT Mach \([0-9]*\).*/\1/p') 2>/dev/null`;
+  printf ("%s-next-nextstep%s\n", __ARCHITECTURE__,  version==2 ? "2" : "3");
+  exit (0);
+#endif
+
+#if defined (MULTIMAX) || defined (n16)
+#if defined (UMAXV)
+  printf ("ns32k-encore-sysv\n"); exit (0);
+#else
+#if defined (CMU)
+  printf ("ns32k-encore-mach\n"); exit (0);
+#else
+  printf ("ns32k-encore-bsd\n"); exit (0);
+#endif
+#endif
+#endif
+
+#if defined (__386BSD__)
+  printf ("i386-unknown-bsd\n"); exit (0);
+#endif
+
+#if defined (sequent)
+#if defined (i386)
+  printf ("i386-sequent-dynix\n"); exit (0);
+#endif
+#if defined (ns32000)
+  printf ("ns32k-sequent-dynix\n"); exit (0);
+#endif
+#endif
+
+#if defined (_SEQUENT_)
+    struct utsname un;
+
+    uname(&un);
+
+    if (strncmp(un.version, "V2", 2) == 0) {
+	printf ("i386-sequent-ptx2\n"); exit (0);
+    }
+    if (strncmp(un.version, "V1", 2) == 0) { /* XXX is V1 correct? */
+	printf ("i386-sequent-ptx1\n"); exit (0);
+    }
+    printf ("i386-sequent-ptx\n"); exit (0);
+
+#endif
+
+#if defined (vax)
+#if !defined (ultrix)
+  printf ("vax-dec-bsd\n"); exit (0);
+#else
+  printf ("vax-dec-ultrix\n"); exit (0);
+#endif
+#endif
+
+#if defined (alliant) && defined (i860)
+  printf ("i860-alliant-bsd\n"); exit (0);
+#endif
+
+  exit (1);
+}
+EOF
+
+${CC-cc} dummy.c -o dummy 2>/dev/null && ./dummy && rm dummy.c dummy && exit 0
+rm -f dummy.c dummy
+
+# Apollos put the system type in the environment.
+
+test -d /usr/apollo && { echo ${ISP}-apollo-${SYSTYPE}; exit 0; }
+
+# Convex versions that predate uname can use getsysinfo(1)
+
+if [ -x /usr/convex/getsysinfo ]
+then
+    case `getsysinfo -f cpu_type` in
+    c1*)
+	echo c1-convex-bsd
+	exit 0 ;;
+    c2*)
+	if getsysinfo -f scalar_acc
+	then echo c32-convex-bsd
+	else echo c2-convex-bsd
+	fi
+	exit 0 ;;
+    c34*)
+	echo c34-convex-bsd
+	exit 0 ;;
+    c38*)
+	echo c38-convex-bsd
+	exit 0 ;;
+    c4*)
+	echo c4-convex-bsd
+	exit 0 ;;
+    esac
+fi
+
+#echo '(Unable to guess system type)' 1>&2
+
+exit 1
diff --git a/contrib/tcpdump/config.sub b/contrib/tcpdump/config.sub
new file mode 100755
index 000000000000..e67a800b5150
--- /dev/null
+++ b/contrib/tcpdump/config.sub
@@ -0,0 +1,867 @@
+#! /bin/sh
+# Configuration validation subroutine script, version 1.1.
+#   Copyright (C) 1991, 1992, 1993, 1994, 1995 Free Software Foundation, Inc.
+# This file is (in principle) common to ALL GNU software.
+# The presence of a machine in this file suggests that SOME GNU software
+# can handle that machine.  It does not imply ALL GNU software can. 
+#
+# This file is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place - Suite 330,
+# Boston, MA 02111-1307, USA.
+
+# As a special exception to the GNU General Public License, if you
+# distribute this file as part of a program that contains a
+# configuration script generated by Autoconf, you may include it under
+# the same distribution terms that you use for the rest of that program.
+
+# Configuration subroutine to validate and canonicalize a configuration type.
+# Supply the specified configuration type as an argument.
+# If it is invalid, we print an error message on stderr and exit with code 1.
+# Otherwise, we print the canonical config type on stdout and succeed.
+
+# This file is supposed to be the same for all GNU packages
+# and recognize all the CPU types, system types and aliases
+# that are meaningful with *any* GNU software.
+# Each package is responsible for reporting which valid configurations
+# it does not support.  The user should be able to distinguish
+# a failure to support a valid configuration from a meaningless
+# configuration.
+
+# The goal of this file is to map all the various variations of a given
+# machine specification into a single specification in the form:
+#	CPU_TYPE-MANUFACTURER-OPERATING_SYSTEM
+# It is wrong to echo any other type of specification.
+
+if [ x$1 = x ]
+then
+	echo Configuration name missing. 1>&2
+	echo "Usage: $0 CPU-MFR-OPSYS" 1>&2
+	echo "or     $0 ALIAS" 1>&2
+	echo where ALIAS is a recognized configuration type. 1>&2
+	exit 1
+fi
+
+# First pass through any local machine types.
+case $1 in
+	*local*)
+		echo $1
+		exit 0
+		;;
+	*)
+	;;
+esac
+
+# Separate what the user gave into CPU-COMPANY and OS (if any).
+basic_machine=`echo $1 | sed 's/-[^-]*$//'`
+if [ $basic_machine != $1 ]
+then os=`echo $1 | sed 's/.*-/-/'`
+else os=; fi
+
+### Let's recognize common machines as not being operating systems so
+### that things like config.sub decstation-3100 work.  We also
+### recognize some manufacturers as not being operating systems, so we
+### can provide default operating systems below.
+case $os in
+	-sun*os*)
+		# Prevent following clause from handling this invalid input.
+		;;
+	-dec* | -mips* | -sequent* | -encore* | -pc532* | -sgi* | -sony* | \
+	-att* | -7300* | -3300* | -delta* | -motorola* | -sun[234]* | \
+	-unicom* | -ibm* | -next | -hp | -isi* | -apollo | -altos* | \
+	-convergent* | -ncr* | -news | -32* | -3600* | -3100* | -hitachi* |\
+	-c[123]* | -convex* | -sun | -crds | -omron* | -dg | -ultra | -tti* | \
+	-harris | -dolphin | -highlevel | -gould | -cbm | -ns | -masscomp )
+		os=
+		basic_machine=$1
+		;;
+	-hiux*)
+		os=-hiuxwe2
+		;;
+	-sco4)
+		os=-sco3.2v4
+		basic_machine=`echo $1 | sed -e 's/86-.*/86-unknown/'`
+		;;
+	-sco3.2.[4-9]*)
+		os=`echo $os | sed -e 's/sco3.2./sco3.2v/'`
+		basic_machine=`echo $1 | sed -e 's/86-.*/86-unknown/'`
+		;;
+	-sco3.2v[4-9]*)
+		# Don't forget version if it is 3.2v4 or newer.
+		basic_machine=`echo $1 | sed -e 's/86-.*/86-unknown/'`
+		;;
+	-sco*)
+		os=-sco3.2v2
+		basic_machine=`echo $1 | sed -e 's/86-.*/86-unknown/'`
+		;;
+	-isc)
+		os=-isc2.2
+		basic_machine=`echo $1 | sed -e 's/86-.*/86-unknown/'`
+		;;
+	-clix*)
+		basic_machine=clipper-intergraph
+		;;
+	-isc*)
+		basic_machine=`echo $1 | sed -e 's/86-.*/86-unknown/'`
+		;;
+	-lynx*)
+		os=-lynxos
+		;;
+	-ptx*)
+		basic_machine=`echo $1 | sed -e 's/86-.*/86-sequent/'`
+		;;
+	-windowsnt*)
+		os=`echo $os | sed -e 's/windowsnt/winnt/'`
+		;;
+esac
+
+# Decode aliases for certain CPU-COMPANY combinations.
+case $basic_machine in
+	# Recognize the basic CPU types without company name.
+	# Some are omitted here because they have special meanings below.
+	tahoe | i[345]86 | i860 | m68k | m68000 | m88k | ns32k | arm \
+		| arme[lb] | pyramid \
+		| tron | a29k | 580 | i960 | h8300 | hppa1.0 | hppa1.1 \
+		| alpha | we32k | ns16k | clipper | sparclite | i370 | sh \
+		| powerpc | powerpcle | sparc64 | 1750a | dsp16xx | mips64 | mipsel \
+		| pdp11 | mips64el | mips64orion | mips64orionel \
+		| sparc)
+		basic_machine=$basic_machine-unknown
+		;;
+	# Object if more than one company name word.
+	*-*-*)
+		echo Invalid configuration \`$1\': machine \`$basic_machine\' not recognized 1>&2
+		exit 1
+		;;
+	# Recognize the basic CPU types with company name.
+	vax-* | tahoe-* | i[345]86-* | i860-* | m68k-* | m68000-* | m88k-* \
+	      | sparc-* | ns32k-* | fx80-* | arm-* | c[123]* \
+	      | mips-* | pyramid-* | tron-* | a29k-* | romp-* | rs6000-* | power-* \
+	      | none-* | 580-* | cray2-* | h8300-* | i960-* | xmp-* | ymp-* \
+	      | hppa1.0-* | hppa1.1-* | alpha-* | we32k-* | cydra-* | ns16k-* \
+	      | pn-* | np1-* | xps100-* | clipper-* | orion-* | sparclite-* \
+	      | pdp11-* | sh-* | powerpc-* | powerpcle-* | sparc64-* | mips64-* | mipsel-* \
+	      | mips64el-* | mips64orion-* | mips64orionel-*)
+		;;
+	# Recognize the various machine names and aliases which stand
+	# for a CPU type and a company and sometimes even an OS.
+	3b1 | 7300 | 7300-att | att-7300 | pc7300 | safari | unixpc)
+		basic_machine=m68000-att
+		;;
+	3b*)
+		basic_machine=we32k-att
+		;;
+	alliant | fx80)
+		basic_machine=fx80-alliant
+		;;
+	altos | altos3068)
+		basic_machine=m68k-altos
+		;;
+	am29k)
+		basic_machine=a29k-none
+		os=-bsd
+		;;
+	amdahl)
+		basic_machine=580-amdahl
+		os=-sysv
+		;;
+	amiga | amiga-*)
+		basic_machine=m68k-cbm
+		;;
+	amigados)
+		basic_machine=m68k-cbm
+		os=-amigados
+		;;
+	amigaunix | amix)
+		basic_machine=m68k-cbm
+		os=-sysv4
+		;;
+	apollo68)
+		basic_machine=m68k-apollo
+		os=-sysv
+		;;
+	balance)
+		basic_machine=ns32k-sequent
+		os=-dynix
+		;;
+	convex-c1)
+		basic_machine=c1-convex
+		os=-bsd
+		;;
+	convex-c2)
+		basic_machine=c2-convex
+		os=-bsd
+		;;
+	convex-c32)
+		basic_machine=c32-convex
+		os=-bsd
+		;;
+	convex-c34)
+		basic_machine=c34-convex
+		os=-bsd
+		;;
+	convex-c38)
+		basic_machine=c38-convex
+		os=-bsd
+		;;
+	cray | ymp)
+		basic_machine=ymp-cray
+		os=-unicos
+		;;
+	cray2)
+		basic_machine=cray2-cray
+		os=-unicos
+		;;
+	crds | unos)
+		basic_machine=m68k-crds
+		;;
+	da30 | da30-*)
+		basic_machine=m68k-da30
+		;;
+	decstation | decstation-3100 | pmax | pmax-* | pmin | dec3100 | decstatn)
+		basic_machine=mips-dec
+		;;
+	delta | 3300 | motorola-3300 | motorola-delta \
+	      | 3300-motorola | delta-motorola)
+		basic_machine=m68k-motorola
+		;;
+	delta88)
+		basic_machine=m88k-motorola
+		os=-sysv3
+		;;
+	dpx20 | dpx20-*)
+		basic_machine=rs6000-bull
+		os=-bosx
+		;;
+	dpx2* | dpx2*-bull)
+		basic_machine=m68k-bull
+		os=-sysv3
+		;;
+	ebmon29k)
+		basic_machine=a29k-amd
+		os=-ebmon
+		;;
+	elxsi)
+		basic_machine=elxsi-elxsi
+		os=-bsd
+		;;
+	encore | umax | mmax)
+		basic_machine=ns32k-encore
+		;;
+	fx2800)
+		basic_machine=i860-alliant
+		;;
+	genix)
+		basic_machine=ns32k-ns
+		;;
+	gmicro)
+		basic_machine=tron-gmicro
+		os=-sysv
+		;;
+	h3050r* | hiux*)
+		basic_machine=hppa1.1-hitachi
+		os=-hiuxwe2
+		;;
+	h8300hms)
+		basic_machine=h8300-hitachi
+		os=-hms
+		;;
+	harris)
+		basic_machine=m88k-harris
+		os=-sysv3
+		;;
+	hp300-*)
+		basic_machine=m68k-hp
+		;;
+	hp300bsd)
+		basic_machine=m68k-hp
+		os=-bsd
+		;;
+	hp300hpux)
+		basic_machine=m68k-hp
+		os=-hpux
+		;;
+	hp9k2[0-9][0-9] | hp9k31[0-9])
+		basic_machine=m68000-hp
+		;;
+	hp9k3[2-9][0-9])
+		basic_machine=m68k-hp
+		;;
+	hp9k7[0-9][0-9] | hp7[0-9][0-9] | hp9k8[0-9]7 | hp8[0-9]7)
+		basic_machine=hppa1.1-hp
+		;;
+	hp9k8[0-9][0-9] | hp8[0-9][0-9])
+		basic_machine=hppa1.0-hp
+		;;
+	i370-ibm* | ibm*)
+		basic_machine=i370-ibm
+		os=-mvs
+		;;
+# I'm not sure what "Sysv32" means.  Should this be sysv3.2?
+	i[345]86v32)
+		basic_machine=`echo $1 | sed -e 's/86.*/86-unknown/'`
+		os=-sysv32
+		;;
+	i[345]86v4*)
+		basic_machine=`echo $1 | sed -e 's/86.*/86-unknown/'`
+		os=-sysv4
+		;;
+	i[345]86v)
+		basic_machine=`echo $1 | sed -e 's/86.*/86-unknown/'`
+		os=-sysv
+		;;
+	i[345]86sol2)
+		basic_machine=`echo $1 | sed -e 's/86.*/86-unknown/'`
+		os=-solaris2
+		;;
+	iris | iris4d)
+		basic_machine=mips-sgi
+		case $os in
+		    -irix*)
+			;;
+		    *)
+			os=-irix4
+			;;
+		esac
+		;;
+	isi68 | isi)
+		basic_machine=m68k-isi
+		os=-sysv
+		;;
+	m88k-omron*)
+		basic_machine=m88k-omron
+		;;
+	magnum | m3230)
+		basic_machine=mips-mips
+		os=-sysv
+		;;
+	merlin)
+		basic_machine=ns32k-utek
+		os=-sysv
+		;;
+	miniframe)
+		basic_machine=m68000-convergent
+		;;
+	mips3*-*)
+		basic_machine=`echo $basic_machine | sed -e 's/mips3/mips64/'`
+		;;
+	mips3*)
+		basic_machine=`echo $basic_machine | sed -e 's/mips3/mips64/'`-unknown
+		;;
+	ncr3000)
+		basic_machine=i486-ncr
+		os=-sysv4
+		;;
+	news | news700 | news800 | news900)
+		basic_machine=m68k-sony
+		os=-newsos
+		;;
+	news1000)
+		basic_machine=m68030-sony
+		os=-newsos
+		;;
+	news-3600 | risc-news)
+		basic_machine=mips-sony
+		os=-newsos
+		;;
+	next | m*-next )
+		basic_machine=m68k-next
+		case $os in
+		    -nextstep* )
+			;;
+		    -ns2*)
+		      os=-nextstep2
+			;;
+		    *)
+		      os=-nextstep3
+			;;
+		esac
+		;;
+	nh3000)
+		basic_machine=m68k-harris
+		os=-cxux
+		;;
+	nh[45]000)
+		basic_machine=m88k-harris
+		os=-cxux
+		;;
+	nindy960)
+		basic_machine=i960-intel
+		os=-nindy
+		;;
+	np1)
+		basic_machine=np1-gould
+		;;
+	pa-hitachi)
+		basic_machine=hppa1.1-hitachi
+		os=-hiuxwe2
+		;;
+	paragon)
+		basic_machine=i860-intel
+		os=-osf
+		;;
+	pbd)
+		basic_machine=sparc-tti
+		;;
+	pbb)
+		basic_machine=m68k-tti
+		;;
+        pc532 | pc532-*)
+		basic_machine=ns32k-pc532
+		;;
+	pentium | p5 | p6)
+		# We don't have specific support for the Intel Pentium (p6) followon yet, so just call it a Pentium
+		basic_machine=i586-intel
+		;;
+	pentium-* | p5-* | p6-*)
+		# We don't have specific support for the Intel Pentium (p6) followon yet, so just call it a Pentium
+		basic_machine=i586-`echo $basic_machine | sed 's/^[^-]*-//'`
+		;;
+	k5)
+		# We don't have specific support for AMD's K5 yet, so just call it a Pentium
+		basic_machine=i586-amd
+		;;
+	nexen)
+		# We don't have specific support for Nexgen yet, so just call it a Pentium
+		basic_machine=i586-nexgen
+		;;
+	pn)
+		basic_machine=pn-gould
+		;;
+	power)	basic_machine=rs6000-ibm
+		;;
+	ppc)	basic_machine=powerpc-unknown
+	        ;;
+	ppc-*)	basic_machine=powerpc-`echo $basic_machine | sed 's/^[^-]*-//'`
+		;;
+	ppcle | powerpclittle | ppc-le | powerpc-little)
+		basic_machine=powerpcle-unknown
+	        ;;
+	ppcle-* | powerpclittle-*)
+		basic_machine=powerpcle-`echo $basic_machine | sed 's/^[^-]*-//'`
+		;;
+	ps2)
+		basic_machine=i386-ibm
+		;;
+	rm[46]00)
+		basic_machine=mips-siemens
+		;;
+	rtpc | rtpc-*)
+		basic_machine=romp-ibm
+		;;
+	sequent)
+		basic_machine=i386-sequent
+		;;
+	sh)
+		basic_machine=sh-hitachi
+		os=-hms
+		;;
+	sps7)
+		basic_machine=m68k-bull
+		os=-sysv2
+		;;
+	spur)
+		basic_machine=spur-unknown
+		;;
+	sun2)
+		basic_machine=m68000-sun
+		;;
+	sun2os3)
+		basic_machine=m68000-sun
+		os=-sunos3
+		;;
+	sun2os4)
+		basic_machine=m68000-sun
+		os=-sunos4
+		;;
+	sun3os3)
+		basic_machine=m68k-sun
+		os=-sunos3
+		;;
+	sun3os4)
+		basic_machine=m68k-sun
+		os=-sunos4
+		;;
+	sun4os3)
+		basic_machine=sparc-sun
+		os=-sunos3
+		;;
+	sun4os4)
+		basic_machine=sparc-sun
+		os=-sunos4
+		;;
+	sun4sol2)
+		basic_machine=sparc-sun
+		os=-solaris2
+		;;
+	sun3 | sun3-*)
+		basic_machine=m68k-sun
+		;;
+	sun4)
+		basic_machine=sparc-sun
+		;;
+	sun386 | sun386i | roadrunner)
+		basic_machine=i386-sun
+		;;
+	symmetry)
+		basic_machine=i386-sequent
+		os=-dynix
+		;;
+	tower | tower-32)
+		basic_machine=m68k-ncr
+		;;
+	udi29k)
+		basic_machine=a29k-amd
+		os=-udi
+		;;
+	ultra3)
+		basic_machine=a29k-nyu
+		os=-sym1
+		;;
+	vaxv)
+		basic_machine=vax-dec
+		os=-sysv
+		;;
+	vms)
+		basic_machine=vax-dec
+		os=-vms
+		;;
+	vxworks960)
+		basic_machine=i960-wrs
+		os=-vxworks
+		;;
+	vxworks68)
+		basic_machine=m68k-wrs
+		os=-vxworks
+		;;
+	vxworks29k)
+		basic_machine=a29k-wrs
+		os=-vxworks
+		;;
+	xmp)
+		basic_machine=xmp-cray
+		os=-unicos
+		;;
+        xps | xps100)
+		basic_machine=xps100-honeywell
+		;;
+	none)
+		basic_machine=none-none
+		os=-none
+		;;
+
+# Here we handle the default manufacturer of certain CPU types.  It is in
+# some cases the only manufacturer, in others, it is the most popular.
+	mips)
+		basic_machine=mips-mips
+		;;
+	romp)
+		basic_machine=romp-ibm
+		;;
+	rs6000)
+		basic_machine=rs6000-ibm
+		;;
+	vax)
+		basic_machine=vax-dec
+		;;
+	pdp11)
+		basic_machine=pdp11-dec
+		;;
+	we32k)
+		basic_machine=we32k-att
+		;;
+	sparc)
+		basic_machine=sparc-sun
+		;;
+        cydra)
+		basic_machine=cydra-cydrome
+		;;
+	orion)
+		basic_machine=orion-highlevel
+		;;
+	orion105)
+		basic_machine=clipper-highlevel
+		;;
+	*)
+		echo Invalid configuration \`$1\': machine \`$basic_machine\' not recognized 1>&2
+		exit 1
+		;;
+esac
+
+# Here we canonicalize certain aliases for manufacturers.
+case $basic_machine in
+	*-digital*)
+		basic_machine=`echo $basic_machine | sed 's/digital.*/dec/'`
+		;;
+	*-commodore*)
+		basic_machine=`echo $basic_machine | sed 's/commodore.*/cbm/'`
+		;;
+	*)
+		;;
+esac
+
+# Decode manufacturer-specific aliases for certain operating systems.
+
+if [ x"$os" != x"" ]
+then
+case $os in
+	# -solaris* is a basic system type, with this one exception.
+	-solaris1 | -solaris1.*)
+		os=`echo $os | sed -e 's|solaris1|sunos4|'`
+		;;
+	-solaris)
+		os=-solaris2
+		;;
+	-unixware* | svr4*)
+		os=-sysv4
+		;;
+	-gnu/linux*)
+		os=`echo $os | sed -e 's|gnu/linux|linux|'`
+		;;
+	# First accept the basic system types.
+	# The portable systems comes first.
+	# Each alternative MUST END IN A *, to match a version number.
+	# -sysv* is not here because it comes later, after sysvr4.
+	-gnu* | -bsd* | -mach* | -minix* | -genix* | -ultrix* | -irix* \
+	      | -vms* | -sco* | -esix* | -isc* | -aix* | -sunos | -sunos[345]* \
+	      | -hpux* | -unos* | -osf* | -luna* | -dgux* | -solaris* | -sym* \
+	      | -amigados* | -msdos* | -newsos* | -unicos* | -aos* \
+	      | -nindy* | -vxworks* | -ebmon* | -hms* | -mvs* | -clix* \
+	      | -riscos* | -linux* | -uniplus* | -iris* | -rtu* | -xenix* \
+	      | -hiux* | -386bsd* | -netbsd* | -freebsd* | -riscix* \
+	      | -lynxos* | -bosx* | -nextstep* | -cxux* | -aout* | -elf* \
+	      | -ptx* | -coff* | -ecoff* | -winnt* | -domain* | -vsta* \
+	      | -udi* | -eabi* | -lites* )
+	# Remember, each alternative MUST END IN *, to match a version number.
+		;;
+	-sunos5*)
+		os=`echo $os | sed -e 's|sunos5|solaris2|'`
+		;;
+	-sunos6*)
+		os=`echo $os | sed -e 's|sunos6|solaris3|'`
+		;;
+	-osfrose*)
+		os=-osfrose
+		;;
+	-osf*)
+		os=-osf
+		;;
+	-utek*)
+		os=-bsd
+		;;
+	-dynix*)
+		os=-bsd
+		;;
+	-acis*)
+		os=-aos
+		;;
+	-ctix* | -uts*)
+		os=-sysv
+		;;
+	# Preserve the version number of sinix5.
+	-sinix5.*)
+		os=`echo $os | sed -e 's|sinix|sysv|'`
+		;;
+	-sinix*)
+		os=-sysv4
+		;;
+	-triton*)
+		os=-sysv3
+		;;
+	-oss*)
+		os=-sysv3
+		;;
+	-svr4)
+		os=-sysv4
+		;;
+	-svr3)
+		os=-sysv3
+		;;
+	-sysvr4)
+		os=-sysv4
+		;;
+	# This must come after -sysvr4.
+	-sysv*)
+		;;
+	-xenix)
+		os=-xenix
+		;;
+	-none)
+		;;
+	*)
+		# Get rid of the `-' at the beginning of $os.
+		os=`echo $os | sed 's/[^-]*-//'`
+		echo Invalid configuration \`$1\': system \`$os\' not recognized 1>&2
+		exit 1
+		;;
+esac
+else
+
+# Here we handle the default operating systems that come with various machines.
+# The value should be what the vendor currently ships out the door with their
+# machine or put another way, the most popular os provided with the machine.
+
+# Note that if you're going to try to match "-MANUFACTURER" here (say,
+# "-sun"), then you have to tell the case statement up towards the top
+# that MANUFACTURER isn't an operating system.  Otherwise, code above
+# will signal an error saying that MANUFACTURER isn't an operating
+# system, and we'll never get to this point.
+
+case $basic_machine in
+	*-acorn)
+		os=-riscix1.2
+		;;
+	arm*-semi)
+		os=-aout
+		;;
+        pdp11-*)
+		os=-none
+		;;
+	*-dec | vax-*)
+		os=-ultrix4.2
+		;;
+	m68*-apollo)
+		os=-domain
+		;;
+	i386-sun)
+		os=-sunos4.0.2
+		;;
+	m68000-sun)
+		os=-sunos3
+		# This also exists in the configure program, but was not the
+		# default.
+		# os=-sunos4
+		;;
+	*-tti)	# must be before sparc entry or we get the wrong os.
+		os=-sysv3
+		;;
+	sparc-* | *-sun)
+		os=-sunos4.1.1
+		;;
+	*-ibm)
+		os=-aix
+		;;
+	*-hp)
+		os=-hpux
+		;;
+	*-hitachi)
+		os=-hiux
+		;;
+	i860-* | *-att | *-ncr | *-altos | *-motorola | *-convergent)
+		os=-sysv
+		;;
+	*-cbm)
+		os=-amigados
+		;;
+	*-dg)
+		os=-dgux
+		;;
+	*-dolphin)
+		os=-sysv3
+		;;
+	m68k-ccur)
+		os=-rtu
+		;;
+	m88k-omron*)
+		os=-luna
+		;;
+	*-sequent)
+		os=-ptx
+		;;
+	*-crds)
+		os=-unos
+		;;
+	*-ns)
+		os=-genix
+		;;
+	i370-*)
+		os=-mvs
+		;;
+	*-next)
+		os=-nextstep3
+		;;
+        *-gould)
+		os=-sysv
+		;;
+        *-highlevel)
+		os=-bsd
+		;;
+	*-encore)
+		os=-bsd
+		;;
+        *-sgi)
+		os=-irix
+		;;
+        *-siemens)
+		os=-sysv4
+		;;
+	*-masscomp)
+		os=-rtu
+		;;
+	*)
+		os=-none
+		;;
+esac
+fi
+
+# Here we handle the case where we know the os, and the CPU type, but not the
+# manufacturer.  We pick the logical manufacturer.
+vendor=unknown
+case $basic_machine in
+	*-unknown)
+		case $os in
+			-riscix*)
+				vendor=acorn
+				;;
+			-sunos*)
+				vendor=sun
+				;;
+			-lynxos*)
+				vendor=lynx
+				;;
+			-aix*)
+				vendor=ibm
+				;;
+			-hpux*)
+				vendor=hp
+				;;
+			-hiux*)
+				vendor=hitachi
+				;;
+			-unos*)
+				vendor=crds
+				;;
+			-dgux*)
+				vendor=dg
+				;;
+			-luna*)
+				vendor=omron
+				;;
+			-genix*)
+				vendor=ns
+				;;
+			-mvs*)
+				vendor=ibm
+				;;
+			-ptx*)
+				vendor=sequent
+				;;
+			-vxworks*)
+				vendor=wrs
+				;;
+		esac
+		basic_machine=`echo $basic_machine | sed "s/unknown/$vendor/"`
+		;;
+esac
+
+echo $basic_machine$os
diff --git a/contrib/tcpdump/configure b/contrib/tcpdump/configure
new file mode 100755
index 000000000000..5083c2f2068d
--- /dev/null
+++ b/contrib/tcpdump/configure
@@ -0,0 +1,2535 @@
+#! /bin/sh
+
+# Guess values for system-dependent variables and create Makefiles.
+# Generated automatically using autoconf version 2.10 
+# Copyright (C) 1992, 93, 94, 95, 96 Free Software Foundation, Inc.
+#
+# This configure script is free software; the Free Software Foundation
+# gives unlimited permission to copy, distribute and modify it.
+
+# Defaults:
+ac_help=
+ac_default_prefix=/usr/local
+# Any additions from configure.in:
+
+# Initialize some variables set by options.
+# The variables have the same names as the options, with
+# dashes changed to underlines.
+build=NONE
+cache_file=./config.cache
+exec_prefix=NONE
+host=NONE
+no_create=
+nonopt=NONE
+no_recursion=
+prefix=NONE
+program_prefix=NONE
+program_suffix=NONE
+program_transform_name=s,x,x,
+silent=
+site=
+srcdir=
+target=NONE
+verbose=
+x_includes=NONE
+x_libraries=NONE
+bindir='${exec_prefix}/bin'
+sbindir='${exec_prefix}/sbin'
+libexecdir='${exec_prefix}/libexec'
+datadir='${prefix}/share'
+sysconfdir='${prefix}/etc'
+sharedstatedir='${prefix}/com'
+localstatedir='${prefix}/var'
+libdir='${exec_prefix}/lib'
+includedir='${prefix}/include'
+oldincludedir='/usr/include'
+infodir='${prefix}/info'
+mandir='${prefix}/man'
+
+# Initialize some other variables.
+subdirs=
+MFLAGS= MAKEFLAGS=
+
+ac_prev=
+for ac_option
+do
+
+  # If the previous option needs an argument, assign it.
+  if test -n "$ac_prev"; then
+    eval "$ac_prev=\$ac_option"
+    ac_prev=
+    continue
+  fi
+
+  case "$ac_option" in
+  -*=*) ac_optarg=`echo "$ac_option" | sed 's/[-_a-zA-Z0-9]*=//'` ;;
+  *) ac_optarg= ;;
+  esac
+
+  # Accept the important Cygnus configure options, so we can diagnose typos.
+
+  case "$ac_option" in
+
+  -bindir | --bindir | --bindi | --bind | --bin | --bi)
+    ac_prev=bindir ;;
+  -bindir=* | --bindir=* | --bindi=* | --bind=* | --bin=* | --bi=*)
+    bindir="$ac_optarg" ;;
+
+  -build | --build | --buil | --bui | --bu)
+    ac_prev=build ;;
+  -build=* | --build=* | --buil=* | --bui=* | --bu=*)
+    build="$ac_optarg" ;;
+
+  -cache-file | --cache-file | --cache-fil | --cache-fi \
+  | --cache-f | --cache- | --cache | --cach | --cac | --ca | --c)
+    ac_prev=cache_file ;;
+  -cache-file=* | --cache-file=* | --cache-fil=* | --cache-fi=* \
+  | --cache-f=* | --cache-=* | --cache=* | --cach=* | --cac=* | --ca=* | --c=*)
+    cache_file="$ac_optarg" ;;
+
+  -datadir | --datadir | --datadi | --datad | --data | --dat | --da)
+    ac_prev=datadir ;;
+  -datadir=* | --datadir=* | --datadi=* | --datad=* | --data=* | --dat=* \
+  | --da=*)
+    datadir="$ac_optarg" ;;
+
+  -disable-* | --disable-*)
+    ac_feature=`echo $ac_option|sed -e 's/-*disable-//'`
+    # Reject names that are not valid shell variable names.
+    if test -n "`echo $ac_feature| sed 's/[-a-zA-Z0-9_]//g'`"; then
+      { echo "configure: error: $ac_feature: invalid feature name" 1>&2; exit 1; }
+    fi
+    ac_feature=`echo $ac_feature| sed 's/-/_/g'`
+    eval "enable_${ac_feature}=no" ;;
+
+  -enable-* | --enable-*)
+    ac_feature=`echo $ac_option|sed -e 's/-*enable-//' -e 's/=.*//'`
+    # Reject names that are not valid shell variable names.
+    if test -n "`echo $ac_feature| sed 's/[-_a-zA-Z0-9]//g'`"; then
+      { echo "configure: error: $ac_feature: invalid feature name" 1>&2; exit 1; }
+    fi
+    ac_feature=`echo $ac_feature| sed 's/-/_/g'`
+    case "$ac_option" in
+      *=*) ;;
+      *) ac_optarg=yes ;;
+    esac
+    eval "enable_${ac_feature}='$ac_optarg'" ;;
+
+  -exec-prefix | --exec_prefix | --exec-prefix | --exec-prefi \
+  | --exec-pref | --exec-pre | --exec-pr | --exec-p | --exec- \
+  | --exec | --exe | --ex)
+    ac_prev=exec_prefix ;;
+  -exec-prefix=* | --exec_prefix=* | --exec-prefix=* | --exec-prefi=* \
+  | --exec-pref=* | --exec-pre=* | --exec-pr=* | --exec-p=* | --exec-=* \
+  | --exec=* | --exe=* | --ex=*)
+    exec_prefix="$ac_optarg" ;;
+
+  -gas | --gas | --ga | --g)
+    # Obsolete; use --with-gas.
+    with_gas=yes ;;
+
+  -help | --help | --hel | --he)
+    # Omit some internal or obsolete options to make the list less imposing.
+    # This message is too long to be a string in the A/UX 3.1 sh.
+    cat << EOF
+Usage: configure [options] [host]
+Options: [defaults in brackets after descriptions]
+Configuration:
+  --cache-file=FILE       cache test results in FILE
+  --help                  print this message
+  --no-create             do not create output files
+  --quiet, --silent       do not print \`checking...' messages
+  --version               print the version of autoconf that created configure
+Directory and file names:
+  --prefix=PREFIX         install architecture-independent files in PREFIX
+                          [$ac_default_prefix]
+  --exec-prefix=EPREFIX   install architecture-dependent files in EPREFIX
+                          [same as prefix]
+  --bindir=DIR            user executables in DIR [EPREFIX/bin]
+  --sbindir=DIR           system admin executables in DIR [EPREFIX/sbin]
+  --libexecdir=DIR        program executables in DIR [EPREFIX/libexec]
+  --datadir=DIR           read-only architecture-independent data in DIR
+                          [PREFIX/share]
+  --sysconfdir=DIR        read-only single-machine data in DIR [PREFIX/etc]
+  --sharedstatedir=DIR    modifiable architecture-independent data in DIR
+                          [PREFIX/com]
+  --localstatedir=DIR     modifiable single-machine data in DIR [PREFIX/var]
+  --libdir=DIR            object code libraries in DIR [EPREFIX/lib]
+  --includedir=DIR        C header files in DIR [PREFIX/include]
+  --oldincludedir=DIR     C header files for non-gcc in DIR [/usr/include]
+  --infodir=DIR           info documentation in DIR [PREFIX/info]
+  --mandir=DIR            man documentation in DIR [PREFIX/man]
+  --srcdir=DIR            find the sources in DIR [configure dir or ..]
+  --program-prefix=PREFIX prepend PREFIX to installed program names
+  --program-suffix=SUFFIX append SUFFIX to installed program names
+  --program-transform-name=PROGRAM
+                          run sed PROGRAM on installed program names
+EOF
+    cat << EOF
+Host type:
+  --build=BUILD           configure for building on BUILD [BUILD=HOST]
+  --host=HOST             configure for HOST [guessed]
+  --target=TARGET         configure for TARGET [TARGET=HOST]
+Features and packages:
+  --disable-FEATURE       do not include FEATURE (same as --enable-FEATURE=no)
+  --enable-FEATURE[=ARG]  include FEATURE [ARG=yes]
+  --with-PACKAGE[=ARG]    use PACKAGE [ARG=yes]
+  --without-PACKAGE       do not use PACKAGE (same as --with-PACKAGE=no)
+  --x-includes=DIR        X include files are in DIR
+  --x-libraries=DIR       X library files are in DIR
+EOF
+    if test -n "$ac_help"; then
+      echo "--enable and --with options recognized:$ac_help"
+    fi
+    exit 0 ;;
+
+  -host | --host | --hos | --ho)
+    ac_prev=host ;;
+  -host=* | --host=* | --hos=* | --ho=*)
+    host="$ac_optarg" ;;
+
+  -includedir | --includedir | --includedi | --included | --include \
+  | --includ | --inclu | --incl | --inc)
+    ac_prev=includedir ;;
+  -includedir=* | --includedir=* | --includedi=* | --included=* | --include=* \
+  | --includ=* | --inclu=* | --incl=* | --inc=*)
+    includedir="$ac_optarg" ;;
+
+  -infodir | --infodir | --infodi | --infod | --info | --inf)
+    ac_prev=infodir ;;
+  -infodir=* | --infodir=* | --infodi=* | --infod=* | --info=* | --inf=*)
+    infodir="$ac_optarg" ;;
+
+  -libdir | --libdir | --libdi | --libd)
+    ac_prev=libdir ;;
+  -libdir=* | --libdir=* | --libdi=* | --libd=*)
+    libdir="$ac_optarg" ;;
+
+  -libexecdir | --libexecdir | --libexecdi | --libexecd | --libexec \
+  | --libexe | --libex | --libe)
+    ac_prev=libexecdir ;;
+  -libexecdir=* | --libexecdir=* | --libexecdi=* | --libexecd=* | --libexec=* \
+  | --libexe=* | --libex=* | --libe=*)
+    libexecdir="$ac_optarg" ;;
+
+  -localstatedir | --localstatedir | --localstatedi | --localstated \
+  | --localstate | --localstat | --localsta | --localst \
+  | --locals | --local | --loca | --loc | --lo)
+    ac_prev=localstatedir ;;
+  -localstatedir=* | --localstatedir=* | --localstatedi=* | --localstated=* \
+  | --localstate=* | --localstat=* | --localsta=* | --localst=* \
+  | --locals=* | --local=* | --loca=* | --loc=* | --lo=*)
+    localstatedir="$ac_optarg" ;;
+
+  -mandir | --mandir | --mandi | --mand | --man | --ma | --m)
+    ac_prev=mandir ;;
+  -mandir=* | --mandir=* | --mandi=* | --mand=* | --man=* | --ma=* | --m=*)
+    mandir="$ac_optarg" ;;
+
+  -nfp | --nfp | --nf)
+    # Obsolete; use --without-fp.
+    with_fp=no ;;
+
+  -no-create | --no-create | --no-creat | --no-crea | --no-cre \
+  | --no-cr | --no-c)
+    no_create=yes ;;
+
+  -no-recursion | --no-recursion | --no-recursio | --no-recursi \
+  | --no-recurs | --no-recur | --no-recu | --no-rec | --no-re | --no-r)
+    no_recursion=yes ;;
+
+  -oldincludedir | --oldincludedir | --oldincludedi | --oldincluded \
+  | --oldinclude | --oldinclud | --oldinclu | --oldincl | --oldinc \
+  | --oldin | --oldi | --old | --ol | --o)
+    ac_prev=oldincludedir ;;
+  -oldincludedir=* | --oldincludedir=* | --oldincludedi=* | --oldincluded=* \
+  | --oldinclude=* | --oldinclud=* | --oldinclu=* | --oldincl=* | --oldinc=* \
+  | --oldin=* | --oldi=* | --old=* | --ol=* | --o=*)
+    oldincludedir="$ac_optarg" ;;
+
+  -prefix | --prefix | --prefi | --pref | --pre | --pr | --p)
+    ac_prev=prefix ;;
+  -prefix=* | --prefix=* | --prefi=* | --pref=* | --pre=* | --pr=* | --p=*)
+    prefix="$ac_optarg" ;;
+
+  -program-prefix | --program-prefix | --program-prefi | --program-pref \
+  | --program-pre | --program-pr | --program-p)
+    ac_prev=program_prefix ;;
+  -program-prefix=* | --program-prefix=* | --program-prefi=* \
+  | --program-pref=* | --program-pre=* | --program-pr=* | --program-p=*)
+    program_prefix="$ac_optarg" ;;
+
+  -program-suffix | --program-suffix | --program-suffi | --program-suff \
+  | --program-suf | --program-su | --program-s)
+    ac_prev=program_suffix ;;
+  -program-suffix=* | --program-suffix=* | --program-suffi=* \
+  | --program-suff=* | --program-suf=* | --program-su=* | --program-s=*)
+    program_suffix="$ac_optarg" ;;
+
+  -program-transform-name | --program-transform-name \
+  | --program-transform-nam | --program-transform-na \
+  | --program-transform-n | --program-transform- \
+  | --program-transform | --program-transfor \
+  | --program-transfo | --program-transf \
+  | --program-trans | --program-tran \
+  | --progr-tra | --program-tr | --program-t)
+    ac_prev=program_transform_name ;;
+  -program-transform-name=* | --program-transform-name=* \
+  | --program-transform-nam=* | --program-transform-na=* \
+  | --program-transform-n=* | --program-transform-=* \
+  | --program-transform=* | --program-transfor=* \
+  | --program-transfo=* | --program-transf=* \
+  | --program-trans=* | --program-tran=* \
+  | --progr-tra=* | --program-tr=* | --program-t=*)
+    program_transform_name="$ac_optarg" ;;
+
+  -q | -quiet | --quiet | --quie | --qui | --qu | --q \
+  | -silent | --silent | --silen | --sile | --sil)
+    silent=yes ;;
+
+  -sbindir | --sbindir | --sbindi | --sbind | --sbin | --sbi | --sb)
+    ac_prev=sbindir ;;
+  -sbindir=* | --sbindir=* | --sbindi=* | --sbind=* | --sbin=* \
+  | --sbi=* | --sb=*)
+    sbindir="$ac_optarg" ;;
+
+  -sharedstatedir | --sharedstatedir | --sharedstatedi \
+  | --sharedstated | --sharedstate | --sharedstat | --sharedsta \
+  | --sharedst | --shareds | --shared | --share | --shar \
+  | --sha | --sh)
+    ac_prev=sharedstatedir ;;
+  -sharedstatedir=* | --sharedstatedir=* | --sharedstatedi=* \
+  | --sharedstated=* | --sharedstate=* | --sharedstat=* | --sharedsta=* \
+  | --sharedst=* | --shareds=* | --shared=* | --share=* | --shar=* \
+  | --sha=* | --sh=*)
+    sharedstatedir="$ac_optarg" ;;
+
+  -site | --site | --sit)
+    ac_prev=site ;;
+  -site=* | --site=* | --sit=*)
+    site="$ac_optarg" ;;
+
+  -srcdir | --srcdir | --srcdi | --srcd | --src | --sr)
+    ac_prev=srcdir ;;
+  -srcdir=* | --srcdir=* | --srcdi=* | --srcd=* | --src=* | --sr=*)
+    srcdir="$ac_optarg" ;;
+
+  -sysconfdir | --sysconfdir | --sysconfdi | --sysconfd | --sysconf \
+  | --syscon | --sysco | --sysc | --sys | --sy)
+    ac_prev=sysconfdir ;;
+  -sysconfdir=* | --sysconfdir=* | --sysconfdi=* | --sysconfd=* | --sysconf=* \
+  | --syscon=* | --sysco=* | --sysc=* | --sys=* | --sy=*)
+    sysconfdir="$ac_optarg" ;;
+
+  -target | --target | --targe | --targ | --tar | --ta | --t)
+    ac_prev=target ;;
+  -target=* | --target=* | --targe=* | --targ=* | --tar=* | --ta=* | --t=*)
+    target="$ac_optarg" ;;
+
+  -v | -verbose | --verbose | --verbos | --verbo | --verb)
+    verbose=yes ;;
+
+  -version | --version | --versio | --versi | --vers)
+    echo "configure generated by autoconf version 2.10"
+    exit 0 ;;
+
+  -with-* | --with-*)
+    ac_package=`echo $ac_option|sed -e 's/-*with-//' -e 's/=.*//'`
+    # Reject names that are not valid shell variable names.
+    if test -n "`echo $ac_package| sed 's/[-_a-zA-Z0-9]//g'`"; then
+      { echo "configure: error: $ac_package: invalid package name" 1>&2; exit 1; }
+    fi
+    ac_package=`echo $ac_package| sed 's/-/_/g'`
+    case "$ac_option" in
+      *=*) ;;
+      *) ac_optarg=yes ;;
+    esac
+    eval "with_${ac_package}='$ac_optarg'" ;;
+
+  -without-* | --without-*)
+    ac_package=`echo $ac_option|sed -e 's/-*without-//'`
+    # Reject names that are not valid shell variable names.
+    if test -n "`echo $ac_package| sed 's/[-a-zA-Z0-9_]//g'`"; then
+      { echo "configure: error: $ac_package: invalid package name" 1>&2; exit 1; }
+    fi
+    ac_package=`echo $ac_package| sed 's/-/_/g'`
+    eval "with_${ac_package}=no" ;;
+
+  --x)
+    # Obsolete; use --with-x.
+    with_x=yes ;;
+
+  -x-includes | --x-includes | --x-include | --x-includ | --x-inclu \
+  | --x-incl | --x-inc | --x-in | --x-i)
+    ac_prev=x_includes ;;
+  -x-includes=* | --x-includes=* | --x-include=* | --x-includ=* | --x-inclu=* \
+  | --x-incl=* | --x-inc=* | --x-in=* | --x-i=*)
+    x_includes="$ac_optarg" ;;
+
+  -x-libraries | --x-libraries | --x-librarie | --x-librari \
+  | --x-librar | --x-libra | --x-libr | --x-lib | --x-li | --x-l)
+    ac_prev=x_libraries ;;
+  -x-libraries=* | --x-libraries=* | --x-librarie=* | --x-librari=* \
+  | --x-librar=* | --x-libra=* | --x-libr=* | --x-lib=* | --x-li=* | --x-l=*)
+    x_libraries="$ac_optarg" ;;
+
+  -*) { echo "configure: error: $ac_option: invalid option; use --help to show usage" 1>&2; exit 1; }
+    ;;
+
+  *)
+    if test -n "`echo $ac_option| sed 's/[-a-z0-9.]//g'`"; then
+      echo "configure: warning: $ac_option: invalid host type" 1>&2
+    fi
+    if test "x$nonopt" != xNONE; then
+      { echo "configure: error: can only configure for one host and one target at a time" 1>&2; exit 1; }
+    fi
+    nonopt="$ac_option"
+    ;;
+
+  esac
+done
+
+if test -n "$ac_prev"; then
+  { echo "configure: error: missing argument to --`echo $ac_prev | sed 's/_/-/g'`" 1>&2; exit 1; }
+fi
+
+trap 'rm -fr conftest* confdefs* core core.* *.core $ac_clean_files; exit 1' 1 2 15
+
+# File descriptor usage:
+# 0 standard input
+# 1 file creation
+# 2 errors and warnings
+# 3 some systems may open it to /dev/tty
+# 4 used on the Kubota Titan
+# 6 checking for... messages and results
+# 5 compiler messages saved in config.log
+if test "$silent" = yes; then
+  exec 6>/dev/null
+else
+  exec 6>&1
+fi
+exec 5>./config.log
+
+echo "\
+This file contains any messages produced by compilers while
+running configure, to aid debugging if configure makes a mistake.
+" 1>&5
+
+# Strip out --no-create and --no-recursion so they do not pile up.
+# Also quote any args containing shell metacharacters.
+ac_configure_args=
+for ac_arg
+do
+  case "$ac_arg" in
+  -no-create | --no-create | --no-creat | --no-crea | --no-cre \
+  | --no-cr | --no-c) ;;
+  -no-recursion | --no-recursion | --no-recursio | --no-recursi \
+  | --no-recurs | --no-recur | --no-recu | --no-rec | --no-re | --no-r) ;;
+  *" "*|*"	"*|*[\[\]\~\#\$\^\&\*\(\)\{\}\\\|\;\<\>\?]*)
+  ac_configure_args="$ac_configure_args '$ac_arg'" ;;
+  *) ac_configure_args="$ac_configure_args $ac_arg" ;;
+  esac
+done
+
+# NLS nuisances.
+# Only set LANG and LC_ALL to C if already set.
+# These must not be set unconditionally because not all systems understand
+# e.g. LANG=C (notably SCO).
+if test "${LC_ALL+set}" = set; then LC_ALL=C; export LC_ALL; fi
+if test "${LANG+set}"   = set; then LANG=C;   export LANG;   fi
+
+# confdefs.h avoids OS command line length limits that DEFS can exceed.
+rm -rf conftest* confdefs.h
+# AIX cpp loses on an empty file, so make sure it contains at least a newline.
+echo > confdefs.h
+
+# A filename unique to this package, relative to the directory that
+# configure is in, which we can look for to find out if srcdir is correct.
+ac_unique_file=tcpdump.c
+
+# Find the source files, if location was not specified.
+if test -z "$srcdir"; then
+  ac_srcdir_defaulted=yes
+  # Try the directory containing this script, then its parent.
+  ac_prog=$0
+  ac_confdir=`echo $ac_prog|sed 's%/[^/][^/]*$%%'`
+  test "x$ac_confdir" = "x$ac_prog" && ac_confdir=.
+  srcdir=$ac_confdir
+  if test ! -r $srcdir/$ac_unique_file; then
+    srcdir=..
+  fi
+else
+  ac_srcdir_defaulted=no
+fi
+if test ! -r $srcdir/$ac_unique_file; then
+  if test "$ac_srcdir_defaulted" = yes; then
+    { echo "configure: error: can not find sources in $ac_confdir or .." 1>&2; exit 1; }
+  else
+    { echo "configure: error: can not find sources in $srcdir" 1>&2; exit 1; }
+  fi
+fi
+srcdir=`echo "${srcdir}" | sed 's%\([^/]\)/*$%\1%'`
+
+# Prefer explicitly selected file to automatically selected ones.
+if test -z "$CONFIG_SITE"; then
+  if test "x$prefix" != xNONE; then
+    CONFIG_SITE="$prefix/share/config.site $prefix/etc/config.site"
+  else
+    CONFIG_SITE="$ac_default_prefix/share/config.site $ac_default_prefix/etc/config.site"
+  fi
+fi
+for ac_site_file in $CONFIG_SITE; do
+  if test -r "$ac_site_file"; then
+    echo "loading site script $ac_site_file"
+    . "$ac_site_file"
+  fi
+done
+
+if test -r "$cache_file"; then
+  echo "loading cache $cache_file"
+  . $cache_file
+else
+  echo "creating cache $cache_file"
+  > $cache_file
+fi
+
+ac_ext=c
+# CFLAGS is not in ac_cpp because -g, -O, etc. are not valid cpp options.
+ac_cpp='$CPP $CPPFLAGS'
+ac_compile='${CC-cc} -c $CFLAGS $CPPFLAGS conftest.$ac_ext 1>&5'
+ac_link='${CC-cc} -o conftest $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS 1>&5'
+
+if (echo "testing\c"; echo 1,2,3) | grep c >/dev/null; then
+  # Stardent Vistra SVR4 grep lacks -e, says ghazi@caip.rutgers.edu.
+  if (echo -n testing; echo 1,2,3) | sed s/-n/xn/ | grep xn >/dev/null; then
+    ac_n= ac_c='
+' ac_t='	'
+  else
+    ac_n=-n ac_c= ac_t=
+  fi
+else
+  ac_n= ac_c='\c' ac_t=
+fi
+
+
+
+ac_aux_dir=
+for ac_dir in $srcdir $srcdir/.. $srcdir/../..; do
+  if test -f $ac_dir/install-sh; then
+    ac_aux_dir=$ac_dir
+    ac_install_sh="$ac_aux_dir/install-sh -c"
+    break
+  elif test -f $ac_dir/install.sh; then
+    ac_aux_dir=$ac_dir
+    ac_install_sh="$ac_aux_dir/install.sh -c"
+    break
+  fi
+done
+if test -z "$ac_aux_dir"; then
+  { echo "configure: error: can not find install-sh or install.sh in $srcdir $srcdir/.. $srcdir/../.." 1>&2; exit 1; }
+fi
+ac_config_guess=$ac_aux_dir/config.guess
+ac_config_sub=$ac_aux_dir/config.sub
+ac_configure=$ac_aux_dir/configure # This should be Cygnus configure.
+
+
+# Do some error checking and defaulting for the host and target type.
+# The inputs are:
+#    configure --host=HOST --target=TARGET --build=BUILD NONOPT
+#
+# The rules are:
+# 1. You are not allowed to specify --host, --target, and nonopt at the
+#    same time.
+# 2. Host defaults to nonopt.
+# 3. If nonopt is not specified, then host defaults to the current host,
+#    as determined by config.guess.
+# 4. Target and build default to nonopt.
+# 5. If nonopt is not specified, then target and build default to host.
+
+# The aliases save the names the user supplied, while $host etc.
+# will get canonicalized.
+case $host---$target---$nonopt in
+NONE---*---* | *---NONE---* | *---*---NONE) ;;
+*) { echo "configure: error: can only configure for one host and one target at a time" 1>&2; exit 1; } ;;
+esac
+
+
+# Make sure we can run config.sub.
+if $ac_config_sub sun4 >/dev/null 2>&1; then :
+else { echo "configure: error: can not run $ac_config_sub" 1>&2; exit 1; }
+fi
+
+echo $ac_n "checking host system type""... $ac_c" 1>&6
+
+host_alias=$host
+case "$host_alias" in
+NONE)
+  case $nonopt in
+  NONE)
+    if host_alias=`$ac_config_guess`; then :
+    else { echo "configure: error: can not guess host type; you must specify one" 1>&2; exit 1; }
+    fi ;;
+  *) host_alias=$nonopt ;;
+  esac ;;
+esac
+
+host=`$ac_config_sub $host_alias`
+host_cpu=`echo $host | sed 's/^\(.*\)-\(.*\)-\(.*\)$/\1/'`
+host_vendor=`echo $host | sed 's/^\(.*\)-\(.*\)-\(.*\)$/\2/'`
+host_os=`echo $host | sed 's/^\(.*\)-\(.*\)-\(.*\)$/\3/'`
+echo "$ac_t""$host" 1>&6
+
+echo $ac_n "checking target system type""... $ac_c" 1>&6
+
+target_alias=$target
+case "$target_alias" in
+NONE)
+  case $nonopt in
+  NONE) target_alias=$host_alias ;;
+  *) target_alias=$nonopt ;;
+  esac ;;
+esac
+
+target=`$ac_config_sub $target_alias`
+target_cpu=`echo $target | sed 's/^\(.*\)-\(.*\)-\(.*\)$/\1/'`
+target_vendor=`echo $target | sed 's/^\(.*\)-\(.*\)-\(.*\)$/\2/'`
+target_os=`echo $target | sed 's/^\(.*\)-\(.*\)-\(.*\)$/\3/'`
+echo "$ac_t""$target" 1>&6
+
+echo $ac_n "checking build system type""... $ac_c" 1>&6
+
+build_alias=$build
+case "$build_alias" in
+NONE)
+  case $nonopt in
+  NONE) build_alias=$host_alias ;;
+  *) build_alias=$nonopt ;;
+  esac ;;
+esac
+
+build=`$ac_config_sub $build_alias`
+build_cpu=`echo $build | sed 's/^\(.*\)-\(.*\)-\(.*\)$/\1/'`
+build_vendor=`echo $build | sed 's/^\(.*\)-\(.*\)-\(.*\)$/\2/'`
+build_os=`echo $build | sed 's/^\(.*\)-\(.*\)-\(.*\)$/\3/'`
+echo "$ac_t""$build" 1>&6
+
+test "$host_alias" != "$target_alias" &&
+  test "$program_prefix$program_suffix$program_transform_name" = \
+    NONENONEs,x,x, &&
+  program_prefix=${target_alias}-
+
+
+umask 002
+
+if test -z "$PWD" ; then
+	PWD=`pwd`
+fi
+
+V_CCOPT=-O
+    V_INCLS=""
+    if test -z "$CC" ; then
+	    case "$target_os" in
+
+	    bsdi*)
+		    # Extract the first word of "shlicc2", so it can be a program name with args.
+set dummy shlicc2; ac_word=$2
+echo $ac_n "checking for $ac_word""... $ac_c" 1>&6
+if eval "test \"`echo '$''{'ac_cv_prog_SHLICC2'+set}'`\" = set"; then
+  echo $ac_n "(cached) $ac_c" 1>&6
+else
+  if test -n "$SHLICC2"; then
+  ac_cv_prog_SHLICC2="$SHLICC2" # Let the user override the test.
+else
+  IFS="${IFS= 	}"; ac_save_ifs="$IFS"; IFS="${IFS}:"
+  for ac_dir in $PATH; do
+    test -z "$ac_dir" && ac_dir=.
+    if test -f $ac_dir/$ac_word; then
+      ac_cv_prog_SHLICC2="yes"
+      break
+    fi
+  done
+  IFS="$ac_save_ifs"
+  test -z "$ac_cv_prog_SHLICC2" && ac_cv_prog_SHLICC2="no"
+fi
+fi
+SHLICC2="$ac_cv_prog_SHLICC2"
+if test -n "$SHLICC2"; then
+  echo "$ac_t""$SHLICC2" 1>&6
+else
+  echo "$ac_t""no" 1>&6
+fi
+
+		    if test $SHLICC2 = yes ; then
+			    CC=shlicc2
+			    export CC
+		    fi
+		    ;;
+	    esac
+    fi
+    # Extract the first word of "gcc", so it can be a program name with args.
+set dummy gcc; ac_word=$2
+echo $ac_n "checking for $ac_word""... $ac_c" 1>&6
+if eval "test \"`echo '$''{'ac_cv_prog_CC'+set}'`\" = set"; then
+  echo $ac_n "(cached) $ac_c" 1>&6
+else
+  if test -n "$CC"; then
+  ac_cv_prog_CC="$CC" # Let the user override the test.
+else
+  IFS="${IFS= 	}"; ac_save_ifs="$IFS"; IFS="${IFS}:"
+  for ac_dir in $PATH; do
+    test -z "$ac_dir" && ac_dir=.
+    if test -f $ac_dir/$ac_word; then
+      ac_cv_prog_CC="gcc"
+      break
+    fi
+  done
+  IFS="$ac_save_ifs"
+fi
+fi
+CC="$ac_cv_prog_CC"
+if test -n "$CC"; then
+  echo "$ac_t""$CC" 1>&6
+else
+  echo "$ac_t""no" 1>&6
+fi
+
+if test -z "$CC"; then
+  # Extract the first word of "cc", so it can be a program name with args.
+set dummy cc; ac_word=$2
+echo $ac_n "checking for $ac_word""... $ac_c" 1>&6
+if eval "test \"`echo '$''{'ac_cv_prog_CC'+set}'`\" = set"; then
+  echo $ac_n "(cached) $ac_c" 1>&6
+else
+  if test -n "$CC"; then
+  ac_cv_prog_CC="$CC" # Let the user override the test.
+else
+  IFS="${IFS= 	}"; ac_save_ifs="$IFS"; IFS="${IFS}:"
+  ac_prog_rejected=no
+  for ac_dir in $PATH; do
+    test -z "$ac_dir" && ac_dir=.
+    if test -f $ac_dir/$ac_word; then
+      if test "$ac_dir/$ac_word" = "/usr/ucb/cc"; then
+        ac_prog_rejected=yes
+	continue
+      fi
+      ac_cv_prog_CC="cc"
+      break
+    fi
+  done
+  IFS="$ac_save_ifs"
+if test $ac_prog_rejected = yes; then
+  # We found a bogon in the path, so make sure we never use it.
+  set dummy $ac_cv_prog_CC
+  shift
+  if test $# -gt 0; then
+    # We chose a different compiler from the bogus one.
+    # However, it has the same basename, so the bogon will be chosen
+    # first if we set CC to just the basename; use the full file name.
+    shift
+    set dummy "$ac_dir/$ac_word" "$@"
+    shift
+    ac_cv_prog_CC="$@"
+  fi
+fi
+fi
+fi
+CC="$ac_cv_prog_CC"
+if test -n "$CC"; then
+  echo "$ac_t""$CC" 1>&6
+else
+  echo "$ac_t""no" 1>&6
+fi
+
+  test -z "$CC" && { echo "configure: error: no acceptable cc found in \$PATH" 1>&2; exit 1; }
+fi
+
+echo $ac_n "checking whether we are using GNU C""... $ac_c" 1>&6
+if eval "test \"`echo '$''{'ac_cv_prog_gcc'+set}'`\" = set"; then
+  echo $ac_n "(cached) $ac_c" 1>&6
+else
+  cat > conftest.c <<EOF
+#ifdef __GNUC__
+  yes;
+#endif
+EOF
+if { ac_try='${CC-cc} -E conftest.c'; { (eval echo configure:756: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }; } | egrep yes >/dev/null 2>&1; then
+  ac_cv_prog_gcc=yes
+else
+  ac_cv_prog_gcc=no
+fi
+fi
+
+echo "$ac_t""$ac_cv_prog_gcc" 1>&6
+if test $ac_cv_prog_gcc = yes; then
+  GCC=yes
+  if test "${CFLAGS+set}" != set; then
+    echo $ac_n "checking whether ${CC-cc} accepts -g""... $ac_c" 1>&6
+if eval "test \"`echo '$''{'ac_cv_prog_gcc_g'+set}'`\" = set"; then
+  echo $ac_n "(cached) $ac_c" 1>&6
+else
+  echo 'void f(){}' > conftest.c
+if test -z "`${CC-cc} -g -c conftest.c 2>&1`"; then
+  ac_cv_prog_gcc_g=yes
+else
+  ac_cv_prog_gcc_g=no
+fi
+rm -f conftest*
+
+fi
+
+echo "$ac_t""$ac_cv_prog_gcc_g" 1>&6
+    if test $ac_cv_prog_gcc_g = yes; then
+      CFLAGS="-g -O"
+    else
+      CFLAGS="-O"
+    fi
+  fi
+else
+  GCC=
+  test "${CFLAGS+set}" = set || CFLAGS="-g"
+fi
+
+    if test $ac_cv_prog_gcc = yes ; then
+	    if test "$SHLICC2" = yes ; then
+		    ac_cv_gcc_vers=2
+		    V_CCOPT=-O2
+	    else
+		    echo $ac_n "checking gcc version""... $ac_c" 1>&6
+		    if eval "test \"`echo '$''{'ac_cv_gcc_vers'+set}'`\" = set"; then
+  echo $ac_n "(cached) $ac_c" 1>&6
+else
+  ac_cv_gcc_vers=`$CC -v 2>&1 | \
+			    sed -n -e '$s/.* //' -e '$s/\..*//p'`
+fi
+
+		    echo "$ac_t""$ac_cv_gcc_vers" 1>&6
+		    if test $ac_cv_gcc_vers -gt 1 ; then
+			    V_CCOPT=-O2
+		    fi
+	    fi
+    else
+	    echo $ac_n "checking that $CC handles ansi prototypes""... $ac_c" 1>&6
+	    if eval "test \"`echo '$''{'ac_cv_cc_ansi_prototypes'+set}'`\" = set"; then
+  echo $ac_n "(cached) $ac_c" 1>&6
+else
+  cat > conftest.$ac_ext <<EOF
+#line 817 "configure"
+#include "confdefs.h"
+#include <sys/types.h>
+int main() { return 0; }
+int t() {
+int frob(int, char *)
+; return 0; }
+EOF
+if { (eval echo configure:825: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+  rm -rf conftest*
+  ac_cv_cc_ansi_prototypes=yes
+else
+  rm -rf conftest*
+  ac_cv_cc_ansi_prototypes=no
+fi
+rm -f conftest*
+
+fi
+
+	    echo "$ac_t""$ac_cv_cc_ansi_prototypes" 1>&6
+	    if test $ac_cv_cc_ansi_prototypes = no ; then
+		    case "$target_os" in
+
+		    hpux*)
+			    echo $ac_n "checking for HP-UX ansi compiler ($CC -Aa -D_HPUX_SOURCE)""... $ac_c" 1>&6
+			    savedcflags="$CFLAGS"
+			    CFLAGS="-Aa -D_HPUX_SOURCE $CFLAGS"
+			    if eval "test \"`echo '$''{'ac_cv_cc_hpux_cc_aa'+set}'`\" = set"; then
+  echo $ac_n "(cached) $ac_c" 1>&6
+else
+  cat > conftest.$ac_ext <<EOF
+#line 848 "configure"
+#include "confdefs.h"
+#include <sys/types.h>
+int main() { return 0; }
+int t() {
+int frob(int, char *)
+; return 0; }
+EOF
+if { (eval echo configure:856: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+  rm -rf conftest*
+  ac_cv_cc_hpux_cc_aa=yes
+else
+  rm -rf conftest*
+  ac_cv_cc_hpux_cc_aa=no
+fi
+rm -f conftest*
+
+fi
+
+			    echo "$ac_t""$ac_cv_cc_hpux_cc_aa" 1>&6
+			    if test $ac_cv_cc_hpux_cc_aa = no ; then
+				    { echo "configure: error: see the INSTALL for more info" 1>&2; exit 1; }
+			    fi
+			    CFLAGS="$savedcflags"
+			    V_CCOPT="-Aa $V_CCOPT"
+			    cat >> confdefs.h <<\EOF
+#define _HPUX_SOURCE 1
+EOF
+
+			    ;;
+
+		    sni*)
+			    echo $ac_n "checking for SINIX ansi compiler ($CC -kansi)""... $ac_c" 1>&6
+			    savedcflags="$CFLAGS"
+			    CFLAGS="-kansi"
+			    if eval "test \"`echo '$''{'ac_cv_cc_sinix_kansi'+set}'`\" = set"; then
+  echo $ac_n "(cached) $ac_c" 1>&6
+else
+  cat > conftest.$ac_ext <<EOF
+#line 887 "configure"
+#include "confdefs.h"
+#include <sys/types.h>
+int main() { return 0; }
+int t() {
+int frob(int, char *)
+; return 0; }
+EOF
+if { (eval echo configure:895: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+  rm -rf conftest*
+  ac_cv_cc_sinix_kansi=yes
+else
+  rm -rf conftest*
+  ac_cv_cc_sinix_kansi=no
+fi
+rm -f conftest*
+
+fi
+
+			    echo "$ac_t""$ac_cv_cc_sinix_kansi" 1>&6
+			    if test $ac_cv_cc_sinix_kansi = no ; then
+				    { echo "configure: error: see the INSTALL for more info" 1>&2; exit 1; }
+			    fi
+			    CFLAGS="$savedcflags"
+			    V_CCOPT="-kansi $V_CCOPT"
+			    ;;
+
+		    *)
+			    { echo "configure: error: see the INSTALL for more info" 1>&2; exit 1; }
+			    ;;
+		    esac
+	    fi
+	    V_INCLS=-I/usr/local/include
+
+	    case "$target_os" in
+
+	    irix*)
+		    V_CCOPT="$V_CCOPT -xansi -signed -g3"
+		    ;;
+
+	    osf*)
+		    V_CCOPT="$V_CCOPT -g3"
+		    ;;
+
+	    ultrix*)
+		    echo $ac_n "checking that Ultrix $CC hacks const in prototypes""... $ac_c" 1>&6
+		    if eval "test \"`echo '$''{'ac_cv_cc_const_proto'+set}'`\" = set"; then
+  echo $ac_n "(cached) $ac_c" 1>&6
+else
+  cat > conftest.$ac_ext <<EOF
+#line 937 "configure"
+#include "confdefs.h"
+#include <sys/types.h>
+int main() { return 0; }
+int t() {
+struct a { int b; };
+			    void c(const struct a *)
+; return 0; }
+EOF
+if { (eval echo configure:946: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+  rm -rf conftest*
+  ac_cv_cc_const_proto=yes
+else
+  rm -rf conftest*
+  ac_cv_cc_const_proto=no
+fi
+rm -f conftest*
+
+fi
+
+		    echo "$ac_t""$ac_cv_cc_const_proto" 1>&6
+		    if test $ac_cv_cc_const_proto = no ; then
+			    cat >> confdefs.h <<\EOF
+#define const 
+EOF
+
+		    fi
+		    ;;
+	    esac
+    fi
+
+
+echo $ac_n "checking how to run the C preprocessor""... $ac_c" 1>&6
+# On Suns, sometimes $CPP names a directory.
+if test -n "$CPP" && test -d "$CPP"; then
+  CPP=
+fi
+if test -z "$CPP"; then
+if eval "test \"`echo '$''{'ac_cv_prog_CPP'+set}'`\" = set"; then
+  echo $ac_n "(cached) $ac_c" 1>&6
+else
+    # This must be in double quotes, not single quotes, because CPP may get
+  # substituted into the Makefile and "${CC-cc}" will confuse make.
+  CPP="${CC-cc} -E"
+  # On the NeXT, cc -E runs the code through the compiler's parser,
+  # not just through cpp.
+  cat > conftest.$ac_ext <<EOF
+#line 984 "configure"
+#include "confdefs.h"
+#include <assert.h>
+Syntax Error
+EOF
+ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
+{ (eval echo configure:990: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
+ac_err=`grep -v '^ *+' conftest.out`
+if test -z "$ac_err"; then
+  :
+else
+  echo "$ac_err" >&5
+  rm -rf conftest*
+  CPP="${CC-cc} -E -traditional-cpp"
+  cat > conftest.$ac_ext <<EOF
+#line 999 "configure"
+#include "confdefs.h"
+#include <assert.h>
+Syntax Error
+EOF
+ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
+{ (eval echo configure:1005: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
+ac_err=`grep -v '^ *+' conftest.out`
+if test -z "$ac_err"; then
+  :
+else
+  echo "$ac_err" >&5
+  rm -rf conftest*
+  CPP=/lib/cpp
+fi
+rm -f conftest*
+fi
+rm -f conftest*
+  ac_cv_prog_CPP="$CPP"
+fi
+  CPP="$ac_cv_prog_CPP"
+else
+  ac_cv_prog_CPP="$CPP"
+fi
+echo "$ac_t""$CPP" 1>&6
+
+for ac_hdr in fcntl.h net/slip.h rpc/rpcent.h
+do
+ac_safe=`echo "$ac_hdr" | tr './\055' '___'`
+echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6
+if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then
+  echo $ac_n "(cached) $ac_c" 1>&6
+else
+  cat > conftest.$ac_ext <<EOF
+#line 1033 "configure"
+#include "confdefs.h"
+#include <$ac_hdr>
+EOF
+ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
+{ (eval echo configure:1038: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
+ac_err=`grep -v '^ *+' conftest.out`
+if test -z "$ac_err"; then
+  rm -rf conftest*
+  eval "ac_cv_header_$ac_safe=yes"
+else
+  echo "$ac_err" >&5
+  rm -rf conftest*
+  eval "ac_cv_header_$ac_safe=no"
+fi
+rm -f conftest*
+fi
+if eval "test \"`echo '$ac_cv_header_'$ac_safe`\" = yes"; then
+  echo "$ac_t""yes" 1>&6
+    ac_tr_hdr=HAVE_`echo $ac_hdr | tr 'abcdefghijklmnopqrstuvwxyz./\055' 'ABCDEFGHIJKLMNOPQRSTUVWXYZ___'`
+  cat >> confdefs.h <<EOF
+#define $ac_tr_hdr 1
+EOF
+ 
+else
+  echo "$ac_t""no" 1>&6
+fi
+done
+
+echo $ac_n "checking whether time.h and sys/time.h may both be included""... $ac_c" 1>&6
+if eval "test \"`echo '$''{'ac_cv_header_time'+set}'`\" = set"; then
+  echo $ac_n "(cached) $ac_c" 1>&6
+else
+  cat > conftest.$ac_ext <<EOF
+#line 1067 "configure"
+#include "confdefs.h"
+#include <sys/types.h>
+#include <sys/time.h>
+#include <time.h>
+int main() { return 0; }
+int t() {
+struct tm *tp;
+; return 0; }
+EOF
+if { (eval echo configure:1077: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+  rm -rf conftest*
+  ac_cv_header_time=yes
+else
+  rm -rf conftest*
+  ac_cv_header_time=no
+fi
+rm -f conftest*
+
+fi
+
+echo "$ac_t""$ac_cv_header_time" 1>&6
+if test $ac_cv_header_time = yes; then
+  cat >> confdefs.h <<\EOF
+#define TIME_WITH_SYS_TIME 1
+EOF
+
+fi
+
+
+for ac_func in vfprintf strcasecmp
+do
+echo $ac_n "checking for $ac_func""... $ac_c" 1>&6
+if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then
+  echo $ac_n "(cached) $ac_c" 1>&6
+else
+  cat > conftest.$ac_ext <<EOF
+#line 1104 "configure"
+#include "confdefs.h"
+/* System header to define __stub macros and hopefully few prototypes,
+    which can conflict with char $ac_func(); below.  */
+#include <assert.h>
+/* Override any gcc2 internal prototype to avoid an error.  */
+/* We use char because int might match the return type of a gcc2
+    builtin and then its argument prototype would still apply.  */
+char $ac_func();
+
+int main() { return 0; }
+int t() {
+
+/* The GNU C library defines this for functions which it implements
+    to always fail with ENOSYS.  Some functions are actually named
+    something starting with __ and the normal name is an alias.  */
+#if defined (__stub_$ac_func) || defined (__stub___$ac_func)
+choke me
+#else
+$ac_func();
+#endif
+
+; return 0; }
+EOF
+if { (eval echo configure:1128: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; }; then
+  rm -rf conftest*
+  eval "ac_cv_func_$ac_func=yes"
+else
+  rm -rf conftest*
+  eval "ac_cv_func_$ac_func=no"
+fi
+rm -f conftest*
+
+fi
+if eval "test \"`echo '$ac_cv_func_'$ac_func`\" = yes"; then
+  echo "$ac_t""yes" 1>&6
+  :
+else
+  echo "$ac_t""no" 1>&6
+LIBOBJS="$LIBOBJS ${ac_func}.o"
+fi
+
+done
+
+for ac_func in ether_ntoa setlinebuf
+do
+echo $ac_n "checking for $ac_func""... $ac_c" 1>&6
+if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then
+  echo $ac_n "(cached) $ac_c" 1>&6
+else
+  cat > conftest.$ac_ext <<EOF
+#line 1155 "configure"
+#include "confdefs.h"
+/* System header to define __stub macros and hopefully few prototypes,
+    which can conflict with char $ac_func(); below.  */
+#include <assert.h>
+/* Override any gcc2 internal prototype to avoid an error.  */
+/* We use char because int might match the return type of a gcc2
+    builtin and then its argument prototype would still apply.  */
+char $ac_func();
+
+int main() { return 0; }
+int t() {
+
+/* The GNU C library defines this for functions which it implements
+    to always fail with ENOSYS.  Some functions are actually named
+    something starting with __ and the normal name is an alias.  */
+#if defined (__stub_$ac_func) || defined (__stub___$ac_func)
+choke me
+#else
+$ac_func();
+#endif
+
+; return 0; }
+EOF
+if { (eval echo configure:1179: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; }; then
+  rm -rf conftest*
+  eval "ac_cv_func_$ac_func=yes"
+else
+  rm -rf conftest*
+  eval "ac_cv_func_$ac_func=no"
+fi
+rm -f conftest*
+
+fi
+if eval "test \"`echo '$ac_cv_func_'$ac_func`\" = yes"; then
+  echo "$ac_t""yes" 1>&6
+    ac_tr_func=HAVE_`echo $ac_func | tr 'abcdefghijklmnopqrstuvwxyz' 'ABCDEFGHIJKLMNOPQRSTUVWXYZ'`
+  cat >> confdefs.h <<EOF
+#define $ac_tr_func 1
+EOF
+ 
+else
+  echo "$ac_t""no" 1>&6
+fi
+done
+
+
+echo $ac_n "checking for -ldnet""... $ac_c" 1>&6
+ac_lib_var=`echo dnet'_'main | tr './+\055' '__p_'`
+if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then
+  echo $ac_n "(cached) $ac_c" 1>&6
+else
+  ac_save_LIBS="$LIBS"
+LIBS="-ldnet  $LIBS"
+cat > conftest.$ac_ext <<EOF
+#line 1210 "configure"
+#include "confdefs.h"
+
+int main() { return 0; }
+int t() {
+main()
+; return 0; }
+EOF
+if { (eval echo configure:1218: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; }; then
+  rm -rf conftest*
+  eval "ac_cv_lib_$ac_lib_var=yes"
+else
+  rm -rf conftest*
+  eval "ac_cv_lib_$ac_lib_var=no"
+fi
+rm -f conftest*
+LIBS="$ac_save_LIBS"
+
+fi
+if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then
+  echo "$ac_t""yes" 1>&6
+    ac_tr_lib=HAVE_LIB`echo dnet | tr 'abcdefghijklmnopqrstuvwxyz' 'ABCDEFGHIJKLMNOPQRSTUVWXYZ'`
+  cat >> confdefs.h <<EOF
+#define $ac_tr_lib 1
+EOF
+
+  LIBS="-ldnet $LIBS"
+
+else
+  echo "$ac_t""no" 1>&6
+fi
+
+echo $ac_n "checking for -lrpc""... $ac_c" 1>&6
+ac_lib_var=`echo rpc'_'main | tr './+\055' '__p_'`
+if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then
+  echo $ac_n "(cached) $ac_c" 1>&6
+else
+  ac_save_LIBS="$LIBS"
+LIBS="-lrpc  $LIBS"
+cat > conftest.$ac_ext <<EOF
+#line 1250 "configure"
+#include "confdefs.h"
+
+int main() { return 0; }
+int t() {
+main()
+; return 0; }
+EOF
+if { (eval echo configure:1258: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; }; then
+  rm -rf conftest*
+  eval "ac_cv_lib_$ac_lib_var=yes"
+else
+  rm -rf conftest*
+  eval "ac_cv_lib_$ac_lib_var=no"
+fi
+rm -f conftest*
+LIBS="$ac_save_LIBS"
+
+fi
+if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then
+  echo "$ac_t""yes" 1>&6
+    ac_tr_lib=HAVE_LIB`echo rpc | tr 'abcdefghijklmnopqrstuvwxyz' 'ABCDEFGHIJKLMNOPQRSTUVWXYZ'`
+  cat >> confdefs.h <<EOF
+#define $ac_tr_lib 1
+EOF
+
+  LIBS="-lrpc $LIBS"
+
+else
+  echo "$ac_t""no" 1>&6
+fi
+
+echo $ac_n "checking for -lnsl""... $ac_c" 1>&6
+ac_lib_var=`echo nsl'_'main | tr './+\055' '__p_'`
+if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then
+  echo $ac_n "(cached) $ac_c" 1>&6
+else
+  ac_save_LIBS="$LIBS"
+LIBS="-lnsl  $LIBS"
+cat > conftest.$ac_ext <<EOF
+#line 1290 "configure"
+#include "confdefs.h"
+
+int main() { return 0; }
+int t() {
+main()
+; return 0; }
+EOF
+if { (eval echo configure:1298: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; }; then
+  rm -rf conftest*
+  eval "ac_cv_lib_$ac_lib_var=yes"
+else
+  rm -rf conftest*
+  eval "ac_cv_lib_$ac_lib_var=no"
+fi
+rm -f conftest*
+LIBS="$ac_save_LIBS"
+
+fi
+if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then
+  echo "$ac_t""yes" 1>&6
+    ac_tr_lib=HAVE_LIB`echo nsl | tr 'abcdefghijklmnopqrstuvwxyz' 'ABCDEFGHIJKLMNOPQRSTUVWXYZ'`
+  cat >> confdefs.h <<EOF
+#define $ac_tr_lib 1
+EOF
+
+  LIBS="-lnsl $LIBS"
+
+else
+  echo "$ac_t""no" 1>&6
+fi
+
+echo $ac_n "checking for -lstr""... $ac_c" 1>&6
+ac_lib_var=`echo str'_'main | tr './+\055' '__p_'`
+if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then
+  echo $ac_n "(cached) $ac_c" 1>&6
+else
+  ac_save_LIBS="$LIBS"
+LIBS="-lstr  $LIBS"
+cat > conftest.$ac_ext <<EOF
+#line 1330 "configure"
+#include "confdefs.h"
+
+int main() { return 0; }
+int t() {
+main()
+; return 0; }
+EOF
+if { (eval echo configure:1338: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; }; then
+  rm -rf conftest*
+  eval "ac_cv_lib_$ac_lib_var=yes"
+else
+  rm -rf conftest*
+  eval "ac_cv_lib_$ac_lib_var=no"
+fi
+rm -f conftest*
+LIBS="$ac_save_LIBS"
+
+fi
+if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then
+  echo "$ac_t""yes" 1>&6
+    ac_tr_lib=HAVE_LIB`echo str | tr 'abcdefghijklmnopqrstuvwxyz' 'ABCDEFGHIJKLMNOPQRSTUVWXYZ'`
+  cat >> confdefs.h <<EOF
+#define $ac_tr_lib 1
+EOF
+
+  LIBS="-lstr $LIBS"
+
+else
+  echo "$ac_t""no" 1>&6
+fi
+
+
+case "$target_os" in
+irix5.0*)
+	;;
+
+irix5.1*)
+	;;
+
+irix5.2*)
+	;;
+
+*)
+	echo $ac_n "checking for -lsocket""... $ac_c" 1>&6
+ac_lib_var=`echo socket'_'main | tr './+\055' '__p_'`
+if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then
+  echo $ac_n "(cached) $ac_c" 1>&6
+else
+  ac_save_LIBS="$LIBS"
+LIBS="-lsocket  $LIBS"
+cat > conftest.$ac_ext <<EOF
+#line 1382 "configure"
+#include "confdefs.h"
+
+int main() { return 0; }
+int t() {
+main()
+; return 0; }
+EOF
+if { (eval echo configure:1390: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; }; then
+  rm -rf conftest*
+  eval "ac_cv_lib_$ac_lib_var=yes"
+else
+  rm -rf conftest*
+  eval "ac_cv_lib_$ac_lib_var=no"
+fi
+rm -f conftest*
+LIBS="$ac_save_LIBS"
+
+fi
+if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then
+  echo "$ac_t""yes" 1>&6
+    ac_tr_lib=HAVE_LIB`echo socket | tr 'abcdefghijklmnopqrstuvwxyz' 'ABCDEFGHIJKLMNOPQRSTUVWXYZ'`
+  cat >> confdefs.h <<EOF
+#define $ac_tr_lib 1
+EOF
+
+  LIBS="-lsocket $LIBS"
+
+else
+  echo "$ac_t""no" 1>&6
+fi
+
+	;;
+esac
+
+pfopen=/usr/examples/packetfilter/pfopen.c
+    if test -f $pfopen ; then
+	    for ac_func in pfopen
+do
+echo $ac_n "checking for $ac_func""... $ac_c" 1>&6
+if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then
+  echo $ac_n "(cached) $ac_c" 1>&6
+else
+  cat > conftest.$ac_ext <<EOF
+#line 1426 "configure"
+#include "confdefs.h"
+/* System header to define __stub macros and hopefully few prototypes,
+    which can conflict with char $ac_func(); below.  */
+#include <assert.h>
+/* Override any gcc2 internal prototype to avoid an error.  */
+/* We use char because int might match the return type of a gcc2
+    builtin and then its argument prototype would still apply.  */
+char $ac_func();
+
+int main() { return 0; }
+int t() {
+
+/* The GNU C library defines this for functions which it implements
+    to always fail with ENOSYS.  Some functions are actually named
+    something starting with __ and the normal name is an alias.  */
+#if defined (__stub_$ac_func) || defined (__stub___$ac_func)
+choke me
+#else
+$ac_func();
+#endif
+
+; return 0; }
+EOF
+if { (eval echo configure:1450: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; }; then
+  rm -rf conftest*
+  eval "ac_cv_func_$ac_func=yes"
+else
+  rm -rf conftest*
+  eval "ac_cv_func_$ac_func=no"
+fi
+rm -f conftest*
+
+fi
+if eval "test \"`echo '$ac_cv_func_'$ac_func`\" = yes"; then
+  echo "$ac_t""yes" 1>&6
+    ac_tr_func=HAVE_`echo $ac_func | tr 'abcdefghijklmnopqrstuvwxyz' 'ABCDEFGHIJKLMNOPQRSTUVWXYZ'`
+  cat >> confdefs.h <<EOF
+#define $ac_tr_func 1
+EOF
+ 
+else
+  echo "$ac_t""no" 1>&6
+fi
+done
+
+	    if test $ac_cv_func_pfopen = "no" ; then
+		    echo "$ac_t""Using $pfopen" 1>&6
+		    LIBS="$LIBS $pfopen"
+	    fi
+    fi
+    echo $ac_n "checking for local pcap library""... $ac_c" 1>&6
+    libpcap=FAIL
+    places=`ls .. | sed -e 's,/$,,' -e 's,^,../,' | \
+	egrep '/libpcap-[0-9]*\.[0-9]*(\.[0-9]*)?([ab][0-9]*)?$'`
+    for dir in ../libpcap $places libpcap ; do
+	    if test -r $dir/pcap.c ; then
+		    libpcap=$dir/libpcap.a
+		    d=$dir
+		    	    fi
+    done
+    if test $libpcap = FAIL ; then
+	    echo "$ac_t""not found" 1>&6
+	    echo $ac_n "checking for -lpcap""... $ac_c" 1>&6
+ac_lib_var=`echo pcap'_'main | tr './+\055' '__p_'`
+if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then
+  echo $ac_n "(cached) $ac_c" 1>&6
+else
+  ac_save_LIBS="$LIBS"
+LIBS="-lpcap  $LIBS"
+cat > conftest.$ac_ext <<EOF
+#line 1497 "configure"
+#include "confdefs.h"
+
+int main() { return 0; }
+int t() {
+main()
+; return 0; }
+EOF
+if { (eval echo configure:1505: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; }; then
+  rm -rf conftest*
+  eval "ac_cv_lib_$ac_lib_var=yes"
+else
+  rm -rf conftest*
+  eval "ac_cv_lib_$ac_lib_var=no"
+fi
+rm -f conftest*
+LIBS="$ac_save_LIBS"
+
+fi
+if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then
+  echo "$ac_t""yes" 1>&6
+  libpcap="-lpcap"
+else
+  echo "$ac_t""no" 1>&6
+fi
+
+	    if test $libpcap = FAIL ; then
+		    { echo "configure: error: see the INSTALL doc for more info" 1>&2; exit 1; }
+	    fi
+    else
+	    V_PCAPDEP=$libpcap
+	    V_INCLS="-I$d $V_INCLS"
+	    echo "$ac_t""$libpcap" 1>&6
+    fi
+    LIBS="$libpcap $LIBS"
+
+V_GROUP=0
+case "$target_os" in
+
+aix*)
+		cat >> confdefs.h <<\EOF
+#define _SUN 1
+EOF
+
+	;;
+
+irix*)
+	V_GROUP=sys
+	;;
+
+osf*)
+	V_GROUP=system
+	case "$target_os" in
+
+	osf3*)
+				cat >> confdefs.h <<\EOF
+#define __STDC__ 2
+EOF
+
+		;;
+	esac
+	;;
+
+solaris*)
+	V_GROUP=sys
+	;;
+esac
+
+if test -f /dev/bpf0 ; then
+	V_GROUP=bpf
+fi
+
+# If we cannot run a trivial program, we must be cross compiling.
+echo $ac_n "checking whether cross-compiling""... $ac_c" 1>&6
+if eval "test \"`echo '$''{'ac_cv_c_cross'+set}'`\" = set"; then
+  echo $ac_n "(cached) $ac_c" 1>&6
+else
+  if test "$cross_compiling" = yes; then
+  ac_cv_c_cross=yes
+else
+cat > conftest.$ac_ext <<EOF
+#line 1578 "configure"
+#include "confdefs.h"
+main(){return(0);}
+EOF
+{ (eval echo configure:1582: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; }
+if test -s conftest && (./conftest; exit) 2>/dev/null; then
+  ac_cv_c_cross=no
+else
+  ac_cv_c_cross=yes
+fi
+fi
+rm -fr conftest*
+fi
+
+echo "$ac_t""$ac_cv_c_cross" 1>&6
+cross_compiling=$ac_cv_c_cross
+
+echo $ac_n "checking for ANSI C header files""... $ac_c" 1>&6
+if eval "test \"`echo '$''{'ac_cv_header_stdc'+set}'`\" = set"; then
+  echo $ac_n "(cached) $ac_c" 1>&6
+else
+  cat > conftest.$ac_ext <<EOF
+#line 1600 "configure"
+#include "confdefs.h"
+#include <stdlib.h>
+#include <stdarg.h>
+#include <string.h>
+#include <float.h>
+EOF
+ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
+{ (eval echo configure:1608: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
+ac_err=`grep -v '^ *+' conftest.out`
+if test -z "$ac_err"; then
+  rm -rf conftest*
+  ac_cv_header_stdc=yes
+else
+  echo "$ac_err" >&5
+  rm -rf conftest*
+  ac_cv_header_stdc=no
+fi
+rm -f conftest*
+
+if test $ac_cv_header_stdc = yes; then
+  # SunOS 4.x string.h does not declare mem*, contrary to ANSI.
+cat > conftest.$ac_ext <<EOF
+#line 1623 "configure"
+#include "confdefs.h"
+#include <string.h>
+EOF
+if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
+  egrep "memchr" >/dev/null 2>&1; then
+  :
+else
+  rm -rf conftest*
+  ac_cv_header_stdc=no
+fi
+rm -f conftest*
+
+fi
+
+if test $ac_cv_header_stdc = yes; then
+  # ISC 2.0.2 stdlib.h does not declare free, contrary to ANSI.
