Re: [UPDATE] net/snort 2.8.0.1 (was: [UPDATE] net/snort 2.8.0)
On Sat, Dec 01, 2007 at 01:42:41PM +0100, Markus Lude wrote: New diff against CVS attached. Please test/comment/commit/... new diff with a few changes. Please test. Comments/oks? cheers, rui Index: Makefile === RCS file: /cvs/ports/net/snort/Makefile,v retrieving revision 1.51 diff -u -r1.51 Makefile --- Makefile15 Sep 2007 22:36:59 - 1.51 +++ Makefile9 Feb 2008 17:38:12 - @@ -2,29 +2,34 @@ COMMENT= highly flexible sniffer/NIDS -DISTNAME= snort-2.6.0.2 -PKGNAME= ${DISTNAME}p1 +DISTNAME= snort-2.8.0.1 CATEGORIES=net security MASTER_SITES= ${HOMEPAGE}/dl/current/ HOMEPAGE= http://www.snort.org/ -# GPL +MAINTAINER=Markus Lude [EMAIL PROTECTED] + +# GPLv2 PERMIT_PACKAGE_CDROM= Yes PERMIT_PACKAGE_FTP=Yes PERMIT_DISTFILES_CDROM= Yes PERMIT_DISTFILES_FTP= Yes -WANTLIB= c m pcap +WANTLIB= c m pcap -SHARED_LIBS= sf_engine 0.0 \ - sf_dns_preproc 0.0 \ - sf_ftptelnet_preproc 0.0 \ - sf_smtp_preproc 0.0 +SHARED_LIBS= sf_engine 1.0 \ + sf_dns_preproc 1.0 \ + sf_ftptelnet_preproc 1.0 \ + sf_smtp_preproc 1.0 \ + sf_dcerpc_preproc 0.0 \ + sf_ssh_preproc 0.0 \ + _sfdynamic_example_rule 0.0 \ + _sfdynamic_preprocessor_example 0.0 USE_LIBTOOL= Yes SEPARATE_BUILD=concurrent -CONFIGURE_STYLE=gnu +CONFIGURE_STYLE=simple CONFIGURE_ARGS+=${CONFIGURE_SHARED} \ --enable-dynamicplugin @@ -41,6 +46,9 @@ .if ${FLAVOR:L:Mflexresp} LIB_DEPENDS+= dnet.=1::net/libdnet CONFIGURE_ARGS+=--enable-flexresp2 + +MASTER_SITES0= http://www-fs.informatik.uni-tuebingen.de/~lude/openbsd/distfiles/ +PATCHFILES=snort-flexresp_patch.diff:0 .endif .if ${FLAVOR:L:Mpostgresql} @@ -50,22 +58,31 @@ .if ${FLAVOR:L:Mmysql} LIB_DEPENDS+= lib/mysql/mysqlclient.=10::databases/mysql -CONFIGURE_ARGS+=--with-mysql=${LOCALBASE} +CONFIGURE_ARGS+=--with-mysql-libraries=${LOCALBASE}/lib \ + --with-mysql-includes=${LOCALBASE}/include WANTLIB+= z .endif .if ${FLAVOR:L:Mprelude} MODULES= devel/gettext -WANTLIB+= gcrypt gpg-error pthread z +WANTLIB+= gcrypt gnutls gpg-error pthread z LIB_DEPENDS+= prelude.=8::security/prelude/libprelude CONFIGURE_ARGS+=--enable-prelude MESSAGE= ${PKGDIR}/MESSAGE-prelude .endif -CONFIGS= classification.config gen-msg.map generators reference.config \ - sid sid-msg.map snort.conf threshold.conf unicode.map +CONFIGS= classification.config gen-msg.map reference.config \ + sid-msg.map snort.conf threshold.conf unicode.map -DOCS= AUTHORS CREDITS README.* *.pdf +PREPROC= decoder.rules preprocessor.rules + +DOCS= AUTHORS CREDITS README README.* *.pdf TODO USAGE WISHLIST + +# workaround conflicts between distpatches and patches +post-patch: +.if ${FLAVOR:L:Mflexresp} + @perl -pi -e s,ip_t,snort_ip, ${WRKSRC}/src/preprocessors/stream.h +.endif post-build: @perl -pi -e s,%%SYSCONFDIR%%,${SYSCONFDIR}, \ @@ -77,6 +94,11 @@ ${INSTALL_DATA_DIR} ${PREFIX}/share/examples/snort .for i in ${CONFIGS} ${INSTALL_DATA} ${WRKSRC}/etc/${i} ${PREFIX}/share/examples/snort +.endfor + ${INSTALL_DATA} ${WRKSRC}/doc/generators ${PREFIX}/share/examples/snort + +.for i in ${PREPROC} + ${INSTALL_DATA} ${WRKSRC}/preproc_rules/${i} ${PREFIX}/share/examples/snort .endfor ${INSTALL_DATA_DIR} ${PREFIX}/share/doc/snort Index: distinfo === RCS file: /cvs/ports/net/snort/distinfo,v retrieving revision 1.15 diff -u -r1.15 distinfo --- distinfo5 Apr 2007 16:20:15 - 1.15 +++ distinfo9 Feb 2008 17:38:12 - @@ -1,5 +1,10 @@ -MD5 (snort-2.6.0.2.tar.gz) = XAlP9tgtuEWl8CPkpJIQPg== -RMD160 (snort-2.6.0.2.tar.gz) = cG1j24O30DesinHIEEMk2bdZTrU= -SHA1 (snort-2.6.0.2.tar.gz) = Gms/sZqC+Dvw/OWo226xJ3xyN5s= -SHA256 (snort-2.6.0.2.tar.gz) = B716x7ZF0TgKzmWzPAZO1Y2dwhvXNrH3a8V13CLhpeI= -SIZE (snort-2.6.0.2.tar.gz) = 3350277 +MD5 (snort-2.8.0.1.tar.gz) = u2UOjv6Fj1w8yx5HF3XX5w== +MD5 (snort-flexresp_patch.diff) = ZYyI5dSWIpCkny37tRidUQ== +RMD160 (snort-2.8.0.1.tar.gz) = oLC+wvfMoNR6WYcIu/xpysr0ShI= +RMD160 (snort-flexresp_patch.diff) = vrc4csTm8t0HUKMbYMrMzDs66jA= +SHA1 (snort-2.8.0.1.tar.gz) = s7RfptUDcvZYfNd2r0O0FSURljA= +SHA1 (snort-flexresp_patch.diff) = qkgi0RNWJintUwpX6uYE4QdeWV4= +SHA256 (snort-2.8.0.1.tar.gz) = T6dP2/5nc2Kw/vImAm5/EQ196Fa6qtIbX+Pr0PYnsRI= +SHA256 (snort-flexresp_patch.diff) = cBSVJQ939iIageqqNMHQnsa1GjjplPju96ePvHBMyNY= +SIZE (snort-2.8.0.1.tar.gz) = 4331731 +SIZE (snort-flexresp_patch.diff) = 48418 Index: patches/patch-etc_snort_conf === RCS file:
Re: [UPDATE] net/snort 2.8.0
On Thu, Nov 29, 2007 at 12:21:13AM +0100, Markus Lude wrote: Hello, here is an update to snort 2.8.0. Please test/comment/commit/... Based on changes for 2.7.0.1 by Jason Dixon. Some added patches fix bus errors on sparc64 noticed by [EMAIL PROTECTED] If noone other wants, I would take maintainership (not included in diff). Regards, Markus Attached diff to apply after your diff. * Updated to 2.8.0.1 * Fixes flexresp flavor: http://marc.info/?l=snort-usersm=119099490314507w=2 * Fixes prelude WANTLIB * Replaces depricated --with-mysql diff -ur ../snort.patched/Makefile ./Makefile --- ../snort.patched/Makefile Fri Nov 30 11:56:08 2007 +++ ./Makefile Fri Nov 30 11:59:14 2007 @@ -2,8 +2,7 @@ COMMENT= highly flexible sniffer/NIDS -DISTNAME= snort-2.8.0 -PKGNAME= ${DISTNAME} +DISTNAME= snort-2.8.0.1 CATEGORIES=net security MASTER_SITES= ${HOMEPAGE}/dl/current/ @@ -43,6 +42,9 @@ .if ${FLAVOR:L:Mflexresp} LIB_DEPENDS+= dnet.=1::net/libdnet CONFIGURE_ARGS+=--enable-flexresp2 + +MASTER_SITES0= http://ftp.secure.lv/pub/distfiles/ +PATCHFILES= respond2_patch.diff:0 .endif .if ${FLAVOR:L:Mpostgresql} @@ -52,13 +54,14 @@ .if ${FLAVOR:L:Mmysql} LIB_DEPENDS+= lib/mysql/mysqlclient.=10::databases/mysql -CONFIGURE_ARGS+=--with-mysql=${LOCALBASE} +CONFIGURE_ARGS+=--with-mysql-libraries=${LOCALBASE}/lib \ + --with-mysql-includes=${LOCALBASE}/include WANTLIB+= z .endif .if ${FLAVOR:L:Mprelude} MODULES= devel/gettext -WANTLIB+= gcrypt gpg-error pthread z +WANTLIB+= gcrypt gnutls gpg-error pthread z LIB_DEPENDS+= prelude.