http://www.osvdb.org/32096
http://secure.lv/~nikns/stuff/ports/snort-2.6.1.3.diff Index: snort/Makefile =================================================================== RCS file: /cvs/ports/net/snort/Makefile,v retrieving revision 1.50 diff -u -r1.50 Makefile --- snort/Makefile 25 Nov 2006 05:33:28 -0000 1.50 +++ snort/Makefile 6 Mar 2007 12:07:28 -0000 @@ -2,8 +2,7 @@ COMMENT= "highly flexible sniffer/NIDS" -DISTNAME= snort-2.6.0.2 -PKGNAME= ${DISTNAME}p1 +DISTNAME= snort-2.6.1.3 CATEGORIES= net security MASTER_SITES= ${HOMEPAGE}/dl/current/ @@ -17,9 +16,11 @@ WANTLIB= c m pcap SHARED_LIBS= sf_engine 0.0 \ + sf_dcerpc_preproc 0.0 \ sf_dns_preproc 0.0 \ sf_ftptelnet_preproc 0.0 \ - sf_smtp_preproc 0.0 + sf_smtp_preproc 0.0 \ + sf_ssh_preproc 0.0 USE_LIBTOOL= Yes @@ -56,7 +57,7 @@ .if ${FLAVOR:L:Mprelude} MODULES= devel/gettext -WANTLIB+= gcrypt gpg-error pthread z +WANTLIB+= gcrypt gnutls gpg-error pthread z LIB_DEPENDS+= prelude.>=8::security/prelude/libprelude CONFIGURE_ARGS+=--enable-prelude MESSAGE= ${PKGDIR}/MESSAGE-prelude Index: snort/distinfo =================================================================== RCS file: /cvs/ports/net/snort/distinfo,v retrieving revision 1.14 diff -u -r1.14 distinfo --- snort/distinfo 10 Oct 2006 13:33:17 -0000 1.14 +++ snort/distinfo 6 Mar 2007 12:07:28 -0000 @@ -1,4 +1,4 @@ -MD5 (snort-2.6.0.2.tar.gz) = 5c094ff6d82db845a5f023e4a492103e -RMD160 (snort-2.6.0.2.tar.gz) = 706d63db83b7d037ac8a71c8104324d9b7594eb5 -SHA1 (snort-2.6.0.2.tar.gz) = 1a6b3fb19a82f83bf0fce5a8db6eb1277c72379b -SIZE (snort-2.6.0.2.tar.gz) = 3350277 +MD5 (snort-2.6.1.3.tar.gz) = 8b46997afd728fbdaafdc9b1d0278b07 +RMD160 (snort-2.6.1.3.tar.gz) = 0c390bd7cdbe705ba43ce8c8894bfec53c3179f6 +SHA1 (snort-2.6.1.3.tar.gz) = cb944d74ab6c254f88d356d45e4492ba560dfc3c +SIZE (snort-2.6.1.3.tar.gz) = 3700149 Index: snort/patches/patch-etc_snort_conf =================================================================== RCS file: /cvs/ports/net/snort/patches/patch-etc_snort_conf,v retrieving revision 1.1 diff -u -r1.1 patch-etc_snort_conf --- snort/patches/patch-etc_snort_conf 10 Oct 2006 13:33:17 -0000 1.1 +++ snort/patches/patch-etc_snort_conf 6 Mar 2007 12:07:28 -0000 @@ -1,6 +1,6 @@ $OpenBSD: patch-etc_snort_conf,v 1.1 2006/10/10 13:33:17 aanriot Exp $ ---- etc/snort.conf.orig Wed Sep 13 21:44:31 2006 -+++ etc/snort.conf Tue Oct 10 12:54:59 2006 +--- etc/snort.conf.orig Mon Dec 4 19:53:02 2006 ++++ etc/snort.conf Sat Dec 23 21:38:42 2006 @@ -82,6 +82,9 @@ var SNMP_SERVERS $HOME_NET # Port lists must either be continuous [eg 80:8080], or a single port [eg 80]. # We will adding support for a real list of ports in the future. @@ -11,7 +11,7 @@ # Ports you run web servers on # # Please note: [80,8080] does not work. -@@ -108,7 +111,7 @@ var AIM_SERVERS [64.12.24.0/23,64.12.28. +@@ -111,7 +114,7 @@ var AIM_SERVERS [64.12.24.0/23,64.12.28. # Path to your rules files (this can be a relative path) # Note for Windows users: You are advised to make this an absolute path, # such as: c:\snort\rules Index: snort/patches/patch-src_dynamic-preprocessors_Makefile_in =================================================================== RCS file: snort/patches/patch-src_dynamic-preprocessors_Makefile_in diff -N snort/patches/patch-src_dynamic-preprocessors_Makefile_in --- snort/patches/patch-src_dynamic-preprocessors_Makefile_in 10 Oct 2006 13:33:17 -0000 1.1 +++ /dev/null 1 Jan 1970 00:00:00 -0000 @@ -1,26 +0,0 @@ -$OpenBSD: patch-src_dynamic-preprocessors_Makefile_in,v 1.1 2006/10/10 13:33:17 aanriot Exp $ ---- src/dynamic-preprocessors/Makefile.in.orig Wed Sep 13 21:40:06 2006 -+++ src/dynamic-preprocessors/Makefile.in Sun Oct 1 17:38:17 2006 -@@ -480,7 +480,7 @@ maintainer-clean-generic: - @echo "This command is intended for maintainers to use" - @echo "it deletes files that may require special tools to rebuild." - -test -z "$(BUILT_SOURCES)" || rm -f $(BUILT_SOURCES) [EMAIL PROTECTED]@install-data-local: -+install-data-local: - clean: clean-recursive - - clean-am: clean-generic clean-libtool clean-local mostlyclean-am -@@ -608,13 +608,6 @@ include/str_search.h: $(srcdir)/../prepr - clean-local: - rm -rf include build - [EMAIL PROTECTED]@install-data-local: [EMAIL PROTECTED]@ @for f in $(exported_files); do \ [EMAIL PROTECTED]@ truefile=`echo $$f | sed -e "s/.*\///"`; \ [EMAIL PROTECTED]@ $(mkinstalldirs) $(DESTDIR)$(srcinstdir); \ [EMAIL PROTECTED]@ if test -f $(srcdir)/$$f; then p=$(srcdir)/$$f; else p=$$f; fi; \ [EMAIL PROTECTED]@ $(INSTALL_DATA) $$p $(DESTDIR)$(srcinstdir)/$$truefile; \ [EMAIL PROTECTED]@ done - # Tell versions [3.59,3.63) of GNU make to not export all variables. - # Otherwise a system limit (for SysV at least) may be exceeded. - .NOEXPORT: Index: snort/patches/patch-src_dynamic-preprocessors_dcerpc_Makefile_in =================================================================== RCS file: snort/patches/patch-src_dynamic-preprocessors_dcerpc_Makefile_in diff -N snort/patches/patch-src_dynamic-preprocessors_dcerpc_Makefile_in --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ snort/patches/patch-src_dynamic-preprocessors_dcerpc_Makefile_in 6 Mar 2007 12:07:28 -0000 @@ -0,0 +1,12 @@ +$OpenBSD$ +--- src/dynamic-preprocessors/dcerpc/Makefile.in.orig Sat Feb 17 09:33:12 2007 ++++ src/dynamic-preprocessors/dcerpc/Makefile.in Tue Mar 6 14:05:29 2007 +@@ -390,7 +390,7 @@ distdir: $(DISTFILES) + check-am: all-am + check: $(BUILT_SOURCES) + $(MAKE) $(AM_MAKEFLAGS) check-am +-all-am: Makefile $(LTLIBRARIES) all-local ++all-am: Makefile $(LTLIBRARIES) + installdirs: + for dir in "$(DESTDIR)$(libdir)"; do \ + test -z "$$dir" || $(mkdir_p) "$$dir"; \ Index: snort/patches/patch-src_dynamic-preprocessors_dns_Makefile_in =================================================================== RCS file: /cvs/ports/net/snort/patches/patch-src_dynamic-preprocessors_dns_Makefile_in,v retrieving revision 1.1 diff -u -r1.1 patch-src_dynamic-preprocessors_dns_Makefile_in --- snort/patches/patch-src_dynamic-preprocessors_dns_Makefile_in 10 Oct 2006 13:33:17 -0000 1.1 +++ snort/patches/patch-src_dynamic-preprocessors_dns_Makefile_in 6 Mar 2007 12:07:28 -0000 @@ -1,7 +1,7 @@ $OpenBSD: patch-src_dynamic-preprocessors_dns_Makefile_in,v 1.1 2006/10/10 13:33:17 aanriot Exp $ ---- src/dynamic-preprocessors/dns/Makefile.in.orig Tue Oct 10 12:22:55 2006 -+++ src/dynamic-preprocessors/dns/Makefile.in Tue Oct 10 12:23:59 2006 -@@ -373,7 +373,7 @@ distdir: $(DISTFILES) +--- src/dynamic-preprocessors/dns/Makefile.in.orig Sat Feb 17 09:33:12 2007 ++++ src/dynamic-preprocessors/dns/Makefile.in Tue Mar 6 14:05:29 2007 +@@ -372,7 +372,7 @@ distdir: $(DISTFILES) check-am: all-am check: $(BUILT_SOURCES) $(MAKE) $(AM_MAKEFLAGS) check-am Index: snort/patches/patch-src_dynamic-preprocessors_ftptelnet_Makefile_in =================================================================== RCS file: /cvs/ports/net/snort/patches/patch-src_dynamic-preprocessors_ftptelnet_Makefile_in,v retrieving revision 1.1 diff -u -r1.1 patch-src_dynamic-preprocessors_ftptelnet_Makefile_in --- snort/patches/patch-src_dynamic-preprocessors_ftptelnet_Makefile_in 10 Oct 2006 13:33:17 -0000 1.1 +++ snort/patches/patch-src_dynamic-preprocessors_ftptelnet_Makefile_in 6 Mar 2007 12:07:28 -0000 @@ -1,7 +1,7 @@ $OpenBSD: patch-src_dynamic-preprocessors_ftptelnet_Makefile_in,v 1.1 2006/10/10 13:33:17 aanriot Exp $ ---- src/dynamic-preprocessors/ftptelnet/Makefile.in.orig Tue Oct 10 12:18:08 2006 -+++ src/dynamic-preprocessors/ftptelnet/Makefile.in Tue Oct 10 12:18:34 2006 -@@ -409,7 +409,7 @@ distdir: $(DISTFILES) +--- src/dynamic-preprocessors/ftptelnet/Makefile.in.orig Sat Feb 17 09:33:13 2007 ++++ src/dynamic-preprocessors/ftptelnet/Makefile.in Tue Mar 6 14:05:29 2007 +@@ -408,7 +408,7 @@ distdir: $(DISTFILES) check-am: all-am check: $(BUILT_SOURCES) $(MAKE) $(AM_MAKEFLAGS) check-am Index: snort/patches/patch-src_dynamic-preprocessors_smtp_Makefile_in =================================================================== RCS file: /cvs/ports/net/snort/patches/patch-src_dynamic-preprocessors_smtp_Makefile_in,v retrieving revision 1.1 diff -u -r1.1 patch-src_dynamic-preprocessors_smtp_Makefile_in --- snort/patches/patch-src_dynamic-preprocessors_smtp_Makefile_in 10 Oct 2006 13:33:17 -0000 1.1 +++ snort/patches/patch-src_dynamic-preprocessors_smtp_Makefile_in 6 Mar 2007 12:07:28 -0000 @@ -1,7 +1,7 @@ $OpenBSD: patch-src_dynamic-preprocessors_smtp_Makefile_in,v 1.1 2006/10/10 13:33:17 aanriot Exp $ ---- src/dynamic-preprocessors/smtp/Makefile.in.orig Tue Oct 10 12:22:47 2006 -+++ src/dynamic-preprocessors/smtp/Makefile.in Tue Oct 10 12:23:13 2006 -@@ -387,7 +387,7 @@ distdir: $(DISTFILES) +--- src/dynamic-preprocessors/smtp/Makefile.in.orig Sat Feb 17 09:33:13 2007 ++++ src/dynamic-preprocessors/smtp/Makefile.in Tue Mar 6 14:05:29 2007 +@@ -386,7 +386,7 @@ distdir: $(DISTFILES) check-am: all-am check: $(BUILT_SOURCES) $(MAKE) $(AM_MAKEFLAGS) check-am Index: snort/patches/patch-src_dynamic-preprocessors_ssh_Makefile_in =================================================================== RCS file: snort/patches/patch-src_dynamic-preprocessors_ssh_Makefile_in diff -N snort/patches/patch-src_dynamic-preprocessors_ssh_Makefile_in --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ snort/patches/patch-src_dynamic-preprocessors_ssh_Makefile_in 6 Mar 2007 12:07:28 -0000 @@ -0,0 +1,12 @@ +$OpenBSD$ +--- src/dynamic-preprocessors/ssh/Makefile.in.orig Sat Feb 17 09:33:13 2007 ++++ src/dynamic-preprocessors/ssh/Makefile.in Tue Mar 6 14:05:29 2007 +@@ -372,7 +372,7 @@ distdir: $(DISTFILES) + check-am: all-am + check: $(BUILT_SOURCES) + $(MAKE) $(AM_MAKEFLAGS) check-am +-all-am: Makefile $(LTLIBRARIES) all-local ++all-am: Makefile $(LTLIBRARIES) + installdirs: + for dir in "$(DESTDIR)$(libdir)"; do \ + test -z "$$dir" || $(mkdir_p) "$$dir"; \ Index: snort/patches/patch-src_event_h =================================================================== RCS