+cat > conftest.$ac_ext <<EOF
+#line 1641 "configure"
+#include "confdefs.h"
+#include <stdlib.h>
+EOF
+if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
+  egrep "free" >/dev/null 2>&1; then
+  :
+else
+  rm -rf conftest*
+  ac_cv_header_stdc=no
+fi
+rm -f conftest*
+
+fi
+
+if test $ac_cv_header_stdc = yes; then
+  # /bin/cc in Irix-4.0.5 gets non-ANSI ctype macros unless using -ansi.
+if test "$cross_compiling" = yes; then
+  :
+else
+cat > conftest.$ac_ext <<EOF
+#line 1662 "configure"
+#include "confdefs.h"
+#include <ctype.h>
+#define ISLOWER(c) ('a' <= (c) && (c) <= 'z')
+#define TOUPPER(c) (ISLOWER(c) ? 'A' + ((c) - 'a') : (c))
+#define XOR(e, f) (((e) && !(f)) || (!(e) && (f)))
+int main () { int i; for (i = 0; i < 256; i++)
+if (XOR (islower (i), ISLOWER (i)) || toupper (i) != TOUPPER (i)) exit(2);
+exit (0); }
+
+EOF
+{ (eval echo configure:1673: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; }
+if test -s conftest && (./conftest; exit) 2>/dev/null; then
+  :
+else
+  ac_cv_header_stdc=no
+fi
+fi
+rm -fr conftest*
+fi
+fi
+
+echo "$ac_t""$ac_cv_header_stdc" 1>&6
+if test $ac_cv_header_stdc = yes; then
+  cat >> confdefs.h <<\EOF
+#define STDC_HEADERS 1
+EOF
+
+fi
+
+echo $ac_n "checking for int32_t""... $ac_c" 1>&6
+if eval "test \"`echo '$''{'ac_cv_type_int32_t'+set}'`\" = set"; then
+  echo $ac_n "(cached) $ac_c" 1>&6
+else
+  cat > conftest.$ac_ext <<EOF
+#line 1697 "configure"
+#include "confdefs.h"
+#include <sys/types.h>
+#if STDC_HEADERS
+#include <stdlib.h>
+#endif
+EOF
+if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
+  egrep "int32_t" >/dev/null 2>&1; then
+  rm -rf conftest*
+  ac_cv_type_int32_t=yes
+else
+  rm -rf conftest*
+  ac_cv_type_int32_t=no
+fi
+rm -f conftest*
+
+fi
+echo "$ac_t""$ac_cv_type_int32_t" 1>&6
+if test $ac_cv_type_int32_t = no; then
+  cat >> confdefs.h <<\EOF
+#define int32_t int
+EOF
+
+fi
+
+echo $ac_n "checking for u_int32_t""... $ac_c" 1>&6
+if eval "test \"`echo '$''{'ac_cv_type_u_int32_t'+set}'`\" = set"; then
+  echo $ac_n "(cached) $ac_c" 1>&6
+else
+  cat > conftest.$ac_ext <<EOF
+#line 1728 "configure"
+#include "confdefs.h"
+#include <sys/types.h>
+#if STDC_HEADERS
+#include <stdlib.h>
+#endif
+EOF
+if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
+  egrep "u_int32_t" >/dev/null 2>&1; then
+  rm -rf conftest*
+  ac_cv_type_u_int32_t=yes
+else
+  rm -rf conftest*
+  ac_cv_type_u_int32_t=no
+fi
+rm -f conftest*
+
+fi
+echo "$ac_t""$ac_cv_type_u_int32_t" 1>&6
+if test $ac_cv_type_u_int32_t = no; then
+  cat >> confdefs.h <<\EOF
+#define u_int32_t u_int
+EOF
+
+fi
+
+
+echo $ac_n "checking return type of signal handlers""... $ac_c" 1>&6
+if eval "test \"`echo '$''{'ac_cv_type_signal'+set}'`\" = set"; then
+  echo $ac_n "(cached) $ac_c" 1>&6
+else
+  cat > conftest.$ac_ext <<EOF
+#line 1760 "configure"
+#include "confdefs.h"
+#include <sys/types.h>
+#include <signal.h>
+#ifdef signal
+#undef signal
+#endif
+#ifdef __cplusplus
+extern "C" void (*signal (int, void (*)(int)))(int);
+#else
+void (*signal ()) ();
+#endif
+
+int main() { return 0; }
+int t() {
+int i;
+; return 0; }
+EOF
+if { (eval echo configure:1778: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+  rm -rf conftest*
+  ac_cv_type_signal=void
+else
+  rm -rf conftest*
+  ac_cv_type_signal=int
+fi
+rm -f conftest*
+
+fi
+
+echo "$ac_t""$ac_cv_type_signal" 1>&6
+cat >> confdefs.h <<EOF
+#define RETSIGTYPE $ac_cv_type_signal
+EOF
+
+
+    if test "$ac_cv_type_signal" = void ; then
+	    cat >> confdefs.h <<\EOF
+#define RETSIGVAL 
+EOF
+
+    else
+	    cat >> confdefs.h <<\EOF
+#define RETSIGVAL (0)
+EOF
+
+    fi
+    case "$target_os" in
+
+    irix*)
+	    cat >> confdefs.h <<\EOF
+#define _BSD_SIGNALS 1
+EOF
+
+	    ;;
+
+    *)
+	    for ac_func in sigset
+do
+echo $ac_n "checking for $ac_func""... $ac_c" 1>&6
+if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then
+  echo $ac_n "(cached) $ac_c" 1>&6
+else
+  cat > conftest.$ac_ext <<EOF
+#line 1823 "configure"
+#include "confdefs.h"
+/* System header to define __stub macros and hopefully few prototypes,
+    which can conflict with char $ac_func(); below.  */
+#include <assert.h>
+/* Override any gcc2 internal prototype to avoid an error.  */
+/* We use char because int might match the return type of a gcc2
+    builtin and then its argument prototype would still apply.  */
+char $ac_func();
+
+int main() { return 0; }
+int t() {
+
+/* The GNU C library defines this for functions which it implements
+    to always fail with ENOSYS.  Some functions are actually named
+    something starting with __ and the normal name is an alias.  */
+#if defined (__stub_$ac_func) || defined (__stub___$ac_func)
+choke me
+#else
+$ac_func();
+#endif
+
+; return 0; }
+EOF
+if { (eval echo configure:1847: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; }; then
+  rm -rf conftest*
+  eval "ac_cv_func_$ac_func=yes"
+else
+  rm -rf conftest*
+  eval "ac_cv_func_$ac_func=no"
+fi
+rm -f conftest*
+
+fi
+if eval "test \"`echo '$ac_cv_func_'$ac_func`\" = yes"; then
+  echo "$ac_t""yes" 1>&6
+    ac_tr_func=HAVE_`echo $ac_func | tr 'abcdefghijklmnopqrstuvwxyz' 'ABCDEFGHIJKLMNOPQRSTUVWXYZ'`
+  cat >> confdefs.h <<EOF
+#define $ac_tr_func 1
+EOF
+ 
+else
+  echo "$ac_t""no" 1>&6
+fi
+done
+
+	    if test $ac_cv_func_sigset = yes ; then
+		    cat >> confdefs.h <<\EOF
+#define signal sigset
+EOF
+
+	    fi
+	    ;;
+    esac
+
+rm -f os-proto.h
+    if test $ac_cv_prog_gcc = yes -a -f .devel ; then
+	    if test $ac_cv_prog_gcc_g = yes ; then
+		    V_CCOPT="-g $V_CCOPT"
+	    fi
+	    V_CCOPT="$V_CCOPT -Wall"
+	    if test $ac_cv_gcc_vers -gt 1 ; then
+		    V_CCOPT="$V_CCOPT -Wmissing-prototypes -Wstrict-prototypes"
+	    fi
+	    os=`echo $target_os | sed -e 's/\([0-9]\)[0-9.][0-9.]*$/\1/'`
+	    name="lbl/os-$os.h"
+	    if test -f $name ; then
+		    ln -s $name os-proto.h
+		    cat >> confdefs.h <<\EOF
+#define HAVE_OS_PROTO_H 1
+EOF
+
+	    else
+		    echo "configure: warning: can't find $name" 1>&2
+	    fi
+    fi
+
+echo $ac_n "checking if sockaddr struct has sa_len member""... $ac_c" 1>&6
+    if eval "test \"`echo '$''{'ac_cv_sockaddr_has_sa_len'+set}'`\" = set"; then
+  echo $ac_n "(cached) $ac_c" 1>&6
+else
+  cat > conftest.$ac_ext <<EOF
+#line 1905 "configure"
+#include "confdefs.h"
+
+#	include <sys/types.h>
+#	include <sys/socket.h>
+int main() { return 0; }
+int t() {
+u_int i = sizeof(((struct sockaddr *)0)->sa_len)
+; return 0; }
+EOF
+if { (eval echo configure:1915: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+  rm -rf conftest*
+  ac_cv_sockaddr_has_sa_len=yes
+else
+  rm -rf conftest*
+  ac_cv_sockaddr_has_sa_len=no
+fi
+rm -f conftest*
+
+fi
+
+    echo "$ac_t""$ac_cv_sockaddr_has_sa_len" 1>&6
+    if test $ac_cv_sockaddr_has_sa_len = yes ; then
+	    cat >> confdefs.h <<\EOF
+#define HAVE_SOCKADDR_SA_LEN 1
+EOF
+
+    fi
+
+echo $ac_n "checking if altzone is available""... $ac_c" 1>&6
+if eval "test \"`echo '$''{'ac_cv_decl_altzone'+set}'`\" = set"; then
+  echo $ac_n "(cached) $ac_c" 1>&6
+else
+  cat > conftest.$ac_ext <<EOF
+#line 1939 "configure"
+#include "confdefs.h"
+
+#	include <sys/types.h>
+#	include <sys/time.h>
+#	ifdef TIME_WITH_SYS_TIME
+#	include <time.h>
+#	endif
+int main() { return 0; }
+int t() {
+long i = -altzone
+; return 0; }
+EOF
+if { (eval echo configure:1952: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+  rm -rf conftest*
+  ac_cv_decl_altzone=yes
+else
+  rm -rf conftest*
+  ac_cv_decl_altzone=no
+fi
+rm -f conftest*
+
+fi
+
+echo "$ac_t""$ac_cv_decl_altzone" 1>&6
+if test $ac_cv_decl_altzone = yes ; then
+	cat >> confdefs.h <<\EOF
+#define HAVE_ALTZONE 1
+EOF
+
+fi
+
+echo $ac_n "checking if timezone and daylight are available""... $ac_c" 1>&6
+if eval "test \"`echo '$''{'ac_cv_decl_timezone'+set}'`\" = set"; then
+  echo $ac_n "(cached) $ac_c" 1>&6
+else
+  cat > conftest.$ac_ext <<EOF
+#line 1976 "configure"
+#include "confdefs.h"
+
+#	include <sys/types.h>
+#	include <sys/time.h>
+#	ifdef TIME_WITH_SYS_TIME
+#	include <time.h>
+#	endif
+int main() { return 0; }
+int t() {
+long i;
+	tzset();
+	i = -timezone + daylight ? 3600 : 0
+; return 0; }
+EOF
+if { (eval echo configure:1991: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; }; then
+  rm -rf conftest*
+  ac_cv_decl_timezone=yes
+else
+  rm -rf conftest*
+  ac_cv_decl_timezone=no
+fi
+rm -f conftest*
+
+fi
+
+echo "$ac_t""$ac_cv_decl_timezone" 1>&6
+if test $ac_cv_decl_timezone = yes ; then
+	cat >> confdefs.h <<\EOF
+#define HAVE_TIMEZONE 1
+EOF
+
+fi
+
+if test $ac_cv_decl_altzone = no ; then
+	echo $ac_n "checking if tm struct has tm_gmtoff member""... $ac_c" 1>&6
+	if eval "test \"`echo '$''{'ac_cv_tm_has_tm_gmtoff'+set}'`\" = set"; then
+  echo $ac_n "(cached) $ac_c" 1>&6
+else
+  cat > conftest.$ac_ext <<EOF
+#line 2016 "configure"
+#include "confdefs.h"
+
+#		include <sys/types.h>
+#		include <sys/time.h>
+#		ifdef TIME_WITH_SYS_TIME
+#		include <time.h>
+#		endif
+int main() { return 0; }
+int t() {
+u_int i = sizeof(((struct tm *)0)->tm_gmtoff)
+; return 0; }
+EOF
+if { (eval echo configure:2029: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+  rm -rf conftest*
+  ac_cv_tm_has_tm_gmtoff=yes
+else
+  rm -rf conftest*
+  ac_cv_tm_has_tm_gmtoff=no
+fi
+rm -f conftest*
+
+fi
+
+	echo "$ac_t""$ac_cv_tm_has_tm_gmtoff" 1>&6
+	if test $ac_cv_tm_has_tm_gmtoff = yes ; then
+		cat >> confdefs.h <<\EOF
+#define HAVE_TM_GMTOFF 1
+EOF
+
+	fi
+fi
+
+echo $ac_n "checking if ether_header uses ether_addr structs""... $ac_c" 1>&6
+if eval "test \"`echo '$''{'ac_cv_ether_header_has_ea'+set}'`\" = set"; then
+  echo $ac_n "(cached) $ac_c" 1>&6
+else
+  cat > conftest.$ac_ext <<EOF
+#line 2054 "configure"
+#include "confdefs.h"
+
+#	include <sys/types.h>
+#	if __STDC__
+	/* osf3 has REALLY good prototyes */
+	struct mbuf;
+	struct rtentry;
+#	endif
+#	include <sys/socket.h>
+#	include <net/if.h>
+#	include <netinet/in.h>
+#	include <netinet/if_ether.h>
+int main() { return 0; }
+int t() {
+u_int i =
+	    sizeof(((struct ether_header *)0)->ether_dhost.ether_addr_octet)
+; return 0; }
+EOF
+if { (eval echo configure:2073: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+  rm -rf conftest*
+  ac_cv_ether_header_has_ea=yes
+else
+  rm -rf conftest*
+  ac_cv_ether_header_has_ea=no
+fi
+rm -f conftest*
+
+fi
+
+echo "$ac_t""$ac_cv_ether_header_has_ea" 1>&6
+if test $ac_cv_ether_header_has_ea = yes ; then
+	cat >> confdefs.h <<\EOF
+#define ETHER_HEADER_HAS_EA 1
+EOF
+
+fi
+
+echo $ac_n "checking if ether_arp uses ether_addr structs""... $ac_c" 1>&6
+if eval "test \"`echo '$''{'ac_cv_ether_arp_has_ea'+set}'`\" = set"; then
+  echo $ac_n "(cached) $ac_c" 1>&6
+else
+  cat > conftest.$ac_ext <<EOF
+#line 2097 "configure"
+#include "confdefs.h"
+
+#	include <sys/types.h>
+#	if __STDC__
+	/* osf3 has REALLY good prototyes */
+	struct mbuf;
+	struct rtentry;
+#	endif
+#	include <sys/socket.h>
+#	include <net/if.h>
+#	include <netinet/in.h>
+#	include <netinet/if_ether.h>
+int main() { return 0; }
+int t() {
+u_int i =
+	    sizeof(((struct ether_arp *)0)->arp_sha.ether_addr_octet)
+; return 0; }
+EOF
+if { (eval echo configure:2116: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+  rm -rf conftest*
+  ac_cv_ether_arp_has_ea=yes
+else
+  rm -rf conftest*
+  ac_cv_ether_arp_has_ea=no
+fi
+rm -f conftest*
+
+fi
+
+echo "$ac_t""$ac_cv_ether_arp_has_ea" 1>&6
+if test $ac_cv_ether_arp_has_ea = yes ; then
+	cat >> confdefs.h <<\EOF
+#define ETHER_ARP_HAS_EA 1
+EOF
+
+fi
+
+echo $ac_n "checking if ether_arp uses erp_xsha member""... $ac_c" 1>&6
+if eval "test \"`echo '$''{'ac_cv_struct_ether_arp_x'+set}'`\" = set"; then
+  echo $ac_n "(cached) $ac_c" 1>&6
+else
+  cat > conftest.$ac_ext <<EOF
+#line 2140 "configure"
+#include "confdefs.h"
+
+#	include <sys/types.h>
+#	include <sys/socket.h>
+#	if __STDC__
+	/* osf3 has REALLY good prototyes */
+	struct mbuf;
+	struct rtentry;
+#	endif
+#	include <net/if.h>
+#	include <netinet/in.h>
+#	include <netinet/if_ether.h>
+int main() { return 0; }
+int t() {
+u_int i = sizeof( ((struct ether_arp *)0)->arp_xsha)
+; return 0; }
+EOF
+if { (eval echo configure:2158: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+  rm -rf conftest*
+  ac_cv_struct_ether_arp_x=yes
+else
+  rm -rf conftest*
+  ac_cv_struct_ether_arp_x=no
+fi
+rm -f conftest*
+
+fi
+
+echo "$ac_t""$ac_cv_struct_ether_arp_x" 1>&6
+if test $ac_cv_struct_ether_arp_x = yes ; then
+	cat >> confdefs.h <<\EOF
+#define ETHER_ARP_HAS_X 1
+EOF
+
+fi
+
+echo $ac_n "checking if unaligned accesses fail""... $ac_c" 1>&6
+    if eval "test \"`echo '$''{'ac_cv_unaligned_fail'+set}'`\" = set"; then
+  echo $ac_n "(cached) $ac_c" 1>&6
+else
+  case "$target_cpu" in
+
+	alpha|hp*|mips|sparc)
+		ac_cv_unaligned_fail=yes
+		;;
+
+	*)
+		cat >conftest.c <<EOF
+#		include <sys/types.h>
+#		include <sys/wait.h>
+#		include <stdio.h>
+		unsigned char a[5] = { 1, 2, 3, 4, 5 };
+		main() {
+		unsigned int i;
+		pid_t pid;
+		int status;
+		/* avoid "core dumped" message */
+		pid = fork();
+		if (pid <  0)
+			exit(2);
+		if (pid > 0) {
+			/* parent */
+			pid = waitpid(pid, &status, 0);
+			if (pid < 0)
+				exit(3);
+			exit(!WIFEXITED(status));
+		}
+		/* child */
+		i = *(unsigned int *)&a1;
+		printf("%d\n", i);
+		exit(0);
+		}
+EOF
+		${CC-cc} -o conftest $CFLAGS $CPPFLAGS $LDFLAGS \
+		    conftest.c $LIBS >/dev/null 2>&1
+		if test ! -x conftest ; then
+						ac_cv_unaligned_fail=yes
+		else
+			./conftest >conftest.out
+			if test ! -s conftest.out ; then
+				ac_cv_unaligned_fail=yes
+			else
+				ac_cv_unaligned_fail=no
+			fi
+		fi
+		rm -f conftest* core core.conftest
+		;;
+	esac
+fi
+
+    echo "$ac_t""$ac_cv_unaligned_fail" 1>&6
+    if test $ac_cv_unaligned_fail = yes ; then
+	    cat >> confdefs.h <<\EOF
+#define LBL_ALIGN 1
+EOF
+
+    fi
+
+if test -r lbl/gnuc.h ; then
+	rm -f gnuc.h
+	ln -s lbl/gnuc.h gnuc.h
+fi
+
+
+
+
+
+
+# Find a good install program.  We prefer a C program (faster),
+# so one script is as good as another.  But avoid the broken or
+# incompatible versions:
+# SysV /etc/install, /usr/sbin/install
+# SunOS /usr/etc/install
+# IRIX /sbin/install
+# AIX /bin/install
+# AFS /usr/afsws/bin/install, which mishandles nonexistent args
+# SVR4 /usr/ucb/install, which tries to use the nonexistent group "staff"
+# ./install, which can be erroneously created by make from ./install.sh.
+echo $ac_n "checking for a BSD compatible install""... $ac_c" 1>&6
+if test -z "$INSTALL"; then
+if eval "test \"`echo '$''{'ac_cv_path_install'+set}'`\" = set"; then
+  echo $ac_n "(cached) $ac_c" 1>&6
+else
+    IFS="${IFS= 	}"; ac_save_ifs="$IFS"; IFS="${IFS}:"
+  for ac_dir in $PATH; do
+    # Account for people who put trailing slashes in PATH elements.
+    case "$ac_dir/" in
+    /|./|.//|/etc/*|/usr/sbin/*|/usr/etc/*|/sbin/*|/usr/afsws/bin/*|/usr/ucb/*) ;;
+    *)
+      # OSF1 and SCO ODT 3.0 have their own names for install.
+      for ac_prog in ginstall installbsd scoinst install; do
+        if test -f $ac_dir/$ac_prog; then
+	  if test $ac_prog = install &&
+            grep dspmsg $ac_dir/$ac_prog >/dev/null 2>&1; then
+	    # AIX install.  It has an incompatible calling convention.
+	    # OSF/1 installbsd also uses dspmsg, but is usable.
+	    :
+	  else
+	    ac_cv_path_install="$ac_dir/$ac_prog -c"
+	    break 2
+	  fi
+	fi
+      done
+      ;;
+    esac
+  done
+  IFS="$ac_save_ifs"
+
+fi
+  if test "${ac_cv_path_install+set}" = set; then
+    INSTALL="$ac_cv_path_install"
+  else
+    # As a last resort, use the slow shell script.  We don't cache a
+    # path for INSTALL within a source directory, because that will
+    # break other packages using the cache if that directory is
+    # removed, or if the path is relative.
+    INSTALL="$ac_install_sh"
+  fi
+fi
+echo "$ac_t""$INSTALL" 1>&6
+
+# Use test -z because SunOS4 sh mishandles braces in ${var-val}.
+# It thinks the first close brace ends the variable substitution.
+test -z "$INSTALL_PROGRAM" && INSTALL_PROGRAM='${INSTALL}'
+
+test -z "$INSTALL_DATA" && INSTALL_DATA='${INSTALL} -m 644'
+
+
+trap '' 1 2 15
+cat > confcache <<\EOF
+# This file is a shell script that caches the results of configure
+# tests run on this system so they can be shared between configure
+# scripts and configure runs.  It is not useful on other systems.
+# If it contains results you don't want to keep, you may remove or edit it.
+#
+# By default, configure uses ./config.cache as the cache file,
+# creating it if it does not exist already.  You can give configure
+# the --cache-file=FILE option to use a different cache file; that is
+# what configure does when it calls configure scripts in
+# subdirectories, so they share the cache.
+# Giving --cache-file=/dev/null disables caching, for debugging configure.
+# config.status only pays attention to the cache file if you give it the
+# --recheck option to rerun configure.
+#
+EOF
+# Ultrix sh set writes to stderr and can't be redirected directly,
+# and sets the high bit in the cache file unless we assign to the vars.
+(set) 2>&1 |
+  sed -n "s/^\([a-zA-Z0-9_]*_cv_[a-zA-Z0-9_]*\)=\(.*\)/\1=\${\1='\2'}/p" \
+  >> confcache
+if cmp -s $cache_file confcache; then
+  :
+else
+  if test -w $cache_file; then
+    echo "updating cache $cache_file"
+    cat confcache > $cache_file
+  else
+    echo "not updating unwritable cache $cache_file"
+  fi
+fi
+rm -f confcache
+
+trap 'rm -fr conftest* confdefs* core core.* *.core $ac_clean_files; exit 1' 1 2 15
+
+test "x$prefix" = xNONE && prefix=$ac_default_prefix
+# Let make expand exec_prefix.
+test "x$exec_prefix" = xNONE && exec_prefix='${prefix}'
+
+# Any assignment to VPATH causes Sun make to only execute
+# the first set of double-colon rules, so remove it if not needed.
+# If there is a colon in the path, we need to keep it.
+if test "x$srcdir" = x.; then
+  ac_vpsub='/^[ 	]*VPATH[ 	]*=[^:]*$/d'
+fi
+
+trap 'rm -f $CONFIG_STATUS conftest*; exit 1' 1 2 15
+
+# Transform confdefs.h into DEFS.
+# Protect against shell expansion while executing Makefile rules.
+# Protect against Makefile macro expansion.
+cat > conftest.defs <<\EOF
+s%#define \([A-Za-z_][A-Za-z0-9_]*\) *\(.*\)%-D\1=\2%g
+s%[ 	`~#$^&*(){}\\|;'"<>?]%\\&%g
+s%\[%\\&%g
+s%\]%\\&%g
+s%\$%$$%g
+EOF
+DEFS=`sed -f conftest.defs confdefs.h | tr '\012' ' '`
+rm -f conftest.defs
+
+
+# Without the "./", some shells look in PATH for config.status.
+: ${CONFIG_STATUS=./config.status}
+
+echo creating $CONFIG_STATUS
+rm -f $CONFIG_STATUS
+cat > $CONFIG_STATUS <<EOF
+#! /bin/sh
+# Generated automatically by configure.
+# Run this file to recreate the current configuration.
+# This directory was configured as follows,
+# on host `(hostname || uname -n) 2>/dev/null | sed 1q`:
+#
+# $0 $ac_configure_args
+#
+# Compiler output produced by configure, useful for debugging
+# configure, is in ./config.log if it exists.
+
+ac_cs_usage="Usage: $CONFIG_STATUS [--recheck] [--version] [--help]"
+for ac_option
+do
+  case "\$ac_option" in
+  -recheck | --recheck | --rechec | --reche | --rech | --rec | --re | --r)
+    echo "running \${CONFIG_SHELL-/bin/sh} $0 $ac_configure_args --no-create --no-recursion"
+    exec \${CONFIG_SHELL-/bin/sh} $0 $ac_configure_args --no-create --no-recursion ;;
+  -version | --version | --versio | --versi | --vers | --ver | --ve | --v)
+    echo "$CONFIG_STATUS generated by autoconf version 2.10"
+    exit 0 ;;
+  -help | --help | --hel | --he | --h)
+    echo "\$ac_cs_usage"; exit 0 ;;
+  *) echo "\$ac_cs_usage"; exit 1 ;;
+  esac
+done
+
+ac_given_srcdir=$srcdir
+ac_given_INSTALL="$INSTALL"
+
+trap 'rm -fr `echo "Makefile" | sed "s/:[^ ]*//g"` conftest*; exit 1' 1 2 15
+EOF
+cat >> $CONFIG_STATUS <<EOF
+
+# Protect against being on the right side of a sed subst in config.status.
+sed 's/%@/@@/; s/@%/@@/; s/%g\$/@g/; /@g\$/s/[\\\\&%]/\\\\&/g;
+ s/@@/%@/; s/@@/@%/; s/@g\$/%g/' > conftest.subs <<\\CEOF
+$ac_vpsub
+$extrasub
+s%@CFLAGS@%$CFLAGS%g
+s%@CPPFLAGS@%$CPPFLAGS%g
+s%@CXXFLAGS@%$CXXFLAGS%g
+s%@DEFS@%$DEFS%g
+s%@LDFLAGS@%$LDFLAGS%g
+s%@LIBS@%$LIBS%g
+s%@exec_prefix@%$exec_prefix%g
+s%@prefix@%$prefix%g
+s%@program_transform_name@%$program_transform_name%g
+s%@bindir@%$bindir%g
+s%@sbindir@%$sbindir%g
+s%@libexecdir@%$libexecdir%g
+s%@datadir@%$datadir%g
+s%@sysconfdir@%$sysconfdir%g
+s%@sharedstatedir@%$sharedstatedir%g
+s%@localstatedir@%$localstatedir%g
+s%@libdir@%$libdir%g
+s%@includedir@%$includedir%g
+s%@oldincludedir@%$oldincludedir%g
+s%@infodir@%$infodir%g
+s%@mandir@%$mandir%g
+s%@host@%$host%g
+s%@host_alias@%$host_alias%g
+s%@host_cpu@%$host_cpu%g
+s%@host_vendor@%$host_vendor%g
+s%@host_os@%$host_os%g
+s%@target@%$target%g
+s%@target_alias@%$target_alias%g
+s%@target_cpu@%$target_cpu%g
+s%@target_vendor@%$target_vendor%g
+s%@target_os@%$target_os%g
+s%@build@%$build%g
+s%@build_alias@%$build_alias%g
+s%@build_cpu@%$build_cpu%g
+s%@build_vendor@%$build_vendor%g
+s%@build_os@%$build_os%g
+s%@SHLICC2@%$SHLICC2%g
+s%@CC@%$CC%g
+s%@CPP@%$CPP%g
+s%@LIBOBJS@%$LIBOBJS%g
+s%@V_CCOPT@%$V_CCOPT%g
+s%@V_GROUP@%$V_GROUP%g
+s%@V_INCLS@%$V_INCLS%g
+s%@V_PCAPDEP@%$V_PCAPDEP%g
+s%@INSTALL_PROGRAM@%$INSTALL_PROGRAM%g
+s%@INSTALL_DATA@%$INSTALL_DATA%g
+
+CEOF
+EOF
+cat >> $CONFIG_STATUS <<EOF
+
+CONFIG_FILES=\${CONFIG_FILES-"Makefile"}
+EOF
+cat >> $CONFIG_STATUS <<\EOF
+for ac_file in .. $CONFIG_FILES; do if test "x$ac_file" != x..; then
+  # Support "outfile[:infile]", defaulting infile="outfile.in".
+  case "$ac_file" in
+  *:*) ac_file_in=`echo "$ac_file"|sed 's%.*:%%'`
+       ac_file=`echo "$ac_file"|sed 's%:.*%%'` ;;
+  *) ac_file_in="${ac_file}.in" ;;
+  esac
+
+  # Adjust relative srcdir, etc. for subdirectories.
+
+  # Remove last slash and all that follows it.  Not all systems have dirname.
+  ac_dir=`echo $ac_file|sed 's%/[^/][^/]*$%%'`
+  if test "$ac_dir" != "$ac_file" && test "$ac_dir" != .; then
+    # The file is in a subdirectory.
+    test ! -d "$ac_dir" && mkdir "$ac_dir"
+    ac_dir_suffix="/`echo $ac_dir|sed 's%^\./%%'`"
+    # A "../" for each directory in $ac_dir_suffix.
+    ac_dots=`echo $ac_dir_suffix|sed 's%/[^/]*%../%g'`
+  else
+    ac_dir_suffix= ac_dots=
+  fi
+
+  case "$ac_given_srcdir" in
+  .)  srcdir=.
+      if test -z "$ac_dots"; then top_srcdir=.
+      else top_srcdir=`echo $ac_dots|sed 's%/$%%'`; fi ;;
+  /*) srcdir="$ac_given_srcdir$ac_dir_suffix"; top_srcdir="$ac_given_srcdir" ;;
+  *) # Relative path.
+    srcdir="$ac_dots$ac_given_srcdir$ac_dir_suffix"
+    top_srcdir="$ac_dots$ac_given_srcdir" ;;
+  esac
+
+  case "$ac_given_INSTALL" in
+  [/$]*) INSTALL="$ac_given_INSTALL" ;;
+  *) INSTALL="$ac_dots$ac_given_INSTALL" ;;
+  esac
+  echo creating "$ac_file"
+  rm -f "$ac_file"
+  configure_input="Generated automatically from `echo $ac_file_in|sed 's%.*/%%'` by configure."
+  case "$ac_file" in
+  *Makefile*) ac_comsub="1i\\
+# $configure_input" ;;
+  *) ac_comsub= ;;
+  esac
+  sed -e "$ac_comsub
+s%@configure_input@%$configure_input%g
+s%@srcdir@%$srcdir%g
+s%@top_srcdir@%$top_srcdir%g
+s%@INSTALL@%$INSTALL%g
+" -f conftest.subs $ac_given_srcdir/$ac_file_in > $ac_file
+fi; done
+rm -f conftest.subs
+
+
+
+exit 0
+EOF
+chmod +x $CONFIG_STATUS
+rm -fr confdefs* $ac_clean_files
+test "$no_create" = yes || ${CONFIG_SHELL-/bin/sh} $CONFIG_STATUS || exit 1
+
+
+if test -f .devel ; then
+	make depend
+fi
+exit 0
diff --git a/contrib/tcpdump/configure.in b/contrib/tcpdump/configure.in
new file mode 100755
index 000000000000..3fa0509ac54a
--- /dev/null
+++ b/contrib/tcpdump/configure.in
@@ -0,0 +1,227 @@
+dnl @(#) $Header: configure.in,v 1.53 96/07/17 15:27:31 leres Exp $ (LBL)
+dnl
+dnl Copyright (c) 1994, 1995, 1996
+dnl	The Regents of the University of California.  All rights reserved.
+dnl
+dnl Process this file with autoconf to produce a configure script.
+dnl
+
+AC_INIT(tcpdump.c)
+
+AC_CANONICAL_SYSTEM
+
+umask 002
+
+if test -z "$PWD" ; then
+	PWD=`pwd`
+fi
+
+AC_LBL_C_INIT(V_CCOPT, V_INCLS)
+
+AC_CHECK_HEADERS(fcntl.h net/slip.h rpc/rpcent.h)
+AC_HEADER_TIME
+
+AC_REPLACE_FUNCS(vfprintf strcasecmp)
+AC_CHECK_FUNCS(ether_ntoa setlinebuf)
+
+AC_CHECK_LIB(dnet, main)
+AC_CHECK_LIB(rpc, main)
+AC_CHECK_LIB(nsl, main)
+AC_CHECK_LIB(str, main)
+
+dnl -lsocket is broken for snoop under IRIX 5.2 and earlier
+case "$target_os" in
+irix5.0*)
+	;;
+
+irix5.1*)
+	;;
+
+irix5.2*)
+	;;
+
+*)
+	AC_CHECK_LIB(socket, main)
+	;;
+esac
+
+AC_LBL_LIBPCAP(V_PCAPDEP, V_INCLS)
+
+V_GROUP=0
+case "$target_os" in
+
+aix*)
+	dnl Workaround to enable certain features
+	AC_DEFINE(_SUN)
+	;;
+
+irix*)
+	V_GROUP=sys
+	;;
+
+osf*)
+	V_GROUP=system
+	case "$target_os" in
+
+	osf3*)
+		dnl Workaround around ip_hl vs. ip_vhl problem in netinet/ip.h
+		AC_DEFINE(__STDC__,2)
+		;;
+	esac
+	;;
+
+solaris*)
+	V_GROUP=sys
+	;;
+esac
+
+if test -f /dev/bpf0 ; then
+	V_GROUP=bpf
+fi
+
+AC_CHECK_TYPE(int32_t, int)
+AC_CHECK_TYPE(u_int32_t, u_int)
+
+AC_LBL_TYPE_SIGNAL
+
+AC_LBL_DEVEL(V_CCOPT)
+
+AC_LBL_SOCKADDR_SA_LEN
+
+AC_MSG_CHECKING(if altzone is available)
+AC_CACHE_VAL(ac_cv_decl_altzone,
+    AC_TRY_COMPILE([
+#	include <sys/types.h>
+#	include <sys/time.h>
+#	ifdef TIME_WITH_SYS_TIME
+#	include <time.h>
+#	endif],
+	[long i = -altzone],
+	ac_cv_decl_altzone=yes,
+	ac_cv_decl_altzone=no))
+AC_MSG_RESULT($ac_cv_decl_altzone)
+if test $ac_cv_decl_altzone = yes ; then
+	AC_DEFINE(HAVE_ALTZONE)
+fi
+
+AC_MSG_CHECKING(if timezone and daylight are available)
+AC_CACHE_VAL(ac_cv_decl_timezone,
+    AC_TRY_LINK([
+#	include <sys/types.h>
+#	include <sys/time.h>
+#	ifdef TIME_WITH_SYS_TIME
+#	include <time.h>
+#	endif],
+	[long i;
+	tzset();
+	i = -timezone + daylight ? 3600 : 0],
+	ac_cv_decl_timezone=yes,
+	ac_cv_decl_timezone=no))
+AC_MSG_RESULT($ac_cv_decl_timezone)
+if test $ac_cv_decl_timezone = yes ; then
+	AC_DEFINE(HAVE_TIMEZONE)
+fi
+
+if test $ac_cv_decl_altzone = no ; then
+	AC_MSG_CHECKING(if tm struct has tm_gmtoff member)
+	AC_CACHE_VAL(ac_cv_tm_has_tm_gmtoff,
+	    AC_TRY_COMPILE([
+#		include <sys/types.h>
+#		include <sys/time.h>
+#		ifdef TIME_WITH_SYS_TIME
+#		include <time.h>
+#		endif],
+		[u_int i = sizeof(((struct tm *)0)->tm_gmtoff)],
+		ac_cv_tm_has_tm_gmtoff=yes,
+		ac_cv_tm_has_tm_gmtoff=no))
+	AC_MSG_RESULT($ac_cv_tm_has_tm_gmtoff)
+	if test $ac_cv_tm_has_tm_gmtoff = yes ; then
+		AC_DEFINE(HAVE_TM_GMTOFF)
+	fi
+fi
+
+AC_MSG_CHECKING(if ether_header uses ether_addr structs)
+AC_CACHE_VAL(ac_cv_ether_header_has_ea,
+    AC_TRY_COMPILE([
+#	include <sys/types.h>
+#	if __STDC__
+	/* osf3 has REALLY good prototyes */
+	struct mbuf;
+	struct rtentry;
+#	endif
+#	include <sys/socket.h>
+#	include <net/if.h>
+#	include <netinet/in.h>
+#	include <netinet/if_ether.h>],
+	[u_int i =
+	    sizeof(((struct ether_header *)0)->ether_dhost.ether_addr_octet)],
+	ac_cv_ether_header_has_ea=yes,
+	ac_cv_ether_header_has_ea=no))
+AC_MSG_RESULT($ac_cv_ether_header_has_ea)
+if test $ac_cv_ether_header_has_ea = yes ; then
+	AC_DEFINE(ETHER_HEADER_HAS_EA)
+fi
+
+AC_MSG_CHECKING(if ether_arp uses ether_addr structs)
+AC_CACHE_VAL(ac_cv_ether_arp_has_ea,
+    AC_TRY_COMPILE([
+#	include <sys/types.h>
+#	if __STDC__
+	/* osf3 has REALLY good prototyes */
+	struct mbuf;
+	struct rtentry;
+#	endif
+#	include <sys/socket.h>
+#	include <net/if.h>
+#	include <netinet/in.h>
+#	include <netinet/if_ether.h>],
+	[u_int i =
+	    sizeof(((struct ether_arp *)0)->arp_sha.ether_addr_octet)],
+	ac_cv_ether_arp_has_ea=yes,
+	ac_cv_ether_arp_has_ea=no))
+AC_MSG_RESULT($ac_cv_ether_arp_has_ea)
+if test $ac_cv_ether_arp_has_ea = yes ; then
+	AC_DEFINE(ETHER_ARP_HAS_EA)
+fi
+
+AC_MSG_CHECKING(if ether_arp uses erp_xsha member)
+AC_CACHE_VAL(ac_cv_struct_ether_arp_x,
+    AC_TRY_COMPILE([
+#	include <sys/types.h>
+#	include <sys/socket.h>
+#	if __STDC__
+	/* osf3 has REALLY good prototyes */
+	struct mbuf;
+	struct rtentry;
+#	endif
+#	include <net/if.h>
+#	include <netinet/in.h>
+#	include <netinet/if_ether.h>],
+	[u_int i = sizeof( ((struct ether_arp *)0)->arp_xsha)],
+	ac_cv_struct_ether_arp_x=yes,
+	ac_cv_struct_ether_arp_x=no))
+AC_MSG_RESULT($ac_cv_struct_ether_arp_x)
+if test $ac_cv_struct_ether_arp_x = yes ; then
+	AC_DEFINE(ETHER_ARP_HAS_X)
+fi
+
+AC_LBL_UNALIGNED_ACCESS
+
+if test -r lbl/gnuc.h ; then
+	rm -f gnuc.h
+	ln -s lbl/gnuc.h gnuc.h
+fi
+
+AC_SUBST(V_CCOPT)
+AC_SUBST(V_GROUP)
+AC_SUBST(V_INCLS)
+AC_SUBST(V_PCAPDEP)
+
+AC_PROG_INSTALL
+
+AC_OUTPUT(Makefile)
+
+if test -f .devel ; then
+	make depend
+fi
+exit 0
diff --git a/contrib/tcpdump/decnet.h b/contrib/tcpdump/decnet.h
new file mode 100644
index 000000000000..0f4bd4c4d0ca
--- /dev/null
+++ b/contrib/tcpdump/decnet.h
@@ -0,0 +1,453 @@
+/*
+ * Copyright (c) 1992, 1994, 1996
+ *	The Regents of the University of California.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that: (1) source code distributions
+ * retain the above copyright notice and this paragraph in its entirety, (2)
+ * distributions including binary code include the above copyright notice and
+ * this paragraph in its entirety in the documentation or other materials
+ * provided with the distribution, and (3) all advertising materials mentioning
+ * features or use of this software display the following acknowledgement:
+ * ``This product includes software developed by the University of California,
+ * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
+ * the University nor the names of its contributors may be used to endorse
+ * or promote products derived from this software without specific prior
+ * written permission.
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
+ *
+ * @(#) $Header: decnet.h,v 1.6 96/07/15 18:15:19 leres Exp $ (LBL)
+ */
+
+typedef unsigned char byte[1];		/* single byte field */
+typedef unsigned char word[2];		/* 2 byte field */
+typedef unsigned char longword[4];	/* 4 bytes field */
+
+/*
+ * Definitions for DECNET Phase IV protocol headers
+ */
+union etheraddress {
+	unsigned char   dne_addr[6];		/* full ethernet address */
+	struct {
+		unsigned char dne_hiord[4];	/* DECnet HIORD prefix */
+		unsigned char dne_nodeaddr[2];	/* DECnet node address */
+	} dne_remote;
+};
+
+typedef union etheraddress etheraddr;	/* Ethernet address */
+
+#define HIORD 0x000400aa		/* high 32-bits of address (swapped) */
+
+#define AREAMASK	0176000		/* mask for area field */
+#define	AREASHIFT	10		/* bit-offset for area field */
+#define NODEMASK	01777		/* mask for node address field */
+
+#define DN_MAXADDL	20		/* max size of DECnet address */
+struct dn_naddr {
+	unsigned short	a_len;		/* length of address */
+	unsigned char a_addr[DN_MAXADDL]; /* address as bytes */
+};
+
+/*
+ * Define long and short header formats.
+ */
+struct shorthdr
+  {
+    byte	sh_flags;		/* route flags */
+    word	sh_dst;			/* destination node address */
+    word	sh_src;			/* source node address */
+    byte	sh_visits;		/* visit count */
+  };
+
+struct longhdr
+  {
+    byte	lg_flags;		/* route flags */
+    byte	lg_darea;		/* destination area (reserved) */
+    byte	lg_dsarea;		/* destination subarea (reserved) */
+    etheraddr	lg_dst;			/* destination id */
+    byte	lg_sarea;		/* source area (reserved) */
+    byte	lg_ssarea;		/* source subarea (reserved) */
+    etheraddr	lg_src;			/* source id */
+    byte	lg_nextl2;		/* next level 2 router (reserved) */
+    byte	lg_visits;		/* visit count */
+    byte	lg_service;		/* service class (reserved) */
+    byte	lg_pt;			/* protocol type (reserved) */
+  };
+
+union routehdr
+  {
+    struct shorthdr rh_short;		/* short route header */
+    struct longhdr rh_long;		/* long route header */
+  };
+
+/*
+ * Define the values of various fields in the protocol messages.
+ *
+ * 1. Data packet formats.
+ */
+#define RMF_MASK	7		/* mask for message type */
+#define RMF_SHORT	2		/* short message format */
+#define RMF_LONG	6		/* long message format */
+#ifndef RMF_RQR
+#define RMF_RQR		010		/* request return to sender */
+#define RMF_RTS		020		/* returning to sender */
+#define RMF_IE		040		/* intra-ethernet packet */
+#endif /* RMR_RQR */
+#define RMF_FVER	0100		/* future version flag */
+#define RMF_PAD		0200		/* pad field */
+#define RMF_PADMASK	0177		/* pad field mask */
+
+#define VIS_MASK	077		/* visit field mask */
+
+/*
+ * 2. Control packet formats.
+ */
+#define RMF_CTLMASK	017		/* mask for message type */
+#define RMF_CTLMSG	01		/* control message indicator */
+#define RMF_INIT	01		/* initialization message */
+#define RMF_VER		03		/* verification message */
+#define RMF_TEST	05		/* hello and test message */
+#define RMF_L1ROUT	07		/* level 1 routing message */
+#define RMF_L2ROUT	011		/* level 2 routing message */
+#define RMF_RHELLO	013		/* router hello message */
+#define RMF_EHELLO	015		/* endnode hello message */
+
+#define TI_L2ROUT	01		/* level 2 router */
+#define TI_L1ROUT	02		/* level 1 router */
+#define TI_ENDNODE	03		/* endnode */
+#define TI_VERIF	04		/* verification required */
+#define TI_BLOCK	010		/* blocking requested */
+
+#define VE_VERS		2		/* version number (2) */
+#define VE_ECO		0		/* ECO number */
+#define VE_UECO		0		/* user ECO number (0) */
+
+#define P3_VERS		1		/* phase III version number (1) */
+#define P3_ECO		3		/* ECO number (3) */
+#define P3_UECO		0		/* user ECO number (0) */
+
+#define II_L2ROUT	01		/* level 2 router */
+#define II_L1ROUT	02		/* level 1 router */
+#define II_ENDNODE	03		/* endnode */
+#define II_VERIF	04		/* verification required */
+#define II_NOMCAST	040		/* no multicast traffic accepted */
+#define II_BLOCK	0100		/* blocking requested */
+#define II_TYPEMASK	03		/* mask for node type */
+
+#define TESTDATA	0252		/* test data bytes */
+#define TESTLEN		1		/* length of transmitted test data */
+
+/*
+ * Define control message formats.
+ */
+struct initmsgIII			/* phase III initialization message */
+  {
+    byte	inIII_flags;		/* route flags */
+    word	inIII_src;		/* source node address */
+    byte	inIII_info;		/* routing layer information */
+    word	inIII_blksize;		/* maximum data link block size */
+    byte	inIII_vers;		/* version number */
+    byte	inIII_eco;		/* ECO number */
+    byte	inIII_ueco;		/* user ECO number */
+    byte	inIII_rsvd;		/* reserved image field */
+  };
+
+struct initmsg				/* initialization message */
+  {
+    byte	in_flags;		/* route flags */
+    word	in_src;			/* source node address */
+    byte	in_info;		/* routing layer information */
+    word	in_blksize;		/* maximum data link block size */
+    byte	in_vers;		/* version number */
+    byte	in_eco;			/* ECO number */
+    byte	in_ueco;		/* user ECO number */
+    word	in_hello;		/* hello timer */
+    byte	in_rsvd;		/* reserved image field */
+  };
+
+struct verifmsg				/* verification message */
+  {
+    byte	ve_flags;		/* route flags */
+    word	ve_src;			/* source node address */
+    byte	ve_fcnval;		/* function value image field */
+  };
+
+struct testmsg				/* hello and test message */
+  {
+    byte	te_flags;		/* route flags */
+    word	te_src;			/* source node address */
+    byte	te_data;		/* test data image field */
+  };
+
+struct l1rout				/* level 1 routing message */
+  {
+    byte	r1_flags;		/* route flags */
+    word	r1_src;			/* source node address */
+    byte	r1_rsvd;		/* reserved field */
+  };
+
+struct l2rout				/* level 2 routing message */
+  {
+    byte	r2_flags;		/* route flags */
+    word	r2_src;			/* source node address */
+    byte	r2_rsvd;		/* reserved field */
+  };
+
+struct rhellomsg			/* router hello message */
+  {
+    byte	rh_flags;		/* route flags */
+    byte	rh_vers;		/* version number */
+    byte	rh_eco;			/* ECO number */
+    byte	rh_ueco;		/* user ECO number */
+    etheraddr	rh_src;			/* source id */
+    byte	rh_info;		/* routing layer information */
+    word	rh_blksize;		/* maximum data link block size */
+    byte	rh_priority;		/* router's priority */
+    byte	rh_area;		/* reserved */
+    word	rh_hello;		/* hello timer */
+    byte	rh_mpd;			/* reserved */
+  };
+
+struct ehellomsg			/* endnode hello message */
+  {
+    byte	eh_flags;		/* route flags */
+    byte	eh_vers;		/* version number */
+    byte	eh_eco;			/* ECO number */
+    byte	eh_ueco;		/* user ECO number */
+    etheraddr	eh_src;			/* source id */
+    byte	eh_info;		/* routing layer information */
+    word	eh_blksize;		/* maximum data link block size */
+    byte	eh_area;		/* area (reserved) */
+    byte	eh_seed[8];		/* verification seed */
+    etheraddr	eh_router;		/* designated router */
+    word	eh_hello;		/* hello timer */
+    byte	eh_mpd;			/* (reserved) */
+    byte	eh_data;		/* test data image field */
+  };
+
+union controlmsg
+  {
+    struct initmsg	cm_init;	/* initialization message */
+    struct verifmsg	cm_ver;		/* verification message */
+    struct testmsg	cm_test;	/* hello and test message */
+    struct l1rout	cm_l1rou;	/* level 1 routing message */
+    struct l2rout	cm_l2rout;	/* level 2 routing message */
+    struct rhellomsg	cm_rhello;	/* router hello message */
+    struct ehellomsg	cm_ehello;	/* endnode hello message */
+  };
+
+/* Macros for decoding routing-info fields */
+#define	RI_COST(x)	((x)&0777)
+#define	RI_HOPS(x)	(((x)>>10)&037)
+
+/*
+ * NSP protocol fields and values.
+ */
+
+#define NSP_TYPEMASK 014		/* mask to isolate type code */
+#define NSP_SUBMASK 0160		/* mask to isolate subtype code */
+#define NSP_SUBSHFT 4			/* shift to move subtype code */
+
+#define MFT_DATA 0			/* data message */
+#define MFT_ACK  04			/* acknowledgement message */
+#define MFT_CTL  010			/* control message */
+
+#define MFS_ILS  020			/* data or I/LS indicator */
+#define MFS_BOM  040			/* beginning of message (data) */
+#define MFS_MOM  0			/* middle of message (data) */
+#define MFS_EOM  0100			/* end of message (data) */
+#define MFS_INT  040			/* interrupt message */
+
+#define MFS_DACK 0			/* data acknowledgement */
+#define MFS_IACK 020			/* I/LS acknowledgement */
+#define MFS_CACK 040			/* connect acknowledgement */
+
+#define MFS_NOP  0			/* no operation */
+#define MFS_CI   020			/* connect initiate */
+#define MFS_CC   040			/* connect confirm */
+#define MFS_DI   060			/* disconnect initiate */
+#define MFS_DC   0100			/* disconnect confirm */
+#define MFS_RCI  0140			/* retransmitted connect initiate */
+
+#define SGQ_ACK  0100000		/* ack */
+#define SGQ_NAK  0110000		/* negative ack */
+#define SGQ_OACK 0120000		/* other channel ack */
+#define SGQ_ONAK 0130000		/* other channel negative ack */
+#define SGQ_MASK 07777			/* mask to isolate seq # */
+#define SGQ_OTHER 020000		/* other channel qualifier */
+#define SGQ_DELAY 010000		/* ack delay flag */
+
+#define SGQ_EOM  0100000		/* pseudo flag for end-of-message */
+
+#define LSM_MASK 03			/* mask for modifier field */
+#define LSM_NOCHANGE 0			/* no change */
+#define LSM_DONOTSEND 1			/* do not send data */
+#define LSM_SEND 2			/* send data */
+
+#define LSI_MASK 014			/* mask for interpretation field */
+#define LSI_DATA 0			/* data segment or message count */
+#define LSI_INTR 4			/* interrupt request count */
+#define LSI_INTM 0377			/* funny marker for int. message */
+
+#define COS_MASK 014			/* mask for flow control field */
+#define COS_NONE 0			/* no flow control */
+#define COS_SEGMENT 04			/* segment flow control */
+#define COS_MESSAGE 010			/* message flow control */
+#define COS_CRYPTSER 020		/* cryptographic services requested */
+#define COS_DEFAULT 1			/* default value for field */
+
+#define COI_MASK 3			/* mask for version field */
+#define COI_32 0			/* version 3.2 */
+#define COI_31 1			/* version 3.1 */
+#define COI_40 2			/* version 4.0 */
+#define COI_41 3			/* version 4.1 */
+
+#define MNU_MASK 140			/* mask for session control version */
+#define MNU_10 000				/* session V1.0 */
+#define MNU_20 040				/* session V2.0 */
+#define MNU_ACCESS 1			/* access control present */
+#define MNU_USRDATA 2			/* user data field present */
+#define MNU_INVKPROXY 4			/* invoke proxy field present */
+#define MNU_UICPROXY 8			/* use uic-based proxy */
+
+#define DC_NORESOURCES 1		/* no resource reason code */
+#define DC_NOLINK 41			/* no link terminate reason code */
+#define DC_COMPLETE 42			/* disconnect complete reason code */
+
+#define DI_NOERROR 0			/* user disconnect */
+#define DI_SHUT 3			/* node is shutting down */
+#define DI_NOUSER 4			/* destination end user does not exist */
+#define DI_INVDEST 5			/* invalid end user destination */
+#define DI_REMRESRC 6			/* insufficient remote resources */
+#define DI_TPA 8			/* third party abort */
+#define DI_PROTOCOL 7			/* protocol error discovered */
+#define DI_ABORT 9			/* user abort */
+#define DI_LOCALRESRC 32		/* insufficient local resources */
+#define DI_REMUSERRESRC 33		/* insufficient remote user resources */
+#define DI_BADACCESS 34			/* bad access control information */
+#define DI_BADACCNT 36			/* bad ACCOUNT information */
+#define DI_CONNECTABORT 38		/* connect request cancelled */
+#define DI_TIMEDOUT 38			/* remote node or user crashed */
+#define DI_UNREACHABLE 39		/* local timers expired due to ... */
+#define DI_BADIMAGE 43			/* bad image data in connect */
+#define DI_SERVMISMATCH 54		/* cryptographic service mismatch */
+
+#define UC_OBJREJECT 0			/* object rejected connect */
+#define UC_USERDISCONNECT 0		/* user disconnect */
+#define UC_RESOURCES 1			/* insufficient resources (local or remote) */
+#define UC_NOSUCHNODE 2			/* unrecognized node name */
+#define UC_REMOTESHUT 3			/* remote node shutting down */
+#define UC_NOSUCHOBJ 4			/* unrecognized object */
+#define UC_INVOBJFORMAT 5		/* invalid object name format */
+#define UC_OBJTOOBUSY 6			/* object too busy */
+#define UC_NETWORKABORT 8		/* network abort */
+#define UC_USERABORT 9			/* user abort */
+#define UC_INVNODEFORMAT 10		/* invalid node name format */
+#define UC_LOCALSHUT 11			/* local node shutting down */
+#define UC_ACCESSREJECT 34		/* invalid access control information */
+#define UC_NORESPONSE 38		/* no response from object */
+#define UC_UNREACHABLE 39		/* node unreachable */
+
+/*
+ * NSP message formats.
+ */
+struct nsphdr				/* general nsp header */
+  {
+    byte	nh_flags;		/* message flags */
+    word	nh_dst;			/* destination link address */
+    word	nh_src;			/* source link address */
+  };
+
+struct seghdr				/* data segment header */
+  {
+    byte	sh_flags;		/* message flags */
+    word	sh_dst;			/* destination link address */
+    word	sh_src;			/* source link address */
+    word	sh_seq[3];		/* sequence numbers */
+  };
+
+struct minseghdr			/* minimum data segment header */
+  {
+    byte	ms_flags;		/* message flags */
+    word	ms_dst;			/* destination link address */
+    word	ms_src;			/* source link address */
+    word	ms_seq;			/* sequence number */
+  };
+
+struct lsmsg				/* link service message (after hdr) */
+  {
+    byte	ls_lsflags;		/* link service flags */
+    byte	ls_fcval;		/* flow control value */
+  };
+
+struct ackmsg				/* acknowledgement message */
+  {
+    byte	ak_flags;		/* message flags */
+    word	ak_dst;			/* destination link address */
+    word	ak_src;			/* source link address */
+    word	ak_acknum[2];		/* acknowledgement numbers */
+  };
+
+struct minackmsg			/* minimum acknowledgement message */
+  {
+    byte	mk_flags;		/* message flags */
+    word	mk_dst;			/* destination link address */
+    word	mk_src;			/* source link address */
+    word	mk_acknum;		/* acknowledgement number */
+  };
+
+struct ciackmsg				/* connect acknowledgement message */
+  {
+    byte	ck_flags;		/* message flags */
+    word	ck_dst;			/* destination link address */
+  };
+
+struct cimsg				/* connect initiate message */
+  {
+    byte	ci_flags;		/* message flags */
+    word	ci_dst;			/* destination link address (0) */
+    word	ci_src;			/* source link address */
+    byte	ci_services;		/* requested services */
+    byte	ci_info;		/* information */
+    word	ci_segsize;		/* maximum segment size */
+  };
+
+struct ccmsg				/* connect confirm message */
+  {
+    byte	cc_flags;		/* message flags */
+    word	cc_dst;			/* destination link address */
+    word	cc_src;			/* source link address */
+    byte	cc_services;		/* requested services */
+    byte	cc_info;		/* information */
+    word	cc_segsize;		/* maximum segment size */
+    byte	cc_optlen;		/* optional data length */
+  };
+
+struct cnmsg				/* generic connect message */
+  {
+    byte	cn_flags;		/* message flags */
+    word	cn_dst;			/* destination link address */
+    word	cn_src;			/* source link address */
+    byte	cn_services;		/* requested services */
+    byte	cn_info;		/* information */
+    word	cn_segsize;		/* maximum segment size */
+  };
+
+struct dimsg				/* disconnect initiate message */
+  {
+    byte	di_flags;		/* message flags */
+    word	di_dst;			/* destination link address */
+    word	di_src;			/* source link address */
+    word	di_reason;		/* reason code */
+    byte	di_optlen;		/* optional data length */
+  };
+
+struct dcmsg				/* disconnect confirm message */
+  {
+    byte	dc_flags;		/* message flags */
+    word	dc_dst;			/* destination link address */
+    word	dc_src;			/* source link address */
+    word	dc_reason;		/* reason code */
+  };
diff --git a/contrib/tcpdump/ethertype.h b/contrib/tcpdump/ethertype.h
new file mode 100644
index 000000000000..240307375026
--- /dev/null
+++ b/contrib/tcpdump/ethertype.h
@@ -0,0 +1,76 @@
+/*
+ * Copyright (c) 1993, 1994, 1996
+ *	The Regents of the University of California.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that: (1) source code distributions
+ * retain the above copyright notice and this paragraph in its entirety, (2)
+ * distributions including binary code include the above copyright notice and
+ * this paragraph in its entirety in the documentation or other materials
+ * provided with the distribution, and (3) all advertising materials mentioning
+ * features or use of this software display the following acknowledgement:
+ * ``This product includes software developed by the University of California,
+ * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
+ * the University nor the names of its contributors may be used to endorse
+ * or promote products derived from this software without specific prior
+ * written permission.
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
+ *
+ * @(#) $Header: ethertype.h,v 1.6 96/07/14 18:21:49 leres Exp $ (LBL)
+ */
+
+/* Types missing from some systems */
+
+#ifndef ETHERTYPE_NS
+#define ETHERTYPE_NS		0x0600
+#endif
+#ifndef	ETHERTYPE_SPRITE
+#define	ETHERTYPE_SPRITE	0x0500
+#endif
+#ifndef ETHERTYPE_TRAIL
+#define ETHERTYPE_TRAIL		0x1000
+#endif
+#ifndef	ETHERTYPE_MOPDL
+#define	ETHERTYPE_MOPDL		0x6001
+#endif
+#ifndef	ETHERTYPE_MOPRC
+#define	ETHERTYPE_MOPRC		0x6002
+#endif
+#ifndef	ETHERTYPE_DN
+#define	ETHERTYPE_DN		0x6003
+#endif
+#ifndef	ETHERTYPE_LAT
+#define	ETHERTYPE_LAT		0x6004
+#endif
+#ifndef ETHERTYPE_SCA
+#define ETHERTYPE_SCA		0x6007
+#endif
+#ifndef ETHERTYPE_REVARP
+#define ETHERTYPE_REVARP	0x8035
+#endif
+#ifndef	ETHERTYPE_LANBRIDGE
+#define	ETHERTYPE_LANBRIDGE	0x8038
+#endif
+#ifndef	ETHERTYPE_DECDNS
+#define	ETHERTYPE_DECDNS	0x803c
+#endif
+#ifndef	ETHERTYPE_DECDTS
+#define	ETHERTYPE_DECDTS	0x803e
+#endif
+#ifndef	ETHERTYPE_VEXP
+#define	ETHERTYPE_VEXP		0x805b
+#endif
+#ifndef	ETHERTYPE_VPROD
+#define	ETHERTYPE_VPROD		0x805c
+#endif
+#ifndef ETHERTYPE_ATALK
+#define ETHERTYPE_ATALK		0x809b
+#endif
+#ifndef ETHERTYPE_AARP
+#define ETHERTYPE_AARP		0x80f3
+#endif
+#ifndef	ETHERTYPE_LOOPBACK
+#define	ETHERTYPE_LOOPBACK	0x9000
+#endif
diff --git a/contrib/tcpdump/extract.h b/contrib/tcpdump/extract.h
new file mode 100644
index 000000000000..62f3f306f656
--- /dev/null
+++ b/contrib/tcpdump/extract.h
@@ -0,0 +1,57 @@
+/*
+ * Copyright (c) 1992, 1993, 1994, 1995, 1996
+ *	The Regents of the University of California.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that: (1) source code distributions
+ * retain the above copyright notice and this paragraph in its entirety, (2)
+ * distributions including binary code include the above copyright notice and
+ * this paragraph in its entirety in the documentation or other materials
+ * provided with the distribution, and (3) all advertising materials mentioning
+ * features or use of this software display the following acknowledgement:
+ * ``This product includes software developed by the University of California,
+ * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
+ * the University nor the names of its contributors may be used to endorse
+ * or promote products derived from this software without specific prior
+ * written permission.
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
+ *
+ * @(#) $Header: extract.h,v 1.14 96/07/15 18:23:12 leres Exp $ (LBL)
+ */
+
+/* Network to host order macros */
+
+#ifdef LBL_ALIGN
+#define EXTRACT_16BITS(p) \
+	((u_short)*((u_char *)(p) + 0) << 8 | \
+	(u_short)*((u_char *)(p) + 1))
+#define EXTRACT_32BITS(p) \
+	((u_int32_t)*((u_char *)(p) + 0) << 24 | \
+	(u_int32_t)*((u_char *)(p) + 1) << 16 | \
+	(u_int32_t)*((u_char *)(p) + 2) << 8 | \
+	(u_int32_t)*((u_char *)(p) + 3))
+#else
+#define EXTRACT_16BITS(p) \
+	((u_short)ntohs(*(u_short *)(p)))
+#define EXTRACT_32BITS(p) \
+	ntohl(*(u_int32_t *)(p))
+#endif
+
+#define EXTRACT_24BITS(p) \
+	((u_int32_t)*((u_char *)(p) + 0) << 16 | \
+	(u_int32_t)*((u_char *)(p) + 1) << 8 | \
+	(u_int32_t)*((u_char *)(p) + 2))
+
+/* Little endian protocol host order macros */
+
+#define EXTRACT_LE_8BITS(p) (*(p))
+#define EXTRACT_LE_16BITS(p) \
+	((u_short)*((u_char *)(p) + 1) << 8 | \
+	(u_short)*((u_char *)(p) + 0))
+#define EXTRACT_LE_32BITS(p) \
+	((u_int32_t)*((u_char *)(p) + 3) << 24 | \
+	(u_int32_t)*((u_char *)(p) + 2) << 16 | \
+	(u_int32_t)*((u_char *)(p) + 1) << 8 | \
+	(u_int32_t)*((u_char *)(p) + 0))
diff --git a/contrib/tcpdump/fddi.h b/contrib/tcpdump/fddi.h
new file mode 100644
index 000000000000..96ff8201be57
--- /dev/null
+++ b/contrib/tcpdump/fddi.h
@@ -0,0 +1,69 @@
+/*
+ * Copyright (c) 1992, 1993, 1994, 1995, 1996
+ *	The Regents of the University of California.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that: (1) source code distributions
+ * retain the above copyright notice and this paragraph in its entirety, (2)
+ * distributions including binary code include the above copyright notice and
+ * this paragraph in its entirety in the documentation or other materials
+ * provided with the distribution, and (3) all advertising materials mentioning
+ * features or use of this software display the following acknowledgement:
+ * ``This product includes software developed by the University of California,
+ * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
+ * the University nor the names of its contributors may be used to endorse
+ * or promote products derived from this software without specific prior
+ * written permission.
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
+ *
+ * @(#) $Header: fddi.h,v 1.8 96/06/03 03:06:04 leres Exp $ (LBL)
+ */
+
+/*
+ * Based on Ultrix if_fddi.h
+ */
+
+/*
+ * This stuff should come from a system header file, but there's no
+ * obviously portable way to do that and it's not really going
+ * to change from system to system (except for the padding business).
+ */
+
+struct fddi_header {
+	u_char  fddi_fc;		/* frame control */
+	u_char  fddi_dhost[6];
+	u_char  fddi_shost[6];
+};
+
+
+/* Useful values for fddi_fc (frame control) field */
+
+/*
+ * FDDI Frame Control bits
+ */
+#define	FDDIFC_C		0x80		/* Class bit */
+#define	FDDIFC_L		0x40		/* Address length bit */
+#define	FDDIFC_F		0x30		/* Frame format bits */
+#define	FDDIFC_Z		0x0f		/* Control bits */
+
+/*
+ * FDDI Frame Control values. (48-bit addressing only).
+ */
+#define	FDDIFC_VOID		0x40		/* Void frame */
+#define	FDDIFC_NRT		0x80		/* Nonrestricted token */
+#define	FDDIFC_RT		0xc0		/* Restricted token */
+#define	FDDIFC_SMT_INFO		0x41		/* SMT Info */
+#define	FDDIFC_SMT_NSA		0x4F		/* SMT Next station adrs */
+#define	FDDIFC_MAC_BEACON	0xc2		/* MAC Beacon frame */
+#define	FDDIFC_MAC_CLAIM	0xc3		/* MAC Claim frame */
+#define	FDDIFC_LLC_ASYNC	0x50		/* Async. LLC frame */
+#define	FDDIFC_LLC_SYNC		0xd0		/* Sync. LLC frame */
+#define	FDDIFC_IMP_ASYNC	0x60		/* Implementor Async. */
+#define	FDDIFC_IMP_SYNC		0xe0		/* Implementor Synch. */
+#define FDDIFC_SMT		0x40		/* SMT frame */
+#define FDDIFC_MAC		0xc0		/* MAC frame */
+
+#define	FDDIFC_CLFF		0xF0		/* Class/Length/Format bits */
+#define	FDDIFC_ZZZZ		0x0F		/* Control bits */
diff --git a/contrib/tcpdump/igrp.h b/contrib/tcpdump/igrp.h
new file mode 100644
index 000000000000..cf4c1a44264f
--- /dev/null
+++ b/contrib/tcpdump/igrp.h
@@ -0,0 +1,36 @@
+/* Cisco IGRP definitions */
+
+/* IGRP Header */
+
+struct igrphdr {
+#if BYTE_ORDER == LITTLE_ENDIAN
+	u_char ig_op:4;		/* opcode */
+	u_char ig_v:4;		/* protocol version number */
+#else
+	u_char ig_v:4;		/* protocol version number */
+	u_char ig_op:4;		/* opcode */
+#endif
+	u_char ig_ed;		/* edition number */
+	u_short ig_as;		/* autonomous system number */
+	u_short ig_ni;		/* number of subnet in local net */
+	u_short ig_ns;		/* number of networks in AS */
+	u_short ig_nx;		/* number of networks ouside AS */
+	u_short ig_sum;		/* checksum of IGRP header & data */
+};
+
+#define IGRP_UPDATE	1
+#define IGRP_REQUEST	2
+
+/* IGRP routing entry */
+
+struct igrprte {
+	u_char igr_net[3];	/* 3 significant octets of IP address */
+	u_char igr_dly[3];	/* delay in tens of microseconds */
+	u_char igr_bw[3];	/* bandwidth in units of 1 kb/s */
+	u_char igr_mtu[2];	/* MTU in octets */
+	u_char igr_rel;		/* percent packets successfully tx/rx */
+	u_char igr_ld;		/* percent of channel occupied */
+	u_char igr_hct;		/* hop count */
+};
+
+#define IGRP_RTE_SIZE	14	/* don't believe sizeof ! */
diff --git a/contrib/tcpdump/install-sh b/contrib/tcpdump/install-sh
new file mode 100755
index 000000000000..58719246f040
--- /dev/null
+++ b/contrib/tcpdump/install-sh
@@ -0,0 +1,238 @@
+#! /bin/sh
+#
+# install - install a program, script, or datafile
+# This comes from X11R5.
+#
+# Calling this script install-sh is preferred over install.sh, to prevent
+# `make' implicit rules from creating a file called install from it
+# when there is no Makefile.
+#
+# This script is compatible with the BSD install script, but was written
+# from scratch.
+#
+
+
+# set DOITPROG to echo to test this script
+
+# Don't use :- since 4.3BSD and earlier shells don't like it.
+doit="${DOITPROG-}"
+
+
+# put in absolute paths if you don't have them in your path; or use env. vars.
+
+mvprog="${MVPROG-mv}"
+cpprog="${CPPROG-cp}"
+chmodprog="${CHMODPROG-chmod}"
+chownprog="${CHOWNPROG-chown}"
+chgrpprog="${CHGRPPROG-chgrp}"
+stripprog="${STRIPPROG-strip}"
+rmprog="${RMPROG-rm}"
+mkdirprog="${MKDIRPROG-mkdir}"
+
+transformbasename=""
+transform_arg=""
+instcmd="$mvprog"
+chmodcmd="$chmodprog 0755"
+chowncmd=""
+chgrpcmd=""
+stripcmd=""
+rmcmd="$rmprog -f"
+mvcmd="$mvprog"
+src=""
+dst=""
+dir_arg=""
+
+while [ x"$1" != x ]; do
+    case $1 in
+	-c) instcmd="$cpprog"
+	    shift
+	    continue;;
+
+	-d) dir_arg=true
+	    shift
+	    continue;;
+
+	-m) chmodcmd="$chmodprog $2"
+	    shift
+	    shift
+	    continue;;
+
+	-o) chowncmd="$chownprog $2"
+	    shift
+	    shift
+	    continue;;
+
+	-g) chgrpcmd="$chgrpprog $2"
+	    shift
+	    shift
+	    continue;;
+
+	-s) stripcmd="$stripprog"
+	    shift
+	    continue;;
+
+	-t=*) transformarg=`echo $1 | sed 's/-t=//'`
+	    shift
+	    continue;;
+
+	-b=*) transformbasename=`echo $1 | sed 's/-b=//'`
+	    shift
+	    continue;;
+
+	*)  if [ x"$src" = x ]
+	    then
+		src=$1
+	    else
+		# this colon is to work around a 386BSD /bin/sh bug
+		:
+		dst=$1
+	    fi
+	    shift
+	    continue;;
+    esac
+done
+
+if [ x"$src" = x ]
+then
+	echo "install:	no input file specified"
+	exit 1
+else
+	true
+fi
+
+if [ x"$dir_arg" != x ]; then
+	dst=$src
+	src=""
+	
+	if [ -d $dst ]; then
+		instcmd=:
+	else
+		instcmd=mkdir
+	fi
+else
+
+# Waiting for this to be detected by the "$instcmd $src $dsttmp" command
+# might cause directories to be created, which would be especially bad 
+# if $src (and thus $dsttmp) contains '*'.
+
+	if [ -f $src -o -d $src ]
+	then
+		true
+	else
+		echo "install:  $src does not exist"
+		exit 1
+	fi
+	
+	if [ x"$dst" = x ]
+	then
+		echo "install:	no destination specified"
+		exit 1
+	else
+		true
+	fi
+
+# If destination is a directory, append the input filename; if your system
+# does not like double slashes in filenames, you may need to add some logic
+
+	if [ -d $dst ]
+	then
+		dst="$dst"/`basename $src`
+	else
+		true
+	fi
+fi
+
+## this sed command emulates the dirname command
+dstdir=`echo $dst | sed -e 's,[^/]*$,,;s,/$,,;s,^$,.,'`
+
+# Make sure that the destination directory exists.
+#  this part is taken from Noah Friedman's mkinstalldirs script
+
+# Skip lots of stat calls in the usual case.
+if [ ! -d "$dstdir" ]; then
+defaultIFS='	
+'
+IFS="${IFS-${defaultIFS}}"
+
+oIFS="${IFS}"
+# Some sh's can't handle IFS=/ for some reason.
+IFS='%'
+set - `echo ${dstdir} | sed -e 's@/@%@g' -e 's@^%@/@'`
+IFS="${oIFS}"
+
+pathcomp=''
+
+while [ $# -ne 0 ] ; do
+	pathcomp="${pathcomp}${1}"
+	shift
+
+	if [ ! -d "${pathcomp}" ] ;
+        then
+		$mkdirprog "${pathcomp}"
+	else
+		true
+	fi
+
+	pathcomp="${pathcomp}/"
+done
+fi
+
+if [ x"$dir_arg" != x ]
+then
+	$doit $instcmd $dst &&
+
+	if [ x"$chowncmd" != x ]; then $doit $chowncmd $dst; else true ; fi &&
+	if [ x"$chgrpcmd" != x ]; then $doit $chgrpcmd $dst; else true ; fi &&
+	if [ x"$stripcmd" != x ]; then $doit $stripcmd $dst; else true ; fi &&
+	if [ x"$chmodcmd" != x ]; then $doit $chmodcmd $dst; else true ; fi
+else
+
+# If we're going to rename the final executable, determine the name now.
+
+	if [ x"$transformarg" = x ] 
+	then
+		dstfile=`basename $dst`
+	else
+		dstfile=`basename $dst $transformbasename | 
+			sed $transformarg`$transformbasename
+	fi
+
+# don't allow the sed command to completely eliminate the filename
+
+	if [ x"$dstfile" = x ] 
+	then
+		dstfile=`basename $dst`
+	else
+		true
+	fi
+
+# Make a temp file name in the proper directory.
+
+	dsttmp=$dstdir/#inst.$$#
+
+# Move or copy the file name to the temp name
+
+	$doit $instcmd $src $dsttmp &&
+
+	trap "rm -f ${dsttmp}" 0 &&
+
+# and set any options; do chmod last to preserve setuid bits
+
+# If any of these fail, we abort the whole thing.  If we want to
+# ignore errors from any of these, just make sure not to ignore
+# errors from the above "$doit $instcmd $src $dsttmp" command.
+
+	if [ x"$chowncmd" != x ]; then $doit $chowncmd $dsttmp; else true;fi &&
+	if [ x"$chgrpcmd" != x ]; then $doit $chgrpcmd $dsttmp; else true;fi &&
+	if [ x"$stripcmd" != x ]; then $doit $stripcmd $dsttmp; else true;fi &&
+	if [ x"$chmodcmd" != x ]; then $doit $chmodcmd $dsttmp; else true;fi &&
+
+# Now rename the file to the real destination.
+
+	$doit $rmcmd -f $dstdir/$dstfile &&
+	$doit $mvcmd $dsttmp $dstdir/$dstfile 
+
+fi &&
+
+
+exit 0
diff --git a/contrib/tcpdump/interface.h b/contrib/tcpdump/interface.h
new file mode 100644
index 000000000000..d33a8fff5123
--- /dev/null
+++ b/contrib/tcpdump/interface.h
@@ -0,0 +1,195 @@
+/*
+ * Copyright (c) 1988, 1989, 1990, 1991, 1992, 1993, 1994, 1995, 1996
+ *	The Regents of the University of California.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that: (1) source code distributions
+ * retain the above copyright notice and this paragraph in its entirety, (2)
+ * distributions including binary code include the above copyright notice and
+ * this paragraph in its entirety in the documentation or other materials
+ * provided with the distribution, and (3) all advertising materials mentioning
+ * features or use of this software display the following acknowledgement:
+ * ``This product includes software developed by the University of California,
+ * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
+ * the University nor the names of its contributors may be used to endorse
+ * or promote products derived from this software without specific prior
+ * written permission.
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
+ *
+ * @(#) $Header: interface.h,v 1.95 96/07/14 19:38:52 leres Exp $ (LBL)
+ */
+
+#ifndef tcpdump_interface_h
+#define tcpdump_interface_h
+
+#include "gnuc.h"
+#ifdef HAVE_OS_PROTO_H
+#include "os-proto.h"
+#endif
+
+struct tok {
+	int v;			/* value */
+	char *s;		/* string */
+};
+
+extern int dflag;		/* print filter code */
+extern int eflag;		/* print ethernet header */
+extern int nflag;		/* leave addresses as numbers */
+extern int Nflag;		/* remove domains from printed host names */
+extern int qflag;		/* quick (shorter) output */
+extern int Sflag;		/* print raw TCP sequence numbers */
+extern int tflag;		/* print packet arrival time */
+extern int vflag;		/* verbose */
+extern int xflag;		/* print packet in hex */
+
+extern int packettype;		/* as specified by -T */
+#define PT_VAT		1	/* Visual Audio Tool */
+#define PT_WB		2	/* distributed White Board */
+#define PT_RPC		3	/* Remote Procedure Call */
+#define PT_RTP		4	/* Real-Time Applications protocol */
+#define PT_RTCP		5	/* Real-Time Applications control protocol */
+
+extern char *program_name;	/* used to generate self-identifying messages */
+
+extern int32_t thiszone;	/* seconds offset from gmt to local time */
+
+extern int snaplen;
+/* global pointers to beginning and end of current packet (during printing) */
+extern const u_char *packetp;
+extern const u_char *snapend;
+
+#define TCHECK2(var, l) if ((u_char *)&(var) > snapend - (l)) goto trunc
+#define TCHECK(var) TCHECK2(var, sizeof(var))
+
+#ifdef __STDC__
+struct timeval;
+#endif
+
+extern void ts_print(const struct timeval *);
+extern int32_t gmt2local(void);
+
+extern int fn_print(const u_char *, const u_char *);
+extern int fn_printn(const u_char *, u_int, const u_char *);
+extern const char *tok2str(const struct tok *, const char *, int);
+extern char *dnaddr_string(u_short);
+extern char *savestr(const char *);
+
+extern void wrapup(int);
+
+#if __STDC__
+extern __dead void error(const char *, ...)
+    __attribute__((volatile, format (printf, 1, 2)));
+extern void warning(const char *, ...) __attribute__ ((format (printf, 1, 2)));
+#endif
+
+extern char *read_infile(char *);
+extern char *copy_argv(char **);
+
+extern char *isonsap_string(const u_char *);
+extern char *llcsap_string(u_char);
+extern char *protoid_string(const u_char *);
+extern char *dnname_string(u_short);
+extern char *dnnum_string(u_short);
+
+/* The printer routines. */
+
+#ifdef __STDC__
+struct pcap_pkthdr;
+#endif
+
+extern void atm_if_print(u_char *, const struct pcap_pkthdr *, const u_char *);
+extern void ether_if_print(u_char *, const struct pcap_pkthdr *,
+	const u_char *);
+extern void fddi_if_print(u_char *, const struct pcap_pkthdr *, const u_char*);
+extern void null_if_print(u_char *, const struct pcap_pkthdr *, const u_char*);
+extern void ppp_if_print(u_char *, const struct pcap_pkthdr *, const u_char *);
+extern void sl_if_print(u_char *, const struct pcap_pkthdr *, const u_char *);
+
+extern void arp_print(const u_char *, u_int, u_int);
+extern void ip_print(const u_char *, u_int);
+extern void tcp_print(const u_char *, u_int, const u_char *);
+extern void udp_print(const u_char *, u_int, const u_char *);
+extern void icmp_print(const u_char *, const u_char *);
+extern void igrp_print(const u_char *, u_int, const u_char *);
+extern void default_print(const u_char *, u_int);
+extern void default_print_unaligned(const u_char *, u_int);
+
+extern void aarp_print(const u_char *, u_int);
+extern void atalk_print(const u_char *, u_int);
+extern void bootp_print(const u_char *, u_int, u_short, u_short);
+extern void decnet_print(const u_char *, u_int, u_int);
+extern void egp_print(const u_char *, u_int, const u_char *);
+extern int ether_encap_print(u_short, const u_char *, u_int, u_int);
+extern void ipx_print(const u_char *, u_int);
+extern void isoclns_print(const u_char *, u_int, u_int,
+	const u_char *, const u_char *);
+extern int llc_print(const u_char *, u_int, u_int,
+	const u_char *, const u_char *);
+extern void nfsreply_print(const u_char *, u_int, const u_char *);
+extern void nfsreq_print(const u_char *, u_int, const u_char *);
+extern void ns_print(const u_char *, u_int);
+extern void ntp_print(const u_char *, u_int);
+extern void ospf_print(const u_char *, u_int, const u_char *);
+extern void rip_print(const u_char *, u_int);
+extern void snmp_print(const u_char *, u_int);
+extern void sunrpcrequest_print(const u_char *, u_int, const u_char *);
+extern void tftp_print(const u_char *, u_int);
+extern void wb_print(const void *, u_int);
+extern void dvmrp_print(const u_char *, u_int);
+extern void pim_print(const u_char *, u_int);
+extern void krb_print(const u_char *, u_int);
+
+#ifndef min
+#define min(a,b) ((a)>(b)?(b):(a))
+#endif
+#ifndef max
+#define max(a,b) ((b)>(a)?(b):(a))
+#endif
+
+/*
+ * The default snapshot length.  This value allows most printers to print
+ * useful information while keeping the amount of unwanted data down.
+ * In particular, it allows for an ethernet header, tcp/ip header, and
+ * 14 bytes of data (assuming no ip options).
+ */
+#define DEFAULT_SNAPLEN 68
+
+#ifndef BIG_ENDIAN
+#define BIG_ENDIAN 4321
+#define LITTLE_ENDIAN 1234
+#endif
+
+#ifdef ETHER_HEADER_HAS_EA
+#define ESRC(ep) ((ep)->ether_shost.ether_addr_octet)
+#define EDST(ep) ((ep)->ether_dhost.ether_addr_octet)
+#else
+#define ESRC(ep) ((ep)->ether_shost)
+#define EDST(ep) ((ep)->ether_dhost)
+#endif
+
+#ifdef ETHER_ARP_HAS_X
+#define SHA(ap) ((ap)->arp_xsha)
+#define THA(ap) ((ap)->arp_xtha)
+#define SPA(ap) ((ap)->arp_xspa)
+#define TPA(ap) ((ap)->arp_xtpa)
+#else
+#ifdef ETHER_ARP_HAS_EA
+#define SHA(ap) ((ap)->arp_sha.ether_addr_octet)
+#define THA(ap) ((ap)->arp_tha.ether_addr_octet)
+#else
+#define SHA(ap) ((ap)->arp_sha)
+#define THA(ap) ((ap)->arp_tha)
+#endif
+#define SPA(ap) ((ap)->arp_spa)
+#define TPA(ap) ((ap)->arp_tpa)
+#endif
+
+#ifndef NTOHL
+#define NTOHL(x)	(x) = ntohl(x)
+#define NTOHS(x)	(x) = ntohs(x)
+#define HTONL(x)	(x) = htonl(x)
+#define HTONS(x)	(x) = htons(x)
+#endif
+#endif
diff --git a/contrib/tcpdump/ipx.h b/contrib/tcpdump/ipx.h
new file mode 100644
index 000000000000..0a707241701a
--- /dev/null
+++ b/contrib/tcpdump/ipx.h
@@ -0,0 +1,29 @@
+/*
+ * IPX protocol formats 
+ *
+ * @(#) $Header: ipx.h,v 1.1 94/06/09 11:47:03 mccanne Exp $
+ */
+
+/* well-known sockets */
+#define	IPX_SKT_NCP		0x0451
+#define	IPX_SKT_SAP		0x0452
+#define	IPX_SKT_RIP		0x0453
+#define	IPX_SKT_NETBIOS		0x0455
+#define	IPX_SKT_DIAGNOSTICS	0x0456
+
+/* IPX transport header */
+struct ipxHdr {
+    u_short	cksum;		/* Checksum */
+    u_short	length;		/* Length, in bytes, including header */
+    u_char	tCtl;		/* Transport Control (i.e. hop count) */
+    u_char	pType;		/* Packet Type (i.e. level 2 protocol) */
+    u_short	dstNet[2];	/* destination net */
+    u_char	dstNode[6];	/* destination node */
+    u_short	dstSkt;		/* destination socket */
+    u_short	srcNet[2];	/* source net */
+    u_char	srcNode[6];	/* source node */
+    u_short	srcSkt;		/* source socket */
+} ipx_hdr_t;
+
+#define ipxSize	30
+
diff --git a/contrib/tcpdump/lbl/gnuc.h b/contrib/tcpdump/lbl/gnuc.h
new file mode 100644
index 000000000000..9a3200c83632
--- /dev/null
+++ b/contrib/tcpdump/lbl/gnuc.h
@@ -0,0 +1,43 @@
+/* @(#) $Header: gnuc.h,v 1.3 95/10/09 02:47:01 leres Exp $ (LBL) */
+
+/* Define __P() macro, if necessary */
+#ifndef __P
+#if __STDC__
+#define __P(protos) protos
+#else
+#define __P(protos) ()
+#endif
+#endif
+
+/* inline foo */
+#ifdef __GNUC__
+#define inline __inline
+#else
+#define inline
+#endif
+
+/*
+ * Handle new and old "dead" routine prototypes
+ *
+ * For example:
+ *
+ *	__dead void foo(void) __attribute__((volatile));
+ *
+ */
+#ifdef __GNUC__
+#ifndef __dead
+#define __dead volatile
+#endif
+#if __GNUC__ < 2  || (__GNUC__ == 2 && __GNUC_MINOR__ < 5)
+#ifndef __attribute__
+#define __attribute__(args)
+#endif
+#endif
+#else
+#ifndef __dead
+#define __dead
+#endif
+#ifndef __attribute__
+#define __attribute__(args)
+#endif
+#endif
diff --git a/contrib/tcpdump/lbl/os-solaris2.h b/contrib/tcpdump/lbl/os-solaris2.h
new file mode 100644
index 000000000000..96a581ffe523
--- /dev/null
+++ b/contrib/tcpdump/lbl/os-solaris2.h
@@ -0,0 +1,113 @@
+/*
+ * Copyright (c) 1993, 1994, 1995, 1996
+ *	The Regents of the University of California.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that: (1) source code distributions
+ * retain the above copyright notice and this paragraph in its entirety, (2)
+ * distributions including binary code include the above copyright notice and
+ * this paragraph in its entirety in the documentation or other materials
+ * provided with the distribution, and (3) all advertising materials mentioning
+ * features or use of this software display the following acknowledgement:
+ * ``This product includes software developed by the University of California,
+ * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
+ * the University nor the names of its contributors may be used to endorse
+ * or promote products derived from this software without specific prior
+ * written permission.
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
+ *
+ * @(#) $Header: os-solaris2.h,v 1.16 96/07/05 22:11:23 leres Exp $ (LBL)
+ */
+
+/* Signal routines are this type */
+#define SIGRET void
+/* Signal routines use "return SIGRETVAL;" */
+#define SIGRETVAL
+/* The wait() status variable is this type */
+#define WAITSTATUS int
+
+#define major(x)	((int)(((unsigned)(x)>>8)&0377))
+#define minor(x)	((int)((x)&0377))
+
+/* Prototypes missing in SunOS 5 */
+int	daemon(int, int);
+int	dn_expand(u_char *, u_char *, u_char *, u_char *, int);
+int	dn_skipname(u_char *, u_char *);
+int	getdtablesize(void);
+int	gethostname(char *, int);
+char	*getusershell(void);
+char	*getwd(char *);
+int	iruserok(u_int, int, char *, char *);
+#ifdef __STDC__
+struct	utmp;
+void	login(struct utmp *);
+#endif
+int	logout(const char *);
+int	res_query(char *, int, int, u_char *, int);
+int	setenv(const char *, const char *, int);
+#if defined(_STDIO_H) && defined(HAVE_SETLINEBUF)
+int	setlinebuf(FILE *);
+#endif
+int	sigblock(int);
+int	sigsetmask(int);
+char    *strerror(int);
+int	snprintf(char *, size_t, const char *, ...);
+int	strcasecmp(const char *, const char *);
+void	unsetenv(const char *);
+#ifdef __STDC__
+struct	timeval;
+#endif
+int	utimes(const char *, struct timeval *);
+
+/* Solaris signal compat */
+#ifndef sigmask
+#define sigmask(m)	(1 << ((m)-1))
+#endif
+#ifndef signal
+#define signal(s, f)	sigset(s, f)
+#endif
+
+/* Solaris random compat */
+#ifndef srandom
+#define srandom(seed) srand48((long)seed)
+#endif
+#ifndef random
+#define random() lrand48()
+#endif
+
+#ifndef CBREAK
+#define CBREAK	O_CBREAK
+#define CRMOD	O_CRMOD
+#define RAW	O_RAW
+#define TBDELAY	O_TBDELAY
+#endif
+
+#ifndef TIOCPKT_DATA
+#define		TIOCPKT_DATA		0x00	/* data packet */
+#define		TIOCPKT_FLUSHREAD	0x01	/* flush packet */
+#define		TIOCPKT_FLUSHWRITE	0x02	/* flush packet */
+#define		TIOCPKT_STOP		0x04	/* stop output */
+#define		TIOCPKT_START		0x08	/* start output */
+#define		TIOCPKT_NOSTOP		0x10	/* no more ^S, ^Q */
+#define		TIOCPKT_DOSTOP		0x20	/* now do ^S ^Q */
+#define		TIOCPKT_IOCTL		0x40	/* state change of pty driver */
+#endif
+
+#ifndef STDERR_FILENO
+#define STDERR_FILENO 2
+#define STDOUT_FILENO 1
+#define STDIN_FILENO 0
+#endif
+
+#ifndef FD_SET
+#define FD_SET(n, p)	((p)->fds_bits[0] |= (1<<(n)))
+#define FD_CLR(n, p)	((p)->fds_bits[0] &= ~(1<<(n)))
+#define FD_ISSET(n, p)	((p)->fds_bits[0] & (1<<(n)))
+#define FD_ZERO(p)	((p)->fds_bits[0] = 0)
+#endif
+
+#ifndef S_ISTXT
+#define S_ISTXT S_ISVTX
+#endif
diff --git a/contrib/tcpdump/lbl/os-sunos4.h b/contrib/tcpdump/lbl/os-sunos4.h
new file mode 100644
index 000000000000..7733d9414ba1
--- /dev/null
+++ b/contrib/tcpdump/lbl/os-sunos4.h
@@ -0,0 +1,237 @@
+/*
+ * Copyright (c) 1989, 1990, 1993, 1994, 1995, 1996
+ *	The Regents of the University of California.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that: (1) source code distributions
+ * retain the above copyright notice and this paragraph in its entirety, (2)
+ * distributions including binary code include the above copyright notice and
+ * this paragraph in its entirety in the documentation or other materials
+ * provided with the distribution, and (3) all advertising materials mentioning
+ * features or use of this software display the following acknowledgement:
+ * ``This product includes software developed by the University of California,
+ * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
+ * the University nor the names of its contributors may be used to endorse
+ * or promote products derived from this software without specific prior
+ * written permission.
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
+ *
+ * @(#) $Header: os-sunos4.h,v 1.31 96/06/24 02:39:07 leres Exp $ (LBL)
+ */
+
+#define SIGRET void
+#define SIGRETVAL
+#define WAITSTATUS int
+
+/* Prototypes missing in SunOS 4 */
+#ifdef FILE
+int	_filbuf(FILE *);
+int	_flsbuf(u_char, FILE *);
+int	fclose(FILE *);
+int	fflush(FILE *);
+int	fgetc(FILE *);
+int	fprintf(FILE *, const char *, ...);
+int	fputc(int, FILE *);
+int	fputs(const char *, FILE *);
+u_int	fread(void *, u_int, u_int, FILE *);
+int	fseek(FILE *, long, int);
+u_int	fwrite(const void *, u_int, u_int, FILE *);
+int	pclose(FILE *);
+void	rewind(FILE *);
+void	setbuf(FILE *, char *);
+int	setlinebuf(FILE *);
+int	ungetc(int, FILE *);
+int	vfprintf(FILE *, const char *, ...);
+int	vprintf(const char *, ...);
+#endif
+
+#if __GNUC__ <= 1
+int	read(int, char *, u_int);
+int	write(int, char *, u_int);
+#endif
+
+long	a64l(const char *);
+#ifdef __STDC__
+struct	sockaddr;
+#endif
+int	accept(int, struct sockaddr *, int *);
+int	bind(int, struct sockaddr *, int);
+int	bcmp(const void *, const void *, u_int);
+void	bcopy(const void *, void *, u_int);
+void	bzero(void *, int);
+int	chroot(const char *);
+int	close(int);
+void	closelog(void);
+int	connect(int, struct sockaddr *, int);
+char	*crypt(const char *, const char *);
+int	daemon(int, int);
+int	fchmod(int, int);
+int	fchown(int, int, int);
+void	endgrent(void);
+void	endpwent(void);
+void	endservent(void);
+#ifdef __STDC__
+struct	ether_addr;
+#endif
+struct	ether_addr *ether_aton(const char *);
+int	flock(int, int);
+#ifdef __STDC__
+struct	stat;
+#endif
+int	fstat(int, struct stat *);
+#ifdef __STDC__
+struct statfs;
+#endif
+int	fstatfs(int, struct statfs *);
+int	fsync(int);
+#ifdef __STDC__
+struct timeb;
+#endif
+int	ftime(struct timeb *);
+int	ftruncate(int, off_t);
+int	getdtablesize(void);
+long	gethostid(void);
+int	gethostname(char *, int);
+int	getopt(int, char * const *, const char *);
+int	getpagesize(void);
+char	*getpass(char *);
+int	getpeername(int, struct sockaddr *, int *);
+int	getpriority(int, int);
+#ifdef __STDC__
+struct	rlimit;
+#endif
+int	getrlimit(int, struct rlimit *);
+int	getsockname(int, struct sockaddr *, int *);
+int	getsockopt(int, int, int, char *, int *);
+#ifdef __STDC__
+struct	timeval;
+struct	timezone;
+#endif
+int	gettimeofday(struct timeval *, struct timezone *);
+char	*getusershell(void);
+char	*getwd(char *);
+int	initgroups(const char *, int);
+int	ioctl(int, int, caddr_t);
+int	iruserok(u_long, int, char *, char *);
+int	isatty(int);
+int	killpg(int, int);
+int	listen(int, int);
+#ifdef __STDC__
+struct	utmp;
+#endif
+void	login(struct utmp *);
+int	logout(const char *);
+off_t	lseek(int, off_t, int);
+int	lstat(const char *, struct stat *);
+int	mkstemp(char *);
+char	*mktemp(char *);
+int	munmap(caddr_t, int);
+void	openlog(const char *, int, int);
+void	perror(const char *);
+int	printf(const char *, ...);
+int	puts(const char *);
+long	random(void);
+int	readlink(const char *, char *, int);
+#ifdef __STDC__
+struct	iovec;
+#endif
+int	readv(int, struct iovec *, int);
+int	recv(int, char *, u_int, int);
+int	recvfrom(int, char *, u_int, int, struct sockaddr *, int *);
+int	rename(const char *, const char *);
+int	rcmd(char **, u_short, char *, char *, char *, int *);
+int	rresvport(int *);
+int	send(int, char *, u_int, int);
+int	sendto(int, char *, u_int, int, struct sockaddr *, int);
+int	setenv(const char *, const char *, int);
+int	seteuid(int);
+int	setpriority(int, int, int);
+int	select(int, fd_set *, fd_set *, fd_set *, struct timeval *);
+int	setpgrp(int, int);
+void	setpwent(void);
+int	setrlimit(int, struct rlimit *);
+void	setservent(int);
+int	setsockopt(int, int, int, char *, int);
+int	shutdown(int, int);
+int	sigblock(int);
+void	(*signal (int, void (*) (int))) (int);
+int	sigpause(int);
+int	sigsetmask(int);
+#ifdef __STDC__
+struct	sigvec;
+#endif
+int	sigvec(int, struct sigvec *, struct sigvec*);
+int	snprintf(char *, size_t, const char *, ...);
+int	socket(int, int, int);
+int	socketpair(int, int, int, int *);
+int	symlink(const char *, const char *);
+void	srandom(int);
+int	sscanf(char *, const char *, ...);
+int	stat(const char *, struct stat *);
+int	statfs(char *, struct statfs *);
+char	*strerror(int);
+int	strcasecmp(const char *, const char *);
+#ifdef __STDC__
+struct	tm;
+#endif
+int	strftime(char *, int, char *, struct tm *);
+int	strncasecmp(const char *, const char *, int);
+long	strtol(const char *, char **, int);
+void	sync(void);
+void	syslog(int, const char *, ...);
+int	system(const char *);
+long	tell(int);
+time_t	time(time_t *);
+char	*timezone(int, int);
+int	tolower(int);
+int	toupper(int);
+int	truncate(char *, off_t);
+void	unsetenv(const char *);
+int	vfork(void);
+int	vsprintf(char *, const char *, ...);
+int	writev(int, struct iovec *, int);
+#ifdef __STDC__
+struct	rusage;
+#endif
+int	utimes(const char *, struct timeval *);
+#if __GNUC__ <= 1
+int	wait(int *);
+pid_t	wait3(int *, int, struct rusage *);
+#endif
+
+extern	int opterr, optind, optopt;
+extern	char *optarg;
+
+/* Map protocol types */
+#define ETHERPUP_IPTYPE ETHERTYPE_IP
+#define ETHERPUP_REVARPTYPE ETHERTYPE_REVARP
+#define ETHERPUP_ARPTYPE ETHERTYPE_ARP
+
+/* Ugly signal hacking */
+#ifdef SIG_ERR
+#undef SIG_ERR
+#define SIG_ERR		(void (*)(int))-1
+#undef SIG_DFL
+#define SIG_DFL		(void (*)(int))0
+#undef SIG_IGN
+#define SIG_IGN		(void (*)(int))1
+
+#ifdef KERNEL
+#undef SIG_CATCH
+#define SIG_CATCH	(void (*)(int))2
+#endif
+#undef SIG_HOLD
+#define SIG_HOLD	(void (*)(int))3
+#endif
+
+#ifndef S_ISTXT
+#define S_ISTXT S_ISVTX
+#endif
+
+#ifndef S_IRWXU
+#define S_IRWXU 0000700			/* RWX mask for owner */
+#define S_IRWXG 0000070			/* RWX mask for group */
+#define S_IRWXO 0000007			/* RWX mask for other */
+#endif
diff --git a/contrib/tcpdump/llc.h b/contrib/tcpdump/llc.h
new file mode 100644
index 000000000000..89c10d52bdaa
--- /dev/null
+++ b/contrib/tcpdump/llc.h
@@ -0,0 +1,120 @@
+/*
+ * Copyright (c) 1993, 1994
+ *	The Regents of the University of California.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that: (1) source code distributions
+ * retain the above copyright notice and this paragraph in its entirety, (2)
+ * distributions including binary code include the above copyright notice and
+ * this paragraph in its entirety in the documentation or other materials
+ * provided with the distribution, and (3) all advertising materials mentioning
+ * features or use of this software display the following acknowledgement:
+ * ``This product includes software developed by the University of California,
+ * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
+ * the University nor the names of its contributors may be used to endorse
+ * or promote products derived from this software without specific prior
+ * written permission.
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
+ *
+ * @(#) $Header: llc.h,v 1.4 94/06/14 20:11:46 leres Exp $ (LBL)
+ */
+
+/*
+ * This stuff should come from a system header file, but there's no
+ * obviously portable way to do that and it's not really going
+ * to change from system to system.
+ */
+
+/*
+ * A somewhat abstracted view of the LLC header
+ */
+
+struct llc {
+	u_char dsap;
+	u_char ssap;
+	union {
+		u_char u_ctl;
+		u_short is_ctl;
+		struct {
+			u_char snap_ui;
+			u_char snap_pi[5];
+		} snap;
+		struct {
+			u_char snap_ui;
+			u_char snap_orgcode[3];
+			u_char snap_ethertype[2];
+		} snap_ether;
+	} ctl;
+};
+
+#define	llcui		ctl.snap.snap_ui
+#define	llcpi		ctl.snap.snap_pi
+#define	orgcode		ctl.snap_ether.snap_orgcode
+#define	ethertype	ctl.snap_ether.snap_ethertype
+#define	llcis		ctl.is_ctl
+#define	llcu		ctl.u_ctl
+
+#define	LLC_U_FMT	3
+#define	LLC_GSAP	1
+#define LLC_S_FMT	1
+
+#define	LLC_U_POLL	0x10
+#define	LLC_IS_POLL	0x0001
+#define	LLC_XID_FI	0x81
+
+#define	LLC_U_CMD(u)	((u) & 0xef)
+#define	LLC_UI		0x03
+#define	LLC_UA		0x63
+#define	LLC_DISC	0x43
+#define	LLC_DM		0x0f
+#define	LLC_SABME	0x6f
+#define	LLC_TEST	0xe3
+#define	LLC_XID		0xaf
+#define	LLC_FRMR	0x87
+
+#define	LLC_S_CMD(is)	(((is) >> 10) & 0x03)
+#define	LLC_RR		0x0100
+#define	LLC_RNR		0x0500
+#define	LLC_REJ		0x0900
+
+#define LLC_IS_NR(is)	(((is) >> 9) & 0x7f)
+#define LLC_I_NS(is)	(((is) >> 1) & 0x7f)
+
+#ifndef LLCSAP_NULL
+#define	LLCSAP_NULL		0x00
+#endif
+#ifndef LLCSAP_GLOBAL
+#define	LLCSAP_GLOBAL		0xff
+#endif
+#ifndef LLCSAP_8021B
+#define	LLCSAP_8021B_I		0x02
+#endif
+#ifndef LLCSAP_8021B
+#define	LLCSAP_8021B_G		0x03
+#endif
+#ifndef LLCSAP_IP
+#define	LLCSAP_IP		0x06
+#endif
+#ifndef LLCSAP_PROWAYNM
+#define	LLCSAP_PROWAYNM		0x0e
+#endif
+#ifndef LLCSAP_8021D
+#define	LLCSAP_8021D		0x42
+#endif
+#ifndef LLCSAP_RS511
+#define	LLCSAP_RS511		0x4e
+#endif
+#ifndef LLCSAP_ISO8208
+#define	LLCSAP_ISO8208		0x7e
+#endif
+#ifndef LLCSAP_PROWAY
+#define	LLCSAP_PROWAY		0x8e
+#endif
+#ifndef LLCSAP_SNAP
+#define	LLCSAP_SNAP		0xaa
+#endif
+#ifndef LLCSAP_ISONS
+#define	LLCSAP_ISONS		0xfe
+#endif
diff --git a/contrib/tcpdump/machdep.c b/contrib/tcpdump/machdep.c
new file mode 100644
index 000000000000..b1d0c1d35f5e
--- /dev/null
+++ b/contrib/tcpdump/machdep.c
@@ -0,0 +1,49 @@
+/*
+ * Copyright (c) 1996
+ *	The Regents of the University of California.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that: (1) source code distributions
+ * retain the above copyright notice and this paragraph in its entirety, (2)
+ * distributions including binary code include the above copyright notice and
+ * this paragraph in its entirety in the documentation or other materials
+ * provided with the distribution, and (3) all advertising materials mentioning
+ * features or use of this software display the following acknowledgement:
+ * ``This product includes software developed by the University of California,
+ * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
+ * the University nor the names of its contributors may be used to endorse
+ * or promote products derived from this software without specific prior
+ * written permission.
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
+ */
+
+#ifndef lint
+static  char rcsid[] =
+    "@(#)$Header: machdep.c,v 1.1 96/07/15 18:33:19 leres Exp $ (LBL)";
+#endif
+
+#include <sys/types.h>
+#ifdef __osf__
+#include <sys/sysinfo.h>
+#include <sys/proc.h>
+#endif
+
+#include <pcap.h>
+
+#include "machdep.h"
+
+int
+abort_on_misalignment(char *ebuf)
+{
+#ifdef __osf__
+	static int buf[2] = { SSIN_UACPROC, UAC_SIGBUS };
+
+	if (setsysinfo(SSI_NVPAIRS, (caddr_t)buf, 1, 0, 0) < 0) {
+		(void)sprintf(ebuf, "setsysinfo: %s", pcap_strerror(errno));
+		return (-1);
+	}
+#endif
+	return (0);
+}
diff --git a/contrib/tcpdump/machdep.h b/contrib/tcpdump/machdep.h
new file mode 100644
index 000000000000..87946b690470
--- /dev/null
+++ b/contrib/tcpdump/machdep.h
@@ -0,0 +1,27 @@
+/*
+ * Copyright (c) 1996
+ *	The Regents of the University of California.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that: (1) source code distributions
+ * retain the above copyright notice and this paragraph in its entirety, (2)
+ * distributions including binary code include the above copyright notice and
+ * this paragraph in its entirety in the documentation or other materials
+ * provided with the distribution, and (3) all advertising materials mentioning
+ * features or use of this software display the following acknowledgement:
+ * ``This product includes software developed by the University of California,
+ * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
+ * the University nor the names of its contributors may be used to endorse
+ * or promote products derived from this software without specific prior
+ * written permission.
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
+ *
+ * @(#) $Header: machdep.h,v 1.1 96/07/15 18:33:19 leres Exp $ (LBL)
+ */
+#ifndef tcpdump_machdep_h
+#define tcpdump_machdep_h
+
+int abort_on_misalignment(char *);
+#endif
diff --git a/contrib/tcpdump/makemib b/contrib/tcpdump/makemib
new file mode 100755
index 000000000000..3ab2d7d0d5c4
--- /dev/null
+++ b/contrib/tcpdump/makemib
@@ -0,0 +1,173 @@
+#!/bin/sh
+#
+# Copyright (c) 1990, 1996, by John Robert LoVerso.
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms are permitted
+# provided that the above copyright notice and this paragraph are
+# duplicated in all such forms and that any documentation,
+# advertising materials, and other materials related to such
+# distribution and use acknowledge that the software was developed
+# by John Robert LoVerso.
+# THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
+# IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
+# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
+#
+# @(#) $Id: makemib,v 2.1 90/07/10 23:51:54 loverso Exp Locker: loverso $ (jlv
+)
+
+#
+# This script will read either ASN.1-style MIB files or the ".defs" files
+# created by the ISODE "mosy" program on such files.
+#
+# The output of this script is the "mib.h" file used by tcpdumps' ASN.1/SNMP
+# decoding code.
+#
+# This script needs to be run by "gawk" (GNU awk).  "nawk" will work, but
+# dump will get a recursion error if you process LARGE mibs.  While it would
+# by farily easy to rewrite this not to use recursion (and also easy to
+# eliminate use of gsub and functions to use classic "awk"), you have to 
+# order the structure declarations in defined-first order for the compiler
+# not to barf; too bad tsort doesn't take arguments.
+#
+
+cat << EOF
+/*
+ * This file was generated by tcpdump/makemib on `date`
+ * You probably don't want to edit this by hand!
+ *
+ * struct mib somename = { desc, oid-octet, type, child-pointer, next-pointer 
+};
+ */
+
+EOF
+
+# use sed to make the ASN.1 easier to parse
+# I should really just use a recursive descent parser in awk, but...
+sed \
+	-e 's/--\*.*\*--//' \
+	-e 's/--.*//' \
+	-e 's/\([{}]\)/ \1 /g' \
+	$@ \
+| gawk '
+BEGIN {
+	# for sanity, we prep the namespace with objects from RFC-1155
+	# (we manually establish the root)
+	oid["iso"]=1
+	oidadd("org", "iso", 3)
+	oidadd("dod", "org", 6)
+	oidadd("internet", "dod", 1)
+	oidadd("directory", "internet", 1)
+	oidadd("mgmt", "internet", 2)
+	oidadd("mib", "mgmt", 1)
+	oidadd("experimental", "internet", 3)
+	oidadd("private", "internet", 4)
+	oidadd("enterprises", "private", 1)
+
+	holddesc="none"
+}
+
+#
+# Read mosy "*.defs" file.  mosy does all the parsing work; we just read
+# its simple and straightforward output.  It would not be too hard to make
+# tcpdump directly read mosy output, but...
+#
+
+NF > 1 && index($2,".")>0 {
+	# currently ignore items of the form "{ iso.3.6.1 }"
+	if (split($2, p, ".") == 2)
+		oidadd($1, p[1], p[2])
+	next
+}
+
+#
+# this next section is simple and naive, but does the job 100%
+#
+
+$2$3$4 == "OBJECTIDENTIFIER::=" {
+	holddesc="none"
+	if (NF == 8)
+		oidadd($1, $6, $7)
+}
+$2 == "OBJECT-TYPE" {
+	holddesc=$1
+}
+$1 == "::=" && holddesc != "none" && NF == 5 {
+	oidadd(holddesc, $3, $4)
+	holddesc="none"
+}
+
+# 
+# End of the road - output the data.
+#
+
+END {
+	print "struct obj"
+	dump("iso")
+	print "*mibroot = &_iso_obj;"
+}
+
+#
+# add a new object to the tree
+#
+#		new OBJECT IDENTIFIER ::= { parent value }
+#
+
+function oidadd(new, parent, value) {
+	# use safe C identifiers
+	gsub(/[-&\/]/,"",new)
+	gsub(/[-&\/]/,"",parent)
+	# check if parent missing
+	if (oid[parent] == 0) {
+		printf "/* parse problem: no parent for %s.%s(%d) */\n", \
+			parent, new, value
+		return
+	}
+	# check if parent.value already exists
+	if (oid[new] > 0 && oid[new] != value) {
+		printf "/* parse problem: dup %s.%s(%d) != old (%d) */\n", \
+			parent, new, value, oid[new]
+		return
+	}
+	# check for new name for parent.value
+	if (child[parent] != "") {
+		for (sib = child[parent]; sib != ""; sib = sibling[sib])
+			if (oid[sib] == value) {
+				printf "/* parse problem: new name \"%s\"" \
+					" for %s.%s(%d) ignored */\n", \
+						new, parent, sib, value
+				return
+			}
+	}
+
+	oid[new]=value
+	if (child[parent] == "") {
+		child[parent] = new
+	} else {
+		sibling[new] = child[parent]
+		child[parent] = new
+	}
+}
+
+#
+# old(?) routine to recurse down the tree (in postfix order for convenience)
+#
+
+function dump(item, c, s) {
+#	newitem=sofar"."item"("oid[item]")"
+#	printf "/* %s c=%s s=%s */\n", newitem, child[item], sibling[item]
+	c="NULL"
+	if (child[item] != "") {
+		dump(child[item])
+		c = "&_"child[item]"_obj"
+	}
+	s="NULL"
+	if (sibling[item] != "") {
+		dump(sibling[item])
+		s = "&_"sibling[item]"_obj"
+	}
+	printf "_%s_obj = {\n\t\"%s\", %d, 0,\n\t%s, %s\n},\n", \
+		item, item, oid[item], c, s
+}
+'
+exit 0
diff --git a/contrib/tcpdump/mib.h b/contrib/tcpdump/mib.h
new file mode 100644
index 000000000000..48ead9b9691b
--- /dev/null
+++ b/contrib/tcpdump/mib.h
@@ -0,0 +1,1256 @@
+/*
+ * This file was generated by tcpdump/makemib on Wed Sep 26 12:12:31 EDT 1990
+ * You probably don't want to edit this by hand!
+ *
+ * struct mib somename = { desc, oid-octet, type, child-pointer, next-pointer
+};
+ */
+
+/* parse problem: new name "mib" for mgmt.mib(1) ignored */
+/* parse problem: no parent for 0.nullSpecific(0) */
+struct obj
+_proteon_obj = {
+	"proteon", 1, 0,
+	NULL, NULL
+},
+_ibm_obj = {
+	"ibm", 2, 0,
+	NULL, &_proteon_obj
+},
+_cmu_obj = {
+	"cmu", 3, 0,
+	NULL, &_ibm_obj
+},
+_unix_obj = {
+	"unix", 4, 0,
+	NULL, &_cmu_obj
+},
+_acc_obj = {
+	"acc", 5, 0,
+	NULL, &_unix_obj
+},
+_twg_obj = {
+	"twg", 6, 0,
+	NULL, &_acc_obj
+},
+_cayman_obj = {
+	"cayman", 7, 0,
+	NULL, &_twg_obj
+},
+_nysernet_obj = {
+	"nysernet", 8, 0,
+	NULL, &_cayman_obj
+},
+_cisco_obj = {
+	"cisco", 9, 0,
+	NULL, &_nysernet_obj
+},
+_nsc_obj = {
+	"nsc", 10, 0,
+	NULL, &_cisco_obj
+},
+_hp_obj = {
+	"hp", 11, 0,
+	NULL, &_nsc_obj
+},
+_epilogue_obj = {
+	"epilogue", 12, 0,
+	NULL, &_hp_obj
+},
+_utennessee_obj = {
+	"utennessee", 13, 0,
+	NULL, &_epilogue_obj
+},
+_bbn_obj = {
+	"bbn", 14, 0,
+	NULL, &_utennessee_obj
+},
+_xylogics_obj = {
+	"xylogics", 15, 0,
+	NULL, &_bbn_obj
+},
+_unisys_obj = {
+	"unisys", 16, 0,
+	NULL, &_xylogics_obj
+},
+_canstar_obj = {
+	"canstar", 17, 0,
+	NULL, &_unisys_obj
+},
+_wellfleet_obj = {
+	"wellfleet", 18, 0,
+	NULL, &_canstar_obj
+},
+_trw_obj = {
+	"trw", 19, 0,
+	NULL, &_wellfleet_obj
+},
+_mit_obj = {
+	"mit", 20, 0,
+	NULL, &_trw_obj
+},
+_eon_obj = {
+	"eon", 21, 0,
+	NULL, &_mit_obj
+},
+_spartacus_obj = {
+	"spartacus", 22, 0,
+	NULL, &_eon_obj
+},
+_excelan_obj = {
+	"excelan", 23, 0,
+	NULL, &_spartacus_obj
+},
+_spider_obj = {
+	"spider", 24, 0,
+	NULL, &_excelan_obj
+},
+_nsfnet_obj = {
+	"nsfnet", 25, 0,
+	NULL, &_spider_obj
+},
+_sytek_obj = {
+	"sytek", 26, 0,
+	NULL, &_nsfnet_obj
+},
+_intergraph_obj = {
+	"intergraph", 27, 0,
+	NULL, &_sytek_obj
+},
+_interlan_obj = {
+	"interlan", 28, 0,
+	NULL, &_intergraph_obj
+},
+_vitalink_obj = {
+	"vitalink", 29, 0,
+	NULL, &_interlan_obj
+},
+_ulana_obj = {
+	"ulana", 30, 0,
+	NULL, &_vitalink_obj
+},
+_nswc_obj = {
+	"nswc", 31, 0,
+	NULL, &_ulana_obj
+},
+_santacruzoperation_obj = {
+	"santacruzoperation", 32, 0,
+	NULL, &_nswc_obj
+},
+_xyplex_obj = {
+	"xyplex", 33, 0,
+	NULL, &_santacruzoperation_obj
+},
+_cray_obj = {
+	"cray", 34, 0,
+	NULL, &_xyplex_obj
+},
+_bellnorthernresearch_obj = {
+	"bellnorthernresearch", 35, 0,
+	NULL, &_cray_obj
+},
+_dec_obj = {
+	"dec", 36, 0,
+	NULL, &_bellnorthernresearch_obj
+},
+_touch_obj = {
+	"touch", 37, 0,
+	NULL, &_dec_obj
+},
+_networkresearchcorp_obj = {
+	"networkresearchcorp", 38, 0,
+	NULL, &_touch_obj
+},
+_baylor_obj = {
+	"baylor", 39, 0,
+	NULL, &_networkresearchcorp_obj
+},
+_nmfeccllnl_obj = {
+	"nmfeccllnl", 40, 0,
+	NULL, &_baylor_obj
+},
+_sri_obj = {
+	"sri", 41, 0,
+	NULL, &_nmfeccllnl_obj
+},
+_sun_obj = {
+	"sun", 42, 0,
+	NULL, &_sri_obj
+},
+_3com_obj = {
+	"3com", 43, 0,
+	NULL, &_sun_obj
+},
+_cmc_obj = {
+	"cmc", 44, 0,
+	NULL, &_3com_obj
+},
+_synoptics_obj = {
+	"synoptics", 45, 0,
+	NULL, &_cmc_obj
+},
+_cheyenne_obj = {
+	"cheyenne", 46, 0,
+	NULL, &_synoptics_obj
+},
+_prime_obj = {
+	"prime", 47, 0,
+	NULL, &_cheyenne_obj
+},
+_mcnc_obj = {
+	"mcnc", 48, 0,
+	NULL, &_prime_obj
+},
+_chipcom_obj = {
+	"chipcom", 49, 0,
+	NULL, &_mcnc_obj
+},
+_opticaldatasystems_obj = {
+	"opticaldatasystems", 50, 0,
+	NULL, &_chipcom_obj
+},
+_gated_obj = {
+	"gated", 51, 0,
+	NULL, &_opticaldatasystems_obj
+},
+_cabletron_obj = {
+	"cabletron", 52, 0,
+	NULL, &_gated_obj
+},
+_apollo_obj = {
+	"apollo", 53, 0,
+	NULL, &_cabletron_obj
+},
+_desktalksystems_obj = {
+	"desktalksystems", 54, 0,
+	NULL, &_apollo_obj
+},
+_ssds_obj = {
+	"ssds", 55, 0,
+	NULL, &_desktalksystems_obj
+},
+_castlerock_obj = {
+	"castlerock", 56, 0,
+	NULL, &_ssds_obj
+},
+_mips_obj = {
+	"mips", 57, 0,
+	NULL, &_castlerock_obj
+},
+_tgv_obj = {
+	"tgv", 58, 0,
+	NULL, &_mips_obj
+},
+_silicongraphics_obj = {
+	"silicongraphics", 59, 0,
+	NULL, &_tgv_obj
+},
+_ubc_obj = {
+	"ubc", 60, 0,
+	NULL, &_silicongraphics_obj
+},
+_merit_obj = {
+	"merit", 61, 0,
+	NULL, &_ubc_obj
+},
+_fibercom_obj = {
+	"fibercom", 62, 0,
+	NULL, &_merit_obj
+},
+_apple_obj = {
+	"apple", 63, 0,
+	NULL, &_fibercom_obj
+},
+_gandalf_obj = {
+	"gandalf", 64, 0,
+	NULL, &_apple_obj
+},
+_dartmouth_obj = {
+	"dartmouth", 65, 0,
+	NULL, &_gandalf_obj
+},
+_davidsystems_obj = {
+	"davidsystems", 66, 0,
+	NULL, &_dartmouth_obj
+},
+_reuter_obj = {
+	"reuter", 67, 0,
+	NULL, &_davidsystems_obj
+},
+_cornell_obj = {
+	"cornell", 68, 0,
+	NULL, &_reuter_obj
+},
+_tmac_obj = {
+	"tmac", 69, 0,
+	NULL, &_cornell_obj
+},
+_locus_obj = {
+	"locus", 70, 0,
+	NULL, &_tmac_obj
+},
+_nasa_obj = {
+	"nasa", 71, 0,
+	NULL, &_locus_obj
+},
+_retix_obj = {
+	"retix", 72, 0,
+	NULL, &_nasa_obj
+},
+_boeing_obj = {
+	"boeing", 73, 0,
+	NULL, &_retix_obj
+},
+_att_obj = {
+	"att", 74, 0,
+	NULL, &_boeing_obj
+},
+_ungermannbass_obj = {
+	"ungermannbass", 75, 0,
+	NULL, &_att_obj
+},
+_digitalanalysis_obj = {
+	"digitalanalysis", 76, 0,
+	NULL, &_ungermannbass_obj
+},
+_hplanman_obj = {
+	"hplanman", 77, 0,
+	NULL, &_digitalanalysis_obj
+},
+_netlabs_obj = {
+	"netlabs", 78, 0,
+	NULL, &_hplanman_obj
+},
+_icl_obj = {
+	"icl", 79, 0,
+	NULL, &_netlabs_obj
+},
+_auspex_obj = {
+	"auspex", 80, 0,
+	NULL, &_icl_obj
+},
+_lannet_obj = {
+	"lannet", 81, 0,
+	NULL, &_auspex_obj
+},
+_ncd_obj = {
+	"ncd", 82, 0,
+	NULL, &_lannet_obj
+},
+_raycom_obj = {
+	"raycom", 83, 0,
+	NULL, &_ncd_obj
+},
+_pirellifocom_obj = {
+	"pirellifocom", 84, 0,
+	NULL, &_raycom_obj
+},
+_datability_obj = {
+	"datability", 85, 0,
+	NULL, &_pirellifocom_obj
+},
+_networkappltech_obj = {
+	"networkappltech", 86, 0,
+	NULL, &_datability_obj
+},
+_link_obj = {
+	"link", 87, 0,
+	NULL, &_networkappltech_obj
+},
+_nyu_obj = {
+	"nyu", 88, 0,
+	NULL, &_link_obj
+},
+_rnd_obj = {
+	"rnd", 89, 0,
+	NULL, &_nyu_obj
+},
+_intercon_obj = {
+	"intercon", 90, 0,
+	NULL, &_rnd_obj
+},
+_learningtree_obj = {
+	"learningtree", 91, 0,
+	NULL, &_intercon_obj
+},
+_webstercomputer_obj = {
+	"webstercomputer", 92, 0,
+	NULL, &_learningtree_obj
+},
+_frontier_obj = {
+	"frontier", 93, 0,
+	NULL, &_webstercomputer_obj
+},
+_nokia_obj = {
+	"nokia", 94, 0,
+	NULL, &_frontier_obj
+},
+_allenbradley_obj = {
+	"allenbradley", 95, 0,
+	NULL, &_nokia_obj
+},
+_cern_obj = {
+	"cern", 96, 0,
+	NULL, &_allenbradley_obj
+},
+_sigma_obj = {
+	"sigma", 97, 0,
+	NULL, &_cern_obj
+},
+_emergingtech_obj = {
+	"emergingtech", 98, 0,
+	NULL, &_sigma_obj
+},
+_snmpresearch_obj = {
+	"snmpresearch", 99, 0,
+	NULL, &_emergingtech_obj
+},
+_ohiostate_obj = {
+	"ohiostate", 100, 0,
+	NULL, &_snmpresearch_obj
+},
+_ultra_obj = {
+	"ultra", 101, 0,
+	NULL, &_ohiostate_obj
+},
+_ccur_obj = {
+	"ccur", 136, 0,
+	NULL, &_ultra_obj
+},
+_enterprises_obj = {
+	"enterprises", 1, 0,
+	&_ccur_obj, NULL
+},
+_snmpInPkts_obj = {
+	"snmpInPkts", 1, 0,
+	NULL, NULL
+},
+_snmpOutPkts_obj = {
+	"snmpOutPkts", 2, 0,
+	NULL, &_snmpInPkts_obj
+},
+_snmpInBadVersions_obj = {
+	"snmpInBadVersions", 3, 0,
+	NULL, &_snmpOutPkts_obj
+},
+_snmpInBadCommunityNames_obj = {
+	"snmpInBadCommunityNames", 4, 0,
+	NULL, &_snmpInBadVersions_obj
+},
+_snmpInBadCommunityUses_obj = {
+	"snmpInBadCommunityUses", 5, 0,
+	NULL, &_snmpInBadCommunityNames_obj
+},
+_snmpInASNParseErrs_obj = {
+	"snmpInASNParseErrs", 6, 0,
+	NULL, &_snmpInBadCommunityUses_obj
+},
+_snmpInBadTypes_obj = {
+	"snmpInBadTypes", 7, 0,
+	NULL, &_snmpInASNParseErrs_obj
+},
+_snmpInTooBigs_obj = {
+	"snmpInTooBigs", 8, 0,
+	NULL, &_snmpInBadTypes_obj
+},
+_snmpInNoSuchNames_obj = {
+	"snmpInNoSuchNames", 9, 0,
+	NULL, &_snmpInTooBigs_obj
+},
+_snmpInBadValues_obj = {
+	"snmpInBadValues", 10, 0,
+	NULL, &_snmpInNoSuchNames_obj
+},
+_snmpInReadOnlys_obj = {
+	"snmpInReadOnlys", 11, 0,
+	NULL, &_snmpInBadValues_obj
+},
+_snmpInGenErrs_obj = {
+	"snmpInGenErrs", 12, 0,
+	NULL, &_snmpInReadOnlys_obj
+},
+_snmpInTotalReqVars_obj = {
+	"snmpInTotalReqVars", 13, 0,
+	NULL, &_snmpInGenErrs_obj
+},
+_snmpInTotalSetVars_obj = {
+	"snmpInTotalSetVars", 14, 0,
+	NULL, &_snmpInTotalReqVars_obj
+},
+_snmpInGetRequests_obj = {
+	"snmpInGetRequests", 15, 0,
+	NULL, &_snmpInTotalSetVars_obj
+},
+_snmpInGetNexts_obj = {
+	"snmpInGetNexts", 16, 0,
+	NULL, &_snmpInGetRequests_obj
+},
+_snmpInSetRequests_obj = {
+	"snmpInSetRequests", 17, 0,
+	NULL, &_snmpInGetNexts_obj
+},
+_snmpInGetResponses_obj = {
+	"snmpInGetResponses", 18, 0,
+	NULL, &_snmpInSetRequests_obj
+},
+_snmpInTraps_obj = {
+	"snmpInTraps", 19, 0,
+	NULL, &_snmpInGetResponses_obj
+},
+_snmpOutTooBigs_obj = {
+	"snmpOutTooBigs", 20, 0,
+	NULL, &_snmpInTraps_obj
+},
+_snmpOutNoSuchNames_obj = {
+	"snmpOutNoSuchNames", 21, 0,
+	NULL, &_snmpOutTooBigs_obj
+},
+_snmpOutBadValues_obj = {
+	"snmpOutBadValues", 22, 0,
+	NULL, &_snmpOutNoSuchNames_obj
+},
+_snmpOutReadOnlys_obj = {
+	"snmpOutReadOnlys", 23, 0,
+	NULL, &_snmpOutBadValues_obj
+},
+_snmpOutGenErrs_obj = {
+	"snmpOutGenErrs", 24, 0,
+	NULL, &_snmpOutReadOnlys_obj
+},
+_snmpOutGetRequests_obj = {
+	"snmpOutGetRequests", 25, 0,
+	NULL, &_snmpOutGenErrs_obj
+},
+_snmpOutGetNexts_obj = {
+	"snmpOutGetNexts", 26, 0,
+	NULL, &_snmpOutGetRequests_obj
+},
+_snmpOutSetRequests_obj = {
+	"snmpOutSetRequests", 27, 0,
+	NULL, &_snmpOutGetNexts_obj
+},
+_snmpOutGetResponses_obj = {
+	"snmpOutGetResponses", 28, 0,
+	NULL, &_snmpOutSetRequests_obj
+},
+_snmpOutTraps_obj = {
+	"snmpOutTraps", 29, 0,
+	NULL, &_snmpOutGetResponses_obj
+},
+_snmpEnableAuthTraps_obj = {
+	"snmpEnableAuthTraps", 30, 0,
+	NULL, &_snmpOutTraps_obj
+},
+_egpNeighState_obj = {
+	"egpNeighState", 1, 0,
+	NULL, NULL
+},
+_egpNeighAddr_obj = {
+	"egpNeighAddr", 2, 0,
+	NULL, &_egpNeighState_obj
+},
+_egpNeighAs_obj = {
+	"egpNeighAs", 3, 0,
+	NULL, &_egpNeighAddr_obj
+},
+_egpNeighInMsgs_obj = {
+	"egpNeighInMsgs", 4, 0,
+	NULL, &_egpNeighAs_obj
+},
+_egpNeighInErrs_obj = {
+	"egpNeighInErrs", 5, 0,
+	NULL, &_egpNeighInMsgs_obj
+},
+_egpNeighOutMsgs_obj = {
+	"egpNeighOutMsgs", 6, 0,
+	NULL, &_egpNeighInErrs_obj
+},
+_egpNeighOutErrs_obj = {
+	"egpNeighOutErrs", 7, 0,
+	NULL, &_egpNeighOutMsgs_obj
+},
+_egpNeighInErrMsgs_obj = {
+	"egpNeighInErrMsgs", 8, 0,
+	NULL, &_egpNeighOutErrs_obj
+},
+_egpNeighOutErrMsgs_obj = {
+	"egpNeighOutErrMsgs", 9, 0,
+	NULL, &_egpNeighInErrMsgs_obj
+},
+_egpNeighStateUps_obj = {
+	"egpNeighStateUps", 10, 0,
+	NULL, &_egpNeighOutErrMsgs_obj
+},
+_egpNeighStateDowns_obj = {
+	"egpNeighStateDowns", 11, 0,
+	NULL, &_egpNeighStateUps_obj
+},
+_egpNeighIntervalHello_obj = {
+	"egpNeighIntervalHello", 12, 0,
+	NULL, &_egpNeighStateDowns_obj
+},
+_egpNeighIntervalPoll_obj = {
+	"egpNeighIntervalPoll", 13, 0,
+	NULL, &_egpNeighIntervalHello_obj
+},
+_egpNeighMode_obj = {
+	"egpNeighMode", 14, 0,
+	NULL, &_egpNeighIntervalPoll_obj
+},
+_egpNeighEventTrigger_obj = {
+	"egpNeighEventTrigger", 15, 0,
+	NULL, &_egpNeighMode_obj
+},
+_egpNeighEntry_obj = {
+	"egpNeighEntry", 1, 0,
+	&_egpNeighEventTrigger_obj, NULL
+},
+_egpInMsgs_obj = {
+	"egpInMsgs", 1, 0,
+	NULL, NULL
+},
+_egpInErrors_obj = {
+	"egpInErrors", 2, 0,
+	NULL, &_egpInMsgs_obj
+},
+_egpOutMsgs_obj = {
+	"egpOutMsgs", 3, 0,
+	NULL, &_egpInErrors_obj
+},
+_egpOutErrors_obj = {
+	"egpOutErrors", 4, 0,
+	NULL, &_egpOutMsgs_obj
+},
+_egpNeighTable_obj = {
+	"egpNeighTable", 5, 0,
+	&_egpNeighEntry_obj, &_egpOutErrors_obj
+},
+_egpAs_obj = {
+	"egpAs", 6, 0,
+	NULL, &_egpNeighTable_obj
+},
+_udpLocalAddress_obj = {
+	"udpLocalAddress", 1, 0,
+	NULL, NULL
+},
+_udpLocalPort_obj = {
+	"udpLocalPort", 2, 0,
+	NULL, &_udpLocalAddress_obj
+},
+_udpEntry_obj = {
+	"udpEntry", 1, 0,
+	&_udpLocalPort_obj, NULL
+},
+_udpInDatagrams_obj = {
+	"udpInDatagrams", 1, 0,
+	NULL, NULL
+},
+_udpNoPorts_obj = {
+	"udpNoPorts", 2, 0,
+	NULL, &_udpInDatagrams_obj
+},
+_udpInErrors_obj = {
+	"udpInErrors", 3, 0,
+	NULL, &_udpNoPorts_obj
+},
+_udpOutDatagrams_obj = {
+	"udpOutDatagrams", 4, 0,
+	NULL, &_udpInErrors_obj
+},
+_udpTable_obj = {
+	"udpTable", 5, 0,
+	&_udpEntry_obj, &_udpOutDatagrams_obj
+},
+_tcpConnState_obj = {
+	"tcpConnState", 1, 0,
+	NULL, NULL
+},
+_tcpConnLocalAddress_obj = {
+	"tcpConnLocalAddress", 2, 0,
+	NULL, &_tcpConnState_obj
+},
+_tcpConnLocalPort_obj = {
+	"tcpConnLocalPort", 3, 0,
+	NULL, &_tcpConnLocalAddress_obj
+},
+_tcpConnRemAddress_obj = {
+	"tcpConnRemAddress", 4, 0,
+	NULL, &_tcpConnLocalPort_obj
+},
+_tcpConnRemPort_obj = {
+	"tcpConnRemPort", 5, 0,
+	NULL, &_tcpConnRemAddress_obj
+},
+_tcpConnEntry_obj = {
+	"tcpConnEntry", 1, 0,
+	&_tcpConnRemPort_obj, NULL
+},
+_tcpRtoAlgorithm_obj = {
+	"tcpRtoAlgorithm", 1, 0,
+	NULL, NULL
+},
+_tcpRtoMin_obj = {
+	"tcpRtoMin", 2, 0,
+	NULL, &_tcpRtoAlgorithm_obj
+},
+_tcpRtoMax_obj = {
+	"tcpRtoMax", 3, 0,
+	NULL, &_tcpRtoMin_obj
+},
+_tcpMaxConn_obj = {
+	"tcpMaxConn", 4, 0,
+	NULL, &_tcpRtoMax_obj
+},
+_tcpActiveOpens_obj = {
+	"tcpActiveOpens", 5, 0,
+	NULL, &_tcpMaxConn_obj
+},
+_tcpPassiveOpens_obj = {
+	"tcpPassiveOpens", 6, 0,
+	NULL, &_tcpActiveOpens_obj
+},
+_tcpAttemptFails_obj = {
+	"tcpAttemptFails", 7, 0,
+	NULL, &_tcpPassiveOpens_obj
+},
+_tcpEstabResets_obj = {
+	"tcpEstabResets", 8, 0,
+	NULL, &_tcpAttemptFails_obj
+},
+_tcpCurrEstab_obj = {
+	"tcpCurrEstab", 9, 0,
+	NULL, &_tcpEstabResets_obj
+},
+_tcpInSegs_obj = {
+	"tcpInSegs", 10, 0,
+	NULL, &_tcpCurrEstab_obj
+},
+_tcpOutSegs_obj = {
+	"tcpOutSegs", 11, 0,
+	NULL, &_tcpInSegs_obj
+},
+_tcpRetransSegs_obj = {
+	"tcpRetransSegs", 12, 0,
+	NULL, &_tcpOutSegs_obj
+},
+_tcpConnTable_obj = {
+	"tcpConnTable", 13, 0,
+	&_tcpConnEntry_obj, &_tcpRetransSegs_obj
+},
+_tcpInErrs_obj = {
+	"tcpInErrs", 14, 0,
+	NULL, &_tcpConnTable_obj
+},
+_tcpOutRsts_obj = {
+	"tcpOutRsts", 15, 0,
+	NULL, &_tcpInErrs_obj
+},
+_icmpInMsgs_obj = {
+	"icmpInMsgs", 1, 0,
+	NULL, NULL
+},
+_icmpInErrors_obj = {
+	"icmpInErrors", 2, 0,
+	NULL, &_icmpInMsgs_obj
+},
+_icmpInDestUnreachs_obj = {
+	"icmpInDestUnreachs", 3, 0,
+	NULL, &_icmpInErrors_obj
+},
+_icmpInTimeExcds_obj = {
+	"icmpInTimeExcds", 4, 0,
+	NULL, &_icmpInDestUnreachs_obj
+},
+_icmpInParmProbs_obj = {
+	"icmpInParmProbs", 5, 0,
+	NULL, &_icmpInTimeExcds_obj
+},
+_icmpInSrcQuenchs_obj = {
+	"icmpInSrcQuenchs", 6, 0,
+	NULL, &_icmpInParmProbs_obj
+},
+_icmpInRedirects_obj = {
+	"icmpInRedirects", 7, 0,
+	NULL, &_icmpInSrcQuenchs_obj
+},
+_icmpInEchos_obj = {
+	"icmpInEchos", 8, 0,
+	NULL, &_icmpInRedirects_obj
+},
+_icmpInEchoReps_obj = {
+	"icmpInEchoReps", 9, 0,
+	NULL, &_icmpInEchos_obj
+},
+_icmpInTimestamps_obj = {
+	"icmpInTimestamps", 10, 0,
+	NULL, &_icmpInEchoReps_obj
+},
+_icmpInTimestampReps_obj = {
+	"icmpInTimestampReps", 11, 0,
+	NULL, &_icmpInTimestamps_obj
+},
+_icmpInAddrMasks_obj = {
+	"icmpInAddrMasks", 12, 0,
+	NULL, &_icmpInTimestampReps_obj
+},
+_icmpInAddrMaskReps_obj = {
+	"icmpInAddrMaskReps", 13, 0,
+	NULL, &_icmpInAddrMasks_obj
+},
+_icmpOutMsgs_obj = {
+	"icmpOutMsgs", 14, 0,
+	NULL, &_icmpInAddrMaskReps_obj
+},
+_icmpOutErrors_obj = {
+	"icmpOutErrors", 15, 0,
+	NULL, &_icmpOutMsgs_obj
+},
+_icmpOutDestUnreachs_obj = {
+	"icmpOutDestUnreachs", 16, 0,
+	NULL, &_icmpOutErrors_obj
+},
+_icmpOutTimeExcds_obj = {
+	"icmpOutTimeExcds", 17, 0,
+	NULL, &_icmpOutDestUnreachs_obj
+},
+_icmpOutParmProbs_obj = {
+	"icmpOutParmProbs", 18, 0,
+	NULL, &_icmpOutTimeExcds_obj
+},
+_icmpOutSrcQuenchs_obj = {
+	"icmpOutSrcQuenchs", 19, 0,
+	NULL, &_icmpOutParmProbs_obj
+},
+_icmpOutRedirects_obj = {
+	"icmpOutRedirects", 20, 0,
+	NULL, &_icmpOutSrcQuenchs_obj
+},
+_icmpOutEchos_obj = {
+	"icmpOutEchos", 21, 0,
+	NULL, &_icmpOutRedirects_obj
+},
+_icmpOutEchoReps_obj = {
+	"icmpOutEchoReps", 22, 0,
+	NULL, &_icmpOutEchos_obj
+},
+_icmpOutTimestamps_obj = {
+	"icmpOutTimestamps", 23, 0,
+	NULL, &_icmpOutEchoReps_obj
+},
+_icmpOutTimestampReps_obj = {
+	"icmpOutTimestampReps", 24, 0,
+	NULL, &_icmpOutTimestamps_obj
+},
+_icmpOutAddrMasks_obj = {
+	"icmpOutAddrMasks", 25, 0,
+	NULL, &_icmpOutTimestampReps_obj
+},
+_icmpOutAddrMaskReps_obj = {
+	"icmpOutAddrMaskReps", 26, 0,
+	NULL, &_icmpOutAddrMasks_obj
+},
+_ipNetToMediaIfIndex_obj = {
+	"ipNetToMediaIfIndex", 1, 0,
+	NULL, NULL
+},
+_ipNetToMediaPhysAddress_obj = {
+	"ipNetToMediaPhysAddress", 2, 0,
+	NULL, &_ipNetToMediaIfIndex_obj
+},
+_ipNetToMediaNetAddress_obj = {
+	"ipNetToMediaNetAddress", 3, 0,
+	NULL, &_ipNetToMediaPhysAddress_obj
+},
+_ipNetToMediaType_obj = {
+	"ipNetToMediaType", 4, 0,
+	NULL, &_ipNetToMediaNetAddress_obj
+},
+_ipNetToMediaEntry_obj = {
+	"ipNetToMediaEntry", 1, 0,
+	&_ipNetToMediaType_obj, NULL
+},
+_ipRouteDest_obj = {
+	"ipRouteDest", 1, 0,
+	NULL, NULL
+},
+_ipRouteIfIndex_obj = {
+	"ipRouteIfIndex", 2, 0,
+	NULL, &_ipRouteDest_obj
+},
+_ipRouteMetric1_obj = {
+	"ipRouteMetric1", 3, 0,
+	NULL, &_ipRouteIfIndex_obj
+},
+_ipRouteMetric2_obj = {
+	"ipRouteMetric2", 4, 0,
+	NULL, &_ipRouteMetric1_obj
+},
+_ipRouteMetric3_obj = {
+	"ipRouteMetric3", 5, 0,
+	NULL, &_ipRouteMetric2_obj
+},
+_ipRouteMetric4_obj = {
+	"ipRouteMetric4", 6, 0,
+	NULL, &_ipRouteMetric3_obj
+},
+_ipRouteNextHop_obj = {
+	"ipRouteNextHop", 7, 0,
+	NULL, &_ipRouteMetric4_obj
+},
+_ipRouteType_obj = {
+	"ipRouteType", 8, 0,
+	NULL, &_ipRouteNextHop_obj
+},
+_ipRouteProto_obj = {
+	"ipRouteProto", 9, 0,
+	NULL, &_ipRouteType_obj
+},
+_ipRouteAge_obj = {
+	"ipRouteAge", 10, 0,
+	NULL, &_ipRouteProto_obj
+},
+_ipRouteMask_obj = {
+	"ipRouteMask", 11, 0,
+	NULL, &_ipRouteAge_obj
+},
+_ipRouteEntry_obj = {
+	"ipRouteEntry", 1, 0,
+	&_ipRouteMask_obj, NULL
+},
+_ipAdEntAddr_obj = {
+	"ipAdEntAddr", 1, 0,
+	NULL, NULL
+},
+_ipAdEntIfIndex_obj = {
+	"ipAdEntIfIndex", 2, 0,
+	NULL, &_ipAdEntAddr_obj
+},
+_ipAdEntNetMask_obj = {
+	"ipAdEntNetMask", 3, 0,
+	NULL, &_ipAdEntIfIndex_obj
+},
+_ipAdEntBcastAddr_obj = {
+	"ipAdEntBcastAddr", 4, 0,
+	NULL, &_ipAdEntNetMask_obj
+},
+_ipAdEntReasmMaxSize_obj = {
+	"ipAdEntReasmMaxSize", 5, 0,
+	NULL, &_ipAdEntBcastAddr_obj
+},
+_ipAddrEntry_obj = {
+	"ipAddrEntry", 1, 0,
+	&_ipAdEntReasmMaxSize_obj, NULL
+},
+_ipForwarding_obj = {
+	"ipForwarding", 1, 0,
+	NULL, NULL
+},
+_ipDefaultTTL_obj = {
+	"ipDefaultTTL", 2, 0,
+	NULL, &_ipForwarding_obj
+},
+_ipInReceives_obj = {
+	"ipInReceives", 3, 0,
+	NULL, &_ipDefaultTTL_obj
+},
+_ipInHdrErrors_obj = {
+	"ipInHdrErrors", 4, 0,
+	NULL, &_ipInReceives_obj
+},
+_ipInAddrErrors_obj = {
+	"ipInAddrErrors", 5, 0,
+	NULL, &_ipInHdrErrors_obj
+},
+_ipForwDatagrams_obj = {
+	"ipForwDatagrams", 6, 0,
+	NULL, &_ipInAddrErrors_obj
+},
+_ipInUnknownProtos_obj = {
+	"ipInUnknownProtos", 7, 0,
+	NULL, &_ipForwDatagrams_obj
+},
+_ipInDiscards_obj = {
+	"ipInDiscards", 8, 0,
+	NULL, &_ipInUnknownProtos_obj
+},
+_ipInDelivers_obj = {
+	"ipInDelivers", 9, 0,
+	NULL, &_ipInDiscards_obj
+},
+_ipOutRequests_obj = {
+	"ipOutRequests", 10, 0,
+	NULL, &_ipInDelivers_obj
+},
+_ipOutDiscards_obj = {
+	"ipOutDiscards", 11, 0,
+	NULL, &_ipOutRequests_obj
+},
+_ipOutNoRoutes_obj = {
+	"ipOutNoRoutes", 12, 0,
+	NULL, &_ipOutDiscards_obj
+},
+_ipReasmTimeout_obj = {
+	"ipReasmTimeout", 13, 0,
+	NULL, &_ipOutNoRoutes_obj
+},
+_ipReasmReqds_obj = {
+	"ipReasmReqds", 14, 0,
+	NULL, &_ipReasmTimeout_obj
+},
+_ipReasmOKs_obj = {
+	"ipReasmOKs", 15, 0,
+	NULL, &_ipReasmReqds_obj
+},
+_ipReasmFails_obj = {
+	"ipReasmFails", 16, 0,
+	NULL, &_ipReasmOKs_obj
+},
+_ipFragOKs_obj = {
+	"ipFragOKs", 17, 0,
+	NULL, &_ipReasmFails_obj
+},
+_ipFragFails_obj = {
+	"ipFragFails", 18, 0,
+	NULL, &_ipFragOKs_obj
+},
+_ipFragCreates_obj = {
+	"ipFragCreates", 19, 0,
+	NULL, &_ipFragFails_obj
+},
+_ipAddrTable_obj = {
+	"ipAddrTable", 20, 0,
+	&_ipAddrEntry_obj, &_ipFragCreates_obj
+},
+_ipRoutingTable_obj = {
+	"ipRoutingTable", 21, 0,
+	&_ipRouteEntry_obj, &_ipAddrTable_obj
+},
+_ipNetToMediaTable_obj = {
+	"ipNetToMediaTable", 22, 0,
+	&_ipNetToMediaEntry_obj, &_ipRoutingTable_obj
+},
+_atIfIndex_obj = {
+	"atIfIndex", 1, 0,
+	NULL, NULL
+},
+_atPhysAddress_obj = {
+	"atPhysAddress", 2, 0,
+	NULL, &_atIfIndex_obj
+},
+_atNetAddress_obj = {
+	"atNetAddress", 3, 0,
+	NULL, &_atPhysAddress_obj
+},
+_atEntry_obj = {
+	"atEntry", 1, 0,
+	&_atNetAddress_obj, NULL
+},
+_atTable_obj = {
+	"atTable", 1, 0,
+	&_atEntry_obj, NULL
+},
+_ifIndex_obj = {
+	"ifIndex", 1, 0,
+	NULL, NULL
+},
+_ifDescr_obj = {
+	"ifDescr", 2, 0,
+	NULL, &_ifIndex_obj
+},
+_ifType_obj = {
+	"ifType", 3, 0,
+	NULL, &_ifDescr_obj
+},
+_ifMtu_obj = {
+	"ifMtu", 4, 0,
+	NULL, &_ifType_obj
+},
+_ifSpeed_obj = {
+	"ifSpeed", 5, 0,
+	NULL, &_ifMtu_obj
+},
+_ifPhysAddress_obj = {
+	"ifPhysAddress", 6, 0,
+	NULL, &_ifSpeed_obj
+},
+_ifAdminStatus_obj = {
+	"ifAdminStatus", 7, 0,
+	NULL, &_ifPhysAddress_obj
+},
+_ifOperStatus_obj = {
+	"ifOperStatus", 8, 0,
+	NULL, &_ifAdminStatus_obj
+},
+_ifLastChange_obj = {
+	"ifLastChange", 9, 0,
+	NULL, &_ifOperStatus_obj
+},
+_ifInOctets_obj = {
+	"ifInOctets", 10, 0,
+	NULL, &_ifLastChange_obj
+},
+_ifInUcastPkts_obj = {
+	"ifInUcastPkts", 11, 0,
+	NULL, &_ifInOctets_obj
+},
+_ifInNUcastPkts_obj = {
+	"ifInNUcastPkts", 12, 0,
+	NULL, &_ifInUcastPkts_obj
+},
+_ifInDiscards_obj = {
+	"ifInDiscards", 13, 0,
+	NULL, &_ifInNUcastPkts_obj
+},
+_ifInErrors_obj = {
+	"ifInErrors", 14, 0,
+	NULL, &_ifInDiscards_obj
+},
+_ifInUnknownProtos_obj = {
+	"ifInUnknownProtos", 15, 0,
+	NULL, &_ifInErrors_obj
+},
+_ifOutOctets_obj = {
+	"ifOutOctets", 16, 0,
+	NULL, &_ifInUnknownProtos_obj
+},
+_ifOutUcastPkts_obj = {
+	"ifOutUcastPkts", 17, 0,
+	NULL, &_ifOutOctets_obj
+},
+_ifOutNUcastPkts_obj = {
+	"ifOutNUcastPkts", 18, 0,
+	NULL, &_ifOutUcastPkts_obj
+},
+_ifOutDiscards_obj = {
+	"ifOutDiscards", 19, 0,
+	NULL, &_ifOutNUcastPkts_obj
+},
+_ifOutErrors_obj = {
+	"ifOutErrors", 20, 0,
+	NULL, &_ifOutDiscards_obj
+},
+_ifOutQLen_obj = {
+	"ifOutQLen", 21, 0,
+	NULL, &_ifOutErrors_obj
+},
+_ifSpecific_obj = {
+	"ifSpecific", 22, 0,
+	NULL, &_ifOutQLen_obj
+},
+_ifEntry_obj = {
+	"ifEntry", 1, 0,
+	&_ifSpecific_obj, NULL
+},
+_ifNumber_obj = {
+	"ifNumber", 1, 0,
+	NULL, NULL
+},
+_ifTable_obj = {
+	"ifTable", 2, 0,
+	&_ifEntry_obj, &_ifNumber_obj
+},
+_sysDescr_obj = {
+	"sysDescr", 1, 0,
+	NULL, NULL
+},
+_sysObjectID_obj = {
+	"sysObjectID", 2, 0,
+	NULL, &_sysDescr_obj
+},
+_sysUpTime_obj = {
+	"sysUpTime", 3, 0,
+	NULL, &_sysObjectID_obj
+},
+_sysContact_obj = {
+	"sysContact", 4, 0,
+	NULL, &_sysUpTime_obj
+},
+_sysName_obj = {
+	"sysName", 5, 0,
+	NULL, &_sysContact_obj
+},
+_sysLocation_obj = {
+	"sysLocation", 6, 0,
+	NULL, &_sysName_obj
+},
+_sysServices_obj = {
+	"sysServices", 7, 0,
+	NULL, &_sysLocation_obj
+},
+_system_obj = {
+	"system", 1, 0,
+	&_sysServices_obj, NULL
+},
+_interfaces_obj = {
+	"interfaces", 2, 0,
+	&_ifTable_obj, &_system_obj
+},
+_at_obj = {
+	"at", 3, 0,
+	&_atTable_obj, &_interfaces_obj
+},
+_ip_obj = {
+	"ip", 4, 0,
+	&_ipNetToMediaTable_obj, &_at_obj
+},
+_icmp_obj = {
+	"icmp", 5, 0,
+	&_icmpOutAddrMaskReps_obj, &_ip_obj
+},
+_tcp_obj = {
+	"tcp", 6, 0,
+	&_tcpOutRsts_obj, &_icmp_obj
+},
+_udp_obj = {
+	"udp", 7, 0,
+	&_udpTable_obj, &_tcp_obj
+},
+_egp_obj = {
+	"egp", 8, 0,
+	&_egpAs_obj, &_udp_obj
+},
+_transmission_obj = {
+	"transmission", 10, 0,
+	NULL, &_egp_obj
+},
+_snmp_obj = {
+	"snmp", 11, 0,
+	&_snmpEnableAuthTraps_obj, &_transmission_obj
+},
+_mib_obj = {
+	"mib", 1, 0,
+	&_snmp_obj, NULL
+},
+_directory_obj = {
+	"directory", 1, 0,
+	NULL, NULL
+},
+_mgmt_obj = {
+	"mgmt", 2, 0,
+	&_mib_obj, &_directory_obj
+},
+_experimental_obj = {
+	"experimental", 3, 0,
+	NULL, &_mgmt_obj
+},
+_private_obj = {
+	"private", 4, 0,
+	&_enterprises_obj, &_experimental_obj
+},
+_internet_obj = {
+	"internet", 1, 0,
+	&_private_obj, NULL
+},
+_dod_obj = {
+	"dod", 6, 0,
+	&_internet_obj, NULL
+},
+_org_obj = {
+	"org", 3, 0,
+	&_dod_obj, NULL
+},
+_iso_obj = {
+	"iso", 1, 0,
+	&_org_obj, NULL
+},
+*mibroot = &_iso_obj;
diff --git a/contrib/tcpdump/mkdep b/contrib/tcpdump/mkdep
new file mode 100755
index 000000000000..2a9c221b1f1d
--- /dev/null
+++ b/contrib/tcpdump/mkdep
@@ -0,0 +1,109 @@
+#!/bin/sh -
+#
+# Copyright (c) 1994, 1996
+#	The Regents of the University of California.  All rights reserved.
+#
+# Redistribution and use in source and binary forms are permitted
+# provided that this notice is preserved and that due credit is given
+# to the University of California at Berkeley. The name of the University
+# may not be used to endorse or promote products derived from this
+# software without specific prior written permission. This software
+# is provided ``as is'' without express or implied warranty.
+#
+#	@(#)mkdep.sh	5.11 (Berkeley) 5/5/88
+#
+
+PATH=/bin:/usr/bin:/usr/ucb:/usr/local:/usr/local/bin
+export PATH
+
+MAKE=Makefile			# default makefile name is "Makefile"
+CC=cc				# default C compiler is "cc"
+
+while :
+	do case "$1" in
+		# -c allows you to specify the C compiler
+		-c)
+			CC=$2
+			shift; shift ;;
+
+		# -f allows you to select a makefile name
+		-f)
+			MAKE=$2
+			shift; shift ;;
+
+		# the -p flag produces "program: program.c" style dependencies
+		# so .o's don't get produced
+		-p)
+			SED='s;\.o;;'
+			shift ;;
+		*)
+			break ;;
+	esac
+done
+
+if [ $# = 0 ] ; then
+	echo 'usage: mkdep [-p] [-c cc] [-f makefile] [flags] file ...'
+	exit 1
+fi
+
+if [ ! -w $MAKE ]; then
+	echo "mkdep: no writeable file \"$MAKE\""
+	exit 1
+fi
+
+TMP=/tmp/mkdep$$
+
+trap 'rm -f $TMP ; exit 1' 1 2 3 13 15
+
+cp $MAKE ${MAKE}.bak
+
+sed -e '/DO NOT DELETE THIS LINE/,$d' < $MAKE > $TMP
+
+cat << _EOF_ >> $TMP
+# DO NOT DELETE THIS LINE -- mkdep uses it.
+# DO NOT PUT ANYTHING AFTER THIS LINE, IT WILL GO AWAY.
+
+_EOF_
+
+# If your compiler doesn't have -M, add it.  If you can't, the next two
+# lines will try and replace the "cc -M".  The real problem is that this
+# hack can't deal with anything that requires a search path, and doesn't
+# even try for anything using bracket (<>) syntax.
+#
+# egrep '^#include[ 	]*".*"' /dev/null $* |
+# sed -e 's/:[^"]*"\([^"]*\)".*/: \1/' -e 's/\.c/.o/' |
+
+# XXX this doesn't work with things like "-DDECLWAITSTATUS=union\ wait"
+$CC -M $* |
+sed "
+	s; \./; ;g
+	$SED" |
+awk '{
+	if ($1 != prev) {
+		if (rec != "")
+			print rec;
+		rec = $0;
+		prev = $1;
+	}
+	else {
+		if (length(rec $2) > 78) {
+			print rec;
+			rec = $0;
+		}
+		else
+			rec = rec " " $2
+	}
+}
+END {
+	print rec
+}' >> $TMP
+
+cat << _EOF_ >> $TMP
+
+# IF YOU PUT ANYTHING HERE IT WILL GO AWAY
+_EOF_
+
+# copy to preserve permissions
+cp $TMP $MAKE
+rm -f ${MAKE}.bak $TMP
+exit 0
diff --git a/contrib/tcpdump/netbios.h b/contrib/tcpdump/netbios.h
new file mode 100644
index 000000000000..ebc80e1db300
--- /dev/null
+++ b/contrib/tcpdump/netbios.h
@@ -0,0 +1,16 @@
+/*
+ * NETBIOS protocol formats
+ *
+ * @(#) $Header: netbios.h,v 1.1 94/06/09 11:47:15 mccanne Exp $
+ */
+
+struct p8022Hdr {
+    u_char	dsap;
+    u_char	ssap;
+    u_char	flags;
+};
+
+#define	p8022Size	3		/* min 802.2 header size */
+
+#define UI		0x03		/* 802.2 flags */
+
diff --git a/contrib/tcpdump/nfsfh.h b/contrib/tcpdump/nfsfh.h
new file mode 100644
index 000000000000..0ba5b56f54d4
--- /dev/null
+++ b/contrib/tcpdump/nfsfh.h
@@ -0,0 +1,34 @@
+/*
+ * $Header: nfsfh.h,v 1.4 95/10/19 20:27:44 leres Exp $
+ *
+ * nfsfh.h - NFS file handle definitions (for portable use)
+ *
+ * Jeffrey C. Mogul
+ * Digital Equipment Corporation
+ * Western Research Laboratory
+ */
+
+/*
+ * Internal representation of dev_t, because different NFS servers
+ * that we might be spying upon use different external representations.
+ */
+typedef struct {
+	u_int32_t Minor;	/* upper case to avoid clashing with macro names */
+	u_int32_t Major;
+} my_devt;
+
+#define	dev_eq(a,b)	((a.Minor == b.Minor) && (a.Major == b.Major))
+
+/*
+ * Many file servers now use a large file system ID.  This is
+ * our internal representation of that.
+ */
+typedef	struct {
+	my_devt	fsid_dev;
+	u_int32_t fsid_code;
+} my_fsid;
+
+#define	fsid_eq(a,b)	((a.fsid_code == b.fsid_code) &&\
+			 dev_eq(a.fsid_dev, b.fsid_dev))
+
+extern void Parse_fh(caddr_t *, my_fsid *, ino_t *, char **, char **, int);
diff --git a/contrib/tcpdump/nfsv2.h b/contrib/tcpdump/nfsv2.h
new file mode 100644
index 000000000000..b2c0ff9929e4
--- /dev/null
+++ b/contrib/tcpdump/nfsv2.h
@@ -0,0 +1,262 @@
+/*
+ * Copyright (c) 1994, 1995, 1996
+ *	The Regents of the University of California.  All rights reserved.
+ *
+ * This code is derived from software contributed to Berkeley by
+ * Rick Macklem at The University of Guelph.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *	This product includes software developed by the University of
+ *	California, Berkeley and its contributors.
+ * 4. Neither the name of the University nor the names of its contributors
+ *    may be used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ *	@(#)nfsv2.h	7.11 (Berkeley) 9/30/92
+ */
+
+/*
+ * nfs definitions as per the version 2 specs
+ */
+
+/*
+ * Constants as defined in the Sun NFS Version 2 spec.
+ * "NFS: Network File System Protocol Specification" RFC1094
+ */
+
+#define NFS_PORT	2049
+#define	NFS_PROG	100003
+#define NFS_VER2	2
+#define	NFS_MAXDGRAMDATA 8192
+#define	NFS_MAXDATA	32768
+#define	NFS_MAXPATHLEN	1024
+#define	NFS_MAXNAMLEN	255
+#define	NFS_FHSIZE	32
+#define	NFS_MAXPKTHDR	404
+#define NFS_MAXPACKET	(NFS_MAXPKTHDR+NFS_MAXDATA)
+#define	NFS_MINPACKET	20
+#define	NFS_FABLKSIZE	512	/* Size in bytes of a block wrt fa_blocks */
+
+/* Stat numbers for rpc returns */
+#define	NFS_OK		0
+#define	NFSERR_PERM	1
+#define	NFSERR_NOENT	2
+#define	NFSERR_IO	5
+#define	NFSERR_NXIO	6
+#define	NFSERR_ACCES	13
+#define	NFSERR_EXIST	17
+#define	NFSERR_NODEV	19
+#define	NFSERR_NOTDIR	20
+#define	NFSERR_ISDIR	21
+#define	NFSERR_FBIG	27
+#define	NFSERR_NOSPC	28
+#define	NFSERR_ROFS	30
+#define	NFSERR_NAMETOL	63
+#define	NFSERR_NOTEMPTY	66
+#define	NFSERR_DQUOT	69
+#define	NFSERR_STALE	70
+#define	NFSERR_WFLUSH	99
+
+/* Sizes in bytes of various nfs rpc components */
+#define	NFSX_FH		32
+#define	NFSX_UNSIGNED	4
+#define	NFSX_NFSFATTR	68
+#define	NFSX_NQFATTR	92
+#define	NFSX_NFSSATTR	32
+#define	NFSX_NQSATTR	44
+#define	NFSX_COOKIE	4
+#define NFSX_NFSSTATFS	20
+#define	NFSX_NQSTATFS	28
+#define	NFSX_FATTR(isnq)	((isnq) ? NFSX_NQFATTR : NFSX_NFSFATTR)
+#define	NFSX_SATTR(isnq)	((isnq) ? NFSX_NQSATTR : NFSX_NFSSATTR)
+#define	NFSX_STATFS(isnq)	((isnq) ? NFSX_NQSTATFS : NFSX_NFSSTATFS)
+
+/* nfs rpc procedure numbers */
+#define	NFSPROC_NULL		0
+#define	NFSPROC_GETATTR		1
+#define	NFSPROC_SETATTR		2
+#define	NFSPROC_NOOP		3
+#define	NFSPROC_ROOT		NFSPROC_NOOP	/* Obsolete */
+#define	NFSPROC_LOOKUP		4
+#define	NFSPROC_READLINK	5
+#define	NFSPROC_READ		6
+#define	NFSPROC_WRITECACHE	NFSPROC_NOOP	/* Obsolete */
+#define	NFSPROC_WRITE		8
+#define	NFSPROC_CREATE		9
+#define	NFSPROC_REMOVE		10
+#define	NFSPROC_RENAME		11
+#define	NFSPROC_LINK		12
+#define	NFSPROC_SYMLINK		13
+#define	NFSPROC_MKDIR		14
+#define	NFSPROC_RMDIR		15
+#define	NFSPROC_READDIR		16
+#define	NFSPROC_STATFS		17
+
+/* NQ nfs numbers */
+#define	NQNFSPROC_READDIRLOOK	18
+#define	NQNFSPROC_GETLEASE	19
+#define	NQNFSPROC_VACATED	20
+#define	NQNFSPROC_EVICTED	21
+#define	NQNFSPROC_ACCESS	22
+
+#define	NFS_NPROCS		23
+/* Conversion macros */
+extern int		vttoif_tab[];
+#define	vtonfs_mode(t,m) \
+		txdr_unsigned(((t) == VFIFO) ? MAKEIMODE(VCHR, (m)) : \
+				MAKEIMODE((t), (m)))
+#define	nfstov_mode(a)	(fxdr_unsigned(u_short, (a))&07777)
+#define	vtonfs_type(a)	txdr_unsigned(nfs_type[((int32_t)(a))])
+#define	nfstov_type(a)	ntov_type[fxdr_unsigned(u_int32_t,(a))&0x7]
+
+/* File types */
+typedef enum {
+    NFNON=0, NFREG=1, NFDIR=2, NFBLK=3, NFCHR=4, NFLNK=5
+} tcpdump_nfstype;
+
+/* Structs for common parts of the rpc's */
+struct nfsv2_time {
+	u_int32_t nfs_sec;
+	u_int32_t nfs_usec;
+};
+
+struct nqnfs_time {
+	u_int32_t nq_sec;
+	u_int32_t nq_nsec;
+};
+
+/*
+ * File attributes and setable attributes. These structures cover both
+ * NFS version 2 and the NQNFS protocol. Note that the union is only
+ * used to that one pointer can refer to both variants. These structures
+ * go out on the wire and must be densely packed, so no quad data types
+ * are used. (all fields are int32_t or u_int32_t's or structures of same)
+ * NB: You can't do sizeof(struct nfsv2_fattr), you must use the
+ *     NFSX_FATTR(isnq) macro.
+ */
+struct nfsv2_fattr {
+	u_int32_t fa_type;
+	u_int32_t fa_mode;
+	u_int32_t fa_nlink;
+	u_int32_t fa_uid;
+	u_int32_t fa_gid;
+	union {
+		struct {
+			u_int32_t nfsfa_size;
+			u_int32_t nfsfa_blocksize;
+			u_int32_t nfsfa_rdev;
+			u_int32_t nfsfa_blocks;
+			u_int32_t nfsfa_fsid;
+			u_int32_t nfsfa_fileid;
+			struct nfsv2_time nfsfa_atime;
+			struct nfsv2_time nfsfa_mtime;
+			struct nfsv2_time nfsfa_ctime;
+		} fa_nfsv2;
+		struct {
+			struct {
+				u_int32_t nqfa_qsize[2];
+			} nqfa_size;
+			u_int32_t nqfa_blocksize;
+			u_int32_t nqfa_rdev;
+			struct {
+				u_int32_t	nqfa_qbytes[2];
+			} nqfa_bytes;
+			u_int32_t nqfa_fsid;
+			u_int32_t nqfa_fileid;
+			struct nqnfs_time nqfa_atime;
+			struct nqnfs_time nqfa_mtime;
+			struct nqnfs_time nqfa_ctime;
+			u_int32_t nqfa_flags;
+			u_int32_t nqfa_gen;
+			struct {
+				u_int32_t nqfa_qfilerev[2];
+			} nqfa_filerev;
+		} fa_nqnfs;
+	} fa_un;
+};
+
+/* and some ugly defines for accessing union components */
+#define	fa_nfssize		fa_un.fa_nfsv2.nfsfa_size
+#define	fa_nfsblocksize		fa_un.fa_nfsv2.nfsfa_blocksize
+#define	fa_nfsrdev		fa_un.fa_nfsv2.nfsfa_rdev
+#define	fa_nfsblocks		fa_un.fa_nfsv2.nfsfa_blocks
+#define	fa_nfsfsid		fa_un.fa_nfsv2.nfsfa_fsid
+#define	fa_nfsfileid		fa_un.fa_nfsv2.nfsfa_fileid
+#define	fa_nfsatime		fa_un.fa_nfsv2.nfsfa_atime
+#define	fa_nfsmtime		fa_un.fa_nfsv2.nfsfa_mtime
+#define	fa_nfsctime		fa_un.fa_nfsv2.nfsfa_ctime
+#define	fa_nqsize		fa_un.fa_nqnfs.nqfa_size
+#define	fa_nqblocksize		fa_un.fa_nqnfs.nqfa_blocksize
+#define	fa_nqrdev		fa_un.fa_nqnfs.nqfa_rdev
+#define	fa_nqbytes		fa_un.fa_nqnfs.nqfa_bytes
+#define	fa_nqfsid		fa_un.fa_nqnfs.nqfa_fsid
+#define	fa_nqfileid		fa_un.fa_nqnfs.nqfa_fileid
+#define	fa_nqatime		fa_un.fa_nqnfs.nqfa_atime
+#define	fa_nqmtime		fa_un.fa_nqnfs.nqfa_mtime
+#define	fa_nqctime		fa_un.fa_nqnfs.nqfa_ctime
+#define	fa_nqflags		fa_un.fa_nqnfs.nqfa_flags
+#define	fa_nqgen		fa_un.fa_nqnfs.nqfa_gen
+#define	fa_nqfilerev		fa_un.fa_nqnfs.nqfa_filerev
+
+struct nfsv2_sattr {
+	u_int32_t sa_mode;
+	u_int32_t sa_uid;
+	u_int32_t sa_gid;
+	union {
+		struct {
+			u_int32_t nfssa_size;
+			struct nfsv2_time nfssa_atime;
+			struct nfsv2_time nfssa_mtime;
+		} sa_nfsv2;
+		struct {
+			struct {
+				u_int32_t nqsa_qsize[2];
+			} nqsa_size;
+			struct nqnfs_time nqsa_atime;
+			struct nqnfs_time nqsa_mtime;
+			u_int32_t nqsa_flags;
+			u_int32_t nqsa_rdev;
+		} sa_nqnfs;
+	} sa_un;
+};
+
+/* and some ugly defines for accessing the unions */
+#define	sa_nfssize		sa_un.sa_nfsv2.nfssa_size
+#define	sa_nfsatime		sa_un.sa_nfsv2.nfssa_atime
+#define	sa_nfsmtime		sa_un.sa_nfsv2.nfssa_mtime
+#define	sa_nqsize		sa_un.sa_nqnfs.nqsa_size
+#define	sa_nqatime		sa_un.sa_nqnfs.nqsa_atime
+#define	sa_nqmtime		sa_un.sa_nqnfs.nqsa_mtime
+#define	sa_nqflags		sa_un.sa_nqnfs.nqsa_flags
+#define	sa_nqrdev		sa_un.sa_nqnfs.nqsa_rdev
+
+struct nfsv2_statfs {
+	u_int32_t sf_tsize;
+	u_int32_t sf_bsize;
+	u_int32_t sf_blocks;
+	u_int32_t sf_bfree;
+	u_int32_t sf_bavail;
+	u_int32_t sf_files;	/* Nqnfs only */
+	u_int32_t sf_ffree;	/* ditto      */
+};
diff --git a/contrib/tcpdump/ntp.h b/contrib/tcpdump/ntp.h
new file mode 100644
index 000000000000..32eae642e144
--- /dev/null
+++ b/contrib/tcpdump/ntp.h
@@ -0,0 +1,117 @@
+/* $Header: ntp.h,v 1.3 95/05/04 17:52:49 mccanne Exp $ */
+
+/*
+ * Based on ntp.h from the U of MD implementation
+ *	This file is based on Version 2 of the NTP spec (RFC1119).
+ */
+
+/*
+ *  Definitions for the masses
+ */
+#define	JAN_1970	2208988800	/* 1970 - 1900 in seconds */
+
+/*
+ * Structure definitions for NTP fixed point values
+ *
+ *    0			  1		      2			  3
+ *    0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+ *   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ *   |			       Integer Part			     |
+ *   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ *   |			       Fraction Part			     |
+ *   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ *
+ *    0			  1		      2			  3
+ *    0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+ *   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ *   |		  Integer Part	     |	   Fraction Part	     |
+ *   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+*/
+struct l_fixedpt {
+	u_int32_t int_part;
+	u_int32_t fraction;
+};
+
+struct s_fixedpt {
+	u_short int_part;
+	u_short fraction;
+};
+
+/*  =================  Table 3.3. Packet Variables   ================= */
+/*
+ *    0			  1		      2			  3
+ *    0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+ *   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ *   |LI | VN  | Mode|	  Stratum    |	    Poll     |	 Precision   |
+ *   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ *   |			   Synchronizing Distance		     |
+ *   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ *   |			  Synchronizing Dispersion		     |
+ *   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ *   |			Reference Clock Identifier		     |
+ *   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ *   |								     |
+ *   |		       Reference Timestamp (64 bits)		     |
+ *   |								     |
+ *   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ *   |								     |
+ *   |		       Originate Timestamp (64 bits)		     |
+ *   |								     |
+ *   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ *   |								     |
+ *   |			Receive Timestamp (64 bits)		     |
+ *   |								     |
+ *   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ *   |								     |
+ *   |			Transmit Timestamp (64 bits)		     |
+ *   |								     |
+ *   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+*/
+struct ntpdata {
+	u_char status;		/* status of local clock and leap info */
+	u_char stratum;		/* Stratum level */
+	u_char ppoll;		/* poll value */
+	int precision:8;
+	struct s_fixedpt distance;
+	struct s_fixedpt dispersion;
+	u_int32_t refid;
+	struct l_fixedpt reftime;
+	struct l_fixedpt org;
+	struct l_fixedpt rec;
+	struct l_fixedpt xmt;
+};
+/*
+ *	Leap Second Codes (high order two bits)
+ */
+#define	NO_WARNING	0x00	/* no warning */
+#define	PLUS_SEC	0x40	/* add a second (61 seconds) */
+#define	MINUS_SEC	0x80	/* minus a second (59 seconds) */
+#define	ALARM		0xc0	/* alarm condition (clock unsynchronized) */
+
+/*
+ *	Clock Status Bits that Encode Version
+ */
+#define	NTPVERSION_1	0x08
+#define	VERSIONMASK	0x38
+#define LEAPMASK	0xc0
+#define	MODEMASK	0x07
+
+/*
+ *	Code values
+ */
+#define	MODE_UNSPEC	0	/* unspecified */
+#define	MODE_SYM_ACT	1	/* symmetric active */
+#define	MODE_SYM_PAS	2	/* symmetric passive */
+#define	MODE_CLIENT	3	/* client */
+#define	MODE_SERVER	4	/* server */
+#define	MODE_BROADCAST	5	/* broadcast */
+#define	MODE_RES1	6	/* reserved */
+#define	MODE_RES2	7	/* reserved */
+
+/*
+ *	Stratum Definitions
+ */
+#define	UNSPECIFIED	0
+#define	PRIM_REF	1	/* radio clock */
+#define	INFO_QUERY	62	/* **** THIS implementation dependent **** */
+#define	INFO_REPLY	63	/* **** THIS implementation dependent **** */
diff --git a/contrib/tcpdump/ospf.h b/contrib/tcpdump/ospf.h
new file mode 100644
index 000000000000..c111a9047e91
--- /dev/null
+++ b/contrib/tcpdump/ospf.h
@@ -0,0 +1,223 @@
+/*
+ * Copyright (c) 1991, 1993, 1994, 1995, 1996
+ *	The Regents of the University of California.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that: (1) source code distributions
+ * retain the above copyright notice and this paragraph in its entirety, (2)
+ * distributions including binary code include the above copyright notice and
+ * this paragraph in its entirety in the documentation or other materials
+ * provided with the distribution, and (3) all advertising materials mentioning
+ * features or use of this software display the following acknowledgement:
+ * ``This product includes software developed by the University of California,
+ * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
+ * the University nor the names of its contributors may be used to endorse
+ * or promote products derived from this software without specific prior
+ * written permission.
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
+ *
+ * OSPF support contributed by Jeffrey Honig (jch@mitchell.cit.cornell.edu)
+ */
+#define	OSPF_TYPE_UMD	0	/* UMd's special monitoring packets */
+#define	OSPF_TYPE_HELLO	1	/* Hello */
+#define	OSPF_TYPE_DB	2	/* Database Description */
+#define	OSPF_TYPE_LSR	3	/* Link State Request */
+#define	OSPF_TYPE_LSU	4	/* Link State Update */
+#define	OSPF_TYPE_LSA	5	/* Link State Ack */
+#define	OSPF_TYPE_MAX	6
+
+/* Options *_options	*/
+#define OSPF_OPTION_T	0x01	/* T bit: TOS support	*/
+#define OSPF_OPTION_E	0x02	/* E bit: External routes advertised	*/
+#define	OSPF_OPTION_MC	0x04	/* MC bit: Multicast capable */
+
+/* ospf_authtype	*/
+#define	OSPF_AUTH_NONE		0	/* No auth-data */
+#define	OSPF_AUTH_SIMPLE	1	/* Simple password */
+
+/* db_flags	*/
+#define	OSPF_DB_INIT		0x04	    /*	*/
+#define	OSPF_DB_MORE		0x02
+#define	OSPF_DB_MASTER		0x01
+
+/* ls_type	*/
+#define	LS_TYPE_ROUTER		1   /* router link */
+#define	LS_TYPE_NETWORK		2   /* network link */
+#define	LS_TYPE_SUM_IP		3   /* summary link */
+#define	LS_TYPE_SUM_ABR		4   /* summary area link */
+#define	LS_TYPE_ASE		5   /* ASE  */
+#define	LS_TYPE_GROUP		6   /* Group membership (multicast */
+				    /* extensions 23 July 1991) */
+#define	LS_TYPE_MAX		7
+
+/*************************************************
+ *
+ * is the above a bug in the documentation?
+ *
+ *************************************************/
+
+
+/* rla_link.link_type	*/
+#define	RLA_TYPE_ROUTER		1   /* point-to-point to another router	*/
+#define	RLA_TYPE_TRANSIT	2   /* connection to transit network	*/
+#define	RLA_TYPE_STUB		3   /* connection to stub network	*/
+#define RLA_TYPE_VIRTUAL	4   /* virtual link			*/
+
+/* rla_flags	*/
+#define	RLA_FLAG_B	0x01
+#define	RLA_FLAG_E	0x02
+#define	RLA_FLAG_W1	0x04
+#define	RLA_FLAG_W2	0x08
+
+/* sla_tosmetric breakdown	*/
+#define	SLA_MASK_TOS		0x7f000000
+#define	SLA_MASK_METRIC		0x00ffffff
+#define SLA_SHIFT_TOS		24
+
+/* asla_tosmetric breakdown	*/
+#define	ASLA_FLAG_EXTERNAL	0x80000000
+#define	ASLA_MASK_TOS		0x7f000000
+#define	ASLA_SHIFT_TOS		24
+#define	ASLA_MASK_METRIC	0x00ffffff
+
+/* multicast vertex type */
+#define	MCLA_VERTEX_ROUTER	1
+#define	MCLA_VERTEX_NETWORK	2
+
+/* link state advertisement header */
+struct lsa_hdr {
+    u_short ls_age;
+    u_char ls_options;
+    u_char ls_type;
+    struct in_addr ls_stateid;
+    struct in_addr ls_router;
+    u_int32_t ls_seq;
+    u_short ls_chksum;
+    u_short ls_length;
+} ;
+
+/* link state advertisement */
+struct lsa {
+    struct lsa_hdr ls_hdr;
+
+    /* Link state types */
+    union {
+	/* Router links advertisements */
+	struct {
+	    u_char rla_flags;
+	    u_char rla_zero[1];
+	    u_short rla_count;
+	    struct rlalink {
+		struct in_addr link_id;
+		struct in_addr link_data;
+		u_char link_type;
+		u_char link_toscount;
+		u_short link_tos0metric;
+	    } rla_link[1];		/* may repeat	*/
+	} un_rla;
+
+	/* Network links advertisements */
+	struct {
+	    struct in_addr nla_mask;
+	    struct in_addr nla_router[1];	/* may repeat	*/
+	} un_nla;
+
+	/* Summary links advertisements */
+	struct {
+	    struct in_addr sla_mask;
+	    u_int32_t sla_tosmetric[1];	/* may repeat	*/
+	} un_sla;
+
+	/* AS external links advertisements */
+	struct {
+	    struct in_addr asla_mask;
+	    struct aslametric {
+		u_int32_t asla_tosmetric;
+		struct in_addr asla_forward;
+		struct in_addr asla_tag;
+	    } asla_metric[1];		/* may repeat	*/
+	} un_asla;
+
+	/* Multicast group membership */
+	struct mcla {
+	    u_int32_t mcla_vtype;
+	    struct in_addr mcla_vid;
+	} un_mcla[1];
+    } lsa_un;
+} ;
+
+
+/*
+ * TOS metric struct (will be 0 or more in router links update)
+ */
+struct tos_metric {
+    u_char tos_type;
+    u_char tos_zero;
+    u_short tos_metric;
+} ;
+
+#define	OSPF_AUTH_SIZE	8
+
+/*
+ * the main header
+ */
+struct ospfhdr {
+    u_char ospf_version;
+    u_char ospf_type;
+    u_short ospf_len;
+    struct in_addr ospf_routerid;
+    struct in_addr ospf_areaid;
+    u_short ospf_chksum;
+    u_short ospf_authtype;
+    u_char ospf_authdata[OSPF_AUTH_SIZE];
+    union {
+
+	/* Hello packet */
+	struct {
+	    struct in_addr hello_mask;
+	    u_short hello_helloint;
+	    u_char hello_options;
+	    u_char hello_priority;
+	    u_int32_t hello_deadint;
+	    struct in_addr hello_dr;
+	    struct in_addr hello_bdr;
+	    struct in_addr hello_neighbor[1]; /* may repeat	*/
+	} un_hello;
+
+	/* Database Description packet */
+	struct {
+	    u_char db_zero[2];
+	    u_char db_options;
+	    u_char db_flags;
+	    u_int32_t db_seq;
+	    struct lsa_hdr db_lshdr[1]; /* may repeat	*/
+	} un_db;
+
+	/* Link State Request */
+	struct lsr {
+	    u_int32_t ls_type;
+	    struct in_addr ls_stateid;
+	    struct in_addr ls_router;
+	} un_lsr[1];		/* may repeat	*/
+
+	/* Link State Update */
+	struct {
+	    u_int32_t lsu_count;
+	    struct lsa lsu_lsa[1]; /* may repeat	*/
+	} un_lsu;
+
+	/* Link State Acknowledgement */
+	struct {
+	    struct lsa_hdr lsa_lshdr[1]; /* may repeat	*/
+	} un_lsa ;
+    } ospf_un ;
+} ;
+
+#define	ospf_hello	ospf_un.un_hello
+#define	ospf_db		ospf_un.un_db
+#define	ospf_lsr	ospf_un.un_lsr
+#define	ospf_lsu	ospf_un.un_lsu
+#define	ospf_lsa	ospf_un.un_lsa
+
diff --git a/contrib/tcpdump/packetdat.awk b/contrib/tcpdump/packetdat.awk
new file mode 100644
index 000000000000..292e21910a67
--- /dev/null
+++ b/contrib/tcpdump/packetdat.awk
@@ -0,0 +1,61 @@
+BEGIN	{
+	# we need to know (usual) packet size to convert byte numbers
+	# to packet numbers
+	if (packetsize <= 0)
+		packetsize = 512
+	}
+$5 !~ /[SR]/	{
+	# print out per-packet data in the form:
+	#  <packet #>
+	#  <start sequence #>
+	#  <1st send time>
+	#  <last send time>
+	#  <1st ack time>
+	#  <last ack time>
+	#  <# sends>
+	#  <# acks>
+
+	n = split ($1,t,":")
+	tim = t[1]*3600 + t[2]*60 + t[3]
+	if ($6 != "ack") {
+		i = index($6,":")
+		strtSeq = substr($6,1,i-1)
+		id = 1.5 + (strtSeq - 1) / packetsize
+		id -= id % 1
+		if (maxId < id)
+			maxId = id
+		if (firstSend[id] == 0) {
+			firstSend[id] = tim
+			seqNo[id] = strtSeq
+		}
+		lastSend[id] = tim
+		timesSent[id]++
+		totalPackets++
+	} else {
+		id = 1 + ($7 - 2) / packetsize
+		id -= id % 1
+		timesAcked[id]++
+		if (firstAck[id] == 0)
+			firstAck[id] = tim
+		lastAck[id] = tim
+		totalAcks++
+	}
+	}
+END	{
+	print "# " maxId " chunks.  " totalPackets " packets sent.  " \
+		totalAcks " acks."
