diff options
author | adam <adam@pkgsrc.org> | 2016-07-01 04:51:15 +0000 |
---|---|---|
committer | adam <adam@pkgsrc.org> | 2016-07-01 04:51:15 +0000 |
commit | f1ca54f2e2b3bc68ab7b39ce9e592c6336a0cab7 (patch) | |
tree | 106515a1671bef21cf42c6ee67e92685c95562bb /net | |
parent | 2ff19f53513873ee1627a571e058263a52836a40 (diff) | |
download | pkgsrc-f1ca54f2e2b3bc68ab7b39ce9e592c6336a0cab7.tar.gz |
Changes 2.4:
* Memory-management, stability and speed have been fundamentally improved
* We have kept an eye on security and hardened the code to prevent privileges escalation and XSS
* Alerts have been extended to include support for
. Re-arming to avoid raising trains of identical alerts in short periods of time
. Alert propagation to the infrastructure monitoring software Nagios
. CIDR-based triggers to monitor the behavior of whole networks
. The detection of suspicious probing attempts
* Netfilter support has been added together with optional packet dropping features
* Routing visibility is now possible through RIPE RIS
* Availability of fine-grained historical data drill-down features, including top talkers, top applications, and interactions between hosts (more details here)
* Integrations with other software
. LDAP authentication support
. alerts forwarding/withdrawal to Nagios
. nBox integration to request full packet pcaps of monitored flows
. Data export to Apache Kafka
* We have extended and improved traffic monitoring
. Visibility of TCP sessions throughput estimations and state breakdown (e.g., connections established, connections reset, etc.)
. Goodput monitoring
. Trends detection
. Highlight of low-goodput flows and hosts
. Visibility of hosts top-visited sites
* Built-in support is now included for
. GRE detunnelling
. per-VLAN historical statistics
. ICMP and ICMPv6 dissection
* We have extended the set of supported OSes to include: Ubuntu 16, Debian 7, EdgeOS
* There is also an optional support for hosts categorization via service flashstart.it
Diffstat (limited to 'net')
-rw-r--r-- | net/ndpi/Makefile | 6 | ||||
-rw-r--r-- | net/ndpi/distinfo | 12 | ||||
-rw-r--r-- | net/ndpi/patches/patch-src_lib_Makefile.am | 14 | ||||
-rw-r--r-- | net/ntopng/Makefile | 6 | ||||
-rw-r--r-- | net/ntopng/PLIST | 32 | ||||
-rw-r--r-- | net/ntopng/distinfo | 16 | ||||
-rw-r--r-- | net/ntopng/patches/patch-Makefile.in | 14 | ||||
-rw-r--r-- | net/ntopng/patches/patch-configure.seed | 20 | ||||
-rw-r--r-- | net/ntopng/patches/patch-src_DivertInterface.cpp | 16 | ||||
-rw-r--r-- | net/ntopng/patches/patch-third-party_mongoose_mongoose.c | 141 |
10 files changed, 82 insertions, 195 deletions
