pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/pkgsrc-2004Q4]: pkgsrc/net Pullup ticket 267 - requested by Adrian Po...
details: https://anonhg.NetBSD.org/pkgsrc/rev/ff4c82bbc9bb
branches: pkgsrc-2004Q4
changeset: 485878:ff4c82bbc9bb
user: salo <salo%pkgsrc.org@localhost>
date: Fri Feb 04 08:02:37 2005 +0000
description:
Pullup ticket 267 - requested by Adrian Portelli
security fix for snort
Revisions pulled up:
- pkgsrc/net/snort/Makefile.common 1.17
- pkgsrc/net/snort/PLIST 1.18
- pkgsrc/net/snort/distinfo 1.24
- pkgsrc/net/snort-mysql/Makefile 1.12
- pkgsrc/net/snort-contrib/DESCR removed
- pkgsrc/net/snort-contrib/Makefile removed
- pkgsrc/net/snort-contrib/PLIST removed
- pkgsrc/net/snort-contrib/distinfo removed
Module Name: pkgsrc
Committed By: adrianp
Date: Fri Jan 28 23:02:41 UTC 2005
Modified Files:
pkgsrc/net/snort: Makefile Makefile.common PLIST
Log Message:
Update to snort 2.3.0
2005-01-25 - Snort 2.3.0 Final Released
* Fixed issue with sfPortscan reporting incorrect IP datagram length.
Thanks Jon Hart for the test case and finding the bug, and Marc Norton
for resolving the issue.
* Threshold/Suppression now prints properly when logging to syslog.
Thanks Sekure for pointing out the problem. Thanks Steve Sturges for
working on the fix.
* Threshold memcap argument now correctly handles non-integer input.
Thanks nnposter for the patch.
* Fixed issue reported by Allan Jensen, where on MacOS X, ppp links were
not decoded properly. Thanks Dan Roelker for the fix.
* Snort manual and FAQ are updated for 2.3. Thanks Jen Harvey for your
work on putting it all together.
2004-12-15 - Snort 2.3.0 RC2 Released
* Small performance improvement to arpspoof and also fixed a problem
where the list of configured IP/MAC entries would contain only one
entry and leaked memory (Jeff Nathan).
* Fixed a problem affecting MacOS X where linking may fail with
non-standard libraries when global symbols are encountered multiple
times (Jeff Nathan).
* Ignore RST|ACK midstream pickup case so we don't get an evasive TCP
alerts. Thanks for the report, Sekure. Thanks Dan Roelker for the fix.
* Moved CheckLogDir() to after parsing snort.conf (for IDS mode) so the
logdir config will work if the default or command-line logdir does not
exist on the system. Thanks Dan Roelker.
* Fixed bug when setting the doe_ptr on a successful pcre match.
It is now set relative to base_ptr. Thanks Steve Sturges for the
fix.
* Added from_beginning and multiplier options for byte_jump.
from_beginning skips bytes from the beginning of the content,
instead of from the location immediately following the number
of bytes to skip. multiplier takes a numeric argument, and
skips x times that number of bytes. Thanks again to Steve Sturges.
* In "fast" output, now log only actual packet contents when UDP
data length is greater than actual data length. Thanks Brian
Caswell for spotting this, and Andrew Mullican for working on the fix.
* Please check the ChangeLog for further details.
2004-11-18 - Snort 2.3.0 RC1 Released
* Added IPS functionality from Snort-Inline. A big thanks to the
Snort-Inline guys (Jed Haile, Rob McMillen, William Metcalf, and Victor
Julien). Also, Thanks Dan Roelker for doing the integrating of
Snort-Inline into the official Snort project.
* Added new portscan detector. The design and implementation was headed
up by Dan Roelker, and included Marc Norton and Jeremy Hewlett.
