| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
v1.17 Dec 12 2002
- fixed a stupid bug in TCP reassembly; having received a particular order
of TCP out of frame segments, libnids could lost track of the current
seq, and miss the following data stream
- DLT_FDDI
- benign typo in hash.c
- mentioned usefulness of two process buffering on a fast network
v1.17rc1 Aug 30 2002
- support for libnet-1.1 and --with-libnet=no
- added support for libpcap save files
- finally, DLT_LINUX_SLL is recognized
- removed a horrible assumption on sizeof(pointer); it could result in
segfault in scan.c
- --enable-shared
- __i386 -> __i386__ || __i386 :(
- support for 802.1Q VLAN
- support for wireless frames (DLT_IEEE802_11)
- got rid of (obsolete) pcap_open_live_new
- bail out if link type is unknown, instead of pretending it is ethernet
- $(MAKE) -> $(MAKE) $(AM_MAKEFLAGS)
- added a working link to Ptacek-Newsham paper
- %hi -> %hu :)
- align IP header if necessary (should not be)
- improved libraries detection
- mentioned usefulness od setsockopt(...SO_RCVBUF...) on a fast network
v1.16 Nov 3 2000
- nah, at least a release forced by a security bug. A typo in libnids.c
could cause libnids to segfault when source routed frame has been received.
v1.15 Oct 9 2000
- token ring support
- new configurable option (non-default): if a tcp callback hasn't processed
all available data, it is called immediately again
- fixed alignment in hash.c, which caused sigsegv on Sparc
- another _obviously_ redundant include file added to configure test progs
- html version of the API documentation
|
|
The main change since 1.1 is working support for the SpeedTouch 330 USB
ADSL modem. The earlier SpeedTouch USB modem has not been shipping for
over a year, and 1.1 either runs extremely slowly with a 330, or locks
the machine solid and panics when unplugged.
(speedtouch has been in beta for over a year now)
|
|
|
|
From Quentin Garnier <cube@cubidou.net> resolves pr pkg/23080
|
|
This makes this package compile on Solaris and Linux (plus - hey! - static
linking is really from the past millennium!)
Fixes PR 23032.
|
|
Original patch by Simas Mockevicius <symka@vejas.lt>
|
|
assumed incorrectly that if you are using Linux, that you want to
use the nmap-provided libpcap code; but the libpcap package works
fine. (Okay'd by salo.)
|
|
Min Sik Kim <minskim at bawi dot org>. Bump PKGREVISION to 1.
|
|
|
|
Various changes, including:
* forbid mget of filenames that aren't in or below the local cwd.
* improve auto-fetch transfers
* improve www/proxy authentication support
* improve http response header parsing
* change UCB-licensed code from 4-clause to 3-clause
|
|
Various changes, including:
* forbid mget of filenames that aren't in or below the local cwd.
* improve auto-fetch transfers
* improve www/proxy authentication support
* improve http response header parsing
* change UCB-licensed code from 4-clause to 3-clause
|
|
* bug fixes
* documentation updates
|
|
|
|
|
|
the necessary permissions for quagga to create files. The default
${PREFIX} will not have the permissions needed.
|
|
but I'm not sure what they are, and the freenet6 site does not
appear to have an easy way to get older versions of the files.
This is an INTERACTIVE_STAGES= fetch package also, so people might
have some difficulty without this update.
|
|
|
|
Redirects TCP connections from one IP address and port to another.
rinetd is a single-process server which handles any number of
connections address/port pairs. Since rinetd runs as a single
process using nonblocking I/O, it is able to redirect a large
number of connections without a severe impact on the machine.
|
|
|
|
via pkgsrc-wip
The patches are adapated from FreeBSD's pygopherd "port".
This is an all-new, modern Gopher server. It can serve documents
with Gopher+, standard Gopher (RFC1436), and HTTP -- all on the same
port. Pygopherd features a modular extension system as well as
loadable scripts and much more. It contains full support for
UMN gopherd systems -- including .Links, .names, .cap, searches, etc.
Pygopherd also supports Bucktooth features such as gophermap files
and executables. In addition to all this, there are Pygopherd's own
extra features. All features are fully customizable and can be enabled
or disabled by editing etc/pygopherd/pygopherd.conf.
|
|
including <des.h> if we are on -current or create a symlink in the
BUILDLINK_DIR if we don't have OpenSSL 0.9.7).
Closes PR pkg/22710 by Soren Jacobsen. Bump pkgrevision to 4.
|
|
Patch provided by Adrian Portelli via PR pkg/22323 with some changes by me
(GCC 3.x fixes)
Changes:
* Made the source ansi compliant and fixed namespace usage.
* Made debuging a command line switch.
