[UPDATE] net/snort 2.8.0.1 (was: [UPDATE] net/snort 2.8.0)
On Fri, Nov 30, 2007 at 12:34:06PM +0200, Nikns Siankin wrote: > On Thu, Nov 29, 2007 at 12:21:13AM +0100, Markus Lude wrote: > >Hello, > >here is an update to snort 2.8.0. Please test/comment/commit/... > > > >Based on changes for 2.7.0.1 by Jason Dixon. > >Some added patches fix bus errors on sparc64 noticed by [EMAIL PROTECTED] > > > >If noone other wants, I would take maintainership (not included in > >diff). > > > >Regards, > >Markus > > > > Attached diff to apply after your diff. Thanks for the diff. > * Updated to 2.8.0.1 > * Fixes flexresp flavor: http://marc.info/?l=snort-users&m=119099490314507&w=2 Main problem here: one hunk of the distpatch file for src/preprocessors/stream.h conflicts with a patch. I solved this by removing that hunk from the distpatch file and do the patch in post-patch. Some questions here: * Is it ok to use this distpatch file? IMO this makes it easier to get rid of it when the stuff made it upstream in the next release * Is there some prefered way to resolve conflicts between a distpatch file which is used only for a flavor and the normal patches? > * Fixes prelude WANTLIB > * Replaces depricated --with-mysql Fixed flavors stuff. New diff against CVS attached. Please test/comment/commit/... Regards, Markus Index: net/snort/Makefile === RCS file: /cvs/ports/net/snort/Makefile,v retrieving revision 1.51 diff -u -r1.51 Makefile --- net/snort/Makefile 15 Sep 2007 22:36:59 - 1.51 +++ net/snort/Makefile 1 Dec 2007 11:28:45 - @@ -2,24 +2,28 @@ COMMENT= highly flexible sniffer/NIDS -DISTNAME= snort-2.6.0.2 -PKGNAME= ${DISTNAME}p1 +DISTNAME= snort-2.8.0.1 +PKGNAME= ${DISTNAME} CATEGORIES=net security MASTER_SITES= ${HOMEPAGE}/dl/current/ HOMEPAGE= http://www.snort.org/ -# GPL +MAINTAINER=Markus Lude <[EMAIL PROTECTED]> + +# GPLv2 PERMIT_PACKAGE_CDROM= Yes PERMIT_PACKAGE_FTP=Yes PERMIT_DISTFILES_CDROM= Yes PERMIT_DISTFILES_FTP= Yes -WANTLIB= c m pcap +WANTLIB= c m pcap SHARED_LIBS= sf_engine 0.0 \ + sf_dcerpc_preproc 0.0 \ sf_dns_preproc 0.0 \ sf_ftptelnet_preproc 0.0 \ - sf_smtp_preproc 0.0 + sf_smtp_preproc 0.0 \ + sf_ssh_preproc 0.0 USE_LIBTOOL= Yes @@ -41,6 +45,9 @@ .if ${FLAVOR:L:Mflexresp} LIB_DEPENDS+= dnet.=1::net/libdnet CONFIGURE_ARGS+=--enable-flexresp2 + +MASTER_SITES0= http://www-fs.informatik.uni-tuebingen.de/~lude/openbsd/distfiles/ +PATCHFILES=snort-flexresp_patch.diff:0 .endif .if ${FLAVOR:L:Mpostgresql} @@ -50,22 +57,31 @@ .if ${FLAVOR:L:Mmysql} LIB_DEPENDS+= lib/mysql/mysqlclient.>=10::databases/mysql -CONFIGURE_ARGS+=--with-mysql="${LOCALBASE}" +CONFIGURE_ARGS+=--with-mysql-libraries="${LOCALBASE}/lib" \ + --with-mysql-includes="${LOCALBASE}/include" WANTLIB+= z .endif .if ${FLAVOR:L:Mprelude} MODULES= devel/gettext -WANTLIB+= gcrypt gpg-error pthread z +WANTLIB+= gcrypt gnutls gpg-error pthread z LIB_DEPENDS+= prelude.>=8::security/prelude/libprelude CONFIGURE_ARGS+=--enable-prelude MESSAGE= ${PKGDIR}/MESSAGE-prelude .endif -CONFIGS= classification.config gen-msg.map generators reference.config \ - sid sid-msg.map snort.conf threshold.conf unicode.map +CONFIGS= classification.config gen-msg.map reference.config \ + sid-msg.map snort.conf threshold.conf unicode.map -DOCS= AUTHORS CREDITS README.* *.pdf +PREPROC= decoder.rules preprocessor.rules + +DOCS= AUTHORS CREDITS README README.* *.pdf TODO USAGE WISHLIST + +# workaround conflicts between distpatches and patches +post-patch: +.if ${FLAVOR:L:Mflexresp} + @perl -pi -e "s,ip_t,snort_ip," ${WRKSRC}/src/preprocessors/stream.h +.endif post-build: @perl -pi -e "s,%%SYSCONFDIR%%,${SYSCONFDIR}," \ @@ -77,6 +93,11 @@ ${INSTALL_DATA_DIR} ${PREFIX}/share/examples/snort .for i in ${CONFIGS} ${INSTALL_DATA} ${WRKSRC}/etc/${i} ${PREFIX}/share/examples/snort +.endfor + ${INSTALL_DATA} ${WRKSRC}/doc/generators ${PREFIX}/share/examples/snort + +.for i in ${PREPROC} + ${INSTALL_DATA} ${WRKSRC}/preproc_rules/${i} ${PREFIX}/share/examples/snort .endfor ${INSTALL_DATA_DIR} ${PREFIX}/share/doc/snort Index: net/snort/distinfo === RCS file: /cvs/ports/net/snort/distinfo,v retrieving revision 1.15 diff -u -r1.15 distinfo --- net/snort/distinfo 5 Apr 2007 16:20:15 - 1.15 +++ net/snort/distinfo 1 Dec 2007 11:28:45 - @@ -1,5 +1,10 @@ -MD5 (snort-2.6.0.2.tar.gz) = XAlP9tgtuEWl8CPkpJIQPg== -RMD160 (snort-2.6.0.2.tar.gz) = cG1j24O30DesinHIEEMk2bdZTrU= -SHA1 (snort-2.6.0.2.tar.gz) = Gms/sZqC+Dvw/OWo226xJ3xyN5s= -SHA256 (snort-2.6.0.2.tar.gz) = B716x7ZF0TgKzmWzPAZO1Y2dwhvXNrH3a8V13CLhpeI=
UPDATE: net/snort-2.8.6.1 (was: UPDATE: net/snort-2.8.6)
On Wed, Jul 28, 2010 at 03:45:48PM +0200, viq wrote: > > And looks like it's time to deal with it, as I can't fetch the distfile > right now... I guess the reason is the 2.8.6.1 release, though it's > highly annoying that older release sources are not available anymore... I contacted upstream about the old tar ball. Hopefully they'll fix it soon. For those interested, here's an update to 2.8.6.1. Still testing it myself. Tests welcome, especially with flavored versions. I mainly use the unflavored one, testing on i386 and sparc64. Regards, Markus Index: Makefile === RCS file: /cvs/ports/net/snort/Makefile,v retrieving revision 1.57 diff -u -p -r1.57 Makefile --- Makefile12 Jul 2010 19:38:40 - 1.57 +++ Makefile2 Aug 2010 12:29:20 - @@ -4,12 +4,8 @@ SHARED_ONLY = Yes COMMENT = highly flexible sniffer/NIDS -# Original URL http://dl.snort.org/downloads/14 redirects to a -# time-limited Amazon S3 url. This would mean a bad distfile name. -# The following hack allows it to work but XXX if updating, the -# MASTER_SITES URL will need to be adjusted, not just DISTNAME. -DISTNAME = snort-2.8.6 -MASTER_SITES = http://dl.snort.org/downloads/14?/ +DISTNAME = snort-2.8.6.1 +MASTER_SITES = http://www.snort.org/ports/snort-current/ CATEGORIES = net security @@ -22,7 +18,7 @@ PERMIT_PACKAGE_CDROM =Yes PERMIT_PACKAGE_FTP = Yes PERMIT_DISTFILES_CDROM = Yes PERMIT_DISTFILES_FTP = Yes -WANTLIB = c m pcap +WANTLIB = c m pcap pcre USE_LIBTOOL = Yes @@ -34,33 +30,35 @@ CONFIGURE_ARGS += ${CONFIGURE_SHARED} \ MAKE_FLAGS = mandir=${TRUEPREFIX}/man -LIB_DEPENDS = pcre::devel/pcre +LIB_DEPENDS = ::devel/pcre FLAVORS = postgresql mysql flexresp prelude FLAVOR ?= .if ${FLAVOR:L:Mflexresp} -LIB_DEPENDS += dnet.=1::net/libdnet +LIB_DEPENDS += ::net/libdnet CONFIGURE_ARGS += --enable-flexresp2 +WANTLIB += dnet.=1 .endif .if ${FLAVOR:L:Mpostgresql} -LIB_DEPENDS += pq.>=2::databases/postgresql +LIB_DEPENDS += ::databases/postgresql CONFIGURE_ARGS += --with-postgresql="${LOCALBASE}" +WANTLIB += pq .endif .if ${FLAVOR:L:Mmysql} -LIB_DEPENDS += lib/mysql/mysqlclient.>=10::databases/mysql +LIB_DEPENDS += ::databases/mysql CONFIGURE_ARGS += --with-mysql-libraries="${LOCALBASE}/lib" \ --with-mysql-includes="${LOCALBASE}/include" -WANTLIB += z +WANTLIB += lib/mysql/mysqlclient z .endif .if ${FLAVOR:L:Mprelude} MODULES = devel/gettext -WANTLIB += gcrypt gnutls gpg-error pthread tasn1 z -LIB_DEPENDS += prelude.>=8::security/prelude/libprelude +LIB_DEPENDS += ::security/prelude/libprelude CONFIGURE_ARGS += --enable-prelude +WANTLIB += gcrypt gnutls gpg-error prelude pthread tasn1 z MESSAGE = ${PKGDIR}/MESSAGE-prelude .endif Index: distinfo === RCS file: /cvs/ports/net/snort/distinfo,v retrieving revision 1.19 diff -u -p -r1.19 distinfo --- distinfo12 Jul 2010 19:38:40 - 1.19 +++ distinfo2 Aug 2010 12:29:20 - @@ -1,5 +1,5 @@ -MD5 (snort-2.8.6.tar.gz) = scLT3bHAqFmkfFox0Z5grQ== -RMD160 (snort-2.8.6.tar.gz) = W1Seqzmm4KDxgvbS7kb9YJlcgi4= -SHA1 (snort-2.8.6.tar.gz) = 5GPJmZTlIXFDliPhsFueG88BrI8= -SHA256 (snort-2.8.6.tar.gz) = YGTXu3jWQ4tFX/NJuT1S9A05d/H+yx15WMh4gbADA1g= -SIZE (snort-2.8.6.tar.gz) = 4960740 +MD5 (snort-2.8.6.1.tar.gz) = sRGTlqMunfDYBATktsSRZg== +RMD160 (snort-2.8.6.1.tar.gz) = J5JcDfnevJ5g4ZoMmJ2yjI0cp/A= +SHA1 (snort-2.8.6.1.tar.gz) = ZumR8VH2quXc3ukqvICSzVCKKqo= +SHA256 (snort-2.8.6.1.tar.gz) = epSO8jXFmxk8oIg7BKDT70zFJQ+TPK/E0G/u1XFQriM= +SIZE (snort-2.8.6.1.tar.gz) = 4939019 Index: patches/patch-src_dynamic-examples_dynamic-preprocessor_Makefile_in === RCS file: /cvs/ports/net/snort/patches/patch-src_dynamic-examples_dynamic-preprocessor_Makefile_in,v retrieving revision 1.1 diff -u -p -r1.1 patch-src_dynamic-examples_dynamic-preprocessor_Makefile_in --- patches/patch-src_dynamic-examples_dynamic-preprocessor_Makefile_in 12 Jul 2010 19:38:40 - 1.1 +++ patches/patch-src_dynamic-examples_dynamic-preprocessor_Makefile_in 2 Aug 2010 12:29:20 - @@ -1,7 +1,7 @@ $OpenBSD: patch-src_dynamic-examples_dynamic-preprocessor_Makefile_in,v 1.1 2010/07/12 19:38:40 sthen Exp $ src/dynamic-examples/dynamic-preprocessor/Makefile.in.orig Fri Mar 19 20:39:38 2010 -+++ src/dynamic-examples/dynamic-preprocessor/Makefile.in Mon Apr 26 20:14:12 2010 -@@ -200,7 +200,7 @@ target_alias = @target_alias@ +--- src/dynamic-examples/dynamic-preprocessor/Ma
UPDATE: net/snort
Update to snort, diff courtesy of Chris Kuethe, added myself as maintainer and I'll work from here. It should be also added that the community rules are replacing the standard rules since it seems that some sort of membership is now required for the snort released rules, I was unable to verify the licensing of the rules. Because of this the snort.conf needs some heavy editing at the end to replace all the rulesets. If anyone knows anything about them (snort release rules) feel free to let me know and I'll update accordingly. Index: Makefile === RCS file: /cvs/ports/net/snort/Makefile,v retrieving revision 1.36 diff -u -r1.36 Makefile --- Makefile2005/07/04 22:18:51 1.36 +++ Makefile2005/11/04 18:39:33 @@ -2,14 +2,14 @@ COMMENT= "highly flexible sniffer/NIDS" -DISTNAME= snort-2.3.3 -PKGNAME= ${DISTNAME}p0 +DISTNAME= snort-2.4.3 +DISTFILES= ${DISTNAME}.tar.gz Community-Rules-2.4.tar.gz:0 +#PKGNAME= ${DISTNAME}p0 CATEGORIES=net security -MASTER_SITES= ${HOMEPAGE}/dl/current/ HOMEPAGE= http://www.snort.org/ - -MAINTAINER=Brian Caswell <[EMAIL PROTECTED]> +MAINTAINER=Martin Ekendahl <[EMAIL PROTECTED]> +MASTER_SITES= ${HOMEPAGE}/dl/current/ +MASTER_SITES0= http://www.snort.org/pub-bin/downloads.cgi/Download/comm_rules/ # License: GPL PERMIT_PACKAGE_CDROM= Yes @@ -50,6 +50,9 @@ RUN_DEPENDS+= :samba-*:net/samba CONFIGURE_ARGS+= --enable-smbalerts .endif + +post-extract: + @cp -r ${WRKDIR}/rules ${WRKDIR}/docs ${WRKSRC} post-install: ${INSTALL_DATA_DIR} ${PREFIX}/share/examples/snort Index: distinfo === RCS file: /cvs/ports/net/snort/distinfo,v retrieving revision 1.9 diff -u -r1.9 distinfo --- distinfo2005/06/29 06:01:38 1.9 +++ distinfo2005/11/04 18:39:33 @@ -1,4 +1,8 @@ -MD5 (snort-2.3.3.tar.gz) = 06bf140893e7cb120aaa9372d10a0100 -RMD160 (snort-2.3.3.tar.gz) = 6bb635df1c62d293d8dd4b2fec55cfa486916908 -SHA1 (snort-2.3.3.tar.gz) = 6d05c995f0eef5adde9d63157436c0088747d435 -SIZE (snort-2.3.3.tar.gz) = 2631270 +MD5 (Community-Rules-2.4.tar.gz) = 806603538e779d5385ce608631f8b41e +MD5 (snort-2.4.3.tar.gz) = 5c3c8c69f2459bbe0c1f2057966c88a7 +RMD160 (Community-Rules-2.4.tar.gz) = 9279272b605a86a68124191bc8c0f8862c1f2363 +RMD160 (snort-2.4.3.tar.gz) = 1cba0a9d843da1cfa8c8dbaae5b18a16574cb7d2 +SHA1 (Community-Rules-2.4.tar.gz) = dacfd7743de318eddb4a490ac6142b0a938b6cbe +SHA1 (snort-2.4.3.tar.gz) = 5b38b558b73252c048f23dba2499bcd902ebdd9e +SIZE (Community-Rules-2.4.tar.gz) = 23563 +SIZE (snort-2.4.3.tar.gz) = 2733590 Index: pkg/PLIST === RCS file: /cvs/ports/net/snort/pkg/PLIST,v retrieving revision 1.13 diff -u -r1.13 PLIST --- pkg/PLIST 2004/09/15 18:17:46 1.13 +++ pkg/PLIST 2005/11/04 18:39:33 @@ -2,57 +2,31 @@ bin/snort @man man/man8/snort.8 share/examples/snort/ -share/examples/snort/attack-responses.rules -share/examples/snort/backdoor.rules -share/examples/snort/bad-traffic.rules -share/examples/snort/chat.rules share/examples/snort/classification.config -share/examples/snort/ddos.rules -share/examples/snort/deleted.rules -share/examples/snort/dns.rules -share/examples/snort/dos.rules -share/examples/snort/experimental.rules -share/examples/snort/exploit.rules -share/examples/snort/finger.rules -share/examples/snort/ftp.rules -share/examples/snort/icmp-info.rules -share/examples/snort/icmp.rules -share/examples/snort/imap.rules -share/examples/snort/info.rules -share/examples/snort/local.rules -share/examples/snort/misc.rules -share/examples/snort/multimedia.rules -share/examples/snort/mysql.rules -share/examples/snort/netbios.rules -share/examples/snort/nntp.rules -share/examples/snort/oracle.rules -share/examples/snort/other-ids.rules -share/examples/snort/p2p.rules -share/examples/snort/policy.rules -share/examples/snort/pop2.rules -share/examples/snort/pop3.rules -share/examples/snort/porn.rules +share/examples/snort/community-dos.rules +share/examples/snort/community-exploit.rules +share/examples/snort/community-ftp.rules +share/examples/snort/community-game.rules +share/examples/snort/community-icmp.rules +share/examples/snort/community-imap.rules +share/examples/snort/community-inappropriate.rules +share/examples/snort/community-mail-client.rules +share/examples/snort/community-misc.rules +share/examples/snort/community-nntp.rules +share/examples/snort/community-oracle.rules +share/examples/snort/community-sip.rules +share/examples/snort/community-smtp.rules +share/examples/snort/community-sql-injection.rules +share/examples/snort/community-virus.rules +share/examples/snort/community-web-attacks.rules +share/examples/snort/community-web-cgi.rules +share/examples/snort/community-web-client.rules +share/examples/snort/community-web-dos.rules +share/examples/snort/community-web-iis.rules +sha
UPDATE: net/snort
Index: snort/Makefile === RCS file: /cvs/ports/net/snort/Makefile,v retrieving revision 1.47 diff -u -r1.47 Makefile --- snort/Makefile 3 Aug 2006 23:15:58 - 1.47 +++ snort/Makefile 20 Sep 2006 13:18:07 - @@ -2,22 +2,28 @@ COMMENT= "highly flexible sniffer/NIDS" -DISTNAME= snort-2.4.5 -PKGNAME= ${DISTNAME}p0 +DISTNAME= snort-2.6.0.2 +PKGNAME= ${DISTNAME} CATEGORIES=net security MASTER_SITES= ${HOMEPAGE}/dl/current/ HOMEPAGE= http://www.snort.org/ +SHARED_LIBS= sf_engine 0.0 \ + sf_dns_preproc 0.0 \ + sf_ftptelnet_preproc 0.0 \ + sf_smtp_preproc 0.0 # License: GPL PERMIT_PACKAGE_CDROM= Yes PERMIT_PACKAGE_FTP=Yes PERMIT_DISTFILES_CDROM= Yes PERMIT_DISTFILES_FTP= Yes -WANTLIB= c m pcap +WANTLIB= c com_err m pcap SEPARATE_BUILD=concurrent CONFIGURE_STYLE= gnu +CONFIGURE_ARGS+= ${CONFIGURE_SHARED} \ + --enable-dynamicplugin LIB_DEPENDS= pcre::devel/pcre @@ -30,11 +36,8 @@ FLAVOR?= .if ${FLAVOR:L:Mflexresp} -LIB_DEPENDS+= lib/libnet-1.0/net.=0:libnet-1.0*:net/libnet/1.0 -CONFIGURE_ENV+=LDFLAGS="-L${LOCALBASE}/lib" -CONFIGURE_ARGS+= --enable-flexresp \ - --with-libnet-includes=${LOCALBASE}/include/libnet-1.0 \ - --with-libnet-libraries=${LOCALBASE}/lib/libnet-1.0 +LIB_DEPENDS+= dnet.=1::net/libdnet +CONFIGURE_ARGS+= --enable-flexresp2 .endif .if ${FLAVOR:L:Mpostgresql} Index: snort/distinfo === RCS file: /cvs/ports/net/snort/distinfo,v retrieving revision 1.13 diff -u -r1.13 distinfo --- snort/distinfo 8 Jun 2006 20:25:53 - 1.13 +++ snort/distinfo 20 Sep 2006 13:18:07 - @@ -1,4 +1,4 @@ -MD5 (snort-2.4.5.tar.gz) = 108b3c20dcbaf3cdb17ea9203342eaaa -RMD160 (snort-2.4.5.tar.gz) = 1b697ccd84e1c10406ac20ccc0c46f79ea661e11 -SHA1 (snort-2.4.5.tar.gz) = 3ba7dae8058aecf4e4eb1c7a816a7c8a4fb7c550 -SIZE (snort-2.4.5.tar.gz) = 2817837 +MD5 (snort-2.6.0.2.tar.gz) = 5c094ff6d82db845a5f023e4a492103e +RMD160 (snort-2.6.0.2.tar.gz) = 706d63db83b7d037ac8a71c8104324d9b7594eb5 +SHA1 (snort-2.6.0.2.tar.gz) = 1a6b3fb19a82f83bf0fce5a8db6eb1277c72379b +SIZE (snort-2.6.0.2.tar.gz) = 3350277 Index: snort/patches/patch-configure === RCS file: snort/patches/patch-configure diff -N snort/patches/patch-configure --- snort/patches/patch-configure 12 Apr 2006 22:03:48 - 1.3 +++ /dev/null 1 Jan 1970 00:00:00 - @@ -1,38 +0,0 @@ -$OpenBSD: patch-configure,v 1.3 2006/04/12 22:03:48 david Exp $ configure.orig Wed Mar 8 15:38:24 2006 -+++ configure Thu Mar 9 09:03:15 2006 -@@ -8397,20 +8397,20 @@ fi - # Check whether --enable-flexresp or --disable-flexresp was given. - if test "${enable_flexresp+set}" = set; then - enableval="$enable_flexresp" -- CPPFLAGS="${CPPFLAGS} -DENABLE_RESPONSE `libnet-config --defines --cflags`" LDFLAGS="${LDFLAGS} `libnet-config --libs`" -+ CPPFLAGS="${CPPFLAGS} -DENABLE_RESPONSE `libnet-config-1.0 --defines --cflags`" LDFLAGS="`libnet-config-1.0 --libs` ${LDFLAGS} " - fi; - - - if test "$enable_flexresp" != "no" -a "$enable_flexresp" = "yes"; then - -- if test `libnet-config --cflags | wc -c` = "1"; then -+ if test `libnet-config-1.0 --cflags | wc -c` = "1"; then - CPPFLAGS="${CPPFLAGS} -I/usr/local/include -I/sw/include" - LIBNET_CONFIG_BROKEN_CFLAGS=yes - fi - -- if test `libnet-config --libs | wc -c` = "1"; then --{ echo "$as_me:$LINENO: WARNING: libnet-config --libs is broken on your system. If you" >&5 --echo "$as_me: WARNING: libnet-config --libs is broken on your system. If you" >&2;} -+ if test `libnet-config-1.0 --libs | wc -c` = "1"; then -+{ echo "$as_me:$LINENO: WARNING: libnet-config-1.0 --libs is broken on your system. If you" >&5 -+echo "$as_me: WARNING: libnet-config-1.0 --libs is broken on your system. If you" >&2;} - { echo "$as_me:$LINENO: WARNING: are using a precompiled package please notify the" >&5 - echo "$as_me: WARNING: are using a precompiled package please notify the" >&2;} - { echo "$as_me:$LINENO: WARNING: maintainer." >&5 -@@ -8590,7 +8590,7 @@ echo $ECHO_N "checking for libnet versio - libnet_dir="/usr/include /usr/local/include /sw/include" - fi - else --libnet_dir=`libnet-config --cflags | cut -dI -f2` -+libnet_dir=`libnet-config-1.0 --cflags | cut -dI -f2` - fi - - LIBNET_INC_DIR="" Index: snort/patches/patch-src_dynamic-plugins_sf_dynamic_plugins_c === RCS file: snort/patches/patch-src_dynamic-plugins_sf_dynamic_plugins_c diff -N snort/patches/patch-src_dynamic-plugins_sf_dynamic_plugins_c --- /dev/null 1 Jan 1970 00:00:00 - +++ snort/patches/patch-src_dynam
UPDATE: net/snort
http://secure.lv/~nikns/stuff/ports/snort-2.6.1.2.diff Index: snort/Makefile === RCS file: /cvs/ports/net/snort/Makefile,v retrieving revision 1.50 diff -u -r1.50 Makefile --- snort/Makefile 25 Nov 2006 05:33:28 - 1.50 +++ snort/Makefile 23 Dec 2006 21:57:03 - @@ -2,8 +2,7 @@ COMMENT= "highly flexible sniffer/NIDS" -DISTNAME= snort-2.6.0.2 -PKGNAME= ${DISTNAME}p1 +DISTNAME= snort-2.6.1.2 CATEGORIES=net security MASTER_SITES= ${HOMEPAGE}/dl/current/ @@ -17,9 +16,11 @@ WANTLIB= c m pcap SHARED_LIBS= sf_engine 0.0 \ + sf_dcerpc_preproc 0.0 \ sf_dns_preproc 0.0 \ sf_ftptelnet_preproc 0.0 \ - sf_smtp_preproc 0.0 + sf_smtp_preproc 0.0 \ + sf_ssh_preproc 0.0 USE_LIBTOOL= Yes Index: snort/distinfo === RCS file: /cvs/ports/net/snort/distinfo,v retrieving revision 1.14 diff -u -r1.14 distinfo --- snort/distinfo 10 Oct 2006 13:33:17 - 1.14 +++ snort/distinfo 23 Dec 2006 21:57:03 - @@ -1,4 +1,4 @@ -MD5 (snort-2.6.0.2.tar.gz) = 5c094ff6d82db845a5f023e4a492103e -RMD160 (snort-2.6.0.2.tar.gz) = 706d63db83b7d037ac8a71c8104324d9b7594eb5 -SHA1 (snort-2.6.0.2.tar.gz) = 1a6b3fb19a82f83bf0fce5a8db6eb1277c72379b -SIZE (snort-2.6.0.2.tar.gz) = 3350277 +MD5 (snort-2.6.1.2.tar.gz) = 22c448e25538cdf74c62abe586aeac0a +RMD160 (snort-2.6.1.2.tar.gz) = bd0ce3a4629a6e594a5f24723254e85d36597d04 +SHA1 (snort-2.6.1.2.tar.gz) = 745f56806a0bae128a5c93c93c5eda9a4b80f593 +SIZE (snort-2.6.1.2.tar.gz) = 3511538 Index: snort/patches/patch-etc_snort_conf === RCS file: /cvs/ports/net/snort/patches/patch-etc_snort_conf,v retrieving revision 1.1 diff -u -r1.1 patch-etc_snort_conf --- snort/patches/patch-etc_snort_conf 10 Oct 2006 13:33:17 - 1.1 +++ snort/patches/patch-etc_snort_conf 23 Dec 2006 21:57:03 - @@ -1,6 +1,6 @@ $OpenBSD: patch-etc_snort_conf,v 1.1 2006/10/10 13:33:17 aanriot Exp $ etc/snort.conf.origWed Sep 13 21:44:31 2006 -+++ etc/snort.conf Tue Oct 10 12:54:59 2006 +--- etc/snort.conf.origMon Dec 4 19:53:02 2006 etc/snort.conf Sat Dec 23 21:38:42 2006 @@ -82,6 +82,9 @@ var SNMP_SERVERS $HOME_NET # Port lists must either be continuous [eg 80:8080], or a single port [eg 80]. # We will adding support for a real list of ports in the future. @@ -11,7 +11,7 @@ # Ports you run web servers on # # Please note: [80,8080] does not work. -@@ -108,7 +111,7 @@ var AIM_SERVERS [64.12.24.0/23,64.12.28. +@@ -111,7 +114,7 @@ var AIM_SERVERS [64.12.24.0/23,64.12.28. # Path to your rules files (this can be a relative path) # Note for Windows users: You are advised to make this an absolute path, # such as: c:\snort\rules Index: snort/patches/patch-src_dynamic-preprocessors_Makefile_in === RCS file: snort/patches/patch-src_dynamic-preprocessors_Makefile_in diff -N snort/patches/patch-src_dynamic-preprocessors_Makefile_in --- snort/patches/patch-src_dynamic-preprocessors_Makefile_in 10 Oct 2006 13:33:17 - 1.1 +++ /dev/null 1 Jan 1970 00:00:00 - @@ -1,26 +0,0 @@ -$OpenBSD: patch-src_dynamic-preprocessors_Makefile_in,v 1.1 2006/10/10 13:33:17 aanriot Exp $ src/dynamic-preprocessors/Makefile.in.orig Wed Sep 13 21:40:06 2006 -+++ src/dynamic-preprocessors/Makefile.in Sun Oct 1 17:38:17 2006 -@@ -480,7 +480,7 @@ maintainer-clean-generic: - @echo "This command is intended for maintainers to use" - @echo "it deletes files that may require special tools to rebuild." - -test -z "$(BUILT_SOURCES)" || rm -f $(BUILT_SOURCES) [EMAIL PROTECTED]@install-data-local: -+install-data-local: - clean: clean-recursive - - clean-am: clean-generic clean-libtool clean-local mostlyclean-am -@@ -608,13 +608,6 @@ include/str_search.h: $(srcdir)/../prepr - clean-local: - rm -rf include build - [EMAIL PROTECTED]@install-data-local: [EMAIL PROTECTED]@ @for f in $(exported_files); do \ [EMAIL PROTECTED]@ truefile=`echo $$f | sed -e "s/.*\///"`; \ [EMAIL PROTECTED]@ $(mkinstalldirs) $(DESTDIR)$(srcinstdir); \ [EMAIL PROTECTED]@ if test -f $(srcdir)/$$f; then p=$(srcdir)/$$f; else p=$$f; fi; \ [EMAIL PROTECTED]@ $(INSTALL_DATA) $$p $(DESTDIR)$(srcinstdir)/$$truefile; \ [EMAIL PROTECTED]@ done - # Tell versions [3.59,3.63) of GNU make to not export all variables. - # Otherwise a system limit (for SysV at least) may be exceeded. - .NOEXPORT: Index: snort/patches/patch-src_dynamic-preprocessors_dcerpc_Makefile_in === RCS file: snort/patches/patch-src_dynamic-preprocessors_dcerpc_Makefile_in diff -N s
UPDATE: net/snort
http://www.osvdb.org/32096 http://secure.lv/~nikns/stuff/ports/snort-2.6.1.3.diff Index: snort/Makefile === RCS file: /cvs/ports/net/snort/Makefile,v retrieving revision 1.50 diff -u -r1.50 Makefile --- snort/Makefile 25 Nov 2006 05:33:28 - 1.50 +++ snort/Makefile 6 Mar 2007 12:07:28 - @@ -2,8 +2,7 @@ COMMENT= "highly flexible sniffer/NIDS" -DISTNAME= snort-2.6.0.2 -PKGNAME= ${DISTNAME}p1 +DISTNAME= snort-2.6.1.3 CATEGORIES=net security MASTER_SITES= ${HOMEPAGE}/dl/current/ @@ -17,9 +16,11 @@ WANTLIB= c m pcap SHARED_LIBS= sf_engine 0.0 \ + sf_dcerpc_preproc 0.0 \ sf_dns_preproc 0.0 \ sf_ftptelnet_preproc 0.0 \ - sf_smtp_preproc 0.0 + sf_smtp_preproc 0.0 \ + sf_ssh_preproc 0.0 USE_LIBTOOL= Yes @@ -56,7 +57,7 @@ .if ${FLAVOR:L:Mprelude} MODULES= devel/gettext -WANTLIB+= gcrypt gpg-error pthread z +WANTLIB+= gcrypt gnutls gpg-error pthread z LIB_DEPENDS+= prelude.>=8::security/prelude/libprelude CONFIGURE_ARGS+=--enable-prelude MESSAGE= ${PKGDIR}/MESSAGE-prelude Index: snort/distinfo === RCS file: /cvs/ports/net/snort/distinfo,v retrieving revision 1.14 diff -u -r1.14 distinfo --- snort/distinfo 10 Oct 2006 13:33:17 - 1.14 +++ snort/distinfo 6 Mar 2007 12:07:28 - @@ -1,4 +1,4 @@ -MD5 (snort-2.6.0.2.tar.gz) = 5c094ff6d82db845a5f023e4a492103e -RMD160 (snort-2.6.0.2.tar.gz) = 706d63db83b7d037ac8a71c8104324d9b7594eb5 -SHA1 (snort-2.6.0.2.tar.gz) = 1a6b3fb19a82f83bf0fce5a8db6eb1277c72379b -SIZE (snort-2.6.0.2.tar.gz) = 3350277 +MD5 (snort-2.6.1.3.tar.gz) = 8b46997afd728fbdaafdc9b1d0278b07 +RMD160 (snort-2.6.1.3.tar.gz) = 0c390bd7cdbe705ba43ce8c8894bfec53c3179f6 +SHA1 (snort-2.6.1.3.tar.gz) = cb944d74ab6c254f88d356d45e4492ba560dfc3c +SIZE (snort-2.6.1.3.tar.gz) = 3700149 Index: snort/patches/patch-etc_snort_conf === RCS file: /cvs/ports/net/snort/patches/patch-etc_snort_conf,v retrieving revision 1.1 diff -u -r1.1 patch-etc_snort_conf --- snort/patches/patch-etc_snort_conf 10 Oct 2006 13:33:17 - 1.1 +++ snort/patches/patch-etc_snort_conf 6 Mar 2007 12:07:28 - @@ -1,6 +1,6 @@ $OpenBSD: patch-etc_snort_conf,v 1.1 2006/10/10 13:33:17 aanriot Exp $ etc/snort.conf.origWed Sep 13 21:44:31 2006 -+++ etc/snort.conf Tue Oct 10 12:54:59 2006 +--- etc/snort.conf.origMon Dec 4 19:53:02 2006 etc/snort.conf Sat Dec 23 21:38:42 2006 @@ -82,6 +82,9 @@ var SNMP_SERVERS $HOME_NET # Port lists must either be continuous [eg 80:8080], or a single port [eg 80]. # We will adding support for a real list of ports in the future. @@ -11,7 +11,7 @@ # Ports you run web servers on # # Please note: [80,8080] does not work. -@@ -108,7 +111,7 @@ var AIM_SERVERS [64.12.24.0/23,64.12.28. +@@ -111,7 +114,7 @@ var AIM_SERVERS [64.12.24.0/23,64.12.28. # Path to your rules files (this can be a relative path) # Note for Windows users: You are advised to make this an absolute path, # such as: c:\snort\rules Index: snort/patches/patch-src_dynamic-preprocessors_Makefile_in === RCS file: snort/patches/patch-src_dynamic-preprocessors_Makefile_in diff -N snort/patches/patch-src_dynamic-preprocessors_Makefile_in --- snort/patches/patch-src_dynamic-preprocessors_Makefile_in 10 Oct 2006 13:33:17 - 1.1 +++ /dev/null 1 Jan 1970 00:00:00 - @@ -1,26 +0,0 @@ -$OpenBSD: patch-src_dynamic-preprocessors_Makefile_in,v 1.1 2006/10/10 13:33:17 aanriot Exp $ src/dynamic-preprocessors/Makefile.in.orig Wed Sep 13 21:40:06 2006 -+++ src/dynamic-preprocessors/Makefile.in Sun Oct 1 17:38:17 2006 -@@ -480,7 +480,7 @@ maintainer-clean-generic: - @echo "This command is intended for maintainers to use" - @echo "it deletes files that may require special tools to rebuild." - -test -z "$(BUILT_SOURCES)" || rm -f $(BUILT_SOURCES) [EMAIL PROTECTED]@install-data-local: -+install-data-local: - clean: clean-recursive - - clean-am: clean-generic clean-libtool clean-local mostlyclean-am -@@ -608,13 +608,6 @@ include/str_search.h: $(srcdir)/../prepr - clean-local: - rm -rf include build - [EMAIL PROTECTED]@install-data-local: [EMAIL PROTECTED]@ @for f in $(exported_files); do \ [EMAIL PROTECTED]@ truefile=`echo $$f | sed -e "s/.*\///"`; \ [EMAIL PROTECTED]@ $(mkinstalldirs) $(DESTDIR)$(srcinstdir); \ [EMAIL PROTECTED]@ if test -f $(srcdir)/$$f; then p=$(srcdir)/$$f; else p=$$f; fi; \ [EMAIL PROTECTED]@ $(INSTALL_DATA) $$p $(DESTDIR)$(srcinstdir)/$$truefile; \ [EMAIL PROTECTED]@ done - # Tell versions [3.59,3.63) of GNU make to n
UPDATE: net/snort
This diff brings Snort to 2.7.0.1. It also fixes compatibility with security/prelude by adding the _snort user to the _prelude group for the prelude FLAVOR. I've tested it successfully on i386 and alpha, and hope to test it on my ppc soon. There are problems with sparc64 crashing. I should be picking up a sparc64 system tomorrow for local testing. Index: ports/net/snort/Makefile === RCS file: /cvs/ports/net/snort/Makefile,v retrieving revision 1.50 diff -u -p -r1.50 Makefile --- ports/net/snort/Makefile2006/11/25 05:33:28 1.50 +++ ports/net/snort/Makefile2007/09/04 20:45:57 @@ -2,8 +2,8 @@ COMMENT= "highly flexible sniffer/NIDS" -DISTNAME= snort-2.6.0.2 -PKGNAME= ${DISTNAME}p1 +DISTNAME= snort-2.7.0.1 +PKGNAME= ${DISTNAME} CATEGORIES=net security MASTER_SITES= ${HOMEPAGE}/dl/current/ @@ -17,9 +17,11 @@ PERMIT_DISTFILES_FTP=Yes WANTLIB= c m pcap SHARED_LIBS= sf_engine 0.0 \ + sf_dcerpc_preproc 0.0 \ sf_dns_preproc 0.0 \ sf_ftptelnet_preproc 0.0 \ - sf_smtp_preproc 0.0 + sf_smtp_preproc 0.0 \ + sf_ssh_preproc 0.0 USE_LIBTOOL= Yes Index: ports/net/snort/distinfo === RCS file: /cvs/ports/net/snort/distinfo,v retrieving revision 1.15 diff -u -p -r1.15 distinfo --- ports/net/snort/distinfo2007/04/05 16:20:15 1.15 +++ ports/net/snort/distinfo2007/09/04 20:45:57 @@ -1,5 +1,5 @@ -MD5 (snort-2.6.0.2.tar.gz) = XAlP9tgtuEWl8CPkpJIQPg== -RMD160 (snort-2.6.0.2.tar.gz) = cG1j24O30DesinHIEEMk2bdZTrU= -SHA1 (snort-2.6.0.2.tar.gz) = Gms/sZqC+Dvw/OWo226xJ3xyN5s= -SHA256 (snort-2.6.0.2.tar.gz) = B716x7ZF0TgKzmWzPAZO1Y2dwhvXNrH3a8V13CLhpeI= -SIZE (snort-2.6.0.2.tar.gz) = 3350277 +MD5 (snort-2.7.0.1.tar.gz) = 06d3fa0b326dcdca59a19811f32b013a +RMD160 (snort-2.7.0.1.tar.gz) = c88b71231bfa65e2c1eabd8931f4d6121e92a26a +SHA1 (snort-2.7.0.1.tar.gz) = 9b751a73c611126c32e2dccd0a0e99aaff4e9653 +SHA256 (snort-2.7.0.1.tar.gz) = c9337c2acb34e34904e3fff8a2c31e1a3a92aa7776a9263454fd4dc5503721fa +SIZE (snort-2.7.0.1.tar.gz) = 3905846 Index: ports/net/snort/patches/patch-src_dynamic-preprocessors_Makefile_in === RCS file: /cvs/ports/net/snort/patches/patch-src_dynamic-preprocessors_Makefile_in,v retrieving revision 1.1 diff -u -p -r1.1 patch-src_dynamic-preprocessors_Makefile_in --- ports/net/snort/patches/patch-src_dynamic-preprocessors_Makefile_in 2006/10/10 13:33:17 1.1 +++ ports/net/snort/patches/patch-src_dynamic-preprocessors_Makefile_in 2007/09/04 20:45:57 @@ -1,16 +1,16 @@ -$OpenBSD: patch-src_dynamic-preprocessors_Makefile_in,v 1.1 2006/10/10 13:33:17 aanriot Exp $ src/dynamic-preprocessors/Makefile.in.orig Wed Sep 13 21:40:06 2006 -+++ src/dynamic-preprocessors/Makefile.in Sun Oct 1 17:38:17 2006 -@@ -480,7 +480,7 @@ maintainer-clean-generic: +--- src/dynamic-preprocessors/Makefile.in.orig Mon Aug 27 15:10:58 2007 src/dynamic-preprocessors/Makefile.in Mon Aug 27 15:17:09 2007 +@@ -500,8 +500,7 @@ @echo "This command is intended for maintainers to use" @echo "it deletes files that may require special tools to rebuild." -test -z "$(BUILT_SOURCES)" || rm -f $(BUILT_SOURCES) [EMAIL PROTECTED]@uninstall-local: [EMAIL PROTECTED]@install-data-local: +install-data-local: clean: clean-recursive clean-am: clean-generic clean-libtool clean-local mostlyclean-am -@@ -608,13 +608,6 @@ include/str_search.h: $(srcdir)/../prepr +@@ -636,20 +635,6 @@ clean-local: rm -rf include build @@ -20,6 +20,13 @@ $OpenBSD: patch-src_dynamic-preprocessor [EMAIL PROTECTED]@ $(mkinstalldirs) $(DESTDIR)$(srcinstdir); \ [EMAIL PROTECTED]@ if test -f $(srcdir)/$$f; then p=$(srcdir)/$$f; else p=$$f; fi; \ [EMAIL PROTECTED]@ $(INSTALL_DATA) $$p $(DESTDIR)$(srcinstdir)/$$truefile; \ [EMAIL PROTECTED]@ done +- [EMAIL PROTECTED]@uninstall-local: [EMAIL PROTECTED]@ @for f in $(exported_files); do \ [EMAIL PROTECTED]@ truefile=`echo $$f | sed -e "s/.*\///"`; \ [EMAIL PROTECTED]@ $(mkinstalldirs) $(DESTDIR)$(srcinstdir); \ [EMAIL PROTECTED]@ $(RM) -f $(DESTDIR)$(srcinstdir)/$$truefile; \ [EMAIL PROTECTED]@ done # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. Index: ports/net/snort/patches/patch-src_dynamic-preprocessors_dcerpc_Makefile_in === RCS file: patch-src_dynamic-preprocessors_dcerpc_Makefile_in diff -N patch-src_dynamic-preprocessors_dcerpc_Makefile_in --- /dev/null Sat Aug 30 18:16:59 1997 +++ patch-src_dynamic-preprocessors_dcerpc_Makefile_in Tue Sep 4 20:45:57 2
Re: [UPDATE] net/snort 2.8.0.1 (was: [UPDATE] net/snort 2.8.0)
On Sat, Dec 01, 2007 at 01:42:41PM +0100, Markus Lude wrote: > > New diff against CVS attached. Please test/comment/commit/... new diff with a few changes. Please test. Comments/oks? cheers, rui Index: Makefile === RCS file: /cvs/ports/net/snort/Makefile,v retrieving revision 1.51 diff -u -r1.51 Makefile --- Makefile15 Sep 2007 22:36:59 - 1.51 +++ Makefile9 Feb 2008 17:38:12 - @@ -2,29 +2,34 @@ COMMENT= highly flexible sniffer/NIDS -DISTNAME= snort-2.6.0.2 -PKGNAME= ${DISTNAME}p1 +DISTNAME= snort-2.8.0.1 CATEGORIES=net security MASTER_SITES= ${HOMEPAGE}/dl/current/ HOMEPAGE= http://www.snort.org/ -# GPL +MAINTAINER=Markus Lude <[EMAIL PROTECTED]> + +# GPLv2 PERMIT_PACKAGE_CDROM= Yes PERMIT_PACKAGE_FTP=Yes PERMIT_DISTFILES_CDROM= Yes PERMIT_DISTFILES_FTP= Yes -WANTLIB= c m pcap +WANTLIB= c m pcap -SHARED_LIBS= sf_engine 0.0 \ - sf_dns_preproc 0.0 \ - sf_ftptelnet_preproc 0.0 \ - sf_smtp_preproc 0.0 +SHARED_LIBS= sf_engine 1.0 \ + sf_dns_preproc 1.0 \ + sf_ftptelnet_preproc 1.0 \ + sf_smtp_preproc 1.0 \ + sf_dcerpc_preproc 0.0 \ + sf_ssh_preproc 0.0 \ + _sfdynamic_example_rule 0.0 \ + _sfdynamic_preprocessor_example 0.0 USE_LIBTOOL= Yes SEPARATE_BUILD=concurrent -CONFIGURE_STYLE=gnu +CONFIGURE_STYLE=simple CONFIGURE_ARGS+=${CONFIGURE_SHARED} \ --enable-dynamicplugin @@ -41,6 +46,9 @@ .if ${FLAVOR:L:Mflexresp} LIB_DEPENDS+= dnet.=1::net/libdnet CONFIGURE_ARGS+=--enable-flexresp2 + +MASTER_SITES0= http://www-fs.informatik.uni-tuebingen.de/~lude/openbsd/distfiles/ +PATCHFILES=snort-flexresp_patch.diff:0 .endif .if ${FLAVOR:L:Mpostgresql} @@ -50,22 +58,31 @@ .if ${FLAVOR:L:Mmysql} LIB_DEPENDS+= lib/mysql/mysqlclient.>=10::databases/mysql -CONFIGURE_ARGS+=--with-mysql="${LOCALBASE}" +CONFIGURE_ARGS+=--with-mysql-libraries="${LOCALBASE}/lib" \ + --with-mysql-includes="${LOCALBASE}/include" WANTLIB+= z .endif .if ${FLAVOR:L:Mprelude} MODULES= devel/gettext -WANTLIB+= gcrypt gpg-error pthread z +WANTLIB+= gcrypt gnutls gpg-error pthread z LIB_DEPENDS+= prelude.>=8::security/prelude/libprelude CONFIGURE_ARGS+=--enable-prelude MESSAGE= ${PKGDIR}/MESSAGE-prelude .endif -CONFIGS= classification.config gen-msg.map generators reference.config \ - sid sid-msg.map snort.conf threshold.conf unicode.map +CONFIGS= classification.config gen-msg.map reference.config \ + sid-msg.map snort.conf threshold.conf unicode.map -DOCS= AUTHORS CREDITS README.* *.pdf +PREPROC= decoder.rules preprocessor.rules + +DOCS= AUTHORS CREDITS README README.* *.pdf TODO USAGE WISHLIST + +# workaround conflicts between distpatches and patches +post-patch: +.if ${FLAVOR:L:Mflexresp} + @perl -pi -e "s,ip_t,snort_ip," ${WRKSRC}/src/preprocessors/stream.h +.endif post-build: @perl -pi -e "s,%%SYSCONFDIR%%,${SYSCONFDIR}," \ @@ -77,6 +94,11 @@ ${INSTALL_DATA_DIR} ${PREFIX}/share/examples/snort .for i in ${CONFIGS} ${INSTALL_DATA} ${WRKSRC}/etc/${i} ${PREFIX}/share/examples/snort +.endfor + ${INSTALL_DATA} ${WRKSRC}/doc/generators ${PREFIX}/share/examples/snort + +.for i in ${PREPROC} + ${INSTALL_DATA} ${WRKSRC}/preproc_rules/${i} ${PREFIX}/share/examples/snort .endfor ${INSTALL_DATA_DIR} ${PREFIX}/share/doc/snort Index: distinfo === RCS file: /cvs/ports/net/snort/distinfo,v retrieving revision 1.15 diff -u -r1.15 distinfo --- distinfo5 Apr 2007 16:20:15 - 1.15 +++ distinfo9 Feb 2008 17:38:12 - @@ -1,5 +1,10 @@ -MD5 (snort-2.6.0.2.tar.gz) = XAlP9tgtuEWl8CPkpJIQPg== -RMD160 (snort-2.6.0.2.tar.gz) = cG1j24O30DesinHIEEMk2bdZTrU= -SHA1 (snort-2.6.0.2.tar.gz) = Gms/sZqC+Dvw/OWo226xJ3xyN5s= -SHA256 (snort-2.6.0.2.tar.gz) = B716x7ZF0TgKzmWzPAZO1Y2dwhvXNrH3a8V13CLhpeI= -SIZE (snort-2.6.0.2.tar.gz) = 3350277 +MD5 (snort-2.8.0.1.tar.gz) = u2UOjv6Fj1w8yx5HF3XX5w== +MD5 (snort-flexresp_patch.diff) = ZYyI5dSWIpCkny37tRidUQ== +RMD160 (snort-2.8.0.1.tar.gz) = oLC+wvfMoNR6WYcIu/xpysr0ShI= +RMD160 (snort-flexresp_patch.diff) = vrc4csTm8t0HUKMbYMrMzDs66jA= +SHA1 (snort-2.8.0.1.tar.gz) = s7RfptUDcvZYfNd2r0O0FSURljA= +SHA1 (snort-flexresp_patch.diff) = qkgi0RNWJintUwpX6uYE4QdeWV4= +SHA256 (snort-2.8.0.1.tar.gz) = T6dP2/5nc2Kw/vImAm5/EQ196Fa6qtIbX+Pr0PYnsRI= +SHA256 (snort-flexresp_patch.diff) = cBSVJQ939iIageqqNMHQnsa1GjjplPju96ePvHBMyNY= +SIZE (snort-2.8.0.1.tar.gz) = 4331731 +SIZE (snort-flexresp_patch.diff) = 48418 Index: patches/patch-etc_snort_conf === RCS file: /cvs/ports/net/s
Re: UPDATE: net/snort-2.8.6.1 (was: UPDATE: net/snort-2.8.6)
Markus Lude wrote: > On Wed, Jul 28, 2010 at 03:45:48PM +0200, viq wrote: > > > > And looks like it's time to deal with it, as I can't fetch the distfile > > right now... I guess the reason is the 2.8.6.1 release, though it's > > highly annoying that older release sources are not available anymore... > > I contacted upstream about the old tar ball. Hopefully they'll fix it > soon. > > For those interested, here's an update to 2.8.6.1. Still testing it > myself. Tests welcome, especially with flavored versions. I mainly use > the unflavored one, testing on i386 and sparc64. looks okey to me except pkg/PLIST. make plist says that PLIST has changes: --- pkg/PLIST.orig Mon Jul 12 13:38:40 2010 +++ pkg/PLIST Sun Aug 22 05:27:33 2010 @@ -33,7 +33,6 @@ lib/snort_dynamicpreprocessor/libsf_ssl_preproc.a @comment lib/snort_dynamicpreprocessor/libsf_ssl_preproc.la lib/snort_dynamicpreprocessor/libsf_ssl_preproc.so -lib/snort_dynamicrules/ @man man/man8/snort.8 share/doc/snort/ share/doc/snort/AUTHORS what is this directory for? alek > > Regards, > Markus > > Index: Makefile > === > RCS file: /cvs/ports/net/snort/Makefile,v > retrieving revision 1.57 > diff -u -p -r1.57 Makefile > --- Makefile 12 Jul 2010 19:38:40 - 1.57 > +++ Makefile 2 Aug 2010 12:29:20 - > @@ -4,12 +4,8 @@ SHARED_ONLY =Yes > > COMMENT =highly flexible sniffer/NIDS > > -# Original URL http://dl.snort.org/downloads/14 redirects to a > -# time-limited Amazon S3 url. This would mean a bad distfile name. > -# The following hack allows it to work but XXX if updating, the > -# MASTER_SITES URL will need to be adjusted, not just DISTNAME. > -DISTNAME = snort-2.8.6 > -MASTER_SITES = http://dl.snort.org/downloads/14?/ > +DISTNAME = snort-2.8.6.1 > +MASTER_SITES = http://www.snort.org/ports/snort-current/ > > CATEGORIES = net security > > @@ -22,7 +18,7 @@ PERMIT_PACKAGE_CDROM = Yes > PERMIT_PACKAGE_FTP = Yes > PERMIT_DISTFILES_CDROM = Yes > PERMIT_DISTFILES_FTP = Yes > -WANTLIB =c m pcap > +WANTLIB =c m pcap pcre > > USE_LIBTOOL =Yes > > @@ -34,33 +30,35 @@ CONFIGURE_ARGS += ${CONFIGURE_SHARED} \ > > MAKE_FLAGS = mandir=${TRUEPREFIX}/man > > -LIB_DEPENDS =pcre::devel/pcre > +LIB_DEPENDS =::devel/pcre > > FLAVORS =postgresql mysql flexresp prelude > FLAVOR ?= > > .if ${FLAVOR:L:Mflexresp} > -LIB_DEPENDS += dnet.=1::net/libdnet > +LIB_DEPENDS += ::net/libdnet > CONFIGURE_ARGS +=--enable-flexresp2 > +WANTLIB += dnet.=1 > .endif > > .if ${FLAVOR:L:Mpostgresql} > -LIB_DEPENDS += pq.>=2::databases/postgresql > +LIB_DEPENDS += ::databases/postgresql > CONFIGURE_ARGS +=--with-postgresql="${LOCALBASE}" > +WANTLIB += pq > .endif > > .if ${FLAVOR:L:Mmysql} > -LIB_DEPENDS += lib/mysql/mysqlclient.>=10::databases/mysql > +LIB_DEPENDS += ::databases/mysql > CONFIGURE_ARGS +=--with-mysql-libraries="${LOCALBASE}/lib" \ > --with-mysql-includes="${LOCALBASE}/include" > -WANTLIB += z > +WANTLIB += lib/mysql/mysqlclient z > .endif > > .if ${FLAVOR:L:Mprelude} > MODULES =devel/gettext > -WANTLIB += gcrypt gnutls gpg-error pthread tasn1 z > -LIB_DEPENDS += prelude.>=8::security/prelude/libprelude > +LIB_DEPENDS += ::security/prelude/libprelude > CONFIGURE_ARGS +=--enable-prelude > +WANTLIB += gcrypt gnutls gpg-error prelude pthread tasn1 z > MESSAGE =${PKGDIR}/MESSAGE-prelude > .endif > > Index: distinfo > === > RCS file: /cvs/ports/net/snort/distinfo,v > retrieving revision 1.19 > diff -u -p -r1.19 distinfo > --- distinfo 12 Jul 2010 19:38:40 - 1.19 > +++ distinfo 2 Aug 2010 12:29:20 - > @@ -1,5 +1,5 @@ > -MD5 (snort-2.8.6.tar.gz) = scLT3bHAqFmkfFox0Z5grQ== > -RMD160 (snort-2.8.6.tar.gz) = W1Seqzmm4KDxgvbS7kb9YJlcgi4= > -SHA1 (snort-2.8.6.tar.gz) = 5GPJmZTlIXFDliPhsFueG88BrI8= > -SHA256 (snort-2.8.6.tar.gz) = YGTXu3jWQ4tFX/NJuT1S9A05d/H+yx15WMh4gbADA1g= > -SIZE (snort-2.8.6.tar.gz) = 4960740 > +MD5 (snort-2.8.6.1.tar.gz) = sRGTlqMunfDYBATktsSRZg== > +RMD160 (snort-2.8.6.1.tar.gz) = J5JcDfnevJ5g4ZoMmJ2yjI0cp/A= > +SHA1 (snort-2.8.6.1.tar.gz) = ZumR8VH2quXc3ukqvICSzVCKKqo= > +SHA256 (snort-2.8.6.1.tar.gz) = epSO8jXFmxk8oIg7BKDT70zFJQ+TPK/E0G/u1XFQriM= > +SIZE (snort-2.8.6.1.tar.gz) = 4939019 > Index: patches/patch-src_dynamic-examples_dynamic-preprocessor_Makefile_in > === > RCS file: > /cvs/ports/net/snort/patches/patch-src_dynamic-examples_dynamic-preprocesso
UPDATE: net/snort 2.9.13
Hello, attached is an update to snort 2.9.13. A new library libsf_sorules appeared in an example directory. Questions about it went unanswered on snort-devel. I disabled it for now. Rest is mostly regenerated patches. Please test / comment and evetnually commit. Regards Markus Index: Makefile === RCS file: /cvs/ports/net/snort/Makefile,v retrieving revision 1.101 diff -u -p -u -p -r1.101 Makefile --- Makefile12 Feb 2019 22:19:52 - 1.101 +++ Makefile31 May 2019 13:54:27 - @@ -2,8 +2,8 @@ COMMENT = highly flexible sniffer/NIDS -DISTNAME = snort-2.9.12 -RULESV = 29120 +DISTNAME = snort-2.9.13 +RULESV = 29130 SUBST_VARS = RULESV CATEGORIES = net security Index: distinfo === RCS file: /cvs/ports/net/snort/distinfo,v retrieving revision 1.38 diff -u -p -u -p -r1.38 distinfo --- distinfo12 Feb 2019 22:19:52 - 1.38 +++ distinfo31 May 2019 13:54:27 - @@ -1,2 +1,2 @@ -SHA256 (snort-2.9.12.tar.gz) = ewLhGYfGy09tedcnmcqa0rS9Wcwdlrt9bJFUn5kNmdA= -SIZE (snort-2.9.12.tar.gz) = 6456877 +SHA256 (snort-2.9.13.tar.gz) = MURzk9FShrhIgQ3XirLLOtIx/NHxZj+VlYdpDu6nVBM= +SIZE (snort-2.9.13.tar.gz) = 6553425 Index: patches/patch-src_dynamic-plugins_sf_engine_Makefile_in === RCS file: /cvs/ports/net/snort/patches/patch-src_dynamic-plugins_sf_engine_Makefile_in,v retrieving revision 1.11 diff -u -p -u -p -r1.11 patch-src_dynamic-plugins_sf_engine_Makefile_in --- patches/patch-src_dynamic-plugins_sf_engine_Makefile_in 28 Jan 2018 03:09:12 - 1.11 +++ patches/patch-src_dynamic-plugins_sf_engine_Makefile_in 31 May 2019 13:54:27 - @@ -11,3 +11,12 @@ Index: src/dynamic-plugins/sf_engine/Mak @BUILD_OPENSSL_MD5_TRUE@OPENSSL_MD5 = \ @BUILD_OPENSSL_MD5_TRUE@md5.c md5.h +@@ -529,7 +529,7 @@ massage_ipv6_headers = \ + $(sed_ipv6_headers); \ + fi + +-SUBDIRS = examples ++SUBDIRS = + all: $(BUILT_SOURCES) + $(MAKE) $(AM_MAKEFLAGS) all-recursive + Index: patches/patch-src_dynamic-preprocessors_Makefile_in === RCS file: /cvs/ports/net/snort/patches/patch-src_dynamic-preprocessors_Makefile_in,v retrieving revision 1.17 diff -u -p -u -p -r1.17 patch-src_dynamic-preprocessors_Makefile_in --- patches/patch-src_dynamic-preprocessors_Makefile_in 28 Jan 2018 03:09:12 - 1.17 +++ patches/patch-src_dynamic-preprocessors_Makefile_in 31 May 2019 13:54:27 - @@ -2,7 +2,7 @@ $OpenBSD: patch-src_dynamic-preprocessor Index: src/dynamic-preprocessors/Makefile.in --- src/dynamic-preprocessors/Makefile.in.orig +++ src/dynamic-preprocessors/Makefile.in -@@ -1635,19 +1635,8 @@ clean-local: +@@ -1647,19 +1647,8 @@ clean-local: rm -rf include build install-data-local: Index: patches/patch-src_dynamic-preprocessors_appid_Makefile_in === RCS file: /cvs/ports/net/snort/patches/patch-src_dynamic-preprocessors_appid_Makefile_in,v retrieving revision 1.1 diff -u -p -u -p -r1.1 patch-src_dynamic-preprocessors_appid_Makefile_in --- patches/patch-src_dynamic-preprocessors_appid_Makefile_in 12 Feb 2019 22:19:52 - 1.1 +++ patches/patch-src_dynamic-preprocessors_appid_Makefile_in 31 May 2019 13:54:27 - @@ -3,7 +3,7 @@ $OpenBSD: patch-src_dynamic-preprocessor Index: src/dynamic-preprocessors/appid/Makefile.in --- src/dynamic-preprocessors/appid/Makefile.in.orig +++ src/dynamic-preprocessors/appid/Makefile.in -@@ -583,7 +583,7 @@ APPID_SOURCES = $(APPID_SRC_DIR)/commonAppMatcher.c \ +@@ -586,7 +586,7 @@ APPID_SOURCES = $(APPID_SRC_DIR)/commonAppMatcher.c \ $(APPID_SRC_DIR)/util/sfutil.c $(APPID_SRC_DIR)/util/sfutil.h dynamicpreprocessordir = ${libdir}/snort_dynamicpreprocessor dynamicpreprocessor_LTLIBRARIES = libsf_appid_preproc.la Index: patches/patch-src_dynamic-preprocessors_dcerpc2_Makefile_in === RCS file: /cvs/ports/net/snort/patches/patch-src_dynamic-preprocessors_dcerpc2_Makefile_in,v retrieving revision 1.14 diff -u -p -u -p -r1.14 patch-src_dynamic-preprocessors_dcerpc2_Makefile_in --- patches/patch-src_dynamic-preprocessors_dcerpc2_Makefile_in 28 Jan 2018 03:09:12 - 1.14 +++ patches/patch-src_dynamic-preprocessors_dcerpc2_Makefile_in 31 May 2019 13:54:27 - @@ -11,7 +11,7 @@ Index: src/dynamic-preprocessors/dcerpc2 @SO_WITH_STATIC_LIB_TRUE@libsf_dce2_preproc_la_LIBADD = \ @SO_WITH_STATIC_LIB_TRUE@ ../libsf_dynamic_preproc.la \ @SO_WITH_STATIC_LIB_TRUE@ $(am__append_1) -@@ -605,7 +605,7 @@ distdir: $(DISTFILES) +@@ -608,7 +608,7 @@ distdir-am: $(DISTFILES) done check-am: all-am check: check-am Index: p
UPDATE: net/snort 2.9.15
Hello, attached is an update to snort 2.9.15. Tested on amd64. Please test, comment and eventually commit. Regards Markus Index: Makefile === RCS file: /cvs/ports/net/snort/Makefile,v retrieving revision 1.105 diff -u -p -u -p -r1.105 Makefile --- Makefile29 Aug 2019 02:47:15 - 1.105 +++ Makefile23 Nov 2019 08:56:21 - @@ -2,8 +2,8 @@ COMMENT = highly flexible sniffer/NIDS -DISTNAME = snort-2.9.14.1 -RULESV = 29141 +DISTNAME = snort-2.9.15 +RULESV = 29150 SUBST_VARS = RULESV CATEGORIES = net security Index: distinfo === RCS file: /cvs/ports/net/snort/distinfo,v retrieving revision 1.41 diff -u -p -u -p -r1.41 distinfo --- distinfo29 Aug 2019 02:47:15 - 1.41 +++ distinfo23 Nov 2019 08:56:21 - @@ -1,2 +1,2 @@ -SHA256 (snort-2.9.14.1.tar.gz) = JHKYnaOqzgANHqWTHs5o+OXMDFEeJy1lGCETokgegi0= -SIZE (snort-2.9.14.1.tar.gz) = 6531749 +SHA256 (snort-2.9.15.tar.gz) = v7Q3dGRG73KgPFAdsTzW2l7dK0H1XIDEN7ooi+bafbo= +SIZE (snort-2.9.15.tar.gz) = 6704763 Index: patches/patch-src_dynamic-plugins_sf_engine_Makefile_in === RCS file: /cvs/ports/net/snort/patches/patch-src_dynamic-plugins_sf_engine_Makefile_in,v retrieving revision 1.13 diff -u -p -u -p -r1.13 patch-src_dynamic-plugins_sf_engine_Makefile_in --- patches/patch-src_dynamic-plugins_sf_engine_Makefile_in 29 Aug 2019 02:47:15 - 1.13 +++ patches/patch-src_dynamic-plugins_sf_engine_Makefile_in 23 Nov 2019 08:56:21 - @@ -5,7 +5,7 @@ Disable libsf_sorules in the examples di Index: src/dynamic-plugins/sf_engine/Makefile.in --- src/dynamic-plugins/sf_engine/Makefile.in.orig +++ src/dynamic-plugins/sf_engine/Makefile.in -@@ -376,7 +376,7 @@ top_srcdir = @top_srcdir@ +@@ -388,7 +388,7 @@ top_srcdir = @top_srcdir@ AUTOMAKE_OPTIONS = foreign no-dependencies dynamicengine_LTLIBRARIES = libsf_engine.la dynamicenginedir = $(libdir)/snort_dynamicengine @@ -14,7 +14,7 @@ Index: src/dynamic-plugins/sf_engine/Mak @BUILD_OPENSSL_MD5_TRUE@OPENSSL_MD5 = \ @BUILD_OPENSSL_MD5_TRUE@md5.c md5.h -@@ -517,7 +517,7 @@ massage_ipv6_headers = \ +@@ -529,7 +529,7 @@ massage_ipv6_headers = \ $(sed_ipv6_headers); \ fi Index: patches/patch-src_dynamic-preprocessors_Makefile_in === RCS file: /cvs/ports/net/snort/patches/patch-src_dynamic-preprocessors_Makefile_in,v retrieving revision 1.19 diff -u -p -u -p -r1.19 patch-src_dynamic-preprocessors_Makefile_in --- patches/patch-src_dynamic-preprocessors_Makefile_in 29 Aug 2019 02:47:15 - 1.19 +++ patches/patch-src_dynamic-preprocessors_Makefile_in 23 Nov 2019 08:56:21 - @@ -2,7 +2,7 @@ $OpenBSD: patch-src_dynamic-preprocessor Index: src/dynamic-preprocessors/Makefile.in --- src/dynamic-preprocessors/Makefile.in.orig +++ src/dynamic-preprocessors/Makefile.in -@@ -1631,19 +1631,8 @@ clean-local: +@@ -1647,19 +1647,8 @@ clean-local: rm -rf include build install-data-local: Index: patches/patch-src_dynamic-preprocessors_appid_Makefile_in === RCS file: /cvs/ports/net/snort/patches/patch-src_dynamic-preprocessors_appid_Makefile_in,v retrieving revision 1.4 diff -u -p -u -p -r1.4 patch-src_dynamic-preprocessors_appid_Makefile_in --- patches/patch-src_dynamic-preprocessors_appid_Makefile_in 29 Aug 2019 02:47:15 - 1.4 +++ patches/patch-src_dynamic-preprocessors_appid_Makefile_in 23 Nov 2019 08:56:21 - @@ -6,7 +6,7 @@ libunwind symbols. Index: src/dynamic-preprocessors/appid/Makefile.in --- src/dynamic-preprocessors/appid/Makefile.in.orig +++ src/dynamic-preprocessors/appid/Makefile.in -@@ -575,8 +575,8 @@ APPID_SOURCES = $(APPID_SRC_DIR)/commonAppMatcher.c \ +@@ -586,8 +586,8 @@ APPID_SOURCES = $(APPID_SRC_DIR)/commonAppMatcher.c \ $(APPID_SRC_DIR)/util/sfutil.c $(APPID_SRC_DIR)/util/sfutil.h dynamicpreprocessordir = ${libdir}/snort_dynamicpreprocessor dynamicpreprocessor_LTLIBRARIES = libsf_appid_preproc.la Index: patches/patch-src_dynamic-preprocessors_dcerpc2_Makefile_in === RCS file: /cvs/ports/net/snort/patches/patch-src_dynamic-preprocessors_dcerpc2_Makefile_in,v retrieving revision 1.16 diff -u -p -u -p -r1.16 patch-src_dynamic-preprocessors_dcerpc2_Makefile_in --- patches/patch-src_dynamic-preprocessors_dcerpc2_Makefile_in 29 Aug 2019 02:47:15 - 1.16 +++ patches/patch-src_dynamic-preprocessors_dcerpc2_Makefile_in 23 Nov 2019 08:56:21 - @@ -2,7 +2,7 @@ $OpenBSD: patch-src_dynamic-preprocessor Index: src/dynamic-preprocessors/dcerpc2/Makefile.in --- src/dynamic-preprocessors/dcerpc2/Makefile.in.orig
UPDATE: net/snort 2.9.16
This updates Snort to 2.9.16. https://blog.snort.org/2020/04/snort-29160-has-been-released.html Upstream has a daq 2.0.7 release too, where the only change is the addition of a daq.vcxproj file for 64-bit Windows. But their distfile still ships with the configure script generated for daq-2.0.6, causing the build to fail. I think they did not generate a new configure from the 2.0.7 configure.ac. However, for our purposes there is no functional change between daq-2.0.6 and daq-2.0.7, so I did not spend too much time trying to make it work since snort-2.9.16 builds and runs just fine with daq-2.0.6. ok? Index: Makefile === RCS file: /cvs/ports/net/snort/Makefile,v retrieving revision 1.106 diff -u -p -r1.106 Makefile --- Makefile1 Dec 2019 03:19:10 - 1.106 +++ Makefile19 May 2020 02:20:57 - @@ -2,8 +2,8 @@ COMMENT = highly flexible sniffer/NIDS -DISTNAME = snort-2.9.15 -RULESV = 29150 +DISTNAME = snort-2.9.16 +RULESV = 29160 SUBST_VARS = RULESV CATEGORIES = net security Index: distinfo === RCS file: /cvs/ports/net/snort/distinfo,v retrieving revision 1.42 diff -u -p -r1.42 distinfo --- distinfo1 Dec 2019 03:19:10 - 1.42 +++ distinfo17 May 2020 01:14:58 - @@ -1,2 +1,2 @@ -SHA256 (snort-2.9.15.tar.gz) = v7Q3dGRG73KgPFAdsTzW2l7dK0H1XIDEN7ooi+bafbo= -SIZE (snort-2.9.15.tar.gz) = 6704763 +SHA256 (snort-2.9.16.tar.gz) = lojY7fHaCd7GV0AA+zwOYvmcVkKFh2FuF8YBA8C8utc= +SIZE (snort-2.9.16.tar.gz) = 6948498 Index: patches/patch-src_decode_h === RCS file: /cvs/ports/net/snort/patches/patch-src_decode_h,v retrieving revision 1.11 diff -u -p -r1.11 patch-src_decode_h --- patches/patch-src_decode_h 28 Jan 2018 03:09:12 - 1.11 +++ patches/patch-src_decode_h 17 May 2020 01:15:23 - @@ -2,7 +2,7 @@ $OpenBSD: patch-src_decode_h,v 1.11 2018 Index: src/decode.h --- src/decode.h.orig +++ src/decode.h -@@ -835,9 +835,9 @@ typedef struct _SLLHdr { +@@ -837,9 +837,9 @@ typedef struct _SLLHdr { * Pflog1_Hdr: CVS = 1.3, DLT_OLD_PFLOG = 17, Length = 28 * Pflog2_Hdr: CVS = 1.8, DLT_PFLOG = 117, Length = 48 * Pflog3_Hdr: CVS = 1.12, DLT_PFLOG = 117, Length = 64 Index: patches/patch-src_dynamic-preprocessors_Makefile_in === RCS file: /cvs/ports/net/snort/patches/patch-src_dynamic-preprocessors_Makefile_in,v retrieving revision 1.20 diff -u -p -r1.20 patch-src_dynamic-preprocessors_Makefile_in --- patches/patch-src_dynamic-preprocessors_Makefile_in 1 Dec 2019 03:19:10 - 1.20 +++ patches/patch-src_dynamic-preprocessors_Makefile_in 17 May 2020 01:15:25 - @@ -2,7 +2,7 @@ $OpenBSD: patch-src_dynamic-preprocessor Index: src/dynamic-preprocessors/Makefile.in --- src/dynamic-preprocessors/Makefile.in.orig +++ src/dynamic-preprocessors/Makefile.in -@@ -1647,19 +1647,8 @@ clean-local: +@@ -1649,19 +1649,8 @@ clean-local: rm -rf include build install-data-local: Index: patches/patch-src_dynamic-preprocessors_dcerpc2_Makefile_in === RCS file: /cvs/ports/net/snort/patches/patch-src_dynamic-preprocessors_dcerpc2_Makefile_in,v retrieving revision 1.17 diff -u -p -r1.17 patch-src_dynamic-preprocessors_dcerpc2_Makefile_in --- patches/patch-src_dynamic-preprocessors_dcerpc2_Makefile_in 1 Dec 2019 03:19:10 - 1.17 +++ patches/patch-src_dynamic-preprocessors_dcerpc2_Makefile_in 17 May 2020 01:15:27 - @@ -11,7 +11,7 @@ Index: src/dynamic-preprocessors/dcerpc2 @SO_WITH_STATIC_LIB_TRUE@libsf_dce2_preproc_la_LIBADD = \ @SO_WITH_STATIC_LIB_TRUE@ ../libsf_dynamic_preproc.la \ @SO_WITH_STATIC_LIB_TRUE@ $(am__append_1) -@@ -608,7 +608,7 @@ distdir-am: $(DISTFILES) +@@ -609,7 +609,7 @@ distdir-am: $(DISTFILES) done check-am: all-am check: check-am Index: patches/patch-src_dynamic-preprocessors_dnp3_Makefile_in === RCS file: /cvs/ports/net/snort/patches/patch-src_dynamic-preprocessors_dnp3_Makefile_in,v retrieving revision 1.15 diff -u -p -r1.15 patch-src_dynamic-preprocessors_dnp3_Makefile_in --- patches/patch-src_dynamic-preprocessors_dnp3_Makefile_in1 Dec 2019 03:19:10 - 1.15 +++ patches/patch-src_dynamic-preprocessors_dnp3_Makefile_in17 May 2020 01:15:29 - @@ -11,7 +11,7 @@ Index: src/dynamic-preprocessors/dnp3/Ma @SO_WITH_STATIC_LIB_TRUE@libsf_dnp3_preproc_la_LIBADD = \ @SO_WITH_STATIC_LIB_TRUE@ ../libsf_dynamic_preproc.la \ @SO_WITH_STATIC_LIB_TRUE@ $(am__append_1) -@@ -591,7 +591,7 @@ distdir-am: $(DISTFILES) +@@ -592,7 +592,7 @@ distdir-am: $(DISTFILES) done check-am: all-am chec
[update] net/snort 2.9.17.1
Hello, attached is an update for snort to bugfix release 2.9.17.1. Tested on amd64. Regards, Markus Index: Makefile === RCS file: /cvs/ports/net/snort/Makefile,v retrieving revision 1.108 diff -u -p -u -p -r1.108 Makefile --- Makefile16 Feb 2021 03:02:37 - 1.108 +++ Makefile6 Apr 2021 13:26:44 - @@ -2,8 +2,8 @@ COMMENT = highly flexible sniffer/NIDS -DISTNAME = snort-2.9.17 -RULESV = 29170 +DISTNAME = snort-2.9.17.1 +RULESV = 29171 SUBST_VARS = RULESV CATEGORIES = net security Index: distinfo === RCS file: /cvs/ports/net/snort/distinfo,v retrieving revision 1.44 diff -u -p -u -p -r1.44 distinfo --- distinfo16 Feb 2021 03:02:37 - 1.44 +++ distinfo6 Apr 2021 13:26:44 - @@ -1,2 +1,2 @@ -SHA256 (snort-2.9.17.tar.gz) = w7I0w5IqCbA2i4R9240fo3G3QfAy9Cqpq1PWe0KNxkg= -SIZE (snort-2.9.17.tar.gz) = 6983018 +SHA256 (snort-2.9.17.1.tar.gz) = MD09XcWv/s/qrTozHTFj+QHUjZYP3WWYy1XG0Vke7YI= +SIZE (snort-2.9.17.1.tar.gz) = 6980147 Index: patches/patch-src_decode_h === RCS file: /cvs/ports/net/snort/patches/patch-src_decode_h,v retrieving revision 1.13 diff -u -p -u -p -r1.13 patch-src_decode_h --- patches/patch-src_decode_h 16 Feb 2021 03:02:38 - 1.13 +++ patches/patch-src_decode_h 6 Apr 2021 13:26:44 - @@ -2,7 +2,7 @@ $OpenBSD: patch-src_decode_h,v 1.13 2021 Index: src/decode.h --- src/decode.h.orig +++ src/decode.h -@@ -839,9 +839,9 @@ typedef struct _SLLHdr { +@@ -840,9 +840,9 @@ typedef struct _SLLHdr { * Pflog1_Hdr: CVS = 1.3, DLT_OLD_PFLOG = 17, Length = 28 * Pflog2_Hdr: CVS = 1.8, DLT_PFLOG = 117, Length = 48 * Pflog3_Hdr: CVS = 1.12, DLT_PFLOG = 117, Length = 64 Index: patches/patch-src_dynamic-plugins_sf_engine_Makefile_in === RCS file: /cvs/ports/net/snort/patches/patch-src_dynamic-plugins_sf_engine_Makefile_in,v retrieving revision 1.14 diff -u -p -u -p -r1.14 patch-src_dynamic-plugins_sf_engine_Makefile_in --- patches/patch-src_dynamic-plugins_sf_engine_Makefile_in 1 Dec 2019 03:19:10 - 1.14 +++ patches/patch-src_dynamic-plugins_sf_engine_Makefile_in 6 Apr 2021 13:26:44 - @@ -5,7 +5,7 @@ Disable libsf_sorules in the examples di Index: src/dynamic-plugins/sf_engine/Makefile.in --- src/dynamic-plugins/sf_engine/Makefile.in.orig +++ src/dynamic-plugins/sf_engine/Makefile.in -@@ -388,7 +388,7 @@ top_srcdir = @top_srcdir@ +@@ -389,7 +389,7 @@ top_srcdir = @top_srcdir@ AUTOMAKE_OPTIONS = foreign no-dependencies dynamicengine_LTLIBRARIES = libsf_engine.la dynamicenginedir = $(libdir)/snort_dynamicengine @@ -14,7 +14,7 @@ Index: src/dynamic-plugins/sf_engine/Mak @BUILD_OPENSSL_MD5_TRUE@OPENSSL_MD5 = \ @BUILD_OPENSSL_MD5_TRUE@md5.c md5.h -@@ -529,7 +529,7 @@ massage_ipv6_headers = \ +@@ -530,7 +530,7 @@ massage_ipv6_headers = \ $(sed_ipv6_headers); \ fi Index: patches/patch-src_dynamic-preprocessors_Makefile_in === RCS file: /cvs/ports/net/snort/patches/patch-src_dynamic-preprocessors_Makefile_in,v retrieving revision 1.22 diff -u -p -u -p -r1.22 patch-src_dynamic-preprocessors_Makefile_in --- patches/patch-src_dynamic-preprocessors_Makefile_in 16 Feb 2021 03:02:38 - 1.22 +++ patches/patch-src_dynamic-preprocessors_Makefile_in 6 Apr 2021 13:26:44 - @@ -2,7 +2,7 @@ $OpenBSD: patch-src_dynamic-preprocessor Index: src/dynamic-preprocessors/Makefile.in --- src/dynamic-preprocessors/Makefile.in.orig +++ src/dynamic-preprocessors/Makefile.in -@@ -1650,19 +1650,8 @@ clean-local: +@@ -1648,19 +1648,8 @@ clean-local: rm -rf include build install-data-local: Index: patches/patch-src_dynamic-preprocessors_appid_Makefile_in === RCS file: /cvs/ports/net/snort/patches/patch-src_dynamic-preprocessors_appid_Makefile_in,v retrieving revision 1.5 diff -u -p -u -p -r1.5 patch-src_dynamic-preprocessors_appid_Makefile_in --- patches/patch-src_dynamic-preprocessors_appid_Makefile_in 1 Dec 2019 03:19:10 - 1.5 +++ patches/patch-src_dynamic-preprocessors_appid_Makefile_in 6 Apr 2021 13:26:44 - @@ -6,7 +6,7 @@ libunwind symbols. Index: src/dynamic-preprocessors/appid/Makefile.in --- src/dynamic-preprocessors/appid/Makefile.in.orig +++ src/dynamic-preprocessors/appid/Makefile.in -@@ -586,8 +586,8 @@ APPID_SOURCES = $(APPID_SRC_DIR)/commonAppMatcher.c \ +@@ -587,8 +587,8 @@ APPID_SOURCES = $(APPID_SRC_DIR)/commonAppMatcher.c \ $(APPID_SRC_DIR)/util/sfutil.c $(APPID_SRC_DIR)/util/sfutil.h dynamicpreprocessordir = ${libdir}/snort_dynamicpreprocessor dynamicpreprocessor_L
[update] net/snort 2.9.18
Hello, attached is a stright forward update for snort 2.9.18. Tested on amd64. Regards, Markus Index: Makefile === RCS file: /cvs/ports/net/snort/Makefile,v retrieving revision 1.109 diff -u -p -u -p -r1.109 Makefile --- Makefile7 Apr 2021 02:00:52 - 1.109 +++ Makefile6 Jul 2021 18:45:44 - @@ -2,8 +2,8 @@ COMMENT = highly flexible sniffer/NIDS -DISTNAME = snort-2.9.17.1 -RULESV = 29171 +DISTNAME = snort-2.9.18 +RULESV = 29180 SUBST_VARS = RULESV CATEGORIES = net security Index: distinfo === RCS file: /cvs/ports/net/snort/distinfo,v retrieving revision 1.45 diff -u -p -u -p -r1.45 distinfo --- distinfo7 Apr 2021 02:00:52 - 1.45 +++ distinfo6 Jul 2021 18:45:44 - @@ -1,2 +1,2 @@ -SHA256 (snort-2.9.17.1.tar.gz) = MD09XcWv/s/qrTozHTFj+QHUjZYP3WWYy1XG0Vke7YI= -SIZE (snort-2.9.17.1.tar.gz) = 6980147 +SHA256 (snort-2.9.18.tar.gz) = 0DCGQvaeDTb3DblwPldmr84vRP8Ft9LJzI46yDI7LHc= +SIZE (snort-2.9.18.tar.gz) = 6909928 Index: patches/patch-src_dynamic-plugins_sf_engine_Makefile_in === RCS file: /cvs/ports/net/snort/patches/patch-src_dynamic-plugins_sf_engine_Makefile_in,v retrieving revision 1.15 diff -u -p -u -p -r1.15 patch-src_dynamic-plugins_sf_engine_Makefile_in --- patches/patch-src_dynamic-plugins_sf_engine_Makefile_in 7 Apr 2021 02:00:52 - 1.15 +++ patches/patch-src_dynamic-plugins_sf_engine_Makefile_in 6 Jul 2021 18:45:44 - @@ -5,7 +5,7 @@ Disable libsf_sorules in the examples di Index: src/dynamic-plugins/sf_engine/Makefile.in --- src/dynamic-plugins/sf_engine/Makefile.in.orig +++ src/dynamic-plugins/sf_engine/Makefile.in -@@ -389,7 +389,7 @@ top_srcdir = @top_srcdir@ +@@ -376,7 +376,7 @@ top_srcdir = @top_srcdir@ AUTOMAKE_OPTIONS = foreign no-dependencies dynamicengine_LTLIBRARIES = libsf_engine.la dynamicenginedir = $(libdir)/snort_dynamicengine @@ -14,7 +14,7 @@ Index: src/dynamic-plugins/sf_engine/Mak @BUILD_OPENSSL_MD5_TRUE@OPENSSL_MD5 = \ @BUILD_OPENSSL_MD5_TRUE@md5.c md5.h -@@ -530,7 +530,7 @@ massage_ipv6_headers = \ +@@ -517,7 +517,7 @@ massage_ipv6_headers = \ $(sed_ipv6_headers); \ fi Index: patches/patch-src_dynamic-preprocessors_Makefile_in === RCS file: /cvs/ports/net/snort/patches/patch-src_dynamic-preprocessors_Makefile_in,v retrieving revision 1.23 diff -u -p -u -p -r1.23 patch-src_dynamic-preprocessors_Makefile_in --- patches/patch-src_dynamic-preprocessors_Makefile_in 7 Apr 2021 02:00:52 - 1.23 +++ patches/patch-src_dynamic-preprocessors_Makefile_in 6 Jul 2021 18:45:44 - @@ -2,7 +2,7 @@ $OpenBSD: patch-src_dynamic-preprocessor Index: src/dynamic-preprocessors/Makefile.in --- src/dynamic-preprocessors/Makefile.in.orig +++ src/dynamic-preprocessors/Makefile.in -@@ -1648,19 +1648,8 @@ clean-local: +@@ -1639,19 +1639,8 @@ clean-local: rm -rf include build install-data-local: Index: patches/patch-src_dynamic-preprocessors_appid_Makefile_in === RCS file: /cvs/ports/net/snort/patches/patch-src_dynamic-preprocessors_appid_Makefile_in,v retrieving revision 1.6 diff -u -p -u -p -r1.6 patch-src_dynamic-preprocessors_appid_Makefile_in --- patches/patch-src_dynamic-preprocessors_appid_Makefile_in 7 Apr 2021 02:00:52 - 1.6 +++ patches/patch-src_dynamic-preprocessors_appid_Makefile_in 6 Jul 2021 18:45:44 - @@ -6,7 +6,7 @@ libunwind symbols. Index: src/dynamic-preprocessors/appid/Makefile.in --- src/dynamic-preprocessors/appid/Makefile.in.orig +++ src/dynamic-preprocessors/appid/Makefile.in -@@ -587,8 +587,8 @@ APPID_SOURCES = $(APPID_SRC_DIR)/commonAppMatcher.c \ +@@ -575,8 +575,8 @@ APPID_SOURCES = $(APPID_SRC_DIR)/commonAppMatcher.c \ $(APPID_SRC_DIR)/util/sfutil.c $(APPID_SRC_DIR)/util/sfutil.h dynamicpreprocessordir = ${libdir}/snort_dynamicpreprocessor dynamicpreprocessor_LTLIBRARIES = libsf_appid_preproc.la Index: patches/patch-src_dynamic-preprocessors_dcerpc2_Makefile_in === RCS file: /cvs/ports/net/snort/patches/patch-src_dynamic-preprocessors_dcerpc2_Makefile_in,v retrieving revision 1.19 diff -u -p -u -p -r1.19 patch-src_dynamic-preprocessors_dcerpc2_Makefile_in --- patches/patch-src_dynamic-preprocessors_dcerpc2_Makefile_in 7 Apr 2021 02:00:52 - 1.19 +++ patches/patch-src_dynamic-preprocessors_dcerpc2_Makefile_in 6 Jul 2021 18:45:44 - @@ -2,7 +2,7 @@ $OpenBSD: patch-src_dynamic-preprocessor Index: src/dynamic-preprocessors/dcerpc2/Makefile.in --- src/dynamic-preprocessors/dcerpc2/Makefile.in.orig +++ src/dynamic-preprocessors/dcer
UPDATE: net/snort 2.9.14
This updates Snort to 2.9.14. https://blog.snort.org/2019/07/snort-29140-has-been-released.html ok? Index: Makefile === RCS file: /cvs/ports/net/snort/Makefile,v retrieving revision 1.103 diff -u -p -r1.103 Makefile --- Makefile12 Jul 2019 20:48:49 - 1.103 +++ Makefile19 Jul 2019 20:17:17 - @@ -2,8 +2,8 @@ COMMENT = highly flexible sniffer/NIDS -DISTNAME = snort-2.9.13 -RULESV = 29130 +DISTNAME = snort-2.9.14 +RULESV = 29140 SUBST_VARS = RULESV CATEGORIES = net security Index: distinfo === RCS file: /cvs/ports/net/snort/distinfo,v retrieving revision 1.39 diff -u -p -r1.39 distinfo --- distinfo2 Jun 2019 02:07:44 - 1.39 +++ distinfo19 Jul 2019 20:17:52 - @@ -1,2 +1,2 @@ -SHA256 (snort-2.9.13.tar.gz) = MURzk9FShrhIgQ3XirLLOtIx/NHxZj+VlYdpDu6nVBM= -SIZE (snort-2.9.13.tar.gz) = 6553425 +SHA256 (snort-2.9.14.tar.gz) = wDBtuc5k9FzHxkya/HCr6WidqoYAIDRew7oJmSi3Rks= +SIZE (snort-2.9.14.tar.gz) = 6688482 Index: patches/patch-src_preprocessors_Stream6_snort_stream_tcp_c === RCS file: /cvs/ports/net/snort/patches/patch-src_preprocessors_Stream6_snort_stream_tcp_c,v retrieving revision 1.7 diff -u -p -r1.7 patch-src_preprocessors_Stream6_snort_stream_tcp_c --- patches/patch-src_preprocessors_Stream6_snort_stream_tcp_c 2 Jun 2019 02:07:44 - 1.7 +++ patches/patch-src_preprocessors_Stream6_snort_stream_tcp_c 19 Jul 2019 20:18:18 - @@ -2,7 +2,7 @@ $OpenBSD: patch-src_preprocessors_Stream Index: src/preprocessors/Stream6/snort_stream_tcp.c --- src/preprocessors/Stream6/snort_stream_tcp.c.orig +++ src/preprocessors/Stream6/snort_stream_tcp.c -@@ -8562,7 +8562,7 @@ static int ProcessTcp(SessionControlBlock *scb, Packet +@@ -8575,7 +8575,7 @@ static int ProcessTcp(SessionControlBlock *scb, Packet char src_addr[17]; char dst_addr[17]; memset((char *)timestamp, 0, TIMEBUF_SIZE);
UPDATE: net/snort 2.9.14.1
Hello, attached is an update to snort 2.9.14.1. Tested on amd64. Please test, comment and eventually commit. Regards Markus Index: Makefile === RCS file: /cvs/ports/net/snort/Makefile,v retrieving revision 1.104 diff -u -p -u -p -r1.104 Makefile --- Makefile24 Jul 2019 02:15:57 - 1.104 +++ Makefile18 Aug 2019 10:41:39 - @@ -2,8 +2,8 @@ COMMENT = highly flexible sniffer/NIDS -DISTNAME = snort-2.9.14 -RULESV = 29140 +DISTNAME = snort-2.9.14.1 +RULESV = 29141 SUBST_VARS = RULESV CATEGORIES = net security Index: distinfo === RCS file: /cvs/ports/net/snort/distinfo,v retrieving revision 1.40 diff -u -p -u -p -r1.40 distinfo --- distinfo24 Jul 2019 02:15:57 - 1.40 +++ distinfo18 Aug 2019 10:41:39 - @@ -1,2 +1,2 @@ -SHA256 (snort-2.9.14.tar.gz) = wDBtuc5k9FzHxkya/HCr6WidqoYAIDRew7oJmSi3Rks= -SIZE (snort-2.9.14.tar.gz) = 6688482 +SHA256 (snort-2.9.14.1.tar.gz) = JHKYnaOqzgANHqWTHs5o+OXMDFEeJy1lGCETokgegi0= +SIZE (snort-2.9.14.1.tar.gz) = 6531749 Index: patches/patch-src_dynamic-plugins_sf_engine_Makefile_in === RCS file: /cvs/ports/net/snort/patches/patch-src_dynamic-plugins_sf_engine_Makefile_in,v retrieving revision 1.12 diff -u -p -u -p -r1.12 patch-src_dynamic-plugins_sf_engine_Makefile_in --- patches/patch-src_dynamic-plugins_sf_engine_Makefile_in 2 Jun 2019 02:07:44 - 1.12 +++ patches/patch-src_dynamic-plugins_sf_engine_Makefile_in 18 Aug 2019 10:41:39 - @@ -5,7 +5,7 @@ Disable libsf_sorules in the examples di Index: src/dynamic-plugins/sf_engine/Makefile.in --- src/dynamic-plugins/sf_engine/Makefile.in.orig +++ src/dynamic-plugins/sf_engine/Makefile.in -@@ -388,7 +388,7 @@ top_srcdir = @top_srcdir@ +@@ -376,7 +376,7 @@ top_srcdir = @top_srcdir@ AUTOMAKE_OPTIONS = foreign no-dependencies dynamicengine_LTLIBRARIES = libsf_engine.la dynamicenginedir = $(libdir)/snort_dynamicengine @@ -14,7 +14,7 @@ Index: src/dynamic-plugins/sf_engine/Mak @BUILD_OPENSSL_MD5_TRUE@OPENSSL_MD5 = \ @BUILD_OPENSSL_MD5_TRUE@md5.c md5.h -@@ -529,7 +529,7 @@ massage_ipv6_headers = \ +@@ -517,7 +517,7 @@ massage_ipv6_headers = \ $(sed_ipv6_headers); \ fi Index: patches/patch-src_dynamic-preprocessors_Makefile_in === RCS file: /cvs/ports/net/snort/patches/patch-src_dynamic-preprocessors_Makefile_in,v retrieving revision 1.18 diff -u -p -u -p -r1.18 patch-src_dynamic-preprocessors_Makefile_in --- patches/patch-src_dynamic-preprocessors_Makefile_in 2 Jun 2019 02:07:44 - 1.18 +++ patches/patch-src_dynamic-preprocessors_Makefile_in 18 Aug 2019 10:41:39 - @@ -2,7 +2,7 @@ $OpenBSD: patch-src_dynamic-preprocessor Index: src/dynamic-preprocessors/Makefile.in --- src/dynamic-preprocessors/Makefile.in.orig +++ src/dynamic-preprocessors/Makefile.in -@@ -1647,19 +1647,8 @@ clean-local: +@@ -1631,19 +1631,8 @@ clean-local: rm -rf include build install-data-local: Index: patches/patch-src_dynamic-preprocessors_appid_Makefile_in === RCS file: /cvs/ports/net/snort/patches/patch-src_dynamic-preprocessors_appid_Makefile_in,v retrieving revision 1.3 diff -u -p -u -p -r1.3 patch-src_dynamic-preprocessors_appid_Makefile_in --- patches/patch-src_dynamic-preprocessors_appid_Makefile_in 24 Jul 2019 02:15:57 - 1.3 +++ patches/patch-src_dynamic-preprocessors_appid_Makefile_in 18 Aug 2019 10:41:39 - @@ -6,7 +6,7 @@ libunwind symbols. Index: src/dynamic-preprocessors/appid/Makefile.in --- src/dynamic-preprocessors/appid/Makefile.in.orig +++ src/dynamic-preprocessors/appid/Makefile.in -@@ -586,8 +586,8 @@ APPID_SOURCES = $(APPID_SRC_DIR)/commonAppMatcher.c \ +@@ -575,8 +575,8 @@ APPID_SOURCES = $(APPID_SRC_DIR)/commonAppMatcher.c \ $(APPID_SRC_DIR)/util/sfutil.c $(APPID_SRC_DIR)/util/sfutil.h dynamicpreprocessordir = ${libdir}/snort_dynamicpreprocessor dynamicpreprocessor_LTLIBRARIES = libsf_appid_preproc.la Index: patches/patch-src_dynamic-preprocessors_dcerpc2_Makefile_in === RCS file: /cvs/ports/net/snort/patches/patch-src_dynamic-preprocessors_dcerpc2_Makefile_in,v retrieving revision 1.15 diff -u -p -u -p -r1.15 patch-src_dynamic-preprocessors_dcerpc2_Makefile_in --- patches/patch-src_dynamic-preprocessors_dcerpc2_Makefile_in 2 Jun 2019 02:07:44 - 1.15 +++ patches/patch-src_dynamic-preprocessors_dcerpc2_Makefile_in 18 Aug 2019 10:41:39 - @@ -2,7 +2,7 @@ $OpenBSD: patch-src_dynamic-preprocessor Index: src/dynamic-preprocessors/dcerpc2/Makefile.in --- src/dynamic-preprocessors/dcerpc2/Makefile.in.ori
UPDATE: net/snort 2.9.8.2
This updates Snort to 2.9.8.2. Tested with DAQ 2.0.6 (sent earlier) on amd64. Other minor changes in the port: - Shortened a line in the pkg/README so that portcheck won't complain. - Replaced "/var" with ${LOCALSTATEDIR} in pkg/snort.rc. - Regenerated patches. ok? Index: Makefile === RCS file: /cvs/ports/net/snort/Makefile,v retrieving revision 1.93 diff -u -p -r1.93 Makefile --- Makefile16 Mar 2016 21:19:39 - 1.93 +++ Makefile30 Apr 2016 00:35:50 - @@ -2,7 +2,7 @@ COMMENT = highly flexible sniffer/NIDS -VERSION = 2.9.7.3 +VERSION = 2.9.8.2 DISTNAME = snort-${VERSION} CATEGORIES = net security Index: distinfo === RCS file: /cvs/ports/net/snort/distinfo,v retrieving revision 1.33 diff -u -p -r1.33 distinfo --- distinfo29 May 2015 03:28:18 - 1.33 +++ distinfo30 Apr 2016 00:35:50 - @@ -1,2 +1,2 @@ -SHA256 (snort-2.9.7.3.tar.gz) = jMNhO4iPxUlHor7sdzx22aIDaPJlmzHUWp8LEeZswik= -SIZE (snort-2.9.7.3.tar.gz) = 6300073 +SHA256 (snort-2.9.8.2.tar.gz) = QHUBLTUN+kegIAt6kgMj8Vy3w3B5DypHNnwDq6QAkzM= +SIZE (snort-2.9.8.2.tar.gz) = 6311793 Index: patches/patch-etc_snort_conf === RCS file: /cvs/ports/net/snort/patches/patch-etc_snort_conf,v retrieving revision 1.14 diff -u -p -r1.14 patch-etc_snort_conf --- patches/patch-etc_snort_conf29 May 2015 03:28:18 - 1.14 +++ patches/patch-etc_snort_conf30 Apr 2016 00:35:50 - @@ -2,8 +2,8 @@ $OpenBSD: patch-etc_snort_conf,v 1.14 20 reputation preprocessor disabled, still experimental etc/snort.conf.origThu Apr 23 20:29:00 2015 -+++ etc/snort.conf Sun May 24 22:10:12 2015 +--- etc/snort.conf.origFri Mar 18 15:11:55 2016 etc/snort.conf Fri Apr 29 11:02:26 2016 @@ -101,17 +101,17 @@ ipvar AIM_SERVERS [64.12.24.0/23,64.12.28.0/23,64.12.1 # Path to your rules files (this can be a relative path) # Note for Windows users: You are advised to make this an absolute path, @@ -48,7 +48,7 @@ reputation preprocessor disabled, still # config daq_mode: # config daq_var: # -@@ -503,12 +508,12 @@ preprocessor dnp3: ports { 2 } \ +@@ -504,12 +509,12 @@ preprocessor dnp3: ports { 2 } \ check_crc # Reputation preprocessor. For more information see README.reputation @@ -67,7 +67,7 @@ reputation preprocessor disabled, still ### # Step #6: Configure output plugins -@@ -542,8 +547,10 @@ include reference.config +@@ -543,8 +548,10 @@ include reference.config ### # site specific rules @@ -79,7 +79,7 @@ reputation preprocessor disabled, still include $RULE_PATH/app-detect.rules include $RULE_PATH/attack-responses.rules include $RULE_PATH/backdoor.rules -@@ -568,6 +575,7 @@ include $RULE_PATH/file-executable.rules +@@ -569,6 +576,7 @@ include $RULE_PATH/file-executable.rules include $RULE_PATH/file-flash.rules include $RULE_PATH/file-identify.rules include $RULE_PATH/file-image.rules @@ -87,7 +87,7 @@ reputation preprocessor disabled, still include $RULE_PATH/file-multimedia.rules include $RULE_PATH/file-office.rules include $RULE_PATH/file-other.rules -@@ -579,6 +587,7 @@ include $RULE_PATH/icmp.rules +@@ -580,6 +588,7 @@ include $RULE_PATH/icmp.rules include $RULE_PATH/imap.rules include $RULE_PATH/indicator-compromise.rules include $RULE_PATH/indicator-obfuscation.rules @@ -95,7 +95,7 @@ reputation preprocessor disabled, still include $RULE_PATH/indicator-shellcode.rules include $RULE_PATH/info.rules include $RULE_PATH/malware-backdoor.rules -@@ -592,6 +601,7 @@ include $RULE_PATH/netbios.rules +@@ -593,6 +602,7 @@ include $RULE_PATH/netbios.rules include $RULE_PATH/nntp.rules include $RULE_PATH/oracle.rules include $RULE_PATH/os-linux.rules @@ -103,7 +103,7 @@ reputation preprocessor disabled, still include $RULE_PATH/os-other.rules include $RULE_PATH/os-solaris.rules include $RULE_PATH/os-windows.rules -@@ -605,12 +615,20 @@ include $RULE_PATH/policy-social.rules +@@ -606,12 +616,20 @@ include $RULE_PATH/policy-social.rules include $RULE_PATH/policy-spam.rules include $RULE_PATH/pop2.rules include $RULE_PATH/pop3.rules @@ -124,7 +124,7 @@ reputation preprocessor disabled, still include $RULE_PATH/protocol-voip.rules include $RULE_PATH/pua-adware.rules include $RULE_PATH/pua-other.rules -@@ -627,6 +645,7 @@ include $RULE_PATH/server-mssql.rules +@@ -628,6 +646,7 @@ include $RULE_PATH/server-mssql.rules include $RULE_PATH/server-mysql.rules include $RULE_PATH/server-oracle.rules include $RULE_PATH/server-other.rules @@ -132,7 +132,7 @@ reputation preprocessor disabled, still include $RULE_PATH/server-webapp.rules include $RULE_PA
UPDATE: net/snort 2.9.9.0
This updates Snort to 2.9.9.0. Release notes and changelog at: https://www.snort.org/downloads/snort/release_notes_2.9.9.0.txt https://www.snort.org/downloads/snort/changelog_2.9.9.0.txt Tested on amd64. ok? Index: Makefile === RCS file: /cvs/ports/net/snort/Makefile,v retrieving revision 1.95 diff -u -p -r1.95 Makefile --- Makefile2 Oct 2016 02:06:19 - 1.95 +++ Makefile19 Dec 2016 02:22:20 - @@ -2,7 +2,7 @@ COMMENT = highly flexible sniffer/NIDS -VERSION = 2.9.8.3 +VERSION = 2.9.9.0 DISTNAME = snort-${VERSION} CATEGORIES = net security Index: distinfo === RCS file: /cvs/ports/net/snort/distinfo,v retrieving revision 1.35 diff -u -p -r1.35 distinfo --- distinfo2 Oct 2016 02:06:19 - 1.35 +++ distinfo19 Dec 2016 02:22:20 - @@ -1,2 +1,2 @@ -SHA256 (snort-2.9.8.3.tar.gz) = hW0CzOxJ+jDJIKHkFsR8DWLdIkNAphSVm6XAMjkQDmo= -SIZE (snort-2.9.8.3.tar.gz) = 6244304 +SHA256 (snort-2.9.9.0.tar.gz) = cbFHEl6WOQoS89VXlu1Qc993IGvTVj2E0+Wh8Z59elY= +SIZE (snort-2.9.9.0.tar.gz) = 6364482 Index: patches/patch-src_decode_h === RCS file: /cvs/ports/net/snort/patches/patch-src_decode_h,v retrieving revision 1.9 diff -u -p -r1.9 patch-src_decode_h --- patches/patch-src_decode_h 2 May 2016 02:29:58 - 1.9 +++ patches/patch-src_decode_h 19 Dec 2016 02:22:20 - @@ -1,7 +1,7 @@ $OpenBSD: patch-src_decode_h,v 1.9 2016/05/02 02:29:58 lteo Exp $ src/decode.h.orig Fri Mar 18 09:54:31 2016 -+++ src/decode.h Fri Apr 29 11:02:26 2016 -@@ -831,9 +831,9 @@ typedef struct _SLLHdr { +--- src/decode.h.orig Tue Jun 7 03:47:47 2016 src/decode.h Sun Dec 4 00:36:43 2016 +@@ -834,9 +834,9 @@ typedef struct _SLLHdr { * Pflog1_Hdr: CVS = 1.3, DLT_OLD_PFLOG = 17, Length = 28 * Pflog2_Hdr: CVS = 1.8, DLT_PFLOG = 117, Length = 48 * Pflog3_Hdr: CVS = 1.12, DLT_PFLOG = 117, Length = 64 Index: patches/patch-src_dynamic-preprocessors_dcerpc2_Makefile_in === RCS file: /cvs/ports/net/snort/patches/patch-src_dynamic-preprocessors_dcerpc2_Makefile_in,v retrieving revision 1.12 diff -u -p -r1.12 patch-src_dynamic-preprocessors_dcerpc2_Makefile_in --- patches/patch-src_dynamic-preprocessors_dcerpc2_Makefile_in 2 May 2016 02:29:58 - 1.12 +++ patches/patch-src_dynamic-preprocessors_dcerpc2_Makefile_in 19 Dec 2016 02:22:20 - @@ -1,7 +1,7 @@ $OpenBSD: patch-src_dynamic-preprocessors_dcerpc2_Makefile_in,v 1.12 2016/05/02 02:29:58 lteo Exp $ src/dynamic-preprocessors/dcerpc2/Makefile.in.orig Fri Mar 18 15:11:29 2016 -+++ src/dynamic-preprocessors/dcerpc2/Makefile.in Fri Apr 29 11:02:26 2016 -@@ -335,7 +335,7 @@ top_srcdir = @top_srcdir@ +--- src/dynamic-preprocessors/dcerpc2/Makefile.in.orig Tue Nov 29 01:12:24 2016 src/dynamic-preprocessors/dcerpc2/Makefile.in Sun Dec 4 00:36:43 2016 +@@ -351,7 +351,7 @@ top_srcdir = @top_srcdir@ AUTOMAKE_OPTIONS = foreign no-dependencies dynamicpreprocessordir = ${libdir}/snort_dynamicpreprocessor dynamicpreprocessor_LTLIBRARIES = libsf_dce2_preproc.la @@ -10,7 +10,7 @@ $OpenBSD: patch-src_dynamic-preprocessor @SO_WITH_STATIC_LIB_TRUE@libsf_dce2_preproc_la_LIBADD = ../libsf_dynamic_preproc.la @SO_WITH_STATIC_LIB_FALSE@nodist_libsf_dce2_preproc_la_SOURCES = \ @SO_WITH_STATIC_LIB_FALSE@../include/sf_dynamic_preproc_lib.c \ -@@ -581,7 +581,7 @@ distdir: $(DISTFILES) +@@ -566,7 +566,7 @@ distdir: $(DISTFILES) done check-am: all-am check: check-am Index: patches/patch-src_dynamic-preprocessors_dnp3_Makefile_in === RCS file: /cvs/ports/net/snort/patches/patch-src_dynamic-preprocessors_dnp3_Makefile_in,v retrieving revision 1.10 diff -u -p -r1.10 patch-src_dynamic-preprocessors_dnp3_Makefile_in --- patches/patch-src_dynamic-preprocessors_dnp3_Makefile_in2 May 2016 02:29:58 - 1.10 +++ patches/patch-src_dynamic-preprocessors_dnp3_Makefile_in19 Dec 2016 02:22:20 - @@ -1,7 +1,7 @@ $OpenBSD: patch-src_dynamic-preprocessors_dnp3_Makefile_in,v 1.10 2016/05/02 02:29:58 lteo Exp $ src/dynamic-preprocessors/dnp3/Makefile.in.origFri Mar 18 15:11:29 2016 -+++ src/dynamic-preprocessors/dnp3/Makefile.in Fri Apr 29 11:02:26 2016 -@@ -332,7 +332,7 @@ top_srcdir = @top_srcdir@ +--- src/dynamic-preprocessors/dnp3/Makefile.in.origTue Nov 29 01:12:24 2016 src/dynamic-preprocessors/dnp3/Makefile.in Sun Dec 4 00:36:43 2016 +@@ -342,7 +342,7 @@ top_srcdir = @top_srcdir@ AUTOMAKE_OPTIONS = foreign no-dependencies dynamicpreprocessordir = ${libdir}/snort_dynamicpreprocessor dynamicpreprocessor_LTLIBRARIES = libsf_dnp3_preproc.la @@ -10,7 +10,7 @@ $OpenBSD: patch-
