pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/net/snort Update snort to 2.4.1
details: https://anonhg.NetBSD.org/pkgsrc/rev/0f7ac94b599b
branches: trunk
changeset: 499353:0f7ac94b599b
user: adrianp <adrianp%pkgsrc.org@localhost>
date: Tue Sep 20 18:01:26 2005 +0000
description:
Update snort to 2.4.1
>From the ChangeLog:
> 2005-09-16 - Snort 2.4.1 Released
> [*] New additions
> * Added a -K command line option to manually select the logging mode using
> a single switch. The -b and -N switches will be deprecated in version
> 2.7. Pcap logging is now the default for Snort at startup, use "-K ascii"
> to revert to old behavior.
>
> [*] Improvements
> * Win32 version now supports winpcap 3.1 and MySQL client 4.13.
> * Added event on zero-length RPC fragments.
> * Fixed TCP SACK processing for text based outputs that could result in a
> DoS.
> * General improvements to frag3 including Teardrop detection fix.
> * Fixed a bug in the PPPoE decoder.
> * Added patch for time stats from Bill Parker. Enable with configure
> --enable-timestats.
> * Fixed IDS mode bailing at startup if logdir is specified in snort.conf
> and /var/log/snort doesn't exist.
> * Added decoder for IPEnc for OpenBSD. Thanks Jason Ish for the patch
> (long time ago) and Chris Kuethe for reraising the issue.
> * Allow snort to use usernames (-u) and groupnames (-g) that include
> numbers. Thanks to Shaick for the patch.
> * Fixed broken -T option.
> * Change ip_proto to ip for portscan configuration. Thanks David Bianco
> for pointing this out.
> * Fix for prelude initialization. Thanks Yoann Vandoorselaere for the
> update.
> * For content matches, when subsequent rule options fail, start searching
> again in correct location.
> * Updated Win32 to handle pflog patch.
> * Added support for new OpenBSD pflog format. Older pflog format,
> OpenBSD 3.3 and earlier is still supported. Thanks Breno Leitao
> and Christian Reis for the patch.
> * Added statistics counter for ETH_LOOPBACK packets. Thanks rmkml
> for the patch.
diffstat:
net/snort/Makefile.common | 5 +-
net/snort/distinfo | 9 +-
net/snort/patches/patch-af | 117 ---------------------------------------------
3 files changed, 6 insertions(+), 125 deletions(-)
diffs (153 lines):
diff -r b99dd17ba285 -r 0f7ac94b599b net/snort/Makefile.common
--- a/net/snort/Makefile.common Tue Sep 20 14:18:02 2005 +0000
+++ b/net/snort/Makefile.common Tue Sep 20 18:01:26 2005 +0000
@@ -1,8 +1,7 @@
-# $NetBSD: Makefile.common,v 1.24 2005/09/14 12:46:52 adrianp Exp $
+# $NetBSD: Makefile.common,v 1.25 2005/09/20 18:01:26 adrianp Exp $
#
-DISTNAME= snort-2.4.0
-PKGREVISION= 1
+DISTNAME= snort-2.4.1
CATEGORIES= net security
MASTER_SITES= http://www.snort.org/dl/current/ \
ftp://the.wiretapped.net/pub/security/network-intrusion-detection/snort/ \
diff -r b99dd17ba285 -r 0f7ac94b599b net/snort/distinfo
--- a/net/snort/distinfo Tue Sep 20 14:18:02 2005 +0000
+++ b/net/snort/distinfo Tue Sep 20 18:01:26 2005 +0000
@@ -1,10 +1,9 @@
-$NetBSD: distinfo,v 1.29 2005/09/14 12:46:52 adrianp Exp $
+$NetBSD: distinfo,v 1.30 2005/09/20 18:01:26 adrianp Exp $
-SHA1 (snort-2.4.0.tar.gz) = 9fb3fd59a9bb0a4232beece59f21cc4f346545bb
-RMD160 (snort-2.4.0.tar.gz) = 8a7e602e5ae8f86d8849bdffc2c259668cf0eedc
-Size (snort-2.4.0.tar.gz) = 2126176 bytes
+SHA1 (snort-2.4.1.tar.gz) = 9aa408848ce3c1958e8a1854332800366376f1d6
+RMD160 (snort-2.4.1.tar.gz) = d0926557579e5bd0f5e73d749e43412738f823e1
+Size (snort-2.4.1.tar.gz) = 2695304 bytes
SHA1 (patch-aa) = f8cd982f2fbc5ed828bf021a489097408f1c9d43
SHA1 (patch-ab) = 0ea7deb91de5d3d68558a30e80dcbd8bd81f8a5e
SHA1 (patch-ac) = 6cdf26fcaeb8dad9cd9562b77377bd56b49c9f38
SHA1 (patch-ae) = 4a669e664ccbce2b9e689fe3d281c46f6549b72c
-SHA1 (patch-af) = ac7f9d6c97c07712a1d2faba0cec2fa0ad1674da
diff -r b99dd17ba285 -r 0f7ac94b599b net/snort/patches/patch-af
--- a/net/snort/patches/patch-af Tue Sep 20 14:18:02 2005 +0000
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,117 +0,0 @@
-$NetBSD: patch-af,v 1.1 2005/09/14 12:46:52 adrianp Exp $
-
---- src/log.c.orig 2005-07-11 15:41:40.000000000 +0100
-+++ src/log.c 2005-08-23 16:52:19.000000000 +0100
-@@ -1478,7 +1478,10 @@
- {
- for(j = 0; j < p->ip_options[i].len; j++)
- {
-- fprintf(fp, "%02X", p->ip_options[i].data[j]);
-+ if (p->ip_options[i].data)
-+ fprintf(fp, "%02X", p->ip_options[i].data[j]);
-+ else
-+ fprintf(fp, "%02X", 0);
-
- if((j % 2) == 0)
- fprintf(fp, " ");
-@@ -1522,7 +1525,8 @@
- case TCPOPT_MAXSEG:
- bzero((char *) tmp, 5);
- fwrite("MSS: ", 5, 1, fp);
-- memcpy(tmp, p->tcp_options[i].data, 2);
-+ if (p->tcp_options[i].data)
-+ memcpy(tmp, p->tcp_options[i].data, 2);
- fprintf(fp, "%u ", EXTRACT_16BITS(tmp));
- break;
-
-@@ -1535,15 +1539,20 @@
- break;
-
- case TCPOPT_WSCALE:
-- fprintf(fp, "WS: %u ", p->tcp_options[i].data[0]);
-+ if (p->tcp_options[i].data)
-+ fprintf(fp, "WS: %u ", p->tcp_options[i].data[0]);
-+ else
-+ fprintf(fp, "WS: %u ", 0);
- break;
-
- case TCPOPT_SACK:
- bzero((char *) tmp, 5);
-- memcpy(tmp, p->tcp_options[i].data, 2);
-+ if (p->tcp_options[i].data)
-+ memcpy(tmp, p->tcp_options[i].data, 2);
- fprintf(fp, "Sack: %u@", EXTRACT_16BITS(tmp));
- bzero((char *) tmp, 5);
-- memcpy(tmp, (p->tcp_options[i].data) + 2, 2);
-+ if (p->tcp_options[i].data)
-+ memcpy(tmp, (p->tcp_options[i].data) + 2, 2);
- fprintf(fp, "%u ", EXTRACT_16BITS(tmp));
- break;
-
-@@ -1553,40 +1562,47 @@
-
- case TCPOPT_ECHO:
- bzero((char *) tmp, 5);
-- memcpy(tmp, p->tcp_options[i].data, 4);
-+ if (p->tcp_options[i].data)
-+ memcpy(tmp, p->tcp_options[i].data, 4);
- fprintf(fp, "Echo: %u ", EXTRACT_32BITS(tmp));
- break;
-
- case TCPOPT_ECHOREPLY:
- bzero((char *) tmp, 5);
-- memcpy(tmp, p->tcp_options[i].data, 4);
-+ if (p->tcp_options[i].data)
-+ memcpy(tmp, p->tcp_options[i].data, 4);
- fprintf(fp, "Echo Rep: %u ", EXTRACT_32BITS(tmp));
- break;
-
- case TCPOPT_TIMESTAMP:
- bzero((char *) tmp, 5);
-- memcpy(tmp, p->tcp_options[i].data, 4);
-+ if (p->tcp_options[i].data)
-+ memcpy(tmp, p->tcp_options[i].data, 4);
- fprintf(fp, "TS: %u ", EXTRACT_32BITS(tmp));
- bzero((char *) tmp, 5);
-- memcpy(tmp, (p->tcp_options[i].data) + 4, 4);
-+ if (p->tcp_options[i].data)
-+ memcpy(tmp, (p->tcp_options[i].data) + 4, 4);
- fprintf(fp, "%u ", EXTRACT_32BITS(tmp));
- break;
-
- case TCPOPT_CC:
- bzero((char *) tmp, 5);
-- memcpy(tmp, p->tcp_options[i].data, 4);
-+ if (p->tcp_options[i].data)
-+ memcpy(tmp, p->tcp_options[i].data, 4);
- fprintf(fp, "CC %u ", EXTRACT_32BITS(tmp));
- break;
-
- case TCPOPT_CCNEW:
- bzero((char *) tmp, 5);
-- memcpy(tmp, p->tcp_options[i].data, 4);
-+ if (p->tcp_options[i].data)
-+ memcpy(tmp, p->tcp_options[i].data, 4);
- fprintf(fp, "CCNEW: %u ", EXTRACT_32BITS(tmp));
- break;
-
- case TCPOPT_CCECHO:
- bzero((char *) tmp, 5);
-- memcpy(tmp, p->tcp_options[i].data, 4);
-+ if (p->tcp_options[i].data)
-+ memcpy(tmp, p->tcp_options[i].data, 4);
- fprintf(fp, "CCECHO: %u ", EXTRACT_32BITS(tmp));
- break;
-
-@@ -1598,7 +1614,10 @@
-
- for(j = 0; j < p->tcp_options[i].len; j++)
- {
-- fprintf(fp, "%02X", p->tcp_options[i].data[j]);
-+ if (p->tcp_options[i].data)
-+ fprintf(fp, "%02X", p->tcp_options[i].data[j]);
-+ else
-+ fprintf(fp, "%02X", 0);
-
- if((j % 2) == 0)
- fprintf(fp, " ");
Home |
Main Index |
Thread Index |
Old Index