Subject: pkg/24116: new package: security/fragrouter
To: None <gnats-bugs@gnats.NetBSD.org>
From: None <ishit@pluto.dti.ne.jp>
List: netbsd-bugs
Date: 01/16/2004 09:12:01
>Number:         24116
>Category:       pkg
>Synopsis:       new package: security/fragrouter
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    pkg-manager
>State:          open
>Class:          change-request
>Submitter-Id:   net
>Arrival-Date:   Fri Jan 16 09:13:01 UTC 2004
>Closed-Date:
>Last-Modified:
>Originator:     ISIHARA Takanori
>Release:        NetBSD/i386 1.6.2_RC3
>Organization:
Nagoya *BSD Users' Group :-)
>Environment:
NetBSD ishitPc2.home 1.6.2_RC3 NetBSD 1.6.2_RC3 (GENERIC_LAPTOP) #0: Fri Nov 28 12:26:46 UTC 2003     autobuild@tgm.netbsd.org:/autobuild/netbsd-1-6-PATCH002-RC3/i386/OBJ/autobuild/netbsd-1-6-PATCH002-RC3/src/sys/arch/i386/compile/GENERIC_LAPTOP i386

>Description:
I convert FreeBSD port security/fragrouter to pkg.
I submit it.

>How-To-Repeat:

>Fix:
# This is a shell archive.  Save it in a file, remove anything before
# this line, and then unpack it by entering "sh file".  Note, it may
# create directories; files and directories will be owned by you and
# have default permissions.
#
# This archive contains:
#
#	.
#	./Makefile
#	./patches
#	./patches/patch-aa
#	./patches/patch-ab
#	./patches/patch-ac
#	./patches/patch-ad
#	./patches/patch-ae
#	./patches/patch-af
#	./PLIST
#	./distinfo
#	./DESCR
#
echo c - .
mkdir -p . > /dev/null 2>&1
echo x - ./Makefile
sed 's/^X//' >./Makefile << 'END-of-./Makefile'
X# $NetBSD$
X# FreeBSD Id: ports/security/fragrouter/Makefile,v 1.8 2003/12/21 00:22:25 sergei Exp
X
XDISTNAME=	fragrouter-1.6
XCATEGORIES=	security
X# XXX: mastersite disappeared in October 2002
X# XXX: MASTER_SITES=	http://www.anzen.com/research/nidsbench/
XMASTER_SITES=	ftp://ftp.freebsd.org/pub/FreeBSD/ports/distfiles/
X
XMAINTAINER=	packages@NetBSD.org
X# XXX: HOMEPAGE=	http://www.anzen.com/research/nidsbench/
XCOMMENT=        Tool for testing network IDS implementations
X
XUSE_BUILDLINK2=	yes
XGNU_CONFIGURE=	yes
XCONFIGURE_ARGS+=        --with-libnet=${BUILDLINK_PREFIX.libnet}
XCONFIGURE_ARGS+=        --with-libpcap=${BUILDLINK_PREFIX.libpcap}
X
X.include "../../net/libpcap/buildlink2.mk"
X.include "../../devel/libnet/buildlink2.mk"
X.include "../../mk/bsd.pkg.mk"
END-of-./Makefile
echo c - ./patches
mkdir -p ./patches > /dev/null 2>&1
echo x - ./patches/patch-aa
sed 's/^X//' >./patches/patch-aa << 'END-of-./patches/patch-aa'
X$NetBSD$
X
X+++ Makefile.in
X@@ -22,15 +22,15 @@ INSTALL		= @INSTALL@
X INSTALL_PROGRAM	= @INSTALL_PROGRAM@
X INSTALL_DATA	= @INSTALL_DATA@
X 
X-PCAPDIR		= $(srcdir)/libpcap-0.4
X-PCAPINCS	= -I$(PCAPDIR)
X-PCAPLIBS	= -L$(PCAPDIR) -lpcap
X-PCAPDEP		= $(PCAPDIR)/pcap.h $(PCAPDIR)/libpcap.a
X+PCAPDIR		= 
X+PCAPINCS	= @PCAPINC@
X+PCAPLIBS	= @PCAPLIB@
X+PCAPDEP		= 
X 
X-LNETDIR		= $(srcdir)/Libnet-0.99b
X-LNETINCS	= -I$(LNETDIR)/include
X-LNETLIBS	= -L$(LNETDIR)/lib -lnet
X-LNETDEP		= $(LNETDIR)/include/libnet.h $(LNETDIR)/libnet.a
X+LNETDIR		= 
X+LNETINCS	= @LNETINC@ `$(prefix)/bin/libnet-config --defines`
X+LNETLIBS	= @LNETLIB@
X+LNETDEP		= 
X 
X SRCS		= attack.c fragrouter.c ip_frag.c list.c misc.c print.c \
X 		  send.c sniff.c tcp_seg.c
END-of-./patches/patch-aa
echo x - ./patches/patch-ab
sed 's/^X//' >./patches/patch-ab << 'END-of-./patches/patch-ab'
X$NetBSD$
X
X+++ configure
X@@ -11,6 +11,10 @@
X ac_help=
X ac_default_prefix=/usr/local
X # Any additions from configure.in:
X+ac_help="$ac_help
X+  --with-libpcap=DIR      use libpcap in DIR"
X+ac_help="$ac_help
X+  --with-libnet=DIR      use libnet in DIR"
X 
X # Initialize some variables set by options.
X # The variables have the same names as the options, with
X@@ -21,7 +25,7 @@ exec_prefix=NONE
X host=NONE
X no_create=
X nonopt=NONE
X-no_recursion=
X+no_recursion=yes
X prefix=NONE
X program_prefix=NONE
X program_suffix=NONE
X@@ -1375,7 +1379,95 @@ fi
X done
X 
X 
X-subdirs="libpcap-0.4 Libnet-0.99b"
X+#subdirs="libpcap-0.4 Libnet-0.99b"
X+
X+
X+echo $ac_n "checking for libpcap""... $ac_c" 1>&6
X+echo "configure:1844: checking for libpcap" >&5
X+# Check whether --with-libpcap or --without-libpcap was given.
X+if test "${with_libpcap+set}" = set; then
X+  withval="$with_libpcap"
X+  case "$withval" in
X+  yes|no)
X+     echo "$ac_t""no" 1>&6
X+     ;;
X+  *)
X+     echo "$ac_t""$withval" 1>&6
X+     if test -f $withval/pcap.h -a -f $withval/libpcap.a; then
X+        owd=`pwd`
X+        if cd $withval; then withval=`pwd`; cd $owd; fi
X+        PCAPINC="-I$withval -I$withval/bpf"
X+        PCAPLIB="-L$withval -lpcap"
X+     elif test -f $withval/include/pcap.h -a \
X+               -f $withval/include/net/bpf.h; then
X+        owd=`pwd`
X+        if cd $withval; then withval=`pwd`; cd $owd; fi
X+        PCAPINC="-I$withval/include"
X+        if test -f $withval/lib/libwpcap.a; then
X+           PCAPLIB="-L$withval/lib -lwpcap"
X+        else
X+           PCAPLIB="-L$withval/lib -lpcap"
X+        fi
X+     else
X+        { echo "configure: error: pcap.h" 1>&2; exit 1; }
X+     fi
X+     ;;
X+  esac
X+else
X+   if test -f ${prefix}/include/pcap.h; then
X+     PCAPINC="-I${prefix}/include"
X+     if test -f ${prefix}/lib/libwpcap.a; then
X+        PCAPLIB="-L${prefix}/lib -lwpcap"
X+     else
X+        PCAPLIB="-L${prefix}/lib -lpcap"
X+     fi
X+  elif test -f /usr/include/pcap/pcap.h; then
X+     PCAPINC="-I/usr/include/pcap"
X+     PCAPLIB="-lpcap"
X+  elif test -f /usr/include/pcap.h; then
X+     PCAPLIB="-lpcap"
X+  else
X+     echo "$ac_t""no" 1>&6
X+     { echo "configure: error: libpcap not found" 1>&2; exit 1; }
X+  fi
X+  echo "$ac_t""yes" 1>&6
X+
X+fi
X+
X+
X+echo $ac_n "checking for libnet""... $ac_c" 1>&6
X+echo "configure:1897: checking for libnet" >&5
X+# Check whether --with-libnet or --without-libnet was given.