file: snort/patches/patch-src_event_h diff -N snort/patches/patch-src_event_h --- snort/patches/patch-src_event_h 25 Nov 2006 05:33:28 -0000 1.1 +++ /dev/null 1 Jan 1970 00:00:00 -0000 @@ -1,21 +0,0 @@ -$OpenBSD: patch-src_event_h,v 1.1 2006/11/25 05:33:28 pvalchev Exp $ ---- src/event.h.orig Tue Aug 23 18:52:22 2005 -+++ src/event.h Tue Nov 7 20:28:12 2006 -@@ -34,6 +34,8 @@ - #include <sys/time.h> - #endif - -+#include "snort_packet_header.h" -+ - typedef struct _Event - { - u_int32_t sig_generator; /* which part of snort generated the alert? */ -@@ -45,7 +47,7 @@ typedef struct _Event - u_int32_t event_reference; /* reference to other events that have gone off, - * such as in the case of tagged packets... - */ -- struct timeval ref_time; /* reference time for the event reference */ -+ struct pcap_timeval ref_time; /* reference time for the event reference */ - - /* Don't add to this structure because this is the serialized data - * struct for unified logging. Index: snort/patches/patch-src_output-plugins_spo_unified_c =================================================================== RCS file: snort/patches/patch-src_output-plugins_spo_unified_c diff -N snort/patches/patch-src_output-plugins_spo_unified_c --- snort/patches/patch-src_output-plugins_spo_unified_c 25 Nov 2006 05:33:28 -0000 1.1 +++ /dev/null 1 Jan 1970 00:00:00 -0000 @@ -1,38 +0,0 @@ -$OpenBSD: patch-src_output-plugins_spo_unified_c,v 1.1 2006/11/25 05:33:28 pvalchev Exp $ ---- src/output-plugins/spo_unified.c.orig Fri May 12 20:19:56 2006 -+++ src/output-plugins/spo_unified.c Tue Nov 7 20:28:12 2006 -@@ -126,7 +126,7 @@ typedef struct _UnifiedLog - typedef struct _UnifiedAlert - { - Event event; -- struct timeval ts; /* event timestamp */ -+ struct pcap_timeval ts; /* event timestamp */ - u_int32_t sip; /* src ip */ - u_int32_t dip; /* dest ip */ - u_int16_t sp; /* src port */ -@@ -551,7 +551,11 @@ void RealUnifiedLogPacketAlert(Packet *p - * this will have to be fixed when we transition to the pa_engine - * code (p->pkth is libpcap specific) - */ -- memcpy(&logheader.pkth, p->pkth, sizeof(SnortPktHeader)); -+ logheader.pkth.ts.tv_sec = p->pkth->ts.tv_sec; -+ logheader.pkth.ts.tv_usec = p->pkth->ts.tv_usec; -+ logheader.pkth.caplen = p->pkth->caplen; -+ logheader.pkth.pktlen = p->pkth->len; -+ - } - else - { -@@ -1260,7 +1264,11 @@ void OldUnifiedLogPacketAlert(Packet *p, - { - logheader.flags = p->packet_flags; - -- memcpy(&logheader.pkth, p->pkth, sizeof(SnortPktHeader)); -+ logheader.pkth.ts.tv_sec = p->pkth->ts.tv_sec; -+ logheader.pkth.ts.tv_usec = p->pkth->ts.tv_usec; -+ logheader.pkth.caplen = p->pkth->caplen; -+ logheader.pkth.pktlen = p->pkth->len; -+ - - #ifdef GIDS - /* Index: snort/patches/patch-src_snort_packet_header_h =================================================================== RCS file: snort/patches/patch-src_snort_packet_header_h diff -N snort/patches/patch-src_snort_packet_header_h --- snort/patches/patch-src_snort_packet_header_h 25 Nov 2006 05:33:28 -0000 1.1 +++ /dev/null 1 Jan 1970 00:00:00 -0000 @@ -1,25 +0,0 @@ -$OpenBSD: patch-src_snort_packet_header_h,v 1.1 2006/11/25 05:33:28 pvalchev Exp $ ---- src/snort_packet_header.h.orig Thu Jan 19 19:09:12 2006 -+++ src/snort_packet_header.h Tue Nov 7 20:28:12 2006 -@@ -16,12 +16,20 @@ - #include <sys/types.h> - - -+/* we must use fixed size of 32 bits, because on-disk -+ * format of savefiles uses 32-bit tv_sec (and tv_usec) -+ */ -+struct pcap_timeval { -+ u_int32_t tv_sec; /* seconds */ -+ u_int32_t tv_usec; /* microseconds */ -+}; -+ - /* this is equivalent to the pcap pkthdr struct, but we need one for - * portability once we introduce the pa_engine code - */ - typedef struct _SnortPktHeader - { -- struct timeval ts; /* packet timestamp */ -+ struct pcap_timeval ts;/* packet timestamp */ - u_int32_t caplen; /* packet capture length */ - u_int32_t pktlen; /* packet "real" length */ - } SnortPktHeader; Index: snort/pkg/PFRAG.shared =================================================================== RCS file: /cvs/ports/net/snort/pkg/PFRAG.shared,v retrieving revision 1.1 diff -u -r1.1 PFRAG.shared --- snort/pkg/PFRAG.shared 10 Oct 2006 13:33:17 -0000 1.1 +++ snort/pkg/PFRAG.shared 6 Mar 2007 12:07:28 -0000 @@ -1,5 +1,7 @@ @comment $OpenBSD: PFRAG.shared,v 1.1 2006/10/10 13:33:17 aanriot Exp $ @lib lib/snort_dynamicengine/libsf_engine.so.${LIBsf_engine_VERSION} [EMAIL PROTECTED] lib/snort_dynamicpreprocessor/libsf_dcerpc_preproc.so.${LIBsf_dcerpc_preproc_VERSION} @lib lib/snort_dynamicpreprocessor/libsf_dns_preproc.so.${LIBsf_dns_preproc_VERSION} @lib lib/snort_dynamicpreprocessor/libsf_ftptelnet_preproc.so.${LIBsf_ftptelnet_preproc_VERSION} @lib lib/snort_dynamicpreprocessor/libsf_smtp_preproc.so.${LIBsf_smtp_preproc_VERSION} [EMAIL PROTECTED] lib/snort_dynamicpreprocessor/libsf_ssh_preproc.so.${LIBsf_ssh_preproc_VERSION} Index: snort/pkg/PLIST =================================================================== RCS file: /cvs/ports/net/snort/pkg/PLIST,v retrieving revision 1.15 diff -u -r1.15 PLIST --- snort/pkg/PLIST 10 Oct 2006 13:33:17 -0000 1.15 +++ snort/pkg/PLIST 6 Mar 2007 12:07:28 -0000 @@ -7,16 +7,21 @@ lib/snort_dynamicengine/libsf_engine.a @comment lib/snort_dynamicengine/libsf_engine.la lib/snort_dynamicpreprocessor/ +lib/snort_dynamicpreprocessor/libsf_dcerpc_preproc.a [EMAIL PROTECTED] lib/snort_dynamicpreprocessor/libsf_dcerpc_preproc.la lib/snort_dynamicpreprocessor/libsf_dns_preproc.a @comment lib/snort_dynamicpreprocessor/libsf_dns_preproc.la lib/snort_dynamicpreprocessor/libsf_ftptelnet_preproc.a @comment lib/snort_dynamicpreprocessor/libsf_ftptelnet_preproc.la lib/snort_dynamicpreprocessor/libsf_smtp_preproc.a @comment lib/snort_dynamicpreprocessor/libsf_smtp_preproc.la +lib/snort_dynamicpreprocessor/libsf_ssh_preproc.a [EMAIL PROTECTED] lib/snort_dynamicpreprocessor/libsf_ssh_preproc.la @man man/man8/snort.8 share/doc/snort/ share/doc/snort/AUTHORS share/doc/snort/CREDITS +share/doc/snort/README.ARUBA share/doc/snort/README.FLEXRESP share/doc/snort/README.FLEXRESP2 share/doc/snort/README.INLINE @@ -29,6 +34,7 @@ share/doc/snort/README.asn1 share/doc/snort/README.csv share/doc/snort/README.database +share/doc/snort/README.dcerpc share/doc/snort/README.dns share/doc/snort/README.event_queue share/doc/snort/README.flow @@ -38,6 +44,9 @@ share/doc/snort/README.ftptelnet share/doc/snort/README.http_inspect share/doc/snort/README.sfportscan +share/doc/snort/README.ssh +share/doc/snort/README.stream4 +share/doc/snort/README.stream5 share/doc/snort/README.thresholding share/doc/snort/README.wireless share/doc/snort/faq.pdf