* Numerous changes for better 64bit Snort support from Jeremy Hewlett and
Marc Norton. Additionally, an --enable-64bit-gcc option was added to
configure. However, there are still some memory alignment issues to
work out before 64bit mode is fully functional, patches are welcomed.
Thanks Chris Baker for doing 64bit testing.
* Added not_established keyword to the flow detection option. This allows
snort to do dynamic firewall rulesets. Experimental for now.
* Added an enforce_state keyword to stream4 so we won't pick up midstream
sessions. This works well for asynchronous links and also for
just monitoring legitimate traffic.
* Relocated ./contrib files to http://www.snort.org/dl/contrib as many
are not maintained by Sourcefire and are out of date. The rpm and
schema files have been relocated in their respective 'rpm' and 'schemas'
directories under the snort parent directory.
* perfmonitor config line can now be configured with "accumulate" or
"reset." Thanks Marc Norton for the feature, and Barry Basselgia for
pointing out the issue. Thanks Scott Dexter and Andreas Ostling for
doing some initial testing.
* Fixed 64-bit bug in sfmemcap.c found and tested by Ryan Matteson
and Clay McClure. Thanks guys.
* Fixed reference times to match log time for first packet, for an event
generated by a reassembled packet. Incremented event ID to give
unique ID for each packet. Also made unified logging compatible with
Windows. Thanks Andrew Mullican for the fix.
* Fixed linux perfmonitoring stats for the 2.6 kernel. Thanks to
everyone that reported this bug. Thanks Dan Roelker for the fix.
* Get thresholding/suppression to work for alerts that do not
contain an ip header (primarily decode alerts). Thanks
Brian Caswell.
* Fix conditions where snort would log double web alerts that
contained only content options (no uricontents). Thanks to kawa for
finding and reporting this bug.
* Fix suppression/thresholding bug for non-rule alerts. Thanks to
Alex Butcher for reporting it to us.
* Many other bug fixes, please check the ChangeLog for details.
---
Module Name: pkgsrc
Committed By: taca
Date: Sat Jan 29 03:27:58 UTC 2005
Modified Files:
pkgsrc/net/snort: distinfo
Log Message:
Update distinfo for snort-2.3.0.
---
Module Name: pkgsrc
Committed By: adrianp
Date: Fri Jan 28 23:03:59 UTC 2005
Modified Files:
pkgsrc/net/snort-mysql: Makefile
Log Message:
Sync and minor tidy up for snort 2.3.0 release.
---
Module Name: pkgsrc
Committed By: adrianp
Date: Fri Jan 28 22:51:27 UTC 2005
Removed Files:
pkgsrc/net/snort-contrib: DESCR Makefile PLIST distinfo
Log Message:
As of snort 2.3.0 all contrib files are now available from:
http://www.snort.org/dl/contrib/
diffstat:
net/Makefile | 3 +-
net/snort-contrib/DESCR | 13 -
net/snort-contrib/Makefile | 54 -----
net/snort-contrib/PLIST | 21 --
net/snort-contrib/distinfo | 4 -
net/snort-mysql/Makefile | 4 +-
net/snort/Makefile.common | 5 +-
net/snort/PLIST | 431 ++++++++++++++++++++++++++++++++++++++++++++-
net/snort/distinfo | 6 +-
9 files changed, 431 insertions(+), 110 deletions(-)
diffs (truncated from 706 to 300 lines):
diff -r 76136b3cdb2d -r ff4c82bbc9bb net/Makefile
--- a/net/Makefile Thu Feb 03 23:31:47 2005 +0000
+++ b/net/Makefile Fri Feb 04 08:02:37 2005 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile,v 1.521 2004/12/09 15:43:13 wiz Exp $
+# $NetBSD: Makefile,v 1.521.2.1 2005/02/04 08:02:37 salo Exp $
#
COMMENT= Networking tools
@@ -332,7 +332,6 @@
SUBDIR+= smokeping
SUBDIR+= sniffit
SUBDIR+= snort
-SUBDIR+= snort-contrib
SUBDIR+= snort-mysql
SUBDIR+= snort-pgsql
SUBDIR+= socat
diff -r 76136b3cdb2d -r ff4c82bbc9bb net/snort-contrib/DESCR
--- a/net/snort-contrib/DESCR Thu Feb 03 23:31:47 2005 +0000
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,13 +0,0 @@
- Snort is a libpcap-based packet sniffer/logger which can be used
-as a lightweight network intrusion detection system. It features
-rules based logging and can perform protocol analysis, content
-searching/matching and can be used to detect a variety of attacks
-and probes, such as buffer overflows, stealth port scans, CGI
-attacks, SMB probes, OS fingerprinting attempts, and much more.