diff --git a/net/ndpi/Makefile b/net/ndpi/Makefile index 53763ce73d2..37b918fe8fe 100644 --- a/net/ndpi/Makefile +++ b/net/ndpi/Makefile @@ -1,7 +1,7 @@ -# $NetBSD: Makefile,v 1.1 2016/04/08 16:51:23 adam Exp $ +# $NetBSD: Makefile,v 1.2 2016/07/01 04:51:15 adam Exp $ -DISTNAME= ntopng-2.2 -PKGNAME= ndpi-1.7.1 +DISTNAME= ntopng-2.4-stable +PKGNAME= ndpi-1.8.0 CATEGORIES= net MASTER_SITES= ${MASTER_SITE_SOURCEFORGE:=ntop/} diff --git a/net/ndpi/distinfo b/net/ndpi/distinfo index 7987c907957..db701d779cc 100644 --- a/net/ndpi/distinfo +++ b/net/ndpi/distinfo @@ -1,7 +1,7 @@ -$NetBSD: distinfo,v 1.1 2016/04/08 16:51:23 adam Exp $ +$NetBSD: distinfo,v 1.2 2016/07/01 04:51:15 adam Exp $ -SHA1 (ntopng-2.2.tar.gz) = 873170e54611acb77741be67aec8b782fb8efb9b -RMD160 (ntopng-2.2.tar.gz) = ff89921551d6c23c286df6d4965c67818f2c5df5 -SHA512 (ntopng-2.2.tar.gz) = d0dacdd821bb546a1034bd616201ae05f17037fd446ec2b7566fe6b2c1fa90b256056c3dd5f0b10aded4c903286adfa7ac5f3901c4392de92f6c27dcc523cb23 -Size (ntopng-2.2.tar.gz) = 91319029 bytes -SHA1 (patch-src_lib_Makefile.am) = f5e640d9504e7bea73e77a759c2243f4dbad8bf7 +SHA1 (ntopng-2.4-stable.tar.gz) = ceb08377f98e8d149e39f5546a62e2f6ca980a31 +RMD160 (ntopng-2.4-stable.tar.gz) = 14940d0ea398cd43d7c31868f34b833b214386e7 +SHA512 (ntopng-2.4-stable.tar.gz) = 515dd7889ae3aaf2482371bb2c55ab7300cf4207fe07f37029b7529bfb710379c19a54f58cf6df87e42454c0c99d15291af334adff676252301d9edd0acf3c7a +Size (ntopng-2.4-stable.tar.gz) = 134074662 bytes +SHA1 (patch-configure.ac) = 4f509a80de16094e7e9df50bfd4ba9505f4b73ff diff --git a/net/ndpi/patches/patch-src_lib_Makefile.am b/net/ndpi/patches/patch-src_lib_Makefile.am deleted file mode 100644 index d69b386020c..00000000000 --- a/net/ndpi/patches/patch-src_lib_Makefile.am +++ /dev/null @@ -1,14 +0,0 @@ -$NetBSD: patch-src_lib_Makefile.am,v 1.1 2016/04/08 16:51:23 adam Exp $ - -Add missing include file. - ---- src/lib/Makefile.am.orig 2016-04-01 15:26:55.000000000 +0000 -+++ src/lib/Makefile.am -@@ -8,6 +8,7 @@ libndpi_la_includedir = $(includedir)/li - - libndpi_la_include_HEADERS = ../include/ndpi_api.h \ - ../include/ndpi_define.h \ -+ ../include/ndpi_includes.h \ - ../include/ndpi_main.h \ - ../include/ndpi_protocol_ids.h \ - ../include/ndpi_protocols.h \ diff --git a/net/ntopng/Makefile b/net/ntopng/Makefile index af229e19e53..6d50110ca78 100644 --- a/net/ntopng/Makefile +++ b/net/ntopng/Makefile @@ -1,7 +1,7 @@ -# $NetBSD: Makefile,v 1.2 2016/04/11 19:02:00 ryoon Exp $ +# $NetBSD: Makefile,v 1.3 2016/07/01 04:51:15 adam Exp $ -DISTNAME= ntopng-2.2 -PKGREVISION= 1 +DISTNAME= ntopng-2.4-stable +PKGNAME= ntopng-2.4 CATEGORIES= net MASTER_SITES= ${MASTER_SITE_SOURCEFORGE:=ntop/} diff --git a/net/ntopng/PLIST b/net/ntopng/PLIST index 45a23576a23..d75a3f73460 100644 --- a/net/ntopng/PLIST +++ b/net/ntopng/PLIST @@ -1,4 +1,4 @@ -@comment $NetBSD: PLIST,v 1.1 2016/04/08 16:59:07 adam Exp $ +@comment $NetBSD: PLIST,v 1.2 2016/07/01 04:51:15 adam Exp $ bin/ntopng man/man8/ntopng.8 share/ntopng/httpdocs/bootstrap/css/bootstrap-theme.css @@ -25,6 +25,20 @@ share/ntopng/httpdocs/css/cubism.css share/ntopng/httpdocs/css/datepicker.css share/ntopng/httpdocs/css/dc.css share/ntopng/httpdocs/css/flags.css +share/ntopng/httpdocs/css/images/ui-bg_diagonals-thick_18_b81900_40x40.png +share/ntopng/httpdocs/css/images/ui-bg_diagonals-thick_20_666666_40x40.png +share/ntopng/httpdocs/css/images/ui-bg_flat_10_000000_40x100.png +share/ntopng/httpdocs/css/images/ui-bg_glass_100_f6f6f6_1x400.png +share/ntopng/httpdocs/css/images/ui-bg_glass_100_fdf5ce_1x400.png +share/ntopng/httpdocs/css/images/ui-bg_glass_65_ffffff_1x400.png +share/ntopng/httpdocs/css/images/ui-bg_gloss-wave_35_f6a828_500x100.png +share/ntopng/httpdocs/css/images/ui-bg_highlight-soft_100_eeeeee_1x100.png +share/ntopng/httpdocs/css/images/ui-bg_highlight-soft_75_ffe45c_1x100.png +share/ntopng/httpdocs/css/images/ui-icons_222222_256x240.png +share/ntopng/httpdocs/css/images/ui-icons_228ef1_256x240.png +share/ntopng/httpdocs/css/images/ui-icons_ef8c08_256x240.png +share/ntopng/httpdocs/css/images/ui-icons_ffd27a_256x240.png +share/ntopng/httpdocs/css/images/ui-icons_ffffff_256x240.png share/ntopng/httpdocs/css/jquery-ui.css share/ntopng/httpdocs/css/ntopng.css share/ntopng/httpdocs/css/nv.d3.css @@ -195,6 +209,7 @@ share/ntopng/httpdocs/js/pdfmake.js share/ntopng/httpdocs/js/pie-chart.js share/ntopng/httpdocs/js/prettify.js share/ntopng/httpdocs/js/rickshaw.js +share/ntopng/httpdocs/js/ripe_widget_api.js share/ntopng/httpdocs/js/sankey.js share/ntopng/httpdocs/js/sequence_sunburst.js share/ntopng/httpdocs/js/springy-ntop.js @@ -214,7 +229,6 @@ share/ntopng/scripts/callbacks/second.lua share/ntopng/scripts/lua/API.lua share/ntopng/scripts/lua/about.lua share/ntopng/scripts/lua/admin/add_user.lua -share/ntopng/scripts/lua/admin/change_user_password.lua share/ntopng/scripts/lua/admin/change_user_prefs.lua share/ntopng/scripts/lua/admin/delete_user.lua share/ntopng/scripts/lua/admin/get_user_info.lua @@ -239,14 +253,17 @@ share/ntopng/scripts/lua/flow_details.lua share/ntopng/scripts/lua/flow_stats.lua share/ntopng/scripts/lua/flows_stats.lua share/ntopng/scripts/lua/get_alerts_data.lua +share/ntopng/scripts/lua/get_db_data.lua share/ntopng/scripts/lua/get_db_flows.lua -share/ntopng/scripts/lua/get_filter_host.lua share/ntopng/scripts/lua/get_flow_data.lua share/ntopng/scripts/lua/get_flows_data.lua share/ntopng/scripts/lua/get_geo_hosts.lua share/ntopng/scripts/lua/get_grouped_hosts_data.lua +share/ntopng/scripts/lua/get_historical_data.lua +share/ntopng/scripts/lua/get_historical_favourites.lua share/ntopng/scripts/lua/get_hitters_data.lua share/ntopng/scripts/lua/get_host_activitymap.lua +share/ntopng/scripts/lua/get_host_categories.lua share/ntopng/scripts/lua/get_host_contacts.lua share/ntopng/scripts/lua/get_host_daily_activity.lua share/ntopng/scripts/lua/get_host_data.lua @@ -255,13 +272,16 @@ share/ntopng/scripts/lua/get_hosts_data.lua share/ntopng/scripts/lua/get_hosts_interaction.lua share/ntopng/scripts/lua/get_http_hosts.lua share/ntopng/scripts/lua/get_http_hosts_data.lua +share/ntopng/scripts/lua/get_nbox_data.lua share/ntopng/scripts/lua/get_process_info.lua share/ntopng/scripts/lua/get_processes_data.lua share/ntopng/scripts/lua/get_system_hosts_interaction.lua share/ntopng/scripts/lua/get_top_talkers.lua share/ntopng/scripts/lua/get_treemap.lua