+	# for packets that were implicitly acked, make the ack time
+	# be the ack time of next explicitly acked packet.
+	for (i = maxId-1; i > 0; --i)
+		while (i > 0 && firstAck[i] == 0) {
+			lastAck[i] = firstAck[i] = firstAck[i+1]
+			--i
+		}
+	tzero = firstSend[1]
+	for (i = 1; i <= maxId; i++)
+		printf "%d\t%d\t%.2f\t%.2f\t%.2f\t%.2f\t%d\t%d\n",\
+			i, seqNo[i], \
+			firstSend[i] - tzero, lastSend[i] - tzero,\
+			firstAck[i] - tzero, lastAck[i] - tzero,\
+			timesSent[i], timesAcked[i]
+	}
diff --git a/contrib/tcpdump/parsenfsfh.c b/contrib/tcpdump/parsenfsfh.c
new file mode 100644
index 000000000000..67de6587877a
--- /dev/null
+++ b/contrib/tcpdump/parsenfsfh.c
@@ -0,0 +1,419 @@
+#ifndef lint
+static char *RCSid = "$Header: parsenfsfh.c,v 1.9 95/10/19 20:27:44 leres Exp $";
+#endif
+
+/*
+ * parsenfsfh.c - portable parser for NFS file handles
+ *			uses all sorts of heuristics
+ *
+ * Jeffrey C. Mogul
+ * Digital Equipment Corporation
+ * Western Research Laboratory
+ */
+
+#include <sys/types.h>
+#include <sys/time.h>
+
+#include <ctype.h>
+#include <memory.h>
+#include <stdio.h>
+#include <string.h>
+
+#include "interface.h"
+#include "nfsfh.h"
+
+/*
+ * This routine attempts to parse a file handle (in network byte order),
+ * using heuristics to guess what kind of format it is in.  See the
+ * file "fhandle_layouts" for a detailed description of the various
+ * patterns we know about.
+ *
+ * The file handle is parsed into our internal representation of a
+ * file-system id, and an internal representation of an inode-number.
+ */
+
+#define	FHT_UNKNOWN	0
+#define	FHT_AUSPEX	1
+#define	FHT_DECOSF	2
+#define	FHT_IRIX4	3
+#define	FHT_IRIX5	4
+#define	FHT_SUNOS3	5
+#define	FHT_SUNOS4	6
+#define	FHT_ULTRIX	7
+#define	FHT_VMSUCX	8
+#define	FHT_SUNOS5	9
+#define	FHT_AIX32	10
+#define	FHT_HPUX9	11
+
+#ifdef	ultrix
+/* Nasty hack to keep the Ultrix C compiler from emitting bogus warnings */
+#define	XFF(x)	((u_int32_t)(x))
+#else
+#define	XFF(x)	(x)
+#endif
+
+#define	make_uint32(msb,b,c,lsb)\
+	(XFF(lsb) + (XFF(c)<<8) + (XFF(b)<<16) + (XFF(msb)<<24))
+
+#define	make_uint24(msb,b, lsb)\
+	(XFF(lsb) + (XFF(b)<<8) + (XFF(msb)<<16))
+
+#define	make_uint16(msb,lsb)\
+	(XFF(lsb) + (XFF(msb)<<8))
+
+#ifdef	__alpha
+	/* or other 64-bit systems */
+#define	make_uint48(msb,b,c,d,e,lsb)\
+	((lsb) + ((e)<<8) + ((d)<<16) + ((c)<<24) + ((b)<<32) + ((msb)<<40))
+#else
+	/* on 32-bit systems ignore high-order bits */
+#define	make_uint48(msb,b,c,d,e,lsb)\
+	((lsb) + ((e)<<8) + ((d)<<16) + ((c)<<24))
+#endif
+
+static int is_UCX(unsigned char *);
+
+void
+Parse_fh(fh, fsidp, inop, osnamep, fsnamep, ourself)
+register caddr_t *fh;
+my_fsid *fsidp;
+ino_t *inop;
+char **osnamep;		/* if non-NULL, return OS name here */
+char **fsnamep;		/* if non-NULL, return server fs name here (for VMS) */
+int ourself;		/* true if file handle was generated on this host */
+{
+	register unsigned char *fhp = (unsigned char *)fh;
+	u_int32_t temp;
+	int fhtype = FHT_UNKNOWN;
+
+	if (ourself) {
+	    /* File handle generated on this host, no need for guessing */
+#if	defined(IRIX40)
+	    fhtype = FHT_IRIX4;
+#endif
+#if	defined(IRIX50)
+	    fhtype = FHT_IRIX5;
+#endif
+#if	defined(IRIX51)
+	    fhtype = FHT_IRIX5;
+#endif
+#if	defined(SUNOS4)
+	    fhtype = FHT_SUNOS4;
+#endif
+#if	defined(SUNOS5)
+	    fhtype = FHT_SUNOS5;
+#endif
+#if	defined(ultrix)
+	    fhtype = FHT_ULTRIX;
+#endif
+#if	defined(__osf__)
+	    fhtype = FHT_DECOSF;
+#endif
+	}
+	/*
+	 * This is basically a big decision tree
+	 */
+	else if ((fhp[0] == 0) && (fhp[1] == 0)) {
+	    /* bytes[0,1] == (0,0); rules out Ultrix, IRIX5, SUNOS5 */
+	    /* probably rules out HP-UX, AIX unless they allow major=0 */
+	    if ((fhp[2] == 0) && (fhp[3] == 0)) {
+		/* bytes[2,3] == (0,0); must be Auspex */
+		/* XXX or could be Ultrix+MASSBUS "hp" disk? */
+		fhtype = FHT_AUSPEX;
+	    }
+	    else {
+		/*
+		 * bytes[2,3] != (0,0); rules out Auspex, could be
+		 * DECOSF, SUNOS4, or IRIX4
+		 */
+		if ((fhp[4] != 0) && (fhp[5] == 0) &&
+			(fhp[8] == 12) && (fhp[9] == 0)) {
+		    /* seems to be DECOSF, with minor == 0 */
+		    fhtype = FHT_DECOSF;
+		}
+		else {
+		    /* could be SUNOS4 or IRIX4 */
+		    /* XXX the test of fhp[5] == 8 could be wrong */
+		    if ((fhp[4] == 0) && (fhp[5] == 8) && (fhp[6] == 0) &&
+			(fhp[7] == 0)) {
+			/* looks like a length, not a file system typecode */
+			fhtype = FHT_IRIX4;
+		    }
+		    else {
+			/* by elimination */
+			fhtype = FHT_SUNOS4;
+		    }
+		}
+	    }
+	}
+	else {
+	    /*
+	     * bytes[0,1] != (0,0); rules out Auspex, IRIX4, SUNOS4
+	     * could be IRIX5, DECOSF, UCX, Ultrix, SUNOS5
+	     * could be AIX, HP-UX
+	     */
+	    if ((fhp[2] == 0) && (fhp[3] == 0)) {
+		/*
+		 * bytes[2,3] == (0,0); rules out OSF, probably not UCX
+		 * (unless the exported device name is just one letter!),
+		 * could be Ultrix, IRIX5, AIX, or SUNOS5
+		 * might be HP-UX (depends on their values for minor devs)
+		 */
+		/*XXX we probably only need to test of these two bytes */
+		if ((fhp[21] == 0) && (fhp[23] == 0)) {
+		    fhtype = FHT_ULTRIX;
+		}
+		else {
+		    /* Could be SUNOS5/IRIX5, maybe AIX */
+		    /* XXX no obvious difference between SUNOS5 and IRIX5 */
+		    if (fhp[9] == 10)
+			fhtype = FHT_SUNOS5;
+		    /* XXX what about AIX? */
+		}
+	    }
+	    else {
+		/*
+		 * bytes[2,3] != (0,0); rules out Ultrix, could be
+		 * DECOSF, SUNOS5, IRIX5, AIX, HP-UX, or UCX
+		 */
+		if ((fhp[8] == 12) && (fhp[9] == 0)) {
+		    fhtype = FHT_DECOSF;
+		}
+		else if ((fhp[8] == 0) && (fhp[9] == 10)) {
+		    /* could be SUNOS5/IRIX5, AIX, HP-UX */
+		    if ((fhp[7] == 0) && (fhp[6] == 0) &&
+			(fhp[5] == 0) && (fhp[4] == 0)) {
+			/* XXX is this always true of HP-UX? */
+			fhtype = FHT_HPUX9;
+		    }
+		    else if (fhp[7] == 2) {
+			/* This would be MNT_NFS on AIX, which is impossible */
+			fhtype = FHT_SUNOS5;	/* or maybe IRIX5 */
+		    }
+		    else {
+			/*
+			 * XXX Could be SUNOS5/IRIX5 or AIX.  I don't
+			 * XXX see any way to disambiguate these, so
+			 * XXX I'm going with the more likely guess.
+			 * XXX Sorry, Big Blue.
+			 */
+			fhtype = FHT_SUNOS5;	/* or maybe IRIX5 */
+		    }
+	        }
+		else {
+		    if (is_UCX(fhp)) {
+			fhtype = FHT_VMSUCX;
+		    }
+		    else {
+			fhtype = FHT_UNKNOWN;
+		    }
+		}
+	    }
+	}
+
+	/* XXX still needs to handle SUNOS3 */
+
+	switch (fhtype) {
+	case FHT_AUSPEX:
+	    fsidp->fsid_dev.Minor = fhp[7];
+	    fsidp->fsid_dev.Major = fhp[6];
+	    fsidp->fsid_code = 0;
+
+	    temp = make_uint32(fhp[12], fhp[13], fhp[14], fhp[15]);
+	    *inop = temp;
+
+	    if (osnamep)
+		*osnamep = "Auspex";
+	    break;
+
+	case FHT_DECOSF:
+	    fsidp->fsid_code = make_uint32(fhp[7], fhp[6], fhp[5], fhp[4]);
+			/* XXX could ignore 3 high-order bytes */
+
+	    temp = make_uint32(fhp[3], fhp[2], fhp[1], fhp[0]);
+	    fsidp->fsid_dev.Minor = temp & 0xFFFFF;
+	    fsidp->fsid_dev.Major = (temp>>20) & 0xFFF;
+
+	    temp = make_uint32(fhp[15], fhp[14], fhp[13], fhp[12]);
+	    *inop = temp;
+	    if (osnamep)
+		*osnamep = "OSF";
+	    break;
+
+	case FHT_IRIX4:
+	    fsidp->fsid_dev.Minor = fhp[3];
+	    fsidp->fsid_dev.Major = fhp[2];
+	    fsidp->fsid_code = 0;
+
+	    temp = make_uint32(fhp[8], fhp[9], fhp[10], fhp[11]);
+	    *inop = temp;
+
+	    if (osnamep)
+		*osnamep = "IRIX4";
+	    break;
+
+	case FHT_IRIX5:
+	    fsidp->fsid_dev.Minor = make_uint16(fhp[2], fhp[3]);
+	    fsidp->fsid_dev.Major = make_uint16(fhp[0], fhp[1]);
+	    fsidp->fsid_code = make_uint32(fhp[4], fhp[5], fhp[6], fhp[7]);
+
+	    temp = make_uint32(fhp[12], fhp[13], fhp[14], fhp[15]);
+	    *inop = temp;
+
+	    if (osnamep)
+		*osnamep = "IRIX5";
+	    break;
+
+	case FHT_SUNOS3:
+	    if (osnamep)
+		*osnamep = "SUNOS3";
+	    break;
+
+	case FHT_SUNOS4:
+	    fsidp->fsid_dev.Minor = fhp[3];
+	    fsidp->fsid_dev.Major = fhp[2];
+	    fsidp->fsid_code = make_uint32(fhp[4], fhp[5], fhp[6], fhp[7]);
+
+	    temp = make_uint32(fhp[12], fhp[13], fhp[14], fhp[15]);
+	    *inop = temp;
+
+	    if (osnamep)
+		*osnamep = "SUNOS4";
+	    break;
+
+	case FHT_SUNOS5:
+	    temp = make_uint16(fhp[0], fhp[1]);
+	    fsidp->fsid_dev.Major = (temp>>2) &  0x3FFF;
+	    temp = make_uint24(fhp[1], fhp[2], fhp[3]);
+	    fsidp->fsid_dev.Minor = temp & 0x3FFFF;
+	    fsidp->fsid_code = make_uint32(fhp[4], fhp[5], fhp[6], fhp[7]);
+
+	    temp = make_uint32(fhp[12], fhp[13], fhp[14], fhp[15]);
+	    *inop = temp;
+
+	    if (osnamep)
+		*osnamep = "SUNOS5";
+	    break;
+
+	case FHT_ULTRIX:
+	    fsidp->fsid_code = 0;
+	    fsidp->fsid_dev.Minor = fhp[0];
+	    fsidp->fsid_dev.Major = fhp[1];
+
+	    temp = make_uint32(fhp[7], fhp[6], fhp[5], fhp[4]);
+	    *inop = temp;
+	    if (osnamep)
+		*osnamep = "Ultrix";
+	    break;
+
+	case FHT_VMSUCX:
+	    /* No numeric file system ID, so hash on the device-name */
+	    if (sizeof(*fsidp) >= 14) {
+		if (sizeof(*fsidp) > 14)
+		    memset((char *)fsidp, 0, sizeof(*fsidp));
+		memcpy((char *)fsidp, fh, 14);	/* just use the whole thing */
+	    }
+	    else {
+		u_int32_t tempa[4];	/* at least 16 bytes, maybe more */
+
+		memset((char *)tempa, 0, sizeof(tempa));
+		memcpy((char *)tempa, fh, 14);	/* ensure alignment */
+		fsidp->fsid_dev.Minor = tempa[0] + (tempa[1]<<1);
+		fsidp->fsid_dev.Major = tempa[2] + (tempa[3]<<1);
+		fsidp->fsid_code = 0;
+	    }
+
+	    /* VMS file ID is: (RVN, FidHi, FidLo) */
+	    *inop = make_uint32(fhp[26], fhp[27], fhp[23], fhp[22]);
+
+	    /* Caller must save (and null-terminate?) this value */
+	    if (fsnamep)
+		*fsnamep = (char *)&(fhp[1]);
+
+	    if (osnamep)
+		*osnamep = "VMS";
+	    break;
+
+	case FHT_AIX32:
+	    fsidp->fsid_dev.Minor = make_uint16(fhp[2], fhp[3]);
+	    fsidp->fsid_dev.Major = make_uint16(fhp[0], fhp[1]);
+	    fsidp->fsid_code = make_uint32(fhp[4], fhp[5], fhp[6], fhp[7]);
+
+	    temp = make_uint32(fhp[12], fhp[13], fhp[14], fhp[15]);
+	    *inop = temp;
+
+	    if (osnamep)
+		*osnamep = "AIX32";
+	    break;
+
+	case FHT_HPUX9:
+	    fsidp->fsid_dev.Major = fhp[0];
+	    temp = make_uint24(fhp[1], fhp[2], fhp[3]);
+	    fsidp->fsid_dev.Minor = temp;
+	    fsidp->fsid_code = make_uint32(fhp[4], fhp[5], fhp[6], fhp[7]);
+
+	    temp = make_uint32(fhp[12], fhp[13], fhp[14], fhp[15]);
+	    *inop = temp;
+
+	    if (osnamep)
+		*osnamep = "HPUX9";
+	    break;
+
+	case FHT_UNKNOWN:
+#ifdef DEBUG
+	    {
+		/* XXX debugging */
+		int i;
+		for (i = 0; i < 32; i++)
+			(void)fprintf(stderr, "%x.", fhp[i]);
+		(void)fprintf(stderr, "\n");
+	    }
+#endif
+	    /* XXX for now, give "bogus" values to aid debugging */
+	    fsidp->fsid_code = 0;
+	    fsidp->fsid_dev.Minor = 257;
+	    fsidp->fsid_dev.Major = 257;
+	    *inop = 1;
+
+	    /* display will show this string instead of (257,257) */
+	    if (fsnamep)
+		*fsnamep = "Unknown";
+
+	    if (osnamep)
+		*osnamep = "Unknown";
+	    break;
+
+	}
+}
+
+/*
+ * Is this a VMS UCX file handle?
+ *	Check for:
+ *	(1) leading code byte	[XXX not yet]
+ *	(2) followed by string of printing chars & spaces
+ *	(3) followed by string of nulls
+ */
+static int
+is_UCX(fhp)
+unsigned char *fhp;
+{
+	register int i;
+	int seen_null = 0;
+
+	for (i = 1; i < 14; i++) {
+	    if (isprint(fhp[i])) {
+		if (seen_null)
+		   return(0);
+		else
+		   continue;
+	    }
+	    else if (fhp[i] == 0) {
+		seen_null = 1;
+		continue;
+	    }
+	    else
+		return(0);
+	}
+
+	return(1);
+}
diff --git a/contrib/tcpdump/print-arp.c b/contrib/tcpdump/print-arp.c
new file mode 100644
index 000000000000..14f6d8e558f3
--- /dev/null
+++ b/contrib/tcpdump/print-arp.c
@@ -0,0 +1,130 @@
+/*
+ * Copyright (c) 1988, 1989, 1990, 1991, 1992, 1993, 1994, 1995, 1996
+ *	The Regents of the University of California.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that: (1) source code distributions
+ * retain the above copyright notice and this paragraph in its entirety, (2)
+ * distributions including binary code include the above copyright notice and
+ * this paragraph in its entirety in the documentation or other materials
+ * provided with the distribution, and (3) all advertising materials mentioning
+ * features or use of this software display the following acknowledgement:
+ * ``This product includes software developed by the University of California,
+ * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
+ * the University nor the names of its contributors may be used to endorse
+ * or promote products derived from this software without specific prior
+ * written permission.
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
+ */
+
+#ifndef lint
+static char rcsid[] =
+    "@(#) $Header: print-arp.c,v 1.39 96/07/17 14:56:17 leres Exp $ (LBL)";
+#endif
+
+#include <sys/param.h>
+#include <sys/time.h>
+#include <sys/socket.h>
+
+#if __STDC__
+struct mbuf;
+struct rtentry;
+#endif
+#include <net/if.h>
+
+#include <netinet/in.h>
+#include <netinet/if_ether.h>
+
+#include <stdio.h>
+#include <string.h>
+
+#include "interface.h"
+#include "addrtoname.h"
+#include "ethertype.h"
+#include "extract.h"			/* must come after interface.h */
+
+/* Compatibility */
+#ifndef REVARP_REQUEST
+#define REVARP_REQUEST		3
+#endif
+#ifndef REVARP_REPLY
+#define REVARP_REPLY		4
+#endif
+
+static u_char ezero[6];
+
+void
+arp_print(register const u_char *bp, u_int length, u_int caplen)
+{
+	register const struct ether_arp *ap;
+	register const struct ether_header *eh;
+	register u_short pro, hrd, op;
+
+	ap = (struct ether_arp *)bp;
+	if ((u_char *)(ap + 1) > snapend) {
+		printf("[|arp]");
+		return;
+	}
+	if (length < sizeof(struct ether_arp)) {
+		(void)printf("truncated-arp");
+		default_print((u_char *)ap, length);
+		return;
+	}
+
+	pro = EXTRACT_16BITS(&ap->arp_pro);
+	hrd = EXTRACT_16BITS(&ap->arp_hrd);
+	op = EXTRACT_16BITS(&ap->arp_op);
+
+	if ((pro != ETHERTYPE_IP && pro != ETHERTYPE_TRAIL)
+	    || ap->arp_hln != sizeof(SHA(ap))
+	    || ap->arp_pln != sizeof(SPA(ap))) {
+		(void)printf("arp-#%d for proto #%d (%d) hardware #%d (%d)",
+				op, pro, ap->arp_pln,
+				hrd, ap->arp_hln);
+		return;
+	}
+	if (pro == ETHERTYPE_TRAIL)
+		(void)printf("trailer-");
+	eh = (struct ether_header *)packetp;
+	switch (op) {
+
+	case ARPOP_REQUEST:
+		(void)printf("arp who-has %s", ipaddr_string(TPA(ap)));
+		if (memcmp((char *)ezero, (char *)THA(ap), 6) != 0)
+			(void)printf(" (%s)", etheraddr_string(THA(ap)));
+		(void)printf(" tell %s", ipaddr_string(SPA(ap)));
+		if (memcmp((char *)ESRC(eh), (char *)SHA(ap), 6) != 0)
+			(void)printf(" (%s)", etheraddr_string(SHA(ap)));
+		break;
+
+	case ARPOP_REPLY:
+		(void)printf("arp reply %s", ipaddr_string(SPA(ap)));
+		if (memcmp((char *)ESRC(eh), (char *)SHA(ap), 6) != 0)
+			(void)printf(" (%s)", etheraddr_string(SHA(ap)));
+		(void)printf(" is-at %s", etheraddr_string(SHA(ap)));
+		if (memcmp((char *)EDST(eh), (char *)THA(ap), 6) != 0)
+			(void)printf(" (%s)", etheraddr_string(THA(ap)));
+		break;
+
+	case REVARP_REQUEST:
+		(void)printf("rarp who-is %s tell %s",
+			etheraddr_string(THA(ap)),
+			etheraddr_string(SHA(ap)));
+		break;
+
+	case REVARP_REPLY:
+		(void)printf("rarp reply %s at %s",
+			etheraddr_string(THA(ap)),
+			ipaddr_string(TPA(ap)));
+		break;
+
+	default:
+		(void)printf("arp-#%d", op);
+		default_print((u_char *)ap, caplen);
+		return;
+	}
+	if (hrd != ARPHRD_ETHER)
+		printf(" hardware #%d", ap->arp_hrd);
+}
diff --git a/contrib/tcpdump/print-atalk.c b/contrib/tcpdump/print-atalk.c
new file mode 100644
index 000000000000..e2ae8252889d
--- /dev/null
+++ b/contrib/tcpdump/print-atalk.c
@@ -0,0 +1,571 @@
+/*
+ * Copyright (c) 1988, 1989, 1990, 1991, 1992, 1993, 1994, 1995, 1996
+ *	The Regents of the University of California.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that: (1) source code distributions
+ * retain the above copyright notice and this paragraph in its entirety, (2)
+ * distributions including binary code include the above copyright notice and
+ * this paragraph in its entirety in the documentation or other materials
+ * provided with the distribution, and (3) all advertising materials mentioning
+ * features or use of this software display the following acknowledgement:
+ * ``This product includes software developed by the University of California,
+ * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
+ * the University nor the names of its contributors may be used to endorse
+ * or promote products derived from this software without specific prior
+ * written permission.
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
+ *
+ * Format and print AppleTalk packets.
+ */
+#ifndef lint
+static  char rcsid[] =
+	"@(#)$Header: print-atalk.c,v 1.43 96/07/23 14:16:55 leres Exp $ (LBL)";
+#endif
+
+#include <sys/param.h>
+#include <sys/time.h>
+#include <sys/socket.h>
+
+#if __STDC__
+struct mbuf;
+struct rtentry;
+#endif
+#include <net/if.h>
+
+#include <netinet/in.h>
+#include <netinet/in_systm.h>
+#include <netinet/ip.h>
+#include <netinet/ip_var.h>
+#include <netinet/if_ether.h>
+#include <netinet/udp.h>
+#include <netinet/udp_var.h>
+#include <netinet/tcp.h>
+#include <netinet/tcpip.h>
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#include "interface.h"
+#include "addrtoname.h"
+#include "ethertype.h"
+#include "extract.h"			/* must come after interface.h */
+#include "appletalk.h"
+
+static struct tok type2str[] = {
+	{ ddpRTMP,		"rtmp" },
+	{ ddpRTMPrequest,	"rtmpReq" },
+	{ ddpECHO,		"echo" },
+	{ ddpIP,		"IP" },
+	{ ddpARP,		"ARP" },
+	{ ddpKLAP,		"KLAP" },
+	{ 0,			NULL }
+};
+
+struct aarp {
+	u_short htype, ptype;
+	u_char	halen, palen;
+	u_short op;
+	u_char	hsaddr[6];
+	u_char	psaddr[4];
+	u_char	hdaddr[6];
+	u_char	pdaddr[4];
+};
+
+static char tstr[] = "[|atalk]";
+
+static void atp_print(const struct atATP *, u_int);
+static void atp_bitmap_print(u_char);
+static void nbp_print(const struct atNBP *, u_int, u_short, u_char, u_char);
+static const char *print_cstring(const char *, const u_char *);
+static const struct atNBPtuple *nbp_tuple_print(const struct atNBPtuple *,
+						const u_char *,
+						u_short, u_char, u_char);
+static const struct atNBPtuple *nbp_name_print(const struct atNBPtuple *,
+					       const u_char *);
+static const char *ataddr_string(u_short, u_char);
+static void ddp_print(const u_char *, u_int, int, u_short, u_char, u_char);
+static const char *ddpskt_string(int);
+
+/*
+ * Print AppleTalk Datagram Delivery Protocol packets.
+ */
+void
+atalk_print(register const u_char *bp, u_int length)
+{
+	register const struct LAP *lp;
+	register const struct atDDP *dp;
+	register const struct atShortDDP *sdp;
+	u_short snet;
+
+	lp = (struct LAP *)bp;
+	bp += sizeof(*lp);
+	length -= sizeof(*lp);
+	switch (lp->type) {
+
+	case lapShortDDP:
+		if (length < ddpSSize) {
+			(void)printf(" [|sddp %d]", length);
+			return;
+		}
+		sdp = (const struct atShortDDP *)bp;
+		printf("%s.%s",
+		    ataddr_string(0, lp->src), ddpskt_string(sdp->srcSkt));
+		printf(" > %s.%s:",
+		    ataddr_string(0, lp->dst), ddpskt_string(sdp->dstSkt));
+		bp += ddpSSize;
+		length -= ddpSSize;
+		ddp_print(bp, length, sdp->type, 0, lp->src, sdp->srcSkt);
+		break;
+
+	case lapDDP:
+		if (length < ddpSize) {
+			(void)printf(" [|ddp %d]", length);
+			return;
+		}
+		dp = (const struct atDDP *)bp;
+		snet = EXTRACT_16BITS(&dp->srcNet);
+		printf("%s.%s", ataddr_string(snet, dp->srcNode),
+		    ddpskt_string(dp->srcSkt));
+		printf(" > %s.%s:",
+		    ataddr_string(EXTRACT_16BITS(&dp->dstNet), dp->dstNode),
+		    ddpskt_string(dp->dstSkt));
+		bp += ddpSize;
+		length -= ddpSize;
+		ddp_print(bp, length, dp->type, snet, dp->srcNode, dp->srcSkt);
+		break;
+
+#ifdef notdef
+	case lapKLAP:
+		klap_print(bp, length);
+		break;
+#endif
+
+	default:
+		printf("%d > %d at-lap#%d %d",
+		    lp->src, lp->dst, lp->type, length);
+		break;
+	}
+}
+
+/* XXX should probably pass in the snap header and do checks like arp_print() */
+void
+aarp_print(register const u_char *bp, u_int length)
+{
+	register const struct aarp *ap;
+
+#define AT(member) ataddr_string((ap->member[1]<<8)|ap->member[2],ap->member[3])
+
+	printf("aarp ");
+	ap = (const struct aarp *)bp;
+	if (ap->htype == 1 && ap->ptype == ETHERTYPE_ATALK &&
+	    ap->halen == 6 && ap->palen == 4 )
+		switch (ap->op) {
+
+		case 1:				/* request */
+			(void)printf("who-has %s tell %s",
+			    AT(pdaddr), AT(psaddr));
+			return;
+
+		case 2:				/* response */
+			(void)printf("reply %s is-at %s",
+			    AT(pdaddr), etheraddr_string(ap->hdaddr));
+			return;
+
+		case 3:				/* probe (oy!) */
+			(void)printf("probe %s tell %s",
+			    AT(pdaddr), AT(psaddr));
+			return;
+		}
+	(void)printf("len %d op %d htype %d ptype %#x halen %d palen %d",
+	    length, ap->op, ap->htype, ap->ptype, ap->halen, ap->palen );
+}
+
+static void
+ddp_print(register const u_char *bp, register u_int length, register int t,
+	  register u_short snet, register u_char snode, u_char skt)
+{
+
+	switch (t) {
+
+	case ddpNBP:
+		nbp_print((const struct atNBP *)bp, length, snet, snode, skt);
+		break;
+
+	case ddpATP:
+		atp_print((const struct atATP *)bp, length);
+		break;
+
+	default:
+		(void)printf(" at-%s %d", tok2str(type2str, NULL, t), length);
+		break;
+	}
+}
+
+static void
+atp_print(register const struct atATP *ap, u_int length)
+{
+	char c;
+	u_int32_t data;
+
+	if ((const u_char *)(ap + 1) > snapend) {
+		/* Just bail if we don't have the whole chunk. */
+		fputs(tstr, stdout);
+		return;
+	}
+	length -= sizeof(*ap);
+	switch (ap->control & 0xc0) {
+
+	case atpReqCode:
+		(void)printf(" atp-req%s %d",
+			     ap->control & atpXO? " " : "*",
+			     EXTRACT_16BITS(&ap->transID));
+
+		atp_bitmap_print(ap->bitmap);
+
+		if (length != 0)
+			(void)printf(" [len=%d]", length);
+
+		switch (ap->control & (atpEOM|atpSTS)) {
+		case atpEOM:
+			(void)printf(" [EOM]");
+			break;
+		case atpSTS:
+			(void)printf(" [STS]");
+			break;
+		case atpEOM|atpSTS:
+			(void)printf(" [EOM,STS]");
+			break;
+		}
+		break;
+
+	case atpRspCode:
+		(void)printf(" atp-resp%s%d:%d (%d)",
+			     ap->control & atpEOM? "*" : " ",
+			     EXTRACT_16BITS(&ap->transID), ap->bitmap, length);
+		switch (ap->control & (atpXO|atpSTS)) {
+		case atpXO:
+			(void)printf(" [XO]");
+			break;
+		case atpSTS:
+			(void)printf(" [STS]");
+			break;
+		case atpXO|atpSTS:
+			(void)printf(" [XO,STS]");
+			break;
+		}
+		break;
+
+	case atpRelCode:
+		(void)printf(" atp-rel  %d", EXTRACT_16BITS(&ap->transID));
+
+		atp_bitmap_print(ap->bitmap);
+
+		/* length should be zero */
+		if (length)
+			(void)printf(" [len=%d]", length);
+
+		/* there shouldn't be any control flags */
+		if (ap->control & (atpXO|atpEOM|atpSTS)) {
+			c = '[';
+			if (ap->control & atpXO) {
+				(void)printf("%cXO", c);
+				c = ',';
+			}
+			if (ap->control & atpEOM) {
+				(void)printf("%cEOM", c);
+				c = ',';
+			}
+			if (ap->control & atpSTS) {
+				(void)printf("%cSTS", c);
+				c = ',';
+			}
+			(void)printf("]");
+		}
+		break;
+
+	default:
+		(void)printf(" atp-0x%x  %d (%d)", ap->control,
+			     EXTRACT_16BITS(&ap->transID), length);
+		break;
+	}
+	data = EXTRACT_32BITS(&ap->userData);
+	if (data != 0)
+		(void)printf(" 0x%x", data);
+}
+
+static void
+atp_bitmap_print(register u_char bm)
+{
+	register char c;
+	register int i;
+
+	/*
+	 * The '& 0xff' below is needed for compilers that want to sign
+	 * extend a u_char, which is the case with the Ultrix compiler.
+	 * (gcc is smart enough to eliminate it, at least on the Sparc).
+	 */
+	if ((bm + 1) & (bm & 0xff)) {
+		c = '<';
+		for (i = 0; bm; ++i) {
+			if (bm & 1) {
+				(void)printf("%c%d", c, i);
+				c = ',';
+			}
+			bm >>= 1;
+		}
+		(void)printf(">");
+	} else {
+		for (i = 0; bm; ++i)
+			bm >>= 1;
+		if (i > 1)
+			(void)printf("<0-%d>", i - 1);
+		else
+			(void)printf("<0>");
+	}
+}
+
+static void
+nbp_print(register const struct atNBP *np, u_int length, register u_short snet,
+	  register u_char snode, register u_char skt)
+{
+	register const struct atNBPtuple *tp =
+			(struct atNBPtuple *)((u_char *)np + nbpHeaderSize);
+	int i;
+	const u_char *ep;
+
+	length -= nbpHeaderSize;
+	if (length < 8) {
+		/* must be room for at least one tuple */
+		(void)printf(" truncated-nbp %d", length + nbpHeaderSize);
+		return;
+	}
+	/* ep points to end of available data */
+	ep = snapend;
+	if ((const u_char *)tp > ep) {
+		fputs(tstr, stdout);
+		return;
+	}
+	switch (i = np->control & 0xf0) {
+
+	case nbpBrRq:
+	case nbpLkUp:
+		(void)printf(i == nbpLkUp? " nbp-lkup %d:":" nbp-brRq %d:",
+			     np->id);
+		if ((const u_char *)(tp + 1) > ep) {
+			fputs(tstr, stdout);
+			return;
+		}
+		(void)nbp_name_print(tp, ep);
+		/*
+		 * look for anomalies: the spec says there can only
+		 * be one tuple, the address must match the source
+		 * address and the enumerator should be zero.
+		 */
+		if ((np->control & 0xf) != 1)
+			(void)printf(" [ntup=%d]", np->control & 0xf);
+		if (tp->enumerator)
+			(void)printf(" [enum=%d]", tp->enumerator);
+		if (EXTRACT_16BITS(&tp->net) != snet ||
+		    tp->node != snode || tp->skt != skt)
+			(void)printf(" [addr=%s.%d]",
+			    ataddr_string(EXTRACT_16BITS(&tp->net),
+			    tp->node), tp->skt);
+		break;
+
+	case nbpLkUpReply:
+		(void)printf(" nbp-reply %d:", np->id);
+
+		/* print each of the tuples in the reply */
+		for (i = np->control & 0xf; --i >= 0 && tp; )
+			tp = nbp_tuple_print(tp, ep, snet, snode, skt);
+		break;
+
+	default:
+		(void)printf(" nbp-0x%x  %d (%d)", np->control, np->id,
+				length);
+		break;
+	}
+}
+
+/* print a counted string */
+static const char *
+print_cstring(register const char *cp, register const u_char *ep)
+{
+	register u_int length;
+
+	if (cp >= (const char *)ep) {
+		fputs(tstr, stdout);
+		return (0);
+	}
+	length = *cp++;
+
+	/* Spec says string can be at most 32 bytes long */
+	if (length < 0 || length > 32) {
+		(void)printf("[len=%d]", length);
+		return (0);
+	}
+	while (--length >= 0) {
+		if (cp >= (char *)ep) {
+			fputs(tstr, stdout);
+			return (0);
+		}
+		putchar(*cp++);
+	}
+	return (cp);
+}
+
+static const struct atNBPtuple *
+nbp_tuple_print(register const struct atNBPtuple *tp,
+		register const u_char *ep,
+		register u_short snet, register u_char snode,
+		register u_char skt)
+{
+	register const struct atNBPtuple *tpn;
+
+	if ((const u_char *)(tp + 1) > ep) {
+		fputs(tstr, stdout);
+		return 0;
+	}
+	tpn = nbp_name_print(tp, ep);
+
+	/* if the enumerator isn't 1, print it */
+	if (tp->enumerator != 1)
+		(void)printf("(%d)", tp->enumerator);
+
+	/* if the socket doesn't match the src socket, print it */
+	if (tp->skt != skt)
+		(void)printf(" %d", tp->skt);
+
+	/* if the address doesn't match the src address, it's an anomaly */
+	if (EXTRACT_16BITS(&tp->net) != snet || tp->node != snode)
+		(void)printf(" [addr=%s]",
+		    ataddr_string(EXTRACT_16BITS(&tp->net), tp->node));
+
+	return (tpn);
+}
+
+static const struct atNBPtuple *
+nbp_name_print(const struct atNBPtuple *tp, register const u_char *ep)
+{
+	register const char *cp = (const char *)tp + nbpTupleSize;
+
+	putchar(' ');
+
+	/* Object */
+	putchar('"');
+	if ((cp = print_cstring(cp, ep)) != NULL) {
+		/* Type */
+		putchar(':');
+		if ((cp = print_cstring(cp, ep)) != NULL) {
+			/* Zone */
+			putchar('@');
+			if ((cp = print_cstring(cp, ep)) != NULL)
+				putchar('"');
+		}
+	}
+	return ((const struct atNBPtuple *)cp);
+}
+
+
+#define HASHNAMESIZE 4096
+
+struct hnamemem {
+	int addr;
+	char *name;
+	struct hnamemem *nxt;
+};
+
+static struct hnamemem hnametable[HASHNAMESIZE];
+
+static const char *
+ataddr_string(u_short atnet, u_char athost)
+{
+	register struct hnamemem *tp, *tp2;
+	register int i = (atnet << 8) | athost;
+	char nambuf[256];
+	static int first = 1;
+	FILE *fp;
+
+	/*
+	 * if this is the first call, see if there's an AppleTalk
+	 * number to name map file.
+	 */
+	if (first && (first = 0, !nflag)
+	    && (fp = fopen("/etc/atalk.names", "r"))) {
+		char line[256];
+		int i1, i2, i3;
+
+		while (fgets(line, sizeof(line), fp)) {
+			if (line[0] == '\n' || line[0] == 0 || line[0] == '#')
+				continue;
+			if (sscanf(line, "%d.%d.%d %s", &i1, &i2, &i3,
+				     nambuf) == 4)
+				/* got a hostname. */
+				i3 |= ((i1 << 8) | i2) << 8;
+			else if (sscanf(line, "%d.%d %s", &i1, &i2,
+					nambuf) == 3)
+				/* got a net name */
+				i3 = (((i1 << 8) | i2) << 8) | 255;
+			else
+				continue;
+
+			for (tp = &hnametable[i3 & (HASHNAMESIZE-1)];
+			     tp->nxt; tp = tp->nxt)
+				;
+			tp->addr = i3;
+			tp->nxt = newhnamemem();
+			tp->name = savestr(nambuf);
+		}
+		fclose(fp);
+	}
+
+	for (tp = &hnametable[i & (HASHNAMESIZE-1)]; tp->nxt; tp = tp->nxt)
+		if (tp->addr == i)
+			return (tp->name);
+
+	/* didn't have the node name -- see if we've got the net name */
+	i |= 255;
+	for (tp2 = &hnametable[i & (HASHNAMESIZE-1)]; tp2->nxt; tp2 = tp2->nxt)
+		if (tp2->addr == i) {
+			tp->addr = (atnet << 8) | athost;
+			tp->nxt = newhnamemem();
+			(void)sprintf(nambuf, "%s.%d", tp2->name, athost);
+			tp->name = savestr(nambuf);
+			return (tp->name);
+		}
+
+	tp->addr = (atnet << 8) | athost;
+	tp->nxt = newhnamemem();
+	if (athost != 255)
+		(void)sprintf(nambuf, "%d.%d.%d",
+		    atnet >> 8, atnet & 0xff, athost);
+	else
+		(void)sprintf(nambuf, "%d.%d", atnet >> 8, atnet & 0xff);
+	tp->name = savestr(nambuf);
+
+	return (tp->name);
+}
+
+static struct tok skt2str[] = {
+	{ rtmpSkt,	"rtmp" },	/* routing table maintenance */
+	{ nbpSkt,	"nis" },	/* name info socket */
+	{ echoSkt,	"echo" },	/* AppleTalk echo protocol */
+	{ zipSkt,	"zip" },	/* zone info protocol */
+	{ 0,		NULL }
+};
+
+static const char *
+ddpskt_string(register int skt)
+{
+	static char buf[8];
+
+	if (nflag) {
+		(void)sprintf(buf, "%d", skt);
+		return (buf);
+	}
+	return (tok2str(skt2str, "%d", skt));
+}
diff --git a/contrib/tcpdump/print-atm.c b/contrib/tcpdump/print-atm.c
new file mode 100644
index 000000000000..f8754a1adcd5
--- /dev/null
+++ b/contrib/tcpdump/print-atm.c
@@ -0,0 +1,148 @@
+/*
+ * Copyright (c) 1994, 1995, 1996
+ *	The Regents of the University of California.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that: (1) source code distributions
+ * retain the above copyright notice and this paragraph in its entirety, (2)
+ * distributions including binary code include the above copyright notice and
+ * this paragraph in its entirety in the documentation or other materials
+ * provided with the distribution, and (3) all advertising materials mentioning
+ * features or use of this software display the following acknowledgement:
+ * ``This product includes software developed by the University of California,
+ * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
+ * the University nor the names of its contributors may be used to endorse
+ * or promote products derived from this software without specific prior
+ * written permission.
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
+ */
+#ifndef lint
+static char rcsid[] =
+    "@(#) $Header: print-atm.c,v 1.7 96/07/23 14:17:21 leres Exp $ (LBL)";
+#endif
+
+#include <sys/param.h>
+#include <sys/time.h>
+#include <sys/socket.h>
+
+#if __STDC__
+struct mbuf;
+struct rtentry;
+#endif
+#include <net/if.h>
+
+#include <netinet/in.h>
+#include <netinet/if_ether.h>
+#include <netinet/in_systm.h>
+#include <netinet/ip.h>
+#include <netinet/ip_var.h>
+#include <netinet/udp.h>
+#include <netinet/udp_var.h>
+#include <netinet/tcp.h>
+#include <netinet/tcpip.h>
+
+#include <stdio.h>
+#include <pcap.h>
+
+#include "addrtoname.h"
+#include "ethertype.h"
+#include "interface.h"
+
+/*
+ * This is the top level routine of the printer.  'p' is the points
+ * to the LLC/SNAP header of the packet, 'tvp' is the timestamp,
+ * 'length' is the length of the packet off the wire, and 'caplen'
+ * is the number of bytes actually captured.
+ */
+void
+atm_if_print(u_char *user, const struct pcap_pkthdr *h, const u_char *p)
+{
+	u_int caplen = h->caplen;
+	u_int length = h->len;
+	u_short ethertype;
+
+	ts_print(&h->ts);
+
+	if (caplen < 8) {
+		printf("[|atm]");
+		goto out;
+	}
+	if (p[0] != 0xaa || p[1] != 0xaa || p[2] != 0x03) {
+		/*XXX assume 802.6 MAC header from fore driver */
+		if (eflag)
+			printf("%04x%04x %04x%04x ",
+			       p[0] << 24 | p[1] << 16 | p[2] << 8 | p[3],
+			       p[4] << 24 | p[5] << 16 | p[6] << 8 | p[7],
+			       p[8] << 24 | p[9] << 16 | p[10] << 8 | p[11],
+			       p[12] << 24 | p[13] << 16 | p[14] << 8 | p[15]);
+		p += 20;
+		length -= 20;
+		caplen -= 20;
+	}
+	ethertype = p[6] << 8 | p[7];
+	if (eflag)
+		printf("%02x %02x %02x %02x-%02x-%02x %04x: ",
+		       p[0], p[1], p[2], /* dsap/ssap/ctrl */
+		       p[3], p[4], p[5], /* manufacturer's code */
+		       ethertype);
+
+	/*
+	 * Some printers want to get back at the ethernet addresses,
+	 * and/or check that they're not walking off the end of the packet.
+	 * Rather than pass them all the way down, we set these globals.
+	 */
+	packetp = p;
+	snapend = p + caplen;
+
+	length -= 8;
+	caplen -= 8;
+	p += 8;
+
+	switch (ethertype) {
+
+	case ETHERTYPE_IP:
+		ip_print(p, length);
+		break;
+
+		/*XXX this probably isn't right */
+	case ETHERTYPE_ARP:
+	case ETHERTYPE_REVARP:
+		arp_print(p, length, caplen);
+		break;
+#ifdef notyet
+	case ETHERTYPE_DN:
+		decnet_print(p, length, caplen);
+		break;
+
+	case ETHERTYPE_ATALK:
+		if (vflag)
+			fputs("et1 ", stdout);
+		atalk_print(p, length);
+		break;
+
+	case ETHERTYPE_AARP:
+		aarp_print(p, length);
+		break;
+
+	case ETHERTYPE_LAT:
+	case ETHERTYPE_MOPRC:
+	case ETHERTYPE_MOPDL:
+		/* default_print for now */
+#endif
+	default:
+		/* ether_type not known, print raw packet */
+		if (!eflag)
+			printf("%02x %02x %02x %02x-%02x-%02x %04x: ",
+			       p[0], p[1], p[2], /* dsap/ssap/ctrl */
+			       p[3], p[4], p[5], /* manufacturer's code */
+			       ethertype);
+		if (!xflag && !qflag)
+			default_print(p, caplen);
+	}
+	if (xflag)
+		default_print(p, caplen);
+ out:
+	putchar('\n');
+}
diff --git a/contrib/tcpdump/print-bootp.c b/contrib/tcpdump/print-bootp.c
new file mode 100644
index 000000000000..0a699f124cae
--- /dev/null
+++ b/contrib/tcpdump/print-bootp.c
@@ -0,0 +1,348 @@
+/*
+ * Copyright (c) 1990, 1991, 1993, 1994, 1995, 1996
+ *	The Regents of the University of California.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that: (1) source code distributions
+ * retain the above copyright notice and this paragraph in its entirety, (2)
+ * distributions including binary code include the above copyright notice and
+ * this paragraph in its entirety in the documentation or other materials
+ * provided with the distribution, and (3) all advertising materials mentioning
+ * features or use of this software display the following acknowledgement:
+ * ``This product includes software developed by the University of California,
+ * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
+ * the University nor the names of its contributors may be used to endorse
+ * or promote products derived from this software without specific prior
+ * written permission.
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
+ *
+ * Format and print bootp packets.
+ */
+#ifndef lint
+static char rcsid[] =
+    "@(#) $Header: print-bootp.c,v 1.42 96/07/23 14:17:22 leres Exp $ (LBL)";
+#endif
+
+#include <sys/param.h>
+#include <sys/time.h>
+#include <sys/socket.h>
+
+#if __STDC__
+struct mbuf;
+struct rtentry;
+#endif
+#include <net/if.h>
+
+#include <netinet/in.h>
+#include <netinet/if_ether.h>
+
+#include <ctype.h>
+#include <stdio.h>
+#include <string.h>
+
+#include "interface.h"
+#include "addrtoname.h"
+#include "bootp.h"
+
+static void rfc1048_print(const u_char *, u_int);
+static void cmu_print(const u_char *, u_int);
+
+static char tstr[] = " [|bootp]";
+
+/*
+ * Print bootp requests
+ */
+void
+bootp_print(register const u_char *cp, u_int length,
+	    u_short sport, u_short dport)
+{
+	register const struct bootp *bp;
+	static u_char vm_cmu[4] = VM_CMU;
+	static u_char vm_rfc1048[4] = VM_RFC1048;
+
+	bp = (struct bootp *)cp;
+	TCHECK(bp->bp_op);
+	switch (bp->bp_op) {
+
+	case BOOTREQUEST:
+		/* Usually, a request goes from a client to a server */
+		if (sport != IPPORT_BOOTPC || dport != IPPORT_BOOTPS)
+			printf(" (request)");
+		break;
+
+	case BOOTREPLY:
+		/* Usually, a reply goes from a server to a client */
+		if (sport != IPPORT_BOOTPS || dport != IPPORT_BOOTPC)
+			printf(" (reply)");
+		break;
+
+	default:
+		printf(" bootp-#%d", bp->bp_op);
+	}
+
+	TCHECK(bp->bp_secs);
+
+	/* The usual hardware address type is 1 (10Mb Ethernet) */
+	if (bp->bp_htype != 1)
+		printf(" htype-#%d", bp->bp_htype);
+
+	/* The usual length for 10Mb Ethernet address is 6 bytes */
+	if (bp->bp_htype != 1 || bp->bp_hlen != 6)
+		printf(" hlen:%d", bp->bp_hlen);
+
+	/* Only print interesting fields */
+	if (bp->bp_hops)
+		printf(" hops:%d", bp->bp_hops);
+	if (bp->bp_xid)
+		printf(" xid:0x%x", (u_int32_t)ntohl(bp->bp_xid));
+	if (bp->bp_secs)
+		printf(" secs:%d", ntohs(bp->bp_secs));
+
+	/* Client's ip address */
+	TCHECK(bp->bp_ciaddr);
+	if (bp->bp_ciaddr.s_addr)
+		printf(" C:%s", ipaddr_string(&bp->bp_ciaddr));
+
+	/* 'your' ip address (bootp client) */
+	TCHECK(bp->bp_yiaddr);
+	if (bp->bp_yiaddr.s_addr)
+		printf(" Y:%s", ipaddr_string(&bp->bp_yiaddr));
+
+	/* Server's ip address */
+	TCHECK(bp->bp_siaddr);
+	if (bp->bp_siaddr.s_addr)
+		printf(" S:%s", ipaddr_string(&bp->bp_siaddr));
+
+	/* Gateway's ip address */
+	TCHECK(bp->bp_giaddr);
+	if (bp->bp_giaddr.s_addr)
+		printf(" G:%s", ipaddr_string(&bp->bp_giaddr));
+
+	/* Client's Ethernet address */
+	if (bp->bp_htype == 1 && bp->bp_hlen == 6) {
+		register const struct ether_header *eh;
+		register const char *e;
+
+		TCHECK2(bp->bp_chaddr[0], 6);
+		eh = (struct ether_header *)packetp;
+		if (bp->bp_op == BOOTREQUEST)
+			e = (const char *)ESRC(eh);
+		else if (bp->bp_op == BOOTREPLY)
+			e = (const char *)EDST(eh);
+		else
+			e = 0;
+		if (e == 0 || memcmp((char *)bp->bp_chaddr, e, 6) != 0)
+			printf(" ether %s", etheraddr_string(bp->bp_chaddr));
+	}
+
+	TCHECK2(bp->bp_sname[0], 1);		/* check first char only */
+	if (*bp->bp_sname) {
+		printf(" sname \"");
+		if (fn_print(bp->bp_sname, snapend)) {
+			putchar('"');
+			fputs(tstr + 1, stdout);
+			return;
+		}
+	}
+	TCHECK2(bp->bp_sname[0], 1);		/* check first char only */
+	if (*bp->bp_file) {
+		printf(" file \"");
+		if (fn_print(bp->bp_file, snapend)) {
+			putchar('"');
+			fputs(tstr + 1, stdout);
+			return;
+		}
+	}
+
+	/* Decode the vendor buffer */
+	TCHECK(bp->bp_vend[0]);
+	length -= sizeof(*bp) - sizeof(bp->bp_vend);
+	if (memcmp((char *)bp->bp_vend, (char *)vm_rfc1048,
+		 sizeof(u_int32_t)) == 0)
+		rfc1048_print(bp->bp_vend, length);
+	else if (memcmp((char *)bp->bp_vend, (char *)vm_cmu,
+		      sizeof(u_int32_t)) == 0)
+		cmu_print(bp->bp_vend, length);
+	else {
+		u_int32_t ul;
+
+		memcpy((char *)&ul, (char *)bp->bp_vend, sizeof(ul));
+		if (ul != 0)
+			printf("vend-#0x%x", ul);
+	}
+
+	return;
+trunc:
+	fputs(tstr, stdout);
+}
+
+/* The first character specifies the format to print */
+static struct tok tag2str[] = {
+/* RFC1048 tags */
+	{ TAG_PAD,		" PAD" },
+	{ TAG_SUBNET_MASK,	"iSM" },	/* subnet mask (RFC950) */
+	{ TAG_TIME_OFFSET,	"lTZ" },	/* seconds from UTC */
+	{ TAG_GATEWAY,		"iDG" },	/* default gateway */
+	{ TAG_TIME_SERVER,	"iTS" },	/* time servers (RFC868) */
+	{ TAG_NAME_SERVER,	"iIEN" },	/* IEN name servers (IEN116) */
+	{ TAG_DOMAIN_SERVER,	"iNS" },	/* domain name (RFC1035) */
+	{ TAG_LOG_SERVER,	"iLOG" },	/* MIT log servers */
+	{ TAG_COOKIE_SERVER,	"iCS" },	/* cookie servers (RFC865) */
+	{ TAG_LPR_SERVER,	"iLPR" },	/* lpr server (RFC1179) */
+	{ TAG_IMPRESS_SERVER,	"iIM" },	/* impress servers (Imagen) */
+	{ TAG_RLP_SERVER,	"iRL" },	/* resource location (RFC887) */
+	{ TAG_HOSTNAME,		"aHN" },	/* ascii hostname */
+	{ TAG_BOOTSIZE,		"sBS" },	/* 512 byte blocks */
+	{ TAG_END,		" END" },
+/* RFC1497 tags */
+	{ TAG_DUMPPATH,		"aDP" },
+	{ TAG_DOMAINNAME,	"aDN" },
+	{ TAG_SWAP_SERVER,	"iSS" },
+	{ TAG_ROOTPATH,		"aRP" },
+	{ TAG_EXTPATH,		"aEP" },
+	{ 0,			NULL }
+};
+
+static void
+rfc1048_print(register const u_char *bp, register u_int length)
+{
+	register u_char tag;
+	register u_int len, size;
+	register const char *cp;
+	register char c;
+	int first;
+	u_int32_t ul;
+	u_short us;
+
+	printf(" vend-rfc1048");
+
+	/* Step over magic cookie */
+	bp += sizeof(int32_t);
+
+	/* Loop while we there is a tag left in the buffer */
+	while (bp + 1 < snapend) {
+		tag = *bp++;
+		if (tag == TAG_PAD)
+			continue;
+		if (tag == TAG_END)
+			return;
+		cp = tok2str(tag2str, "?T%d", tag);
+		c = *cp++;
+		printf(" %s:", cp);
+
+		/* Get the length; check for truncation */
+		if (bp + 1 >= snapend) {
+			fputs(tstr, stdout);
+			return;
+		}
+		len = *bp++;
+		if (bp + len >= snapend) {
+			fputs(tstr, stdout);
+			return;
+		}
+
+		/* Print data */
+		size = len;
+		if (c == '?') {
+			/* Base default formats for unknown tags on data size */
+			if (size & 1)
+				c = 'b';
+			else if (size & 2)
+				c = 's';
+			else
+				c = 'l';
+		}
+		first = 1;
+		switch (c) {
+
+		case 'a':
+			/* ascii strings */
+			putchar('"');
+			(void)fn_printn(bp, size, NULL);
+			putchar('"');
+			bp += size;
+			size = 0;
+			break;
+
+		case 'i':
+		case 'l':
+			/* ip addresses/32-bit words */
+			while (size >= sizeof(ul)) {
+				if (!first)
+					putchar(',');
+				memcpy((char *)&ul, (char *)bp, sizeof(ul));
+				if (c == 'i')
+					printf("%s", ipaddr_string(&ul));
+				else
+					printf("%u", ul);
+				bp += sizeof(ul);
+				size -= sizeof(ul);
+				first = 0;
+			}
+			break;
+
+		case 's':
+			/* shorts */
+			while (size >= sizeof(us)) {
+				if (!first)
+					putchar(',');
+				memcpy((char *)&us, (char *)bp, sizeof(us));
+				printf("%d", us);
+				bp += sizeof(us);
+				size -= sizeof(us);
+				first = 0;
+			}
+			break;
+
+		case 'b':
+		default:
+			/* Bytes */
+			while (size > 0) {
+				if (!first)
+					putchar('.');
+				printf("%d", *bp);
+				++bp;
+				--size;
+				first = 0;
+			}
+			break;
+		}
+		/* Data left over? */
+		if (size)
+			printf("[len %d]", len);
+	}
+}
+
+static void
+cmu_print(register const u_char *bp, register u_int length)
+{
+	register const struct cmu_vend *cmu;
+	char *fmt = " %s:%s";
+
+#define PRINTCMUADDR(m, s) { TCHECK(cmu->m); \
+    if (cmu->m.s_addr != 0) \
+	printf(fmt, s, ipaddr_string(&cmu->m.s_addr)); }
+
+	printf(" vend-cmu");
+	cmu = (struct cmu_vend *)bp;
+
+	/* Only print if there are unknown bits */
+	TCHECK(cmu->v_flags);
+	if ((cmu->v_flags & ~(VF_SMASK)) != 0)
+		printf(" F:0x%x", cmu->v_flags);
+	PRINTCMUADDR(v_dgate, "DG");
+	PRINTCMUADDR(v_smask, cmu->v_flags & VF_SMASK ? "SM" : "SM*");
+	PRINTCMUADDR(v_dns1, "NS1");
+	PRINTCMUADDR(v_dns2, "NS2");
+	PRINTCMUADDR(v_ins1, "IEN1");
+	PRINTCMUADDR(v_ins2, "IEN2");
+	PRINTCMUADDR(v_ts1, "TS1");
+	PRINTCMUADDR(v_ts2, "TS2");
+	return;
+
+trunc:
+	fputs(tstr, stdout);
+#undef PRINTCMUADDR
+}
diff --git a/contrib/tcpdump/print-decnet.c b/contrib/tcpdump/print-decnet.c
new file mode 100644
index 000000000000..fbc14ba35e11
--- /dev/null
+++ b/contrib/tcpdump/print-decnet.c
@@ -0,0 +1,775 @@
+/*
+ * Copyright (c) 1992, 1993, 1994, 1995, 1996
+ *	The Regents of the University of California.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that: (1) source code distributions
+ * retain the above copyright notice and this paragraph in its entirety, (2)
+ * distributions including binary code include the above copyright notice and
+ * this paragraph in its entirety in the documentation or other materials
+ * provided with the distribution, and (3) all advertising materials mentioning
+ * features or use of this software display the following acknowledgement:
+ * ``This product includes software developed by the University of California,
+ * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
+ * the University nor the names of its contributors may be used to endorse
+ * or promote products derived from this software without specific prior
+ * written permission.
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
+ */
+
+#ifndef lint
+static char rcsid[] =
+    "@(#) $Header: print-decnet.c,v 1.22 96/07/23 14:17:22 leres Exp $ (LBL)";
+#endif
+
+#include <sys/param.h>
+#include <sys/time.h>
+#include <sys/socket.h>
+
+#if __STDC__
+struct mbuf;
+struct rtentry;
+#endif
+#include <net/if.h>
+
+#ifdef	HAVE_LIBDNET
+#include <netdnet/dnetdb.h>
+#endif
+
+#include <ctype.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <unistd.h>
+
+#include "decnet.h"
+#include "extract.h"
+#include "interface.h"
+#include "addrtoname.h"
+
+/* Forwards */
+static void print_decnet_ctlmsg(const union routehdr *, u_int);
+static void print_t_info(int);
+static void print_l1_routes(const char *, u_int);
+static void print_l2_routes(const char *, u_int);
+static void print_i_info(int);
+static void print_elist(const char *, u_int);
+static void print_nsp(const u_char *, u_int);
+static void print_reason(int);
+#ifdef	PRINT_NSPDATA
+static void pdata(u_char *, int);
+#endif
+
+#ifdef	HAVE_LIBDNET
+extern char *dnet_htoa(struct dn_naddr *);
+#endif
+
+void
+decnet_print(register const u_char *ap, register u_int length,
+	     register u_int caplen)
+{
+	static union routehdr rhcopy;
+	register union routehdr *rhp = &rhcopy;
+	register int mflags;
+	int dst, src, hops;
+	u_int rhlen, nsplen, pktlen;
+	const u_char *nspp;
+
+	if (length < sizeof(struct shorthdr)) {
+		(void)printf("[|decnet]");
+		return;
+	}
+
+	pktlen = EXTRACT_LE_16BITS(ap);
+
+	rhlen = min(length, caplen);
+	rhlen = min(rhlen, sizeof(*rhp));
+	memcpy((char *)rhp, (char *)&(ap[sizeof(short)]), rhlen);
+
+	mflags = EXTRACT_LE_8BITS(rhp->rh_short.sh_flags);
+
+	if (mflags & RMF_PAD) {
+	    /* pad bytes of some sort in front of message */
+	    u_int padlen = mflags & RMF_PADMASK;
+	    if (vflag)
+		(void) printf("[pad:%d] ", padlen);
+	    ap += padlen;
+	    length -= padlen;
+	    caplen -= padlen;
+	    rhlen = min(length, caplen);
+	    rhlen = min(rhlen, sizeof(*rhp));
+	    memcpy((char *)rhp, (char *)&(ap[sizeof(short)]), rhlen);
+	    mflags = EXTRACT_LE_8BITS(rhp->rh_short.sh_flags);
+	}
+
+	if (mflags & RMF_FVER) {
+		(void) printf("future-version-decnet");
+		default_print(ap, length);
+		return;
+	}
+
+	/* is it a control message? */
+	if (mflags & RMF_CTLMSG) {
+		print_decnet_ctlmsg(rhp, min(length, caplen));
+		return;
+	}
+
+	switch (mflags & RMF_MASK) {
+	case RMF_LONG:
+	    dst =
+		EXTRACT_LE_16BITS(rhp->rh_long.lg_dst.dne_remote.dne_nodeaddr);
+	    src =
+		EXTRACT_LE_16BITS(rhp->rh_long.lg_src.dne_remote.dne_nodeaddr);
+	    hops = EXTRACT_LE_8BITS(rhp->rh_long.lg_visits);
+	    nspp = &(ap[sizeof(short) + sizeof(struct longhdr)]);
+	    nsplen = min((length - sizeof(struct longhdr)),
+			 (caplen - sizeof(struct longhdr)));
+	    break;
+	case RMF_SHORT:
+	    dst = EXTRACT_LE_16BITS(rhp->rh_short.sh_dst);
+	    src = EXTRACT_LE_16BITS(rhp->rh_short.sh_src);
+	    hops = (EXTRACT_LE_8BITS(rhp->rh_short.sh_visits) & VIS_MASK)+1;
+	    nspp = &(ap[sizeof(short) + sizeof(struct shorthdr)]);
+	    nsplen = min((length - sizeof(struct shorthdr)),
+			 (caplen - sizeof(struct shorthdr)));
+	    break;
+	default:
+	    (void) printf("unknown message flags under mask");
+	    default_print((u_char *)ap, length);
+	    return;
+	}
+
+	(void)printf("%s > %s %d ",
+			dnaddr_string(src), dnaddr_string(dst), pktlen);
+	if (vflag) {
+	    if (mflags & RMF_RQR)
+		(void)printf("RQR ");
+	    if (mflags & RMF_RTS)
+		(void)printf("RTS ");
+	    if (mflags & RMF_IE)
+		(void)printf("IE ");
+	    (void)printf("%d hops ", hops);
+	}
+
+	print_nsp(nspp, nsplen);
+}
+
+static void
+print_decnet_ctlmsg(register const union routehdr *rhp, u_int length)
+{
+	int mflags = EXTRACT_LE_8BITS(rhp->rh_short.sh_flags);
+	register union controlmsg *cmp = (union controlmsg *)rhp;
+	int src, dst, info, blksize, eco, ueco, hello, other, vers;
+	etheraddr srcea, rtea;
+	int priority;
+	char *rhpx = (char *)rhp;
+
+	switch (mflags & RMF_CTLMASK) {
+	case RMF_INIT:
+	    (void)printf("init ");
+	    src = EXTRACT_LE_16BITS(cmp->cm_init.in_src);
+	    info = EXTRACT_LE_8BITS(cmp->cm_init.in_info);
+	    blksize = EXTRACT_LE_16BITS(cmp->cm_init.in_blksize);
+	    vers = EXTRACT_LE_8BITS(cmp->cm_init.in_vers);
+	    eco = EXTRACT_LE_8BITS(cmp->cm_init.in_eco);
+	    ueco = EXTRACT_LE_8BITS(cmp->cm_init.in_ueco);
+	    hello = EXTRACT_LE_16BITS(cmp->cm_init.in_hello);
+	    print_t_info(info);
+	    (void)printf(
+		"src %sblksize %d vers %d eco %d ueco %d hello %d",
+			dnaddr_string(src), blksize, vers, eco, ueco,
+			hello);
+	    break;
+	case RMF_VER:
+	    (void)printf("verification ");
+	    src = EXTRACT_LE_16BITS(cmp->cm_ver.ve_src);
+	    other = EXTRACT_LE_8BITS(cmp->cm_ver.ve_fcnval);
+	    (void)printf("src %s fcnval %o", dnaddr_string(src), other);
+	    break;
+	case RMF_TEST:
+	    (void)printf("test ");
+	    src = EXTRACT_LE_16BITS(cmp->cm_test.te_src);
+	    other = EXTRACT_LE_8BITS(cmp->cm_test.te_data);
+	    (void)printf("src %s data %o", dnaddr_string(src), other);
+	    break;
+	case RMF_L1ROUT:
+	    (void)printf("lev-1-routing ");
+	    src = EXTRACT_LE_16BITS(cmp->cm_l1rou.r1_src);
+	    (void)printf("src %s ", dnaddr_string(src));
+	    print_l1_routes(&(rhpx[sizeof(struct l1rout)]),
+				length - sizeof(struct l1rout));
+	    break;
+	case RMF_L2ROUT:
+	    (void)printf("lev-2-routing ");
+	    src = EXTRACT_LE_16BITS(cmp->cm_l2rout.r2_src);
+	    (void)printf("src %s ", dnaddr_string(src));
+	    print_l2_routes(&(rhpx[sizeof(struct l2rout)]),
+				length - sizeof(struct l2rout));
+	    break;
+	case RMF_RHELLO:
+	    (void)printf("router-hello ");
+	    vers = EXTRACT_LE_8BITS(cmp->cm_rhello.rh_vers);
+	    eco = EXTRACT_LE_8BITS(cmp->cm_rhello.rh_eco);
+	    ueco = EXTRACT_LE_8BITS(cmp->cm_rhello.rh_ueco);
+	    memcpy((char *)&srcea, (char *)&(cmp->cm_rhello.rh_src),
+		sizeof(srcea));
+	    src = EXTRACT_LE_16BITS(srcea.dne_remote.dne_nodeaddr);
+	    info = EXTRACT_LE_8BITS(cmp->cm_rhello.rh_info);
+	    blksize = EXTRACT_LE_16BITS(cmp->cm_rhello.rh_blksize);
+	    priority = EXTRACT_LE_8BITS(cmp->cm_rhello.rh_priority);
+	    hello = EXTRACT_LE_16BITS(cmp->cm_rhello.rh_hello);
+	    print_i_info(info);
+	    (void)printf(
+	    "vers %d eco %d ueco %d src %s blksize %d pri %d hello %d",
+			vers, eco, ueco, dnaddr_string(src),
+			blksize, priority, hello);
+	    print_elist(&(rhpx[sizeof(struct rhellomsg)]),
+				length - sizeof(struct rhellomsg));
+	    break;
+	case RMF_EHELLO:
+	    (void)printf("endnode-hello ");
+	    vers = EXTRACT_LE_8BITS(cmp->cm_ehello.eh_vers);
+	    eco = EXTRACT_LE_8BITS(cmp->cm_ehello.eh_eco);
+	    ueco = EXTRACT_LE_8BITS(cmp->cm_ehello.eh_ueco);
+	    memcpy((char *)&srcea, (char *)&(cmp->cm_ehello.eh_src),
+		sizeof(srcea));
+	    src = EXTRACT_LE_16BITS(srcea.dne_remote.dne_nodeaddr);
+	    info = EXTRACT_LE_8BITS(cmp->cm_ehello.eh_info);
+	    blksize = EXTRACT_LE_16BITS(cmp->cm_ehello.eh_blksize);
+	    /*seed*/
+	    memcpy((char *)&rtea, (char *)&(cmp->cm_ehello.eh_router),
+		sizeof(rtea));
+	    dst = EXTRACT_LE_16BITS(rtea.dne_remote.dne_nodeaddr);
+	    hello = EXTRACT_LE_16BITS(cmp->cm_ehello.eh_hello);
+	    other = EXTRACT_LE_8BITS(cmp->cm_ehello.eh_data);
+	    print_i_info(info);
+	    (void)printf(
+	"vers %d eco %d ueco %d src %s blksize %d rtr %s hello %d data %o",
+			vers, eco, ueco, dnaddr_string(src),
+			blksize, dnaddr_string(dst), hello, other);
+	    break;
+
+	default:
+	    (void)printf("unknown control message");
+	    default_print((u_char *)rhp, length);
+	    break;
+	}
+}
+
+static void
+print_t_info(int info)
+{
+	int ntype = info & 3;
+	switch (ntype) {
+	case 0: (void)printf("reserved-ntype? "); break;
+	case TI_L2ROUT: (void)printf("l2rout "); break;
+	case TI_L1ROUT: (void)printf("l1rout "); break;
+	case TI_ENDNODE: (void)printf("endnode "); break;
+	}
+	if (info & TI_VERIF)
+	    (void)printf("verif ");
+	if (info & TI_BLOCK)
+	    (void)printf("blo ");
+}
+
+static void
+print_l1_routes(const char *rp, u_int len)
+{
+	int count;
+	int id;
+	int info;
+
+	/* The last short is a checksum */
+	while (len > (3 * sizeof(short))) {
+	    count = EXTRACT_LE_16BITS(rp);
+	    if (count > 1024)
+		return;	/* seems to be bogus from here on */
+	    rp += sizeof(short);
+	    len -= sizeof(short);
+	    id = EXTRACT_LE_16BITS(rp);
+	    rp += sizeof(short);
+	    len -= sizeof(short);
+	    info = EXTRACT_LE_16BITS(rp);
+	    rp += sizeof(short);
+	    len -= sizeof(short);
+	    (void)printf("{ids %d-%d cost %d hops %d} ", id, id + count,
+			    RI_COST(info), RI_HOPS(info));
+	}
+}
+
+static void
+print_l2_routes(const char *rp, u_int len)
+{
+	int count;
+	int area;
+	int info;
+
+	/* The last short is a checksum */
+	while (len > (3 * sizeof(short))) {
+	    count = EXTRACT_LE_16BITS(rp);
+	    if (count > 1024)
+		return;	/* seems to be bogus from here on */
+	    rp += sizeof(short);
+	    len -= sizeof(short);
+	    area = EXTRACT_LE_16BITS(rp);
+	    rp += sizeof(short);
+	    len -= sizeof(short);
+	    info = EXTRACT_LE_16BITS(rp);
+	    rp += sizeof(short);
+	    len -= sizeof(short);
+	    (void)printf("{areas %d-%d cost %d hops %d} ", area, area + count,
+			    RI_COST(info), RI_HOPS(info));
+	}
+}
+
+static void
+print_i_info(int info)
+{
+	int ntype = info & II_TYPEMASK;
+	switch (ntype) {
+	case 0: (void)printf("reserved-ntype? "); break;
+	case II_L2ROUT: (void)printf("l2rout "); break;
+	case II_L1ROUT: (void)printf("l1rout "); break;
+	case II_ENDNODE: (void)printf("endnode "); break;
+	}
+	if (info & II_VERIF)
+	    (void)printf("verif ");
+	if (info & II_NOMCAST)
+	    (void)printf("nomcast ");
+	if (info & II_BLOCK)
+	    (void)printf("blo ");
+}
+
+static void
+print_elist(const char *elp, u_int len)
+{
+	/* Not enough examples available for me to debug this */
+}
+
+static void
+print_nsp(const u_char *nspp, u_int nsplen)
+{
+	const struct nsphdr *nsphp = (struct nsphdr *)nspp;
+	int dst, src, flags;
+
+	flags = EXTRACT_LE_8BITS(nsphp->nh_flags);
+	dst = EXTRACT_LE_16BITS(nsphp->nh_dst);
+	src = EXTRACT_LE_16BITS(nsphp->nh_src);
+
+	switch (flags & NSP_TYPEMASK) {
+	case MFT_DATA:
+	    switch (flags & NSP_SUBMASK) {
+	    case MFS_BOM:
+	    case MFS_MOM:
+	    case MFS_EOM:
+	    case MFS_BOM+MFS_EOM:
+		printf("data %d>%d ", src, dst);
+		{
+		    struct seghdr *shp = (struct seghdr *)nspp;
+		    int ack;
+#ifdef	PRINT_NSPDATA
+		    u_char *dp;
+#endif
+		    u_int data_off = sizeof(struct minseghdr);
+
+		    ack = EXTRACT_LE_16BITS(shp->sh_seq[0]);
+		    if (ack & SGQ_ACK) {	/* acknum field */
+			if ((ack & SGQ_NAK) == SGQ_NAK)
+			    (void)printf("nak %d ", ack & SGQ_MASK);
+			else
+			    (void)printf("ack %d ", ack & SGQ_MASK);
+		        ack = EXTRACT_LE_16BITS(shp->sh_seq[1]);
+			data_off += sizeof(short);
+			if (ack & SGQ_OACK) {	/* ackoth field */
+			    if ((ack & SGQ_ONAK) == SGQ_ONAK)
+				(void)printf("onak %d ", ack & SGQ_MASK);
+			    else
+				(void)printf("oack %d ", ack & SGQ_MASK);
+			    ack = EXTRACT_LE_16BITS(shp->sh_seq[2]);
+			    data_off += sizeof(short);
+			}
+		    }
+		    (void)printf("seg %d ", ack & SGQ_MASK);
+#ifdef	PRINT_NSPDATA
+		    dp = &(nspp[data_off]);
+		    pdata(dp, 10);
+#endif
+		}
+		break;
+	    case MFS_ILS+MFS_INT:
+		printf("intr ");
+		{
+		    struct seghdr *shp = (struct seghdr *)nspp;
+		    int ack;
+#ifdef	PRINT_NSPDATA
+		    u_char *dp;
+#endif
+		    u_int data_off = sizeof(struct minseghdr);
+
+		    ack = EXTRACT_LE_16BITS(shp->sh_seq[0]);
+		    if (ack & SGQ_ACK) {	/* acknum field */
+			if ((ack & SGQ_NAK) == SGQ_NAK)
+			    (void)printf("nak %d ", ack & SGQ_MASK);
+			else
+			    (void)printf("ack %d ", ack & SGQ_MASK);
+		        ack = EXTRACT_LE_16BITS(shp->sh_seq[1]);
+			data_off += sizeof(short);
+			if (ack & SGQ_OACK) {	/* ackdat field */
+			    if ((ack & SGQ_ONAK) == SGQ_ONAK)
+				(void)printf("nakdat %d ", ack & SGQ_MASK);
+			    else
+				(void)printf("ackdat %d ", ack & SGQ_MASK);
+			    ack = EXTRACT_LE_16BITS(shp->sh_seq[2]);
+			    data_off += sizeof(short);
+			}
+		    }
+		    (void)printf("seg %d ", ack & SGQ_MASK);
+#ifdef	PRINT_NSPDATA
+		    dp = &(nspp[data_off]);
+		    pdata(dp, 10);
+#endif
+		}
+		break;
+	    case MFS_ILS:
+		(void)printf("link-service %d>%d ", src, dst);
+		{
+		    struct seghdr *shp = (struct seghdr *)nspp;
+		    struct lsmsg *lsmp =
+			(struct lsmsg *)&(nspp[sizeof(struct seghdr)]);
+		    int ack;
+		    int lsflags, fcval;
+
+		    ack = EXTRACT_LE_16BITS(shp->sh_seq[0]);
+		    if (ack & SGQ_ACK) {	/* acknum field */
+			if ((ack & SGQ_NAK) == SGQ_NAK)
+			    (void)printf("nak %d ", ack & SGQ_MASK);
+			else
+			    (void)printf("ack %d ", ack & SGQ_MASK);
+		        ack = EXTRACT_LE_16BITS(shp->sh_seq[1]);
+			if (ack & SGQ_OACK) {	/* ackdat field */
+			    if ((ack & SGQ_ONAK) == SGQ_ONAK)
+				(void)printf("nakdat %d ", ack & SGQ_MASK);
+			    else
+				(void)printf("ackdat %d ", ack & SGQ_MASK);
+			    ack = EXTRACT_LE_16BITS(shp->sh_seq[2]);
+			}
+		    }
+		    (void)printf("seg %d ", ack & SGQ_MASK);
+		    lsflags = EXTRACT_LE_8BITS(lsmp->ls_lsflags);
+		    fcval = EXTRACT_LE_8BITS(lsmp->ls_fcval);
+		    switch (lsflags & LSI_MASK) {
+		    case LSI_DATA:
+			(void)printf("dat seg count %d ", fcval);
+			switch (lsflags & LSM_MASK) {
+			case LSM_NOCHANGE:
+			    break;
+			case LSM_DONOTSEND:
+			    (void)printf("donotsend-data ");
+			    break;
+			case LSM_SEND:
+			    (void)printf("send-data ");
+			    break;
+			default:
+			    (void)printf("reserved-fcmod? %x", lsflags);
+			    break;
+			}
+			break;
+		    case LSI_INTR:
+			(void)printf("intr req count %d ", fcval);
+			break;
+		    default:
+			(void)printf("reserved-fcval-int? %x", lsflags);
+			break;
+		    }
+		}
+		break;
+	    default:
+		(void)printf("reserved-subtype? %x %d > %d", flags, src, dst);
+		break;
+	    }
+	    break;
+	case MFT_ACK:
+	    switch (flags & NSP_SUBMASK) {
+	    case MFS_DACK:
+		(void)printf("data-ack %d>%d ", src, dst);
+		{
+		    struct ackmsg *amp = (struct ackmsg *)nspp;
+		    int ack;
+
+		    ack = EXTRACT_LE_16BITS(amp->ak_acknum[0]);
+		    if (ack & SGQ_ACK) {	/* acknum field */
+			if ((ack & SGQ_NAK) == SGQ_NAK)
+			    (void)printf("nak %d ", ack & SGQ_MASK);
+			else
+			    (void)printf("ack %d ", ack & SGQ_MASK);
+		        ack = EXTRACT_LE_16BITS(amp->ak_acknum[1]);
+			if (ack & SGQ_OACK) {	/* ackoth field */
+			    if ((ack & SGQ_ONAK) == SGQ_ONAK)
+				(void)printf("onak %d ", ack & SGQ_MASK);
+			    else
+				(void)printf("oack %d ", ack & SGQ_MASK);
+			}
+		    }
+		}
+		break;
+	    case MFS_IACK:
+		(void)printf("ils-ack %d>%d ", src, dst);
+		{
+		    struct ackmsg *amp = (struct ackmsg *)nspp;
+		    int ack;
+
+		    ack = EXTRACT_LE_16BITS(amp->ak_acknum[0]);
+		    if (ack & SGQ_ACK) {	/* acknum field */
+			if ((ack & SGQ_NAK) == SGQ_NAK)
+			    (void)printf("nak %d ", ack & SGQ_MASK);
+			else
+			    (void)printf("ack %d ", ack & SGQ_MASK);
+		        ack = EXTRACT_LE_16BITS(amp->ak_acknum[1]);
+			if (ack & SGQ_OACK) {	/* ackdat field */
+			    if ((ack & SGQ_ONAK) == SGQ_ONAK)
+				(void)printf("nakdat %d ", ack & SGQ_MASK);
+			    else
+				(void)printf("ackdat %d ", ack & SGQ_MASK);
+			}
+		    }
+		}
+		break;
+	    case MFS_CACK:
+		(void)printf("conn-ack %d", dst);
+		break;
+	    default:
+		(void)printf("reserved-acktype? %x %d > %d", flags, src, dst);
+		break;
+	    }
+	    break;
+	case MFT_CTL:
+	    switch (flags & NSP_SUBMASK) {
+	    case MFS_CI:
+	    case MFS_RCI:
+		if ((flags & NSP_SUBMASK) == MFS_CI)
+		    (void)printf("conn-initiate ");
+		else
+		    (void)printf("retrans-conn-initiate ");
+		(void)printf("%d>%d ", src, dst);
+		{
+		    struct cimsg *cimp = (struct cimsg *)nspp;
+		    int services, info, segsize;
+#ifdef	PRINT_NSPDATA
+		    u_char *dp;
+#endif
+
+		    services = EXTRACT_LE_8BITS(cimp->ci_services);
+		    info = EXTRACT_LE_8BITS(cimp->ci_info);
+		    segsize = EXTRACT_LE_16BITS(cimp->ci_segsize);
+
+		    switch (services & COS_MASK) {
+		    case COS_NONE:
+			break;
+		    case COS_SEGMENT:
+			(void)printf("seg ");
+			break;
+		    case COS_MESSAGE:
+			(void)printf("msg ");
+			break;
+		    case COS_CRYPTSER:
+			(void)printf("crypt ");
+			break;
+		    }
+		    switch (info & COI_MASK) {
+		    case COI_32:
+			(void)printf("ver 3.2 ");
+			break;
+		    case COI_31:
+			(void)printf("ver 3.1 ");
+			break;
+		    case COI_40:
+			(void)printf("ver 4.0 ");
+			break;
+		    case COI_41:
+			(void)printf("ver 4.1 ");
+			break;
+		    }
+		    (void)printf("segsize %d ", segsize);
+#ifdef	PRINT_NSPDATA
+		    dp = &(nspp[sizeof(struct cimsg)]);
+		    pdata(dp, nsplen - sizeof(struct cimsg));
+#endif
+		}
+		break;
+	    case MFS_CC:
+		(void)printf("conn-confirm %d>%d ", src, dst);
+		{
+		    struct ccmsg *ccmp = (struct ccmsg *)nspp;
+		    int services, info;
+		    u_int segsize, optlen;
+#ifdef	PRINT_NSPDATA
+		    u_char *dp;
+#endif
+
+		    services = EXTRACT_LE_8BITS(ccmp->cc_services);
+		    info = EXTRACT_LE_8BITS(ccmp->cc_info);
+		    segsize = EXTRACT_LE_16BITS(ccmp->cc_segsize);
+		    optlen = EXTRACT_LE_8BITS(ccmp->cc_optlen);
+
+		    switch (services & COS_MASK) {
+		    case COS_NONE:
+			break;
+		    case COS_SEGMENT:
+			(void)printf("seg ");
+			break;
+		    case COS_MESSAGE:
+			(void)printf("msg ");
+			break;
+		    case COS_CRYPTSER:
+			(void)printf("crypt ");
+			break;
+		    }
+		    switch (info & COI_MASK) {
+		    case COI_32:
+			(void)printf("ver 3.2 ");
+			break;
+		    case COI_31:
+			(void)printf("ver 3.1 ");
+			break;
+		    case COI_40:
+			(void)printf("ver 4.0 ");
+			break;
+		    case COI_41:
+			(void)printf("ver 4.1 ");
+			break;
+		    }
+		    (void)printf("segsize %d ", segsize);
+		    if (optlen) {
+			(void)printf("optlen %d ", optlen);
+#ifdef	PRINT_NSPDATA
+			optlen = min(optlen, nsplen - sizeof(struct ccmsg));
+			dp = &(nspp[sizeof(struct ccmsg)]);
+			pdata(dp, optlen);
+#endif
+		    }
+		}
+		break;
+	    case MFS_DI:
+		(void)printf("disconn-initiate %d>%d ", src, dst);
+		{
+		    struct dimsg *dimp = (struct dimsg *)nspp;
+		    int reason;
+		    u_int optlen;
+#ifdef	PRINT_NSPDATA
+		    u_char *dp;
+#endif
+
+		    reason = EXTRACT_LE_16BITS(dimp->di_reason);
+		    optlen = EXTRACT_LE_8BITS(dimp->di_optlen);
+
+		    print_reason(reason);
+		    if (optlen) {
+			(void)printf("optlen %d ", optlen);
+#ifdef	PRINT_NSPDATA
+			optlen = min(optlen, nsplen - sizeof(struct dimsg));
+			dp = &(nspp[sizeof(struct dimsg)]);
+			pdata(dp, optlen);
+#endif
+		    }
+		}
+		break;
+	    case MFS_DC:
+		(void)printf("disconn-confirm %d>%d ", src, dst);
+		{
+		    struct dcmsg *dcmp = (struct dcmsg *)nspp;
+		    int reason;
+
+		    reason = EXTRACT_LE_16BITS(dcmp->dc_reason);
+
+		    print_reason(reason);
+		}
+		break;
+	    default:
+		(void)printf("reserved-ctltype? %x %d > %d", flags, src, dst);
+		break;
+	    }
+	    break;
+	default:
+	    (void)printf("reserved-type? %x %d > %d", flags, src, dst);
+	    break;
+	}
+}
+
+static struct tok reason2str[] = {
+	{ UC_OBJREJECT,		"object rejected connect" },
+	{ UC_RESOURCES,		"insufficient resources" },
+	{ UC_NOSUCHNODE,	"unrecognized node name" },
+	{ DI_SHUT,		"node is shutting down" },
+	{ UC_NOSUCHOBJ,		"unrecognized object" },
+	{ UC_INVOBJFORMAT,	"invalid object name format" },
+	{ UC_OBJTOOBUSY,	"object too busy" },
+	{ DI_PROTOCOL,		"protocol error discovered" },
+	{ DI_TPA,		"third party abort" },
+	{ UC_USERABORT,		"user abort" },
+	{ UC_INVNODEFORMAT,	"invalid node name format" },
+	{ UC_LOCALSHUT,		"local node shutting down" },
+	{ DI_LOCALRESRC,	"insufficient local resources" },
+	{ DI_REMUSERRESRC,	"insufficient remote user resources" },
+	{ UC_ACCESSREJECT,	"invalid access control information" },
+	{ DI_BADACCNT,		"bad ACCOUNT information" },
+	{ UC_NORESPONSE,	"no response from object" },
+	{ UC_UNREACHABLE,	"node unreachable" },
+	{ DC_NOLINK,		"no link terminate" },
+	{ DC_COMPLETE,		"disconnect complete" },
+	{ DI_BADIMAGE,		"bad image data in connect" },
+	{ DI_SERVMISMATCH,	"cryptographic service mismatch" },
+	{ 0,			NULL }
+};
+
+static void
+print_reason(register int reason)
+{
+	printf("%s ", tok2str(reason2str, "reason-%d", reason));
+}
+
+char *
+dnnum_string(u_short dnaddr)
+{
+	char *str;
+	int area = (dnaddr & AREAMASK) >> AREASHIFT;
+	int node = dnaddr & NODEMASK;
+
+	str = (char *)malloc(sizeof("00.0000"));
+	if (str == NULL)
+		error("dnnum_string: malloc");
+	sprintf(str, "%d.%d", area, node);
+	return(str);
+}
+
+char *
+dnname_string(u_short dnaddr)
+{
+#ifdef	HAVE_LIBDNET
+	struct dn_naddr dna;
+
+	dna.a_len = sizeof(short);
+	memcpy((char *)dna.a_addr, (char *)&dnaddr, sizeof(short));
+	return (savestr(dnet_htoa(&dna)));
+#else
+	return(dnnum_string(dnaddr));	/* punt */
+#endif
+}
+
+#ifdef	PRINT_NSPDATA
+static void
+pdata(u_char *dp, u_int maxlen)
+{
+	char c;
+	u_int x = maxlen;
+
+	while (x-- > 0) {
+	    c = *dp++;
+	    if (isprint(c))
+		putchar(c);
+	    else
+		printf("\\%o", c & 0xFF);
+	}
+}
+#endif
diff --git a/contrib/tcpdump/print-domain.c b/contrib/tcpdump/print-domain.c
new file mode 100644
index 000000000000..cbeae4ba1b20
--- /dev/null
+++ b/contrib/tcpdump/print-domain.c
@@ -0,0 +1,400 @@
+/*
+ * Copyright (c) 1988, 1989, 1990, 1991, 1992, 1993, 1994, 1995, 1996
+ *	The Regents of the University of California.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that: (1) source code distributions
+ * retain the above copyright notice and this paragraph in its entirety, (2)
+ * distributions including binary code include the above copyright notice and
+ * this paragraph in its entirety in the documentation or other materials
+ * provided with the distribution, and (3) all advertising materials mentioning
+ * features or use of this software display the following acknowledgement:
+ * ``This product includes software developed by the University of California,
+ * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
+ * the University nor the names of its contributors may be used to endorse
+ * or promote products derived from this software without specific prior
+ * written permission.
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
+ */
+
+#ifndef lint
+static char rcsid[] =
+    "@(#) $Header: print-domain.c,v 1.35 96/07/23 14:17:22 leres Exp $ (LBL)";
+#endif
+
+#include <sys/param.h>
+#include <sys/time.h>
+#include <sys/socket.h>
+
+#if __STDC__
+struct mbuf;
+struct rtentry;
+#endif
+#include <net/if.h>
+
+#include <netinet/in.h>
+#include <netinet/if_ether.h>
+#include <netinet/in_systm.h>
+#include <netinet/ip.h>
+#include <netinet/ip_var.h>
+#include <netinet/udp.h>
+#include <netinet/udp_var.h>
+#include <netinet/tcp.h>
+#include <netinet/tcpip.h>
+
+#undef NOERROR					/* Solaris sucks */
+#undef T_UNSPEC					/* SINIX does too */
+#include <arpa/nameser.h>
+
+#include <stdio.h>
+
+#include "interface.h"
+#include "addrtoname.h"
+#include "extract.h"                    /* must come after interface.h */
+
+/* Compatibility */
+#ifndef T_TXT
+#define T_TXT		16		/* text strings */
+#endif
+#ifndef T_RP
+#define T_RP		17		/* responsible person */
+#endif
+#ifndef T_AFSDB
+#define T_AFSDB		18		/* AFS cell database */
+#endif
+#ifndef T_X25
+#define T_X25		19		/* X_25 calling address */
+#endif
+#ifndef T_ISDN
+#define T_ISDN		20		/* ISDN calling address */
+#endif
+#ifndef T_RT
+#define T_RT		21		/* router */
+#endif
+#ifndef T_NSAP
+#define T_NSAP		22		/* NSAP address */
+#endif
+#ifndef T_NSAP_PTR
+#define T_NSAP_PTR	23		/* reverse NSAP lookup (deprecated) */
+#endif
+#ifndef T_SIG
+#define T_SIG		24		/* security signature */
+#endif
+#ifndef T_KEY
+#define T_KEY		25		/* security key */
+#endif
+#ifndef T_PX
+#define T_PX		26		/* X.400 mail mapping */
+#endif
+#ifndef T_GPOS
+#define T_GPOS		27		/* geographical position (withdrawn) */
+#endif
+#ifndef T_AAAA
+#define T_AAAA		28		/* IP6 Address */
+#endif
+#ifndef T_LOC
+#define T_LOC		29		/* Location Information */
+#endif
+
+#ifndef T_UNSPEC
+#define T_UNSPEC	103		/* Unspecified format (binary data) */
+#endif
+#ifndef T_UNSPECA
+#define T_UNSPECA	104		/* "unspecified ascii". Ugly MIT hack */
+#endif
+
+#ifndef C_CHAOS
+#define C_CHAOS		3		/* for chaos net (MIT) */
+#endif
+#ifndef C_HS
+#define C_HS		4		/* for Hesiod name server (MIT) (XXX) */
+#endif
+
+static char *ns_ops[] = {
+	"", " inv_q", " stat", " op3", " notify", " op5", " op6", " op7",
+	" op8", " updataA", " updateD", " updateDA",
+	" updateM", " updateMA", " zoneInit", " zoneRef",
+};
+
+static char *ns_resp[] = {
+	"", " FormErr", " ServFail", " NXDomain",
+	" NotImp", " Refused", " Resp6", " Resp7",
+	" Resp8", " Resp9", " Resp10", " Resp11",
+	" Resp12", " Resp13", " Resp14", " NoChange",
+};
+
+/* skip over a domain name */
+static const u_char *
+ns_nskip(register const u_char *cp, register const u_char *bp)
+{
+	register u_char i;
+
+	if (((i = *cp++) & INDIR_MASK) == INDIR_MASK)
+		return (cp + 1);
+	while (i && cp < snapend) {
+		cp += i;
+		i = *cp++;
+	}
+	return (cp);
+}
+
+/* print a <domain-name> */
+static const u_char *
+ns_nprint(register const u_char *cp, register const u_char *bp)
+{
+	register u_int i;
+	register const u_char *rp;
+	register int compress;
+
+	i = *cp++;
+	rp = cp + i;
+	if ((i & INDIR_MASK) == INDIR_MASK) {
+		rp = cp + 1;
+		compress = 1;
+	} else
+		compress = 0;
+	if (i != 0)
+		while (i && cp < snapend) {
+			if ((i & INDIR_MASK) == INDIR_MASK) {
+				cp = bp + (((i << 8) | *cp) & 0x3fff);
+				i = *cp++;
+				continue;
+			}
+			if (fn_printn(cp, i, snapend))
+				break;
+			cp += i;
+			putchar('.');
+			i = *cp++;
+			if (!compress)
+				rp += i + 1;
+		}
+	else
+		putchar('.');
+	return (rp);
+}
+
+/* print a <character-string> */
+static const u_char *
+ns_cprint(register const u_char *cp, register const u_char *bp)
+{
+	register u_int i;
+
+	i = *cp++;
+	(void)fn_printn(cp, i, snapend);
+	return (cp + i);
+}
+
+static struct tok type2str[] = {
+	{ T_A,		"A" },
+	{ T_NS,		"NS" },
+	{ T_MD,		"MD" },
+	{ T_MF,		"MF" },
+	{ T_CNAME,	"CNAME" },
+	{ T_SOA,	"SOA" },
+	{ T_MB,		"MB" },
+	{ T_MG,		"MG" },
+	{ T_MR,		"MR" },
+	{ T_NULL,	"NULL" },
+	{ T_WKS,	"WKS" },
+	{ T_PTR,	"PTR" },
+	{ T_HINFO,	"HINFO" },
+	{ T_MINFO,	"MINFO" },
+	{ T_MX,		"MX" },
+	{ T_TXT,	"TXT" },
+	{ T_RP,		"RP" },
+	{ T_AFSDB,	"AFSDB" },
+	{ T_X25,	"X25" },
+	{ T_ISDN,	"ISDN" },
+	{ T_RT,		"RT" },
+	{ T_NSAP,	"NSAP" },
+	{ T_NSAP_PTR,	"NSAP_PTR" },
+	{ T_SIG,	"SIG" },
+	{ T_KEY,	"KEY" },
+	{ T_PX,		"PX" },
+	{ T_GPOS,	"GPOS" },
+	{ T_AAAA,	"AAAA" },
+	{ T_LOC ,	"LOC " },
+	{ T_UINFO,	"UINFO" },
+	{ T_UID,	"UID" },
+	{ T_GID,	"GID" },
+	{ T_UNSPEC,	"UNSPEC" },
+	{ T_UNSPECA,	"UNSPECA" },
+	{ T_AXFR,	"AXFR" },
+	{ T_MAILB,	"MAILB" },
+	{ T_MAILA,	"MAILA" },
+	{ T_ANY,	"ANY" },
+	{ 0,		NULL }
+};
+
+static struct tok class2str[] = {
+	{ C_IN,		"IN" },		/* Not used */
+	{ C_CHAOS,	"CHAOS)" },
+	{ C_HS,		"HS" },
+	{ C_ANY,	"ANY" },
+	{ 0,		NULL }
+};
+
+/* print a query */
+static void
+ns_qprint(register const u_char *cp, register const u_char *bp)
+{
+	register const u_char *np = cp;
+	register u_int i;
+
+	cp = ns_nskip(cp, bp);
+
+	if (cp + 4 > snapend)
+		return;
+
+	/* print the qtype and qclass (if it's not IN) */
+	i = *cp++ << 8;
+	i |= *cp++;
+	printf(" %s", tok2str(type2str, "Type%d", i));
+	i = *cp++ << 8;
+	i |= *cp++;
+	if (i != C_IN)
+		printf(" %s", tok2str(class2str, "(Class %d)", i));
+
+	fputs("? ", stdout);
+	ns_nprint(np, bp);
+}
+
+/* print a reply */
+static const u_char *
+ns_rprint(register const u_char *cp, register const u_char *bp)
+{
+	register u_int i;
+	register u_short typ, len;
+	register const u_char *rp;
+
+	if (vflag) {
+		putchar(' ');
+		cp = ns_nprint(cp, bp);
+	} else
+		cp = ns_nskip(cp, bp);
+
+	if (cp + 10 > snapend)
+		return (snapend);
+
+	/* print the type/qtype and class (if it's not IN) */
+	typ = *cp++ << 8;
+	typ |= *cp++;
+	i = *cp++ << 8;
+	i |= *cp++;
+	if (i != C_IN)
+		printf(" %s", tok2str(class2str, "(Class %d)", i));
+
+	/* ignore ttl */
+	cp += 4;
+
+	len = *cp++ << 8;
+	len |= *cp++;
+
+	rp = cp + len;
+
+	printf(" %s", tok2str(type2str, "Type%d", typ));
+	switch (typ) {
+
+	case T_A:
+		printf(" %s", ipaddr_string(cp));
+		break;
+
+	case T_NS:
+	case T_CNAME:
+	case T_PTR:
+		putchar(' ');
+		(void)ns_nprint(cp, bp);
+		break;
+
+	case T_MX:
+		putchar(' ');
+		(void)ns_nprint(cp + 2, bp);
+		printf(" %d", EXTRACT_16BITS(cp));
+		break;
+
+	case T_TXT:
+		putchar(' ');
+		(void)ns_cprint(cp, bp);
+		break;
+
+	case T_UNSPECA:		/* One long string */
+	        printf(" %.*s", len, cp);
+		break;
+	}
+	return (rp);		/* XXX This isn't always right*/
+}
+
+void
+ns_print(register const u_char *bp, u_int length)
+{
+	register const HEADER *np;
+	register int qdcount, ancount, nscount, arcount;
+	register const u_char *cp;
+
+	np = (const HEADER *)bp;
+	/* get the byte-order right */
+	qdcount = ntohs(np->qdcount);
+	ancount = ntohs(np->ancount);
+	nscount = ntohs(np->nscount);
+	arcount = ntohs(np->arcount);
+
+	if (np->qr) {
+		/* this is a response */
+		printf(" %d%s%s%s%s%s",
+			ntohs(np->id),
+			ns_ops[np->opcode],
+			ns_resp[np->rcode],
+			np->aa? "*" : "",
+			np->ra? "" : "-",
+			np->tc? "|" : "");
+		if (qdcount != 1)
+			printf(" [%dq]", qdcount);
+		/* Print QUESTION section on -vv */
+		if (vflag > 1) {
+		            fputs(" q: ", stdout);
+			    cp = ns_nprint((const u_char *)(np + 1), bp);
+		} else
+			    cp = ns_nskip((const u_char *)(np + 1), bp);
+		printf(" %d/%d/%d", ancount, nscount, arcount);
+		if (ancount--) {
+			cp = ns_rprint(cp + 4, bp);
+			while (ancount-- && cp < snapend) {
+				putchar(',');
+				cp = ns_rprint(cp, bp);
+			}
+		}
+	}
+	else {
+		/* this is a request */
+		printf(" %d%s%s",
+		        ntohs(np->id),
+			ns_ops[np->opcode],
+			np->rd? "+" : "");
+
+		/* any weirdness? */
+		if (*(((u_short *)np)+1) & htons(0x6ff))
+			printf(" [b2&3=0x%x]", ntohs(*(((u_short *)np)+1)));
+
+		if (np->opcode == IQUERY) {
+			if (qdcount)
+				printf(" [%dq]", qdcount);
+			if (ancount != 1)
+				printf(" [%da]", ancount);
+		}
+		else {
+			if (ancount)
+				printf(" [%da]", ancount);
+			if (qdcount != 1)
+				printf(" [%dq]", qdcount);
+		}
+		if (nscount)
+			printf(" [%dn]", nscount);
+		if (arcount)
+			printf(" [%dau]", arcount);
+
+		ns_qprint((const u_char *)(np + 1), (const u_char *)np);
+	}
+	printf(" (%d)", length);
+}
diff --git a/contrib/tcpdump/print-dvmrp.c b/contrib/tcpdump/print-dvmrp.c
new file mode 100644
index 000000000000..dc7ed3eb3e16
--- /dev/null
+++ b/contrib/tcpdump/print-dvmrp.c
@@ -0,0 +1,341 @@
+/*
+ * Copyright (c) 1995, 1996
+ *	The Regents of the University of California.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that: (1) source code distributions
+ * retain the above copyright notice and this paragraph in its entirety, (2)
+ * distributions including binary code include the above copyright notice and
+ * this paragraph in its entirety in the documentation or other materials
+ * provided with the distribution, and (3) all advertising materials mentioning
+ * features or use of this software display the following acknowledgement:
+ * ``This product includes software developed by the University of California,
+ * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
+ * the University nor the names of its contributors may be used to endorse
+ * or promote products derived from this software without specific prior
+ * written permission.
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
+ */
+
+#ifndef lint
+static char rcsid[] =
+"@(#) $Header: print-dvmrp.c,v 1.9 96/07/23 14:17:23 leres Exp $ (LBL)";
+#endif
+
+#include <sys/param.h>
+#include <sys/time.h>
+#include <sys/socket.h>
+
+#include <netinet/in.h>
+#include <netinet/in_systm.h>
+#include <netinet/ip.h>
+#include <netinet/ip_var.h>
+#include <netinet/udp.h>
+#include <netinet/udp_var.h>
+#include <netinet/tcp.h>
+#include <netinet/tcpip.h>
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include <unistd.h>
+
+#include "interface.h"
+#include "addrtoname.h"
+
+/*
+ * DVMRP message types and flag values shamelessly stolen from
+ * mrouted/dvmrp.h.
+ */
+#define DVMRP_PROBE		1	/* for finding neighbors */
+#define DVMRP_REPORT		2	/* for reporting some or all routes */
+#define DVMRP_ASK_NEIGHBORS	3	/* sent by mapper, asking for a list */
+					/*
+					 * of this router's neighbors
+					 */
+#define DVMRP_NEIGHBORS		4	/* response to such a request */
+#define DVMRP_ASK_NEIGHBORS2	5	/* as above, want new format reply */
+#define DVMRP_NEIGHBORS2	6
+#define DVMRP_PRUNE		7	/* prune message */
+#define DVMRP_GRAFT		8	/* graft message */
+#define DVMRP_GRAFT_ACK		9	/* graft acknowledgement */
+
+/*
+ * 'flags' byte values in DVMRP_NEIGHBORS2 reply.
+ */
+#define DVMRP_NF_TUNNEL		0x01	/* neighbors reached via tunnel */
+#define DVMRP_NF_SRCRT		0x02	/* tunnel uses IP source routing */
+#define DVMRP_NF_DOWN		0x10	/* kernel state of interface */
+#define DVMRP_NF_DISABLED	0x20	/* administratively disabled */
+#define DVMRP_NF_QUERIER	0x40	/* I am the subnet's querier */
+
+static void print_report(const u_char *, const u_char *, u_int);
+static void print_neighbors(const u_char *, const u_char *, u_int);
+static void print_neighbors2(const u_char *, const u_char *, u_int);
+static void print_prune(const u_char *, const u_char *, u_int);
+static void print_graft(const u_char *, const u_char *, u_int);
+static void print_graft_ack(const u_char *, const u_char *, u_int);
+
+static u_int32_t target_level;
+
+void
+dvmrp_print(register const u_char *bp, register u_int len)
+{
+	register const u_char *ep;
+	register u_char type;
+
+	ep = (const u_char *)snapend;
+	if (bp >= ep)
+		return;
+
+	type = bp[1];
+	bp += 8;
+	/*
+	 * Skip IGMP header
+	 */
+
+	len -= 8;
+
+	switch (type) {
+	case DVMRP_PROBE:
+		printf(" Probe");
+		break;
+
+	case DVMRP_REPORT:
+		printf(" Report");
+		if (vflag)
+			print_report(bp, ep, len);
+		break;
+
+	case DVMRP_ASK_NEIGHBORS:
+		printf(" Ask-neighbors(old)");
+		break;
+
+	case DVMRP_NEIGHBORS:
+		printf(" Neighbors(old)");
+		print_neighbors(bp, ep, len);
+		break;
+
+	case DVMRP_ASK_NEIGHBORS2:
+		printf(" Ask-neighbors");
+		break;
+
+	case DVMRP_NEIGHBORS2:
+		printf(" Neighbors");
+		bp -= 4;
+		target_level = ((u_int32_t) * bp++ << 24);
+		/*
+		 * Group address in IGMP
+		 */
+
+		target_level += ((u_int32_t) * bp++ << 16);
+		/*
+		 * header is version number
+		 */
+
+		target_level += ((u_int32_t) * bp++ << 8);
+		target_level += ((u_int32_t) * bp++);
+		target_level = htonl(target_level);
+		print_neighbors2(bp, ep, len);
+		break;
+
+	case DVMRP_PRUNE:
+		printf(" Prune");
+		print_prune(bp, ep, len);
+		break;
+
+	case DVMRP_GRAFT:
+		printf(" Graft");
+		print_graft(bp, ep, len);
+		break;
+
+	case DVMRP_GRAFT_ACK:
+		printf(" Graft-ACK");
+		print_graft_ack(bp, ep, len);
+		break;
+
+	default:
+		printf(" [type %d]", type);
+		break;
+	}
+}
+
+static void
+print_report(const u_char *bp, const u_char *ep, u_int len)
+{
+	u_int32_t mask, origin;
+	int metric;
+	int i;
+	int width;
+	int done;
+
+	while (len > 0) {
+		if (len < 3) {
+			printf(" [|]");
+			return;
+		}
+		mask = 0xff << 24 | bp[0] << 16 | bp[1] << 8 | bp[2];
+		width = 1;
+		if (bp[0])
+			width = 2;
+		if (bp[1])
+			width = 3;
+		if (bp[2])
+			width = 4;
+
+		printf("\n\tMask %s", intoa(htonl(mask)));
+		bp += 3;
+		len -= 3;
+		do {
+			if (bp + width + 1 > ep) {
+				printf(" [|]");
+				return;
+			}
+			if (len < width + 1) {
+				printf("\n\t  [Truncated Report]");
+				return;
+			}
+			origin = 0;
+			for (i = 0; i < width; ++i)
+				origin = origin << 8 | *bp++;
+			for ( ; i < 4; ++i)
+				origin <<= 8;
+
+			metric = *bp++;
+			done = metric & 0x80;
+			metric &= 0x7f;
+			printf("\n\t  %s metric %d", intoa(htonl(origin)),
+				metric);
+			len -= width + 1;
+		} while (!done);
+	}
+}
+
+#define GET_ADDR(to) (memcpy((char*)to, (char*)bp, 4), bp += 4)
+
+static void
+print_neighbors(const u_char *bp, const u_char *ep, u_int len)
+{
+	u_char laddr[4], neighbor[4];
+	u_char metric;
+	u_char thresh;
+	u_char save_nflag;
+	int ncount;
+
+	save_nflag = nflag;
+	while (len > 0 && bp < ep) {
+		if (len < 7 || (bp + 7) >= ep) {
+			printf(" [|]");
+			return;
+		}
+		GET_ADDR(laddr);
+		metric = *bp++;
+		thresh = *bp++;
+		ncount = *bp++;
+		len -= 7;
+		while (--ncount >= 0 && (len >= 4) && (bp + 4) < ep) {
+			GET_ADDR(neighbor);
+			nflag = 0;
+			printf(" [%s ->", ipaddr_string(laddr));
+			nflag = save_nflag;
+			printf(" %s, (%d/%d)]",
+				   ipaddr_string(neighbor), metric, thresh);
+			len -= 4;
+		}
+	}
+}
+
+static void
+print_neighbors2(const u_char *bp, const u_char *ep, u_int len)
+{
+	u_char laddr[4], neighbor[4];
+	u_char metric;
+	u_char thresh;
+	u_char flags;
+	u_char save_nflag;
+	int ncount;
+
+	printf(" (v %d.%d):",
+	       (int)target_level & 0xff,
+	       (int)(target_level >> 8) & 0xff);
+
+	save_nflag = nflag;
+	while (len > 0 && bp < ep) {
+		if (len < 8 || (bp + 8) >= ep) {
+			printf(" [|]");
+			return;
+		}
+		GET_ADDR(laddr);
+		metric = *bp++;
+		thresh = *bp++;
+		flags = *bp++;
+		ncount = *bp++;
+		len -= 8;
+		while (--ncount >= 0 && (len >= 4) && (bp + 4) < ep) {
+			GET_ADDR(neighbor);
+			nflag = 0;
+			printf(" [%s -> ", ipaddr_string(laddr));
+			nflag = save_nflag;
+			printf("%s (%d/%d", ipaddr_string(neighbor),
+				     metric, thresh);
+			if (flags & DVMRP_NF_TUNNEL)
+				printf("/tunnel");
+			if (flags & DVMRP_NF_SRCRT)
+				printf("/srcrt");
+			if (flags & DVMRP_NF_QUERIER)
+				printf("/querier");
+			if (flags & DVMRP_NF_DISABLED)
+				printf("/disabled");
+			if (flags & DVMRP_NF_DOWN)
+				printf("/down");
+			printf(")]");
+			len -= 4;
+		}
+		if (ncount != -1) {
+			printf(" [|]");
+			return;
+		}
+	}
+}
+
+static void
+print_prune(const u_char *bp, const u_char *ep, u_int len)
+{
+	union a {
+		u_char b[4];
+		u_int32_t i;
+	} prune_timer;
+
+	if (len < 12 || (bp + 12) >= ep) {
+		printf(" [|]");
+		return;
+	}
+	printf(" src %s grp %s", ipaddr_string(bp), ipaddr_string(bp + 4));
+	bp += 8;
+	GET_ADDR(prune_timer.b);
+	printf(" timer %d", (int)ntohl(prune_timer.i));
+}
+
+static void
+print_graft(const u_char *bp, const u_char *ep, u_int len)
+{
+
+	if (len < 8 || (bp + 8) >= ep) {
+		printf(" [|]");
+		return;
+	}
+	printf(" src %s grp %s", ipaddr_string(bp), ipaddr_string(bp + 4));
+}
+
+static void
+print_graft_ack(const u_char *bp, const u_char *ep, u_int len)
+{
+
+	if (len < 8 || (bp + 8) >= ep) {
+		printf(" [|]");
+		return;
+	}
+	printf(" src %s grp %s", ipaddr_string(bp), ipaddr_string(bp + 4));
+}
diff --git a/contrib/tcpdump/print-egp.c b/contrib/tcpdump/print-egp.c
new file mode 100644
index 000000000000..362da01da709
--- /dev/null
+++ b/contrib/tcpdump/print-egp.c
@@ -0,0 +1,354 @@
+/*
+ * Copyright (c) 1991, 1992, 1993, 1994, 1995, 1996
+ *	The Regents of the University of California.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms are permitted
+ * provided that the above copyright notice and this paragraph are
+ * duplicated in all such forms and that any documentation,
+ * advertising materials, and other materials related to such
+ * distribution and use acknowledge that the software was developed
+ * by the University of California, Lawrence Berkeley Laboratory,
+ * Berkeley, CA.  The name of the University may not be used to
+ * endorse or promote products derived from this software without
+ * specific prior written permission.
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
+ * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
+ *
+ * Initial contribution from Jeff Honig (jch@MITCHELL.CIT.CORNELL.EDU).
+ */
+
+#ifndef lint
+static char rcsid[] =
+    "@(#) $Header: print-egp.c,v 1.21 96/07/14 19:38:59 leres Exp $ (LBL)";
+#endif
+
+#include <sys/param.h>
+#include <sys/time.h>
+#include <sys/uio.h>
+#include <sys/socket.h>
+
+#include <netinet/in.h>
+#include <netinet/in_systm.h>
+#include <netinet/ip.h>
+
+#include <netdb.h>
+#include <stdio.h>
+
+#include "interface.h"
+#include "addrtoname.h"
+
+struct egp_packet {
+	u_char  egp_version;
+#define	EGP_VERSION	2
+	u_char  egp_type;
+#define  EGPT_ACQUIRE	3
+#define  EGPT_REACH	5
+#define  EGPT_POLL	2
+#define  EGPT_UPDATE	1
+#define  EGPT_ERROR	8
+	u_char  egp_code;
+#define  EGPC_REQUEST	0
+#define  EGPC_CONFIRM	1
+#define  EGPC_REFUSE	2
+#define  EGPC_CEASE	3
+#define  EGPC_CEASEACK	4
+#define  EGPC_HELLO	0
+#define  EGPC_HEARDU	1
+	u_char  egp_status;
+#define  EGPS_UNSPEC	0
+#define  EGPS_ACTIVE	1
+#define  EGPS_PASSIVE	2
+#define  EGPS_NORES	3
+#define  EGPS_ADMIN	4
+#define  EGPS_GODOWN	5
+#define  EGPS_PARAM	6
+#define  EGPS_PROTO	7
+#define  EGPS_INDET	0
+#define  EGPS_UP	1
+#define  EGPS_DOWN	2
+#define  EGPS_UNSOL	0x80
+	u_short  egp_checksum;
+	u_short  egp_as;
+	u_short  egp_sequence;
+	union {
+		u_short  egpu_hello;
+		u_char egpu_gws[2];
+		u_short  egpu_reason;
+#define  EGPR_UNSPEC	0
+#define  EGPR_BADHEAD	1
+#define  EGPR_BADDATA	2
+#define  EGPR_NOREACH	3
+#define  EGPR_XSPOLL	4
+#define  EGPR_NORESP	5
+#define  EGPR_UVERSION	6
+	} egp_handg;
+#define  egp_hello  egp_handg.egpu_hello
+#define  egp_intgw  egp_handg.egpu_gws[0]
+#define  egp_extgw  egp_handg.egpu_gws[1]
+#define  egp_reason  egp_handg.egpu_reason
+	union {
+		u_short  egpu_poll;
+		u_int32_t egpu_sourcenet;
+	} egp_pands;
+#define  egp_poll  egp_pands.egpu_poll
+#define  egp_sourcenet  egp_pands.egpu_sourcenet
+};
+
+char *egp_acquire_codes[] = {
+	"request",
+	"confirm",
+	"refuse",
+	"cease",
+	"cease_ack"
+};
+
+char *egp_acquire_status[] = {
+	"unspecified",
+	"active_mode",
+	"passive_mode",
+	"insufficient_resources",
+	"administratively_prohibited",
+	"going_down",
+	"parameter_violation",
+	"protocol_violation"
+};
+
+char *egp_reach_codes[] = {
+	"hello",
+	"i-h-u"
+};
+
+char *egp_status_updown[] = {
+	"indeterminate",
+	"up",
+	"down"
+};
+
+char *egp_reasons[] = {
+	"unspecified",
+	"bad_EGP_header_format",
+	"bad_EGP_data_field_format",
+	"reachability_info_unavailable",
+	"excessive_polling_rate",
+	"no_response",
+	"unsupported_version"
+};
+
+static void
+egpnrprint(register const struct egp_packet *egp, register u_int length)
+{
+	register const u_char *cp;
+	u_int32_t addr;
+	register u_int32_t net;
+	register u_int netlen;
+	int gateways, distances, networks;
+	int t_gateways;
+	char *comma;
+
+	addr = egp->egp_sourcenet;
+	if (IN_CLASSA(addr)) {
+		net = addr & IN_CLASSA_NET;
+		netlen = 1;
+	} else if (IN_CLASSB(addr)) {
+		net = addr & IN_CLASSB_NET;
+		netlen = 2;
+	} else if (IN_CLASSC(addr)) {
+		net = addr & IN_CLASSC_NET;
+		netlen = 3;
+	} else {
+		net = 0;
+		netlen = 0;
+	}
+	cp = (u_char *)(egp + 1);
+
+	t_gateways = egp->egp_intgw + egp->egp_extgw;
+	for (gateways = 0; gateways < t_gateways; ++gateways) {
+		/* Pickup host part of gateway address */
+		addr = 0;
+		TCHECK2(cp[0], 4 - netlen);
+		switch (netlen) {
+
+		case 1:
+			addr = *cp++;
+			/* fall through */
+		case 2:
+			addr = (addr << 8) | *cp++;
+			/* fall through */
+		case 3:
+			addr = (addr << 8) | *cp++;
+		}
+		addr |= net;
+		TCHECK2(cp[0], 1);
+		distances = *cp++;
+		printf(" %s %s ",
+		       gateways < egp->egp_intgw ? "int" : "ext",
+		       ipaddr_string(&addr));
+
+		comma = "";
+		putchar('(');
+		while (--distances >= 0) {
+			TCHECK2(cp[0], 2);
+			printf("%sd%d:", comma, (int)*cp++);
+			comma = ", ";
+			networks = *cp++;
+			while (--networks >= 0) {
+				/* Pickup network number */
+				TCHECK2(cp[0], 1);
+				addr = (u_int32_t)*cp++ << 24;
+				if (IN_CLASSB(addr)) {
+					TCHECK2(cp[0], 1);
+					addr |= (u_int32_t)*cp++ << 16;
+				} else if (!IN_CLASSA(addr)) {
+					TCHECK2(cp[0], 2);
+					addr |= (u_int32_t)*cp++ << 16;
+					addr |= (u_int32_t)*cp++ << 8;
+				}
+				printf(" %s", ipaddr_string(&addr));
+			}
+		}
+		putchar(')');
+	}
+	return;
+trunc:
+	fputs("[|]", stdout);
+}
+
+void
+egp_print(register const u_char *bp, register u_int length,
+	  register const u_char *bp2)
+{
+	register const struct egp_packet *egp;
+	register const struct ip *ip;
+	register int status;
+	register int code;
+	register int type;
+
+	egp = (struct egp_packet *)bp;
+	ip = (struct ip *)bp2;
+        (void)printf("%s > %s: egp: ",
+		     ipaddr_string(&ip->ip_src),
+		     ipaddr_string(&ip->ip_dst));
+
+	if (egp->egp_version != EGP_VERSION) {
+		printf("[version %d]", egp->egp_version);
+		return;
+	}
+	printf("as:%d seq:%d", ntohs(egp->egp_as), ntohs(egp->egp_sequence));
+
+	type = egp->egp_type;
+	code = egp->egp_code;
+	status = egp->egp_status;
+
+	switch (type) {
+	case EGPT_ACQUIRE:
+		printf(" acquire");
+		switch (code) {
+		case EGPC_REQUEST:
+		case EGPC_CONFIRM:
+			printf(" %s", egp_acquire_codes[code]);
+			switch (status) {
+			case EGPS_UNSPEC:
+			case EGPS_ACTIVE:
+			case EGPS_PASSIVE:
+				printf(" %s", egp_acquire_status[status]);
+				break;
+
+			default:
+				printf(" [status %d]", status);
+				break;
+			}
+			printf(" hello:%d poll:%d",
+			       ntohs(egp->egp_hello),
+			       ntohs(egp->egp_poll));
+			break;
+
+		case EGPC_REFUSE:
+		case EGPC_CEASE:
+		case EGPC_CEASEACK:
+			printf(" %s", egp_acquire_codes[code]);
+			switch (status ) {
+			case EGPS_UNSPEC:
+			case EGPS_NORES:
+			case EGPS_ADMIN:
+			case EGPS_GODOWN:
+			case EGPS_PARAM:
+			case EGPS_PROTO:
+				printf(" %s", egp_acquire_status[status]);
+				break;
+
+			default:
+				printf("[status %d]", status);
+				break;
+			}
+			break;
+
+		default:
+			printf("[code %d]", code);
+			break;
+		}
+		break;
+
+	case EGPT_REACH:
+		switch (code) {
+
+		case EGPC_HELLO:
+		case EGPC_HEARDU:
+			printf(" %s", egp_reach_codes[code]);
+			if (status <= EGPS_DOWN)
+				printf(" state:%s", egp_status_updown[status]);
+			else
+				printf(" [status %d]", status);
+			break;
+
+		default:
+			printf("[reach code %d]", code);
+			break;
+		}
+		break;
+
+	case EGPT_POLL:
+		printf(" poll");
+		if (egp->egp_status <= EGPS_DOWN)
+			printf(" state:%s", egp_status_updown[status]);
+		else
+			printf(" [status %d]", status);
+		printf(" net:%s", ipaddr_string(&egp->egp_sourcenet));
+		break;
+
+	case EGPT_UPDATE:
+		printf(" update");
+		if (status & EGPS_UNSOL) {
+			status &= ~EGPS_UNSOL;
+			printf(" unsolicited");
+		}
+		if (status <= EGPS_DOWN)
+			printf(" state:%s", egp_status_updown[status]);
+		else
+			printf(" [status %d]", status);
+		printf(" %s int %d ext %d",
+		       ipaddr_string(&egp->egp_sourcenet),
+		       egp->egp_intgw,
+		       egp->egp_extgw);
+		if (vflag)
+			egpnrprint(egp, length);
+		break;
+
+	case EGPT_ERROR:
+		printf(" error");
+		if (status <= EGPS_DOWN)
+			printf(" state:%s", egp_status_updown[status]);
+		else
+			printf(" [status %d]", status);
+
+		if (ntohs(egp->egp_reason) <= EGPR_UVERSION)
+			printf(" %s", egp_reasons[ntohs(egp->egp_reason)]);
+		else
+			printf(" [reason %d]", ntohs(egp->egp_reason));
+		break;
+
+	default:
+		printf("[type %d]", type);
+		break;
+	}
+}
diff --git a/contrib/tcpdump/print-ether.c b/contrib/tcpdump/print-ether.c
new file mode 100644
index 000000000000..b2a1644b1129
--- /dev/null
+++ b/contrib/tcpdump/print-ether.c
@@ -0,0 +1,196 @@
+/*
+ * Copyright (c) 1988, 1989, 1990, 1991, 1992, 1993, 1994, 1995, 1996
+ *	The Regents of the University of California.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that: (1) source code distributions
+ * retain the above copyright notice and this paragraph in its entirety, (2)
+ * distributions including binary code include the above copyright notice and
+ * this paragraph in its entirety in the documentation or other materials
+ * provided with the distribution, and (3) all advertising materials mentioning
+ * features or use of this software display the following acknowledgement:
+ * ``This product includes software developed by the University of California,
+ * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
+ * the University nor the names of its contributors may be used to endorse
+ * or promote products derived from this software without specific prior
+ * written permission.
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
+ */
+#ifndef lint
+static char rcsid[] =
+    "@(#) $Header: print-ether.c,v 1.42 96/07/23 14:17:23 leres Exp $ (LBL)";
+#endif
+
+#include <sys/param.h>
+#include <sys/time.h>
+#include <sys/socket.h>
+
+#if __STDC__
+struct mbuf;
+struct rtentry;
+#endif
+#include <net/if.h>
+
+#include <netinet/in.h>
+#include <netinet/if_ether.h>
+#include <netinet/in_systm.h>
+#include <netinet/ip.h>
+#include <netinet/ip_var.h>
+#include <netinet/udp.h>
+#include <netinet/udp_var.h>
+#include <netinet/tcp.h>
+#include <netinet/tcpip.h>
+
+#include <stdio.h>
+#include <pcap.h>
+
+#include "interface.h"
+#include "addrtoname.h"
+#include "ethertype.h"
+
+const u_char *packetp;
+const u_char *snapend;
+
+static inline void
+ether_print(register const u_char *bp, u_int length)
+{
+	register const struct ether_header *ep;
+
+	ep = (const struct ether_header *)bp;
+	if (qflag)
+		(void)printf("%s %s %d: ",
+			     etheraddr_string(ESRC(ep)),
+			     etheraddr_string(EDST(ep)),
+			     length);
+	else
+		(void)printf("%s %s %s %d: ",
+			     etheraddr_string(ESRC(ep)),
+			     etheraddr_string(EDST(ep)),
+			     etherproto_string(ep->ether_type),
+			     length);
+}
+
+/*
+ * This is the top level routine of the printer.  'p' is the points
+ * to the ether header of the packet, 'tvp' is the timestamp,
+ * 'length' is the length of the packet off the wire, and 'caplen'
+ * is the number of bytes actually captured.
+ */
+void
+ether_if_print(u_char *user, const struct pcap_pkthdr *h, const u_char *p)
+{
+	u_int caplen = h->caplen;
+	u_int length = h->len;
+	struct ether_header *ep;
+	u_short ether_type;
+	extern u_short extracted_ethertype;
+
+	ts_print(&h->ts);
+
+	if (caplen < sizeof(struct ether_header)) {
+		printf("[|ether]");
+		goto out;
+	}
+
+	if (eflag)
+		ether_print(p, length);
+
+	/*
+	 * Some printers want to get back at the ethernet addresses,
+	 * and/or check that they're not walking off the end of the packet.
+	 * Rather than pass them all the way down, we set these globals.
+	 */
+	packetp = p;
+	snapend = p + caplen;
+
+	length -= sizeof(struct ether_header);
+	caplen -= sizeof(struct ether_header);
+	ep = (struct ether_header *)p;
+	p += sizeof(struct ether_header);
+
+	ether_type = ntohs(ep->ether_type);
+
+	/*
+	 * Is it (gag) an 802.3 encapsulation?
+	 */
+	extracted_ethertype = 0;
+	if (ether_type < ETHERMTU) {
+		/* Try to print the LLC-layer header & higher layers */
+		if (llc_print(p, length, caplen, ESRC(ep), EDST(ep)) == 0) {
+			/* ether_type not known, print raw packet */
+			if (!eflag)
+				ether_print((u_char *)ep, length);
+			if (extracted_ethertype) {
+				printf("(LLC %s) ",
+			       etherproto_string(htons(extracted_ethertype)));
+			}
+			if (!xflag && !qflag)
+				default_print(p, caplen);
+		}
+	} else if (ether_encap_print(ether_type, p, length, caplen) == 0) {
+		/* ether_type not known, print raw packet */
+		if (!eflag)
+			ether_print((u_char *)ep, length + sizeof(*ep));
+		if (!xflag && !qflag)
+			default_print(p, caplen);
+	}
+	if (xflag)
+		default_print(p, caplen);
+ out:
+	putchar('\n');
+}
+
+/*
+ * Prints the packet encapsulated in an Ethernet data segment
+ * (or an equivalent encapsulation), given the Ethernet type code.
+ *
+ * Returns non-zero if it can do so, zero if the ethertype is unknown.
+ *
+ * Stuffs the ether type into a global for the benefit of lower layers
+ * that might want to know what it is.
+ */
+
+u_short	extracted_ethertype;
+
+int
+ether_encap_print(u_short ethertype, const u_char *p,
+    u_int length, u_int caplen)
+{
+	extracted_ethertype = ethertype;
+
+	switch (ethertype) {
+
+	case ETHERTYPE_IP:
+		ip_print(p, length);
+		return (1);
+
+	case ETHERTYPE_ARP:
+	case ETHERTYPE_REVARP:
+		arp_print(p, length, caplen);
+		return (1);
+
+	case ETHERTYPE_DN:
+		decnet_print(p, length, caplen);
+		return (1);
+
+	case ETHERTYPE_ATALK:
+		if (vflag)
+			fputs("et1 ", stdout);
+		atalk_print(p, length);
+		return (1);
+
+	case ETHERTYPE_AARP:
+		aarp_print(p, length);
+		return (1);
+
+	case ETHERTYPE_LAT:
+	case ETHERTYPE_SCA:
+	case ETHERTYPE_MOPRC:
+	case ETHERTYPE_MOPDL:
+		/* default_print for now */
+	default:
+		return (0);
+	}
+}
diff --git a/contrib/tcpdump/print-fddi.c b/contrib/tcpdump/print-fddi.c
new file mode 100644
index 000000000000..59999b860653
--- /dev/null
+++ b/contrib/tcpdump/print-fddi.c
@@ -0,0 +1,354 @@
+/*
+ * Copyright (c) 1991, 1992, 1993, 1994, 1995, 1996
+ *	The Regents of the University of California.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that: (1) source code distributions
+ * retain the above copyright notice and this paragraph in its entirety, (2)
+ * distributions including binary code include the above copyright notice and
+ * this paragraph in its entirety in the documentation or other materials
+ * provided with the distribution, and (3) all advertising materials mentioning
+ * features or use of this software display the following acknowledgement:
+ * ``This product includes software developed by the University of California,
+ * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
+ * the University nor the names of its contributors may be used to endorse
+ * or promote products derived from this software without specific prior
+ * written permission.
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
+ */
+
+#ifndef lint
+static  char rcsid[] =
+	"@(#)$Header: print-fddi.c,v 1.31 96/07/14 19:38:59 leres Exp $ (LBL)";
+#endif
+
+#ifdef HAVE_FDDI
+#include <sys/param.h>
+#include <sys/time.h>
+#include <sys/socket.h>
+#include <sys/file.h>
+#include <sys/ioctl.h>
+
+#if __STDC__
+struct mbuf;
+struct rtentry;
+#endif
+#include <net/if.h>
+
+#include <netinet/in.h>
+#include <netinet/if_ether.h>
+#include <netinet/in_systm.h>
+#include <netinet/ip.h>
+
+#include <ctype.h>
+#include <netdb.h>
+#include <pcap.h>
+#include <signal.h>
+#include <stdio.h>
+#include <string.h>
+
+#include "interface.h"
+#include "addrtoname.h"
+#include "ethertype.h"
+
+#include "fddi.h"
+
+/*
+ * Some FDDI interfaces use bit-swapped addresses.
+ */
+#if defined(ultrix) || defined(__alpha)
+int	fddi_bitswap = 0;
+#else
+int	fddi_bitswap = 1;
+#endif
+
+/*
+ * FDDI support for tcpdump, by Jeffrey Mogul [DECWRL], June 1992
+ *
+ * Based in part on code by Van Jacobson, which bears this note:
+ *
+ * NOTE:  This is a very preliminary hack for FDDI support.
+ * There are all sorts of wired in constants & nothing (yet)
+ * to print SMT packets as anything other than hex dumps.
+ * Most of the necessary changes are waiting on my redoing
+ * the "header" that a kernel fddi driver supplies to bpf:  I
+ * want it to look like one byte of 'direction' (0 or 1
+ * depending on whether the packet was inbound or outbound),
+ * two bytes of system/driver dependent data (anything an
+ * implementor thinks would be useful to filter on and/or
+ * save per-packet, then the real 21-byte FDDI header.
+ * Steve McCanne & I have also talked about adding the
+ * 'direction' byte to all bpf headers (e.g., in the two
+ * bytes of padding on an ethernet header).  It's not clear
+ * we could do this in a backwards compatible way & we hate
+ * the idea of an incompatible bpf change.  Discussions are
+ * proceeding.
+ *
+ * Also, to really support FDDI (and better support 802.2
+ * over ethernet) we really need to re-think the rather simple
+ * minded assumptions about fixed length & fixed format link
+ * level headers made in gencode.c.  One day...
+ *
+ *  - vj
+ */
+
+#define FDDI_HDRLEN (sizeof(struct fddi_header))
+
+static u_char fddi_bit_swap[] = {
+	0x00, 0x80, 0x40, 0xc0, 0x20, 0xa0, 0x60, 0xe0,
+	0x10, 0x90, 0x50, 0xd0, 0x30, 0xb0, 0x70, 0xf0,
+	0x08, 0x88, 0x48, 0xc8, 0x28, 0xa8, 0x68, 0xe8,
+	0x18, 0x98, 0x58, 0xd8, 0x38, 0xb8, 0x78, 0xf8,
+	0x04, 0x84, 0x44, 0xc4, 0x24, 0xa4, 0x64, 0xe4,
+	0x14, 0x94, 0x54, 0xd4, 0x34, 0xb4, 0x74, 0xf4,
+	0x0c, 0x8c, 0x4c, 0xcc, 0x2c, 0xac, 0x6c, 0xec,
+	0x1c, 0x9c, 0x5c, 0xdc, 0x3c, 0xbc, 0x7c, 0xfc,
+	0x02, 0x82, 0x42, 0xc2, 0x22, 0xa2, 0x62, 0xe2,
+	0x12, 0x92, 0x52, 0xd2, 0x32, 0xb2, 0x72, 0xf2,
+	0x0a, 0x8a, 0x4a, 0xca, 0x2a, 0xaa, 0x6a, 0xea,
+	0x1a, 0x9a, 0x5a, 0xda, 0x3a, 0xba, 0x7a, 0xfa,
+	0x06, 0x86, 0x46, 0xc6, 0x26, 0xa6, 0x66, 0xe6,
+	0x16, 0x96, 0x56, 0xd6, 0x36, 0xb6, 0x76, 0xf6,
+	0x0e, 0x8e, 0x4e, 0xce, 0x2e, 0xae, 0x6e, 0xee,
+	0x1e, 0x9e, 0x5e, 0xde, 0x3e, 0xbe, 0x7e, 0xfe,
+	0x01, 0x81, 0x41, 0xc1, 0x21, 0xa1, 0x61, 0xe1,
+	0x11, 0x91, 0x51, 0xd1, 0x31, 0xb1, 0x71, 0xf1,
+	0x09, 0x89, 0x49, 0xc9, 0x29, 0xa9, 0x69, 0xe9,
+	0x19, 0x99, 0x59, 0xd9, 0x39, 0xb9, 0x79, 0xf9,
+	0x05, 0x85, 0x45, 0xc5, 0x25, 0xa5, 0x65, 0xe5,
+	0x15, 0x95, 0x55, 0xd5, 0x35, 0xb5, 0x75, 0xf5,
+	0x0d, 0x8d, 0x4d, 0xcd, 0x2d, 0xad, 0x6d, 0xed,
+	0x1d, 0x9d, 0x5d, 0xdd, 0x3d, 0xbd, 0x7d, 0xfd,
+	0x03, 0x83, 0x43, 0xc3, 0x23, 0xa3, 0x63, 0xe3,
+	0x13, 0x93, 0x53, 0xd3, 0x33, 0xb3, 0x73, 0xf3,
+	0x0b, 0x8b, 0x4b, 0xcb, 0x2b, 0xab, 0x6b, 0xeb,
+	0x1b, 0x9b, 0x5b, 0xdb, 0x3b, 0xbb, 0x7b, 0xfb,
+	0x07, 0x87, 0x47, 0xc7, 0x27, 0xa7, 0x67, 0xe7,
+	0x17, 0x97, 0x57, 0xd7, 0x37, 0xb7, 0x77, 0xf7,
+	0x0f, 0x8f, 0x4f, 0xcf, 0x2f, 0xaf, 0x6f, 0xef,
+	0x1f, 0x9f, 0x5f, 0xdf, 0x3f, 0xbf, 0x7f, 0xff,
+};
+
+/*
+ * Print FDDI frame-control bits
+ */
+static inline void
+print_fddi_fc(u_char fc)
+{
+	switch (fc) {
+
+	case FDDIFC_VOID:                         /* Void frame */
+		printf("void ");
+		break;
+
+	case FDDIFC_NRT:                          /* Nonrestricted token */
+		printf("nrt ");
+		break;
+
+	case FDDIFC_RT:                           /* Restricted token */
+		printf("rt ");
+		break;
+
+	case FDDIFC_SMT_INFO:                     /* SMT Info */
+		printf("info ");
+		break;
+
+	case FDDIFC_SMT_NSA:                      /* SMT Next station adrs */
+		printf("nsa ");
+		break;
+
+	case FDDIFC_MAC_BEACON:                   /* MAC Beacon frame */
+		printf("beacon ");
+		break;
+
+	case FDDIFC_MAC_CLAIM:                    /* MAC Claim frame */
+		printf("claim ");
+		break;
+
+	default:
+		switch (fc & FDDIFC_CLFF) {
+
+		case FDDIFC_MAC:
+			printf("mac%1x ", fc & FDDIFC_ZZZZ);
+			break;
+
+		case FDDIFC_SMT:
+			printf("smt%1x ", fc & FDDIFC_ZZZZ);
+			break;
+
+		case FDDIFC_LLC_ASYNC:
+			printf("async%1x ", fc & FDDIFC_ZZZZ);
+			break;
+
+		case FDDIFC_LLC_SYNC:
+			printf("sync%1x ", fc & FDDIFC_ZZZZ);
+			break;
+
+		case FDDIFC_IMP_ASYNC:
+			printf("imp_async%1x ", fc & FDDIFC_ZZZZ);
+			break;
+
+		case FDDIFC_IMP_SYNC:
+			printf("imp_sync%1x ", fc & FDDIFC_ZZZZ);
+			break;
+
+		default:
+			printf("%02x ", fc);
+			break;
+		}
+	}
+}
+
+/* Extract src, dst addresses */
+static inline void
+extract_fddi_addrs(const struct fddi_header *fddip, char *fsrc, char *fdst)
+{
+	register int i;
+
+	if (fddi_bitswap) {
+		/*
+		 * bit-swap the fddi addresses (isn't the IEEE standards
+		 * process wonderful!) then convert them to names.
+		 */
+		for (i = 0; i < 6; ++i)
+			fdst[i] = fddi_bit_swap[fddip->fddi_dhost[i]];
+		for (i = 0; i < 6; ++i)
+			fsrc[i] = fddi_bit_swap[fddip->fddi_shost[i]];
+	}
+	else {
+		memcpy(fdst, (char *)fddip->fddi_dhost, 6);
+		memcpy(fsrc, (char *)fddip->fddi_shost, 6);
+	}
+}
+
+/*
+ * Print the FDDI MAC header
+ */
+static inline void
+fddi_print(register const struct fddi_header *fddip, register u_int length,
+	   register const u_char *fsrc, register const u_char *fdst)
+{
+	char *srcname, *dstname;
+
+	srcname = etheraddr_string(fsrc);
+	dstname = etheraddr_string(fdst);
+
+	if (vflag)
+		(void) printf("%02x %s %s %d: ",
+		       fddip->fddi_fc,
+		       srcname, dstname,
+		       length);
+	else if (qflag)
+		printf("%s %s %d: ", srcname, dstname, length);
+	else {
+		(void) print_fddi_fc(fddip->fddi_fc);
+		(void) printf("%s %s %d: ", srcname, dstname, length);
+	}
+}
+
+static inline void
+fddi_smt_print(const u_char *p, u_int length)
+{
+	printf("<SMT printer not yet implemented>");
+}
+
+/*
+ * This is the top level routine of the printer.  'sp' is the points
+ * to the FDDI header of the packet, 'tvp' is the timestamp,
+ * 'length' is the length of the packet off the wire, and 'caplen'
+ * is the number of bytes actually captured.
+ */
+void
+fddi_if_print(u_char *pcap, const struct pcap_pkthdr *h,
+	      register const u_char *p)
+{
+	u_int caplen = h->caplen;
+	u_int length = h->len;
+	const struct fddi_header *fddip = (struct fddi_header *)p;
+	extern u_short extracted_ethertype;
+	struct ether_header ehdr;
+
+	ts_print(&h->ts);
+
+	if (caplen < FDDI_HDRLEN) {
+		printf("[|fddi]");
+		goto out;
+	}
+	/*
+	 * Get the FDDI addresses into a canonical form
+	 */
+	extract_fddi_addrs(fddip, (char*)ESRC(&ehdr), (char*)EDST(&ehdr));
+	/*
+	 * Some printers want to get back at the link level addresses,
+	 * and/or check that they're not walking off the end of the packet.
+	 * Rather than pass them all the way down, we set these globals.
+	 */
+	snapend = p + caplen;
+	/*
+	 * Actually, the only printer that uses packetp is print-bootp.c,
+	 * and it assumes that packetp points to an Ethernet header.  The
+	 * right thing to do is to fix print-bootp.c to know which link
+	 * type is in use when it excavates. XXX
+	 */
+	packetp = (u_char *)&ehdr;
+
+	if (eflag)
+		fddi_print(fddip, length, ESRC(&ehdr), EDST(&ehdr));
+
+	/* Skip over FDDI MAC header */
+	length -= FDDI_HDRLEN;
+	p += FDDI_HDRLEN;
+	caplen -= FDDI_HDRLEN;
+
+	/* Frame Control field determines interpretation of packet */
+	extracted_ethertype = 0;
+	if ((fddip->fddi_fc & FDDIFC_CLFF) == FDDIFC_LLC_ASYNC) {
+		/* Try to print the LLC-layer header & higher layers */
+		if (llc_print(p, length, caplen, ESRC(&ehdr), EDST(&ehdr))
+		    == 0) {
+			/*
+			 * Some kinds of LLC packet we cannot
+			 * handle intelligently
+			 */
+			if (!eflag)
+				fddi_print(fddip, length,
+				    ESRC(&ehdr), EDST(&ehdr));
+			if (extracted_ethertype) {
+				printf("(LLC %s) ",
+			etherproto_string(htons(extracted_ethertype)));
+			}
+			if (!xflag && !qflag)
+				default_print(p, caplen);
+		}
+	} else if ((fddip->fddi_fc & FDDIFC_CLFF) == FDDIFC_SMT)
+		fddi_smt_print(p, caplen);
+	else {
+		/* Some kinds of FDDI packet we cannot handle intelligently */
+		if (!eflag)
+			fddi_print(fddip, length, ESRC(&ehdr), EDST(&ehdr));
+		if (!xflag && !qflag)
+			default_print(p, caplen);
+	}
+	if (xflag)
+		default_print(p, caplen);
+out:
+	putchar('\n');
+}
+#else
+#include <sys/types.h>
+#include <sys/time.h>
+
+#include <stdio.h>
+
+#include "interface.h"
+void
+fddi_if_print(u_char *pcap, const struct pcap_pkthdr *h,
+	      register const u_char *p)
+{
+
+	error("not configured for fddi");
+	/* NOTREACHED */
+}
+#endif
diff --git a/contrib/tcpdump/print-icmp.c b/contrib/tcpdump/print-icmp.c
new file mode 100644
index 000000000000..429000b1a422
--- /dev/null
+++ b/contrib/tcpdump/print-icmp.c
@@ -0,0 +1,354 @@
+/*
+ * Copyright (c) 1988, 1989, 1990, 1991, 1993, 1994, 1995, 1996
+ *	The Regents of the University of California.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that: (1) source code distributions
+ * retain the above copyright notice and this paragraph in its entirety, (2)
+ * distributions including binary code include the above copyright notice and
+ * this paragraph in its entirety in the documentation or other materials
+ * provided with the distribution, and (3) all advertising materials mentioning
+ * features or use of this software display the following acknowledgement:
+ * ``This product includes software developed by the University of California,
+ * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
+ * the University nor the names of its contributors may be used to endorse
+ * or promote products derived from this software without specific prior
+ * written permission.
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
+ */
+
+#ifndef lint
+static char rcsid[] =
+    "@(#) $Header: print-icmp.c,v 1.36 96/07/23 14:17:24 leres Exp $ (LBL)";
+#endif
+
+#include <sys/param.h>
+#include <sys/time.h>
+#include <sys/socket.h>
+
+#if __STDC__
+struct mbuf;
+struct rtentry;
+#endif
+#include <net/if.h>
+
+#include <netinet/in.h>
+#include <netinet/if_ether.h>
+#include <netinet/in_systm.h>
+#include <netinet/ip.h>
+#include <netinet/ip_icmp.h>
+#include <netinet/ip_var.h>
+#include <netinet/udp.h>
+#include <netinet/udp_var.h>
+#include <netinet/tcp.h>
+#include <netinet/tcpip.h>
+
+#include <stdio.h>
+#include <string.h>
+
+#include "interface.h"
+#include "addrtoname.h"
+#include "extract.h"			/* must come after interface.h */
+
+/* rfc1700 */
+#ifndef ICMP_UNREACH_NET_UNKNOWN
+#define ICMP_UNREACH_NET_UNKNOWN	6	/* destination net unknown */
+#endif
+#ifndef ICMP_UNREACH_HOST_UNKNOWN
+#define ICMP_UNREACH_HOST_UNKNOWN	7	/* destination host unknown */
+#endif
+#ifndef ICMP_UNREACH_ISOLATED
+#define ICMP_UNREACH_ISOLATED		8	/* source host isolated */
+#endif
+#ifndef ICMP_UNREACH_NET_PROHIB
+#define ICMP_UNREACH_NET_PROHIB		9	/* admin prohibited net */
+#endif
+#ifndef ICMP_UNREACH_HOST_PROHIB
+#define ICMP_UNREACH_HOST_PROHIB	10	/* admin prohibited host */
+#endif
+#ifndef ICMP_UNREACH_TOSNET
+#define ICMP_UNREACH_TOSNET		11	/* tos prohibited net */
+#endif
+#ifndef ICMP_UNREACH_TOSHOST
+#define ICMP_UNREACH_TOSHOST		12	/* tos prohibited host */
+#endif
+
+/* rfc1716 */
+#ifndef ICMP_UNREACH_FILTER_PROHIB
+#define ICMP_UNREACH_FILTER_PROHIB	13	/* admin prohibited filter */
+#endif
+#ifndef ICMP_UNREACH_HOST_PRECEDENCE
+#define ICMP_UNREACH_HOST_PRECEDENCE	14	/* host precedence violation */
+#endif
+#ifndef ICMP_UNREACH_PRECEDENCE_CUTOFF
+#define ICMP_UNREACH_PRECEDENCE_CUTOFF	15	/* precedence cutoff */
+#endif
+
+/* rfc1256 */
+#ifndef ICMP_ROUTERADVERT
+#define ICMP_ROUTERADVERT		9	/* router advertisement */
+#endif
+#ifndef ICMP_ROUTERSOLICIT
+#define ICMP_ROUTERSOLICIT		10	/* router solicitation */
+#endif
+
+/* Most of the icmp types */
+static struct tok icmp2str[] = {
+	{ ICMP_ECHOREPLY,		"echo reply" },
+	{ ICMP_SOURCEQUENCH,		"source quench" },
+	{ ICMP_ECHO,			"echo request" },
+	{ ICMP_ROUTERSOLICIT,		"router solicitation" },
+	{ ICMP_TSTAMP,			"time stamp request" },
+	{ ICMP_TSTAMPREPLY,		"time stamp reply" },
+	{ ICMP_IREQ,			"information request" },
+	{ ICMP_IREQREPLY,		"information reply" },
+	{ ICMP_MASKREQ,			"address mask request" },
+	{ 0,				NULL }
+};
+
+/* Formats for most of the ICMP_UNREACH codes */
+static struct tok unreach2str[] = {
+	{ ICMP_UNREACH_NET,		"net %s unreachable" },
+	{ ICMP_UNREACH_HOST,		"host %s unreachable" },
+	{ ICMP_UNREACH_SRCFAIL,
+	    "%s unreachable - source route failed" },
+	{ ICMP_UNREACH_NET_UNKNOWN,	"net %s unreachable - unknown" },
+	{ ICMP_UNREACH_HOST_UNKNOWN,	"host %s unreachable - unknown" },
+	{ ICMP_UNREACH_ISOLATED,
+	    "%s unreachable - source host isolated" },
+	{ ICMP_UNREACH_NET_PROHIB,
+	    "net %s unreachable - admin prohibited" },
+	{ ICMP_UNREACH_HOST_PROHIB,
+	    "host %s unreachable - admin prohibited" },
+	{ ICMP_UNREACH_TOSNET,
+	    "net %s unreachable - tos prohibited" },
+	{ ICMP_UNREACH_TOSHOST,
+	    "host %s unreachable - tos prohibited" },
+	{ ICMP_UNREACH_FILTER_PROHIB,
+	    "host %s unreachable - admin prohibited filter" },
+	{ ICMP_UNREACH_HOST_PRECEDENCE,
+	    "host %s unreachable - host precedence violation" },
+	{ ICMP_UNREACH_PRECEDENCE_CUTOFF,
+	    "host %s unreachable - precedence cutoff" },
+	{ 0,				NULL }
+};
+
+/* Formats for the ICMP_REDIRECT codes */
+static struct tok type2str[] = {
+	{ ICMP_REDIRECT_NET,		"redirect %s to net %s" },
+	{ ICMP_REDIRECT_HOST,		"redirect %s to host %s" },
+	{ ICMP_REDIRECT_TOSNET,		"redirect-tos %s to net %s" },
+	{ ICMP_REDIRECT_TOSHOST,	"redirect-tos %s to net %s" },
+	{ 0,				NULL }
+};
+
+/* rfc1191 */
+struct mtu_discovery {
+	short unused;
+	short nexthopmtu;
+};
+
+/* rfc1256 */
+struct ih_rdiscovery {
+	u_char ird_addrnum;
+	u_char ird_addrsiz;
+	u_short ird_lifetime;
+};
+
+struct id_rdiscovery {
+	u_int32_t ird_addr;
+	u_int32_t ird_pref;
+};
+
+void
+icmp_print(register const u_char *bp, register const u_char *bp2)
+{
+	register char *cp;
+	register const struct icmp *dp;
+	register const struct ip *ip;
+	register const char *str, *fmt;
+	register const struct ip *oip;
+	register const struct udphdr *ouh;
+	register u_int hlen, dport, mtu;
+	char buf[256];
+
+	dp = (struct icmp *)bp;
+	ip = (struct ip *)bp2;
+	str = buf;
+
+        (void)printf("%s > %s: ",
+		ipaddr_string(&ip->ip_src),
+		ipaddr_string(&ip->ip_dst));
+
+	TCHECK(dp->icmp_code);
+	switch (dp->icmp_type) {
+
+	case ICMP_UNREACH:
+		TCHECK(dp->icmp_ip.ip_dst);
+		switch (dp->icmp_code) {
+
+		case ICMP_UNREACH_PROTOCOL:
+			TCHECK(dp->icmp_ip.ip_p);
+			(void)sprintf(buf, "%s protocol %d unreachable",
+				       ipaddr_string(&dp->icmp_ip.ip_dst),
+				       dp->icmp_ip.ip_p);
+			break;
+
+		case ICMP_UNREACH_PORT:
+			TCHECK(dp->icmp_ip.ip_p);
+			oip = &dp->icmp_ip;
+			hlen = oip->ip_hl * 4;
+			ouh = (struct udphdr *)(((u_char *)oip) + hlen);
+			dport = ntohs(ouh->uh_dport);
+			switch (oip->ip_p) {
+
+			case IPPROTO_TCP:
+				(void)sprintf(buf,
+					"%s tcp port %s unreachable",
+					ipaddr_string(&oip->ip_dst),
+					tcpport_string(dport));
+				break;
+
+			case IPPROTO_UDP:
+				(void)sprintf(buf,
+					"%s udp port %s unreachable",
+					ipaddr_string(&oip->ip_dst),
+					udpport_string(dport));
+				break;
+
+			default:
+				(void)sprintf(buf,
+					"%s protocol %d port %d unreachable",
+					ipaddr_string(&oip->ip_dst),
+					oip->ip_p, dport);
+				break;
+			}
+			break;
+
+		case ICMP_UNREACH_NEEDFRAG:
+			{
+			register const struct mtu_discovery *mp;
+
+			mp = (struct mtu_discovery *)&dp->icmp_void;
+                        mtu = EXTRACT_16BITS(&mp->nexthopmtu);
+                        if (mtu)
+			    (void)sprintf(buf,
+				"%s unreachable - need to frag (mtu %d)",
+				ipaddr_string(&dp->icmp_ip.ip_dst), mtu);
+                        else
+			    (void)sprintf(buf,
+				"%s unreachable - need to frag",
+				ipaddr_string(&dp->icmp_ip.ip_dst));
+			}
+			break;
+
+		default:
+			fmt = tok2str(unreach2str, "#%d %%s unreachable",
+			    dp->icmp_code);
+			(void)sprintf(buf, fmt,
+			    ipaddr_string(&dp->icmp_ip.ip_dst));
+			break;
+		}
+		break;
+
+	case ICMP_REDIRECT:
+		TCHECK(dp->icmp_ip.ip_dst);
+		fmt = tok2str(type2str, "redirect-#%d %%s to net %%s",
+		    dp->icmp_code);
+		(void)sprintf(buf, fmt,
+		    ipaddr_string(&dp->icmp_ip.ip_dst),
+		    ipaddr_string(&dp->icmp_gwaddr));
+		break;
+
+	case ICMP_ROUTERADVERT:
+		{
+		register const struct ih_rdiscovery *ihp;
+		register const struct id_rdiscovery *idp;
+		u_int lifetime, num, size;
+
+		(void)strcpy(buf, "router advertisement");
+		cp = buf + strlen(buf);
+
+		ihp = (struct ih_rdiscovery *)&dp->icmp_void;
+		TCHECK(*ihp);
+		(void)strcpy(cp, "lifetime ");
+		cp = buf + strlen(buf);
+		lifetime = EXTRACT_16BITS(&ihp->ird_lifetime);
+		if (lifetime < 60)
+			(void)sprintf(cp, "%u", lifetime);
+		else if (lifetime < 60 * 60)
+			(void)sprintf(cp, "%u:%02u",
+			    lifetime / 60, lifetime % 60);
+		else
+			(void)sprintf(cp, "%u:%02u:%02u",
+			    lifetime / 3600,
+			    (lifetime % 3600) / 60,
+			    lifetime % 60);
+		cp = buf + strlen(buf);
+
+		num = ihp->ird_addrnum;
+		(void)sprintf(cp, " %d:", num);
+		cp = buf + strlen(buf);
+
+		size = ihp->ird_addrsiz;
+		if (size != 2) {
+			(void)sprintf(cp, " [size %d]", size);
+			break;
+		}
+		idp = (struct id_rdiscovery *)&dp->icmp_data;
+		while (num-- > 0) {
+			TCHECK(*idp);
+			(void)sprintf(cp, " {%s %u}",
+			    ipaddr_string(&idp->ird_addr),
+			    EXTRACT_32BITS(&idp->ird_pref));
+			cp = buf + strlen(buf);
+		}
+		}
+		break;
+
+	case ICMP_TIMXCEED:
+		TCHECK(dp->icmp_ip.ip_dst);
+		switch (dp->icmp_code) {
+
+		case ICMP_TIMXCEED_INTRANS:
+			str = "time exceeded in-transit";
+			break;
+
+		case ICMP_TIMXCEED_REASS:
+			str = "ip reassembly time exceeded";
+			break;
+
+		default:
+			(void)sprintf(buf, "time exceeded-#%d", dp->icmp_code);
+			break;
+		}
+		break;
+
+	case ICMP_PARAMPROB:
+		if (dp->icmp_code)
+			(void)sprintf(buf, "parameter problem - code %d",
+					dp->icmp_code);
+		else {
+			TCHECK(dp->icmp_pptr);
+			(void)sprintf(buf, "parameter problem - octet %d",
+					dp->icmp_pptr);
+		}
+		break;
+
+	case ICMP_MASKREPLY:
+		TCHECK(dp->icmp_mask);
+		(void)sprintf(buf, "address mask is 0x%08x",
+		    (u_int32_t)ntohl(dp->icmp_mask));
+		break;
+
+	default:
+		str = tok2str(icmp2str, "type-#%d", dp->icmp_type);
+		break;
+	}
+        (void)printf("icmp: %s", str);
+	return;
+trunc:
+	fputs("[|icmp]", stdout);
+}
diff --git a/contrib/tcpdump/print-igrp.c b/contrib/tcpdump/print-igrp.c
new file mode 100644
index 000000000000..8ce5bad003a9
--- /dev/null
+++ b/contrib/tcpdump/print-igrp.c
@@ -0,0 +1,138 @@
+/*
+ * Copyright (c) 1996
+ *	The Regents of the University of California.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that: (1) source code distributions
+ * retain the above copyright notice and this paragraph in its entirety, (2)
+ * distributions including binary code include the above copyright notice and
+ * this paragraph in its entirety in the documentation or other materials
+ * provided with the distribution, and (3) all advertising materials mentioning
+ * features or use of this software display the following acknowledgement:
+ * ``This product includes software developed by the University of California,
+ * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
+ * the University nor the names of its contributors may be used to endorse
+ * or promote products derived from this software without specific prior
+ * written permission.
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
+ *
+ * Initial contribution from Francis Dupont (francis.dupont@inria.fr)
+ */
+
+#ifndef lint
+static char rcsid[] =
+"@(#) $Header: print-igrp.c,v 1.4 96/07/23 14:04:55 leres Exp $ (LBL)";
+#endif
+
+#include <sys/param.h>
+#include <sys/socket.h>
+
+#include <netinet/in.h>
+#include <netinet/in_systm.h>
+#include <netinet/ip.h>
+#include <netinet/ip_var.h>
+#include <netinet/udp.h>
+#include <netinet/udp_var.h>
+
+#include <errno.h>
+#include <stdio.h>
+
+#include "addrtoname.h"
+#include "interface.h"
+#include "igrp.h"
+#include "extract.h"			/* must come after interface.h */
+
+static void
+igrp_entry_print(register struct igrprte *igr, register int is_interior,
+    register int is_exterior)
+{
+	register u_int delay, bandwidth;
+	u_int metric, mtu;
+
+	if (is_interior)
+		printf(" *.%d.%d.%d", igr->igr_net[0],
+		    igr->igr_net[1], igr->igr_net[2]);
+	else if (is_exterior)
+		printf(" X%d.%d.%d.0", igr->igr_net[0],
+		    igr->igr_net[1], igr->igr_net[2]);
+	else
+		printf(" %d.%d.%d.0", igr->igr_net[0],
+		    igr->igr_net[1], igr->igr_net[2]);
+
+	delay = EXTRACT_24BITS(igr->igr_dly);
+	bandwidth = EXTRACT_24BITS(igr->igr_bw);
+	metric = bandwidth + delay;
+	if (metric > 0xffffff)
+		metric = 0xffffff;
+	mtu = EXTRACT_16BITS(igr->igr_mtu);
+
+	printf(" d=%d b=%d r=%d l=%d M=%d mtu=%d in %d hops",
+	    10 * delay, bandwidth == 0 ? 0 : 10000000 / bandwidth,
+	    igr->igr_rel, igr->igr_ld, metric,
+	    mtu, igr->igr_hct);
+}
+
+static struct tok op2str[] = {
+	{ IGRP_UPDATE,		"update" },
+	{ IGRP_REQUEST,		"request" },
+	{ 0,			NULL }
+};
+
+void
+igrp_print(register const u_char *bp, u_int length, register const u_char *bp2)
+{
+	register struct igrphdr *hdr;
+	register struct ip *ip;
+	register u_char *cp;
+	u_int nint, nsys, next;
+
+	hdr = (struct igrphdr *)bp;
+	ip = (struct ip *)bp2;
+	cp = (u_char *)(hdr + 1);
+        (void)printf("%s > %s: igrp: ",
+	    ipaddr_string(&ip->ip_src),
+	    ipaddr_string(&ip->ip_dst));
+
+	/* Header */
+	TCHECK(*hdr);
+	nint = EXTRACT_16BITS(&hdr->ig_ni);
+	nsys = EXTRACT_16BITS(&hdr->ig_ns);
+	next = EXTRACT_16BITS(&hdr->ig_nx);
+
+	(void)printf(" %s V%d edit=%d AS=%d (%d/%d/%d)",
+	    tok2str(op2str, "op-#%d", hdr->ig_op),
+	    hdr->ig_v,
+	    hdr->ig_ed,
+	    EXTRACT_16BITS(&hdr->ig_as),
+	    nint,
+	    nsys,
+	    next);
+
+	length -= sizeof(*hdr);
+	while (length >= IGRP_RTE_SIZE) {
+		if (nint > 0) {
+			TCHECK2(*cp, IGRP_RTE_SIZE);
+			igrp_entry_print((struct igrprte *)cp, 1, 0);
+			--nint;
+		} else if (nsys > 0) {
+			TCHECK2(*cp, IGRP_RTE_SIZE);
+			igrp_entry_print((struct igrprte *)cp, 0, 0);
+			--nsys;
+		} else if (next > 0) {
+			TCHECK2(*cp, IGRP_RTE_SIZE);
+			igrp_entry_print((struct igrprte *)cp, 0, 1);
+			--next;
+		} else {
+			(void)printf("[extra bytes %d]", length);
+			break;
+		}
+		cp += IGRP_RTE_SIZE;
+		length -= IGRP_RTE_SIZE;
+	}
+	if (nint == 0 && nsys == 0 && next == 0)
+		return;
+trunc:
+	fputs("[|igrp]", stdout);
+}
diff --git a/contrib/tcpdump/print-ip.c b/contrib/tcpdump/print-ip.c
new file mode 100644
index 000000000000..935bb7c39a92
--- /dev/null
+++ b/contrib/tcpdump/print-ip.c
@@ -0,0 +1,508 @@
+/*
+ * Copyright (c) 1988, 1989, 1990, 1991, 1992, 1993, 1994, 1995, 1996
+ *	The Regents of the University of California.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that: (1) source code distributions
+ * retain the above copyright notice and this paragraph in its entirety, (2)
+ * distributions including binary code include the above copyright notice and
+ * this paragraph in its entirety in the documentation or other materials
+ * provided with the distribution, and (3) all advertising materials mentioning
+ * features or use of this software display the following acknowledgement:
+ * ``This product includes software developed by the University of California,
+ * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
+ * the University nor the names of its contributors may be used to endorse
+ * or promote products derived from this software without specific prior
+ * written permission.
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
+ */
+
+#ifndef lint
+static char rcsid[] =
+    "@(#) $Header: print-ip.c,v 1.56 96/07/23 14:17:24 leres Exp $ (LBL)";
+#endif
+
+#include <sys/param.h>
+#include <sys/time.h>
+#include <sys/socket.h>
+
+#include <netinet/in.h>
+#include <netinet/in_systm.h>
+#include <netinet/ip.h>
+#include <netinet/ip_var.h>
+#include <netinet/udp.h>
+#include <netinet/udp_var.h>
+#include <netinet/tcp.h>
+#include <netinet/tcpip.h>
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <unistd.h>
+
+#include "addrtoname.h"
+#include "interface.h"
+#include "extract.h"			/* must come after interface.h */
+
+/* Compatibility */
+#ifndef	IPPROTO_ND
+#define	IPPROTO_ND	77
+#endif
+
+#ifndef IN_CLASSD
+#define IN_CLASSD(i) (((int32_t)(i) & 0xf0000000) == 0xe0000000)
+#endif
+
+/* (following from ipmulti/mrouted/prune.h) */
+
+/*
+ * The packet format for a traceroute request.
+ */
+struct tr_query {
+	u_int  tr_src;			/* traceroute source */
+	u_int  tr_dst;			/* traceroute destination */
+	u_int  tr_raddr;		/* traceroute response address */
+#if defined(BYTE_ORDER) && (BYTE_ORDER == LITTLE_ENDIAN)
+	struct {
+		u_int	qid : 24;	/* traceroute query id */
+		u_int	ttl : 8;	/* traceroute response ttl */
+	} q;
+#else
+	struct {
+		u_int   ttl : 8;	/* traceroute response ttl */
+		u_int   qid : 24;	/* traceroute query id */
+	} q;
+#endif /* BYTE_ORDER */
+};
+
+#define tr_rttl q.ttl
+#define tr_qid  q.qid
+
+/*
+ * Traceroute response format.  A traceroute response has a tr_query at the
+ * beginning, followed by one tr_resp for each hop taken.
+ */
+struct tr_resp {
+	u_int tr_qarr;			/* query arrival time */
+	u_int tr_inaddr;		/* incoming interface address */
+	u_int tr_outaddr;		/* outgoing interface address */
+	u_int tr_rmtaddr;		/* parent address in source tree */
+	u_int tr_vifin;			/* input packet count on interface */
+	u_int tr_vifout;		/* output packet count on interface */
+	u_int tr_pktcnt;		/* total incoming packets for src-grp */
+	u_char  tr_rproto;		/* routing proto deployed on router */
+	u_char  tr_fttl;		/* ttl required to forward on outvif */
+	u_char  tr_smask;		/* subnet mask for src addr */
+	u_char  tr_rflags;		/* forwarding error codes */
+};
+
+/* defs within mtrace */
+#define TR_QUERY 1
+#define TR_RESP	2
+
+/* fields for tr_rflags (forwarding error codes) */
+#define TR_NO_ERR	0
+#define TR_WRONG_IF	1
+#define TR_PRUNED	2
+#define TR_OPRUNED	3
+#define TR_SCOPED	4
+#define TR_NO_RTE	5
+#define TR_NO_FWD	7
+#define TR_NO_SPACE	0x81
+#define TR_OLD_ROUTER	0x82
+
+/* fields for tr_rproto (routing protocol) */
+#define TR_PROTO_DVMRP	1
+#define TR_PROTO_MOSPF	2
+#define TR_PROTO_PIM	3
+#define TR_PROTO_CBT	4
+
+static void print_mtrace(register const u_char *bp, register u_int len)
+{
+	register struct tr_query* tr = (struct tr_query*)(bp + 8);
+
+	printf("mtrace %d: %s to %s reply-to %s", tr->tr_qid,
+		ipaddr_string(&tr->tr_src), ipaddr_string(&tr->tr_dst),
+		ipaddr_string(&tr->tr_raddr));
+	if (IN_CLASSD(ntohl(tr->tr_raddr)))
+		printf(" with-ttl %d", tr->tr_rttl);
+}
+
+static void print_mresp(register const u_char *bp, register u_int len)
+{
+	register struct tr_query* tr = (struct tr_query*)(bp + 8);
+
+	printf("mresp %d: %s to %s reply-to %s", tr->tr_qid,
+		ipaddr_string(&tr->tr_src), ipaddr_string(&tr->tr_dst),
+		ipaddr_string(&tr->tr_raddr));
+	if (IN_CLASSD(ntohl(tr->tr_raddr)))
+		printf(" with-ttl %d", tr->tr_rttl);
+}
+
+static void
+igmp_print(register const u_char *bp, register u_int len,
+	   register const u_char *bp2)
+{
+	register const struct ip *ip;
+
+	ip = (const struct ip *)bp2;
+        (void)printf("%s > %s: ",
+		ipaddr_string(&ip->ip_src),
+		ipaddr_string(&ip->ip_dst));
+
+	TCHECK2(bp[0], 8);
+	switch (bp[0]) {
+	case 0x11:
+		(void)printf("igmp query");
+		if (*(int *)&bp[4])
+			(void)printf(" [gaddr %s]", ipaddr_string(&bp[4]));
+		if (len != 8)
+			(void)printf(" [len %d]", len);
+		break;
+	case 0x12:
+		(void)printf("igmp report %s", ipaddr_string(&bp[4]));
+		if (len != 8)
+			(void)printf(" [len %d]", len);
+		break;
+	case 0x16:
+		(void)printf("igmp nreport %s", ipaddr_string(&bp[4]));
+		break;
+	case 0x17:
+		(void)printf("igmp leave %s", ipaddr_string(&bp[4]));
+		break;
+	case 0x13:
+		(void)printf("igmp dvmrp");
+		if (len < 8)
+			(void)printf(" [len %d]", len);
+		else
+			dvmrp_print(bp, len);
+		break;
+	case 0x14:
+		(void)printf("igmp pim");
+		pim_print(bp, len);
+  		break;
+	case 0x1e:
+		print_mresp(bp, len);
+		break;
+	case 0x1f:
+		print_mtrace(bp, len);
+		break;
+	default:
+		(void)printf("igmp-%d", bp[0] & 0xf);
+		break;
+	}
+	if ((bp[0] >> 4) != 1)
+		(void)printf(" [v%d]", bp[0] >> 4);
+
+	TCHECK2(bp[0], len);
+	if (vflag) {
+		/* Check the IGMP checksum */
+		u_int32_t sum = 0;
+		int count;
+		const u_short *sp = (u_short*)bp;
+		
+		for (count = len / 2; --count >= 0; )
+			sum += *sp++;
+		if (len & 1)
+			sum += ntohs(*(unsigned char*) sp << 8);
+		while (sum >> 16)
+			sum = (sum & 0xffff) + (sum >> 16);
+		sum = 0xffff & ~sum;
+		if (sum != 0)
+			printf(" bad igmp cksum %x!", EXTRACT_16BITS(&bp[2]));
+	}
+	return;
+trunc:
+	fputs("[|igmp]", stdout);
+}
+
+/*
+ * print the recorded route in an IP RR, LSRR or SSRR option.
+ */
+static void
+ip_printroute(const char *type, register const u_char *cp, u_int length)
+{
+	register u_int ptr = cp[2] - 1;
+	register u_int len;
+
+	printf(" %s{", type);
+	if ((length + 1) & 3)
+		printf(" [bad length %d]", length);
+	if (ptr < 3 || ((ptr + 1) & 3) || ptr > length + 1)
+		printf(" [bad ptr %d]", cp[2]);
+
+	type = "";
+	for (len = 3; len < length; len += 4) {
+		if (ptr == len)
+			type = "#";
+		printf("%s%s", type, ipaddr_string(&cp[len]));
+		type = " ";
+	}
+	printf("%s}", ptr == len? "#" : "");
+}
+
+/*
+ * print IP options.
+ */
+static void
+ip_optprint(register const u_char *cp, u_int length)
+{
+	register u_int len;
+
+	for (; length > 0; cp += len, length -= len) {
+		int tt = *cp;
+
+		len = (tt == IPOPT_NOP || tt == IPOPT_EOL) ? 1 : cp[1];
+		if (len <= 0) {
+			printf("[|ip op len %d]", len);
+			return;
+		}
+		if (&cp[1] >= snapend || cp + len > snapend) {
+			printf("[|ip]");
+			return;
+		}
+		switch (tt) {
+
+		case IPOPT_EOL:
+			printf(" EOL");
+			if (length > 1)
+				printf("-%d", length - 1);
+			return;
+
+		case IPOPT_NOP:
+			printf(" NOP");
+			break;
+
+		case IPOPT_TS:
+			printf(" TS{%d}", len);
+			break;
+
+		case IPOPT_SECURITY:
+			printf(" SECURITY{%d}", len);
+			break;
+
+		case IPOPT_RR:
+			printf(" RR{%d}=", len);
+			ip_printroute("RR", cp, len);
+			break;
+
+		case IPOPT_SSRR:
+			ip_printroute("SSRR", cp, len);
+			break;
+
+		case IPOPT_LSRR:
+			ip_printroute("LSRR", cp, len);
+			break;
+
+		default:
+			printf(" IPOPT-%d{%d}", cp[0], len);
+			break;
+		}
+	}
+}
+
+/*
+ * compute an IP header checksum.
+ * don't modifiy the packet.
+ */
+static int
+in_cksum(const struct ip *ip)
+{
+	register const u_short *sp = (u_short *)ip;
+	register u_int32_t sum = 0;
+	register int count;
+
+	/*
+	 * No need for endian conversions.
+	 */
+	for (count = ip->ip_hl * 2; --count >= 0; )
+		sum += *sp++;
+	while (sum > 0xffff)
+		sum = (sum & 0xffff) + (sum >> 16);
+	sum = ~sum & 0xffff;
+
+	return (sum);
+}
+
+/*
+ * print an IP datagram.
+ */
+void
+ip_print(register const u_char *bp, register u_int length)
+{
+	register const struct ip *ip;
+	register u_int hlen, len, off;
+	register const u_char *cp;
+
+	ip = (const struct ip *)bp;
+#ifdef LBL_ALIGN
+	/*
+	 * If the IP header is not aligned, copy into abuf.
+	 * This will never happen with BPF.  It does happen raw packet
+	 * dumps from -r.
+	 */
+	if ((long)ip & 3) {
+		static u_char *abuf = NULL;
+		static int didwarn = 0;
+
+		if (abuf == NULL) {
+			abuf = (u_char *)malloc(snaplen);
+			if (abuf == NULL)
+				error("ip_print: malloc");
+		}
+		memcpy((char *)abuf, (char *)ip, min(length, snaplen));
+		snapend += abuf - (u_char *)ip;
+		packetp = abuf;
+		ip = (struct ip *)abuf;
+		/* We really want libpcap to give us aligned packets */
+		if (!didwarn) {
+			warning("compensating for unaligned libpcap packets");
+			++didwarn;
+		}
+	}
+#endif
+	if ((u_char *)(ip + 1) > snapend) {
+		printf("[|ip]");
+		return;
+	}
+	if (length < sizeof (struct ip)) {
+		(void)printf("truncated-ip %d", length);
+		return;
+	}
+	hlen = ip->ip_hl * 4;
+
+	len = ntohs(ip->ip_len);
+	if (length < len)
+		(void)printf("truncated-ip - %d bytes missing!",
+			len - length);
+	len -= hlen;
+
+	/*
+	 * If this is fragment zero, hand it to the next higher
+	 * level protocol.
+	 */
+	off = ntohs(ip->ip_off);
+	if ((off & 0x1fff) == 0) {
+		cp = (const u_char *)ip + hlen;
+		switch (ip->ip_p) {
+
+		case IPPROTO_TCP:
+			tcp_print(cp, len, (const u_char *)ip);
+			break;
+
+		case IPPROTO_UDP:
+			udp_print(cp, len, (const u_char *)ip);
+			break;
+
+		case IPPROTO_ICMP:
+			icmp_print(cp, (const u_char *)ip);
+			break;
+
+#ifndef IPPROTO_IGRP
+#define IPPROTO_IGRP 9
+#endif
+		case IPPROTO_IGRP:
+			igrp_print(cp, len, (const u_char *)ip);
+			break;
+
+		case IPPROTO_ND:
+			(void)printf("%s > %s:", ipaddr_string(&ip->ip_src),
+				ipaddr_string(&ip->ip_dst));
+			(void)printf(" nd %d", len);
+			break;
+
+		case IPPROTO_EGP:
+			egp_print(cp, len, (const u_char *)ip);
+			break;
+
+#ifndef IPPROTO_OSPF
+#define IPPROTO_OSPF 89
+#endif
+		case IPPROTO_OSPF:
+			ospf_print(cp, len, (const u_char *)ip);
+			break;
+
+#ifndef IPPROTO_IGMP
+#define IPPROTO_IGMP 2
+#endif
+		case IPPROTO_IGMP:
+			igmp_print(cp, len, (const u_char *)ip);
+			break;
+
+#ifndef IPPROTO_ENCAP
+#define IPPROTO_ENCAP 4
+#endif
+		case IPPROTO_ENCAP:
+			/* ip-in-ip encapsulation */
+			if (vflag)
+				(void)printf("%s > %s: ",
+					     ipaddr_string(&ip->ip_src),
+					     ipaddr_string(&ip->ip_dst));
+			ip_print(cp, len);
+			if (! vflag) {
+				printf(" (encap)");
+				return;
+			}
+			break;
+
+		default:
+			(void)printf("%s > %s:", ipaddr_string(&ip->ip_src),
+				ipaddr_string(&ip->ip_dst));
+			(void)printf(" ip-proto-%d %d", ip->ip_p, len);
+			break;
+		}
+	}
+	/*
+	 * for fragmented datagrams, print id:size@offset.  On all
+	 * but the last stick a "+".  For unfragmented datagrams, note
+	 * the don't fragment flag.
+	 */
+	if (off & 0x3fff) {
+		/*
+		 * if this isn't the first frag, we're missing the
+		 * next level protocol header.  print the ip addr.
+		 */
+		if (off & 0x1fff)
+			(void)printf("%s > %s:", ipaddr_string(&ip->ip_src),
+				      ipaddr_string(&ip->ip_dst));
+		(void)printf(" (frag %d:%d@%d%s)", ntohs(ip->ip_id), len,
+			(off & 0x1fff) * 8,
+			(off & IP_MF)? "+" : "");
+	} else if (off & IP_DF)
+		(void)printf(" (DF)");
+
+	if (ip->ip_tos)
+		(void)printf(" [tos 0x%x]", (int)ip->ip_tos);
+	if (ip->ip_ttl <= 1)
+		(void)printf(" [ttl %d]", (int)ip->ip_ttl);
+
+	if (vflag) {
+		int sum;
+		char *sep = "";
+
+		printf(" (");
+		if (ip->ip_ttl > 1) {
+			(void)printf("%sttl %d", sep, (int)ip->ip_ttl);
+			sep = ", ";
+		}
+		if ((off & 0x3fff) == 0) {
+			(void)printf("%sid %d", sep, (int)ntohs(ip->ip_id));
+			sep = ", ";
+		}
+		if ((u_char *)ip + hlen <= snapend) {
+			sum = in_cksum(ip);
+			if (sum != 0) {
+				(void)printf("%sbad cksum %x!", sep,
+					     ntohs(ip->ip_sum));
+				sep = ", ";
+			}
+		}
+		if ((hlen -= sizeof(struct ip)) > 0) {
+			(void)printf("%soptlen=%d", sep, hlen);
+			ip_optprint((u_char *)(ip + 1), hlen);
+		}
+		printf(")");
+	}
+}
diff --git a/contrib/tcpdump/print-ipx.c b/contrib/tcpdump/print-ipx.c
new file mode 100644
index 000000000000..77666ca19ac3
--- /dev/null
+++ b/contrib/tcpdump/print-ipx.c
@@ -0,0 +1,216 @@
+/*
+ * Copyright (c) 1994, 1995, 1996
+ *	The Regents of the University of California.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that: (1) source code distributions
+ * retain the above copyright notice and this paragraph in its entirety, (2)
+ * distributions including binary code include the above copyright notice and
+ * this paragraph in its entirety in the documentation or other materials
+ * provided with the distribution, and (3) all advertising materials mentioning
+ * features or use of this software display the following acknowledgement:
+ * ``This product includes software developed by the University of California,
+ * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
+ * the University nor the names of its contributors may be used to endorse
+ * or promote products derived from this software without specific prior
+ * written permission.
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
+ */
+
+/*
+ * Format and print Novell IPX packets.
+ * Contributed by Brad Parker (brad@fcr.com).
+ */
+#ifndef lint
+static  char rcsid[] =
+    "@(#)$Header: print-ipx.c,v 1.16 96/07/23 14:17:24 leres Exp $";
+#endif
+
+#include <sys/param.h>
+#include <sys/time.h>
+#include <sys/socket.h>
+
+#include <netinet/in.h>
+#include <netinet/in_systm.h>
+#include <netinet/ip.h>
+#include <netinet/ip_var.h>
+#include <netinet/udp.h>
+#include <netinet/udp_var.h>
+#include <netinet/tcp.h>
+#include <netinet/tcpip.h>
+
+#ifdef __STDC__
+#include <stdlib.h>
+#endif
+#include <stdio.h>
+#include <string.h>
+
+#include "interface.h"
+#include "addrtoname.h"
+#include "ipx.h"
+#include "extract.h"
+
+
+static const char *ipxaddr_string(u_int32_t, const u_char *);
+void ipx_decode(const struct ipxHdr *, const u_char *, u_int);
+void ipx_sap_print(const u_short *, u_int);
+void ipx_rip_print(const u_short *, u_int);
+
+/*
+ * Print IPX datagram packets.
