Subject: pkg/24116: new package: security/fragrouter
To: None <gnats-bugs@gnats.NetBSD.org>
From: None <ishit@pluto.dti.ne.jp>
List: netbsd-bugs
Date: 01/16/2004 09:12:01
>Number: 24116
>Category: pkg
>Synopsis: new package: security/fragrouter
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: pkg-manager
>State: open
>Class: change-request
>Submitter-Id: net
>Arrival-Date: Fri Jan 16 09:13:01 UTC 2004
>Closed-Date:
>Last-Modified:
>Originator: ISIHARA Takanori
>Release: NetBSD/i386 1.6.2_RC3
>Organization:
Nagoya *BSD Users' Group :-)
>Environment:
NetBSD ishitPc2.home 1.6.2_RC3 NetBSD 1.6.2_RC3 (GENERIC_LAPTOP) #0: Fri Nov 28 12:26:46 UTC 2003 autobuild@tgm.netbsd.org:/autobuild/netbsd-1-6-PATCH002-RC3/i386/OBJ/autobuild/netbsd-1-6-PATCH002-RC3/src/sys/arch/i386/compile/GENERIC_LAPTOP i386
>Description:
I convert FreeBSD port security/fragrouter to pkg.
I submit it.
>How-To-Repeat:
>Fix:
# This is a shell archive. Save it in a file, remove anything before
# this line, and then unpack it by entering "sh file". Note, it may
# create directories; files and directories will be owned by you and
# have default permissions.
#
# This archive contains:
#
# .
# ./Makefile
# ./patches
# ./patches/patch-aa
# ./patches/patch-ab
# ./patches/patch-ac
# ./patches/patch-ad
# ./patches/patch-ae
# ./patches/patch-af
# ./PLIST
# ./distinfo
# ./DESCR
#
echo c - .
mkdir -p . > /dev/null 2>&1
echo x - ./Makefile
sed 's/^X//' >./Makefile << 'END-of-./Makefile'
X# $NetBSD$
X# FreeBSD Id: ports/security/fragrouter/Makefile,v 1.8 2003/12/21 00:22:25 sergei Exp
X
XDISTNAME= fragrouter-1.6
XCATEGORIES= security
X# XXX: mastersite disappeared in October 2002
X# XXX: MASTER_SITES= http://www.anzen.com/research/nidsbench/
XMASTER_SITES= ftp://ftp.freebsd.org/pub/FreeBSD/ports/distfiles/
X
XMAINTAINER= packages@NetBSD.org
X# XXX: HOMEPAGE= http://www.anzen.com/research/nidsbench/
XCOMMENT= Tool for testing network IDS implementations
X
XUSE_BUILDLINK2= yes
XGNU_CONFIGURE= yes
XCONFIGURE_ARGS+= --with-libnet=${BUILDLINK_PREFIX.libnet}
XCONFIGURE_ARGS+= --with-libpcap=${BUILDLINK_PREFIX.libpcap}
X
X.include "../../net/libpcap/buildlink2.mk"
X.include "../../devel/libnet/buildlink2.mk"
X.include "../../mk/bsd.pkg.mk"
END-of-./Makefile
echo c - ./patches
mkdir -p ./patches > /dev/null 2>&1
echo x - ./patches/patch-aa
sed 's/^X//' >./patches/patch-aa << 'END-of-./patches/patch-aa'
X$NetBSD$
X
X+++ Makefile.in
X@@ -22,15 +22,15 @@ INSTALL = @INSTALL@
X INSTALL_PROGRAM = @INSTALL_PROGRAM@
X INSTALL_DATA = @INSTALL_DATA@
X
X-PCAPDIR = $(srcdir)/libpcap-0.4
X-PCAPINCS = -I$(PCAPDIR)
X-PCAPLIBS = -L$(PCAPDIR) -lpcap
X-PCAPDEP = $(PCAPDIR)/pcap.h $(PCAPDIR)/libpcap.a
X+PCAPDIR =
X+PCAPINCS = @PCAPINC@
X+PCAPLIBS = @PCAPLIB@
X+PCAPDEP =
X
X-LNETDIR = $(srcdir)/Libnet-0.99b
X-LNETINCS = -I$(LNETDIR)/include
X-LNETLIBS = -L$(LNETDIR)/lib -lnet
X-LNETDEP = $(LNETDIR)/include/libnet.h $(LNETDIR)/libnet.a
X+LNETDIR =
X+LNETINCS = @LNETINC@ `$(prefix)/bin/libnet-config --defines`
X+LNETLIBS = @LNETLIB@
X+LNETDEP =
X
X SRCS = attack.c fragrouter.c ip_frag.c list.c misc.c print.c \
X send.c sniff.c tcp_seg.c
END-of-./patches/patch-aa
echo x - ./patches/patch-ab
sed 's/^X//' >./patches/patch-ab << 'END-of-./patches/patch-ab'
X$NetBSD$
X
X+++ configure
X@@ -11,6 +11,10 @@
X ac_help=
X ac_default_prefix=/usr/local
X # Any additions from configure.in:
X+ac_help="$ac_help
X+ --with-libpcap=DIR use libpcap in DIR"
X+ac_help="$ac_help
X+ --with-libnet=DIR use libnet in DIR"
X
X # Initialize some variables set by options.
X # The variables have the same names as the options, with
X@@ -21,7 +25,7 @@ exec_prefix=NONE
X host=NONE
X no_create=
X nonopt=NONE
X-no_recursion=
X+no_recursion=yes
X prefix=NONE
X program_prefix=NONE
X program_suffix=NONE
X@@ -1375,7 +1379,95 @@ fi
X done
X
X
X-subdirs="libpcap-0.4 Libnet-0.99b"
X+#subdirs="libpcap-0.4 Libnet-0.99b"
X+
X+
X+echo $ac_n "checking for libpcap""... $ac_c" 1>&6
X+echo "configure:1844: checking for libpcap" >&5
X+# Check whether --with-libpcap or --without-libpcap was given.
X+if test "${with_libpcap+set}" = set; then
X+ withval="$with_libpcap"
X+ case "$withval" in
X+ yes|no)
X+ echo "$ac_t""no" 1>&6
X+ ;;
X+ *)
X+ echo "$ac_t""$withval" 1>&6
X+ if test -f $withval/pcap.h -a -f $withval/libpcap.a; then
X+ owd=`pwd`
X+ if cd $withval; then withval=`pwd`; cd $owd; fi
X+ PCAPINC="-I$withval -I$withval/bpf"
X+ PCAPLIB="-L$withval -lpcap"
X+ elif test -f $withval/include/pcap.h -a \
X+ -f $withval/include/net/bpf.h; then
X+ owd=`pwd`
X+ if cd $withval; then withval=`pwd`; cd $owd; fi
X+ PCAPINC="-I$withval/include"
X+ if test -f $withval/lib/libwpcap.a; then
X+ PCAPLIB="-L$withval/lib -lwpcap"
X+ else
X+ PCAPLIB="-L$withval/lib -lpcap"
X+ fi
X+ else
X+ { echo "configure: error: pcap.h" 1>&2; exit 1; }
X+ fi
X+ ;;
X+ esac
X+else
X+ if test -f ${prefix}/include/pcap.h; then
X+ PCAPINC="-I${prefix}/include"
X+ if test -f ${prefix}/lib/libwpcap.a; then
X+ PCAPLIB="-L${prefix}/lib -lwpcap"
X+ else
X+ PCAPLIB="-L${prefix}/lib -lpcap"
X+ fi
X+ elif test -f /usr/include/pcap/pcap.h; then
X+ PCAPINC="-I/usr/include/pcap"
X+ PCAPLIB="-lpcap"
X+ elif test -f /usr/include/pcap.h; then
X+ PCAPLIB="-lpcap"
X+ else
X+ echo "$ac_t""no" 1>&6
X+ { echo "configure: error: libpcap not found" 1>&2; exit 1; }
X+ fi
X+ echo "$ac_t""yes" 1>&6
X+
X+fi
X+
X+
X+echo $ac_n "checking for libnet""... $ac_c" 1>&6
X+echo "configure:1897: checking for libnet" >&5
X+# Check whether --with-libnet or --without-libnet was given.
X+if test "${with_libnet+set}" = set; then
X+ withval="$with_libnet"
X+ case "$withval" in
X+ yes|no)
X+ echo "$ac_t""no" 1>&6
X+ ;;
X+ *)
X+ echo "$ac_t""$withval" 1>&6
X+ if test -f $withval/src/libnet.a; then
X+ LNETINC="-I$withval/include"
X+ LNETLIB="-L$withval/src -lnet `$withval/libnet-config --libs`"
X+ elif test -x $withval/bin/libnet-config; then
X+ LNETINC="`$withval/bin/libnet-config --cflags`"
X+ LNETLIB="`$withval/bin/libnet-config --libs`"
X+ else
X+ { echo "configure: error: libnet-config not found in $withval/bin" 1>&2; exit 1; }
X+ fi
X+ ;;
X+ esac
X+else
X+ if test -x ${prefix}/bin/libnet-config; then
X+ LNETINC="`${prefix}/bin/libnet-config --cflags`"
X+ LNETLIB="`${prefix}/bin/libnet-config --libs`"
X+ else
X+ echo "$ac_t""no" 1>&6
X+ { echo "configure: error: libnet not found" 1>&2; exit 1; }
X+ fi
X+ echo "$ac_t""yes" 1>&6
X+
X+fi
X
X
X trap '' 1 2 15
X@@ -1516,6 +1608,10 @@ s%@INSTALL_PROGRAM@%$INSTALL_PROGRAM%g
X s%@INSTALL_SCRIPT@%$INSTALL_SCRIPT%g
X s%@INSTALL_DATA@%$INSTALL_DATA%g
X s%@SET_MAKE@%$SET_MAKE%g
X+s%@PCAPINC@%$PCAPINC%g
X+s%@PCAPLIB@%$PCAPLIB%g
X+s%@LNETINC@%$LNETINC%g
X+s%@LNETLIB@%$LNETLIB%g
X s%@CPP@%$CPP%g
X s%@subdirs@%$subdirs%g
X
END-of-./patches/patch-ab
echo x - ./patches/patch-ac
sed 's/^X//' >./patches/patch-ac << 'END-of-./patches/patch-ac'
X$NetBSD$
X
X+++ ip_frag.c
X@@ -128,7 +128,7 @@ ELEM *
X ip_frag_add_overwrite(ELEM *list)
X {
X ELEM *f, *new;
X- u_char nulls[PACKET], *newdata;
X+ u_char nulls[LIBNET_PACKET], *newdata;
X int newoff, newlen;
X
X memset(nulls, 0, sizeof(nulls));
X@@ -152,7 +152,7 @@ ip_frag_add_overwrite(ELEM *list)
X ((struct ip *)newdata)->ip_off = htons(newoff);
X
X /* Add null fragment after current fragment. */
X- new = list_elem(newdata, IP_H + newlen);
X+ new = list_elem(newdata, LIBNET_IP_H + newlen);
X free(newdata);
X
X if (!list_add(f, new))
END-of-./patches/patch-ac
echo x - ./patches/patch-ad
sed 's/^X//' >./patches/patch-ad << 'END-of-./patches/patch-ad'
X$NetBSD$
X
X+++ print.c
X@@ -93,7 +93,7 @@ print_ip(unsigned char *bp, int length)
X
X iph = (struct ip *)bp;
X
X- if (length < IP_H) {
X+ if (length < LIBNET_IP_H) {
X printf("truncated-ip %d", length);
X return;
X }
X@@ -190,7 +190,7 @@ print_tcp(unsigned char *bp, int length)
X tcph = (struct tcphdr *)(bp + (iph->ip_hl * 4));
X len = length - (iph->ip_hl * 4);
X
X- if (len < TCP_H) {
X+ if (len < LIBNET_TCP_H) {
X printf("truncated-tcp %d", len);
X return;
X }
X@@ -227,11 +227,11 @@ print_tcp(unsigned char *bp, int length)
X if (tcph->th_flags & TH_URG) printf(" urg %d", urp);
X
X /* Handle options. */
X- if ((tcp_hl -= TCP_H) > 0) {
X+ if ((tcp_hl -= LIBNET_TCP_H) > 0) {
X register const u_char *cp;
X register int i, opt, len, datalen;
X
X- cp = (const u_char *)tcph + TCP_H;
X+ cp = (const u_char *)tcph + LIBNET_TCP_H;
X putchar(' ');
X ch = '<';
X
END-of-./patches/patch-ad
echo x - ./patches/patch-ae
sed 's/^X//' >./patches/patch-ae << 'END-of-./patches/patch-ae'
X$NetBSD$
X
X+++ sniff.c
X@@ -55,7 +55,7 @@ int
X sniff_init(char *intf, char *ebuf)
X {
X char *dev, filter[BUFSIZ];
X- struct link_int *llif;
X+ struct libnet_link_int *llif;
X struct ether_addr *llmac;
X u_long llip;
X u_int net, mask;
END-of-./patches/patch-ae
echo x - ./patches/patch-af
sed 's/^X//' >./patches/patch-af << 'END-of-./patches/patch-af'
X$NetBSD$
X
X+++ tcp_seg.c
X@@ -101,18 +101,18 @@ tcp_seg_null_payload(ELEM *seg)
X int newlen = ntohs(iph->ip_len) - (ip_hl + tcp_hl);
X u_char *newdata;
X
X- if (!(newdata = malloc(ip_hl + TCP_H + newlen)))
X+ if (!(newdata = malloc(ip_hl + LIBNET_TCP_H + newlen)))
X return NULL;
X
X /* Whack the payload (including TCP options to elude PAWS). */
X- memcpy(newdata, seg->data, ip_hl + TCP_H);
X- memset(newdata + ip_hl + TCP_H, 0, newlen);
X+ memcpy(newdata, seg->data, ip_hl + LIBNET_TCP_H);
X+ memset(newdata + ip_hl + LIBNET_TCP_H, 0, newlen);
X
X /* Correct IP length, TCP header length, TCP checksum, segment length. */
X- ((struct ip *)newdata)->ip_len = htons(ip_hl + TCP_H + newlen);
X- ((struct tcphdr *)(newdata + ip_hl))->th_off = TCP_H / 4;
X- libnet_do_checksum(newdata, IPPROTO_TCP, TCP_H + newlen);
X- seg->len = ip_hl + TCP_H + newlen;
X+ ((struct ip *)newdata)->ip_len = htons(ip_hl + LIBNET_TCP_H + newlen);
X+ ((struct tcphdr *)(newdata + ip_hl))->th_off = LIBNET_TCP_H / 4;
X+ libnet_do_checksum(newdata, IPPROTO_TCP, LIBNET_TCP_H + newlen);
X+ seg->len = ip_hl + LIBNET_TCP_H + newlen;
X
X free(seg->data);
X seg->data = newdata;
X@@ -188,23 +188,23 @@ tcp_seg_interleave_syns(ELEM *seg)
X int ip_hl = iph->ip_hl * 4;
X struct tcphdr *tcph = (struct tcphdr *)(s->data + ip_hl);
X
X- if (!(data = malloc(ip_hl + TCP_H)))
X+ if (!(data = malloc(ip_hl + LIBNET_TCP_H)))
X return NULL;
X
X /* Copy in IP header. */
X memcpy(data, s->data, ip_hl);
X
X /* Correct IP length, trash IP ID, TCP sequence number. */
X- ((struct ip *)data)->ip_len = htons(ip_hl + TCP_H);
X+ ((struct ip *)data)->ip_len = htons(ip_hl + LIBNET_TCP_H);
X ((struct ip *)data)->ip_id = htons(iph->ip_id) * 2; /* intentional! */
X libnet_build_tcp(ntohs(tcph->th_sport), ntohs(tcph->th_dport),
X htonl(tcph->th_seq * 2), 0, TH_SYN, ntohs(tcph->th_win),
X ntohs(tcph->th_urp), NULL, 0, data + ip_hl);
X
X- libnet_do_checksum(data, IPPROTO_TCP, TCP_H);
X+ libnet_do_checksum(data, IPPROTO_TCP, LIBNET_TCP_H);
X
X /* Add it to our list of TCP packets. */
X- new = list_elem(data, ip_hl + TCP_H);
X+ new = list_elem(data, ip_hl + LIBNET_TCP_H);
X free(data);
X
X if (!(s = list_add(s, new)))
X@@ -231,34 +231,34 @@ tcp_seg_prepend_fakeclose(u_char *pkt, i
X return NULL;
X
X /* Add our fake FIN packet. */
X- if (!(data = malloc(ip_hl + TCP_H)))
X+ if (!(data = malloc(ip_hl + LIBNET_TCP_H)))
X return NULL;
X
X memcpy(data, pkt, ip_hl);
X- ((struct ip *)data)->ip_len = htons(ip_hl + TCP_H);
X+ ((struct ip *)data)->ip_len = htons(ip_hl + LIBNET_TCP_H);
X ((struct ip *)data)->ip_id = htons(iph->ip_id) * 2; /* intentional! */
X libnet_build_tcp(ntohs(tcph->th_sport), ntohs(tcph->th_dport),
X ntohl(tcph->th_seq) + 1, ntohl(tcph->th_ack),
X TH_FIN, 0, ntohs(tcph->th_urp), NULL, 0, data + ip_hl);
X
X- new = list_elem(data, ip_hl + TCP_H);
X+ new = list_elem(data, ip_hl + LIBNET_TCP_H);
X free(data);
X
X if (!(list = list_add(list, new)))
X return NULL;
X
X /* Add our fake RST packet. */
X- if (!(data = malloc(ip_hl + TCP_H)))
X+ if (!(data = malloc(ip_hl + LIBNET_TCP_H)))
X return NULL;
X
X memcpy(data, pkt, ip_hl);
X- ((struct ip *)data)->ip_len = htons(ip_hl + TCP_H);
X+ ((struct ip *)data)->ip_len = htons(ip_hl + LIBNET_TCP_H);
X ((struct ip *)data)->ip_id = htons(iph->ip_id) * 2 + 1; /* intentional! */
X libnet_build_tcp(ntohs(tcph->th_sport), ntohs(tcph->th_dport),
X ntohl(tcph->th_seq) + 2, ntohl(tcph->th_ack),
X TH_RST, 0, ntohs(tcph->th_urp), NULL, 0, data + ip_hl);
X
X- new = list_elem(data, ip_hl + TCP_H);
X+ new = list_elem(data, ip_hl + LIBNET_TCP_H);
X free(data);
X
X if (!(list = list_add(list, new)))
X@@ -280,34 +280,34 @@ tcp_seg_prepend_connection(u_char *pkt,
X return NULL;
X
X /* Add our decoy SYN packet. */
X- if (!(data = malloc(ip_hl + TCP_H)))
X+ if (!(data = malloc(ip_hl + LIBNET_TCP_H)))
X return NULL;
X
X memcpy(data, pkt, ip_hl);
X- ((struct ip *)data)->ip_len = htons(ip_hl + TCP_H);
X+ ((struct ip *)data)->ip_len = htons(ip_hl + LIBNET_TCP_H);
X ((struct ip *)data)->ip_id = htons(iph->ip_id) * 2; /* intentional! */
X libnet_build_tcp(ntohs(tcph->th_sport), ntohs(tcph->th_dport),
X ntohl(tcph->th_seq) * 2, 0, TH_SYN, ntohs(tcph->th_win),
X 0, NULL, 0, data + ip_hl);
X- libnet_do_checksum(data, IPPROTO_TCP, TCP_H);
X- new = list_elem(data, ip_hl + TCP_H);
X+ libnet_do_checksum(data, IPPROTO_TCP, LIBNET_TCP_H);
X+ new = list_elem(data, ip_hl + LIBNET_TCP_H);
X free(data);
X
X if (!(list = list_add(list, new)))
X return NULL;
X
X /* Add our decoy RST packet, in case the attacker is filtering hers. */
X- if (!(data = malloc(ip_hl + TCP_H)))
X+ if (!(data = malloc(ip_hl + LIBNET_TCP_H)))
X return NULL;
X
X memcpy(data, pkt, ip_hl);
X- ((struct ip *)data)->ip_len = htons(ip_hl + TCP_H);
X+ ((struct ip *)data)->ip_len = htons(ip_hl + LIBNET_TCP_H);
X ((struct ip *)data)->ip_id = htons(iph->ip_id) * 2 + 1; /* intentional! */
X libnet_build_tcp(ntohs(tcph->th_sport), ntohs(tcph->th_dport),
X ntohl(tcph->th_seq) * 2 + 1, 0, TH_RST, ntohs(tcph->th_win),
X 0, NULL, 0, data + ip_hl);
X- libnet_do_checksum(data, IPPROTO_TCP, TCP_H);
X- new = list_elem(data, ip_hl + TCP_H);
X+ libnet_do_checksum(data, IPPROTO_TCP, LIBNET_TCP_H);
X+ new = list_elem(data, ip_hl + LIBNET_TCP_H);
X free(data);
X
X if (!(list = list_add(list, new)))
X@@ -335,24 +335,24 @@ tcp_seg_prepend_junk(u_char *pkt, int pk
X return NULL;
X
X for (i = 0; i < 500 ; i++) {
X- if (!(data = malloc(ip_hl + TCP_H + PACKET)))
X+ if (!(data = malloc(ip_hl + LIBNET_TCP_H + LIBNET_PACKET)))
X return NULL;
X
X /* Copy over IP header. */
X memcpy(data, pkt, ip_hl);
X
X /* Correct IP length, IP ID. */
X- ((struct ip *)data)->ip_len = htons(ip_hl + TCP_H + PACKET);
X+ ((struct ip *)data)->ip_len = htons(ip_hl + LIBNET_TCP_H + LIBNET_PACKET);
X ((struct ip *)data)->ip_id = htons(iph->ip_id + i); /* intentional! */
X
X /* Add TCP header, null payload, and fix checksum. */
X libnet_build_tcp(ntohs(tcph->th_sport), ntohs(tcph->th_dport),
X i, 666, TH_ACK, ntohs(tcph->th_win),
X ntohs(tcph->th_urp), NULL, 0, data + ip_hl);
X- memset(data + ip_hl + TCP_H, 0, PACKET);
X- libnet_do_checksum(data, IPPROTO_TCP, TCP_H);
X+ memset(data + ip_hl + LIBNET_TCP_H, 0, LIBNET_PACKET);
X+ libnet_do_checksum(data, IPPROTO_TCP, LIBNET_TCP_H);
X
X- new = list_elem(data, ip_hl + TCP_H + PACKET);
X+ new = list_elem(data, ip_hl + LIBNET_TCP_H + LIBNET_PACKET);
X free(data);
X
X if (!(list = list_add(list, new)))
X@@ -370,7 +370,7 @@ ELEM *
X tcp_seg_interleave_overwrites(ELEM *seg)
X {
X ELEM *s, *new;
X- u_char nulls[PACKET], *newdata;
X+ u_char nulls[LIBNET_PACKET], *newdata;
X u_long newseq;
X int newlen;
X
X@@ -387,21 +387,21 @@ tcp_seg_interleave_overwrites(ELEM *seg)
X newlen = (ntohs(iph->ip_len) - (ip_hl + tcp_hl)) / 2;
X newseq = ntohl(tcph->th_seq) + newlen;
X
X- if (!(newdata = malloc(ip_hl + TCP_H + newlen)))
X+ if (!(newdata = malloc(ip_hl + LIBNET_TCP_H + newlen)))
X return NULL;
X
X /* Copy in IP, TCP headers and data. */
X- memcpy(newdata, s->data, ip_hl + TCP_H);
X- memcpy(newdata + ip_hl + TCP_H, nulls, newlen);
X+ memcpy(newdata, s->data, ip_hl + LIBNET_TCP_H);
X+ memcpy(newdata + ip_hl + LIBNET_TCP_H, nulls, newlen);
X
X /* Correct IP length, TCP header length, TCP seqnum, TCP checksum. */
X- ((struct ip *)newdata)->ip_len = htons(ip_hl + TCP_H + newlen);
X+ ((struct ip *)newdata)->ip_len = htons(ip_hl + LIBNET_TCP_H + newlen);
X ((struct tcphdr *)(newdata + ip_hl))->th_seq = htonl(newseq);
X- ((struct tcphdr *)(newdata + ip_hl))->th_off = TCP_H / 4; /* XXX - PAWS! */
X- libnet_do_checksum(newdata, IPPROTO_TCP, TCP_H + newlen);
X+ ((struct tcphdr *)(newdata + ip_hl))->th_off = LIBNET_TCP_H / 4; /* XXX - PAWS! */
X+ libnet_do_checksum(newdata, IPPROTO_TCP, LIBNET_TCP_H + newlen);
X
X /* Add null fragment after current fragment. */
X- new = list_elem(newdata, ip_hl + TCP_H + newlen);
X+ new = list_elem(newdata, ip_hl + LIBNET_TCP_H + newlen);
X free(newdata);
X
X if (!list_add(s, new))
END-of-./patches/patch-af
echo x - ./PLIST
sed 's/^X//' >./PLIST << 'END-of-./PLIST'
X@comment $NetBSD$
Xman/man8/fragrouter.8
Xsbin/fragrouter
END-of-./PLIST
echo x - ./distinfo
sed 's/^X//' >./distinfo << 'END-of-./distinfo'
X$NetBSD$
X
XSHA1 (fragrouter-1.6.tar.gz) = b5fb0e9c2096c92661696686aed630bc0f20ce7e
XSize (fragrouter-1.6.tar.gz) = 277726 bytes
XSHA1 (patch-aa) = 3e18f18b65604c5189c45f33f59fbbfaf45a8829
XSHA1 (patch-ab) = 1411859d2a2f782cfe0200028269741c50f994c2
XSHA1 (patch-ac) = 7554bf048fb05630d188e90f98dded450faa6cbe
XSHA1 (patch-ad) = a3982a88ccebf5effd79e878af368d5245867630
XSHA1 (patch-ae) = aa04159e7e8c7239b86c8c0766af889b2122c8b2
XSHA1 (patch-af) = 2b6fd70fb5198ca92bfbd0e7f0bb8a972c5ab297
END-of-./distinfo
echo x - ./DESCR
sed 's/^X//' >./DESCR << 'END-of-./DESCR'
XFragrouter is a program for routing network traffic in such a way as
Xto elude most network intrusion detection systems.
X
XThe attacks implemented correspond to those listed in the Secure
XNetworks ``Insertion, Evasion, and Denial of Service: Eluding Network
XIntrusion Detection'' paper of January, 1998.
END-of-./DESCR
exit
>Release-Note:
>Audit-Trail:
>Unformatted: