On Sun, Oct 25, 2009 at 05:36:50PM +0100, Markus Lude wrote: > Hello, > here is an update to latest snort version 2.8.5.1. I enabled support for > IPv6. Beside that I removed the example libraries. I think, one don't > really need them. > > You now need to add the correct library version number to > libsf_engine.so in the dynamicengine config line in your snort.conf. > This applies only to those which use an older already adjusted > snort.conf. The one in the diff below already has it. Should I add a > MESSAGE file for this? > > Please test and report which flavor/arch/output_plugin you use/tested. > Thanks.
Did anyone had a look at this? Regards, Markus > Index: Makefile > =================================================================== > RCS file: /cvs/ports/net/snort/Makefile,v > retrieving revision 1.54 > diff -u -p -r1.54 Makefile > --- Makefile 16 Aug 2009 13:31:27 -0000 1.54 > +++ Makefile 25 Oct 2009 16:27:18 -0000 > @@ -4,7 +4,7 @@ SHARED_ONLY = Yes > > COMMENT = highly flexible sniffer/NIDS > > -DISTNAME = snort-2.8.4.1 > +DISTNAME = snort-2.8.5.1 > CATEGORIES = net security > MASTER_SITES = http://dl.snort.org/snort-current/ > > @@ -19,22 +19,23 @@ PERMIT_DISTFILES_CDROM = Yes > PERMIT_DISTFILES_FTP = Yes > WANTLIB = c m pcap > > -SHARED_LIBS = sf_engine 3.0 \ > - sf_dce2_preproc 0.0 \ > - sf_dcerpc_preproc 2.0 \ > - sf_dns_preproc 3.0 \ > - sf_ftptelnet_preproc 3.0 \ > - sf_smtp_preproc 3.0 \ > - sf_ssh_preproc 2.0 \ > - sf_ssl_preproc 1.0 \ > - _sfdynamic_example_rule 0.0 \ > - _sfdynamic_preprocessor_example 0.0 > +ENGINE_VER = 4.0 > + > +SHARED_LIBS = sf_engine ${ENGINE_VER} \ > + sf_dce2_preproc 1.0 \ > + sf_dcerpc_preproc 3.0 \ > + sf_dns_preproc 4.0 \ > + sf_ftptelnet_preproc 4.0 \ > + sf_smtp_preproc 4.0 \ > + sf_ssh_preproc 3.0 \ > + sf_ssl_preproc 2.0 > > USE_LIBTOOL = Yes > > SEPARATE_BUILD = concurrent > CONFIGURE_STYLE = simple > CONFIGURE_ARGS += ${CONFIGURE_SHARED} \ > + --enable-ipv6 \ > --enable-dynamicplugin > > MAKE_FLAGS = mandir=${TRUEPREFIX}/man > @@ -84,6 +85,8 @@ DOCS = AUTHORS CREDITS README README.* > > SCHEMAS = create_db2 create_mssql create_mysql \ > create_oracle.sql create_postgresql > + > +SUBST_VARS += ENGINE_VER > > pre-configure: > @${SUBST_CMD} ${WRKSRC}/etc/snort.conf > Index: distinfo > =================================================================== > RCS file: /cvs/ports/net/snort/distinfo,v > retrieving revision 1.18 > diff -u -p -r1.18 distinfo > --- distinfo 16 Aug 2009 13:31:27 -0000 1.18 > +++ distinfo 25 Oct 2009 16:27:18 -0000 > @@ -1,5 +1,5 @@ > -MD5 (snort-2.8.4.1.tar.gz) = Y/TnaulqLRM/THt0G61UWA== > -RMD160 (snort-2.8.4.1.tar.gz) = jzijfJ8Wm6uVKUbMq6JMktJnuIA= > -SHA1 (snort-2.8.4.1.tar.gz) = P/q7U2bAiJUv76sZqNwZzoTWJkU= > -SHA256 (snort-2.8.4.1.tar.gz) = 7n95DrPfTmFWp8hl8boihVOUyePBP9xX1gqGRyZ/wgk= > -SIZE (snort-2.8.4.1.tar.gz) = 4567713 > +MD5 (snort-2.8.5.1.tar.gz) = savzqfo0hnIMmite/5IEFw== > +RMD160 (snort-2.8.5.1.tar.gz) = +/q0Xx19gVUWBDWS6rjPHMbsk9A= > +SHA1 (snort-2.8.5.1.tar.gz) = uXEFLN1LNSegYDhUlTED/prYpFs= > +SHA256 (snort-2.8.5.1.tar.gz) = reGw9K50/WI8Yz0otvFCkYd1GzWzaj+KDBl9IQS15a4= > +SIZE (snort-2.8.5.1.tar.gz) = 4715078 > Index: patches/patch-etc_snort_conf > =================================================================== > RCS file: /cvs/ports/net/snort/patches/patch-etc_snort_conf,v > retrieving revision 1.4 > diff -u -p -r1.4 patch-etc_snort_conf > --- patches/patch-etc_snort_conf 16 Aug 2009 13:31:27 -0000 1.4 > +++ patches/patch-etc_snort_conf 25 Oct 2009 16:27:18 -0000 > @@ -1,19 +1,17 @@ > $OpenBSD: patch-etc_snort_conf,v 1.4 2009/08/16 13:31:27 rui Exp $ > ---- etc/snort.conf.orig Wed Mar 11 14:22:03 2009 > -+++ etc/snort.conf Wed Apr 8 12:47:17 2009 > -@@ -78,7 +78,10 @@ var SNMP_SERVERS $HOME_NET > - # like this: > - # > - # portvar HTTP_PORTS 8081 > --# > -+ > +--- etc/snort.conf.orig Tue Jul 7 21:59:55 2009 > ++++ etc/snort.conf Thu Aug 20 19:39:06 2009 > +@@ -99,6 +99,9 @@ portvar HTTP_PORTS 80 > + # including the rules file twice is obsolete. See README.variables for more > + # details. > + > +# Ports you run ssh servers on > +portvar SSH_PORTS 22 > + > - # Ports