Merge branch 'vendor/TCPDUMP'

diff --combined contrib/tcpdump/tcpdump.1.in
index 61e3d77,a9387f1..6f3233b
--- 1/contrib/tcpdump/tcpdump.1.in
--- 2/contrib/tcpdump/tcpdump.1.in
+++ b/contrib/tcpdump/tcpdump.1.in
@@@ -186,7 -186,7 +186,7 @@@ in order to use it) and will continue c
  .LP
  Reading packets from a network interface may require that you have
  special privileges; see the
 -.B pcap (3PCAP)
 +.B pcap (3)
  man page for details.  Reading a saved packet file doesn't require
  special privileges.
  .SH OPTIONS
@@@ -200,7 -200,8 +200,8 @@@ Print the AS number in BGP packets in A
  notation.
  .TP
  .B \-B
- Set the operating system capture buffer size to \fIbuffer_size\fP.
+ Set the operating system capture buffer size to \fIbuffer_size\fP, in
+ units of KiB (1024 bytes).
  .TP
  .B \-c
  Exit after receiving \fIcount\fP packets.
@@@ -392,9 -393,37 +393,37 @@@ Make stdout line buffered
  Useful if you want to see the data
  while capturing it.
  E.g.,
- .br
- ``tcpdump\ \ \-l\ \ |\ \ tee dat'' or
- ``tcpdump\ \ \-l \ \ > dat\ \ &\ \ tail\ \ \-f\ \ dat''.
+ .IP
+ .RS
+ .RS
+ .nf
+ \fBtcpdump \-l | tee dat\fP
+ .fi
+ .RE
+ .RE
+ .IP
+ or
+ .IP
+ .RS
+ .RS
+ .nf
+ \fBtcpdump \-l > dat & tail \-f dat\fP
+ .fi
+ .RE
+ .RE
+ .IP
+ Note that on Windows,``line buffered'' means ``unbuffered'', so that
+ WinDump will write each character individually if
+ .B \-l
+ is specified.
+ .IP
+ .B \-U
+ is similar to
+ .B \-l
+ in its behavior, but it will cause output to be ``packet-buffered'', so
+ that the output is written to stdout at the end of each packet rather
+ than at the end of each line; this is buffered on all platforms,
+ including Windows.
  .TP
  .B \-L
  List the known data link types for the interface, in the specified mode,
@@@ -511,11 -540,20 +540,20 @@@ on each dump line
  Print undecoded NFS handles.
  .TP
  .B \-U
- Make output saved via the
+ If the
+ .B \-w
+ option is not specified, make the printed packet output
+ ``packet-buffered''; i.e., as the description of the contents of each
+ packet is printed, it will be written to the standard output, rather
+ than, when not writing to a terminal, being written only when the output
+ buffer fills.
+ .IP
+ If the
  .B \-w
- option ``packet-buffered''; i.e., as each packet is saved, it will be
- written to the output file, rather than being written only when the
- output buffer fills.
+ option is specified, make the saved raw packet output
+ ``packet-buffered''; i.e., as each packet is saved, it will be written
+ to the output file, rather than being written only when the output
+ buffer fills.
  .IP
  The
  .B \-U
@@@ -557,6 -595,13 +595,13 @@@ Write the raw packets to \fIfile\fR rat
  them out.
  They can later be printed with the \-r option.
  Standard output is used if \fIfile\fR is ``-''.
+ .IP
+ This output will be buffered if written to a file or pipe, so a program
+ reading from the file or pipe may not see packets for an arbitrary
+ amount of time after they are received.  Use the
+ .B \-U
+ flag to cause packets to be written as soon as they are received.
+ .IP
  See
  .BR pcap-savefile (@MAN_FILE_FORMATS@)
  for a description of the file format.
@@@ -1661,7 -1706,7 +1706,7 @@@ is made to account for the time lag bet
  Ethernet interface removed the packet from the wire and when the kernel
  serviced the `new packet' interrupt.
  .SH "SEE ALSO"
 -stty(1), pcap(3PCAP), bpf(4), nit(4P), pcap-savefile(@MAN_FILE_FORMATS@),
 +stty(1), pcap(3), bpf(4), pcap-savefile(@MAN_FILE_FORMATS@),
  pcap-filter(@MAN_MISC_INFO@), pcap-tstamp-type(@MAN_MISC_INFO@)
  .SH AUTHORS
  The original authors are: