pkgsrc changes:
* change HOMEPAGE and MASTER_SITES to new Sourceforge's one.
* set LICENSE=2-clause-bsd
* add user-destdir support
ISIC (v0.07) 12/22/2006, by Shu Xiao (sxiao@cisco.com)
- New IPv6 utilities: isic6, tcpsic6, udpsic6, icmpsic6.
- New tool multisic for sending random multicast UDP packets.
- Fixed compilation errors with GCC v4.
- Added -k skip option for esic per the request from some users.
- Placed the flood control under low traffic limit case only.
The original flood protection code calls gettimeofday(),
and runs after sending each packet. This is time consumping
and prevents the tool from reaching high traffic limit
on high speed interface (eg. 1000Base-TX). Now the flood
control will take effect only if the specified maximum rate
is less than 10MB/s.
- Corrected -t option bug with tcpsic:
The old one was using it reversely, e.g. -t 30 would generate
packet with 30% of them having correct TCP checksum. But -t
is actually for the percentage of bad TCP checksum.
- Changed to used 32-bit random numbers for some fields:
For IPv4 *sic tools, the source/destination IP address and
TCP sequence/acknowledge numbers are 32-bit width, and
should be assigned with equal size random numbers. The old
code did not do shifting correctly.
- Changed the default value to 10 for all percentage options.
- Cleaned the usage printout of icmpsic:
There were ports used in the usage printout of icmpsic. This
was misleading since no ports arguments needed for it.
- New manual page, try to get more help with "man isic".
in the process. (More information on tech-pkg.)
Bump PKGREVISION and BUILDLINK_DEPENDS of all packages using libtool and
installing .la files.
Bump PKGREVISION (only) of all packages depending directly on the above
via a buildlink3 include.
Recreate distinfo since tarball on new site is repackaged (same contents
verified). Add DIST_SUBDIR since the name hasn't changed (can be removed
on next update).
Ip Stack Integrity Checker (IP, TCP, UDP, ICMP et. al.)
ISIC (and components) is intended to test the integrity of an IP
Stack and its component stacks (TCP, UDP, ICMP et. al.) It does
this by generating a controlled random packet (controlled randomness...
wacky huh?). The user can specify he/she/it [I'm tempted to put
'it' before 'she' :-)] wants a stream of TCP packets. He/she/it
suspects that the target has weak handling of IP Options (aka
Firewall-1). So he/she/it does a 'tcpsic -s rand -d firewall
-I100'. And observes the result.
A great use for ISIC would be to fire it through a firewall and
see if the firewall leaks packets. But of course that would be
illegal because Network Associates owns a bogus patent on that :-)
You could do that by setting the default route on the sending
computer to the firewall..... But that would be illegal. (But I
can't legally have a beer so do you think I care about laws?)
By far the most common use for these tools is testing IDS systems.
A day after I took the source offline and moved it to a cvs server,
a half dozen people working on seperate home-grown IDS systems
emailed requesting the source be put back up.
