Commit Graph

62 Commits

Author SHA1 Message Date
pvalchev
1fcfc6b7b2 Differentiate between struct timeval and bpf_timeval.. fixes
logging/alerting on 64-bit platforms.
From nikns@secure.lv
2006-11-25 05:33:28 +00:00
aanriot
5590ff2a91 use not hardcoded paths in the configuration file.
inputs and ok alek@
2006-10-14 09:54:04 +00:00
aanriot
8b39380162 - update to 2.6.0.2 .
- enable dynamicplugin / dynamic preprocessors.
- install documentation.
- fix instructions.
- USE_LIBTOOL.

update from nikns <nikns@secure.lv> with a few changes;
feedback and ok msf@
2006-10-10 13:33:17 +00:00
espie
081f45d827 new style specs 2006-08-03 23:15:57 +00:00
aanriot
65998b2aa0 - add a "prelude" flavor, snort can be used as a sensor by prelude.
- bump PKGNAME .

inputs & ok alek@, "I have no problem with this" david@
2006-06-28 19:27:42 +00:00
david
c4c85a9667 update to snort-2.4.5 (fixes several possible detection evasions) 2006-06-08 20:25:53 +00:00
aanriot
52f436f7d2 tarball has been rerolled without any changes.
confirmed by Steven Sturges <steve.sturges@sourcefire.com>;
ok msf@, no objection sturm@
2006-05-30 18:45:18 +00:00
david
438d468147 update to snort-2.4.4 2006-04-12 22:03:47 +00:00
david
329cc9d75f zap 0 byte file 2006-02-04 17:48:20 +00:00
david
12ec3a6876 update to snort-2.4.3; ok sturm@ 2006-02-04 13:15:42 +00:00
david
fba56fa8a8 remove dead smbalert flavor; it was removed from snort over 2 years ago
since then this flavor has been doing nothing
2006-01-25 04:14:39 +00:00
brad
b0cd0ff5aa add a comment 2006-01-06 04:22:06 +00:00
brad
3ba2cf2ac4 disable optimization on sparc64 as a workaround, resolves crashing issues. 2006-01-06 04:20:32 +00:00
david
ee5d974f4a Fixed issue with MySQL 5.0 and the schema keyword; from snort CVS
bump PKGNAME
2006-01-04 04:15:18 +00:00
msf
91e4d342fd - remove inactive MAINTAINER
ok jolan@
2005-11-04 16:20:42 +00:00
mjc
e8aaa066c3 missing part of LIB_DEPENDS path
spotted by viq <viq@poczta.fm>
2005-07-04 22:18:51 +00:00
sturm
28d49a65fd update to snort 2.3.3
from Jason Crawford <jasonrcrawford at gmail.com>
2005-06-29 06:01:38 +00:00
mjc
a511c62a0a forgot to bump version with libnet fixes 2005-05-24 04:47:30 +00:00
mjc
4ffe61de6c cope with new libnet port (flavours can run, but they can't hide)
ok pvalchev@ msf@
2005-05-24 04:39:05 +00:00
naddy
fedfc3867f SIZE 2005-01-05 17:14:37 +00:00
alek
2344f6d18c Add WANTLIB markers 2004-12-16 00:31:20 +00:00
espie
52b24f12ea new plists, kill a few INSTALL scripts. 2004-09-15 18:17:38 +00:00
sturm
53929a0feb cvs sux and pointers are long not int
ok maintainer
2004-04-12 14:58:55 +00:00
sturm
42572a3821 update to snort 2.1.2
from maintainer Brian Caswell <bmc at openbsd.org>, tweaks by yours truly
2004-04-12 14:56:31 +00:00
brad
584755cbb2 better LIB_DEPENDS entries for MySQL 2004-01-02 04:56:24 +00:00
naddy
b750466bbf remove WWW lines 2003-12-15 23:03:07 +00:00
pvalchev
5ce38b7667 fix 64bit issues; Brian Poole & bmc 2003-09-03 21:32:33 +00:00
pvalchev
c411447a30 fix sparc/sparc64 detection; pointed out in spp_stream4 by Brandon Williams; ok bmc 2003-06-24 17:02:38 +00:00
avsm
831d2a16f6 update to snort-2.0.0; fixes a remote overflow - users of older versions
should upgraded

from bmc@snort.org
2003-04-16 13:01:42 +00:00
brad
e4bb690c8f sync 2003-03-03 22:05:41 +00:00
pvalchev
c7075dedc2 Update to snort-1.9.1, 1.9.0 is vulnerable to a remote buffer overflow
(leading to arbitrary code execution); from maintainer Brian Caswell