UPDATE: net/snort 2.9.8.3
This updates Snort to 2.9.8.3. Tested on amd64. It also removes README.session from the packing list since that file no longer exists. ok? Index: Makefile === RCS file: /cvs/ports/net/snort/Makefile,v retrieving revision 1.94 diff -u -p -r1.94 Makefile --- Makefile2 May 2016 02:29:58 - 1.94 +++ Makefile21 Sep 2016 01:55:43 - @@ -2,7 +2,7 @@ COMMENT = highly flexible sniffer/NIDS -VERSION = 2.9.8.2 +VERSION = 2.9.8.3 DISTNAME = snort-${VERSION} CATEGORIES = net security Index: distinfo === RCS file: /cvs/ports/net/snort/distinfo,v retrieving revision 1.34 diff -u -p -r1.34 distinfo --- distinfo2 May 2016 02:29:58 - 1.34 +++ distinfo21 Sep 2016 01:56:06 - @@ -1,2 +1,2 @@ -SHA256 (snort-2.9.8.2.tar.gz) = QHUBLTUN+kegIAt6kgMj8Vy3w3B5DypHNnwDq6QAkzM= -SIZE (snort-2.9.8.2.tar.gz) = 6311793 +SHA256 (snort-2.9.8.3.tar.gz) = hW0CzOxJ+jDJIKHkFsR8DWLdIkNAphSVm6XAMjkQDmo= +SIZE (snort-2.9.8.3.tar.gz) = 6244304 Index: pkg/PLIST === RCS file: /cvs/ports/net/snort/pkg/PLIST,v retrieving revision 1.29 diff -u -p -r1.29 PLIST --- pkg/PLIST 2 May 2016 02:29:58 - 1.29 +++ pkg/PLIST 21 Sep 2016 01:58:40 - @@ -105,7 +105,6 @@ share/doc/snort/README.ppm share/doc/snort/README.reload share/doc/snort/README.reputation share/doc/snort/README.sensitive_data -share/doc/snort/README.session share/doc/snort/README.sfportscan share/doc/snort/README.sip share/doc/snort/README.ssh
UPDATE: net/snort 2.9.12
Hello, attached is an update to snort-2.9.12. Tested on amd64. Please test, comment and eventually commit. Regards Markus Index: Makefile === RCS file: /cvs/ports/net/snort/Makefile,v retrieving revision 1.100 diff -u -p -u -p -r1.100 Makefile --- Makefile4 Sep 2018 12:46:18 - 1.100 +++ Makefile10 Feb 2019 19:24:33 - @@ -2,8 +2,8 @@ COMMENT = highly flexible sniffer/NIDS -VERSION = 2.9.11.1 -DISTNAME = snort-${VERSION} +VERSION = 2.9.12.0 +DISTNAME = snort-${VERSION:S/.0$//g} CATEGORIES = net security @@ -25,6 +25,7 @@ CONFIGURE_ARGS += --disable-static-daq \ LIB_DEPENDS = archivers/xz \ devel/pcre \ + lang/luajit \ net/daq \ net/libdnet \ www/nghttp2 @@ -39,7 +40,6 @@ DOCS =AUTHORS CREDITS README README.* V =${VERSION:S/.//g} SUBST_VARS += V -REVISION = 0 pre-configure: @${SUBST_CMD} ${WRKSRC}/etc/snort.conf Index: distinfo === RCS file: /cvs/ports/net/snort/distinfo,v retrieving revision 1.37 diff -u -p -u -p -r1.37 distinfo --- distinfo28 Jan 2018 03:09:12 - 1.37 +++ distinfo10 Feb 2019 19:24:33 - @@ -1,2 +1,2 @@ -SHA256 (snort-2.9.11.1.tar.gz) = n2s66sWhCfVVBL03BWSsQxyxdzUHkp3EYWJomPM/Rs0= -SIZE (snort-2.9.11.1.tar.gz) = 6442755 +SHA256 (snort-2.9.12.tar.gz) = ewLhGYfGy09tedcnmcqa0rS9Wcwdlrt9bJFUn5kNmdA= +SIZE (snort-2.9.12.tar.gz) = 6456877 Index: patches/patch-src_dynamic-preprocessors_appid_Makefile_in === RCS file: patches/patch-src_dynamic-preprocessors_appid_Makefile_in diff -N patches/patch-src_dynamic-preprocessors_appid_Makefile_in --- /dev/null 1 Jan 1970 00:00:00 - +++ patches/patch-src_dynamic-preprocessors_appid_Makefile_in 10 Feb 2019 19:24:33 - @@ -0,0 +1,14 @@ +$OpenBSD$ + +Index: src/dynamic-preprocessors/appid/Makefile.in +--- src/dynamic-preprocessors/appid/Makefile.in.orig src/dynamic-preprocessors/appid/Makefile.in +@@ -583,7 +583,7 @@ APPID_SOURCES = $(APPID_SRC_DIR)/commonAppMatcher.c \ + $(APPID_SRC_DIR)/util/sfutil.c $(APPID_SRC_DIR)/util/sfutil.h + dynamicpreprocessordir = ${libdir}/snort_dynamicpreprocessor + dynamicpreprocessor_LTLIBRARIES = libsf_appid_preproc.la +-libsf_appid_preproc_la_LDFLAGS = -export-dynamic -module @XCCFLAGS@ ++libsf_appid_preproc_la_LDFLAGS = -export-dynamic -module -avoid-version @XCCFLAGS@ + @SO_WITH_STATIC_LIB_FALSE@libsf_appid_preproc_la_LIBADD = $(LUA_LIBS) + @SO_WITH_STATIC_LIB_TRUE@libsf_appid_preproc_la_LIBADD = ../libsf_dynamic_preproc.la ../libsf_dynamic_utils.la $(LUA_LIBS) + @SO_WITH_STATIC_LIB_FALSE@nodist_libsf_appid_preproc_la_SOURCES = \ Index: patches/patch-src_preprocessors_Stream6_snort_stream_tcp_c === RCS file: /cvs/ports/net/snort/patches/patch-src_preprocessors_Stream6_snort_stream_tcp_c,v retrieving revision 1.5 diff -u -p -u -p -r1.5 patch-src_preprocessors_Stream6_snort_stream_tcp_c --- patches/patch-src_preprocessors_Stream6_snort_stream_tcp_c 28 Jan 2018 03:09:12 - 1.5 +++ patches/patch-src_preprocessors_Stream6_snort_stream_tcp_c 10 Feb 2019 19:24:33 - @@ -2,7 +2,7 @@ $OpenBSD: patch-src_preprocessors_Stream Index: src/preprocessors/Stream6/snort_stream_tcp.c --- src/preprocessors/Stream6/snort_stream_tcp.c.orig +++ src/preprocessors/Stream6/snort_stream_tcp.c -@@ -8504,7 +8504,7 @@ static int ProcessTcp(SessionControlBlock *scb, Packet +@@ -8530,7 +8530,7 @@ static int ProcessTcp(SessionControlBlock *scb, Packet char src_addr[17]; char dst_addr[17]; memset((char *)timestamp, 0, TIMEBUF_SIZE); Index: pkg/PLIST === RCS file: /cvs/ports/net/snort/pkg/PLIST,v retrieving revision 1.31 diff -u -p -u -p -r1.31 PLIST --- pkg/PLIST 4 Sep 2018 12:46:18 - 1.31 +++ pkg/PLIST 10 Feb 2019 19:24:33 - @@ -2,15 +2,21 @@ @pkgpath net/snort[,flexresp][,mysql][,prelude][,postgresql] @newgroup _snort:557 @newuser _snort:557:_snort:daemon:Snort Account:/nonexistent:/sbin/nologin +bin/appid_detector_builder.sh @bin bin/snort @bin bin/u2boat +@bin bin/u2openappid @bin bin/u2spewfoo +@bin bin/u2streamer lib/pkgconfig/snort.pc lib/snort_dynamicengine/ lib/snort_dynamicengine/libsf_engine.a @comment lib/snort_dynamicengine/libsf_engine.la lib/snort_dynamicengine/libsf_engine.so lib/snort_dynamicpreprocessor/ +lib/snort_dynamicpreprocessor/libsf_appid_preproc.a +lib/snort_dynamicpreprocessor/libsf_appid_preproc.la +lib/snort_dynamicpreprocessor
UPDATE: net/snort 2.9.11
This updates Snort to 2.9.11, along with these changes/fixes: * Change all HTTP URLs to HTTPS where appropriate. * Make sure pkg/README uses the correct Snort rule URL for Snort 2.9.11. * Remove note in pkg/README about registered users only being allowed to download the snort.org ruleset every 15 minutes; I don't think this is true anymore. * Add daemon_timeout=120 to the rc script, since Snort can take a long time to start with the current rules. * Update/regenerate patches. Release notes and changelog at: https://www.snort.org/downloads/snort/release_notes_2.9.11.txt https://www.snort.org/downloads/snort/changelog_2.9.11.txt Tested on amd64. ok? Index: Makefile === RCS file: /cvs/ports/net/snort/Makefile,v retrieving revision 1.97 diff -u -p -r1.97 Makefile --- Makefile23 Jan 2017 11:22:58 - 1.97 +++ Makefile17 Dec 2017 03:33:00 - @@ -2,13 +2,12 @@ COMMENT = highly flexible sniffer/NIDS -VERSION = 2.9.9.0 +VERSION = 2.9.11 DISTNAME = snort-${VERSION} -REVISION = 0 CATEGORIES = net security -HOMEPAGE = http://www.snort.org/ +HOMEPAGE = https://www.snort.org/ MAINTAINER = Markus Lude @@ -38,7 +37,13 @@ PREPROC =decoder.rules preprocessor.ru DOCS = AUTHORS CREDITS README README.* *.pdf TODO USAGE \ WISHLIST +# If VERSION is 1.2.3.4, set V to "1234". If VERSION is 1.2.3, set V to "1230". +# This is needed to generate a valid snort.org rule download URL in pkg/README. V =${VERSION:S/.//g} +.if ${VERSION:N[0-9]*\.[0-9]*\.[0-9]*\.[0-9]*} +V := ${V}0 +.endif + SUBST_VARS += V pre-configure: Index: distinfo === RCS file: /cvs/ports/net/snort/distinfo,v retrieving revision 1.36 diff -u -p -r1.36 distinfo --- distinfo5 Jan 2017 03:08:04 - 1.36 +++ distinfo17 Dec 2017 03:33:00 - @@ -1,2 +1,2 @@ -SHA256 (snort-2.9.9.0.tar.gz) = cbFHEl6WOQoS89VXlu1Qc993IGvTVj2E0+Wh8Z59elY= -SIZE (snort-2.9.9.0.tar.gz) = 6364482 +SHA256 (snort-2.9.11.tar.gz) = I6RePqHhVaPYccaRoQ/iPyv8/k1qvA67zcKrH8zKFO4= +SIZE (snort-2.9.11.tar.gz) = 6441674 Index: patches/patch-src_decode_h === RCS file: /cvs/ports/net/snort/patches/patch-src_decode_h,v retrieving revision 1.10 diff -u -p -r1.10 patch-src_decode_h --- patches/patch-src_decode_h 5 Jan 2017 03:08:04 - 1.10 +++ patches/patch-src_decode_h 17 Dec 2017 03:33:00 - @@ -1,7 +1,8 @@ $OpenBSD: patch-src_decode_h,v 1.10 2017/01/05 03:08:04 lteo Exp $ src/decode.h.orig Tue Jun 7 03:47:47 2016 -+++ src/decode.h Sun Dec 4 00:36:43 2016 -@@ -834,9 +834,9 @@ typedef struct _SLLHdr { +Index: src/decode.h +--- src/decode.h.orig src/decode.h +@@ -835,9 +835,9 @@ typedef struct _SLLHdr { * Pflog1_Hdr: CVS = 1.3, DLT_OLD_PFLOG = 17, Length = 28 * Pflog2_Hdr: CVS = 1.8, DLT_PFLOG = 117, Length = 48 * Pflog3_Hdr: CVS = 1.12, DLT_PFLOG = 117, Length = 64 Index: patches/patch-src_dynamic-plugins_sf_engine_Makefile_in === RCS file: /cvs/ports/net/snort/patches/patch-src_dynamic-plugins_sf_engine_Makefile_in,v retrieving revision 1.10 diff -u -p -r1.10 patch-src_dynamic-plugins_sf_engine_Makefile_in --- patches/patch-src_dynamic-plugins_sf_engine_Makefile_in 2 May 2016 02:29:58 - 1.10 +++ patches/patch-src_dynamic-plugins_sf_engine_Makefile_in 17 Dec 2017 03:33:00 - @@ -1,7 +1,8 @@ $OpenBSD: patch-src_dynamic-plugins_sf_engine_Makefile_in,v 1.10 2016/05/02 02:29:58 lteo Exp $ src/dynamic-plugins/sf_engine/Makefile.in.orig Fri Mar 18 15:11:29 2016 -+++ src/dynamic-plugins/sf_engine/Makefile.in Fri Apr 29 11:02:26 2016 -@@ -376,7 +376,7 @@ top_srcdir = @top_srcdir@ +Index: src/dynamic-plugins/sf_engine/Makefile.in +--- src/dynamic-plugins/sf_engine/Makefile.in.orig src/dynamic-plugins/sf_engine/Makefile.in +@@ -388,7 +388,7 @@ top_srcdir = @top_srcdir@ AUTOMAKE_OPTIONS = foreign no-dependencies dynamicengine_LTLIBRARIES = libsf_engine.la dynamicenginedir = $(libdir)/snort_dynamicengine Index: patches/patch-src_dynamic-preprocessors_Makefile_in === RCS file: /cvs/ports/net/snort/patches/patch-src_dynamic-preprocessors_Makefile_in,v retrieving revision 1.16 diff -u -p -r1.16 patch-src_dynamic-preprocessors_Makefile_in --- patches/patch-src_dynamic-preprocessors_Makefile_in 2 May 2016 02:29:58 - 1.16 +++ patches/patch-src_dynamic-preprocessors_Makefile_in 17 Dec 2017 03:33:00 - @@ -1,7 +1,8 @@ $OpenBSD: patch-src_dynamic-preprocessors_Makefile_in,v 1.16 2016/05/02 02:29:58 lteo Exp $ src/d
UPDATE: net/snort 2.9.11.1
This updates Snort to 2.9.11.1. Release notes + changelog: https://www.snort.org/downloads/snort/release_notes_2.9.11.1.txt https://www.snort.org/downloads/snort/changelog_2.9.11.1.txt In addition, the diff also syncs pkg/README with reality, adds daemon_timeout=120 to the rc script (since Snort can take a long time to start with the current rules), and updates/regenerates patches. ok? Index: Makefile === RCS file: /cvs/ports/net/snort/Makefile,v retrieving revision 1.97 diff -u -p -r1.97 Makefile --- Makefile23 Jan 2017 11:22:58 - 1.97 +++ Makefile11 Jan 2018 02:14:22 - @@ -2,13 +2,12 @@ COMMENT = highly flexible sniffer/NIDS -VERSION = 2.9.9.0 +VERSION = 2.9.11.1 DISTNAME = snort-${VERSION} -REVISION = 0 CATEGORIES = net security -HOMEPAGE = http://www.snort.org/ +HOMEPAGE = https://www.snort.org/ MAINTAINER = Markus Lude Index: distinfo === RCS file: /cvs/ports/net/snort/distinfo,v retrieving revision 1.36 diff -u -p -r1.36 distinfo --- distinfo5 Jan 2017 03:08:04 - 1.36 +++ distinfo11 Jan 2018 02:15:07 - @@ -1,2 +1,2 @@ -SHA256 (snort-2.9.9.0.tar.gz) = cbFHEl6WOQoS89VXlu1Qc993IGvTVj2E0+Wh8Z59elY= -SIZE (snort-2.9.9.0.tar.gz) = 6364482 +SHA256 (snort-2.9.11.1.tar.gz) = n2s66sWhCfVVBL03BWSsQxyxdzUHkp3EYWJomPM/Rs0= +SIZE (snort-2.9.11.1.tar.gz) = 6442755 Index: patches/patch-src_decode_h === RCS file: /cvs/ports/net/snort/patches/patch-src_decode_h,v retrieving revision 1.10 diff -u -p -r1.10 patch-src_decode_h --- patches/patch-src_decode_h 5 Jan 2017 03:08:04 - 1.10 +++ patches/patch-src_decode_h 11 Jan 2018 02:28:39 - @@ -1,7 +1,8 @@ $OpenBSD: patch-src_decode_h,v 1.10 2017/01/05 03:08:04 lteo Exp $ src/decode.h.orig Tue Jun 7 03:47:47 2016 -+++ src/decode.h Sun Dec 4 00:36:43 2016 -@@ -834,9 +834,9 @@ typedef struct _SLLHdr { +Index: src/decode.h +--- src/decode.h.orig src/decode.h +@@ -835,9 +835,9 @@ typedef struct _SLLHdr { * Pflog1_Hdr: CVS = 1.3, DLT_OLD_PFLOG = 17, Length = 28 * Pflog2_Hdr: CVS = 1.8, DLT_PFLOG = 117, Length = 48 * Pflog3_Hdr: CVS = 1.12, DLT_PFLOG = 117, Length = 64 Index: patches/patch-src_dynamic-plugins_sf_engine_Makefile_in === RCS file: /cvs/ports/net/snort/patches/patch-src_dynamic-plugins_sf_engine_Makefile_in,v retrieving revision 1.10 diff -u -p -r1.10 patch-src_dynamic-plugins_sf_engine_Makefile_in --- patches/patch-src_dynamic-plugins_sf_engine_Makefile_in 2 May 2016 02:29:58 - 1.10 +++ patches/patch-src_dynamic-plugins_sf_engine_Makefile_in 11 Jan 2018 02:28:36 - @@ -1,7 +1,8 @@ $OpenBSD: patch-src_dynamic-plugins_sf_engine_Makefile_in,v 1.10 2016/05/02 02:29:58 lteo Exp $ src/dynamic-plugins/sf_engine/Makefile.in.orig Fri Mar 18 15:11:29 2016 -+++ src/dynamic-plugins/sf_engine/Makefile.in Fri Apr 29 11:02:26 2016 -@@ -376,7 +376,7 @@ top_srcdir = @top_srcdir@ +Index: src/dynamic-plugins/sf_engine/Makefile.in +--- src/dynamic-plugins/sf_engine/Makefile.in.orig src/dynamic-plugins/sf_engine/Makefile.in +@@ -388,7 +388,7 @@ top_srcdir = @top_srcdir@ AUTOMAKE_OPTIONS = foreign no-dependencies dynamicengine_LTLIBRARIES = libsf_engine.la dynamicenginedir = $(libdir)/snort_dynamicengine Index: patches/patch-src_dynamic-preprocessors_Makefile_in === RCS file: /cvs/ports/net/snort/patches/patch-src_dynamic-preprocessors_Makefile_in,v retrieving revision 1.16 diff -u -p -r1.16 patch-src_dynamic-preprocessors_Makefile_in --- patches/patch-src_dynamic-preprocessors_Makefile_in 2 May 2016 02:29:58 - 1.16 +++ patches/patch-src_dynamic-preprocessors_Makefile_in 11 Jan 2018 02:28:36 - @@ -1,7 +1,8 @@ $OpenBSD: patch-src_dynamic-preprocessors_Makefile_in,v 1.16 2016/05/02 02:29:58 lteo Exp $ src/dynamic-preprocessors/Makefile.in.orig Fri Mar 18 15:11:29 2016 -+++ src/dynamic-preprocessors/Makefile.in Fri Apr 29 11:02:26 2016 -@@ -1528,19 +1528,8 @@ clean-local: +Index: src/dynamic-preprocessors/Makefile.in +--- src/dynamic-preprocessors/Makefile.in.orig src/dynamic-preprocessors/Makefile.in +@@ -1635,19 +1635,8 @@ clean-local: rm -rf include build install-data-local: Index: patches/patch-src_dynamic-preprocessors_dcerpc2_Makefile_in === RCS file: /cvs/ports/net/snort/patches/patch-src_dynamic-preprocessors_dcerpc2_Makefile_in,v retrieving revision 1.13 diff -u -p -r1.13 patch-src_dynamic-preprocessors_dcerpc2_Makefile_in --- patches/patch-src_dynamic-preprocessors_dcerpc2_Makefile_in
[update] net/snort 2.9.4.6
This diff updates Snort to 2.9.4.6. Maintainer Markus Lude came up with the same diff. Markus has tested this on sparc64 for a week with low traffic. I have tested this on i386 on a public-facing webserver for more than three weeks, and also tested it on amd64 and macppc. OK? Index: Makefile === RCS file: /cvs/ports/net/snort/Makefile,v retrieving revision 1.78 diff -u -p -r1.78 Makefile --- Makefile23 Apr 2013 02:04:13 - 1.78 +++ Makefile24 Apr 2013 21:39:23 - @@ -4,7 +4,7 @@ SHARED_ONLY = Yes COMMENT = highly flexible sniffer/NIDS -VERSION = 2.9.4.5 +VERSION = 2.9.4.6 DISTNAME = snort-${VERSION} CATEGORIES = net security Index: distinfo === RCS file: /cvs/ports/net/snort/distinfo,v retrieving revision 1.23 diff -u -p -r1.23 distinfo --- distinfo23 Apr 2013 02:04:13 - 1.23 +++ distinfo24 Apr 2013 21:39:23 - @@ -1,2 +1,2 @@ -SHA256 (snort-2.9.4.5.tar.gz) = TwWSQfgLFAGYgCvxbYa4gSzhXw3T8JujXySFz4suygs= -SIZE (snort-2.9.4.5.tar.gz) = 5255794 +SHA256 (snort-2.9.4.6.tar.gz) = z6pTkLGECqqmimwFpwd92Sy5FuYYagFLqkUdQ82ws7w= +SIZE (snort-2.9.4.6.tar.gz) = 5338762 Index: patches/patch-src_dynamic-plugins_sf_engine_Makefile_in === RCS file: /cvs/ports/net/snort/patches/patch-src_dynamic-plugins_sf_engine_Makefile_in,v retrieving revision 1.5 diff -u -p -r1.5 patch-src_dynamic-plugins_sf_engine_Makefile_in --- patches/patch-src_dynamic-plugins_sf_engine_Makefile_in 23 Apr 2013 02:04:13 - 1.5 +++ patches/patch-src_dynamic-plugins_sf_engine_Makefile_in 24 Apr 2013 21:39:23 - @@ -1,7 +1,7 @@ $OpenBSD: patch-src_dynamic-plugins_sf_engine_Makefile_in,v 1.5 2013/04/23 02:04:13 lteo Exp $ src/dynamic-plugins/sf_engine/Makefile.in.orig Thu Mar 21 14:07:26 2013 -+++ src/dynamic-plugins/sf_engine/Makefile.in Thu Apr 4 22:28:12 2013 -@@ -263,7 +263,7 @@ top_builddir = @top_builddir@ +--- src/dynamic-plugins/sf_engine/Makefile.in.orig Mon Apr 15 15:57:46 2013 src/dynamic-plugins/sf_engine/Makefile.in Wed Apr 24 14:51:57 2013 +@@ -296,7 +296,7 @@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ AUTOMAKE_OPTIONS = foreign no-dependencies lib_LTLIBRARIES = libsf_engine.la Index: patches/patch-src_dynamic-preprocessors_Makefile_in === RCS file: /cvs/ports/net/snort/patches/patch-src_dynamic-preprocessors_Makefile_in,v retrieving revision 1.9 diff -u -p -r1.9 patch-src_dynamic-preprocessors_Makefile_in --- patches/patch-src_dynamic-preprocessors_Makefile_in 23 Apr 2013 02:04:13 - 1.9 +++ patches/patch-src_dynamic-preprocessors_Makefile_in 24 Apr 2013 21:39:23 - @@ -1,7 +1,7 @@ $OpenBSD: patch-src_dynamic-preprocessors_Makefile_in,v 1.9 2013/04/23 02:04:13 lteo Exp $ src/dynamic-preprocessors/Makefile.in.orig Thu Mar 21 14:07:26 2013 -+++ src/dynamic-preprocessors/Makefile.in Thu Apr 4 22:28:12 2013 -@@ -987,8 +987,8 @@ maintainer-clean-generic: +--- src/dynamic-preprocessors/Makefile.in.orig Mon Apr 15 15:57:47 2013 src/dynamic-preprocessors/Makefile.in Wed Apr 24 14:51:57 2013 +@@ -1024,8 +1024,8 @@ maintainer-clean-generic: @echo "This command is intended for maintainers to use" @echo "it deletes files that may require special tools to rebuild." -test -z "$(BUILT_SOURCES)" || rm -f $(BUILT_SOURCES) @@ -12,7 +12,7 @@ $OpenBSD: patch-src_dynamic-preprocessor clean: clean-recursive clean-am: clean-generic clean-libtool clean-local \ -@@ -1298,20 +1298,7 @@ include/file_lib.h: $(top_srcdir)/src/file-process/lib +@@ -1335,20 +1335,7 @@ include/file_lib.h: $(top_srcdir)/src/file-process/lib clean-local: rm -rf include build Index: patches/patch-src_dynamic-preprocessors_dcerpc2_Makefile_in === RCS file: /cvs/ports/net/snort/patches/patch-src_dynamic-preprocessors_dcerpc2_Makefile_in,v retrieving revision 1.6 diff -u -p -r1.6 patch-src_dynamic-preprocessors_dcerpc2_Makefile_in --- patches/patch-src_dynamic-preprocessors_dcerpc2_Makefile_in 23 Apr 2013 02:04:13 - 1.6 +++ patches/patch-src_dynamic-preprocessors_dcerpc2_Makefile_in 24 Apr 2013 21:39:23 - @@ -1,7 +1,7 @@ $OpenBSD: patch-src_dynamic-preprocessors_dcerpc2_Makefile_in,v 1.6 2013/04/23 02:04:13 lteo Exp $ src/dynamic-preprocessors/dcerpc2/Makefile.in.orig Thu Mar 21 14:07:26 2013 -+++ src/dynamic-preprocessors/dcerpc2/Makefile.in Thu Apr 4 22:28:12 2013 -@@ -229,7 +229,7 @@ top_builddir = @top_builddir@ +--- src/dynamic-preprocessors/dcerpc2/Makefile.in.orig Mon Apr 15 15:57:47 2013 src/dynamic-preprocessors/dcerpc2/Makefile.in Wed Apr 24 14:51:57 2013 +@@ -262,7
update: net/snort 2.9.5
Hello, attached is an update to recent snort 2.9.5. Please test, comment, and maybe commit. Test build and run on sparc64 so far. Regards, Markus Index: Makefile === RCS file: /cvs/ports/net/snort/Makefile,v retrieving revision 1.79 diff -u -p -r1.79 Makefile --- Makefile31 May 2013 20:26:00 - 1.79 +++ Makefile3 Jul 2013 20:53:10 - @@ -4,8 +4,8 @@ SHARED_ONLY = Yes COMMENT = highly flexible sniffer/NIDS -VERSION = 2.9.4.6 -DISTNAME = snort-${VERSION} +VERSION = 2.9.5.0 +DISTNAME = snort-2.9.5 CATEGORIES = net security Index: distinfo === RCS file: /cvs/ports/net/snort/distinfo,v retrieving revision 1.24 diff -u -p -r1.24 distinfo --- distinfo31 May 2013 20:26:00 - 1.24 +++ distinfo3 Jul 2013 20:53:10 - @@ -1,2 +1,2 @@ -SHA256 (snort-2.9.4.6.tar.gz) = z6pTkLGECqqmimwFpwd92Sy5FuYYagFLqkUdQ82ws7w= -SIZE (snort-2.9.4.6.tar.gz) = 5338762 +SHA256 (snort-2.9.5.tar.gz) = H5mXcW6MCGydYIKUpVwyOEaHfI8WrNEpqQyl+tu6GJA= +SIZE (snort-2.9.5.tar.gz) = 5422421 Index: patches/patch-src_decode_h === RCS file: /cvs/ports/net/snort/patches/patch-src_decode_h,v retrieving revision 1.3 diff -u -p -r1.3 patch-src_decode_h --- patches/patch-src_decode_h 16 Jan 2013 04:52:53 - 1.3 +++ patches/patch-src_decode_h 3 Jul 2013 20:53:10 - @@ -1,12 +1,12 @@ $OpenBSD: patch-src_decode_h,v 1.3 2013/01/16 04:52:53 lteo Exp $ src/decode.h.orig Fri Sep 21 02:09:13 2012 -+++ src/decode.h Tue Oct 9 22:18:48 2012 -@@ -806,9 +806,9 @@ typedef struct _SLLHdr { +--- src/decode.h.orig Tue Jun 4 23:19:52 2013 src/decode.h Tue Jul 2 20:52:28 2013 +@@ -812,9 +812,9 @@ typedef struct _SLLHdr { * Pflog1_Hdr: CVS = 1.3, DLT_OLD_PFLOG = 17, Length = 28 * Pflog2_Hdr: CVS = 1.8, DLT_PFLOG = 117, Length = 48 * Pflog3_Hdr: CVS = 1.12, DLT_PFLOG = 117, Length = 64 -- * Pflog3_Hdr: CVS = 1.172, DLT_PFLOG = 117, Length = 100 -+ * Pflog4_Hdr: CVS = 1.16, DLT_PFLOG = 117, Length = 100 +- * Pflog3_Hdr: CVS = 1.172, DLT_PFLOG = 117, Length = 100 ++ * Pflog4_Hdr: CVS = 1.16, DLT_PFLOG = 117, Length = 100 * - * Since they have the same DLT, Pflog{2,3}Hdr are distinguished + * Since they have the same DLT, Pflog{2,3,4}Hdr are distinguished Index: patches/patch-src_dynamic-plugins_sf_dynamic_plugins_c === RCS file: /cvs/ports/net/snort/patches/patch-src_dynamic-plugins_sf_dynamic_plugins_c,v retrieving revision 1.7 diff -u -p -r1.7 patch-src_dynamic-plugins_sf_dynamic_plugins_c --- patches/patch-src_dynamic-plugins_sf_dynamic_plugins_c 16 Jan 2013 04:52:53 - 1.7 +++ patches/patch-src_dynamic-plugins_sf_dynamic_plugins_c 3 Jul 2013 20:53:10 - @@ -1,7 +1,7 @@ $OpenBSD: patch-src_dynamic-plugins_sf_dynamic_plugins_c,v 1.7 2013/01/16 04:52:53 lteo Exp $ src/dynamic-plugins/sf_dynamic_plugins.c.orig Fri Sep 21 02:09:13 2012 -+++ src/dynamic-plugins/sf_dynamic_plugins.c Tue Oct 9 22:18:49 2012 -@@ -253,8 +253,7 @@ void LoadAllLibs(char *path, LoadLibraryFunc loadFunc) +--- src/dynamic-plugins/sf_dynamic_plugins.c.orig Tue Jun 4 23:19:52 2013 src/dynamic-plugins/sf_dynamic_plugins.c Mon Jul 1 23:00:39 2013 +@@ -256,8 +256,7 @@ void LoadAllLibs(const char * const path, LoadLibraryF dir_entry = readdir(directory); while (dir_entry != NULL) { Index: patches/patch-src_dynamic-preprocessors_Makefile_in === RCS file: /cvs/ports/net/snort/patches/patch-src_dynamic-preprocessors_Makefile_in,v retrieving revision 1.10 diff -u -p -r1.10 patch-src_dynamic-preprocessors_Makefile_in --- patches/patch-src_dynamic-preprocessors_Makefile_in 31 May 2013 20:26:01 - 1.10 +++ patches/patch-src_dynamic-preprocessors_Makefile_in 3 Jul 2013 20:53:10 - @@ -1,35 +1,23 @@ $OpenBSD: patch-src_dynamic-preprocessors_Makefile_in,v 1.10 2013/05/31 20:26:01 lteo Exp $ src/dynamic-preprocessors/Makefile.in.orig Mon Apr 15 15:57:47 2013 -+++ src/dynamic-preprocessors/Makefile.in Wed Apr 24 14:51:57 2013 -@@ -1024,8 +1024,8 @@ maintainer-clean-generic: - @echo "This command is intended for maintainers to use" - @echo "it deletes files that may require special tools to rebuild." - -test -z "$(BUILT_SOURCES)" || rm -f $(BUILT_SOURCES) --@HAVE_DYNAMIC_PLUGINS_FALSE@uninstall-local: --@HAVE_DYNAMIC_PLUGINS_FALSE@install-data-local: -+uninstall-local: -+install-data-local: - clean: clean-recursive - - clean-am: clean-generic clean-libtool clean-local \ -@@ -1335,20 +1335,7 @@ include/file_lib.h: $(top_srcdir)/src/file-process/lib - clean-local: +
UPDATE: net/snort 2.9.5.3
This updates Snort to 2.9.5.3. While testing I found that since Snort 2.9.4.1, upstream has removed the ability for Snort to listen on "non-Ethernet" devices such as our pflog(4) by default. This diff re-enables that ability by using the --enable-non-ether-decoders configure flag. Tested on amd64, i386, macppc. OK? Index: Makefile === RCS file: /cvs/ports/net/snort/Makefile,v retrieving revision 1.80 diff -u -p -u -p -r1.80 Makefile --- Makefile10 Jul 2013 02:10:22 - 1.80 +++ Makefile7 Aug 2013 01:57:51 - @@ -4,8 +4,8 @@ SHARED_ONLY = Yes COMMENT = highly flexible sniffer/NIDS -VERSION = 2.9.5.0 -DISTNAME = snort-2.9.5 +VERSION = 2.9.5.3 +DISTNAME = snort-${VERSION} CATEGORIES = net security @@ -25,7 +25,8 @@ USE_GROFF = Yes SEPARATE_BUILD = Yes CONFIGURE_STYLE = gnu CONFIGURE_ARGS += ${CONFIGURE_SHARED} \ - --disable-static-daq + --disable-static-daq \ + --enable-non-ether-decoders LIB_DEPENDS = devel/pcre \ net/libdnet \ Index: distinfo === RCS file: /cvs/ports/net/snort/distinfo,v retrieving revision 1.25 diff -u -p -u -p -r1.25 distinfo --- distinfo10 Jul 2013 02:10:22 - 1.25 +++ distinfo7 Aug 2013 01:34:18 - @@ -1,2 +1,2 @@ -SHA256 (snort-2.9.5.tar.gz) = H5mXcW6MCGydYIKUpVwyOEaHfI8WrNEpqQyl+tu6GJA= -SIZE (snort-2.9.5.tar.gz) = 5422421 +SHA256 (snort-2.9.5.3.tar.gz) = Pv0x/TN+g2r1PXkPwpl/SfzDUeUHHUxuT1hqiLBwxSo= +SIZE (snort-2.9.5.3.tar.gz) = 5047591 Index: patches/patch-etc_snort_conf === RCS file: /cvs/ports/net/snort/patches/patch-etc_snort_conf,v retrieving revision 1.9 diff -u -p -u -p -r1.9 patch-etc_snort_conf --- patches/patch-etc_snort_conf23 Apr 2013 02:04:13 - 1.9 +++ patches/patch-etc_snort_conf7 Aug 2013 01:34:18 - @@ -2,8 +2,8 @@ $OpenBSD: patch-etc_snort_conf,v 1.9 201 reputation preprocessor disabled, still experimental etc/snort.conf.origThu Mar 21 14:09:05 2013 -+++ etc/snort.conf Thu Apr 4 22:31:37 2013 +--- etc/snort.conf.origTue Jul 23 14:37:33 2013 etc/snort.conf Mon Aug 5 14:38:56 2013 @@ -101,17 +101,17 @@ ipvar AIM_SERVERS [64.12.24.0/23,64.12.28.0/23,64.12.1 # Path to your rules files (this can be a relative path) # Note for Windows users: You are advised to make this an absolute path, @@ -65,7 +65,7 @@ reputation preprocessor disabled, still include $RULE_PATH/app-detect.rules include $RULE_PATH/attack-responses.rules include $RULE_PATH/backdoor.rules -@@ -648,6 +650,9 @@ include $RULE_PATH/web-iis.rules +@@ -659,6 +661,9 @@ include $RULE_PATH/web-iis.rules include $RULE_PATH/web-misc.rules include $RULE_PATH/web-php.rules include $RULE_PATH/x11.rules Index: patches/patch-src_decode_h === RCS file: /cvs/ports/net/snort/patches/patch-src_decode_h,v retrieving revision 1.4 diff -u -p -u -p -r1.4 patch-src_decode_h --- patches/patch-src_decode_h 10 Jul 2013 02:10:22 - 1.4 +++ patches/patch-src_decode_h 7 Aug 2013 01:34:18 - @@ -1,7 +1,7 @@ $OpenBSD: patch-src_decode_h,v 1.4 2013/07/10 02:10:22 lteo Exp $ src/decode.h.orig Tue Jun 4 23:19:52 2013 -+++ src/decode.h Tue Jul 2 20:52:28 2013 -@@ -812,9 +812,9 @@ typedef struct _SLLHdr { +--- src/decode.h.orig Wed Jul 3 17:31:22 2013 src/decode.h Mon Aug 5 14:37:49 2013 +@@ -813,9 +813,9 @@ typedef struct _SLLHdr { * Pflog1_Hdr: CVS = 1.3, DLT_OLD_PFLOG = 17, Length = 28 * Pflog2_Hdr: CVS = 1.8, DLT_PFLOG = 117, Length = 48 * Pflog3_Hdr: CVS = 1.12, DLT_PFLOG = 117, Length = 64 Index: patches/patch-src_dynamic-preprocessors_Makefile_in === RCS file: /cvs/ports/net/snort/patches/patch-src_dynamic-preprocessors_Makefile_in,v retrieving revision 1.11 diff -u -p -u -p -r1.11 patch-src_dynamic-preprocessors_Makefile_in --- patches/patch-src_dynamic-preprocessors_Makefile_in 10 Jul 2013 02:10:22 - 1.11 +++ patches/patch-src_dynamic-preprocessors_Makefile_in 7 Aug 2013 01:34:18 - @@ -1,7 +1,7 @@ $OpenBSD: patch-src_dynamic-preprocessors_Makefile_in,v 1.11 2013/07/10 02:10:22 lteo Exp $ src/dynamic-preprocessors/Makefile.in.orig Tue Jun 4 23:21:39 2013 -+++ src/dynamic-preprocessors/Makefile.in Mon Jul 1 23:06:13 2013 -@@ -1333,19 +1333,8 @@ clean-local: +--- src/dynamic-preprocessors/Makefile.in.orig Tue Jul 23 14:35:44 2013 src/dynamic-preprocessors/Makefile.in Mon Aug 5 14:37:49 2013 +@@ -1327,19 +1327,8 @@ clean-local: rm -rf include build install-data-l
UPDATE: net/snort 2.9.5.5
Here's a trivial update to Snort 2.9.5.5 (release notes are at https://www.snort.org/downloads/2548) Tested on amd64, i386, macppc. OK? Index: Makefile === RCS file: /cvs/ports/net/snort/Makefile,v retrieving revision 1.81 diff -u -p -r1.81 Makefile --- Makefile21 Aug 2013 02:28:42 - 1.81 +++ Makefile22 Sep 2013 03:11:40 - @@ -4,7 +4,7 @@ SHARED_ONLY = Yes COMMENT = highly flexible sniffer/NIDS -VERSION = 2.9.5.3 +VERSION = 2.9.5.5 DISTNAME = snort-${VERSION} CATEGORIES = net security Index: distinfo === RCS file: /cvs/ports/net/snort/distinfo,v retrieving revision 1.26 diff -u -p -r1.26 distinfo --- distinfo21 Aug 2013 02:28:43 - 1.26 +++ distinfo22 Sep 2013 03:20:23 - @@ -1,2 +1,2 @@ -SHA256 (snort-2.9.5.3.tar.gz) = Pv0x/TN+g2r1PXkPwpl/SfzDUeUHHUxuT1hqiLBwxSo= -SIZE (snort-2.9.5.3.tar.gz) = 5047591 +SHA256 (snort-2.9.5.5.tar.gz) = AsjMYGC9qgsAU3ynD20nKFU3WUiuzlJT3Rjw12x/U54= +SIZE (snort-2.9.5.5.tar.gz) = 5048740
UPDATE: net/snort 2.9.4.1
Hello, here is an update to latest snort 2.9.4.1. Please test, comment, ... Regards, Markus Index: Makefile === RCS file: /cvs/ports/net/snort/Makefile,v retrieving revision 1.75 diff -u -p -r1.75 Makefile --- Makefile11 Mar 2013 11:35:56 - 1.75 +++ Makefile26 Mar 2013 21:18:21 - @@ -4,10 +4,9 @@ SHARED_ONLY = Yes COMMENT = highly flexible sniffer/NIDS -VERSION = 2.9.4.0 -DISTNAME = snort-2.9.4 +VERSION = 2.9.4.1 +DISTNAME = snort-2.9.4.1 PKGNAME = snort-${VERSION} -REVISION = 0 CATEGORIES = net security Index: distinfo === RCS file: /cvs/ports/net/snort/distinfo,v retrieving revision 1.21 diff -u -p -r1.21 distinfo --- distinfo16 Jan 2013 04:52:53 - 1.21 +++ distinfo26 Mar 2013 21:18:21 - @@ -1,2 +1,2 @@ -SHA256 (snort-2.9.4.tar.gz) = QgKuD2ZqU0jGJEdqRUPx0FmnCZjesNytq2hlzWukmbU= -SIZE (snort-2.9.4.tar.gz) = 5289321 +SHA256 (snort-2.9.4.1.tar.gz) = L0Ilbp9LYTIB6nnlr1S2RairAplysj9vvGSesA5vHa4= +SIZE (snort-2.9.4.1.tar.gz) = 5296045 Index: patches/patch-src_dynamic-plugins_sf_engine_Makefile_in === RCS file: /cvs/ports/net/snort/patches/patch-src_dynamic-plugins_sf_engine_Makefile_in,v retrieving revision 1.3 diff -u -p -r1.3 patch-src_dynamic-plugins_sf_engine_Makefile_in --- patches/patch-src_dynamic-plugins_sf_engine_Makefile_in 16 Jan 2013 04:52:53 - 1.3 +++ patches/patch-src_dynamic-plugins_sf_engine_Makefile_in 26 Mar 2013 21:18:21 - @@ -1,7 +1,7 @@ $OpenBSD: patch-src_dynamic-plugins_sf_engine_Makefile_in,v 1.3 2013/01/16 04:52:53 lteo Exp $ src/dynamic-plugins/sf_engine/Makefile.in.orig Thu Nov 15 23:53:01 2012 -+++ src/dynamic-plugins/sf_engine/Makefile.in Mon Dec 3 22:17:26 2012 -@@ -263,7 +263,7 @@ top_builddir = @top_builddir@ +--- src/dynamic-plugins/sf_engine/Makefile.in.orig Wed Feb 20 20:31:52 2013 src/dynamic-plugins/sf_engine/Makefile.in Fri Mar 8 18:42:20 2013 +@@ -296,7 +296,7 @@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ AUTOMAKE_OPTIONS = foreign no-dependencies lib_LTLIBRARIES = libsf_engine.la Index: patches/patch-src_dynamic-preprocessors_Makefile_in === RCS file: /cvs/ports/net/snort/patches/patch-src_dynamic-preprocessors_Makefile_in,v retrieving revision 1.7 diff -u -p -r1.7 patch-src_dynamic-preprocessors_Makefile_in --- patches/patch-src_dynamic-preprocessors_Makefile_in 16 Jan 2013 04:52:53 - 1.7 +++ patches/patch-src_dynamic-preprocessors_Makefile_in 26 Mar 2013 21:18:21 - @@ -1,7 +1,7 @@ $OpenBSD: patch-src_dynamic-preprocessors_Makefile_in,v 1.7 2013/01/16 04:52:53 lteo Exp $ src/dynamic-preprocessors/Makefile.in.orig Thu Nov 15 23:53:02 2012 -+++ src/dynamic-preprocessors/Makefile.in Mon Dec 3 22:17:26 2012 -@@ -987,8 +987,8 @@ maintainer-clean-generic: +--- src/dynamic-preprocessors/Makefile.in.orig Wed Feb 20 20:31:53 2013 src/dynamic-preprocessors/Makefile.in Fri Mar 8 18:42:21 2013 +@@ -1024,8 +1024,8 @@ maintainer-clean-generic: @echo "This command is intended for maintainers to use" @echo "it deletes files that may require special tools to rebuild." -test -z "$(BUILT_SOURCES)" || rm -f $(BUILT_SOURCES) @@ -12,7 +12,7 @@ $OpenBSD: patch-src_dynamic-preprocessor clean: clean-recursive clean-am: clean-generic clean-libtool clean-local \ -@@ -1298,20 +1298,7 @@ include/file_lib.h: $(top_srcdir)/src/file-process/lib +@@ -1335,20 +1335,7 @@ include/file_lib.h: $(top_srcdir)/src/file-process/lib clean-local: rm -rf include build Index: patches/patch-src_dynamic-preprocessors_dcerpc2_Makefile_in === RCS file: /cvs/ports/net/snort/patches/patch-src_dynamic-preprocessors_dcerpc2_Makefile_in,v retrieving revision 1.4 diff -u -p -r1.4 patch-src_dynamic-preprocessors_dcerpc2_Makefile_in --- patches/patch-src_dynamic-preprocessors_dcerpc2_Makefile_in 16 Jan 2013 04:52:53 - 1.4 +++ patches/patch-src_dynamic-preprocessors_dcerpc2_Makefile_in 26 Mar 2013 21:18:21 - @@ -1,7 +1,7 @@ $OpenBSD: patch-src_dynamic-preprocessors_dcerpc2_Makefile_in,v 1.4 2013/01/16 04:52:53 lteo Exp $ src/dynamic-preprocessors/dcerpc2/Makefile.in.orig Thu Nov 15 23:53:02 2012 -+++ src/dynamic-preprocessors/dcerpc2/Makefile.in Mon Dec 3 22:17:26 2012 -@@ -229,7 +229,7 @@ top_builddir = @top_builddir@ +--- src/dynamic-preprocessors/dcerpc2/Makefile.in.orig Wed Feb 20 20:31:53 2013 src/dynamic-preprocessors/dcerpc2/Makefile.in Fri Mar 8 18:42:22 2013 +@@ -262,7 +262,7 @@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ AUTOMAKE_OPTIONS =
[update] net/snort 2.9.4.5
Hello, here's an update to the latest snort version 2.9.4.5. Please test, comment, commit, ... Builds on sparc64, run since 2 days on a sparc64 test machine (with low traffic). Regards, Markus Index: Makefile === RCS file: /cvs/ports/net/snort/Makefile,v retrieving revision 1.77 diff -u -p -r1.77 Makefile --- Makefile29 Mar 2013 04:22:59 - 1.77 +++ Makefile14 Apr 2013 14:04:32 - @@ -4,7 +4,7 @@ SHARED_ONLY = Yes COMMENT = highly flexible sniffer/NIDS -VERSION = 2.9.4.1 +VERSION = 2.9.4.5 DISTNAME = snort-${VERSION} CATEGORIES = net security Index: distinfo === RCS file: /cvs/ports/net/snort/distinfo,v retrieving revision 1.22 diff -u -p -r1.22 distinfo --- distinfo29 Mar 2013 04:22:59 - 1.22 +++ distinfo14 Apr 2013 14:04:32 - @@ -1,2 +1,2 @@ -SHA256 (snort-2.9.4.1.tar.gz) = L0Ilbp9LYTIB6nnlr1S2RairAplysj9vvGSesA5vHa4= -SIZE (snort-2.9.4.1.tar.gz) = 5296045 +SHA256 (snort-2.9.4.5.tar.gz) = TwWSQfgLFAGYgCvxbYa4gSzhXw3T8JujXySFz4suygs= +SIZE (snort-2.9.4.5.tar.gz) = 5255794 Index: patches/patch-etc_snort_conf === RCS file: /cvs/ports/net/snort/patches/patch-etc_snort_conf,v retrieving revision 1.8 diff -u -p -r1.8 patch-etc_snort_conf --- patches/patch-etc_snort_conf16 Jan 2013 04:52:53 - 1.8 +++ patches/patch-etc_snort_conf14 Apr 2013 14:04:32 - @@ -2,11 +2,8 @@ $OpenBSD: patch-etc_snort_conf,v 1.8 201 reputation preprocessor disabled, still experimental -load the new Snort rule files since they have been reorganized: -http://blog.snort.org/2012/10/rule-category-reorganization-phase-3.html - etc/snort.conf.origThu Nov 15 17:54:40 2012 -+++ etc/snort.conf Thu Jan 10 23:43:15 2013 +--- etc/snort.conf.origThu Mar 21 14:09:05 2013 etc/snort.conf Thu Apr 4 22:31:37 2013 @@ -101,17 +101,17 @@ ipvar AIM_SERVERS [64.12.24.0/23,64.12.28.0/23,64.12.1 # Path to your rules files (this can be a relative path) # Note for Windows users: You are advised to make this an absolute path, @@ -57,7 +54,7 @@ http://blog.snort.org/2012/10/rule-categ ### # Step #6: Configure output plugins -@@ -542,42 +543,93 @@ include reference.config +@@ -542,8 +543,9 @@ include reference.config ### # site specific rules @@ -65,95 +62,10 @@ http://blog.snort.org/2012/10/rule-categ +#include $RULE_PATH/local.rules +# Official Sourcefire VRT rules from http://www.snort.org/snort-rules/ -+include $RULE_PATH/app-detect.rules + include $RULE_PATH/app-detect.rules include $RULE_PATH/attack-responses.rules include $RULE_PATH/backdoor.rules - include $RULE_PATH/bad-traffic.rules - include $RULE_PATH/blacklist.rules - include $RULE_PATH/botnet-cnc.rules -+include $RULE_PATH/browser-chrome.rules -+include $RULE_PATH/browser-firefox.rules -+include $RULE_PATH/browser-ie.rules -+include $RULE_PATH/browser-other.rules -+include $RULE_PATH/browser-plugins.rules -+include $RULE_PATH/browser-webkit.rules - include $RULE_PATH/chat.rules - include $RULE_PATH/content-replace.rules - include $RULE_PATH/ddos.rules - include $RULE_PATH/dns.rules - include $RULE_PATH/dos.rules -+include $RULE_PATH/experimental.rules -+include $RULE_PATH/exploit-kit.rules - include $RULE_PATH/exploit.rules -+include $RULE_PATH/file-executable.rules -+include $RULE_PATH/file-flash.rules - include $RULE_PATH/file-identify.rules -+include $RULE_PATH/file-image.rules -+include $RULE_PATH/file-multimedia.rules -+include $RULE_PATH/file-office.rules -+include $RULE_PATH/file-other.rules -+include $RULE_PATH/file-pdf.rules - include $RULE_PATH/finger.rules - include $RULE_PATH/ftp.rules --include $RULE_PATH/icmp.rules - include $RULE_PATH/icmp-info.rules -+include $RULE_PATH/icmp.rules - include $RULE_PATH/imap.rules -+include $RULE_PATH/indicator-compromise.rules -+include $RULE_PATH/indicator-obfuscation.rules -+include $RULE_PATH/indicator-shellcode.rules - include $RULE_PATH/info.rules -+include $RULE_PATH/malware-backdoor.rules -+include $RULE_PATH/malware-cnc.rules -+include $RULE_PATH/malware-other.rules -+include $RULE_PATH/malware-tools.rules - include $RULE_PATH/misc.rules - include $RULE_PATH/multimedia.rules - include $RULE_PATH/mysql.rules - include $RULE_PATH/netbios.rules - include $RULE_PATH/nntp.rules - include $RULE_PATH/oracle.rules -+include $RULE_PATH/os-linux.rules -+include $RULE_PATH/os-other.rules -+include $RULE_PATH/os-solaris.rules -+include $RULE_PATH/os-windows.rules - include $RULE_PATH/other-ids.rules - include $RULE_PATH/p2p.rules - include $RULE_PATH/phishing-spam.rules -+include $RULE_PATH/policy-multimedia.rules -+include $RULE_PATH/policy-other.rules - i
