pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/net/snort Update snort to 2.4.0
details: https://anonhg.NetBSD.org/pkgsrc/rev/444b0cb9bc76
branches: trunk
changeset: 498144:444b0cb9bc76
user: adrianp <adrianp%pkgsrc.org@localhost>
date: Sat Aug 13 19:56:47 2005 +0000
description:
Update snort to 2.4.0
If you are using this package make note of the distribution change
mentioned below. I have update the MESSAGE to inform users of this and
there is now also a net/snort-rules package with the community rules.
> [*] Distribution Change
> * Rules are no longer distributed as part of the Snort releases, they are
> available as a separate download from snort.org. This was done for
> three reasons:
> 1) To better manage the new rules licensing.
> 2) To reduce the size of the engine download.
> 3) To move the thousands of documentation files for the rules into
> the rules tarballs. If you've ever checked Snort out of CVS you'll
> know why this is a Good Thing.
>
> [*] New additions
> * Added new IP defragmentation preprocessor, Frag3. The frag3 preprocessor
> is a target-based IP defragmentation module, and is intended as a
> replacement for the frag2 module. Check out the README.frag3 for full
> info on this new preprocessor.
>
> * Libprelude support has been added (enable with --enable-prelude).
> Thanks Yoann Vandoorselaere!
>
> * An "ftpbounce" rule detection plugin was added for easier detection of
> FTP bounce attacks.
>
> * Added a new Snort config option, "ignore_ports," to ignore packets
> based on port number. This is similar to bpf filters, but done within
> snort.conf.
>
> [*] Improvements
> * Snort startup messages printed in syslog now contain a PID before each
> entry. Thanks Sekure for initially bringing this up.
>
> * Stream4: Performance improvements.
>
> * Stream4: Added 'max_session_limit' option which limits number of
> concurrent sessions tracked. Added favor_old/favor_new options that
> affect order in which packets are put together for reassembly.
>
> * Stream4: New configuration options to manage flushpoints for improved
> anti-evasion. The flush_behavior option selects flushpoint management
> mode. New flush_base, flush_range, and flush_seed manage randomized
> flushing. Check out the snort.conf file for full config data on the
> new flush options.
>
> * Added two more alerts for BackOrifice client and server packets. This
> allows specific alerts to be suppressed.
>
> * PerfMon preprocessor updated to include more detailed stats for rebuilt
> packets (applayer, wire, fragmented & TCP). Also added 'atexitonly'
> option that dumps stats at exit of snort, and command line -Z flag to
> specify the file to which stats are logged.
>
> * Added new Http Inspect config item, "tab_uri_delimiter," which if
> specified, lets a tab character (0x09) act as the delimiter for a URI.
>
> * Added a '-G' command line flag to snort that specifies the Snort
> instance log identifier. It takes a single argument that can be either
> hex (prefaced with 0x) or decimal. The unified log files will include
> the instance ID when the -G flag is used.
>
> * "Same SRC/DST" (sid 527) and "Loopback Traffic" (sid 528) are now
> handled in the IP decoder. Those sids are now considered obsolete.
>
> * Http_Inspect "flow_depth" option now accepts a -1 value which tells
> Snort to ignore all server-side traffic.
>
> * RPMs have been updated to be more portable, and also now include a
> "--with inline" option for those wanting to build Inline RPMs. Thanks
> Daniel Wittenberg and JP Vossen for your help!
>
> * Many, many bug fixes have also gone into this release, please see the
> ChangeLog for details.
diffstat:
net/snort/MESSAGE | 13 +-
net/snort/Makefile.common | 17 +-
net/snort/PLIST | 2933 +-------------------------------------------
net/snort/distinfo | 11 +-
net/snort/patches/patch-aa | 4 +-
net/snort/patches/patch-ad | 13 -
6 files changed, 27 insertions(+), 2964 deletions(-)
diffs (truncated from 3079 to 300 lines):
diff -r 878fdb346ac9 -r 444b0cb9bc76 net/snort/MESSAGE
--- a/net/snort/MESSAGE Sat Aug 13 19:45:43 2005 +0000
+++ b/net/snort/MESSAGE Sat Aug 13 19:56:47 2005 +0000
@@ -1,5 +1,5 @@
===========================================================================
-$NetBSD: MESSAGE,v 1.3 2004/10/11 22:14:51 reed Exp $
+$NetBSD: MESSAGE,v 1.4 2005/08/13 19:56:47 adrianp Exp $
To use snort, you will need to perform the following steps:
@@ -11,4 +11,15 @@
2. Now start snort by issuing the command
/etc/rc.d/snort start
+
+As of snort v2.4.0 rules are no longer distributed with the main
+distribution. You can either install the net/snort-rules package
+which contains the GPL "Community Rules" or download your appropriate
+rules from:
+
+ http://www.snort.org/pub-bin/downloads.cgi
+
+or:
+ http://www.bleedingsnort.com
+
===========================================================================
diff -r 878fdb346ac9 -r 444b0cb9bc76 net/snort/Makefile.common
--- a/net/snort/Makefile.common Sat Aug 13 19:45:43 2005 +0000
+++ b/net/snort/Makefile.common Sat Aug 13 19:56:47 2005 +0000
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile.common,v 1.20 2005/04/27 18:36:25 adrianp Exp $
+# $NetBSD: Makefile.common,v 1.21 2005/08/13 19:56:47 adrianp Exp $
#
-DISTNAME= snort-2.3.3
+DISTNAME= snort-2.4.0
CATEGORIES= net security
MASTER_SITES= http://www.snort.org/dl/current/ \
ftp://the.wiretapped.net/pub/security/network-intrusion-detection/snort/ \
@@ -52,8 +52,9 @@
SUBST_CLASSES= paths
SUBST_STAGE.paths= post-patch
-SUBST_FILES.paths= etc/snort.conf
-SUBST_SED.paths= -e "s|@PREFIX@|${PREFIX}|g"
+SUBST_FILES.paths= etc/snort.conf src/snort.c
+SUBST_SED.paths= -e "s|@PREFIX@|${PREFIX}|g" \
+ -e "s|@PKG_SYSCONFDIR@|${PKG_SYSCONFDIR}|g"
SUBST_MESSAGE.cgi= "Fixing paths."
post-install:
@@ -70,14 +71,6 @@
for i in `${LS} | ${EGREP} -v "(Makefile|signatures)"` ; do \
${INSTALL_DATA} $$i ${PREFIX}/share/doc/snort ; \
done
- cd ${WRKSRC}/doc ; \
- ${RM} -rf signatures/CVS; \
- ${PAX} -rw -pm signatures ${PREFIX}/share/doc/snort
- ${INSTALL_DATA_DIR} ${PREFIX}/share/snort/rules
- cd ${WRKSRC}/rules ; \
- for i in `${LS} | ${GREP} -v Makefile` ; do \
- ${INSTALL_DATA} $$i ${PREFIX}/share/snort/rules ; \
- done
${INSTALL_MAN} ${WRKSRC}/snort.8 ${PREFIX}/man/man8
.include "../../devel/pcre/buildlink3.mk"
diff -r 878fdb346ac9 -r 444b0cb9bc76 net/snort/PLIST
--- a/net/snort/PLIST Sat Aug 13 19:45:43 2005 +0000
+++ b/net/snort/PLIST Sat Aug 13 19:56:47 2005 +0000
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.21 2005/05/02 20:34:04 reed Exp $
+@comment $NetBSD: PLIST,v 1.22 2005/08/13 19:56:47 adrianp Exp $
bin/snort
man/man8/snort.8
share/doc/snort/AUTHORS
@@ -21,6 +21,7 @@
share/doc/snort/README.flow
share/doc/snort/README.flow-portscan
share/doc/snort/README.flowbits
+share/doc/snort/README.frag3
share/doc/snort/README.http_inspect
share/doc/snort/README.sfportscan
share/doc/snort/README.thresholding
@@ -31,2883 +32,6 @@
share/doc/snort/WISHLIST
share/doc/snort/faq.pdf
share/doc/snort/faq.tex
-share/doc/snort/signatures/1000.txt
-share/doc/snort/signatures/1001.txt
-share/doc/snort/signatures/1002.txt
-share/doc/snort/signatures/1003.txt
-share/doc/snort/signatures/1004.txt
-share/doc/snort/signatures/1005.txt
-share/doc/snort/signatures/1007.txt
-share/doc/snort/signatures/1008.txt
-share/doc/snort/signatures/1009.txt
-share/doc/snort/signatures/1010.txt
-share/doc/snort/signatures/1011.txt
-share/doc/snort/signatures/1012.txt
-share/doc/snort/signatures/1013.txt
-share/doc/snort/signatures/1015.txt
-share/doc/snort/signatures/1016.txt
-share/doc/snort/signatures/1017.txt
-share/doc/snort/signatures/1018.txt
-share/doc/snort/signatures/1019.txt
-share/doc/snort/signatures/1020.txt
-share/doc/snort/signatures/1021.txt
-share/doc/snort/signatures/1022.txt
-share/doc/snort/signatures/1023.txt
-share/doc/snort/signatures/1024.txt
-share/doc/snort/signatures/1025.txt
-share/doc/snort/signatures/1026.txt
-share/doc/snort/signatures/1027.txt
-share/doc/snort/signatures/1028.txt
-share/doc/snort/signatures/1029.txt
-share/doc/snort/signatures/103.txt
-share/doc/snort/signatures/1030.txt
-share/doc/snort/signatures/1031.txt
-share/doc/snort/signatures/1032.txt
-share/doc/snort/signatures/1033.txt
-share/doc/snort/signatures/1034.txt
-share/doc/snort/signatures/1035.txt
-share/doc/snort/signatures/1036.txt
-share/doc/snort/signatures/1037.txt
-share/doc/snort/signatures/1038.txt
-share/doc/snort/signatures/1039.txt
-share/doc/snort/signatures/104.txt
-share/doc/snort/signatures/1040.txt
-share/doc/snort/signatures/1041.txt
-share/doc/snort/signatures/1042.txt
-share/doc/snort/signatures/1043.txt
-share/doc/snort/signatures/1044.txt
-share/doc/snort/signatures/1045.txt
-share/doc/snort/signatures/1046.txt
-share/doc/snort/signatures/1047.txt
-share/doc/snort/signatures/1048.txt
-share/doc/snort/signatures/105.txt
-share/doc/snort/signatures/1050.txt
-share/doc/snort/signatures/1051.txt
-share/doc/snort/signatures/1052.txt
-share/doc/snort/signatures/1053.txt
-share/doc/snort/signatures/1054.txt
-share/doc/snort/signatures/1055.txt
-share/doc/snort/signatures/1056.txt
-share/doc/snort/signatures/1057.txt
-share/doc/snort/signatures/1058.txt
-share/doc/snort/signatures/1059.txt
-share/doc/snort/signatures/106.txt
-share/doc/snort/signatures/1060.txt
-share/doc/snort/signatures/1061.txt
-share/doc/snort/signatures/1062.txt
-share/doc/snort/signatures/1064.txt
-share/doc/snort/signatures/1065.txt
-share/doc/snort/signatures/1066.txt
-share/doc/snort/signatures/1067.txt
-share/doc/snort/signatures/1068.txt
-share/doc/snort/signatures/1069.txt
-share/doc/snort/signatures/107.txt
-share/doc/snort/signatures/1070.txt
-share/doc/snort/signatures/1071.txt
-share/doc/snort/signatures/1072.txt
-share/doc/snort/signatures/1073.txt
-share/doc/snort/signatures/1075.txt
-share/doc/snort/signatures/1076.txt
-share/doc/snort/signatures/1077.txt
-share/doc/snort/signatures/1078.txt
-share/doc/snort/signatures/1079.txt
-share/doc/snort/signatures/108.txt
-share/doc/snort/signatures/1080.txt
-share/doc/snort/signatures/1081.txt
-share/doc/snort/signatures/1082.txt
-share/doc/snort/signatures/1083.txt
-share/doc/snort/signatures/1084.txt
-share/doc/snort/signatures/1085.txt
-share/doc/snort/signatures/1086.txt
-share/doc/snort/signatures/1087.txt
-share/doc/snort/signatures/1088.txt
-share/doc/snort/signatures/1089.txt
-share/doc/snort/signatures/109.txt
-share/doc/snort/signatures/1090.txt
-share/doc/snort/signatures/1091.txt
-share/doc/snort/signatures/1092.txt
-share/doc/snort/signatures/1093.txt
-share/doc/snort/signatures/1094.txt
-share/doc/snort/signatures/1095.txt
-share/doc/snort/signatures/1096.txt
-share/doc/snort/signatures/1097.txt
-share/doc/snort/signatures/1098.txt
-share/doc/snort/signatures/1099.txt
-share/doc/snort/signatures/110.txt
-share/doc/snort/signatures/1100.txt
-share/doc/snort/signatures/1101.txt
-share/doc/snort/signatures/1102.txt
-share/doc/snort/signatures/1103.txt
-share/doc/snort/signatures/1104.txt
-share/doc/snort/signatures/1105.txt
-share/doc/snort/signatures/1106.txt
-share/doc/snort/signatures/1107.txt
-share/doc/snort/signatures/1108.txt
-share/doc/snort/signatures/1109.txt
-share/doc/snort/signatures/111-1.txt
-share/doc/snort/signatures/111-10.txt
-share/doc/snort/signatures/111-11.txt
-share/doc/snort/signatures/111-12.txt
-share/doc/snort/signatures/111-13.txt
-share/doc/snort/signatures/111-14.txt
-share/doc/snort/signatures/111-15.txt
-share/doc/snort/signatures/111-16.txt
-share/doc/snort/signatures/111-17.txt
-share/doc/snort/signatures/111-2.txt
-share/doc/snort/signatures/111-3.txt
-share/doc/snort/signatures/111-4.txt
-share/doc/snort/signatures/111-5.txt
-share/doc/snort/signatures/111-6.txt
-share/doc/snort/signatures/111-7.txt
-share/doc/snort/signatures/111-8.txt
-share/doc/snort/signatures/111-9.txt
-share/doc/snort/signatures/111.txt
-share/doc/snort/signatures/1110.txt
-share/doc/snort/signatures/1111.txt
-share/doc/snort/signatures/1112.txt
-share/doc/snort/signatures/1113.txt
-share/doc/snort/signatures/1115.txt
-share/doc/snort/signatures/1116.txt
-share/doc/snort/signatures/1117.txt
-share/doc/snort/signatures/1118.txt
-share/doc/snort/signatures/1119.txt
-share/doc/snort/signatures/112.txt
-share/doc/snort/signatures/1120.txt
-share/doc/snort/signatures/1122.txt
-share/doc/snort/signatures/1123.txt
-share/doc/snort/signatures/1124.txt
-share/doc/snort/signatures/1125.txt
-share/doc/snort/signatures/1126.txt
-share/doc/snort/signatures/1127.txt
-share/doc/snort/signatures/1128.txt
-share/doc/snort/signatures/1129.txt
-share/doc/snort/signatures/1130.txt
-share/doc/snort/signatures/1131.txt
-share/doc/snort/signatures/1132.txt
-share/doc/snort/signatures/1133.txt
-share/doc/snort/signatures/1134.txt
-share/doc/snort/signatures/1136.txt
-share/doc/snort/signatures/1137.txt
-share/doc/snort/signatures/1139.txt
-share/doc/snort/signatures/114.txt
-share/doc/snort/signatures/1140.txt
-share/doc/snort/signatures/1141.txt
-share/doc/snort/signatures/1142.txt
-share/doc/snort/signatures/1143.txt
-share/doc/snort/signatures/1144.txt
-share/doc/snort/signatures/1145.txt
-share/doc/snort/signatures/1146.txt
-share/doc/snort/signatures/1147.txt
-share/doc/snort/signatures/1148.txt
-share/doc/snort/signatures/1149.txt
-share/doc/snort/signatures/115.txt
-share/doc/snort/signatures/1150.txt
-share/doc/snort/signatures/1151.txt
-share/doc/snort/signatures/1152.txt
-share/doc/snort/signatures/1153.txt
-share/doc/snort/signatures/1154.txt
-share/doc/snort/signatures/1155.txt
-share/doc/snort/signatures/1156.txt
-share/doc/snort/signatures/1157.txt
-share/doc/snort/signatures/1158.txt
-share/doc/snort/signatures/1159.txt
-share/doc/snort/signatures/116.txt
-share/doc/snort/signatures/1160.txt
-share/doc/snort/signatures/1161.txt
-share/doc/snort/signatures/1162.txt
-share/doc/snort/signatures/1163.txt
-share/doc/snort/signatures/1164.txt
-share/doc/snort/signatures/1165.txt
-share/doc/snort/signatures/1166.txt
-share/doc/snort/signatures/1167.txt
-share/doc/snort/signatures/1168.txt
-share/doc/snort/signatures/117.txt
-share/doc/snort/signatures/1171.txt
-share/doc/snort/signatures/1172.txt
-share/doc/snort/signatures/1173.txt
-share/doc/snort/signatures/1174.txt
-share/doc/snort/signatures/1175.txt
-share/doc/snort/signatures/1176.txt
-share/doc/snort/signatures/1177.txt
-share/doc/snort/signatures/1178.txt
-share/doc/snort/signatures/1179.txt
-share/doc/snort/signatures/118.txt
-share/doc/snort/signatures/1180.txt
-share/doc/snort/signatures/1181.txt
-share/doc/snort/signatures/1182.txt
-share/doc/snort/signatures/1183.txt
-share/doc/snort/signatures/1184.txt
-share/doc/snort/signatures/1185.txt
-share/doc/snort/signatures/1186.txt
-share/doc/snort/signatures/1187.txt
-share/doc/snort/signatures/1188.txt
-share/doc/snort/signatures/1189.txt
-share/doc/snort/signatures/119-1.txt
-share/doc/snort/signatures/119-10.txt
Home |
Main Index |
Thread Index |
Old Index