-
- Snort has a real-time alerting capability, with alerts being sent
-to syslog or a separate "alert" file. As of version 1.1 it can
-also send WinPopup messages via Samba.
-
-This package contains the files from the contrib directory of the snort
-tarball.
diff -r 76136b3cdb2d -r ff4c82bbc9bb net/snort-contrib/Makefile
--- a/net/snort-contrib/Makefile Thu Feb 03 23:31:47 2005 +0000
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,54 +0,0 @@
-# $NetBSD: Makefile,v 1.1.1.1 2004/09/22 15:01:35 adrianp Exp $
-
-DISTNAME= snort-2.2.0
-PKGNAME= ${DISTNAME:S/-/-contrib-/}
-CATEGORIES= net security
-MASTER_SITES= http://www.snort.org/dl/ \
- ftp://the.wiretapped.net/pub/security/network-intrusion-detection/snort/ \
- ftp://gd.tuwien.ac.at/infosys/security/snort/dl/
-
-MAINTAINER= adrianp%NetBSD.org@localhost
-HOMEPAGE= http://www.snort.org/
-COMMENT= Network Intrusion Detection System (contrib files)
-
-USE_BUILDLINK3= NO
-NO_CONFIGURE= YES
-NO_BUILD= YES
-USE_PERL5= YES
-
-SNORTDIR= ${PREFIX}/share/snort
-CONTRIBDIR= ${WRKSRC}/contrib
-REPLACE_PERL= contrib/regen-sidmap contrib/snort-sort.pl \
- contrib/snort2html.pl contrib/snort_stat.pl snortlog
-
-SUBST_CLASSES= paths
-SUBST_STAGE.paths= post-patch
-SUBST_FILES.paths= contrib/address_config.sh contrib/S99snort
-SUBST_SED.paths= -e "s|/bin/sh|${SH}|g" \
- -e "s|/usr/local/bin|${PREFIX}/bin|g" \
- -e "s|/bin/bash|${SH}|g" \
- -e "s|/usr/local/share/snort/snort.conf|${PKG_SYSCONFDIR}|g" \
-
-do-install:
- ${INSTALL_DATA_DIR} ${SNORTDIR}
- ${INSTALL_SCRIPT} ${CONTRIBDIR}/S99snort ${SNORTDIR}
- ${INSTALL_SCRIPT} ${CONTRIBDIR}/address_config.sh ${SNORTDIR}
- ${INSTALL_DATA} ${CONTRIBDIR}/ms_unicode_generator.c ${SNORTDIR}
- ${INSTALL_DATA} ${CONTRIBDIR}/mysql.php3 ${SNORTDIR}
- ${INSTALL_DATA} ${CONTRIBDIR}/Spade-092200.1.tar.gz ${SNORTDIR}
- ${INSTALL_DATA} ${CONTRIBDIR}/Guardian.tar.gz ${SNORTDIR}
- ${INSTALL_DATA} ${CONTRIBDIR}/Net-SnortLog-0.1.tar.gz ${SNORTDIR}
- ${INSTALL_DATA} ${CONTRIBDIR}/passiveOS.tar.gz ${SNORTDIR}
- ${INSTALL_DATA} ${CONTRIBDIR}/perfstats.c ${SNORTDIR}
- ${INSTALL_DATA} ${CONTRIBDIR}/pgsql.php3 ${SNORTDIR}
- ${INSTALL_SCRIPT} ${CONTRIBDIR}/regen-sidmap ${SNORTDIR}
- ${INSTALL_SCRIPT} ${CONTRIBDIR}/snort-sort.pl ${SNORTDIR}
- ${INSTALL_SCRIPT} ${CONTRIBDIR}/snort2html.pl ${SNORTDIR}
- ${INSTALL_SCRIPT} ${CONTRIBDIR}/snort_stat.pl ${SNORTDIR}
- ${INSTALL_SCRIPT} ${CONTRIBDIR}/snortlog ${SNORTDIR}
- ${INSTALL_DATA} ${CONTRIBDIR}/snortdb-extra.gz ${SNORTDIR}
- ${INSTALL_DATA} ${CONTRIBDIR}/snortnet.tar.gz ${SNORTDIR}