+ */
+void
+ipx_print(const u_char *p, u_int length)
+{
+	const struct ipxHdr *ipx = (const struct ipxHdr *)p;
+
+	TCHECK(ipx->srcSkt);
+	(void)printf("%s.%x > ",
+		     ipxaddr_string(EXTRACT_32BITS(ipx->srcNet), ipx->srcNode),
+		     EXTRACT_16BITS(&ipx->srcSkt));
+
+	(void)printf("%s.%x:",
+		     ipxaddr_string(EXTRACT_32BITS(ipx->dstNet), ipx->dstNode),
+		     EXTRACT_16BITS(&ipx->dstSkt));
+
+	/* take length from ipx header */
+	TCHECK(ipx->length);
+	length = EXTRACT_16BITS(&ipx->length);
+
+	ipx_decode(ipx, (u_char *)ipx + ipxSize, length - ipxSize);
+	return;
+trunc:
+	printf("[|ipx %d]", length);
+}
+
+static const char *
+ipxaddr_string(u_int32_t net, const u_char *node)
+{
+    static char line[256];
+
+    sprintf(line, "%x.%02x:%02x:%02x:%02x:%02x:%02x",
+	    net, node[0], node[1], node[2], node[3], node[4], node[5]);
+
+    return line;
+}
+
+void
+ipx_decode(const struct ipxHdr *ipx, const u_char *datap, u_int length)
+{
+    register u_short dstSkt;
+
+    dstSkt = EXTRACT_16BITS(&ipx->dstSkt);
+    switch (dstSkt) {
+      case IPX_SKT_NCP:
+	(void)printf(" ipx-ncp %d", length);
+	break;
+      case IPX_SKT_SAP:
+	ipx_sap_print((u_short *)datap, length);
+	break;
+      case IPX_SKT_RIP:
+	ipx_rip_print((u_short *)datap, length);
+	break;
+      case IPX_SKT_NETBIOS:
+	(void)printf(" ipx-netbios %d", length);
+	break;
+      case IPX_SKT_DIAGNOSTICS:
+	(void)printf(" ipx-diags %d", length);
+	break;
+      default:
+	(void)printf(" ipx-#%x %d", dstSkt, length);
+	break;
+    }
+}
+
+void
+ipx_sap_print(const u_short *ipx, u_int length)
+{
+    int command, i;
+
+    TCHECK(ipx[0]);
+    command = EXTRACT_16BITS(ipx);
+    ipx++;
+    length -= 2;
+
+    switch (command) {
+      case 1:
+      case 3:
+	if (command == 1)
+	    (void)printf("ipx-sap-req");
+	else
+	    (void)printf("ipx-sap-nearest-req");
+
+	if (length > 0) {
+	    TCHECK(ipx[1]);
+	    (void)printf(" %x '", EXTRACT_16BITS(&ipx[0]));
+	    fn_print((char *)&ipx[1], (char *)&ipx[1] + 48);
+	    putchar('\'');
+	}
+	break;
+
+      case 2:
+      case 4:
+	if (command == 2)
+	    (void)printf("ipx-sap-resp");
+	else
+	    (void)printf("ipx-sap-nearest-resp");
+
+	for (i = 0; i < 8 && length > 0; i++) {
+	    TCHECK2(ipx[27], 1);
+	    (void)printf(" %x '", EXTRACT_16BITS(&ipx[0]));
+	    fn_print((char *)&ipx[1], (char *)&ipx[1] + 48);
+	    printf("' addr %s",
+		ipxaddr_string(EXTRACT_32BITS(&ipx[25]), (u_char *)&ipx[27]));
+	    ipx += 32;
+	    length -= 64;
+	}
+	break;
+      default:
+	    (void)printf("ipx-sap-?%x", command);
+	break;
+    }
+	return;
+trunc:
+	printf("[|ipx %d]", length);
+}
+
+void
+ipx_rip_print(const u_short *ipx, u_int length)
+{
+    int command, i;
+
+    TCHECK(ipx[0]);
+    command = EXTRACT_16BITS(ipx);
+    ipx++;
+    length -= 2;
+
+    switch (command) {
+      case 1:
+	(void)printf("ipx-rip-req");
+	if (length > 0) {
+	    TCHECK(ipx[3]);
+	    (void)printf(" %u/%d.%d", EXTRACT_32BITS(&ipx[0]),
+			 EXTRACT_16BITS(&ipx[2]), EXTRACT_16BITS(&ipx[3]));
+	}
+	break;
+      case 2:
+	(void)printf("ipx-rip-resp");
+	for (i = 0; i < 50 && length > 0; i++) {
+	    TCHECK(ipx[3]);
+	    (void)printf(" %u/%d.%d", EXTRACT_32BITS(&ipx[0]),
+			 EXTRACT_16BITS(&ipx[2]), EXTRACT_16BITS(&ipx[3]));
+
+	    ipx += 4;
+	    length -= 8;
+	}
+	break;
+      default:
+	    (void)printf("ipx-rip-?%x", command);
+    }
+	return;
+trunc:
+	printf("[|ipx %d]", length);
+}
+
diff --git a/contrib/tcpdump/print-isoclns.c b/contrib/tcpdump/print-isoclns.c
new file mode 100644
index 000000000000..c7db005b780c
--- /dev/null
+++ b/contrib/tcpdump/print-isoclns.c
@@ -0,0 +1,319 @@
+/*
+ * Copyright (c) 1992, 1993, 1994, 1995, 1996
+ *	The Regents of the University of California.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that: (1) source code distributions
+ * retain the above copyright notice and this paragraph in its entirety, (2)
+ * distributions including binary code include the above copyright notice and
+ * this paragraph in its entirety in the documentation or other materials
+ * provided with the distribution, and (3) all advertising materials mentioning
+ * features or use of this software display the following acknowledgement:
+ * ``This product includes software developed by the University of California,
+ * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
+ * the University nor the names of its contributors may be used to endorse
+ * or promote products derived from this software without specific prior
+ * written permission.
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
+ */
+
+/*
+ * Original code by Matt Thomas, Digital Equipment Corporation
+ */
+
+#ifndef lint
+static char rcsid[] =
+    "@(#) $Header: print-isoclns.c,v 1.12 96/07/14 19:39:00 leres Exp $ (LBL)";
+#endif
+
+#include <sys/types.h>
+#include <sys/time.h>
+#include <sys/socket.h>
+
+#if __STDC__
+struct mbuf;
+struct rtentry;
+#endif
+#include <net/if.h>
+
+#include <netinet/in.h>
+#include <netinet/if_ether.h>
+
+#include <stdio.h>
+
+#include "interface.h"
+#include "addrtoname.h"
+#include "ethertype.h"
+
+#define	CLNS	129
+#define	ESIS	130
+#define	ISIS	131
+#define	NULLNS	0
+
+static int osi_cksum(const u_char *, u_int, const u_char *, u_char *, u_char *);
+static void esis_print(const u_char *, u_int);
+
+void
+isoclns_print(const u_char *p, u_int length, u_int caplen,
+	      const u_char *esrc, const u_char *edst)
+{
+	if (caplen < 1) {
+		printf("[|iso-clns] ");
+		if (!eflag)
+			printf("%s > %s",
+			       etheraddr_string(esrc),
+			       etheraddr_string(edst));
+		return;
+	}
+
+	switch (*p) {
+
+	case CLNS:
+		/* esis_print(&p, &length); */
+		printf("iso-clns");
+		if (!eflag)
+			(void)printf(" %s > %s",
+				     etheraddr_string(esrc),
+				     etheraddr_string(edst));
+		break;
+
+	case ESIS:
+		printf("iso-esis");
+		if (!eflag)
+			(void)printf(" %s > %s",
+				     etheraddr_string(esrc),
+				     etheraddr_string(edst));
+		esis_print(p, length);
+		return;
+
+	case ISIS:
+		printf("iso-isis");
+		if (!eflag)
+			(void)printf(" %s > %s",
+				     etheraddr_string(esrc),
+				     etheraddr_string(edst));
+		/* isis_print(&p, &length); */
+		(void)printf(" len=%d ", length);
+		if (caplen > 1)
+			default_print_unaligned(p, caplen);
+		break;
+
+	case NULLNS:
+		printf("iso-nullns");
+		if (!eflag)
+			(void)printf(" %s > %s",
+				     etheraddr_string(esrc),
+				     etheraddr_string(edst));
+		break;
+
+	default:
+		printf("iso-clns %02x", p[0]);
+		if (!eflag)
+			(void)printf(" %s > %s",
+				     etheraddr_string(esrc),
+				     etheraddr_string(edst));
+		(void)printf(" len=%d ", length);
+		if (caplen > 1)
+			default_print_unaligned(p, caplen);
+		break;
+	}
+}
+
+#define	ESIS_REDIRECT	6
+#define	ESIS_ESH	2
+#define	ESIS_ISH	4
+
+struct esis_hdr {
+	u_char version;
+	u_char reserved;
+	u_char type;
+	u_char tmo[2];
+	u_char cksum[2];
+};
+
+static void
+esis_print(const u_char *p, u_int length)
+{
+	const u_char *ep;
+	int li = p[1];
+	const struct esis_hdr *eh = (const struct esis_hdr *) &p[2];
+	u_char cksum[2];
+	u_char off[2];
+
+	if (length == 2) {
+		if (qflag)
+			printf(" bad pkt!");
+		else
+			printf(" no header at all!");
+		return;
+	}
+	ep = p + li;
+	if (li > length) {
+		if (qflag)
+			printf(" bad pkt!");
+		else
+			printf(" LI(%d) > PDU size (%d)!", li, length);
+		return;
+	}
+	if (li < sizeof(struct esis_hdr) + 2) {
+		if (qflag)
+			printf(" bad pkt!");
+		else {
+			printf(" too short for esis header %d:", li);
+			while (--length >= 0)
+				printf("%02X", *p++);
+		}
+		return;
+	}
+	switch (eh->type & 0x1f) {
+
+	case ESIS_REDIRECT:
+		printf(" redirect");
+		break;
+
+	case ESIS_ESH:
+		printf(" esh");
+		break;
+
+	case ESIS_ISH:
+		printf(" ish");
+		break;
+
+	default:
+		printf(" type %d", eh->type & 0x1f);
+		break;
+	}
+	off[0] = eh->cksum[0];
+	off[1] = eh->cksum[1];
+	if (vflag && osi_cksum(p, li, eh->cksum, cksum, off)) {
+		printf(" bad cksum (got %02x%02x want %02x%02x)",
+		       eh->cksum[1], eh->cksum[0], cksum[1], cksum[0]);
+		return;
+	}
+	if (eh->version != 1) {
+		printf(" unsupported version %d", eh->version);
+		return;
+	}
+	p += sizeof(*eh) + 2;
+	li -= sizeof(*eh) + 2;	/* protoid * li */
+
+	switch (eh->type & 0x1f) {
+	case ESIS_REDIRECT: {
+		const u_char *dst, *snpa, *is;
+
+		dst = p; p += *p + 1;
+		if (p > snapend)
+			return;
+		printf(" %s", isonsap_string(dst));
+		snpa = p; p += *p + 1;
+		is = p;   p += *p + 1;
+		if (p > snapend)
+			return;
+		if (p > ep) {
+			printf(" [bad li]");
+			return;
+		}
+		if (is[0] == 0)
+			printf(" > %s", etheraddr_string(&snpa[1]));
+		else
+			printf(" > %s", isonsap_string(is));
+		li = ep - p;
+		break;
+	}
+#if 0
+	case ESIS_ESH:
+		printf(" esh");
+		break;
+#endif
+	case ESIS_ISH: {
+		const u_char *is;
+
+		is = p; p += *p + 1;
+		if (p > ep) {
+			printf(" [bad li]");
+			return;
+		}
+		if (p > snapend)
+			return;
+		printf(" %s", isonsap_string(is));
+		li = ep - p;
+		break;
+	}
+
+	default:
+		(void)printf(" len=%d", length);
+		if (length && p < snapend) {
+			length = snapend - p;
+			default_print(p, length);
+		}
+		return;
+	}
+	if (vflag)
+		while (p < ep && li) {
+			int op, opli;
+			const u_char *q;
+
+			if (snapend - p < 2)
+				return;
+			if (li < 2) {
+				printf(" bad opts/li");
+				return;
+			}
+			op = *p++;
+			opli = *p++;
+			li -= 2;
+			if (opli > li) {
+				printf(" opt (%d) too long", op);
+				return;
+			}
+			li -= opli;
+			q = p;
+			p += opli;
+			if (snapend < p)
+				return;
+			if (op == 198 && opli == 2) {
+				printf(" tmo=%d", q[0] * 256 + q[1]);
+				continue;
+			}
+			printf (" %d:<", op);
+			while (--opli >= 0)
+				printf("%02x", *q++);
+			printf (">");
+		}
+}
+
+static int
+osi_cksum(register const u_char *p, register u_int len,
+	  const u_char *toff, u_char *cksum, u_char *off)
+{
+	int x, y, f = (len - ((toff - p) + 1));
+	int32_t c0 = 0, c1 = 0;
+
+	if ((cksum[0] = off[0]) == 0 && (cksum[1] = off[1]) == 0)
+		return 0;
+
+	off[0] = off[1] = 0;
+	while (--len >= 0) {
+		c0 += *p++;
+		c1 += c0;
+		c0 %= 255;
+		c1 %= 255;
+	}
+	x = (c0 * f - c1);
+	if (x < 0)
+		x = 255 - (-x % 255);
+	else
+		x %= 255;
+	y = -1 * (x + c0);
+	if (y < 0)
+		y = 255 - (-y % 255);
+	else
+		y %= 255;
+
+	off[0] = x;
+	off[1] = y;
+
+	return (off[0] != cksum[0] || off[1] != cksum[1]);
+}
diff --git a/contrib/tcpdump/print-krb.c b/contrib/tcpdump/print-krb.c
new file mode 100644
index 000000000000..1615b0c3553e
--- /dev/null
+++ b/contrib/tcpdump/print-krb.c
@@ -0,0 +1,294 @@
+/*
+ * Copyright (c) 1995, 1996
+ *	The Regents of the University of California.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that: (1) source code distributions
+ * retain the above copyright notice and this paragraph in its entirety, (2)
+ * distributions including binary code include the above copyright notice and
+ * this paragraph in its entirety in the documentation or other materials
+ * provided with the distribution, and (3) all advertising materials mentioning
+ * features or use of this software display the following acknowledgement:
+ * ``This product includes software developed by the University of California,
+ * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
+ * the University nor the names of its contributors may be used to endorse
+ * or promote products derived from this software without specific prior
+ * written permission.
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
+ *
+ * Initial contribution from John Hawkinson (jhawk@mit.edu).
+ */
+
+#ifndef lint
+static char rcsid[] =
+    "@(#) $Header: print-krb.c,v 1.6 96/07/23 14:17:24 leres Exp $";
+#endif
+
+#include <sys/param.h>
+#include <sys/time.h>
+#include <sys/socket.h>
+
+#include <netinet/in.h>
+#include <netinet/in_systm.h>
+#include <netinet/ip.h>
+#include <netinet/ip_var.h>
+#include <netinet/udp.h>
+#include <netinet/udp_var.h>
+
+#include <ctype.h>
+#include <errno.h>
+#include <stdio.h>
+
+#include "interface.h"
+#include "addrtoname.h"
+
+const u_char *c_print(register const u_char *, register const u_char *);
+const u_char *krb4_print_hdr(const u_char *);
+void krb4_print(const u_char *);
+void krb_print(const u_char *, u_int);
+
+
+#define AUTH_MSG_KDC_REQUEST			1<<1
+#define AUTH_MSG_KDC_REPLY			2<<1
+#define AUTH_MSG_APPL_REQUEST			3<<1
+#define AUTH_MSG_APPL_REQUEST_MUTUAL		4<<1
+#define AUTH_MSG_ERR_REPLY			5<<1
+#define AUTH_MSG_PRIVATE			6<<1
+#define AUTH_MSG_SAFE				7<<1
+#define AUTH_MSG_APPL_ERR			8<<1
+#define AUTH_MSG_DIE				63<<1
+
+#define KERB_ERR_OK				0
+#define KERB_ERR_NAME_EXP			1
+#define KERB_ERR_SERVICE_EXP			2
+#define KERB_ERR_AUTH_EXP			3
+#define KERB_ERR_PKT_VER			4
+#define KERB_ERR_NAME_MAST_KEY_VER		5
+#define KERB_ERR_SERV_MAST_KEY_VER		6
+#define KERB_ERR_BYTE_ORDER			7
+#define KERB_ERR_PRINCIPAL_UNKNOWN		8
+#define KERB_ERR_PRINCIPAL_NOT_UNIQUE		9
+#define KERB_ERR_NULL_KEY			10
+
+struct krb {
+    u_char pvno;		/* Protocol Version */
+    u_char type;		/* Type+B */
+};
+
+static char tstr[] = " [|kerberos]";
+
+static struct tok type2str[] = {
+    { AUTH_MSG_KDC_REQUEST,		"KDC_REQUEST" },
+    { AUTH_MSG_KDC_REPLY,		"KDC_REPLY" },
+    { AUTH_MSG_APPL_REQUEST,		"APPL_REQUEST" },
+    { AUTH_MSG_APPL_REQUEST_MUTUAL,	"APPL_REQUEST_MUTUAL" },
+    { AUTH_MSG_ERR_REPLY,		"ERR_REPLY" },
+    { AUTH_MSG_PRIVATE,			"PRIVATE" },
+    { AUTH_MSG_SAFE,			"SAFE" },
+    { AUTH_MSG_APPL_ERR,		"APPL_ERR" },
+    { AUTH_MSG_DIE,			"DIE" },
+    { 0,				NULL }
+};
+
+static struct tok kerr2str[] = {
+    { KERB_ERR_OK,			"OK" },
+    { KERB_ERR_NAME_EXP,		"NAME_EXP" },
+    { KERB_ERR_SERVICE_EXP,		"SERVICE_EXP" },
+    { KERB_ERR_AUTH_EXP,		"AUTH_EXP" },
+    { KERB_ERR_PKT_VER,			"PKT_VER" },
+    { KERB_ERR_NAME_MAST_KEY_VER,	"NAME_MAST_KEY_VER" },
+    { KERB_ERR_SERV_MAST_KEY_VER,	"SERV_MAST_KEY_VER" },
+    { KERB_ERR_BYTE_ORDER,		"BYTE_ORDER" },
+    { KERB_ERR_PRINCIPAL_UNKNOWN,	"PRINCIPAL_UNKNOWN" },
+    { KERB_ERR_PRINCIPAL_NOT_UNIQUE,	"PRINCIPAL_NOT_UNIQUE" },
+    { KERB_ERR_NULL_KEY,		"NULL_KEY"},
+    { 0,				NULL}
+};
+
+
+/* little endian (unaligned) to host byte order */
+/* XXX need to look at this... */
+#define vtohlp(x)	    ((( ((char*)(x))[0] )      )  | \
+			     (( ((char*)(x))[1] ) <<  8)  | \
+			     (( ((char*)(x))[2] ) << 16)  | \
+			     (( ((char*)(x))[3] ) << 24))
+#define vtohsp(x)          ((( ((char*)(x))[0] )      )  | \
+			     (( ((char*)(x))[1] ) <<  8))
+/* network (big endian) (unaligned) to host byte order */
+#define ntohlp(x)	    ((( ((char*)(x))[3] )      )  | \
+			     (( ((char*)(x))[2] ) <<  8)  | \
+			     (( ((char*)(x))[1] ) << 16)  | \
+			     (( ((char*)(x))[0] ) << 24))
+#define ntohsp(x)          ((( ((char*)(x))[1] )      )  | \
+			     (( ((char*)(x))[0] ) <<  8))
+
+
+
+const u_char *
+c_print(register const u_char *s, register const u_char *ep)
+{
+	register u_char c;
+	register int flag;
+
+	flag = 1;
+	while (ep == NULL || s < ep) {
+		c = *s++;
+		if (c == '\0') {
+			flag = 0;
+			break;
+		}
+		if (!isascii(c)) {
+			c = toascii(c);
+			putchar('M');
+			putchar('-');
+		}
+		if (!isprint(c)) {
+			c ^= 0x40;	/* DEL to ?, others to alpha */
+			putchar('^');
+		}
+		putchar(c);
+	}
+	if (flag)
+		return NULL;
+	return(s);
+}
+
+const u_char *
+krb4_print_hdr(const u_char *cp)
+{
+	cp+=2;
+
+#define PRINT		if ((cp=c_print(cp, snapend))==NULL) goto trunc
+
+	TCHECK2(cp, 0);
+	PRINT;
+	TCHECK2(cp, 0);
+	putchar('.'); PRINT;
+	TCHECK2(cp, 0);
+	putchar('@'); PRINT;
+	return(cp);
+
+trunc:
+	fputs(tstr, stdout);
+	return(NULL);
+
+#undef PRINT
+}
+
+void
+krb4_print(const u_char *cp)
+{
+	register const struct krb *kp;
+	u_char type;
+	u_short len;
+
+#define PRINT		if ((cp=c_print(cp, snapend))==NULL) goto trunc
+/*  True if struct krb is little endian */
+#define IS_LENDIAN(kp)	(((kp)->type & 0x01) != 0)
+#define KTOHSP(kp, cp)	(IS_LENDIAN(kp) ? vtohsp(cp) : ntohsp(cp))
+
+	kp = (struct krb *)cp;
+
+	if ((&kp->type) >= snapend) {
+		fputs(tstr, stdout);
+		return;
+	}
+
+	type = kp->type & (0xFF << 1);
+
+	printf(" %s %s: ",
+	    IS_LENDIAN(kp) ? "le" : "be", tok2str(type2str, NULL, type));
+
+	switch (type) {
+
+	case AUTH_MSG_KDC_REQUEST:
+		if ((cp = krb4_print_hdr(cp)) == NULL)
+			return;
+		 cp += 4; 	  /* ctime */
+		 TCHECK2(cp, 0);
+		 printf(" %dmin ", *cp++ * 5);
+		 TCHECK2(cp, 0);
+		 PRINT;
+		 TCHECK2(cp, 0);
+		 putchar('.');  PRINT;
+		 break;
+
+	case AUTH_MSG_APPL_REQUEST:
+		cp += 2;
+		TCHECK2(cp, 0);
+		printf("v%d ", *cp++);
+		TCHECK2(cp, 0);
+		PRINT;
+		TCHECK2(cp, 0);
+		printf(" (%d)", *cp++);
+		TCHECK2(cp, 0);
+		printf(" (%d)", *cp);
+		TCHECK2(cp, 0);
+		break;
+
+	case AUTH_MSG_KDC_REPLY:
+		if ((cp = krb4_print_hdr(cp)) == NULL)
+			return;
+		cp += 10;	/* timestamp + n + exp + kvno */
+		TCHECK2(cp, 0);
+		len = KTOHSP(kp, cp);
+		printf(" (%d)", len);
+		TCHECK2(cp, 0);
+		break;
+
+	case AUTH_MSG_ERR_REPLY:
+		if ((cp = krb4_print_hdr(cp)) == NULL)
+			return;
+		cp += 4; 	  /* timestamp */
+		TCHECK2(cp, 0);
+		printf(" %s ", tok2str(kerr2str, NULL, KTOHSP(kp, cp)));
+		cp += 4;
+		TCHECK2(cp, 0);
+		PRINT;
+		break;
+
+	default:
+		fputs("(unknown)", stdout);
+		break;
+	}
+
+	return;
+trunc:
+	fputs(tstr, stdout);
+}
+
+void
+krb_print(const u_char *dat, u_int length)
+{
+	register const struct krb *kp;
+
+	kp = (struct krb *)dat;
+
+	if (dat >= snapend) {
+		fputs(tstr, stdout);
+		return;
+	}
+
+	switch (kp->pvno) {
+
+	case 1:
+	case 2:
+	case 3:
+		printf(" v%d", kp->pvno);
+		break;
+
+	case 4:
+		printf(" v%d", kp->pvno);
+		krb4_print((const u_char*)kp);
+		break;
+
+	case 106:
+	case 107:
+		fputs(" v5", stdout);
+		/* Decode ASN.1 here "someday" */
+		break;
+	}
+	return;
+}
diff --git a/contrib/tcpdump/print-llc.c b/contrib/tcpdump/print-llc.c
new file mode 100644
index 000000000000..e8e3f52bfafb
--- /dev/null
+++ b/contrib/tcpdump/print-llc.c
@@ -0,0 +1,195 @@
+/*
+ * Copyright (c) 1992, 1993, 1994, 1995, 1996
+ *	The Regents of the University of California.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that: (1) source code distributions
+ * retain the above copyright notice and this paragraph in its entirety, (2)
+ * distributions including binary code include the above copyright notice and
+ * this paragraph in its entirety in the documentation or other materials
+ * provided with the distribution, and (3) all advertising materials mentioning
+ * features or use of this software display the following acknowledgement:
+ * ``This product includes software developed by the University of California,
+ * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
+ * the University nor the names of its contributors may be used to endorse
+ * or promote products derived from this software without specific prior
+ * written permission.
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
+ */
+
+/*
+ * Code by Matt Thomas, Digital Equipment Corporation
+ *	with an awful lot of hacking by Jeffrey Mogul, DECWRL
+ */
+
+#ifndef lint
+static  char rcsid[] =
+	"@(#)$Header: print-llc.c,v 1.20 96/07/23 14:17:25 leres Exp $";
+#endif
+
+#include <sys/param.h>
+#include <sys/time.h>
+
+#include <netinet/in.h>
+
+#include <ctype.h>
+#include <netdb.h>
+#include <signal.h>
+#include <stdio.h>
+#include <string.h>
+
+#include "interface.h"
+#include "addrtoname.h"
+#include "extract.h"			/* must come after interface.h */
+
+#include "llc.h"
+
+static struct tok cmd2str[] = {
+	{ LLC_UI,	"ui" },
+	{ LLC_TEST,	"test" },
+	{ LLC_XID,	"xid" },
+	{ LLC_UA,	"ua" },
+	{ LLC_DISC,	"disc" },
+	{ LLC_DM,	"dm" },
+	{ LLC_SABME,	"sabme" },
+	{ LLC_FRMR,	"frmr" },
+	{ 0,		NULL }
+};
+
+/*
+ * Returns non-zero IFF it succeeds in printing the header
+ */
+int
+llc_print(const u_char *p, u_int length, u_int caplen,
+	  const u_char *esrc, const u_char *edst)
+{
+	struct llc llc;
+	register u_short et;
+	register int ret;
+
+	if (caplen < 3) {
+		(void)printf("[|llc]");
+		default_print((u_char *)p, caplen);
+		return(0);
+	}
+
+	/* Watch out for possible alignment problems */
+	memcpy((char *)&llc, (char *)p, min(caplen, sizeof(llc)));
+
+	if (llc.ssap == LLCSAP_GLOBAL && llc.dsap == LLCSAP_GLOBAL) {
+		ipx_print(p, length);
+		return (1);
+	}
+#ifdef notyet
+	else if (p[0] == 0xf0 && p[1] == 0xf0)
+		netbios_print(p, length);
+#endif
+	if (llc.ssap == LLCSAP_ISONS && llc.dsap == LLCSAP_ISONS
+	    && llc.llcui == LLC_UI) {
+		isoclns_print(p + 3, length - 3, caplen - 3, esrc, edst);
+		return (1);
+	}
+
+	if (llc.ssap == LLCSAP_SNAP && llc.dsap == LLCSAP_SNAP
+	    && llc.llcui == LLC_UI) {
+		if (caplen < sizeof(llc)) {
+		    (void)printf("[|llc-snap]");
+		    default_print((u_char *)p, caplen);
+		    return (0);
+		}
+		if (vflag)
+			(void)printf("snap %s ", protoid_string(llc.llcpi));
+
+		caplen -= sizeof(llc);
+		length -= sizeof(llc);
+		p += sizeof(llc);
+
+		/* This is an encapsulated Ethernet packet */
+		et = EXTRACT_16BITS(&llc.ethertype[0]);
+		ret = ether_encap_print(et, p, length, caplen);
+		if (ret)
+			return (ret);
+	}
+
+	if ((llc.ssap & ~LLC_GSAP) == llc.dsap) {
+		if (eflag)
+			(void)printf("%s ", llcsap_string(llc.dsap));
+		else
+			(void)printf("%s > %s %s ",
+					etheraddr_string(esrc),
+					etheraddr_string(edst),
+					llcsap_string(llc.dsap));
+	} else {
+		if (eflag)
+			(void)printf("%s > %s ",
+				llcsap_string(llc.ssap & ~LLC_GSAP),
+				llcsap_string(llc.dsap));
+		else
+			(void)printf("%s %s > %s %s ",
+				etheraddr_string(esrc),
+				llcsap_string(llc.ssap & ~LLC_GSAP),
+				etheraddr_string(edst),
+				llcsap_string(llc.dsap));
+	}
+
+	if ((llc.llcu & LLC_U_FMT) == LLC_U_FMT) {
+		const char *m;
+		char f;
+		m = tok2str(cmd2str, "%02x", LLC_U_CMD(llc.llcu));
+		switch ((llc.ssap & LLC_GSAP) | (llc.llcu & LLC_U_POLL)) {
+		    case 0:			f = 'C'; break;
+		    case LLC_GSAP:		f = 'R'; break;
+		    case LLC_U_POLL:		f = 'P'; break;
+		    case LLC_GSAP|LLC_U_POLL:	f = 'F'; break;
+		    default:			f = '?'; break;
+		}
+
+		printf("%s/%c", m, f);
+
+		p += 3;
+		length -= 3;
+		caplen -= 3;
+
+		if ((llc.llcu & ~LLC_U_POLL) == LLC_XID) {
+		    if (*p == LLC_XID_FI) {
+			printf(": %02x %02x", p[1], p[2]);
+			p += 3;
+			length -= 3;
+			caplen -= 3;
+		    }
+		}
+	} else {
+		char f;
+		llc.llcis = ntohs(llc.llcis);
+		switch ((llc.ssap & LLC_GSAP) | (llc.llcu & LLC_U_POLL)) {
+		    case 0:			f = 'C'; break;
+		    case LLC_GSAP:		f = 'R'; break;
+		    case LLC_U_POLL:		f = 'P'; break;
+		    case LLC_GSAP|LLC_U_POLL:	f = 'F'; break;
+		    default:			f = '?'; break;
+		}
+
+		if ((llc.llcu & LLC_S_FMT) == LLC_S_FMT) {
+			static char *llc_s[] = { "rr", "rej", "rnr", "03" };
+			(void)printf("%s (r=%d,%c)",
+				llc_s[LLC_S_CMD(llc.llcis)],
+				LLC_IS_NR(llc.llcis),
+				f);
+		} else {
+			(void)printf("I (s=%d,r=%d,%c)",
+				LLC_I_NS(llc.llcis),
+				LLC_IS_NR(llc.llcis),
+				f);
+		}
+		p += 4;
+		length -= 4;
+		caplen -= 4;
+	}
+	(void)printf(" len=%d", length);
+	if (caplen > 0) {
+		default_print_unaligned(p, caplen);
+	}
+	return(1);
+}
diff --git a/contrib/tcpdump/print-netbios.c b/contrib/tcpdump/print-netbios.c
new file mode 100644
index 000000000000..73d86f469773
--- /dev/null
+++ b/contrib/tcpdump/print-netbios.c
@@ -0,0 +1,101 @@
+/*
+ * Copyright (c) 1994, 1995, 1996
+ *	The Regents of the University of California.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that: (1) source code distributions
+ * retain the above copyright notice and this paragraph in its entirety, (2)
+ * distributions including binary code include the above copyright notice and
+ * this paragraph in its entirety in the documentation or other materials
+ * provided with the distribution, and (3) all advertising materials mentioning
+ * features or use of this software display the following acknowledgement:
+ * ``This product includes software developed by the University of California,
+ * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
+ * the University nor the names of its contributors may be used to endorse
+ * or promote products derived from this software without specific prior
+ * written permission.
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
+ */
+
+/*
+ * Format and print NETBIOS packets.
+ * Contributed by Brad Parker (brad@fcr.com).
+ */
+#ifndef lint
+static  char rcsid[] =
+    "@(#)$Header: print-netbios.c,v 1.8 96/07/23 14:17:25 leres Exp $";
+#endif
+
+#ifdef __STDC__
+#include <stdlib.h>
+#endif
+#include <stdio.h>
+
+#include <sys/param.h>
+#include <sys/socket.h>
+
+#include <netinet/in.h>
+#include <netinet/in_systm.h>
+#include <netinet/ip.h>
+#include <netinet/ip_var.h>
+#include <netinet/udp.h>
+#include <netinet/udp_var.h>
+#include <netinet/tcp.h>
+#include <netinet/tcpip.h>
+
+#include <string.h>
+
+#include "interface.h"
+#include "addrtoname.h"
+#include "netbios.h"
+#include "extract.h"
+
+/*
+ * Print NETBIOS packets.
+ */
+void
+netbios_print(struct p8022Hdr *nb, u_int length)
+{
+	if (length < p8022Size) {
+		(void)printf(" truncated-netbios %d", length);
+		return;
+	}
+
+	if (nb->flags == UI) {
+	    (void)printf("802.1 UI ");
+	} else {
+	    (void)printf("802.1 CONN ");
+	}
+
+	if ((u_char *)(nb + 1) > snapend) {
+		printf(" [|netbios]");
+		return;
+	}
+
+/*
+	netbios_decode(nb, (u_char *)nb + p8022Size, length - p8022Size);
+*/
+}
+
+#ifdef never
+	(void)printf("%s.%d > ",
+		     ipxaddr_string(EXTRACT_32BITS(ipx->srcNet), ipx->srcNode),
+		     EXTRACT_16BITS(ipx->srcSkt));
+
+	(void)printf("%s.%d:",
+		     ipxaddr_string(EXTRACT_32BITS(ipx->dstNet), ipx->dstNode),
+		     EXTRACT_16BITS(ipx->dstSkt));
+
+	if ((u_char *)(ipx + 1) > snapend) {
+		printf(" [|ipx]");
+		return;
+	}
+
+	/* take length from ipx header */
+	length = EXTRACT_16BITS(&ipx->length);
+
+	ipx_decode(ipx, (u_char *)ipx + ipxSize, length - ipxSize);
+#endif
+
diff --git a/contrib/tcpdump/print-nfs.c b/contrib/tcpdump/print-nfs.c
new file mode 100644
index 000000000000..6ea7701961e9
--- /dev/null
+++ b/contrib/tcpdump/print-nfs.c
@@ -0,0 +1,862 @@
+/*
+ * Copyright (c) 1988, 1989, 1990, 1991, 1992, 1993, 1994, 1995, 1996
+ *	The Regents of the University of California.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that: (1) source code distributions
+ * retain the above copyright notice and this paragraph in its entirety, (2)
+ * distributions including binary code include the above copyright notice and
+ * this paragraph in its entirety in the documentation or other materials
+ * provided with the distribution, and (3) all advertising materials mentioning
+ * features or use of this software display the following acknowledgement:
+ * ``This product includes software developed by the University of California,
+ * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
+ * the University nor the names of its contributors may be used to endorse
+ * or promote products derived from this software without specific prior
+ * written permission.
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
+ */
+
+#ifndef lint
+static char rcsid[] =
+    "@(#) $Header: print-nfs.c,v 1.56 96/07/23 14:17:25 leres Exp $ (LBL)";
+#endif
+
+#include <sys/param.h>
+#include <sys/time.h>
+#include <sys/socket.h>
+
+#if __STDC__
+struct mbuf;
+struct rtentry;
+#endif
+#include <net/if.h>
+
+#include <netinet/in.h>
+#include <netinet/if_ether.h>
+#include <netinet/in_systm.h>
+#include <netinet/ip.h>
+#include <netinet/ip_var.h>
+
+#include <rpc/rpc.h>
+
+#include <ctype.h>
+#include <pcap.h>
+#include <stdio.h>
+#include <string.h>
+
+#include "interface.h"
+#include "addrtoname.h"
+
+#include "nfsv2.h"
+#include "nfsfh.h"
+
+static void nfs_printfh(const u_int32_t *);
+static void xid_map_enter(const struct rpc_msg *, const struct ip *);
+static int32_t xid_map_find(const struct rpc_msg *, const struct ip *);
+static void interp_reply(const struct rpc_msg *, u_int32_t, u_int);
+
+void
+nfsreply_print(register const u_char *bp, u_int length,
+	       register const u_char *bp2)
+{
+	register const struct rpc_msg *rp;
+	register const struct ip *ip;
+	int32_t proc;
+
+	rp = (const struct rpc_msg *)bp;
+	ip = (const struct ip *)bp2;
+
+	if (!nflag)
+		(void)printf("%s.nfs > %s.%x: reply %s %d",
+			     ipaddr_string(&ip->ip_src),
+			     ipaddr_string(&ip->ip_dst),
+			     (u_int32_t)ntohl(rp->rm_xid),
+			     ntohl(rp->rm_reply.rp_stat) == MSG_ACCEPTED?
+				     "ok":"ERR",
+			     length);
+	else
+		(void)printf("%s.%x > %s.%x: reply %s %d",
+			     ipaddr_string(&ip->ip_src),
+			     NFS_PORT,
+			     ipaddr_string(&ip->ip_dst),
+			     (u_int32_t)ntohl(rp->rm_xid),
+			     ntohl(rp->rm_reply.rp_stat) == MSG_ACCEPTED?
+			     	"ok":"ERR",
+			     length);
+
+	proc = xid_map_find(rp, ip);
+	if (proc >= 0)
+		interp_reply(rp, (u_int32_t)proc, length);
+}
+
+/*
+ * Return a pointer to the first file handle in the packet.
+ * If the packet was truncated, return 0.
+ */
+static const u_int32_t *
+parsereq(register const struct rpc_msg *rp, register u_int length)
+{
+	register const u_int32_t *dp;
+	register u_int len;
+
+	/*
+	 * find the start of the req data (if we captured it)
+	 */
+	dp = (u_int32_t *)&rp->rm_call.cb_cred;
+	TCHECK(dp[1]);
+	len = ntohl(dp[1]);
+	if (len < length) {
+		dp += (len + (2 * sizeof(*dp) + 3)) / sizeof(*dp);
+		TCHECK(dp[1]);
+		len = ntohl(dp[1]);
+		if (len < length) {
+			dp += (len + (2 * sizeof(*dp) + 3)) / sizeof(*dp);
+			TCHECK2(dp[0], 0);
+			return (dp);
+		}
+	}
+trunc:
+	return (0);
+}
+
+/*
+ * Print out an NFS file handle and return a pointer to following word.
+ * If packet was truncated, return 0.
+ */
+static const u_int32_t *
+parsefh(register const u_int32_t *dp)
+{
+	if (dp + 8 <= (u_int32_t *)snapend) {
+		nfs_printfh(dp);
+		return (dp + 8);
+	}
+	return (0);
+}
+
+/*
+ * Print out a file name and return pointer to 32-bit word past it.
+ * If packet was truncated, return 0.
+ */
+static const u_int32_t *
+parsefn(register const u_int32_t *dp)
+{
+	register u_int32_t len;
+	register const u_char *cp;
+
+	/* Bail if we don't have the string length */
+	if ((u_char *)dp > snapend - sizeof(*dp))
+		return(0);
+
+	/* Fetch string length; convert to host order */
+	len = *dp++;
+	NTOHL(len);
+
+	cp = (u_char *)dp;
+	/* Update 32-bit pointer (NFS filenames padded to 32-bit boundaries) */
+	dp += ((len + 3) & ~3) / sizeof(*dp);
+	if ((u_char *)dp > snapend)
+		return (0);
+	/* XXX seems like we should be checking the length */
+	putchar('"');
+	(void) fn_printn(cp, len, NULL);
+	putchar('"');
+
+	return (dp);
+}
+
+/*
+ * Print out file handle and file name.
+ * Return pointer to 32-bit word past file name.
+ * If packet was truncated (or there was some other error), return 0.
+ */
+static const u_int32_t *
+parsefhn(register const u_int32_t *dp)
+{
+	dp = parsefh(dp);
+	if (dp == 0)
+		return (0);
+	putchar(' ');
+	return (parsefn(dp));
+}
+
+void
+nfsreq_print(register const u_char *bp, u_int length,
+    register const u_char *bp2)
+{
+	register const struct rpc_msg *rp;
+	register const struct ip *ip;
+	register const u_int32_t *dp;
+
+	rp = (const struct rpc_msg *)bp;
+	ip = (const struct ip *)bp2;
+	if (!nflag)
+		(void)printf("%s.%x > %s.nfs: %d",
+			     ipaddr_string(&ip->ip_src),
+			     (u_int32_t)ntohl(rp->rm_xid),
+			     ipaddr_string(&ip->ip_dst),
+			     length);
+	else
+		(void)printf("%s.%x > %s.%x: %d",
+			     ipaddr_string(&ip->ip_src),
+			     (u_int32_t)ntohl(rp->rm_xid),
+			     ipaddr_string(&ip->ip_dst),
+			     NFS_PORT,
+			     length);
+
+	xid_map_enter(rp, ip);	/* record proc number for later on */
+
+	switch (ntohl(rp->rm_call.cb_proc)) {
+#ifdef NFSPROC_NOOP
+	case NFSPROC_NOOP:
+		printf(" nop");
+		return;
+#else
+#define NFSPROC_NOOP -1
+#endif
+	case NFSPROC_NULL:
+		printf(" null");
+		return;
+
+	case NFSPROC_GETATTR:
+		printf(" getattr");
+		if ((dp = parsereq(rp, length)) != 0 && parsefh(dp) != 0)
+			return;
+		break;
+
+	case NFSPROC_SETATTR:
+		printf(" setattr");
+		if ((dp = parsereq(rp, length)) != 0 && parsefh(dp) != 0)
+			return;
+		break;
+
+#if NFSPROC_ROOT != NFSPROC_NOOP
+	case NFSPROC_ROOT:
+		printf(" root");
+		break;
+#endif
+	case NFSPROC_LOOKUP:
+		printf(" lookup");
+		if ((dp = parsereq(rp, length)) != 0 && parsefhn(dp) != 0)
+			return;
+		break;
+
+	case NFSPROC_READLINK:
+		printf(" readlink");
+		if ((dp = parsereq(rp, length)) != 0 && parsefh(dp) != 0)
+			return;
+		break;
+
+	case NFSPROC_READ:
+		printf(" read");
+		if ((dp = parsereq(rp, length)) != 0 &&
+		    (dp = parsefh(dp)) != 0) {
+			TCHECK2(dp[0], 3 * sizeof(*dp));
+			printf(" %u bytes @ %u",
+			    (u_int32_t)ntohl(dp[1]),
+			    (u_int32_t)ntohl(dp[0]));
+			return;
+		}
+		break;
+
+#if NFSPROC_WRITECACHE != NFSPROC_NOOP
+	case NFSPROC_WRITECACHE:
+		printf(" writecache");
+		if ((dp = parsereq(rp, length)) != 0 &&
+		    (dp = parsefh(dp)) != 0) {
+			TCHECK2(dp[0], 4 * sizeof(*dp));
+			printf(" %u (%u) bytes @ %u (%u)",
+			    (u_int32_t)ntohl(dp[3]),
+			    (u_int32_t)ntohl(dp[2]),
+			    (u_int32_t)ntohl(dp[1]),
+			    (u_int32_t)ntohl(dp[0]));
+			return;
+		}
+		break;
+#endif
+	case NFSPROC_WRITE:
+		printf(" write");
+		if ((dp = parsereq(rp, length)) != 0 &&
+		    (dp = parsefh(dp)) != 0) {
+			TCHECK2(dp[0], 4 * sizeof(*dp));
+			printf(" %u (%u) bytes @ %u (%u)",
+			    (u_int32_t)ntohl(dp[3]),
+			    (u_int32_t)ntohl(dp[2]),
+			    (u_int32_t)ntohl(dp[1]),
+			    (u_int32_t)ntohl(dp[0]));
+			return;
+		}
+		break;
+
+	case NFSPROC_CREATE:
+		printf(" create");
+		if ((dp = parsereq(rp, length)) != 0 && parsefhn(dp) != 0)
+			return;
+		break;
+
+	case NFSPROC_REMOVE:
+		printf(" remove");
+		if ((dp = parsereq(rp, length)) != 0 && parsefhn(dp) != 0)
+			return;
+		break;
+
+	case NFSPROC_RENAME:
+		printf(" rename");
+		if ((dp = parsereq(rp, length)) != 0 &&
+		    (dp = parsefhn(dp)) != 0) {
+			fputs(" ->", stdout);
+			if (parsefhn(dp) != 0)
+				return;
+		}
+		break;
+
+	case NFSPROC_LINK:
+		printf(" link");
+		if ((dp = parsereq(rp, length)) != 0 &&
+		    (dp = parsefh(dp)) != 0) {
+			fputs(" ->", stdout);
+			if (parsefhn(dp) != 0)
+				return;
+		}
+		break;
+
+	case NFSPROC_SYMLINK:
+		printf(" symlink");
+		if ((dp = parsereq(rp, length)) != 0 &&
+		    (dp = parsefhn(dp)) != 0) {
+			fputs(" -> ", stdout);
+			if (parsefn(dp) != 0)
+				return;
+		}
+		break;
+
+	case NFSPROC_MKDIR:
+		printf(" mkdir");
+		if ((dp = parsereq(rp, length)) != 0 && parsefhn(dp) != 0)
+			return;
+		break;
+
+	case NFSPROC_RMDIR:
+		printf(" rmdir");
+		if ((dp = parsereq(rp, length)) != 0 && parsefhn(dp) != 0)
+			return;
+		break;
+
+	case NFSPROC_READDIR:
+		printf(" readdir");
+		if ((dp = parsereq(rp, length)) != 0 &&
+		    (dp = parsefh(dp)) != 0) {
+			TCHECK2(dp[0], 2 * sizeof(*dp));
+			/*
+			 * Print the offset as signed, since -1 is common,
+			 * but offsets > 2^31 aren't.
+			 */
+			printf(" %u bytes @ %d",
+			    (u_int32_t)ntohl(dp[1]),
+			    (u_int32_t)ntohl(dp[0]));
+			return;
+		}
+		break;
+
+	case NFSPROC_STATFS:
+		printf(" statfs");
+		if ((dp = parsereq(rp, length)) != 0 && parsefh(dp) != 0)
+			return;
+		break;
+
+	default:
+		printf(" proc-%u", (u_int32_t)ntohl(rp->rm_call.cb_proc));
+		return;
+	}
+trunc:
+	fputs(" [|nfs]", stdout);
+}
+
+/*
+ * Print out an NFS file handle.
+ * We assume packet was not truncated before the end of the
+ * file handle pointed to by dp.
+ *
+ * Note: new version (using portable file-handle parser) doesn't produce
+ * generation number.  It probably could be made to do that, with some
+ * additional hacking on the parser code.
+ */
+static void
+nfs_printfh(register const u_int32_t *dp)
+{
+	my_fsid fsid;
+	ino_t ino;
+	char *sfsname = NULL;
+
+	Parse_fh((caddr_t*)dp, &fsid, &ino, NULL, &sfsname, 0);
+
+	if (sfsname) {
+	    /* file system ID is ASCII, not numeric, for this server OS */
+	    static char temp[NFS_FHSIZE+1];
+
+	    /* Make sure string is null-terminated */
+	    strncpy(temp, sfsname, NFS_FHSIZE);
+	    /* Remove trailing spaces */
+	    sfsname = strchr(temp, ' ');
+	    if (sfsname)
+		*sfsname = 0;
+
+	    (void)printf(" fh %s/%u", temp, (u_int32_t)ino);
+	}
+	else {
+	    (void)printf(" fh %u,%u/%u",
+		fsid.fsid_dev.Major,
+		fsid.fsid_dev.Minor,
+		(u_int32_t)ino);
+	}
+}
+
+/*
+ * Maintain a small cache of recent client.XID.server/proc pairs, to allow
+ * us to match up replies with requests and thus to know how to parse
+ * the reply.
+ */
+
+struct xid_map_entry {
+	u_int32_t		xid;		/* transaction ID (net order) */
+	struct in_addr	client;		/* client IP address (net order) */
+	struct in_addr	server;		/* server IP address (net order) */
+	u_int32_t		proc;		/* call proc number (host order) */
+};
+
+/*
+ * Map entries are kept in an array that we manage as a ring;
+ * new entries are always added at the tail of the ring.  Initially,
+ * all the entries are zero and hence don't match anything.
+ */
+
+#define	XIDMAPSIZE	64
+
+struct xid_map_entry xid_map[XIDMAPSIZE];
+
+int	xid_map_next = 0;
+int	xid_map_hint = 0;
+
+static void
+xid_map_enter(const struct rpc_msg *rp, const struct ip *ip)
+{
+	struct xid_map_entry *xmep;
+
+	xmep = &xid_map[xid_map_next];
+
+	if (++xid_map_next >= XIDMAPSIZE)
+		xid_map_next = 0;
+
+	xmep->xid = rp->rm_xid;
+	xmep->client = ip->ip_src;
+	xmep->server = ip->ip_dst;
+	xmep->proc = ntohl(rp->rm_call.cb_proc);
+}
+
+/* Returns NFSPROC_xxx or -1 on failure */
+static int32_t
+xid_map_find(const struct rpc_msg *rp, const struct ip *ip)
+{
+	int i;
+	struct xid_map_entry *xmep;
+	u_int32_t xid = rp->rm_xid;
+	u_int32_t clip = ip->ip_dst.s_addr;
+	u_int32_t sip = ip->ip_src.s_addr;
+
+	/* Start searching from where we last left off */
+	i = xid_map_hint;
+	do {
+		xmep = &xid_map[i];
+		if (xmep->xid == xid && xmep->client.s_addr == clip &&
+		    xmep->server.s_addr == sip) {
+			/* match */
+			xid_map_hint = i;
+			return ((int32_t)xmep->proc);
+		}
+		if (++i >= XIDMAPSIZE)
+			i = 0;
+	} while (i != xid_map_hint);
+
+	/* search failed */
+	return(-1);
+}
+
+/*
+ * Routines for parsing reply packets
+ */
+
+/*
+ * Return a pointer to the beginning of the actual results.
+ * If the packet was truncated, return 0.
+ */
+static const u_int32_t *
+parserep(register const struct rpc_msg *rp, register u_int length)
+{
+	register const u_int32_t *dp;
+	u_int len;
+	enum accept_stat astat;
+
+	/*
+	 * Portability note:
+	 * Here we find the address of the ar_verf credentials.
+	 * Originally, this calculation was
+	 *	dp = (u_int32_t *)&rp->rm_reply.rp_acpt.ar_verf
+	 * On the wire, the rp_acpt field starts immediately after
+	 * the (32 bit) rp_stat field.  However, rp_acpt (which is a
+	 * "struct accepted_reply") contains a "struct opaque_auth",
+	 * whose internal representation contains a pointer, so on a
+	 * 64-bit machine the compiler inserts 32 bits of padding
+	 * before rp->rm_reply.rp_acpt.ar_verf.  So, we cannot use
+	 * the internal representation to parse the on-the-wire
+	 * representation.  Instead, we skip past the rp_stat field,
+	 * which is an "enum" and so occupies one 32-bit word.
+	 */
+	dp = ((const u_int32_t *)&rp->rm_reply) + 1;
+	TCHECK2(dp[0], 1);
+		return(0);
+	len = ntohl(dp[1]);
+	if (len >= length)
+		return(0);
+	/*
+	 * skip past the ar_verf credentials.
+	 */
+	dp += (len + (2*sizeof(u_int32_t) + 3)) / sizeof(u_int32_t);
+	TCHECK2(dp[0], 0);
+
+	/*
+	 * now we can check the ar_stat field
+	 */
+	astat = ntohl(*(enum accept_stat *)dp);
+	switch (astat) {
+
+	case SUCCESS:
+		break;
+
+	case PROG_UNAVAIL:
+		printf(" PROG_UNAVAIL");
+		return(0);
+
+	case PROG_MISMATCH:
+		printf(" PROG_MISMATCH");
+		return(0);
+
+	case PROC_UNAVAIL:
+		printf(" PROC_UNAVAIL");
+		return(0);
+
+	case GARBAGE_ARGS:
+		printf(" GARBAGE_ARGS");
+		return(0);
+
+	case SYSTEM_ERR:
+		printf(" SYSTEM_ERR");
+		return(0);
+
+	default:
+		printf(" ar_stat %d", astat);
+		return(0);
+	}
+	/* successful return */
+	if ((sizeof(astat) + ((u_char *)dp)) < snapend)
+		return((u_int32_t *) (sizeof(astat) + ((char *)dp)));
+
+trunc:
+	return (0);
+}
+
+static const u_int32_t *
+parsestatus(const u_int32_t *dp)
+{
+	int errnum;
+
+	TCHECK(dp[0]);
+	errnum = ntohl(dp[0]);
+	if (errnum != 0) {
+		char *errmsg;
+
+		if (qflag)
+			return(0);
+
+		errmsg = pcap_strerror(errnum);
+		printf(" ERROR: %s", errmsg);
+		return(0);
+	}
+	return (dp + 1);
+trunc:
+	return (0);
+}
+
+static struct tok type2str[] = {
+	{ NFNON,	"NON" },
+	{ NFREG,	"REG" },
+	{ NFDIR,	"DIR" },
+	{ NFBLK,	"BLK" },
+	{ NFCHR,	"CHR" },
+	{ NFLNK,	"LNK" },
+	{ 0,		NULL }
+};
+
+static const u_int32_t *
+parsefattr(const u_int32_t *dp, int verbose)
+{
+	const struct nfsv2_fattr *fap;
+
+	fap = (const struct nfsv2_fattr *)dp;
+	if (verbose) {
+		TCHECK(fap->fa_nfssize);
+		printf(" %s %o ids %u/%u sz %u ",
+		    tok2str(type2str, "unk-ft %d ",
+		    (u_int32_t)ntohl(fap->fa_type)),
+		    (u_int32_t)ntohl(fap->fa_mode),
+		    (u_int32_t)ntohl(fap->fa_uid),
+		    (u_int32_t)ntohl(fap->fa_gid),
+		    (u_int32_t)ntohl(fap->fa_nfssize));
+	}
+	/* print lots more stuff */
+	if (verbose > 1) {
+		TCHECK(fap->fa_nfsfileid);
+		printf("nlink %u rdev %x fsid %x nodeid %x a/m/ctime ",
+		    (u_int32_t)ntohl(fap->fa_nlink),
+		    (u_int32_t)ntohl(fap->fa_nfsrdev),
+		    (u_int32_t)ntohl(fap->fa_nfsfsid),
+		    (u_int32_t)ntohl(fap->fa_nfsfileid));
+		TCHECK(fap->fa_nfsatime);
+		printf("%u.%06u ",
+		    (u_int32_t)ntohl(fap->fa_nfsatime.nfs_sec),
+		    (u_int32_t)ntohl(fap->fa_nfsatime.nfs_usec));
+		TCHECK(fap->fa_nfsmtime);
+		printf("%u.%06u ",
+		    (u_int32_t)ntohl(fap->fa_nfsmtime.nfs_sec),
+		    (u_int32_t)ntohl(fap->fa_nfsmtime.nfs_usec));
+		TCHECK(fap->fa_nfsctime);
+		printf("%u.%06u ",
+		    (u_int32_t)ntohl(fap->fa_nfsctime.nfs_sec),
+		    (u_int32_t)ntohl(fap->fa_nfsctime.nfs_usec));
+	}
+	return ((const u_int32_t *)&fap[1]);
+trunc:
+	return (NULL);
+}
+
+static int
+parseattrstat(const u_int32_t *dp, int verbose)
+{
+	dp = parsestatus(dp);
+	if (dp == NULL)
+		return (0);
+
+	return (parsefattr(dp, verbose) != NULL);
+}
+
+static int
+parsediropres(const u_int32_t *dp)
+{
+	dp = parsestatus(dp);
+	if (dp == NULL)
+		return (0);
+
+	dp = parsefh(dp);
+	if (dp == NULL)
+		return (0);
+
+	return (parsefattr(dp, vflag) != NULL);
+}
+
+static int
+parselinkres(const u_int32_t *dp)
+{
+	dp = parsestatus(dp);
+	if (dp == NULL)
+		return(0);
+
+	putchar(' ');
+	return (parsefn(dp) != NULL);
+}
+
+static int
+parsestatfs(const u_int32_t *dp)
+{
+	const struct nfsv2_statfs *sfsp;
+
+	dp = parsestatus(dp);
+	if (dp == NULL)
+		return(0);
+
+	if (!qflag) {
+		sfsp = (const struct nfsv2_statfs *)dp;
+		TCHECK(sfsp->sf_bavail);
+		printf(" tsize %u bsize %u blocks %u bfree %u bavail %u",
+		    (u_int32_t)ntohl(sfsp->sf_tsize),
+		    (u_int32_t)ntohl(sfsp->sf_bsize),
+		    (u_int32_t)ntohl(sfsp->sf_blocks),
+		    (u_int32_t)ntohl(sfsp->sf_bfree),
+		    (u_int32_t)ntohl(sfsp->sf_bavail));
+	}
+
+	return (1);
+trunc:
+	return (0);
+}
+
+static int
+parserddires(const u_int32_t *dp)
+{
+	dp = parsestatus(dp);
+	if (dp == 0)
+		return (0);
+	if (!qflag) {
+		TCHECK(dp[0]);
+		printf(" offset %x", (u_int32_t)ntohl(dp[0]));
+		TCHECK(dp[1]);
+		printf(" size %u", (u_int32_t)ntohl(dp[1]));
+		TCHECK(dp[2]);
+		if (dp[2] != 0)
+			printf(" eof");
+	}
+
+	return (1);
+trunc:
+	return (0);
+}
+
+static void
+interp_reply(const struct rpc_msg *rp, u_int32_t proc, u_int length)
+{
+	register const u_int32_t *dp;
+
+	switch (proc) {
+
+#ifdef NFSPROC_NOOP
+	case NFSPROC_NOOP:
+		printf(" nop");
+		return;
+#else
+#define NFSPROC_NOOP -1
+#endif
+	case NFSPROC_NULL:
+		printf(" null");
+		return;
+
+	case NFSPROC_GETATTR:
+		printf(" getattr");
+		dp = parserep(rp, length);
+		if (dp != 0 && parseattrstat(dp, !qflag) != 0)
+			return;
+		break;
+
+	case NFSPROC_SETATTR:
+		printf(" setattr");
+		dp = parserep(rp, length);
+		if (dp != 0 && parseattrstat(dp, !qflag) != 0)
+			return;
+		break;
+
+#if NFSPROC_ROOT != NFSPROC_NOOP
+	case NFSPROC_ROOT:
+		printf(" root");
+		break;
+#endif
+	case NFSPROC_LOOKUP:
+		printf(" lookup");
+		dp = parserep(rp, length);
+		if (dp != 0 && parsediropres(dp) != 0)
+			return;
+		break;
+
+	case NFSPROC_READLINK:
+		printf(" readlink");
+		dp = parserep(rp, length);
+		if (dp != 0 && parselinkres(dp) != 0)
+			return;
+		break;
+
+	case NFSPROC_READ:
+		printf(" read");
+		dp = parserep(rp, length);
+		if (dp != 0 && parseattrstat(dp, vflag) != 0)
+			return;
+		break;
+
+#if NFSPROC_WRITECACHE != NFSPROC_NOOP
+	case NFSPROC_WRITECACHE:
+		printf(" writecache");
+		break;
+#endif
+	case NFSPROC_WRITE:
+		printf(" write");
+		dp = parserep(rp, length);
+		if (dp != 0 && parseattrstat(dp, vflag) != 0)
+			return;
+		break;
+
+	case NFSPROC_CREATE:
+		printf(" create");
+		dp = parserep(rp, length);
+		if (dp != 0 && parsediropres(dp) != 0)
+			return;
+		break;
+
+	case NFSPROC_REMOVE:
+		printf(" remove");
+		dp = parserep(rp, length);
+		if (dp != 0 && parsestatus(dp) != 0)
+			return;
+		break;
+
+	case NFSPROC_RENAME:
+		printf(" rename");
+		dp = parserep(rp, length);
+		if (dp != 0 && parsestatus(dp) != 0)
+			return;
+		break;
+
+	case NFSPROC_LINK:
+		printf(" link");
+		dp = parserep(rp, length);
+		if (dp != 0 && parsestatus(dp) != 0)
+			return;
+		break;
+
+	case NFSPROC_SYMLINK:
+		printf(" symlink");
+		dp = parserep(rp, length);
+		if (dp != 0 && parsestatus(dp) != 0)
+			return;
+		break;
+
+	case NFSPROC_MKDIR:
+		printf(" mkdir");
+		dp = parserep(rp, length);
+		if (dp != 0 && parsediropres(dp) != 0)
+			return;
+		break;
+
+	case NFSPROC_RMDIR:
+		printf(" rmdir");
+		dp = parserep(rp, length);
+		if (dp != 0 && parsestatus(dp) != 0)
+			return;
+		break;
+
+	case NFSPROC_READDIR:
+		printf(" readdir");
+		dp = parserep(rp, length);
+		if (dp != 0 && parserddires(dp) != 0)
+			return;
+		break;
+
+	case NFSPROC_STATFS:
+		printf(" statfs");
+		dp = parserep(rp, length);
+		if (dp != 0 && parsestatfs(dp) != 0)
+			return;
+		break;
+
+	default:
+		printf(" proc-%u", proc);
+		return;
+	}
+	fputs(" [|nfs]", stdout);
+}
diff --git a/contrib/tcpdump/print-ntp.c b/contrib/tcpdump/print-ntp.c
new file mode 100644
index 000000000000..ec6c8f00f182
--- /dev/null
+++ b/contrib/tcpdump/print-ntp.c
@@ -0,0 +1,284 @@
+/*
+ * Copyright (c) 1990, 1991, 1992, 1993, 1994, 1995, 1996
+ *	The Regents of the University of California.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that: (1) source code distributions
+ * retain the above copyright notice and this paragraph in its entirety, (2)
+ * distributions including binary code include the above copyright notice and
+ * this paragraph in its entirety in the documentation or other materials
+ * provided with the distribution, and (3) all advertising materials mentioning
+ * features or use of this software display the following acknowledgement:
+ * ``This product includes software developed by the University of California,
+ * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
+ * the University nor the names of its contributors may be used to endorse
+ * or promote products derived from this software without specific prior
+ * written permission.
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
+ *
+ * Format and print ntp packets.
+ *	By Jeffrey Mogul/DECWRL
+ *	loosely based on print-bootp.c
+ */
+
+#ifndef lint
+static char rcsid[] =
+    "@(#) $Header: print-ntp.c,v 1.23 96/07/23 14:17:26 leres Exp $ (LBL)";
+#endif
+
+#include <sys/param.h>
+#include <sys/time.h>
+#include <sys/socket.h>
+
+#if __STDC__
+struct mbuf;
+struct rtentry;
+#endif
+#include <net/if.h>
+
+#include <netinet/in.h>
+#include <netinet/if_ether.h>
+
+#include <ctype.h>
+#include <stdio.h>
+#include <string.h>
+
+#include "interface.h"
+#include "addrtoname.h"
+#undef MODEMASK					/* Solaris sucks */
+#include "ntp.h"
+
+static void p_sfix(const struct s_fixedpt *);
+static void p_ntp_time(const struct l_fixedpt *);
+static void p_ntp_delta(const struct l_fixedpt *, const struct l_fixedpt *);
+
+/*
+ * Print ntp requests
+ */
+void
+ntp_print(register const u_char *cp, u_int length)
+{
+	register const struct ntpdata *bp;
+	int mode, version, leapind;
+	static char rclock[5];
+
+	bp = (struct ntpdata *)cp;
+	/* Note funny sized packets */
+	if (length != sizeof(struct ntpdata))
+		(void)printf(" [len=%d]", length);
+
+	TCHECK(bp->status);
+
+	version = (bp->status & VERSIONMASK) >> 3;
+	printf(" v%d", version);
+
+	leapind = bp->status & LEAPMASK;
+	switch (leapind) {
+
+	case NO_WARNING:
+		break;
+
+	case PLUS_SEC:
+		fputs(" +1s", stdout);
+		break;
+
+	case MINUS_SEC:
+		fputs(" -1s", stdout);
+		break;
+	}
+
+	mode = bp->status & MODEMASK;
+	switch (mode) {
+
+	case MODE_UNSPEC:	/* unspecified */
+		fputs(" unspec", stdout);
+		break;
+
+	case MODE_SYM_ACT:	/* symmetric active */
+		fputs(" sym_act", stdout);
+		break;
+
+	case MODE_SYM_PAS:	/* symmetric passive */
+		fputs(" sym_pas", stdout);
+		break;
+
+	case MODE_CLIENT:	/* client */
+		fputs(" client", stdout);
+		break;
+
+	case MODE_SERVER:	/* server */
+		fputs(" server", stdout);
+		break;
+
+	case MODE_BROADCAST:	/* broadcast */
+		fputs(" bcast", stdout);
+		break;
+
+	case MODE_RES1:		/* reserved */
+		fputs(" res1", stdout);
+		break;
+
+	case MODE_RES2:		/* reserved */
+		fputs(" res2", stdout);
+		break;
+
+	}
+
+	TCHECK(bp->stratum);
+	printf(" strat %d", bp->stratum);
+
+	TCHECK(bp->ppoll);
+	printf(" poll %d", bp->ppoll);
+
+	/* Can't TCHECK bp->precision bitfield so bp->distance + 0 instead */
+	TCHECK2(bp->distance, 0);
+	printf(" prec %d", bp->precision);
+
+	if (!vflag)
+		return;
+
+	TCHECK(bp->distance);
+	fputs(" dist ", stdout);
+	p_sfix(&bp->distance);
+
+	TCHECK(bp->dispersion);
+	fputs(" disp ", stdout);
+	p_sfix(&bp->dispersion);
+
+	TCHECK(bp->refid);
+	fputs(" ref ", stdout);
+	/* Interpretation depends on stratum */
+	switch (bp->stratum) {
+
+	case UNSPECIFIED:
+		printf("(unspec)");
+		break;
+
+	case PRIM_REF:
+		strncpy(rclock, (char *)&(bp->refid), 4);
+		rclock[4] = '\0';
+		fputs(rclock, stdout);
+		break;
+
+	case INFO_QUERY:
+		printf("%s INFO_QUERY", ipaddr_string(&(bp->refid)));
+		/* this doesn't have more content */
+		return;
+
+	case INFO_REPLY:
+		printf("%s INFO_REPLY", ipaddr_string(&(bp->refid)));
+		/* this is too complex to be worth printing */
+		return;
+
+	default:
+		printf("%s", ipaddr_string(&(bp->refid)));
+		break;
+	}
+
+	TCHECK(bp->reftime);
+	putchar('@');
+	p_ntp_time(&(bp->reftime));
+
+	TCHECK(bp->org);
+	fputs(" orig ", stdout);
+	p_ntp_time(&(bp->org));
+
+	TCHECK(bp->rec);
+	fputs(" rec ", stdout);
+	p_ntp_delta(&(bp->org), &(bp->rec));
+
+	TCHECK(bp->xmt);
+	fputs(" xmt ", stdout);
+	p_ntp_delta(&(bp->org), &(bp->xmt));
+
+	return;
+
+trunc:
+	fputs(" [|ntp]", stdout);
+}
+
+static void
+p_sfix(register const struct s_fixedpt *sfp)
+{
+	register int i;
+	register int f;
+	register float ff;
+
+	i = ntohs(sfp->int_part);
+	f = ntohs(sfp->fraction);
+	ff = f / 65536.0;	/* shift radix point by 16 bits */
+	f = ff * 1000000.0;	/* Treat fraction as parts per million */
+	printf("%d.%06d", i, f);
+}
+
+#define	FMAXINT	(4294967296.0)	/* floating point rep. of MAXINT */
+
+static void
+p_ntp_time(register const struct l_fixedpt *lfp)
+{
+	register int32_t i;
+	register u_int32_t uf;
+	register u_int32_t f;
+	register float ff;
+
+	i = ntohl(lfp->int_part);
+	uf = ntohl(lfp->fraction);
+	ff = uf;
+	if (ff < 0.0)		/* some compilers are buggy */
+		ff += FMAXINT;
+	ff = ff / FMAXINT;	/* shift radix point by 32 bits */
+	f = ff * 1000000000.0;	/* treat fraction as parts per billion */
+	printf("%u.%09d", i, f);
+}
+
+/* Prints time difference between *lfp and *olfp */
+static void
+p_ntp_delta(register const struct l_fixedpt *olfp,
+	    register const struct l_fixedpt *lfp)
+{
+	register int32_t i;
+	register u_int32_t uf;
+	register u_int32_t ouf;
+	register u_int32_t f;
+	register float ff;
+	int signbit;
+
+	i = ntohl(lfp->int_part) - ntohl(olfp->int_part);
+
+	uf = ntohl(lfp->fraction);
+	ouf = ntohl(olfp->fraction);
+
+	if (i > 0) {		/* new is definitely greater than old */
+		signbit = 0;
+		f = uf - ouf;
+		if (ouf > uf)	/* must borrow from high-order bits */
+			i -= 1;
+	} else if (i < 0) {	/* new is definitely less than old */
+		signbit = 1;
+		f = ouf - uf;
+		if (uf > ouf)	/* must carry into the high-order bits */
+			i += 1;
+		i = -i;
+	} else {		/* int_part is zero */
+		if (uf > ouf) {
+			signbit = 0;
+			f = uf - ouf;
+		} else {
+			signbit = 1;
+			f = ouf - uf;
+		}
+	}
+
+	ff = f;
+	if (ff < 0.0)		/* some compilers are buggy */
+		ff += FMAXINT;
+	ff = ff / FMAXINT;	/* shift radix point by 32 bits */
+	f = ff * 1000000000.0;	/* treat fraction as parts per billion */
+	if (signbit)
+		putchar('-');
+	else
+		putchar('+');
+	printf("%d.%09d", i, f);
+}
diff --git a/contrib/tcpdump/print-null.c b/contrib/tcpdump/print-null.c
new file mode 100644
index 000000000000..89e16950f3dd
--- /dev/null
+++ b/contrib/tcpdump/print-null.c
@@ -0,0 +1,115 @@
+/*
+ * Copyright (c) 1991, 1993, 1994, 1995, 1996
+ *	The Regents of the University of California.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that: (1) source code distributions
+ * retain the above copyright notice and this paragraph in its entirety, (2)
+ * distributions including binary code include the above copyright notice and
+ * this paragraph in its entirety in the documentation or other materials
+ * provided with the distribution, and (3) all advertising materials mentioning
+ * features or use of this software display the following acknowledgement:
+ * ``This product includes software developed by the University of California,
+ * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
+ * the University nor the names of its contributors may be used to endorse
+ * or promote products derived from this software without specific prior
+ * written permission.
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
+ */
+
+#ifndef lint
+static char rcsid[] =
+    "@(#)$Header: print-null.c,v 1.19 96/07/14 19:39:02 leres Exp $ (LBL)";
+#endif
+
+#include <sys/param.h>
+#include <sys/time.h>
+#include <sys/socket.h>
+#include <sys/file.h>
+#include <sys/ioctl.h>
+
+#if __STDC__
+struct mbuf;
+struct rtentry;
+#endif
+#include <net/if.h>
+
+#include <netinet/in.h>
+#include <netinet/in_systm.h>
+#include <netinet/ip.h>
+#include <netinet/if_ether.h>
+#include <netinet/ip_var.h>
+#include <netinet/udp.h>
+#include <netinet/udp_var.h>
+#include <netinet/tcp.h>
+#include <netinet/tcpip.h>
+
+#include <stdio.h>
+#include <string.h>
+
+#include "interface.h"
+#include "addrtoname.h"
+#include "pcap.h"
+
+#define	NULL_HDRLEN 4
+
+static void
+null_print(const u_char *p, const struct ip *ip, u_int length)
+{
+	u_int family;
+
+	memcpy((char *)&family, (char *)p, sizeof(family));
+
+	if (nflag) {
+		/* XXX just dump the header */
+		return;
+	}
+	switch (family) {
+
+	case AF_INET:
+		printf("ip: ");
+		break;
+
+	case AF_NS:
+		printf("ns: ");
+		break;
+
+	default:
+		printf("AF %d: ", family);
+		break;
+	}
+}
+
+void
+null_if_print(u_char *user, const struct pcap_pkthdr *h, const u_char *p)
+{
+	u_int length = h->len;
+	u_int caplen = h->caplen;
+	const struct ip *ip;
+
+	ts_print(&h->ts);
+
+	/*
+	 * Some printers want to get back at the link level addresses,
+	 * and/or check that they're not walking off the end of the packet.
+	 * Rather than pass them all the way down, we set these globals.
+	 */
+	packetp = p;
+	snapend = p + caplen;
+
+	length -= NULL_HDRLEN;
+
+	ip = (struct ip *)(p + NULL_HDRLEN);
+
+	if (eflag)
+		null_print(p, ip, length);
+
+	ip_print((const u_char *)ip, length);
+
+	if (xflag)
+		default_print((const u_char *)ip, caplen - NULL_HDRLEN);
+	putchar('\n');
+}
+
diff --git a/contrib/tcpdump/print-ospf.c b/contrib/tcpdump/print-ospf.c
new file mode 100644
index 000000000000..70d8701533be
--- /dev/null
+++ b/contrib/tcpdump/print-ospf.c
@@ -0,0 +1,568 @@
+/*
+ * Copyright (c) 1992, 1993, 1994, 1995, 1996
+ *	The Regents of the University of California.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that: (1) source code distributions
+ * retain the above copyright notice and this paragraph in its entirety, (2)
+ * distributions including binary code include the above copyright notice and
+ * this paragraph in its entirety in the documentation or other materials
+ * provided with the distribution, and (3) all advertising materials mentioning
+ * features or use of this software display the following acknowledgement:
+ * ``This product includes software developed by the University of California,
+ * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
+ * the University nor the names of its contributors may be used to endorse
+ * or promote products derived from this software without specific prior
+ * written permission.
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
+ *
+ * OSPF support contributed by Jeffrey Honig (jch@mitchell.cit.cornell.edu)
+ */
+
+#ifndef lint
+static char rcsid[] =
+    "@(#) $Header: print-ospf.c,v 1.19 96/07/14 19:39:03 leres Exp $ (LBL)";
+#endif
+
+#include <sys/param.h>
+#include <sys/time.h>
+#include <sys/socket.h>
+
+#include <netinet/in.h>
+#include <netinet/in_systm.h>
+#include <netinet/ip.h>
+#include <netinet/ip_var.h>
+
+#include <ctype.h>
+#include <stdio.h>
+
+#include "interface.h"
+#include "addrtoname.h"
+
+#include "ospf.h"
+
+struct bits {
+    u_int32_t bit;
+    const char *str;
+};
+
+static const struct bits ospf_option_bits[] = {
+	{ OSPF_OPTION_T,	"T" },
+	{ OSPF_OPTION_E,	"E" },
+	{ OSPF_OPTION_MC,	"MC" },
+	{ 0,			NULL }
+};
+
+static const struct bits ospf_rla_flag_bits[] = {
+	{ RLA_FLAG_B,		"B" },
+	{ RLA_FLAG_E,		"E" },
+	{ RLA_FLAG_W1,		"W1" },
+	{ RLA_FLAG_W2,		"W2" },
+	{ 0,			NULL }
+};
+
+static const char *ospf_types[OSPF_TYPE_MAX] = {
+  (char *) 0,
+  "hello",
+  "dd",
+  "ls_req",
+  "ls_upd",
+  "ls_ack"
+};
+
+static inline void
+ospf_print_seqage(register u_int32_t seq, register time_t us)
+{
+    register time_t sec = us % 60;
+    register time_t mins = (us / 60) % 60;
+    register time_t hour = us/3600;
+
+    printf(" S %X age ", seq);
+    if (hour) {
+	printf("%u:%02u:%02u",
+	       (u_int32_t)hour,
+	       (u_int32_t)mins,
+	       (u_int32_t)sec);
+    } else if (mins) {
+	printf("%u:%02u",
+	       (u_int32_t)mins,
+	       (u_int32_t)sec);
+    } else {
+	printf("%u",
+	       (u_int32_t)sec);
+    }
+}
+
+
+static inline void
+ospf_print_bits(register const struct bits *bp, register u_char options)
+{
+    char sep = ' ';
+
+    do {
+	if (options & bp->bit) {
+	    printf("%c%s",
+		   sep,
+		   bp->str);
+	    sep = '/';
+	}
+    } while ((++bp)->bit) ;
+}
+
+
+#define	LS_PRINT(lsp, type) switch (type) { \
+    case LS_TYPE_ROUTER: \
+	printf(" rtr %s ", ipaddr_string(&lsp->ls_router)); break; \
+    case LS_TYPE_NETWORK: \
+	printf(" net dr %s if %s", ipaddr_string(&lsp->ls_router), ipaddr_string(&lsp->ls_stateid)); break; \
+    case LS_TYPE_SUM_IP: \
+	printf(" sum %s abr %s", ipaddr_string(&lsp->ls_stateid), ipaddr_string(&lsp->ls_router)); break; \
+    case LS_TYPE_SUM_ABR: \
+	printf(" abr %s rtr %s", ipaddr_string(&lsp->ls_router), ipaddr_string(&lsp->ls_stateid)); break; \
+    case LS_TYPE_ASE: \
+	printf(" ase %s asbr %s", ipaddr_string(&lsp->ls_stateid), ipaddr_string(&lsp->ls_router)); break; \
+    case LS_TYPE_GROUP: \
+	printf(" group %s rtr %s", ipaddr_string(&lsp->ls_stateid), ipaddr_string(&lsp->ls_router)); break; \
+    }
+
+static int
+ospf_print_lshdr(register const struct lsa_hdr *lshp, const caddr_t end)
+{
+    if ((caddr_t) (lshp + 1) > end) {
+	return 1;
+    }
+
+    printf(" {");						/* } (ctags) */
+
+    if (!lshp->ls_type || lshp->ls_type >= LS_TYPE_MAX) {
+	printf(" ??LS type %d?? }", lshp->ls_type);		/* { (ctags) */
+	return 1;
+    }
+
+    ospf_print_bits(ospf_option_bits, lshp->ls_options);
+    ospf_print_seqage(ntohl(lshp->ls_seq), ntohs(lshp->ls_age));
+
+    LS_PRINT(lshp, lshp->ls_type);
+
+    return 0;
+}
+
+
+/*
+ * Print a single link state advertisement.  If truncated return 1, else 0.
+ */
+
+static int
+ospf_print_lsa(register const struct lsa *lsap, const caddr_t end)
+{
+    register const char *ls_end;
+    const struct rlalink *rlp;
+    const struct tos_metric *tosp;
+    const struct in_addr *ap;
+    const struct aslametric *almp;
+    const struct mcla *mcp;
+    const u_int32_t *lp;
+    int j, k;
+
+    if (ospf_print_lshdr(&lsap->ls_hdr, end)) {
+	return 1;
+    }
+
+    ls_end = (caddr_t) lsap + ntohs(lsap->ls_hdr.ls_length);
+
+    if (ls_end > end) {
+	printf(" }");						/* { (ctags) */
+	return 1;
+    }
+
+    switch (lsap->ls_hdr.ls_type) {
+    case LS_TYPE_ROUTER:
+	ospf_print_bits(ospf_rla_flag_bits, lsap->lsa_un.un_rla.rla_flags);
+
+	j = ntohs(lsap->lsa_un.un_rla.rla_count);
+	rlp = lsap->lsa_un.un_rla.rla_link;
+	while (j--) {
+	    struct rlalink *rln = (struct rlalink *) ((caddr_t) (rlp + 1) + ((rlp->link_toscount) * sizeof (struct tos_metric)));
+
+	    if ((caddr_t) rln > ls_end) {
+		break;
+	    }
+	    printf(" {");					/* } (ctags) */
+
+	    switch (rlp->link_type) {
+	    case RLA_TYPE_VIRTUAL:
+		printf(" virt");
+		/* Fall through */
+
+	    case RLA_TYPE_ROUTER:
+		printf(" nbrid %s if %s",
+		       ipaddr_string(&rlp->link_id),
+		       ipaddr_string(&rlp->link_data));
+		break;
+
+	    case RLA_TYPE_TRANSIT:
+		printf(" dr %s if %s",
+		       ipaddr_string(&rlp->link_id),
+		       ipaddr_string(&rlp->link_data));
+		break;
+
+	    case RLA_TYPE_STUB:
+		printf(" net %s mask %s",
+		       ipaddr_string(&rlp->link_id),
+		       ipaddr_string(&rlp->link_data));
+		break;
+
+	    default:
+		printf(" ??RouterLinksType %d?? }",		/* { (ctags) */
+		       rlp->link_type);
+		return 0;
+	    }
+	    printf(" tos 0 metric %d",
+		   ntohs(rlp->link_tos0metric));
+	    tosp = (struct tos_metric *) ((sizeof rlp->link_tos0metric) + (caddr_t) rlp);
+	    for (k = 0; k < rlp->link_toscount; k++, tosp++) {
+		printf(" tos %d metric %d",
+		       tosp->tos_type,
+		       ntohs(tosp->tos_metric));
+	    }
+	    printf(" }");					/* { (ctags) */
+	    rlp = rln;
+	}
+	break;
+
+    case LS_TYPE_NETWORK:
+	printf(" mask %s rtrs",
+	       ipaddr_string(&lsap->lsa_un.un_nla.nla_mask));
+	for (ap = lsap->lsa_un.un_nla.nla_router;
+	     (caddr_t) (ap + 1) <= ls_end;
+	     ap++) {
+	    printf(" %s",
+		   ipaddr_string(ap));
+	}
+	break;
+
+    case LS_TYPE_SUM_IP:
+	printf(" mask %s",
+	       ipaddr_string(&lsap->lsa_un.un_sla.sla_mask));
+	/* Fall through */
+
+    case LS_TYPE_SUM_ABR:
+
+	for (lp = lsap->lsa_un.un_sla.sla_tosmetric;
+	     (caddr_t) (lp + 1) <= ls_end;
+	     lp++) {
+	    u_int32_t ul = ntohl(*lp);
+
+	    printf(" tos %d metric %d",
+		   (ul & SLA_MASK_TOS) >> SLA_SHIFT_TOS,
+		   ul & SLA_MASK_METRIC);
+	}
+	break;
+
+    case LS_TYPE_ASE:
+	printf(" mask %s",
+	       ipaddr_string(&lsap->lsa_un.un_asla.asla_mask));
+
+	for (almp = lsap->lsa_un.un_asla.asla_metric;
+	     (caddr_t) (almp + 1) <= ls_end;
+	     almp++) {
+	    u_int32_t ul = ntohl(almp->asla_tosmetric);
+
+	    printf(" type %d tos %d metric %d",
+		   (ul & ASLA_FLAG_EXTERNAL) ? 2 : 1,
+		   (ul & ASLA_MASK_TOS) >> ASLA_SHIFT_TOS,
+		   (ul & ASLA_MASK_METRIC));
+	    if (almp->asla_forward.s_addr) {
+		printf(" forward %s",
+		       ipaddr_string(&almp->asla_forward));
+	    }
+	    if (almp->asla_tag.s_addr) {
+		printf(" tag %s",
+		       ipaddr_string(&almp->asla_tag));
+	    }
+	}
+	break;
+
+    case LS_TYPE_GROUP:
+	/* Multicast extensions as of 23 July 1991 */
+	for (mcp = lsap->lsa_un.un_mcla;
+	     (caddr_t) (mcp + 1) <= ls_end;
+	     mcp++) {
+	    switch (ntohl(mcp->mcla_vtype)) {
+	    case MCLA_VERTEX_ROUTER:
+		printf(" rtr rtrid %s",
+		       ipaddr_string(&mcp->mcla_vid));
+		break;
+
+	    case MCLA_VERTEX_NETWORK:
+		printf(" net dr %s",
+		       ipaddr_string(&mcp->mcla_vid));
+		break;
+
+	    default:
+		printf(" ??VertexType %u??",
+		       (u_int32_t)ntohl(mcp->mcla_vtype));
+		break;
+	    }
+	}
+    }
+
+    printf(" }");						/* { (ctags) */
+    return 0;
+}
+
+
+void
+ospf_print(register const u_char *bp, register u_int length,
+	   register const u_char *bp2)
+{
+    register const struct ospfhdr *op;
+    register const struct ip *ip;
+    register const caddr_t end = (caddr_t)snapend;
+    register const struct lsa *lsap;
+    register const struct lsa_hdr *lshp;
+    char sep;
+    int i, j;
+    const struct in_addr *ap;
+    const struct lsr *lsrp;
+
+    op = (struct ospfhdr *)bp;
+    ip = (struct ip  *)bp2;
+    /* Print the source and destination address	*/
+    (void) printf("%s > %s:",
+		  ipaddr_string(&ip->ip_src),
+		  ipaddr_string(&ip->ip_dst));
+
+    if ((caddr_t) (&op->ospf_len + 1) > end) {
+	goto trunc_test;
+    }
+
+    /* If the type is valid translate it, or just print the type */
+    /* value.  If it's not valid, say so and return */
+    if (op->ospf_type || op->ospf_type < OSPF_TYPE_MAX) {
+	printf(" OSPFv%d-%s %d:",
+	       op->ospf_version,
+	       ospf_types[op->ospf_type],
+	       length);
+    } else {
+	printf(" ospf-v%d-??type %d?? %d:",
+	       op->ospf_version,
+	       op->ospf_type,
+	       length);
+	return;
+    }
+
+    if (length != ntohs(op->ospf_len)) {
+	printf(" ??len %d??",
+	       ntohs(op->ospf_len));
+	goto trunc_test;
+    }
+
+    if ((caddr_t) (&op->ospf_routerid + 1) > end) {
+	goto trunc_test;
+    }
+
+    /* Print the routerid if it is not the same as the source */
+    if (ip->ip_src.s_addr != op->ospf_routerid.s_addr) {
+	printf(" rtrid %s",
+	       ipaddr_string(&op->ospf_routerid));
+    }
+
+    if ((caddr_t) (&op->ospf_areaid + 1) > end) {
+	goto trunc_test;
+    }
+
+    if (op->ospf_areaid.s_addr) {
+	printf(" area %s",
+	       ipaddr_string(&op->ospf_areaid));
+    } else {
+	printf(" backbone");
+    }
+
+    if ((caddr_t) (op->ospf_authdata + OSPF_AUTH_SIZE) > end) {
+	goto trunc_test;
+    }
+
+    if (vflag) {
+	/* Print authentication data (should we really do this?) */
+	switch (ntohs(op->ospf_authtype)) {
+	case OSPF_AUTH_NONE:
+	    break;
+
+	case OSPF_AUTH_SIMPLE:
+	    printf(" auth ");
+	    j = 0;
+	    for (i = 0; i < sizeof (op->ospf_authdata); i++) {
+		if (!isprint(op->ospf_authdata[i])) {
+		    j = 1;
+		    break;
+		}
+	    }
+	    if (j) {
+		/* Print the auth-data as a string of octets */
+		printf("%s.%s",
+		       ipaddr_string((struct in_addr *) op->ospf_authdata),
+		       ipaddr_string((struct in_addr *) &op->ospf_authdata[sizeof (struct in_addr)]));
+	    } else {
+		/* Print the auth-data as a text string */
+		printf("'%.8s'",
+		       op->ospf_authdata);
+	    }
+	    break;
+
+	default:
+	    printf(" ??authtype-%d??",
+		   ntohs(op->ospf_authtype));
+	    return;
+	}
+    }
+
+
+    /* Do rest according to version.	*/
+    switch (op->ospf_version) {
+    case 2:
+        /* ospf version 2	*/
+	switch (op->ospf_type) {
+	case OSPF_TYPE_UMD:		/* Rob Coltun's special monitoring packets; do nothing	*/
+	    break;
+
+	case OSPF_TYPE_HELLO:
+	    if ((caddr_t) (&op->ospf_hello.hello_deadint + 1) > end) {
+		break;
+	    }
+	    if (vflag) {
+		ospf_print_bits(ospf_option_bits, op->ospf_hello.hello_options);
+		printf(" mask %s int %d pri %d dead %u",
+		       ipaddr_string(&op->ospf_hello.hello_mask),
+		       ntohs(op->ospf_hello.hello_helloint),
+		       op->ospf_hello.hello_priority,
+		       (u_int32_t)ntohl(op->ospf_hello.hello_deadint));
+	    }
+
+	    if ((caddr_t) (&op->ospf_hello.hello_dr + 1) > end) {
+		break;
+	    }
+	    if (op->ospf_hello.hello_dr.s_addr) {
+		printf(" dr %s",
+		       ipaddr_string(&op->ospf_hello.hello_dr));
+	    }
+
+	    if ((caddr_t) (&op->ospf_hello.hello_bdr + 1) > end) {
+		break;
+	    }
+	    if (op->ospf_hello.hello_bdr.s_addr) {
+		printf(" bdr %s",
+		       ipaddr_string(&op->ospf_hello.hello_bdr));
+	    }
+
+	    if (vflag) {
+		if ((caddr_t) (op->ospf_hello.hello_neighbor + 1) > end) {
+		    break;
+		}
+		printf(" nbrs");
+		for (ap = op->ospf_hello.hello_neighbor;
+		     (caddr_t) (ap + 1) <= end;
+		     ap++) {
+		    printf(" %s",
+			   ipaddr_string(ap));
+		}
+	    }
+	    break;			/*  HELLO	*/
+
+	case OSPF_TYPE_DB:
+	    if ((caddr_t) (&op->ospf_db.db_seq + 1) > end) {
+		break;
+	    }
+	    ospf_print_bits(ospf_option_bits, op->ospf_db.db_options);
+	    sep = ' ';
+	    if (op->ospf_db.db_flags & OSPF_DB_INIT) {
+		printf("%cI",
+		       sep);
+		sep = '/';
+	    }
+	    if (op->ospf_db.db_flags & OSPF_DB_MORE) {
+		printf("%cM",
+		       sep);
+		sep = '/';
+	    }
+	    if (op->ospf_db.db_flags & OSPF_DB_MASTER) {
+		printf("%cMS",
+		       sep);
+		sep = '/';
+	    }
+	    printf(" S %X", (u_int32_t)ntohl(op->ospf_db.db_seq));
+
+	    if (vflag) {
+		/* Print all the LS adv's */
+		lshp = op->ospf_db.db_lshdr;
+
+		while (!ospf_print_lshdr(lshp, end)) {
+		    printf(" }");				/* { (ctags) */
+		    lshp++;
+		}
+	    }
+	    break;
+
+	case OSPF_TYPE_LSR:
+	    if (vflag) {
+		for (lsrp = op->ospf_lsr; (caddr_t) (lsrp+1) <= end; lsrp++) {
+		    int32_t type;
+
+		    if ((caddr_t) (lsrp + 1) > end) {
+			break;
+		    }
+
+		    printf(" {");				/* } (ctags) */
+		    if (!(type = ntohl(lsrp->ls_type)) || type >= LS_TYPE_MAX) {
+			printf(" ??LinkStateType %d }", type);	/* { (ctags) */
+			printf(" }");				/* { (ctags) */
+			break;
+		    }
+
+		    LS_PRINT(lsrp, type);
+		    printf(" }");				/* { (ctags) */
+		}
+	    }
+	    break;
+
+	case OSPF_TYPE_LSU:
+	    if (vflag) {
+		lsap = op->ospf_lsu.lsu_lsa;
+		i = ntohl(op->ospf_lsu.lsu_count);
+
+		while (i-- &&
+		       !ospf_print_lsa(lsap, end)) {
+		    lsap = (struct lsa *) ((caddr_t) lsap + ntohs(lsap->ls_hdr.ls_length));
+		}
+	    }
+	    break;
+
+
+	case OSPF_TYPE_LSA:
+	    if (vflag) {
+		lshp = op->ospf_lsa.lsa_lshdr;
+
+		while (!ospf_print_lshdr(lshp, end)) {
+		    printf(" }");				/* { (ctags) */
+		    lshp++;
+		}
+		break;
+	    }
+	}			/* end switch on v2 packet type	*/
+	break;
+
+    default:
+	printf(" ospf [version %d]",
+	       op->ospf_version);
+	break;
+    }					/* end switch on version	*/
+
+  trunc_test:
+    if ((snapend - bp) < length) {
+	printf(" [|]");
+    }
+
+    return;				/* from ospf_print	*/
+}
diff --git a/contrib/tcpdump/print-pim.c b/contrib/tcpdump/print-pim.c
new file mode 100644
index 000000000000..2cf0cdd3ded2
--- /dev/null
+++ b/contrib/tcpdump/print-pim.c
@@ -0,0 +1,100 @@
+/*
+ * Copyright (c) 1995, 1996
+ *	The Regents of the University of California.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that: (1) source code distributions
+ * retain the above copyright notice and this paragraph in its entirety, (2)
+ * distributions including binary code include the above copyright notice and
+ * this paragraph in its entirety in the documentation or other materials
+ * provided with the distribution, and (3) all advertising materials mentioning
+ * features or use of this software display the following acknowledgement:
+ * ``This product includes software developed by the University of California,
+ * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
+ * the University nor the names of its contributors may be used to endorse
+ * or promote products derived from this software without specific prior
+ * written permission.
