head 1.6; access; symbols pkgsrc-2017Q1:1.5.0.86 pkgsrc-2017Q1-base:1.5 pkgsrc-2016Q4:1.5.0.84 pkgsrc-2016Q4-base:1.5 pkgsrc-2016Q3:1.5.0.82 pkgsrc-2016Q3-base:1.5 pkgsrc-2016Q2:1.5.0.80 pkgsrc-2016Q2-base:1.5 pkgsrc-2016Q1:1.5.0.78 pkgsrc-2016Q1-base:1.5 pkgsrc-2015Q4:1.5.0.76 pkgsrc-2015Q4-base:1.5 pkgsrc-2015Q3:1.5.0.74 pkgsrc-2015Q3-base:1.5 pkgsrc-2015Q2:1.5.0.72 pkgsrc-2015Q2-base:1.5 pkgsrc-2015Q1:1.5.0.70 pkgsrc-2015Q1-base:1.5 pkgsrc-2014Q4:1.5.0.68 pkgsrc-2014Q4-base:1.5 pkgsrc-2014Q3:1.5.0.66 pkgsrc-2014Q3-base:1.5 pkgsrc-2014Q2:1.5.0.64 pkgsrc-2014Q2-base:1.5 pkgsrc-2014Q1:1.5.0.62 pkgsrc-2014Q1-base:1.5 pkgsrc-2013Q4:1.5.0.60 pkgsrc-2013Q4-base:1.5 pkgsrc-2013Q3:1.5.0.58 pkgsrc-2013Q3-base:1.5 pkgsrc-2013Q2:1.5.0.56 pkgsrc-2013Q2-base:1.5 pkgsrc-2013Q1:1.5.0.54 pkgsrc-2013Q1-base:1.5 pkgsrc-2012Q4:1.5.0.52 pkgsrc-2012Q4-base:1.5 pkgsrc-2012Q3:1.5.0.50 pkgsrc-2012Q3-base:1.5 pkgsrc-2012Q2:1.5.0.48 pkgsrc-2012Q2-base:1.5 pkgsrc-2012Q1:1.5.0.46 pkgsrc-2012Q1-base:1.5 pkgsrc-2011Q4:1.5.0.44 pkgsrc-2011Q4-base:1.5 pkgsrc-2011Q3:1.5.0.42 pkgsrc-2011Q3-base:1.5 pkgsrc-2011Q2:1.5.0.40 pkgsrc-2011Q2-base:1.5 pkgsrc-2011Q1:1.5.0.38 pkgsrc-2011Q1-base:1.5 pkgsrc-2010Q4:1.5.0.36 pkgsrc-2010Q4-base:1.5 pkgsrc-2010Q3:1.5.0.34 pkgsrc-2010Q3-base:1.5 pkgsrc-2010Q2:1.5.0.32 pkgsrc-2010Q2-base:1.5 pkgsrc-2010Q1:1.5.0.30 pkgsrc-2010Q1-base:1.5 pkgsrc-2009Q4:1.5.0.28 pkgsrc-2009Q4-base:1.5 pkgsrc-2009Q3:1.5.0.26 pkgsrc-2009Q3-base:1.5 pkgsrc-2009Q2:1.5.0.24 pkgsrc-2009Q2-base:1.5 pkgsrc-2009Q1:1.5.0.22 pkgsrc-2009Q1-base:1.5 pkgsrc-2008Q4:1.5.0.20 pkgsrc-2008Q4-base:1.5 pkgsrc-2008Q3:1.5.0.18 pkgsrc-2008Q3-base:1.5 cube-native-xorg:1.5.0.16 cube-native-xorg-base:1.5 pkgsrc-2008Q2:1.5.0.14 pkgsrc-2008Q2-base:1.5 cwrapper:1.5.0.12 pkgsrc-2008Q1:1.5.0.10 pkgsrc-2008Q1-base:1.5 pkgsrc-2007Q4:1.5.0.8 pkgsrc-2007Q4-base:1.5 pkgsrc-2007Q3:1.5.0.6 pkgsrc-2007Q3-base:1.5 pkgsrc-2007Q2:1.5.0.4 pkgsrc-2007Q2-base:1.5 pkgsrc-2007Q1:1.5.0.2 pkgsrc-2007Q1-base:1.5 pkgsrc-2006Q4:1.4.0.12 pkgsrc-2006Q4-base:1.4 pkgsrc-2006Q3:1.4.0.10 pkgsrc-2006Q3-base:1.4 pkgsrc-2006Q2:1.4.0.8 pkgsrc-2006Q2-base:1.4 pkgsrc-2006Q1:1.4.0.6 pkgsrc-2006Q1-base:1.4 pkgsrc-2005Q4:1.4.0.4 pkgsrc-2005Q4-base:1.4 pkgsrc-2005Q3:1.4.0.2 pkgsrc-2005Q3-base:1.4 pkgsrc-2005Q2:1.3.0.14 pkgsrc-2005Q2-base:1.3 pkgsrc-2005Q1:1.3.0.12 pkgsrc-2005Q1-base:1.3 pkgsrc-2004Q4:1.3.0.10 pkgsrc-2004Q4-base:1.3 pkgsrc-2004Q3:1.3.0.8 pkgsrc-2004Q3-base:1.3 pkgsrc-2004Q2:1.3.0.6 pkgsrc-2004Q2-base:1.3 pkgsrc-2004Q1:1.3.0.4 pkgsrc-2004Q1-base:1.3 pkgsrc-2003Q4:1.3.0.2 pkgsrc-2003Q4-base:1.3 netbsd-1-6-1:1.1.0.2 netbsd-1-6-1-base:1.1; locks; strict; comment @# @; 1.6 date 2017.06.15.18.27.50; author nils; state dead; branches; next 1.5; commitid N8mah66giRHeOuVz; 1.5 date 2007.02.17.19.08.06; author adrianp; state Exp; branches; next 1.4; 1.4 date 2005.08.13.19.56.47; author adrianp; state dead; branches; next 1.3; 1.3 date 2003.04.16.15.51.24; author salo; state Exp; branches; next 1.2; 1.2 date 2003.04.16.06.37.20; author salo; state Exp; branches; next 1.1; 1.1 date 2002.10.13.04.42.13; author hubertf; state Exp; branches 1.1.2.1; next ; 1.1.2.1 date 2003.04.16.15.43.03; author grant; state Exp; branches; next 1.1.2.2; 1.1.2.2 date 