- ${INSTALL_DATA} ${CONTRIBDIR}/snortpp.c ${SNORTDIR}
- ${INSTALL_DATA} ${CONTRIBDIR}/snortwatch-0.7.tar.gz ${SNORTDIR}
-
-.include "../../mk/bsd.pkg.mk"
diff -r 76136b3cdb2d -r ff4c82bbc9bb net/snort-contrib/PLIST
--- a/net/snort-contrib/PLIST Thu Feb 03 23:31:47 2005 +0000
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,21 +0,0 @@
-@comment $NetBSD: PLIST,v 1.1.1.1 2004/09/22 15:01:36 adrianp Exp $
-share/snort/Guardian.tar.gz
-share/snort/Net-SnortLog-0.1.tar.gz
-share/snort/S99snort
-share/snort/Spade-092200.1.tar.gz
-share/snort/address_config.sh
-share/snort/ms_unicode_generator.c
-share/snort/mysql.php3
-share/snort/passiveOS.tar.gz
-share/snort/perfstats.c
-share/snort/pgsql.php3
-share/snort/regen-sidmap
-share/snort/snort-sort.pl
-share/snort/snort2html.pl
-share/snort/snort_stat.pl
-share/snort/snortdb-extra.gz
-share/snort/snortlog
-share/snort/snortnet.tar.gz
-share/snort/snortpp.c
-share/snort/snortwatch-0.7.tar.gz
-@unexec ${RMDIR} %D/share/snort 2>/dev/null || ${TRUE}
diff -r 76136b3cdb2d -r ff4c82bbc9bb net/snort-contrib/distinfo
--- a/net/snort-contrib/distinfo Thu Feb 03 23:31:47 2005 +0000
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,4 +0,0 @@
-$NetBSD: distinfo,v 1.1.1.1 2004/09/22 15:01:36 adrianp Exp $
-
-SHA1 (snort-2.2.0.tar.gz) = 80975f71ac2e6d123b881b60b49e97b96264045d
-Size (snort-2.2.0.tar.gz) = 2498466 bytes
diff -r 76136b3cdb2d -r ff4c82bbc9bb net/snort-mysql/Makefile
--- a/net/snort-mysql/Makefile Thu Feb 03 23:31:47 2005 +0000
+++ b/net/snort-mysql/Makefile Fri Feb 04 08:02:37 2005 +0000
@@ -1,9 +1,8 @@
-# $NetBSD: Makefile,v 1.11 2004/10/29 05:59:24 jdolecek Exp $
+# $NetBSD: Makefile,v 1.11.2.1 2005/02/04 08:02:38 salo Exp $
.include "../../net/snort/Makefile.common"
PKGNAME= ${DISTNAME:S/-/-mysql-/}
-PKGREVISION= 1
COMMENT= Network Intrusion Detection System (with MySQL support)
@@ -19,5 +18,4 @@
LDFLAGS+= ${BUILDLINK_LDFLAGS.mysql-client}
.include "../../mk/mysql.buildlink3.mk"
-
.include "../../mk/bsd.pkg.mk"
diff -r 76136b3cdb2d -r ff4c82bbc9bb net/snort/Makefile.common
--- a/net/snort/Makefile.common Thu Feb 03 23:31:47 2005 +0000
+++ b/net/snort/Makefile.common Fri Feb 04 08:02:37 2005 +0000
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile.common,v 1.16 2004/09/21 15:50:26 adrianp Exp $
+# $NetBSD: Makefile.common,v 1.16.2.1 2005/02/04 08:02:37 salo Exp $
#
-DISTNAME= snort-2.2.0
+DISTNAME= snort-2.3.0
CATEGORIES= net security
MASTER_SITES= http://www.snort.org/dl/ \
ftp://the.wiretapped.net/pub/security/network-intrusion-detection/snort/ \
