summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--net/sniffit/Makefile25
-rw-r--r--net/sniffit/files/md51
-rw-r--r--net/sniffit/patches/patch-aa216
-rw-r--r--net/sniffit/patches/patch-ab17
-rw-r--r--net/sniffit/patches/patch-ac24
-rw-r--r--net/sniffit/patches/patch-ad34
-rw-r--r--net/sniffit/pkg/COMMENT1
-rw-r--r--net/sniffit/pkg/DESCR3
-rw-r--r--net/sniffit/pkg/PLIST1
9 files changed, 322 insertions, 0 deletions
diff --git a/net/sniffit/Makefile b/net/sniffit/Makefile
new file mode 100644
index 00000000000..db2411b978d
--- /dev/null
+++ b/net/sniffit/Makefile
@@ -0,0 +1,25 @@
+# New ports collection makefile for: sniffit
+# Version required: 0.3.5
+# Date created: 28 Mar 1998
+# Whom: bsdx
+#
+# $NetBSD: Makefile,v 1.1 1998/03/30 08:47:37 hubertf Exp $
+# FreeBSD
+#
+
+DISTNAME= sniffit.0.3.5
+CATEGORIES= security
+MASTER_SITES= http://reptile.rug.ac.be/~coder/sniffit/files/
+
+MAINTAINER= packages@netbsd.org
+
+
+do-build:
+ cd ${WRKSRC} ; ./configure ; make
+
+do-install:
+ cd ${WRKSRC} ; cp sniffit ${PREFIX}/sbin/sniffit
+ chmod 555 ${PREFIX}/sbin/sniffit
+ chown bin.bin ${PREFIX}/sbin/sniffit
+
+.include <bsd.port.mk>
diff --git a/net/sniffit/files/md5 b/net/sniffit/files/md5
new file mode 100644
index 00000000000..c455648e4d7
--- /dev/null
+++ b/net/sniffit/files/md5
@@ -0,0 +1 @@
+MD5 (sniffit.0.3.5.tar.gz) = bd116c62669372d7ea7f59c337f6822a
diff --git a/net/sniffit/patches/patch-aa b/net/sniffit/patches/patch-aa
new file mode 100644
index 00000000000..59926bc6157
--- /dev/null
+++ b/net/sniffit/patches/patch-aa
@@ -0,0 +1,216 @@
+*** sn_defines.h Fri Apr 18 11:33:58 1997
+--- sn_defines.h Thu Jul 24 16:02:16 1997
+***************
+*** 80,90 ****
+ #define SYN 2
+ #define FIN 1
+
+! #define NO_IP 0
+! #define NO_IP_4 1000
+! #define ICMP 1 /* Protocol Numbers */
+! #define TCP 6
+! #define UDP 17
+
+ #define ICMP_HEADLENGTH 4 /* fixed ICMP header length */
+ #define UDP_HEADLENGTH 8 /* fixed UDP header length */
+--- 80,91 ----
+ #define SYN 2
+ #define FIN 1
+
+! #define NO_IP 0
+! #define NO_IP_4 1000
+! #define CORRUPT_IP 1001
+! #define ICMP 1 /* Protocol Numbers */
+! #define TCP 6
+! #define UDP 17
+
+ #define ICMP_HEADLENGTH 4 /* fixed ICMP header length */
+ #define UDP_HEADLENGTH 8 /* fixed UDP header length */
+*** sn_packets.c Fri Apr 18 11:33:58 1997
+--- sn_packets.c Thu Aug 22 19:18:51 1985
+***************
+*** 43,48 ****
+--- 43,49 ----
+ struct UDP_header UDPhead;
+
+ int i;
++ short int dummy; /* 2 bytes, important */
+
+ memcpy(&IPhead,(sp+PROTO_HEAD),sizeof(struct IP_header));
+ /* IP header Conversion */
+***************
+*** 51,56 ****
+--- 52,58 ----
+ unwrapped->TCP_len = 0; /* Reset structure NEEDED!!! */
+ unwrapped->UDP_len = 0;
+ unwrapped->DATA_len = 0;
++ unwrapped->FRAG_nf = 0;
+
+ if(NO_CHKSUM == 0)
+ {
+***************
+*** 75,106 ****
+ /* restore orig buffer */
+ /* general programming rule */
+ }
+ if(IPhead.protocol == TCP ) /* TCP */
+ {
+! memcpy(&TCPhead,(sp+PROTO_HEAD+(unwrapped->IP_len)),
+ sizeof(struct TCP_header));
+! unwrapped->TCP_len = ntohs(TCPhead.offset_flag) & 0xF000;
+! unwrapped->TCP_len >>= 10;
+! unwrapped->DATA_len = ntohs(IPhead.length) -
+ (unwrapped->IP_len) - (unwrapped->TCP_len);
+ return TCP;
+ }
+ if(IPhead.protocol == ICMP ) /* ICMP */
+ {
+! memcpy(&ICMPhead,(sp+PROTO_HEAD+(unwrapped->IP_len)),
+ sizeof(struct ICMP_header));
+! unwrapped->ICMP_len = ICMP_HEADLENGTH;
+! unwrapped->DATA_len = ntohs(IPhead.length) -
+ (unwrapped->IP_len) - (unwrapped->ICMP_len);
+! return ICMP;
+ }
+ if(IPhead.protocol == UDP ) /* UDP */
+ {
+! memcpy(&UDPhead,(sp+PROTO_HEAD+(unwrapped->IP_len)),
+ sizeof(struct UDP_header));
+! unwrapped->UDP_len = UDP_HEADLENGTH;
+! unwrapped->DATA_len = ntohs(IPhead.length) -
+ (unwrapped->IP_len) - (unwrapped->UDP_len);
+ return UDP;
+ }
+ return -1;
+--- 77,150 ----
+ /* restore orig buffer */
+ /* general programming rule */
+ }
++
++ #ifdef DEBUG_ONSCREEN
++ printf("IPheadlen: %d total length: %d\n", unwrapped->IP_len,
++ ntohs(IPhead.length));
++ #endif
++
++ dummy=ntohs(IPhead.flag_offset); dummy<<=3;
++ if( dummy!=0 ) /* we have offset */
++ {
++ unwrapped->FRAG_nf = 1;
++ }
++
+ if(IPhead.protocol == TCP ) /* TCP */
+ {
+! if(unwrapped->FRAG_nf == 0)
+! {
+! if( (ntohs(IPhead.length)-(unwrapped->IP_len))<20 )
+! {return CORRUPT_IP;};
+!
+! memcpy(&TCPhead,(sp+PROTO_HEAD+(unwrapped->IP_len)),
+ sizeof(struct TCP_header));
+! unwrapped->TCP_len = ntohs(TCPhead.offset_flag) & 0xF000;
+! unwrapped->TCP_len >>= 10;
+! unwrapped->DATA_len = ntohs(IPhead.length) -
+ (unwrapped->IP_len) - (unwrapped->TCP_len);
++ }
++ else
++ {
++ unwrapped->DATA_len = ntohs(IPhead.length) - (unwrapped->IP_len);
++ }
+ return TCP;
+ }
+ if(IPhead.protocol == ICMP ) /* ICMP */
+ {
+! if(unwrapped->FRAG_nf == 0)
+! {
+! if( (ntohs(IPhead.length)-(unwrapped->IP_len))<4 )
+! {return CORRUPT_IP;};
+!
+! memcpy(&ICMPhead,(sp+PROTO_HEAD+(unwrapped->IP_len)),
+ sizeof(struct ICMP_header));
+! unwrapped->ICMP_len = ICMP_HEADLENGTH;
+! unwrapped->DATA_len = ntohs(IPhead.length) -
+ (unwrapped->IP_len) - (unwrapped->ICMP_len);
+! return ICMP;
+! }
+! else
+! {
+! return -1; /* don't handle fragmented ICMP */
+! }
+ }
+ if(IPhead.protocol == UDP ) /* UDP */
+ {
+! if(unwrapped->FRAG_nf == 0)
+! {
+! if( (ntohs(IPhead.length)-(unwrapped->IP_len))<8 )
+! {return CORRUPT_IP;};
+!
+! memcpy(&UDPhead,(sp+PROTO_HEAD+(unwrapped->IP_len)),
+ sizeof(struct UDP_header));
+! unwrapped->UDP_len = UDP_HEADLENGTH;
+! unwrapped->DATA_len = ntohs(IPhead.length) -
+ (unwrapped->IP_len) - (unwrapped->UDP_len);
++ }
++ else
++ {
++ unwrapped->DATA_len = ntohs(IPhead.length)-(unwrapped->IP_len);
++ }
+ return UDP;
+ }
+ return -1;
+*** sn_packetstructs.h Fri Apr 18 11:33:58 1997
+--- sn_packetstructs.h Thu Jul 24 16:17:20 1997
+***************
+*** 44,51 ****
+ unsigned short length, checksum;
+ };
+
+! struct unwrap /* some extra info */
+ {
+ int IP_len, TCP_len, ICMP_len, UDP_len; /* header lengths */
+ int DATA_len;
+ };
+--- 44,52 ----
+ unsigned short length, checksum;
+ };
+
+! struct unwrap /* some extra info */
+ {
+ int IP_len, TCP_len, ICMP_len, UDP_len; /* header lengths */
+ int DATA_len;
++ char FRAG_nf; /* not the first fragment */
+ };
+*** sniffit.0.3.5.c Fri Apr 18 11:33:58 1997
+--- sniffit.0.3.5.c Thu Aug 22 19:19:49 1985
+***************
+*** 411,421 ****
+--- 411,427 ----
+ proto=unwrap_packet(sp, info);
+ if(proto == NO_IP) return DONT_EXAMINE; /* no use in trying */
+ if(proto == NO_IP_4) return DONT_EXAMINE; /* no use in trying */
++ if(proto == CORRUPT_IP)
++ {printf("Suspicious Packet detected... (Split header)\n");
++ return DONT_EXAMINE;}
+
+ memcpy(&iphead,(sp+PROTO_HEAD),sizeof(struct IP_header));
+ so=(unsigned char *)&(iphead.source);
+ dest=(unsigned char *)&(iphead.destination);
+
++ if(info->FRAG_nf!=0)
++ {printf("Fragment Skipped...\n"); return DONT_EXAMINE; };
++
+ if((proto==TCP)&&(PROTOCOLS&F_TCP))
+ {
+ #ifdef DEBUG_ONSCREEN
+***************
+*** 1220,1225 ****
+--- 1226,1235 ----
+ proto=unwrap_packet(sp, info);
+ if(proto == NO_IP) return DONT_EXAMINE; /* no use in trying */
+ if(proto == NO_IP_4) return DONT_EXAMINE; /* no use in trying */
++ if(proto == CORRUPT_IP) return DONT_EXAMINE; /* no use in trying */
++
++ if(info->FRAG_nf!=0)
++ {return DONT_EXAMINE; };
+
+ (*IP_nr_of_packets)++;
+ if(proto==ICMP)
diff --git a/net/sniffit/patches/patch-ab b/net/sniffit/patches/patch-ab
new file mode 100644
index 00000000000..930c5a66cac
--- /dev/null
+++ b/net/sniffit/patches/patch-ab
@@ -0,0 +1,17 @@
+--- configure.BAK Mon Mar 30 09:33:48 1998
++++ configure Mon Mar 30 09:33:55 1998
+@@ -1304,6 +1304,14 @@
+ OS_OPT=
+
+ ;;
++netbsd*)
++ cat >> confdefs.h <<\EOF
++#define NETBSD 1
++EOF
++
++ OS_OPT=
++
++ ;;
+ *)
+ echo "NOT A SUPPORTED SYSTEM / OR SYSTEM NOT RECOGNISED"
+ echo "Contact <Coder@reptile.rug.ac.be> if you feel it might be a bug."
diff --git a/net/sniffit/patches/patch-ac b/net/sniffit/patches/patch-ac
new file mode 100644
index 00000000000..9b7fe535f90
--- /dev/null
+++ b/net/sniffit/patches/patch-ac
@@ -0,0 +1,24 @@
+--- sn_data.h.BAK Mon Mar 30 09:33:53 1998
++++ sn_data.h Mon Mar 30 09:33:57 1998
+@@ -25,6 +25,21 @@
+ char *ETH_DEV[]={"ed"};
+ #endif
+
++#ifdef NETBSD
++#ifdef i386
++#define ETH_DEV_NR 20
++char *ETH_DEV[]={"ai","de","ec","ef","eg","el","en","ep","fe","fea","fpa","fxp","ix","iy","lc","le","ne","sm","tl","we"};
++#elif defined(sparc)
++#define ETH_DEV_NR 2
++char *ETH_DEV[]={"le","ie"};
++#elif defined(amiga)
++#define ETH_DEV_NR 5
++char *ETH_DEV[]={"bah","ed","es","le","qn"};
++#else
++#error Unknown network devices for this NetBSD architecture.
++#endif
++#endif
++
+ #ifdef BSDI
+ #define ETH_DEV_NR 1
+ char *ETH_DEV[]={"ef"};
diff --git a/net/sniffit/patches/patch-ad b/net/sniffit/patches/patch-ad
new file mode 100644
index 00000000000..d9ebc35a368
--- /dev/null
+++ b/net/sniffit/patches/patch-ad
@@ -0,0 +1,34 @@
+--- Makefile.in.BAK Mon Mar 30 09:38:19 1998
++++ Makefile.in Mon Mar 30 09:38:50 1998
+@@ -11,9 +11,9 @@
+ DEFS = @DEFS@
+ OS_OPT = @OS_OPT@
+ OBJ_FLAG = -w -O2 -c
+-OBJ_OPT = -I./libpcap-0.3 -L./libpcap-0.3
++OBJ_OPT =
+ EXE_FLAG = -w -O2 -o sniffit
+-EXE_OPT = -I./libpcap-0.3 -L./libpcap-0.3 -lpcap
++EXE_OPT = -lpcap
+ EXE_OBJ = sn_packets.o sn_generation.o sn_interface.o sn_cfgfile.o \
+ sn_logfile.o
+ DEP_FILES = sn_config.h pcap.h sn_data.h sn_defines.h sn_plugins.h \
+@@ -21,7 +21,6 @@
+ sn_generation.o sn_interface.o sn_cfgfile.o sn_logfile.o
+
+ sniffit: $(SNIFFIT) $(DEP_FILES)
+- cd libpcap-0.3; make; cd ..
+ $(CC) $(EXE_FLAG) $(SNIFFIT) $(EXE_OBJ) $(EXE_OPT) $(LIBS) $(DEFS) $(OS_OPT)
+ strip sniffit
+
+@@ -44,11 +43,7 @@
+
+ #Clean up everthing...
+ clean:
+- cd libpcap-0.3; make clean; rm -f config.cache; cd ..
+ rm -f config.cache
+ rm -f config.status
+ rm -f config.log
+- rm -f ./libpcap-0.3/config.cache
+- rm -f ./libpcap-0.3/config.status
+- rm -f ./libpcap-0.3/config.log
+ rm -f *.o sniffit
diff --git a/net/sniffit/pkg/COMMENT b/net/sniffit/pkg/COMMENT
new file mode 100644
index 00000000000..767b1a81ae5
--- /dev/null
+++ b/net/sniffit/pkg/COMMENT
@@ -0,0 +1 @@
+A packet sniffer program.
diff --git a/net/sniffit/pkg/DESCR b/net/sniffit/pkg/DESCR
new file mode 100644
index 00000000000..4074b701ca8
--- /dev/null
+++ b/net/sniffit/pkg/DESCR
@@ -0,0 +1,3 @@
+Sniffit is a packet sniffer for TCP/UDP/ICMP packets. Sniffit is able to
+give you very detailed technical info on these packets (SEQ, ACK, TTL, Window, ...)
+but also packet contence in different formats (hex or plain text, ...)
diff --git a/net/sniffit/pkg/PLIST b/net/sniffit/pkg/PLIST
new file mode 100644
index 00000000000..e99e9bbb447
--- /dev/null
+++ b/net/sniffit/pkg/PLIST
@@ -0,0 +1 @@
+sbin/sniffit