UPDATE: net/snort 2.9.6.0
Hello, attached is an update to recent snort 2.9.6.0. Tested on sparc64 with daq 2.0.2. Please test, comment, ... Regards, Markus
[UPDATE] net/snort 2.9.6.1
Hello, attached is an update of snort to the recent version 2.9.6.1. Please test, comment, and eventually commit. Regards, Markus Index: Makefile === RCS file: /cvs/ports/net/snort/Makefile,v retrieving revision 1.84 diff -u -p -u -p -r1.84 Makefile --- Makefile30 Jan 2014 03:23:48 - 1.84 +++ Makefile10 May 2014 16:37:31 - @@ -4,7 +4,7 @@ SHARED_ONLY = Yes COMMENT = highly flexible sniffer/NIDS -VERSION = 2.9.6.0 +VERSION = 2.9.6.1 DISTNAME = snort-${VERSION} CATEGORIES = net security Index: distinfo === RCS file: /cvs/ports/net/snort/distinfo,v retrieving revision 1.29 diff -u -p -u -p -r1.29 distinfo --- distinfo30 Jan 2014 03:23:48 - 1.29 +++ distinfo10 May 2014 16:37:31 - @@ -1,2 +1,2 @@ -SHA256 (snort-2.9.6.0.tar.gz) = PMbIqbUvTIY6VzanO0ASr/NAtQteACdxsE1Id/R80Z4= -SIZE (snort-2.9.6.0.tar.gz) = 5189146 +SHA256 (snort-2.9.6.1.tar.gz) = EZ5MXfg/42qNRl5yoDR/4x53cXBNoobwQRWwxbql97g= +SIZE (snort-2.9.6.1.tar.gz) = 5226869 Index: patches/patch-etc_snort_conf === RCS file: /cvs/ports/net/snort/patches/patch-etc_snort_conf,v retrieving revision 1.10 diff -u -p -u -p -r1.10 patch-etc_snort_conf --- patches/patch-etc_snort_conf21 Aug 2013 02:28:43 - 1.10 +++ patches/patch-etc_snort_conf10 May 2014 16:37:31 - @@ -2,9 +2,9 @@ $OpenBSD: patch-etc_snort_conf,v 1.10 20 reputation preprocessor disabled, still experimental etc/snort.conf.origTue Jul 23 14:37:33 2013 -+++ etc/snort.conf Mon Aug 5 14:38:56 2013 -@@ -101,17 +101,17 @@ ipvar AIM_SERVERS [64.12.24.0/23,64.12.28.0/23,64.12.1 +--- etc/snort.conf.origThu Apr 3 23:25:10 2014 etc/snort.conf Mon May 5 19:42:27 2014 +@@ -101,13 +101,13 @@ ipvar AIM_SERVERS [64.12.24.0/23,64.12.28.0/23,64.12.1 # Path to your rules files (this can be a relative path) # Note for Windows users: You are advised to make this an absolute path, # such as: c:\snort\rules @@ -16,10 +16,6 @@ reputation preprocessor disabled, still +var PREPROC_RULE_PATH ${SYSCONFDIR}/snort/preproc_rules # If you are using reputation preprocessor set these - # Currently there is a bug with relative paths, they are relative to where snort is - # not relative to snort.conf like the above variables - # This is completely inconsistent with how other vars work, BUG 89986 - # Set the absolute path appropriately -var WHITE_LIST_PATH ../rules -var BLACK_LIST_PATH ../rules +var WHITE_LIST_PATH ${SYSCONFDIR}/snort/rules @@ -27,7 +23,7 @@ reputation preprocessor disabled, still ### # Step #2: Configure the decoder. For more information, see README.decode -@@ -158,6 +158,7 @@ config checksum_mode: all +@@ -154,6 +154,7 @@ config checksum_mode: all # # config daq: # config daq_dir: @@ -35,7 +31,7 @@ reputation preprocessor disabled, still # config daq_mode: # config daq_var: # -@@ -503,12 +504,12 @@ preprocessor dnp3: ports { 2 } \ +@@ -499,12 +500,12 @@ preprocessor dnp3: ports { 2 } \ check_crc # Reputation preprocessor. For more information see README.reputation @@ -54,7 +50,7 @@ reputation preprocessor disabled, still ### # Step #6: Configure output plugins -@@ -542,8 +543,9 @@ include reference.config +@@ -538,8 +539,9 @@ include reference.config ### # site specific rules @@ -65,7 +61,7 @@ reputation preprocessor disabled, still include $RULE_PATH/app-detect.rules include $RULE_PATH/attack-responses.rules include $RULE_PATH/backdoor.rules -@@ -659,6 +661,9 @@ include $RULE_PATH/web-iis.rules +@@ -655,6 +657,9 @@ include $RULE_PATH/web-iis.rules include $RULE_PATH/web-misc.rules include $RULE_PATH/web-php.rules include $RULE_PATH/x11.rules
UPDATE: net/snort 2.9.6.2
This updates Snort to 2.9.6.2, which contains a few improvements. Release notes are at: https://www.snort.org/downloads/snort/release_notes_2.9.6.2.txt snort.org has revamped their website, so this diff also updates MASTER_SITES accordingly. Tested on amd64, i386, macppc, and sparc64. ok? Index: Makefile === RCS file: /cvs/ports/net/snort/Makefile,v retrieving revision 1.86 diff -u -p -r1.86 Makefile --- Makefile4 Jun 2014 03:17:12 - 1.86 +++ Makefile8 Aug 2014 04:36:35 - @@ -4,9 +4,8 @@ SHARED_ONLY = Yes COMMENT = highly flexible sniffer/NIDS -VERSION = 2.9.6.1 +VERSION = 2.9.6.2 DISTNAME = snort-${VERSION} -REVISION = 0 CATEGORIES = net security @@ -19,7 +18,7 @@ PERMIT_PACKAGE_CDROM =Yes WANTLIB = c crypto daq dnet m pcap pcre pthread z -MASTER_SITES = http://www.snort.org/dl/snort-current/ +MASTER_SITES = https://www.snort.org/downloads/snort/ USE_GROFF =Yes Index: distinfo === RCS file: /cvs/ports/net/snort/distinfo,v retrieving revision 1.30 diff -u -p -r1.30 distinfo --- distinfo15 May 2014 20:11:43 - 1.30 +++ distinfo8 Aug 2014 04:36:56 - @@ -1,2 +1,2 @@ -SHA256 (snort-2.9.6.1.tar.gz) = EZ5MXfg/42qNRl5yoDR/4x53cXBNoobwQRWwxbql97g= -SIZE (snort-2.9.6.1.tar.gz) = 5226869 +SHA256 (snort-2.9.6.2.tar.gz) = jh1/xeFSOnhthFygECzEdKv86/zH6WShZTaAA0tbXXc= +SIZE (snort-2.9.6.2.tar.gz) = 5229232
UPDATE: net/snort 2.9.7.0
This updates Snort to 2.9.7.0. Tested with DAQ 2.0.4 (sent earlier) on amd64. ok? Index: Makefile === RCS file: /cvs/ports/net/snort/Makefile,v retrieving revision 1.86 diff -u -p -r1.86 Makefile --- Makefile4 Jun 2014 03:17:12 - 1.86 +++ Makefile24 Dec 2014 20:19:16 - @@ -4,9 +4,8 @@ SHARED_ONLY = Yes COMMENT = highly flexible sniffer/NIDS -VERSION = 2.9.6.1 +VERSION = 2.9.7.0 DISTNAME = snort-${VERSION} -REVISION = 0 CATEGORIES = net security @@ -19,7 +18,7 @@ PERMIT_PACKAGE_CDROM =Yes WANTLIB = c crypto daq dnet m pcap pcre pthread z -MASTER_SITES = http://www.snort.org/dl/snort-current/ +MASTER_SITES = https://www.snort.org/downloads/snort/ USE_GROFF =Yes Index: distinfo === RCS file: /cvs/ports/net/snort/distinfo,v retrieving revision 1.30 diff -u -p -r1.30 distinfo --- distinfo15 May 2014 20:11:43 - 1.30 +++ distinfo24 Dec 2014 20:44:30 - @@ -1,2 +1,2 @@ -SHA256 (snort-2.9.6.1.tar.gz) = EZ5MXfg/42qNRl5yoDR/4x53cXBNoobwQRWwxbql97g= -SIZE (snort-2.9.6.1.tar.gz) = 5226869 +SHA256 (snort-2.9.7.0.tar.gz) = lziv6kXSC393mXzAAFXn3XD2rqAQEgnYfv7EvE6s5Js= +SIZE (snort-2.9.7.0.tar.gz) = 6340553 Index: patches/patch-etc_snort_conf === RCS file: /cvs/ports/net/snort/patches/patch-etc_snort_conf,v retrieving revision 1.12 diff -u -p -r1.12 patch-etc_snort_conf --- patches/patch-etc_snort_conf4 Jun 2014 03:17:12 - 1.12 +++ patches/patch-etc_snort_conf24 Dec 2014 21:22:01 - @@ -2,9 +2,9 @@ $OpenBSD: patch-etc_snort_conf,v 1.12 20 reputation preprocessor disabled, still experimental etc/snort.conf.origThu Apr 3 17:25:10 2014 -+++ etc/snort.conf Mon Jun 2 00:13:35 2014 -@@ -101,13 +101,13 @@ ipvar AIM_SERVERS [64.12.24.0/23,64.12.28.0/23,64.12.1 +--- etc/snort.conf.origMon Oct 13 11:44:08 2014 etc/snort.conf Wed Dec 24 16:21:36 2014 +@@ -101,17 +101,17 @@ ipvar AIM_SERVERS [64.12.24.0/23,64.12.28.0/23,64.12.1 # Path to your rules files (this can be a relative path) # Note for Windows users: You are advised to make this an absolute path, # such as: c:\snort\rules @@ -16,6 +16,10 @@ reputation preprocessor disabled, still +var PREPROC_RULE_PATH ${SYSCONFDIR}/snort/preproc_rules # If you are using reputation preprocessor set these + # Currently there is a bug with relative paths, they are relative to where snort is + # not relative to snort.conf like the above variables + # This is completely inconsistent with how other vars work, BUG 89986 + # Set the absolute path appropriately -var WHITE_LIST_PATH ../rules -var BLACK_LIST_PATH ../rules +var WHITE_LIST_PATH ${SYSCONFDIR}/snort/rules @@ -23,7 +27,7 @@ reputation preprocessor disabled, still ### # Step #2: Configure the decoder. For more information, see README.decode -@@ -138,7 +138,11 @@ config disable_ipopt_alerts +@@ -142,7 +142,11 @@ config disable_ipopt_alerts # config enable_decode_oversized_drops # Configure IP / TCP checksum mode @@ -36,15 +40,16 @@ reputation preprocessor disabled, still # Configure maximum number of flowbit references. For more information, see README.flowbits # config flowbits_size: 64 -@@ -154,6 +158,7 @@ config checksum_mode: all +@@ -157,7 +161,7 @@ config checksum_mode: all + # Configure DAQ related options for inline operation. For more information, see README.daq # # config daq: - # config daq_dir: +-# config daq_dir: +config daq_dir: ${PREFIX}/lib/daq/ # config daq_mode: # config daq_var: # -@@ -499,12 +504,12 @@ preprocessor dnp3: ports { 2 } \ +@@ -503,12 +507,12 @@ preprocessor dnp3: ports { 2 } \ check_crc # Reputation preprocessor. For more information see README.reputation @@ -63,18 +68,19 @@ reputation preprocessor disabled, still ### # Step #6: Configure output plugins -@@ -538,8 +543,9 @@ include reference.config +@@ -542,8 +546,10 @@ include reference.config ### # site specific rules -include $RULE_PATH/local.rules +#include $RULE_PATH/local.rules -+# Official Sourcefire VRT rules from http://www.snort.org/snort-rules/ ++# Official Sourcefire VRT rules from ++# https://www.snort.org/downloads/#rule-downloads include $RULE_PATH/app-detect.rules include $RULE_PATH/attack-responses.rules include $RULE_PATH/backdoor.rules -@@ -655,6 +661,9 @@ include $RULE_PATH/web-iis.rules +@@ -648,6 +654,9 @@ include $RULE_PATH/web-iis.rules include $RULE_PATH/web-misc.rules include $RULE_PATH/web-php.rules include $RULE_PATH/x11.rules Inde
UPDATE: net/snort 2.9.7.3
Hello, attached is an update to snort-2.9.7.3, a bugfix release. Most of the diff are regenerated patches. Tested with daq 2.0.5 on i386. Also at least builds on sparc64. Please test, comment. Regards, Markus Index: Makefile === RCS file: /cvs/ports/net/snort/Makefile,v retrieving revision 1.90 diff -u -p -r1.90 Makefile --- Makefile16 Feb 2015 22:57:11 - 1.90 +++ Makefile26 May 2015 19:58:21 - @@ -4,7 +4,7 @@ SHARED_ONLY = Yes COMMENT = highly flexible sniffer/NIDS -VERSION = 2.9.7.0 +VERSION = 2.9.7.3 DISTNAME = snort-${VERSION} CATEGORIES = net security @@ -16,7 +16,7 @@ MAINTAINER = Markus Lude https://www.snort.org/downloads/snort/ @@ -26,7 +26,8 @@ CONFIGURE_ARGS += ${CONFIGURE_SHARED} \ --disable-static-daq \ --enable-non-ether-decoders -LIB_DEPENDS = devel/pcre \ +LIB_DEPENDS = archivers/xz \ + devel/pcre \ net/libdnet \ net/daq Index: distinfo === RCS file: /cvs/ports/net/snort/distinfo,v retrieving revision 1.32 diff -u -p -r1.32 distinfo --- distinfo24 Jan 2015 03:52:53 - 1.32 +++ distinfo26 May 2015 19:58:21 - @@ -1,2 +1,2 @@ -SHA256 (snort-2.9.7.0.tar.gz) = lziv6kXSC393mXzAAFXn3XD2rqAQEgnYfv7EvE6s5Js= -SIZE (snort-2.9.7.0.tar.gz) = 6340553 +SHA256 (snort-2.9.7.3.tar.gz) = jMNhO4iPxUlHor7sdzx22aIDaPJlmzHUWp8LEeZswik= +SIZE (snort-2.9.7.3.tar.gz) = 6300073 Index: patches/patch-etc_snort_conf === RCS file: /cvs/ports/net/snort/patches/patch-etc_snort_conf,v retrieving revision 1.13 diff -u -p -r1.13 patch-etc_snort_conf --- patches/patch-etc_snort_conf24 Jan 2015 03:52:53 - 1.13 +++ patches/patch-etc_snort_conf26 May 2015 19:58:21 - @@ -2,8 +2,8 @@ $OpenBSD: patch-etc_snort_conf,v 1.13 20 reputation preprocessor disabled, still experimental etc/snort.conf.origMon Oct 13 17:44:08 2014 -+++ etc/snort.conf Sat Jan 10 16:16:45 2015 +--- etc/snort.conf.origThu Apr 23 20:29:00 2015 etc/snort.conf Sun May 24 22:10:12 2015 @@ -101,17 +101,17 @@ ipvar AIM_SERVERS [64.12.24.0/23,64.12.28.0/23,64.12.1 # Path to your rules files (this can be a relative path) # Note for Windows users: You are advised to make this an absolute path, @@ -79,13 +79,78 @@ reputation preprocessor disabled, still include $RULE_PATH/app-detect.rules include $RULE_PATH/attack-responses.rules include $RULE_PATH/backdoor.rules -@@ -648,6 +655,9 @@ include $RULE_PATH/web-iis.rules - include $RULE_PATH/web-misc.rules +@@ -568,6 +575,7 @@ include $RULE_PATH/file-executable.rules + include $RULE_PATH/file-flash.rules + include $RULE_PATH/file-identify.rules + include $RULE_PATH/file-image.rules ++include $RULE_PATH/file-java.rules + include $RULE_PATH/file-multimedia.rules + include $RULE_PATH/file-office.rules + include $RULE_PATH/file-other.rules +@@ -579,6 +587,7 @@ include $RULE_PATH/icmp.rules + include $RULE_PATH/imap.rules + include $RULE_PATH/indicator-compromise.rules + include $RULE_PATH/indicator-obfuscation.rules ++include $RULE_PATH/indicator-scan.rules + include $RULE_PATH/indicator-shellcode.rules + include $RULE_PATH/info.rules + include $RULE_PATH/malware-backdoor.rules +@@ -592,6 +601,7 @@ include $RULE_PATH/netbios.rules + include $RULE_PATH/nntp.rules + include $RULE_PATH/oracle.rules + include $RULE_PATH/os-linux.rules ++include $RULE_PATH/os-mobile.rules + include $RULE_PATH/os-other.rules + include $RULE_PATH/os-solaris.rules + include $RULE_PATH/os-windows.rules +@@ -605,12 +615,20 @@ include $RULE_PATH/policy-social.rules + include $RULE_PATH/policy-spam.rules + include $RULE_PATH/pop2.rules + include $RULE_PATH/pop3.rules ++include $RULE_PATH/protocol-dns.rules + include $RULE_PATH/protocol-finger.rules + include $RULE_PATH/protocol-ftp.rules + include $RULE_PATH/protocol-icmp.rules + include $RULE_PATH/protocol-imap.rules ++include $RULE_PATH/protocol-nntp.rules ++include $RULE_PATH/protocol-other.rules + include $RULE_PATH/protocol-pop.rules ++include $RULE_PATH/protocol-rpc.rules ++include $RULE_PATH/protocol-scada.rules + include $RULE_PATH/protocol-services.rules ++include $RULE_PATH/protocol-snmp.rules ++include $RULE_PATH/protocol-telnet.rules ++include $RULE_PATH/protocol-tftp.rules + include $RULE_PATH/protocol-voip.rules + include $RULE_PATH/pua-adware.rules + include $RULE_PATH/pua-other.rules +@@ -627,6 +645,7 @@ include $RULE_PATH/server-mssql.rules + include $RULE_PATH/server-mysql.rules + include $RULE_PATH/server-oracle.rules + include $RULE_PATH/server-other.rules ++include $RULE_PATH/server-samba.rules + include $RULE_PATH/server-webapp.rules + include
UPDATE: net/snort 2.8.4.1
Hello, here is an update to snort 2.8.4.1. I marked the port as SHARED_ONLY as pointed out by naddy some time ago on ports@ Please test and report which flavor/arch/output plugin you use/tested. Thanks. Regards, Markus Index: Makefile === RCS file: /cvs/ports/net/snort/Makefile,v retrieving revision 1.53 diff -u -p -r1.53 Makefile --- Makefile12 Feb 2009 22:12:08 - 1.53 +++ Makefile22 May 2009 00:00:40 - @@ -1,8 +1,10 @@ # $OpenBSD: Makefile,v 1.53 2009/02/12 22:12:08 rui Exp $ +SHARED_ONLY = Yes + COMMENT = highly flexible sniffer/NIDS -DISTNAME = snort-2.8.3.2 +DISTNAME = snort-2.8.4.1 CATEGORIES = net security MASTER_SITES = ${HOMEPAGE}dl/ @@ -17,13 +19,14 @@ PERMIT_DISTFILES_CDROM = Yes PERMIT_DISTFILES_FTP = Yes WANTLIB = c m pcap -SHARED_LIBS = sf_engine 2.0 \ - sf_dns_preproc 2.0 \ - sf_ftptelnet_preproc 2.0 \ - sf_smtp_preproc 2.0 \ - sf_dcerpc_preproc 1.0 \ - sf_ssh_preproc 1.0 \ - sf_ssl_preproc 0.0 \ +SHARED_LIBS = sf_engine 3.0 \ + sf_dce2_preproc 0.0 \ + sf_dcerpc_preproc 2.0 \ + sf_dns_preproc 3.0 \ + sf_ftptelnet_preproc 3.0 \ + sf_smtp_preproc 3.0 \ + sf_ssh_preproc 2.0 \ + sf_ssl_preproc 1.0 \ _sfdynamic_example_rule 0.0 \ _sfdynamic_preprocessor_example 0.0 Index: distinfo === RCS file: /cvs/ports/net/snort/distinfo,v retrieving revision 1.17 diff -u -p -r1.17 distinfo --- distinfo12 Feb 2009 22:12:08 - 1.17 +++ distinfo22 May 2009 00:00:40 - @@ -1,5 +1,5 @@ -MD5 (snort-2.8.3.2.tar.gz) = 91VH2jNEbdtMoH7v2c4x3A== -RMD160 (snort-2.8.3.2.tar.gz) = IkPA8DLM1fFbRGGP2gCQRCbSz4Y= -SHA1 (snort-2.8.3.2.tar.gz) = P+Y1LMzcN4KPJS8GKwal+jEDXaw= -SHA256 (snort-2.8.3.2.tar.gz) = nsNBHGgekQcjTKBBAEJAidM3VCsCL4y1gPLrrlsEDD4= -SIZE (snort-2.8.3.2.tar.gz) = 4478448 +MD5 (snort-2.8.4.1.tar.gz) = Y/TnaulqLRM/THt0G61UWA== +RMD160 (snort-2.8.4.1.tar.gz) = jzijfJ8Wm6uVKUbMq6JMktJnuIA= +SHA1 (snort-2.8.4.1.tar.gz) = P/q7U2bAiJUv76sZqNwZzoTWJkU= +SHA256 (snort-2.8.4.1.tar.gz) = 7n95DrPfTmFWp8hl8boihVOUyePBP9xX1gqGRyZ/wgk= +SIZE (snort-2.8.4.1.tar.gz) = 4567713 Index: patches/patch-etc_snort_conf === RCS file: /cvs/ports/net/snort/patches/patch-etc_snort_conf,v retrieving revision 1.3 diff -u -p -r1.3 patch-etc_snort_conf --- patches/patch-etc_snort_conf12 Feb 2009 22:12:08 - 1.3 +++ patches/patch-etc_snort_conf22 May 2009 00:00:40 - @@ -1,6 +1,6 @@ $OpenBSD: patch-etc_snort_conf,v 1.3 2009/02/12 22:12:08 rui Exp $ etc/snort.conf.origMon Sep 15 18:28:02 2008 -+++ etc/snort.conf Thu Nov 6 17:44:46 2008 +--- etc/snort.conf.origWed Mar 11 14:22:03 2009 etc/snort.conf Wed Apr 8 12:47:17 2009 @@ -78,7 +78,10 @@ var SNMP_SERVERS $HOME_NET # like this: # Index: patches/patch-src_dynamic-plugins_sf_dynamic_plugins_c === RCS file: /cvs/ports/net/snort/patches/patch-src_dynamic-plugins_sf_dynamic_plugins_c,v retrieving revision 1.3 diff -u -p -r1.3 patch-src_dynamic-plugins_sf_dynamic_plugins_c --- patches/patch-src_dynamic-plugins_sf_dynamic_plugins_c 12 Feb 2009 22:12:08 - 1.3 +++ patches/patch-src_dynamic-plugins_sf_dynamic_plugins_c 22 May 2009 00:00:40 - @@ -1,7 +1,7 @@ $OpenBSD: patch-src_dynamic-plugins_sf_dynamic_plugins_c,v 1.3 2009/02/12 22:12:08 rui Exp $ src/dynamic-plugins/sf_dynamic_plugins.c.orig Wed Apr 30 20:53:15 2008 -+++ src/dynamic-plugins/sf_dynamic_plugins.c Fri Aug 8 14:57:43 2008 -@@ -227,8 +227,7 @@ void LoadAllLibs(char *path, LoadLibraryFunc loadFunc) +--- src/dynamic-plugins/sf_dynamic_plugins.c.orig Mon Jan 26 22:50:08 2009 src/dynamic-plugins/sf_dynamic_plugins.c Wed Apr 8 12:40:35 2009 +@@ -233,8 +233,7 @@ void LoadAllLibs(char *path, LoadLibraryFunc loadFunc) dirEntry = readdir(directory); while (dirEntry) { Index: patches/patch-src_dynamic-preprocessors_Makefile_in === RCS file: /cvs/ports/net/snort/patches/patch-src_dynamic-preprocessors_Makefile_in,v retrieving revision 1.3 diff -u -p -r1.3 patch-src_dynamic-preprocessors_Makefile_in --- patches/patch-src_dynamic-preprocessors_Makefile_in 12 Feb 2009 22:12:08 - 1.3 +++ patches/patch-src_dynamic-preprocessors_Makefile_in 22 May 2009 00:00:40 - @@ -1,7 +1,7 @@ $OpenBSD:
Re: UPDATE: net/snort
* Martin Ekendahl [2005-11-29]: > It should be also added that the community rules are replacing the > standard rules since it seems that some sort of membership is now As I said on this list already, the community rules distfile changes every other day without version bump. You cannot just add it do distinfo, the port would be permanently outdated. I think it's best to provide some mechanism for snort to only fetch the rules at run time. You can still delete the rules directory at deinstall. Nikolay
Re: UPDATE: net/snort
On Thu, Sep 21, 2006 at 12:19:15PM +0300, nikns wrote: > Index: snort/Makefile > === > RCS file: /cvs/ports/net/snort/Makefile,v > retrieving revision 1.47 > diff -u -r1.47 Makefile > --- snort/Makefile3 Aug 2006 23:15:58 - 1.47 > +++ snort/Makefile20 Sep 2006 13:18:07 - > @@ -2,22 +2,28 @@ > > COMMENT= "highly flexible sniffer/NIDS" > > -DISTNAME=snort-2.4.5 > -PKGNAME= ${DISTNAME}p0 > +DISTNAME=snort-2.6.0.2 Commited with a few changes, thanks.
[UPDATE] net/snort 2.8.0
Hello, here is an update to snort 2.8.0. Please test/comment/commit/... Based on changes for 2.7.0.1 by Jason Dixon. Some added patches fix bus errors on sparc64 noticed by [EMAIL PROTECTED] If noone other wants, I would take maintainership (not included in diff). Regards, Markus Index: Makefile === RCS file: /cvs/ports/net/snort/Makefile,v retrieving revision 1.51 diff -u -p -r1.51 Makefile --- Makefile15 Sep 2007 22:36:59 - 1.51 +++ Makefile21 Nov 2007 00:43:34 - @@ -2,14 +2,14 @@ COMMENT= highly flexible sniffer/NIDS -DISTNAME= snort-2.6.0.2 -PKGNAME= ${DISTNAME}p1 +DISTNAME= snort-2.8.0 +PKGNAME= ${DISTNAME} CATEGORIES=net security MASTER_SITES= ${HOMEPAGE}/dl/current/ HOMEPAGE= http://www.snort.org/ -# GPL +# GPLv2 PERMIT_PACKAGE_CDROM= Yes PERMIT_PACKAGE_FTP=Yes PERMIT_DISTFILES_CDROM= Yes @@ -17,9 +17,11 @@ PERMIT_DISTFILES_FTP=Yes WANTLIB= c m pcap SHARED_LIBS= sf_engine 0.0 \ + sf_dcerpc_preproc 0.0 \ sf_dns_preproc 0.0 \ sf_ftptelnet_preproc 0.0 \ - sf_smtp_preproc 0.0 + sf_smtp_preproc 0.0 \ + sf_ssh_preproc 0.0 USE_LIBTOOL= Yes @@ -62,10 +64,12 @@ CONFIGURE_ARGS+=--enable-prelude MESSAGE= ${PKGDIR}/MESSAGE-prelude .endif -CONFIGS= classification.config gen-msg.map generators reference.config \ - sid sid-msg.map snort.conf threshold.conf unicode.map +CONFIGS= classification.config gen-msg.map reference.config \ + sid-msg.map snort.conf threshold.conf unicode.map -DOCS= AUTHORS CREDITS README.* *.pdf +PREPROC= decoder.rules preprocessor.rules + +DOCS= AUTHORS CREDITS README README.* *.pdf TODO USAGE WISHLIST post-build: @perl -pi -e "s,%%SYSCONFDIR%%,${SYSCONFDIR}," \ @@ -77,6 +81,11 @@ post-install: ${INSTALL_DATA_DIR} ${PREFIX}/share/examples/snort .for i in ${CONFIGS} ${INSTALL_DATA} ${WRKSRC}/etc/${i} ${PREFIX}/share/examples/snort +.endfor + ${INSTALL_DATA} ${WRKSRC}/doc/generators ${PREFIX}/share/examples/snort + +.for i in ${PREPROC} + ${INSTALL_DATA} ${WRKSRC}/preproc_rules/${i} ${PREFIX}/share/examples/snort .endfor ${INSTALL_DATA_DIR} ${PREFIX}/share/doc/snort Index: distinfo === RCS file: /cvs/ports/net/snort/distinfo,v retrieving revision 1.15 diff -u -p -r1.15 distinfo --- distinfo5 Apr 2007 16:20:15 - 1.15 +++ distinfo21 Nov 2007 00:43:34 - @@ -1,5 +1,5 @@ -MD5 (snort-2.6.0.2.tar.gz) = XAlP9tgtuEWl8CPkpJIQPg== -RMD160 (snort-2.6.0.2.tar.gz) = cG1j24O30DesinHIEEMk2bdZTrU= -SHA1 (snort-2.6.0.2.tar.gz) = Gms/sZqC+Dvw/OWo226xJ3xyN5s= -SHA256 (snort-2.6.0.2.tar.gz) = B716x7ZF0TgKzmWzPAZO1Y2dwhvXNrH3a8V13CLhpeI= -SIZE (snort-2.6.0.2.tar.gz) = 3350277 +MD5 (snort-2.8.0.tar.gz) = z7qxwuOc27iRISxL8V6C8w== +RMD160 (snort-2.8.0.tar.gz) = 2sNqSh/aYLZszcXHdKthqqD2yKg= +SHA1 (snort-2.8.0.tar.gz) = 8HuEoIcthhAGtWqManmmAwjdaLQ= +SHA256 (snort-2.8.0.tar.gz) = uaBzfTL2nEvnSySDJLQBc2Z7W8e09Yru9PInGi6oQtE= +SIZE (snort-2.8.0.tar.gz) = 4278872 Index: patches/patch-etc_snort_conf === RCS file: /cvs/ports/net/snort/patches/patch-etc_snort_conf,v retrieving revision 1.1 diff -u -p -r1.1 patch-etc_snort_conf --- patches/patch-etc_snort_conf10 Oct 2006 13:33:17 - 1.1 +++ patches/patch-etc_snort_conf21 Nov 2007 00:43:34 - @@ -1,22 +1,26 @@ $OpenBSD: patch-etc_snort_conf,v 1.1 2006/10/10 13:33:17 aanriot Exp $ etc/snort.conf.origWed Sep 13 21:44:31 2006 -+++ etc/snort.conf Tue Oct 10 12:54:59 2006 -@@ -82,6 +82,9 @@ var SNMP_SERVERS $HOME_NET - # Port lists must either be continuous [eg 80:8080], or a single port [eg 80]. - # We will adding support for a real list of ports in the future. - +--- etc/snort.conf.origFri Sep 7 20:32:45 2007 etc/snort.conf Mon Nov 19 22:23:57 2007 +@@ -78,7 +78,10 @@ var SNMP_SERVERS $HOME_NET + # like this: + # + # portvar HTTP_PORTS 8081 +-# ++ +# Ports you run ssh servers on -+var SSH_PORTS 22 ++portvar SSH_PORTS 22 + # Ports you run web servers on - # - # Please note: [80,8080] does not work. -@@ -108,7 +111,7 @@ var AIM_SERVERS [64.12.24.0/23,64.12.28. + portvar HTTP_PORTS 80 + +@@ -107,8 +110,8 @@ var AIM_SERVERS [64.12.24.0/23,64.12.28.0/23,64.12.161 # Path to your rules files (this can be a relative path) # Note for Windows users: You are advised to make this an absolute path, # such as: c:\snort\rules -var RULE_PATH ../rules +-var PREPROC_RULE_PATH ../preproc_rules +var RULE_PATH %%SYSCONFDIR%%/snort/rules ++var PREPROC_RULE_PATH %%SYSCONFDIR%%/snort/preproc_rules # Configure the snort decoder # Index: patches/patch-s
Re: UPDATE: net/snort
Hello Jason, Thank you for updating the snort port. Is there any reason why these patches are not committed to the ports tree? Greetz, Bert
Re: UPDATE: net/snort
On Sep 29, 2007, at 7:53 PM, Bert Koelewijn wrote: Hello Jason, Thank you for updating the snort port. Is there any reason why these patches are not committed to the ports tree? Still working on sparc64 issues. I haven't been able to replicate crashes on my Blade 1000 that are happening on henning and rui's systems. --- Jason Dixon DixonGroup Consulting http://www.dixongroup.net
UPDATE: net/snort-2.8.5.1
Hello, here is an update to latest snort version 2.8.5.1. I enabled support for IPv6. Beside that I removed the example libraries. I think, one don't really need them. You now need to add the correct library version number to libsf_engine.so in the dynamicengine config line in your snort.conf. This applies only to those which use an older already adjusted snort.conf. The one in the diff below already has it. Should I add a MESSAGE file for this? Please test and report which flavor/arch/output_plugin you use/tested. Thanks. Regards, Markus ? .Makefile.swp Index: Makefile === RCS file: /cvs/ports/net/snort/Makefile,v retrieving revision 1.54 diff -u -p -r1.54 Makefile --- Makefile16 Aug 2009 13:31:27 - 1.54 +++ Makefile25 Oct 2009 16:27:18 - @@ -4,7 +4,7 @@ SHARED_ONLY = Yes COMMENT = highly flexible sniffer/NIDS -DISTNAME = snort-2.8.4.1 +DISTNAME = snort-2.8.5.1 CATEGORIES = net security MASTER_SITES = http://dl.snort.org/snort-current/ @@ -19,22 +19,23 @@ PERMIT_DISTFILES_CDROM = Yes PERMIT_DISTFILES_FTP = Yes WANTLIB = c m pcap -SHARED_LIBS = sf_engine 3.0 \ - sf_dce2_preproc 0.0 \ - sf_dcerpc_preproc 2.0 \ - sf_dns_preproc 3.0 \ - sf_ftptelnet_preproc 3.0 \ - sf_smtp_preproc 3.0 \ - sf_ssh_preproc 2.0 \ - sf_ssl_preproc 1.0 \ - _sfdynamic_example_rule 0.0 \ - _sfdynamic_preprocessor_example 0.0 +ENGINE_VER = 4.0 + +SHARED_LIBS = sf_engine ${ENGINE_VER} \ + sf_dce2_preproc 1.0 \ + sf_dcerpc_preproc 3.0 \ + sf_dns_preproc 4.0 \ + sf_ftptelnet_preproc 4.0 \ + sf_smtp_preproc 4.0 \ + sf_ssh_preproc 3.0 \ + sf_ssl_preproc 2.0 USE_LIBTOOL = Yes SEPARATE_BUILD = concurrent CONFIGURE_STYLE = simple CONFIGURE_ARGS += ${CONFIGURE_SHARED} \ + --enable-ipv6 \ --enable-dynamicplugin MAKE_FLAGS = mandir=${TRUEPREFIX}/man @@ -84,6 +85,8 @@ DOCS =AUTHORS CREDITS README README.* SCHEMAS = create_db2 create_mssql create_mysql \ create_oracle.sql create_postgresql + +SUBST_VARS += ENGINE_VER pre-configure: @${SUBST_CMD} ${WRKSRC}/etc/snort.conf Index: distinfo === RCS file: /cvs/ports/net/snort/distinfo,v retrieving revision 1.18 diff -u -p -r1.18 distinfo --- distinfo16 Aug 2009 13:31:27 - 1.18 +++ distinfo25 Oct 2009 16:27:18 - @@ -1,5 +1,5 @@ -MD5 (snort-2.8.4.1.tar.gz) = Y/TnaulqLRM/THt0G61UWA== -RMD160 (snort-2.8.4.1.tar.gz) = jzijfJ8Wm6uVKUbMq6JMktJnuIA= -SHA1 (snort-2.8.4.1.tar.gz) = P/q7U2bAiJUv76sZqNwZzoTWJkU= -SHA256 (snort-2.8.4.1.tar.gz) = 7n95DrPfTmFWp8hl8boihVOUyePBP9xX1gqGRyZ/wgk= -SIZE (snort-2.8.4.1.tar.gz) = 4567713 +MD5 (snort-2.8.5.1.tar.gz) = savzqfo0hnIMmite/5IEFw== +RMD160 (snort-2.8.5.1.tar.gz) = +/q0Xx19gVUWBDWS6rjPHMbsk9A= +SHA1 (snort-2.8.5.1.tar.gz) = uXEFLN1LNSegYDhUlTED/prYpFs= +SHA256 (snort-2.8.5.1.tar.gz) = reGw9K50/WI8Yz0otvFCkYd1GzWzaj+KDBl9IQS15a4= +SIZE (snort-2.8.5.1.tar.gz) = 4715078 Index: patches/patch-etc_snort_conf === RCS file: /cvs/ports/net/snort/patches/patch-etc_snort_conf,v retrieving revision 1.4 diff -u -p -r1.4 patch-etc_snort_conf --- patches/patch-etc_snort_conf16 Aug 2009 13:31:27 - 1.4 +++ patches/patch-etc_snort_conf25 Oct 2009 16:27:18 - @@ -1,19 +1,17 @@ $OpenBSD: patch-etc_snort_conf,v 1.4 2009/08/16 13:31:27 rui Exp $ etc/snort.conf.origWed Mar 11 14:22:03 2009 -+++ etc/snort.conf Wed Apr 8 12:47:17 2009 -@@ -78,7 +78,10 @@ var SNMP_SERVERS $HOME_NET - # like this: - # - # portvar HTTP_PORTS 8081 --# -+ +--- etc/snort.conf.origTue Jul 7 21:59:55 2009 etc/snort.conf Thu Aug 20 19:39:06 2009 +@@ -99,6 +99,9 @@ portvar HTTP_PORTS 80 + # including the rules file twice is obsolete. See README.variables for more + # details. + +# Ports you run ssh servers on +portvar SSH_PORTS 22 + - # Ports you run web servers on - portvar HTTP_PORTS 80 + # Ports you want to look for SHELLCODE on. + portvar SHELLCODE_PORTS !80 -@@ -107,8 +110,8 @@ var AIM_SERVERS [64.12.24.0/23,64.12.28.0/23,64.12.161 +@@ -117,8 +120,8 @@ var AIM_SERVERS [64.12.24.0/23,64.12.28.0/23,64.12.161 # Path to your rules files (this can be a relative path) # Note for Windows users: You are advised to make this an absolute path, # such as: c:\sn
UPDATE: net/snort-2.8.6
Hello, attached is an update to the recently released version 2.8.6 of snort. Finally I got rid of the version numbers for the shared libs. IPv6 is enabled. Builds of all flavors look good on i386 and sparc64. As I mainly use the unflavored version tests especially of the different flavors are very appreciated. Please test and report which flavor/arch you use/tested. Thanks. I didn't enabled --enable-inline yet, as there are still some problems. I'm still working on it. Regards, Markus Index: Makefile === RCS file: /cvs/ports/net/snort/Makefile,v retrieving revision 1.55 diff -u -p -r1.55 Makefile --- Makefile15 Apr 2010 14:58:24 - 1.55 +++ Makefile5 May 2010 23:32:05 - @@ -4,8 +4,7 @@ SHARED_ONLY = Yes COMMENT = highly flexible sniffer/NIDS -DISTNAME = snort-2.8.4.1 -PKGNAME = ${DISTNAME}p0 +DISTNAME = snort-2.8.6 CATEGORIES = net security MASTER_SITES = http://dl.snort.org/snort-current/ @@ -20,23 +19,13 @@ PERMIT_DISTFILES_CDROM = Yes PERMIT_DISTFILES_FTP = Yes WANTLIB = c m pcap -SHARED_LIBS = sf_engine 3.0 \ - sf_dce2_preproc 0.0 \ - sf_dcerpc_preproc 2.0 \ - sf_dns_preproc 3.0 \ - sf_ftptelnet_preproc 3.0 \ - sf_smtp_preproc 3.0 \ - sf_ssh_preproc 2.0 \ - sf_ssl_preproc 1.0 \ - _sfdynamic_example_rule 0.0 \ - _sfdynamic_preprocessor_example 0.0 - USE_LIBTOOL = Yes SEPARATE_BUILD = concurrent CONFIGURE_STYLE = simple CONFIGURE_ARGS += ${CONFIGURE_SHARED} \ - --enable-dynamicplugin + --enable-dynamicplugin \ + --enable-ipv6 MAKE_FLAGS = mandir=${TRUEPREFIX}/man Index: distinfo === RCS file: /cvs/ports/net/snort/distinfo,v retrieving revision 1.18 diff -u -p -r1.18 distinfo --- distinfo16 Aug 2009 13:31:27 - 1.18 +++ distinfo5 May 2010 23:32:05 - @@ -1,5 +1,5 @@ -MD5 (snort-2.8.4.1.tar.gz) = Y/TnaulqLRM/THt0G61UWA== -RMD160 (snort-2.8.4.1.tar.gz) = jzijfJ8Wm6uVKUbMq6JMktJnuIA= -SHA1 (snort-2.8.4.1.tar.gz) = P/q7U2bAiJUv76sZqNwZzoTWJkU= -SHA256 (snort-2.8.4.1.tar.gz) = 7n95DrPfTmFWp8hl8boihVOUyePBP9xX1gqGRyZ/wgk= -SIZE (snort-2.8.4.1.tar.gz) = 4567713 +MD5 (snort-2.8.6.tar.gz) = scLT3bHAqFmkfFox0Z5grQ== +RMD160 (snort-2.8.6.tar.gz) = W1Seqzmm4KDxgvbS7kb9YJlcgi4= +SHA1 (snort-2.8.6.tar.gz) = 5GPJmZTlIXFDliPhsFueG88BrI8= +SHA256 (snort-2.8.6.tar.gz) = YGTXu3jWQ4tFX/NJuT1S9A05d/H+yx15WMh4gbADA1g= +SIZE (snort-2.8.6.tar.gz) = 4960740 Index: patches/patch-etc_snort_conf === RCS file: /cvs/ports/net/snort/patches/patch-etc_snort_conf,v retrieving revision 1.4 diff -u -p -r1.4 patch-etc_snort_conf --- patches/patch-etc_snort_conf16 Aug 2009 13:31:27 - 1.4 +++ patches/patch-etc_snort_conf5 May 2010 23:32:05 - @@ -1,26 +1,26 @@ $OpenBSD: patch-etc_snort_conf,v 1.4 2009/08/16 13:31:27 rui Exp $ etc/snort.conf.origWed Mar 11 14:22:03 2009 -+++ etc/snort.conf Wed Apr 8 12:47:17 2009 -@@ -78,7 +78,10 @@ var SNMP_SERVERS $HOME_NET - # like this: - # - # portvar HTTP_PORTS 8081 --# -+ +--- etc/snort.conf.origFri Mar 19 20:41:00 2010 etc/snort.conf Mon Apr 26 20:16:23 2010 +@@ -42,6 +42,9 @@ var SQL_SERVERS $HOME_NET + # List of telnet servers on your network + var TELNET_SERVERS $HOME_NET + +# Ports you run ssh servers on +portvar SSH_PORTS 22 + - # Ports you run web servers on - portvar HTTP_PORTS 80 + # List of ports you run web servers on + portvar HTTP_PORTS [80,2301,3128,,7779,8000,8008,8028,8080,8180,,] -@@ -107,8 +110,8 @@ var AIM_SERVERS [64.12.24.0/23,64.12.28.0/23,64.12.161 +@@ -57,9 +60,9 @@ var AIM_SERVERS [64.12.24.0/23,64.12.28.0/23,64.12.161 # Path to your rules files (this can be a relative path) # Note for Windows users: You are advised to make this an absolute path, # such as: c:\snort\rules -var RULE_PATH ../rules +-var SO_RULE_PATH ../so_rules -var PREPROC_RULE_PATH ../preproc_rules +var RULE_PATH ${SYSCONFDIR}/snort/rules ++var SO_RULE_PATH ${SYSCONFDIR}/snort/so_rules +var PREPROC_RULE_PATH ${SYSCONFDIR}/snort/preproc_rules - # Configure the snort decoder - # + ### + # Step #2: Configure the decoder. For more information, see README.decode Index: patches/patch-src_dynamic-examples_dynamic-preprocessor_Makefile_in === RCS file: patches/patch-src_dynamic-examples_dynamic-preprocessor_Makefile_in d
[update] net/snort 2.9.20
Hello, attached is an update of snort to 2.9.20. Tested on amd64. Please test and commit. Regards, Markus Index: Makefile === RCS file: /cvs/ports/net/snort/Makefile,v retrieving revision 1.112 diff -u -p -u -p -r1.112 Makefile --- Makefile22 Feb 2022 23:14:30 - 1.112 +++ Makefile9 Aug 2022 11:46:27 - @@ -2,8 +2,8 @@ COMMENT = highly flexible sniffer/NIDS -DISTNAME = snort-2.9.19 -RULESV = 29190 +DISTNAME = snort-2.9.20 +RULESV = 29200 SUBST_VARS = RULESV APPID_COMMENT CATEGORIES = net security Index: distinfo === RCS file: /cvs/ports/net/snort/distinfo,v retrieving revision 1.48 diff -u -p -u -p -r1.48 distinfo --- distinfo22 Feb 2022 23:14:30 - 1.48 +++ distinfo9 Aug 2022 11:46:27 - @@ -1,2 +1,2 @@ -SHA256 (snort-2.9.19.tar.gz) = sS/G23KvtYmHor8ZVLj0W94CBHwjVRPHZjhXuVBjacc= -SIZE (snort-2.9.19.tar.gz) = 7005881 +SHA256 (snort-2.9.20.tar.gz) = KUAOE/U7GDHguLEOwSJKHLqm3BUzpTIqIN2Au4S0mBw= +SIZE (snort-2.9.20.tar.gz) = 7009894 Index: patches/patch-src_dynamic-preprocessors_Makefile_in === RCS file: /cvs/ports/net/snort/patches/patch-src_dynamic-preprocessors_Makefile_in,v retrieving revision 1.25 diff -u -p -u -p -r1.25 patch-src_dynamic-preprocessors_Makefile_in --- patches/patch-src_dynamic-preprocessors_Makefile_in 19 Sep 2021 10:18:25 - 1.25 +++ patches/patch-src_dynamic-preprocessors_Makefile_in 9 Aug 2022 11:46:27 - @@ -1,8 +1,7 @@ -$OpenBSD: patch-src_dynamic-preprocessors_Makefile_in,v 1.25 2021/09/19 10:18:25 sthen Exp $ Index: src/dynamic-preprocessors/Makefile.in --- src/dynamic-preprocessors/Makefile.in.orig +++ src/dynamic-preprocessors/Makefile.in -@@ -1655,19 +1655,8 @@ clean-local: +@@ -1658,19 +1658,8 @@ clean-local: rm -rf include build install-data-local: Index: patches/patch-src_preprocessors_Stream6_snort_stream_tcp_c === RCS file: /cvs/ports/net/snort/patches/patch-src_preprocessors_Stream6_snort_stream_tcp_c,v retrieving revision 1.14 diff -u -p -u -p -r1.14 patch-src_preprocessors_Stream6_snort_stream_tcp_c --- patches/patch-src_preprocessors_Stream6_snort_stream_tcp_c 22 Feb 2022 23:14:30 - 1.14 +++ patches/patch-src_preprocessors_Stream6_snort_stream_tcp_c 9 Aug 2022 11:46:27 - @@ -1,8 +1,7 @@ -$OpenBSD: patch-src_preprocessors_Stream6_snort_stream_tcp_c,v 1.14 2022/02/22 23:14:30 sthen Exp $ Index: src/preprocessors/Stream6/snort_stream_tcp.c --- src/preprocessors/Stream6/snort_stream_tcp.c.orig +++ src/preprocessors/Stream6/snort_stream_tcp.c -@@ -8939,7 +8939,7 @@ static int ProcessTcp(SessionControlBlock *scb, Packet +@@ -8953,7 +8953,7 @@ static int ProcessTcp(SessionControlBlock *scb, Packet char src_addr[17]; char dst_addr[17]; memset((char *)timestamp, 0, TIMEBUF_SIZE);
Re: UPDATE: net/snort 2.9.16
On 2020/05/18 23:52, Lawrence Teo wrote: > lib/pkgconfig/snort.pc > lib/snort_dynamicengine/ > -lib/snort_dynamicengine/libsf_engine.a > +@static-lib lib/snort_dynamicengine/libsf_engine.a > @comment lib/snort_dynamicengine/libsf_engine.la > -lib/snort_dynamicengine/libsf_engine.so > +@so lib/snort_dynamicengine/libsf_engine.so Just noticed this in the diff - are these static libraries doing anything useful? These look like they should just be dlopen() modules which could be dropped with LIBTOOL_FLAGS=--tag=disable-static.