* Converted code to use namespaces.
|
|
|
|
* Files now only get allocated as they're downloaded and don't
fragment the hard drive
* Large torrents no longer hose the CPU
* Better network utilization and more consistent download rates
* Poorly seeded torrents get out faster
* Several important bug fixes
|
|
curses.buildlink2.mk. This was wrong because we _really_ do want to
express that we want _n_curses when we include the buildlink2.mk file.
We should have a better way to say that the NetBSD curses doesn't
quite work well enough. In fact, it's far better to depend on ncurses
by default, and exceptionally note when it's okay to use NetBSD curses
for specific packages. We will look into this again in the future.
|
|
3.1.6, 2003-08-25
+ Fixed an important bug that was causing socket leaks on Windows.
+ Added support for GCC 3.4 precompiled headers.
+ Aborting transfers is now more robust.
+ Re-fixed a problem where high ASCII characters at the NcFTP prompt
could cause it to exit.
+ Bug fixed where timeouts may not have worked.
+ To the improved ASCII handling from 3.1.5, added another case where we
workaround files sent by a buggy FTP server implementation whose
files have CR+CR+LF end-of-lines.
+ More fixes related to the above, as well as few other fixes from
Martin StorsjÃ.
+ Bug fixed where an upload filename could have been limited to 127
characters.
+ Firewall exception hosts are no longer case sensitive.
+ Bug fixed in ncftpput's "-c" option so it works with the "-f" option
(Thanks, ITO Tsuyoshi).
+ Ncftpbatch will now try to temporarily skip a failing host in the
current run (Thanks, Eric Engstrom).
+ Bug fixed where a several minute delay would be incurred if you
tried to transfer a file that did not exist.
+ For the malicious server problem that was addressed in 3.1.5, enhanced
the fix for better compatibility with Serv-U and WS_FTP servers.
3.1.5, 2002-10-13
+ Problem fixed where a malicious or trojaned FTP server could send back
pathnames with directories different from the directory requested.
For example, if you did:
cd /pub
get *.zip
the malicious server could
send back a pathname like ../../../some/other/dir/filename.here
rather than pathnames such as filename.zip and trick NcFTP into writing
into a different local pathname if your user privileges had permission
to write it.
For details, see the CERT Vulnerability Note, at
http://www.kb.cert.org/vuls/id/210409
+ Bug fixed where cd messages from remote server were not being displayed.
+ It's now possible to capture the output of the progress reports from
ncftpget/put by redirecting descriptor(s) to a file. Previous releases
required a "tty" to enable progress reports.
+ Compatibility fixes for AIX, Linux, Mac OS X, IRIX 6.2 and SunOS 4.
+ Be less pedantic about incorrectly formatted multi-line responses.
+ Bug fixed where NcFTP could hang at exit.
+ For ASCII transfers, try harder to handle non-native end-of-line formats.
3.1.4, 2002-07-02
+ Bug fixed in Win32 port which could cause NcFTP to mis-parse output
from Roxen FTP servers.
+ We now try to have ncftpbatch leave a core file for debugging if it
exits with SIGSEGV, SIGBUS, or SIGILL.
+ Fixed(?) an elusive bug which had been present for the past few versions
which could cause ncftpbatch to infinite loop or sleep too long.
+ New configure flag, --disable-ccdv.
+ Compatibility fixes for C++ and Linux.
+ Fixed a socket leak and a crash on Win32.
+ A few minor fixes for firewall logins (Thanks, Jochen Schnapka).
+ By default, proxy connections for PORT are no longer allowed. This is
mostly an extra security precaution, to eliminate cases where someone
could hijack a data connection by connecting to us after we issue PORT
but before the server could connect to us.
+ ncftpls now accepts a "-R" flag which is equivalent to "-x -lR".
+ Bugs fixed in configure script for our "--with-*" arguments
(Thanks, David Kaelbling).
+ A few new firewalls (permutations of type 1). (Thanks, Felix Buenemann)
3.1.3, 2002-03-27
+ Bug fixed on Solaris where a socket could be left in non-blocking mode.
+ Ls parsing is now more forgiving of weird /bin/ls implementations (AIX).
+ Be more lenient on broken server implementations which include extra
blank lines in the control connection conversation.
+ Fix for ncftpget which was exiting with code 3 if URL mode was used
and the file already existed.
+ Fix for resume prompts which in some cases was printing dates in the
format like "Sun Feb 20:02:15 CST 2002" instead of
"Sun Feb 24 20:02:15 CST 2002". (I.e. the day of the month was
missing.)
+ Compatibility fixes for IRIX 5.x and AIX 4.2.x.
+ Compatibility fixes for Cygwin
(Thanks, Charles Wilson <cwilson AT ece.gatech.edu>).
+ Some extra debugging information is now logged to the trace logs.