2003.04.20.09.58.37; author grant; state Exp; branches; next ; desc @@ 1.6 log @Upgraded to version 2.9.9.0. This is a HUGE bump, so look at the changelog on the Snort website ! For example, Snort does not natively handle MySQL anymore. As for the pkgsrc changes : - updated deps (net/daq) ; - updated config files ; - updated MASTER_SITE ; - some substitution to handle pkgsrc paths ; - updated compile options. @ text @$NetBSD: patch-ad,v 1.5 2007/02/17 19:08:06 adrianp Exp $ --- src/dynamic-preprocessors/Makefile.in.orig 2006-12-04 17:50:31.000000000 +0000 +++ src/dynamic-preprocessors/Makefile.in @@@@ -224,7 +224,7 @@@@ EXTRA_DIST = \ dynamic_preprocessors.dsp \ sf_dynamic_initialize/sf_dynamic_initialize.dsp -@@HAVE_DYNAMIC_PLUGINS_TRUE@@srcinstdir = $(exec_prefix)/src/snort_dynamicsrc +@@HAVE_DYNAMIC_PLUGINS_TRUE@@srcinstdir = $(exec_prefix)/share/snort/src/snort_dynamicsrc @@HAVE_DYNAMIC_PLUGINS_TRUE@@exported_files = \ @@HAVE_DYNAMIC_PLUGINS_TRUE@@include/sf_dynamic_common.h \ @@HAVE_DYNAMIC_PLUGINS_TRUE@@include/sf_dynamic_meta.h \ @ 1.5 log @Update to snort 2.6.1.2 2.6.1 provides new functionality including the following: * New pattern matcher with a significantly reduced memory footprint * Introduction of stream5 for experimental use * Improvements to stream4, including UDP session tracking and optimizations for the reassembly buffer * Handling for reassembly of SMB fragmented data in DCE/RPC * An ssh preprocessor for experimental use * Updated Snort decoder that can decode GRE encapsulated packets * Output plugin to allow Snort to configure Aruba access control Snort 2.6.0: * Tcp stream properly reassembled after failed sequence check, which may lead to possible detection evasion. * Added configurable stream flushpoints. * Improved rpc processing. * Improved portscan detection. * Improved http request processing and handling of possible evasion cases. * Improved performance monitoring. The Snort 2.6 release also introduces the ability to use dynamic rules and dynamic preprocessors and contains further improvements to the Snort detection engine. Remove snort-{pgsql,mysql,prelude}. The new snort package uses options.mk to specify build options. @ text @d1 1 a1 1 $NetBSD$ @ 1.4 log @Update snort to 2.4.0 If you are using this package make note of the distribution change mentioned below. I have update the MESSAGE to inform users of this and there is now also a net/snort-rules package with the community rules. > [*] Distribution Change > * Rules are no longer distributed as part of the Snort releases, they are > available as a separate download from snort.org. This was done for > three reasons: > 1) To better manage the new rules licensing. > 2) To reduce the size of the engine download. > 3) To move the thousands of documentation files for the rules into > the rules tarballs. If you've ever checked Snort out of CVS you'll > know why this is a Good Thing. > > [*] New additions > * Added new IP defragmentation preprocessor, Frag3. The frag3 preprocessor > is a target-based IP defragmentation module, and is intended as a > replacement for the frag2 module. Check out the README.frag3 for full > info on this new preprocessor. > > * Libprelude support has been added (enable with --enable-prelude). > Thanks Yoann Vandoorselaere! > > * An "ftpbounce" rule detection plugin was added for easier detection of > FTP bounce attacks. > > * Added a new Snort config option, "ignore_ports," to ignore packets > based on port number. This is similar to bpf filters, but done within > snort.conf. > > [*] Improvements > * Snort startup messages printed in syslog now contain a PID before each > entry. Thanks Sekure for initially bringing this up. > > * Stream4: Performance improvements. > > * Stream4: Added 'max_session_limit' option which limits number of > concurrent sessions tracked. Added favor_old/favor_new options that > affect order in which packets are put together for reassembly. > > * Stream4: New configuration options to manage flushpoints for improved > anti-evasion. The flush_behavior option selects flushpoint management > mode. New flush_base, flush_range, and flush_seed manage randomized > flushing. Check out the snort.conf file for full config data on the > new flush options. > > * Added two more alerts for BackOrifice client and server packets. This > allows specific alerts to be suppressed. > > * PerfMon preprocessor updated to include more detailed stats for rebuilt > packets (applayer, wire, fragmented & TCP). Also added 'atexitonly' > option that dumps stats at exit of snort, and command line -Z flag to > specify the file to which stats are logged. > > * Added new Http Inspect config item, "tab_uri_delimiter," which if > specified, lets a tab character (0x09) act as the delimiter for a URI. > > * Added a '-G' command line flag to snort that specifies the Snort > instance log identifier. It takes a single argument that can be either > hex (prefaced with 0x) or decimal. The unified log files will include > the instance ID when the -G flag is used. > > * "Same SRC/DST" (sid 527) and "Loopback Traffic" (sid 528) are now > handled in the IP decoder. Those sids are now considered obsolete. > > * Http_Inspect "flow_depth" option now accepts a -1 value which tells > Snort to ignore all server-side traffic. > > * RPMs have been updated to be more portable, and also now include a > "--with inline" option for those wanting to build Inline RPMs. Thanks > Daniel Wittenberg and JP Vossen for your help! > > * Many, many bug fixes have also gone into this release, please see the > ChangeLog for details. @ text @d1 1 a1 1 $NetBSD: patch-ad,v 1.3 2003/04/16 15:51:24 salo Exp $ d3 5 a7 9 --- src/Makefile.in.orig 2003-04-09 18:01:40.000000000 +0200 +++ src/Makefile.in 2003-04-16 08:07:17.000000000 +0200 @@@@ -67,7 +67,7 @@@@ PATH_SEPARATOR = @@PATH_SEPARATOR@@ AMTAR = @@AMTAR@@ AWK = @@AWK@@ -CC = @@CC@@ +CC = @@CC@@ -DPKG_SYSCONFDIR=\"@@sysconfdir@@\" DEPDIR = @@DEPDIR@@ d9 5 a13 1 INCLUDES = @@INCLUDES@@ @ 1.3 log @Bump PKGREVISION: honour PKG_SYSCONFDIR for real. (i thought i fixed this before but apparently i did not :/) @ text @d1 1 a1 1 $NetBSD: patch-ad,v 1.2 2003/04/16 06:37:20 salo Exp $ @ 1.2 log @Updated to version 2.0.0. IMPORTANT: This version fixes remotely exploitable heap overflow in the stream4 preprocessor module. Advisory: http://www.coresecurity.com/common/showdoc.php?idx=313&idxseccion=10 Changes: 2.0.0: ====== - Enhanced high-performance detection engine - Stateful Pattern Matching - New detection keywords: byte_test & byte_jump - The Snort code base has undergone an external third party professional security audit funded by Sourcefire (http://www.sourcefire.com) - Many new and updated rules - snort.conf has been updated - Enhancements to self preservation mechanisms in stream4 and frag2 - State tracking fixes in stream4 - New HTTP flow analyzer - Enhanced protocol decoding (TCP options, 802.1q, etc) - Enhanced protocol anomaly detection (IP, TCP, UDP, ICMP, RPC, HTTP, etc) - Enhanced flexresp mode for real-time TCP session sniping - Better chroot()'ing - Tagging system updated - Several million bugs addressed.... - Updated FAQ (thanks to Erek Adams and Dragos Ruiu) Snort 2.0 can be downloaded at http://www.snort.org/dl/snort-2.0.0.tar.gz. Binary versions of the codebase will be built over the next several days and made available at here. 2.0.rc4: ======== - byte_jump/byte_test don't force relative content options - byte_jump/byte_test absolute offsets work - Better FIN handling in Stream4 2.0.rc3: ======== - A low memory usage detection method (enabled via "config detection: search-method lowmem") - Moved the default unix socket location to LOGDIR 2.0.rc2: ======== - syslog should work on win32 and unix - major tagging updates - new UDP decoding alerts - snort.conf updates 2.0.rc1: ======== - Higher performance (due to a new pattern matcher and rebuilt detection engine) - Better decoders - Enhanced stream reassembly and defragmentation - Tons of bug fixes - Updated rules - Updated snort.conf - New detection keywords (byte_test, byte_jump, distance, within) & stateful pattern matching - New HTTP flow analyzer - Enhanced anomaly detection (HTTP, RPC, TCP, IP, etc) - Better self preservation in stateful subsystems - Xrefs fixed - Flexresp works faster and more effectively - Better chroot()'ing - Fixed 802.1q decoding - Better async state handling - New alerting option: -A cmg!! @ text @d1 1 a1 1 $NetBSD$ d10 1 a10 1 +CC = @@CC@@ -DPREFIX=\"@@prefix@@\" @ 1.1 log @Update snort to 1.9.0. Changes: Lots of new rules, extended analyzing of packages etc. Fixes PR 18637 by Adrian Portelli @ text @d3 6 a8 6 --- src/Makefile.in.orig Sun Oct 13 05:25:01 2002 +++ src/Makefile.in @@@@ -59,7 +59,7 @@@@ POST_UNINSTALL = : host_alias = @@host_alias@@ host_triplet = @@host@@ d11 3 a13 3 MAKEINFO = @@MAKEINFO@@ PACKAGE = @@PACKAGE@@ RANLIB = @@RANLIB@@ @ 1.1.2.1 log @Pull up revision 1.2 (requested by salo in ticket #1257): Updated to version 2.0.0. [security fix] @ text @d1 1 a1 1 $NetBSD: patch-ad,v 1.2 2003/04/16 06:37:20 salo Exp $ d3 6 a8 6 --- src/Makefile.in.orig 2003-04-09 18:01:40.000000000 +0200 +++ src/Makefile.in 2003-04-16 08:07:17.000000000 +0200 @@@@ -67,7 +67,7 @@@@ PATH_SEPARATOR = @@PATH_SEPARATOR@@ AMTAR = @@AMTAR@@ AWK = @@AWK@@ d11 3 a13 3 DEPDIR = @@DEPDIR@@ INCLUDES = @@INCLUDES@@ @ 1.1.2.2 log @Pull up revision 1.3 (requested by salo in ticket #1258): Bump PKGREVISION: honour PKG_SYSCONFDIR for real. (i thought i fixed this before but apparently i did not :/) @ text @d1 1 a1 1 $NetBSD: patch-ad,v 1.1.2.1 2003/04/16 15:43:03 grant Exp $ d10 1 a10 1 +CC = @@CC@@ -DPKG_SYSCONFDIR=\"@@sysconfdir@@\" @