
2006/11/21 Duane Wessels

    Changed most of the linked lists to hash tables.  This should
    also result in less CPU usage on busy nameservers.

2006/11/20 John Morrissey

    A patch to use setitimer and SIGALRM for updating the display.
    On busy nameservers this results in less CPU usage because
    the display is updated less often.  The redraw interval can
    be specified with the -r command line option.

2006/05/17 Max Horn

    A few fixes for OS X.

    1) select()ing on a pcap FD doesn't always work.  Advice from
       tcpdump mailing list archive is to put it into non-blocking
       mode and ignore the select() return value.

    2) Added $(LDFLAGS) to link command line in Makefile to have
       dnstop linked with specific libraries.  LDFLAGS will be
       picked up from the environment.

    3) OS X needs to #include <arpa/nameser_compat.h>

2006/04/24 Duane Wessels
	
    Adriaan Peeters reported that the list of known TLDs is
    out-of-date.  In particular, the .EU domain is not in the list.
	
2005/04/05 Duane Wessels

    Mark Foster found a bug with the source+SLD list.  It was being
    updated for 3RD-level domain names as well.  Mark also suggested
    that the '@' key should display the source+SLD screen, just as
    '3' and '#' work for 3RD-level.

2005/01/21 Sam Norris

    Added support for third-level domain statistics.  Use the -t
    command line option to enable collection of 3rd-level stats,
    and use '3' while running to display them.  Note that enabling
    3rd-level stats collection does not automatically also enable
    2nd-level stats.

2005/01/13 Duane Wessels

    Added a non-interactive mode.  If you specify a savefile and
    stdout is not a TTY, dnstop prints each table at the end.

2004/03/09 Duane Wessels

    Added filter support.  Filters can be used to restrict the input
    stream to queries with certain characteristics.  The currently
    defined filters are:

    unknown-tlds        Only includes queries for TLDs that are
			bogus.  Useful for identifying hosts/servers
			that leak queries for things like "localhost"
			or "workgroup."

    A-for-A             Only includes A queries for names that are
			already IP addresses.  Certain Microsoft
			Windows DNS servers have a known bug that
			forward these queries.

    rfc1918-ptr         PTR queries for addresses in RFC1918 space.
			These should never leak from inside an
			organization.

2003/11/13 Mark Foster <mark@foster.cc>

    Added 'c' to display options. This screen will combine the
    source and sld fields to show "who is querying for what" -
    reason: we see alot of duplicate querys for whatever reason.
    This will help separate the legitimate queries from the broken
    resolvers, etc. See http://www.circleid.com/article/102_0_1_0_C/
    for more about that.
