diff options
-rw-r--r-- | net/sniffit/Makefile | 25 | ||||
-rw-r--r-- | net/sniffit/files/md5 | 1 | ||||
-rw-r--r-- | net/sniffit/patches/patch-aa | 216 | ||||
-rw-r--r-- | net/sniffit/patches/patch-ab | 17 | ||||
-rw-r--r-- | net/sniffit/patches/patch-ac | 24 | ||||
-rw-r--r-- | net/sniffit/patches/patch-ad | 34 | ||||
-rw-r--r-- | net/sniffit/pkg/COMMENT | 1 | ||||
-rw-r--r-- | net/sniffit/pkg/DESCR | 3 | ||||
-rw-r--r-- | net/sniffit/pkg/PLIST | 1 |
9 files changed, 322 insertions, 0 deletions
diff --git a/net/sniffit/Makefile b/net/sniffit/Makefile new file mode 100644 index 00000000000..db2411b978d --- /dev/null +++ b/net/sniffit/Makefile @@ -0,0 +1,25 @@ +# New ports collection makefile for: sniffit +# Version required: 0.3.5 +# Date created: 28 Mar 1998 +# Whom: bsdx +# +# $NetBSD: Makefile,v 1.1 1998/03/30 08:47:37 hubertf Exp $ +# FreeBSD +# + +DISTNAME= sniffit.0.3.5 +CATEGORIES= security +MASTER_SITES= http://reptile.rug.ac.be/~coder/sniffit/files/ + +MAINTAINER= packages@netbsd.org + + +do-build: + cd ${WRKSRC} ; ./configure ; make + +do-install: + cd ${WRKSRC} ; cp sniffit ${PREFIX}/sbin/sniffit + chmod 555 ${PREFIX}/sbin/sniffit + chown bin.bin ${PREFIX}/sbin/sniffit + +.include <bsd.port.mk> diff --git a/net/sniffit/files/md5 b/net/sniffit/files/md5 new file mode 100644 index 00000000000..c455648e4d7 --- /dev/null +++ b/net/sniffit/files/md5 @@ -0,0 +1 @@ +MD5 (sniffit.0.3.5.tar.gz) = bd116c62669372d7ea7f59c337f6822a diff --git a/net/sniffit/patches/patch-aa b/net/sniffit/patches/patch-aa new file mode 100644 index 00000000000..59926bc6157 --- /dev/null +++ b/net/sniffit/patches/patch-aa @@ -0,0 +1,216 @@ +*** sn_defines.h Fri Apr 18 11:33:58 1997 +--- sn_defines.h Thu Jul 24 16:02:16 1997 +*************** +*** 80,90 **** + #define SYN 2 + #define FIN 1 + +! #define NO_IP 0 +! #define NO_IP_4 1000 +! #define ICMP 1 /* Protocol Numbers */ +! #define TCP 6 +! #define UDP 17 + + #define ICMP_HEADLENGTH 4 /* fixed ICMP header length */ + #define UDP_HEADLENGTH 8 /* fixed UDP header length */ +--- 80,91 ---- + #define SYN 2 + #define FIN 1 + +! #define NO_IP 0 +! #define NO_IP_4 1000 +! #define CORRUPT_IP 1001 +! #define ICMP 1 /* Protocol Numbers */ +! #define TCP 6 +! #define UDP 17 + + #define ICMP_HEADLENGTH 4 /* fixed ICMP header length */ + #define UDP_HEADLENGTH 8 /* fixed UDP header length */ +*** sn_packets.c Fri Apr 18 11:33:58 1997 +--- sn_packets.c Thu Aug 22 19:18:51 1985 +*************** +*** 43,48 **** +--- 43,49 ---- + struct UDP_header UDPhead; + + int i; ++ short int dummy; /* 2 bytes, important */ + + memcpy(&IPhead,(sp+PROTO_HEAD),sizeof(struct IP_header)); + /* IP header Conversion */ +*************** +*** 51,56 **** +--- 