X+if test "${with_libnet+set}" = set; then
X+  withval="$with_libnet"
X+  case "$withval" in
X+  yes|no)
X+     echo "$ac_t""no" 1>&6
X+     ;;
X+  *)
X+     echo "$ac_t""$withval" 1>&6
X+     if test -f $withval/src/libnet.a; then
X+        LNETINC="-I$withval/include"
X+        LNETLIB="-L$withval/src -lnet `$withval/libnet-config --libs`"
X+     elif test -x $withval/bin/libnet-config; then
X+        LNETINC="`$withval/bin/libnet-config --cflags`"
X+        LNETLIB="`$withval/bin/libnet-config --libs`"
X+     else
X+        { echo "configure: error: libnet-config not found in $withval/bin" 1>&2; exit 1; }
X+     fi
X+     ;;
X+  esac
X+else
X+  if test -x ${prefix}/bin/libnet-config; then
X+     LNETINC="`${prefix}/bin/libnet-config --cflags`"
X+     LNETLIB="`${prefix}/bin/libnet-config --libs`"
X+  else
X+     echo "$ac_t""no" 1>&6
X+     { echo "configure: error: libnet not found" 1>&2; exit 1; }
X+  fi
X+  echo "$ac_t""yes" 1>&6
X+
X+fi
X 
X 
X trap '' 1 2 15
X@@ -1516,6 +1608,10 @@ s%@INSTALL_PROGRAM@%$INSTALL_PROGRAM%g
X s%@INSTALL_SCRIPT@%$INSTALL_SCRIPT%g
X s%@INSTALL_DATA@%$INSTALL_DATA%g
X s%@SET_MAKE@%$SET_MAKE%g
X+s%@PCAPINC@%$PCAPINC%g
X+s%@PCAPLIB@%$PCAPLIB%g
X+s%@LNETINC@%$LNETINC%g
X+s%@LNETLIB@%$LNETLIB%g
X s%@CPP@%$CPP%g
X s%@subdirs@%$subdirs%g
X 
END-of-./patches/patch-ab
echo x - ./patches/patch-ac
sed 's/^X//' >./patches/patch-ac << 'END-of-./patches/patch-ac'
X$NetBSD$
X
X+++ ip_frag.c
X@@ -128,7 +128,7 @@ ELEM *
X ip_frag_add_overwrite(ELEM *list)
X {
X   ELEM *f, *new;
X-  u_char nulls[PACKET], *newdata;
X+  u_char nulls[LIBNET_PACKET], *newdata;
X   int newoff, newlen;
X 
X   memset(nulls, 0, sizeof(nulls));
X@@ -152,7 +152,7 @@ ip_frag_add_overwrite(ELEM *list)
X     ((struct ip *)newdata)->ip_off = htons(newoff);
X 
X     /* Add null fragment after current fragment. */
X-    new = list_elem(newdata, IP_H + newlen);
X+    new = list_elem(newdata, LIBNET_IP_H + newlen);
X     free(newdata);
X     
X     if (!list_add(f, new))
END-of-./patches/patch-ac
echo x - ./patches/patch-ad
sed 's/^X//' >./patches/patch-ad << 'END-of-./patches/patch-ad'
X$NetBSD$
X
X+++ print.c
X@@ -93,7 +93,7 @@ print_ip(unsigned char *bp, int length)
X 
X   iph = (struct ip *)bp;
X 
X-  if (length < IP_H) {
X+  if (length < LIBNET_IP_H) {
X     printf("truncated-ip %d", length);
X     return;
X   }
X@@ -190,7 +190,7 @@ print_tcp(unsigned char *bp, int length)
X   tcph = (struct tcphdr *)(bp + (iph->ip_hl * 4));
X   len = length - (iph->ip_hl * 4);
X 
X-  if (len < TCP_H) {
X+  if (len < LIBNET_TCP_H) {
X     printf("truncated-tcp %d", len);
X     return;
X   }