share/ntopng/scripts/lua/get_user_info.lua +share/ntopng/scripts/lua/host_category_stats.lua share/ntopng/scripts/lua/host_details.lua +share/ntopng/scripts/lua/host_details_categories.lua share/ntopng/scripts/lua/host_details_ndpi.lua share/ntopng/scripts/lua/host_dns_breakdown.lua share/ntopng/scripts/lua/host_get_json.lua @@ -287,6 +307,7 @@ share/ntopng/scripts/lua/iface_hosts_list.lua share/ntopng/scripts/lua/iface_local_stats.lua share/ntopng/scripts/lua/iface_ndpi_stats.lua share/ntopng/scripts/lua/iface_ports_list.lua +share/ntopng/scripts/lua/iface_tcp_stats.lua share/ntopng/scripts/lua/inc/add_user_dialog.lua share/ntopng/scripts/lua/inc/change_user_password_form.lua share/ntopng/scripts/lua/inc/delete_user_dialog.lua @@ -307,10 +328,12 @@ share/ntopng/scripts/lua/modules/db_utils.lua share/ntopng/scripts/lua/modules/dkjson.lua share/ntopng/scripts/lua/modules/flow_utils.lua share/ntopng/scripts/lua/modules/graph_utils.lua +share/ntopng/scripts/lua/modules/historical_utils.lua share/ntopng/scripts/lua/modules/json.lua share/ntopng/scripts/lua/modules/lua_trace.lua share/ntopng/scripts/lua/modules/lua_utils.lua share/ntopng/scripts/lua/modules/persistence.lua +share/ntopng/scripts/lua/modules/prefs_utils.lua share/ntopng/scripts/lua/modules/sqlite_utils.lua share/ntopng/scripts/lua/modules/template.lua share/ntopng/scripts/lua/modules/top_scripts/top_asn.lua @@ -336,7 +359,7 @@ share/ntopng/scripts/lua/processes_stats.lua share/ntopng/scripts/lua/protocols/dns_aggregations.lua share/ntopng/scripts/lua/protocols/epp_aggregations.lua share/ntopng/scripts/lua/resolve_address.lua -share/ntopng/scripts/lua/set_active_interface.lua +share/ntopng/scripts/lua/runtime.lua share/ntopng/scripts/lua/set_if_prefs.lua share/ntopng/scripts/lua/sflow_tree.lua share/ntopng/scripts/lua/sflows_stats.lua @@ -355,4 +378,5 @@ share/ntopng/scripts/lua/test_snmp.lua share/ntopng/scripts/lua/top_generic.lua share/ntopng/scripts/lua/top_hosts.lua share/ntopng/scripts/lua/user_stats.lua +share/ntopng/scripts/lua/vlan_details.lua share/ntopng/scripts/lua/vlan_stats.lua diff --git a/net/ntopng/distinfo b/net/ntopng/distinfo index cfc9ca2da45..643b1ecb404 100644 --- a/net/ntopng/distinfo +++ b/net/ntopng/distinfo @@ -1,12 +1,12 @@ -$NetBSD: distinfo,v 1.2 2016/04/13 17:25:57 adam Exp $ +$NetBSD: distinfo,v 1.3 2016/07/01 04:51:15 adam Exp $ -SHA1 (ntopng-2.2.tar.gz) = 873170e54611acb77741be67aec8b782fb8efb9b -RMD160 (ntopng-2.2.tar.gz) = ff89921551d6c23c286df6d4965c67818f2c5df5 -SHA512 (ntopng-2.2.tar.gz) = d0dacdd821bb546a1034bd616201ae05f17037fd446ec2b7566fe6b2c1fa90b256056c3dd5f0b10aded4c903286adfa7ac5f3901c4392de92f6c27dcc523cb23 -Size (ntopng-2.2.tar.gz) = 91319029 bytes -SHA1 (patch-Makefile.in) = 4b35dd00ff5cd566047bab6d15a6b7d86eb3328e -SHA1 (patch-configure.seed) = b19f4e10860d4c8453ebd4b04313fc9ca2aa2a4d +SHA1 (ntopng-2.4-stable.tar.gz) = ceb08377f98e8d149e39f5546a62e2f6ca980a31 +RMD160 (ntopng-2.4-stable.tar.gz) = 