=8::security/prelude/libprelude CONFIGURE_ARGS+=--enable-prelude MESSAGE= ${PKGDIR}/MESSAGE-prelude diff -ur ../snort.patched/distinfo ./distinfo --- ../snort.patched/distinfo Fri Nov 30 11:56:08 2007 +++ ./distinfo Fri Nov 30 11:59:54 2007 @@ -1,5 +1,10 @@ -MD5 (snort-2.8.0.tar.gz) = z7qxwuOc27iRISxL8V6C8w== -RMD160 (snort-2.8.0.tar.gz) = 2sNqSh/aYLZszcXHdKthqqD2yKg= -SHA1 (snort-2.8.0.tar.gz) = 8HuEoIcthhAGtWqManmmAwjdaLQ= -SHA256 (snort-2.8.0.tar.gz) = uaBzfTL2nEvnSySDJLQBc2Z7W8e09Yru9PInGi6oQtE= -SIZE (snort-2.8.0.tar.gz) = 4278872 +MD5 (respond2_patch.diff) = PbuGzELzemmJOZefznO2nw== +MD5 (snort-2.8.0.1.tar.gz) = u2UOjv6Fj1w8yx5HF3XX5w== +RMD160 (respond2_patch.diff) = FyVgr7CGRT+jzTMg+iyJbmgkfxI= +RMD160 (snort-2.8.0.1.tar.gz) = oLC+wvfMoNR6WYcIu/xpysr0ShI= +SHA1 (respond2_patch.diff) = IJhimg/OA7fMfov6qQCYA2DJlng= +SHA1 (snort-2.8.0.1.tar.gz) = s7RfptUDcvZYfNd2r0O0FSURljA= +SHA256 (respond2_patch.diff) = zzARQQev9cVyJscTaI8HaBbvBenvAn+TS67YIF3hpFo= +SHA256 (snort-2.8.0.1.tar.gz) = T6dP2/5nc2Kw/vImAm5/EQ196Fa6qtIbX+Pr0PYnsRI= +SIZE (respond2_patch.diff) = 48704 +SIZE (snort-2.8.0.1.tar.gz) = 4331731 diff -ur ../snort.patched/patches/patch-src_dynamic-preprocessors_Makefile_in ./patches/patch-src_dynamic-preprocessors_Makefile_in --- ../snort.patched/patches/patch-src_dynamic-preprocessors_Makefile_in Fri Nov 30 11:56:08 2007 +++ ./patches/patch-src_dynamic-preprocessors_Makefile_in Fri Nov 30 12:09:44 2007 @@ -1,7 +1,7 @@ $OpenBSD: patch-src_dynamic-preprocessors_Makefile_in,v 1.1 2006/10/10 13:33:17 aanriot Exp $ src/dynamic-preprocessors/Makefile.in.orig Fri Sep 7 20:31:51 2007 -+++ src/dynamic-preprocessors/Makefile.in Mon Nov 19 22:18:10 2007 -@@ -540,8 +540,7 @@ maintainer-clean-generic: +--- src/dynamic-preprocessors/Makefile.in.orig Wed Nov 14 16:32:47 2007 src/dynamic-preprocessors/Makefile.in Fri Nov 30 12:09:32 2007 +@@ -543,8 +543,7 @@ maintainer-clean-generic: @echo This command is intended for maintainers to use @echo it deletes files that may require special tools to rebuild. -test -z $(BUILT_SOURCES) || rm -f $(BUILT_SOURCES) @@ -11,7 +11,7 @@ clean: clean-recursive clean-am: clean-generic clean-libtool clean-local mostlyclean-am -@@ -705,20 +704,6 @@ include/str_search.h: $(srcdir)/../preprocessors/str_s +@@ -700,20 +699,6 @@ include/str_search.h: $(srcdir)/../preprocessors/str_s clean-local: rm -rf include build diff -ur ../snort.patched/patches/patch-src_dynamic-preprocessors_dcerpc_Makefile_in ./patches/patch-src_dynamic-preprocessors_dcerpc_Makefile_in --- ../snort.patched/patches/patch-src_dynamic-preprocessors_dcerpc_Makefile_in Fri Nov 30 11:56:08 2007 +++ ./patches/patch-src_dynamic-preprocessors_dcerpc_Makefile_inFri Nov 30 12:09:44 2007 @@ -1,7 +1,7 @@ $OpenBSD$ src/dynamic-preprocessors/dcerpc/Makefile.in.orig Fri Sep 7 20:31:51 2007 -+++ src/dynamic-preprocessors/dcerpc/Makefile.in Mon Nov 19 22:18:11 2007 -@@ -392,7 +392,7 @@ distdir: $(DISTFILES) +--- src/dynamic-preprocessors/dcerpc/Makefile.in.orig Wed Nov 14 16:32:47 2007 src/dynamic-preprocessors/dcerpc/Makefile.in Fri Nov 30 12:09:32 2007 +@@ -394,7 +394,7 @@ distdir: $(DISTFILES) check-am: all-am check: $(BUILT_SOURCES) $(MAKE) $(AM_MAKEFLAGS) check-am @@ -9,4 +9,4 @@