X@@ -227,11 +227,11 @@ print_tcp(unsigned char *bp, int length)
X   if (tcph->th_flags & TH_URG) printf(" urg %d", urp);
X 
X   /* Handle options. */
X-  if ((tcp_hl -= TCP_H) > 0) {
X+  if ((tcp_hl -= LIBNET_TCP_H) > 0) {
X     register const u_char *cp;
X     register int i, opt, len, datalen;
X     
X-    cp = (const u_char *)tcph + TCP_H;
X+    cp = (const u_char *)tcph + LIBNET_TCP_H;
X     putchar(' ');
X     ch = '<';
X 
END-of-./patches/patch-ad
echo x - ./patches/patch-ae
sed 's/^X//' >./patches/patch-ae << 'END-of-./patches/patch-ae'
X$NetBSD$
X
X+++ sniff.c
X@@ -55,7 +55,7 @@ int
X sniff_init(char *intf, char *ebuf)
X {
X   char *dev, filter[BUFSIZ];
X-  struct link_int *llif;
X+  struct libnet_link_int *llif;
X   struct ether_addr *llmac;
X   u_long llip;
X   u_int net, mask;
END-of-./patches/patch-ae
echo x - ./patches/patch-af
sed 's/^X//' >./patches/patch-af << 'END-of-./patches/patch-af'
X$NetBSD$
X
X+++ tcp_seg.c
X@@ -101,18 +101,18 @@ tcp_seg_null_payload(ELEM *seg)
X   int newlen = ntohs(iph->ip_len) - (ip_hl + tcp_hl);
X   u_char *newdata;
X   
X-  if (!(newdata = malloc(ip_hl + TCP_H + newlen)))
X+  if (!(newdata = malloc(ip_hl + LIBNET_TCP_H + newlen)))
X     return NULL;
X   
X   /* Whack the payload (including TCP options to elude PAWS). */
X-  memcpy(newdata, seg->data, ip_hl + TCP_H);
X-  memset(newdata + ip_hl + TCP_H, 0, newlen);
X+  memcpy(newdata, seg->data, ip_hl + LIBNET_TCP_H);
X+  memset(newdata + ip_hl + LIBNET_TCP_H, 0, newlen);
X 
X   /* Correct IP length, TCP header length, TCP checksum, segment length. */
X-  ((struct ip *)newdata)->ip_len = htons(ip_hl + TCP_H + newlen);
X-  ((struct tcphdr *)(newdata + ip_hl))->th_off = TCP_H / 4;
X-  libnet_do_checksum(newdata, IPPROTO_TCP, TCP_H + newlen);
X-  seg->len = ip_hl + TCP_H + newlen;
X+  ((struct ip *)newdata)->ip_len = htons(ip_hl + LIBNET_TCP_H + newlen);
X+  ((struct tcphdr *)(newdata + ip_hl))->th_off = LIBNET_TCP_H / 4;
X+  libnet_do_checksum(newdata, IPPROTO_TCP, LIBNET_TCP_H + newlen);
X+  seg->len = ip_hl + LIBNET_TCP_H + newlen;
X 
X   free(seg->data);
X   seg->data = newdata;
X@@ -188,23 +188,23 @@ tcp_seg_interleave_syns(ELEM *seg)
X     int ip_hl = iph->ip_hl * 4;
X     struct tcphdr *tcph = (struct tcphdr *)(s->data + ip_hl);
X 
X-    if (!(data = malloc(ip_hl + TCP_H)))
X+    if (!(data = malloc(ip_hl + LIBNET_TCP_H)))
X       return NULL;
X 
X     /* Copy in IP header. */
X     memcpy(data, s->data, ip_hl);
X 
X     /* Correct IP length, trash IP ID, TCP sequence number. */
X-    ((struct ip *)data)->ip_len = htons(ip_hl + TCP_H);
X+    ((struct ip *)data)->ip_len = htons(ip_hl + LIBNET_TCP_H);
X     ((struct ip *)data)->ip_id = htons(iph->ip_id) * 2; /* intentional! */
X     libnet_build_tcp(ntohs(tcph->th_sport), ntohs(tcph->th_dport),
X 		     htonl(tcph->th_seq * 2), 0, TH_SYN, ntohs(tcph->th_win),
X 		     ntohs(tcph->th_urp), NULL, 0, data + ip_hl);
X     
X-    libnet_do_checksum(data, IPPROTO_TCP, TCP_H);
X+    libnet_do_checksum(data, IPPROTO_TCP, LIBNET_TCP_H);
X 
X     /* Add it to our list of TCP packets. */
X-    new = list_elem(data, ip_hl + TCP_H);
X+    new = list_elem(data, ip_hl + LIBNET_TCP_H);
X     free(data);
X     
X     if (!(s = list_add(s, new)))
X@@ -231,34 +231,34 @@ tcp_seg_prepend_fakeclose(u_char *pkt, i
X     return NULL;
X   
X   /* Add our fake FIN packet. */
X-  if (!(data = malloc(ip_hl + TCP_H)))
X+  if (!(data = malloc(ip_hl + LIBNET_TCP_H)))
X     return NULL;
X 
X   memcpy(data, pkt, ip_hl);
X-  ((struct ip *)data)->ip_len = htons(ip_hl + TCP_H);
X+  ((struct ip *)data)->ip_len = htons(ip_hl + LIBNET_TCP_H);
X   ((struct ip *)data)->ip_id = htons(iph->ip_id) * 2; /* intentional! */
X   libnet_build_tcp(ntohs(tcph->th_sport), ntohs(tcph->th_dport),
X 		   ntohl(tcph->th_seq) + 1, ntohl(tcph->th_ack),
X 		   TH_FIN, 0, ntohs(tcph->th_urp), NULL, 0, data + ip_hl);
X   
X-  new = list_elem(data, ip_hl + TCP_H);
X+  new = list_elem(data, ip_hl + LIBNET_TCP_H);
X   free(data);
X   
X   if (!(list = list_add(list, new)))
X     return NULL;
X 
X   /* Add our fake RST packet. */
X-  if (!(data = malloc(ip_hl + TCP_H)))
X+  if (!(data = malloc(ip_hl + LIBNET_TCP_H)))
X     return NULL;
X 
X   memcpy(data, pkt, ip_hl);
X-  ((struct ip *)data)->ip_len = htons(ip_hl + TCP_H);
X+  ((struct ip *)data)->ip_len = htons(ip_hl + LIBNET_TCP_H);
X   ((struct ip *)data)->ip_id = htons(iph->ip_id) * 2 + 1; /* intentional! */
X   libnet_build_tcp(ntohs(tcph->th_sport), ntohs(tcph->th_dport),
X 		   ntohl(tcph->th_seq) + 2, ntohl(tcph->th_ack),
X 		   TH_RST, 0, ntohs(tcph->th_urp), NULL, 0, data + ip_hl);
X 
X-  new = list_elem(data, ip_hl + TCP_H);
X+  new = list_elem(data, ip_hl + LIBNET_TCP_H);
X   free(data);
X   
X   if (!(list = list_add(list, new)))
X@@ -280,34 +280,34 @@ tcp_seg_prepend_connection(u_char *pkt, 
X     return NULL;
X 
X   /* Add our decoy SYN packet. */
X-  if (!(data = malloc(ip_hl + TCP_H)))
X+  if (!(data = malloc(ip_hl + LIBNET_TCP_H)))
X     return NULL;
X 
X   memcpy(data, pkt, ip_hl);
X-  ((struct ip *)data)->ip_len = htons(ip_hl + TCP_H);
X+  ((struct ip *)data)->ip_len = htons(ip_hl + LIBNET_TCP_H);
X   ((struct ip *)data)->ip_id = htons(iph->ip_id) * 2; /* intentional! */
X   libnet_build_tcp(ntohs(tcph->th_sport), ntohs(tcph->th_dport),
