[pkgsrc/trunk]: pkgsrc/net/snort Update to 2.8.0

To: pkgsrc-changes-hg%NetBSD.org@localhost
Subject: [pkgsrc/trunk]: pkgsrc/net/snort Update to 2.8.0
From: adrianp <adrianp%pkgsrc.org@localhost>
Date: Thu, 14 Oct 2021 05:24:18 +0000
details:   https://anonhg.NetBSD.org/pkgsrc/rev/44ca4414f784
branches:  trunk
changeset: 534435:44ca4414f784
user:      adrianp <adrianp%pkgsrc.org@localhost>
date:      Sun Oct 21 00:22:53 2007 +0000

description:
Update to 2.8.0
* Port lists
* IPv6 support
* Packet performance monitoring
* Experimental support for target-based stream and IP frag reassembly
* Ability to take actions on preprocessor events
* Detection for TCP session hijacking based on MAC address
* Unified2 output plugin
* Improved performance and detection capabilities

diffstat:

 net/snort/Makefile         |   7 ++---
 net/snort/PLIST            |  13 ++++++++--
 net/snort/distinfo         |  12 +++++-----
 net/snort/options.mk       |  54 ++++++++++++++++++++++++++++++++++++++++++++-
 net/snort/patches/patch-aa |  16 ++++++------
 net/snort/patches/patch-ae |  43 +++++++++++++++++++++++++++++++++---
 6 files changed, 118 insertions(+), 27 deletions(-)

diffs (291 lines):

diff -r a3845b57d2e7 -r 44ca4414f784 net/snort/Makefile
--- a/net/snort/Makefile        Sat Oct 20 23:22:35 2007 +0000
+++ b/net/snort/Makefile        Sun Oct 21 00:22:53 2007 +0000
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.32 2007/08/20 20:28:18 adrianp Exp $
+# $NetBSD: Makefile,v 1.33 2007/10/21 00:22:53 adrianp Exp $
 #
 
-DISTNAME=              snort-2.7.0.1
+DISTNAME=              snort-2.8.0
 CATEGORIES=            net security
 MASTER_SITES=          http://www.snort.org/dl/current/
 
@@ -83,10 +83,9 @@
 
        ${INSTALL_DATA} ${WRKSRC}/etc/*.config \
                        ${WRKSRC}/etc/*.map \
-                       ${WRKSRC}/etc/generators \
-                       ${WRKSRC}/etc/sid \
                        ${WRKSRC}/etc/threshold.conf \
                        ${WRKSRC}/etc/snort.conf.default ${EGDIR}/
+       ${INSTALL_DATA} ${WRKSRC}/doc/generators ${EGDIR}
 
