Update snort to 1.6.3.2. Notable changes include:

Fixes and additions:

   * Fixed compilation problems on all non-BSD operating systems
   * Added better configuration support for locating libpcap
   * Fixed ICMP ping packet id/sequence printouts
   * Made allowances for 64-bit machines in the decoders
   * Updated the portscan detector to the latest version
   * Disabled the defragmenter by default (in the rules file)
   * Added a patch from Dave Dittrich to make daemon mode alerts
	filenames conform
   * to the data in the documentation
   * Revamped the ICMP data structures to mimic those found in *BSD
	and provide for higher fidelity decoding/printout in the future
   * Repaired the output plugins so that they operate properly now
   * For the record, the payload dump conforms to the length of the IP
	datagram now and does not show pad bytes added by the minimum
	Ethernet frame size
   * Applied Chris Cramer's byte ordering patch to the flexresp code

Other updates and changes since version 1.6:

   * New preprocessor plugin: IP defragmentation!!
   * New output plugins cover all old logging and alerting options
   * New output plugin no logs to MySQL, PostgreSQL, unixODBC databases
   * Updated portscan detection functionality
   * Added quote removal for most plugin parsers
   * -C crash bug fixed
   * PID/PATH_VARRUN file fixes
   * Converted many putc(3) calls to fputc(3) for portability
   * Transport layer decoders use ip_len field for length metric now
   * String tokenizer code modified for more reliable operation
   * Fixed flexible response code sequence prediction
   * Fixed DEBUG ifdef's so DEBUG mode code will compile correctly on all
	platforms
   * Set automake options so that people don't need gmake anymore to
	build Snort on BSD systems
   * Fixed SMB alert code large tmp file hole
   * Added sigsetmask code to fix SIGHUP weirdness
   * Added execvp option for SIGHUP restart code
   * Added ARP header printout validation
   * Added Session logging file integrity checking
   * Added -u/-g setuid/gid capability switches
   * Added -O IP address obfuscation switch
   * Added -t chroot switch
   * Fixed non-TCP/UDP/ICMP transport layer decoding & logging
   * Fixes and additions to the portscan preprocessor
   * Fixed Tru64 u_int* type declarations
   * Added check for pcap.h into configuration script
   * Fixed timeval problems on Linux boxen
   * Database logging plugin has been modified extensively, see the
	www.incident.org website for more information
   * Switched TCP flags printout routine to ensure proper RFP output
	scan output. ;)
   * Fixed default log/alert function code so that these functions are
	never NULL

3 files changed, 32 insertions, 13 deletions

diff --git a/net/snort/Makefile b/net/snort/Makefile
index c856a21243c..f5c45405a6d 100644
--- a/net/snort/Makefile
+++ b/net/snort/Makefile
@@ -1,17 +1,18 @@
-# $NetBSD: Makefile,v 1.5 2000/03/20 12:03:45 agc Exp $
+# $NetBSD: Makefile,v 1.6 2000/12/27 10:08:35 rh Exp $
 #
 
-DISTNAME=	snort-1.6
+DISTNAME=	snort-1.6.3-patch2
+PKGNAME=	${DISTNAME:S/-patch/./}
 CATEGORIES=	net security
-MASTER_SITES=	http://www.clark.net/~roesch/ \
+MASTER_SITES=	http://www.snort.org/Files/				\
 		ftp://the.wiretapped.net/pub/security/network-intrusion-detection/snort/ \
-		http://www.centus.com/snort/ \
-		http://snort.whitehats.com/ \
-		http://snort.safenetworks.com/ \
+		http://www.centus.com/snort/				\
+		http://snort.whitehats.com/				\
+		http://snort.safenetworks.com/				\
 		ftp://gd.tuwien.ac.at/infosys/security/snort/
 
 MAINTAINER=	rh@netbsd.org
-HOMEPAGE=	http://www.clark.net/~roesch/security.html
+HOMEPAGE=	http://www.snort.org/
 
 GNU_CONFIGURE=	YES
 
@@ -27,11 +28,14 @@ ROOTGROUP?=	wheel
 post-install:
 	${INSTALL_DATA_DIR} -m 700 -o root -g ${ROOTGROUP} /var/log/snort
 	${INSTALL_DATA_DIR} ${PREFIX}/share/snort
-.for f in backdoor-lib misc-lib overflow-lib scan-lib snort-lib web-lib
+.for f in backdoor-lib ddos-lib finger-lib ftp-lib misc-lib netbios-lib \
+	overflow-lib ping-lib rpc-lib scan-lib smtp-lib snort-lib telnet-lib \
+	webcf-lib webcgi-lib webfp-lib webiis-lib webmisc-lib
 	${INSTALL_DATA} ${WRKSRC}/${f} ${PREFIX}/share/snort
 .endfor
 	${INSTALL_DATA_DIR} ${PREFIX}/share/doc/snort
-.for f in README README.PLUGINS NEWS RULES.SAMPLE USAGE
+.for f in BUGS CREDITS README README.FLEXRESP README.PLUGINS NEWS	\
+	RULES.SAMPLE USAGE
 	${INSTALL_DATA} ${WRKSRC}/${f} ${PREFIX}/share/doc/snort
 .endfor
 	${INSTALL_MAN} ${WRKSRC}/snort.8 ${PREFIX}/man/man8
diff --git a/net/snort/files/md5 b/net/snort/files/md5
index b22b17bb4a0..58c02340a82 100644
--- a/net/snort/files/md5
+++ b/net/snort/files/md5
@@ -1,3 +1,3 @@
-$NetBSD: md5,v 1.5 2000/05/28 10:33:52 wiz Exp $
+$NetBSD: md5,v 1.6 2000/12/27 10:08:35 rh Exp $
 
-MD5 (snort-1.6.tar.gz) = 48193b9ff13a0ce50329ce17272eac59
+MD5 (snort-1.6.3-patch2.tar.gz) = 6fd76cac4a5c65a020e13954f850481e
diff --git a/net/snort/pkg/PLIST b/net/snort/pkg/PLIST
index aafdcaa127e..6ef1a87367a 100644
--- a/net/snort/pkg/PLIST
+++ b/net/snort/pkg/PLIST
@@ -1,14 +1,29 @@
-@comment $NetBSD: PLIST,v 1.3 2000/02/04 16:18:02 rh Exp $
+@comment $NetBSD: PLIST,v 1.4 2000/12/27 10:08:35 rh Exp $
 bin/snort
 man/man8/snort.8
 share/snort/backdoor-lib
+share/snort/ddos-lib
+share/snort/finger-lib
+share/snort/ftp-lib
 share/snort/misc-lib
+share/snort/netbios-lib
 share/snort/overflow-lib
+share/snort/ping-lib
+share/snort/rpc-lib
 share/snort/scan-lib
+share/snort/smtp-lib
 share/snort/snort-lib
-share/snort/web-lib
+share/snort/telnet-lib
+share/snort/webcf-lib
+share/snort/webcgi-lib
+share/snort/webfp-lib
+share/snort/webiis-lib
+share/snort/webmisc-lib
 @dirrm share/snort
+share/doc/snort/BUGS
+share/doc/snort/CREDITS
 share/doc/snort/README
+share/doc/snort/README.FLEXRESP
 share/doc/snort/README.PLUGINS
 share/doc/snort/NEWS
 share/doc/snort/RULES.SAMPLE