Subject: CVS commit: pkgsrc
To: None <source-changes@netbsd.org>
From: Rene Hexel <rh@netbsd.org>
List: source-changes
Date: 12/27/2000 12:08:35
Module Name: pkgsrc
Committed By: rh
Date: Wed Dec 27 10:08:35 UTC 2000
Modified Files:
pkgsrc/net/snort: Makefile
pkgsrc/net/snort/files: md5
pkgsrc/net/snort/pkg: PLIST
Log Message:
Update snort to 1.6.3.2. Notable changes include:
Fixes and additions:
* Fixed compilation problems on all non-BSD operating systems
* Added better configuration support for locating libpcap
* Fixed ICMP ping packet id/sequence printouts
* Made allowances for 64-bit machines in the decoders
* Updated the portscan detector to the latest version
* Disabled the defragmenter by default (in the rules file)
* Added a patch from Dave Dittrich to make daemon mode alerts
filenames conform
* to the data in the documentation
* Revamped the ICMP data structures to mimic those found in *BSD
and provide for higher fidelity decoding/printout in the future
* Repaired the output plugins so that they operate properly now
* For the record, the payload dump conforms to the length of the IP
datagram now and does not show pad bytes added by the minimum
Ethernet frame size
* Applied Chris Cramer's byte ordering patch to the flexresp code
Other updates and changes since version 1.6:
* New preprocessor plugin: IP defragmentation!!
* New output plugins cover all old logging and alerting options
* New output plugin no logs to MySQL, PostgreSQL, unixODBC databases
* Updated portscan detection functionality
* Added quote removal for most plugin parsers
* -C crash bug fixed
* PID/PATH_VARRUN file fixes
* Converted many putc(3) calls to fputc(3) for portability
* Transport layer decoders use ip_len field for length metric now
* String tokenizer code modified for more reliable operation
* Fixed flexible response code sequence prediction
* Fixed DEBUG ifdef's so DEBUG mode code will compile correctly on all
platforms
* Set automake options so that people don't need gmake anymore to
build Snort on BSD systems
* Fixed SMB alert code large tmp file hole
* Added sigsetmask code to fix SIGHUP weirdness
* Added execvp option for SIGHUP restart code
* Added ARP header printout validation
* Added Session logging file integrity checking
* Added -u/-g setuid/gid capability switches
* Added -O IP address obfuscation switch
* Added -t chroot switch
* Fixed non-TCP/UDP/ICMP transport layer decoding & logging
* Fixes and additions to the portscan preprocessor
* Fixed Tru64 u_int* type declarations
* Added check for pcap.h into configuration script
* Fixed timeval problems on Linux boxen
* Database logging plugin has been modified extensively, see the
www.incident.org website for more information
* Switched TCP flags printout routine to ensure proper RFP output
scan output. ;)
* Fixed default log/alert function code so that these functions are
never NULL
To generate a diff of this commit:
cvs rdiff -r1.5 -r1.6 pkgsrc/net/snort/Makefile
cvs rdiff -r1.5 -r1.6 pkgsrc/net/snort/files/md5
cvs rdiff -r1.3 -r1.4 pkgsrc/net/snort/pkg/PLIST
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.