 .      for i in ${DOC_FILES}
                ${INSTALL_DATA} ${WRKSRC}/doc/${i} ${PREFIX}/share/doc/snort/
diff -r a3845b57d2e7 -r 44ca4414f784 net/snort/PLIST
--- a/net/snort/PLIST   Sat Oct 20 23:22:35 2007 +0000
+++ b/net/snort/PLIST   Sun Oct 21 00:22:53 2007 +0000
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.24 2007/02/17 19:08:06 adrianp Exp $
+@comment $NetBSD: PLIST,v 1.25 2007/10/21 00:22:53 adrianp Exp $
 bin/snort
 lib/snort_dynamicengine/libsf_engine.la
 lib/snort_dynamicpreprocessor/libsf_dcerpc_preproc.la
@@ -7,7 +7,9 @@
 lib/snort_dynamicpreprocessor/libsf_smtp_preproc.la
 lib/snort_dynamicpreprocessor/libsf_ssh_preproc.la
 man/man8/snort.8
+share/doc/snort/AUTHORS
 share/doc/snort/BUGS
+share/doc/snort/CREDITS
 share/doc/snort/INSTALL
 share/doc/snort/NEWS
 share/doc/snort/PROBLEMS
@@ -26,6 +28,7 @@
 share/doc/snort/README.csv
 share/doc/snort/README.database
 share/doc/snort/README.dcerpc
+share/doc/snort/README.decode
 share/doc/snort/README.dns
 share/doc/snort/README.event_queue
 share/doc/snort/README.flow
@@ -34,12 +37,17 @@
 share/doc/snort/README.frag3
 share/doc/snort/README.ftptelnet
 share/doc/snort/README.http_inspect
+share/doc/snort/README.ipv6
+share/doc/snort/README.ppm
 share/doc/snort/README.sfportscan
 share/doc/snort/README.ssh
 share/doc/snort/README.stream4
 share/doc/snort/README.stream5
+share/doc/snort/README.tag
 share/doc/snort/README.thresholding
+share/doc/snort/README.variables
 share/doc/snort/README.wireless
+share/doc/snort/generators
 share/doc/snort/TODO
 share/doc/snort/USAGE
 share/doc/snort/WISHLIST
@@ -58,13 +66,13 @@
 share/examples/snort/gen-msg.map
 share/examples/snort/generators
 share/examples/snort/reference.config
-share/examples/snort/sid
 share/examples/snort/sid-msg.map
 share/examples/snort/snort.conf.default
 share/examples/snort/threshold.conf
 share/examples/snort/unicode.map
 share/snort/src/snort_dynamicsrc/bitop.h
 share/snort/src/snort_dynamicsrc/debug.h
+share/snort/src/snort_dynamicsrc/pcap_pkthdr32.h
 share/snort/src/snort_dynamicsrc/preprocids.h
 share/snort/src/snort_dynamicsrc/profiler.h
 share/snort/src/snort_dynamicsrc/sf_dynamic_common.h
@@ -78,7 +86,6 @@
 share/snort/src/snort_dynamicsrc/sfhashfcn.h
 share/snort/src/snort_dynamicsrc/sfsnort_dynamic_detection_lib.c
 share/snort/src/snort_dynamicsrc/sfsnort_dynamic_detection_lib.h
-share/snort/src/snort_dynamicsrc/snort_packet_header.h
 share/snort/src/snort_dynamicsrc/str_search.h
 share/snort/src/snort_dynamicsrc/stream_api.h
 @dirrm share/snort/src/snort_dynamicsrc
diff -r a3845b57d2e7 -r 44ca4414f784 net/snort/distinfo
--- a/net/snort/distinfo        Sat Oct 20 23:22:35 2007 +0000
+++ b/net/snort/distinfo        Sun Oct 21 00:22:53 2007 +0000
@@ -1,11 +1,11 @@
-$NetBSD: distinfo,v 1.40 2007/08/20 20:28:18 adrianp Exp $
+$NetBSD: distinfo,v 1.41 2007/10/21 00:22:53 adrianp Exp $
 
-SHA1 (snort-2.7.0.1.tar.gz) = 9b751a73c611126c32e2dccd0a0e99aaff4e9653
-RMD160 (snort-2.7.0.1.tar.gz) = c88b71231bfa65e2c1eabd8931f4d6121e92a26a
-Size (snort-2.7.0.1.tar.gz) = 3905846 bytes
-SHA1 (patch-aa) = 978f49b2c297305330f0a1c8b9224dab702078bb
+SHA1 (snort-2.8.0.tar.gz) = f07b84a0872d861006b56a8c6a79a60308dd68b4
+RMD160 (snort-2.8.0.tar.gz) = dac36a4a1fda60b66ccdc5c774ab61aaa0f6c8a8
+Size (snort-2.8.0.tar.gz) = 4278872 bytes
+SHA1 (patch-aa) = 4fe3bb6a40aea972249e4b21b7142b548c761978
 SHA1 (patch-ab) = 0ea7deb91de5d3d68558a30e80dcbd8bd81f8a5e
 SHA1 (patch-ac) = 6cdf26fcaeb8dad9cd9562b77377bd56b49c9f38
 SHA1 (patch-ad) = d4bf1dee02af1f1730263a78a868bbdae5d8846d
-SHA1 (patch-ae) = 4a669e664ccbce2b9e689fe3d281c46f6549b72c
+SHA1 (patch-ae) = ca74cfab6d9010d037a1e72e7c39b7982888c476
 SHA1 (patch-af) = ce5129f0337514c9a2a9a482e2f1ed9a405112ec
diff -r a3845b57d2e7 -r 44ca4414f784 net/snort/options.mk
--- a/net/snort/options.mk      Sat Oct 20 23:22:35 2007 +0000
+++ b/net/snort/options.mk      Sun Oct 21 00:22:53 2007 +0000
@@ -1,8 +1,10 @@
-# $NetBSD: options.mk,v 1.3 2007/09/09 19:57:23 adrianp Exp $
+# $NetBSD: options.mk,v 1.4 2007/10/21 00:22:53 adrianp Exp $
 