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
+ */
+
+#ifndef lint
+static char rcsid[] =
+    "@(#) $Header: print-pim.c,v 1.6 96/07/23 14:17:26 leres Exp $ (LBL)";
+#endif
+
+#include <sys/param.h>
+#include <sys/time.h>
+#include <sys/socket.h>
+
+#include <netinet/in.h>
+#include <netinet/in_systm.h>
+#include <netinet/ip.h>
+#include <netinet/ip_var.h>
+#include <netinet/udp.h>
+#include <netinet/udp_var.h>
+#include <netinet/tcp.h>
+#include <netinet/tcpip.h>
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <unistd.h>
+
+#include "interface.h"
+#include "addrtoname.h"
+
+void
+pim_print(register const u_char *bp, register u_int len)
+{
+    register const u_char *ep;
+    register u_char type;
+
+    ep = (const u_char *)snapend;
+    if (bp >= ep)
+	return;
+
+    type = bp[1];
+
+    switch (type) {
+    case 0:
+	(void)printf(" Query");
+	break;
+
+    case 1:
+	(void)printf(" Register");
+	break;
+
+    case 2:
+	(void)printf(" Register-Stop");
+	break;
+
+    case 3:
+	(void)printf(" Join/Prune");
+	break;
+
+    case 4:
+	(void)printf(" RP-reachable");
+	break;
+
+    case 5:
+	(void)printf(" Assert");
+	break;
+
+    case 6:
+	(void)printf(" Graft");
+	break;
+
+    case 7:
+	(void)printf(" Graft-ACK");
+	break;
+
+    case 8:
+	(void)printf(" Mode");
+	break;
+
+    default:
+	(void)printf(" [type %d]", type);
+	break;
+    }
+}
diff --git a/contrib/tcpdump/print-ppp.c b/contrib/tcpdump/print-ppp.c
new file mode 100644
index 000000000000..54365518f35a
--- /dev/null
+++ b/contrib/tcpdump/print-ppp.c
@@ -0,0 +1,105 @@
+/*
+ * Copyright (c) 1990, 1991, 1993, 1994, 1995, 1996
+ *	The Regents of the University of California.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that: (1) source code distributions
+ * retain the above copyright notice and this paragraph in its entirety, (2)
+ * distributions including binary code include the above copyright notice and
+ * this paragraph in its entirety in the documentation or other materials
+ * provided with the distribution, and (3) all advertising materials mentioning
+ * features or use of this software display the following acknowledgement:
+ * ``This product includes software developed by the University of California,
+ * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
+ * the University nor the names of its contributors may be used to endorse
+ * or promote products derived from this software without specific prior
+ * written permission.
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
+ */
+
+#ifndef lint
+static  char rcsid[] =
+	"@(#)$Header: print-ppp.c,v 1.22 96/07/14 19:39:03 leres Exp $ (LBL)";
+#endif
+
+#ifdef PPP
+#include <sys/param.h>
+#include <sys/time.h>
+#include <sys/socket.h>
+#include <sys/file.h>
+#include <sys/ioctl.h>
+
+#if __STDC__
+struct mbuf;
+struct rtentry;
+#endif
+#include <net/if.h>
+
+#include <netinet/in.h>
+#include <netinet/in_systm.h>
+#include <netinet/ip.h>
+
+#include <ctype.h>
+#include <netdb.h>
+#include <pcap.h>
+#include <signal.h>
+#include <stdio.h>
+
+#include "interface.h"
+#include "addrtoname.h"
+
+/* XXX This goes somewhere else. */
+#define PPP_HDRLEN 4
+
+void
+ppp_if_print(u_char *user, const struct pcap_pkthdr *h,
+	     register const u_char *p)
+{
+	register u_int length = h->len;
+	register u_int caplen = h->caplen;
+	const struct ip *ip;
+
+	ts_print(&h->ts);
+
+	if (caplen < PPP_HDRLEN) {
+		printf("[|ppp]");
+		goto out;
+	}
+
+	/*
+	 * Some printers want to get back at the link level addresses,
+	 * and/or check that they're not walking off the end of the packet.
+	 * Rather than pass them all the way down, we set these globals.
+	 */
+	packetp = p;
+	snapend = p + caplen;
+
+	if (eflag)
+		printf("%c %4d %02x %04x: ", p[0] ? 'O' : 'I', length,
+		       p[1], ntohs(*(u_short *)&p[2]));
+
+	length -= PPP_HDRLEN;
+	ip = (struct ip *)(p + PPP_HDRLEN);
+	ip_print((const u_char *)ip, length);
+
+	if (xflag)
+		default_print((const u_char *)ip, caplen - PPP_HDRLEN);
+out:
+	putchar('\n');
+}
+#else
+#include <sys/types.h>
+#include <sys/time.h>
+
+#include <stdio.h>
+
+#include "interface.h"
+void
+ppp_if_print(u_char *user, const struct pcap_pkthdr *h, const u_char *p)
+{
+	error("not configured for ppp");
+	/* NOTREACHED */
+}
+#endif
diff --git a/contrib/tcpdump/print-rip.c b/contrib/tcpdump/print-rip.c
new file mode 100644
index 000000000000..879171226950
--- /dev/null
+++ b/contrib/tcpdump/print-rip.c
@@ -0,0 +1,159 @@
+/*
+ * Copyright (c) 1989, 1990, 1991, 1993, 1994, 1996
+ *	The Regents of the University of California.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that: (1) source code distributions
+ * retain the above copyright notice and this paragraph in its entirety, (2)
+ * distributions including binary code include the above copyright notice and
+ * this paragraph in its entirety in the documentation or other materials
+ * provided with the distribution, and (3) all advertising materials mentioning
+ * features or use of this software display the following acknowledgement:
+ * ``This product includes software developed by the University of California,
+ * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
+ * the University nor the names of its contributors may be used to endorse
+ * or promote products derived from this software without specific prior
+ * written permission.
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
+ */
+
+#ifndef lint
+static char rcsid[] =
+    "@(#) $Header: print-rip.c,v 1.34 96/07/23 14:17:26 leres Exp $ (LBL)";
+#endif
+
+#include <sys/param.h>
+#include <sys/time.h>
+#include <sys/socket.h>
+
+#include <netinet/in.h>
+#include <netinet/in_systm.h>
+#include <netinet/ip.h>
+#include <netinet/ip_var.h>
+#include <netinet/udp.h>
+#include <netinet/udp_var.h>
+
+#include <stdio.h>
+
+#include "interface.h"
+#include "addrtoname.h"
+#include "extract.h"			/* must come after interface.h */
+
+struct rip {
+	u_char rip_cmd;			/* request/response */
+	u_char rip_vers;		/* protocol version # */
+	u_short rip_zero2;		/* unused */
+};
+#define	RIPCMD_REQUEST		1	/* want info */
+#define	RIPCMD_RESPONSE		2	/* responding to request */
+#define	RIPCMD_TRACEON		3	/* turn tracing on */
+#define	RIPCMD_TRACEOFF		4	/* turn it off */
+#define	RIPCMD_POLL		5	/* want info from everybody */
+#define	RIPCMD_POLLENTRY	6	/* poll for entry */
+
+struct rip_netinfo {
+	u_short rip_family;
+	u_short rip_tag;
+	u_int32_t rip_dest;
+	u_int32_t rip_dest_mask;
+	u_int32_t rip_router;
+	u_int32_t rip_metric;		/* cost of route */
+};
+
+static void
+rip_entry_print(register int vers, register const struct rip_netinfo *ni)
+{
+	register u_char *cp, *ep;
+
+	if (EXTRACT_16BITS(&ni->rip_family) != AF_INET) {
+
+		printf(" [family %d:", EXTRACT_16BITS(&ni->rip_family));
+		cp = (u_char *)&ni->rip_tag;
+		ep = (u_char *)&ni->rip_metric + sizeof(ni->rip_metric);
+		for (; cp < ep; cp += 2)
+			printf(" %04x", EXTRACT_16BITS(cp));
+		printf("]");
+	} else if (vers < 2) {
+		/* RFC 1058 */
+		printf(" %s", ipaddr_string(&ni->rip_dest));
+	} else {
+		/* RFC 1723 */
+		printf(" {%s", ipaddr_string(&ni->rip_dest));
+		if (ni->rip_dest_mask)
+			printf("/%s", ipaddr_string(&ni->rip_dest_mask));
+		if (ni->rip_router)
+			printf("->%s", ipaddr_string(&ni->rip_router));
+		if (ni->rip_tag)
+			printf(" tag %04x", EXTRACT_16BITS(&ni->rip_tag));
+		printf("}");
+	}
+	printf("(%d)", EXTRACT_32BITS(&ni->rip_metric));
+}
+
+void
+rip_print(const u_char *dat, u_int length)
+{
+	register const struct rip *rp;
+	register const struct rip_netinfo *ni;
+	register int i, j, trunc;
+
+	i = min(length, snapend - dat) - (sizeof(*rp) - sizeof(*ni));
+	if (i < 0)
+		return;
+
+	rp = (struct rip *)dat;
+	switch (rp->rip_cmd) {
+
+	case RIPCMD_REQUEST:
+		printf(" rip-req %d", length);
+		break;
+
+	case RIPCMD_RESPONSE:
+		j = length / sizeof(*ni);
+		if (j * sizeof(*ni) != length - 4)
+			printf(" rip-resp %d[%d]:", j, length);
+		else
+			printf(" rip-resp %d:", j);
+		trunc = ((i / sizeof(*ni)) * sizeof(*ni) != i);
+		ni = (struct rip_netinfo *)(rp + 1);
+		for (; (i -= sizeof(*ni)) >= 0; ++ni)
+			rip_entry_print(rp->rip_vers, ni);
+		if (trunc)
+			printf("[|rip]");
+		break;
+
+	case RIPCMD_TRACEON:
+		printf(" rip-traceon %d: \"", length);
+		(void)fn_print((const u_char *)(rp + 1), snapend);
+		fputs("\"\n", stdout);
+		break;
+
+	case RIPCMD_TRACEOFF:
+		printf(" rip-traceoff %d", length);
+		break;
+
+	case RIPCMD_POLL:
+		printf(" rip-poll %d", length);
+		break;
+
+	case RIPCMD_POLLENTRY:
+		printf(" rip-pollentry %d", length);
+		break;
+
+	default:
+		printf(" rip-#%d %d", rp->rip_cmd, length);
+		break;
+	}
+	switch (rp->rip_vers) {
+
+	case 1:
+	case 2:
+		break;
+
+	default:
+		printf(" [vers %d]", rp->rip_vers);
+		break;
+        }
+}
diff --git a/contrib/tcpdump/print-sl.c b/contrib/tcpdump/print-sl.c
new file mode 100644
index 000000000000..631714d454c1
--- /dev/null
+++ b/contrib/tcpdump/print-sl.c
@@ -0,0 +1,256 @@
+/*
+ * Copyright (c) 1989, 1990, 1991, 1993, 1994, 1995, 1996
+ *	The Regents of the University of California.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that: (1) source code distributions
+ * retain the above copyright notice and this paragraph in its entirety, (2)
+ * distributions including binary code include the above copyright notice and
+ * this paragraph in its entirety in the documentation or other materials
+ * provided with the distribution, and (3) all advertising materials mentioning
+ * features or use of this software display the following acknowledgement:
+ * ``This product includes software developed by the University of California,
+ * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
+ * the University nor the names of its contributors may be used to endorse
+ * or promote products derived from this software without specific prior
+ * written permission.
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
+ */
+
+#ifndef lint
+static  char rcsid[] =
+	"@(#)$Header: print-sl.c,v 1.38 96/07/15 18:23:25 leres Exp $ (LBL)";
+#endif
+
+#ifdef HAVE_NET_SLIP_H
+#include <sys/param.h>
+#include <sys/time.h>
+#include <sys/timeb.h>
+#include <sys/file.h>
+#include <sys/ioctl.h>
+#include <sys/mbuf.h>
+#include <sys/socket.h>
+
+#if __STDC__
+struct rtentry;
+#endif
+#include <net/if.h>
+
+#include <netinet/in.h>
+#include <netinet/in_systm.h>
+#include <netinet/ip.h>
+#include <netinet/if_ether.h>
+#include <netinet/ip_var.h>
+#include <netinet/udp.h>
+#include <netinet/udp_var.h>
+#include <netinet/tcp.h>
+#include <netinet/tcpip.h>
+
+#include <net/slcompress.h>
+#include <net/slip.h>
+
+#include <ctype.h>
+#include <netdb.h>
+#include <pcap.h>
+#include <signal.h>
+#include <stdio.h>
+
+#include "interface.h"
+#include "addrtoname.h"
+#include "extract.h"			/* must come after interface.h */
+
+static u_int lastlen[2][256];
+static u_int lastconn = 255;
+
+static void sliplink_print(const u_char *, const struct ip *, u_int);
+static void compressed_sl_print(const u_char *, const struct ip *, u_int, int);
+
+/* XXX BSD/OS 2.1 compatibility */
+#if !defined(SLIP_HDRLEN) && defined(SLC_BPFHDR)
+#define SLIP_HDRLEN SLC_BPFHDR
+#define SLX_DIR 0
+#define SLX_CHDR (SLC_BPFHDRLEN - 1)
+#define CHDR_LEN (SLC_BPFHDR - SLC_BPFHDRLEN)
+#endif
+
+void
+sl_if_print(u_char *user, const struct pcap_pkthdr *h, const u_char *p)
+{
+	register u_int caplen = h->caplen;
+	register u_int length = h->len;
+	register const struct ip *ip;
+
+	ts_print(&h->ts);
+
+	if (caplen < SLIP_HDRLEN) {
+		printf("[|slip]");
+		goto out;
+	}
+	/*
+	 * Some printers want to get back at the link level addresses,
+	 * and/or check that they're not walking off the end of the packet.
+	 * Rather than pass them all the way down, we set these globals.
+	 */
+	packetp = p;
+	snapend = p + caplen;
+
+	length -= SLIP_HDRLEN;
+
+	ip = (struct ip *)(p + SLIP_HDRLEN);
+
+	if (eflag)
+		sliplink_print(p, ip, length);
+
+	ip_print((u_char *)ip, length);
+
+	if (xflag)
+		default_print((u_char *)ip, caplen - SLIP_HDRLEN);
+ out:
+	putchar('\n');
+}
+
+static void
+sliplink_print(register const u_char *p, register const struct ip *ip,
+	       register u_int length)
+{
+	int dir;
+	u_int hlen;
+
+	dir = p[SLX_DIR];
+	putchar(dir == SLIPDIR_IN ? 'I' : 'O');
+	putchar(' ');
+
+	if (nflag) {
+		/* XXX just dump the header */
+		register int i;
+
+		for (i = SLX_CHDR; i < SLX_CHDR + CHDR_LEN - 1; ++i)
+			printf("%02x.", p[i]);
+		printf("%02x: ", p[SLX_CHDR + CHDR_LEN - 1]);
+		return;
+	}
+	switch (p[SLX_CHDR] & 0xf0) {
+
+	case TYPE_IP:
+		printf("ip %d: ", length + SLIP_HDRLEN);
+		break;
+
+	case TYPE_UNCOMPRESSED_TCP:
+		/*
+		 * The connection id is stored in the IP protcol field.
+		 * Get it from the link layer since sl_uncompress_tcp()
+		 * has restored the IP header copy to IPPROTO_TCP.
+		 */
+		lastconn = ((struct ip *)&p[SLX_CHDR])->ip_p;
+		hlen = ip->ip_hl;
+		hlen += ((struct tcphdr *)&((int *)ip)[hlen])->th_off;
+		lastlen[dir][lastconn] = length - (hlen << 2);
+		printf("utcp %d: ", lastconn);
+		break;
+
+	default:
+		if (p[SLX_CHDR] & TYPE_COMPRESSED_TCP) {
+			compressed_sl_print(&p[SLX_CHDR], ip,
+			    length, dir);
+			printf(": ");
+		} else
+			printf("slip-%d!: ", p[SLX_CHDR]);
+	}
+}
+
+static const u_char *
+print_sl_change(const char *str, register const u_char *cp)
+{
+	register u_int i;
+
+	if ((i = *cp++) == 0) {
+		i = EXTRACT_16BITS(cp);
+		cp += 2;
+	}
+	printf(" %s%d", str, i);
+	return (cp);
+}
+
+static const u_char *
+print_sl_winchange(register const u_char *cp)
+{
+	register short i;
+
+	if ((i = *cp++) == 0) {
+		i = EXTRACT_16BITS(cp);
+		cp += 2;
+	}
+	if (i >= 0)
+		printf(" W+%d", i);
+	else
+		printf(" W%d", i);
+	return (cp);
+}
+
+static void
+compressed_sl_print(const u_char *chdr, const struct ip *ip,
+		    u_int length, int dir)
+{
+	register const u_char *cp = chdr;
+	register u_int flags, hlen;
+
+	flags = *cp++;
+	if (flags & NEW_C) {
+		lastconn = *cp++;
+		printf("ctcp %d", lastconn);
+	} else
+		printf("ctcp *");
+
+	/* skip tcp checksum */
+	cp += 2;
+
+	switch (flags & SPECIALS_MASK) {
+	case SPECIAL_I:
+		printf(" *SA+%d", lastlen[dir][lastconn]);
+		break;
+
+	case SPECIAL_D:
+		printf(" *S+%d", lastlen[dir][lastconn]);
+		break;
+
+	default:
+		if (flags & NEW_U)
+			cp = print_sl_change("U=", cp);
+		if (flags & NEW_W)
+			cp = print_sl_winchange(cp);
+		if (flags & NEW_A)
+			cp = print_sl_change("A+", cp);
+		if (flags & NEW_S)
+			cp = print_sl_change("S+", cp);
+		break;
+	}
+	if (flags & NEW_I)
+		cp = print_sl_change("I+", cp);
+
+	/*
+	 * 'hlen' is the length of the uncompressed TCP/IP header (in words).
+	 * 'cp - chdr' is the length of the compressed header.
+	 * 'length - hlen' is the amount of data in the packet.
+	 */
+	hlen = ip->ip_hl;
+	hlen += ((struct tcphdr *)&((int32_t *)ip)[hlen])->th_off;
+	lastlen[dir][lastconn] = length - (hlen << 2);
+	printf(" %d (%d)", lastlen[dir][lastconn], cp - chdr);
+}
+#else
+#include <sys/types.h>
+#include <sys/time.h>
+
+#include <stdio.h>
+
+#include "interface.h"
+void
+sl_if_print(u_char *user, const struct pcap_pkthdr *h, const u_char *p)
+{
+
+	error("not configured for slip");
+	/* NOTREACHED */
+}
+#endif
diff --git a/contrib/tcpdump/print-snmp.c b/contrib/tcpdump/print-snmp.c
new file mode 100644
index 000000000000..0bc856ad9d17
--- /dev/null
+++ b/contrib/tcpdump/print-snmp.c
@@ -0,0 +1,1039 @@
+/*
+ * Copyright (c) 1990, 1991, 1993, 1994, 1995, 1996
+ *	The Regents of the University of California.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms are permitted
+ * provided that the above copyright notice and this paragraph are
+ * duplicated in all such forms and that any documentation,
+ * advertising materials, and other materials related to such
+ * distribution and use acknowledge that the software was developed
+ * by John Robert LoVerso.
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
+ * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
+ *
+ * This implementation has been influenced by the CMU SNMP release,
+ * by Steve Waldbusser.  However, this shares no code with that system.
+ * Additional ASN.1 insight gained from Marshall T. Rose's _The_Open_Book_.
+ * Earlier forms of this implementation were derived and/or inspired by an
+ * awk script originally written by C. Philip Wood of LANL (but later
+ * heavily modified by John Robert LoVerso).  The copyright notice for
+ * that work is preserved below, even though it may not rightly apply
+ * to this file.
+ *
+ * This started out as a very simple program, but the incremental decoding
+ * (into the BE structure) complicated things.
+ *
+ #			Los Alamos National Laboratory
+ #
+ #	Copyright, 1990.  The Regents of the University of California.
+ #	This software was produced under a U.S. Government contract
+ #	(W-7405-ENG-36) by Los Alamos National Laboratory, which is
+ #	operated by the	University of California for the U.S. Department
+ #	of Energy.  The U.S. Government is licensed to use, reproduce,
+ #	and distribute this software.  Permission is granted to the
+ #	public to copy and use this software without charge, provided
+ #	that this Notice and any statement of authorship are reproduced
+ #	on all copies.  Neither the Government nor the University makes
+ #	any warranty, express or implied, or assumes any liability or
+ #	responsibility for the use of this software.
+ #	@(#)snmp.awk.x	1.1 (LANL) 1/15/90
+ */
+#ifndef lint
+static char rcsid[] =
+    "@(#) $Id: print-snmp.c,v 3.10 91/01/17 01:18:13 loverso Exp Locker: loverso $ (jlv)";
+#endif
+
+#include <sys/param.h>
+#include <sys/time.h>
+
+#include <stdio.h>
+#include <ctype.h>
+#include <string.h>
+
+#include "interface.h"
+#include "addrtoname.h"
+
+/*
+ * Universal ASN.1 types
+ * (we only care about the tag values for those allowed in the Internet SMI)
+ */
+char *Universal[] = {
+	"U-0",
+	"Boolean",
+	"Integer",
+#define INTEGER 2
+	"Bitstring",
+	"String",
+#define STRING 4
+	"Null",
+#define ASN_NULL 5
+	"ObjID",
+#define OBJECTID 6
+	"ObjectDes",
+	"U-8","U-9","U-10","U-11",	/* 8-11 */
+	"U-12","U-13","U-14","U-15",	/* 12-15 */
+	"Sequence",
+#define SEQUENCE 16
+	"Set"
+};
+
+/*
+ * Application-wide ASN.1 types from the Internet SMI and their tags
+ */
+char *Application[] = {
+	"IpAddress",
+#define IPADDR 0
+	"Counter",
+#define COUNTER 1
+	"Gauge",
+#define GAUGE 2
+	"TimeTicks",
+#define TIMETICKS 3
+	"Opaque"
+};
+
+/*
+ * Context-specific ASN.1 types for the SNMP PDUs and their tags
+ */
+char *Context[] = {
+	"GetRequest",
+#define GETREQ 0
+	"GetNextRequest",
+#define GETNEXTREQ 1
+	"GetResponse",
+#define GETRESP 2
+	"SetRequest",
+#define SETREQ 3
+	"Trap"
+#define TRAP 4
+};
+
+/*
+ * Private ASN.1 types
+ * The Internet SMI does not specify any
+ */
+char *Private[] = {
+	"P-0"
+};
+
+/*
+ * error-status values for any SNMP PDU
+ */
+char *ErrorStatus[] = {
+	"noError",
+	"tooBig",
+	"noSuchName",
+	"badValue",
+	"readOnly",
+	"genErr"
+};
+#define DECODE_ErrorStatus(e) \
+	( e >= 0 && e <= sizeof(ErrorStatus)/sizeof(ErrorStatus[0]) \
+	? ErrorStatus[e] : (sprintf(errbuf, "err=%u", e), errbuf))
+
+/*
+ * generic-trap values in the SNMP Trap-PDU
+ */
+char *GenericTrap[] = {
+	"coldStart",
+	"warmStart",
+	"linkDown",
+	"linkUp",
+	"authenticationFailure",
+	"egpNeighborLoss",
+	"enterpriseSpecific"
+#define GT_ENTERPRISE 7
+};
+#define DECODE_GenericTrap(t) \
+	( t >= 0 && t <= sizeof(GenericTrap)/sizeof(GenericTrap[0]) \
+	? GenericTrap[t] : (sprintf(buf, "gt=%d", t), buf))
+
+/*
+ * ASN.1 type class table
+ * Ties together the preceding Universal, Application, Context, and Private
+ * type definitions.
+ */
+#define defineCLASS(x) { "x", x, sizeof(x)/sizeof(x[0]) } /* not ANSI-C */
+struct {
+	char	*name;
+	char	**Id;
+	    int	numIDs;
+    } Class[] = {
+	defineCLASS(Universal),
+#define	UNIVERSAL	0
+	defineCLASS(Application),
+#define	APPLICATION	1
+	defineCLASS(Context),
+#define	CONTEXT		2
+	defineCLASS(Private),
+#define	PRIVATE		3
+};
+
+/*
+ * defined forms for ASN.1 types
+ */
+char *Form[] = {
+	"Primitive",
+#define PRIMITIVE	0
+	"Constructed",
+#define CONSTRUCTED	1
+};
+
+/*
+ * A structure for the OID tree for the compiled-in MIB.
+ * This is stored as a general-order tree.
+ */
+struct obj {
+	char	*desc;			/* name of object */
+	u_char	oid;			/* sub-id following parent */
+	u_char	type;			/* object type (unused) */
+	struct obj *child, *next;	/* child and next sibling pointers */
+} *objp = NULL;
+
+/*
+ * Include the compiled in SNMP MIB.  "mib.h" is produced by feeding
+ * RFC-1156 format files into "makemib".  "mib.h" MUST define at least
+ * a value for `mibroot'.
+ *
+ * In particular, this is gross, as this is including initialized structures,
+ * and by right shouldn't be an "include" file.
+ */
+#include "mib.h"
+
+/*
+ * This defines a list of OIDs which will be abbreviated on output.
+ * Currently, this includes the prefixes for the Internet MIB, the
+ * private enterprises tree, and the experimental tree.
+ */
+struct obj_abrev {
+	char *prefix;			/* prefix for this abrev */
+	struct obj *node;		/* pointer into object table */
+	char *oid;			/* ASN.1 encoded OID */
+} obj_abrev_list[] = {
+#ifndef NO_ABREV_MIB
+	/* .iso.org.dod.internet.mgmt.mib */
+	{ "",	&_mib_obj,		"\53\6\1\2\1" },
+#endif
+#ifndef NO_ABREV_ENTER
+	/* .iso.org.dod.internet.private.enterprises */
+	{ "E:",	&_enterprises_obj,	"\53\6\1\4\1" },
+#endif
+#ifndef NO_ABREV_EXPERI
+	/* .iso.org.dod.internet.experimental */
+	{ "X:",	&_experimental_obj,	"\53\6\1\3" },
+#endif
+	{ 0,0,0 }
+};
+
+/*
+ * This is used in the OID print routine to walk down the object tree
+ * rooted at `mibroot'.
+ */
+#define OBJ_PRINT(o, suppressdot) \
+{ \
+	if (objp) { \
+		do { \
+			if ((o) == objp->oid) \
+				break; \
+		} while ((objp = objp->next) != NULL); \
+	} \
+	if (objp) { \
+		printf(suppressdot?"%s":".%s", objp->desc); \
+		objp = objp->child; \
+	} else \
+		printf(suppressdot?"%u":".%u", (o)); \
+}
+
+/*
+ * This is the definition for the Any-Data-Type storage used purely for
+ * temporary internal representation while decoding an ASN.1 data stream.
+ */
+struct be {
+	u_int32_t asnlen;
+	union {
+		caddr_t raw;
+		int32_t integer;
+		u_int32_t uns;
+		const u_char *str;
+	} data;
+	u_short id;
+	u_char form, class;		/* tag info */
+	u_char type;
+#define BE_ANY		255
+#define BE_NONE		0
+#define BE_NULL		1
+#define BE_OCTET	2
+#define BE_OID		3
+#define BE_INT		4
+#define BE_UNS		5
+#define BE_STR		6
+#define BE_SEQ		7
+#define BE_INETADDR	8
+#define BE_PDU		9
+};
+
+/*
+ * Defaults for SNMP PDU components
+ */
+#define DEF_COMMUNITY "public"
+#define DEF_VERSION 0
+
+/*
+ * constants for ASN.1 decoding
+ */
+#define OIDMUX 40
+#define ASNLEN_INETADDR 4
+#define ASN_SHIFT7 7
+#define ASN_SHIFT8 8
+#define ASN_BIT8 0x80
+#define ASN_LONGLEN 0x80
+
+#define ASN_ID_BITS 0x1f
+#define ASN_FORM_BITS 0x20
+#define ASN_FORM_SHIFT 5
+#define ASN_CLASS_BITS 0xc0
+#define ASN_CLASS_SHIFT 6
+
+#define ASN_ID_EXT 0x1f		/* extension ID in tag field */
+
+/*
+ * truncated==1 means the packet was complete, but we don't have all of
+ * it to decode.
+ */
+static int truncated;
+#define ifNotTruncated if (truncated) fputs("[|snmp]", stdout); else
+
+/*
+ * This decodes the next ASN.1 object in the stream pointed to by "p"
+ * (and of real-length "len") and stores the intermediate data in the
+ * provided BE object.
+ *
+ * This returns -l if it fails (i.e., the ASN.1 stream is not valid).
+ * O/w, this returns the number of bytes parsed from "p".
+ */
+static int
+asn1_parse(register const u_char *p, u_int len, struct be *elem)
+{
+	u_char form, class, id;
+	int i, hdr;
+
+	elem->asnlen = 0;
+	elem->type = BE_ANY;
+	if (len < 1) {
+		ifNotTruncated puts("[nothing to parse], stdout");
+		return -1;
+	}
+
+	/*
+	 * it would be nice to use a bit field, but you can't depend on them.
+	 *  +---+---+---+---+---+---+---+---+
+	 *  + class |frm|        id         |
+	 *  +---+---+---+---+---+---+---+---+
+	 *    7   6   5   4   3   2   1   0
+	 */
+	id = *p & ASN_ID_BITS;		/* lower 5 bits, range 00-1f */
+#ifdef notdef
+	form = (*p & 0xe0) >> 5;	/* move upper 3 bits to lower 3 */
+	class = form >> 1;		/* bits 7&6 -> bits 1&0, range 0-3 */
+	form &= 0x1;			/* bit 5 -> bit 0, range 0-1 */
+#else
+	form = (*p & ASN_FORM_BITS) >> ASN_FORM_SHIFT;
+	class = (*p & ASN_CLASS_BITS) >> ASN_CLASS_SHIFT;
+#endif
+	elem->form = form;
+	elem->class = class;
+	elem->id = id;
+	if (vflag)
+		printf("|%.2x", *p);
+	p++; len--; hdr = 1;
+	/* extended tag field */
+	if (id == ASN_ID_EXT) {
+		for (id = 0; *p & ASN_BIT8 && len > 0; len--, hdr++, p++) {
+			if (vflag)
+				printf("|%.2x", *p);
+			id = (id << 7) | (*p & ~ASN_BIT8);
+		}
+		if (len == 0 && *p & ASN_BIT8) {
+			ifNotTruncated fputs("[Xtagfield?]", stdout);
+			return -1;
+		}
+		elem->id = id = (id << 7) | *p;
+		--len;
+		++hdr;
+		++p;
+	}
+	if (len < 1) {
+		ifNotTruncated fputs("[no asnlen]", stdout);
+		return -1;
+	}
+	elem->asnlen = *p;
+	if (vflag)
+		printf("|%.2x", *p);
+	p++; len--; hdr++;
+	if (elem->asnlen & ASN_BIT8) {
+		int noct = elem->asnlen % ASN_BIT8;
+		elem->asnlen = 0;
+		if (len < noct) {
+			ifNotTruncated printf("[asnlen? %d<%d]", len, noct);
+			return -1;
+		}
+		for (; noct-- > 0; len--, hdr++) {
+			if (vflag)
+				printf("|%.2x", *p);
+			elem->asnlen = (elem->asnlen << ASN_SHIFT8) | *p++;
+		}
+	}
+	if (len < elem->asnlen) {
+		if (!truncated) {
+			printf("[len%d<asnlen%u]", len, elem->asnlen);
+			return -1;
+		}
+		/* maybe should check at least 4? */
+		elem->asnlen = len;
+	}
+	if (form >= sizeof(Form)/sizeof(Form[0])) {
+		ifNotTruncated printf("[form?%d]", form);
+		return -1;
+	}
+	if (class >= sizeof(Class)/sizeof(Class[0])) {
+		ifNotTruncated printf("[class?%c/%d]", *Form[form], class);
+		return -1;
+	}
+	if (id >= Class[class].numIDs) {
+		ifNotTruncated printf("[id?%c/%s/%d]", *Form[form],
+			Class[class].name, id);
+		return -1;
+	}
+
+	switch (form) {
+	case PRIMITIVE:
+		switch (class) {
+		case UNIVERSAL:
+			switch (id) {
+			case STRING:
+				elem->type = BE_STR;
+				elem->data.str = p;
+				break;
+
+			case INTEGER: {
+				register int32_t data;
+				elem->type = BE_INT;
+				data = 0;
+
+				if (*p & ASN_BIT8)	/* negative */
+					data = -1;
+				for (i = elem->asnlen; i-- > 0; p++)
+					data = (data << ASN_SHIFT8) | *p;
+				elem->data.integer = data;
+				break;
+			}
+
+			case OBJECTID:
+				elem->type = BE_OID;
+				elem->data.raw = (caddr_t)p;
+				break;
+
+			case ASN_NULL:
+				elem->type = BE_NULL;
+				elem->data.raw = NULL;
+				break;
+
+			default:
+				elem->type = BE_OCTET;
+				elem->data.raw = (caddr_t)p;
+				printf("[P/U/%s]",
+					Class[class].Id[id]);
+				break;
+			}
+			break;
+
+		case APPLICATION:
+			switch (id) {
+			case IPADDR:
+				elem->type = BE_INETADDR;
+				elem->data.raw = (caddr_t)p;
+				break;
+
+			case COUNTER:
+			case GAUGE:
+			case TIMETICKS: {
+				register u_int32_t data;
+				elem->type = BE_UNS;
+				data = 0;
+				for (i = elem->asnlen; i-- > 0; p++)
+					data = (data << 8) + *p;
+				elem->data.uns = data;
+				break;
+			}
+
+			default:
+				elem->type = BE_OCTET;
+				elem->data.raw = (caddr_t)p;
+				printf("[P/A/%s]",
+					Class[class].Id[id]);
+				break;
+			}
+			break;
+
+		default:
+			elem->type = BE_OCTET;
+			elem->data.raw = (caddr_t)p;
+			printf("[P/%s/%s]",
+				Class[class].name, Class[class].Id[id]);
+			break;
+		}
+		break;
+
+	case CONSTRUCTED:
+		switch (class) {
+		case UNIVERSAL:
+			switch (id) {
+			case SEQUENCE:
+				elem->type = BE_SEQ;
+				elem->data.raw = (caddr_t)p;
+				break;
+
+			default:
+				elem->type = BE_OCTET;
+				elem->data.raw = (caddr_t)p;
+				printf("C/U/%s", Class[class].Id[id]);
+				break;
+			}
+			break;
+
+		case CONTEXT:
+			elem->type = BE_PDU;
+			elem->data.raw = (caddr_t)p;
+			break;
+
+		default:
+			elem->type = BE_OCTET;
+			elem->data.raw = (caddr_t)p;
+			printf("C/%s/%s",
+				Class[class].name, Class[class].Id[id]);
+			break;
+		}
+		break;
+	}
+	p += elem->asnlen;
+	len -= elem->asnlen;
+	return elem->asnlen + hdr;
+}
+
+/*
+ * Display the ASN.1 object represented by the BE object.
+ * This used to be an integral part of asn1_parse() before the intermediate
+ * BE form was added.
+ */
+static void
+asn1_print(struct be *elem)
+{
+	u_char *p = (u_char *)elem->data.raw;
+	u_int32_t asnlen = elem->asnlen;
+	int i;
+
+	switch (elem->type) {
+
+	case BE_OCTET:
+		for (i = asnlen; i-- > 0; p++);
+			printf("_%.2x", *p);
+		break;
+
+	case BE_NULL:
+		break;
+
+	case BE_OID: {
+	int o = 0, first = -1, i = asnlen;
+
+		if (!nflag && asnlen > 2) {
+			struct obj_abrev *a = &obj_abrev_list[0];
+			for (; a->node; a++) {
+				if (!memcmp(a->oid, (char *)p,
+				    strlen(a->oid))) {
+					objp = a->node->child;
+					i -= strlen(a->oid);
+					p += strlen(a->oid);
+					fputs(a->prefix, stdout);
+					first = 1;
+					break;
+				}
+			}
+		}
+		for (; i-- > 0; p++) {
+			o = (o << ASN_SHIFT7) + (*p & ~ASN_BIT8);
+			if (*p & ASN_LONGLEN)
+				continue;
+
+			/*
+			 * first subitem encodes two items with 1st*OIDMUX+2nd
+			 */
+			if (first < 0) {
+				if (!nflag)
+					objp = mibroot;
+				first = 0;
+				OBJ_PRINT(o/OIDMUX, first);
+				o %= OIDMUX;
+			}
+			OBJ_PRINT(o, first);
+			if (--first < 0)
+				first = 0;
+			o = 0;
+		}
+		break;
+	}
+
+	case BE_INT:
+		printf("%d", elem->data.integer);
+		break;
+
+	case BE_UNS:
+		printf("%d", elem->data.uns);
+		break;
+
+	case BE_STR: {
+		register int printable = 1, first = 1;
+		const u_char *p = elem->data.str;
+		for (i = asnlen; printable && i-- > 0; p++)
+			printable = isprint(*p) || isspace(*p);
+		p = elem->data.str;
+		if (printable) {
+			putchar('"');
+			(void)fn_print(p, p + asnlen);
+			putchar('"');
+		} else
+			for (i = asnlen; i-- > 0; p++) {
+				printf(first ? "%.2x" : "_%.2x", *p);
+				first = 0;
+			}
+		break;
+	}
+
+	case BE_SEQ:
+		printf("Seq(%u)", elem->asnlen);
+		break;
+
+	case BE_INETADDR: {
+		char sep;
+		if (asnlen != ASNLEN_INETADDR)
+			printf("[inetaddr len!=%d]", ASNLEN_INETADDR);
+		sep='[';
+		for (i = asnlen; i-- > 0; p++) {
+			printf("%c%u", sep, *p);
+			sep='.';
+		}
+		putchar(']');
+		break;
+	}
+
+	case BE_PDU:
+		printf("%s(%u)",
+			Class[CONTEXT].Id[elem->id], elem->asnlen);
+		break;
+
+	case BE_ANY:
+		fputs("[BE_ANY!?]", stdout);
+		break;
+
+	default:
+		fputs("[be!?]", stdout);
+		break;
+	}
+}
+
+#ifdef notdef
+/*
+ * This is a brute force ASN.1 printer: recurses to dump an entire structure.
+ * This will work for any ASN.1 stream, not just an SNMP PDU.
+ *
+ * By adding newlines and spaces at the correct places, this would print in
+ * Rose-Normal-Form.
+ *
+ * This is not currently used.
+ */
+static void
+asn1_decode(u_char *p, u_int length)
+{
+	struct be elem;
+	int i = 0;
+
+	while (i >= 0 && length > 0) {
+		i = asn1_parse(p, length, &elem);
+		if (i >= 0) {
+			fputs(" ", stdout);
+			asn1_print(&elem);
+			if (elem.type == BE_SEQ || elem.type == BE_PDU) {
+				fputs(" {", stdout);
+				asn1_decode(elem.data.raw, elem.asnlen);
+				fputs(" }", stdout);
+			}
+			length -= i;
+			p += i;
+		}
+	}
+}
+#endif
+
+/*
+ * General SNMP header
+ *	SEQUENCE {
+ *		version INTEGER {version-1(0)},
+ *		community OCTET STRING,
+ *		data ANY	-- PDUs
+ *	}
+ * PDUs for all but Trap: (see rfc1157 from page 15 on)
+ *	SEQUENCE {
+ *		request-id INTEGER,
+ *		error-status INTEGER,
+ *		error-index INTEGER,
+ *		varbindlist SEQUENCE OF
+ *			SEQUENCE {
+ *				name ObjectName,
+ *				value ObjectValue
+ *			}
+ *	}
+ * PDU for Trap:
+ *	SEQUENCE {
+ *		enterprise OBJECT IDENTIFIER,
+ *		agent-addr NetworkAddress,
+ *		generic-trap INTEGER,
+ *		specific-trap INTEGER,
+ *		time-stamp TimeTicks,
+ *		varbindlist SEQUENCE OF
+ *			SEQUENCE {
+ *				name ObjectName,
+ *				value ObjectValue
+ *			}
+ *	}
+ */
+
+/*
+ * Decode SNMP varBind
+ */
+static void
+varbind_print(u_char pduid, const u_char *np, u_int length, int error)
+{
+	struct be elem;
+	int count = 0, ind;
+
+	/* Sequence of varBind */
+	if ((count = asn1_parse(np, length, &elem)) < 0)
+		return;
+	if (elem.type != BE_SEQ) {
+		fputs("[!SEQ of varbind]", stdout);
+		asn1_print(&elem);
+		return;
+	}
+	if (count < length)
+		printf("[%d extra after SEQ of varbind]", length - count);
+	/* descend */
+	length = elem.asnlen;
+	np = (u_char *)elem.data.raw;
+
+	for (ind = 1; length > 0; ind++) {
+		const u_char *vbend;
+		u_int vblength;
+
+		if (!error || ind == error)
+			fputs(" ", stdout);
+
+		/* Sequence */
+		if ((count = asn1_parse(np, length, &elem)) < 0)
+			return;
+		if (elem.type != BE_SEQ) {
+			fputs("[!varbind]", stdout);
+			asn1_print(&elem);
+			return;
+		}
+		vbend = np + count;
+		vblength = length - count;
+		/* descend */
+		length = elem.asnlen;
+		np = (u_char *)elem.data.raw;
+
+		/* objName (OID) */
+		if ((count = asn1_parse(np, length, &elem)) < 0)
+			return;
+		if (elem.type != BE_OID) {
+			fputs("[objName!=OID]", stdout);
+			asn1_print(&elem);
+			return;
+		}
+		if (!error || ind == error)
+			asn1_print(&elem);
+		length -= count;
+		np += count;
+
+		if (pduid != GETREQ && pduid != GETNEXTREQ && !error)
+				fputs("=", stdout);
+
+		/* objVal (ANY) */
+		if ((count = asn1_parse(np, length, &elem)) < 0)
+			return;
+		if (pduid == GETREQ || pduid == GETNEXTREQ) {
+			if (elem.type != BE_NULL) {
+				fputs("[objVal!=NULL]", stdout);
+				asn1_print(&elem);
+			}
+		} else
+			if (error && ind == error && elem.type != BE_NULL)
+				fputs("[err objVal!=NULL]", stdout);
+			if (!error || ind == error)
+				asn1_print(&elem);
+
+		length = vblength;
+		np = vbend;
+	}
+}
+
+/*
+ * Decode SNMP PDUs: GetRequest, GetNextRequest, GetResponse, and SetRequest
+ */
+static void
+snmppdu_print(u_char pduid, const u_char *np, u_int length)
+{
+	struct be elem;
+	int count = 0, error;
+
+	/* reqId (Integer) */
+	if ((count = asn1_parse(np, length, &elem)) < 0)
+		return;
+	if (elem.type != BE_INT) {
+		fputs("[reqId!=INT]", stdout);
+		asn1_print(&elem);
+		return;
+	}
+	/* ignore the reqId */
+	length -= count;
+	np += count;
+
+	/* errorStatus (Integer) */
+	if ((count = asn1_parse(np, length, &elem)) < 0)
+		return;
+	if (elem.type != BE_INT) {
+		fputs("[errorStatus!=INT]", stdout);
+		asn1_print(&elem);
+		return;
+	}
+	error = 0;
+	if ((pduid == GETREQ || pduid == GETNEXTREQ)
+	    && elem.data.integer != 0) {
+		char errbuf[10];
+		printf("[errorStatus(%s)!=0]",
+			DECODE_ErrorStatus(elem.data.integer));
+	} else if (elem.data.integer != 0) {
+		char errbuf[10];
+		printf(" %s", DECODE_ErrorStatus(elem.data.integer));
+		error = elem.data.integer;
+	}
+	length -= count;
+	np += count;
+
+	/* errorIndex (Integer) */
+	if ((count = asn1_parse(np, length, &elem)) < 0)
+		return;
+	if (elem.type != BE_INT) {
+		fputs("[errorIndex!=INT]", stdout);
+		asn1_print(&elem);
+		return;
+	}
+	if ((pduid == GETREQ || pduid == GETNEXTREQ)
+	    && elem.data.integer != 0)
+		printf("[errorIndex(%d)!=0]", elem.data.integer);
+	else if (elem.data.integer != 0) {
+		if (!error)
+			printf("[errorIndex(%d) w/o errorStatus]",
+				elem.data.integer);
+		else {
+			printf("@%d", elem.data.integer);
+			error = elem.data.integer;
+		}
+	} else if (error) {
+		fputs("[errorIndex==0]", stdout);
+		error = 0;
+	}
+	length -= count;
+	np += count;
+
+	varbind_print(pduid, np, length, error);
+	return;
+}
+
+/*
+ * Decode SNMP Trap PDU
+ */
+static void
+trap_print(const u_char *np, u_int length)
+{
+	struct be elem;
+	int count = 0, generic;
+
+	putchar(' ');
+
+	/* enterprise (oid) */
+	if ((count = asn1_parse(np, length, &elem)) < 0)
+		return;
+	if (elem.type != BE_OID) {
+		fputs("[enterprise!=OID]", stdout);
+		asn1_print(&elem);
+		return;
+	}
+	asn1_print(&elem);
+	length -= count;
+	np += count;
+
+	putchar(' ');
+
+	/* agent-addr (inetaddr) */
+	if ((count = asn1_parse(np, length, &elem)) < 0)
+		return;
+	if (elem.type != BE_INETADDR) {
+		fputs("[agent-addr!=INETADDR]", stdout);
+		asn1_print(&elem);
+		return;
+	}
+	asn1_print(&elem);
+	length -= count;
+	np += count;
+
+	/* generic-trap (Integer) */
+	if ((count = asn1_parse(np, length, &elem)) < 0)
+		return;
+	if (elem.type != BE_INT) {
+		fputs("[generic-trap!=INT]", stdout);
+		asn1_print(&elem);
+		return;
+	}
+	generic = elem.data.integer;
+	{
+		char buf[10];
+		printf(" %s", DECODE_GenericTrap(generic));
+	}
+	length -= count;
+	np += count;
+
+	/* specific-trap (Integer) */
+	if ((count = asn1_parse(np, length, &elem)) < 0)
+		return;
+	if (elem.type != BE_INT) {
+		fputs("[specific-trap!=INT]", stdout);
+		asn1_print(&elem);
+		return;
+	}
+	if (generic != GT_ENTERPRISE) {
+		if (elem.data.integer != 0)
+			printf("[specific-trap(%d)!=0]", elem.data.integer);
+	} else
+		printf(" s=%d", elem.data.integer);
+	length -= count;
+	np += count;
+
+	putchar(' ');
+
+	/* time-stamp (TimeTicks) */
+	if ((count = asn1_parse(np, length, &elem)) < 0)
+		return;
+	if (elem.type != BE_UNS) {			/* XXX */
+		fputs("[time-stamp!=TIMETICKS]", stdout);
+		asn1_print(&elem);
+		return;
+	}
+	asn1_print(&elem);
+	length -= count;
+	np += count;
+
+	varbind_print (TRAP, np, length, 0);
+	return;
+}
+
+/*
+ * Decode SNMP header and pass on to PDU printing routines
+ */
+void
+snmp_print(const u_char *np, u_int length)
+{
+	struct be elem, pdu;
+	int count = 0;
+
+	truncated = 0;
+
+	/* truncated packet? */
+	if (np + length > snapend) {
+		truncated = 1;
+		length = snapend - np;
+	}
+
+	putchar(' ');
+
+	/* initial Sequence */
+	if ((count = asn1_parse(np, length, &elem)) < 0)
+		return;
+	if (elem.type != BE_SEQ) {
+		fputs("[!init SEQ]", stdout);
+		asn1_print(&elem);
+		return;
+	}
+	if (count < length)
+		printf("[%d extra after iSEQ]", length - count);
+	/* descend */
+	length = elem.asnlen;
+	np = (u_char *)elem.data.raw;
+	/* Version (Integer) */
+	if ((count = asn1_parse(np, length, &elem)) < 0)
+		return;
+	if (elem.type != BE_INT) {
+		fputs("[version!=INT]", stdout);
+		asn1_print(&elem);
+		return;
+	}
+	/* only handle version==0 */
+	if (elem.data.integer != DEF_VERSION) {
+		printf("[version(%d)!=0]", elem.data.integer);
+		return;
+	}
+	length -= count;
+	np += count;
+
+	/* Community (String) */
+	if ((count = asn1_parse(np, length, &elem)) < 0)
+		return;
+	if (elem.type != BE_STR) {
+		fputs("[comm!=STR]", stdout);
+		asn1_print(&elem);
+		return;
+	}
+	/* default community */
+	if (strncmp((char *)elem.data.str, DEF_COMMUNITY,
+	    sizeof(DEF_COMMUNITY) - 1))
+		/* ! "public" */
+		printf("C=%.*s ", (int)elem.asnlen, elem.data.str);
+	length -= count;
+	np += count;
+
+	/* PDU (Context) */
+	if ((count = asn1_parse(np, length, &pdu)) < 0)
+		return;
+	if (pdu.type != BE_PDU) {
+		fputs("[no PDU]", stdout);
+		return;
+	}
+	if (count < length)
+		printf("[%d extra after PDU]", length - count);
+	asn1_print(&pdu);
+	/* descend into PDU */
+	length = pdu.asnlen;
+	np = (u_char *)pdu.data.raw;
+
+	switch (pdu.id) {
+	case TRAP:
+		trap_print(np, length);
+		break;
+	case GETREQ:
+	case GETNEXTREQ:
+	case GETRESP:
+	case SETREQ:
+		snmppdu_print(pdu.id, np, length);
+		break;
+	}
+	return;
+}
diff --git a/contrib/tcpdump/print-sunrpc.c b/contrib/tcpdump/print-sunrpc.c
new file mode 100644
index 000000000000..71055aa1953d
--- /dev/null
+++ b/contrib/tcpdump/print-sunrpc.c
@@ -0,0 +1,132 @@
+/*
+ * Copyright (c) 1992, 1993, 1994, 1995, 1996
+ *	The Regents of the University of California.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that: (1) source code distributions
+ * retain the above copyright notice and this paragraph in its entirety, (2)
+ * distributions including binary code include the above copyright notice and
+ * this paragraph in its entirety in the documentation or other materials
+ * provided with the distribution, and (3) all advertising materials mentioning
+ * features or use of this software display the following acknowledgement:
+ * ``This product includes software developed by the University of California,
+ * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
+ * the University nor the names of its contributors may be used to endorse
+ * or promote products derived from this software without specific prior
+ * written permission.
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
+ */
+
+#ifndef lint
+static char rcsid[] =
+    "@(#) $Header: print-sunrpc.c,v 1.24 96/07/23 14:17:27 leres Exp $ (LBL)";
+#endif
+
+#include <sys/param.h>
+#include <sys/time.h>
+#include <sys/socket.h>
+
+#if __STDC__
+struct mbuf;
+struct rtentry;
+#endif
+#include <net/if.h>
+
+#include <netinet/in.h>
+#include <netinet/if_ether.h>
+#include <netinet/in_systm.h>
+#include <netinet/ip.h>
+#include <netinet/ip_var.h>
+
+#include <rpc/rpc.h>
+#ifdef HAVE_RPC_RPCENT_H
+#include <rpc/rpcent.h>
+#endif
+#include <rpc/pmap_prot.h>
+
+#include <ctype.h>
+#include <netdb.h>
+#include <stdio.h>
+#include <string.h>
+
+#include "interface.h"
+#include "addrtoname.h"
+
+static struct tok proc2str[] = {
+	{ PMAPPROC_NULL,	"null" },
+	{ PMAPPROC_SET,		"set" },
+	{ PMAPPROC_UNSET,	"unset" },
+	{ PMAPPROC_GETPORT,	"getport" },
+	{ PMAPPROC_DUMP,	"dump" },
+	{ PMAPPROC_CALLIT,	"call" },
+	{ 0,			NULL }
+};
+
+/* Forwards */
+static char *progstr(u_int32_t);
+
+void
+sunrpcrequest_print(register const u_char *bp, register u_int length,
+		    register const u_char *bp2)
+{
+	register const struct rpc_msg *rp;
+	register const struct ip *ip;
+	u_int32_t x;
+
+	rp = (struct rpc_msg *)bp;
+	ip = (struct ip *)bp2;
+
+	if (!nflag)
+		(void)printf("%s.%x > %s.sunrpc: %d",
+			     ipaddr_string(&ip->ip_src),
+			     (u_int32_t)ntohl(rp->rm_xid),
+			     ipaddr_string(&ip->ip_dst),
+			     length);
+	else
+		(void)printf("%s.%x > %s.%x: %d",
+			     ipaddr_string(&ip->ip_src),
+			     (u_int32_t)ntohl(rp->rm_xid),
+			     ipaddr_string(&ip->ip_dst),
+			     PMAPPORT,
+			     length);
+	printf(" %s", tok2str(proc2str, " proc #%u",
+	    (u_int32_t)ntohl(rp->rm_call.cb_proc)));
+	x = ntohl(rp->rm_call.cb_rpcvers);
+	if (x != 2)
+		printf(" [rpcver %u]", x);
+
+	switch (ntohl(rp->rm_call.cb_proc)) {
+
+	case PMAPPROC_SET:
+	case PMAPPROC_UNSET:
+	case PMAPPROC_GETPORT:
+	case PMAPPROC_CALLIT:
+		x = ntohl(rp->rm_call.cb_prog);
+		if (!nflag)
+			printf(" %s", progstr(x));
+		else
+			printf(" %u", x);
+		printf(".%u", (u_int32_t)ntohl(rp->rm_call.cb_vers));
+		break;
+	}
+}
+
+static char *
+progstr(prog)
+	u_int32_t prog;
+{
+	register struct rpcent *rp;
+	static char buf[32];
+	static lastprog = 0;
+
+	if (lastprog != 0 && prog == lastprog)
+		return (buf);
+	rp = getrpcbynumber(prog);
+	if (rp == NULL)
+		(void) sprintf(buf, "#%u", prog);
+	else
+		strcpy(buf, rp->r_name);
+	return (buf);
+}
diff --git a/contrib/tcpdump/print-tcp.c b/contrib/tcpdump/print-tcp.c
new file mode 100644
index 000000000000..a865e19b09d2
--- /dev/null
+++ b/contrib/tcpdump/print-tcp.c
@@ -0,0 +1,360 @@
+/*
+ * Copyright (c) 1988, 1989, 1990, 1991, 1992, 1993, 1994, 1995, 1996
+ *	The Regents of the University of California.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that: (1) source code distributions
+ * retain the above copyright notice and this paragraph in its entirety, (2)
+ * distributions including binary code include the above copyright notice and
+ * this paragraph in its entirety in the documentation or other materials
+ * provided with the distribution, and (3) all advertising materials mentioning
+ * features or use of this software display the following acknowledgement:
+ * ``This product includes software developed by the University of California,
+ * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
+ * the University nor the names of its contributors may be used to endorse
+ * or promote products derived from this software without specific prior
+ * written permission.
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
+ */
+
+#ifndef lint
+static char rcsid[] =
+    "@(#) $Header: print-tcp.c,v 1.46 96/07/23 14:17:27 leres Exp $ (LBL)";
+#endif
+
+#include <sys/param.h>
+#include <sys/time.h>
+
+#include <netinet/in.h>
+#include <netinet/in_systm.h>
+#include <netinet/ip.h>
+#include <netinet/ip_var.h>
+#include <netinet/tcp.h>
+#include <netinet/tcpip.h>
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <unistd.h>
+
+#include "interface.h"
+#include "addrtoname.h"
+#include "extract.h"
+
+/* Compatibility */
+#ifndef TCPOPT_WSCALE
+#define	TCPOPT_WSCALE		3	/* window scale factor (rfc1072) */
+#endif
+#ifndef TCPOPT_SACKOK
+#define	TCPOPT_SACKOK		4	/* selective ack ok (rfc1072) */
+#endif
+#ifndef TCPOPT_SACK
+#define	TCPOPT_SACK		5	/* selective ack (rfc1072) */
+#endif
+#ifndef TCPOPT_ECHO
+#define	TCPOPT_ECHO		6	/* echo (rfc1072) */
+#endif
+#ifndef TCPOPT_ECHOREPLY
+#define	TCPOPT_ECHOREPLY	7	/* echo (rfc1072) */
+#endif
+#ifndef TCPOPT_TIMESTAMP
+#define TCPOPT_TIMESTAMP	8	/* timestamps (rfc1323) */
+#endif
+#ifndef TCPOPT_CC
+#define TCPOPT_CC		11	/* T/TCP CC options (rfc1644) */
+#endif
+#ifndef TCPOPT_CCNEW
+#define TCPOPT_CCNEW		12	/* T/TCP CC options (rfc1644) */
+#endif
+#ifndef TCPOPT_CCECHO
+#define TCPOPT_CCECHO		13	/* T/TCP CC options (rfc1644) */
+#endif
+
+struct tha {
+	struct in_addr src;
+	struct in_addr dst;
+	u_int port;
+};
+
+struct tcp_seq_hash {
+	struct tcp_seq_hash *nxt;
+	struct tha addr;
+	tcp_seq seq;
+	tcp_seq ack;
+};
+
+#define TSEQ_HASHSIZE 919
+
+/* These tcp optinos do not have the size octet */
+#define ZEROLENOPT(o) ((o) == TCPOPT_EOL || (o) == TCPOPT_NOP)
+
+static struct tcp_seq_hash tcp_seq_hash[TSEQ_HASHSIZE];
+
+
+void
+tcp_print(register const u_char *bp, register u_int length,
+	  register const u_char *bp2)
+{
+	register const struct tcphdr *tp;
+	register const struct ip *ip;
+	register u_char flags;
+	register u_int hlen;
+	register char ch;
+	u_short sport, dport, win, urp;
+	u_int32_t seq, ack;
+
+	tp = (struct tcphdr *)bp;
+	ip = (struct ip *)bp2;
+	ch = '\0';
+	TCHECK(*tp);
+	if (length < sizeof(*tp)) {
+		(void)printf("truncated-tcp %d", length);
+		return;
+	}
+
+	sport = ntohs(tp->th_sport);
+	dport = ntohs(tp->th_dport);
+	seq = ntohl(tp->th_seq);
+	ack = ntohl(tp->th_ack);
+	win = ntohs(tp->th_win);
+	urp = ntohs(tp->th_urp);
+
+	(void)printf("%s.%s > %s.%s: ",
+		ipaddr_string(&ip->ip_src), tcpport_string(sport),
+		ipaddr_string(&ip->ip_dst), tcpport_string(dport));
+
+	if (qflag) {
+		(void)printf("tcp %d", length - tp->th_off * 4);
+		return;
+	}
+	if ((flags = tp->th_flags) & (TH_SYN|TH_FIN|TH_RST|TH_PUSH)) {
+		if (flags & TH_SYN)
+			putchar('S');
+		if (flags & TH_FIN)
+			putchar('F');
+		if (flags & TH_RST)
+			putchar('R');
+		if (flags & TH_PUSH)
+			putchar('P');
+	} else
+		putchar('.');
+
+	if (!Sflag && (flags & TH_ACK)) {
+		register struct tcp_seq_hash *th;
+		register int rev;
+		struct tha tha;
+		/*
+		 * Find (or record) the initial sequence numbers for
+		 * this conversation.  (we pick an arbitrary
+		 * collating order so there's only one entry for
+		 * both directions).
+		 */
+		if (sport < dport ||
+		    (sport == dport &&
+		     ip->ip_src.s_addr < ip->ip_dst.s_addr)) {
+			tha.src = ip->ip_src, tha.dst = ip->ip_dst;
+			tha.port = sport << 16 | dport;
+			rev = 0;
+		} else {
+			tha.src = ip->ip_dst, tha.dst = ip->ip_src;
+			tha.port = dport << 16 | sport;
+			rev = 1;
+		}
+
+		for (th = &tcp_seq_hash[tha.port % TSEQ_HASHSIZE];
+		     th->nxt; th = th->nxt)
+			if (!memcmp((char *)&tha, (char *)&th->addr,
+				  sizeof(th->addr)))
+				break;
+
+		if (!th->nxt || flags & TH_SYN) {
+			/* didn't find it or new conversation */
+			if (th->nxt == NULL) {
+				th->nxt = (struct tcp_seq_hash *)
+					calloc(1, sizeof(*th));
+				if (th->nxt == NULL)
+					error("tcp_print: calloc");
+			}
+			th->addr = tha;
+			if (rev)
+				th->ack = seq, th->seq = ack - 1;
+			else
+				th->seq = seq, th->ack = ack - 1;
+		} else {
+			if (rev)
+				seq -= th->ack, ack -= th->seq;
+			else
+				seq -= th->seq, ack -= th->ack;
+		}
+	}
+	hlen = tp->th_off * 4;
+	length -= hlen;
+	if (length > 0 || flags & (TH_SYN | TH_FIN | TH_RST))
+		(void)printf(" %u:%u(%d)", seq, seq + length, length);
+	if (flags & TH_ACK)
+		(void)printf(" ack %u", ack);
+
+	(void)printf(" win %d", win);
+
+	if (flags & TH_URG)
+		(void)printf(" urg %d", urp);
+	/*
+	 * Handle any options.
+	 */
+	if ((hlen -= sizeof(*tp)) > 0) {
+		register const u_char *cp;
+		register int i, opt, len, datalen;
+
+		cp = (const u_char *)tp + sizeof(*tp);
+		putchar(' ');
+		ch = '<';
+		while (hlen > 0) {
+			--hlen;
+			putchar(ch);
+			if (cp > snapend)
+				goto trunc;
+			opt = *cp++;
+			if (ZEROLENOPT(opt))
+				len = 1;
+			else {
+				if (cp > snapend)
+					goto trunc;
+				len = *cp++;
+				--hlen;
+			}
+			datalen = 0;
+			switch (opt) {
+
+			case TCPOPT_MAXSEG:
+				(void)printf("mss");
+				datalen = 2;
+				if (cp + datalen > snapend)
+					goto trunc;
+				(void)printf(" %u", EXTRACT_16BITS(cp));
+
+				break;
+
+			case TCPOPT_EOL:
+				(void)printf("eol");
+				break;
+
+			case TCPOPT_NOP:
+				(void)printf("nop");
+				break;
+
+			case TCPOPT_WSCALE:
+				(void)printf("wscale");
+				datalen = 1;
+				if (cp + datalen > snapend)
+					goto trunc;
+				(void)printf(" %u", *cp);
+				break;
+
+			case TCPOPT_SACKOK:
+				(void)printf("sackOK");
+				break;
+
+			case TCPOPT_SACK:
+				(void)printf("sack");
+				datalen = len - 2;
+				i = datalen;
+				for (i = datalen; i > 0; i -= 4) {
+					if (cp + i + 4 > snapend)
+						goto trunc;
+					/* block-size@relative-origin */
+					(void)printf(" %u@%u",
+					    EXTRACT_16BITS(cp + 2),
+					    EXTRACT_16BITS(cp));
+				}
+				if (datalen % 4)
+					(void)printf("[len %d]", len);
+				break;
+
+			case TCPOPT_ECHO:
+				(void)printf("echo");
+				datalen = 4;
+				if (cp + datalen > snapend)
+					goto trunc;
+				(void)printf(" %u", EXTRACT_32BITS(cp));
+				break;
+
+			case TCPOPT_ECHOREPLY:
+				(void)printf("echoreply");
+				datalen = 4;
+				if (cp + datalen > snapend)
+					goto trunc;
+				(void)printf(" %u", EXTRACT_32BITS(cp));
+				break;
+
+			case TCPOPT_TIMESTAMP:
+				(void)printf("timestamp");
+				datalen = 4;
+				if (cp + datalen > snapend)
+					goto trunc;
+				(void)printf(" %u", EXTRACT_32BITS(cp));
+				datalen += 4;
+				if (cp + datalen > snapend)
+					goto trunc;
+				(void)printf(" %u", EXTRACT_32BITS(cp + 4));
+				break;
+
+			case TCPOPT_CC:
+				(void)printf("cc");
+				datalen = 4;
+				if (cp + datalen > snapend)
+					goto trunc;
+				(void)printf(" %u", EXTRACT_32BITS(cp));
+				break;
+
+			case TCPOPT_CCNEW:
+				(void)printf("ccnew");
+				datalen = 4;
+				if (cp + datalen > snapend)
+					goto trunc;
+				(void)printf(" %u", EXTRACT_32BITS(cp));
+				break;
+
+			case TCPOPT_CCECHO:
+				(void)printf("ccecho");
+				datalen = 4;
+				if (cp + datalen > snapend)
+					goto trunc;
+				(void)printf(" %u", EXTRACT_32BITS(cp));
+				break;
+
+			default:
+				(void)printf("opt-%d:", opt);
+				datalen = len - 2;
+				if  (datalen < 0)
+					datalen = 0;
+				for (i = 0; i < datalen; ++i) {
+					if (cp + i > snapend)
+						goto trunc;
+					(void)printf("%02x", cp[i]);
+				}
+				break;
+			}
+
+			/* Account for data printed */
+			cp += datalen;
+			hlen -= datalen;
+
+			/* Check specification against observed length */
+			++datalen;			/* option octet */
+			if (!ZEROLENOPT(opt))
+				++datalen;		/* size octet */
+			if (datalen != len)
+				(void)printf("[len %d]", len);
+			ch = ',';
+		}
+		putchar('>');
+	}
+	return;
+trunc:
+	fputs("[|tcp]", stdout);
+	if (ch != '\0')
+		putchar('>');
+}
+
diff --git a/contrib/tcpdump/print-tftp.c b/contrib/tcpdump/print-tftp.c
new file mode 100644
index 000000000000..97b2f0e1aac1
--- /dev/null
+++ b/contrib/tcpdump/print-tftp.c
@@ -0,0 +1,139 @@
+/*
+ * Copyright (c) 1990, 1991, 1993, 1994, 1995, 1996
+ *	The Regents of the University of California.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that: (1) source code distributions
+ * retain the above copyright notice and this paragraph in its entirety, (2)
+ * distributions including binary code include the above copyright notice and
+ * this paragraph in its entirety in the documentation or other materials
+ * provided with the distribution, and (3) all advertising materials mentioning
+ * features or use of this software display the following acknowledgement:
+ * ``This product includes software developed by the University of California,
+ * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
+ * the University nor the names of its contributors may be used to endorse
+ * or promote products derived from this software without specific prior
+ * written permission.
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
+ *
+ * Format and print trivial file transfer protocol packets.
+ */
+
+#ifndef lint
+static char rcsid[] =
+    "@(#) $Header: print-tftp.c,v 1.27 96/07/23 14:17:28 leres Exp $ (LBL)";
+#endif
+
+#include <sys/param.h>
+#include <sys/time.h>
+
+#include <netinet/in.h>
+
+#include <arpa/tftp.h>
+
+#include <ctype.h>
+#include <stdio.h>
+#include <string.h>
+
+#include "interface.h"
+#include "addrtoname.h"
+
+/* op code to string mapping */
+static struct tok op2str[] = {
+	{ RRQ,		"RRQ" },	/* read request */
+	{ WRQ,		"WRQ" },	/* write request */
+	{ DATA,		"DATA" },	/* data packet */
+	{ ACK,		"ACK" },	/* acknowledgement */
+	{ ERROR,	"ERROR" },	/* error code */
+	{ 0,		NULL }
+};
+
+/* error code to string mapping */
+static struct tok err2str[] = {
+	{ EUNDEF,	"EUNDEF" },	/* not defined */
+	{ ENOTFOUND,	"ENOTFOUND" },	/* file not found */
+	{ EACCESS,	"EACCESS" },	/* access violation */
+	{ ENOSPACE,	"ENOSPACE" },	/* disk full or allocation exceeded */
+	{ EBADOP,	"EBADOP" },	/* illegal TFTP operation */
+	{ EBADID,	"EBADID" },	/* unknown transfer ID */
+	{ EEXISTS,	"EEXISTS" },	/* file already exists */
+	{ ENOUSER,	"ENOUSER" },	/* no such user */
+	{ 0,		NULL }
+};
+
+/*
+ * Print trivial file transfer program requests
+ */
+void
+tftp_print(register const u_char *bp, u_int length)
+{
+	register const struct tftphdr *tp;
+	register const char *cp;
+	register const u_char *p;
+	register int opcode, i;
+	static char tstr[] = " [|tftp]";
+
+	tp = (const struct tftphdr *)bp;
+
+	/* Print length */
+	printf(" %d", length);
+
+	/* Print tftp request type */
+	TCHECK(tp->th_opcode);
+	opcode = ntohs(tp->th_opcode);
+	cp = tok2str(op2str, "tftp-#%d", opcode);
+	printf(" %s", cp);
+	/* Bail if bogus opcode */
+	if (*cp == 't')
+		return;
+
+	switch (opcode) {
+
+	case RRQ:
+	case WRQ:
+		/*
+		 * XXX Not all arpa/tftp.h's specify th_stuff as any
+		 * array; use address of th_block instead
+		 */
+#ifdef notdef
+		p = (u_char *)tp->th_stuff;
+#else
+		p = (u_char *)&tp->th_block;
+#endif
+		fputs(" \"", stdout);
+		i = fn_print(p, snapend);
+		putchar('"');
+		if (i)
+			goto trunc;
+		break;
+
+	case ACK:
+	case DATA:
+		TCHECK(tp->th_block);
+		printf(" block %d", ntohs(tp->th_block));
+		break;
+
+	case ERROR:
+		/* Print error code string */
+		TCHECK(tp->th_code);
+		printf(" %s ", tok2str(err2str, "tftp-err-#%d \"",
+				       ntohs(tp->th_code)));
+		/* Print error message string */
+		i = fn_print((const u_char *)tp->th_data, snapend);
+		putchar('"');
+		if (i)
+			goto trunc;
+		break;
+
+	default:
+		/* We shouldn't get here */
+		printf("(unknown #%d)", opcode);
+		break;
+	}
+	return;
+trunc:
+	fputs(tstr, stdout);
+	return;
+}
diff --git a/contrib/tcpdump/print-udp.c b/contrib/tcpdump/print-udp.c
new file mode 100644
index 000000000000..c58aedd4ffbe
--- /dev/null
+++ b/contrib/tcpdump/print-udp.c
@@ -0,0 +1,407 @@
+/*
+ * Copyright (c) 1988, 1989, 1990, 1991, 1992, 1993, 1994, 1995, 1996
+ *	The Regents of the University of California.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that: (1) source code distributions
+ * retain the above copyright notice and this paragraph in its entirety, (2)
+ * distributions including binary code include the above copyright notice and
+ * this paragraph in its entirety in the documentation or other materials
+ * provided with the distribution, and (3) all advertising materials mentioning
+ * features or use of this software display the following acknowledgement:
+ * ``This product includes software developed by the University of California,
+ * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
+ * the University nor the names of its contributors may be used to endorse
+ * or promote products derived from this software without specific prior
+ * written permission.
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
+ */
+
+#ifndef lint
+static char rcsid[] =
+    "@(#) $Header: print-udp.c,v 1.55 96/07/23 14:17:28 leres Exp $ (LBL)";
+#endif
+
+#include <sys/param.h>
+#include <sys/time.h>
+#include <sys/socket.h>
+
+#include <netinet/in.h>
+#include <netinet/in_systm.h>
+#include <netinet/ip.h>
+#include <netinet/ip_var.h>
+#include <netinet/udp.h>
+#include <netinet/udp_var.h>
+
+#undef NOERROR					/* Solaris sucks */
+#undef T_UNSPEC					/* SINIX does too */
+#include <arpa/nameser.h>
+#include <arpa/tftp.h>
+
+#include <rpc/rpc.h>
+
+#include <stdio.h>
+
+#include "interface.h"
+#include "addrtoname.h"
+#include "appletalk.h"
+
+#include "nfsv2.h"
+#include "bootp.h"
+
+struct rtcphdr {
+	u_short rh_flags;	/* T:2 P:1 CNT:5 PT:8 */
+	u_short rh_len;		/* length of message (in bytes) */
+	u_int rh_ssrc;		/* synchronization src id */
+};
+
+typedef struct {
+	u_int upper;		/* more significant 32 bits */
+	u_int lower;		/* less significant 32 bits */
+} ntp64;
+
+/*
+ * Sender report.
+ */
+struct rtcp_sr {
+	ntp64 sr_ntp;		/* 64-bit ntp timestamp */
+	u_int sr_ts;		/* reference media timestamp */
+	u_int sr_np;		/* no. packets sent */
+	u_int sr_nb;		/* no. bytes sent */
+};
+
+/*
+ * Receiver report.
+ * Time stamps are middle 32-bits of ntp timestamp.
+ */
+struct rtcp_rr {
+	u_int rr_srcid;	/* sender being reported */
+	u_int rr_nr;		/* no. packets received */
+	u_int rr_np;		/* no. packets predicted */
+	u_int rr_dv;		/* jitter (delay variance) */
+	u_int rr_lsr;		/* orig. ts from last rr from this src  */
+	u_int rr_dlsr;		/* time from recpt of last rr to xmit time */
+};
+
+/*XXX*/
+#define RTCP_PT_SR	0
+#define RTCP_PT_RR	1
+#define RTCP_PT_SDES	2
+#define 	RTCP_SDES_CNAME	1
+#define 	RTCP_SDES_NAME	2
+#define 	RTCP_SDES_EMAIL	3
+#define 	RTCP_SDES_PHONE	4
+#define 	RTCP_SDES_LOC	5
+#define 	RTCP_SDES_TOOL	6
+#define 	RTCP_SDES_TXT	7
+#define RTCP_PT_BYE	3
+#define RTCP_PT_APP	4
+
+static void
+vat_print(const void *hdr, u_int len, register const struct udphdr *up)
+{
+	/* vat/vt audio */
+	u_int ts = *(u_short *)hdr;
+	if ((ts & 0xf060) != 0) {
+		/* probably vt */
+		(void)printf(" udp/vt %u %d / %d",
+			     (u_int32_t)(ntohs(up->uh_ulen) - sizeof(*up)),
+			     ts & 0x3ff, ts >> 10);
+	} else {
+		/* probably vat */
+		u_int i0 = ntohl(((u_int *)hdr)[0]);
+		u_int i1 = ntohl(((u_int *)hdr)[1]);
+		printf(" udp/vat %u c%d %u%s",
+			(u_int32_t)(ntohs(up->uh_ulen) - sizeof(*up) - 8),
+			i0 & 0xffff,
+			i1, i0 & 0x800000? "*" : "");
+		/* audio format */
+		if (i0 & 0x1f0000)
+			printf(" f%d", (i0 >> 16) & 0x1f);
+		if (i0 & 0x3f000000)
+			printf(" s%d", (i0 >> 24) & 0x3f);
+	}
+}
+
+static void
+rtp_print(const void *hdr, u_int len, register const struct udphdr *up)
+{
+	/* rtp v1 or v2 */
+	u_int *ip = (u_int *)hdr;
+	u_int hasopt, contype, hasmarker;
+	u_int i0 = ntohl(((u_int *)hdr)[0]);
+	u_int i1 = ntohl(((u_int *)hdr)[1]);
+	u_int dlen = ntohs(up->uh_ulen) - sizeof(*up) - 8;
+	const char* ptype;
+
+	ip += 2;
+	len >>= 2;
+	len -= 2;
+	if ((i0 >> 30) == 1) {
+		/* rtp v1 */
+		hasopt = i0 & 0x800000;
+		contype = (i0 >> 16) & 0x3f;
+		hasmarker = i0 & 0x400000;
+		ptype = "rtpv1";
+	} else { /*XXX*/
+		/* rtp v2 */
+		hasopt = i0 & 0x20000000;
+		contype = (i0 >> 16) & 0x7f;
+		hasmarker = i0 & 0x800000;
+		dlen -= 4;
+		ptype = "rtp";
+		ip += 1;
+		len -= 1;
+	}
+	printf(" udp/%s %d c%d %s%s %d",
+		ptype,
+		dlen,
+		contype,
+		hasopt? "+" : "",
+		hasmarker? "*" : "",
+		i0 & 0xffff);
+	if (vflag) {
+		if (hasopt) {
+			u_int i2, optlen;
+			do {
+				i2 = ip[0];
+				optlen = (i2 >> 16) & 0xff;
+				if (optlen == 0 || optlen > len) {
+					printf(" !opt");
+					return;
+				}
+				ip += optlen;
+			} while ((int)i2 >= 0);
+		}
+		if (contype == 0x1f)
+			printf(" 0x%04x", ip[0] >> 16);
+		printf(" %u", i1);
+	}
+}
+
+static const u_char*
+rtcp_print(const u_char *hdr)
+{
+	/* rtp v2 control (rtcp) */
+	struct rtcp_rr* rr = 0;
+	struct rtcp_sr* sr;
+	struct rtcphdr* rh = (struct rtcphdr*)hdr;
+	u_int len = (ntohs(rh->rh_len) + 1) * 4;
+	u_short flags = ntohs(rh->rh_flags);
+	int cnt = (flags >> 8) & 0x1f;
+	double ts, dts, jitter;
+	if (vflag)
+		printf(" %u", (u_int32_t)ntohl(rh->rh_ssrc));
+	switch (flags & 0xff) {
+	case RTCP_PT_SR:
+		sr = (struct rtcp_sr*)(rh + 1);
+		printf(" sr");
+		if (len != cnt * sizeof(*rr) + sizeof(*sr) + sizeof(*rh))
+			printf(" [%d]", len);
+		ts = (double)((u_int32_t)ntohl(sr->sr_ts)) / 65536.;
+		printf(" @%.2f %up %ub", ts, (u_int32_t)ntohl(sr->sr_np),
+		       (u_int32_t)ntohl(sr->sr_nb));
+		rr = (struct rtcp_rr*)(sr + 1);
+		break;
+	case RTCP_PT_RR:
+		printf(" rr");
+		if (len != cnt * sizeof(*rr) + sizeof(*rh))
+			printf(" [%d]", len);
+		rr = (struct rtcp_rr*)(rh + 1);
+		break;
+	case RTCP_PT_SDES:
+		printf(" sdes %d", len);
+		cnt = 0;
+		break;
+	case RTCP_PT_BYE:
+		printf(" bye %d", len);
+		cnt = 0;
+		break;
+	default:
+		printf(" type-0x%x %d", flags & 0xff, len);
+		cnt = 0;
+		break;
+	}
+	if (cnt > 1)
+		printf(" c%d", cnt);
+	while (--cnt >= 0) {
+		if ((u_char*)(rr + 1) > snapend) {
+			printf(" [|rtcp]");
+			return (snapend);
+		}
+		if (vflag)
+			printf(" %u", (u_int32_t)ntohl(rr->rr_srcid));
+		ts = (double)((u_int32_t)ntohl(rr->rr_lsr)) / 65536.;
+		dts = (double)((u_int32_t)ntohl(rr->rr_dlsr)) / 65536.;
+		jitter = (double)((u_int32_t)ntohl(rr->rr_dv)) / 65536.;
+		printf(" %ur %ue %.2fj @%.2f+%.2f",
+		    (u_int32_t)ntohl(rr->rr_nr),
+		    (u_int32_t)ntohl(rr->rr_np),
+		    jitter, ts, dts);
+	}
+	return (hdr + len);
+}
+
+/* XXX probably should use getservbyname() and cache answers */
+#define TFTP_PORT 69		/*XXX*/
+#define KERBEROS_PORT 88	/*XXX*/
+#define SUNRPC_PORT 111		/*XXX*/
+#define SNMP_PORT 161		/*XXX*/
+#define NTP_PORT 123		/*XXX*/
+#define SNMPTRAP_PORT 162	/*XXX*/
+#define RIP_PORT 520		/*XXX*/
+#define KERBEROS_SEC_PORT 750	/*XXX*/
+
+void
+udp_print(register const u_char *bp, u_int length, register const u_char *bp2)
+{
+	register const struct udphdr *up;
+	register const struct ip *ip;
+	register const u_char *cp;
+	u_short sport, dport, ulen;
+
+	up = (struct udphdr *)bp;
+	ip = (struct ip *)bp2;
+	cp = (u_char *)(up + 1);
+	if (cp > snapend) {
+		printf("[|udp]");
+		return;
+	}
+	if (length < sizeof(struct udphdr)) {
+		(void)printf(" truncated-udp %d", length);
+		return;
+	}
+	length -= sizeof(struct udphdr);
+
+	sport = ntohs(up->uh_sport);
+	dport = ntohs(up->uh_dport);
+	ulen = ntohs(up->uh_ulen);
+	if (packettype) {
+		register struct rpc_msg *rp;
+		enum msg_type direction;
+
+		switch (packettype) {
+
+		case PT_VAT:
+			(void)printf("%s.%s > %s.%s:",
+				ipaddr_string(&ip->ip_src),
+				udpport_string(sport),
+				ipaddr_string(&ip->ip_dst),
+				udpport_string(dport));
+			vat_print((void *)(up + 1), length, up);
+			break;
+
+		case PT_WB:
+			(void)printf("%s.%s > %s.%s:",
+				ipaddr_string(&ip->ip_src),
+				udpport_string(sport),
+				ipaddr_string(&ip->ip_dst),
+				udpport_string(dport));
+			wb_print((void *)(up + 1), length);
+			break;
+
+		case PT_RPC:
+			rp = (struct rpc_msg *)(up + 1);
+			direction = (enum msg_type)ntohl(rp->rm_direction);
+			if (direction == CALL)
+				sunrpcrequest_print((u_char *)rp, length,
+				    (u_char *)ip);
+			else
+				nfsreply_print((u_char *)rp, length,
+				    (u_char *)ip);			/*XXX*/
+			break;
+
+		case PT_RTP:
+			(void)printf("%s.%s > %s.%s:",
+				ipaddr_string(&ip->ip_src),
+				udpport_string(sport),
+				ipaddr_string(&ip->ip_dst),
+				udpport_string(dport));
+			rtp_print((void *)(up + 1), length, up);
+			break;
+
+		case PT_RTCP:
+			(void)printf("%s.%s > %s.%s:",
+				ipaddr_string(&ip->ip_src),
+				udpport_string(sport),
+				ipaddr_string(&ip->ip_dst),
+				udpport_string(dport));
+			while (cp < snapend)
+				cp = rtcp_print(cp);
+			break;
+		}
+		return;
+	}
+
+	if (! qflag) {
+		register struct rpc_msg *rp;
+		enum msg_type direction;
+
+		rp = (struct rpc_msg *)(up + 1);
+		TCHECK(rp->rm_direction);
+		direction = (enum msg_type)ntohl(rp->rm_direction);
+		if (dport == NFS_PORT && direction == CALL) {
+			nfsreq_print((u_char *)rp, length, (u_char *)ip);
+			return;
+		}
+		else if (sport == NFS_PORT && direction == REPLY) {
+			nfsreply_print((u_char *)rp, length, (u_char *)ip);
+			return;
+		}
+#ifdef notdef
+		else if (dport == SUNRPC_PORT && direction == CALL) {
+			sunrpcrequest_print((u_char *)rp, length, (u_char *)ip);
+			return;
+		}
+#endif
+		else {
+			TCHECK2(cp[0], 1);
+			if (((struct LAP *)cp)->type == lapDDP &&
+			    (atalk_port(sport) || atalk_port(dport))) {
+				if (vflag)
+					fputs("kip ", stdout);
+				atalk_print(cp, length);
+				return;
+			}
+		}
+	}
+	(void)printf("%s.%s > %s.%s:",
+		ipaddr_string(&ip->ip_src), udpport_string(sport),
+		ipaddr_string(&ip->ip_dst), udpport_string(dport));
+
+	if (!qflag) {
+#define ISPORT(p) (dport == (p) || sport == (p))
+		if (ISPORT(NAMESERVER_PORT))
+			ns_print((const u_char *)(up + 1), length);
+		else if (ISPORT(TFTP_PORT))
+			tftp_print((const u_char *)(up + 1), length);
+		else if (ISPORT(IPPORT_BOOTPC) || ISPORT(IPPORT_BOOTPS))
+			bootp_print((const u_char *)(up + 1), length,
+			    sport, dport);
+		else if (ISPORT(RIP_PORT))
+			rip_print((const u_char *)(up + 1), length);
+		else if (ISPORT(SNMP_PORT) || ISPORT(SNMPTRAP_PORT))
+			snmp_print((const u_char *)(up + 1), length);
+		else if (ISPORT(NTP_PORT))
+			ntp_print((const u_char *)(up + 1), length);
+		else if (ISPORT(KERBEROS_PORT) || ISPORT(KERBEROS_SEC_PORT))
+			krb_print((const void *)(up + 1), length);
+		else if (dport == 3456)
+			vat_print((const void *)(up + 1), length, up);
+		/*
+		 * Kludge in test for whiteboard packets.
+		 */
+		else if (dport == 4567)
+			wb_print((const void *)(up + 1), length);
+		else
+			(void)printf(" udp %u",
+			    (u_int32_t)(ulen - sizeof(*up)));
+#undef ISPORT
+	} else
+		(void)printf(" udp %u", (u_int32_t)(ulen - sizeof(*up)));
+	return;
+trunc:
+	fputs("[|udp]", stdout);
+}
diff --git a/contrib/tcpdump/print-wb.c b/contrib/tcpdump/print-wb.c
new file mode 100644
index 000000000000..5c9f0d8f4651
--- /dev/null
+++ b/contrib/tcpdump/print-wb.c
@@ -0,0 +1,433 @@
+/*
+ * Copyright (c) 1993, 1994, 1995, 1996
+ *	The Regents of the University of California.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that: (1) source code distributions
+ * retain the above copyright notice and this paragraph in its entirety, (2)
+ * distributions including binary code include the above copyright notice and
+ * this paragraph in its entirety in the documentation or other materials
+ * provided with the distribution, and (3) all advertising materials mentioning
+ * features or use of this software display the following acknowledgement:
+ * ``This product includes software developed by the University of California,
+ * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
+ * the University nor the names of its contributors may be used to endorse
+ * or promote products derived from this software without specific prior
+ * written permission.
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
+ */
+
+#ifndef lint
+static char rcsid[] =
+    "@(#) $Header: print-wb.c,v 1.20 96/07/14 19:39:05 leres Exp $ (LBL)";
+#endif
+
+#include <sys/types.h>
+#include <sys/time.h>
+
+#include <netinet/in.h>
+
+#include <stdio.h>
+
+#include "interface.h"
+#include "addrtoname.h"
+
+/* XXX need to add byte-swapping macros! */
+
+/*
+ * Largest packet size.  Everything should fit within this space.
+ * For instance, multiline objects are sent piecewise.
+ */
+#define MAXFRAMESIZE 1024
+
+/*
+ * Multiple drawing ops can be sent in one packet.  Each one starts on a
+ * an even multiple of DOP_ALIGN bytes, which must be a power of two.
+ */
+#define DOP_ALIGN 4
+#define DOP_ROUNDUP(x)	((((int)(x)) + (DOP_ALIGN - 1)) & ~(DOP_ALIGN - 1))
+#define DOP_NEXT(d)\
+	((struct dophdr*)((u_char *)(d) + \
+			  DOP_ROUNDUP(ntohs((d)->dh_len) + sizeof(*(d)))))
+
+/*
+ * Format of the whiteboard packet header.
+ * The transport level header.
