pkgsrc-changes: CVS commit: [pkgsrc-2004Q4] pkgsrc/net

Subject: CVS commit: [pkgsrc-2004Q4] pkgsrc/net
To: None <pkgsrc-changes@NetBSD.org>
From: Lubomir Sedlacik <salo@netbsd.org>
List: pkgsrc-changes
Date: 02/04/2005 08:02:38
Module Name:	pkgsrc
Committed By:	salo
Date:		Fri Feb  4 08:02:38 UTC 2005

Modified Files:
	pkgsrc/net [pkgsrc-2004Q4]: Makefile
	pkgsrc/net/snort [pkgsrc-2004Q4]: Makefile.common PLIST distinfo
	pkgsrc/net/snort-mysql [pkgsrc-2004Q4]: Makefile
Removed Files:
	pkgsrc/net/snort-contrib [pkgsrc-2004Q4]: DESCR Makefile PLIST distinfo

Log Message:
Pullup ticket 267 - requested by Adrian Portelli
security fix for snort

Revisions pulled up:
- pkgsrc/net/snort/Makefile.common  1.17
- pkgsrc/net/snort/PLIST            1.18
- pkgsrc/net/snort/distinfo         1.24
- pkgsrc/net/snort-mysql/Makefile   1.12
- pkgsrc/net/snort-contrib/DESCR    removed
- pkgsrc/net/snort-contrib/Makefile removed
- pkgsrc/net/snort-contrib/PLIST    removed
- pkgsrc/net/snort-contrib/distinfo removed

   Module Name:		pkgsrc
   Committed By:	adrianp
   Date:		Fri Jan 28 23:02:41 UTC 2005

   Modified Files:
   	pkgsrc/net/snort: Makefile Makefile.common PLIST

   Log Message:
   Update to snort 2.3.0

   2005-01-25 - Snort 2.3.0 Final Released

   * Fixed issue with sfPortscan reporting incorrect IP datagram length.
     Thanks Jon Hart for the test case and finding the bug, and Marc Norton
     for resolving the issue.

   * Threshold/Suppression now prints properly when logging to syslog.
     Thanks Sekure for pointing out the problem. Thanks Steve Sturges for
     working on the fix.

   * Threshold memcap argument now correctly handles non-integer input.
     Thanks nnposter for the patch.

   * Fixed issue reported by Allan Jensen, where on MacOS X, ppp links were
     not decoded properly. Thanks Dan Roelker for the fix.

   * Snort manual and FAQ are updated for 2.3. Thanks Jen Harvey for your
     work on putting it all together.

   2004-12-15 - Snort 2.3.0 RC2 Released

   * Small performance improvement to arpspoof and also fixed a problem
     where the list of configured IP/MAC entries would contain only one
     entry and leaked memory (Jeff Nathan).

   * Fixed a problem affecting MacOS X where linking may fail with
     non-standard libraries when global symbols are encountered multiple
     times (Jeff Nathan).

   * Ignore RST|ACK midstream pickup case so we don't get an evasive TCP
     alerts.  Thanks for the report, Sekure. Thanks Dan Roelker for the fix.

   * Moved CheckLogDir() to after parsing snort.conf (for IDS mode) so the
     logdir config will work if the default or command-line logdir does not
     exist on the system. Thanks Dan Roelker.

   * Fixed bug when setting the doe_ptr on a successful pcre match.
     It is now set relative to base_ptr. Thanks Steve Sturges for the
     fix.

   * Added from_beginning and multiplier options for byte_jump.
     from_beginning skips bytes from the beginning of the content,
     instead of from the location immediately following the number
     of bytes to skip.  multiplier takes a numeric argument, and
     skips x times that number of bytes. Thanks again to Steve Sturges.

   * In "fast" output, now log only actual packet contents when UDP
     data length is greater than actual data length. Thanks Brian
     Caswell for spotting this, and Andrew Mullican for working on the fix.

   * Please check the ChangeLog for further details.

   2004-11-18 - Snort 2.3.0 RC1 Released

   * Added IPS functionality from Snort-Inline.  A big thanks to the
     Snort-Inline guys (Jed Haile, Rob McMillen, William Metcalf, and Victor
     Julien).  Also, Thanks Dan Roelker for doing the integrating of
     Snort-Inline into the official Snort project.