you run web servers on > - portvar HTTP_PORTS 80 > + # Ports you want to look for SHELLCODE on. > + portvar SHELLCODE_PORTS !80 > > -@@ -107,8 +110,8 @@ var AIM_SERVERS [64.12.24.0/23,64.12.28.0/23,64.12.161 > +@@ -117,8 +120,8 @@ var AIM_SERVERS [64.12.24.0/23,64.12.28.0/23,64.12.161 > # Path to your rules files (this can be a relative path) > # Note for Windows users: You are advised to make this an absolute path, > # such as: c:\snort\rules > @@ -24,3 +22,12 @@ $OpenBSD: patch-etc_snort_conf,v 1.4 200 > > # Configure the snort decoder > # ============================ > +@@ -211,7 +214,7 @@ dynamicpreprocessor directory /usr/local/lib/snort_dyn > + # Load a dynamic engine from the install path > + # (same as command line option --dynamic-engine-lib) > + # > +-dynamicengine /usr/local/lib/snort_dynamicengine/libsf_engine.so > ++dynamicengine > /usr/local/lib/snort_dynamicengine/libsf_engine.so.${ENGINE_VER} > + # > + # Load all dynamic rules libraries from the install path > + # (same as command line option --dynamic-detection-lib-dir) > Index: patches/patch-src_dynamic-plugins_sf_dynamic_plugins_c > =================================================================== > RCS file: > /cvs/ports/net/snort/patches/patch-src_dynamic-plugins_sf_dynamic_plugins_c,v > retrieving revision 1.4 > diff -u -p -r1.4 patch-src_dynamic-plugins_sf_dynamic_plugins_c > --- patches/patch-src_dynamic-plugins_sf_dynamic_plugins_c 16 Aug 2009 > 13:31:27 -0000 1.4 > +++ patches/patch-src_dynamic-plugins_sf_dynamic_plugins_c 25 Oct 2009 > 16:27:18 -0000 > @@ -1,13 +1,13 @@ > $OpenBSD: patch-src_dynamic-plugins_sf_dynamic_plugins_c,v 1.4 2009/08/16 > 13:31:27 rui Exp $ > ---- src/dynamic-plugins/sf_dynamic_plugins.c.orig Mon Jan 26 22:50:08 2009 > -+++ src/dynamic-plugins/sf_dynamic_plugins.c Wed Apr 8 12:40:35 2009 > -@@ -233,8 +233,7 @@ void LoadAllLibs(char *path, LoadLibraryFunc loadFunc) > - dirEntry = readdir(directory); > - while (dirEntry) > +--- src/dynamic-plugins/sf_dynamic_plugins.c.orig Tue Jul 7 17:37:04 2009 > ++++ src/dynamic-plugins/sf_dynamic_plugins.c Thu Aug 20 00:32:57 2009 > +@@ -244,8 +244,7 @@ void LoadAllLibs(char *path, LoadLibraryFunc loadFunc) > + dir_entry = readdir(directory); > + while (dir_entry != NULL) > { > -- if (dirEntry->d_reclen && > -- !fnmatch(EXT, dirEntry->d_name, FNM_PATHNAME | FNM_PERIOD)) > -+ if(!fnmatch(EXT, dirEntry->d_name, FNM_PATHNAME | > FNM_PERIOD)) > +- if ((dir_entry->d_reclen != 0) && > +- (fnmatch(MODULE_EXT, dir_entry->d_name, FNM_PATHNAME | > FNM_PERIOD) == 0)) > ++ if (fnmatch(MODULE_EXT, dir_entry->d_name, FNM_PATHNAME | > FNM_PERIOD) == 0) > { > - SnortSnprintf(path_buf, PATH_MAX, "%s%s%s", path, "/", > dirEntry->d_name); > - loadFunc(path_buf, 1); > + /* Get the string up until the first dot. This will be > + * considered the file prefix. */ > Index: patches/patch-src_dynamic-preprocessors_Makefile_in > =================================================================== > RCS file: > /cvs/ports/net/snort/patches/patch-src_dynamic-preprocessors_Makefile_in,v > retrieving revision 1.4 > diff -u -p -r1.4 patch-src_dynamic-preprocessors_Makefile_in > --- patches/patch-src_dynamic-preprocessors_Makefile_in 16 Aug 2009 > 13:31:27 -0000 1.4 > +++ patches/patch-src_dynamic-preprocessors_Makefile_in 25 Oct 2009 > 16:27:18 -0000 > @@ -1,7 +1,7 @@ > $OpenBSD: patch-src_dynamic-preprocessors_Makefile_in,v 1.4 2009/08/16 > 13:31:27 rui Exp $ > ---- src/dynamic-preprocessors/Makefile.in.orig Wed Mar 11 14:19:27 2009 > -+++ src/dynamic-preprocessors/Makefile.in Wed Apr 8 12:40:35 2009 > -@@ -574,8 +574,7 @@ maintainer-clean-generic: > +--- src/dynamic-preprocessors/Makefile.in.orig Mon Oct 19 23:08:08 2009 > ++++ src/dynamic-preprocessors/Makefile.in Thu Oct 22 17:08:53 2009 > +@@ -594,8 +594,7 @@ maintainer-clean-generic: > @echo "This command is intended for maintainers to use" > @echo "it deletes files that may require special tools to rebuild." > -test -z "$(BUILT_SOURCES)" || rm -f $(BUILT_SOURCES) > @@ -11,7 +11,7 @@ $OpenBSD: patch-src_dynamic-preprocessor > clean: clean-recursive > > clean-am: clean-generic clean-libtool clean-local