Re: UPDATE: net/snort 2.9.16
On Thu, May 21, 2020 at 11:06:19AM +0100, Stuart Henderson wrote: > On 2020/05/18 23:52, Lawrence Teo wrote: > > lib/pkgconfig/snort.pc > > lib/snort_dynamicengine/ > > -lib/snort_dynamicengine/libsf_engine.a > > +@static-lib lib/snort_dynamicengine/libsf_engine.a > > @comment lib/snort_dynamicengine/libsf_engine.la > > -lib/snort_dynamicengine/libsf_engine.so > > +@so lib/snort_dynamicengine/libsf_engine.so > > Just noticed this in the diff - are these static libraries doing anything > useful? These look like they should just be dlopen() modules which could > be dropped with LIBTOOL_FLAGS=--tag=disable-static. Thank you for the note. Here's a new diff that drops those static libraries with the LIBTOOL_FLAGS you suggested. As far as I can tell from my tests, those static libraries are not needed. Index: Makefile === RCS file: /cvs/ports/net/snort/Makefile,v retrieving revision 1.106 diff -u -p -r1.106 Makefile --- Makefile1 Dec 2019 03:19:10 - 1.106 +++ Makefile21 May 2020 20:55:49 - @@ -2,8 +2,8 @@ COMMENT = highly flexible sniffer/NIDS -DISTNAME = snort-2.9.15 -RULESV = 29150 +DISTNAME = snort-2.9.16 +RULESV = 29160 SUBST_VARS = RULESV CATEGORIES = net security @@ -24,6 +24,8 @@ SEPARATE_BUILD = Yes CONFIGURE_STYLE = gnu CONFIGURE_ARGS += --disable-static-daq \ --enable-non-ether-decoders + +LIBTOOL_FLAGS =--tag=disable-static LIB_DEPENDS = archivers/xz \ devel/pcre \ Index: distinfo === RCS file: /cvs/ports/net/snort/distinfo,v retrieving revision 1.42 diff -u -p -r1.42 distinfo --- distinfo1 Dec 2019 03:19:10 - 1.42 +++ distinfo17 May 2020 01:14:58 - @@ -1,2 +1,2 @@ -SHA256 (snort-2.9.15.tar.gz) = v7Q3dGRG73KgPFAdsTzW2l7dK0H1XIDEN7ooi+bafbo= -SIZE (snort-2.9.15.tar.gz) = 6704763 +SHA256 (snort-2.9.16.tar.gz) = lojY7fHaCd7GV0AA+zwOYvmcVkKFh2FuF8YBA8C8utc= +SIZE (snort-2.9.16.tar.gz) = 6948498 Index: patches/patch-src_decode_h === RCS file: /cvs/ports/net/snort/patches/patch-src_decode_h,v retrieving revision 1.11 diff -u -p -r1.11 patch-src_decode_h --- patches/patch-src_decode_h 28 Jan 2018 03:09:12 - 1.11 +++ patches/patch-src_decode_h 17 May 2020 01:15:23 - @@ -2,7 +2,7 @@ $OpenBSD: patch-src_decode_h,v 1.11 2018 Index: src/decode.h --- src/decode.h.orig +++ src/decode.h -@@ -835,9 +835,9 @@ typedef struct _SLLHdr { +@@ -837,9 +837,9 @@ typedef struct _SLLHdr { * Pflog1_Hdr: CVS = 1.3, DLT_OLD_PFLOG = 17, Length = 28 * Pflog2_Hdr: CVS = 1.8, DLT_PFLOG = 117, Length = 48 * Pflog3_Hdr: CVS = 1.12, DLT_PFLOG = 117, Length = 64 Index: patches/patch-src_dynamic-preprocessors_Makefile_in === RCS file: /cvs/ports/net/snort/patches/patch-src_dynamic-preprocessors_Makefile_in,v retrieving revision 1.20 diff -u -p -r1.20 patch-src_dynamic-preprocessors_Makefile_in --- patches/patch-src_dynamic-preprocessors_Makefile_in 1 Dec 2019 03:19:10 - 1.20 +++ patches/patch-src_dynamic-preprocessors_Makefile_in 17 May 2020 01:15:25 - @@ -2,7 +2,7 @@ $OpenBSD: patch-src_dynamic-preprocessor Index: src/dynamic-preprocessors/Makefile.in --- src/dynamic-preprocessors/Makefile.in.orig +++ src/dynamic-preprocessors/Makefile.in -@@ -1647,19 +1647,8 @@ clean-local: +@@ -1649,19 +1649,8 @@ clean-local: rm -rf include build install-data-local: Index: patches/patch-src_dynamic-preprocessors_dcerpc2_Makefile_in === RCS file: /cvs/ports/net/snort/patches/patch-src_dynamic-preprocessors_dcerpc2_Makefile_in,v retrieving revision 1.17 diff -u -p -r1.17 patch-src_dynamic-preprocessors_dcerpc2_Makefile_in --- patches/patch-src_dynamic-preprocessors_dcerpc2_Makefile_in 1 Dec 2019 03:19:10 - 1.17 +++ patches/patch-src_dynamic-preprocessors_dcerpc2_Makefile_in 17 May 2020 01:15:27 - @@ -11,7 +11,7 @@ Index: src/dynamic-preprocessors/dcerpc2 @SO_WITH_STATIC_LIB_TRUE@libsf_dce2_preproc_la_LIBADD = \ @SO_WITH_STATIC_LIB_TRUE@ ../libsf_dynamic_preproc.la \ @SO_WITH_STATIC_LIB_TRUE@ $(am__append_1) -@@ -608,7 +608,7 @@ distdir-am: $(DISTFILES) +@@ -609,7 +609,7 @@ distdir-am: $(DISTFILES) done check-am: all-am check: check-am Index: patches/patch-src_dynamic-preprocessors_dnp3_Makefile_in === RCS file: /cvs/ports/net/snort/patches/patch-src_dynamic-preprocessors_dnp3_Makefile_in,v retrieving revision 1.15 diff -u -p -r1.15 patch-src_dynamic-preprocessors_dnp3_Makefile_in --- patches/patch-src_dynamic-preprocessors_dnp3_
Re: UPDATE: net/snort 2.9.14
On Fri, 19 Jul 2019 at 22:01:53 -0400, Lawrence Teo wrote: > This updates Snort to 2.9.14. > > https://blog.snort.org/2019/07/snort-29140-has-been-released.html > > ok? Builds and runs fine here! When I start it with "-d" I see: snort:/usr/local/lib/libluajit-5.1.so.1.0: undefined symbol '_Unwind_GetCFA' snort:/usr/local/lib/libluajit-5.1.so.1.0: undefined symbol '_Unwind_DeleteException' snort:/usr/local/lib/libluajit-5.1.so.1.0: undefined symbol '_Unwind_SetGR' snort:/usr/local/lib/libluajit-5.1.so.1.0: undefined symbol '_Unwind_SetIP' snort:/usr/local/lib/libluajit-5.1.so.1.0: undefined symbol '_Unwind_RaiseException' I think this might be a combo of the packages / snapshot I have. I will update and report back. If you aren't seeing the undefined symbols, OK abieber@ > Index: Makefile > === > RCS file: /cvs/ports/net/snort/Makefile,v > retrieving revision 1.103 > diff -u -p -r1.103 Makefile > --- Makefile 12 Jul 2019 20:48:49 - 1.103 > +++ Makefile 19 Jul 2019 20:17:17 - > @@ -2,8 +2,8 @@ > > COMMENT =highly flexible sniffer/NIDS > > -DISTNAME = snort-2.9.13 > -RULESV = 29130 > +DISTNAME = snort-2.9.14 > +RULESV = 29140 > SUBST_VARS = RULESV > > CATEGORIES = net security > Index: distinfo > === > RCS file: /cvs/ports/net/snort/distinfo,v > retrieving revision 1.39 > diff -u -p -r1.39 distinfo > --- distinfo 2 Jun 2019 02:07:44 - 1.39 > +++ distinfo 19 Jul 2019 20:17:52 - > @@ -1,2 +1,2 @@ > -SHA256 (snort-2.9.13.tar.gz) = MURzk9FShrhIgQ3XirLLOtIx/NHxZj+VlYdpDu6nVBM= > -SIZE (snort-2.9.13.tar.gz) = 6553425 > +SHA256 (snort-2.9.14.tar.gz) = wDBtuc5k9FzHxkya/HCr6WidqoYAIDRew7oJmSi3Rks= > +SIZE (snort-2.9.14.tar.gz) = 6688482 > Index: patches/patch-src_preprocessors_Stream6_snort_stream_tcp_c > === > RCS file: > /cvs/ports/net/snort/patches/patch-src_preprocessors_Stream6_snort_stream_tcp_c,v > retrieving revision 1.7 > diff -u -p -r1.7 patch-src_preprocessors_Stream6_snort_stream_tcp_c > --- patches/patch-src_preprocessors_Stream6_snort_stream_tcp_c2 Jun > 2019 02:07:44 - 1.7 > +++ patches/patch-src_preprocessors_Stream6_snort_stream_tcp_c19 Jul > 2019 20:18:18 - > @@ -2,7 +2,7 @@ $OpenBSD: patch-src_preprocessors_Stream > Index: src/preprocessors/Stream6/snort_stream_tcp.c > --- src/preprocessors/Stream6/snort_stream_tcp.c.orig > +++ src/preprocessors/Stream6/snort_stream_tcp.c > -@@ -8562,7 +8562,7 @@ static int ProcessTcp(SessionControlBlock *scb, Packet > +@@ -8575,7 +8575,7 @@ static int ProcessTcp(SessionControlBlock *scb, Packet > char src_addr[17]; > char dst_addr[17]; > memset((char *)timestamp, 0, TIMEBUF_SIZE); -- PGP: 0x1F81112D62A9ADCE / 3586 3350 BFEA C101 DB1A 4AF0 1F81 112D 62A9 ADCE
Re: UPDATE: net/snort 2.9.14
On Sun, Jul 21, 2019 at 11:38:06PM -0600, Aaron Bieber wrote: > On Fri, 19 Jul 2019 at 22:01:53 -0400, Lawrence Teo wrote: > > This updates Snort to 2.9.14. > > > > https://blog.snort.org/2019/07/snort-29140-has-been-released.html > > > > ok? > > Builds and runs fine here! When I start it with "-d" I see: > > snort:/usr/local/lib/libluajit-5.1.so.1.0: undefined symbol '_Unwind_GetCFA' > snort:/usr/local/lib/libluajit-5.1.so.1.0: undefined symbol > '_Unwind_DeleteException' > snort:/usr/local/lib/libluajit-5.1.so.1.0: undefined symbol '_Unwind_SetGR' > snort:/usr/local/lib/libluajit-5.1.so.1.0: undefined symbol '_Unwind_SetIP' > snort:/usr/local/lib/libluajit-5.1.so.1.0: undefined symbol > '_Unwind_RaiseException' > > I think this might be a combo of the packages / snapshot I have. I will update > and report back. > > If you aren't seeing the undefined symbols, OK abieber@ Thanks for testing! It looks like those Unwind errors are due to libsf_appid_preproc.so which links against luajit, which in turn needs access to libunwind symbols. I found another port games/tome4 that had the same issue. In that port the issue was resolved by linking against libc++abi (in games/tome4/patches/lld-linking). Here's an updated diff that does the same thing for libsf_appid_preproc.so. I made it link against libc++abi in src/dynamic-preprocessors/appid/Makefile.in. I'm not certain that that is the right place to fix it, but it does resolve those errors for me. Index: Makefile === RCS file: /cvs/ports/net/snort/Makefile,v retrieving revision 1.103 diff -u -p -r1.103 Makefile --- Makefile12 Jul 2019 20:48:49 - 1.103 +++ Makefile19 Jul 2019 20:17:17 - @@ -2,8 +2,8 @@ COMMENT = highly flexible sniffer/NIDS -DISTNAME = snort-2.9.13 -RULESV = 29130 +DISTNAME = snort-2.9.14 +RULESV = 29140 SUBST_VARS = RULESV CATEGORIES = net security Index: distinfo === RCS file: /cvs/ports/net/snort/distinfo,v retrieving revision 1.39 diff -u -p -r1.39 distinfo --- distinfo2 Jun 2019 02:07:44 - 1.39 +++ distinfo19 Jul 2019 20:17:52 - @@ -1,2 +1,2 @@ -SHA256 (snort-2.9.13.tar.gz) = MURzk9FShrhIgQ3XirLLOtIx/NHxZj+VlYdpDu6nVBM= -SIZE (snort-2.9.13.tar.gz) = 6553425 +SHA256 (snort-2.9.14.tar.gz) = wDBtuc5k9FzHxkya/HCr6WidqoYAIDRew7oJmSi3Rks= +SIZE (snort-2.9.14.tar.gz) = 6688482 Index: patches/patch-src_dynamic-preprocessors_appid_Makefile_in === RCS file: /cvs/ports/net/snort/patches/patch-src_dynamic-preprocessors_appid_Makefile_in,v retrieving revision 1.2 diff -u -p -r1.2 patch-src_dynamic-preprocessors_appid_Makefile_in --- patches/patch-src_dynamic-preprocessors_appid_Makefile_in 2 Jun 2019 02:07:44 - 1.2 +++ patches/patch-src_dynamic-preprocessors_appid_Makefile_in 23 Jul 2019 01:51:20 - @@ -1,14 +1,19 @@ $OpenBSD: patch-src_dynamic-preprocessors_appid_Makefile_in,v 1.2 2019/06/02 02:07:44 lteo Exp $ + +libsf_appid_preproc.so needs to link against libc++abi so that luajit can access +libunwind symbols. Index: src/dynamic-preprocessors/appid/Makefile.in --- src/dynamic-preprocessors/appid/Makefile.in.orig +++ src/dynamic-preprocessors/appid/Makefile.in -@@ -586,7 +586,7 @@ APPID_SOURCES = $(APPID_SRC_DIR)/commonAppMatcher.c \ +@@ -586,8 +586,8 @@ APPID_SOURCES = $(APPID_SRC_DIR)/commonAppMatcher.c \ $(APPID_SRC_DIR)/util/sfutil.c $(APPID_SRC_DIR)/util/sfutil.h dynamicpreprocessordir = ${libdir}/snort_dynamicpreprocessor dynamicpreprocessor_LTLIBRARIES = libsf_appid_preproc.la -libsf_appid_preproc_la_LDFLAGS = -export-dynamic -module @XCCFLAGS@ +-@SO_WITH_STATIC_LIB_FALSE@libsf_appid_preproc_la_LIBADD = $(LUA_LIBS) +libsf_appid_preproc_la_LDFLAGS = -export-dynamic -module -avoid-version @XCCFLAGS@ - @SO_WITH_STATIC_LIB_FALSE@libsf_appid_preproc_la_LIBADD = $(LUA_LIBS) ++@SO_WITH_STATIC_LIB_FALSE@libsf_appid_preproc_la_LIBADD = $(LUA_LIBS) -lc++abi @SO_WITH_STATIC_LIB_TRUE@libsf_appid_preproc_la_LIBADD = ../libsf_dynamic_preproc.la ../libsf_dynamic_utils.la $(LUA_LIBS) @SO_WITH_STATIC_LIB_FALSE@nodist_libsf_appid_preproc_la_SOURCES = \ + @SO_WITH_STATIC_LIB_FALSE@../include/sf_dynamic_preproc_lib.c \ Index: patches/patch-src_preprocessors_Stream6_snort_stream_tcp_c === RCS file: /cvs/ports/net/snort/patches/patch-src_preprocessors_Stream6_snort_stream_tcp_c,v retrieving revision 1.7 diff -u -p -r1.7 patch-src_preprocessors_Stream6_snort_stream_tcp_c --- patches/patch-src_preprocessors_Stream6_snort_stream_tcp_c 2 Jun 2019 02:07:44 - 1.7 +++ patches/patch-src_preprocessors_Stream6_snort_stream_tcp_c 19 Jul 2019 20:18:18 - @@ -2,7 +2,7 @@ $OpenBSD: patch-src_preprocessors_Stream
Re: UPDATE: net/snort 2.9.14
Fixes it for me! Need to also regen WANTLIB, then OK abiener@ PGP: 0x1F81112D62A9ADCE / 3586 3350 BFEA C101 DB1A 4AF0 1F81 112D 62A9 ADCE > On Jul 22, 2019, at 9:13 PM, Lawrence Teo wrote: > > On Sun, Jul 21, 2019 at 11:38:06PM -0600, Aaron Bieber wrote: >>> On Fri, 19 Jul 2019 at 22:01:53 -0400, Lawrence Teo wrote: >>> This updates Snort to 2.9.14. >>> >>> https://blog.snort.org/2019/07/snort-29140-has-been-released.html >>> >>> ok? >> >> Builds and runs fine here! When I start it with "-d" I see: >> >> snort:/usr/local/lib/libluajit-5.1.so.1.0: undefined symbol '_Unwind_GetCFA' >> snort:/usr/local/lib/libluajit-5.1.so.1.0: undefined symbol >> '_Unwind_DeleteException' >> snort:/usr/local/lib/libluajit-5.1.so.1.0: undefined symbol '_Unwind_SetGR' >> snort:/usr/local/lib/libluajit-5.1.so.1.0: undefined symbol '_Unwind_SetIP' >> snort:/usr/local/lib/libluajit-5.1.so.1.0: undefined symbol >> '_Unwind_RaiseException' >> >> I think this might be a combo of the packages / snapshot I have. I will >> update >> and report back. >> >> If you aren't seeing the undefined symbols, OK abieber@ > > Thanks for testing! > > It looks like those Unwind errors are due to libsf_appid_preproc.so > which links against luajit, which in turn needs access to libunwind > symbols. > > I found another port games/tome4 that had the same issue. In that port > the issue was resolved by linking against libc++abi (in > games/tome4/patches/lld-linking). > > Here's an updated diff that does the same thing for > libsf_appid_preproc.so. I made it link against libc++abi in > src/dynamic-preprocessors/appid/Makefile.in. I'm not certain that that > is the right place to fix it, but it does resolve those errors for me. >
Re: UPDATE: net/snort 2.9.14
On Mon, Jul 22, 2019 at 09:41:21PM -0600, Aaron Bieber wrote: > Fixes it for me! Need to also regen WANTLIB, then OK abiener@ Great, thanks! Here is the updated diff with the regenerated WANTLIB. Markus, is this ok with you too? > > On Jul 22, 2019, at 9:13 PM, Lawrence Teo wrote: > > > > ???On Sun, Jul 21, 2019 at 11:38:06PM -0600, Aaron Bieber wrote: > >>> On Fri, 19 Jul 2019 at 22:01:53 -0400, Lawrence Teo wrote: > >>> This updates Snort to 2.9.14. > >>> > >>> https://blog.snort.org/2019/07/snort-29140-has-been-released.html > >>> > >>> ok? > >> > >> Builds and runs fine here! When I start it with "-d" I see: > >> > >> snort:/usr/local/lib/libluajit-5.1.so.1.0: undefined symbol > >> '_Unwind_GetCFA' > >> snort:/usr/local/lib/libluajit-5.1.so.1.0: undefined symbol > >> '_Unwind_DeleteException' > >> snort:/usr/local/lib/libluajit-5.1.so.1.0: undefined symbol '_Unwind_SetGR' > >> snort:/usr/local/lib/libluajit-5.1.so.1.0: undefined symbol '_Unwind_SetIP' > >> snort:/usr/local/lib/libluajit-5.1.so.1.0: undefined symbol > >> '_Unwind_RaiseException' > >> > >> I think this might be a combo of the packages / snapshot I have. I will > >> update > >> and report back. > >> > >> If you aren't seeing the undefined symbols, OK abieber@ > > > > Thanks for testing! > > > > It looks like those Unwind errors are due to libsf_appid_preproc.so > > which links against luajit, which in turn needs access to libunwind > > symbols. > > > > I found another port games/tome4 that had the same issue. In that port > > the issue was resolved by linking against libc++abi (in > > games/tome4/patches/lld-linking). > > > > Here's an updated diff that does the same thing for > > libsf_appid_preproc.so. I made it link against libc++abi in > > src/dynamic-preprocessors/appid/Makefile.in. I'm not certain that that > > is the right place to fix it, but it does resolve those errors for me. > > Index: Makefile === RCS file: /cvs/ports/net/snort/Makefile,v retrieving revision 1.103 diff -u -p -r1.103 Makefile --- Makefile12 Jul 2019 20:48:49 - 1.103 +++ Makefile23 Jul 2019 13:50:47 - @@ -2,8 +2,8 @@ COMMENT = highly flexible sniffer/NIDS -DISTNAME = snort-2.9.13 -RULESV = 29130 +DISTNAME = snort-2.9.14 +RULESV = 29140 SUBST_VARS = RULESV CATEGORIES = net security @@ -15,7 +15,8 @@ MAINTAINER = Markus Lude https://www.snort.org/downloads/snort/ Index: distinfo === RCS file: /cvs/ports/net/snort/distinfo,v retrieving revision 1.39 diff -u -p -r1.39 distinfo --- distinfo2 Jun 2019 02:07:44 - 1.39 +++ distinfo19 Jul 2019 20:17:52 - @@ -1,2 +1,2 @@ -SHA256 (snort-2.9.13.tar.gz) = MURzk9FShrhIgQ3XirLLOtIx/NHxZj+VlYdpDu6nVBM= -SIZE (snort-2.9.13.tar.gz) = 6553425 +SHA256 (snort-2.9.14.tar.gz) = wDBtuc5k9FzHxkya/HCr6WidqoYAIDRew7oJmSi3Rks= +SIZE (snort-2.9.14.tar.gz) = 6688482 Index: patches/patch-src_dynamic-preprocessors_appid_Makefile_in === RCS file: /cvs/ports/net/snort/patches/patch-src_dynamic-preprocessors_appid_Makefile_in,v retrieving revision 1.2 diff -u -p -r1.2 patch-src_dynamic-preprocessors_appid_Makefile_in --- patches/patch-src_dynamic-preprocessors_appid_Makefile_in 2 Jun 2019 02:07:44 - 1.2 +++ patches/patch-src_dynamic-preprocessors_appid_Makefile_in 23 Jul 2019 01:51:20 - @@ -1,14 +1,19 @@ $OpenBSD: patch-src_dynamic-preprocessors_appid_Makefile_in,v 1.2 2019/06/02 02:07:44 lteo Exp $ + +libsf_appid_preproc.so needs to link against libc++abi so that luajit can access +libunwind symbols. Index: src/dynamic-preprocessors/appid/Makefile.in --- src/dynamic-preprocessors/appid/Makefile.in.orig +++ src/dynamic-preprocessors/appid/Makefile.in -@@ -586,7 +586,7 @@ APPID_SOURCES = $(APPID_SRC_DIR)/commonAppMatcher.c \ +@@ -586,8 +586,8 @@ APPID_SOURCES = $(APPID_SRC_DIR)/commonAppMatcher.c \ $(APPID_SRC_DIR)/util/sfutil.c $(APPID_SRC_DIR)/util/sfutil.h dynamicpreprocessordir = ${libdir}/snort_dynamicpreprocessor dynamicpreprocessor_LTLIBRARIES = libsf_appid_preproc.la -libsf_appid_preproc_la_LDFLAGS = -export-dynamic -module @XCCFLAGS@ +-@SO_WITH_STATIC_LIB_FALSE@libsf_appid_preproc_la_LIBADD = $(LUA_LIBS) +libsf_appid_preproc_la_LDFLAGS = -export-dynamic -module -avoid-version @XCCFLAGS@ - @SO_WITH_STATIC_LIB_FALSE@libsf_appid_preproc_la_LIBADD = $(LUA_LIBS) ++@SO_WITH_STATIC_LIB_FALSE@libsf_appid_preproc_la_LIBADD = $(LUA_LIBS) -lc++abi @SO_WITH_STATIC_LIB_TRUE@libsf_appid_preproc_la_LIBADD = ../libsf_dynamic_preproc.la ../libsf_dynamic_utils.la $(LUA_LIBS) @SO_WITH_STATIC_LIB_FALSE@nodist_libsf_appid_preproc_la_SOURCES = \ + @SO_WITH_STATIC_LIB_FALSE@../include/sf_dynamic_preproc_lib.c \ Index: patches/patch-src_preprocessors_St
Re: UPDATE: net/snort 2.9.14
On Tue, Jul 23, 2019 at 12:23:02PM -0400, Lawrence Teo wrote: > On Mon, Jul 22, 2019 at 09:41:21PM -0600, Aaron Bieber wrote: > > Fixes it for me! Need to also regen WANTLIB, then OK abiener@ > > Great, thanks! Here is the updated diff with the regenerated WANTLIB. > > Markus, is this ok with you too? Hi Lawrence, Hi Aaron, I haven't got those undefined symbol messages here so far. As the fix seems to fix those, I'm fine with it. Thank you! Regards Markus > > > On Jul 22, 2019, at 9:13 PM, Lawrence Teo wrote: > > > > > > ???On Sun, Jul 21, 2019 at 11:38:06PM -0600, Aaron Bieber wrote: > > >>> On Fri, 19 Jul 2019 at 22:01:53 -0400, Lawrence Teo wrote: > > >>> This updates Snort to 2.9.14. > > >>> > > >>> https://blog.snort.org/2019/07/snort-29140-has-been-released.html > > >>> > > >>> ok? > > >> > > >> Builds and runs fine here! When I start it with "-d" I see: > > >> > > >> snort:/usr/local/lib/libluajit-5.1.so.1.0: undefined symbol > > >> '_Unwind_GetCFA' > > >> snort:/usr/local/lib/libluajit-5.1.so.1.0: undefined symbol > > >> '_Unwind_DeleteException' > > >> snort:/usr/local/lib/libluajit-5.1.so.1.0: undefined symbol > > >> '_Unwind_SetGR' > > >> snort:/usr/local/lib/libluajit-5.1.so.1.0: undefined symbol > > >> '_Unwind_SetIP' > > >> snort:/usr/local/lib/libluajit-5.1.so.1.0: undefined symbol > > >> '_Unwind_RaiseException' > > >> > > >> I think this might be a combo of the packages / snapshot I have. I will > > >> update > > >> and report back. > > >> > > >> If you aren't seeing the undefined symbols, OK abieber@ > > > > > > Thanks for testing! > > > > > > It looks like those Unwind errors are due to libsf_appid_preproc.so > > > which links against luajit, which in turn needs access to libunwind > > > symbols. > > > > > > I found another port games/tome4 that had the same issue. In that port > > > the issue was resolved by linking against libc++abi (in > > > games/tome4/patches/lld-linking). > > > > > > Here's an updated diff that does the same thing for > > > libsf_appid_preproc.so. I made it link against libc++abi in > > > src/dynamic-preprocessors/appid/Makefile.in. I'm not certain that that > > > is the right place to fix it, but it does resolve those errors for me. > > > > Index: Makefile > === > RCS file: /cvs/ports/net/snort/Makefile,v > retrieving revision 1.103 > diff -u -p -r1.103 Makefile > --- Makefile 12 Jul 2019 20:48:49 - 1.103 > +++ Makefile 23 Jul 2019 13:50:47 - > @@ -2,8 +2,8 @@ > > COMMENT =highly flexible sniffer/NIDS > > -DISTNAME = snort-2.9.13 > -RULESV = 29130 > +DISTNAME = snort-2.9.14 > +RULESV = 29140 > SUBST_VARS = RULESV > > CATEGORIES = net security > @@ -15,7 +15,8 @@ MAINTAINER =Markus Lude # GPLv2 > PERMIT_PACKAGE = Yes > > -WANTLIB =c crypto daq dnet luajit-5.1 lzma m nghttp2 pcap pcre > pthread z > +WANTLIB += c c++abi crypto daq dnet luajit-5.1 lzma m nghttp2 > +WANTLIB += pcap pcre pthread z > > MASTER_SITES = https://www.snort.org/downloads/snort/ > > Index: distinfo > === > RCS file: /cvs/ports/net/snort/distinfo,v > retrieving revision 1.39 > diff -u -p -r1.39 distinfo > --- distinfo 2 Jun 2019 02:07:44 - 1.39 > +++ distinfo 19 Jul 2019 20:17:52 - > @@ -1,2 +1,2 @@ > -SHA256 (snort-2.9.13.tar.gz) = MURzk9FShrhIgQ3XirLLOtIx/NHxZj+VlYdpDu6nVBM= > -SIZE (snort-2.9.13.tar.gz) = 6553425 > +SHA256 (snort-2.9.14.tar.gz) = wDBtuc5k9FzHxkya/HCr6WidqoYAIDRew7oJmSi3Rks= > +SIZE (snort-2.9.14.tar.gz) = 6688482 > Index: patches/patch-src_dynamic-preprocessors_appid_Makefile_in > === > RCS file: > /cvs/ports/net/snort/patches/patch-src_dynamic-preprocessors_appid_Makefile_in,v > retrieving revision 1.2 > diff -u -p -r1.2 patch-src_dynamic-preprocessors_appid_Makefile_in > --- patches/patch-src_dynamic-preprocessors_appid_Makefile_in 2 Jun 2019 > 02:07:44 - 1.2 > +++ patches/patch-src_dynamic-preprocessors_appid_Makefile_in 23 Jul 2019 > 01:51:20 - > @@ -1,14 +1,19 @@ > $OpenBSD: patch-src_dynamic-preprocessors_appid_Makefile_in,v 1.2 2019/06/02 > 02:07:44 lteo Exp $ > + > +libsf_appid_preproc.so needs to link against libc++abi so that luajit can > access > +libunwind symbols. > > Index: src/dynamic-preprocessors/appid/Makefile.in > --- src/dynamic-preprocessors/appid/Makefile.in.orig > +++ src/dynamic-preprocessors/appid/Makefile.in > -@@ -586,7 +586,7 @@ APPID_SOURCES = $(APPID_SRC_DIR)/commonAppMatcher.c \ > +@@ -586,8 +586,8 @@ APPID_SOURCES = $(APPID_SRC_DIR)/commonAppMatcher.c \ > $(APPID_SRC_DIR)/util/sfutil.c $(APPID_SRC_DIR)/util/sfutil.h > dynamicpreprocessordir = ${libdir}/snort_dynamicpreprocessor > dynamicpreprocessor_LTLIBRARIES = libsf_appid_preproc.la > -libsf_appid
Re: UPDATE: net/snort 2.9.14.1
ping On Sun, Aug 18, 2019 at 12:46:31PM +0200, Markus Lude wrote: > Hello, > > attached is an update to snort 2.9.14.1. > > Tested on amd64. > > Please test, comment and eventually commit. > > Regards > Markus > > Index: Makefile > === > RCS file: /cvs/ports/net/snort/Makefile,v > retrieving revision 1.104 > diff -u -p -u -p -r1.104 Makefile > --- Makefile 24 Jul 2019 02:15:57 - 1.104 > +++ Makefile 18 Aug 2019 10:41:39 - > @@ -2,8 +2,8 @@ > > COMMENT =highly flexible sniffer/NIDS > > -DISTNAME = snort-2.9.14 > -RULESV = 29140 > +DISTNAME = snort-2.9.14.1 > +RULESV = 29141 > SUBST_VARS = RULESV > > CATEGORIES = net security > Index: distinfo > === > RCS file: /cvs/ports/net/snort/distinfo,v > retrieving revision 1.40 > diff -u -p -u -p -r1.40 distinfo > --- distinfo 24 Jul 2019 02:15:57 - 1.40 > +++ distinfo 18 Aug 2019 10:41:39 - > @@ -1,2 +1,2 @@ > -SHA256 (snort-2.9.14.tar.gz) = wDBtuc5k9FzHxkya/HCr6WidqoYAIDRew7oJmSi3Rks= > -SIZE (snort-2.9.14.tar.gz) = 6688482 > +SHA256 (snort-2.9.14.1.tar.gz) = JHKYnaOqzgANHqWTHs5o+OXMDFEeJy1lGCETokgegi0= > +SIZE (snort-2.9.14.1.tar.gz) = 6531749 > Index: patches/patch-src_dynamic-plugins_sf_engine_Makefile_in > === > RCS file: > /cvs/ports/net/snort/patches/patch-src_dynamic-plugins_sf_engine_Makefile_in,v > retrieving revision 1.12 > diff -u -p -u -p -r1.12 patch-src_dynamic-plugins_sf_engine_Makefile_in > --- patches/patch-src_dynamic-plugins_sf_engine_Makefile_in 2 Jun 2019 > 02:07:44 - 1.12 > +++ patches/patch-src_dynamic-plugins_sf_engine_Makefile_in 18 Aug 2019 > 10:41:39 - > @@ -5,7 +5,7 @@ Disable libsf_sorules in the examples di > Index: src/dynamic-plugins/sf_engine/Makefile.in > --- src/dynamic-plugins/sf_engine/Makefile.in.orig > +++ src/dynamic-plugins/sf_engine/Makefile.in > -@@ -388,7 +388,7 @@ top_srcdir = @top_srcdir@ > +@@ -376,7 +376,7 @@ top_srcdir = @top_srcdir@ > AUTOMAKE_OPTIONS = foreign no-dependencies > dynamicengine_LTLIBRARIES = libsf_engine.la > dynamicenginedir = $(libdir)/snort_dynamicengine > @@ -14,7 +14,7 @@ Index: src/dynamic-plugins/sf_engine/Mak > @BUILD_OPENSSL_MD5_TRUE@OPENSSL_MD5 = \ > @BUILD_OPENSSL_MD5_TRUE@md5.c md5.h > > -@@ -529,7 +529,7 @@ massage_ipv6_headers = \ > +@@ -517,7 +517,7 @@ massage_ipv6_headers = \ > $(sed_ipv6_headers); \ > fi > > Index: patches/patch-src_dynamic-preprocessors_Makefile_in > === > RCS file: > /cvs/ports/net/snort/patches/patch-src_dynamic-preprocessors_Makefile_in,v > retrieving revision 1.18 > diff -u -p -u -p -r1.18 patch-src_dynamic-preprocessors_Makefile_in > --- patches/patch-src_dynamic-preprocessors_Makefile_in 2 Jun 2019 > 02:07:44 - 1.18 > +++ patches/patch-src_dynamic-preprocessors_Makefile_in 18 Aug 2019 > 10:41:39 - > @@ -2,7 +2,7 @@ $OpenBSD: patch-src_dynamic-preprocessor > Index: src/dynamic-preprocessors/Makefile.in > --- src/dynamic-preprocessors/Makefile.in.orig > +++ src/dynamic-preprocessors/Makefile.in > -@@ -1647,19 +1647,8 @@ clean-local: > +@@ -1631,19 +1631,8 @@ clean-local: > rm -rf include build > > install-data-local: > Index: patches/patch-src_dynamic-preprocessors_appid_Makefile_in > === > RCS file: > /cvs/ports/net/snort/patches/patch-src_dynamic-preprocessors_appid_Makefile_in,v > retrieving revision 1.3 > diff -u -p -u -p -r1.3 patch-src_dynamic-preprocessors_appid_Makefile_in > --- patches/patch-src_dynamic-preprocessors_appid_Makefile_in 24 Jul 2019 > 02:15:57 - 1.3 > +++ patches/patch-src_dynamic-preprocessors_appid_Makefile_in 18 Aug 2019 > 10:41:39 - > @@ -6,7 +6,7 @@ libunwind symbols. > Index: src/dynamic-preprocessors/appid/Makefile.in > --- src/dynamic-preprocessors/appid/Makefile.in.orig > +++ src/dynamic-preprocessors/appid/Makefile.in > -@@ -586,8 +586,8 @@ APPID_SOURCES = $(APPID_SRC_DIR)/commonAppMatcher.c \ > +@@ -575,8 +575,8 @@ APPID_SOURCES = $(APPID_SRC_DIR)/commonAppMatcher.c \ > $(APPID_SRC_DIR)/util/sfutil.c $(APPID_SRC_DIR)/util/sfutil.h > dynamicpreprocessordir = ${libdir}/snort_dynamicpreprocessor > dynamicpreprocessor_LTLIBRARIES = libsf_appid_preproc.la > Index: patches/patch-src_dynamic-preprocessors_dcerpc2_Makefile_in > === > RCS file: > /cvs/ports/net/snort/patches/patch-src_dynamic-preprocessors_dcerpc2_Makefile_in,v > retrieving revision 1.15 > diff -u -p -u -p -r1.15 patch-src_dynamic-preprocessors_dcerpc2_Makefile_in > --- patches/patch-src_dynamic-preprocessors_dcerpc2_Makefile_in 2 Jun > 2019 02:07:44 -
Re: UPDATE: net/snort 2.9.14.1
Thanks for the ping! I have tested and committed your diff. On Wed, Aug 28, 2019 at 10:40:31PM +0200, Markus Lude wrote: > ping > > On Sun, Aug 18, 2019 at 12:46:31PM +0200, Markus Lude wrote: > > Hello, > > > > attached is an update to snort 2.9.14.1. > > > > Tested on amd64. > > > > Please test, comment and eventually commit. > > > > Regards > > Markus > > > > > Index: Makefile > > === > > RCS file: /cvs/ports/net/snort/Makefile,v > > retrieving revision 1.104 > > diff -u -p -u -p -r1.104 Makefile > > --- Makefile24 Jul 2019 02:15:57 - 1.104 > > +++ Makefile18 Aug 2019 10:41:39 - > > @@ -2,8 +2,8 @@ > > > > COMMENT = highly flexible sniffer/NIDS > > > > -DISTNAME = snort-2.9.14 > > -RULESV = 29140 > > +DISTNAME = snort-2.9.14.1 > > +RULESV = 29141 > > SUBST_VARS = RULESV > > > > CATEGORIES = net security > > Index: distinfo > > === > > RCS file: /cvs/ports/net/snort/distinfo,v > > retrieving revision 1.40 > > diff -u -p -u -p -r1.40 distinfo > > --- distinfo24 Jul 2019 02:15:57 - 1.40 > > +++ distinfo18 Aug 2019 10:41:39 - > > @@ -1,2 +1,2 @@ > > -SHA256 (snort-2.9.14.tar.gz) = wDBtuc5k9FzHxkya/HCr6WidqoYAIDRew7oJmSi3Rks= > > -SIZE (snort-2.9.14.tar.gz) = 6688482 > > +SHA256 (snort-2.9.14.1.tar.gz) = > > JHKYnaOqzgANHqWTHs5o+OXMDFEeJy1lGCETokgegi0= > > +SIZE (snort-2.9.14.1.tar.gz) = 6531749 > > Index: patches/patch-src_dynamic-plugins_sf_engine_Makefile_in > > === > > RCS file: > > /cvs/ports/net/snort/patches/patch-src_dynamic-plugins_sf_engine_Makefile_in,v > > retrieving revision 1.12 > > diff -u -p -u -p -r1.12 patch-src_dynamic-plugins_sf_engine_Makefile_in > > --- patches/patch-src_dynamic-plugins_sf_engine_Makefile_in 2 Jun 2019 > > 02:07:44 - 1.12 > > +++ patches/patch-src_dynamic-plugins_sf_engine_Makefile_in 18 Aug 2019 > > 10:41:39 - > > @@ -5,7 +5,7 @@ Disable libsf_sorules in the examples di > > Index: src/dynamic-plugins/sf_engine/Makefile.in > > --- src/dynamic-plugins/sf_engine/Makefile.in.orig > > +++ src/dynamic-plugins/sf_engine/Makefile.in > > -@@ -388,7 +388,7 @@ top_srcdir = @top_srcdir@ > > +@@ -376,7 +376,7 @@ top_srcdir = @top_srcdir@ > > AUTOMAKE_OPTIONS = foreign no-dependencies > > dynamicengine_LTLIBRARIES = libsf_engine.la > > dynamicenginedir = $(libdir)/snort_dynamicengine > > @@ -14,7 +14,7 @@ Index: src/dynamic-plugins/sf_engine/Mak > > @BUILD_OPENSSL_MD5_TRUE@OPENSSL_MD5 = \ > > @BUILD_OPENSSL_MD5_TRUE@md5.c md5.h > > > > -@@ -529,7 +529,7 @@ massage_ipv6_headers = \ > > +@@ -517,7 +517,7 @@ massage_ipv6_headers = \ > > $(sed_ipv6_headers); \ > > fi > > > > Index: patches/patch-src_dynamic-preprocessors_Makefile_in > > === > > RCS file: > > /cvs/ports/net/snort/patches/patch-src_dynamic-preprocessors_Makefile_in,v > > retrieving revision 1.18 > > diff -u -p -u -p -r1.18 patch-src_dynamic-preprocessors_Makefile_in > > --- patches/patch-src_dynamic-preprocessors_Makefile_in 2 Jun 2019 > > 02:07:44 - 1.18 > > +++ patches/patch-src_dynamic-preprocessors_Makefile_in 18 Aug 2019 > > 10:41:39 - > > @@ -2,7 +2,7 @@ $OpenBSD: patch-src_dynamic-preprocessor > > Index: src/dynamic-preprocessors/Makefile.in > > --- src/dynamic-preprocessors/Makefile.in.orig > > +++ src/dynamic-preprocessors/Makefile.in > > -@@ -1647,19 +1647,8 @@ clean-local: > > +@@ -1631,19 +1631,8 @@ clean-local: > > rm -rf include build > > > > install-data-local: > > Index: patches/patch-src_dynamic-preprocessors_appid_Makefile_in > > === > > RCS file: > > /cvs/ports/net/snort/patches/patch-src_dynamic-preprocessors_appid_Makefile_in,v > > retrieving revision 1.3 > > diff -u -p -u -p -r1.3 patch-src_dynamic-preprocessors_appid_Makefile_in > > --- patches/patch-src_dynamic-preprocessors_appid_Makefile_in 24 Jul > > 2019 02:15:57 - 1.3 > > +++ patches/patch-src_dynamic-preprocessors_appid_Makefile_in 18 Aug > > 2019 10:41:39 - > > @@ -6,7 +6,7 @@ libunwind symbols. > > Index: src/dynamic-preprocessors/appid/Makefile.in > > --- src/dynamic-preprocessors/appid/Makefile.in.orig > > +++ src/dynamic-preprocessors/appid/Makefile.in > > -@@ -586,8 +586,8 @@ APPID_SOURCES = $(APPID_SRC_DIR)/commonAppMatcher.c \ > > +@@ -575,8 +575,8 @@ APPID_SOURCES = $(APPID_SRC_DIR)/commonAppMatcher.c \ > > $(APPID_SRC_DIR)/util/sfutil.c $(APPID_SRC_DIR)/util/sfutil.h > > dynamicpreprocessordir = ${libdir}/snort_dynamicpreprocessor > > dynamicpreprocessor_LTLIBRARIES = libsf_appid_preproc.la > > Index: patches/patch-src_dynamic-preprocessors_dcerpc2_Makefile_in >
Re: UPDATE: net/snort 2.9.12
On 2019/02/10 20:29, Markus Lude wrote: > Hello, > > attached is an update to snort-2.9.12. > > Tested on amd64. > > Please test, comment and eventually commit. > > Regards > Markus > > Index: Makefile > === > RCS file: /cvs/ports/net/snort/Makefile,v > retrieving revision 1.100 > diff -u -p -u -p -r1.100 Makefile > --- Makefile 4 Sep 2018 12:46:18 - 1.100 > +++ Makefile 10 Feb 2019 19:24:33 - > @@ -2,8 +2,8 @@ > > COMMENT =highly flexible sniffer/NIDS > > -VERSION =2.9.11.1 > -DISTNAME = snort-${VERSION} > +VERSION =2.9.12.0 > +DISTNAME = snort-${VERSION:S/.0$//g} that seems a bit of a fiddly way to deal with this - how about this to make it cleaner and a bit more self-documenting? DISTNAME = snort-2.9.12 RULESV =29120 SUBST_VARS =RULESV (and change README to match, and remove the V lower down which is also confusing portbump - hence REVISION being in the wrong place :-) > > CATEGORIES = net security > > @@ -25,6 +25,7 @@ CONFIGURE_ARGS += --disable-static-daq \ > > LIB_DEPENDS =archivers/xz \ > devel/pcre \ > + lang/luajit \ Note this: $ make package ===> Building package for snort-2.9.12 Create /usr/ports/packages/amd64/all/snort-2.9.12.tgz LIB_DEPENDS lang/luajit not needed for net/snort ? Creating package snort-2.9.12 Link to /usr/ports/packages/amd64/ftp/snort-2.9.12.tgz Link to /usr/ports/packages/amd64/cdrom/snort-2.9.12.tgz see "man bsd.port.mk | less +/not.needed.for" and port-lib-depends-check (in this case it's a missing addition to WANTLIB).