Re: [UPDATE] net/snort 2.8.0
On Fri, Nov 30 2007 at 34:12, Nikns Siankin wrote: On Thu, Nov 29, 2007 at 12:21:13AM +0100, Markus Lude wrote: Hello, here is an update to snort 2.8.0. Please test/comment/commit/... Based on changes for 2.7.0.1 by Jason Dixon. Some added patches fix bus errors on sparc64 noticed by [EMAIL PROTECTED] If noone other wants, I would take maintainership (not included in diff). Regards, Markus Attached diff to apply after your diff. * Updated to 2.8.0.1 * Fixes flexresp flavor: http://marc.info/?l=snort-usersm=119099490314507w=2 * Fixes prelude WANTLIB * Replaces depricated --with-mysql Compile fine this time with flexresp. I'll test with prelude in the next few days. Thanks ! Claer
Re: [UPDATE] net/snort 2.8.0
works for me. follow msf@ advice, resubmit a diff to 2.8.0.1 and please take maintainership. Regards, rui On Thu, Nov 29, 2007 at 12:21:13AM +0100, Markus Lude wrote: Hello, here is an update to snort 2.8.0. Please test/comment/commit/... Based on changes for 2.7.0.1 by Jason Dixon. Some added patches fix bus errors on sparc64 noticed by [EMAIL PROTECTED] If noone other wants, I would take maintainership (not included in diff). Regards, Markus Index: Makefile === RCS file: /cvs/ports/net/snort/Makefile,v retrieving revision 1.51 diff -u -p -r1.51 Makefile --- Makefile 15 Sep 2007 22:36:59 - 1.51 +++ Makefile 21 Nov 2007 00:43:34 - @@ -2,14 +2,14 @@ COMMENT= highly flexible sniffer/NIDS -DISTNAME=snort-2.6.0.2 -PKGNAME= ${DISTNAME}p1 +DISTNAME=snort-2.8.0 +PKGNAME= ${DISTNAME} CATEGORIES= net security MASTER_SITES=${HOMEPAGE}/dl/current/ HOMEPAGE= http://www.snort.org/ -# GPL +# GPLv2 PERMIT_PACKAGE_CDROM=Yes PERMIT_PACKAGE_FTP= Yes PERMIT_DISTFILES_CDROM= Yes @@ -17,9 +17,11 @@ PERMIT_DISTFILES_FTP= Yes WANTLIB= c m pcap SHARED_LIBS= sf_engine 0.0 \ + sf_dcerpc_preproc 0.0 \ sf_dns_preproc 0.0 \ sf_ftptelnet_preproc 0.0 \ - sf_smtp_preproc 0.0 + sf_smtp_preproc 0.0 \ + sf_ssh_preproc 0.0 USE_LIBTOOL= Yes @@ -62,10 +64,12 @@ CONFIGURE_ARGS+=--enable-prelude MESSAGE= ${PKGDIR}/MESSAGE-prelude .endif -CONFIGS= classification.config gen-msg.map generators reference.config \ - sid sid-msg.map snort.conf threshold.conf unicode.map +CONFIGS= classification.config gen-msg.map reference.config \ + sid-msg.map snort.conf threshold.conf unicode.map -DOCS=AUTHORS CREDITS README.* *.pdf +PREPROC= decoder.rules preprocessor.rules + +DOCS=AUTHORS CREDITS README README.