+ When running the Windows bookmark editor in standalone mode, the
program may not have launched NcFTP correctly with the selected
bookmark (Thanks, Jochen.Erwied AT mbs-software.de).
3.1.2, 2002-01-30:
+ A fix for the local hostname detection code which could result with only
the first character of the domain appended, rather than the entire domain
(Thanks, Bernhard Sadlowski <sadlowsk AT mathematik.uni-bielefeld.de>).
+ Another bug fixed in local hostname detection where looking up the host
by IP address was not done correctly.
+ Fixed a few portability problems on HP-UX 10.20 which were introduced
in 3.1.0.
+ Fixed bug with readdir_r usage on Solaris, which could cause crashes
when doing "put -R", among other things.
+ On Linux, use gethostbyname2_r() to specify that we only want IPv4
addresses returned.
+ Reversing behavior from 3.1.0 where we did a shutdown() on the half
of the socket that wasn't used. We suspect this was causing some
firewalls and routers to panic and assume the whole connection was
to be closed.
+ Bug fixed where an unresolvable hostname caused a pointless connection
attempt which would fail.
+ Shell utilities now print an error message when incompatible flags
are used in conjunction with "-b" or "-c".
+ A few fixes for ncftpbatch.
+ Numerous fixes for SOCKS5.
3.1.1, 2001-12-23:
+ Fixed bugs with our use of gethostbyname_r/addr_r on Linux.
+ Fixed bugs with our implementation of stat64() on Windows, which caused
problems when querying information about local directories.
+ Source distributions now include install-sh again.
+ Bug fixed with Win32 version of ncftpbookmarks, which could look
in $HOME/.ncftp rather than $HOME/ncftp. Many Win32 users weren't
affected, since the HOME environment variable is not always set.
3.1.0, 2001-12-17:
+ ACCT is now always sent if the server requests it and you're going
through the firewall.
+ Bug fixed where puts could delay a few seconds unnecessarily after
the file had been sent.
+ Bug fixed where passwords were saved if you chose to autosave bookmarks.
NcFTP also makes an effort to avoid saving passwords in the history
and trace files if you foolishly use passwords on your command lines.
+ Bug fixed on Win32 port where putting a file that did not exist could
cause a crash.
+ The "-r" (recursive) flag is back for "bgget" and "bgput". We now spool
the directory by creating individual spool files for each file in the
directory, which should increase reliability and usability of this feature.
+ The binary packages should be a bit leaner, since ncftpls wasn't getting
stripped.
+ Library optimizations should result in less unneeded code included with
programs that use the libraries. The binaries should be smaller as a
result.
+ Recursive uploading has been substantially reworked. "put -R" should now
work better, especially on the Win32 port. Arbitrary pathname sizes have
also been removed, so directory trees should only be limited by available
memory and stack space.
+ Huge number of lint fixes. NcFTP now compiles cleanly on several
platforms even with extra warning options enabled.
+ Large number of internal changes to the configure scripts.
+ Using my cool hack, "ccdv", in Makefiles. Originally this became a
necessity since some platforms could have $CFLAGS 4 or 5 lines long!
Besides streamlining the build process so that lint warnings can
easily be spotted, the builds are pleasing to the eye with ANSI color
if your $TERM supports it.
+ Fixed bug where Win32 $HOME bug fixed for 3.0.4 wasn't fixed for
ncftpbookmarks.
+ Fixes for large file support for the Win32 port.
+ Bugs fixed in Win32 port of ncftpbatch.
+ A few bug fixes for getline.
+ The default ASCII extensions list no longer include ".sh", since Sun
apparently distributes the JDK as a shell script with binary data
appended.
3.0.4, 2001-10-24:
+ Workaround new "feature" of glibc which defines printf as a macro if
gcc is version 2.97 or later.
+ Bug fixed from 3.0.3 that caused ^Z (suspend) to quit ncftp when it
was brought back to the foreground.
+ Bug fixed where large file support (LFS) was disabled on most systems.
+ New "ncftpspooler" utility program (actually a hard link to
"ncftpbatch") serves as a "Global batch FTP job processor daemon."
+ The utility program ncftpget now has a "-c" flag like ncftpput has.
+ Utility programs can now accept more than one -W/-X/-Y option, if
multiple commands are needed.
+ When changing directories, programs will try to change to the full path
first, then fall back to using "change one subdir at a time" mode.
+ Bug fixed where using the "delete local file after upload" option
and the "upload into temp file, then rename" option, the local file
would get deleted anyway if the rename failed.
+ Compatibility fixes for HP-UX.
+ Internal limits increased to handle longer command lines and more parameters.
+ Improvement to the reliability of the Win32 version by using the
_snprintf and _vsnprintf functions rather than sprintf and vsprintf.