mostlyclean-am > -@@ -757,20 +756,6 @@ include/str_search.h: $(srcdir)/../preprocessors/str_s > +@@ -778,20 +777,6 @@ include/str_search.h: $(srcdir)/../preprocessors/str_s > clean-local: > rm -rf include build > > Index: patches/patch-src_dynamic-preprocessors_dcerpc2_Makefile_in > =================================================================== > RCS file: > /cvs/ports/net/snort/patches/patch-src_dynamic-preprocessors_dcerpc2_Makefile_in,v > retrieving revision 1.1 > diff -u -p -r1.1 patch-src_dynamic-preprocessors_dcerpc2_Makefile_in > --- patches/patch-src_dynamic-preprocessors_dcerpc2_Makefile_in 16 Aug > 2009 13:31:27 -0000 1.1 > +++ patches/patch-src_dynamic-preprocessors_dcerpc2_Makefile_in 25 Oct > 2009 16:27:18 -0000 > @@ -1,7 +1,7 @@ > $OpenBSD: patch-src_dynamic-preprocessors_dcerpc2_Makefile_in,v 1.1 > 2009/08/16 13:31:27 rui Exp $ > ---- src/dynamic-preprocessors/dcerpc2/Makefile.in.orig Wed Mar 11 > 14:19:28 2009 > -+++ src/dynamic-preprocessors/dcerpc2/Makefile.in Wed Apr 8 15:58:27 2009 > -@@ -418,7 +418,7 @@ distdir: $(DISTFILES) > +--- src/dynamic-preprocessors/dcerpc2/Makefile.in.orig Mon Oct 19 > 23:08:08 2009 > ++++ src/dynamic-preprocessors/dcerpc2/Makefile.in Thu Oct 22 17:08:53 2009 > +@@ -424,7 +424,7 @@ distdir: $(DISTFILES) > check-am: all-am > check: $(BUILT_SOURCES) > $(MAKE) $(AM_MAKEFLAGS) check-am > @@ -9,4 +9,4 @@ $OpenBSD: patch-src_dynamic-preprocessor > +all-am: Makefile $(LTLIBRARIES) > installdirs: > for dir in "$(DESTDIR)$(libdir)"; do \ > - test -z "$$dir" || $(MKDIR_P) "$$dir"; \ > + test -z "$$dir" || $(mkdir_p) "$$dir"; \ > Index: patches/patch-src_dynamic-preprocessors_dcerpc_Makefile_in > =================================================================== > RCS file: > /cvs/ports/net/snort/patches/patch-src_dynamic-preprocessors_dcerpc_Makefile_in,v > retrieving revision 1.2 > diff -u -p -r1.2 patch-src_dynamic-preprocessors_dcerpc_Makefile_in > --- patches/patch-src_dynamic-preprocessors_dcerpc_Makefile_in 12 Feb > 2009 22:12:08 -0000 1.2 > +++ patches/patch-src_dynamic-preprocessors_dcerpc_Makefile_in 25 Oct > 2009 16:27:18 -0000 > @@ -1,7 +1,7 @@ > $OpenBSD: patch-src_dynamic-preprocessors_dcerpc_Makefile_in,v 1.2 > 2009/02/12 22:12:08 rui Exp $ > ---- src/dynamic-preprocessors/dcerpc/Makefile.in.orig Fri Jul 18 > 22:52:05 2008 > -+++ src/dynamic-preprocessors/dcerpc/Makefile.in Fri Aug 8 14:57:43 2008 > -@@ -392,7 +392,7 @@ distdir: $(DISTFILES) > +--- src/dynamic-preprocessors/dcerpc/Makefile.in.orig Mon Oct 19 > 23:08:08 2009 > ++++ src/dynamic-preprocessors/dcerpc/Makefile.in Thu Oct 22 17:08:53 2009 > +@@ -399,7 +399,7 @@ distdir: $(DISTFILES) > check-am: all-am > check: $(BUILT_SOURCES) > $(MAKE) $(AM_MAKEFLAGS) check-am > @@ -9,4 +9,4 @@ $OpenBSD: patch-src_dynamic-preprocessor > +all-am: Makefile $(LTLIBRARIES) > installdirs: > for dir in "$(DESTDIR)$(libdir)"; do \ > - test -z "$$dir" || $(MKDIR_P) "$$dir"; \ > + test -z "$$dir" || $(mkdir_p) "$$dir"; \ > Index: patches/patch-src_dynamic-preprocessors_dns_Makefile_in > =================================================================== > RCS file: > /cvs/ports/net/snort/patches/patch-src_dynamic-preprocessors_dns_Makefile_in,v > retrieving revision 1.3 > diff -u -p -r1.3 patch-src_dynamic-preprocessors_dns_Makefile_in > --- patches/patch-src_dynamic-preprocessors_dns_Makefile_in 12 Feb 2009 > 22:12:08 -0000 1.3 > +++ patches/patch-src_dynamic-preprocessors_dns_Makefile_in 25 Oct 2009 > 16:27:18 -0000 > @@ -1,7 +1,7 @@ > $OpenBSD: patch-src_dynamic-preprocessors_dns_Makefile_in,v 1.3 2009/02/12 > 22:12:08 rui Exp $ > ---- src/dynamic-preprocessors/dns/Makefile.in.orig Fri Jul 18 22:52:06 2008 > -+++ src/dynamic-preprocessors/dns/Makefile.in Fri Aug 8 14:57:43 2008 > -@@ -374,7 +374,7 @@ distdir: $(DISTFILES) > +--- src/dynamic-preprocessors/dns/Makefile.in.orig Mon Oct 19 23:08:08 2009 > ++++ src/dynamic-preprocessors/dns/Makefile.in Thu Oct 22 17:08:53 2009 > +@@ -381,7 +381,7 @@ distdir: $(DISTFILES) > check-am: all-am > check: $(BUILT_SOURCES) > $(MAKE) $(AM_MAKEFLAGS) check-am > @@ -9,4 +9,4 @@ $OpenBSD: patch-src_dynamic-preprocessor > +all-am: Makefile $(LTLIBRARIES) > installdirs: > for dir in "$(DESTDIR)$(libdir)"; do \ > - test -z "$$dir" || $(MKDIR_P) "$$dir"; \ > + test -z "$$dir" || $(mkdir_p) "$$dir"; \ > Index: patches/patch-src_dynamic-preprocessors_ftptelnet_Makefile_in > =================================================================== > RCS file: > /cvs/ports/net/snort/patches/patch-src_dynamic-preprocessors_ftptelnet_Makefile_in,v > retrieving revision 1.4 > diff -u -p -r1.4 patch-src_dynamic-preprocessors_ftptelnet_Makefile_in > --- patches/patch-src_dynamic-preprocessors_ftptelnet_Makefile_in 16 Aug > 2009 13:31:27 -0000 1.4 > +++ patches/patch-src_dynamic-preprocessors_ftptelnet_Makefile_in 25 Oct > 2009 16:27:18 -0000 > @@ -1,7 +1,7 @@ > $OpenBSD: patch-src_dynamic-preprocessors_ftptelnet_Makefile_in,v 1.4 > 2009/08/16 13:31:27 rui Exp $ > ---- src/dynamic-preprocessors/ftptelnet/Makefile.in.orig Wed Mar 11 > 14:19:29 2009 > -+++ src/dynamic-preprocessors/ftptelnet/Makefile.in Wed Apr 8 12:43:22 2009 > -@@ -528,7 +528,7 @@ distdir: $(DISTFILES) > +--- src/dynamic-preprocessors/ftptelnet/Makefile.in.orig Mon Oct 19 > 23:08:09 2009 > ++++ src/dynamic-preprocessors/ftptelnet/Makefile.in Thu Oct 22 17:08:53 2009 > +@@ -529,7 +529,7 @@ distdir: $(DISTFILES) > check-am: all-am > check: $(BUILT_SOURCES) > $(MAKE) $(AM_MAKEFLAGS) check-recursive > Index: patches/patch-src_dynamic-preprocessors_smtp_Makefile_in > =================================================================== > RCS file: > /cvs/ports/net/snort/patches/patch-src_dynamic-preprocessors_smtp_Makefile_in,v > retrieving revision 1.3 > diff -u -p -r1.3 patch-src_dynamic-preprocessors_smtp_Makefile_in > --- patches/patch-src_dynamic-preprocessors_smtp_Makefile_in 12 Feb 2009 > 22:12:08 -0000 1.3 > +++ patches/patch-src_dynamic-preprocessors_smtp_Makefile_in 25 Oct 2009 > 16:27:18 -0000 > @@ -1,7 +1,7 @@ > $OpenBSD: patch-src_dynamic-preprocessors_smtp_Makefile_in,v 1.3 2009/02/12 > 22:12:08 rui Exp $ > ---- src/dynamic-preprocessors/smtp/Makefile.in.orig Fri Jul 18 22:52:07 2008 > -+++ src/dynamic-preprocessors/smtp/Makefile.in Fri Aug 8 14:57:44 2008 > -@@ -393,7 +393,7 @@ distdir: $(DISTFILES) > +--- src/dynamic-preprocessors/smtp/Makefile.in.orig Mon Oct 19 23:08:09 2009 > ++++ src/dynamic-preprocessors/smtp/Makefile.in Thu Oct 22 17:08:53 2009 > +@@ -400,7 +400,7 @@ distdir: $(DISTFILES) > check-am: all-am > check: $(BUILT_SOURCES) > $(MAKE) $(AM_MAKEFLAGS) check-am > @@ -9,4 +9,4 @@ $OpenBSD: patch-src_dynamic-preprocessor > +all-am: Makefile $(LTLIBRARIES) > installdirs: > for dir in "$(DESTDIR)$(libdir)"; do \ > - test -z "$$dir" || $(MKDIR_P) "$$dir"; \ > + test -z "$$dir" || $(mkdir_p) "$$dir"; \ > Index: patches/patch-src_dynamic-preprocessors_ssh_Makefile_in > =================================================================== > RCS file: > /cvs/ports/net/snort/patches/patch-src_dynamic-preprocessors_ssh_Makefile_in,v > retrieving revision 1.2 > diff -u -p -r1.2 patch-src_dynamic-preprocessors_ssh_Makefile_in > --- patches/patch-src_dynamic-preprocessors_ssh_Makefile_in 12 Feb 2009 > 22:12:08 -0000 1.2 > +++ patches/patch-src_dynamic-preprocessors_ssh_Makefile_in 25 Oct 2009 > 16:27:18 -0000 > @@ -1,7 +1,7 @@ > $OpenBSD: patch-src_dynamic-preprocessors_ssh_Makefile_in,v 1.2 2009/02/12 > 22:12:08 rui Exp $ > ---- src/dynamic-preprocessors/ssh/Makefile.in.orig Fri Jul 18 22:52:08 2008 > -+++ src/dynamic-preprocessors/ssh/Makefile.in Fri Aug 8 14:57:44 2008 > -@@ -374,7 +374,7 @@ distdir: $(DISTFILES) > +--- src/dynamic-preprocessors/ssh/Makefile.in.orig Mon Oct 19 23:08:09 2009 > ++++ src/dynamic-preprocessors/ssh/Makefile.in Thu Oct 22 17:08:54 2009 > +@@ -381,7 +381,7 @@ distdir: $(DISTFILES) > check-am: all-am > check: $(BUILT_SOURCES) > $(MAKE) $(AM_MAKEFLAGS) check-am > @@ -9,4 +9,4 @@ $OpenBSD: patch-src_dynamic-preprocessor > +all-am: Makefile $(LTLIBRARIES) > installdirs: > for dir in "$(DESTDIR)$(libdir)"; do \ > - test -z "$$dir" || $(MKDIR_P) "$$dir"; \ > + test -z "$$dir" || $(mkdir_p) "$$dir"; \ > Index: patches/patch-src_dynamic-preprocessors_ssl_Makefile_in > =================================================================== > RCS