* *.pdf TODO USAGE WISHLIST post-build: @perl -pi -e s,%%SYSCONFDIR%%,${SYSCONFDIR}, \ @@ -77,6 +81,11 @@ post-install: ${INSTALL_DATA_DIR} ${PREFIX}/share/examples/snort .for i in ${CONFIGS} ${INSTALL_DATA} ${WRKSRC}/etc/${i} ${PREFIX}/share/examples/snort +.endfor + ${INSTALL_DATA} ${WRKSRC}/doc/generators ${PREFIX}/share/examples/snort + +.for i in ${PREPROC} + ${INSTALL_DATA} ${WRKSRC}/preproc_rules/${i} ${PREFIX}/share/examples/snort .endfor ${INSTALL_DATA_DIR} ${PREFIX}/share/doc/snort Index: distinfo === RCS file: /cvs/ports/net/snort/distinfo,v retrieving revision 1.15 diff -u -p -r1.15 distinfo --- distinfo 5 Apr 2007 16:20:15 - 1.15 +++ distinfo 21 Nov 2007 00:43:34 - @@ -1,5 +1,5 @@ -MD5 (snort-2.6.0.2.tar.gz) = XAlP9tgtuEWl8CPkpJIQPg== -RMD160 (snort-2.6.0.2.tar.gz) = cG1j24O30DesinHIEEMk2bdZTrU= -SHA1 (snort-2.6.0.2.tar.gz) = Gms/sZqC+Dvw/OWo226xJ3xyN5s= -SHA256 (snort-2.6.0.2.tar.gz) = B716x7ZF0TgKzmWzPAZO1Y2dwhvXNrH3a8V13CLhpeI= -SIZE (snort-2.6.0.2.tar.gz) = 3350277 +MD5 (snort-2.8.0.tar.gz) = z7qxwuOc27iRISxL8V6C8w== +RMD160 (snort-2.8.0.tar.gz) = 2sNqSh/aYLZszcXHdKthqqD2yKg= +SHA1 (snort-2.8.0.tar.gz) = 8HuEoIcthhAGtWqManmmAwjdaLQ= +SHA256 (snort-2.8.0.tar.gz) = uaBzfTL2nEvnSySDJLQBc2Z7W8e09Yru9PInGi6oQtE= +SIZE (snort-2.8.0.tar.gz) = 4278872 Index: patches/patch-etc_snort_conf === RCS file: /cvs/ports/net/snort/patches/patch-etc_snort_conf,v retrieving revision 1.1 diff -u -p -r1.1 patch-etc_snort_conf --- patches/patch-etc_snort_conf 10 Oct 2006 13:33:17 - 1.1 +++ patches/patch-etc_snort_conf 21 Nov 2007 00:43:34 - @@ -1,22 +1,26 @@ $OpenBSD: patch-etc_snort_conf,v 1.1 2006/10/10 13:33:17 aanriot Exp $ etc/snort.conf.orig Wed Sep 13 21:44:31 2006 -+++ etc/snort.conf Tue Oct 10 12:54:59 2006 -@@ -82,6 +82,9 @@ var SNMP_SERVERS $HOME_NET - # Port lists must either be continuous [eg 80:8080], or a single port [eg 80]. - # We will adding support for a real list of ports in the future. - +--- etc/snort.conf.orig Fri Sep 7 20:32:45 2007 etc/snort.conf Mon Nov 19 22:23:57 2007 +@@ -78,7 +78,10 @@ var SNMP_SERVERS $HOME_NET + # like this: + # + # portvar HTTP_PORTS 8081 +-# ++ +# Ports you run ssh servers on -+var SSH_PORTS 22 ++portvar SSH_PORTS 22 + # Ports you run web servers on - # - # Please note: [80,8080] does not work. -@@ -108,7 +111,7 @@ var AIM_SERVERS [64.12.24.0/23,64.12.28. + portvar HTTP_PORTS 80 + +@@ -107,8 +110,8 @@ var AIM_SERVERS [64.12.24.0/23,64.12.28.0/23,64.12.161 # Path to your rules files (this can be a relative path) # Note for Windows users: You are advised to make this an absolute path, # such as:
Re: [UPDATE] net/snort 2.8.0
