All checksums have been double-checked against existing RMD160 and
SHA512 hashes
Unfetchable distfiles (fetched conditionally?):
./security/cyrus-sasl/distinfo cyrus-sasl-dedad73e5e7a75d01a5f3d5a6702ab8ccd2ff40d.patch.v2
Problems found locating distfiles:
Package f-prot-antivirus6-fs-bin: missing distfile fp-NetBSD.x86.32-fs-6.2.3.tar.gz
Package f-prot-antivirus6-ws-bin: missing distfile fp-NetBSD.x86.32-ws-6.2.3.tar.gz
Package libidea: missing distfile libidea-0.8.2b.tar.gz
Package openssh: missing distfile openssh-7.1p1-hpn-20150822.diff.bz2
Package uvscan: missing distfile vlp4510e.tar.Z
Otherwise, existing SHA1 digests verified and found to be the same on
the machine holding the existing distfiles (morden). All existing
SHA1 digests retained for now as an audit trail.
Changes since previous version:
SI6 Networks' IPv6 Toolkit v1.4.1
* frag6: Fixed bug that prevented Ethernet header from being filled
A bug in the code caused Ethernet frames to go on te wire without any of
their header fields completed.
* All: Use of library to avoid code replication
An "libipv6" library was created, such that common functions do not need
to be replicated for each tool. ni6, ns6, rs6, and tcp6 now employ such
library.
pkgsrc changes:
* address6 and its man page are no longer installed
* extend the Makefile changes to include the correct linkage for rs6 and tcp6
i.e. include the libipv6 object mentioned above
code was added to fix the compiler uninitialised warning (thanks!),
but the distfile name didn't change since it was packaged originally,
so do the DIST_SUBDIR dance, and bump package version to nb1
Pkgsrc changes:
+ quieten warnings from gcc 4.5.3 about uninitialised variables
Distribution changes:
SI6 Networks' IPv6 Toolkit v1.4 release
* frag6: Fixed the flooding option
Fixed the fragment size used when employing the flooding option. It was
prevously sending fragment sizes that where not a multiple of eight, and
hence these fragments were dropped.
* scan6: Added support for 64-bit encoding of IPv4 addresses
Option "--tgt-ipv4" was augmented to support both encodings (32 bit
and 64 bit) of embedded IPv4 addresses.
* tcp6: Fixed response to Neighbor Solicitations
tcp6 was not responding to incomming Neighbor Solicitations. Hence, when
packets were sent from spoofed addresses, tcp6 would never receive the
response packets, because the NSs sent by the local router or target node
would never be responded.
* tcp6: Added support for TCP Window-based attacks
tcp6 can now close the window after sending an app-layer command, and
also "modulate" the TCP window to circumvent trivial mitigations for these
attacks ("--window-mode" and "--win-modulate" options).
* tcp6: Support for multiple connection-establishment types
tcp6 can now cause e.g. TCP simultaneous opens (see the "--open-mode"
option).
* tcp6: Support for multiple connection-termination types
tcp6 can now perform multiple connection-termination types (see the
"--close-mode" option).
* tcp6: Support for sending application layer requests
tcp6 can now send application-layer requests with the "--data" option.
* Many improvements to the manual pages.
Fixed the troff encoding of many manual pages. Added ipv6toolkit(7), that
describes a general description of the toolkit.
* All: Fixed bug in link-layer destination address selection
Tools now try to find a local router or perform Neighbor Discovery only
when necessary (i.e., underlying link-layer is *not* loopback or tunnel,
destination address is *not* link-local, and a link-layer destination
address has *not* been specified).
* All: Fixed bug in option handling
Incorrect data type was used for the return value of getopt_long(), thus
leading to problems in some architectures.
* All: Fixed a number of issues with pcap_next_ex()
The timeout parameter of pcap_next_ex() is now based on the platform (the
previous constant value had different semantics in different platforms).
Additionally, handle the case where pcap_next_ex() returns no packets.
* All: General improvements and clean-up
The development process now includes building the toolkit with the clang
compiler (in addition to gcc), which has lead to the identification of a
number of issues.
* All: Improved support for building the toolkit.
The toolkit now contains one makefile for pmake, and another for GNU make.
Added support for the DESTDIR variable. Appropriate paths are selected
based on the value of a number of variables. Configuration file is
dynamically generated, with the right path to the oui.txt file.
Changes from previous version:
* IPv6-host tracking support in the scan6 tool.
* A new tool, address6, to analyze IPv6 addresses
* Minor bug fixes
* PDF manual pages have been removed
* additional manual pages
pkgsrc changes:
* patch to avoid "uninitialised variable" warning from compiler
This minor update incorporates the "--tgt-known-iids" option, which
can be used to track systems across networks, even if they employ the
so-called "Privacy Address" (and yes, that includes Microsoft Windows
systems).
created, so put the new version of the distfile into a DIST_DUBDIR.
New distfile has been verified to contain the pkgsrc patch -- which actually
caused the change in the distfile.
Changes since previous version:
+ Minor documentation updates
+ gmake no longer needed to build
+ updated patch - still needed to quieten compiler for ctype warnings
(reported upstream)
troubleshooting package for ipv6, into the Packages Collection. This is version
1.3b.
The SI6 Networks' IPv6 toolkit is a set of IPv6
security/trouble-shooting tools, that can send arbitrary IPv6-based
packets.
flow6: A tool to perform a security asseessment of the IPv6 Flow Label.
frag6: A tool to perform IPv6 fragmentation-based attacks and to
perform a security assessment of a number of fragmentation-related
aspects.
icmp6: A tool to perform attacks based on ICMPv6 error messages.
jumbo6: A tool to assess potential flaws in the handling of IPv6 Jumbograms.
na6: A tool to send arbitrary Neighbor Advertisement messages.
ni6: A tool to send arbitrary ICMPv6 Node Information messages, and
assess possible flaws in the processing of such packets.
ns6: A tool to send arbitrary Neighbor Solicitation messages.
ra6: A tool to send arbitrary Router Advertisement messages.
rd6: A tool to send arbitrary ICMPv6 Redirect messages.
rs6: A tool to send arbitrary Router Solicitation messages.
scan6: An IPv6 address scanning tool.
tcp6: A tool to send arbitrary TCP segments and perform a variety of
TCP-based attacks.