 PKG_OPTIONS_VAR=       PKG_OPTIONS.snort
 
-PKG_SUPPORTED_OPTIONS= debug snort-prelude
+PKG_SUPPORTED_OPTIONS= debug snort-prelude ssl snmp snort-gre
+PKG_SUPPORTED_OPTIONS+=        snort-dynamicplugin snort-timestats
+PKG_SUPPORTED_OPTIONS+=        snort-rulestate
 PKG_SUGGESTED_OPTIONS=
 
 PKG_OPTIONS_OPTIONAL_GROUPS=   flex
@@ -14,6 +16,33 @@
 .include "../../mk/bsd.options.mk"
 
 ###
+### Please note that a large number of these options remain un-tested
+### for this package.
+###
+
+###
+### Enable dynamically loadable preprocessors, detection engine
+### and rules libraries.
+###
+.if !empty(PKG_OPTIONS:Msnort-dynamicplugin)
+CONFIGURE_ARGS+=       --enable-dynamicplugin
+.endif
+
+###
+### Enable rule state configuration feature
+###
+.if !empty(PKG_OPTIONS:Msnort-rulestate)
+CONFIGURE_ARGS+=       --enable-rulestate
+.endif
+
+###
+### Enable real-time performance statistics
+###
+.if !empty(PKG_OPTIONS:Msnort-timestats)
+CONFIGURE_ARGS+=       --enable-timestats
+.endif
+
+###
 ### Enable debug support
 ###
 .if !empty(PKG_OPTIONS:Mdebug)
@@ -21,6 +50,27 @@
 .endif
 
 ###
+### Support for openssl (used by the XML output plugin)
+###
+.if !empty(PKG_OPTIONS:Mssl)
+CONFIGURE_ARGS+=       --with-openssl
+.endif
+
+###
+### Enable GRE decoder
+###
+.if !empty(PKG_OPTIONS:Msnort-gre)
+CONFIGURE_ARGS+=       --enable-gre
+.endif
+
+###
+### Enable SNMP alerting code
+###
+.if !empty(PKG_OPTIONS:Msnmp)
+CONFIGURE_ARGS+=       --with-snmp
+.endif
+
+###
 ### Support MySQL for snort logging
 ###
 .if !empty(PKG_OPTIONS:Mmysql)
diff -r a3845b57d2e7 -r 44ca4414f784 net/snort/patches/patch-aa
--- a/net/snort/patches/patch-aa        Sat Oct 20 23:22:35 2007 +0000
+++ b/net/snort/patches/patch-aa        Sun Oct 21 00:22:53 2007 +0000
@@ -1,20 +1,19 @@
-$NetBSD: patch-aa,v 1.15 2007/08/20 20:28:18 adrianp Exp $
+$NetBSD: patch-aa,v 1.16 2007/10/21 00:22:53 adrianp Exp $
 
---- src/snort.c.orig   2007-07-26 21:07:18.000000000 +0100
+--- src/snort.c.orig   2007-09-07 19:01:56.000000000 +0100
 +++ src/snort.c
-@@ -150,7 +150,6 @@ extern OutputFuncNode *LogList;
- long start_time;    /* tracks how many seconds snort actually ran */
+@@ -158,7 +158,6 @@ extern OutputFuncNode *LogList;
+ time_t start_time;    /* tracks how many seconds snort actually ran */
  #endif
  
 -extern int errno;
  
