Subject: CVS commit: pkgsrc/net
To: None <pkgsrc-changes@NetBSD.org>
From: Lubomir Sedlacik <firstname.lastname@example.org>
Date: 12/31/2003 14:11:42
Module Name: pkgsrc
Committed By: salo
Date: Wed Dec 31 14:11:42 UTC 2003
pkgsrc/net/snort: Makefile Makefile.common PLIST distinfo
Update to version 2.1.0.
- A new connection tracking module, Flow (replaces conversation)
- A new portscan detector based off of Flow, Flow-Portscan (replaces
- A new http preprocessor, HttpInspect (replaces http_decode)
- Alert Thresholding and Suppression
- PCRE rule keyword (Perl Compat Regular Expressions)
- isdataat rule keyword (buffer length detection)
- A ton of new and updated rules.
- 64-bit update for detection engine. (Thanks, Silio d'Angelo)
- Added better PPP decoding. (Thanks Jesper Peterson)
- Updated ip_proto optimization for high-speed detection engine.
- Fixed infinite loop problem that was introduced by the recursive pattern
matching patch. Reported by Lawrence Reed, thanks for testing out the
changes for us!
- Various changes to help respond (version 1) work a little better.
- spp_http_decode 64-bit patch from Dirk Mueller.
- Out-of-order ACK problem from Andrew Rucker. Also, updated stream4 to the
most recent version from HEAD.
- Minor fixes to tagging related to 'src' and 'dst' directives
- When counting one byte patterns in 'ningroup' added a check for
psLen==1 (wu-manber pattern matcher). Thanks Josh Sakofsky and Dennis
McGuire for helping us test this.
- Stream4 fixes from Andrew Rucker Jones.
- Allow memcap to be configured for threshold features.
- Fixed a core dump introduced with 2.0.3 when dealing with negated patterns
- doe_ptr handling in byte_test/byte_jump slightly modified to work
better with the pcre patch
- content processing is now recursive to make distance/within processing
better ( thanks to Shai Rubin for patch! )
- fixed a bug in the mwm.c pattern matcher that resulted in some alerts
not firing in a particular configuration of rules
- Added Thresholding and Suppression features (Marc Norton/Sourcefire)
- Fixed TCP RST processing bug found (Shai Rubin)
- Cleanup of spp_arpspoof (Jeff Nathan)
- Cleanup of win32 version including proper Event Log support (Chris Reid)
- Munged data fixes for stream4 (Chris Green)
To generate a diff of this commit:
cvs rdiff -r1.23 -r1.24 pkgsrc/net/snort/Makefile
cvs rdiff -r1.12 -r1.13 pkgsrc/net/snort/Makefile.common
cvs rdiff -r1.11 -r1.12 pkgsrc/net/snort/PLIST
cvs rdiff -r1.18 -r1.19 pkgsrc/net/snort/distinfo
cvs rdiff -r1.7 -r1.8 pkgsrc/net/snort-mysql/Makefile
cvs rdiff -r1.11 -r1.12 pkgsrc/net/snort-pgsql/Makefile
cvs rdiff -r1.2 -r1.3 pkgsrc/net/snort/patches/patch-ae
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.