Re: UPDATE: net/snort 2.9.12
Hello, thanks Stuart for your suggestions. Updated diff attached. - straight DISTNAME - use RULESV instead of V - fix WANTLIB Regards Markus Index: Makefile === RCS file: /cvs/ports/net/snort/Makefile,v retrieving revision 1.100 diff -u -p -u -p -r1.100 Makefile --- Makefile4 Sep 2018 12:46:18 - 1.100 +++ Makefile12 Feb 2019 18:57:21 - @@ -2,8 +2,9 @@ COMMENT = highly flexible sniffer/NIDS -VERSION = 2.9.11.1 -DISTNAME = snort-${VERSION} +DISTNAME = snort-2.9.12 +RULESV = 29120 +SUBST_VARS = RULESV CATEGORIES = net security @@ -14,7 +15,7 @@ MAINTAINER = Markus Lude https://www.snort.org/downloads/snort/ @@ -25,6 +26,7 @@ CONFIGURE_ARGS += --disable-static-daq \ LIB_DEPENDS = archivers/xz \ devel/pcre \ + lang/luajit \ net/daq \ net/libdnet \ www/nghttp2 @@ -36,10 +38,6 @@ PREPROC =decoder.rules preprocessor.ru DOCS = AUTHORS CREDITS README README.* *.pdf TODO USAGE \ WISHLIST - -V =${VERSION:S/.//g} -SUBST_VARS += V -REVISION = 0 pre-configure: @${SUBST_CMD} ${WRKSRC}/etc/snort.conf Index: distinfo === RCS file: /cvs/ports/net/snort/distinfo,v retrieving revision 1.37 diff -u -p -u -p -r1.37 distinfo --- distinfo28 Jan 2018 03:09:12 - 1.37 +++ distinfo12 Feb 2019 18:57:21 - @@ -1,2 +1,2 @@ -SHA256 (snort-2.9.11.1.tar.gz) = n2s66sWhCfVVBL03BWSsQxyxdzUHkp3EYWJomPM/Rs0= -SIZE (snort-2.9.11.1.tar.gz) = 6442755 +SHA256 (snort-2.9.12.tar.gz) = ewLhGYfGy09tedcnmcqa0rS9Wcwdlrt9bJFUn5kNmdA= +SIZE (snort-2.9.12.tar.gz) = 6456877 Index: patches/patch-src_dynamic-preprocessors_appid_Makefile_in === RCS file: patches/patch-src_dynamic-preprocessors_appid_Makefile_in diff -N patches/patch-src_dynamic-preprocessors_appid_Makefile_in --- /dev/null 1 Jan 1970 00:00:00 - +++ patches/patch-src_dynamic-preprocessors_appid_Makefile_in 12 Feb 2019 18:57:21 - @@ -0,0 +1,14 @@ +$OpenBSD$ + +Index: src/dynamic-preprocessors/appid/Makefile.in +--- src/dynamic-preprocessors/appid/Makefile.in.orig src/dynamic-preprocessors/appid/Makefile.in +@@ -583,7 +583,7 @@ APPID_SOURCES = $(APPID_SRC_DIR)/commonAppMatcher.c \ + $(APPID_SRC_DIR)/util/sfutil.c $(APPID_SRC_DIR)/util/sfutil.h + dynamicpreprocessordir = ${libdir}/snort_dynamicpreprocessor + dynamicpreprocessor_LTLIBRARIES = libsf_appid_preproc.la +-libsf_appid_preproc_la_LDFLAGS = -export-dynamic -module @XCCFLAGS@ ++libsf_appid_preproc_la_LDFLAGS = -export-dynamic -module -avoid-version @XCCFLAGS@ + @SO_WITH_STATIC_LIB_FALSE@libsf_appid_preproc_la_LIBADD = $(LUA_LIBS) + @SO_WITH_STATIC_LIB_TRUE@libsf_appid_preproc_la_LIBADD = ../libsf_dynamic_preproc.la ../libsf_dynamic_utils.la $(LUA_LIBS) + @SO_WITH_STATIC_LIB_FALSE@nodist_libsf_appid_preproc_la_SOURCES = \ Index: patches/patch-src_preprocessors_Stream6_snort_stream_tcp_c === RCS file: /cvs/ports/net/snort/patches/patch-src_preprocessors_Stream6_snort_stream_tcp_c,v retrieving revision 1.5 diff -u -p -u -p -r1.5 patch-src_preprocessors_Stream6_snort_stream_tcp_c --- patches/patch-src_preprocessors_Stream6_snort_stream_tcp_c 28 Jan 2018 03:09:12 - 1.5 +++ patches/patch-src_preprocessors_Stream6_snort_stream_tcp_c 12 Feb 2019 18:57:21 - @@ -2,7 +2,7 @@ $OpenBSD: patch-src_preprocessors_Stream Index: src/preprocessors/Stream6/snort_stream_tcp.c --- src/preprocessors/Stream6/snort_stream_tcp.c.orig +++ src/preprocessors/Stream6/snort_stream_tcp.c -@@ -8504,7 +8504,7 @@ static int ProcessTcp(SessionControlBlock *scb, Packet +@@ -8530,7 +8530,7 @@ static int ProcessTcp(SessionControlBlock *scb, Packet char src_addr[17]; char dst_addr[17]; memset((char *)timestamp, 0, TIMEBUF_SIZE); Index: pkg/PLIST === RCS file: /cvs/ports/net/snort/pkg/PLIST,v retrieving revision 1.31 diff -u -p -u -p -r1.31 PLIST --- pkg/PLIST 4 Sep 2018 12:46:18 - 1.31 +++ pkg/PLIST 12 Feb 2019 18:57:21 - @@ -2,15 +2,21 @@ @pkgpath net/snort[,flexresp][,mysql][,prelude][,postgresql] @newgroup _snort:557 @newuser _snort:557:_snort:daemon:Snort Account:/nonexistent:/sbin/nologin +bin/appid_detector_builder.sh @bin bin/snort @bin bin/u2boat +@bin bin/u2openappid @bin bin/u2spewfoo +@bin bin/u2streamer lib/pkgconfig/snort.pc lib/snort_dynamicengine/ lib/snort_dynamicengine/libsf_engine.a @comment lib/snort_dynamicengine/
Re: [update] net/snort 2.9.4.6
On Sat, May 18, 2013 at 03:07:10PM -0400, Lawrence Teo wrote: > This diff updates Snort to 2.9.4.6. Maintainer Markus Lude came up with > the same diff. > > Markus has tested this on sparc64 for a week with low traffic. I have > tested this on i386 on a public-facing webserver for more than three > weeks, and also tested it on amd64 and macppc. > > OK? Ping. Index: Makefile === RCS file: /cvs/ports/net/snort/Makefile,v retrieving revision 1.78 diff -u -p -r1.78 Makefile --- Makefile23 Apr 2013 02:04:13 - 1.78 +++ Makefile24 Apr 2013 21:39:23 - @@ -4,7 +4,7 @@ SHARED_ONLY = Yes COMMENT = highly flexible sniffer/NIDS -VERSION = 2.9.4.5 +VERSION = 2.9.4.6 DISTNAME = snort-${VERSION} CATEGORIES = net security Index: distinfo === RCS file: /cvs/ports/net/snort/distinfo,v retrieving revision 1.23 diff -u -p -r1.23 distinfo --- distinfo23 Apr 2013 02:04:13 - 1.23 +++ distinfo24 Apr 2013 21:39:23 - @@ -1,2 +1,2 @@ -SHA256 (snort-2.9.4.5.tar.gz) = TwWSQfgLFAGYgCvxbYa4gSzhXw3T8JujXySFz4suygs= -SIZE (snort-2.9.4.5.tar.gz) = 5255794 +SHA256 (snort-2.9.4.6.tar.gz) = z6pTkLGECqqmimwFpwd92Sy5FuYYagFLqkUdQ82ws7w= +SIZE (snort-2.9.4.6.tar.gz) = 5338762 Index: patches/patch-src_dynamic-plugins_sf_engine_Makefile_in === RCS file: /cvs/ports/net/snort/patches/patch-src_dynamic-plugins_sf_engine_Makefile_in,v retrieving revision 1.5 diff -u -p -r1.5 patch-src_dynamic-plugins_sf_engine_Makefile_in --- patches/patch-src_dynamic-plugins_sf_engine_Makefile_in 23 Apr 2013 02:04:13 - 1.5 +++ patches/patch-src_dynamic-plugins_sf_engine_Makefile_in 24 Apr 2013 21:39:23 - @@ -1,7 +1,7 @@ $OpenBSD: patch-src_dynamic-plugins_sf_engine_Makefile_in,v 1.5 2013/04/23 02:04:13 lteo Exp $ src/dynamic-plugins/sf_engine/Makefile.in.orig Thu Mar 21 14:07:26 2013 -+++ src/dynamic-plugins/sf_engine/Makefile.in Thu Apr 4 22:28:12 2013 -@@ -263,7 +263,7 @@ top_builddir = @top_builddir@ +--- src/dynamic-plugins/sf_engine/Makefile.in.orig Mon Apr 15 15:57:46 2013 src/dynamic-plugins/sf_engine/Makefile.in Wed Apr 24 14:51:57 2013 +@@ -296,7 +296,7 @@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ AUTOMAKE_OPTIONS = foreign no-dependencies lib_LTLIBRARIES = libsf_engine.la Index: patches/patch-src_dynamic-preprocessors_Makefile_in === RCS file: /cvs/ports/net/snort/patches/patch-src_dynamic-preprocessors_Makefile_in,v retrieving revision 1.9 diff -u -p -r1.9 patch-src_dynamic-preprocessors_Makefile_in --- patches/patch-src_dynamic-preprocessors_Makefile_in 23 Apr 2013 02:04:13 - 1.9 +++ patches/patch-src_dynamic-preprocessors_Makefile_in 24 Apr 2013 21:39:23 - @@ -1,7 +1,7 @@ $OpenBSD: patch-src_dynamic-preprocessors_Makefile_in,v 1.9 2013/04/23 02:04:13 lteo Exp $ src/dynamic-preprocessors/Makefile.in.orig Thu Mar 21 14:07:26 2013 -+++ src/dynamic-preprocessors/Makefile.in Thu Apr 4 22:28:12 2013 -@@ -987,8 +987,8 @@ maintainer-clean-generic: +--- src/dynamic-preprocessors/Makefile.in.orig Mon Apr 15 15:57:47 2013 src/dynamic-preprocessors/Makefile.in Wed Apr 24 14:51:57 2013 +@@ -1024,8 +1024,8 @@ maintainer-clean-generic: @echo "This command is intended for maintainers to use" @echo "it deletes files that may require special tools to rebuild." -test -z "$(BUILT_SOURCES)" || rm -f $(BUILT_SOURCES) @@ -12,7 +12,7 @@ $OpenBSD: patch-src_dynamic-preprocessor clean: clean-recursive clean-am: clean-generic clean-libtool clean-local \ -@@ -1298,20 +1298,7 @@ include/file_lib.h: $(top_srcdir)/src/file-process/lib +@@ -1335,20 +1335,7 @@ include/file_lib.h: $(top_srcdir)/src/file-process/lib clean-local: rm -rf include build Index: patches/patch-src_dynamic-preprocessors_dcerpc2_Makefile_in === RCS file: /cvs/ports/net/snort/patches/patch-src_dynamic-preprocessors_dcerpc2_Makefile_in,v retrieving revision 1.6 diff -u -p -r1.6 patch-src_dynamic-preprocessors_dcerpc2_Makefile_in --- patches/patch-src_dynamic-preprocessors_dcerpc2_Makefile_in 23 Apr 2013 02:04:13 - 1.6 +++ patches/patch-src_dynamic-preprocessors_dcerpc2_Makefile_in 24 Apr 2013 21:39:23 - @@ -1,7 +1,7 @@ $OpenBSD: patch-src_dynamic-preprocessors_dcerpc2_Makefile_in,v 1.6 2013/04/23 02:04:13 lteo Exp $ src/dynamic-preprocessors/dcerpc2/Makefile.in.orig Thu Mar 21 14:07:26 2013 -+++ src/dynamic-preprocessors/dcerpc2/Makefile.in Thu Apr 4 22:28:12 2013 -@@ -229,7 +229,7 @@ top_builddir = @top_builddir@ +--- src/dynamic-preprocessors/dcerpc2/Makefile.in.orig Mon Apr 15 15:57:47 2013 sr
Re: [update] net/snort 2.9.4.6
On Wed, May 22, 2013 at 09:38:30AM -0400, Lawrence Teo wrote: > On Sat, May 18, 2013 at 03:07:10PM -0400, Lawrence Teo wrote: > > This diff updates Snort to 2.9.4.6. Maintainer Markus Lude came up with > > the same diff. > > > > Markus has tested this on sparc64 for a week with low traffic. I have > > tested this on i386 on a public-facing webserver for more than three > > weeks, and also tested it on amd64 and macppc. > > > > OK? > > Ping. Anyone? :) Maintainer is OK with this, looking for OK's to commit. Index: Makefile === RCS file: /cvs/ports/net/snort/Makefile,v retrieving revision 1.78 diff -u -p -r1.78 Makefile --- Makefile23 Apr 2013 02:04:13 - 1.78 +++ Makefile24 Apr 2013 21:39:23 - @@ -4,7 +4,7 @@ SHARED_ONLY = Yes COMMENT = highly flexible sniffer/NIDS -VERSION = 2.9.4.5 +VERSION = 2.9.4.6 DISTNAME = snort-${VERSION} CATEGORIES = net security Index: distinfo === RCS file: /cvs/ports/net/snort/distinfo,v retrieving revision 1.23 diff -u -p -r1.23 distinfo --- distinfo23 Apr 2013 02:04:13 - 1.23 +++ distinfo24 Apr 2013 21:39:23 - @@ -1,2 +1,2 @@ -SHA256 (snort-2.9.4.5.tar.gz) = TwWSQfgLFAGYgCvxbYa4gSzhXw3T8JujXySFz4suygs= -SIZE (snort-2.9.4.5.tar.gz) = 5255794 +SHA256 (snort-2.9.4.6.tar.gz) = z6pTkLGECqqmimwFpwd92Sy5FuYYagFLqkUdQ82ws7w= +SIZE (snort-2.9.4.6.tar.gz) = 5338762 Index: patches/patch-src_dynamic-plugins_sf_engine_Makefile_in === RCS file: /cvs/ports/net/snort/patches/patch-src_dynamic-plugins_sf_engine_Makefile_in,v retrieving revision 1.5 diff -u -p -r1.5 patch-src_dynamic-plugins_sf_engine_Makefile_in --- patches/patch-src_dynamic-plugins_sf_engine_Makefile_in 23 Apr 2013 02:04:13 - 1.5 +++ patches/patch-src_dynamic-plugins_sf_engine_Makefile_in 24 Apr 2013 21:39:23 - @@ -1,7 +1,7 @@ $OpenBSD: patch-src_dynamic-plugins_sf_engine_Makefile_in,v 1.5 2013/04/23 02:04:13 lteo Exp $ src/dynamic-plugins/sf_engine/Makefile.in.orig Thu Mar 21 14:07:26 2013 -+++ src/dynamic-plugins/sf_engine/Makefile.in Thu Apr 4 22:28:12 2013 -@@ -263,7 +263,7 @@ top_builddir = @top_builddir@ +--- src/dynamic-plugins/sf_engine/Makefile.in.orig Mon Apr 15 15:57:46 2013 src/dynamic-plugins/sf_engine/Makefile.in Wed Apr 24 14:51:57 2013 +@@ -296,7 +296,7 @@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ AUTOMAKE_OPTIONS = foreign no-dependencies lib_LTLIBRARIES = libsf_engine.la Index: patches/patch-src_dynamic-preprocessors_Makefile_in === RCS file: /cvs/ports/net/snort/patches/patch-src_dynamic-preprocessors_Makefile_in,v retrieving revision 1.9 diff -u -p -r1.9 patch-src_dynamic-preprocessors_Makefile_in --- patches/patch-src_dynamic-preprocessors_Makefile_in 23 Apr 2013 02:04:13 - 1.9 +++ patches/patch-src_dynamic-preprocessors_Makefile_in 24 Apr 2013 21:39:23 - @@ -1,7 +1,7 @@ $OpenBSD: patch-src_dynamic-preprocessors_Makefile_in,v 1.9 2013/04/23 02:04:13 lteo Exp $ src/dynamic-preprocessors/Makefile.in.orig Thu Mar 21 14:07:26 2013 -+++ src/dynamic-preprocessors/Makefile.in Thu Apr 4 22:28:12 2013 -@@ -987,8 +987,8 @@ maintainer-clean-generic: +--- src/dynamic-preprocessors/Makefile.in.orig Mon Apr 15 15:57:47 2013 src/dynamic-preprocessors/Makefile.in Wed Apr 24 14:51:57 2013 +@@ -1024,8 +1024,8 @@ maintainer-clean-generic: @echo "This command is intended for maintainers to use" @echo "it deletes files that may require special tools to rebuild." -test -z "$(BUILT_SOURCES)" || rm -f $(BUILT_SOURCES) @@ -12,7 +12,7 @@ $OpenBSD: patch-src_dynamic-preprocessor clean: clean-recursive clean-am: clean-generic clean-libtool clean-local \ -@@ -1298,20 +1298,7 @@ include/file_lib.h: $(top_srcdir)/src/file-process/lib +@@ -1335,20 +1335,7 @@ include/file_lib.h: $(top_srcdir)/src/file-process/lib clean-local: rm -rf include build Index: patches/patch-src_dynamic-preprocessors_dcerpc2_Makefile_in === RCS file: /cvs/ports/net/snort/patches/patch-src_dynamic-preprocessors_dcerpc2_Makefile_in,v retrieving revision 1.6 diff -u -p -r1.6 patch-src_dynamic-preprocessors_dcerpc2_Makefile_in --- patches/patch-src_dynamic-preprocessors_dcerpc2_Makefile_in 23 Apr 2013 02:04:13 - 1.6 +++ patches/patch-src_dynamic-preprocessors_dcerpc2_Makefile_in 24 Apr 2013 21:39:23 - @@ -1,7 +1,7 @@ $OpenBSD: patch-src_dynamic-preprocessors_dcerpc2_Makefile_in,v 1.6 2013/04/23 02:04:13 lteo Exp $ src/dynamic-preprocessors/dcerpc2/Makefile.in.orig Thu Mar 21 14:07:26 2013 -+++ src/dynamic-preprocessors/dcerpc2/Makefile.in Thu Apr 4 2
Re: UPDATE: net/snort 2.9.5.3
On 2013-08-07 at 15:59:44 -0400, Lawrence Teo wrote: > This updates Snort to 2.9.5.3. > > While testing I found that since Snort 2.9.4.1, upstream has removed the > ability for Snort to listen on "non-Ethernet" devices such as our > pflog(4) by default. This diff re-enables that ability by using the > --enable-non-ether-decoders configure flag. > > Tested on amd64, i386, macppc. Tested these and the daq patches on amd64 and i386 with no issues. --avj
Re: UPDATE: net/snort 2.9.5.3
On Thu, Aug 08, 2013 at 03:21:05PM -0400, Adam Jeanguenat wrote: > On 2013-08-07 at 15:59:44 -0400, Lawrence Teo wrote: > > This updates Snort to 2.9.5.3. > > > > While testing I found that since Snort 2.9.4.1, upstream has removed the > > ability for Snort to listen on "non-Ethernet" devices such as our > > pflog(4) by default. This diff re-enables that ability by using the > > --enable-non-ether-decoders configure flag. > > > > Tested on amd64, i386, macppc. > > Tested these and the daq patches on amd64 and i386 with no issues. Thank you for testing, Adam. I have also tested this and the DAQ 2.0.1 update (http://marc.info/?l=openbsd-ports&m=137590540710450&w=2) on the 64-bit time_t amd64 and i386 snapshots. If there are no objections, I would like to commit both the Snort and DAQ updates sometime this week. OK's are also welcome. :) Index: Makefile === RCS file: /cvs/ports/net/snort/Makefile,v retrieving revision 1.80 diff -u -p -u -p -r1.80 Makefile --- Makefile10 Jul 2013 02:10:22 - 1.80 +++ Makefile7 Aug 2013 01:57:51 - @@ -4,8 +4,8 @@ SHARED_ONLY = Yes COMMENT = highly flexible sniffer/NIDS -VERSION = 2.9.5.0 -DISTNAME = snort-2.9.5 +VERSION = 2.9.5.3 +DISTNAME = snort-${VERSION} CATEGORIES = net security @@ -25,7 +25,8 @@ USE_GROFF = Yes SEPARATE_BUILD = Yes CONFIGURE_STYLE = gnu CONFIGURE_ARGS += ${CONFIGURE_SHARED} \ - --disable-static-daq + --disable-static-daq \ + --enable-non-ether-decoders LIB_DEPENDS = devel/pcre \ net/libdnet \ Index: distinfo === RCS file: /cvs/ports/net/snort/distinfo,v retrieving revision 1.25 diff -u -p -u -p -r1.25 distinfo --- distinfo10 Jul 2013 02:10:22 - 1.25 +++ distinfo7 Aug 2013 01:34:18 - @@ -1,2 +1,2 @@ -SHA256 (snort-2.9.5.tar.gz) = H5mXcW6MCGydYIKUpVwyOEaHfI8WrNEpqQyl+tu6GJA= -SIZE (snort-2.9.5.tar.gz) = 5422421 +SHA256 (snort-2.9.5.3.tar.gz) = Pv0x/TN+g2r1PXkPwpl/SfzDUeUHHUxuT1hqiLBwxSo= +SIZE (snort-2.9.5.3.tar.gz) = 5047591 Index: patches/patch-etc_snort_conf === RCS file: /cvs/ports/net/snort/patches/patch-etc_snort_conf,v retrieving revision 1.9 diff -u -p -u -p -r1.9 patch-etc_snort_conf --- patches/patch-etc_snort_conf23 Apr 2013 02:04:13 - 1.9 +++ patches/patch-etc_snort_conf7 Aug 2013 01:34:18 - @@ -2,8 +2,8 @@ $OpenBSD: patch-etc_snort_conf,v 1.9 201 reputation preprocessor disabled, still experimental etc/snort.conf.origThu Mar 21 14:09:05 2013 -+++ etc/snort.conf Thu Apr 4 22:31:37 2013 +--- etc/snort.conf.origTue Jul 23 14:37:33 2013 etc/snort.conf Mon Aug 5 14:38:56 2013 @@ -101,17 +101,17 @@ ipvar AIM_SERVERS [64.12.24.0/23,64.12.28.0/23,64.12.1 # Path to your rules files (this can be a relative path) # Note for Windows users: You are advised to make this an absolute path, @@ -65,7 +65,7 @@ reputation preprocessor disabled, still include $RULE_PATH/app-detect.rules include $RULE_PATH/attack-responses.rules include $RULE_PATH/backdoor.rules -@@ -648,6 +650,9 @@ include $RULE_PATH/web-iis.rules +@@ -659,6 +661,9 @@ include $RULE_PATH/web-iis.rules include $RULE_PATH/web-misc.rules include $RULE_PATH/web-php.rules include $RULE_PATH/x11.rules Index: patches/patch-src_decode_h === RCS file: /cvs/ports/net/snort/patches/patch-src_decode_h,v retrieving revision 1.4 diff -u -p -u -p -r1.4 patch-src_decode_h --- patches/patch-src_decode_h 10 Jul 2013 02:10:22 - 1.4 +++ patches/patch-src_decode_h 7 Aug 2013 01:34:18 - @@ -1,7 +1,7 @@ $OpenBSD: patch-src_decode_h,v 1.4 2013/07/10 02:10:22 lteo Exp $ src/decode.h.orig Tue Jun 4 23:19:52 2013 -+++ src/decode.h Tue Jul 2 20:52:28 2013 -@@ -812,9 +812,9 @@ typedef struct _SLLHdr { +--- src/decode.h.orig Wed Jul 3 17:31:22 2013 src/decode.h Mon Aug 5 14:37:49 2013 +@@ -813,9 +813,9 @@ typedef struct _SLLHdr { * Pflog1_Hdr: CVS = 1.3, DLT_OLD_PFLOG = 17, Length = 28 * Pflog2_Hdr: CVS = 1.8, DLT_PFLOG = 117, Length = 48 * Pflog3_Hdr: CVS = 1.12, DLT_PFLOG = 117, Length = 64 Index: patches/patch-src_dynamic-preprocessors_Makefile_in === RCS file: /cvs/ports/net/snort/patches/patch-src_dynamic-preprocessors_Makefile_in,v retrieving revision 1.11 diff -u -p -u -p -r1.11 patch-src_dynamic-preprocessors_Makefile_in --- patches/patch-src_dynamic-preprocessors_Makefile_in 10 Jul 2013 02:10:22 - 1.11 +++ patches/patch-src_dynamic-preprocessors_Makefile_in 7 Aug 2013 01:34:
Re: UPDATE: net/snort 2.9.5.5
On Mon, Sep 23, 2013 at 02:31:11PM -0400, Lawrence Teo wrote: > Here's a trivial update to Snort 2.9.5.5 (release notes are at > https://www.snort.org/downloads/2548) I come up with a similar diff. I recently noticed the rc.d script has ownership _snort:_snort. I think it should be owned by root. Diff is attached. Regards, Markus > Tested on amd64, i386, macppc. > > OK? > > > Index: Makefile > === > RCS file: /cvs/ports/net/snort/Makefile,v > retrieving revision 1.81 > diff -u -p -r1.81 Makefile > --- Makefile 21 Aug 2013 02:28:42 - 1.81 > +++ Makefile 22 Sep 2013 03:11:40 - > @@ -4,7 +4,7 @@ SHARED_ONLY = Yes > > COMMENT =highly flexible sniffer/NIDS > > -VERSION =2.9.5.3 > +VERSION =2.9.5.5 > DISTNAME = snort-${VERSION} > > CATEGORIES = net security > Index: distinfo > === > RCS file: /cvs/ports/net/snort/distinfo,v > retrieving revision 1.26 > diff -u -p -r1.26 distinfo > --- distinfo 21 Aug 2013 02:28:43 - 1.26 > +++ distinfo 22 Sep 2013 03:20:23 - > @@ -1,2 +1,2 @@ > -SHA256 (snort-2.9.5.3.tar.gz) = Pv0x/TN+g2r1PXkPwpl/SfzDUeUHHUxuT1hqiLBwxSo= > -SIZE (snort-2.9.5.3.tar.gz) = 5047591 > +SHA256 (snort-2.9.5.5.tar.gz) = AsjMYGC9qgsAU3ynD20nKFU3WUiuzlJT3Rjw12x/U54= > +SIZE (snort-2.9.5.5.tar.gz) = 5048740 Index: Makefile === RCS file: /cvs/ports/net/snort/Makefile,v retrieving revision 1.81 diff -u -p -r1.81 Makefile --- Makefile21 Aug 2013 02:28:42 - 1.81 +++ Makefile23 Sep 2013 19:25:56 - @@ -4,7 +4,7 @@ SHARED_ONLY = Yes COMMENT = highly flexible sniffer/NIDS -VERSION = 2.9.5.3 +VERSION = 2.9.5.5 DISTNAME = snort-${VERSION} CATEGORIES = net security Index: distinfo === RCS file: /cvs/ports/net/snort/distinfo,v retrieving revision 1.26 diff -u -p -r1.26 distinfo --- distinfo21 Aug 2013 02:28:43 - 1.26 +++ distinfo23 Sep 2013 19:25:56 - @@ -1,2 +1,2 @@ -SHA256 (snort-2.9.5.3.tar.gz) = Pv0x/TN+g2r1PXkPwpl/SfzDUeUHHUxuT1hqiLBwxSo= -SIZE (snort-2.9.5.3.tar.gz) = 5047591 +SHA256 (snort-2.9.5.5.tar.gz) = AsjMYGC9qgsAU3ynD20nKFU3WUiuzlJT3Rjw12x/U54= +SIZE (snort-2.9.5.5.tar.gz) = 5048740 Index: pkg/PLIST === RCS file: /cvs/ports/net/snort/pkg/PLIST,v retrieving revision 1.25 diff -u -p -r1.25 PLIST --- pkg/PLIST 21 Aug 2013 02:28:45 - 1.25 +++ pkg/PLIST 23 Sep 2013 19:25:56 - @@ -142,4 +142,6 @@ share/examples/snort/unicode.map @group _snort @sample /var/snort/ @sample /var/snort/log/ +@owner +@group @rcscript ${RCDIR}/snort
Re: UPDATE: net/snort 2.9.5.5
Hi, I've been testing this on 5.2 and 5.3 amd64 without issues. but I've noticed that if I do a 'make update-plist' on net/daq I get a warning of SHARED_LIBS daq 2.0 vs 2.1 and sfbpf 1.0 vs 0.1. I've changed the Makefile so I don't get it. Is that the correct thing to do ? -- Cheers, Rodolfo Gouveia Sponsored by Dognaedis Community Project http://www.dognaedis.com DISCLAIMER: This message is confidential, and can only be accessed by the persons or entities to whom it is addressed. If you are not one of them, Dognædis will thank you if you inform the author, as soon as possible, about the error that occurred. It is totally forbidden the disclosure, modification, visualization, or other kind of use of the message and the respective contents to those who are not addressed herein.
Re: UPDATE: net/snort 2.9.5.5
On 2013/09/24 11:59, Community - Dognaedis wrote: > Hi, > I've been testing this on 5.2 and 5.3 amd64 without issues. > but I've noticed that if I do a 'make update-plist' on net/daq > I get a warning of SHARED_LIBS daq 2.0 vs 2.1 and sfbpf 1.0 vs 0.1. > I've changed the Makefile so I don't get it. Is that the correct > thing to do ? You have updated individual ports to versions which depend on changes in infrastructure; the whole tree should be in-sync. Specifically USE_LIBTOOL=Yes is now the default and has been removed from ports. (btw, with the time_t changes in -current, tests on earlier versions are much less useful than usual right now).
Re: UPDATE: net/snort 2.9.5.5
On 2013-09-23 at 21:35:19 +0200, Markus Lude wrote: > On Mon, Sep 23, 2013 at 02:31:11PM -0400, Lawrence Teo wrote: > > Here's a trivial update to Snort 2.9.5.5 (release notes are at > > https://www.snort.org/downloads/2548) > > I come up with a similar diff. I recently noticed the rc.d script has > ownership _snort:_snort. I think it should be owned by root. Diff is > attached. I've also been testing on i386 since the release using a similar diff without issue and concur with Markus's note about the rc.d script ownership. --avj
Re: UPDATE: net/snort 2.9.5.5
On 09/24/2013 12:24 PM, Stuart Henderson wrote:> On 2013/09/24 11:59, Community - Dognaedis wrote: >> Hi, >> I've been testing this on 5.2 and 5.3 amd64 without issues. >> but I've noticed that if I do a 'make update-plist' on net/daq >> I get a warning of SHARED_LIBS daq 2.0 vs 2.1 and sfbpf 1.0 vs 0.1. >> I've changed the Makefile so I don't get it. Is that the correct >> thing to do ? > > You have updated individual ports to versions which depend on changes in > infrastructure; the whole tree should be in-sync. Specifically USE_LIBTOOL=Yes > is now the default and has been removed from ports. Indeed. The problem is older versions of snort (2.8.6) in ports (OpenBSD release 5.2), cannot be used with the latest rules from Sourcefire so I'm basically backporting it on some of our systems. The main problem would be mismatch of dependencies in ports on installs? > (btw, with the time_t changes in -current, tests on earlier versions are > much less useful than usual right now). Noted. -- Cheers, Rodolfo Gouveia Sponsored by Dognaedis Community Project http://www.dognaedis.com DISCLAIMER: This message is confidential, and can only be accessed by the persons or entities to whom it is addressed. If you are not one of them, Dognædis will thank you if you inform the author, as soon as possible, about the error that occurred. It is totally forbidden the disclosure, modification, visualization, or other kind of use of the message and the respective contents to those who are not addressed herein.
Re: UPDATE: net/snort 2.9.4.1
On 03/26/2013 09:22 PM, Markus Lude wrote: > Hello, > here is an update to latest snort 2.9.4.1. > Please test, comment, ... > Regards, > Markus > Thanks Markus. Compiled and running under OpenBSD 5.2 amd64 without any problems.
Re: UPDATE: net/snort 2.9.4.1
On Thu, Mar 28, 2013 at 05:51:30PM +, Rodolfo Gouveia wrote: > On 03/26/2013 09:22 PM, Markus Lude wrote: > > Hello, > > here is an update to latest snort 2.9.4.1. > > Please test, comment, ... > > Regards, > > Markus > > > > Thanks Markus. > Compiled and running under OpenBSD 5.2 amd64 without any problems. Yes, thanks Markus for working on the update, and Rodolfo for testing. Attached is a slightly tweaked version that drops PKGNAME because upstream now hosts snort-2.9.4.1.tar.gz correctly (previously, the distfile was snort-2.9.4.tar.gz but the version was supposed to be 2.9.4.0, so PKGNAME was needed). The VERSION variable still needs to be there to provide a proper version-specific instructions in the README. Also, just a note that the snort.org rules download URL in the README does not actually work yet. That's because according to http://www.snort.org/snort-rules/ 2.9.4.1 rules are not yet available to registered users, but I think they should be available on or shortly after April 4, which is a month after Snort 2.9.4.1 was released. Meanwhile the 2.9.4.0 rules do work, so I don't think there's a need to update the README since the new rules will be available soon. Tested and works for me on amd64 and i386. Looking for OK's to commit. Lawrence Index: Makefile === RCS file: /cvs/ports/net/snort/Makefile,v retrieving revision 1.76 diff -u -p -r1.76 Makefile --- Makefile21 Mar 2013 08:46:35 - 1.76 +++ Makefile28 Mar 2013 18:30:06 - @@ -4,10 +4,8 @@ SHARED_ONLY = Yes COMMENT = highly flexible sniffer/NIDS -VERSION = 2.9.4.0 -DISTNAME = snort-2.9.4 -PKGNAME = snort-${VERSION} -REVISION = 0 +VERSION = 2.9.4.1 +DISTNAME = snort-${VERSION} CATEGORIES = net security Index: distinfo === RCS file: /cvs/ports/net/snort/distinfo,v retrieving revision 1.21 diff -u -p -r1.21 distinfo --- distinfo16 Jan 2013 04:52:53 - 1.21 +++ distinfo26 Mar 2013 21:18:21 - @@ -1,2 +1,2 @@ -SHA256 (snort-2.9.4.tar.gz) = QgKuD2ZqU0jGJEdqRUPx0FmnCZjesNytq2hlzWukmbU= -SIZE (snort-2.9.4.tar.gz) = 5289321 +SHA256 (snort-2.9.4.1.tar.gz) = L0Ilbp9LYTIB6nnlr1S2RairAplysj9vvGSesA5vHa4= +SIZE (snort-2.9.4.1.tar.gz) = 5296045 Index: patches/patch-src_dynamic-plugins_sf_engine_Makefile_in === RCS file: /cvs/ports/net/snort/patches/patch-src_dynamic-plugins_sf_engine_Makefile_in,v retrieving revision 1.3 diff -u -p -r1.3 patch-src_dynamic-plugins_sf_engine_Makefile_in --- patches/patch-src_dynamic-plugins_sf_engine_Makefile_in 16 Jan 2013 04:52:53 - 1.3 +++ patches/patch-src_dynamic-plugins_sf_engine_Makefile_in 26 Mar 2013 21:18:21 - @@ -1,7 +1,7 @@ $OpenBSD: patch-src_dynamic-plugins_sf_engine_Makefile_in,v 1.3 2013/01/16 04:52:53 lteo Exp $ src/dynamic-plugins/sf_engine/Makefile.in.orig Thu Nov 15 23:53:01 2012 -+++ src/dynamic-plugins/sf_engine/Makefile.in Mon Dec 3 22:17:26 2012 -@@ -263,7 +263,7 @@ top_builddir = @top_builddir@ +--- src/dynamic-plugins/sf_engine/Makefile.in.orig Wed Feb 20 20:31:52 2013 src/dynamic-plugins/sf_engine/Makefile.in Fri Mar 8 18:42:20 2013 +@@ -296,7 +296,7 @@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ AUTOMAKE_OPTIONS = foreign no-dependencies lib_LTLIBRARIES = libsf_engine.la Index: patches/patch-src_dynamic-preprocessors_Makefile_in === RCS file: /cvs/ports/net/snort/patches/patch-src_dynamic-preprocessors_Makefile_in,v retrieving revision 1.7 diff -u -p -r1.7 patch-src_dynamic-preprocessors_Makefile_in --- patches/patch-src_dynamic-preprocessors_Makefile_in 16 Jan 2013 04:52:53 - 1.7 +++ patches/patch-src_dynamic-preprocessors_Makefile_in 26 Mar 2013 21:18:21 - @@ -1,7 +1,7 @@ $OpenBSD: patch-src_dynamic-preprocessors_Makefile_in,v 1.7 2013/01/16 04:52:53 lteo Exp $ src/dynamic-preprocessors/Makefile.in.orig Thu Nov 15 23:53:02 2012 -+++ src/dynamic-preprocessors/Makefile.in Mon Dec 3 22:17:26 2012 -@@ -987,8 +987,8 @@ maintainer-clean-generic: +--- src/dynamic-preprocessors/Makefile.in.orig Wed Feb 20 20:31:53 2013 src/dynamic-preprocessors/Makefile.in Fri Mar 8 18:42:21 2013 +@@ -1024,8 +1024,8 @@ maintainer-clean-generic: @echo "This command is intended for maintainers to use" @echo "it deletes files that may require special tools to rebuild." -test -z "$(BUILT_SOURCES)" || rm -f $(BUILT_SOURCES) @@ -12,7 +12,7 @@ $OpenBSD: patch-src_dynamic-preprocessor clean: clean-recursive clean-am: clean-generic clean-libtool clean-local \ -@@ -1298,20 +1298,7 @@ include/file_lib.h: $(top_srcdir)/src/file-process/lib +@@ -1335,20 +1335,7 @@ include/file_l
Re: [update] net/snort 2.9.4.5
On Sun, Apr 14, 2013 at 04:29:57PM +0200, Markus Lude wrote: > Hello, > > here's an update to the latest snort version 2.9.4.5. > > Please test, comment, commit, ... > > Builds on sparc64, run since 2 days on a sparc64 test machine (with low > traffic). I have tested Markus's Snort 2.9.4.5 update and it works fine for me on amd64 and i386. Looking for OK's to commit. Lawrence Index: Makefile === RCS file: /cvs/ports/net/snort/Makefile,v retrieving revision 1.77 diff -u -p -r1.77 Makefile --- Makefile29 Mar 2013 04:22:59 - 1.77 +++ Makefile14 Apr 2013 14:04:32 - @@ -4,7 +4,7 @@ SHARED_ONLY = Yes COMMENT = highly flexible sniffer/NIDS -VERSION = 2.9.4.1 +VERSION = 2.9.4.5 DISTNAME = snort-${VERSION} CATEGORIES = net security Index: distinfo === RCS file: /cvs/ports/net/snort/distinfo,v retrieving revision 1.22 diff -u -p -r1.22 distinfo --- distinfo29 Mar 2013 04:22:59 - 1.22 +++ distinfo14 Apr 2013 14:04:32 - @@ -1,2 +1,2 @@ -SHA256 (snort-2.9.4.1.tar.gz) = L0Ilbp9LYTIB6nnlr1S2RairAplysj9vvGSesA5vHa4= -SIZE (snort-2.9.4.1.tar.gz) = 5296045 +SHA256 (snort-2.9.4.5.tar.gz) = TwWSQfgLFAGYgCvxbYa4gSzhXw3T8JujXySFz4suygs= +SIZE (snort-2.9.4.5.tar.gz) = 5255794 Index: patches/patch-etc_snort_conf === RCS file: /cvs/ports/net/snort/patches/patch-etc_snort_conf,v retrieving revision 1.8 diff -u -p -r1.8 patch-etc_snort_conf --- patches/patch-etc_snort_conf16 Jan 2013 04:52:53 - 1.8 +++ patches/patch-etc_snort_conf14 Apr 2013 14:04:32 - @@ -2,11 +2,8 @@ $OpenBSD: patch-etc_snort_conf,v 1.8 201 reputation preprocessor disabled, still experimental -load the new Snort rule files since they have been reorganized: -http://blog.snort.org/2012/10/rule-category-reorganization-phase-3.html - etc/snort.conf.origThu Nov 15 17:54:40 2012 -+++ etc/snort.conf Thu Jan 10 23:43:15 2013 +--- etc/snort.conf.origThu Mar 21 14:09:05 2013 etc/snort.conf Thu Apr 4 22:31:37 2013 @@ -101,17 +101,17 @@ ipvar AIM_SERVERS [64.12.24.0/23,64.12.28.0/23,64.12.1 # Path to your rules files (this can be a relative path) # Note for Windows users: You are advised to make this an absolute path, @@ -57,7 +54,7 @@ http://blog.snort.org/2012/10/rule-categ ### # Step #6: Configure output plugins -@@ -542,42 +543,93 @@ include reference.config +@@ -542,8 +543,9 @@ include reference.config ### # site specific rules @@ -65,95 +62,10 @@ http://blog.snort.org/2012/10/rule-categ +#include $RULE_PATH/local.rules +# Official Sourcefire VRT rules from http://www.snort.org/snort-rules/ -+include $RULE_PATH/app-detect.rules + include $RULE_PATH/app-detect.rules include $RULE_PATH/attack-responses.rules include $RULE_PATH/backdoor.rules - include $RULE_PATH/bad-traffic.rules - include $RULE_PATH/blacklist.rules - include $RULE_PATH/botnet-cnc.rules -+include $RULE_PATH/browser-chrome.rules -+include $RULE_PATH/browser-firefox.rules -+include $RULE_PATH/browser-ie.rules -+include $RULE_PATH/browser-other.rules -+include $RULE_PATH/browser-plugins.rules -+include $RULE_PATH/browser-webkit.rules - include $RULE_PATH/chat.rules - include $RULE_PATH/content-replace.rules - include $RULE_PATH/ddos.rules - include $RULE_PATH/dns.rules - include $RULE_PATH/dos.rules -+include $RULE_PATH/experimental.rules -+include $RULE_PATH/exploit-kit.rules - include $RULE_PATH/exploit.rules -+include $RULE_PATH/file-executable.rules -+include $RULE_PATH/file-flash.rules - include $RULE_PATH/file-identify.rules -+include $RULE_PATH/file-image.rules -+include $RULE_PATH/file-multimedia.rules -+include $RULE_PATH/file-office.rules -+include $RULE_PATH/file-other.rules -+include $RULE_PATH/file-pdf.rules - include $RULE_PATH/finger.rules - include $RULE_PATH/ftp.rules --include $RULE_PATH/icmp.rules - include $RULE_PATH/icmp-info.rules -+include $RULE_PATH/icmp.rules - include $RULE_PATH/imap.rules -+include $RULE_PATH/indicator-compromise.rules -+include $RULE_PATH/indicator-obfuscation.rules -+include $RULE_PATH/indicator-shellcode.rules - include $RULE_PATH/info.rules -+include $RULE_PATH/malware-backdoor.rules -+include $RULE_PATH/malware-cnc.rules -+include $RULE_PATH/malware-other.rules -+include $RULE_PATH/malware-tools.rules - include $RULE_PATH/misc.rules - include $RULE_PATH/multimedia.rules - include $RULE_PATH/mysql.rules - include $RULE_PATH/netbios.rules - include $RULE_PATH/nntp.rules - include $RULE_PATH/oracle.rules -+include $RULE_PATH/os-linux.rules -+include $RULE_PATH/os-other.rules -+include $RULE_PATH/os-solaris.rules -+include $RULE_PATH/os-windows.rules - includ
Re: [update] net/snort 2.9.4.5
On Tue, Apr 16, 2013 at 10:16:02PM -0400, Lawrence Teo wrote: > On Sun, Apr 14, 2013 at 04:29:57PM +0200, Markus Lude wrote: > > Hello, > > > > here's an update to the latest snort version 2.9.4.5. > > > > Please test, comment, commit, ... > > > > Builds on sparc64, run since 2 days on a sparc64 test machine (with low > > traffic). > > I have tested Markus's Snort 2.9.4.5 update and it works fine for me on > amd64 and i386. Looking for OK's to commit. Anyone? :) Index: Makefile === RCS file: /cvs/ports/net/snort/Makefile,v retrieving revision 1.77 diff -u -p -r1.77 Makefile --- Makefile29 Mar 2013 04:22:59 - 1.77 +++ Makefile14 Apr 2013 14:04:32 - @@ -4,7 +4,7 @@ SHARED_ONLY = Yes COMMENT = highly flexible sniffer/NIDS -VERSION = 2.9.4.1 +VERSION = 2.9.4.5 DISTNAME = snort-${VERSION} CATEGORIES = net security Index: distinfo === RCS file: /cvs/ports/net/snort/distinfo,v retrieving revision 1.22 diff -u -p -r1.22 distinfo --- distinfo29 Mar 2013 04:22:59 - 1.22 +++ distinfo14 Apr 2013 14:04:32 - @@ -1,2 +1,2 @@ -SHA256 (snort-2.9.4.1.tar.gz) = L0Ilbp9LYTIB6nnlr1S2RairAplysj9vvGSesA5vHa4= -SIZE (snort-2.9.4.1.tar.gz) = 5296045 +SHA256 (snort-2.9.4.5.tar.gz) = TwWSQfgLFAGYgCvxbYa4gSzhXw3T8JujXySFz4suygs= +SIZE (snort-2.9.4.5.tar.gz) = 5255794 Index: patches/patch-etc_snort_conf === RCS file: /cvs/ports/net/snort/patches/patch-etc_snort_conf,v retrieving revision 1.8 diff -u -p -r1.8 patch-etc_snort_conf --- patches/patch-etc_snort_conf16 Jan 2013 04:52:53 - 1.8 +++ patches/patch-etc_snort_conf14 Apr 2013 14:04:32 - @@ -2,11 +2,8 @@ $OpenBSD: patch-etc_snort_conf,v 1.8 201 reputation preprocessor disabled, still experimental -load the new Snort rule files since they have been reorganized: -http://blog.snort.org/2012/10/rule-category-reorganization-phase-3.html - etc/snort.conf.origThu Nov 15 17:54:40 2012 -+++ etc/snort.conf Thu Jan 10 23:43:15 2013 +--- etc/snort.conf.origThu Mar 21 14:09:05 2013 etc/snort.conf Thu Apr 4 22:31:37 2013 @@ -101,17 +101,17 @@ ipvar AIM_SERVERS [64.12.24.0/23,64.12.28.0/23,64.12.1 # Path to your rules files (this can be a relative path) # Note for Windows users: You are advised to make this an absolute path, @@ -57,7 +54,7 @@ http://blog.snort.org/2012/10/rule-categ ### # Step #6: Configure output plugins -@@ -542,42 +543,93 @@ include reference.config +@@ -542,8 +543,9 @@ include reference.config ### # site specific rules @@ -65,95 +62,10 @@ http://blog.snort.org/2012/10/rule-categ +#include $RULE_PATH/local.rules +# Official Sourcefire VRT rules from http://www.snort.org/snort-rules/ -+include $RULE_PATH/app-detect.rules + include $RULE_PATH/app-detect.rules include $RULE_PATH/attack-responses.rules include $RULE_PATH/backdoor.rules - include $RULE_PATH/bad-traffic.rules - include $RULE_PATH/blacklist.rules - include $RULE_PATH/botnet-cnc.rules -+include $RULE_PATH/browser-chrome.rules -+include $RULE_PATH/browser-firefox.rules -+include $RULE_PATH/browser-ie.rules -+include $RULE_PATH/browser-other.rules -+include $RULE_PATH/browser-plugins.rules -+include $RULE_PATH/browser-webkit.rules - include $RULE_PATH/chat.rules - include $RULE_PATH/content-replace.rules - include $RULE_PATH/ddos.rules - include $RULE_PATH/dns.rules - include $RULE_PATH/dos.rules -+include $RULE_PATH/experimental.rules -+include $RULE_PATH/exploit-kit.rules - include $RULE_PATH/exploit.rules -+include $RULE_PATH/file-executable.rules -+include $RULE_PATH/file-flash.rules - include $RULE_PATH/file-identify.rules -+include $RULE_PATH/file-image.rules -+include $RULE_PATH/file-multimedia.rules -+include $RULE_PATH/file-office.rules -+include $RULE_PATH/file-other.rules -+include $RULE_PATH/file-pdf.rules - include $RULE_PATH/finger.rules - include $RULE_PATH/ftp.rules --include $RULE_PATH/icmp.rules - include $RULE_PATH/icmp-info.rules -+include $RULE_PATH/icmp.rules - include $RULE_PATH/imap.rules -+include $RULE_PATH/indicator-compromise.rules -+include $RULE_PATH/indicator-obfuscation.rules -+include $RULE_PATH/indicator-shellcode.rules - include $RULE_PATH/info.rules -+include $RULE_PATH/malware-backdoor.rules -+include $RULE_PATH/malware-cnc.rules -+include $RULE_PATH/malware-other.rules -+include $RULE_PATH/malware-tools.rules - include $RULE_PATH/misc.rules - include $RULE_PATH/multimedia.rules - include $RULE_PATH/mysql.rules - include $RULE_PATH/netbios.rules - include $RULE_PATH/nntp.rules - include $RULE_PATH/oracle.rules -+include $RULE_PATH/os-linux.rules -+include $RULE_PATH/os-other.ru
Re: UPDATE: net/snort 2.9.6.0
On Sun, Jan 26, 2014 at 02:12:06PM +0100, Markus Lude wrote: > Hello, > > attached is an update to recent snort 2.9.6.0. > Tested on sparc64 with daq 2.0.2. > > Please test, comment, ... and now with the diff attached ... Index: Makefile === RCS file: /cvs/ports/net/snort/Makefile,v retrieving revision 1.83 diff -u -p -r1.83 Makefile --- Makefile16 Dec 2013 03:32:39 - 1.83 +++ Makefile25 Jan 2014 17:56:18 - @@ -4,7 +4,7 @@ SHARED_ONLY = Yes COMMENT = highly flexible sniffer/NIDS -VERSION = 2.9.5.6 +VERSION = 2.9.6.0 DISTNAME = snort-${VERSION} CATEGORIES = net security Index: distinfo === RCS file: /cvs/ports/net/snort/distinfo,v retrieving revision 1.28 diff -u -p -r1.28 distinfo --- distinfo16 Dec 2013 03:32:39 - 1.28 +++ distinfo25 Jan 2014 17:56:18 - @@ -1,2 +1,2 @@ -SHA256 (snort-2.9.5.6.tar.gz) = ae0JB3wfoiaPgUyO/25hO3/oh2oTjfHNZXnP+7dH21U= -SIZE (snort-2.9.5.6.tar.gz) = 5049188 +SHA256 (snort-2.9.6.0.tar.gz) = PMbIqbUvTIY6VzanO0ASr/NAtQteACdxsE1Id/R80Z4= +SIZE (snort-2.9.6.0.tar.gz) = 5189146 Index: patches/patch-src_decode_h === RCS file: /cvs/ports/net/snort/patches/patch-src_decode_h,v retrieving revision 1.5 diff -u -p -r1.5 patch-src_decode_h --- patches/patch-src_decode_h 21 Aug 2013 02:28:43 - 1.5 +++ patches/patch-src_decode_h 25 Jan 2014 17:56:18 - @@ -1,7 +1,7 @@ $OpenBSD: patch-src_decode_h,v 1.5 2013/08/21 02:28:43 lteo Exp $ src/decode.h.orig Wed Jul 3 17:31:22 2013 -+++ src/decode.h Mon Aug 5 14:37:49 2013 -@@ -813,9 +813,9 @@ typedef struct _SLLHdr { +--- src/decode.h.orig Tue Dec 31 17:07:53 2013 src/decode.h Thu Jan 23 23:02:17 2014 +@@ -814,9 +814,9 @@ typedef struct _SLLHdr { * Pflog1_Hdr: CVS = 1.3, DLT_OLD_PFLOG = 17, Length = 28 * Pflog2_Hdr: CVS = 1.8, DLT_PFLOG = 117, Length = 48 * Pflog3_Hdr: CVS = 1.12, DLT_PFLOG = 117, Length = 64 Index: patches/patch-src_dynamic-plugins_sf_dynamic_plugins_c === RCS file: /cvs/ports/net/snort/patches/patch-src_dynamic-plugins_sf_dynamic_plugins_c,v retrieving revision 1.8 diff -u -p -r1.8 patch-src_dynamic-plugins_sf_dynamic_plugins_c --- patches/patch-src_dynamic-plugins_sf_dynamic_plugins_c 10 Jul 2013 02:10:22 - 1.8 +++ patches/patch-src_dynamic-plugins_sf_dynamic_plugins_c 25 Jan 2014 17:56:18 - @@ -1,7 +1,7 @@ $OpenBSD: patch-src_dynamic-plugins_sf_dynamic_plugins_c,v 1.8 2013/07/10 02:10:22 lteo Exp $ src/dynamic-plugins/sf_dynamic_plugins.c.orig Tue Jun 4 23:19:52 2013 -+++ src/dynamic-plugins/sf_dynamic_plugins.c Mon Jul 1 23:00:39 2013 -@@ -256,8 +256,7 @@ void LoadAllLibs(const char * const path, LoadLibraryF +--- src/dynamic-plugins/sf_dynamic_plugins.c.orig Tue Dec 31 17:07:54 2013 src/dynamic-plugins/sf_dynamic_plugins.c Thu Jan 23 23:02:17 2014 +@@ -257,8 +257,7 @@ void LoadAllLibs(const char * const path, LoadLibraryF dir_entry = readdir(directory); while (dir_entry != NULL) { Index: patches/patch-src_dynamic-plugins_sf_engine_Makefile_in === RCS file: /cvs/ports/net/snort/patches/patch-src_dynamic-plugins_sf_engine_Makefile_in,v retrieving revision 1.6 diff -u -p -r1.6 patch-src_dynamic-plugins_sf_engine_Makefile_in --- patches/patch-src_dynamic-plugins_sf_engine_Makefile_in 31 May 2013 20:26:01 - 1.6 +++ patches/patch-src_dynamic-plugins_sf_engine_Makefile_in 25 Jan 2014 17:56:18 - @@ -1,7 +1,7 @@ $OpenBSD: patch-src_dynamic-plugins_sf_engine_Makefile_in,v 1.6 2013/05/31 20:26:01 lteo Exp $ src/dynamic-plugins/sf_engine/Makefile.in.orig Mon Apr 15 15:57:46 2013 -+++ src/dynamic-plugins/sf_engine/Makefile.in Wed Apr 24 14:51:57 2013 -@@ -296,7 +296,7 @@ top_builddir = @top_builddir@ +--- src/dynamic-plugins/sf_engine/Makefile.in.orig Tue Dec 31 19:30:40 2013 src/dynamic-plugins/sf_engine/Makefile.in Thu Jan 23 23:02:17 2014 +@@ -371,7 +371,7 @@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ AUTOMAKE_OPTIONS = foreign no-dependencies lib_LTLIBRARIES = libsf_engine.la Index: patches/patch-src_dynamic-preprocessors_Makefile_in === RCS file: /cvs/ports/net/snort/patches/patch-src_dynamic-preprocessors_Makefile_in,v retrieving revision 1.12 diff -u -p -r1.12 patch-src_dynamic-preprocessors_Makefile_in --- patches/patch-src_dynamic-preprocessors_Makefile_in 21 Aug 2013 02:28:43 - 1.12 +++ patches/patch-src_dynamic-preprocessors_Makefile_in 25 Jan 2014 17:56:18 - @@ -1,7 +1,7 @@ $OpenBSD: patch-src_dynamic-p
Re: UPDATE: net/snort 2.9.7.0
On Thu, Jan 08, 2015 at 11:37:16PM -0500, Lawrence Teo wrote: > This updates Snort to 2.9.7.0. > > Tested with DAQ 2.0.4 (sent earlier) on amd64. > > ok? your tree is/was not up-to-date. for example the in-tree version of Makefile is r1.88 and the in-tree version of the snort package is at 2.9.6.2p0... a patch for src/preprocessors/Stream6/snort_stream_tcp.c is missing. All other ts_print calls were patched for the first parameter. attached is a diff which works for me on i386. Regards, Markus > Index: Makefile > === > RCS file: /cvs/ports/net/snort/Makefile,v > retrieving revision 1.86 > diff -u -p -r1.86 Makefile > --- Makefile 4 Jun 2014 03:17:12 - 1.86 > +++ Makefile 24 Dec 2014 20:19:16 - > @@ -4,9 +4,8 @@ SHARED_ONLY = Yes > > COMMENT =highly flexible sniffer/NIDS > > -VERSION =2.9.6.1 > +VERSION =2.9.7.0 > DISTNAME = snort-${VERSION} > -REVISION = 0 > > CATEGORIES = net security > > @@ -19,7 +18,7 @@ PERMIT_PACKAGE_CDROM = Yes > > WANTLIB =c crypto daq dnet m pcap pcre pthread z > > -MASTER_SITES = http://www.snort.org/dl/snort-current/ > +MASTER_SITES = https://www.snort.org/downloads/snort/ > > USE_GROFF = Yes > the second hunk is already in-tree > Index: distinfo > === > RCS file: /cvs/ports/net/snort/distinfo,v > retrieving revision 1.30 > diff -u -p -r1.30 distinfo > --- distinfo 15 May 2014 20:11:43 - 1.30 > +++ distinfo 24 Dec 2014 20:44:30 - > @@ -1,2 +1,2 @@ > -SHA256 (snort-2.9.6.1.tar.gz) = EZ5MXfg/42qNRl5yoDR/4x53cXBNoobwQRWwxbql97g= > -SIZE (snort-2.9.6.1.tar.gz) = 5226869 > +SHA256 (snort-2.9.7.0.tar.gz) = lziv6kXSC393mXzAAFXn3XD2rqAQEgnYfv7EvE6s5Js= > +SIZE (snort-2.9.7.0.tar.gz) = 6340553 > Index: patches/patch-etc_snort_conf > === > RCS file: /cvs/ports/net/snort/patches/patch-etc_snort_conf,v > retrieving revision 1.12 > diff -u -p -r1.12 patch-etc_snort_conf > --- patches/patch-etc_snort_conf 4 Jun 2014 03:17:12 - 1.12 > +++ patches/patch-etc_snort_conf 24 Dec 2014 21:22:01 - > @@ -2,9 +2,9 @@ $OpenBSD: patch-etc_snort_conf,v 1.12 20 > > reputation preprocessor disabled, still experimental > > etc/snort.conf.orig Thu Apr 3 17:25:10 2014 > -+++ etc/snort.conf Mon Jun 2 00:13:35 2014 > -@@ -101,13 +101,13 @@ ipvar AIM_SERVERS [64.12.24.0/23,64.12.28.0/23,64.12.1 > +--- etc/snort.conf.orig Mon Oct 13 11:44:08 2014 > etc/snort.conf Wed Dec 24 16:21:36 2014 > +@@ -101,17 +101,17 @@ ipvar AIM_SERVERS [64.12.24.0/23,64.12.28.0/23,64.12.1 > # Path to your rules files (this can be a relative path) > # Note for Windows users: You are advised to make this an absolute path, > # such as: c:\snort\rules > @@ -16,6 +16,10 @@ reputation preprocessor disabled, still > +var PREPROC_RULE_PATH ${SYSCONFDIR}/snort/preproc_rules > > # If you are using reputation preprocessor set these > + # Currently there is a bug with relative paths, they are relative to where > snort is > + # not relative to snort.conf like the above variables > + # This is completely inconsistent with how other vars work, BUG 89986 > + # Set the absolute path appropriately > -var WHITE_LIST_PATH ../rules > -var BLACK_LIST_PATH ../rules > +var WHITE_LIST_PATH ${SYSCONFDIR}/snort/rules > @@ -23,7 +27,7 @@ reputation preprocessor disabled, still > > ### > # Step #2: Configure the decoder. For more information, see README.decode > -@@ -138,7 +138,11 @@ config disable_ipopt_alerts > +@@ -142,7 +142,11 @@ config disable_ipopt_alerts > # config enable_decode_oversized_drops > > # Configure IP / TCP checksum mode > @@ -36,15 +40,16 @@ reputation preprocessor disabled, still > > # Configure maximum number of flowbit references. For more information, > see README.flowbits > # config flowbits_size: 64 > -@@ -154,6 +158,7 @@ config checksum_mode: all > +@@ -157,7 +161,7 @@ config checksum_mode: all > + # Configure DAQ related options for inline operation. For more information, > see README.daq > # > # config daq: > - # config daq_dir: > +-# config daq_dir: > +config daq_dir: ${PREFIX}/lib/daq/ > # config daq_mode: > # config daq_var: > # > -@@ -499,12 +504,12 @@ preprocessor dnp3: ports { 2 } \ > +@@ -503,12 +507,12 @@ preprocessor dnp3: ports { 2 } \ > check_crc > > # Reputation preprocessor. For more information see README.reputation > @@ -63,18 +68,19 @@ reputation preprocessor disabled, still > > ### > # Step #6: Configure output plugins > -@@ -538,8 +543,9 @@ include reference.config > +@@ -542,8 +546,10 @@ include reference.config
Re: UPDATE: net/snort 2.8.4.1
On Wednesday 27 May 2009 10:20:34 Markus Lude wrote: > Hello, > here is an update to snort 2.8.4.1. I marked the port as SHARED_ONLY as > pointed out by naddy some time ago on ports@ > > Please test and report which flavor/arch/output plugin you use/tested. > Thanks. Merge PFRAG.shared into the PLIST. > Regards, > Markus -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.
Re: UPDATE: net/snort 2.8.4.1
On Wed, May 27, 2009 at 10:37:46AM -0400, Brad wrote: > On Wednesday 27 May 2009 10:20:34 Markus Lude wrote: > > Hello, > > here is an update to snort 2.8.4.1. I marked the port as SHARED_ONLY as > > pointed out by naddy some time ago on ports@ > > > > Please test and report which flavor/arch/output plugin you use/tested. > > Thanks. > > Merge PFRAG.shared into the PLIST. Is this documented somewhere? New diff attached. Thanks Brad. Regards, Markus Index: Makefile === RCS file: /cvs/ports/net/snort/Makefile,v retrieving revision 1.53 diff -u -p -r1.53 Makefile --- Makefile12 Feb 2009 22:12:08 - 1.53 +++ Makefile27 May 2009 16:54:20 - @@ -1,8 +1,10 @@ # $OpenBSD: Makefile,v 1.53 2009/02/12 22:12:08 rui Exp $ +SHARED_ONLY = Yes + COMMENT = highly flexible sniffer/NIDS -DISTNAME = snort-2.8.3.2 +DISTNAME = snort-2.8.4.1 CATEGORIES = net security MASTER_SITES = ${HOMEPAGE}dl/ @@ -17,13 +19,14 @@ PERMIT_DISTFILES_CDROM = Yes PERMIT_DISTFILES_FTP = Yes WANTLIB = c m pcap -SHARED_LIBS = sf_engine 2.0 \ - sf_dns_preproc 2.0 \ - sf_ftptelnet_preproc 2.0 \ - sf_smtp_preproc 2.0 \ - sf_dcerpc_preproc 1.0 \ - sf_ssh_preproc 1.0 \ - sf_ssl_preproc 0.0 \ +SHARED_LIBS = sf_engine 3.0 \ + sf_dce2_preproc 0.0 \ + sf_dcerpc_preproc 2.0 \ + sf_dns_preproc 3.0 \ + sf_ftptelnet_preproc 3.0 \ + sf_smtp_preproc 3.0 \ + sf_ssh_preproc 2.0 \ + sf_ssl_preproc 1.0 \ _sfdynamic_example_rule 0.0 \ _sfdynamic_preprocessor_example 0.0 Index: distinfo === RCS file: /cvs/ports/net/snort/distinfo,v retrieving revision 1.17 diff -u -p -r1.17 distinfo --- distinfo12 Feb 2009 22:12:08 - 1.17 +++ distinfo27 May 2009 16:54:20 - @@ -1,5 +1,5 @@ -MD5 (snort-2.8.3.2.tar.gz) = 91VH2jNEbdtMoH7v2c4x3A== -RMD160 (snort-2.8.3.2.tar.gz) = IkPA8DLM1fFbRGGP2gCQRCbSz4Y= -SHA1 (snort-2.8.3.2.tar.gz) = P+Y1LMzcN4KPJS8GKwal+jEDXaw= -SHA256 (snort-2.8.3.2.tar.gz) = nsNBHGgekQcjTKBBAEJAidM3VCsCL4y1gPLrrlsEDD4= -SIZE (snort-2.8.3.2.tar.gz) = 4478448 +MD5 (snort-2.8.4.1.tar.gz) = Y/TnaulqLRM/THt0G61UWA== +RMD160 (snort-2.8.4.1.tar.gz) = jzijfJ8Wm6uVKUbMq6JMktJnuIA= +SHA1 (snort-2.8.4.1.tar.gz) = P/q7U2bAiJUv76sZqNwZzoTWJkU= +SHA256 (snort-2.8.4.1.tar.gz) = 7n95DrPfTmFWp8hl8boihVOUyePBP9xX1gqGRyZ/wgk= +SIZE (snort-2.8.4.1.tar.gz) = 4567713 Index: patches/patch-etc_snort_conf === RCS file: /cvs/ports/net/snort/patches/patch-etc_snort_conf,v retrieving revision 1.3 diff -u -p -r1.3 patch-etc_snort_conf --- patches/patch-etc_snort_conf12 Feb 2009 22:12:08 - 1.3 +++ patches/patch-etc_snort_conf27 May 2009 16:54:20 - @@ -1,6 +1,6 @@ $OpenBSD: patch-etc_snort_conf,v 1.3 2009/02/12 22:12:08 rui Exp $ etc/snort.conf.origMon Sep 15 18:28:02 2008 -+++ etc/snort.conf Thu Nov 6 17:44:46 2008 +--- etc/snort.conf.origWed Mar 11 14:22:03 2009 etc/snort.conf Wed Apr 8 12:47:17 2009 @@ -78,7 +78,10 @@ var SNMP_SERVERS $HOME_NET # like this: # Index: patches/patch-src_dynamic-plugins_sf_dynamic_plugins_c === RCS file: /cvs/ports/net/snort/patches/patch-src_dynamic-plugins_sf_dynamic_plugins_c,v retrieving revision 1.3 diff -u -p -r1.3 patch-src_dynamic-plugins_sf_dynamic_plugins_c --- patches/patch-src_dynamic-plugins_sf_dynamic_plugins_c 12 Feb 2009 22:12:08 - 1.3 +++ patches/patch-src_dynamic-plugins_sf_dynamic_plugins_c 27 May 2009 16:54:20 - @@ -1,7 +1,7 @@ $OpenBSD: patch-src_dynamic-plugins_sf_dynamic_plugins_c,v 1.3 2009/02/12 22:12:08 rui Exp $ src/dynamic-plugins/sf_dynamic_plugins.c.orig Wed Apr 30 20:53:15 2008 -+++ src/dynamic-plugins/sf_dynamic_plugins.c Fri Aug 8 14:57:43 2008 -@@ -227,8 +227,7 @@ void LoadAllLibs(char *path, LoadLibraryFunc loadFunc) +--- src/dynamic-plugins/sf_dynamic_plugins.c.orig Mon Jan 26 22:50:08 2009 src/dynamic-plugins/sf_dynamic_plugins.c Wed Apr 8 12:40:35 2009 +@@ -233,8 +233,7 @@ void LoadAllLibs(char *path, LoadLibraryFunc loadFunc) dirEntry = readdir(directory); while (dirEntry) { Index: patches/patch-src_dynamic-preprocessors_Makefile_in === RCS file: /cvs/ports/net/snort/patches/patch-src_dynamic-preprocessors_Makefile_in,v retrieving revision 1.3 diff -u -p -r1.3 patch-src_dy
Re: UPDATE: net/snort 2.8.4.1
On Wednesday 27 May 2009 12:57:31 Markus Lude wrote: > On Wed, May 27, 2009 at 10:37:46AM -0400, Brad wrote: > > On Wednesday 27 May 2009 10:20:34 Markus Lude wrote: > > > Hello, > > > here is an update to snort 2.8.4.1. I marked the port as SHARED_ONLY as > > > pointed out by naddy some time ago on ports@ > > > > > > Please test and report which flavor/arch/output plugin you use/tested. > > > Thanks. > > > > Merge PFRAG.shared into the PLIST. > > Is this documented somewhere? *shrug* I don't know. Most of the time if I go looking for something I don't know very well with ports it is usually not documented or not very well. Plus I've been working on ports for 10 1/2 years. Either way there are lots of examples in the ports tree... since you're setting SHARED_ONLY there is no need to keep the shared libraries/shared objects and anything else in PFRAG.shared there. -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.