See http://www.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21951
2003-03-03 22:00:20 +00:00
lebel
3cce63388a update net/snort to 1.9; OKed by MAINTAINER 2003-02-03 21:21:00 +00:00
fgsch
e5e4446061 finally, no more NEED_VERSION. 2002-12-29 21:14:10 +00:00
wilfried
0440d7845c add specifier to RUN_DEPENDS and BUILD_DEPENDS 2002-06-09 05:31:40 +00:00
bmc
08acdf148f Updated to snort-1.8.6
--
This update contains a ton of fixes and features.  Included is a small bit
from the ChangeLog:
* corrected big endian rpc decoding
* stop stream4 from clobbering itself
* fixed file rotation bug in spo_unified
* massive speed patch for multiple CIDR blocks
* corrected ICMP printing
* added a ton of new signatures
2002-04-26 12:51:39 +00:00
brad
a0b7b93825 fix MySQL dependency entry.
--
Pointed out by: Saad Kadhi <bsdguy@docisland.org>
2001-12-13 16:25:05 +00:00
bmc
22165cfacb * update to 1.8.3
From ChangeLog:
- Fixed crash in frag2 under Linux
- Fixed flexresp code, session sniping should work again and be
  faster to boot
- Fixed ICMP decoder and printout routines for new ICMP header
  data structs in decode.h
- Added -B command line switch to translate IP addresses in pcap
  files from one subnet to another (see the man page).
- Added spo_log_null to give users an option to deactivate logging
  output from the snort.conf file.
2001-12-06 18:31:39 +00:00
bmc
973c03e947 Oops. (Sorry Marc) 2001-11-19 14:34:33 +00:00
bmc
52137117a9 * update to 1.8.2 2001-11-19 12:39:25 +00:00
bmc
672f3eb763 * added information about avail flavors
* added useful infromation about snort
2001-08-16 14:02:46 +00:00
bmc
147392010e Changed HOMEPAGE to the new snort site until the domain for snort.org
is moved over.

New to 1.8.1
* SNMP Alerts
* IDMEF XML output
* Limited wildcard regex support
* New normalization mode for http_decode
* many bug fixes
2001-08-16 13:56:40 +00:00
bmc
4b8bf1fbaa * update to 1.8.1 BETA5
From Changelog:
    * added new IP defragmenter, spp_frag2
    * added new stateful inspection/tcp stream reassembly plugin, spp_stream4
    * Snort can now statefully detect ECN traffic (less false alarms)
    * stream4 can now keep session statistics in a "session.log" file
    * added new high-speed unified binary output system, spo_unified
    * added new data structs/management for tag code
    * added -k switch to tune checksum verification behavior
    * added -z switch to provide stateful verification of alerts
    * modified bahavior of http_decode, now only alerts once per packet
    * added unique Snort ID's to every Snort rule, plus generator, revision
      and event ID info to each alert
    * detection engine only alerts once per packet now, tcp stream code doesn't
      generate another alert packet if a previous one already alerted for that
      stream
    * fixed signal handling on svr4 systems
    * added enhanced cross reference printout to full/fast/syslog alert modes
    * added new high speed checksum verification (on x86) routines
    * added new ARP spoof detection preprocessor from Jeff
      Nathan <jeff@wwti.com>
2001-07-29 19:56:52 +00:00
brad
c69d943538 passing ${LDFLAGS} is unnecessary.
--
Ok'd by: maintainer
2001-06-24 15:16:15 +00:00
brad
0eefe9a858 - fix PostgreSQL dependency entry, pg -> pq.2
- update dependency entry for MySQL.
2001-06-03 05:28:57 +00:00
bmc
852f6d502f * integrated COMMENT
* bumped NEED_VERSION
* updated my address

ok obecian@
2001-04-12 15:59:15 +00:00
jakob
9b53594953 - fix postgres flavor issues
- PREFIX -> LOCALBASE for configurations.

from MAINTAINER
2001-03-12 21:46:20 +00:00
brad
19ba1bf156 correct path to snort example rules 2001-03-09 20:24:53 +00:00
brad
b676d035fb remove major rev for mysqlclient dependency entry. 2001-03-07 19:05:33 +00:00
brad
2d40f13625 - libnet creates a shared library now
- bump mysql shared library major rev #
2001-02-28 14:32:08 +00:00
jeremy
97c1d3667e snort PLIST. 2001-02-12 02:12:31 +00:00