file: > /cvs/ports/net/snort/patches/patch-src_dynamic-preprocessors_ssl_Makefile_in,v > retrieving revision 1.1 > diff -u -p -r1.1 patch-src_dynamic-preprocessors_ssl_Makefile_in > --- patches/patch-src_dynamic-preprocessors_ssl_Makefile_in 12 Feb 2009 > 22:12:08 -0000 1.1 > +++ patches/patch-src_dynamic-preprocessors_ssl_Makefile_in 25 Oct 2009 > 16:27:18 -0000 > @@ -1,7 +1,7 @@ > $OpenBSD: patch-src_dynamic-preprocessors_ssl_Makefile_in,v 1.1 2009/02/12 > 22:12:08 rui Exp $ > ---- src/dynamic-preprocessors/ssl/Makefile.in.orig Fri Jul 18 22:52:08 2008 > -+++ src/dynamic-preprocessors/ssl/Makefile.in Fri Aug 8 15:59:22 2008 > -@@ -384,7 +384,7 @@ distdir: $(DISTFILES) > +--- src/dynamic-preprocessors/ssl/Makefile.in.orig Mon Oct 19 23:08:09 2009 > ++++ src/dynamic-preprocessors/ssl/Makefile.in Thu Oct 22 17:08:54 2009 > +@@ -391,7 +391,7 @@ distdir: $(DISTFILES) > check-am: all-am > check: $(BUILT_SOURCES) > $(MAKE) $(AM_MAKEFLAGS) check-am > @@ -9,4 +9,4 @@ $OpenBSD: patch-src_dynamic-preprocessor > +all-am: Makefile $(LTLIBRARIES) > installdirs: > for dir in "$(DESTDIR)$(libdir)"; do \ > - test -z "$$dir" || $(MKDIR_P) "$$dir"; \ > + test -z "$$dir" || $(mkdir_p) "$$dir"; \ > Index: patches/patch-src_log_c > =================================================================== > RCS file: /cvs/ports/net/snort/patches/patch-src_log_c,v > retrieving revision 1.2 > diff -u -p -r1.2 patch-src_log_c > --- patches/patch-src_log_c 12 Feb 2009 22:12:08 -0000 1.2 > +++ patches/patch-src_log_c 25 Oct 2009 16:27:18 -0000 > @@ -1,39 +1,39 @@ > $OpenBSD: patch-src_log_c,v 1.2 2009/02/12 22:12:08 rui Exp $ > ---- src/log.c.orig Mon Jun 16 20:33:54 2008 > -+++ src/log.c Fri Sep 5 22:54:34 2008 > -@@ -358,7 +358,7 @@ void PrintIPPkt(FILE * fp, int type, Packet * p) > +--- src/log.c.orig Tue Jul 7 17:37:01 2009 > ++++ src/log.c Wed Aug 19 17:29:41 2009 > +@@ -363,7 +363,7 @@ void PrintIPPkt(FILE * fp, int type, Packet * p) > DEBUG_WRAP(DebugMessage(DEBUG_LOG, "PrintIPPkt type = %d\n", type);); > > bzero((char *) timestamp, TIMEBUF_SIZE); > - ts_print((struct timeval *) & p->pkth->ts, timestamp); > -+ ts_print((struct timeval32 *) & p->pkth->ts, timestamp); > ++ ts_print((struct sf_timeval32 *) & p->pkth->ts, timestamp); > > /* dump the timestamp */ > fwrite(timestamp, strlen(timestamp), 1, fp); > -@@ -851,7 +851,7 @@ void PrintArpHeader(FILE * fp, Packet * p) > +@@ -865,7 +865,7 @@ void PrintArpHeader(FILE * fp, Packet * p) > > bzero((struct in_addr *) &ip_addr, sizeof(struct in_addr)); > bzero((char *) timestamp, TIMEBUF_SIZE); > - ts_print((struct timeval *) & p->pkth->ts, timestamp); > -+ ts_print((struct timeval32 *) & p->pkth->ts, timestamp); > ++ ts_print((struct sf_timeval32 *) & p->pkth->ts, timestamp); > > /* determine what to use as MAC src and dst */ > if (p->eh != NULL) > -@@ -1929,7 +1929,7 @@ void PrintEapolPkt(FILE * fp, Packet * p) > +@@ -1945,7 +1945,7 @@ void PrintEapolPkt(FILE * fp, Packet * p) > > > bzero((char *) timestamp, TIMEBUF_SIZE); > - ts_print((struct timeval *) & p->pkth->ts, timestamp); > -+ ts_print((struct timeval32 *) & p->pkth->ts, timestamp); > ++ ts_print((struct sf_timeval32 *) & p->pkth->ts, timestamp); > > /* dump the timestamp */ > fwrite(timestamp, strlen(timestamp), 1, fp); > -@@ -2103,7 +2103,7 @@ void PrintWifiPkt(FILE * fp, Packet * p) > +@@ -2119,7 +2119,7 @@ void PrintWifiPkt(FILE * fp, Packet * p) > > > bzero((char *) timestamp, TIMEBUF_SIZE); > - ts_print((struct timeval *) & p->pkth->ts, timestamp); > -+ ts_print((struct timeval32 *) & p->pkth->ts, timestamp); > ++ ts_print((struct sf_timeval32 *) & p->pkth->ts, timestamp); > > /* dump the timestamp */ > fwrite(timestamp, strlen(timestamp), 1, fp); > Index: patches/patch-src_log_text_c > =================================================================== > RCS file: /cvs/ports/net/snort/patches/patch-src_log_text_c,v > retrieving revision 1.2 > diff -u -p -r1.2 patch-src_log_text_c > --- patches/patch-src_log_text_c 16 Aug 2009 13:31:27 -0000 1.2 > +++ patches/patch-src_log_text_c 25 Oct 2009 16:27:18 -0000 > @@ -1,12 +1,12 @@ > $OpenBSD: patch-src_log_text_c,v 