| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Not many changes, the most important one being a fix in the
directory handling. themis has been removed, and is separately
distributed now.
|
|
- lots of bug fixes
|
|
Changes in ipa-1.3.1 (from the ipa-1.3.1/HISTORY file):
1. Some improvements for ipa(8) were implemented, as a result
ipa(8) now uses less CPU time when works with many rules and
with many limits.
2. Fixed incorrectly rounded Kbytes, Mbytes, Gbytes and Tbytes in
output of ipastat(8).
3. Fixed some minor bugs in ipa(8).
Package changes:
1. Two MASTER_SITES were removed.
2. MAINTAINER email was changed.
3. ALL_TARGET was "disabled", let original Makefile finds
right target.
|
|
Changes: many, at least 1 security related.
|
|
|
|
Jumpgate is a TCP connection forwarder that provides many enhancements
and improvements over the existing programs that do the same thing. It
provides an interactive mode that queries the connected party for the
forwarding information it needs. Also, there is the option to log the
entire forwarded session in a file for later inspection. Furthermore,
it can log information about the forwarded session via the syslog(3)
facility.
|
|
|
|
slurm is a tool to monitor network traffic.
Features:
- realtime traffic statistics divided into incoming and
outgoing optional combined view
- can monitor any kind of network interface (testers welcome!)
- shows detailed statistics about the interface
Pkg submitted by Wolfram <mail@eckigesauge.de> in private mail.
|
|
|
|
remove -I$(top_srcdir)/intl from src/Makefile.am
for systems which have libintl in /usr/lib.
refer /dev/ic/wi_ieee.h for systems which have this file.
(Thanks for the translation, soda!)
|
|
* Compilation fixes
|
|
This version fixes the buffer overflow issue noted in:
http://www.kb.cert.org/vuls/id/916785
Changes:
- follow PKG_SYSCONFDIR
- added rc.d script
- create own user and group
- added MESSAGE with post-install instructions
- removed DEINSTALL
- minor cleanups (this package was really half-baked..)
1.9.1:
======
- src/preprocessors/spp_rpc_decode.c (PreprocRpcDecode):
- alignment errors on non-x86 platforms
- added new space delimited options
alert_fragments
no_alert_multiple_requests
no_alert_large_fragments
no_alert_incomplete
- corrected buffer overflow in fragment normalization
- src/snort.c
- Win32 '-s' parameter wasn't configured to accept an optarg,
but code expected one, causing null-pointer violation.
- Backport of 2.0 fixes for stream4 ( off by one errors on reassembly )
|
|
Changes:
2003-01-22
- 3.1.1v6 released, with support for IPv6
2002-10-08
- 3.1.1 released
2002-07-02
- Updated to buffer input. Much more efficient.
|
|
Fixed the regular expression in RR.pm to comply with the RFCs,
turns our we were _too_ paranoid.
Various cleanups for perl 5.004.
Applied SIG patch.
Added Net::DNS::Resolver::Recurse module.
Applied initialization bug in OPT.pm patch.
Applied patch for udp timeouts.
Fixed a typo in FAQ.pod that was making aropos and whatis
grumpy.
Applied patch for TKEY support.
Added Net::DNS::Packet->safe_push() to allow for automatically
checking for duplicate RRs being pushed into a packet.
Added more tests.
|
|
|
|
portable. Bump PKGREVISION accordingly.
|
|
noted by Yukimitsu Izawa (the author).
|
|
to make it easier to track new versions.
|
|
to make it easier to track new versions.
|
|
to make it easier to track new versions.
|
|
|
|
variables.
Added CONLICTS line to show conflict with radius-cistern. I will also add
a CONFLICTS line to radius-cistern although I will send a PR to have this
situation fixed so that both can coexist.
|
|
|
|
for putting this package together. Closes PR pkg/20013.
I had originally requested this package even though we already had the
Cistern RADIUS package because some terminal servers won't work with
one or the other of these packages. This increases the number of terminal
servers that can work with NetBSD.
from the DESCR file:
All code in this server was written from scratch.
The server is mostly compatible with livingston radiusd-2.01
(no menus or s/key support though) but with more feautures, such as:
o Can limit max. number of simultaneous logins on a per-user basis!
o Multiple DEFAULT entries, that can optionally fall-through.
o In fact, every entry can fall-through
o Deny/permit access based on huntgroup users dials into
o Set certain parameters (such as static IP address) based on huntgroup
o Extra "hints" file that can select SLIP/PPP/rlogin based on
username pattern (Puser or user.ppp is PPP, plain "user" is rlogin etc).
o Can execute an external program when user has authenticated (for example
to run a sendmail queue).
o Can use `$INCLUDE filename' in radiusd.conf, users, and dictionary files
o Can act as a proxy server, relaying requests to a remote server
o Supports Vendor-Specific attributes
o No good documentation at all, just like the original radiusd 1.16!
Then of course for general RADIUS questions, especially if you are using
Livingston / Lucent RABU equipment, there is the portmaster-radius mailing
list. Send mail to portmaster-radius-request@livingston.com to find
out how to subscribe.
|
|
|
|
|
|
|
|
|
|
|
|
PR pkg/20471:
Changes in 1.6.1
================
* UPD: Improve --enable-fhs. [Olaf Hering]
* UPD: Add BDB 4.1.x support.
* UPD: Add more documentation on CNID, as well as list which versions
of Berkeley DB are supported.
* FIX: Codepage file maccode.koi8-r is now correctly cleaned.
* FIX: Fix init script location on SuSE. [Olaf]
* FIX: Build fixes. [Olaf, Steven N. Hirsch]
* FIX: Various bugs when a user doesn't have access permission to a folder.
(Fixes an OSX kernel panic.)
* FIX: CNID, folders' DID handling with concurrent access or symlinks.
(Fixes an endless loop in afpd.)
|
|
|
|
|
|
interactive, as per PR/20424.
Work patches and changes in PR/19782.
|
|
|
|
|
|
Spread is a group communication system that provides a number of
messaging services to applications. These services can then be used
by applications to make it easy to write full-featured reliable
groupware, distributed servers, client-server applications, chat
and news services, and many other networked enabled tools.
|
|
ap-* packages, which are apache-related.
|
|
rebuild the documentation database at install/deinstall time. This means
that:
- PLIST's do not need to call scrollkeeper-{update,rebuilddb} directly;
this is done by a bsd.pkg.install.mk template.
- The share/omf directory is only removed by scrollkeeper, which is the
last package in the dependancy tree.
- PKGREVISION is bumped.
Reviewed by wiz.
|
|
O_RDWR fails in fcbopen case, remember the errno from previous open_file()
call and set errno back to this value if the second open_file() call
fails too
this makes samba report EACCESS instead of confusing ENOENT if creation
of file fails due to insufficient permissions for SMBcreate/SMBmknew call
bump package revision
|
|
add extra ones, all so "libtool" doesn't drop the first "-lcrypt".
|
|
to get the right crypt()! Should close PR pkg/19033.
|
|
* Support for a separate view-only password has been implemented. Now
the servers support two passwords -- one to allow full control,
another to restrict remote keyboard and mouse input.
* New "-x11cursor" option has been implemented in vncviewer. This option
allows using a real X11 cursor with X11-style cursor shape updates,
disables the dot cursor, and disables cursor position updates in
non-fullscreen mode.
* New "RunCommand" command to customize the X11 vncviewer popup menu has
been implemented; a patch from Peter Astrand.
* A problem with Xvnc eating all CPU time after xfs restarts has been
fixed.
* Other minor improvements and bugfixes.
|
|
addresses PR pkg/19416
|
|
|
|
proxycheck is a simple tool that will work on a reasonable *nix system
and may be used to quickly check whenever a given host or set of hosts
has open proxy server running.
Open proxies of various kinds are (ab)used nowadays for various evil
things like sending mass spam, hacking into your machine, making denial
of service attacks (DoS) and the like. Every such machine should be
either secured properly or turned off permanently, but that's not an
option, since in most cases there is either no administrator of such
machines exists at all, or he has no clue about what's on that machine,
or it's irrelevant for him.
Provided by Todd Vierling in PR#20110.
|
|
Note: include files installed in $PREFIX/include/flow-tools,
examples configuration files and scripts installed in
$PREFIX/share/examples/flow-tools, configuration files are expected in
$PKG_SYSCONFDIR/flow-tools.
* 12-12-2002 flow-tools-0.63 released
* ftlib: ftstat.c - More informative error message when invalid field -
patch from wyu@ateneo.edu
* docs: flow-capture - hosts.allow requires flow-capture-client, not
flow-capture - noted by stewart@net.ohio-state.edu
* flow-capture: TCP client port should be same as UDP netflow port - noted
by stewart@net.ohio-state.edu
* ftlib: ftfil.c: moved primitive initialization code to
parse_primitive_type() to avoid state loss when 'default'
or 'mask' keyword used before a permit/deny.
