274d494b20
Grab maintainership From the ChangeLog (Summarised) > * ike-backoff-patterns: Added backoff patterns for Netgear ProSafe > and Netgear ADSL Firewall Router. Submitted by Paul Askew. > * ike-scan.c, ike-scan.h, configure.ac: Added new --writepkttofile > option. This option writes the output packet to the specified file > rather than sending it to the remote host. It is intended for > debugging and testing purposes, to allow the IKE packet to be > easily checked. This option is not documented, because it is > designed purely for testing. > * check-packet: New test to check IKE scan packet data. Currently > tests two sample packets: one default proposal, and one custom > proposal. > * ike-scan.c: Added --exchange option to allow the exchange field > in the ISAKMP header to be set to arbitrary values. > * ike-scan.c, isakmp.c: Added --hdrflags and --hdrmsgid options to > allow Flags and MsgID fields in the ISAKMP header to be specified. > * ike-scan.c: Added --cookie option to allow the initiator cookie in > the ISAKMP header to be set to a static value. > * ike-scan.c, isakmp.c: Add --spisize option to allow a random SPI > of the specified size to be added to the proposal payload. > * ike-vendor-ids: Added 16 new Vendor IDs, and revised some comments > on existing entries. > * ike-scan.c: Added --doi (-D) and --situation (-S) options to allow > the DOI and Situation in the SA of the outbound packets to be changed > from the default of DOI_IPSEC and SIT_IDENTITY_ONLY. > * ike-scan.c: Added --protocol (-j) and --transid (-k) options to > allow the proposal protocol and transform id of the outbound packets > to be changed from the defaults. > * ike-scan.c: Added --certreq (-C) option to add a > CertificateRequest payload to the outgoing packet. > * ike-scan.c: Added --headerlen (-L) option to allow the ISAKMP header > length to be manually specified. Normally, ike-scan will > automatically calculate the correct length; however, you can use this > option if you want to use an incorrect length value instead. > * ike-scan.c, isakmp.c: Added --mbz (-Z) option to allow the value for > the reserved (MBZ) fields to be set to non-zero values. Doing so > will make the outgoing packet non-RFC compliant. > * ike-scan.c, isakmp.c: Added --headerver (-E) option to allow the > version field in the ISAKMP header to be altered from the default of > 0x10 (v1.0). > * ike-scan.c: Added --bandwidth (-B) option to allow the outgoing > bandwidth to be specified directly instead of using --interval. > The --bandwidth option calculates the appropriate interval setting, > taking into account the size of the packet. > * ike-scan.c: Added --noncelen (-c) option to allow the length of the > nonce data to be changed. This is only applicable to aggressive > mode.
25 lines
718 B
Makefile
25 lines
718 B
Makefile
# $NetBSD: Makefile,v 1.7 2006/01/18 21:37:01 adrianp Exp $
|
|
|
|
DISTNAME= ike-scan-1.8
|
|
CATEGORIES= security
|
|
MASTER_SITES= http://www.nta-monitor.com/ike-scan/download/
|
|
|
|
MAINTAINER= adrianp@NetBSD.org
|
|
HOMEPAGE= http://www.nta-monitor.com/ike-scan/
|
|
COMMENT= Fingerprinting IKE implementation
|
|
|
|
GNU_CONFIGURE= yes
|
|
CONFIGURE_ARGS+= --with-openssl
|
|
|
|
SUBST_CLASSES+= man
|
|
SUBST_STAGE.man= post-patch
|
|
SUBST_FILES.man= ike-scan.1
|
|
SUBST_SED.man= -e "s|/usr/local|${PREFIX}|g"
|
|
SUBST_MESSAGE.man= "Fixing man pages."
|
|
|
|
post-install:
|
|
${INSTALL_DATA_DIR} ${PREFIX}/share/doc/ike-scan
|
|
${INSTALL_DATA} ${WRKSRC}/README ${PREFIX}/share/doc/ike-scan/README
|
|
|
|
.include "../../security/openssl/buildlink3.mk"
|
|
.include "../../mk/bsd.pkg.mk"
|