1.2 2009/08/16 13:31:27 rui Exp $ > ---- src/log_text.c.orig Mon Jan 26 22:49:57 2009 > -+++ src/log_text.c Wed Apr 8 12:40:36 2009 > +--- src/log_text.c.orig Thu May 7 00:28:15 2009 > ++++ src/log_text.c Wed Aug 19 17:28:24 2009 > @@ -62,7 +62,7 @@ extern OptTreeNode *otn_tmp; /* global ptr to curre > void LogTimeStamp(TextLog* log, Packet* p) > { > char timestamp[TIMEBUF_SIZE]; > - ts_print((struct timeval*)&p->pkth->ts, timestamp); > -+ ts_print((struct timeval32*)&p->pkth->ts, timestamp); > ++ ts_print((struct sf_timeval32*)&p->pkth->ts, timestamp); > TextLog_Puts(log, timestamp); > } > > Index: patches/patch-src_output-plugins_spo_alert_prelude_c > =================================================================== > RCS file: patches/patch-src_output-plugins_spo_alert_prelude_c > diff -N patches/patch-src_output-plugins_spo_alert_prelude_c > --- /dev/null 1 Jan 1970 00:00:00 -0000 > +++ patches/patch-src_output-plugins_spo_alert_prelude_c 25 Oct 2009 > 16:27:18 -0000 > @@ -0,0 +1,48 @@ > +$OpenBSD$ > +--- src/output-plugins/spo_alert_prelude.c.orig Thu May 7 00:29:11 2009 > ++++ src/output-plugins/spo_alert_prelude.c Fri Oct 23 20:41:26 2009 > +@@ -414,7 +414,15 @@ static int packet_to_data(Packet *p, Event *event, idm > + break; > + > + case ICMP_REDIRECT: > ++#ifndef SUP_IP6 > + add_string_data(alert, "icmp_gwaddr", > inet_ntoa(p->icmph->s_icmp_gwaddr)); > ++#else > ++ { > ++ sfip_t gwaddr; > ++ sfip_set_raw(&gwaddr, (void > *)&p->icmph->s_icmp_gwaddr.s_addr, AF_INET); > ++ add_string_data(alert, "icmp_gwaddr", > inet_ntoa(&gwaddr)); > ++ } > ++#endif > + break; > + > + case ICMP_ROUTER_ADVERTISE: > +@@ -606,6 +614,7 @@ void snort_alert_prelude(Packet *p, char *msg, void *d > + idmef_message_t *idmef; > + idmef_classification_t *class; > + prelude_client_t *client = data; > ++ struct timeval tv; > + > + if ( !p ) > + return; > +@@ -647,7 +656,10 @@ void snort_alert_prelude(Packet *p, char *msg, void *d > + ret = idmef_alert_new_detect_time(alert, &time); > + if ( ret < 0 ) > + goto err; > +- idmef_time_set_from_timeval(time, &p->pkth->ts); > ++ > ++ tv.tv_sec = p->pkth->ts.tv_sec; > ++ tv.tv_usec = p->pkth->ts.tv_usec; > ++ idmef_time_set_from_timeval(time, &tv); > + > + ret = idmef_time_new_from_gettimeofday(&time); > + if ( ret < 0 ) > +@@ -786,7 +798,7 @@ void AlertPreludeSetupAfterSetuid(void) > + } > + > + > +-void snort_alert_prelude_init(unsigned char *args) > ++static void snort_alert_prelude_init(char *args) > + { > + /* > + * Do nothing here. Wait until AlertPreludeSetupAfterSetuid is > called. > Index: patches/patch-src_ppm_c > =================================================================== > RCS file: /cvs/ports/net/snort/patches/patch-src_ppm_c,v > retrieving revision 1.3 > diff -u -p -r1.3 patch-src_ppm_c > --- patches/patch-src_ppm_c 16 Aug 2009 13:31:27 -0000 1.3 > +++ patches/patch-src_ppm_c 25 Oct 2009 16:27:18 -0000 > @@ -1,21 +1,21 @@ > $OpenBSD: patch-src_ppm_c,v 1.3 2009/08/16 13:31:27 rui Exp $ > ---- src/ppm.c.orig Mon Jan 26 22:49:58 2009 > -+++ src/ppm.c Wed Apr 8 12:40:37 2009 > -@@ -361,7 +361,7 @@ void ppm_rule_log( UINT64 pktcnt, Packet * p) > - if( ppm_cfg.rule_log & PPM_LOG_MESSAGE ) > - { > +--- src/ppm.c.orig Thu May 7 00:28:18 2009 > ++++ src/ppm.c Wed Aug 19 17:28:12 2009 > +@@ -369,7 +369,7 @@ void ppm_rule_log(ppm_cfg_t *ppm_cfg, uint64_t pktcnt, > + int i; > + > if(!*timestamp) > - ts_print((struct timeval*)&p->pkth->ts, timestamp); > -+ ts_print((struct timeval32*)&p->pkth->ts, timestamp); > ++ ts_print((struct sf_timeval32*)&p->pkth->ts, timestamp); > > for (i=0; i< ppm_n_crules; i++) > { > -@@ -417,7 +417,7 @@ void ppm_rule_log( UINT64 pktcnt, Packet * p) > - if( ppm_cfg.rule_log & PPM_LOG_MESSAGE ) > - { > +@@ -425,7 +425,7 @@ void ppm_rule_log(ppm_cfg_t *ppm_cfg, uint64_t pktcnt, > + int i; > + > if(!