* ftlib: ftfil.c: tos, marked_tos, tcp_flags mask applied to flow not
to a copy - noted by nik.hinson@assurance-dynamics.com
* flow-export -f4 wire format - requested by mikeh@ncsa.uiuc.edu
* docs: flow-print.sgml - document column headers.
* flow-report / ftstat.c - added runtime variable binding and output
path substitution support, ie run with -v ROUTER=NYCM and use
output path '/report/@ROUTER/report-out'
* ftlib: ftvar.c - variable binding functions.
* ftlib: ftstat.c - summary-detail report will produce core if no flows
are processed - noted by rjd@merit.edu
* docs: not all targets included in distribution - noted by
Jeje <jeje@jeje.org>
* ftlib: ftio.c byte order of output not always in synch with flags -
noted by mikeh@ncsa.uiuc.edu
* docs: flow-filter port correction - mhunter@ack.Berkeley.EDU
* ftlib: ftstat.c names option works with IP addresses -- DNS lookups.
req by nik.hinson@assurance-dynamics.com
* ftlib: ftstat.c: min_pps,max_pps,min_bps,max_bps calculations,
reduce memory and CPU footprint if *ps calculations are not selected.
req by nik.hinson@assurance-dynamics.com
* ftlib: ftstat.c: linear-interpolated-flows-octets-packets,first,last,
duration,ip-source-address/source-tag,ip-source-address/destination-tag,
ip-destination-address/source-tag,ip-destination-address/destination-tag,
ip-source/destination-address/source/destination-tag,
ip-source/destination-address/ip-protocol/ip-tos reports.
req by nik.hinson@assurance-dynamics.com
* ftlib: ftstat.c: new fields, index,first,last
req by nik.hinson@assurance-dynamics.com
* ftlib: ftstat.c: integrated mask eval
req by nik.hinson@assurance-dynamics.com
* flow-mask: new - replace mask length based on prefix.
req by nik.hinson@assurance-dynamics.com
* ftlib: fttag.c: tag on tcp-src-port, tcp-dst-port, tcp-port, udp-src-port,
udp-dst-port, udp-port, tos.
req by nik.hinson@assurance-dynamics.com
* ftlib: fttag.c: rework to use jump tables to support more match types
w/o performance impact.
* flow-stat: -f32 did not have symbol lookups enabled, noted by
Michael Redinger <Michael.Redinger@uibk.ac.at
* docs: flow-tag man page example does not work - noted by
Michael.Redinger@uibk.ac.at
* flow-fanout: -V does not work, noted by gritzko@dcn.ru
* 10-15-2002 flow-tools-0.62 released
* ftlib: ftstat.c: fcount displayed (flows counted in pps and bbs calcs)
* build: localstatedir no longer hardcoded to /var/ft. man and html pages
have localstatedir substitution.
* ftlib: ftstat.c: multiple output per report, output to a pipe,
source/destination address format, source/destination address count
report.
* flow-import: -m allows ascii input. #:<fields> in ascii output
automatically parsed as -m option.
* flow-export: fix -m, -m now allows ascii input, ie -m unix_secs,dpkts,doctets
* ftlib: ftstat.c masked tag not restored if filter evaluated to DENY.
* ftlib: ftstat.c bucket record count in header not correct.
* ftlib: ftstat.c ip-address and ip-port to pick up flow-stat -f7 and -f11
style reports. noted by acidic@apricot.fruit.org
* flow-cat / flow-receive: Pay closer attention to FT_FIELD_CAP_START and
FT_FIELD_CAP_END so a bogus capture period is not displayed on
output from flow-receive > file. noted by ylee@net2phone.com
* flow-print: Missing leading 0's on msec formats, noted by
ertoz@cs.umn.edu
* ftlib: ftfil.c: use consistent naming with flow-report
* flow-fanout, flow-receive, flow-capture: handle interrupted recvmsg()
syscall which happens on some linux MP configurations.
* ftlib: ftfil.c - pps/bps not handled correctly - patch from jon@pdx.edu
* flow-print - format 24 from Christian.Bauer@NEFonline.de
* flow-import - Cisco NFC format from torppa@polykoira.megabaud.fi
* flow-capture - more informative err message on bind() failure - noted by
stewart@net.ohio-state.edu
* docs: flow-capture.sgml - no -o option - noted by stewart@net.ohio-state.edu
* flow-search - remove hard coded path, noted by stewart@net.ohio-state.edu
* ftlib: ftdecode.c - ftpdu_verify() can segv on invalid packets < 4 bytes
noted by Eric Stewart stewart@net.ohio-state.edu
* ftlib: ftfil.c - PERMIT/DENY reversed for many when default PERMIT --
noted by Gerhard.Haindl@t-systems.at
* ftlib: ftstat.c - tag mask before filter - noted by wyu@ateneo.edu
* 8-27-2002 flow-tools-0.61 released
* ftlib: strtoull.c - missing ULLONG_MAX - noted by papaleonardos.3@osu.edu
* build: --with-mysql allows path, ie --with-mysql=/usr/local
* ftlib: ftstat.c - don't require FT_XFIELD_SRC_MASK / FT_XFIELD_DST_MASK -
dynamically add the requirement when FT_STAT_OPT_PREFIX_* is set -
noted by mw@uk.yahoo-inc.com
* ftlib: ftio.c - more informative warning when trying to process non
flow-tools files.
* ftlib: ftfile.c - more informative warning when ignoring files.
* ftlib: fttag.c - parser requires 'type' for a match and 'term' in a
definition.
* ftlib: ftdecode.c - allow padded Cat 6K packets.
* flow-receive, flow-capture: no longer need ftio_set_xip() - noted by
mw@uk.yahoo-inc.com
* flow-tag, ftstat: allow retagging - noted by clay@opus.bloomcounty.org
* flow-cat: cleanup error message
* flow-export: len = 0, mysql typo
* ftlib: ftstat.c missed a few , - noted by nik.hinson@assurance-dynamics.com
* 8-15-2002 flow-tools-0.60 released
* flow-capture,flow-receive,flow-fanout: add filter option.
* flow-export: MySQL support based on patch from wyu@ateneo.edu
* ftlib: ftfil.c pps and bps filter.
* build: scripts in bin directory get installed
* build/ftlib: added BSD strtoull.c for DEC portability - noted by
shane.dawalt@wright.edu
* flow-report: future replacement for flow-stat
* ftlib: added ftstat.c - stats and report library
* ftlib: FT_RECGET_* macros
* docs: updated documentation.
* configs: updated asn.txt and asn symbol file
* ftlib: fmt.c - fmt_ipv4prefix() was not processing 0/0 correctly.
* ftlib: ftfil.c - fix memory leak with ftd->name and ftfil->name
* ftlib: ftfil.c - delay primitive resolution until file is parsed
-- a filter-definition can precede a filter-primitive
* ftlib: ftfil.c - time only primitive implemented. Req by wyu@ateneo.edu
|
|
|
|
UDPTunnel is a small program which can tunnel UDP packets bi-directionally
over a TCP connection. Its primary purpose (and original motivation) is to
allow multi-media conferences to traverse a firewall which allows only
outgoing TCP connections.
|
|
Patch from Adrian Portelli via PR pkg/20360.
Changes:
1.3.2:
======
- Fix portability issues with tcpprep cache files
- Fix 'make test' on big-endian systems
1.3.1:
======
- Fix packaging error with libredblack
- Fix configure/makefile so libredblack get's configured with tcpreplay
which should prevent the packaging error from happening again
- Fix possible libnet 1.0.x version detection bug
1.3.0:
======
- Re-release 1.3.beta6 as 1.3.0
1.3.beta6:
==========
- Improve cross platform compatibility of test subsystem
- Fix bug in Makefile which caused possible failures of clean/distclean
- Fix bug with CCFLAGS when using --with-debug
- Fix bug with -x/-X which would drop/send all packets in certain
conditions
- Update libredblack to 1.2 (latest)
- Add support for OSX
- Add --with-testnic and --with-testnic2 to allow end user to specify
specific network cards to be used for 'make test'
- Fixes SIGBUS errors on SPARC
1.3-beta5:
==========
- Add testing subsystem
- Fix segfault when we don't send a packet
- Improve debug output support in dbg()
1.3-beta4:
==========
- Updated tcpprep man page with -x and -X options
- Now supports (again) the include/exclude options in the config file
- Fixed -x|-X sanity check in tcpprep/tcpreplay
1.3-beta3:
==========
- Fix compile of list.c under FreeBSD 4.7 and others
- Add -x|-X to tcpprep
- Modify cache file format to be 2 bits/packet to allow caching of
-x|-X args (dropping packets)
- Modularize some more code
1.3-beta2:
==========
- Fix ./configure bug w/ INET_ATON and INET_ADDR
- Add support for filtering packets to send based on
IP address or packet number (-x & -X)
- Move a lot of code from tcpreplay.c to do_packets.c
- Update tcpreplay man page
1.3-beta1:
==========
- Add support for randomizing IP addresses (-s)
- Update tcpreplay man page
- Fix problem with checksums after untruncate
|
|
|