14940d0ea398cd43d7c31868f34b833b214386e7 +SHA512 (ntopng-2.4-stable.tar.gz) = 515dd7889ae3aaf2482371bb2c55ab7300cf4207fe07f37029b7529bfb710379c19a54f58cf6df87e42454c0c99d15291af334adff676252301d9edd0acf3c7a +Size (ntopng-2.4-stable.tar.gz) = 134074662 bytes +SHA1 (patch-Makefile.in) = 9ef39a98e77d4bbf5afdde4e2a23e72d80fe9fd0 +SHA1 (patch-configure.seed) = b2c6e07c21f234c089e8a6319cb4dd476ba7890b SHA1 (patch-include_ntop__includes.h) = dd8f61228d6a8d96a5577e53857cb8a05394a036 +SHA1 (patch-src_DivertInterface.cpp) = 0a0ba0510b284fe40c432cf6db02a9906b03f236 SHA1 (patch-src_PacketDumperTuntap.cpp) = 274b70f065f407ca34a3d88e021924639ffa105b SHA1 (patch-src_Redis.cpp) = 10f04cb1b300cd400905df993bb7d4f20431569b -SHA1 (patch-third-party_mongoose_mongoose.c) = 1b163b56600390e393d2ede7aace3e26c12c9a67 diff --git a/net/ntopng/patches/patch-Makefile.in b/net/ntopng/patches/patch-Makefile.in index 073a04db25a..a8f2a3fe023 100644 --- a/net/ntopng/patches/patch-Makefile.in +++ b/net/ntopng/patches/patch-Makefile.in @@ -1,18 +1,10 @@ -$NetBSD: patch-Makefile.in,v 1.2 2016/04/13 17:25:57 adam Exp $ +$NetBSD: patch-Makefile.in,v 1.3 2016/07/01 04:51:15 adam Exp $ -Install into DESTDIR. Use external nDPI. ---- Makefile.in.orig 2015-11-30 18:15:18.000000000 +0000 +--- Makefile.in.orig 2016-06-27 19:31:18.000000000 +0000 +++ Makefile.in -@@ -5,13 +5,13 @@ SHELL=/bin/sh - OS := $(shell uname -s) - PWD=@PWD@ - GPP=@GPP@ --INSTALL_DIR=$(prefix) -+INSTALL_DIR=$(DESTDIR)$(prefix) - MAN_DIR=$(DESTDIR)@MAN_DIR@ - +@@ -11,7 +11,7 @@ MAN_DIR=$(DESTDIR)@MAN_DIR@ ###### HAS_NDPI=$(shell pkg-config --exists libndpi; echo $$?) ifeq ($(HAS_NDPI), 0) diff --git a/net/ntopng/patches/patch-configure.seed b/net/ntopng/patches/patch-configure.seed index 068a2b3e977..6ae24c14338 100644 --- a/net/ntopng/patches/patch-configure.seed +++ b/net/ntopng/patches/patch-configure.seed @@ -1,12 +1,22 @@ -$NetBSD: patch-configure.seed,v 1.1 2016/04/08 16:59:07 adam Exp $ +$NetBSD: patch-configure.seed,v 1.2 2016/07/01 04:51:15 adam Exp $ +Portability fix. Do not use included nDPI. Do not use -O0 for clang. On Darwin, install into man/. ---- configure.seed.orig 2015-11-30 18:15:18.000000000 +0000 +--- configure.seed.orig 2016-06-27 19:31:18.000000000 +0000 +++ configure.seed -@@ -44,35 +44,6 @@ GIT_BRANCH="@GIT_BRANCH@" +@@ -33,7 +33,7 @@ fi + + if [ test -f /usr/bin/lsb_release ]; then + CODENAME=`/usr/bin/lsb_release -c|cut -f 2` +- if [[ $CODENAME == "wheezy" ]]; then : ++ if [[ $CODENAME = "wheezy" ]]; then : + CPPFLAGS="${CPPFLAGS} -DOLD_NETFILTER_INTERFACE=1" + fi + fi +@@ -46,35 +46,6 @@ GIT_BRANCH="@GIT_BRANCH@" PRO_GIT_RELEASE="@PRO_GIT_RELEASE@" PRO_GIT_DATE="@PRO_GIT_DATE@" @@ -42,7 +52,7 @@ On Darwin, install into man/. AC_MSG_CHECKING(for ntopng professional edition) if test -d "pro"; then : -@@ -351,7 +322,7 @@ if test x$GPP = x +@@ -359,7 +330,7 @@ if test x$GPP = x then GPP="g++" else @@ -51,7 +61,7 @@ On Darwin, install into man/. fi GIT=`which git` -@@ -374,11 +345,7 @@ then +@@ -382,11 +353,7 @@ then INSTALL_DIR=${ac_default_prefix} fi diff --git a/net/ntopng/patches/patch-src_DivertInterface.cpp b/net/ntopng/patches/patch-src_DivertInterface.cpp new file mode 100644 index 00000000000..f80d5831b25 --- /dev/null +++ b/net/ntopng/patches/patch-src_DivertInterface.cpp @@ -0,0 +1,16 @@ +$NetBSD: patch-src_DivertInterface.cpp,v 1.1 2016/07/01 04:51:15 adam Exp $ + +Fix for undefined IPPROTO_DIVERT. + +--- src/DivertInterface.cpp.orig 2016-06-29 10:56:38.000000000 +0000 ++++ src/DivertInterface.cpp +@@ -82,6 +82,9 @@ DivertInterface::DivertInterface(const c + + port = atoi(&name[7]); + ++#ifndef IPPROTO_DIVERT ++#define IPPROTO_DIVERT 254 ++#endif + if((sock = socket(PF_INET, SOCK_RAW, IPPROTO_DIVERT)) == -1) { + ntop->getTrace()->traceEvent(TRACE_ERROR, "Unable to created divert socket"); + throw 1; diff --git a/net/ntopng/patches/patch-third-party_mongoose_mongoose.c b/net/ntopng/patches/patch-third-party_mongoose_mongoose.c deleted file mode 100644 index 77c4e9ab0e8..00000000000 --- a/net/ntopng/patches/patch-third-party_mongoose_mongoose.c +++ /dev/null @@ -1,141 +0,0 @@ -$NetBSD: patch-third-party_mongoose_mongoose.c,v 1.1 2016/04/08 16:59:07 adam Exp $ - -Updated to the latest version from github.com/ntop/ntopng. -On NetBSD, this fixes a problem with HTTP listening on IPv6 only. - ---- third-party/mongoose/mongoose.c.orig 2015-11-30 19:15:18.000000000 +0100 -+++ third-party/mongoose/mongoose.c 2016-04-06 15:53:31.000000000 +0200 -@@ -444,6 +444,8 @@ - struct sockaddr_in sin; - #if defined(USE_IPV6) - struct sockaddr_in6 sin6; -+#else -+ struct sockaddr sin6; - #endif - }; - -@@ -4398,37 +4400,45 @@ - // Examples: 80, 443s, 127.0.0.1:3128, 1.2.3.4:8080s - // TODO(lsm): add parsing of the IPv6 address - static int parse_port_string(const struct vec *vec, struct socket *so) { -- int a, b, c, d, port, len; -- -+ union usa *sa = (union usa *)&so->lsa; -+ int a, b, c, d, port = 0, len = 0; -+#if defined(USE_IPV6) -+ char buf[100]; -+#endif - // MacOS needs that. If we do not zero it, subsequent bind() will fail. - // Also, all-zeroes in the socket address means binding to all addresses - // for both IPv4 and IPv6 (INADDR_ANY and IN6ADDR_ANY_INIT). -- memset(so, 0, sizeof(*so)); -+ memset(sa, 0, sizeof(*sa)); - -- if (sscanf(vec->ptr, "%d.%d.%d.%d:%d%n", &a, &b, &c, &d, &port, &len) == 5) { -- // Bind to a specific IPv4 address -- so->lsa.sin.sin_addr.s_addr = htonl((a << 24) | (b << 16) | (c << 8) | d); -- } else if (sscanf(vec->ptr, "%d%n", &port, &len) != 1 || -- len <= 0 || -- len > (int) vec->len || -- (vec->ptr[len] && vec->ptr[len] != 's' && -- vec->ptr[len] != 'r' && vec->ptr[len] != ',')) { -- return 0; -- } -+ sa->sin.sin_family = AF_INET; -+ -+ if (sscanf(vec->ptr, "%u.%u.%u.