X 		   ntohl(tcph->th_seq) * 2, 0, TH_SYN, ntohs(tcph->th_win),
X 		   0, NULL, 0, data + ip_hl);
X-  libnet_do_checksum(data, IPPROTO_TCP, TCP_H);
X-  new = list_elem(data, ip_hl + TCP_H);
X+  libnet_do_checksum(data, IPPROTO_TCP, LIBNET_TCP_H);
X+  new = list_elem(data, ip_hl + LIBNET_TCP_H);
X   free(data);
X   
X   if (!(list = list_add(list, new)))
X     return NULL;
X 
X   /* Add our decoy RST packet, in case the attacker is filtering hers. */
X-  if (!(data = malloc(ip_hl + TCP_H)))
X+  if (!(data = malloc(ip_hl + LIBNET_TCP_H)))
X     return NULL;
X 
X   memcpy(data, pkt, ip_hl);
X-  ((struct ip *)data)->ip_len = htons(ip_hl + TCP_H);
X+  ((struct ip *)data)->ip_len = htons(ip_hl + LIBNET_TCP_H);
X   ((struct ip *)data)->ip_id = htons(iph->ip_id) * 2 + 1; /* intentional! */
X   libnet_build_tcp(ntohs(tcph->th_sport), ntohs(tcph->th_dport),
X 		   ntohl(tcph->th_seq) * 2 + 1, 0, TH_RST, ntohs(tcph->th_win),
X 		   0, NULL, 0, data + ip_hl);
X-  libnet_do_checksum(data, IPPROTO_TCP, TCP_H);
X-  new = list_elem(data, ip_hl + TCP_H);
X+  libnet_do_checksum(data, IPPROTO_TCP, LIBNET_TCP_H);
X+  new = list_elem(data, ip_hl + LIBNET_TCP_H);
X   free(data);
X   
X   if (!(list = list_add(list, new)))
X@@ -335,24 +335,24 @@ tcp_seg_prepend_junk(u_char *pkt, int pk
X     return NULL;
X 
X   for (i = 0; i < 500 ; i++) {
X-    if (!(data = malloc(ip_hl + TCP_H + PACKET)))
X+    if (!(data = malloc(ip_hl + LIBNET_TCP_H + LIBNET_PACKET)))
X       return NULL;
X 
X     /* Copy over IP header. */
X     memcpy(data, pkt, ip_hl);
X 
X     /* Correct IP length, IP ID. */
X-    ((struct ip *)data)->ip_len = htons(ip_hl + TCP_H + PACKET);
X+    ((struct ip *)data)->ip_len = htons(ip_hl + LIBNET_TCP_H + LIBNET_PACKET);
X     ((struct ip *)data)->ip_id = htons(iph->ip_id + i); /* intentional! */
X 
X     /* Add TCP header, null payload, and fix checksum. */
X     libnet_build_tcp(ntohs(tcph->th_sport), ntohs(tcph->th_dport),
X 		     i, 666, TH_ACK, ntohs(tcph->th_win),
X 		     ntohs(tcph->th_urp), NULL, 0, data + ip_hl);
X-    memset(data + ip_hl + TCP_H, 0, PACKET);
X-    libnet_do_checksum(data, IPPROTO_TCP, TCP_H);
X+    memset(data + ip_hl + LIBNET_TCP_H, 0, LIBNET_PACKET);
X+    libnet_do_checksum(data, IPPROTO_TCP, LIBNET_TCP_H);
X     
X-    new = list_elem(data, ip_hl + TCP_H + PACKET);
X+    new = list_elem(data, ip_hl + LIBNET_TCP_H + LIBNET_PACKET);
X     free(data);
X     
X     if (!(list = list_add(list, new)))
X@@ -370,7 +370,7 @@ ELEM *
X tcp_seg_interleave_overwrites(ELEM *seg)
X {
X   ELEM *s, *new;
X-  u_char nulls[PACKET], *newdata;
X+  u_char nulls[LIBNET_PACKET], *newdata;