52,58 ---- + unwrapped->TCP_len = 0; /* Reset structure NEEDED!!! */ + unwrapped->UDP_len = 0; + unwrapped->DATA_len = 0; ++ unwrapped->FRAG_nf = 0; + + if(NO_CHKSUM == 0) + { +*************** +*** 75,106 **** + /* restore orig buffer */ + /* general programming rule */ + } + if(IPhead.protocol == TCP ) /* TCP */ + { +! memcpy(&TCPhead,(sp+PROTO_HEAD+(unwrapped->IP_len)), + sizeof(struct TCP_header)); +! unwrapped->TCP_len = ntohs(TCPhead.offset_flag) & 0xF000; +! unwrapped->TCP_len >>= 10; +! unwrapped->DATA_len = ntohs(IPhead.length) - + (unwrapped->IP_len) - (unwrapped->TCP_len); + return TCP; + } + if(IPhead.protocol == ICMP ) /* ICMP */ + { +! memcpy(&ICMPhead,(sp+PROTO_HEAD+(unwrapped->IP_len)), + sizeof(struct ICMP_header)); +! unwrapped->ICMP_len = ICMP_HEADLENGTH; +! unwrapped->DATA_len = ntohs(IPhead.length) - + (unwrapped->IP_len) - (unwrapped->ICMP_len); +! return ICMP; + } + if(IPhead.protocol == UDP ) /* UDP */ + { +! memcpy(&UDPhead,(sp+PROTO_HEAD+(unwrapped->IP_len)), + sizeof(struct UDP_header)); +! unwrapped->UDP_len = UDP_HEADLENGTH; +! unwrapped->DATA_len = ntohs(IPhead.length) - + (unwrapped->IP_len) - (unwrapped->UDP_len); + return UDP; + } + return -1; +--- 77,150 ---- + /* restore orig buffer */ + /* general programming rule */ + } ++ ++ #ifdef DEBUG_ONSCREEN ++ printf("IPheadlen: %d total length: %d\n", unwrapped->IP_len, ++ ntohs(IPhead.length)); ++ #endif ++ ++ dummy=ntohs(IPhead.flag_offset); dummy<<=3; ++ if( dummy!=0 ) /* we have offset */ ++ { ++ unwrapped->FRAG_nf = 1; ++ } ++ + if(IPhead.protocol == TCP ) /* TCP */ + { +! if(unwrapped->FRAG_nf == 0) +! { +! if( (ntohs(IPhead.length)-(unwrapped->IP_len))<20 ) +! {return CORRUPT_IP;}; +! +! memcpy(&TCPhead,(sp+PROTO_HEAD+(unwrapped->IP_len)), + sizeof(struct TCP_header)); +! unwrapped->TCP_len = ntohs(TCPhead.offset_flag) & 0xF000; +! unwrapped->TCP_len >>= 10; +! unwrapped->DATA_len = ntohs(IPhead.length) - + (unwrapped->IP_len) - (unwrapped->TCP_len); ++ } ++ else ++ { ++ unwrapped->DATA_len = ntohs(IPhead.length) - (unwrapped->IP_len); ++ } + return TCP; + } + if(IPhead.protocol == ICMP ) /* ICMP */ + { +! if(unwrapped->FRAG_nf == 0) +! { +! if( (ntohs(IPhead.length)-(unwrapped->IP_len))<4 ) +! {return CORRUPT_IP;}; +! +! memcpy(&ICMPhead,(sp+PROTO_HEAD+(unwrapped->IP_len)), + sizeof(struct ICMP_header)); +! unwrapped->ICMP_len = ICMP_HEADLENGTH; +! unwrapped->DATA_len = ntohs(IPhead.length) - + (unwrapped->IP_len) - (unwrapped->ICMP_len); +! return ICMP; +! } +! else +! { +! return -1; /* don't handle fragmented ICMP */ +! } + } + if(IPhead.protocol == UDP ) /* UDP */ + { +! if(unwrapped->FRAG_nf == 0) +! { +! if( (ntohs(IPhead.length)-(unwrapped->IP_len))<8 ) +! {return CORRUPT_IP;}; +! +! memcpy(&UDPhead,(sp+PROTO_HEAD+(unwrapped->IP_len)), + sizeof(struct UDP_header)); +! unwrapped->UDP_len = UDP_HEADLENGTH; +! unwrapped->DATA_len = ntohs(IPhead.length) - + (unwrapped->IP_len) - (unwrapped->UDP_len); ++ } ++ else ++ { ++ unwrapped->DATA_len = ntohs(IPhead.length)-(unwrapped->IP_len); ++ } + return UDP; + } + return -1; +*** sn_packetstructs.h Fri Apr 18 11:33:58 1997 +--- sn_packetstructs.h Thu Jul 24 16:17:20 1997 +*************** +*** 44,51 **** + unsigned short length, checksum; + }; + +! struct unwrap /* some extra info */ + { + int IP_len, TCP_len, ICMP_len, UDP_len; /* header lengths */ + int DATA_len; + }; +--- 44,52 ---- + unsigned short length, checksum; + }; + +! struct unwrap /* some extra info */ + { + int IP_len, TCP_len, ICMP_len, UDP_len; /* header lengths */ + int DATA_len; ++ char FRAG_nf; /* not the first fragment */ + }; +*** sniffit.0.3.5.c Fri Apr 18 11:33:58 1997 +--- sniffit.0.3.5.c Thu Aug 22 19:19:49 1985 +*************** +*** 411,421 **** +--- 411,427 ---- + proto=unwrap_packet(sp, info); + if(proto == NO_IP) return DONT_EXAMINE; /* no use in trying */ + if(proto == NO_IP_4) return DONT_EXAMINE; /* no use in trying */ ++ if(proto == CORRUPT_IP) ++ {printf("Suspicious Packet detected... (Split header)\n"); ++ return DONT_EXAMINE;} + + memcpy(&iphead,(sp+PROTO_HEAD),sizeof(struct IP_header)); + so=(unsigned char *)&(iphead.source); + dest=(unsigned char *)&(iphead.destination); + ++ if(info->FRAG_nf!=0) ++ {printf("Fragment Skipped...\n"); return DONT_EXAMINE; }; ++ + if((proto==TCP)&&(PROTOCOLS&F_TCP)) + { + #ifdef DEBUG_ONSCREEN +*************** +*** 1220,1225 **** +--- 1226,1235 ---- + proto=unwrap_packet(sp, info); + if(proto == NO_IP) return DONT_EXAMINE; /* no use in trying */ + if(proto == NO_IP_4) return DONT_EXAMINE; /* no use in trying */ ++ if(proto == CORRUPT_IP) return DONT_EXAMINE; /* no use in trying */ ++ ++ if(info->FRAG_nf!=0) ++ {return DONT_EXAMINE; }; + + (*IP_nr_of_packets)++; + if(proto==ICMP) diff --git a/net/sniffit/patches/patch-ab b/net/sniffit/patches/patch-ab new file mode 100644 index 00000000000..930c5a66cac --- /dev/null +++ b/net/sniffit/patches/patch-ab @@ -0,0 +1,17 @@ +--- configure.BAK Mon Mar 30 09:33:48 1998 ++++ configure Mon Mar 30 09:33:55 1998 +@@ -1304,6 +1304,14 @@ + OS_OPT= + + ;; ++netbsd*) ++ cat >> confdefs.h <<\EOF ++#define NETBSD 1 ++EOF ++ ++ OS_OPT= ++ ++ ;; + *) + echo "NOT A SUPPORTED SYSTEM / OR SYSTEM NOT RECOGNISED" + echo "Contact <Coder@reptile.rug.ac.be> if you feel it might be a bug." diff --git a/net/sniffit/patches/patch-ac b/net/sniffit/patches/patch-ac new file mode 100644 index 00000000000..9b7fe535f90 --- /dev/null +++ b/net/sniffit/patches/patch-ac @@ -0,0 +1,24 @@ +--- sn_data.h.BAK Mon Mar 30 09:33:53 1998 ++++ sn_data.h Mon Mar 30 09:33:57 1998 +@@ -25,6 +25,21 @@ + char *ETH_DEV[]={"ed"}; + #endif + ++#ifdef NETBSD ++#ifdef i386 ++#define ETH_DEV_NR 20 ++char *ETH_DEV[]={"ai","de","ec","ef","eg","el","en","ep","fe","fea","fpa","fxp","ix","iy","lc","le","ne","sm","tl","we"}; ++#elif defined(sparc) ++#define ETH_DEV_NR 2 ++char *ETH_DEV[]={"le","ie"}; ++#elif defined(amiga) ++#define ETH_DEV_NR 5 ++char *ETH_DEV[]={"bah","ed","es","le","qn"}; ++#else ++#error Unknown network devices for this NetBSD architecture. ++#endif ++#endif ++ + #ifdef BSDI + #define ETH_DEV_NR 1 + char *ETH_DEV[]={"ef"}; diff --git a/net/sniffit/patches/patch-ad b/net/sniffit/patches/patch-ad new file mode 100644 index 00000000000..d9ebc35a368 --- /dev/null +++ b/net/sniffit/patches/patch-ad @@ -0,0 +1,34 @@ +--- Makefile.in.BAK Mon Mar 30 09:38:19 1998 ++++ Makefile.in Mon Mar 30 09:38:50 1998 +@@ -11,9 +11,9 @@ + DEFS = @DEFS@ + OS_OPT = @OS_OPT@ + OBJ_FLAG = -w -O2 -c +-OBJ_OPT = -I./libpcap-0.3 -L./libpcap-0.3 ++OBJ_OPT = + EXE_FLAG = -w -O2 -o sniffit +-EXE_OPT = -I./libpcap-0.3 -L./libpcap-0.3 -lpcap ++EXE_OPT = -lpcap + EXE_OBJ = sn_packets.o sn_generation.o sn_interface.o sn_cfgfile.o \ + sn_logfile.o + DEP_FILES = sn_config.h pcap.h sn_data.h sn_defines.h sn_plugins.h \ +@@ -21,7 +21,6 @@ + sn_generation.o sn_interface.o sn_cfgfile.o sn_logfile.o + + sniffit: $(SNIFFIT) $(DEP_FILES) +- cd libpcap-0.3; make; cd .. + $(CC) $(EXE_FLAG) $(SNIFFIT) $(EXE_OBJ) $(EXE_OPT) $(LIBS) $(DEFS) $(OS_OPT) + strip sniffit + +@@ -44,11 +43,7 @@ + + #Clean up everthing... + clean: +- cd libpcap-0.3; make clean; rm -f config.cache; cd .. + rm -f config.cache + rm -f config.status + rm -f config.log +- rm -f ./libpcap-0.3/config.cache +- rm -f ./libpcap-0.3/config.status +- rm -f ./libpcap-0.3/config.log + rm -f *.o sniffit diff --git a/net/sniffit/pkg/COMMENT b/net/sniffit/pkg/COMMENT new file mode 100644 index 00000000000..767b1a81ae5 --- /dev/null +++ b/net/sniffit/pkg/COMMENT @@ -0,0 +1 @@ +A packet sniffer program. diff --git a/net/sniffit/pkg/DESCR b/net/sniffit/pkg/DESCR new file mode 100644 index 00000000000..4074b701ca8 --- /dev/null +++ b/net/sniffit/pkg/DESCR @@ -0,0 +1,3 @@ +Sniffit is a packet sniffer for TCP/UDP/ICMP packets. Sniffit is able to +give you very detailed technical info on these packets (SEQ, ACK, TTL, Window, ...) +but also packet contence in different formats (hex or plain text, ...) diff --git a/net/sniffit/pkg/PLIST b/net/sniffit/pkg/PLIST new file mode 100644 index 00000000000..e99e9bbb447 --- /dev/null +++ b/net/sniffit/pkg/PLIST @@ -0,0 +1 @@ +sbin/sniffit |