@@ -80,7 +80,6 @@
${INSTALL_DATA} $$i ${PREFIX}/share/snort/rules ; \
done
${INSTALL_MAN} ${WRKSRC}/snort.8 ${PREFIX}/man/man8
- ${INSTALL_DATA} ${WRKSRC}/contrib/create_* ${SNORTDIR}
.include "../../devel/pcre/buildlink3.mk"
.include "../../net/libpcap/buildlink3.mk"
diff -r 76136b3cdb2d -r ff4c82bbc9bb net/snort/PLIST
--- a/net/snort/PLIST Thu Feb 03 23:31:47 2005 +0000
+++ b/net/snort/PLIST Fri Feb 04 08:02:37 2005 +0000
@@ -1,15 +1,15 @@
-@comment $NetBSD: PLIST,v 1.17 2004/09/23 20:01:34 adrianp Exp $
+@comment $NetBSD: PLIST,v 1.17.2.1 2005/02/04 08:02:38 salo Exp $
bin/snort
man/man8/snort.8
share/doc/snort/AUTHORS
share/doc/snort/BUGS
share/doc/snort/CREDITS
-share/doc/snort/FAQ
share/doc/snort/INSTALL
share/doc/snort/NEWS
share/doc/snort/PROBLEMS
share/doc/snort/README
share/doc/snort/README.FLEXRESP
+share/doc/snort/README.INLINE
share/doc/snort/README.PLUGINS
share/doc/snort/README.UNSOCK
share/doc/snort/README.WIN32
@@ -22,12 +22,15 @@
share/doc/snort/README.flow-portscan
share/doc/snort/README.flowbits
share/doc/snort/README.http_inspect
+share/doc/snort/README.sfportscan
share/doc/snort/README.thresholding
share/doc/snort/README.wireless
share/doc/snort/RULES.todo
share/doc/snort/TODO
share/doc/snort/USAGE
share/doc/snort/WISHLIST
+share/doc/snort/faq.pdf
+share/doc/snort/faq.tex
share/doc/snort/signatures/1000.txt
share/doc/snort/signatures/1001.txt
share/doc/snort/signatures/1002.txt
@@ -141,6 +144,23 @@
share/doc/snort/signatures/1107.txt
share/doc/snort/signatures/1108.txt
share/doc/snort/signatures/1109.txt
+share/doc/snort/signatures/111-1.txt
+share/doc/snort/signatures/111-10.txt
+share/doc/snort/signatures/111-11.txt
+share/doc/snort/signatures/111-12.txt
+share/doc/snort/signatures/111-13.txt
+share/doc/snort/signatures/111-14.txt
+share/doc/snort/signatures/111-15.txt
+share/doc/snort/signatures/111-16.txt
+share/doc/snort/signatures/111-17.txt
+share/doc/snort/signatures/111-2.txt
+share/doc/snort/signatures/111-3.txt
+share/doc/snort/signatures/111-4.txt
+share/doc/snort/signatures/111-5.txt
+share/doc/snort/signatures/111-6.txt
+share/doc/snort/signatures/111-7.txt
+share/doc/snort/signatures/111-8.txt
+share/doc/snort/signatures/111-9.txt
share/doc/snort/signatures/111.txt
share/doc/snort/signatures/1110.txt
share/doc/snort/signatures/1111.txt
@@ -1765,43 +1785,444 @@
share/doc/snort/signatures/2653.txt
share/doc/snort/signatures/2654.txt
share/doc/snort/signatures/2655.txt
+share/doc/snort/signatures/2656.txt
+share/doc/snort/signatures/2657.txt
