Initial import of p0f-1.7

Passive OS fingerprinting technique based on information coming
from remote host when it establishes connection to our system. Captured
packets contains enough information to determine OS - and, unlike
active scanners (nmap, queSO) - without sending anything to this host.

Package contributed by Dawid Szymanski <daws@irc.pl> on IRC.

7 files changed, 71 insertions, 0 deletions

diff --git a/security/p0f/Makefile b/security/p0f/Makefile
new file mode 100644
index 00000000000..1595ab1f90e
--- /dev/null
+++ b/security/p0f/Makefile
@@ -0,0 +1,16 @@
+# $NetBSD: Makefile,v 1.1.1.1 2001/03/26 05:12:56 zuntum Exp $
+#
+
+DISTNAME=	p0f-1.7
+CATEGORIES=	security
+MASTER_SITES=	http://lcamtuf.hack.pl/
+EXTRACT_SUFX=	.tgz
+
+MAINTAINER=	DawS@irc.pl
+COMMENT=	passive OS fingerprinting tool
+
+do-install:
+	${INSTALL_PROGRAM} ${WRKSRC}/p0f ${PREFIX}/bin
+	${INSTALL_DATA} ${WRKSRC}/p0f.fp ${PREFIX}/etc
+
+.include "../../mk/bsd.pkg.mk"
diff --git a/security/p0f/files/md5 b/security/p0f/files/md5
new file mode 100644
index 00000000000..efb5d69efb0
--- /dev/null
+++ b/security/p0f/files/md5
@@ -0,0 +1,3 @@
+$NetBSD: md5,v 1.1.1.1 2001/03/26 05:12:56 zuntum Exp $
+
+SHA1 (p0f-1.7.tgz) = ac2ff4b2fc78c023ffe6a4d135385a0cef4a10c6
diff --git a/security/p0f/files/patch-sum b/security/p0f/files/patch-sum
new file mode 100644
index 00000000000..4d67b1a6795
--- /dev/null
+++ b/security/p0f/files/patch-sum
@@ -0,0 +1,4 @@
+$NetBSD: patch-sum,v 1.1.1.1 2001/03/26 05:12:56 zuntum Exp $
+
+SHA1 (patch-aa) = 067e95fa6074248712fd05047d540708d80b86ac
+SHA1 (patch-ab) = 3b15153713c7c861af5e74c423634041c123b9be
diff --git a/security/p0f/patches/patch-aa b/security/p0f/patches/patch-aa
new file mode 100644
index 00000000000..564c33c4195
--- /dev/null
+++ b/security/p0f/patches/patch-aa
@@ -0,0 +1,13 @@
+$NetBSD: patch-aa,v 1.1.1.1 2001/03/26 05:12:56 zuntum Exp $
+
+--- p0f.c.orig	Tue Jun 13 20:45:06 2000
++++ p0f.c
+@@ -260,7 +260,7 @@
+ 
+   /* set a reasonable default fingerprint file */
+   if (!filename || !*filename)
+-    filename = "/etc/p0f.fp";
++    filename = PREFIX "/etc/p0f.fp";
+ 
+   /* anything left after getopt'ing is a rule */
+   if (argv[optind] && *(argv[optind]))
diff --git a/security/p0f/patches/patch-ab b/security/p0f/patches/patch-ab
new file mode 100644
index 00000000000..b2e8187814f
--- /dev/null
+++ b/security/p0f/patches/patch-ab
@@ -0,0 +1,28 @@
+$NetBSD: patch-ab,v 1.1.1.1 2001/03/26 05:12:56 zuntum Exp $
+
+--- Makefile.orig	Tue Jun 13 20:45:06 2000
++++ Makefile
+@@ -3,20 +3,19 @@
+ # (c) <lcamtuf@tpi.pl>
+ #
+ 
+-CC      = gcc
+ CLIBS	= -lpcap
+ SUNLIBS	= -lsocket -lnsl -D_SUN_=1
+ STRIP	= strip
+-CFLAGS  = -O3 -Wall
+ FILE	= p0f
+ VERSION = 1.7
+ 
+ DISTRO  = p0f.c Makefile README COPYING tcp.h p0f.fp
+ 
+-all: $(FILE) strip	
++all: $(FILE)
+ 
+ $(FILE): p0f.c
+-	$(CC) $(CFLAGS) -DVER=\"$(VERSION)\" -o $@ $< $(CLIBS) \
++	$(CC) $(CFLAGS) -DVER=\"$(VERSION)\" -DPREFIX=\"${PREFIX}\" -o \
++	$@ $< $(CLIBS) \
+ 	`uname|egrep -i 'sunos|solar' >/dev/null && echo "$(SUNLIBS)"`  
+ 
+ strip:
diff --git a/security/p0f/pkg/DESCR b/security/p0f/pkg/DESCR
new file mode 100644
index 00000000000..dcd5c7e743d
--- /dev/null
+++ b/security/p0f/pkg/DESCR
@@ -0,0 +1,4 @@
+Passive OS fingerprinting technique based on information coming
+from remote host when it establishes connection to our system. Captured
+packets contains enough information to determine OS - and, unlike
+active scanners (nmap, queSO) - without sending anything to this host.
diff --git a/security/p0f/pkg/PLIST b/security/p0f/pkg/PLIST
new file mode 100644
index 00000000000..448c494219f
--- /dev/null
+++ b/security/p0f/pkg/PLIST
@@ -0,0 +1,3 @@
+@comment $NetBSD: PLIST,v 1.1.1.1 2001/03/26 05:12:56 zuntum Exp $
+bin/p0f
+etc/p0f.fp