%u:%u%n", &a, &b, &c, &d, &port, &len) == 5) { -+ /* Bind to a specific IPv4 address, e.g. 127.0.0.1:8080 */ -+ sa->sin.sin_addr.s_addr = -+ htonl(((uint32_t) a << 24) | ((uint32_t) b << 16) | c << 8 | d); -+ sa->sin.sin_port = htons((uint16_t) port); - -- so->is_ssl = vec->ptr[len] == 's'; -- so->ssl_redir = vec->ptr[len] == 'r'; - #if defined(USE_IPV6) -- if(is_ip6_enabled) { -- so->lsa.sin6.sin6_family = AF_INET6; -- so->lsa.sin6.sin6_port = htons((uint16_t) port); -- } else { /* NTOP - fall back to IPv4 */ -- so->lsa.sin.sin_family = AF_INET; -- so->lsa.sin.sin_port = htons((uint16_t) port); -+ } else if (sscanf(vec->ptr, "[%[^]]]:%u%n", buf, &port, &len) == 2 && -+ inet_pton(AF_INET6, buf, &sa->sin6.sin6_addr)) { -+ /* IPv6 address, e.g. [3ffe:2a00:100:7031::1]:8080 */ -+ sa->sin6.sin6_family = AF_INET6; -+ sa->sin.sin_port = htons((uint16_t) port); -+#endif -+ -+ } else if (sscanf(vec->ptr, ":%u%n", &port, &len) == 1 || -+ sscanf(vec->ptr, "%u%n", &port, &len) == 1) { -+ /* If only port is specified, bind to IPv4, INADDR_ANY */ -+ sa->sin.sin_port = htons((uint16_t) port); -+ } else { -+ return -1; - } --#else -- so->lsa.sin.sin_family = AF_INET; -- so->lsa.sin.sin_port = htons((uint16_t) port); -+ -+ so->is_ssl = (vec->ptr[len] && vec->ptr[len] == 's'); -+ so->ssl_redir = (vec->ptr[len] && vec->ptr[len] == 'r'); -+ -+#if defined(__FreeBSD__) || defined(__NetBSD__) || defined(__OpenBSD__) -+ so->lsa.sin.sin_len = sizeof(struct sockaddr_in); - #endif - - return 1; -@@ -4439,6 +4449,15 @@ - int on = 1, success = 1; - struct vec vec; - struct socket so; -+ int rc_setsockopt = 0, rc_bind = 0, rc_listen = 0; -+ union usa *sa = (union usa *)&so.lsa; -+ -+ /* -+ #if defined(USE_IPV6) -+ if(is_ip6_enabled) -+ sa = (const struct sockaddr *)&so.lsa.sin6, sa_len = sizeof(so.lsa.sin6); -+ #endif -+ */ - - while (success && (list = next_option(list, &vec, NULL)) != NULL) { - if (!parse_port_string(&vec, &so)) { -@@ -4448,19 +4467,22 @@ - } else if (so.is_ssl && ctx->ssl_ctx == NULL) { - cry(fc(ctx), "Cannot add SSL socket, is -ssl_certificate option set?"); - success = 0; -- } else if ((so.sock = socket(so.lsa.sa.sa_family, SOCK_STREAM, 6)) == -+ } else if ((so.sock = socket(so.lsa.sa.sa_family, SOCK_STREAM, IPPROTO_TCP)) == - INVALID_SOCKET || - // On Windows, SO_REUSEADDR is recommended only for - // broadcast UDP sockets -- setsockopt(so.sock, SOL_SOCKET, SO_REUSEADDR, -+ (rc_setsockopt = setsockopt(so.sock, SOL_SOCKET, SO_REUSEADDR, - #ifdef WIN32 - (const char*) - #else - (void *) - #endif -- &on, sizeof(on)) != 0 || -- bind(so.sock, &so.lsa.sa, sizeof(so.lsa)) != 0 || -- listen(so.sock, SOMAXCONN) != 0) { -+ &on, sizeof(on))) != 0 || -+ (rc_bind = bind(so.sock, -+ &sa->sa, -+ (sa->sa.sa_family == AF_INET) ? sizeof(sa->sin) : sizeof(sa->sin6)) -+ ) != 0 || -+ (rc_listen = listen(so.sock, SOMAXCONN)) != 0) { - cry(fc(ctx), "%s: cannot bind to %.*s: %s", __func__, - (int) vec.len, vec.ptr, strerror(ERRNO)); - closesocket(so.sock); -@@ -5239,6 +5261,10 @@ - check_ipv6_enabled(); - #endif - -+#if defined(__FreeBSD__) || defined(__NetBSD__) || defined(__OpenBSD__) -+ is_ip6_enabled = 0; -+#endif -+ - #if defined(_WIN32) && !defined(__SYMBIAN32__) - WSADATA data; - WSAStartup(MAKEWORD(2,2), &data); |