diff options
Diffstat (limited to 'security/fragroute')
-rw-r--r-- | security/fragroute/DESCR | 16 | ||||
-rw-r--r-- | security/fragroute/Makefile | 32 | ||||
-rw-r--r-- | security/fragroute/PLIST | 24 | ||||
-rw-r--r-- | security/fragroute/distinfo | 6 | ||||
-rw-r--r-- | security/fragroute/patches/patch-aa | 24 | ||||
-rw-r--r-- | security/fragroute/patches/patch-ab | 13 |
6 files changed, 115 insertions, 0 deletions
diff --git a/security/fragroute/DESCR b/security/fragroute/DESCR new file mode 100644 index 00000000000..c2c207bc762 --- /dev/null +++ b/security/fragroute/DESCR @@ -0,0 +1,16 @@ +"Fragroute intercepts, modifies, and rewrites egress traffic destined +for a specified host, implementing most of the attacks described in the +Secure Networks "Insertion, Evasion, and Denial of Service: Eluding +Network Intrusion Detection" paper of January 1998. + +It features a simple ruleset language to delay, duplicate, drop, +fragment, overlap, print, reorder, segment, source-route, or otherwise +monkey with all outbound packets destined for a target host, with +minimal support for randomized or probabilistic behaviour. + +This tool was written in good faith to aid in the testing of network +intrusion detection systems, firewalls, and basic TCP/IP stack +behaviour. Please do not abuse this software." + +WWW: http://www.monkey.org/~dugsong/fragroute/ +- Dominic <dominic_marks@btinternet.com> diff --git a/security/fragroute/Makefile b/security/fragroute/Makefile new file mode 100644 index 00000000000..2fe5e34243f --- /dev/null +++ b/security/fragroute/Makefile @@ -0,0 +1,32 @@ +# $NetBSD: Makefile,v 1.1.1.1 2004/01/08 17:55:15 agc Exp $ +# FreeBSD Id: ports/security/fragroute/Makefile,v 1.10 2003/09/24 08:37:38 edwin Exp + +DISTNAME= fragroute-1.2 +CATEGORIES= security net +MASTER_SITES= http://monkey.org/~dugsong/fragroute/ + +MAINTAINER= tech-pkg@NetBSD.org +HOMEPAGE= http://www.monkey.org/~dugsong/fragroute/ +COMMENT= Tool for intercepting, modifying and rewriting egress traffic + +USE_BUILDLINK2= YES + +GNU_CONFIGURE= YES +CONFIGURE_ARGS+= --with-libdnet=${PREFIX} +CONFIGURE_ARGS+= --with-libevent=${BUILDLINK_PREFIX.libevent} +CONFIGURE_ARGS+= --with-pcap=${BUILDLINK_PREFIX.libpcap} + +SCRIPTS= README.snort base-1 frag-1 frag-2 frag-3 frag-4 frag-5 \ + frag-6 frag-7-unix frag-7-win32 ins-2 ins-3 tcbc-2 tcp-3 tcp-5 \ + tcp-7 tcp-9 + +pre-install: + ${INSTALL_DATA_DIR} ${PREFIX}/share/fragroute +.for FILE in ${SCRIPTS} + ${INSTALL_DATA} ${WRKSRC}/scripts/${FILE} ${PREFIX}/share/fragroute +.endfor + +.include "../../net/libpcap/buildlink2.mk" +.include "../../net/libdnet/buildlink2.mk" +.include "../../devel/libevent/buildlink2.mk" +.include "../../mk/bsd.pkg.mk" diff --git a/security/fragroute/PLIST b/security/fragroute/PLIST new file mode 100644 index 00000000000..9bedad3af83 --- /dev/null +++ b/security/fragroute/PLIST @@ -0,0 +1,24 @@ +@comment $NetBSD: PLIST,v 1.1.1.1 2004/01/08 17:55:15 agc Exp $ +etc/fragroute.conf +man/man8/fragroute.8 +man/man8/fragtest.8 +sbin/fragroute +sbin/fragtest +share/fragroute/README.snort +share/fragroute/base-1 +share/fragroute/frag-1 +share/fragroute/frag-2 +share/fragroute/frag-3 +share/fragroute/frag-4 +share/fragroute/frag-5 +share/fragroute/frag-6 +share/fragroute/frag-7-unix +share/fragroute/frag-7-win32 +share/fragroute/ins-2 +share/fragroute/ins-3 +share/fragroute/tcbc-2 +share/fragroute/tcp-3 +share/fragroute/tcp-5 +share/fragroute/tcp-7 +share/fragroute/tcp-9 +@dirrm share/fragroute diff --git a/security/fragroute/distinfo b/security/fragroute/distinfo new file mode 100644 index 00000000000..819a8bc9de0 --- /dev/null +++ b/security/fragroute/distinfo @@ -0,0 +1,6 @@ +$NetBSD: distinfo,v 1.1.1.1 2004/01/08 17:55:15 agc Exp $ + +SHA1 (fragroute-1.2.tar.gz) = 0e85daf40f4910d56d75e6cdee163305a1cb9004 +Size (fragroute-1.2.tar.gz) = 85247 bytes +SHA1 (patch-aa) = 7cc6a7b7b20cd7e63f1afde0caf89f339537d376 +SHA1 (patch-ab) = 36bb985c8c06fa245c5a489c7158ec780dc9b42a diff --git a/security/fragroute/patches/patch-aa b/security/fragroute/patches/patch-aa new file mode 100644 index 00000000000..c7f2293746d --- /dev/null +++ b/security/fragroute/patches/patch-aa @@ -0,0 +1,24 @@ +$NetBSD: patch-aa,v 1.1.1.1 2004/01/08 17:55:15 agc Exp $ + +--- mod.c 2004/01/08 17:33:51 1.1 ++++ mod.c 2004/01/08 17:41:16 +@@ -151,10 +151,19 @@ + { + struct rule *rule; + ++#ifdef __NetBSD__ ++ TAILQ_FOREACH_REVERSE(rule, &rules, head, next) { ++ if (rule->mod->close != NULL) ++ rule->data = rule->mod->close(rule->data); ++ TAILQ_REMOVE(&rules, rule, next); ++ free(rule); ++ } ++#else + TAILQ_FOREACH_REVERSE(rule, &rules, next, head) { + if (rule->mod->close != NULL) + rule->data = rule->mod->close(rule->data); + TAILQ_REMOVE(&rules, rule, next); + free(rule); + } ++#endif + } diff --git a/security/fragroute/patches/patch-ab b/security/fragroute/patches/patch-ab new file mode 100644 index 00000000000..a5884c21cc0 --- /dev/null +++ b/security/fragroute/patches/patch-ab @@ -0,0 +1,13 @@ +$NetBSD: patch-ab,v 1.1.1.1 2004/01/08 17:55:15 agc Exp $ + +--- pkt.h 2004/01/08 17:49:28 1.1 ++++ pkt.h 2004/01/08 17:50:01 +@@ -68,4 +68,8 @@ + void pktq_shuffle(rand_t *r, struct pktq *pktq); + struct pkt *pktq_random(rand_t *r, struct pktq *pktq); + ++#ifndef TAILQ_END ++#define TAILQ_END(head) NULL ++#endif ++ + #endif /* PKT_H */ |