*timestamp) > - ts_print((struct timeval*)&p->pkth->ts, timestamp); > -+ ts_print((struct timeval32*)&p->pkth->ts, timestamp); > ++ ts_print((struct sf_timeval32*)&p->pkth->ts, timestamp); > > for (i=0; i< ppm_n_rules; i++) > { > Index: patches/patch-src_preprocessors_Stream5_snort_stream5_tcp_c > =================================================================== > RCS file: > /cvs/ports/net/snort/patches/patch-src_preprocessors_Stream5_snort_stream5_tcp_c,v > retrieving revision 1.3 > diff -u -p -r1.3 patch-src_preprocessors_Stream5_snort_stream5_tcp_c > --- patches/patch-src_preprocessors_Stream5_snort_stream5_tcp_c 16 Aug > 2009 13:31:27 -0000 1.3 > +++ patches/patch-src_preprocessors_Stream5_snort_stream5_tcp_c 25 Oct > 2009 16:27:18 -0000 > @@ -1,12 +1,12 @@ > $OpenBSD: patch-src_preprocessors_Stream5_snort_stream5_tcp_c,v 1.3 > 2009/08/16 13:31:27 rui Exp $ > ---- src/preprocessors/Stream5/snort_stream5_tcp.c.orig Tue Apr 21 > 18:52:36 2009 > -+++ src/preprocessors/Stream5/snort_stream5_tcp.c Wed Apr 29 12:42:40 2009 > -@@ -6804,7 +6804,7 @@ static int ProcessTcp(Stream5LWSession *lwssn, Packet > +--- src/preprocessors/Stream5/snort_stream5_tcp.c.orig Mon Sep 14 > 21:12:21 2009 > ++++ src/preprocessors/Stream5/snort_stream5_tcp.c Thu Sep 17 15:26:22 2009 > +@@ -6914,7 +6914,7 @@ static int ProcessTcp(Stream5LWSession *lwssn, Packet > char src_addr[17]; > char dst_addr[17]; > bzero((char *)timestamp, TIMEBUF_SIZE); > - ts_print((struct timeval *) &p->pkth->ts, timestamp); > -+ ts_print((struct timeval32 *) &p->pkth->ts, timestamp); > ++ ts_print((struct sf_timeval32 *) &p->pkth->ts, > timestamp); > SnortSnprintf(src_addr, 17, "%s", > inet_ntoa(GET_SRC_ADDR(p))); > SnortSnprintf(dst_addr, 17, "%s", > Index: patches/patch-src_preprocessors_spp_sfportscan_c > =================================================================== > RCS file: > /cvs/ports/net/snort/patches/patch-src_preprocessors_spp_sfportscan_c,v > retrieving revision 1.3 > diff -u -p -r1.3 patch-src_preprocessors_spp_sfportscan_c > --- patches/patch-src_preprocessors_spp_sfportscan_c 16 Aug 2009 13:31:27 > -0000 1.3 > +++ patches/patch-src_preprocessors_spp_sfportscan_c 25 Oct 2009 16:27:18 > -0000 > @@ -1,12 +1,12 @@ > $OpenBSD: patch-src_preprocessors_spp_sfportscan_c,v 1.3 2009/08/16 13:31:27 > rui Exp $ > ---- src/preprocessors/spp_sfportscan.c.orig Mon Jan 26 22:50:30 2009 > -+++ src/preprocessors/spp_sfportscan.c Wed Apr 8 12:40:37 2009 > -@@ -288,7 +288,7 @@ static int LogPortscanAlert(Packet *p, char *msg, u_in > +--- src/preprocessors/spp_sfportscan.c.orig Mon Sep 14 21:12:21 2009 > ++++ src/preprocessors/spp_sfportscan.c Thu Sep 17 15:26:24 2009 > +@@ -310,7 +310,7 @@ static int LogPortscanAlert(Packet *p, char *msg, uint > return 0; > } > > - ts_print((struct timeval *)&p->pkth->ts, timebuf); > -+ ts_print((struct timeval32 *)&p->pkth->ts, timebuf); > ++ ts_print((struct sf_timeval32 *)&p->pkth->ts, timebuf); > > fprintf(g_logfile, "Time: %s\n", timebuf); > > Index: patches/patch-src_util_c > =================================================================== > RCS file: /cvs/ports/net/snort/patches/patch-src_util_c,v > retrieving revision 1.3 > diff -u -p -r1.3 patch-src_util_c > --- patches/patch-src_util_c 16 Aug 2009 13:31:27 -0000 1.3 > +++ patches/patch-src_util_c 25 Oct 2009 16:27:18 -0000 > @@ -1,22 +1,22 @@ > $OpenBSD: patch-src_util_c,v 1.3 2009/08/16 13:31:27 rui Exp $ > ---- src/util.c.orig Wed Mar 11 13:54:59 2009 > -+++ src/util.c Wed Apr 8 12:40:37 2009 > -@@ -418,12 +418,13 @@ int DisplayBanner() > +--- src/util.c.orig Tue Jul 7 17:37:03 2009 > ++++ src/util.c Wed Aug 19 17:27:58 2009 > +@@ -214,12 +214,13 @@ int DisplayBanner(void) > * Returns: void function > * > > ****************************************************************************/ > -void ts_print(register const struct timeval *tvp, char *timebuf) > -+void ts_print(register const struct timeval32 *tvp, char *timebuf) > ++void ts_print(register const struct sf_timeval32 *tvp, char *timebuf) > { > register int s; > int localzone; > time_t Time; > struct timeval tv; > -+ struct timeval32 tvnow; > ++ struct sf_timeval32 tvnow; > struct timezone tz; > struct tm *lt; /* place to stick the adjusted clock data */ > > -@@ -433,7 +434,9 @@ void ts_print(register const struct timeval *tvp, char > +@@ -229,7 +230,9 @@ void ts_print(register const struct timeval *tvp, char > /* manual page (for linux) says tz is never used, so.. */ > bzero((char *) &tz, sizeof(tz)); > gettimeofday(&tv, &tz); > @@ -26,4 +26,4 @@ $OpenBSD: patch-src_util_c,v 1.3 2009/08 > + tvp = &tvnow; > } > > - localzone = thiszone; > + localzone = snort_conf->thiszone; > Index: patches/patch-src_util_h > =================================================================== > RCS file: /cvs/ports/net/snort/patches/patch-src_util_h,v > retrieving revision 1.2 > diff -u -p -r1.2 patch-src_util_h > --- patches/patch-src_util_h 12 Feb 2009 22:12:08 -0000 1.2 > +++ patches/patch-src_util_h 25 Oct 2009 16:27:18 -0000 > @@ -1,20 +1,20 @@ > $OpenBSD: patch-src_util_h,v 1.2 2009/02/12 22:12:08 rui Exp $ > ---- src/util.h.orig Tue Feb 26 02:19:23 2008 > -+++ src/util.h Fri Aug 8 16:01:52 2008 > -@@ -36,6 +36,7 @@ > - > +--- src/util.h.orig Tue Jul 7 17:37:03 2009 > ++++ src/util.h Wed Aug 19 17:27:32 2009 > +@@ -37,6 +37,7 @@ > #include "sf_types.h" > #include "sflsq.h" > + #include "sfutil/sf_ipvar.h" > +#include "pcap_pkthdr32.h" > > - /* specifies that a function does not return > - * used for quieting Visual Studio warnings > -@@ -147,7 +148,7 @@ typedef struct _IntervalStats > - int DisplayBanner(); > + /* Macros > *********************************************************************/ > + #define PCAP_CLOSE // allow for rollback for now > +@@ -166,7 +167,7 @@ typedef struct _IntervalStats > + int DisplayBanner(void); > void GetTime(char *); > int gmt2local(time_t); > -void ts_print(register const struct timeval *, char *); > -+void ts_print(register const struct timeval32 *, char *); > ++void ts_print(register const struct sf_timeval32 *, char *); > char *copy_argv(char **); > void strip(char *); > - double CalcPct(UINT64, UINT64); > + double CalcPct(uint64_t, uint64_t); > Index: pkg/PLIST > =================================================================== > RCS file: /cvs/ports/net/snort/pkg/PLIST,v > retrieving revision 1.18 > diff -u -p -r1.18 PLIST > --- pkg/PLIST 16 Aug 2009 13:31:27 -0000 1.18 > +++ pkg/PLIST 25 Oct 2009 16:27:18 -0000 > @@ -2,15 +2,13 @@ > @newgroup _snort:557 > @newuser _snort:557:_snort:daemon:Snort Account:/nonexistent:/sbin/nologin > %%prelude%% > -bin/snort > +...@bin bin/snort > +lib/pkgconfig/snort.pc > lib/snort_dynamicengine/ > lib/snort_dynamicengine/libsf_engine.a > @comment lib/snort_dynamicengine/libsf_engine.la > @lib lib/snort_dynamicengine/libsf_engine.so.${LIBsf_engine_VERSION} > lib/snort_dynamicpreprocessor/ > -lib/snort_dynamicpreprocessor/lib_sfdynamic_preprocessor_example.a > -...@comment > lib/snort_dynamicpreprocessor/lib_sfdynamic_preprocessor_example.la > -...@lib > lib/snort_dynamicpreprocessor/lib_sfdynamic_preprocessor_example.so.${LIB_sfdynamic_preprocessor_example_VERSION} > lib/snort_dynamicpreprocessor/libsf_dce2_preproc.a > @comment lib/snort_dynamicpreprocessor/libsf_dce2_preproc.la > @lib > lib/snort_dynamicpreprocessor/libsf_dce2_preproc.so.${LIBsf_dce2_preproc_VERSION} > @@ -33,9 +31,6 @@ lib/snort_dynamicpreprocessor/libsf_ssl_ > @comment lib/snort_dynamicpreprocessor/libsf_ssl_preproc.la > @lib > lib/snort_dynamicpreprocessor/libsf_ssl_preproc.so.${LIBsf_ssl_preproc_VERSION} > lib/snort_dynamicrules/ > -lib/snort_dynamicrules/lib_sfdynamic_example_rule.a > -...@comment lib/snort_dynamicrules/lib_sfdynamic_example_rule.la > -...@lib > lib/snort_dynamicrules/lib_sfdynamic_example_rule.so.${LIB_sfdynamic_example_rule_VERSION} > @man man/man8/snort.8 > share/doc/snort/ > share/doc/snort/AUTHORS > @@ -64,6 +59,7 @@ share/doc/snort/README.decode > share/doc/snort/README.decoder_preproc_rules > share/doc/snort/README.dns > share/doc/snort/README.event_queue > +share/doc/snort/README.filters > share/doc/snort/README.flowbits > share/doc/snort/README.frag3 > share/doc/snort/README.ftptelnet > @@ -71,8 +67,10 @@ share/doc/snort/README.gre > share/doc/snort/README.http_inspect > share/doc/snort/README.ipip > share/doc/snort/README.ipv6 > +share/doc/snort/README.multipleconfigs > share/doc/snort/README.pcap_readmode > share/doc/snort/README.ppm > +share/doc/snort/README.reload > share/doc/snort/README.sfportscan > share/doc/snort/README.ssh > share/doc/snort/README.ssl
