[pkgsrc/trunk]: pkgsrc/net Updated to version 3.80

[salo <salo%pkgsrc.org@localhost>]

details:   https://anonhg.NetBSD.org/pkgsrc/rev/0c6615e21519
branches:  trunk
changeset: 488697:0c6615e21519
user:      salo <salo%pkgsrc.org@localhost>
date:      Sun Feb 06 21:56:11 2005 +0000

description:
Updated to version 3.80

Changes:

- Nmap now ships with and installs (in the same directory as other
  data files such as nmap-os-fingerprints) an XSL stylesheet for
  rendering the XML output as HTML.  This stylesheet was written by
  Benjamin Erb ( see http://www.benjamin-erb.de/nmap/ for examples).
  It supports tables, version detection, color-coded port states, and
  more.  The XML output has been augmented to include an
  xml-stylesheet directive pointing to nmap.xsl on the local
  filesystem.  You can point to a different XSL file by providing the
  filename or URL to the new --stylesheet argument.  Omit the
  xml-stylesheet directive entirely by specifying --no-stylesheet.
  The XML to HTML conversion can be done with an XSLT processor such
  as Saxon, Sablot, or Xalan, but modern browsers can do this on the
  fly -- simply load the XML output file in IE or Firefox.  Some
  features don't currently work with Firefox's on-the-fly rendering.
  Perhaps some Mozilla wizard can fix that in either the XSL or the
  browser itself.  I hate having things work better in IE :).  It is
  often more convenient to have the stylesheet loaded from a URL
  rather than the local filesystem, allowing the XML to be rendered on
  any machine regardless of whether/where the XSL is installed.  For
  privacy reasons (avoid loading of an external URL when you view
  results), Nmap uses the local filesystem by default.  If you would
  like the latest version of the stylesheet load from the web when
  rendering, specify
  --stylesheet http://www.insecure.org/nmap/data/nmap.xsl .

- Fixed fragmentation option (-f).  One -f now sets sends fragments
  with just 8 bytes after the IP header, while -ff sends 16 bytes to
  reduce the number of fragments needed.  You can specify your own
  fragmentation offset (must be a multiple of 8) with the new --mtu
  flag.  Don't also specify -f if you use --mtu.  Remember that some
  systems (such as Linux with connection tracking) will defragment in
  the kernel anyway -- so test first while sniffing with ethereal.
  These changes are from a patch by Martin Macok
  (martin.macok(a)underground.cz).

- Nmap now prints the number (and total bytes) of raw IP packets sent
  and received when it completes, if verbose mode (-v) is enabled.  The
  report looks like:
  Nmap finished: 256 IP addresses (3 hosts up) scanned in 30.632 seconds
                 Raw packets sent: 7727 (303KB) | Rcvd: 6944 (304KB)

- Fixed (I hope) an error which would cause the Windows version of
  Nmap to abort under some circumstances with the error message
  "Unexpected error in NSE_TYPE_READ callback.  Error code: 10053
  (Unknown error)".  Problem reported by "Tony Golding"
  (biz(a)tonygolding.com).

- Added new "closed|filtered" state.  This is used for Idlescan, since
  that scan method can't distinguish between those two states.  Nmap
  previously just used "closed", but this is more accurate.

- Null, FIN, Maimon, and Xmas scans now mark ports as "open|filtered"
  instead of "open" when they fail to receive any response from the
  target port.  After all, it could just as easily be filtered as open.
  This is the same change that was made to UDP scan in 3.70.  Also as
  with UDP scan, adding version detection (-sV) will change the state
  from open|filtered to open if it confirms that they really are open.

- Fixed a bug in ACK scan that could cause Nmap to crash with the
  message "Unexpected port state: 6" in some cases.  Thanks to Glyn
  Geoghegan (glyng(a)corsaire.com) for reporting the problem.

- Change IP protocol scan (-sO) so that a response from the target
  host in any protocol at all will prove that protocol is open.  As
  before, no response means "open|filtered", an ICMP protocol
  unreachable means "closed", and most other ICMP error messages mean
  "filtered".

- Patched a Winpcap issue that prevented read timeouts from being
  honored on Solaris (thus slowing down Nmap substantially).  The
  problem report and patch were sent in by Ben Harris
  (bjh21(a)cam.ac.uk).

- Changed IP protocol scan (-sO) so that it sends valid ICMP, TCP, and
  UDP headers when scanning protocols 1, 6, and 17, respectively.  An
  empty IP header is still sent for all other protocols.  This should
  prevent the error messages such as "sendto in send_ip_packet:
  sendto(3, packet, 20, 0, 192.31.33.7, 16) => Operation not
  permitted" that Linux (and perhaps other systems) would give when
  they try to interpret the raw packet.  This also makes it more
  likely that these protocols will elicit a response, proving that the
  protocol is "open".