On Thu, Nov 29 2007 at 21:00, Markus Lude wrote: Hello, here is an update to snort 2.8.0. Please test/comment/commit/... Does not compile on i386 with FLAVOR=flexresp on 4.2-stable Based on changes for 2.7.0.1 by Jason Dixon. Some added patches fix bus errors on sparc64 noticed by [EMAIL PROTECTED] If noone other wants, I would take maintainership (not included in diff). Regards, Markus Here is the compile error cc -DHAVE_CONFIG_H -I. -I../.. -I/usr/ports/dynetcom/snort/w-snort-2.8.0-flexresp/snort-2.8.0/src/detection-plugins -I/usr/ports/dynetcom/snort/w-snort-2.8.0-flexresp/snort-2.8.0 -I/usr/ports/dynetcom/snort/w-snort-2.8.0-flexresp/snort-2.8.0/src -I/usr/ports/dynetcom/snort/w-snort-2.8.0-flexresp/snort-2.8.0/src/sfutil -I/usr/ports/dynetcom/snort/w-snort-2.8.0-flexresp/snort-2.8.0/src/output-plugins -I/usr/ports/dynetcom/snort/w-snort-2.8.0-flexresp/snort-2.8.0/src/detection-plugins -I/usr/ports/dynetcom/snort/w-snort-2.8.0-flexresp/snort-2.8.0/src/dynamic-plugins -I/usr/ports/dynetcom/snort/w-snort-2.8.0-flexresp/snort-2.8.0/src/preprocessors -I/usr/ports/dynetcom/snort/w-snort-2.8.0-flexresp/snort-2.8.0/src/preprocessors/flow -I/usr/ports/dynetcom/snort/w-snort-2.8.0-flexresp/snort-2.8.0/src/preprocessors/portscan -I/usr/ports/dynetcom/snort/w-snort-2.8.0-flexresp/snort-2.8.0/src/preprocessors/flow/int-snort -I/usr/ports/dynetcom/snort/w-snort-2.8.0-flexresp/snort-2.8.0/src/preprocessors/HttpInspect/include -I/usr/ports/dynetcom/snort/w-snort-2.8.0-flexresp/snort-2.8.0/src/preprocessors/Stream5 -I/usr/ports/dynetcom/snort/w-snort-2.8.0-flexresp/snort-2.8.0/src/target-based -I/usr/local/include -DENABLE_RESPONSE2 -I/usr/local/include -O2 -pipe -Wall -DDYNAMIC_PLUGIN -c /usr/ports/dynetcom/snort/w-snort-2.8.0-flexresp/snort-2.8.0/src/detection-plugins/sp_respond2.c In file included from /usr/ports/dynetcom/snort/w-snort-2.8.0-flexresp/snort-2.8.0/src/decode.h:49, from /usr/ports/dynetcom/snort/w-snort-2.8.0-flexresp/snort-2.8.0/src/detection-plugins/sp_respond2.c:99: /usr/ports/dynetcom/snort/w-snort-2.8.0-flexresp/snort-2.8.0/src/ipv6_port.h:71: error: conflicting types for `ip_t' /usr/local/include/dnet/ip.h:411: error: previous declaration of `ip_t' In file included from /usr/ports/dynetcom/snort/w-snort-2.8.0-flexresp/snort-2.8.0/src/detection-plugins/sp_respond2.c:99: /usr/ports/dynetcom/snort/w-snort-2.8.0-flexresp/snort-2.8.0/src/decode.h:948:1: warning: IP_PROTO_HOPOPTS redefined In file included from /usr/local/include/dnet.h:15, from /usr/ports/dynetcom/snort/w-snort-2.8.0-flexresp/snort-2.8.0/src/detection-plugins/sp_respond2.c:97: /usr/local/include/dnet/ip.h:97:1: warning: this is the location of the previous definition /usr/ports/dynetcom/snort/w-snort-2.8.0-flexresp/snort-2.8.0/src/detection-plugins/sp_respond2.c: In function `Respond2Init': /usr/ports/dynetcom/snort/w-snort-2.8.0-flexresp/snort-2.8.0/src/detection-plugins/sp_respond2.c:260: warning: assignment from incompatible pointer type /usr/ports/dynetcom/snort/w-snort-2.8.0-flexresp/snort-2.8.0/src/detection-plugins/sp_respond2.c: In function `Respond2Restart': /usr/ports/dynetcom/snort/w-snort-2.8.0-flexresp/snort-2.8.0/src/detection-plugins/sp_respond2.c:299: warning: passing arg 1 of `ip_close' from incompatible pointer type /usr/ports/dynetcom/snort/w-snort-2.8.0-flexresp/snort-2.8.0/src/detection-plugins/sp_respond2.c:299: warning: assignment from incompatible pointer type /usr/ports/dynetcom/snort/w-snort-2.8.0-flexresp/snort-2.8.0/src/detection-plugins/sp_respond2.c: In function `SendReset': /usr/ports/dynetcom/snort/w-snort-2.8.0-flexresp/snort-2.8.0/src/detection-plugins/sp_respond2.c:682: warning: passing arg 1 of `ip_send' from incompatible pointer type /usr/ports/dynetcom/snort/w-snort-2.8.0-flexresp/snort-2.8.0/src/detection-plugins/sp_respond2.c: In function `SendUnreach': /usr/ports/dynetcom/snort/w-snort-2.8.0-flexresp/snort-2.8.0/src/detection-plugins/sp_respond2.c:806: warning: passing arg 1 of `ip_send' from incompatible pointer type *** Error code 1 Stop in /usr/ports/dynetcom/snort/w-snort-2.8.0-flexresp/build-i386-flexresp/src/detection-plugins. *** Error code 1 Claer
Re: [UPDATE] net/snort 2.8.0
On Thu, Nov 29, 2007 at 12:21:13AM +0100, Markus Lude wrote: Hello, here is an update to snort 2.8.0. Please test/comment/commit/... 2.8.0.1 is already out. please resubmit a diff to 2.8.0.1
[UPDATE] net/snort 2.8.0
Hello, here is an update to snort 2.8.0. Please test/comment/commit/... Based on changes for 2.7.0.1 by Jason Dixon. Some added patches fix bus errors on sparc64 noticed by [EMAIL PROTECTED] If noone other wants, I would take maintainership (not included in diff). Regards, Markus Index: Makefile === RCS file: /cvs/ports/net/snort/Makefile,v retrieving revision 1.51 diff -u -p -r1.51 Makefile --- Makefile15 Sep 2007 22:36:59 - 1.51 +++ Makefile21 Nov 2007 00:43:34 - @@ -2,14 +2,14 @@ COMMENT= highly flexible sniffer/NIDS -DISTNAME= snort-2.6.0.2 -PKGNAME= ${DISTNAME}p1 +DISTNAME= snort-2.8.0 +PKGNAME= ${DISTNAME} CATEGORIES=net security MASTER_SITES= ${HOMEPAGE}/dl/current/ HOMEPAGE= http://www.snort.org/ -# GPL +# GPLv2 PERMIT_PACKAGE_CDROM= Yes PERMIT_PACKAGE_FTP=Yes PERMIT_DISTFILES_CDROM= Yes @@ -17,9 +17,11 @@ PERMIT_DISTFILES_FTP=Yes WANTLIB= c m pcap SHARED_LIBS= sf_engine 0.0 \ + sf_dcerpc_preproc 0.0 \ sf_dns_preproc 0.0 \ sf_ftptelnet_preproc 0.0 \ - sf_smtp_preproc 0.0 + sf_smtp_preproc 0.0 \ + sf_ssh_preproc 0.0 USE_LIBTOOL= Yes @@ -62,10 +64,12 @@ CONFIGURE_ARGS+=--enable-prelude MESSAGE= ${PKGDIR}/MESSAGE-prelude .endif -CONFIGS= classification.config gen-msg.map generators reference.config \ - sid sid-msg.map snort.conf threshold.conf unicode.map +CONFIGS= classification.config gen-msg.map reference.config \ + sid-msg.map snort.conf threshold.conf unicode.map -DOCS= AUTHORS CREDITS README.* *.pdf +PREPROC= decoder.rules preprocessor.rules + +DOCS= AUTHORS CREDITS README README.