+ */
+struct pkt_hdr {
+	u_int32_t ph_src;		/* site id of source */
+	u_int32_t ph_ts;		/* time stamp (for skew computation) */
+	u_short ph_version;	/* version number */
+	u_char ph_type;		/* message type */
+	u_char ph_flags;	/* message flags */
+};
+
+/* Packet types */
+#define PT_DRAWOP	0	/* drawing operation */
+#define PT_ID		1	/* announcement packet */
+#define PT_RREQ		2	/* repair request */
+#define PT_RREP		3	/* repair reply */
+#define PT_KILL		4	/* terminate participation */
+#define PT_PREQ         5       /* page vector request */
+#define PT_PREP         7       /* page vector reply */
+
+/* flags */
+#define PF_USER		0x01	/* hint that packet has interactive data */
+#define PF_VIS		0x02	/* only visible ops wanted */
+
+struct PageID {
+	u_int32_t p_sid;		/* session id of initiator */
+	u_int32_t p_uid;		/* page number */
+};
+
+struct dophdr {
+	u_int32_t  dh_ts;		/* sender's timestamp */
+	u_short	dh_len;		/* body length */
+	u_char	dh_flags;
+	u_char	dh_type;	/* body type */
+	/* body follows */
+};
+/*
+ * Drawing op sub-types.
+ */
+#define DT_RECT         2
+#define DT_LINE         3
+#define DT_ML           4
+#define DT_DEL          5
+#define DT_XFORM        6
+#define DT_ELL          7
+#define DT_CHAR         8
+#define DT_STR          9
+#define DT_NOP          10
+#define DT_PSCODE       11
+#define DT_PSCOMP       12
+#define DT_REF          13
+#define DT_SKIP         14
+#define DT_HOLE         15
+#define DT_MAXTYPE      15
+
+/*
+ * A drawing operation.
+ */
+struct pkt_dop {
+	struct PageID pd_page;	/* page that operations apply to */
+	u_int32_t	pd_sseq;	/* start sequence number */
+	u_int32_t	pd_eseq;	/* end sequence number */
+	/* drawing ops follow */
+};
+
+/*
+ * A repair request.
+ */
+struct pkt_rreq {
+        u_int32_t pr_id;           /* source id of drawops to be repaired */
+        struct PageID pr_page;           /* page of drawops */
+        u_int32_t pr_sseq;         /* start seqno */
+        u_int32_t pr_eseq;         /* end seqno*/
+};
+
+/*
+ * A repair reply.
+ */
+struct pkt_rrep {
+	u_int32_t pr_id;	/* original site id of ops  */
+	struct pkt_dop pr_dop;
+	/* drawing ops follow */
+};
+
+struct id_off {
+        u_int32_t id;
+        u_int32_t off;
+};
+
+struct pgstate {
+	u_int32_t slot;
+	struct PageID page;
+	u_short nid;
+	u_short rsvd;
+        /* seqptr's */
+};
+
+/*
+ * An announcement packet.
+ */
+struct pkt_id {
+	u_int32_t pi_mslot;
+        struct PageID    pi_mpage;        /* current page */
+	struct pgstate pi_ps;
+        /* seqptr's */
+        /* null-terminated site name */
+};
+
+struct pkt_preq {
+        struct PageID  pp_page;
+        u_int32_t  pp_low;
+        u_int32_t  pp_high;
+};
+
+struct pkt_prep {
+        u_int32_t  pp_n;           /* size of pageid array */
+        /* pgstate's follow */
+};
+
+static int
+wb_id(const struct pkt_id *id, u_int len)
+{
+	int i;
+	const char *cp;
+	const struct id_off *io;
+	char c;
+	int nid;
+
+	printf(" wb-id:");
+	len -= sizeof(*id);
+	if (len < 0 || (u_char *)(id + 1) > snapend)
+		return (-1);
+
+	printf(" %u/%s:%u (max %u/%s:%u) ",
+	       (u_int32_t)ntohl(id->pi_ps.slot),
+	       ipaddr_string(&id->pi_ps.page.p_sid),
+	       (u_int32_t)ntohl(id->pi_ps.page.p_uid),
+	       (u_int32_t)ntohl(id->pi_mslot),
+	       ipaddr_string(&id->pi_mpage.p_sid),
+	       (u_int32_t)ntohl(id->pi_mpage.p_uid));
+
+	nid = ntohs(id->pi_ps.nid);
+	len -= sizeof(*io) * nid;
+	io = (struct id_off *)(id + 1);
+	cp = (char *)(io + nid);
+	if ((u_char *)cp + len <= snapend) {
+		putchar('"');
+		(void)fn_print((u_char *)cp, (u_char *)cp + len);
+		putchar('"');
+	}
+
+	c = '<';
+	for (i = 0; i < nid && (u_char*)io < snapend; ++io, ++i) {
+		printf("%c%s:%u",
+		    c, ipaddr_string(&io->id), (u_int32_t)ntohl(io->off));
+		c = ',';
+	}
+	if (i >= nid) {
+		printf(">");
+		return (0);
+	}
+	return (-1);
+}
+
+static int
+wb_rreq(const struct pkt_rreq *rreq, u_int len)
+{
+	printf(" wb-rreq:");
+	if (len < sizeof(*rreq) || (u_char *)(rreq + 1) > snapend)
+		return (-1);
+
+	printf(" please repair %s %s:%u<%u:%u>",
+	       ipaddr_string(&rreq->pr_id),
+	       ipaddr_string(&rreq->pr_page.p_sid),
+	       (u_int32_t)ntohl(rreq->pr_page.p_uid),
+	       (u_int32_t)ntohl(rreq->pr_sseq),
+	       (u_int32_t)ntohl(rreq->pr_eseq));
+	return (0);
+}
+
+static int
+wb_preq(const struct pkt_preq *preq, u_int len)
+{
+	printf(" wb-preq:");
+	if (len < sizeof(*preq) || (u_char *)(preq + 1) > snapend)
+		return (-1);
+
+	printf(" need %u/%s:%u",
+	       (u_int32_t)ntohl(preq->pp_low),
+	       ipaddr_string(&preq->pp_page.p_sid),
+	       (u_int32_t)ntohl(preq->pp_page.p_uid));
+	return (0);
+}
+
+static int
+wb_prep(const struct pkt_prep *prep, u_int len)
+{
+	int n;
+	const struct pgstate* ps;
+	const u_char* ep = snapend;
+
+	printf(" wb-prep:");
+	if (len < sizeof(*prep)) {
+		return (-1);
+	}
+	n = ntohl(prep->pp_n);
+	ps = (const struct pgstate*)(prep + 1);
+	while (--n >= 0 && (u_char*)ps < ep) {
+		const struct id_off *io, *ie;
+		char c = '<';
+
+		printf(" %u/%s:%u",
+		    (u_int32_t)ntohl(ps->slot),
+		    ipaddr_string(&ps->page.p_sid),
+		    (u_int32_t)ntohl(ps->page.p_uid));
+		io = (struct id_off*)(ps + 1);
+		for (ie = io + ps->nid; io < ie && (u_char*)io < ep; ++io) {
+			printf("%c%s:%u", c, ipaddr_string(&io->id),
+			    (u_int32_t)ntohl(io->off));
+			c = ',';
+		}
+		printf(">");
+		ps = (struct pgstate*)io;
+	}
+	return ((u_char*)ps <= ep? 0 : -1);
+}
+
+
+char *dopstr[] = {
+	"dop-0!",
+	"dop-1!",
+	"RECT",
+	"LINE",
+	"ML",
+	"DEL",
+	"XFORM",
+	"ELL",
+	"CHAR",
+	"STR",
+	"NOP",
+	"PSCODE",
+	"PSCOMP",
+	"REF",
+	"SKIP",
+	"HOLE",
+};
+
+static int
+wb_dops(const struct dophdr *dh, u_int32_t ss, u_int32_t es)
+{
+	printf(" <");
+	for ( ; ss <= es; ++ss) {
+		register int t = dh->dh_type;
+
+		if (t > DT_MAXTYPE)
+			printf(" dop-%d!", t);
+		else {
+			printf(" %s", dopstr[t]);
+			if (t == DT_SKIP || t == DT_HOLE) {
+				int ts = ntohl(dh->dh_ts);
+				printf("%d", ts - ss + 1);
+				if (ss > ts || ts > es) {
+					printf("[|]");
+					if (ts < ss)
+						return (0);
+				}
+				ss = ts;
+			}
+		}
+		dh = DOP_NEXT(dh);
+		if ((u_char*)dh >= snapend) {
+			printf("[|wb]");
+			break;
+		}
+	}
+	printf(" >");
+	return (0);
+}
+
+static int
+wb_rrep(const struct pkt_rrep *rrep, u_int len)
+{
+	const struct pkt_dop *dop = &rrep->pr_dop;
+
+	printf(" wb-rrep:");
+	len -= sizeof(*rrep);
+	if (len < 0 || (u_char *)(rrep + 1) > snapend)
+		return (-1);
+
+	printf(" for %s %s:%u<%u:%u>",
+	    ipaddr_string(&rrep->pr_id),
+	    ipaddr_string(&dop->pd_page.p_sid),
+	    (u_int32_t)ntohl(dop->pd_page.p_uid),
+	    (u_int32_t)ntohl(dop->pd_sseq),
+	    (u_int32_t)ntohl(dop->pd_eseq));
+
+	if (vflag)
+		return (wb_dops((const struct dophdr*)(dop + 1),
+		    ntohl(dop->pd_sseq), ntohl(dop->pd_eseq)));
+	return (0);
+}
+
+static int
+wb_drawop(const struct pkt_dop *dop, u_int len)
+{
+	printf(" wb-dop:");
+	len -= sizeof(*dop);
+	if (len < 0 || (u_char *)(dop + 1) > snapend)
+		return (-1);
+
+	printf(" %s:%u<%u:%u>",
+	    ipaddr_string(&dop->pd_page.p_sid),
+	    (u_int32_t)ntohl(dop->pd_page.p_uid),
+	    (u_int32_t)ntohl(dop->pd_sseq),
+	    (u_int32_t)ntohl(dop->pd_eseq));
+
+	if (vflag)
+		return (wb_dops((const struct dophdr*)(dop + 1),
+				ntohl(dop->pd_sseq), ntohl(dop->pd_eseq)));
+	return (0);
+}
+
+/*
+ * Print whiteboard multicast packets.
+ */
+void
+wb_print(register const void *hdr, register u_int len)
+{
+	register const struct pkt_hdr* ph;
+
+	ph = (const struct pkt_hdr*)hdr;
+	len -= sizeof(*ph);
+	if (len < 0 || (u_char *)(ph + 1) <= snapend) {
+		if (ph->ph_flags)
+			printf("*");
+		switch (ph->ph_type) {
+
+		case PT_KILL:
+			printf(" wb-kill");
+			return;
+
+		case PT_ID:
+			if (wb_id((struct pkt_id *)(ph + 1), len) >= 0)
+				return;
+			break;
+
+		case PT_RREQ:
+			if (wb_rreq((struct pkt_rreq *)(ph + 1), len) >= 0)
+				return;
+			break;
+
+		case PT_RREP:
+			if (wb_rrep((struct pkt_rrep *)(ph + 1), len) >= 0)
+				return;
+			break;
+
+		case PT_DRAWOP:
+			if (wb_drawop((struct pkt_dop *)(ph + 1), len) >= 0)
+				return;
+			break;
+
+		case PT_PREQ:
+			if (wb_preq((struct pkt_preq *)(ph + 1), len) >= 0)
+				return;
+			break;
+
+		case PT_PREP:
+			if (wb_prep((struct pkt_prep *)(ph + 1), len) >= 0)
+				return;
+			break;
+
+		default:
+			printf(" wb-%d!", ph->ph_type);
+			return;
+		}
+	}
+	printf("[|wb]");
+}
diff --git a/contrib/tcpdump/send-ack.awk b/contrib/tcpdump/send-ack.awk
new file mode 100644
index 000000000000..f55b7c2f6d13
--- /dev/null
+++ b/contrib/tcpdump/send-ack.awk
@@ -0,0 +1,68 @@
+BEGIN	{
+	# we need the number of bytes in a packet to do the output
+	# in packet numbers rather than byte numbers.
+	if (packetsize <= 0)
+		packetsize = 512
+	expectNext = 1
+	lastwin = -1
+	}
+	{
+	# convert tcp trace to send/ack form.
+	n = split ($1,t,":")
+	tim = t[1]*3600 + t[2]*60 + t[3]
+	if (NR <= 1) {
+		tzero = tim
+		ltim = tim
+		OFS = "\t"
+	}
+	if ($6 != "ack") {
+		# we have a data packet record:
+		# ignore guys with syn, fin or reset 'cause we
+		# can't handle their sequence numbers.  Try to
+		# detect and add a flag character for 'anomalies':
+		#   * -> re-sent packet
+		#   - -> packet after hole (missing packet(s))
+		#   # -> odd size packet
+		if ($5 !~ /[SFR]/) {
+			i = index($6,":")
+			j = index($6,"(")
+			strtSeq = substr($6,1,i-1)
+			endSeq = substr($6,i+1,j-i-1)
+			len = endSeq - strtSeq
+			id = endSeq
+			if (! timeOf[id])
+				timeOf[id] = tim
+			if (endSeq - expectNext < 0)
+				flag = "*"
+			else {
+				if (strtSeq - expectNext > 0)
+					flag = "-"
+				else if (len != packetsize)
+					flag = "#"
+				else
+					flag = " "
+				expectNext = endSeq
+			}
+			printf "%7.2f\t%7.2f\t%s send %s %d", tim-tzero, tim-ltim,\
+				flag, $5, strtSeq
+			if (++timesSent[id] > 1)
+				printf "  (%.2f) [%d]", tim - timeOf[id], timesSent[id]
+			if (len != packetsize)
+				printf " <%d>", len
+		}
+	} else {
+		id = $7
+
+		printf "%7.2f\t%7.2f\t%s  ack %s %d", tim-tzero, tim-ltim,\
+			flag, $5, id
+		if ($9 != lastwin) {
+			printf "  win %d", $9
+			lastwin = $9
+		}
+		printf "  (%.2f)", tim - timeOf[id]
+		if (++timesAcked[id] > 1)
+			printf " [%d]", timesAcked[id]
+	}
+	printf "\n"
+	ltim = tim
+	}
diff --git a/contrib/tcpdump/stime.awk b/contrib/tcpdump/stime.awk
new file mode 100644
index 000000000000..61891f247b95
--- /dev/null
+++ b/contrib/tcpdump/stime.awk
@@ -0,0 +1,19 @@
+$6 !~ /^ack/ && $5 !~ /[SFR]/ 	{
+	# given a tcpdump ftp trace, output one line for each send
+	# in the form
+	#   <send time> <seq no>
+	# where <send time> is the time packet was sent (in seconds with
+	# zero at time of first packet) and <seq no> is the tcp sequence
+	# number of the packet divided by 1024 (i.e., Kbytes sent).
+	#
+	# convert time to seconds
+	n = split ($1,t,":")
+	tim = t[1]*3600 + t[2]*60 + t[3]
+	if (! tzero) {
+		tzero = tim
+		OFS = "\t"
+	}
+	# get packet sequence number
+	i = index($6,":")
+	printf "%7.2f\t%g\n", tim-tzero, substr($6,1,i-1)/1024
+	}
diff --git a/contrib/tcpdump/strcasecmp.c b/contrib/tcpdump/strcasecmp.c
new file mode 100644
index 000000000000..5dc3f14f145f
--- /dev/null
+++ b/contrib/tcpdump/strcasecmp.c
@@ -0,0 +1,88 @@
+/*
+ * Copyright (c) 1987 Regents of the University of California.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms are permitted
+ * provided that this notice is preserved and that due credit is given
+ * to the University of California at Berkeley. The name of the University
+ * may not be used to endorse or promote products derived from this
+ * software without specific written prior permission. This software
+ * is provided ``as is'' without express or implied warranty.
+ */
+
+#if defined(LIBC_SCCS) && !defined(lint)
+static char sccsid[] = "@(#)strcasecmp.c	5.5 (Berkeley) 11/24/87";
+#endif /* LIBC_SCCS and not lint */
+
+#include <sys/types.h>
+
+#include "interface.h"
+
+/*
+ * This array is designed for mapping upper and lower case letter
+ * together for a case independent comparison.  The mappings are
+ * based upon ascii character sequences.
+ */
+static u_char charmap[] = {
+	'\000', '\001', '\002', '\003', '\004', '\005', '\006', '\007',
+	'\010', '\011', '\012', '\013', '\014', '\015', '\016', '\017',
+	'\020', '\021', '\022', '\023', '\024', '\025', '\026', '\027',
+	'\030', '\031', '\032', '\033', '\034', '\035', '\036', '\037',
+	'\040', '\041', '\042', '\043', '\044', '\045', '\046', '\047',
+	'\050', '\051', '\052', '\053', '\054', '\055', '\056', '\057',
+	'\060', '\061', '\062', '\063', '\064', '\065', '\066', '\067',
+	'\070', '\071', '\072', '\073', '\074', '\075', '\076', '\077',
+	'\100', '\141', '\142', '\143', '\144', '\145', '\146', '\147',
+	'\150', '\151', '\152', '\153', '\154', '\155', '\156', '\157',
+	'\160', '\161', '\162', '\163', '\164', '\165', '\166', '\167',
+	'\170', '\171', '\172', '\133', '\134', '\135', '\136', '\137',
+	'\140', '\141', '\142', '\143', '\144', '\145', '\146', '\147',
+	'\150', '\151', '\152', '\153', '\154', '\155', '\156', '\157',
+	'\160', '\161', '\162', '\163', '\164', '\165', '\166', '\167',
+	'\170', '\171', '\172', '\173', '\174', '\175', '\176', '\177',
+	'\200', '\201', '\202', '\203', '\204', '\205', '\206', '\207',
+	'\210', '\211', '\212', '\213', '\214', '\215', '\216', '\217',
+	'\220', '\221', '\222', '\223', '\224', '\225', '\226', '\227',
+	'\230', '\231', '\232', '\233', '\234', '\235', '\236', '\237',
+	'\240', '\241', '\242', '\243', '\244', '\245', '\246', '\247',
+	'\250', '\251', '\252', '\253', '\254', '\255', '\256', '\257',
+	'\260', '\261', '\262', '\263', '\264', '\265', '\266', '\267',
+	'\270', '\271', '\272', '\273', '\274', '\275', '\276', '\277',
+	'\300', '\341', '\342', '\343', '\344', '\345', '\346', '\347',
+	'\350', '\351', '\352', '\353', '\354', '\355', '\356', '\357',
+	'\360', '\361', '\362', '\363', '\364', '\365', '\366', '\367',
+	'\370', '\371', '\372', '\333', '\334', '\335', '\336', '\337',
+	'\340', '\341', '\342', '\343', '\344', '\345', '\346', '\347',
+	'\350', '\351', '\352', '\353', '\354', '\355', '\356', '\357',
+	'\360', '\361', '\362', '\363', '\364', '\365', '\366', '\367',
+	'\370', '\371', '\372', '\373', '\374', '\375', '\376', '\377',
+};
+
+int
+strcasecmp(s1, s2)
+	const char *s1, *s2;
+{
+	register u_char	*cm = charmap,
+			*us1 = (u_char *)s1,
+			*us2 = (u_char *)s2;
+
+	while (cm[*us1] == cm[*us2++])
+		if (*us1++ == '\0')
+			return(0);
+	return(cm[*us1] - cm[*--us2]);
+}
+
+int
+strncasecmp(s1, s2, n)
+	const char *s1, *s2;
+	register int n;
+{
+	register u_char	*cm = charmap,
+			*us1 = (u_char *)s1,
+			*us2 = (u_char *)s2;
+
+	while (--n >= 0 && cm[*us1] == cm[*us2++])
+		if (*us1++ == '\0')
+			return(0);
+	return(n < 0 ? 0 : cm[*us1] - cm[*--us2]);
+}
diff --git a/contrib/tcpdump/tcpdump.1 b/contrib/tcpdump/tcpdump.1
new file mode 100644
index 000000000000..261666affdbe
--- /dev/null
+++ b/contrib/tcpdump/tcpdump.1
@@ -0,0 +1,1216 @@
+.\" @(#) $Header: tcpdump.1,v 1.61 96/07/14 19:45:00 leres Exp $ (LBL)
+.\"
+.\" Copyright (c) 1987, 1988, 1989, 1990, 1991, 1992, 1994, 1995, 1996
+.\"	The Regents of the University of California.  All rights reserved.
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that: (1) source code distributions
+.\" retain the above copyright notice and this paragraph in its entirety, (2)
+.\" distributions including binary code include the above copyright notice and
+.\" this paragraph in its entirety in the documentation or other materials
+.\" provided with the distribution, and (3) all advertising materials mentioning
+.\" features or use of this software display the following acknowledgement:
+.\" ``This product includes software developed by the University of California,
+.\" Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
+.\" the University nor the names of its contributors may be used to endorse
+.\" or promote products derived from this software without specific prior
+.\" written permission.
+.\" THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
+.\" WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
+.\" MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
+.\"
+.TH TCPDUMP 1  "14 July 1996"
+.SH NAME
+tcpdump \- dump traffic on a network
+.SH SYNOPSIS
+.na
+.B tcpdump
+[
+.B \-deflnNOpqStvx
+] [
+.B \-c
+.I count
+] [
+.B \-F
+.I file
+]
+.br
+.ti +8
+[
+.B \-i
+.I interface
+] [
+.B \-r
+.I file
+]
+[
+.B \-s
+.I snaplen
+]
+.br
+.ti +8
+[
+.B \-T
+.I type
+]
+[
+.B \-w
+.I file
+]
+[
+.I expression
+]
+.br
+.ad
+.SH DESCRIPTION
+.LP
+\fITcpdump\fP prints out the headers of packets on a network interface
+that match the boolean \fIexpression\fP.
+.B Under SunOS with nit or bpf:
+To run
+.I tcpdump
+you must have read access to
+.I /dev/net
+or
+.IR /dev/bpf* .
+.B Under Solaris with dlpi:
+You must have read access to the network pseudo device, e.g.
+.IR /dev/le .
+.B Under HP-UX with dlpi:
+You must be root or it must be installed setuid to root.
+.B Under IRIX with snoop:
+You must be root or it must be installed setuid to root.
+.B Under Ultrix:
+Once the super-user has enabled
+promiscuous-mode operation using
+.IR pfconfig (8),
+any user may run
+.BR tcpdump .
+.B Under BSD:
+You must have read access to
+.IR /dev/bpf* .
+.SH OPTIONS
+.TP
+.B \-c
+Exit after receiving \fIcount\fP packets.
+.TP
+.B \-d
+Dump the compiled packet-matching code in a human readable form to
+standard output and stop.
+.TP
+.B \-dd
+Dump packet-matching code as a
+.B C
+program fragment.
+.TP
+.B \-ddd
+Dump packet-matching code as decimal numbers (preceded with a count).
+.TP
+.B \-e
+Print the link-level header on each dump line.
+.TP
+.B \-f
+Print `foreign' internet addresses numerically rather than symbolically
+(this option is intended to get around serious brain damage in
+Sun's yp server \(em usually it hangs forever translating non-local
+internet numbers).
+.TP
+.B \-F
+Use \fIfile\fP as input for the filter expression.
+An additional expression given on the command line is ignored.
+.TP
+.B \-i
+Listen on \fIinterface\fP.
+If unspecified, \fItcpdump\fP searches the system interface list for the
+lowest numbered, configured up interface (excluding loopback).
+Ties are broken by choosing the earliest match.
+.TP
+.B \-l
+Make stdout line buffered.  Useful if you want to see the data
+while capturing it.  E.g.,
+.br
+``tcpdump\ \ \-l\ \ |\ \ tee dat'' or
+``tcpdump\ \ \-l \ \ > dat\ \ &\ \ tail\ \ \-f\ \ dat''.
+.TP
+.B \-n
+Don't convert addresses (i.e., host addresses, port numbers, etc.) to names.
+.TP
+.B \-N
+Don't print domain name qualification of host names.  E.g.,
+if you give this flag then \fItcpdump\fP will print ``nic''
+instead of ``nic.ddn.mil''.
+.TP
+.B \-O
+Do not run the packet-matching code optimizer.  This is useful only
+if you suspect a bug in the optimizer.
+.TP
+.B \-p
+\fIDon't\fP put the interface
+into promiscuous mode.  Note that the interface might be in promiscuous
+mode for some other reason; hence, `-p' cannot be used as an abbreviation for
+`ether host {local-hw-addr} or ether broadcast'.
+.TP
+.B \-q
+Quick (quiet?) output.  Print less protocol information so output
+lines are shorter.
+.TP
+.B \-r
+Read packets from \fIfile\fR (which was created with the -w option).
+Standard input is used if \fIfile\fR is ``-''.
+.TP
+.B \-s
+Snarf \fIsnaplen\fP bytes of data from each packet rather than the
+default of 68 (with SunOS's NIT, the minimum is actually 96).
+68 bytes is adequate for IP, ICMP, TCP
+and UDP but may truncate protocol information from name server and NFS
+packets (see below).  Packets truncated because of a limited snapshot
+are indicated in the output with ``[|\fIproto\fP]'', where \fIproto\fP
+is the name of the protocol level at which the truncation has occurred.
+Note that taking larger snapshots both increases
+the amount of time it takes to process packets and, effectively,
+decreases the amount of packet buffering.  This may cause packets to be
+lost.  You should limit \fIsnaplen\fP to the smallest number that will
+capture the protocol information you're interested in.
+.TP
+.B \-T
+Force packets selected by "\fIexpression\fP" to be interpreted the
+specified \fItype\fR. Currently known types are
+\fBrpc\fR (Remote Procedure Call),
+\fBrtp\fR (Real-Time Applications protocol),
+\fBrtcp\fR (Real-Time Applications control protocol),
+\fBvat\fR (Visual Audio Tool),
+and
+\fBwb\fR (distributed White Board).
+.TP
+.B \-S
+Print absolute, rather than relative, TCP sequence numbers.
+.TP
+.B \-t
+\fIDon't\fP print a timestamp on each dump line.
+.TP
+.B \-tt
+Print an unformatted timestamp on each dump line.
+.TP
+.B \-v
+(Slightly more) verbose output.  For example, the time to live
+and type of service information in an IP packet is printed.
+.TP
+.B \-vv
+Even more verbose output.  For example, additional fields are
+printed from NFS reply packets.
+.TP
+.B \-w
+Write the raw packets to \fIfile\fR rather than parsing and printing
+them out.  They can later be printed with the \-r option.
+Standard output is used if \fIfile\fR is ``-''.
+.TP
+.B \-x
+Print each packet (minus its link level header) in hex.
+The smaller of the entire packet or
+.I snaplen
+bytes will be printed.
+.IP "\fI expression\fP"
+.RS
+selects which packets will be dumped.  If no \fIexpression\fP
+is given, all packets on the net will be dumped.  Otherwise,
+only packets for which \fIexpression\fP is `true' will be dumped.
+.LP
+The \fIexpression\fP consists of one or more
+.I primitives.
+Primitives usually consist of an
+.I id
+(name or number) preceded by one or more qualifiers.  There are three
+different kinds of qualifier:
+.IP \fItype\fP
+qualifiers say what kind of thing the id name or number refers to.
+Possible types are
+.BR host ,
+.B net
+and
+.BR port .
+E.g., `host foo', `net 128.3', `port 20'.  If there is no type
+qualifier,
+.B host
+is assumed.
+.IP \fIdir\fP
+qualifiers specify a particular transfer direction to and/or from
+.I id.
+Possible directions are
+.BR src ,
+.BR dst ,
+.B "src or dst"
+and
+.B "src and"
+.BR dst .
+E.g., `src foo', `dst net 128.3', `src or dst port ftp-data'.  If
+there is no dir qualifier,
+.B "src or dst"
+is assumed.
+For `null' link layers (i.e. point to point protocols such as slip) the
+.B inbound
+and
+.B outbound
+qualifiers can be used to specify a desired direction.
+.IP \fIproto\fP
+qualifiers restrict the match to a particular protocol.  Possible
+protos are:
+.BR ether ,
+.BR fddi ,
+.BR ip ,
+.BR arp ,
+.BR rarp ,
+.BR decnet ,
+.BR lat ,
+.BR sca ,
+.BR moprc ,
+.BR mopdl ,
+.B tcp
+and
+.BR udp .
+E.g., `ether src foo', `arp net 128.3', `tcp port 21'.  If there is
+no proto qualifier, all protocols consistent with the type are
+assumed.  E.g., `src foo' means `(ip or arp or rarp) src foo'
+(except the latter is not legal syntax), `net bar' means `(ip or
+arp or rarp) net bar' and `port 53' means `(tcp or udp) port 53'.
+.LP
+[`fddi' is actually an alias for `ether'; the parser treats them
+identically as meaning ``the data link level used on the specified
+network interface.''  FDDI headers contain Ethernet-like source
+and destination addresses, and often contain Ethernet-like packet
+types, so you can filter on these FDDI fields just as with the
+analogous Ethernet fields.  FDDI headers also contain other fields,
+but you cannot name them explicitly in a filter expression.]
+.LP
+In addition to the above, there are some special `primitive' keywords
+that don't follow the pattern:
+.BR gateway ,
+.BR broadcast ,
+.BR less ,
+.B greater
+and arithmetic expressions.  All of these are described below.
+.LP
+More complex filter expressions are built up by using the words
+.BR and ,
+.B or
+and
+.B not
+to combine primitives.  E.g., `host foo and not port ftp and not port ftp-data'.
+To save typing, identical qualifier lists can be omitted.  E.g.,
+`tcp dst port ftp or ftp-data or domain' is exactly the same as
+`tcp dst port ftp or tcp dst port ftp-data or tcp dst port domain'.
+.LP
+Allowable primitives are:
+.IP "\fBdst host \fIhost\fR"
+True if the IP destination field of the packet is \fIhost\fP,
+which may be either an address or a name.
+.IP "\fBsrc host \fIhost\fR"
+True if the IP source field of the packet is \fIhost\fP.
+.IP "\fBhost \fIhost\fP
+True if either the IP source or destination of the packet is \fIhost\fP.
+Any of the above host expressions can be prepended with the keywords,
+\fBip\fP, \fBarp\fP, or \fBrarp\fP as in:
+.in +.5i
+.nf
+\fBip host \fIhost\fR
+.fi
+.in -.5i
+which is equivalent to:
+.in +.5i
+.nf
+\fBether proto \fI\\ip\fB and host \fIhost\fR
+.fi
+.in -.5i
+If \fIhost\fR is a name with multiple IP addresses, each address will
+be checked for a match.
+.IP "\fBether dst \fIehost\fP
+True if the ethernet destination address is \fIehost\fP.  \fIEhost\fP
+may be either a name from /etc/ethers or a number (see
+.IR ethers (3N)
+for numeric format).
+.IP "\fBether src \fIehost\fP
+True if the ethernet source address is \fIehost\fP.
+.IP "\fBether host \fIehost\fP
+True if either the ethernet source or destination address is \fIehost\fP.
+.IP "\fBgateway\fP \fIhost\fP
+True if the packet used \fIhost\fP as a gateway.  I.e., the ethernet
+source or destination address was \fIhost\fP but neither the IP source
+nor the IP destination was \fIhost\fP.  \fIHost\fP must be a name and
+must be found in both /etc/hosts and /etc/ethers.  (An equivalent
+expression is
+.in +.5i
+.nf
+\fBether host \fIehost \fBand not host \fIhost\fR
+.fi
+.in -.5i
+which can be used with either names or numbers for \fIhost / ehost\fP.)
+.IP "\fBdst net \fInet\fR"
+True if the IP destination address of the packet has a network
+number of \fInet\fP. \fINet\fP may be either a name from /etc/networks
+or a network number (see \fInetworks(4)\fP for details).
+.IP "\fBsrc net \fInet\fR"
+True if the IP source address of the packet has a network
+number of \fInet\fP.
+.IP "\fBnet \fInet\fR"
+True if either the IP source or destination address of the packet has a network
+number of \fInet\fP.
+.IP "\fBnet \fInet\fR \fBmask \fImask\fR"
+True if the IP address matches \fInet\fR with the specific netmask.
+May be qualified with \fBsrc\fR or \fBdst\fR.
+.IP "\fBnet \fInet\fR/\fIlen\fR"
+True if the IP address matches \fInet\fR a netmask \fIlen\fR bits wide.
+May be qualified with \fBsrc\fR or \fBdst\fR.
+.IP "\fBdst port \fIport\fR"
+True if the packet is ip/tcp or ip/udp and has a
+destination port value of \fIport\fP.
+The \fIport\fP can be a number or a name used in /etc/services (see
+.IR tcp (4P)
+and
+.IR udp (4P)).
+If a name is used, both the port
+number and protocol are checked.  If a number or ambiguous name is used,
+only the port number is checked (e.g., \fBdst port 513\fR will print both
+tcp/login traffic and udp/who traffic, and \fBport domain\fR will print
+both tcp/domain and udp/domain traffic).
+.IP "\fBsrc port \fIport\fR"
+True if the packet has a source port value of \fIport\fP.
+.IP "\fBport \fIport\fR"
+True if either the source or destination port of the packet is \fIport\fP.
+Any of the above port expressions can be prepended with the keywords,
+\fBtcp\fP or \fBudp\fP, as in:
+.in +.5i
+.nf
+\fBtcp src port \fIport\fR
+.fi
+.in -.5i
+which matches only tcp packets whose source port is \fIport\fP.
+.IP "\fBless \fIlength\fR"
+True if the packet has a length less than or equal to \fIlength\fP.
+This is equivalent to:
+.in +.5i
+.nf
+\fBlen <= \fIlength\fP.
+.fi
+.in -.5i
+.IP "\fBgreater \fIlength\fR"
+True if the packet has a length greater than or equal to \fIlength\fP.
+This is equivalent to:
+.in +.5i
+.nf
+\fBlen >= \fIlength\fP.
+.fi
+.in -.5i
+.IP "\fBip proto \fIprotocol\fR"
+True if the packet is an ip packet (see
+.IR ip (4P))
+of protocol type \fIprotocol\fP.
+\fIProtocol\fP can be a number or one of the names
+\fIicmp\fP, \fIigrp\fP, \fIudp\fP, \fInd\fP, or \fItcp\fP.
+Note that the identifiers \fItcp\fP, \fIudp\fP, and \fIicmp\fP are also
+keywords and must be escaped via backslash (\\), which is \\\\ in the C-shell.
+.IP "\fBether broadcast\fR"
+True if the packet is an ethernet broadcast packet.  The \fIether\fP
+keyword is optional.
+.IP "\fBip broadcast\fR"
+True if the packet is an IP broadcast packet.  It checks for both
+the all-zeroes and all-ones broadcast conventions, and looks up
+the local subnet mask.
+.IP "\fBether multicast\fR"
+True if the packet is an ethernet multicast packet.  The \fIether\fP
+keyword is optional.
+This is shorthand for `\fBether[0] & 1 != 0\fP'.
+.IP "\fBip multicast\fR"
+True if the packet is an IP multicast packet.
+.IP  "\fBether proto \fIprotocol\fR"
+True if the packet is of ether type \fIprotocol\fR.
+\fIProtocol\fP can be a number or a name like
+\fIip\fP, \fIarp\fP, or \fIrarp\fP.
+Note these identifiers are also keywords
+and must be escaped via backslash (\\).
+[In the case of FDDI (e.g., `\fBfddi protocol arp\fR'), the
+protocol identification comes from the 802.2 Logical Link Control
+(LLC) header, which is usually layered on top of the FDDI header.
+\fITcpdump\fP assumes, when filtering on the protocol identifier,
+that all FDDI packets include an LLC header, and that the LLC header
+is in so-called SNAP format.]
+.IP "\fBdecnet src \fIhost\fR"
+True if the DECNET source address is
+.IR host ,
+which may be an address of the form ``10.123'', or a DECNET host
+name.  [DECNET host name support is only available on Ultrix systems
+that are configured to run DECNET.]
+.IP "\fBdecnet dst \fIhost\fR"
+True if the DECNET destination address is
+.IR host .
+.IP "\fBdecnet host \fIhost\fR"
+True if either the DECNET source or destination address is
+.IR host .
+.IP "\fBip\fR, \fBarp\fR, \fBrarp\fR, \fBdecnet\fR"
+Abbreviations for:
+.in +.5i
+.nf
+\fBether proto \fIp\fR
+.fi
+.in -.5i
+where \fIp\fR is one of the above protocols.
+.IP "\fBlat\fR, \fBmoprc\fR, \fBmopdl\fR"
+Abbreviations for:
+.in +.5i
+.nf
+\fBether proto \fIp\fR
+.fi
+.in -.5i
+where \fIp\fR is one of the above protocols.
+Note that
+\fItcpdump\fP does not currently know how to parse these protocols.
+.IP  "\fBtcp\fR, \fBudp\fR, \fBicmp\fR"
+Abbreviations for:
+.in +.5i
+.nf
+\fBip proto \fIp\fR
+.fi
+.in -.5i
+where \fIp\fR is one of the above protocols.
+.IP  "\fIexpr relop expr\fR"
+True if the relation holds, where \fIrelop\fR is one of >, <, >=, <=, =, !=,
+and \fIexpr\fR is an arithmetic expression composed of integer constants
+(expressed in standard C syntax), the normal binary operators
+[+, -, *, /, &, |], a length operator, and special packet data accessors.
+To access
+data inside the packet, use the following syntax:
+.in +.5i
+.nf
+\fIproto\fB [ \fIexpr\fB : \fIsize\fB ]\fR
+.fi
+.in -.5i
+\fIProto\fR is one of \fBether, fddi,
+ip, arp, rarp, tcp, udp, \fRor \fBicmp\fR, and
+indicates the protocol layer for the index operation.
+The byte offset, relative to the indicated protocol layer, is
+given by \fIexpr\fR.
+\fISize\fR is optional and indicates the number of bytes in the
+field of interest; it can be either one, two, or four, and defaults to one.
+The length operator, indicated by the keyword \fBlen\fP, gives the
+length of the packet.
+
+For example, `\fBether[0] & 1 != 0\fP' catches all multicast traffic.
+The expression `\fBip[0] & 0xf != 5\fP'
+catches all IP packets with options. The expression
+`\fBip[6:2] & 0x1fff = 0\fP'
+catches only unfragmented datagrams and frag zero of fragmented datagrams.
+This check is implicitly applied to the \fBtcp\fP and \fBudp\fP
+index operations.
+For instance, \fBtcp[0]\fP always means the first
+byte of the TCP \fIheader\fP, and never means the first byte of an
+intervening fragment.
+.LP
+Primitives may be combined using:
+.IP
+A parenthesized group of primitives and operators
+(parentheses are special to the Shell and must be escaped).
+.IP
+Negation (`\fB!\fP' or `\fBnot\fP').
+.IP
+Concatenation (`\fB&&\fP' or `\fBand\fP').
+.IP
+Alternation (`\fB||\fP' or `\fBor\fP').
+.LP
+Negation has highest precedence.
+Alternation and concatenation have equal precedence and associate
+left to right.  Note that explicit \fBand\fR tokens, not juxtaposition,
+are now required for concatenation.
+.LP
+If an identifier is given without a keyword, the most recent keyword
+is assumed.
+For example,
+.in +.5i
+.nf
+\fBnot host vs and ace\fR
+.fi
+.in -.5i
+is short for
+.in +.5i
+.nf
+\fBnot host vs and host ace\fR
+.fi
+.in -.5i
+which should not be confused with
+.in +.5i
+.nf
+\fBnot ( host vs or ace )\fR
+.fi
+.in -.5i
+.LP
+Expression arguments can be passed to tcpdump as either a single argument
+or as multiple arguments, whichever is more convenient.
+Generally, if the expression contains Shell metacharacters, it is
+easier to pass it as a single, quoted argument.
+Multiple arguments are concatenated with spaces before being parsed.
+.SH EXAMPLES
+.LP
+To print all packets arriving at or departing from \fIsundown\fP:
+.RS
+.nf
+\fBtcpdump host sundown\fP
+.fi
+.RE
+.LP
+To print traffic between \fIhelios\fR and either \fIhot\fR or \fIace\fR:
+.RS
+.nf
+\fBtcpdump host helios and \\( hot or ace \\)\fP
+.fi
+.RE
+.LP
+To print all IP packets between \fIace\fR and any host except \fIhelios\fR:
+.RS
+.nf
+\fBtcpdump ip host ace and not helios\fP
+.fi
+.RE
+.LP
+To print all traffic between local hosts and hosts at Berkeley:
+.RS
+.nf
+.B
+tcpdump net ucb-ether
+.fi
+.RE
+.LP
+To print all ftp traffic through internet gateway \fIsnup\fP:
+(note that the expression is quoted to prevent the shell from
+(mis-)interpreting the parentheses):
+.RS
+.nf
+.B
+tcpdump 'gateway snup and (port ftp or ftp-data)'
+.fi
+.RE
+.LP
+To print traffic neither sourced from nor destined for local hosts
+(if you gateway to one other net, this stuff should never make it
+onto your local net).
+.RS
+.nf
+.B
+tcpdump ip and not net \fIlocalnet\fP
+.fi
+.RE
+.LP
+To print the start and end packets (the SYN and FIN packets) of each
+TCP conversation that involves a non-local host.
+.RS
+.nf
+.B
+tcpdump 'tcp[13] & 3 != 0 and not src and dst net \fIlocalnet\fP'
+.fi
+.RE
+.LP
+To print IP packets longer than 576 bytes sent through gateway \fIsnup\fP:
+.RS
+.nf
+.B
+tcpdump 'gateway snup and ip[2:2] > 576'
+.fi
+.RE
+.LP
+To print IP broadcast or multicast packets that were
+.I not
+sent via ethernet broadcast or multicast:
+.RS
+.nf
+.B
+tcpdump 'ether[0] & 1 = 0 and ip[16] >= 224'
+.fi
+.RE
+.LP
+To print all ICMP packets that are not echo requests/replies (i.e., not
+ping packets):
+.RS
+.nf
+.B
+tcpdump 'icmp[0] != 8 and icmp[0] != 0"
+.fi
+.RE
+.SH OUTPUT FORMAT
+.LP
+The output of \fItcpdump\fP is protocol dependent.  The following
+gives a brief description and examples of most of the formats.
+.de HD
+.sp 1.5
+.B
+..
+.HD
+Link Level Headers
+.LP
+If the '-e' option is given, the link level header is printed out.
+On ethernets, the source and destination addresses, protocol,
+and packet length are printed.
+.LP
+On FDDI networks, the  '-e' option causes \fItcpdump\fP to print
+the `frame control' field,  the source and destination addresses,
+and the packet length.  (The `frame control' field governs the
+interpretation of the rest of the packet.  Normal packets (such
+as those containing IP datagrams) are `async' packets, with a priority
+value between 0 and 7; for example, `\fBasync4\fR'.  Such packets
+are assumed to contain an 802.2 Logical Link Control (LLC) packet;
+the LLC header is printed if it is \fInot\fR an ISO datagram or a
+so-called SNAP packet.
+.LP
+\fI(N.B.: The following description assumes familiarity with
+the SLIP compression algorithm described in RFC-1144.)\fP
+.LP
+On SLIP links, a direction indicator (``I'' for inbound, ``O'' for outbound),
+packet type, and compression information are printed out.
+The packet type is printed first.
+The three types are \fIip\fP, \fIutcp\fP, and \fIctcp\fP.
+No further link information is printed for \fIip\fR packets.
+For TCP packets, the connection identifier is printed following the type.
+If the packet is compressed, its encoded header is printed out.
+The special cases are printed out as
+\fB*S+\fIn\fR and \fB*SA+\fIn\fR, where \fIn\fR is the amount by which
+the sequence number (or sequence number and ack) has changed.
+If it is not a special case,
+zero or more changes are printed.
+A change is indicated by U (urgent pointer), W (window), A (ack),
+S (sequence number), and I (packet ID), followed by a delta (+n or -n),
+or a new value (=n).
+Finally, the amount of data in the packet and compressed header length
+are printed.
+.LP
+For example, the following line shows an outbound compressed TCP packet,
+with an implicit connection identifier; the ack has changed by 6,
+the sequence number by 49, and the packet ID by 6; there are 3 bytes of
+data and 6 bytes of compressed header:
+.RS
+.nf
+\fBO ctcp * A+6 S+49 I+6 3 (6)\fP
+.fi
+.RE
+.HD
+ARP/RARP Packets
+.LP
+Arp/rarp output shows the type of request and its arguments.  The
+format is intended to be self explanatory.
+Here is a short sample taken from the start of an `rlogin' from
+host \fIrtsg\fP to host \fIcsam\fP:
+.RS
+.nf
+.sp .5
+\f(CWarp who-has csam tell rtsg
+arp reply csam is-at CSAM\fP
+.sp .5
+.fi
+.RE
+The first line says that rtsg sent an arp packet asking
+for the ethernet address of internet host csam.  Csam
+replies with its ethernet address (in this example, ethernet addresses
+are in caps and internet addresses in lower case).
+.LP
+This would look less redundant if we had done \fBtcpdump \-n\fP:
+.RS
+.nf
+.sp .5
+\f(CWarp who-has 128.3.254.6 tell 128.3.254.68
+arp reply 128.3.254.6 is-at 02:07:01:00:01:c4\fP
+.fi
+.RE
+.LP
+If we had done \fBtcpdump \-e\fP, the fact that the first packet is
+broadcast and the second is point-to-point would be visible:
+.RS
+.nf
+.sp .5
+\f(CWRTSG Broadcast 0806  64: arp who-has csam tell rtsg
+CSAM RTSG 0806  64: arp reply csam is-at CSAM\fP
+.sp .5
+.fi
+.RE
+For the first packet this says the ethernet source address is RTSG, the
+destination is the ethernet broadcast address, the type field
+contained hex 0806 (type ETHER_ARP) and the total length was 64 bytes.
+.HD
+TCP Packets
+.LP
+\fI(N.B.:The following description assumes familiarity with
+the TCP protocol described in RFC-793.  If you are not familiar
+with the protocol, neither this description nor tcpdump will
+be of much use to you.)\fP
+.LP
+The general format of a tcp protocol line is:
+.RS
+.nf
+.sp .5
+\fIsrc > dst: flags data-seqno ack window urgent options\fP
+.sp .5
+.fi
+.RE
+\fISrc\fP and \fIdst\fP are the source and destination IP
+addresses and ports.  \fIFlags\fP are some combination of S (SYN),
+F (FIN), P (PUSH) or R (RST) or a single `.' (no flags).
+\fIData-seqno\fP describes the portion of sequence space covered
+by the data in this packet (see example below).
+\fIAck\fP is sequence number of the next data expected the other
+direction on this connection.
+\fIWindow\fP is the number of bytes of receive buffer space available
+the other direction on this connection.
+\fIUrg\fP indicates there is `urgent' data in the packet.
+\fIOptions\fP are tcp options enclosed in angle brackets (e.g., <mss 1024>).
+.LP
+\fISrc, dst\fP and \fIflags\fP are always present.  The other fields
+depend on the contents of the packet's tcp protocol header and
+are output only if appropriate.
+.LP
+Here is the opening portion of an rlogin from host \fIrtsg\fP to
+host \fIcsam\fP.
+.RS
+.nf
+.sp .5
+\s-2\f(CWrtsg.1023 > csam.login: S 768512:768512(0) win 4096 <mss 1024>
+csam.login > rtsg.1023: S 947648:947648(0) ack 768513 win 4096 <mss 1024>
+rtsg.1023 > csam.login: . ack 1 win 4096
+rtsg.1023 > csam.login: P 1:2(1) ack 1 win 4096
+csam.login > rtsg.1023: . ack 2 win 4096
+rtsg.1023 > csam.login: P 2:21(19) ack 1 win 4096
+csam.login > rtsg.1023: P 1:2(1) ack 21 win 4077
+csam.login > rtsg.1023: P 2:3(1) ack 21 win 4077 urg 1
+csam.login > rtsg.1023: P 3:4(1) ack 21 win 4077 urg 1\fP\s+2
+.sp .5
+.fi
+.RE
+The first line says that tcp port 1023 on rtsg sent a packet
+to port \fIlogin\fP
+on csam.  The \fBS\fP indicates that the \fISYN\fP flag was set.
+The packet sequence number was 768512 and it contained no data.
+(The notation is `first:last(nbytes)' which means `sequence
+numbers \fIfirst\fP
+up to but not including \fIlast\fP which is \fInbytes\fP bytes of user data'.)
+There was no piggy-backed ack, the available receive window was 4096
+bytes and there was a max-segment-size option requesting an mss of
+1024 bytes.
+.LP
+Csam replies with a similar packet except it includes a piggy-backed
+ack for rtsg's SYN.  Rtsg then acks csam's SYN.  The `.' means no
+flags were set.
+The packet contained no data so there is no data sequence number.
+Note that the ack sequence
+number is a small integer (1).  The first time \fBtcpdump\fP sees a
+tcp `conversation', it prints the sequence number from the packet.
+On subsequent packets of the conversation, the difference between
+the current packet's sequence number and this initial sequence number
+is printed.  This means that sequence numbers after the
+first can be interpreted
+as relative byte positions in the conversation's data stream (with the
+first data byte each direction being `1').  `-S' will override this
+feature, causing the original sequence numbers to be output.
+.LP
+On the 6th line, rtsg sends csam 19 bytes of data (bytes 2 through 20
+in the rtsg \(-> csam side of the conversation).
+The PUSH flag is set in the packet.
+On the 7th line, csam says it's received data sent by rtsg up to
+but not including byte 21.  Most of this data is apparently sitting in the
+socket buffer since csam's receive window has gotten 19 bytes smaller.
+Csam also sends one byte of data to rtsg in this packet.
+On the 8th and 9th lines,
+csam sends two bytes of urgent, pushed data to rtsg.
+.HD
+.B
+UDP Packets
+.LP
+UDP format is illustrated by this rwho packet:
+.RS
+.nf
+.sp .5
+\f(CWactinide.who > broadcast.who: udp 84\fP
+.sp .5
+.fi
+.RE
+This says that port \fIwho\fP on host \fIactinide\fP sent a udp
+datagram to port \fIwho\fP on host \fIbroadcast\fP, the Internet
+broadcast address.  The packet contained 84 bytes of user data.
+.LP
+Some UDP services are recognized (from the source or destination
+port number) and the higher level protocol information printed.
+In particular, Domain Name service requests (RFC-1034/1035) and Sun
+RPC calls (RFC-1050) to NFS.
+.HD
+UDP Name Server Requests
+.LP
+\fI(N.B.:The following description assumes familiarity with
+the Domain Service protocol described in RFC-1035.  If you are not familiar
+with the protocol, the following description will appear to be written
+in greek.)\fP
+.LP
+Name server requests are formatted as
+.RS
+.nf
+.sp .5
+\fIsrc > dst: id op? flags qtype qclass name (len)\fP
+.sp .5
+\f(CWh2opolo.1538 > helios.domain: 3+ A? ucbvax.berkeley.edu. (37)\fP
+.sp .5
+.fi
+.RE
+Host \fIh2opolo\fP asked the domain server on \fIhelios\fP for an
+address record (qtype=A) associated with the name \fIucbvax.berkeley.edu.\fP
+The query id was `3'.  The `+' indicates the \fIrecursion desired\fP flag
+was set.  The query length was 37 bytes, not including the UDP and
+IP protocol headers.  The query operation was the normal one, \fIQuery\fP,
+so the op field was omitted.  If the op had been anything else, it would
+have been printed between the `3' and the `+'.
+Similarly, the qclass was the normal one,
+\fIC_IN\fP, and omitted.  Any other qclass would have been printed
+immediately after the `A'.
+.LP
+A few anomalies are checked and may result in extra fields enclosed in
+square brackets:  If a query contains an answer, name server or
+authority section,
+.IR ancount ,
+.IR nscount ,
+or
+.I arcount
+are printed as `[\fIn\fPa]', `[\fIn\fPn]' or  `[\fIn\fPau]' where \fIn\fP
+is the appropriate count.
+If any of the response bits are set (AA, RA or rcode) or any of the
+`must be zero' bits are set in bytes two and three, `[b2&3=\fIx\fP]'
+is printed, where \fIx\fP is the hex value of header bytes two and three.
+.HD
+UDP Name Server Responses
+.LP
+Name server responses are formatted as
+.RS
+.nf
+.sp .5
+\fIsrc > dst:  id op rcode flags a/n/au type class data (len)\fP
+.sp .5
+\f(CWhelios.domain > h2opolo.1538: 3 3/3/7 A 128.32.137.3 (273)
+helios.domain > h2opolo.1537: 2 NXDomain* 0/1/0 (97)\fP
+.sp .5
+.fi
+.RE
+In the first example, \fIhelios\fP responds to query id 3 from \fIh2opolo\fP
+with 3 answer records, 3 name server records and 7 authority records.
+The first answer record is type A (address) and its data is internet
+address 128.32.137.3.  The total size of the response was 273 bytes,
+excluding UDP and IP headers.  The op (Query) and response code
+(NoError) were omitted, as was the class (C_IN) of the A record.
+.LP
+In the second example, \fIhelios\fP responds to query 2 with a
+response code of non-existent domain (NXDomain) with no answers,
+one name server and no authority records.  The `*' indicates that
+the \fIauthoritative answer\fP bit was set.  Since there were no
+answers, no type, class or data were printed.
+.LP
+Other flag characters that might appear are `\-' (recursion available,
+RA, \fInot\fP set) and `|' (truncated message, TC, set).  If the
+`question' section doesn't contain exactly one entry, `[\fIn\fPq]'
+is printed.
+.LP
+Note that name server requests and responses tend to be large and the
+default \fIsnaplen\fP of 68 bytes may not capture enough of the packet
+to print.  Use the \fB\-s\fP flag to increase the snaplen if you
+need to seriously investigate name server traffic.  `\fB\-s 128\fP'
+has worked well for me.
+
+.HD
+NFS Requests and Replies
+.LP
+Sun NFS (Network File System) requests and replies are printed as:
+.RS
+.nf
+.sp .5
+\fIsrc.xid > dst.nfs: len op args\fP
+\fIsrc.nfs > dst.xid: reply stat len op results\fP
+.sp .5
+\f(CW
+sushi.6709 > wrl.nfs: 112 readlink fh 21,24/10.73165
+wrl.nfs > sushi.6709: reply ok 40 readlink "../var"
+sushi.201b > wrl.nfs:
+	144 lookup fh 9,74/4096.6878 "xcolors"
+wrl.nfs > sushi.201b:
+	reply ok 128 lookup fh 9,74/4134.3150
+\fP
+.sp .5
+.fi
+.RE
+In the first line, host \fIsushi\fP sends a transaction with id \fI6709\fP
+to \fIwrl\fP (note that the number following the src host is a
+transaction id, \fInot\fP the source port).  The request was 112 bytes,
+excluding the UDP and IP headers.  The operation was a \fIreadlink\fP
+(read symbolic link) on file handle (\fIfh\fP) 21,24/10.731657119.
+(If one is lucky, as in this case, the file handle can be interpreted
+as a major,minor device number pair, followed by the inode number and
+generation number.)
+\fIWrl\fP replies `ok' with the contents of the link.
+.LP
+In the third line, \fIsushi\fP asks \fIwrl\fP to lookup the name
+`\fIxcolors\fP' in directory file 9,74/4096.6878.  Note that the data printed
+depends on the operation type.  The format is intended to be self
+explanatory if read in conjunction with
+an NFS protocol spec.
+.LP
+If the \-v (verbose) flag is given, additional information is printed.
+For example:
+.RS
+.nf
+.sp .5
+\f(CW
+sushi.1372a > wrl.nfs:
+	148 read fh 21,11/12.195 8192 bytes @ 24576
+wrl.nfs > sushi.1372a:
+	reply ok 1472 read REG 100664 ids 417/0 sz 29388
+\fP
+.sp .5
+.fi
+.RE
+(\-v also prints the IP header TTL, ID, and fragmentation fields,
+which have been omitted from this example.)  In the first line,
+\fIsushi\fP asks \fIwrl\fP to read 8192 bytes from file 21,11/12.195,
+at byte offset 24576.  \fIWrl\fP replies `ok'; the packet shown on the
+second line is the first fragment of the reply, and hence is only 1472
+bytes long (the other bytes will follow in subsequent fragments, but
+these fragments do not have NFS or even UDP headers and so might not be
+printed, depending on the filter expression used).  Because the \-v flag
+is given, some of the file attributes (which are returned in addition
+to the file data) are printed: the file type (``REG'', for regular file),
+the file mode (in octal), the uid and gid, and the file size.
+.LP
+If the \-v flag is given more than once, even more details are printed.
+.LP
+Note that NFS requests are very large and much of the detail won't be printed
+unless \fIsnaplen\fP is increased.  Try using `\fB\-s 192\fP' to watch
+NFS traffic.
+.LP
+NFS reply packets do not explicitly identify the RPC operation.  Instead,
+\fItcpdump\fP keeps track of ``recent'' requests, and matches them to the
+replies using the transaction ID.  If a reply does not closely follow the
+corresponding request, it might not be parsable.
+.HD
+KIP Appletalk (DDP in UDP)
+.LP
+Appletalk DDP packets encapsulated in UDP datagrams are de-encapsulated
+and dumped as DDP packets (i.e., all the UDP header information is
+discarded).  The file
+.I /etc/atalk.names
+is used to translate appletalk net and node numbers to names.
+Lines in this file have the form
+.RS
+.nf
+.sp .5
+\fInumber	name\fP
+
+\f(CW1.254		ether
+16.1		icsd-net
+1.254.110	ace\fP
+.sp .5
+.fi
+.RE
+The first two lines give the names of appletalk networks.  The third
+line gives the name of a particular host (a host is distinguished
+from a net by the 3rd octet in the number \-
+a net number \fImust\fP have two octets and a host number \fImust\fP
+have three octets.)  The number and name should be separated by
+whitespace (blanks or tabs).
+The
+.I /etc/atalk.names
+file may contain blank lines or comment lines (lines starting with
+a `#').
+.LP
+Appletalk addresses are printed in the form
+.RS
+.nf
+.sp .5
+\fInet.host.port\fP
+
+\f(CW144.1.209.2 > icsd-net.112.220
+office.2 > icsd-net.112.220
+jssmag.149.235 > icsd-net.2\fP
+.sp .5
+.fi
+.RE
+(If the
+.I /etc/atalk.names
+doesn't exist or doesn't contain an entry for some appletalk
+host/net number, addresses are printed in numeric form.)
+In the first example, NBP (DDP port 2) on net 144.1 node 209
+is sending to whatever is listening on port 220 of net icsd node 112.
+The second line is the same except the full name of the source node
+is known (`office').  The third line is a send from port 235 on
+net jssmag node 149 to broadcast on the icsd-net NBP port (note that
+the broadcast address (255) is indicated by a net name with no host
+number \- for this reason it's a good idea to keep node names and
+net names distinct in /etc/atalk.names).
+.LP
+NBP (name binding protocol) and ATP (Appletalk transaction protocol)
+packets have their contents interpreted.  Other protocols just dump
+the protocol name (or number if no name is registered for the
+protocol) and packet size.
+
+\fBNBP packets\fP are formatted like the following examples:
+.RS
+.nf
+.sp .5
+\s-2\f(CWicsd-net.112.220 > jssmag.2: nbp-lkup 190: "=:LaserWriter@*"
+jssmag.209.2 > icsd-net.112.220: nbp-reply 190: "RM1140:LaserWriter@*" 250
+techpit.2 > icsd-net.112.220: nbp-reply 190: "techpit:LaserWriter@*" 186\fP\s+2
+.sp .5
+.fi
+.RE
+The first line is a name lookup request for laserwriters sent by net icsd host
+112 and broadcast on net jssmag.  The nbp id for the lookup is 190.
+The second line shows a reply for this request (note that it has the
+same id) from host jssmag.209 saying that it has a laserwriter
+resource named "RM1140" registered on port 250.  The third line is
+another reply to the same request saying host techpit has laserwriter
+"techpit" registered on port 186.
+
+\fBATP packet\fP formatting is demonstrated by the following example:
+.RS
+.nf
+.sp .5
+\s-2\f(CWjssmag.209.165 > helios.132: atp-req  12266<0-7> 0xae030001
+helios.132 > jssmag.209.165: atp-resp 12266:0 (512) 0xae040000
+helios.132 > jssmag.209.165: atp-resp 12266:1 (512) 0xae040000
+helios.132 > jssmag.209.165: atp-resp 12266:2 (512) 0xae040000
+helios.132 > jssmag.209.165: atp-resp 12266:3 (512) 0xae040000
+helios.132 > jssmag.209.165: atp-resp 12266:4 (512) 0xae040000
+helios.132 > jssmag.209.165: atp-resp 12266:5 (512) 0xae040000
+helios.132 > jssmag.209.165: atp-resp 12266:6 (512) 0xae040000
+helios.132 > jssmag.209.165: atp-resp*12266:7 (512) 0xae040000
+jssmag.209.165 > helios.132: atp-req  12266<3,5> 0xae030001
+helios.132 > jssmag.209.165: atp-resp 12266:3 (512) 0xae040000
+helios.132 > jssmag.209.165: atp-resp 12266:5 (512) 0xae040000
+jssmag.209.165 > helios.132: atp-rel  12266<0-7> 0xae030001
+jssmag.209.133 > helios.132: atp-req* 12267<0-7> 0xae030002\fP\s+2
+.sp .5
+.fi
+.RE
+Jssmag.209 initiates transaction id 12266 with host helios by requesting
+up to 8 packets (the `<0-7>').  The hex number at the end of the line
+is the value of the `userdata' field in the request.
+.LP
+Helios responds with 8 512-byte packets.  The `:digit' following the
+transaction id gives the packet sequence number in the transaction
+and the number in parens is the amount of data in the packet,
+excluding the atp header.  The `*' on packet 7 indicates that the
+EOM bit was set.
+.LP
+Jssmag.209 then requests that packets 3 & 5 be retransmitted.  Helios
+resends them then jssmag.209 releases the transaction.  Finally,
+jssmag.209 initiates the next request.  The `*' on the request
+indicates that XO (`exactly once') was \fInot\fP set.
+
+.HD
+IP Fragmentation
+.LP
+Fragmented Internet datagrams are printed as
+.RS
+.nf
+.sp .5
+\fB(frag \fIid\fB:\fIsize\fB@\fIoffset\fB+)\fR
+\fB(frag \fIid\fB:\fIsize\fB@\fIoffset\fB)\fR
+.sp .5
+.fi
+.RE
+(The first form indicates there are more fragments.  The second
+indicates this is the last fragment.)
+.LP
+\fIId\fP is the fragment id.  \fISize\fP is the fragment
+size (in bytes) excluding the IP header.  \fIOffset\fP is this
+fragment's offset (in bytes) in the original datagram.
+.LP
+The fragment information is output for each fragment.  The first
+fragment contains the higher level protocol header and the frag
+info is printed after the protocol info.  Fragments
+after the first contain no higher level protocol header and the
+frag info is printed after the source and destination addresses.
+For example, here is part of an ftp from arizona.edu to lbl-rtsg.arpa
+over a CSNET connection that doesn't appear to handle 576 byte datagrams:
+.RS
+.nf
+.sp .5
+\s-2\f(CWarizona.ftp-data > rtsg.1170: . 1024:1332(308) ack 1 win 4096 (frag 595a:328@0+)
+arizona > rtsg: (frag 595a:204@328)
+rtsg.1170 > arizona.ftp-data: . ack 1536 win 2560\fP\s+2
+.sp .5
+.fi
+.RE
+There are a couple of things to note here:  First, addresses in the
+2nd line don't include port numbers.  This is because the TCP
+protocol information is all in the first fragment and we have no idea
+what the port or sequence numbers are when we print the later fragments.
+Second, the tcp sequence information in the first line is printed as if there
+were 308 bytes of user data when, in fact, there are 512 bytes (308 in
+the first frag and 204 in the second).  If you are looking for holes
+in the sequence space or trying to match up acks
+with packets, this can fool you.
+.LP
+A packet with the IP \fIdon't fragment\fP flag is marked with a
+trailing \fB(DF)\fP.
+.HD
+Timestamps
+.LP
+By default, all output lines are preceded by a timestamp.  The timestamp
+is the current clock time in the form
+.RS
+.nf
+\fIhh:mm:ss.frac\fP
+.fi
+.RE
+and is as accurate as the kernel's clock.
+The timestamp reflects the time the kernel first saw the packet.  No attempt
+is made to account for the time lag between when the
+ethernet interface removed the packet from the wire and when the kernel
+serviced the `new packet' interrupt.
+.SH "SEE ALSO"
+traffic(1C), nit(4P), bpf(4), pcap(3)
+.SH AUTHORS
+Van Jacobson (van@ee.lbl.gov),
+Craig Leres (leres@ee.lbl.gov) and
+Steven McCanne (mccanne@ee.lbl.gov), all of the
+Lawrence Berkeley Laboratory, University of California, Berkeley, CA.
+.SH BUGS
+Please send bug reports to tcpdump@ee.lbl.gov or libpcap@ee.lbl.gov.
+.LP
+NIT doesn't let you watch your own outbound traffic, BPF will.
+We recommend that you use the latter.
+.LP
+\fItcpdump\fP for Ultrix requires Ultrix version 4.0 or later; the kernel
+has to have been built with the \fIpacketfilter\fP pseudo-device driver
+(see
+.IR packetfilter (4)).
+In order to watch either your own outbound or inbound traffic,
+you will need to use Ultrix version 4.2 or later, and you will have
+to have used the
+.IR pfconfig (8)
+command to enable ``copyall'' mode.
+.LP
+Under SunOS 4.1, the packet capture code (or Streams NIT) is not what
+you'd call efficient.  Don't plan on doing much with your Sun while
+you're monitoring a busy network.
+.LP
+On Sun systems prior to release 3.2, NIT is very buggy.
+If run on an old system, tcpdump may crash the machine.
+.LP
+Some attempt should be made to reassemble IP fragments or, at least
+to compute the right length for the higher level protocol.
+.LP
+Name server inverse queries are not dumped correctly: The (empty)
+question section is printed rather than real query in the answer
+section.  Some believe that inverse queries are themselves a bug and
+prefer to fix the program generating them rather than tcpdump.
+.LP
+Apple Ethertalk DDP packets could be dumped as easily as KIP DDP
+packets but aren't.
+Even if we were inclined to do anything to promote the use of
+Ethertalk (we aren't), LBL doesn't allow Ethertalk on any of its
+networks so we'd would have no way of testing this code.
+.LP
+A packet trace that crosses a daylight savings time change will give
+skewed time stamps (the time change is ignored).
+.LP
+Filters expressions that manipulate FDDI headers assume that all FDDI
+packets are encapsulated Ethernet packets.  This is true for IP, ARP,
+and DECNET Phase IV, but is not true for protocols such as ISO CLNS.
+Therefore, the filter may inadvertently accept certain packets that
+do not properly match the filter expression.
diff --git a/contrib/tcpdump/tcpdump.c b/contrib/tcpdump/tcpdump.c
new file mode 100644
index 000000000000..208e36b9fc73
--- /dev/null
+++ b/contrib/tcpdump/tcpdump.c
@@ -0,0 +1,428 @@
+/*
+ * Copyright (c) 1988, 1989, 1990, 1991, 1992, 1993, 1994, 1995, 1996
+ *	The Regents of the University of California.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that: (1) source code distributions
+ * retain the above copyright notice and this paragraph in its entirety, (2)
+ * distributions including binary code include the above copyright notice and
+ * this paragraph in its entirety in the documentation or other materials
+ * provided with the distribution, and (3) all advertising materials mentioning
+ * features or use of this software display the following acknowledgement:
+ * ``This product includes software developed by the University of California,
+ * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
+ * the University nor the names of its contributors may be used to endorse
+ * or promote products derived from this software without specific prior
+ * written permission.
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
+ */
+
+#ifndef lint
+char copyright[] =
+    "@(#) Copyright (c) 1988, 1989, 1990, 1991, 1992, 1993, 1994, 1995, 1996\n\
+The Regents of the University of California.  All rights reserved.\n";
+static  char rcsid[] =
+    "@(#)$Header: tcpdump.c,v 1.114 96/07/17 00:12:40 leres Exp $ (LBL)";
+#endif
+
+/*
+ * tcpdump - monitor tcp/ip traffic on an ethernet.
+ *
+ * First written in 1987 by Van Jacobson, Lawrence Berkeley Laboratory.
+ * Mercilessly hacked and occasionally improved since then via the
+ * combined efforts of Van, Steve McCanne and Craig Leres of LBL.
+ */
+
+#include <sys/types.h>
+#include <sys/time.h>
+
+#include <netinet/in.h>
+
+#include <pcap.h>
+#include <signal.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <unistd.h>
+
+#include "interface.h"
+#include "addrtoname.h"
+#include "machdep.h"
+
+int fflag;			/* don't translate "foreign" IP address */
+int nflag;			/* leave addresses as numbers */
+int Nflag;			/* remove domains from printed host names */
+int pflag;			/* don't go promiscuous */
+int qflag;			/* quick (shorter) output */
+int tflag = 1;			/* print packet arrival time */
+int eflag;			/* print ethernet header */
+int vflag;			/* verbose */
+int xflag;			/* print packet in hex */
+int Oflag = 1;			/* run filter code optimizer */
+int Sflag;			/* print raw TCP sequence numbers */
+int packettype;
+
+int dflag;			/* print filter code */
+
+char *program_name;
+
+int32_t thiszone;		/* seconds offset from gmt to local time */
+
+/* Externs */
+extern void bpf_dump(struct bpf_program *, int);
+
+/* Forwards */
+RETSIGTYPE cleanup(int);
+extern __dead void usage(void) __attribute__((volatile));
+
+/* Length of saved portion of packet. */
+int snaplen = DEFAULT_SNAPLEN;
+
+struct printer {
+	pcap_handler f;
+	int type;
+};
+
+/* XXX needed if using old bpf.h */
+#ifndef DLT_ATM_RFC1483
+#define DLT_ATM_RFC1483 11
+#endif
+
+static struct printer printers[] = {
+	{ ether_if_print,	DLT_EN10MB },
+	{ ether_if_print,	DLT_IEEE802 },
+	{ sl_if_print,		DLT_SLIP },
+	{ ppp_if_print,		DLT_PPP },
+	{ fddi_if_print,	DLT_FDDI },
+	{ null_if_print,	DLT_NULL },
+	{ atm_if_print,		DLT_ATM_RFC1483 },
+	{ NULL,			0 },
+};
+
+static pcap_handler
+lookup_printer(int type)
+{
+	struct printer *p;
+
+	for (p = printers; p->f; ++p)
+		if (type == p->type)
+			return p->f;
+
+	error("unknown data link type 0x%x", type);
+	/* NOTREACHED */
+}
+
+static pcap_t *pd;
+
+extern int optind;
+extern int opterr;
+extern char *optarg;
+
+int
+main(int argc, char **argv)
+{
+	register int cnt, op, i;
+	bpf_u_int32 localnet, netmask;
+	register char *cp, *infile, *cmdbuf, *device, *RFileName, *WFileName;
+	pcap_handler printer;
+	struct bpf_program fcode;
+	u_char *pcap_userdata;
+	char ebuf[PCAP_ERRBUF_SIZE];
+
+	cnt = -1;
+	device = NULL;
+	infile = NULL;
+	RFileName = NULL;
+	WFileName = NULL;
+	if ((cp = strrchr(argv[0], '/')) != NULL)
+		program_name = cp + 1;
+	else
+		program_name = argv[0];
+
+	if (abort_on_misalignment(ebuf) < 0)
+		error(ebuf);
+
+	opterr = 0;
+	while ((op = getopt(argc, argv, "c:defF:i:lnNOpqr:s:StT:vw:xY")) != EOF)
+		switch (op) {
+		case 'c':
+			cnt = atoi(optarg);
+			if (cnt <= 0)
+				error("invalid packet count %s", optarg);
+			break;
+
+		case 'd':
+			++dflag;
+			break;
+
+		case 'e':
+			++eflag;
+			break;
+
+		case 'f':
+			++fflag;
+			break;
+
+		case 'F':
+			infile = optarg;
+			break;
+
+		case 'i':
+			device = optarg;
+			break;
+
+		case 'l':
+#ifdef HAVE_SETLINEBUF
+			setlinebuf(stdout);
+#else
+			setvbuf(stdout, NULL, _IOLBF, 0);
+#endif
+			break;
+
+		case 'n':
+			++nflag;
+			break;
+
+		case 'N':
+			++Nflag;
+			break;
+
+		case 'O':
+			Oflag = 0;
+			break;
+
+		case 'p':
+			++pflag;
+			break;
+
+		case 'q':
+			++qflag;
+			break;
+
+		case 'r':
+			RFileName = optarg;
+			break;
+
+		case 's':
+			snaplen = atoi(optarg);
+			if (snaplen <= 0)
+				error("invalid snaplen %s", optarg);
+			break;
+
+		case 'S':
+			++Sflag;
+			break;
+
+		case 't':
+			--tflag;
+			break;
+
+		case 'T':
+			if (strcasecmp(optarg, "vat") == 0)
+				packettype = PT_VAT;
+			else if (strcasecmp(optarg, "wb") == 0)
+				packettype = PT_WB;
+			else if (strcasecmp(optarg, "rpc") == 0)
+				packettype = PT_RPC;
+			else if (strcasecmp(optarg, "rtp") == 0)
+				packettype = PT_RTP;
+			else if (strcasecmp(optarg, "rtcp") == 0)
+				packettype = PT_RTCP;
+			else
+				error("unknown packet type `%s'", optarg);
+			break;
+
+		case 'v':
+			++vflag;
+			break;
+
+		case 'w':
+			WFileName = optarg;
+			break;
+#ifdef YYDEBUG
+		case 'Y':
+			{
+			/* Undocumented flag */
+			extern int yydebug;
+			yydebug = 1;
+			}
+			break;
+#endif
+		case 'x':
+			++xflag;
+			break;
+
+		default:
+			usage();
+			/* NOTREACHED */
+		}
+
+	if (tflag > 0)
+		thiszone = gmt2local();
+
+	if (RFileName != NULL) {
+		/*
+		 * We don't need network access, so set it back to the user id.
+		 * Also, this prevents the user from reading anyone's
+		 * trace file.
+		 */
+		setuid(getuid());
+
+		pd = pcap_open_offline(RFileName, ebuf);
+		if (pd == NULL)
+			error(ebuf);
+		localnet = 0;
+		netmask = 0;
+		if (fflag != 0)
+			error("-f and -r options are incompatible");
+	} else {
+		if (device == NULL) {
+			device = pcap_lookupdev(ebuf);
+			if (device == NULL)
+				error(ebuf);
+		}
+		pd = pcap_open_live(device, snaplen, !pflag, 1000, ebuf);
+		if (pd == NULL)
+			error(ebuf);
+		i = pcap_snapshot(pd);
+		if (snaplen < i) {
+			warning("snaplen raised from %d to %d", snaplen, i);
+			snaplen = i;
+		}
+		if (pcap_lookupnet(device, &localnet, &netmask, ebuf) < 0)
+			error(ebuf);
+		/*
+		 * Let user own process after socket has been opened.
+		 */
+		setuid(getuid());
+	}
+	if (infile)
+		cmdbuf = read_infile(infile);
+	else
+		cmdbuf = copy_argv(&argv[optind]);
+
+	if (pcap_compile(pd, &fcode, cmdbuf, Oflag, netmask) < 0)
+		error(pcap_geterr(pd));
+	if (dflag) {
+		bpf_dump(&fcode, dflag);
+		exit(0);
+	}
+	init_addrtoname(fflag, localnet, netmask);
+
+	(void)signal(SIGTERM, cleanup);
+	(void)signal(SIGINT, cleanup);
+	(void)signal(SIGHUP, cleanup);
+
+	if (pcap_setfilter(pd, &fcode) < 0)
+		error(pcap_geterr(pd));
+	if (WFileName) {
+		pcap_dumper_t *p = pcap_dump_open(pd, WFileName);
+		if (p == NULL)
+			error(pcap_geterr(pd));
+		printer = pcap_dump;
+		pcap_userdata = (u_char *)p;
+	} else {
+		printer = lookup_printer(pcap_datalink(pd));
+		pcap_userdata = 0;
+	}
+	if (RFileName == NULL) {
+		(void)fprintf(stderr, "%s: listening on %s\n",
+		    program_name, device);
+		(void)fflush(stderr);
+	}
+	if (pcap_loop(pd, cnt, printer, pcap_userdata) < 0) {
+		(void)fprintf(stderr, "%s: pcap_loop: %s\n",
+		    program_name, pcap_geterr(pd));
+		exit(1);
+	}
+	pcap_close(pd);
+	exit(0);
+}
+
+/* make a clean exit on interrupts */
+RETSIGTYPE
+cleanup(int signo)
+{
+	struct pcap_stat stat;
+
+	/* Can't print the summary if reading from a savefile */
+	if (pd != NULL && pcap_file(pd) == NULL) {
+		(void)fflush(stdout);
+		putc('\n', stderr);
+		if (pcap_stats(pd, &stat) < 0)
+			(void)fprintf(stderr, "pcap_stats: %s\n",
+			    pcap_geterr(pd));
+		else {
+			(void)fprintf(stderr, "%d packets received by filter\n",
+			    stat.ps_recv);
+			(void)fprintf(stderr, "%d packets dropped by kernel\n",
+			    stat.ps_drop);
+		}
+	}
+	exit(0);
+}
+
+/* Like default_print() but data need not be aligned */
+void
+default_print_unaligned(register const u_char *cp, register u_int length)
+{
+	register u_int i, s;
+	register int nshorts;
+
+	nshorts = (u_int) length / sizeof(u_short);
+	i = 0;
+	while (--nshorts >= 0) {
+		if ((i++ % 8) == 0)
+			(void)printf("\n\t\t\t");
+		s = *cp++;
+		(void)printf(" %02x%02x", s, *cp++);
+	}
+	if (length & 1) {
+		if ((i % 8) == 0)
+			(void)printf("\n\t\t\t");
+		(void)printf(" %02x", *cp);
+	}
+}
+
+void
+default_print(register const u_char *bp, register u_int length)
+{
+	register const u_short *sp;
+	register u_int i;
+	register int nshorts;
+
+	if ((long)bp & 1) {
+		default_print_unaligned(bp, length);
+		return;
+	}
+	sp = (u_short *)bp;
+	nshorts = (u_int) length / sizeof(u_short);
+	i = 0;
+	while (--nshorts >= 0) {
+		if ((i++ % 8) == 0)
+			(void)printf("\n\t\t\t");
+		(void)printf(" %04x", ntohs(*sp++));
+	}
+	if (length & 1) {
+		if ((i % 8) == 0)
+			(void)printf("\n\t\t\t");
+		(void)printf(" %02x", *(u_char *)sp);
+	}
+}
+
+__dead void
+usage()
+{
+	extern char version[];
+
+	(void)fprintf(stderr, "Version %s\n", version);
+	(void)fprintf(stderr,
+"Usage: tcpdump [-deflnNOpqStvx] [-c count] [ -F file ]\n");
+	(void)fprintf(stderr,
+"\t\t[ -i interface ] [ -r file ] [ -s snaplen ]\n");
+	(void)fprintf(stderr,
+"\t\t[ -T type ] [ -w file ] [ expression ]\n");
+	exit(-1);
+}
diff --git a/contrib/tcpdump/util.c b/contrib/tcpdump/util.c
new file mode 100644
index 000000000000..9c74a3a1ef7e
--- /dev/null
+++ b/contrib/tcpdump/util.c
@@ -0,0 +1,337 @@
+/*
+ * Copyright (c) 1990, 1991, 1993, 1994, 1995, 1996
+ *	The Regents of the University of California.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that: (1) source code distributions
+ * retain the above copyright notice and this paragraph in its entirety, (2)
+ * distributions including binary code include the above copyright notice and
+ * this paragraph in its entirety in the documentation or other materials
+ * provided with the distribution, and (3) all advertising materials mentioning
+ * features or use of this software display the following acknowledgement:
+ * ``This product includes software developed by the University of California,
+ * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
+ * the University nor the names of its contributors may be used to endorse
+ * or promote products derived from this software without specific prior
+ * written permission.
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
+ */
+
+#ifndef lint
+static char rcsid[] =
+    "@(#) $Header: util.c,v 1.52 96/07/15 18:22:54 leres Exp $ (LBL)";
+#endif
+
+#include <sys/types.h>
+#include <sys/time.h>
+#include <sys/file.h>
+#include <sys/stat.h>
+
+#include <ctype.h>
+#include <errno.h>
+#ifdef HAVE_FCNTL_H
+#include <fcntl.h>
+#endif
+#include <pcap.h>
+#include <stdio.h>
+#if __STDC__
+#include <stdarg.h>
+#else
+#include <varargs.h>
+#endif
+#include <stdlib.h>
+#include <string.h>
+#ifdef TIME_WITH_SYS_TIME
+#include <time.h>
+#endif
+#include <unistd.h>
+
+#include "interface.h"
+
+/*
+ * Print out a filename (or other ascii string).
+ * If ep is NULL, assume no truncation check is needed.
+ * Return true if truncated.
+ */
+int
+fn_print(register const u_char *s, register const u_char *ep)
+{
+	register int ret;
+	register u_char c;
+
+	ret = 1;			/* assume truncated */
+	while (ep == NULL || s < ep) {
+		c = *s++;
+		if (c == '\0') {
+			ret = 0;
+			break;
+		}
+		if (!isascii(c)) {
+			c = toascii(c);
+			putchar('M');
+			putchar('-');
+		}
+		if (!isprint(c)) {
+			c ^= 0x40;	/* DEL to ?, others to alpha */
+			putchar('^');
+		}
+		putchar(c);
+	}
+	return(ret);
+}
+
+/*
+ * Print out a counted filename (or other ascii string).
+ * If ep is NULL, assume no truncation check is needed.
+ * Return true if truncated.
+ */
+int
+fn_printn(register const u_char *s, register u_int n,
+	  register const u_char *ep)
+{
+	register int ret;
+	register u_char c;
+
+	ret = 1;			/* assume truncated */
+	while (ep == NULL || s < ep) {
+		if (n-- <= 0) {
+			ret = 0;
+			break;
+		}
+		c = *s++;
+		if (!isascii(c)) {
+			c = toascii(c);
+			putchar('M');
+			putchar('-');
+		}
+		if (!isprint(c)) {
+			c ^= 0x40;	/* DEL to ?, others to alpha */
+			putchar('^');
+		}
+		putchar(c);
+	}
+	return(ret);
+}
+
+/*
+ * Print the timestamp
+ */
+void
+ts_print(register const struct timeval *tvp)
+{
+	register int s;
+
+	if (tflag > 0) {
+		/* Default */
+		s = (tvp->tv_sec + thiszone) % 86400;
+		(void)printf("%02d:%02d:%02d.%06u ",
+		    s / 3600, (s % 3600) / 60, s % 60, (u_int32_t)tvp->tv_usec);
+	} else if (tflag < 0) {
+		/* Unix timeval style */
+		(void)printf("%u.%06u ",
+		    (u_int32_t)tvp->tv_sec, (u_int32_t)tvp->tv_usec);
+	}
+}
+
+/*
+ * Convert a token value to a string; use "fmt" if not found.
+ */
+const char *
+tok2str(register const struct tok *lp, register const char *fmt,
+	register int v)
+{
+	static char buf[128];
+
+	while (lp->s != NULL) {
+		if (lp->v == v)
+			return (lp->s);
+		++lp;
+	}
+	if (fmt == NULL)
+		fmt = "#%d";
+	(void)sprintf(buf, fmt, v);
+	return (buf);
+}
+
+
+/* VARARGS */
+__dead void
+#if __STDC__
+error(const char *fmt, ...)
+#else
+error(fmt, va_alist)
+	const char *fmt;
+	va_dcl
+#endif
+{
+	va_list ap;
+
+	(void)fprintf(stderr, "%s: ", program_name);
+#if __STDC__
+	va_start(ap, fmt);
+#else
+	va_start(ap);
+#endif
+	(void)vfprintf(stderr, fmt, ap);
+	va_end(ap);
+	if (*fmt) {
+		fmt += strlen(fmt);
+		if (fmt[-1] != '\n')
+			(void)fputc('\n', stderr);
+	}
+	exit(1);
+	/* NOTREACHED */
+}
+
+/* VARARGS */
+void
+#if __STDC__
+warning(const char *fmt, ...)
+#else
+warning(fmt, va_alist)
+	const char *fmt;
+	va_dcl
+#endif
+{
+	va_list ap;
+
+	(void)fprintf(stderr, "%s: WARNING: ", program_name);
+#if __STDC__
+	va_start(ap, fmt);
+#else
+	va_start(ap);
+#endif
+	(void)vfprintf(stderr, fmt, ap);
+	va_end(ap);
+	if (*fmt) {
+		fmt += strlen(fmt);
+		if (fmt[-1] != '\n')
+			(void)fputc('\n', stderr);
+	}
+}
+
+/*
+ * Copy arg vector into a new buffer, concatenating arguments with spaces.
+ */
+char *
+copy_argv(register char **argv)
+{
+	register char **p;
+	register u_int len = 0;
+	char *buf;
+	char *src, *dst;
+
+	p = argv;
+	if (*p == 0)
+		return 0;
+
+	while (*p)
+		len += strlen(*p++) + 1;
+
+	buf = (char *)malloc(len);
+	if (buf == NULL)
+		error("copy_argv: malloc");
+
+	p = argv;
+	dst = buf;
+	while ((src = *p++) != NULL) {
+		while ((*dst++ = *src++) != '\0')
+			;
+		dst[-1] = ' ';
+	}
+	dst[-1] = '\0';
+
+	return buf;
+}
+
+/* A replacement for strdup() that cuts down on malloc() overhead */
+char *
+savestr(register const char *str)
+{
+	register u_int size;
+	register char *p;
+	static char *strptr = NULL;
+	static u_int strsize = 0;
+
+	size = strlen(str) + 1;
+	if (size > strsize) {
+		strsize = 1024;
+		if (strsize < size)
+			strsize = size;
+		strptr = (char *)malloc(strsize);
+		if (strptr == NULL)
+			error("savestr: malloc");
+	}
+	(void)strcpy(strptr, str);
+	p = strptr;
+	strptr += size;
+	strsize -= size;
+	return (p);
+}
+
+char *
+read_infile(char *fname)
+{
+	register int fd, cc;
+	register char *cp;
+	struct stat buf;
+
+	fd = open(fname, O_RDONLY);
+	if (fd < 0)
+		error("can't open %s: %s", fname, pcap_strerror(errno));
+
+	if (fstat(fd, &buf) < 0)
+		error("can't stat %s: %s", fname, pcap_strerror(errno));
+
+	cp = malloc((u_int)buf.st_size + 1);
+	cc = read(fd, cp, (int)buf.st_size);
+	if (cc < 0)
+		error("read %s: %s", fname, pcap_strerror(errno));
+	if (cc != buf.st_size)
+		error("short read %s (%d != %d)", fname, cc, (int)buf.st_size);
+	cp[(int)buf.st_size] = '\0';
+
+	return (cp);
+}
+
+int32_t
+gmt2local()
+{
+	register int t;
+#if !defined(HAVE_ALTZONE) && !defined(HAVE_TIMEZONE)
+	struct timeval tv;
+	struct timezone tz;
+	register struct tm *tm;
+#endif
+
+	t = 0;
+#if !defined(HAVE_ALTZONE) && !defined(HAVE_TIMEZONE)
+	if (gettimeofday(&tv, &tz) < 0)
+		error("gettimeofday");
+	tm = localtime((time_t *)&tv.tv_sec);
+#ifdef HAVE_TM_GMTOFF
+	t = tm->tm_gmtoff;
+#else
+	t = tz.tz_minuteswest * -60;
+	/* XXX Some systems need this, some auto offset tz_minuteswest... */
+	if (tm->tm_isdst)
+		t += 60 * 60;
+#endif
+#endif
+
+#ifdef HAVE_TIMEZONE
+	tzset();
+	t = -timezone;
+	if (daylight)
+		t += 60 * 60;
+#endif
+
+#ifdef HAVE_ALTZONE
+	tzset();
+	t = -altzone;
+#endif
+
+	return (t);
+}
diff --git a/contrib/tcpdump/vfprintf.c b/contrib/tcpdump/vfprintf.c
new file mode 100644
index 000000000000..fa1ed93e97a7
--- /dev/null
+++ b/contrib/tcpdump/vfprintf.c
@@ -0,0 +1,59 @@
+/*
+ * Copyright (c) 1995
+ *	The Regents of the University of California.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that: (1) source code distributions
+ * retain the above copyright notice and this paragraph in its entirety, (2)
+ * distributions including binary code include the above copyright notice and
+ * this paragraph in its entirety in the documentation or other materials
+ * provided with the distribution, and (3) all advertising materials mentioning
+ * features or use of this software display the following acknowledgement:
+ * ``This product includes software developed by the University of California,
+ * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
+ * the University nor the names of its contributors may be used to endorse
+ * or promote products derived from this software without specific prior
+ * written permission.
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
+ */
+
+#ifndef lint
+static char rcsid[] =
+    "@(#) $Header: vfprintf.c,v 1.1 95/11/26 13:30:21 leres Exp $ (LBL)";
+#endif
+
+#include <sys/types.h>
+
+#include <stdio.h>
+#if __STDC__
+#include <stdarg.h>
+#else
+#include <varargs.h>
+#endif
+#include <stdlib.h>
+#include <unistd.h>
+
+#include "interface.h"
+
+/*
+ * Stock 4.3 doesn't have vfprintf.
+ * This routine is due to Chris Torek.
+ */
+vfprintf(f, fmt, args)
+	FILE *f;
+	char *fmt;
+	va_list args;
+{
+	int ret;
+
+	if ((f->_flag & _IOWRT) == 0) {
+		if (f->_flag & _IORW)
+			f->_flag |= _IOWRT;
+		else
+			return EOF;
+	}
+	ret = _doprnt(fmt, args, f);
+	return ferror(f) ? EOF : ret;
+}