Re: UPDATE: net/snort 2.8.4.1
On Wed, May 27, 2009 at 06:57:31PM +0200, Markus Lude wrote: > On Wed, May 27, 2009 at 10:37:46AM -0400, Brad wrote: > > On Wednesday 27 May 2009 10:20:34 Markus Lude wrote: > > > Hello, > > > here is an update to snort 2.8.4.1. I marked the port as SHARED_ONLY as > > > pointed out by naddy some time ago on ports@ > > > > > > Please test and report which flavor/arch/output plugin you use/tested. > > > Thanks. > > > > Merge PFRAG.shared into the PLIST. > > Is this documented somewhere? > > New diff attached. Thanks Brad. Download URL has changed after relaunch of snort.org. New diff attached. Regards, Markus Index: Makefile === RCS file: /cvs/ports/net/snort/Makefile,v retrieving revision 1.53 diff -u -p -r1.53 Makefile --- Makefile12 Feb 2009 22:12:08 - 1.53 +++ Makefile31 May 2009 07:59:35 - @@ -1,10 +1,12 @@ # $OpenBSD: Makefile,v 1.53 2009/02/12 22:12:08 rui Exp $ +SHARED_ONLY = Yes + COMMENT = highly flexible sniffer/NIDS -DISTNAME = snort-2.8.3.2 +DISTNAME = snort-2.8.4.1 CATEGORIES = net security -MASTER_SITES = ${HOMEPAGE}dl/ +MASTER_SITES = http://dl.snort.org/snort-current/ HOMEPAGE = http://www.snort.org/ @@ -17,13 +19,14 @@ PERMIT_DISTFILES_CDROM = Yes PERMIT_DISTFILES_FTP = Yes WANTLIB = c m pcap -SHARED_LIBS = sf_engine 2.0 \ - sf_dns_preproc 2.0 \ - sf_ftptelnet_preproc 2.0 \ - sf_smtp_preproc 2.0 \ - sf_dcerpc_preproc 1.0 \ - sf_ssh_preproc 1.0 \ - sf_ssl_preproc 0.0 \ +SHARED_LIBS = sf_engine 3.0 \ + sf_dce2_preproc 0.0 \ + sf_dcerpc_preproc 2.0 \ + sf_dns_preproc 3.0 \ + sf_ftptelnet_preproc 3.0 \ + sf_smtp_preproc 3.0 \ + sf_ssh_preproc 2.0 \ + sf_ssl_preproc 1.0 \ _sfdynamic_example_rule 0.0 \ _sfdynamic_preprocessor_example 0.0 Index: distinfo === RCS file: /cvs/ports/net/snort/distinfo,v retrieving revision 1.17 diff -u -p -r1.17 distinfo --- distinfo12 Feb 2009 22:12:08 - 1.17 +++ distinfo31 May 2009 07:59:35 - @@ -1,5 +1,5 @@ -MD5 (snort-2.8.3.2.tar.gz) = 91VH2jNEbdtMoH7v2c4x3A== -RMD160 (snort-2.8.3.2.tar.gz) = IkPA8DLM1fFbRGGP2gCQRCbSz4Y= -SHA1 (snort-2.8.3.2.tar.gz) = P+Y1LMzcN4KPJS8GKwal+jEDXaw= -SHA256 (snort-2.8.3.2.tar.gz) = nsNBHGgekQcjTKBBAEJAidM3VCsCL4y1gPLrrlsEDD4= -SIZE (snort-2.8.3.2.tar.gz) = 4478448 +MD5 (snort-2.8.4.1.tar.gz) = Y/TnaulqLRM/THt0G61UWA== +RMD160 (snort-2.8.4.1.tar.gz) = jzijfJ8Wm6uVKUbMq6JMktJnuIA= +SHA1 (snort-2.8.4.1.tar.gz) = P/q7U2bAiJUv76sZqNwZzoTWJkU= +SHA256 (snort-2.8.4.1.tar.gz) = 7n95DrPfTmFWp8hl8boihVOUyePBP9xX1gqGRyZ/wgk= +SIZE (snort-2.8.4.1.tar.gz) = 4567713 Index: patches/patch-etc_snort_conf === RCS file: /cvs/ports/net/snort/patches/patch-etc_snort_conf,v retrieving revision 1.3 diff -u -p -r1.3 patch-etc_snort_conf --- patches/patch-etc_snort_conf12 Feb 2009 22:12:08 - 1.3 +++ patches/patch-etc_snort_conf31 May 2009 07:59:35 - @@ -1,6 +1,6 @@ $OpenBSD: patch-etc_snort_conf,v 1.3 2009/02/12 22:12:08 rui Exp $ etc/snort.conf.origMon Sep 15 18:28:02 2008 -+++ etc/snort.conf Thu Nov 6 17:44:46 2008 +--- etc/snort.conf.origWed Mar 11 14:22:03 2009 etc/snort.conf Wed Apr 8 12:47:17 2009 @@ -78,7 +78,10 @@ var SNMP_SERVERS $HOME_NET # like this: # Index: patches/patch-src_dynamic-plugins_sf_dynamic_plugins_c === RCS file: /cvs/ports/net/snort/patches/patch-src_dynamic-plugins_sf_dynamic_plugins_c,v retrieving revision 1.3 diff -u -p -r1.3 patch-src_dynamic-plugins_sf_dynamic_plugins_c --- patches/patch-src_dynamic-plugins_sf_dynamic_plugins_c 12 Feb 2009 22:12:08 - 1.3 +++ patches/patch-src_dynamic-plugins_sf_dynamic_plugins_c 31 May 2009 07:59:35 - @@ -1,7 +1,7 @@ $OpenBSD: patch-src_dynamic-plugins_sf_dynamic_plugins_c,v 1.3 2009/02/12 22:12:08 rui Exp $ src/dynamic-plugins/sf_dynamic_plugins.c.orig Wed Apr 30 20:53:15 2008 -+++ src/dynamic-plugins/sf_dynamic_plugins.c Fri Aug 8 14:57:43 2008 -@@ -227,8 +227,7 @@ void LoadAllLibs(char *path, LoadLibraryFunc loadFunc) +--- src/dynamic-plugins/sf_dynamic_plugins.c.orig Mon Jan 26 22:50:08 2009 src/dynamic-plugins/sf_dynamic_plugins.c Wed Apr 8 12:40:35 2009 +@@ -233,8 +233,7 @@ void LoadAllLibs(char *path, LoadLibraryFunc loadFunc) dirEntry = readdir(directory); while (dirEntry)
Re: [UPDATE] net/snort 2.8.0
On Nov 28, 2007, at 6:21 PM, Markus Lude wrote: Hello, here is an update to snort 2.8.0. Please test/comment/commit/... Based on changes for 2.7.0.1 by Jason Dixon. Some added patches fix bus errors on sparc64 noticed by [EMAIL PROTECTED] Crashes on my alpha. I've sent you a new kdump offlist. --- Jason Dixon DixonGroup Consulting http://www.dixongroup.net
Re: [UPDATE] net/snort 2.8.0
On Thu, Nov 29, 2007 at 12:21:13AM +0100, Markus Lude wrote: > Hello, > here is an update to snort 2.8.0. Please test/comment/commit/... 2.8.0.1 is already out. please resubmit a diff to 2.8.0.1
Re: [UPDATE] net/snort 2.8.0
On Thu, Nov 29, 2007 at 12:21:13AM +0100, Markus Lude wrote: >Hello, >here is an update to snort 2.8.0. Please test/comment/commit/... > >Based on changes for 2.7.0.1 by Jason Dixon. >Some added patches fix bus errors on sparc64 noticed by [EMAIL PROTECTED] > >If noone other wants, I would take maintainership (not included in >diff). > >Regards, >Markus > Attached diff to apply after your diff. * Updated to 2.8.0.1 * Fixes flexresp flavor: http://marc.info/?l=snort-users&m=119099490314507&w=2 * Fixes prelude WANTLIB * Replaces depricated --with-mysql diff -ur ../snort.patched/Makefile ./Makefile --- ../snort.patched/Makefile Fri Nov 30 11:56:08 2007 +++ ./Makefile Fri Nov 30 11:59:14 2007 @@ -2,8 +2,7 @@ COMMENT= highly flexible sniffer/NIDS -DISTNAME= snort-2.8.0 -PKGNAME= ${DISTNAME} +DISTNAME= snort-2.8.0.1 CATEGORIES=net security MASTER_SITES= ${HOMEPAGE}/dl/current/ @@ -43,6 +42,9 @@ .if ${FLAVOR:L:Mflexresp} LIB_DEPENDS+= dnet.=1::net/libdnet CONFIGURE_ARGS+=--enable-flexresp2 + +MASTER_SITES0= http://ftp.secure.lv/pub/distfiles/ +PATCHFILES= respond2_patch.diff:0 .endif .if ${FLAVOR:L:Mpostgresql} @@ -52,13 +54,14 @@ .if ${FLAVOR:L:Mmysql} LIB_DEPENDS+= lib/mysql/mysqlclient.>=10::databases/mysql -CONFIGURE_ARGS+=--with-mysql="${LOCALBASE}" +CONFIGURE_ARGS+=--with-mysql-libraries="${LOCALBASE}/lib" \ + --with-mysql-includes="${LOCALBASE}/include" WANTLIB+= z .endif .if ${FLAVOR:L:Mprelude} MODULES= devel/gettext -WANTLIB+= gcrypt gpg-error pthread z +WANTLIB+= gcrypt gnutls gpg-error pthread z LIB_DEPENDS+= prelude.>=8::security/prelude/libprelude CONFIGURE_ARGS+=--enable-prelude MESSAGE= ${PKGDIR}/MESSAGE-prelude diff -ur ../snort.patched/distinfo ./distinfo --- ../snort.patched/distinfo Fri Nov 30 11:56:08 2007 +++ ./distinfo Fri Nov 30 11:59:54 2007 @@ -1,5 +1,10 @@ -MD5 (snort-2.8.0.tar.gz) = z7qxwuOc27iRISxL8V6C8w== -RMD160 (snort-2.8.0.tar.gz) = 2sNqSh/aYLZszcXHdKthqqD2yKg= -SHA1 (snort-2.8.0.tar.gz) = 8HuEoIcthhAGtWqManmmAwjdaLQ= -SHA256 (snort-2.8.0.tar.gz) = uaBzfTL2nEvnSySDJLQBc2Z7W8e09Yru9PInGi6oQtE= -SIZE (snort-2.8.0.tar.gz) = 4278872 +MD5 (respond2_patch.diff) = PbuGzELzemmJOZefznO2nw== +MD5 (snort-2.8.0.1.tar.gz) = u2UOjv6Fj1w8yx5HF3XX5w== +RMD160 (respond2_patch.diff) = FyVgr7CGRT+jzTMg+iyJbmgkfxI= +RMD160 (snort-2.8.0.1.tar.gz) = oLC+wvfMoNR6WYcIu/xpysr0ShI= +SHA1 (respond2_patch.diff) = IJhimg/OA7fMfov6qQCYA2DJlng= +SHA1 (snort-2.8.0.1.tar.gz) = s7RfptUDcvZYfNd2r0O0FSURljA= +SHA256 (respond2_patch.diff) = zzARQQev9cVyJscTaI8HaBbvBenvAn+TS67YIF3hpFo= +SHA256 (snort-2.8.0.1.tar.gz) = T6dP2/5nc2Kw/vImAm5/EQ196Fa6qtIbX+Pr0PYnsRI= +SIZE (respond2_patch.diff) = 48704 +SIZE (snort-2.8.0.1.tar.gz) = 4331731 diff -ur ../snort.patched/patches/patch-src_dynamic-preprocessors_Makefile_in ./patches/patch-src_dynamic-preprocessors_Makefile_in --- ../snort.patched/patches/patch-src_dynamic-preprocessors_Makefile_in Fri Nov 30 11:56:08 2007 +++ ./patches/patch-src_dynamic-preprocessors_Makefile_in Fri Nov 30 12:09:44 2007 @@ -1,7 +1,7 @@ $OpenBSD: patch-src_dynamic-preprocessors_Makefile_in,v 1.1 2006/10/10 13:33:17 aanriot Exp $ src/dynamic-preprocessors/Makefile.in.orig Fri Sep 7 20:31:51 2007 -+++ src/dynamic-preprocessors/Makefile.in Mon Nov 19 22:18:10 2007 -@@ -540,8 +540,7 @@ maintainer-clean-generic: +--- src/dynamic-preprocessors/Makefile.in.orig Wed Nov 14 16:32:47 2007 src/dynamic-preprocessors/Makefile.in Fri Nov 30 12:09:32 2007 +@@ -543,8 +543,7 @@ maintainer-clean-generic: @echo "This command is intended for maintainers to use" @echo "it deletes files that may require special tools to rebuild." -test -z "$(BUILT_SOURCES)" || rm -f $(BUILT_SOURCES) @@ -11,7 +11,7 @@ clean: clean-recursive clean-am: clean-generic clean-libtool clean-local mostlyclean-am -@@ -705,20 +704,6 @@ include/str_search.h: $(srcdir)/../preprocessors/str_s +@@ -700,20 +699,6 @@ include/str_search.h: $(srcdir)/../preprocessors/str_s clean-local: rm -rf include build diff -ur ../snort.patched/patches/patch-src_dynamic-preprocessors_dcerpc_Makefile_in ./patches/patch-src_dynamic-preprocessors_dcerpc_Makefile_in --- ../snort.patched/patches/patch-src_dynamic-preprocessors_dcerpc_Makefile_in Fri Nov 30 11:56:08 2007 +++ ./patches/patch-src_dynamic-preprocessors_dcerpc_Makefile_inFri Nov 30 12:09:44 2007 @@ -1,7 +1,7 @@ $OpenBSD$ src/dynamic-preprocessors/dcerpc/Makefile.in.orig Fri Sep 7 20:31:51 2007 -+++ src/dynamic-preprocessors/dcerpc/Makefile.in Mon Nov 19 22:18:11 2007 -@@ -392,7 +392,7 @@ distdir: $(DISTFILES) +--- src/dynamic-preprocessors/dcerpc/Makefile.in.orig Wed Nov 14 16:32:47 2007 src/dynamic-preprocessors/dcerpc/Makefile.in Fri Nov 30 12:09:32 2007 +@@ -394,7 +394,7 @@ distdir: $(DISTFILES) check-am: all-am check: $(BUILT_SOURCES) $(MAKE) $(AM_MAKEFLAGS) check
Re: [UPDATE] net/snort 2.8.0
On Fri, Nov 30 2007 at 34:12, Nikns Siankin wrote: > On Thu, Nov 29, 2007 at 12:21:13AM +0100, Markus Lude wrote: > >Hello, > >here is an update to snort 2.8.0. Please test/comment/commit/... > > > >Based on changes for 2.7.0.1 by Jason Dixon. > >Some added patches fix bus errors on sparc64 noticed by [EMAIL PROTECTED] > > > >If noone other wants, I would take maintainership (not included in > >diff). > > > >Regards, > >Markus > > > > Attached diff to apply after your diff. > > * Updated to 2.8.0.1 > * Fixes flexresp flavor: http://marc.info/?l=snort-users&m=119099490314507&w=2 > * Fixes prelude WANTLIB > * Replaces depricated --with-mysql Compile fine this time with flexresp. I'll test with prelude in the next few days. Thanks ! Claer
Re: [UPDATE] net/snort 2.8.0
works for me. follow msf@ advice, resubmit a diff to 2.8.0.1 and please take maintainership. Regards, rui On Thu, Nov 29, 2007 at 12:21:13AM +0100, Markus Lude wrote: > Hello, > here is an update to snort 2.8.0. Please test/comment/commit/... > > Based on changes for 2.7.0.1 by Jason Dixon. > Some added patches fix bus errors on sparc64 noticed by [EMAIL PROTECTED] > > If noone other wants, I would take maintainership (not included in > diff). > > Regards, > Markus > > Index: Makefile > === > RCS file: /cvs/ports/net/snort/Makefile,v > retrieving revision 1.51 > diff -u -p -r1.51 Makefile > --- Makefile 15 Sep 2007 22:36:59 - 1.51 > +++ Makefile 21 Nov 2007 00:43:34 - > @@ -2,14 +2,14 @@ > > COMMENT= highly flexible sniffer/NIDS > > -DISTNAME=snort-2.6.0.2 > -PKGNAME= ${DISTNAME}p1 > +DISTNAME=snort-2.8.0 > +PKGNAME= ${DISTNAME} > CATEGORIES= net security > MASTER_SITES=${HOMEPAGE}/dl/current/ > > HOMEPAGE= http://www.snort.org/ > > -# GPL > +# GPLv2 > PERMIT_PACKAGE_CDROM=Yes > PERMIT_PACKAGE_FTP= Yes > PERMIT_DISTFILES_CDROM= Yes > @@ -17,9 +17,11 @@ PERMIT_DISTFILES_FTP= Yes > WANTLIB= c m pcap > > SHARED_LIBS= sf_engine 0.0 \ > + sf_dcerpc_preproc 0.0 \ > sf_dns_preproc 0.0 \ > sf_ftptelnet_preproc 0.0 \ > - sf_smtp_preproc 0.0 > + sf_smtp_preproc 0.0 \ > + sf_ssh_preproc 0.0 > > USE_LIBTOOL= Yes > > @@ -62,10 +64,12 @@ CONFIGURE_ARGS+=--enable-prelude > MESSAGE= ${PKGDIR}/MESSAGE-prelude > .endif > > -CONFIGS= classification.config gen-msg.map generators reference.config \ > - sid sid-msg.map snort.conf threshold.conf unicode.map > +CONFIGS= classification.config gen-msg.map reference.config \ > + sid-msg.map snort.conf threshold.conf unicode.map > > -DOCS=AUTHORS CREDITS README.* *.pdf > +PREPROC= decoder.rules preprocessor.rules > + > +DOCS=AUTHORS CREDITS README README.* *.pdf TODO USAGE > WISHLIST > > post-build: > @perl -pi -e "s,%%SYSCONFDIR%%,${SYSCONFDIR}," \ > @@ -77,6 +81,11 @@ post-install: > ${INSTALL_DATA_DIR} ${PREFIX}/share/examples/snort > .for i in ${CONFIGS} > ${INSTALL_DATA} ${WRKSRC}/etc/${i} ${PREFIX}/share/examples/snort > +.endfor > + ${INSTALL_DATA} ${WRKSRC}/doc/generators ${PREFIX}/share/examples/snort > + > +.for i in ${PREPROC} > + ${INSTALL_DATA} ${WRKSRC}/preproc_rules/${i} > ${PREFIX}/share/examples/snort > .endfor > > ${INSTALL_DATA_DIR} ${PREFIX}/share/doc/snort > Index: distinfo > === > RCS file: /cvs/ports/net/snort/distinfo,v > retrieving revision 1.15 > diff -u -p -r1.15 distinfo > --- distinfo 5 Apr 2007 16:20:15 - 1.15 > +++ distinfo 21 Nov 2007 00:43:34 - > @@ -1,5 +1,5 @@ > -MD5 (snort-2.6.0.2.tar.gz) = XAlP9tgtuEWl8CPkpJIQPg== > -RMD160 (snort-2.6.0.2.tar.gz) = cG1j24O30DesinHIEEMk2bdZTrU= > -SHA1 (snort-2.6.0.2.tar.gz) = Gms/sZqC+Dvw/OWo226xJ3xyN5s= > -SHA256 (snort-2.6.0.2.tar.gz) = B716x7ZF0TgKzmWzPAZO1Y2dwhvXNrH3a8V13CLhpeI= > -SIZE (snort-2.6.0.2.tar.gz) = 3350277 > +MD5 (snort-2.8.0.tar.gz) = z7qxwuOc27iRISxL8V6C8w== > +RMD160 (snort-2.8.0.tar.gz) = 2sNqSh/aYLZszcXHdKthqqD2yKg= > +SHA1 (snort-2.8.0.tar.gz) = 8HuEoIcthhAGtWqManmmAwjdaLQ= > +SHA256 (snort-2.8.0.tar.gz) = uaBzfTL2nEvnSySDJLQBc2Z7W8e09Yru9PInGi6oQtE= > +SIZE (snort-2.8.0.tar.gz) = 4278872 > Index: patches/patch-etc_snort_conf > === > RCS file: /cvs/ports/net/snort/patches/patch-etc_snort_conf,v > retrieving revision 1.1 > diff -u -p -r1.1 patch-etc_snort_conf > --- patches/patch-etc_snort_conf 10 Oct 2006 13:33:17 - 1.1 > +++ patches/patch-etc_snort_conf 21 Nov 2007 00:43:34 - > @@ -1,22 +1,26 @@ > $OpenBSD: patch-etc_snort_conf,v 1.1 2006/10/10 13:33:17 aanriot Exp $ > etc/snort.conf.orig Wed Sep 13 21:44:31 2006 > -+++ etc/snort.conf Tue Oct 10 12:54:59 2006 > -@@ -82,6 +82,9 @@ var SNMP_SERVERS $HOME_NET > - # Port lists must either be continuous [eg 80:8080], or a single port [eg > 80]. > - # We will adding support for a real list of ports in the future. > - > +--- etc/snort.conf.orig Fri Sep 7 20:32:45 2007 > etc/snort.conf Mon Nov 19 22:23:57 2007 > +@@ -78,7 +78,10 @@ var SNMP_SERVERS $HOME_NET > + # like this: > + # > + # portvar HTTP_PORTS 8081 > +-# > ++ > +# Ports you run ssh servers on > -+var SSH_PORTS 22 > ++portvar SSH_PORTS 22 > + > # Ports you run web servers on > - # > - # Please note: [80,8080] does not work. > -@@ -108,7 +111,7 @@ var AIM_SERVERS [64.12.24.0/23,64.12.28. > + portvar HTTP_PORTS 80 > + > +@@ -107,8 +110,8 @@ var AIM_SERVERS [64.12.24.0/23,64.12.28.0/23,64.12.161 > # Path to your rules fil
Re: [UPDATE] net/snort 2.8.0
On Thu, Nov 29 2007 at 21:00, Markus Lude wrote: > Hello, > here is an update to snort 2.8.0. Please test/comment/commit/... Does not compile on i386 with FLAVOR="flexresp" on 4.2-stable > Based on changes for 2.7.0.1 by Jason Dixon. > Some added patches fix bus errors on sparc64 noticed by [EMAIL PROTECTED] > > If noone other wants, I would take maintainership (not included in > diff). > > Regards, > Markus > Here is the compile error cc -DHAVE_CONFIG_H -I. -I../.. -I/usr/ports/dynetcom/snort/w-snort-2.8.0-flexresp/snort-2.8.0/src/detection-plugins -I/usr/ports/dynetcom/snort/w-snort-2.8.0-flexresp/snort-2.8.0 -I/usr/ports/dynetcom/snort/w-snort-2.8.0-flexresp/snort-2.8.0/src -I/usr/ports/dynetcom/snort/w-snort-2.8.0-flexresp/snort-2.8.0/src/sfutil -I/usr/ports/dynetcom/snort/w-snort-2.8.0-flexresp/snort-2.8.0/src/output-plugins -I/usr/ports/dynetcom/snort/w-snort-2.8.0-flexresp/snort-2.8.0/src/detection-plugins -I/usr/ports/dynetcom/snort/w-snort-2.8.0-flexresp/snort-2.8.0/src/dynamic-plugins -I/usr/ports/dynetcom/snort/w-snort-2.8.0-flexresp/snort-2.8.0/src/preprocessors -I/usr/ports/dynetcom/snort/w-snort-2.8.0-flexresp/snort-2.8.0/src/preprocessors/flow -I/usr/ports/dynetcom/snort/w-snort-2.8.0-flexresp/snort-2.8.0/src/preprocessors/portscan -I/usr/ports/dynetcom/snort/w-snort-2.8.0-flexresp/snort-2.8.0/src/preprocessors/flow/int-snort -I/usr/ports/dynetcom/snort/w-snort-2.8.0-flexresp/snort-2.8.0/src/preprocessors/HttpInspect/include -I/usr/ports/dynetcom/snort/w-snort-2.8.0-flexresp/snort-2.8.0/src/preprocessors/Stream5 -I/usr/ports/dynetcom/snort/w-snort-2.8.0-flexresp/snort-2.8.0/src/target-based -I/usr/local/include -DENABLE_RESPONSE2 -I/usr/local/include -O2 -pipe -Wall -DDYNAMIC_PLUGIN -c /usr/ports/dynetcom/snort/w-snort-2.8.0-flexresp/snort-2.8.0/src/detection-plugins/sp_respond2.c In file included from /usr/ports/dynetcom/snort/w-snort-2.8.0-flexresp/snort-2.8.0/src/decode.h:49, from /usr/ports/dynetcom/snort/w-snort-2.8.0-flexresp/snort-2.8.0/src/detection-plugins/sp_respond2.c:99: /usr/ports/dynetcom/snort/w-snort-2.8.0-flexresp/snort-2.8.0/src/ipv6_port.h:71: error: conflicting types for `ip_t' /usr/local/include/dnet/ip.h:411: error: previous declaration of `ip_t' In file included from /usr/ports/dynetcom/snort/w-snort-2.8.0-flexresp/snort-2.8.0/src/detection-plugins/sp_respond2.c:99: /usr/ports/dynetcom/snort/w-snort-2.8.0-flexresp/snort-2.8.0/src/decode.h:948:1: warning: "IP_PROTO_HOPOPTS" redefined In file included from /usr/local/include/dnet.h:15, from /usr/ports/dynetcom/snort/w-snort-2.8.0-flexresp/snort-2.8.0/src/detection-plugins/sp_respond2.c:97: /usr/local/include/dnet/ip.h:97:1: warning: this is the location of the previous definition /usr/ports/dynetcom/snort/w-snort-2.8.0-flexresp/snort-2.8.0/src/detection-plugins/sp_respond2.c: In function `Respond2Init': /usr/ports/dynetcom/snort/w-snort-2.8.0-flexresp/snort-2.8.0/src/detection-plugins/sp_respond2.c:260: warning: assignment from incompatible pointer type /usr/ports/dynetcom/snort/w-snort-2.8.0-flexresp/snort-2.8.0/src/detection-plugins/sp_respond2.c: In function `Respond2Restart': /usr/ports/dynetcom/snort/w-snort-2.8.0-flexresp/snort-2.8.0/src/detection-plugins/sp_respond2.c:299: warning: passing arg 1 of `ip_close' from incompatible pointer type /usr/ports/dynetcom/snort/w-snort-2.8.0-flexresp/snort-2.8.0/src/detection-plugins/sp_respond2.c:299: warning: assignment from incompatible pointer type /usr/ports/dynetcom/snort/w-snort-2.8.0-flexresp/snort-2.8.0/src/detection-plugins/sp_respond2.c: In function `SendReset': /usr/ports/dynetcom/snort/w-snort-2.8.0-flexresp/snort-2.8.0/src/detection-plugins/sp_respond2.c:682: warning: passing arg 1 of `ip_send' from incompatible pointer type /usr/ports/dynetcom/snort/w-snort-2.8.0-flexresp/snort-2.8.0/src/detection-plugins/sp_respond2.c: In function `SendUnreach': /usr/ports/dynetcom/snort/w-snort-2.8.0-flexresp/snort-2.8.0/src/detection-plugins/sp_respond2.c:806: warning: passing arg 1 of `ip_send' from incompatible pointer type *** Error code 1 Stop in /usr/ports/dynetcom/snort/w-snort-2.8.0-flexresp/build-i386-flexresp/src/detection-plugins. *** Error code 1 Claer
Re: [UPDATE] net/snort 2.8.0.1
On Sat, Dec 01, 2007 at 01:42:41PM +0100, Markus Lude wrote: > On Fri, Nov 30, 2007 at 12:34:06PM +0200, Nikns Siankin wrote: > > On Thu, Nov 29, 2007 at 12:21:13AM +0100, Markus Lude wrote: > > >Hello, > > >here is an update to snort 2.8.0. Please test/comment/commit/... > > > > > >Based on changes for 2.7.0.1 by Jason Dixon. > > >Some added patches fix bus errors on sparc64 noticed by [EMAIL PROTECTED] > > > > > >If noone other wants, I would take maintainership (not included in > > >diff). > > > > > >Regards, > > >Markus > > > > > > > Attached diff to apply after your diff. > > Thanks for the diff. > > > * Updated to 2.8.0.1 > > * Fixes flexresp flavor: > > http://marc.info/?l=snort-users&m=119099490314507&w=2 > > Main problem here: one hunk of the distpatch file for > src/preprocessors/stream.h conflicts with a patch. I solved this by > removing that hunk from the distpatch file and do the patch in > post-patch. > > Some questions here: > * Is it ok to use this distpatch file? IMO this makes it easier to get > rid of it when the stuff made it upstream in the next release > * Is there some prefered way to resolve conflicts between a distpatch > file which is used only for a flavor and the normal patches? no comments? > > * Fixes prelude WANTLIB > > * Replaces depricated --with-mysql > > Fixed flavors stuff. > > New diff against CVS attached. Please test/comment/commit/... Did anyone test that last diff? The only known issue so far seems crashes on the alpha from Jason Dixon. Sadly there wasn't any core left yet which makes it difficult to find the cause of this. Regards, Markus
Re: UPDATE: net/snort-2.8.6.1
On Sun, Aug 22, 2010 at 01:30:28PM +0200, Aleksander Piotrowski wrote: > Markus Lude wrote: > > > On Wed, Jul 28, 2010 at 03:45:48PM +0200, viq wrote: > > > > > > And looks like it's time to deal with it, as I can't fetch the distfile > > > right now... I guess the reason is the 2.8.6.1 release, though it's > > > highly annoying that older release sources are not available anymore... > > > > I contacted upstream about the old tar ball. Hopefully they'll fix it > > soon. > > > > For those interested, here's an update to 2.8.6.1. Still testing it > > myself. Tests welcome, especially with flavored versions. I mainly use > > the unflavored one, testing on i386 and sparc64. > > looks okey to me except pkg/PLIST. make plist says that PLIST has > changes: > > --- pkg/PLIST.orig Mon Jul 12 13:38:40 2010 > +++ pkg/PLIST Sun Aug 22 05:27:33 2010 > @@ -33,7 +33,6 @@ > lib/snort_dynamicpreprocessor/libsf_ssl_preproc.a > @comment lib/snort_dynamicpreprocessor/libsf_ssl_preproc.la > lib/snort_dynamicpreprocessor/libsf_ssl_preproc.so > -lib/snort_dynamicrules/ > @man man/man8/snort.8 > share/doc/snort/ > share/doc/snort/AUTHORS > > what is this directory for? This is for precompiled .so rules. I think could remove it from plist. Also a patch to fix header usage after some changes there. Attached is a new diff. Please test and commit. Regards, Markus Index: Makefile === RCS file: /cvs/ports/net/snort/Makefile,v retrieving revision 1.57 diff -u -p -r1.57 Makefile --- Makefile12 Jul 2010 19:38:40 - 1.57 +++ Makefile9 Sep 2010 11:08:01 - @@ -4,12 +4,8 @@ SHARED_ONLY = Yes COMMENT = highly flexible sniffer/NIDS -# Original URL http://dl.snort.org/downloads/14 redirects to a -# time-limited Amazon S3 url. This would mean a bad distfile name. -# The following hack allows it to work but XXX if updating, the -# MASTER_SITES URL will need to be adjusted, not just DISTNAME. -DISTNAME = snort-2.8.6 -MASTER_SITES = http://dl.snort.org/downloads/14?/ +DISTNAME = snort-2.8.6.1 +MASTER_SITES = http://www.snort.org/ports/snort-current/ CATEGORIES = net security @@ -22,7 +18,7 @@ PERMIT_PACKAGE_CDROM =Yes PERMIT_PACKAGE_FTP = Yes PERMIT_DISTFILES_CDROM = Yes PERMIT_DISTFILES_FTP = Yes -WANTLIB = c m pcap +WANTLIB = c m pcap pcre USE_LIBTOOL = Yes @@ -34,33 +30,35 @@ CONFIGURE_ARGS += ${CONFIGURE_SHARED} \ MAKE_FLAGS = mandir=${TRUEPREFIX}/man -LIB_DEPENDS = pcre::devel/pcre +LIB_DEPENDS = ::devel/pcre FLAVORS = postgresql mysql flexresp prelude FLAVOR ?= .if ${FLAVOR:L:Mflexresp} -LIB_DEPENDS += dnet.=1::net/libdnet +LIB_DEPENDS += ::net/libdnet CONFIGURE_ARGS += --enable-flexresp2 +WANTLIB += dnet.=1 .endif .if ${FLAVOR:L:Mpostgresql} -LIB_DEPENDS += pq.>=2::databases/postgresql +LIB_DEPENDS += ::databases/postgresql CONFIGURE_ARGS += --with-postgresql="${LOCALBASE}" +WANTLIB += pq .endif .if ${FLAVOR:L:Mmysql} -LIB_DEPENDS += lib/mysql/mysqlclient.>=10::databases/mysql +LIB_DEPENDS += ::databases/mysql CONFIGURE_ARGS += --with-mysql-libraries="${LOCALBASE}/lib" \ --with-mysql-includes="${LOCALBASE}/include" -WANTLIB += z +WANTLIB += lib/mysql/mysqlclient z .endif .if ${FLAVOR:L:Mprelude} MODULES = devel/gettext -WANTLIB += gcrypt gnutls gpg-error pthread tasn1 z -LIB_DEPENDS += prelude.>=8::security/prelude/libprelude +LIB_DEPENDS += ::security/prelude/libprelude CONFIGURE_ARGS += --enable-prelude +WANTLIB += gcrypt gnutls gpg-error prelude pthread tasn1 z MESSAGE = ${PKGDIR}/MESSAGE-prelude .endif Index: distinfo === RCS file: /cvs/ports/net/snort/distinfo,v retrieving revision 1.19 diff -u -p -r1.19 distinfo --- distinfo12 Jul 2010 19:38:40 - 1.19 +++ distinfo9 Sep 2010 11:08:01 - @@ -1,5 +1,5 @@ -MD5 (snort-2.8.6.tar.gz) = scLT3bHAqFmkfFox0Z5grQ== -RMD160 (snort-2.8.6.tar.gz) = W1Seqzmm4KDxgvbS7kb9YJlcgi4= -SHA1 (snort-2.8.6.tar.gz) = 5GPJmZTlIXFDliPhsFueG88BrI8= -SHA256 (snort-2.8.6.tar.gz) = YGTXu3jWQ4tFX/NJuT1S9A05d/H+yx15WMh4gbADA1g= -SIZE (snort-2.8.6.tar.gz) = 4960740 +MD5 (snort-2.8.6.1.tar.gz) = sRGTlqMunfDYBATktsSRZg== +RMD160 (snort-2.8.6.1.tar.gz) = J5JcDfnevJ5g4ZoMmJ2yjI0cp/A= +SHA1 (snort-2.8.6.1.tar.gz) = ZumR8VH2quXc3ukqvICSzVCKKqo= +SHA256 (snort-2.8.6.1.tar.gz) = epSO8jXFmxk8oIg7BKDT70zFJQ+TPK/E0G/u1XFQriM= +SIZE (snort-2.8.6.1.tar.gz) = 4939019 Index: patches/patch-src_dynamic-examples_dynamic-preprocessor_Makefile_in ==
Re: UPDATE: net/snort-2.8.5.1
On Sun, Oct 25, 2009 at 05:36:50PM +0100, Markus Lude wrote: > Hello, > here is an update to latest snort version 2.8.5.1. I enabled support for > IPv6. Beside that I removed the example libraries. I think, one don't > really need them. > > You now need to add the correct library version number to > libsf_engine.so in the dynamicengine config line in your snort.conf. > This applies only to those which use an older already adjusted > snort.conf. The one in the diff below already has it. Should I add a > MESSAGE file for this? > > Please test and report which flavor/arch/output_plugin you use/tested. > Thanks. Did anyone had a look at this? Regards, Markus > Index: Makefile > === > RCS file: /cvs/ports/net/snort/Makefile,v > retrieving revision 1.54 > diff -u -p -r1.54 Makefile > --- Makefile 16 Aug 2009 13:31:27 - 1.54 > +++ Makefile 25 Oct 2009 16:27:18 - > @@ -4,7 +4,7 @@ SHARED_ONLY = Yes > > COMMENT =highly flexible sniffer/NIDS > > -DISTNAME = snort-2.8.4.1 > +DISTNAME = snort-2.8.5.1 > CATEGORIES = net security > MASTER_SITES = http://dl.snort.org/snort-current/ > > @@ -19,22 +19,23 @@ PERMIT_DISTFILES_CDROM = Yes > PERMIT_DISTFILES_FTP = Yes > WANTLIB =c m pcap > > -SHARED_LIBS =sf_engine 3.0 \ > - sf_dce2_preproc 0.0 \ > - sf_dcerpc_preproc 2.0 \ > - sf_dns_preproc 3.0 \ > - sf_ftptelnet_preproc 3.0 \ > - sf_smtp_preproc 3.0 \ > - sf_ssh_preproc 2.0 \ > - sf_ssl_preproc 1.0 \ > - _sfdynamic_example_rule 0.0 \ > - _sfdynamic_preprocessor_example 0.0 > +ENGINE_VER = 4.0 > + > +SHARED_LIBS =sf_engine ${ENGINE_VER} \ > + sf_dce2_preproc 1.0 \ > + sf_dcerpc_preproc 3.0 \ > + sf_dns_preproc 4.0 \ > + sf_ftptelnet_preproc 4.0 \ > + sf_smtp_preproc 4.0 \ > + sf_ssh_preproc 3.0 \ > + sf_ssl_preproc 2.0 > > USE_LIBTOOL =Yes > > SEPARATE_BUILD = concurrent > CONFIGURE_STYLE =simple > CONFIGURE_ARGS +=${CONFIGURE_SHARED} \ > + --enable-ipv6 \ > --enable-dynamicplugin > > MAKE_FLAGS = mandir=${TRUEPREFIX}/man > @@ -84,6 +85,8 @@ DOCS = AUTHORS CREDITS README README.* > > SCHEMAS =create_db2 create_mssql create_mysql \ > create_oracle.sql create_postgresql > + > +SUBST_VARS +=ENGINE_VER > > pre-configure: > @${SUBST_CMD} ${WRKSRC}/etc/snort.conf > Index: distinfo > === > RCS file: /cvs/ports/net/snort/distinfo,v > retrieving revision 1.18 > diff -u -p -r1.18 distinfo > --- distinfo 16 Aug 2009 13:31:27 - 1.18 > +++ distinfo 25 Oct 2009 16:27:18 - > @@ -1,5 +1,5 @@ > -MD5 (snort-2.8.4.1.tar.gz) = Y/TnaulqLRM/THt0G61UWA== > -RMD160 (snort-2.8.4.1.tar.gz) = jzijfJ8Wm6uVKUbMq6JMktJnuIA= > -SHA1 (snort-2.8.4.1.tar.gz) = P/q7U2bAiJUv76sZqNwZzoTWJkU= > -SHA256 (snort-2.8.4.1.tar.gz) = 7n95DrPfTmFWp8hl8boihVOUyePBP9xX1gqGRyZ/wgk= > -SIZE (snort-2.8.4.1.tar.gz) = 4567713 > +MD5 (snort-2.8.5.1.tar.gz) = savzqfo0hnIMmite/5IEFw== > +RMD160 (snort-2.8.5.1.tar.gz) = +/q0Xx19gVUWBDWS6rjPHMbsk9A= > +SHA1 (snort-2.8.5.1.tar.gz) = uXEFLN1LNSegYDhUlTED/prYpFs= > +SHA256 (snort-2.8.5.1.tar.gz) = reGw9K50/WI8Yz0otvFCkYd1GzWzaj+KDBl9IQS15a4= > +SIZE (snort-2.8.5.1.tar.gz) = 4715078 > Index: patches/patch-etc_snort_conf > === > RCS file: /cvs/ports/net/snort/patches/patch-etc_snort_conf,v > retrieving revision 1.4 > diff -u -p -r1.4 patch-etc_snort_conf > --- patches/patch-etc_snort_conf 16 Aug 2009 13:31:27 - 1.4 > +++ patches/patch-etc_snort_conf 25 Oct 2009 16:27:18 - > @@ -1,19 +1,17 @@ > $OpenBSD: patch-etc_snort_conf,v 1.4 2009/08/16 13:31:27 rui Exp $ > etc/snort.conf.orig Wed Mar 11 14:22:03 2009 > -+++ etc/snort.conf Wed Apr 8 12:47:17 2009 > -@@ -78,7 +78,10 @@ var SNMP_SERVERS $HOME_NET > - # like this: > - # > - # portvar HTTP_PORTS 8081 > --# > -+ > +--- etc/snort.conf.orig Tue Jul 7 21:59:55 2009 > etc/snort.conf Thu Aug 20 19:39:06 2009 > +@@ -99,6 +99,9 @@ portvar HTTP_PORTS 80 > + # including the rules file twice is obsolete. See README.variables for more > + # details. > + > +# Ports you run ssh servers on > +portvar SSH_PORTS 22 > + > - # Ports you run web servers on > - portvar HTTP_PORTS 80 > + # Ports you want to look for SHELLCODE on. > + portvar SHELLCODE_PORTS !80 > > -@@ -107,8 +110,8 @@ var AIM_SERV
Re: UPDATE: net/snort-2.8.5.1
On Tue, Nov 24, 2009 at 10:23 AM, Markus Lude wrote: > On Sun, Oct 25, 2009 at 05:36:50PM +0100, Markus Lude wrote: >> Hello, >> here is an update to latest snort version 2.8.5.1. I enabled support for >> IPv6. Beside that I removed the example libraries. I think, one don't >> really need them. >> >> You now need to add the correct library version number to >> libsf_engine.so in the dynamicengine config line in your snort.conf. >> This applies only to those which use an older already adjusted >> snort.conf. The one in the diff below already has it. Should I add a >> MESSAGE file for this? >> >> Please test and report which flavor/arch/output_plugin you use/tested. >> Thanks. > > Did anyone had a look at this? Patch works OK for me in testing on i386 using the mysql flavor. I can only test IPv6 with link local (I'm glad v6 is now enabled by default). I have reservations about 2.8.5 and have not had time to research it for production use. I think it does away with threshold.conf and we'll need time to research and test that before deploying. Perhaps next semester I'll have more time to experiment with it. Anyway, this patch built and worked fine for me. Hope this helps, Brad
Re: UPDATE: net/snort-2.8.5.1
On Tue, Nov 24, 2009 at 10:23 AM, Markus Lude wrote: > On Sun, Oct 25, 2009 at 05:36:50PM +0100, Markus Lude wrote: >> Hello, >> here is an update to latest snort version 2.8.5.1. I enabled support for >> IPv6. Beside that I removed the example libraries. I think, one don't >> really need them. >> >> You now need to add the correct library version number to >> libsf_engine.so in the dynamicengine config line in your snort.conf. >> This applies only to those which use an older already adjusted >> snort.conf. The one in the diff below already has it. Should I add a >> MESSAGE file for this? >> >> Please test and report which flavor/arch/output_plugin you use/tested. >> Thanks. > > Did anyone had a look at this? Works OK on amd64 flavor mysql.
Re: UPDATE: net/snort-2.8.5.1
On Tue, Nov 24, 2009 at 04:23:39PM +0100, Markus Lude wrote: > On Sun, Oct 25, 2009 at 05:36:50PM +0100, Markus Lude wrote: > > Hello, > > here is an update to latest snort version 2.8.5.1. I enabled support for > > IPv6. Beside that I removed the example libraries. I think, one don't > > really need them. > > > > You now need to add the correct library version number to > > libsf_engine.so in the dynamicengine config line in your snort.conf. > > This applies only to those which use an older already adjusted > > snort.conf. The one in the diff below already has it. Should I add a > > MESSAGE file for this? > > > > Please test and report which flavor/arch/output_plugin you use/tested. > > Thanks. Could someone please commit this or are there any problems/suggestions? Thanks. Regards, Markus Index: Makefile === RCS file: /cvs/ports/net/snort/Makefile,v retrieving revision 1.54 diff -u -p -r1.54 Makefile --- Makefile16 Aug 2009 13:31:27 - 1.54 +++ Makefile25 Oct 2009 16:27:18 - @@ -4,7 +4,7 @@ SHARED_ONLY = Yes COMMENT = highly flexible sniffer/NIDS -DISTNAME = snort-2.8.4.1 +DISTNAME = snort-2.8.5.1 CATEGORIES = net security MASTER_SITES = http://dl.snort.org/snort-current/ @@ -19,22 +19,23 @@ PERMIT_DISTFILES_CDROM = Yes PERMIT_DISTFILES_FTP = Yes WANTLIB = c m pcap -SHARED_LIBS = sf_engine 3.0 \ - sf_dce2_preproc 0.0 \ - sf_dcerpc_preproc 2.0 \ - sf_dns_preproc 3.0 \ - sf_ftptelnet_preproc 3.0 \ - sf_smtp_preproc 3.0 \ - sf_ssh_preproc 2.0 \ - sf_ssl_preproc 1.0 \ - _sfdynamic_example_rule 0.0 \ - _sfdynamic_preprocessor_example 0.0 +ENGINE_VER = 4.0 + +SHARED_LIBS = sf_engine ${ENGINE_VER} \ + sf_dce2_preproc 1.0 \ + sf_dcerpc_preproc 3.0 \ + sf_dns_preproc 4.0 \ + sf_ftptelnet_preproc 4.0 \ + sf_smtp_preproc 4.0 \ + sf_ssh_preproc 3.0 \ + sf_ssl_preproc 2.0 USE_LIBTOOL = Yes SEPARATE_BUILD = concurrent CONFIGURE_STYLE = simple CONFIGURE_ARGS += ${CONFIGURE_SHARED} \ + --enable-ipv6 \ --enable-dynamicplugin MAKE_FLAGS = mandir=${TRUEPREFIX}/man @@ -84,6 +85,8 @@ DOCS =AUTHORS CREDITS README README.* SCHEMAS = create_db2 create_mssql create_mysql \ create_oracle.sql create_postgresql + +SUBST_VARS += ENGINE_VER pre-configure: @${SUBST_CMD} ${WRKSRC}/etc/snort.conf Index: distinfo === RCS file: /cvs/ports/net/snort/distinfo,v retrieving revision 1.18 diff -u -p -r1.18 distinfo --- distinfo16 Aug 2009 13:31:27 - 1.18 +++ distinfo25 Oct 2009 16:27:18 - @@ -1,5 +1,5 @@ -MD5 (snort-2.8.4.1.tar.gz) = Y/TnaulqLRM/THt0G61UWA== -RMD160 (snort-2.8.4.1.tar.gz) = jzijfJ8Wm6uVKUbMq6JMktJnuIA= -SHA1 (snort-2.8.4.1.tar.gz) = P/q7U2bAiJUv76sZqNwZzoTWJkU= -SHA256 (snort-2.8.4.1.tar.gz) = 7n95DrPfTmFWp8hl8boihVOUyePBP9xX1gqGRyZ/wgk= -SIZE (snort-2.8.4.1.tar.gz) = 4567713 +MD5 (snort-2.8.5.1.tar.gz) = savzqfo0hnIMmite/5IEFw== +RMD160 (snort-2.8.5.1.tar.gz) = +/q0Xx19gVUWBDWS6rjPHMbsk9A= +SHA1 (snort-2.8.5.1.tar.gz) = uXEFLN1LNSegYDhUlTED/prYpFs= +SHA256 (snort-2.8.5.1.tar.gz) = reGw9K50/WI8Yz0otvFCkYd1GzWzaj+KDBl9IQS15a4= +SIZE (snort-2.8.5.1.tar.gz) = 4715078 Index: patches/patch-etc_snort_conf === RCS file: /cvs/ports/net/snort/patches/patch-etc_snort_conf,v retrieving revision 1.4 diff -u -p -r1.4 patch-etc_snort_conf --- patches/patch-etc_snort_conf16 Aug 2009 13:31:27 - 1.4 +++ patches/patch-etc_snort_conf25 Oct 2009 16:27:18 - @@ -1,19 +1,17 @@ $OpenBSD: patch-etc_snort_conf,v 1.4 2009/08/16 13:31:27 rui Exp $ etc/snort.conf.origWed Mar 11 14:22:03 2009 -+++ etc/snort.conf Wed Apr 8 12:47:17 2009 -@@ -78,7 +78,10 @@ var SNMP_SERVERS $HOME_NET - # like this: - # - # portvar HTTP_PORTS 8081 --# -+ +--- etc/snort.conf.origTue Jul 7 21:59:55 2009 etc/snort.conf Thu Aug 20 19:39:06 2009 +@@ -99,6 +99,9 @@ portvar HTTP_PORTS 80 + # including the rules file twice is obsolete. See README.variables for more + # details. + +# Ports you run ssh servers on +portvar SSH_PORTS 22 + - # Ports you run web servers on - portvar HTTP_PORTS 80 + # Ports you want to look for SHELLCODE on. + portvar SHELLCODE_PORTS !80 -@@ -107,8 +110,8 @@ var AIM_SERVERS [64.12.24.0/23,64.12.28.0
Re: UPDATE: net/snort-2.8.5.1
Markus Lude wrote: On Tue, Nov 24, 2009 at 04:23:39PM +0100, Markus Lude wrote: On Sun, Oct 25, 2009 at 05:36:50PM +0100, Markus Lude wrote: Hello, here is an update to latest snort version 2.8.5.1. I enabled support for IPv6. Beside that I removed the example libraries. I think, one don't really need them. You now need to add the correct library version number to libsf_engine.so in the dynamicengine config line in your snort.conf. This applies only to those which use an older already adjusted snort.conf. The one in the diff below already has it. Should I add a MESSAGE file for this? Please test and report which flavor/arch/output_plugin you use/tested. Thanks. Could someone please commit this or are there any problems/suggestions? Thanks. Regards, Markus Hi, Thank you very much for this port. All the following packages built nicely with no errors ls -l /home/ports/packages/amd64/all/snort* (New Ports from Markus Lude) /home/ports/packages/amd64/all/snort-2.8.5.1-postgresql-prelude.tgz -rw-r--r-- 3 root wheel 2117246 Dec 11 10:22 /home/ports/packages/amd64/all/snort-2.8.5.1-postgresql.tgz -rw-r--r-- 3 root wheel 2115612 Dec 11 10:20 /home/ports/packages/amd64/all/snort-2.8.5.1.tgz -rw-r--r-- 3 root wheel 1997674 Nov 28 22:11 (Ports that worked well on -current from November 2009) /home/ports/packages/amd64/all/snort-2.8.4.1.tgz -rw-r--r-- 3 root wheel 2123258 Dec 11 10:25 /home/ports/packages/amd64/all/snort-2.8.4.1-mysql-prelude.tgz -rw-r--r-- 3 root wheel 1994255 Nov 28 22:06 /home/ports/packages/amd64/all/snort-2.8.4.1-mysql.tgz -rw-r--r-- 3 root wheel 1998762 Nov 28 22:14 /home/ports/packages/amd64/all/snort-2.8.4.1-postgresql-prelude.tgz -rw-r--r-- 3 root wheel 1994979 Nov 28 22:04 /home/ports/packages/amd64/all/snort-2.8.4.1-postgresql.tgz -rw-r--r-- 3 root wheel 1996526 Nov 28 22:17 /home/ports/packages/amd64/all/snort-2.8.4.1-prelude.tgz -rw-r--r-- 3 root wheel 1993836 Nov 30 15:14 I am now testing the top three against my rulesets on i386 -current from Nov 25, 2009 and amd64 -current from Nov 28 2009. So far no problems. Will report back after running it for two days on some Internet -facing hosts, if there are any problems. Thanks again, Vijay -- Vijay Sankar, M.Eng., P.Eng. ForeTell Technologies Limited 59 Flamingo Avenue, Winnipeg, MB, Canada R3J 0X6 Phone: (204) 885-9535, E-Mail: vsan...@foretell.ca
Re: UPDATE: net/snort-2.8.5.1
On 2009-10-25, Markus Lude wrote: > You now need to add the correct library version number to > libsf_engine.so in the dynamicengine config line in your snort.conf. > This applies only to those which use an older already adjusted > snort.conf. The one in the diff below already has it. Should I add a > MESSAGE file for this? This is a bit of a problem, it means users will need to hand-edit their config file every time they upgrade. Were you able to work out what changed between releases that has made this necessary? dlopen(3) should be quite capable of locating the library from the basename without specifying the particular version... Alternatively, does it even make sense to give this a versioned filename? Plugins for e.g. php, apache and others typically just use unversioned names.
Re: UPDATE: net/snort-2.8.5.1
On Wed, Dec 16, 2009 at 03:02:59PM +, Stuart Henderson wrote: > On 2009-10-25, Markus Lude wrote: > > You now need to add the correct library version number to > > libsf_engine.so in the dynamicengine config line in your snort.conf. > > This applies only to those which use an older already adjusted > > snort.conf. The one in the diff below already has it. Should I add a > > MESSAGE file for this? > > This is a bit of a problem, it means users will need to hand-edit their > config file every time they upgrade. Were you able to work out what changed > between releases that has made this necessary? dlopen(3) should be quite > capable of locating the library from the basename without specifying the > particular version... > > Alternatively, does it even make sense to give this a versioned filename? > Plugins for e.g. php, apache and others typically just use unversioned names. Thanks for the feedback. I'll have a look at it. Regards, Markus
Re: UPDATE: net/snort-2.8.5.1
On Wed, Dec 16, 2009 at 08:11:27PM +0100, Markus Lude wrote: > On Wed, Dec 16, 2009 at 03:02:59PM +, Stuart Henderson wrote: > > On 2009-10-25, Markus Lude wrote: > > > You now need to add the correct library version number to > > > libsf_engine.so in the dynamicengine config line in your snort.conf. > > > This applies only to those which use an older already adjusted > > > snort.conf. The one in the diff below already has it. Should I add a > > > MESSAGE file for this? > > > > This is a bit of a problem, it means users will need to hand-edit their > > config file every time they upgrade. Were you able to work out what changed > > between releases that has made this necessary? dlopen(3) should be quite > > capable of locating the library from the basename without specifying the > > particular version... > > > > Alternatively, does it even make sense to give this a versioned filename? > > Plugins for e.g. php, apache and others typically just use unversioned > > names. > > Thanks for the feedback. I'll have a look at it. Please test the new attached diff. Only changes are in snort.conf and the Makefile. Any hints on how to remove the versions from the libs? Maybe we could try that later on... Regards, Markus Index: Makefile === RCS file: /cvs/ports/net/snort/Makefile,v retrieving revision 1.54 diff -u -p -r1.54 Makefile --- Makefile16 Aug 2009 13:31:27 - 1.54 +++ Makefile17 Dec 2009 08:37:02 - @@ -4,7 +4,7 @@ SHARED_ONLY = Yes COMMENT = highly flexible sniffer/NIDS -DISTNAME = snort-2.8.4.1 +DISTNAME = snort-2.8.5.1 CATEGORIES = net security MASTER_SITES = http://dl.snort.org/snort-current/ @@ -19,22 +19,21 @@ PERMIT_DISTFILES_CDROM = Yes PERMIT_DISTFILES_FTP = Yes WANTLIB = c m pcap -SHARED_LIBS = sf_engine 3.0 \ - sf_dce2_preproc 0.0 \ - sf_dcerpc_preproc 2.0 \ - sf_dns_preproc 3.0 \ - sf_ftptelnet_preproc 3.0 \ - sf_smtp_preproc 3.0 \ - sf_ssh_preproc 2.0 \ - sf_ssl_preproc 1.0 \ - _sfdynamic_example_rule 0.0 \ - _sfdynamic_preprocessor_example 0.0 +SHARED_LIBS = sf_engine 4.0 \ + sf_dce2_preproc 1.0 \ + sf_dcerpc_preproc 3.0 \ + sf_dns_preproc 4.0 \ + sf_ftptelnet_preproc 4.0 \ + sf_smtp_preproc 4.0 \ + sf_ssh_preproc 3.0 \ + sf_ssl_preproc 2.0 USE_LIBTOOL = Yes SEPARATE_BUILD = concurrent CONFIGURE_STYLE = simple CONFIGURE_ARGS += ${CONFIGURE_SHARED} \ + --enable-ipv6 \ --enable-dynamicplugin MAKE_FLAGS = mandir=${TRUEPREFIX}/man Index: distinfo === RCS file: /cvs/ports/net/snort/distinfo,v retrieving revision 1.18 diff -u -p -r1.18 distinfo --- distinfo16 Aug 2009 13:31:27 - 1.18 +++ distinfo17 Dec 2009 08:37:02 - @@ -1,5 +1,5 @@ -MD5 (snort-2.8.4.1.tar.gz) = Y/TnaulqLRM/THt0G61UWA== -RMD160 (snort-2.8.4.1.tar.gz) = jzijfJ8Wm6uVKUbMq6JMktJnuIA= -SHA1 (snort-2.8.4.1.tar.gz) = P/q7U2bAiJUv76sZqNwZzoTWJkU= -SHA256 (snort-2.8.4.1.tar.gz) = 7n95DrPfTmFWp8hl8boihVOUyePBP9xX1gqGRyZ/wgk= -SIZE (snort-2.8.4.1.tar.gz) = 4567713 +MD5 (snort-2.8.5.1.tar.gz) = savzqfo0hnIMmite/5IEFw== +RMD160 (snort-2.8.5.1.tar.gz) = +/q0Xx19gVUWBDWS6rjPHMbsk9A= +SHA1 (snort-2.8.5.1.tar.gz) = uXEFLN1LNSegYDhUlTED/prYpFs= +SHA256 (snort-2.8.5.1.tar.gz) = reGw9K50/WI8Yz0otvFCkYd1GzWzaj+KDBl9IQS15a4= +SIZE (snort-2.8.5.1.tar.gz) = 4715078 Index: patches/patch-etc_snort_conf === RCS file: /cvs/ports/net/snort/patches/patch-etc_snort_conf,v retrieving revision 1.4 diff -u -p -r1.4 patch-etc_snort_conf --- patches/patch-etc_snort_conf16 Aug 2009 13:31:27 - 1.4 +++ patches/patch-etc_snort_conf17 Dec 2009 08:37:02 - @@ -1,19 +1,17 @@ $OpenBSD: patch-etc_snort_conf,v 1.4 2009/08/16 13:31:27 rui Exp $ etc/snort.conf.origWed Mar 11 14:22:03 2009 -+++ etc/snort.conf Wed Apr 8 12:47:17 2009 -@@ -78,7 +78,10 @@ var SNMP_SERVERS $HOME_NET - # like this: - # - # portvar HTTP_PORTS 8081 --# -+ +--- etc/snort.conf.origMon Oct 19 23:09:14 2009 etc/snort.conf Thu Dec 17 08:25:52 2009 +@@ -99,6 +99,9 @@ portvar HTTP_PORTS 80 + # including the rules file twice is obsolete. See README.variables for more + # details. + +# Ports you run ssh servers on +portvar SSH_PORTS 22 + - # Ports you run web servers on - portvar HTTP_PORTS 80 + # Ports you want to look for SHELLCODE on. + portvar S
Re: UPDATE: net/snort-2.8.5.1
On Thu, Dec 17, 2009 at 09:33:38PM +0100, Markus Lude wrote: > On Wed, Dec 16, 2009 at 08:11:27PM +0100, Markus Lude wrote: > > On Wed, Dec 16, 2009 at 03:02:59PM +, Stuart Henderson wrote: > > > On 2009-10-25, Markus Lude wrote: > > > > You now need to add the correct library version number to > > > > libsf_engine.so in the dynamicengine config line in your snort.conf. > > > > This applies only to those which use an older already adjusted > > > > snort.conf. The one in the diff below already has it. Should I add a > > > > MESSAGE file for this? > > > > > > This is a bit of a problem, it means users will need to hand-edit their > > > config file every time they upgrade. Were you able to work out what > > > changed > > > between releases that has made this necessary? dlopen(3) should be quite > > > capable of locating the library from the basename without specifying the > > > particular version... > > > > > > Alternatively, does it even make sense to give this a versioned filename? > > > Plugins for e.g. php, apache and others typically just use unversioned > > > names. > > > > Thanks for the feedback. I'll have a look at it. > > Please test the new attached diff. Only changes are in snort.conf and > the Makefile. > > Any hints on how to remove the versions from the libs? Maybe we could > try that later on... For now I prefer to keep the version numbers in the filenames of the libs. Users will need to edit the snort.conf file if they update snort this round, but usually there are quite a few other stuff which also changes there, like new preprocessors, ... . Later on at least that one line needs no changes (as with former updates). More comments on this or could someone please commit it? Regards, Markus Index: Makefile === RCS file: /cvs/ports/net/snort/Makefile,v retrieving revision 1.54 diff -u -p -r1.54 Makefile --- Makefile16 Aug 2009 13:31:27 - 1.54 +++ Makefile17 Dec 2009 08:37:02 - @@ -4,7 +4,7 @@ SHARED_ONLY = Yes COMMENT = highly flexible sniffer/NIDS -DISTNAME = snort-2.8.4.1 +DISTNAME = snort-2.8.5.1 CATEGORIES = net security MASTER_SITES = http://dl.snort.org/snort-current/ @@ -19,22 +19,21 @@ PERMIT_DISTFILES_CDROM = Yes PERMIT_DISTFILES_FTP = Yes WANTLIB = c m pcap -SHARED_LIBS = sf_engine 3.0 \ - sf_dce2_preproc 0.0 \ - sf_dcerpc_preproc 2.0 \ - sf_dns_preproc 3.0 \ - sf_ftptelnet_preproc 3.0 \ - sf_smtp_preproc 3.0 \ - sf_ssh_preproc 2.0 \ - sf_ssl_preproc 1.0 \ - _sfdynamic_example_rule 0.0 \ - _sfdynamic_preprocessor_example 0.0 +SHARED_LIBS = sf_engine 4.0 \ + sf_dce2_preproc 1.0 \ + sf_dcerpc_preproc 3.0 \ + sf_dns_preproc 4.0 \ + sf_ftptelnet_preproc 4.0 \ + sf_smtp_preproc 4.0 \ + sf_ssh_preproc 3.0 \ + sf_ssl_preproc 2.0 USE_LIBTOOL = Yes SEPARATE_BUILD = concurrent CONFIGURE_STYLE = simple CONFIGURE_ARGS += ${CONFIGURE_SHARED} \ + --enable-ipv6 \ --enable-dynamicplugin MAKE_FLAGS = mandir=${TRUEPREFIX}/man Index: distinfo === RCS file: /cvs/ports/net/snort/distinfo,v retrieving revision 1.18 diff -u -p -r1.18 distinfo --- distinfo16 Aug 2009 13:31:27 - 1.18 +++ distinfo17 Dec 2009 08:37:02 - @@ -1,5 +1,5 @@ -MD5 (snort-2.8.4.1.tar.gz) = Y/TnaulqLRM/THt0G61UWA== -RMD160 (snort-2.8.4.1.tar.gz) = jzijfJ8Wm6uVKUbMq6JMktJnuIA= -SHA1 (snort-2.8.4.1.tar.gz) = P/q7U2bAiJUv76sZqNwZzoTWJkU= -SHA256 (snort-2.8.4.1.tar.gz) = 7n95DrPfTmFWp8hl8boihVOUyePBP9xX1gqGRyZ/wgk= -SIZE (snort-2.8.4.1.tar.gz) = 4567713 +MD5 (snort-2.8.5.1.tar.gz) = savzqfo0hnIMmite/5IEFw== +RMD160 (snort-2.8.5.1.tar.gz) = +/q0Xx19gVUWBDWS6rjPHMbsk9A= +SHA1 (snort-2.8.5.1.tar.gz) = uXEFLN1LNSegYDhUlTED/prYpFs= +SHA256 (snort-2.8.5.1.tar.gz) = reGw9K50/WI8Yz0otvFCkYd1GzWzaj+KDBl9IQS15a4= +SIZE (snort-2.8.5.1.tar.gz) = 4715078 Index: patches/patch-etc_snort_conf === RCS file: /cvs/ports/net/snort/patches/patch-etc_snort_conf,v retrieving revision 1.4 diff -u -p -r1.4 patch-etc_snort_conf --- patches/patch-etc_snort_conf16 Aug 2009 13:31:27 - 1.4 +++ patches/patch-etc_snort_conf17 Dec 2009 08:37:02 - @@ -1,19 +1,17 @@ $OpenBSD: patch-etc_snort_conf,v 1.4 2009/08/16 13:31:27 rui Exp $ etc/snort.conf.origWed Mar 11 14:22:03 2009 -+++ etc/snort.conf Wed Apr 8 12:47:17 2009 -@@ -7
MAINTAINER-UPDATE: net/snort-2.8.5.2
Hello, attached is an update to the recently released version 2.8.5.2 of snort. Finally I got rid of the version numbers for the shared libs. IPv6 is enabled. Builds of all flavors look good on i386 and sparc64. As I mainly use the unflavored version tests especially of the different flavors are very appreciated. Please test and comment. Regards, Markus Index: Makefile === RCS file: /cvs/ports/net/snort/Makefile,v retrieving revision 1.54 diff -u -p -r1.54 Makefile --- Makefile16 Aug 2009 13:31:27 - 1.54 +++ Makefile12 Jan 2010 15:36:27 - @@ -4,7 +4,7 @@ SHARED_ONLY = Yes COMMENT = highly flexible sniffer/NIDS -DISTNAME = snort-2.8.4.1 +DISTNAME = snort-2.8.5.2 CATEGORIES = net security MASTER_SITES = http://dl.snort.org/snort-current/ @@ -19,22 +19,12 @@ PERMIT_DISTFILES_CDROM = Yes PERMIT_DISTFILES_FTP = Yes WANTLIB = c m pcap -SHARED_LIBS = sf_engine 3.0 \ - sf_dce2_preproc 0.0 \ - sf_dcerpc_preproc 2.0 \ - sf_dns_preproc 3.0 \ - sf_ftptelnet_preproc 3.0 \ - sf_smtp_preproc 3.0 \ - sf_ssh_preproc 2.0 \ - sf_ssl_preproc 1.0 \ - _sfdynamic_example_rule 0.0 \ - _sfdynamic_preprocessor_example 0.0 - USE_LIBTOOL = Yes SEPARATE_BUILD = concurrent CONFIGURE_STYLE = simple CONFIGURE_ARGS += ${CONFIGURE_SHARED} \ + --enable-ipv6 \ --enable-dynamicplugin MAKE_FLAGS = mandir=${TRUEPREFIX}/man Index: distinfo === RCS file: /cvs/ports/net/snort/distinfo,v retrieving revision 1.18 diff -u -p -r1.18 distinfo --- distinfo16 Aug 2009 13:31:27 - 1.18 +++ distinfo12 Jan 2010 15:36:27 - @@ -1,5 +1,5 @@ -MD5 (snort-2.8.4.1.tar.gz) = Y/TnaulqLRM/THt0G61UWA== -RMD160 (snort-2.8.4.1.tar.gz) = jzijfJ8Wm6uVKUbMq6JMktJnuIA= -SHA1 (snort-2.8.4.1.tar.gz) = P/q7U2bAiJUv76sZqNwZzoTWJkU= -SHA256 (snort-2.8.4.1.tar.gz) = 7n95DrPfTmFWp8hl8boihVOUyePBP9xX1gqGRyZ/wgk= -SIZE (snort-2.8.4.1.tar.gz) = 4567713 +MD5 (snort-2.8.5.2.tar.gz) = 5qi8WqHr5NIQBTPXcJxKng== +RMD160 (snort-2.8.5.2.tar.gz) = 9KuvUl3WwTyrY7mivMwzt/M23gQ= +SHA1 (snort-2.8.5.2.tar.gz) = GGLs5+rGO5DT6GjM+9DnmJtQeKY= +SHA256 (snort-2.8.5.2.tar.gz) = oEGZkpx1rpL3h0w1B4xI3b+h2sdIBG0uh82s8GdCfNE= +SIZE (snort-2.8.5.2.tar.gz) = 4738118 Index: patches/patch-etc_snort_conf === RCS file: /cvs/ports/net/snort/patches/patch-etc_snort_conf,v retrieving revision 1.4 diff -u -p -r1.4 patch-etc_snort_conf --- patches/patch-etc_snort_conf16 Aug 2009 13:31:27 - 1.4 +++ patches/patch-etc_snort_conf12 Jan 2010 15:36:27 - @@ -1,19 +1,17 @@ $OpenBSD: patch-etc_snort_conf,v 1.4 2009/08/16 13:31:27 rui Exp $ etc/snort.conf.origWed Mar 11 14:22:03 2009 -+++ etc/snort.conf Wed Apr 8 12:47:17 2009 -@@ -78,7 +78,10 @@ var SNMP_SERVERS $HOME_NET - # like this: - # - # portvar HTTP_PORTS 8081 --# -+ +--- etc/snort.conf.origMon Oct 19 23:18:58 2009 etc/snort.conf Tue Jan 12 16:34:43 2010 +@@ -99,6 +99,9 @@ portvar HTTP_PORTS 80 + # including the rules file twice is obsolete. See README.variables for more + # details. + +# Ports you run ssh servers on +portvar SSH_PORTS 22 + - # Ports you run web servers on - portvar HTTP_PORTS 80 + # Ports you want to look for SHELLCODE on. + portvar SHELLCODE_PORTS !80 -@@ -107,8 +110,8 @@ var AIM_SERVERS [64.12.24.0/23,64.12.28.0/23,64.12.161 +@@ -117,8 +120,8 @@ var AIM_SERVERS [64.12.24.0/23,64.12.28.0/23,64.12.161 # Path to your rules files (this can be a relative path) # Note for Windows users: You are advised to make this an absolute path, # such as: c:\snort\rules Index: patches/patch-src_Makefile_in === RCS file: patches/patch-src_Makefile_in diff -N patches/patch-src_Makefile_in --- /dev/null 1 Jan 1970 00:00:00 - +++ patches/patch-src_Makefile_in 12 Jan 2010 15:36:27 - @@ -0,0 +1,12 @@ +$OpenBSD$ +--- src/Makefile.in.orig Mon Oct 19 23:17:59 2009 src/Makefile.inTue Jan 12 14:34:24 2010 +@@ -271,7 +271,7 @@ preprocessors/Stream5/libstream5.a \ + sfutil/libsfutil.a + + EXAMPLES_DIR = dynamic-examples +-SUBDIRS = sfutil win32 output-plugins detection-plugins dynamic-plugins preprocessors parser dynamic-preprocessors target-based $(EXAMPLES_DIR) ++SUBDIRS = sfutil win32 output-plugins detection-plugins dynamic-plugins preprocessors parser dynamic-preprocessors target-based + all: all-recursive + + .SUFFIXES: Index: patches/patch-src_dynamic-examples_dynamic-
Re: UPDATE: net/snort-2.8.6
On Thu, May 06, 2010 at 01:38:21AM +0200, Markus Lude wrote: > Hello, > attached is an update to the recently released version 2.8.6 of snort. > Finally I got rid of the version numbers for the shared libs. IPv6 is > enabled. Builds of all flavors look good on i386 and sparc64. As I > mainly use the unflavored version tests especially of the different > flavors are very appreciated. > > Please test and report which flavor/arch you use/tested. Thanks. > > I didn't enabled --enable-inline yet, as there are still some problems. > I'm still working on it. Updated diff. After change to gcc4 on sparc64 no need for the workaround. Thanks to Brad for the notice. I've been running the unflavored version on sparc64 here for a few days now without problems. Please test and commit. Thanks. Regards, Markus Index: Makefile === RCS file: /cvs/ports/net/snort/Makefile,v retrieving revision 1.55 diff -u -p -r1.55 Makefile --- Makefile15 Apr 2010 14:58:24 - 1.55 +++ Makefile8 Jun 2010 10:51:16 - @@ -4,8 +4,7 @@ SHARED_ONLY = Yes COMMENT = highly flexible sniffer/NIDS -DISTNAME = snort-2.8.4.1 -PKGNAME = ${DISTNAME}p0 +DISTNAME = snort-2.8.6 CATEGORIES = net security MASTER_SITES = http://dl.snort.org/snort-current/ @@ -20,32 +19,17 @@ PERMIT_DISTFILES_CDROM = Yes PERMIT_DISTFILES_FTP = Yes WANTLIB = c m pcap -SHARED_LIBS = sf_engine 3.0 \ - sf_dce2_preproc 0.0 \ - sf_dcerpc_preproc 2.0 \ - sf_dns_preproc 3.0 \ - sf_ftptelnet_preproc 3.0 \ - sf_smtp_preproc 3.0 \ - sf_ssh_preproc 2.0 \ - sf_ssl_preproc 1.0 \ - _sfdynamic_example_rule 0.0 \ - _sfdynamic_preprocessor_example 0.0 - USE_LIBTOOL = Yes SEPARATE_BUILD = concurrent CONFIGURE_STYLE = simple CONFIGURE_ARGS += ${CONFIGURE_SHARED} \ - --enable-dynamicplugin + --enable-dynamicplugin \ + --enable-ipv6 MAKE_FLAGS = mandir=${TRUEPREFIX}/man LIB_DEPENDS = pcre::devel/pcre - -# gcc 3.3.5, Bus errors -.if ${MACHINE_ARCH} == "sparc64" -CFLAGS += -O0 -.endif FLAVORS = postgresql mysql flexresp prelude FLAVOR ?= Index: distinfo === RCS file: /cvs/ports/net/snort/distinfo,v retrieving revision 1.18 diff -u -p -r1.18 distinfo --- distinfo16 Aug 2009 13:31:27 - 1.18 +++ distinfo8 Jun 2010 10:51:16 - @@ -1,5 +1,5 @@ -MD5 (snort-2.8.4.1.tar.gz) = Y/TnaulqLRM/THt0G61UWA== -RMD160 (snort-2.8.4.1.tar.gz) = jzijfJ8Wm6uVKUbMq6JMktJnuIA= -SHA1 (snort-2.8.4.1.tar.gz) = P/q7U2bAiJUv76sZqNwZzoTWJkU= -SHA256 (snort-2.8.4.1.tar.gz) = 7n95DrPfTmFWp8hl8boihVOUyePBP9xX1gqGRyZ/wgk= -SIZE (snort-2.8.4.1.tar.gz) = 4567713 +MD5 (snort-2.8.6.tar.gz) = scLT3bHAqFmkfFox0Z5grQ== +RMD160 (snort-2.8.6.tar.gz) = W1Seqzmm4KDxgvbS7kb9YJlcgi4= +SHA1 (snort-2.8.6.tar.gz) = 5GPJmZTlIXFDliPhsFueG88BrI8= +SHA256 (snort-2.8.6.tar.gz) = YGTXu3jWQ4tFX/NJuT1S9A05d/H+yx15WMh4gbADA1g= +SIZE (snort-2.8.6.tar.gz) = 4960740 Index: patches/patch-etc_snort_conf === RCS file: /cvs/ports/net/snort/patches/patch-etc_snort_conf,v retrieving revision 1.4 diff -u -p -r1.4 patch-etc_snort_conf --- patches/patch-etc_snort_conf16 Aug 2009 13:31:27 - 1.4 +++ patches/patch-etc_snort_conf8 Jun 2010 10:51:16 - @@ -1,26 +1,26 @@ $OpenBSD: patch-etc_snort_conf,v 1.4 2009/08/16 13:31:27 rui Exp $ etc/snort.conf.origWed Mar 11 14:22:03 2009 -+++ etc/snort.conf Wed Apr 8 12:47:17 2009 -@@ -78,7 +78,10 @@ var SNMP_SERVERS $HOME_NET - # like this: - # - # portvar HTTP_PORTS 8081 --# -+ +--- etc/snort.conf.origFri Mar 19 20:41:00 2010 etc/snort.conf Mon Apr 26 20:16:23 2010 +@@ -42,6 +42,9 @@ var SQL_SERVERS $HOME_NET + # List of telnet servers on your network + var TELNET_SERVERS $HOME_NET + +# Ports you run ssh servers on +portvar SSH_PORTS 22 + - # Ports you run web servers on - portvar HTTP_PORTS 80 + # List of ports you run web servers on + portvar HTTP_PORTS [80,2301,3128,,7779,8000,8008,8028,8080,8180,,] -@@ -107,8 +110,8 @@ var AIM_SERVERS [64.12.24.0/23,64.12.28.0/23,64.12.161 +@@ -57,9 +60,9 @@ var AIM_SERVERS [64.12.24.0/23,64.12.28.0/23,64.12.161 # Path to your rules files (this can be a relative path) # Note for Windows users: You are advised to make this an absolute path, # such as: c:\snort\rules -var RULE_PATH ../rules +-var SO_RULE_PATH ../so_rules -var PREPROC_RULE_PATH ../preproc_rules +var RULE_PATH ${SYSCONFDIR}/snort/
Re: UPDATE: net/snort-2.8.6
On 2010/06/08 12:57, Markus Lude wrote: > On Thu, May 06, 2010 at 01:38:21AM +0200, Markus Lude wrote: > > Hello, > > attached is an update to the recently released version 2.8.6 of snort. > > Finally I got rid of the version numbers for the shared libs. IPv6 is > > enabled. Builds of all flavors look good on i386 and sparc64. As I > > mainly use the unflavored version tests especially of the different > > flavors are very appreciated. > > > > Please test and report which flavor/arch you use/tested. Thanks. > > > > I didn't enabled --enable-inline yet, as there are still some problems. > > I'm still working on it. > > Updated diff. After change to gcc4 on sparc64 no need for the > workaround. Thanks to Brad for the notice. > > I've been running the unflavored version on sparc64 here for a few days > now without problems. > > Please test and commit. Thanks. generally looks ok, one thing I noticed though: can't the workarounds for the timeval conflict just be removed now that they have changed to timeval32? sorry for the delay reading this..I was hoping that somebody who uses snort themselves would get to it first ;) > Index: Makefile > === > RCS file: /cvs/ports/net/snort/Makefile,v > retrieving revision 1.55 > diff -u -p -r1.55 Makefile > --- Makefile 15 Apr 2010 14:58:24 - 1.55 > +++ Makefile 8 Jun 2010 10:51:16 - > @@ -4,8 +4,7 @@ SHARED_ONLY = Yes > > COMMENT =highly flexible sniffer/NIDS > > -DISTNAME = snort-2.8.4.1 > -PKGNAME =${DISTNAME}p0 > +DISTNAME = snort-2.8.6 > CATEGORIES = net security > MASTER_SITES = http://dl.snort.org/snort-current/ > > @@ -20,32 +19,17 @@ PERMIT_DISTFILES_CDROM = Yes > PERMIT_DISTFILES_FTP = Yes > WANTLIB =c m pcap > > -SHARED_LIBS =sf_engine 3.0 \ > - sf_dce2_preproc 0.0 \ > - sf_dcerpc_preproc 2.0 \ > - sf_dns_preproc 3.0 \ > - sf_ftptelnet_preproc 3.0 \ > - sf_smtp_preproc 3.0 \ > - sf_ssh_preproc 2.0 \ > - sf_ssl_preproc 1.0 \ > - _sfdynamic_example_rule 0.0 \ > - _sfdynamic_preprocessor_example 0.0 > - > USE_LIBTOOL =Yes > > SEPARATE_BUILD = concurrent > CONFIGURE_STYLE =simple > CONFIGURE_ARGS +=${CONFIGURE_SHARED} \ > - --enable-dynamicplugin > + --enable-dynamicplugin \ > + --enable-ipv6 > > MAKE_FLAGS = mandir=${TRUEPREFIX}/man > > LIB_DEPENDS =pcre::devel/pcre > - > -# gcc 3.3.5, Bus errors > -.if ${MACHINE_ARCH} == "sparc64" > -CFLAGS +=-O0 > -.endif > > FLAVORS =postgresql mysql flexresp prelude > FLAVOR ?= > Index: distinfo > === > RCS file: /cvs/ports/net/snort/distinfo,v > retrieving revision 1.18 > diff -u -p -r1.18 distinfo > --- distinfo 16 Aug 2009 13:31:27 - 1.18 > +++ distinfo 8 Jun 2010 10:51:16 - > @@ -1,5 +1,5 @@ > -MD5 (snort-2.8.4.1.tar.gz) = Y/TnaulqLRM/THt0G61UWA== > -RMD160 (snort-2.8.4.1.tar.gz) = jzijfJ8Wm6uVKUbMq6JMktJnuIA= > -SHA1 (snort-2.8.4.1.tar.gz) = P/q7U2bAiJUv76sZqNwZzoTWJkU= > -SHA256 (snort-2.8.4.1.tar.gz) = 7n95DrPfTmFWp8hl8boihVOUyePBP9xX1gqGRyZ/wgk= > -SIZE (snort-2.8.4.1.tar.gz) = 4567713 > +MD5 (snort-2.8.6.tar.gz) = scLT3bHAqFmkfFox0Z5grQ== > +RMD160 (snort-2.8.6.tar.gz) = W1Seqzmm4KDxgvbS7kb9YJlcgi4= > +SHA1 (snort-2.8.6.tar.gz) = 5GPJmZTlIXFDliPhsFueG88BrI8= > +SHA256 (snort-2.8.6.tar.gz) = YGTXu3jWQ4tFX/NJuT1S9A05d/H+yx15WMh4gbADA1g= > +SIZE (snort-2.8.6.tar.gz) = 4960740 > Index: patches/patch-etc_snort_conf > === > RCS file: /cvs/ports/net/snort/patches/patch-etc_snort_conf,v > retrieving revision 1.4 > diff -u -p -r1.4 patch-etc_snort_conf > --- patches/patch-etc_snort_conf 16 Aug 2009 13:31:27 - 1.4 > +++ patches/patch-etc_snort_conf 8 Jun 2010 10:51:16 - > @@ -1,26 +1,26 @@ > $OpenBSD: patch-etc_snort_conf,v 1.4 2009/08/16 13:31:27 rui Exp $ > etc/snort.conf.orig Wed Mar 11 14:22:03 2009 > -+++ etc/snort.conf Wed Apr 8 12:47:17 2009 > -@@ -78,7 +78,10 @@ var SNMP_SERVERS $HOME_NET > - # like this: > - # > - # portvar HTTP_PORTS 8081 > --# > -+ > +--- etc/snort.conf.orig Fri Mar 19 20:41:00 2010 > etc/snort.conf Mon Apr 26 20:16:23 2010 > +@@ -42,6 +42,9 @@ var SQL_SERVERS $HOME_NET > + # List of telnet servers on your network > + var TELNET_SERVERS $HOME_NET > + > +# Ports you run ssh servers on > +portvar SSH_PORTS 22 > + > - # Ports you run web servers on > - portvar HTTP_PORTS 80 > + # List of ports you run web servers on > + portvar HTTP_PORTS > [80,2301,3128,,7779,8000,8
Re: UPDATE: net/snort-2.8.6
On Thu, Jul 01, 2010 at 10:30:48AM +0100, Stuart Henderson wrote: > On 2010/06/08 12:57, Markus Lude wrote: > > On Thu, May 06, 2010 at 01:38:21AM +0200, Markus Lude wrote: > > > Hello, > > > attached is an update to the recently released version 2.8.6 of snort. > > > Finally I got rid of the version numbers for the shared libs. IPv6 is > > > enabled. Builds of all flavors look good on i386 and sparc64. As I > > > mainly use the unflavored version tests especially of the different > > > flavors are very appreciated. > > > > > > Please test and report which flavor/arch you use/tested. Thanks. > > > > > > I didn't enabled --enable-inline yet, as there are still some problems. > > > I'm still working on it. > > > > Updated diff. After change to gcc4 on sparc64 no need for the > > workaround. Thanks to Brad for the notice. > > > > I've been running the unflavored version on sparc64 here for a few days > > now without problems. > > > > Please test and commit. Thanks. > > generally looks ok, one thing I noticed though: can't the > workarounds for the timeval conflict just be removed now that > they have changed to timeval32? They only changed those places to sf_timeval32 which have to do with unified output. The problems with calls to ts_print are related with our somewhat special pcap (fixed 32 bit "timeval" instead of long), where differences occur at least on sparc64 (maybe other 64bit archs too). I'll contact upstream to get this added too. > sorry for the delay reading this..I was hoping that somebody who > uses snort themselves would get to it first ;) Thanks for commenting. Attached is an updated diff against in-tree 2.8.4.1p1. The workaround for sparc64 in Makefile was removed lately. Regards, Markus Index: Makefile === RCS file: /cvs/ports/net/snort/Makefile,v retrieving revision 1.56 diff -u -p -r1.56 Makefile --- Makefile11 Jun 2010 21:10:28 - 1.56 +++ Makefile2 Jul 2010 08:41:19 - @@ -4,8 +4,7 @@ SHARED_ONLY = Yes COMMENT = highly flexible sniffer/NIDS -DISTNAME = snort-2.8.4.1 -PKGNAME = ${DISTNAME}p1 +DISTNAME = snort-2.8.6 CATEGORIES = net security MASTER_SITES = http://dl.snort.org/snort-current/ @@ -20,23 +19,13 @@ PERMIT_DISTFILES_CDROM = Yes PERMIT_DISTFILES_FTP = Yes WANTLIB = c m pcap -SHARED_LIBS = sf_engine 3.0 \ - sf_dce2_preproc 0.0 \ - sf_dcerpc_preproc 2.0 \ - sf_dns_preproc 3.0 \ - sf_ftptelnet_preproc 3.0 \ - sf_smtp_preproc 3.0 \ - sf_ssh_preproc 2.0 \ - sf_ssl_preproc 1.0 \ - _sfdynamic_example_rule 0.0 \ - _sfdynamic_preprocessor_example 0.0 - USE_LIBTOOL = Yes SEPARATE_BUILD = concurrent CONFIGURE_STYLE = simple CONFIGURE_ARGS += ${CONFIGURE_SHARED} \ - --enable-dynamicplugin + --enable-dynamicplugin \ + --enable-ipv6 MAKE_FLAGS = mandir=${TRUEPREFIX}/man Index: distinfo === RCS file: /cvs/ports/net/snort/distinfo,v retrieving revision 1.18 diff -u -p -r1.18 distinfo --- distinfo16 Aug 2009 13:31:27 - 1.18 +++ distinfo2 Jul 2010 08:41:19 - @@ -1,5 +1,5 @@ -MD5 (snort-2.8.4.1.tar.gz) = Y/TnaulqLRM/THt0G61UWA== -RMD160 (snort-2.8.4.1.tar.gz) = jzijfJ8Wm6uVKUbMq6JMktJnuIA= -SHA1 (snort-2.8.4.1.tar.gz) = P/q7U2bAiJUv76sZqNwZzoTWJkU= -SHA256 (snort-2.8.4.1.tar.gz) = 7n95DrPfTmFWp8hl8boihVOUyePBP9xX1gqGRyZ/wgk= -SIZE (snort-2.8.4.1.tar.gz) = 4567713 +MD5 (snort-2.8.6.tar.gz) = scLT3bHAqFmkfFox0Z5grQ== +RMD160 (snort-2.8.6.tar.gz) = W1Seqzmm4KDxgvbS7kb9YJlcgi4= +SHA1 (snort-2.8.6.tar.gz) = 5GPJmZTlIXFDliPhsFueG88BrI8= +SHA256 (snort-2.8.6.tar.gz) = YGTXu3jWQ4tFX/NJuT1S9A05d/H+yx15WMh4gbADA1g= +SIZE (snort-2.8.6.tar.gz) = 4960740 Index: patches/patch-etc_snort_conf === RCS file: /cvs/ports/net/snort/patches/patch-etc_snort_conf,v retrieving revision 1.4 diff -u -p -r1.4 patch-etc_snort_conf --- patches/patch-etc_snort_conf16 Aug 2009 13:31:27 - 1.4 +++ patches/patch-etc_snort_conf2 Jul 2010 08:41:19 - @@ -1,26 +1,26 @@ $OpenBSD: patch-etc_snort_conf,v 1.4 2009/08/16 13:31:27 rui Exp $ etc/snort.conf.origWed Mar 11 14:22:03 2009 -+++ etc/snort.conf Wed Apr 8 12:47:17 2009 -@@ -78,7 +78,10 @@ var SNMP_SERVERS $HOME_NET - # like this: - # - # portvar HTTP_PORTS 8081 --# -+ +--- etc/snort.conf.origFri Mar 19 20:41:00 2010 etc/snort.conf Mon Apr 26 20:16:23 2010 +@@ -42,6 +42,9 @@ var SQL_SERVERS $HOME_NET + # List of telnet servers on your network + var
Re: UPDATE: net/snort-2.8.6
On 2010/07/02 10:49, Markus Lude wrote: > > generally looks ok, one thing I noticed though: can't the > > workarounds for the timeval conflict just be removed now that > > they have changed to timeval32? > > They only changed those places to sf_timeval32 which have to do with > unified output. > > The problems with calls to ts_print are related with our somewhat > special pcap (fixed 32 bit "timeval" instead of long), where differences > occur at least on sparc64 (maybe other 64bit archs too). > > I'll contact upstream to get this added too. Ah, I'm sorry, I misread the diff-of-a-diff. > > sorry for the delay reading this..I was hoping that somebody who > > uses snort themselves would get to it first ;) > > Thanks for commenting. > > Attached is an updated diff against in-tree 2.8.4.1p1. The workaround > for sparc64 in Makefile was removed lately. They have switched file distribution to amazon s3 which must be done via a redirect from http://dl.snort.org/downloads/14 If we use that URL directly we get a distfile named 14 which is unhelpful. We have a couple of options: mirror the distfile, or use some hack to get the correct filename: MASTER_SITES = http://r.spacehopper.org/dl.snort.org/downloads/14__/ this site runs a simple redirector: $HTTP["host"] =~ "^r\.spacehopper\.org$" { url.redirect = ( "^/(.*)__/(.*)" => "http://$1";, ) } MASTER_SITES = http://dl.snort.org/downloads/14?/ this adds a bogus querystring which is enough to get a good filename out of ftp(1). Opinions?
Re: UPDATE: net/snort-2.8.6
On Fri, Jul 02, 2010 at 11:13:53AM +0100, Stuart Henderson wrote: > On 2010/07/02 10:49, Markus Lude wrote: > > > generally looks ok, one thing I noticed though: can't the > > > workarounds for the timeval conflict just be removed now that > > > they have changed to timeval32? > > > > They only changed those places to sf_timeval32 which have to do with > > unified output. > > > > The problems with calls to ts_print are related with our somewhat > > special pcap (fixed 32 bit "timeval" instead of long), where differences > > occur at least on sparc64 (maybe other 64bit archs too). > > > > I'll contact upstream to get this added too. > > Ah, I'm sorry, I misread the diff-of-a-diff. > > > > sorry for the delay reading this..I was hoping that somebody who > > > uses snort themselves would get to it first ;) > > > > Thanks for commenting. > > > > Attached is an updated diff against in-tree 2.8.4.1p1. The workaround > > for sparc64 in Makefile was removed lately. > > They have switched file distribution to amazon s3 which must be > done via a redirect from http://dl.snort.org/downloads/14 > > If we use that URL directly we get a distfile named 14 which > is unhelpful. > > We have a couple of options: mirror the distfile, or use some > hack to get the correct filename: > > MASTER_SITES = http://r.spacehopper.org/dl.snort.org/downloads/14__/ > > this site runs a simple redirector: > > $HTTP["host"] =~ "^r\.spacehopper\.org$" { > url.redirect = ( > "^/(.*)__/(.*)" => "http://$1";, > ) > } > > MASTER_SITES = http://dl.snort.org/downloads/14?/ > > this adds a bogus querystring which is enough to get a > good filename out of ftp(1). > > Opinions? Unfortunatly I currently couldn't mirror the distfile. Any suggestions so this could finally be committed? Regards, Markus
Re: UPDATE: net/snort-2.8.6
On 2010/07/12 18:00, Markus Lude wrote: > On Fri, Jul 02, 2010 at 11:13:53AM +0100, Stuart Henderson wrote: > > On 2010/07/02 10:49, Markus Lude wrote: > > > > generally looks ok, one thing I noticed though: can't the > > > > workarounds for the timeval conflict just be removed now that > > > > they have changed to timeval32? > > > > > > They only changed those places to sf_timeval32 which have to do with > > > unified output. > > > > > > The problems with calls to ts_print are related with our somewhat > > > special pcap (fixed 32 bit "timeval" instead of long), where differences > > > occur at least on sparc64 (maybe other 64bit archs too). > > > > > > I'll contact upstream to get this added too. > > > > Ah, I'm sorry, I misread the diff-of-a-diff. > > > > > > sorry for the delay reading this..I was hoping that somebody who > > > > uses snort themselves would get to it first ;) > > > > > > Thanks for commenting. > > > > > > Attached is an updated diff against in-tree 2.8.4.1p1. The workaround > > > for sparc64 in Makefile was removed lately. > > > > They have switched file distribution to amazon s3 which must be > > done via a redirect from http://dl.snort.org/downloads/14 > > > > If we use that URL directly we get a distfile named 14 which > > is unhelpful. > > > > We have a couple of options: mirror the distfile, or use some > > hack to get the correct filename: > > > > MASTER_SITES = http://r.spacehopper.org/dl.snort.org/downloads/14__/ > > > > this site runs a simple redirector: > > > > $HTTP["host"] =~ "^r\.spacehopper\.org$" { > > url.redirect = ( > > "^/(.*)__/(.*)" => "http://$1";, > > ) > > } > > > > MASTER_SITES = http://dl.snort.org/downloads/14?/ > > > > this adds a bogus querystring which is enough to get a > > good filename out of ftp(1). > > > > Opinions? > > Unfortunatly I currently couldn't mirror the distfile. Any suggestions > so this could finally be committed? I think I'd just go for the MASTER_SITES hack, if they change something to break it we can deal with it later...
Re: UPDATE: net/snort-2.8.6
On Mon, Jul 12, 2010 at 06:11:14PM +0100, Stuart Henderson wrote: > On 2010/07/12 18:00, Markus Lude wrote: > > On Fri, Jul 02, 2010 at 11:13:53AM +0100, Stuart Henderson wrote: > > > On 2010/07/02 10:49, Markus Lude wrote: > > > > > generally looks ok, one thing I noticed though: can't the > > > > > workarounds for the timeval conflict just be removed now that > > > > > they have changed to timeval32? > > > > > > > > They only changed those places to sf_timeval32 which have to do with > > > > unified output. > > > > > > > > The problems with calls to ts_print are related with our somewhat > > > > special pcap (fixed 32 bit "timeval" instead of long), where differences > > > > occur at least on sparc64 (maybe other 64bit archs too). > > > > > > > > I'll contact upstream to get this added too. > > > > > > Ah, I'm sorry, I misread the diff-of-a-diff. > > > > > > > > sorry for the delay reading this..I was hoping that somebody who > > > > > uses snort themselves would get to it first ;) > > > > > > > > Thanks for commenting. > > > > > > > > Attached is an updated diff against in-tree 2.8.4.1p1. The workaround > > > > for sparc64 in Makefile was removed lately. > > > > > > They have switched file distribution to amazon s3 which must be > > > done via a redirect from http://dl.snort.org/downloads/14 > > > > > > If we use that URL directly we get a distfile named 14 which > > > is unhelpful. > > > > > > We have a couple of options: mirror the distfile, or use some > > > hack to get the correct filename: > > > > > > MASTER_SITES = http://r.spacehopper.org/dl.snort.org/downloads/14__/ > > > > > > this site runs a simple redirector: > > > > > > $HTTP["host"] =~ "^r\.spacehopper\.org$" { > > > url.redirect = ( > > > "^/(.*)__/(.*)" => "http://$1";, > > > ) > > > } > > > > > > MASTER_SITES = http://dl.snort.org/downloads/14?/ > > > > > > this adds a bogus querystring which is enough to get a > > > good filename out of ftp(1). > > > > > > Opinions? > > > > Unfortunatly I currently couldn't mirror the distfile. Any suggestions > > so this could finally be committed? > > I think I'd just go for the MASTER_SITES hack, if they change something > to break it we can deal with it later... > And looks like it's time to deal with it, as I can't fetch the distfile right now... I guess the reason is the 2.8.6.1 release, though it's highly annoying that older release sources are not available anymore... 2010-07-22 - Snort 2.8.6.1 [*] Updates * Fix installer packages to include correct version of sensitive data preprocessor for linux and Windows * Eliminate false positives when using fast_pattern:only and having only one http content in the pattern matcher. * Address false positives in FTP preprocessor with string format verification. Also addressed issue with handling of response codes to data transfer commands where the response code didn't contain a message. -- viq pgpGQJgbiohrj.pgp Description: PGP signature
update net/snort to 2.9.19
Hello, attached is an update of snort to 2.9.19. Tested on amd64. Regards, Markus Index: Makefile === RCS file: /cvs/ports/net/snort/Makefile,v retrieving revision 1.111 diff -u -p -u -p -r1.111 Makefile --- Makefile19 Sep 2021 10:18:25 - 1.111 +++ Makefile31 Jan 2022 22:09:47 - @@ -2,8 +2,8 @@ COMMENT = highly flexible sniffer/NIDS -DISTNAME = snort-2.9.18.1 -RULESV = 29181 +DISTNAME = snort-2.9.19 +RULESV = 29190 SUBST_VARS = RULESV APPID_COMMENT CATEGORIES = net security Index: distinfo === RCS file: /cvs/ports/net/snort/distinfo,v retrieving revision 1.47 diff -u -p -u -p -r1.47 distinfo --- distinfo19 Sep 2021 10:18:25 - 1.47 +++ distinfo31 Jan 2022 22:09:47 - @@ -1,2 +1,2 @@ -SHA256 (snort-2.9.18.1.tar.gz) = 2orw8bLk8kfZcMajwOg/ttzVyE+qIa6knzBvJp6OKKo= -SIZE (snort-2.9.18.1.tar.gz) = 7001847 +SHA256 (snort-2.9.19.tar.gz) = sS/G23KvtYmHor8ZVLj0W94CBHwjVRPHZjhXuVBjacc= +SIZE (snort-2.9.19.tar.gz) = 7005881 Index: patches/patch-src_dynamic-plugins_sf_engine_Makefile_in === RCS file: /cvs/ports/net/snort/patches/patch-src_dynamic-plugins_sf_engine_Makefile_in,v retrieving revision 1.17 diff -u -p -u -p -r1.17 patch-src_dynamic-plugins_sf_engine_Makefile_in --- patches/patch-src_dynamic-plugins_sf_engine_Makefile_in 19 Sep 2021 10:18:25 - 1.17 +++ patches/patch-src_dynamic-plugins_sf_engine_Makefile_in 31 Jan 2022 22:09:47 - @@ -14,7 +14,7 @@ Index: src/dynamic-plugins/sf_engine/Mak @BUILD_OPENSSL_MD5_TRUE@OPENSSL_MD5 = \ @BUILD_OPENSSL_MD5_TRUE@md5.c md5.h -@@ -517,7 +517,7 @@ massage_ipv6_headers = \ +@@ -529,7 +529,7 @@ massage_ipv6_headers = \ $(sed_ipv6_headers); \ fi Index: patches/patch-src_preprocessors_Stream6_snort_stream_tcp_c === RCS file: /cvs/ports/net/snort/patches/patch-src_preprocessors_Stream6_snort_stream_tcp_c,v retrieving revision 1.13 diff -u -p -u -p -r1.13 patch-src_preprocessors_Stream6_snort_stream_tcp_c --- patches/patch-src_preprocessors_Stream6_snort_stream_tcp_c 11 Jul 2021 02:11:34 - 1.13 +++ patches/patch-src_preprocessors_Stream6_snort_stream_tcp_c 31 Jan 2022 22:09:47 - @@ -2,7 +2,7 @@ $OpenBSD: patch-src_preprocessors_Stream Index: src/preprocessors/Stream6/snort_stream_tcp.c --- src/preprocessors/Stream6/snort_stream_tcp.c.orig +++ src/preprocessors/Stream6/snort_stream_tcp.c -@@ -8919,7 +8919,7 @@ static int ProcessTcp(SessionControlBlock *scb, Packet +@@ -8939,7 +8939,7 @@ static int ProcessTcp(SessionControlBlock *scb, Packet char src_addr[17]; char dst_addr[17]; memset((char *)timestamp, 0, TIMEBUF_SIZE);
Re: [update] net/snort 2.9.20
ping On Thu, Aug 11, 2022 at 09:24:45PM +0200, Markus Lude wrote: > Hello, > > attached is an update of snort to 2.9.20. > Tested on amd64. > > Please test and commit. > > Regards, > Markus Index: Makefile === RCS file: /cvs/ports/net/snort/Makefile,v retrieving revision 1.112 diff -u -p -u -p -r1.112 Makefile --- Makefile22 Feb 2022 23:14:30 - 1.112 +++ Makefile9 Aug 2022 11:46:27 - @@ -2,8 +2,8 @@ COMMENT = highly flexible sniffer/NIDS -DISTNAME = snort-2.9.19 -RULESV = 29190 +DISTNAME = snort-2.9.20 +RULESV = 29200 SUBST_VARS = RULESV APPID_COMMENT CATEGORIES = net security Index: distinfo === RCS file: /cvs/ports/net/snort/distinfo,v retrieving revision 1.48 diff -u -p -u -p -r1.48 distinfo --- distinfo22 Feb 2022 23:14:30 - 1.48 +++ distinfo9 Aug 2022 11:46:27 - @@ -1,2 +1,2 @@ -SHA256 (snort-2.9.19.tar.gz) = sS/G23KvtYmHor8ZVLj0W94CBHwjVRPHZjhXuVBjacc= -SIZE (snort-2.9.19.tar.gz) = 7005881 +SHA256 (snort-2.9.20.tar.gz) = KUAOE/U7GDHguLEOwSJKHLqm3BUzpTIqIN2Au4S0mBw= +SIZE (snort-2.9.20.tar.gz) = 7009894 Index: patches/patch-src_dynamic-preprocessors_Makefile_in === RCS file: /cvs/ports/net/snort/patches/patch-src_dynamic-preprocessors_Makefile_in,v retrieving revision 1.25 diff -u -p -u -p -r1.25 patch-src_dynamic-preprocessors_Makefile_in --- patches/patch-src_dynamic-preprocessors_Makefile_in 19 Sep 2021 10:18:25 - 1.25 +++ patches/patch-src_dynamic-preprocessors_Makefile_in 9 Aug 2022 11:46:27 - @@ -1,8 +1,7 @@ -$OpenBSD: patch-src_dynamic-preprocessors_Makefile_in,v 1.25 2021/09/19 10:18:25 sthen Exp $ Index: src/dynamic-preprocessors/Makefile.in --- src/dynamic-preprocessors/Makefile.in.orig +++ src/dynamic-preprocessors/Makefile.in -@@ -1655,19 +1655,8 @@ clean-local: +@@ -1658,19 +1658,8 @@ clean-local: rm -rf include build install-data-local: Index: patches/patch-src_preprocessors_Stream6_snort_stream_tcp_c === RCS file: /cvs/ports/net/snort/patches/patch-src_preprocessors_Stream6_snort_stream_tcp_c,v retrieving revision 1.14 diff -u -p -u -p -r1.14 patch-src_preprocessors_Stream6_snort_stream_tcp_c --- patches/patch-src_preprocessors_Stream6_snort_stream_tcp_c 22 Feb 2022 23:14:30 - 1.14 +++ patches/patch-src_preprocessors_Stream6_snort_stream_tcp_c 9 Aug 2022 11:46:27 - @@ -1,8 +1,7 @@ -$OpenBSD: patch-src_preprocessors_Stream6_snort_stream_tcp_c,v 1.14 2022/02/22 23:14:30 sthen Exp $ Index: src/preprocessors/Stream6/snort_stream_tcp.c --- src/preprocessors/Stream6/snort_stream_tcp.c.orig +++ src/preprocessors/Stream6/snort_stream_tcp.c -@@ -8939,7 +8939,7 @@ static int ProcessTcp(SessionControlBlock *scb, Packet +@@ -8953,7 +8953,7 @@ static int ProcessTcp(SessionControlBlock *scb, Packet char src_addr[17]; char dst_addr[17]; memset((char *)timestamp, 0, TIMEBUF_SIZE);
Re: [update] net/snort 2.9.20
On Wed, Aug 24, 2022 at 03:15:49PM +0100, Stuart Henderson wrote: Hi, > commited, thanks. diff was against an old tree so hand-applied > rather than patch(1)'d. sorry for the additional work. I seem to have missed this. Unfortunately some additional change crept in. The PLIST entry of lib/snort_dynamicrules got lost. Normally the directory is empty and a placeholder for compiled rules. The directory is referenced in /etc/snort/snort.conf: 256 257 # path to dynamic rules libraries 258 dynamicdetection directory /usr/local/lib/snort_dynamicrules 259 and snort now complains about the missing directory. Therefore either comment out the line in snort.conf or as I prefer re-add back the entry in PLIST. Attached is a patch for the later way. Regards, Markus Index: Makefile === RCS file: /cvs/ports/net/snort/Makefile,v retrieving revision 1.114 diff -u -p -u -p -r1.114 Makefile --- Makefile24 Aug 2022 14:14:57 - 1.114 +++ Makefile29 Aug 2022 20:51:35 - @@ -1,6 +1,7 @@ COMMENT = highly flexible sniffer/NIDS DISTNAME = snort-2.9.20 +REVISION = 0 RULESV = 29200 SUBST_VARS = RULESV APPID_COMMENT Index: pkg/PLIST === RCS file: /cvs/ports/net/snort/pkg/PLIST,v retrieving revision 1.37 diff -u -p -u -p -r1.37 PLIST --- pkg/PLIST 24 Aug 2022 14:16:28 - 1.37 +++ pkg/PLIST 29 Aug 2022 20:51:35 - @@ -45,6 +45,7 @@ ${APPID_COMMENT}@so lib/snort_dynamicpre @so lib/snort_dynamicpreprocessor/libsf_ssh_preproc.so @comment lib/snort_dynamicpreprocessor/libsf_ssl_preproc.la @so lib/snort_dynamicpreprocessor/libsf_ssl_preproc.so +lib/snort_dynamicrules/ @man man/man8/snort.8 share/doc/pkg-readmes/${PKGSTEM} share/doc/snort/