* *.pdf TODO USAGE WISHLIST post-build: @perl -pi -e s,%%SYSCONFDIR%%,${SYSCONFDIR}, \ @@ -77,6 +81,11 @@ post-install: ${INSTALL_DATA_DIR} ${PREFIX}/share/examples/snort .for i in ${CONFIGS} ${INSTALL_DATA} ${WRKSRC}/etc/${i} ${PREFIX}/share/examples/snort +.endfor + ${INSTALL_DATA} ${WRKSRC}/doc/generators ${PREFIX}/share/examples/snort + +.for i in ${PREPROC} + ${INSTALL_DATA} ${WRKSRC}/preproc_rules/${i} ${PREFIX}/share/examples/snort .endfor ${INSTALL_DATA_DIR} ${PREFIX}/share/doc/snort Index: distinfo === RCS file: /cvs/ports/net/snort/distinfo,v retrieving revision 1.15 diff -u -p -r1.15 distinfo --- distinfo5 Apr 2007 16:20:15 - 1.15 +++ distinfo21 Nov 2007 00:43:34 - @@ -1,5 +1,5 @@ -MD5 (snort-2.6.0.2.tar.gz) = XAlP9tgtuEWl8CPkpJIQPg== -RMD160 (snort-2.6.0.2.tar.gz) = cG1j24O30DesinHIEEMk2bdZTrU= -SHA1 (snort-2.6.0.2.tar.gz) = Gms/sZqC+Dvw/OWo226xJ3xyN5s= -SHA256 (snort-2.6.0.2.tar.gz) = B716x7ZF0TgKzmWzPAZO1Y2dwhvXNrH3a8V13CLhpeI= -SIZE (snort-2.6.0.2.tar.gz) = 3350277 +MD5 (snort-2.8.0.tar.gz) = z7qxwuOc27iRISxL8V6C8w== +RMD160 (snort-2.8.0.tar.gz) = 2sNqSh/aYLZszcXHdKthqqD2yKg= +SHA1 (snort-2.8.0.tar.gz) = 8HuEoIcthhAGtWqManmmAwjdaLQ= +SHA256 (snort-2.8.0.tar.gz) = uaBzfTL2nEvnSySDJLQBc2Z7W8e09Yru9PInGi6oQtE= +SIZE (snort-2.8.0.tar.gz) = 4278872 Index: patches/patch-etc_snort_conf === RCS file: /cvs/ports/net/snort/patches/patch-etc_snort_conf,v retrieving revision 1.1 diff -u -p -r1.1 patch-etc_snort_conf --- patches/patch-etc_snort_conf10 Oct 2006 13:33:17 - 1.1 +++ patches/patch-etc_snort_conf21 Nov 2007 00:43:34 - @@ -1,22 +1,26 @@ $OpenBSD: patch-etc_snort_conf,v 1.1 2006/10/10 13:33:17 aanriot Exp $ etc/snort.conf.origWed Sep 13 21:44:31 2006 -+++ etc/snort.conf Tue Oct 10 12:54:59 2006 -@@ -82,6 +82,9 @@ var SNMP_SERVERS $HOME_NET - # Port lists must either be continuous [eg 80:8080], or a single port [eg 80]. - # We will adding support for a real list of ports in the future. - +--- etc/snort.conf.origFri Sep 7 20:32:45 2007 etc/snort.conf Mon Nov 19 22:23:57 2007 +@@ -78,7 +78,10 @@ var SNMP_SERVERS $HOME_NET + # like this: + # + # portvar HTTP_PORTS 8081 +-# ++ +# Ports you run ssh servers on -+var SSH_PORTS 22 ++portvar SSH_PORTS 22 + # Ports you run web servers on - # - # Please note: [80,8080] does not work. -@@ -108,7 +111,7 @@ var AIM_SERVERS [64.12.24.0/23,64.12.28. + portvar HTTP_PORTS 80 + +@@ -107,8 +110,8 @@ var AIM_SERVERS [64.12.24.0/23,64.12.28.0/23,64.12.161 # Path to your rules files (this can be a relative path) # Note for Windows users: You are advised to make this an absolute path, # such as: c:\snort\rules -var RULE_PATH ../rules +-var PREPROC_RULE_PATH ../preproc_rules +var RULE_PATH %%SYSCONFDIR%%/snort/rules ++var PREPROC_RULE_PATH %%SYSCONFDIR%%/snort/preproc_rules # Configure the snort decoder # Index:
Re: [UPDATE] net/snort 2.8.0
On Nov 28, 2007, at 6:21 PM, Markus Lude wrote: Hello, here is an update to snort 2.8.0. Please test/comment/commit/... Based on changes for 2.7.0.1 by Jason Dixon. Some added patches fix bus errors on sparc64 noticed by [EMAIL PROTECTED] Crashes on my alpha. I've sent you a new kdump offlist. --- Jason Dixon DixonGroup Consulting http://www.dixongroup.net