X   u_long newseq;
X   int newlen;
X 
X@@ -387,21 +387,21 @@ tcp_seg_interleave_overwrites(ELEM *seg)
X     newlen = (ntohs(iph->ip_len) - (ip_hl + tcp_hl)) / 2;
X     newseq = ntohl(tcph->th_seq) + newlen;
X 
X-    if (!(newdata = malloc(ip_hl + TCP_H + newlen)))
X+    if (!(newdata = malloc(ip_hl + LIBNET_TCP_H + newlen)))
X       return NULL;
X 
X     /* Copy in IP, TCP headers and data. */
X-    memcpy(newdata, s->data, ip_hl + TCP_H);
X-    memcpy(newdata + ip_hl + TCP_H, nulls, newlen);
X+    memcpy(newdata, s->data, ip_hl + LIBNET_TCP_H);
X+    memcpy(newdata + ip_hl + LIBNET_TCP_H, nulls, newlen);
X 
X     /* Correct IP length, TCP header length, TCP seqnum, TCP checksum. */
X-    ((struct ip *)newdata)->ip_len = htons(ip_hl + TCP_H + newlen);
X+    ((struct ip *)newdata)->ip_len = htons(ip_hl + LIBNET_TCP_H + newlen);
X     ((struct tcphdr *)(newdata + ip_hl))->th_seq = htonl(newseq);
X-    ((struct tcphdr *)(newdata + ip_hl))->th_off = TCP_H / 4; /* XXX - PAWS! */
X-    libnet_do_checksum(newdata, IPPROTO_TCP, TCP_H + newlen);
X+    ((struct tcphdr *)(newdata + ip_hl))->th_off = LIBNET_TCP_H / 4; /* XXX - PAWS! */
X+    libnet_do_checksum(newdata, IPPROTO_TCP, LIBNET_TCP_H + newlen);
X 
X     /* Add null fragment after current fragment. */
X-    new = list_elem(newdata, ip_hl + TCP_H + newlen);
X+    new = list_elem(newdata, ip_hl + LIBNET_TCP_H + newlen);
X     free(newdata);
X     
X     if (!list_add(s, new))
END-of-./patches/patch-af
echo x - ./PLIST
sed 's/^X//' >./PLIST << 'END-of-./PLIST'
X@comment $NetBSD$
Xman/man8/fragrouter.8
Xsbin/fragrouter
END-of-./PLIST
echo x - ./distinfo
sed 's/^X//' >./distinfo << 'END-of-./distinfo'
X$NetBSD$
X
XSHA1 (fragrouter-1.6.tar.gz) = b5fb0e9c2096c92661696686aed630bc0f20ce7e
XSize (fragrouter-1.6.tar.gz) = 277726 bytes
XSHA1 (patch-aa) = 3e18f18b65604c5189c45f33f59fbbfaf45a8829
XSHA1 (patch-ab) = 1411859d2a2f782cfe0200028269741c50f994c2
XSHA1 (patch-ac) = 7554bf048fb05630d188e90f98dded450faa6cbe
XSHA1 (patch-ad) = a3982a88ccebf5effd79e878af368d5245867630
XSHA1 (patch-ae) = aa04159e7e8c7239b86c8c0766af889b2122c8b2
XSHA1 (patch-af) = 2b6fd70fb5198ca92bfbd0e7f0bb8a972c5ab297
END-of-./distinfo
echo x - ./DESCR
sed 's/^X//' >./DESCR << 'END-of-./DESCR'
XFragrouter is a program for routing network traffic in such a way as
Xto elude most network intrusion detection systems.
X
XThe attacks implemented correspond to those listed in the Secure
XNetworks ``Insertion, Evasion, and Denial of Service: Eluding Network
XIntrusion Detection'' paper of January, 1998.
END-of-./DESCR
exit


>Release-Note:
>Audit-Trail:
>Unformatted: