- Fix shell quoting bugs in adsl_stop() procedure.
- Fix "awk" command used to find process id of "ppp" program.
- Remove SysV semaphore which might be left behind by "modem_run".
Bump package revision because of these fixes.
Pkgsrc changes:
- make this build under IRIX.
- tor has moved to tor.eff.org
Version changes since 0.0.9.2:
- Backport the cpu use fixes from main branch, so busy servers won't
need as much processor time.
- Work better when we go offline and then come back, or when we
run Tor at boot before the network is up. We do this by
optimistically trying to fetch a new directory whenever an
application request comes in and we think we're offline -- the
human is hopefully a good measure of when the network is back.
- Backport some minimal hidserv bugfixes: keep rend circuits open as
long as you keep using them; actually publish hidserv descriptors
shortly after they change, rather than waiting 20-40 minutes.
- Enable Mac startup script by default.
- Fix duplicate dns_cancel_pending_resolve reported by Giorgos Pallas.
- When you update AllowUnverifiedNodes or FirewallPorts via the
controller's setconf feature, we were always appending, never
resetting.
- When you update HiddenServiceDir via setconf, it was screwing up
the order of reading the lines, making it fail.
- Do not rewrite a cached directory back to the cache; otherwise we
will think it is recent and not fetch a newer one on startup.
- Workaround for webservers that lie about Content-Encoding: Tor
now tries to autodetect compressed directories and compression
itself. This lets us Proxypass dir fetches through apache.
configure script, so it must be explicitly disabled when not wanted.
Using both "with" and "without" explicitly is good practise for any
"--with-foo" option in general.
Bump revision so this is easier to track in case of PR's.
verision of libnet <= 1.0.1b. This will prevent the case where the user
has installed the libnet 1.1.x branch and then tries to install an application
that is not compatible with the 1.1.x tree.
Over time the list of these applications that require the 1.0.x branch
will be reduced as they are updated to later versions that support the
libnet 1.1.x branch.
This addresses PR# 29056 opened by diro (at) nixsys.bz, thanks for the PR !
2005-01-25 - Snort 2.3.0 Final Released
* Fixed issue with sfPortscan reporting incorrect IP datagram length.
Thanks Jon Hart for the test case and finding the bug, and Marc Norton
for resolving the issue.
* Threshold/Suppression now prints properly when logging to syslog.
Thanks Sekure for pointing out the problem. Thanks Steve Sturges for
working on the fix.
* Threshold memcap argument now correctly handles non-integer input.
Thanks nnposter for the patch.
* Fixed issue reported by Allan Jensen, where on MacOS X, ppp links were
not decoded properly. Thanks Dan Roelker for the fix.
* Snort manual and FAQ are updated for 2.3. Thanks Jen Harvey for your
work on putting it all together.
2004-12-15 - Snort 2.3.0 RC2 Released
* Small performance improvement to arpspoof and also fixed a problem
where the list of configured IP/MAC entries would contain only one
entry and leaked memory (Jeff Nathan).
* Fixed a problem affecting MacOS X where linking may fail with
non-standard libraries when global symbols are encountered multiple
times (Jeff Nathan).
* Ignore RST|ACK midstream pickup case so we don't get an evasive TCP
alerts. Thanks for the report, Sekure. Thanks Dan Roelker for the fix.
* Moved CheckLogDir() to after parsing snort.conf (for IDS mode) so the
logdir config will work if the default or command-line logdir does not
exist on the system. Thanks Dan Roelker.
* Fixed bug when setting the doe_ptr on a successful pcre match.
It is now set relative to base_ptr. Thanks Steve Sturges for the
fix.
* Added from_beginning and multiplier options for byte_jump.
from_beginning skips bytes from the beginning of the content,
instead of from the location immediately following the number
of bytes to skip. multiplier takes a numeric argument, and
skips x times that number of bytes. Thanks again to Steve Sturges.
* In "fast" output, now log only actual packet contents when UDP
data length is greater than actual data length. Thanks Brian
Caswell for spotting this, and Andrew Mullican for working on the fix.
* Please check the ChangeLog for further details.
2004-11-18 - Snort 2.3.0 RC1 Released
* Added IPS functionality from Snort-Inline. A big thanks to the
Snort-Inline guys (Jed Haile, Rob McMillen, William Metcalf, and Victor
Julien). Also, Thanks Dan Roelker for doing the integrating of
Snort-Inline into the official Snort project.
* Added new portscan detector. The design and implementation was headed
up by Dan Roelker, and included Marc Norton and Jeremy Hewlett.
* Numerous changes for better 64bit Snort support from Jeremy Hewlett and
Marc Norton. Additionally, an --enable-64bit-gcc option was added to
configure. However, there are still some memory alignment issues to
work out before 64bit mode is fully functional, patches are welcomed.
Thanks Chris Baker for doing 64bit testing.
* Added not_established keyword to the flow detection option. This allows
snort to do dynamic firewall rulesets. Experimental for now.
* Added an enforce_state keyword to stream4 so we won't pick up midstream
sessions. This works well for asynchronous links and also for
just monitoring legitimate traffic.
* Relocated ./contrib files to http://www.snort.org/dl/contrib as many
are not maintained by Sourcefire and are out of date. The rpm and
schema files have been relocated in their respective 'rpm' and 'schemas'
directories under the snort parent directory.
* perfmonitor config line can now be configured with "accumulate" or
"reset." Thanks Marc Norton for the feature, and Barry Basselgia for
pointing out the issue. Thanks Scott Dexter and Andreas Ostling for
doing some initial testing.
* Fixed 64-bit bug in sfmemcap.c found and tested by Ryan Matteson
and Clay McClure. Thanks guys.
* Fixed reference times to match log time for first packet, for an event
generated by a reassembled packet. Incremented event ID to give
unique ID for each packet. Also made unified logging compatible with
Windows. Thanks Andrew Mullican for the fix.
* Fixed linux perfmonitoring stats for the 2.6 kernel. Thanks to
everyone that reported this bug. Thanks Dan Roelker for the fix.
* Get thresholding/suppression to work for alerts that do not
contain an ip header (primarily decode alerts). Thanks
Brian Caswell.
* Fix conditions where snort would log double web alerts that
contained only content options (no uricontents). Thanks to kawa for
finding and reporting this bug.
* Fix suppression/thresholding bug for non-rule alerts. Thanks to
Alex Butcher for reporting it to us.
* Many other bug fixes, please check the ChangeLog for details.
are problems with some network configuration. phone agreed to reomve it.
Add 24 to PYTHON_VERSIONS_ACCEPTED, because it works since version 0.3.9
with Python 2.4.
Approved by wiz.
Release notes:
- 0.3.9
Ever since the Python people released a new revision of their rather
intriguing programming language, I've had people bugging me to put out a
new version (especially since there were issues with running the 0.3.8
codebase under it).
I'd been waiting for a version of wxPython for Windows that would work
with the new Python to be released as well, and now that it has, well,
here you go!
This version also fixes a few other bugs; the number of upload slots is
now proper, and firewalled peers that lose all their connections will find
themselves reconnecting more quickly, and a few other problems were fixed.
I did hold back a number of fixes and improvements pending work on 0.4.0.
Otherwise I'd wind up having to update two separate branches of code,
something I'd really rather not do. (Forking your own code can suck
badly.) So the window-width problem still isn't fixed. Oh well.
- 0.3.9a
The T-0.3.9a release contains a bugfix for the tracker, and the modified
installer includes a DLL which is missing on some people's systems. If
you're already successfully running T-0.3.9 on your system, there's no
need to upgrade.
- 0.3.9b
This contains another fix to the tracker codebase. No change was made to
client functionality.
- 0.3.10
The latest update should fix the problem with the client getting stuck in
the task manager under Windows. The pause system has been rewritten, and
no longer halts the engine; it should work properly without freezing up
now on machines w/ limits on the maximum number of connections that can
be kept open. A few other bugs have been fixed, though the GUI width
problem hasn't (and may not until the GUI is rewritten). Another stupid
bug, where the download time estimate isn't blanked when the client is
paused, will be fixed in the next version.
others OS as well. Patch wget so that it won't try to use ipv6-mapped ipv4
addresses, but uses INET4 socket sockets instead. Bump pkgrev.
Fix issues with v6-enabled wget reported on tech-pkg.
Changes include:
Fixes for print-isakmp.c CVE: CAN-2004-0183, CAN-2004-0184
http://www.rapid7.com/advisories/R7-0017.html
IP-over-IEEE1394 printing.
some MINGW32 changes.
updates for autoconf 2.5
fixes for print-aodv.c - check for too short packets
formatting changes to print-ascii for hex output.
check for too short packets: print-bgp.c, print-bootp.c, print-cdp.c,
print-chdlc.c, print-domain.c, print-icmp.c, print-icmp6.c,
print-ip.c, print-lwres.c, print-ospf.c, print-pim.c,
print-ppp.c,print-pppoe.c, print-rsvp.c, print-wb.c
print-ether.c - better handling of unknown types.
print-isoclns.c - additional decoding of types.
print-llc.c - strings for LLC names added.
print-pfloc.c - various enhancements
print-radius.c - better decoding to strings.
changed syntax of -E argument so that multiple SAs can be decrypted
fixes for Digital Unix headers and Documentation
__attribute__ fixes
CDP changes from Terry Kennedy <terry@tmk.com>.
IPv6 mobility updates from Kazushi Sugyo <sugyo@pb.jp.nec.com>
Fixes for ASN.1 decoder for 2.100.3 forms.
Added a count of packets received and processed to clarify numbers.
Incorporated WinDUMP patches for Win32 builds.
PPPoE payload length headers.
Fixes for HP C compiler builds.
Use new pcap_breakloop() and pcap_findalldevs() if we can.
BGP output split into multiple lines.
Fixes to 802.11 decoding.
Fixes to PIM decoder.
SuperH is a CPU that can't handle unaligned access. Many fixes for
unaligned access work.
Fixes to Frame-Relay decoder for Q.933/922 frames.
Clarified when Solaris can do captures as non-root.
Added tests/ subdir for examples/regression tests.
New -U flag. -flush stdout after every packet
New -A flag -print ascii only
support for decoding IS-IS inside Cisco HDLC Frames
more verbosity for tftp decoder
mDNS decoder
new BFD decoder
cross compilation patches
RFC 3561 AODV support.
UDP/TCP pseudo-checksum properly for source-route options.
sanitized all files to modified BSD license
Add support for RFC 2625 IP-over-Fibre Channel.
fixes for DECnet support.
Support RFC 2684 bridging of Ethernet, 802.5 Token Ring, and FDDI.
RFC 2684 encapsulation of BPDUs.
This is a security fix update.
python*-pth packages into meta-packages which will install the non-pth
packages. Bump PKGREVISIONs on the non-pth versions to propagate the
thread change, but leave the *-pth versions untouched to not affect
existing installations.
Sync all PYTHON_VERSIONS_AFFECTED lines in package Makefiles.
- Migrate to SUBST_* framework
- Don't hardcode references to /var, use ${VARBASE} instead
2005/1/12 -- 1.37
* base class did assume that concurrent probes were off by default
-- Niko Tyni <ntyni *iki.fi>
2005/1/7 -- 1.36 (1.35 was an internal release)
* concurrent probes are default now, together with
a 'random' offset to make sure not all smokepings hit the net
at the same time -- Tobi
* fixes for loggin -- Niko Tyni <ntyni *iki.fi>
- warn if no logging method is active while daemonizing.
- turn debugging on before loading the config file.
