- New port: p0f2 Passive OS fingerprinting tool p0f version 2 gives better 3

PR:		ports/169855
Submitted by:	Denis Pokataev <catone@cpan.org>

net-mgmt/Makefile

@@ -190,6 +190,7 @@
     SUBDIR += openvmps
     SUBDIR += ourmon
     SUBDIR += p0f
+    SUBDIR += p0f2
     SUBDIR += p5-AnyEvent-SNMP
     SUBDIR += p5-Cflow
     SUBDIR += p5-Cisco-Reconfig

net-mgmt/p0f2/Makefile

@@ -0,0 +1,50 @@
+# New ports collection makefile for:	p0f2
+# Date created:				2012-07-30
+# Whom:					Denis Pokataev <catone@cpan.org>
+#
+# $FreeBSD$
+#
+
+PORTNAME=	p0f2
+PORTVERSION=	2.0.8
+CATEGORIES=	net-mgmt security
+MASTER_SITES=	http://lcamtuf.coredump.cx/p0f/ \
+		http://farrokhi.net/distfiles/
+DISTNAME=	p0f-${DISTVERSION}
+EXTRACT_SUFX=	.tgz
+
+MAINTAINER=	catone@cpan.org
+COMMENT=	Passive OS fingerprinting tool
+
+CONFLICTS=	p0f-3.*
+
+USE_GMAKE=	yes
+ALL_TARGET=	all p0fq tools
+PORTDOCS=	COPYING CREDITS ChangeLog KNOWN_BUGS README TODO win-memleak.txt
+MAN1=		p0f.1
+WRKSRC=		${WRKDIR}/p0f
+
+post-patch:
+.for f in config.h doc/README
+	@${REINPLACE_CMD} -e 's|/etc|${PREFIX}/etc|g' ${WRKSRC}/${f}
+.endfor
+
+do-install:
+.for ii in p0f test/p0fq test/sendack test/sendack2 test/sendsyn
+	${INSTALL_PROGRAM} ${WRKSRC}/${ii} ${PREFIX}/bin
+.endfor
+	${INSTALL_SCRIPT} ${WRKSRC}/p0frep ${PREFIX}/bin
+	${MKDIR} ${PREFIX}/etc/p0f
+.for ii in . a. o. r.
+	${INSTALL_DATA} ${WRKSRC}/p0f${ii}fp ${PREFIX}/etc/p0f
+.endfor
+	${INSTALL_MAN} ${WRKSRC}/${MAN1} ${MANPREFIX}/man/man1
+
+.if !defined(NOPORTDOCS)
+	${MKDIR} ${DOCSDIR}
+.for ii in ${PORTDOCS}
+	${INSTALL_DATA} ${WRKSRC}/doc/${ii} ${DOCSDIR}
+.endfor
+.endif
+
+.include <bsd.port.mk>

net-mgmt/p0f2/distinfo

@@ -0,0 +1,2 @@
+SHA256 (p0f-2.0.8.tgz) = 6c4d8745f04e59f2ba68d56fd1554551592f08a0497c9fc21b84498f47d1aee0
+SIZE (p0f-2.0.8.tgz) = 136877

net-mgmt/p0f2/pkg-descr

@@ -0,0 +1,23 @@
+from the README:
+
+Passive OS fingerprinting is based on information coming from a remote host
+when it establishes a connection to our system.  Captured packets contain
+enough information to identify the operating system.  In contrast to active
+scanners such as nmap and QueSO, p0f does not send anything to the host being
+identified.
+
+For more information, read Spitzner's text at:
+http://www.enteract.com/~lspitz/finger.html .
+
+from the maintainer:
+
+Use of this program requires read access to the packet filtering
+device, typically /dev/bpf0.  Granting such access allows the users
+who have it to put your Ethernet device into promiscuous mode and
+sniff your network.  See
+http://www.infoworld.com/articles/op/xml/00/05/29/000529opswatch.xml
+if you do not understand how this can be harmful.  Running p0f with
+no options will cause it to analyse packets intended for other
+hosts.
+
+WWW:  http://lcamtuf.coredump.cx/p0f.shtml

net-mgmt/p0f2/pkg-plist

@@ -0,0 +1,11 @@
+bin/p0f
+bin/p0fq
+bin/p0frep
+bin/sendack
+bin/sendack2
+bin/sendsyn
+etc/p0f/p0f.fp
+etc/p0f/p0fa.fp
+etc/p0f/p0fo.fp
+etc/p0f/p0fr.fp
+@dirrmtry etc/p0f