From 059ba725883db51fbc9ce16170f4cd37d9791a02 Mon Sep 17 00:00:00 2001 From: brad Date: Wed, 26 May 1999 14:49:00 +0000 Subject: [PATCH] patch from CyberPsychotic --- net/sniffit/Makefile | 4 +- net/sniffit/patches/patch-ab | 85 +++++++++++++++++++----------------- 2 files changed, 47 insertions(+), 42 deletions(-) diff --git a/net/sniffit/Makefile b/net/sniffit/Makefile index 0d531d53aab..509f71c0002 100644 --- a/net/sniffit/Makefile +++ b/net/sniffit/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.3 1999/04/09 04:11:50 brad Exp $ +# $OpenBSD: Makefile,v 1.4 1999/05/26 14:49:00 brad Exp $ # $FreeBSD: Makefile,v 1.1.1.1 1998/04/04 04:58:25 obrien Exp $ DISTNAME= sniffit.0.3.5 @@ -17,9 +17,7 @@ do-install: ${INSTALL_PROGRAM} ${WRKSRC}/sniffit ${PREFIX}/sbin ${INSTALL_MAN} ${WRKSRC}/sniffit.5 ${PREFIX}/man/man5 ${INSTALL_MAN} ${WRKSRC}/sniffit.8 ${PREFIX}/man/man8 -.if !defined(NOPORTDOCS) ${MKDIR} ${PREFIX}/share/doc/sniffit ${INSTALL_MAN} ${WRKSRC}/README.FIRST ${PREFIX}/share/doc/sniffit -.endif .include diff --git a/net/sniffit/patches/patch-ab b/net/sniffit/patches/patch-ab index e89aa46063b..c386d80ad2c 100644 --- a/net/sniffit/patches/patch-ab +++ b/net/sniffit/patches/patch-ab @@ -1,39 +1,46 @@ -*** sniffit.0.3.5.c.orig Fri Apr 18 16:33:58 1997 ---- sniffit.0.3.5.c Thu May 7 15:02:13 1998 -*************** -*** 411,421 **** ---- 411,432 ---- - proto=unwrap_packet(sp, info); - if(proto == NO_IP) return DONT_EXAMINE; /* no use in trying */ - if(proto == NO_IP_4) return DONT_EXAMINE; /* no use in trying */ -+ if(proto == CORRUPT_IP) -+ { -+ printf("Suspicious Packet detected... (Split header)\n"); -+ return DONT_EXAMINE; -+ } - - memcpy(&iphead,(sp+PROTO_HEAD),sizeof(struct IP_header)); - so=(unsigned char *)&(iphead.source); - dest=(unsigned char *)&(iphead.destination); - -+ if(info->FRAG_nf!=0) -+ { -+ printf("Fragment Skipped...\n"); -+ return DONT_EXAMINE; -+ } -+ - if((proto==TCP)&&(PROTOCOLS&F_TCP)) - { - #ifdef DEBUG_ONSCREEN -*************** -*** 1220,1225 **** ---- 1231,1239 ---- - proto=unwrap_packet(sp, info); - if(proto == NO_IP) return DONT_EXAMINE; /* no use in trying */ - if(proto == NO_IP_4) return DONT_EXAMINE; /* no use in trying */ -+ if(proto == CORRUPT_IP) return DONT_EXAMINE; /* no use in trying */ -+ -+ if(info->FRAG_nf!=0) return DONT_EXAMINE; - - (*IP_nr_of_packets)++; - if(proto==ICMP) +--- sniffit.0.3.5.c.orig Fri Apr 18 05:33:58 1997 ++++ sniffit.0.3.5.c Wed May 26 09:42:33 1999 +@@ -93,7 +93,9 @@ + exit(0); + } + +-void my_exit (void) { exit(0);}; ++void my_exit (void) { ++ if(LOGGING=1) stop_logging(); ++ exit(0);}; + + /* DEBUGGING INFO */ + #ifdef DEBUG +@@ -411,11 +413,22 @@ + proto=unwrap_packet(sp, info); + if(proto == NO_IP) return DONT_EXAMINE; /* no use in trying */ + if(proto == NO_IP_4) return DONT_EXAMINE; /* no use in trying */ ++ if(proto == CORRUPT_IP) ++ { ++ printf("Suspicious Packet detected... (Split header)\n"); ++ return DONT_EXAMINE; ++ } + + memcpy(&iphead,(sp+PROTO_HEAD),sizeof(struct IP_header)); + so=(unsigned char *)&(iphead.source); + dest=(unsigned char *)&(iphead.destination); + ++ if(info->FRAG_nf!=0) ++ { ++ printf("Fragment Skipped...\n"); ++ return DONT_EXAMINE; ++ } ++ + if((proto==TCP)&&(PROTOCOLS&F_TCP)) + { + #ifdef DEBUG_ONSCREEN +@@ -1220,6 +1233,9 @@ + proto=unwrap_packet(sp, info); + if(proto == NO_IP) return DONT_EXAMINE; /* no use in trying */ + if(proto == NO_IP_4) return DONT_EXAMINE; /* no use in trying */ ++ if(proto == CORRUPT_IP) return DONT_EXAMINE; /* no use in trying */ ++ ++ if(info->FRAG_nf!=0) return DONT_EXAMINE; + + (*IP_nr_of_packets)++; + if(proto==ICMP)