source-changes: CVS commit: pkgsrc

Subject: CVS commit: pkgsrc
To: None <source-changes@netbsd.org>
From: Rene Hexel <rh@netbsd.org>
List: source-changes
Date: 12/27/2000 12:08:35
Module Name:	pkgsrc
Committed By:	rh
Date:		Wed Dec 27 10:08:35 UTC 2000

Modified Files:
	pkgsrc/net/snort: Makefile
	pkgsrc/net/snort/files: md5
	pkgsrc/net/snort/pkg: PLIST

Log Message:
Update snort to 1.6.3.2.  Notable changes include:

Fixes and additions:

   * Fixed compilation problems on all non-BSD operating systems
   * Added better configuration support for locating libpcap
   * Fixed ICMP ping packet id/sequence printouts
   * Made allowances for 64-bit machines in the decoders
   * Updated the portscan detector to the latest version
   * Disabled the defragmenter by default (in the rules file)
   * Added a patch from Dave Dittrich to make daemon mode alerts
	filenames conform
   * to the data in the documentation
   * Revamped the ICMP data structures to mimic those found in *BSD
	and provide for higher fidelity decoding/printout in the future
   * Repaired the output plugins so that they operate properly now
   * For the record, the payload dump conforms to the length of the IP
	datagram now and does not show pad bytes added by the minimum
	Ethernet frame size
   * Applied Chris Cramer's byte ordering patch to the flexresp code

Other updates and changes since version 1.6:

   * New preprocessor plugin: IP defragmentation!!
   * New output plugins cover all old logging and alerting options
   * New output plugin no logs to MySQL, PostgreSQL, unixODBC databases
   * Updated portscan detection functionality
   * Added quote removal for most plugin parsers
   * -C crash bug fixed
   * PID/PATH_VARRUN file fixes
   * Converted many putc(3) calls to fputc(3) for portability
   * Transport layer decoders use ip_len field for length metric now
   * String tokenizer code modified for more reliable operation
   * Fixed flexible response code sequence prediction
   * Fixed DEBUG ifdef's so DEBUG mode code will compile correctly on all
	platforms
   * Set automake options so that people don't need gmake anymore to
	build Snort on BSD systems
   * Fixed SMB alert code large tmp file hole
   * Added sigsetmask code to fix SIGHUP weirdness
   * Added execvp option for SIGHUP restart code
   * Added ARP header printout validation
   * Added Session logging file integrity checking
   * Added -u/-g setuid/gid capability switches
   * Added -O IP address obfuscation switch
   * Added -t chroot switch
   * Fixed non-TCP/UDP/ICMP transport layer decoding & logging
   * Fixes and additions to the portscan preprocessor
   * Fixed Tru64 u_int* type declarations
   * Added check for pcap.h into configuration script
   * Fixed timeval problems on Linux boxen
   * Database logging plugin has been modified extensively, see the
	www.incident.org website for more information
   * Switched TCP flags printout routine to ensure proper RFP output
	scan output. ;)
   * Fixed default log/alert function code so that these functions are
	never NULL


To generate a diff of this commit:
cvs rdiff -r1.5 -r1.6 pkgsrc/net/snort/Makefile
cvs rdiff -r1.5 -r1.6 pkgsrc/net/snort/files/md5
cvs rdiff -r1.3 -r1.4 pkgsrc/net/snort/pkg/PLIST

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.