+ A few more tweaks for MS-DOS pathname compatibility.
+ A tweak for better compatibility with Microsoft IIS.
+ A few tweaks for Cygwin support.
+ Fixes for --sysconfdir configure option courtesy of Christian Wiesgerber.
+ SOCKS5 is back in, but we don't support it.
+ Improved Y2K bug detection in remote servers.
+ Changed naming format for bgget/put spool files. The contents are now
documented; see the ncftpspooler man page.
+ Bug fixed in Win32 port which used $HOME rather than $HOME/ncftp as the
UNIX equivalent of the $HOME/.ncftp directory. Since most folks won't
have a $HOME environment variable on Win32, you'll probably not notice
the change.
|
|
support for base system curses/ncurses as well as ncurses itself.
suggested by wiz.
|
|
|
|
* Fix typo in trickled.sh (RCS_SCRIPTS_SHELL -> RCD_SCRIPTS_SHELL)
|
|
|
|
(Note that anyway, maradns' installation process is screwed up. It uses
cp and mkdir to install things, it copies useless stuff like Makefiles,
installs duplicates of manpages, etc...)
|
|
|
|
Changes:
Cleaned up and fixed a bug in the MaraDNS startup
script. Now, the only prorcesses that will be killed
will be bona fide MaraDNS processes.
Closes PR pkg/22963.
|
|
patch provided by Quentin Garnier in PR 22320
rc2 changes
* Major code rewrite (me)
* Fix for a problem about port number printing in TCP mode (thanks to
Yann Berthier)
* MTU value sanity check in option parsing (Nicolas Jombart)
* Fix the use of -W option (Nicolas Jombart)
* strlcpy() when needed (Brieuc Jeunhomme)
* source routing and random bugfixes (Brieuc Jeunhomme)
* Fix a bug when using BSD and a PPP link as a default route, and more
(Nicolas Jombart)
* --rand-source for random source addresses (me)
* --rand-dest for random destination addresses + manpage update (me)
* all the atoi() call was replaced with strto[u]l() (me)
* seq/ack setting using strtoul() instead of atoi() (Shachar Shemesh)
* DF added to the icmp and udp output (me)
* --port ++ fixed with UDP and enanched for TCP/UDP. Now the packets
matches only with a sport that is in the range base_dest_port -
current_dest_port (me) (Thanks to David Bar <dbar@Checkpoint.com>
for the original report).
|
|
|
|
trickle is a portable lightweight userspace bandwidth shaper. It
can run in collaborative mode (together with trickled) or in stand
alone mode. trickle works by taking advantage of the unix loader
preloading. Essentially it provides, to the application, a new
version of the functionality that is required to send and receive
data through sockets. It then limits traffic based on delaying the
sending and receiving of data over a socket. Trickle runs entirely
in userspace and does not require root privileges.
|
|
|
|
Package provided by pancake <pancake@phreaker.net> via pkgsrc-wip.
MaraDNS is a package that implements the Domain Name Service (DNS), an
essential internet service. MaraDNS is intended for environments where a DNS
server must be secure and where the server must use the absolute minimum
number of resources possible. MaraDNS was created in response to issues
people had with the DNS servers available in early 2001; and has the
following design goals:
Security-aware programming. A DNS server needs to be secure. I have a number
of security features in the code, including:
1. The code uses a special string library which is resistant to buffer
overflows.
2. The code, if started as root, mandates running as an unpriviledged user
in a chroot() jail.
Open-Source. The 1.0 release of the DNS server is public-domain code;
the 1.2 release will be released under a very liberal BSD-style license.
Simplicity. This DNS server has the minimum number of features needed to
correctly act as an authoritative and/or recursive name server.
|
|
problem when GCC 3.3.1 is used.
|
|
|
|
|
|
root/ignoreip, in response to Verisign's latest silliness. The
behavior of dnscache is unchanged unless you create this file. Bump
PKGREVISION.
While I'm here, change the "post-patch" target to "do-configure",
since that's what it's doing.
See <URL:http://tinydns.org/djbdns-1.05-ignoreip2.patch> for more
information about this patch.
|
|
|
|
Fixes vulnerability: http://xforce.iss.net/xforce/alerts/id/154
|
|
Patch from Adrian Portelli via PR pkg/22900.
Changes:
- Added Thresholding and Suppression features (Marc Norton/Sourcefire)
- Fixed TCP RST processing bug found (Shai Rubin)
- Cleanup of spp_arpspoof (Jeff Nathan)
- Cleanup of win32 version including proper Event Log support (Chris Reid)
- Munged data fixes for stream4 (Chris Green)
|
|
user supplies part of the string. Bump PKGREVISION.
|
|
|
|
|
|
|
|
|