   * Added new portscan detector.  The design and implementation was headed
     up by Dan Roelker, and included Marc Norton and Jeremy Hewlett.

   * Numerous changes for better 64bit Snort support from Jeremy Hewlett and
     Marc Norton.  Additionally, an --enable-64bit-gcc option was added to
     configure.  However, there are still some memory alignment issues to
     work out before 64bit mode is fully functional, patches are welcomed.
     Thanks Chris Baker for doing 64bit testing.

   * Added not_established keyword to the flow detection option.  This allows
     snort to do dynamic firewall rulesets.  Experimental for now.

   * Added an enforce_state keyword to stream4 so we won't pick up midstream
     sessions.  This works well for asynchronous links and also for
     just monitoring legitimate traffic.

   * Relocated ./contrib files to http://www.snort.org/dl/contrib as many
     are not maintained by Sourcefire and are out of date. The rpm and
     schema files have been relocated in their respective 'rpm' and 'schemas'
     directories under the snort parent directory.

   * perfmonitor config line can now be configured with "accumulate" or
     "reset."  Thanks Marc Norton for the feature, and Barry Basselgia for
     pointing out the issue.  Thanks Scott Dexter and Andreas Ostling for
     doing some initial testing.

   * Fixed 64-bit bug in sfmemcap.c found and tested by Ryan Matteson
     and Clay McClure.  Thanks guys.

   * Fixed reference times to match log time for first packet, for an event
     generated by a reassembled packet.  Incremented event ID to give
     unique ID for each packet.  Also made unified logging compatible with
     Windows.  Thanks Andrew Mullican for the fix.

   * Fixed linux perfmonitoring stats for the 2.6 kernel.  Thanks to
     everyone that reported this bug.  Thanks Dan Roelker for the fix.

   * Get thresholding/suppression to work for alerts that do not
     contain an ip header (primarily decode alerts).  Thanks
     Brian Caswell.

   * Fix conditions where snort would log double web alerts that
     contained only content options (no uricontents).  Thanks to kawa for
     finding and reporting this bug.

   * Fix suppression/thresholding bug for non-rule alerts.  Thanks to
     Alex Butcher for reporting it to us.

   * Many other bug fixes, please check the ChangeLog for details.
---
   Module Name:		pkgsrc
   Committed By:	taca
   Date:		Sat Jan 29 03:27:58 UTC 2005

   Modified Files:
   	pkgsrc/net/snort: distinfo

   Log Message:
   Update distinfo for snort-2.3.0.
---
   Module Name:		pkgsrc
   Committed By:	adrianp
   Date:		Fri Jan 28 23:03:59 UTC 2005

   Modified Files:
   	pkgsrc/net/snort-mysql: Makefile

   Log Message:
   Sync and minor tidy up for snort 2.3.0 release.
---
   Module Name:		pkgsrc
   Committed By:	adrianp
   Date:		Fri Jan 28 22:51:27 UTC 2005

   Removed Files:
   	pkgsrc/net/snort-contrib: DESCR Makefile PLIST distinfo

   Log Message:
   As of snort 2.3.0 all contrib files are now available from:
   http://www.snort.org/dl/contrib/


To generate a diff of this commit:
cvs rdiff -r1.521 -r1.521.2.1 pkgsrc/net/Makefile
cvs rdiff -r1.16 -r1.16.2.1 pkgsrc/net/snort/Makefile.common
cvs rdiff -r1.17 -r1.17.2.1 pkgsrc/net/snort/PLIST
cvs rdiff -r1.23 -r1.23.2.1 pkgsrc/net/snort/distinfo
cvs rdiff -r1.1.1.1 -r0 pkgsrc/net/snort-contrib/DESCR \
    pkgsrc/net/snort-contrib/Makefile pkgsrc/net/snort-contrib/PLIST \
    pkgsrc/net/snort-contrib/distinfo
cvs rdiff -r1.11 -r1.11.2.1 pkgsrc/net/snort-mysql/Makefile

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.