pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/net Update to version 2.1.0.
details: https://anonhg.NetBSD.org/pkgsrc/rev/89d0b300a62d
branches: trunk
changeset: 465506:89d0b300a62d
user: salo <salo%pkgsrc.org@localhost>
date: Wed Dec 31 14:11:42 2003 +0000
description:
Update to version 2.1.0.
Changes:
2.1.0:
======
- A new connection tracking module, Flow (replaces conversation)
- A new portscan detector based off of Flow, Flow-Portscan (replaces
portscan2)
- A new http preprocessor, HttpInspect (replaces http_decode)
- Alert Thresholding and Suppression
- PCRE rule keyword (Perl Compat Regular Expressions)
- isdataat rule keyword (buffer length detection)
- A ton of new and updated rules.
2.0.6:
======
- 64-bit update for detection engine. (Thanks, Silio d'Angelo)
- Added better PPP decoding. (Thanks Jesper Peterson)
- Updated ip_proto optimization for high-speed detection engine.
- Fixed infinite loop problem that was introduced by the recursive pattern
matching patch. Reported by Lawrence Reed, thanks for testing out the
changes for us!
- Various changes to help respond (version 1) work a little better.
- spp_http_decode 64-bit patch from Dirk Mueller.
- Out-of-order ACK problem from Andrew Rucker. Also, updated stream4 to the
most recent version from HEAD.
- Minor fixes to tagging related to 'src' and 'dst' directives
- When counting one byte patterns in 'ningroup' added a check for
psLen==1 (wu-manber pattern matcher). Thanks Josh Sakofsky and Dennis
McGuire for helping us test this.
2.0.5:
======
- Stream4 fixes from Andrew Rucker Jones.
- Allow memcap to be configured for threshold features.
2.0.4:
======
- Fixed a core dump introduced with 2.0.3 when dealing with negated patterns
2.0.3:
======
- doe_ptr handling in byte_test/byte_jump slightly modified to work
better with the pcre patch
- content processing is now recursive to make distance/within processing
better ( thanks to Shai Rubin for patch! )
- fixed a bug in the mwm.c pattern matcher that resulted in some alerts
not firing in a particular configuration of rules
2.0.2:
======
- Added Thresholding and Suppression features (Marc Norton/Sourcefire)
- Fixed TCP RST processing bug found (Shai Rubin)
- Cleanup of spp_arpspoof (Jeff Nathan)
- Cleanup of win32 version including proper Event Log support (Chris Reid)
- Munged data fixes for stream4 (Chris Green)
diffstat:
net/snort-mysql/Makefile | 11 +-
net/snort-pgsql/Makefile | 9 +-
net/snort/Makefile | 5 +-
net/snort/Makefile.common | 31 +-
net/snort/PLIST | 880 ++++++++++++++++++++++++++++++++++++++++++++-
net/snort/distinfo | 8 +-
net/snort/patches/patch-ae | 10 +-
7 files changed, 913 insertions(+), 41 deletions(-)
diffs (truncated from 1649 to 300 lines):
diff -r 514f10dd68be -r 89d0b300a62d net/snort-mysql/Makefile
--- a/net/snort-mysql/Makefile Wed Dec 31 13:31:00 2003 +0000
+++ b/net/snort-mysql/Makefile Wed Dec 31 14:11:42 2003 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile,v 1.7 2003/07/26 11:13:49 salo Exp $
+# $NetBSD: Makefile,v 1.8 2003/12/31 14:11:42 salo Exp $
#
.include "../../net/snort/Makefile.common"
@@ -10,17 +10,14 @@
CONFLICTS+= snort-[0-9]*
CONFLICTS+= snort-pgsql-[0-9]*
-USE_BUILDLINK2= YES
-
-CONFIGURE_ARGS+= --with-mysql=${BUILDLINK_PREFIX.mysql-client}
-LDFLAGS+= ${BUILDLINK_LDFLAGS.mysql-client}
-
PKGDIR= ${.CURDIR}/../../net/snort
FILESDIR= ${PKGDIR}/files
PATCHDIR= ${PKGDIR}/patches
DISTINFO_FILE= ${PKGDIR}/distinfo
+CONFIGURE_ARGS+= --with-mysql=${BUILDLINK_PREFIX.mysql-client}
+LDFLAGS+= ${BUILDLINK_LDFLAGS.mysql-client}
+
.include "../../databases/mysql-client/buildlink2.mk"
-.include "../../net/libpcap/buildlink2.mk"
.include "../../mk/bsd.pkg.mk"
diff -r 514f10dd68be -r 89d0b300a62d net/snort-pgsql/Makefile
--- a/net/snort-pgsql/Makefile Wed Dec 31 13:31:00 2003 +0000
+++ b/net/snort-pgsql/Makefile Wed Dec 31 14:11:42 2003 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile,v 1.11 2003/07/26 11:13:50 salo Exp $
+# $NetBSD: Makefile,v 1.12 2003/12/31 14:11:42 salo Exp $
#
.include "../../net/snort/Makefile.common"
@@ -10,16 +10,13 @@
CONFLICTS+= snort-[0-9]*
CONFLICTS+= snort-mysql-[0-9]*
-USE_BUILDLINK2= YES
-
-CONFIGURE_ARGS+= --with-postgresql=${BUILDLINK_PREFIX.postgresql-lib}
-
PKGDIR= ${.CURDIR}/../../net/snort
FILESDIR= ${PKGDIR}/files
PATCHDIR= ${PKGDIR}/patches
DISTINFO_FILE= ${PKGDIR}/distinfo
+CONFIGURE_ARGS+= --with-postgresql=${BUILDLINK_PREFIX.postgresql-lib}
+
.include "../../databases/postgresql-lib/buildlink2.mk"
-.include "../../net/libpcap/buildlink2.mk"
.include "../../mk/bsd.pkg.mk"
diff -r 514f10dd68be -r 89d0b300a62d net/snort/Makefile
--- a/net/snort/Makefile Wed Dec 31 13:31:00 2003 +0000
+++ b/net/snort/Makefile Wed Dec 31 14:11:42 2003 +0000
@@ -1,11 +1,8 @@
-# $NetBSD: Makefile,v 1.23 2003/07/26 11:13:16 salo Exp $
+# $NetBSD: Makefile,v 1.24 2003/12/31 14:11:42 salo Exp $
#
.include "Makefile.common"
COMMENT= The Open Source Network Intrusion Detection System
-USE_BUILDLINK2= YES
-
-.include "../../net/libpcap/buildlink2.mk"
.include "../../mk/bsd.pkg.mk"
diff -r 514f10dd68be -r 89d0b300a62d net/snort/Makefile.common
--- a/net/snort/Makefile.common Wed Dec 31 13:31:00 2003 +0000
+++ b/net/snort/Makefile.common Wed Dec 31 14:11:42 2003 +0000
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile.common,v 1.12 2003/09/23 15:43:50 salo Exp $
+# $NetBSD: Makefile.common,v 1.13 2003/12/31 14:11:42 salo Exp $
#
-DISTNAME= snort-2.0.2
+DISTNAME= snort-2.1.0
CATEGORIES= net security
MASTER_SITES= http://www.snort.org/dl/ \
ftp://the.wiretapped.net/pub/security/network-intrusion-detection/snort/ \
@@ -10,6 +10,7 @@
MAINTAINER= salo%NetBSD.org@localhost
HOMEPAGE= http://www.snort.org/
+USE_BUILDLINK2= YES
USE_PKGINSTALL= YES
GNU_CONFIGURE= YES
@@ -30,10 +31,22 @@
OWN_DIRS_PERMS= /var/log/snort ${SNORT_USER} ${SNORT_GROUP} 700
CONF_FILES= ${EGDIR}/snort.conf.default \
${PKG_SYSCONFDIR}/snort.conf
+CONF_FILES+= ${EGDIR}/threshold.conf \
+ ${PKG_SYSCONFDIR}/threshold.conf
CONF_FILES+= ${EGDIR}/classification.config \
${PKG_SYSCONFDIR}/classification.config
CONF_FILES+= ${EGDIR}/reference.config \
${PKG_SYSCONFDIR}/reference.config
+SUPPORT_FILES+= ${EGDIR}/gen-msg.map \
+ ${PKG_SYSCONFDIR}/gen-msg.map
+SUPPORT_FILES+= ${EGDIR}/generators \
+ ${PKG_SYSCONFDIR}/generators
+SUPPORT_FILES+= ${EGDIR}/sid \
+ ${PKG_SYSCONFDIR}/sid
+SUPPORT_FILES+= ${EGDIR}/sid-msg.map \
+ ${PKG_SYSCONFDIR}/sid-msg.map
+SUPPORT_FILES+= ${EGDIR}/unicode.map \
+ ${PKG_SYSCONFDIR}/unicode.map
EGDIR= ${PREFIX}/share/examples/snort
@@ -43,8 +56,11 @@
post-install:
${INSTALL_DATA_DIR} ${EGDIR}
- ${INSTALL_DATA} ${WRKSRC}/etc/classification.config \
- ${WRKSRC}/etc/reference.config \
+ ${INSTALL_DATA} ${WRKSRC}/etc/*.config \
+ ${WRKSRC}/etc/*.map \
+ ${WRKSRC}/etc/generators \
+ ${WRKSRC}/etc/sid \
+ ${WRKSRC}/etc/threshold.conf \
${WRKDIR}/snort.conf.default ${EGDIR}/
${INSTALL_DATA_DIR} ${PREFIX}/share/doc/snort
cd ${WRKSRC}/doc ; \
@@ -55,12 +71,11 @@
${RM} -rf signatures/CVS; \
${PAX} -rw -pm signatures ${PREFIX}/share/doc/snort
${INSTALL_DATA_DIR} ${PREFIX}/share/snort/rules
- cd ${WRKSRC}/etc ; \
- for i in *.map sid ; do \
- ${INSTALL_DATA} $$i ${PREFIX}/share/snort/rules ; \
- done
cd ${WRKSRC}/rules ; \
for i in `${LS} | ${GREP} -v Makefile` ; do \
${INSTALL_DATA} $$i ${PREFIX}/share/snort/rules ; \
done
${INSTALL_MAN} ${WRKSRC}/snort.8 ${PREFIX}/man/man8
+
+.include "../../devel/pcre/buildlink2.mk"
+.include "../../net/libpcap/buildlink2.mk"
diff -r 514f10dd68be -r 89d0b300a62d net/snort/PLIST
--- a/net/snort/PLIST Wed Dec 31 13:31:00 2003 +0000
+++ b/net/snort/PLIST Wed Dec 31 14:11:42 2003 +0000
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.11 2003/09/23 15:43:51 salo Exp $
+@comment $NetBSD: PLIST,v 1.12 2003/12/31 14:11:42 salo Exp $
bin/snort
etc/rc.d/snort
man/man8/snort.8
@@ -11,21 +11,31 @@
share/doc/snort/README
share/doc/snort/README.FLEXRESP
share/doc/snort/README.PLUGINS
+share/doc/snort/README.UNSOCK
+share/doc/snort/README.WIN32
+share/doc/snort/README.alert_order
share/doc/snort/README.csv
share/doc/snort/README.database
+share/doc/snort/README.flow
+share/doc/snort/README.flow-portscan
+share/doc/snort/README.http_inspect
share/doc/snort/README.thresholding
-share/doc/snort/RULES.todo
-share/doc/snort/SnortUsersManual.pdf
+share/doc/snort/README.wireless
share/doc/snort/TODO
share/doc/snort/USAGE
share/doc/snort/signatures/1000.txt
share/doc/snort/signatures/1001.txt
share/doc/snort/signatures/1002.txt
share/doc/snort/signatures/1003.txt
+share/doc/snort/signatures/1004.txt
+share/doc/snort/signatures/1005.txt
share/doc/snort/signatures/1007.txt
share/doc/snort/signatures/1008.txt
share/doc/snort/signatures/1009.txt
+share/doc/snort/signatures/1010.txt
share/doc/snort/signatures/1011.txt
+share/doc/snort/signatures/1012.txt
+share/doc/snort/signatures/1013.txt
share/doc/snort/signatures/1015.txt
share/doc/snort/signatures/1016.txt
share/doc/snort/signatures/1017.txt
@@ -39,9 +49,16 @@
share/doc/snort/signatures/1025.txt
share/doc/snort/signatures/1026.txt
share/doc/snort/signatures/1027.txt
+share/doc/snort/signatures/1028.txt
share/doc/snort/signatures/1029.txt
share/doc/snort/signatures/103.txt
share/doc/snort/signatures/1030.txt
+share/doc/snort/signatures/1031.txt
+share/doc/snort/signatures/1032.txt
+share/doc/snort/signatures/1033.txt
+share/doc/snort/signatures/1034.txt
+share/doc/snort/signatures/1035.txt
+share/doc/snort/signatures/1036.txt
share/doc/snort/signatures/1037.txt
share/doc/snort/signatures/1038.txt
share/doc/snort/signatures/1039.txt
@@ -53,73 +70,218 @@
share/doc/snort/signatures/1044.txt
share/doc/snort/signatures/1045.txt
share/doc/snort/signatures/1046.txt
+share/doc/snort/signatures/1047.txt
+share/doc/snort/signatures/1048.txt
share/doc/snort/signatures/105.txt
share/doc/snort/signatures/1050.txt
+share/doc/snort/signatures/1051.txt
+share/doc/snort/signatures/1052.txt
+share/doc/snort/signatures/1053.txt
share/doc/snort/signatures/1054.txt
share/doc/snort/signatures/1055.txt
+share/doc/snort/signatures/1056.txt
+share/doc/snort/signatures/1057.txt
+share/doc/snort/signatures/1058.txt
+share/doc/snort/signatures/1059.txt
share/doc/snort/signatures/106.txt
+share/doc/snort/signatures/1060.txt
+share/doc/snort/signatures/1061.txt
share/doc/snort/signatures/1062.txt
+share/doc/snort/signatures/1064.txt
+share/doc/snort/signatures/1065.txt
share/doc/snort/signatures/1066.txt
share/doc/snort/signatures/1067.txt
+share/doc/snort/signatures/1068.txt
+share/doc/snort/signatures/1069.txt
share/doc/snort/signatures/107.txt
share/doc/snort/signatures/1070.txt
share/doc/snort/signatures/1071.txt
+share/doc/snort/signatures/1072.txt
share/doc/snort/signatures/1073.txt
share/doc/snort/signatures/1075.txt
share/doc/snort/signatures/1076.txt
+share/doc/snort/signatures/1077.txt
+share/doc/snort/signatures/1078.txt
share/doc/snort/signatures/1079.txt
share/doc/snort/signatures/108.txt
share/doc/snort/signatures/1080.txt
+share/doc/snort/signatures/1081.txt
+share/doc/snort/signatures/1082.txt
+share/doc/snort/signatures/1083.txt
+share/doc/snort/signatures/1084.txt
+share/doc/snort/signatures/1085.txt
+share/doc/snort/signatures/1086.txt
share/doc/snort/signatures/1087.txt
+share/doc/snort/signatures/1088.txt
+share/doc/snort/signatures/1089.txt
share/doc/snort/signatures/109.txt
+share/doc/snort/signatures/1090.txt
+share/doc/snort/signatures/1091.txt
+share/doc/snort/signatures/1092.txt
+share/doc/snort/signatures/1093.txt
share/doc/snort/signatures/1094.txt
+share/doc/snort/signatures/1095.txt
+share/doc/snort/signatures/1096.txt
+share/doc/snort/signatures/1097.txt
+share/doc/snort/signatures/1098.txt
+share/doc/snort/signatures/1099.txt
share/doc/snort/signatures/110.txt
+share/doc/snort/signatures/1100.txt
+share/doc/snort/signatures/1101.txt
+share/doc/snort/signatures/1102.txt
share/doc/snort/signatures/1103.txt
share/doc/snort/signatures/1104.txt
+share/doc/snort/signatures/1105.txt
+share/doc/snort/signatures/1106.txt
+share/doc/snort/signatures/1107.txt
+share/doc/snort/signatures/1108.txt
+share/doc/snort/signatures/1109.txt
share/doc/snort/signatures/111.txt
+share/doc/snort/signatures/1110.txt
+share/doc/snort/signatures/1111.txt
+share/doc/snort/signatures/1112.txt
+share/doc/snort/signatures/1113.txt
+share/doc/snort/signatures/1115.txt
+share/doc/snort/signatures/1116.txt
+share/doc/snort/signatures/1117.txt
+share/doc/snort/signatures/1118.txt
+share/doc/snort/signatures/1119.txt
share/doc/snort/signatures/112.txt
+share/doc/snort/signatures/1120.txt
share/doc/snort/signatures/1122.txt
+share/doc/snort/signatures/1123.txt
+share/doc/snort/signatures/1124.txt
+share/doc/snort/signatures/1125.txt
+share/doc/snort/signatures/1126.txt
+share/doc/snort/signatures/1127.txt
+share/doc/snort/signatures/1128.txt
share/doc/snort/signatures/1129.txt
+share/doc/snort/signatures/1130.txt
+share/doc/snort/signatures/1131.txt
Home |
Main Index |
Thread Index |
Old Index