- make do_debuglog a no-op if $use_debuglog isn't set
- add debug info to FPing* probes
- print the RRD create and update strings when debugging
* Allow probe- and target-specific number of pings -- Niko Tyni <ntyni *iki.fi>
* RemoteFPing probe revisited and fixed. Note this probe allowed
PROBE_CONF config where this was technically not possible. Now these settings
are done in the ***Probes*** section ... you have to fix your
config files -- Niko Tyni <ntyni *iki.fi>
* fixed many typos and some seemingly numeric comparisons -- Niko Tyni
<ntyni *iki.fi>
* new feature 'concurrentprobes' allow to run multiple probes in paralell and
at different step width. -- Niko Tyni <ntyni *iki.fi>
* allow to define multiple instances of a sigle probe -- Niko Tyni
<ntyni *iki.fi>
* fix --filter again ... pathprefix was still in there -- tobi
2004/11/29 -- 1.34 (1.32 + 1.33 were internal only releases)
* added SNPP support as suggested by jdelisle -- tobi
* added ipv6 support to EchoPing probe -- Niko Tyni <ntyni *iki.fi>
* fix for Radius probe -- Niko Tyni <ntyni *iki.fi>
* added new alert plugins called matchers -- tobi
* created matcher::avgratio sponsored by virtela.net -- tobi
* make --filter option actually work -- tobi
* removed maxmedian magic regexp ... -- tobi
* added new alert type matcher -- tobi
* fixed pod errors -- Niko Tyni <ntyni *iki.fi>
* allow to mix programs and email addresses in alerts --tobi
* allow to define recipient per alert --tobi
2004/08/04 -- 1.31
* added anotherdns and anotherssh probes -- Christoph.Heine *HaDiKo.DE
* modify FPing probes to skip ICPM errors in the output -- Tobi
* modify RemoteFPing probe to work with normal fping that outputs
via stderr. -- Tobi
* allow timeout to be specified in base::forks based probes -- Tobi
* Added ssh probe -- Christian Recktenwald <smokeping-contact *citecs.de>
new features:
option "wait-slave" blocks open of pty master side until a client
connects, "pty-intervall" controls polling
option -h as synonym to -? for help (contributed by Christian Lademann)
filan prints formatted time stamps and rdev (disable with -r)
redirect filan's output, so stdout is not affected (contributed by Luigi Iotti)
filan option -L to follow symbolic links
filan shows termios control characters
corrections:
proxy address no longer performs unsolicited retries
filan -f no longer needs read permission to analyze a file (but still
needs access permission to directory, of course)
porting:
Option dsusp
FreeBSD options noopt, nopush, md5sig
OpenBSD options sack-disable, signature-enable
HP-UX, Solaris options abort-threshold, conn-abort-threshold
HP-UX options b900, b3600, b7200
Tru64/OSF1 options keepinit, paws, sackena, tsoptena
further corrections:
address pty now uses ptmx as default if openpty is also available
- Fix bug with IPv6 support on non-IPv6 enabled systems
- Tidy up Makefile
- Move patch-aa to Makefile
- ok'ed bouyer@
Changes 2.11.1, 2005-01-05
--------------------------
From: Artyom Adjemov <one.bofh location gmail.com>
* new Windows docu ... running mrtg as an nt service with srvany.
From: Joe Pruett <joey location clean.q7.com>
* fixed snmp options parsing in MRTG_lib.pm to allow for !
From: Tobi
* fixed secondmean and logscale to actually issue the propper
options for rateup.
* fixed compilation of rateup.exe for windows to get the new strftime
function to be actually used ...
Changes 2.11.00, 2004-12-08
---------------------------
From: Al Payne <apayne location pleiades.com>
* integrated support for dellLan in cfgmaker
* reindented cfgmaker
From: Mike Nealon <mnealon location conversent.com>
and Larry Fahnoe <fahnoe@FahnoeTech.com>
* fix cfgmaker handling of 'lowspeed' highSpeed interfaces
From: Tobi Oetiker
* reindent rateup.c
* remove @ signs from mail addresses in change log
* added if_MTU variable to cfgmaker
* make windows users happy. rateup.exe now uses a special strftime.c
that knows about %V and will thus provided propper ISO week numbers for
windows as well. Changed the default week format to V.
From: zurkabsd location yahoo.com.cn
* new chinese translation
From: Jaime Damiao Anjos Cadete <jaime.d.cadete location ptprime.pt>
* put -lm into LIBS to make sure it comes last
From: Ian Duplisse <i.duplisse location cablelabs.com>
* remove the flattening of peaks from the code in rateup.c this does not reflect
what actually happens
From: John Van Essen <vanes002 location umn.edu>
* fix handling of unknonwn (-1) data in rateup ...
From: Benjamin Despres <http://users.tmok.com/~pla/email_me.shtml>
* Logscale and Secondmean logarithmic scaling for rateup
From: alex <alex location craxor.com>
* contributed mrtg message dll. Added note about it to mrtg-reference.pod
From: Mateusz <mateusz location republika.pl>
* support option derive is using rrdtool logging
From: Ulf Härnhammar <Ulf.Harnhammar.9485 location student.uu.se>
* prevent potential buffer overflow in ratup due to 'strange' input files
Changes 2.10.15, 2004-08-08
---------------------------
From: NormW <normw location bocnet.com.au>
* patches for netware support
From: Tobi
* the optional Conversion function wants to have the original
data pulled in via snmp to work with, mapping \n and \r to nothing
and stripping spaces must happen later.
* better error message for missing library
* Updated to snmp_session 1.05
From: Fuminori -Tany- Tanizaki <tany location tany.org>
* fix for cuin and cout values saved in html comments
From: Tom Pala <gotar location pld-linux.org>
* fix for polish translation
From: Georgi Georgiev <chutz location gg3.net>
* nodetach option for running mrtg under daemontools
From: Jozsef Szilagyi <j.szilagyi location atlastelecom.ro>
* fixed indexmaker. added missing last for --section=portname code
From: Bartosz Kwitniewski <zerg2000 location lurker.ath.cx>
* fixed scaling bug in rateup (unsigned long) should have been long long
From: Mike Mitchell <mcm location unx.sas.com>
* fix indexmaker when used with 14all
This release fixes the following security-related issues:
- The COPS dissector could go into an infinite loop. (CAN-2005-0006)
- The DLSw dissector could cause an assertion, making Ethereal exit
prematurely. (CAN-2005-0007)
- The DNP dissector could cause memory corruption. (CAN-2005-0008)
- The Gnutella dissector could cause an assertion, making Ethereal exit
prematurely. (CAN-2005-0009)
- The MMSE dissector could free static memory. (CAN-2005-0010)
- The X11 protocol dissector is vulnerable to a string buffer overflow.
(CAN-2005-0084)
- Please see the application advisory for more information
Everyone is encouraged to upgrade.
New and updated features:
=========================
- Ethereal will now detect and flag weak 802.11 WEP IVs.
- Windows Sniffer timestamp handling has been greatly improved.
- A bug which made Ethereal crash at startup on Windows 98 and Windows ME
systems has been fixed.
- Ethereal and Tethereal now support a personal "hosts" file.
- Invalid field length handling has been greatly improved.
- The capture progress window title now shows the interface name.
New protocol support:
=====================
- ALC, AMR, CRMF, JXTA, NORM, PKIXCMP, PROFINET CBA
Updated protocol support:
=========================
- AIM, ARP, BGP, BOOTP/DHCP, COPS, DAAP, DCERPC EPM, DCERPC, DCOM, DHCPv6,
DLSw, DNP, DNS, EAPOL, eDonkey, FC-dNS, FC-FCS, FC-SWILS, FCIP, FCSB3, FIX,
GIOP, Gnutella, GSM A, GSM SMS, GTP, H.225, H.245, HTTP, ICMP, IEEE 802.11,
IEEE 802a, image/GIF, image/JFIF, Kerberos, L2TP, LDAP, LLC, LMP, MGCP,
MIME Multipart, MMSE, MPLS, MTP2, NBNS, NDMP, NMAS, NSIP, OLSR, PER, pflog,
PGM, PostgreSQL, PPP, PRES, Q.931, RADIUS, RTCP, RTP, SDP, SEBEK, SIGCOMP,
SIP, SLSK, SMB, SMPP, SRVLOC, SSL/TLS, T.38, TACACS, TCAP, TCP, X11
New and updated capture file support:
=====================================
- Windows Sniffer
