Module Name:	pkgsrc
Committed By:	salo
Date:		Tue May 13 00:27:49 UTC 2003

Modified Files:
	pkgsrc/security/snortsnarf: DESCR Makefile PLIST distinfo
	pkgsrc/security/snortsnarf/patches: patch-aa

Log Message:
Update to version 20021111.1.

Based on a patch sent by Hiramatsu Yoshifumi via PR pkg/21540.

Changes:

- fix all installed scripts
- simplify installation
- DESCR has 80 columns
- style nits

20021111.1:
===========
- alerts with original packet included now have both sets of ports and first
  set of IPs as links
- added -obfuscateip option to change the IP addresses in alerts to randomly
  (but consistently) chosen alternates (not presently available for database
  input)
- Updated parsing for Snort 1.9.0 full alert files
- new-style Spade reports now processed (Spade version 021008.1 and on)
- spp_portscan2 log files now processed (these entries are displayed somewhat
  prettified)
- updated linking to ICMP log files; this involved updates for new ICMP header
  format in Snort 1.9.0
- more robust recognition of non-packet alerts in different formats(these get
  ignored)
- clarified warning about unknown ICMP type text and added repeat warning
  suppression (you'll now only get a warning about a particular string twice)
- SnortSnarf will now ignore lines beginning with '#' between alerts, so you
  can use that to begin a comment


To generate a diff of this commit:
cvs rdiff -r1.1.1.1 -r1.2 pkgsrc/security/snortsnarf/DESCR \
    pkgsrc/security/snortsnarf/PLIST
cvs rdiff -r1.4 -r1.5 pkgsrc/security/snortsnarf/Makefile
cvs rdiff -r1.3 -r1.4 pkgsrc/security/snortsnarf/distinfo
cvs rdiff -r1.3 -r1.4 pkgsrc/security/snortsnarf/patches/patch-aa

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.