  /* exported variables *********************************************************/
  u_int8_t runMode = 0;   /* snort run mode */
-@@ -2656,7 +2655,18 @@ int SetPktProcessor(void)
-             grinder = DecodeSlipPkt;
+@@ -3194,6 +3193,19 @@ int SetPktProcessor(void)
  
              break;
--
+ 
 +#if defined(__NetBSD__)
 +#  if defined(__NetBSD_Version__)
 +#    if (__NetBSD_Version__ >= 105000000)
@@ -27,10 +26,11 @@
 +       /* no __NetBSD_Version__ on <1.4 */
 +#  endif /* __NetBSD_Version__ */
 +#endif /* NetBSD */
++
          case DLT_PPP:                /* point-to-point protocol */
              if(!pv.readmode_flag)
              {
-@@ -3210,7 +3220,7 @@ static char *ConfigFileSearch()
+@@ -3743,7 +3755,7 @@ static char *ConfigFileSearch()
  {
      struct stat st;
      int i;
diff -r a3845b57d2e7 -r 44ca4414f784 net/snort/patches/patch-ae
--- a/net/snort/patches/patch-ae        Sat Oct 20 23:22:35 2007 +0000
+++ b/net/snort/patches/patch-ae        Sun Oct 21 00:22:53 2007 +0000
@@ -1,13 +1,48 @@
-$NetBSD: patch-ae,v 1.4 2004/09/21 15:50:26 adrianp Exp $
+$NetBSD: patch-ae,v 1.5 2007/10/21 00:22:53 adrianp Exp $
 
---- etc/snort.conf.orig        Mon Sep  6 13:21:50 2004
-+++ etc/snort.conf     Mon Sep  6 13:24:34 2004
-@@ -106,7 +106,7 @@
+--- etc/snort.conf.orig        2007-09-07 19:32:45.000000000 +0100
++++ etc/snort.conf
+@@ -107,8 +107,8 @@ var AIM_SERVERS [64.12.24.0/23,64.12.28.
  # Path to your rules files (this can be a relative path)
  # Note for Windows users:  You are advised to make this an absolute path,
  # such as:  c:\snort\rules
 -var RULE_PATH ../rules
+-var PREPROC_RULE_PATH ../preproc_rules
 +var RULE_PATH @PREFIX@/share/snort/rules
++var PREPROC_RULE_PATH @PREFIX@/share/snort/preproc_rules
  
  # Configure the snort decoder
  # ============================
+@@ -191,27 +191,27 @@ var PREPROC_RULE_PATH ../preproc_rules
+ # Load all dynamic preprocessors from the install path
+ # (same as command line option --dynamic-preprocessor-lib-dir)
+ #
+-dynamicpreprocessor directory /usr/local/lib/snort_dynamicpreprocessor/
++dynamicpreprocessor directory @PREFIX@/lib/snort_dynamicpreprocessor/
+ #
+ # Load a specific dynamic preprocessor library from the install path
+ # (same as command line option --dynamic-preprocessor-lib)
+ #
+-# dynamicpreprocessor file /usr/local/lib/snort_dynamicpreprocessor/libdynamicexample.so
++# dynamicpreprocessor file @PREFIX@/lib/snort_dynamicpreprocessor/libdynamicexample.so
+ #
+ # Load a dynamic engine from the install path
+ # (same as command line option --dynamic-engine-lib)
+ #
+-dynamicengine /usr/local/lib/snort_dynamicengine/libsf_engine.so
++dynamicengine @PREFIX@/lib/snort_dynamicengine/libsf_engine.so
+ #
+ # Load all dynamic rules libraries from the install path
+ # (same as command line option --dynamic-detection-lib-dir)
+ #
+-# dynamicdetection directory /usr/local/lib/snort_dynamicrule/
++# dynamicdetection directory @PREFIX@/lib/snort_dynamicrule/
+ #
+ # Load a specific dynamic rule library from the install path
+ # (same as command line option --dynamic-detection-lib)
+ #
+-# dynamicdetection file /usr/local/lib/snort_dynamicrule/libdynamicexamplerule.so
++# dynamicdetection file @PREFIX@/lib/snort_dynamicrule/libdynamicexamplerule.so
+ #
+ 
+ ###################################################
Prev by Date: [pkgsrc/trunk]: pkgsrc/security/base Update to 1.3.8
Next by Date: [pkgsrc/trunk]: pkgsrc/doc Added security/keepassx version 0.2.2
Previous by Thread: [pkgsrc/trunk]: pkgsrc/security/base Update to 1.3.8
Next by Thread: [pkgsrc/trunk]: pkgsrc/doc Added security/keepassx version 0.2.2
Indexes:
Home | Main Index | Thread Index | Old Index