- The windows build now uses header and static library files from
  Winpcap 3.1Beta4.  It also now prints out the DLL version you are
  using when run with -d.  I would recommend upgrading to 3.1Beta4 if
  you have an older Winpcap installed.

- Added an NTP probe and matches to the version detection database
  (nmap-service-probes) thanks to a submission from Martin
  Macok (martin.macok%underground.cz@localhost).

- Applied several Nmap service detection database updates sent in by
  Martin Macok (martin.macok(a)underground.cz).

diffstat:

 net/nmap/Makefile   |  4 ++--
 net/nmap/PLIST      |  4 +++-
 net/nmap/distinfo   |  6 +++---
 net/nmapfe/Makefile |  6 +++---
 4 files changed, 11 insertions(+), 9 deletions(-)

diffs (59 lines):

diff -r 957401ea09a0 -r 0c6615e21519 net/nmap/Makefile
--- a/net/nmap/Makefile Sun Feb 06 15:36:18 2005 +0000
+++ b/net/nmap/Makefile Sun Feb 06 21:56:11 2005 +0000
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.41 2005/01/20 12:03:36 salo Exp $
+# $NetBSD: Makefile,v 1.42 2005/02/06 21:56:11 salo Exp $
 #
 
-DISTNAME=      nmap-3.78
+DISTNAME=      nmap-3.80
 CATEGORIES=    net security
 MASTER_SITES=  http://www.insecure.org/nmap/dist/
 EXTRACT_SUFX=  .tar.bz2
diff -r 957401ea09a0 -r 0c6615e21519 net/nmap/PLIST
--- a/net/nmap/PLIST    Sun Feb 06 15:36:18 2005 +0000
+++ b/net/nmap/PLIST    Sun Feb 06 21:56:11 2005 +0000
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.4 2004/07/07 20:54:34 salo Exp $
+@comment $NetBSD: PLIST,v 1.5 2005/02/06 21:56:11 salo Exp $
 bin/nmap
 man/man1/nmap.1
 share/nmap/nmap-mac-prefixes
@@ -7,4 +7,6 @@
 share/nmap/nmap-rpc
 share/nmap/nmap-service-probes
 share/nmap/nmap-services
+share/nmap/nmap.dtd
+share/nmap/nmap.xsl
 @dirrm share/nmap
diff -r 957401ea09a0 -r 0c6615e21519 net/nmap/distinfo
--- a/net/nmap/distinfo Sun Feb 06 15:36:18 2005 +0000
+++ b/net/nmap/distinfo Sun Feb 06 21:56:11 2005 +0000
@@ -1,7 +1,7 @@
-$NetBSD: distinfo,v 1.21 2005/01/20 12:03:36 salo Exp $
+$NetBSD: distinfo,v 1.22 2005/02/06 21:56:11 salo Exp $
 
-SHA1 (nmap-3.78.tar.bz2) = a31b8b3a605a0321904b2626cf631ac6eb1a1d3d
-Size (nmap-3.78.tar.bz2) = 1441986 bytes
+SHA1 (nmap-3.80.tar.bz2) = 3d92a92d6657d9b42b6c58339e224722027b4629
+Size (nmap-3.80.tar.bz2) = 1491414 bytes
 SHA1 (patch-aa) = e22e9674173b66240c8e56a0468059b773444ad6
 SHA1 (patch-ab) = 7ac228ff6016b1893b0bdd38134fe46f6ee71b67
 SHA1 (patch-ad) = 697142c3eed5c8771c9421e241a06b9c35588b9d
diff -r 957401ea09a0 -r 0c6615e21519 net/nmapfe/Makefile
--- a/net/nmapfe/Makefile       Sun Feb 06 15:36:18 2005 +0000
+++ b/net/nmapfe/Makefile       Sun Feb 06 21:56:11 2005 +0000
@@ -1,9 +1,9 @@
-# $NetBSD: Makefile,v 1.28 2005/01/20 12:03:37 salo Exp $
+# $NetBSD: Makefile,v 1.29 2005/02/06 21:56:11 salo Exp $
 #
 
-DISTNAME=      nmap-3.78
+DISTNAME=      nmap-3.80
 PKGNAME=       nmapfe-0.9.5
-PKGREVISION=   18
+PKGREVISION=   19
 CATEGORIES=    net security
 MASTER_SITES=  http://www.insecure.org/nmap/dist/
 EXTRACT_SUFX=  .tar.bz2