+share/doc/snort/signatures/2658.txt
+share/doc/snort/signatures/2659.txt
share/doc/snort/signatures/266.txt
+share/doc/snort/signatures/2660.txt
+share/doc/snort/signatures/2661.txt
+share/doc/snort/signatures/2662.txt
+share/doc/snort/signatures/2663.txt
+share/doc/snort/signatures/2664.txt
+share/doc/snort/signatures/2665.txt
+share/doc/snort/signatures/2666.txt
+share/doc/snort/signatures/2667.txt
+share/doc/snort/signatures/2668.txt
+share/doc/snort/signatures/2669.txt
share/doc/snort/signatures/267.txt
+share/doc/snort/signatures/2670.txt
+share/doc/snort/signatures/2671.txt
+share/doc/snort/signatures/2672.txt
+share/doc/snort/signatures/2673.txt
+share/doc/snort/signatures/2674.txt
+share/doc/snort/signatures/2675.txt
+share/doc/snort/signatures/2676.txt
+share/doc/snort/signatures/2677.txt
+share/doc/snort/signatures/2678.txt
+share/doc/snort/signatures/2679.txt
share/doc/snort/signatures/268.txt
+share/doc/snort/signatures/2680.txt
+share/doc/snort/signatures/2681.txt
+share/doc/snort/signatures/2682.txt
+share/doc/snort/signatures/2683.txt
+share/doc/snort/signatures/2684.txt
+share/doc/snort/signatures/2685.txt
+share/doc/snort/signatures/2686.txt
+share/doc/snort/signatures/2687.txt
+share/doc/snort/signatures/2688.txt
+share/doc/snort/signatures/2689.txt
share/doc/snort/signatures/269.txt
+share/doc/snort/signatures/2690.txt
+share/doc/snort/signatures/2691.txt
+share/doc/snort/signatures/2692.txt
+share/doc/snort/signatures/2693.txt
+share/doc/snort/signatures/2694.txt
+share/doc/snort/signatures/2695.txt
+share/doc/snort/signatures/2696.txt
+share/doc/snort/signatures/2697.txt
+share/doc/snort/signatures/2698.txt
+share/doc/snort/signatures/2699.txt
share/doc/snort/signatures/270.txt
+share/doc/snort/signatures/2700.txt
+share/doc/snort/signatures/2701.txt
+share/doc/snort/signatures/2702.txt
+share/doc/snort/signatures/2703.txt
+share/doc/snort/signatures/2704.txt
+share/doc/snort/signatures/2705.txt
+share/doc/snort/signatures/2706.txt
+share/doc/snort/signatures/2707.txt
+share/doc/snort/signatures/2708.txt
+share/doc/snort/signatures/2709.txt
share/doc/snort/signatures/271.txt
+share/doc/snort/signatures/2710.txt
+share/doc/snort/signatures/2711.txt
+share/doc/snort/signatures/2712.txt
+share/doc/snort/signatures/2713.txt
+share/doc/snort/signatures/2714.txt
+share/doc/snort/signatures/2715.txt
+share/doc/snort/signatures/2716.txt
+share/doc/snort/signatures/2717.txt
+share/doc/snort/signatures/2718.txt
Home |
Main Index |
Thread Index |
Old Index