| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
* Support for building on Win32 (Tor Lillqvist)
|
|
not being defined, so alloca.h was never included).
fixes build with sunpro.
|
|
|
|
|
|
version of OpenVPN.
|
|
version of OpenVPN.
|
|
include:
Adding a highly scalable server for handling multiple TCP/UDP
clients over point-to-point TUN interfaces, all using a single
port number. The server has been designed so that it can run with
reduced privilege.
On the client side, "pull" has been added, which basically says
"accept certain config file options which the server pushes back
to you." The major win of the push/pull capability is that the
same client configuration file can be used on each client provided
each client has its own set of SSL/TLS keys which have been signed
by the master CA.
A management interface has been developed which can be used to
remotely control or centrally manage an OpenVPN daemon.
"remote" can now specify a set of machines, or a hostname can be
configured with multiple addresses in DNS. A server will be
randomly chosen from the list, and if the connect fails, another
will be tried (see the "remote-random" option)
A package for easy RSA key management (easy-rsa-2.0rc1) has been
included to aid in generating SSL keys and certificates for use
with OpenVPN.
|
|
Fix a serious bug in fragment sizes of files being >= 256K. The bug wasted a
lot of data store space and traffic.
|
|
|
|
|
|
Bump PKGREVISION
|
|
If you are using this package make note of the distribution change
mentioned below. I have update the MESSAGE to inform users of this and
there is now also a net/snort-rules package with the community rules.
> [*] Distribution Change
> * Rules are no longer distributed as part of the Snort releases, they are
> available as a separate download from snort.org. This was done for
> three reasons:
> 1) To better manage the new rules licensing.
> 2) To reduce the size of the engine download.
> 3) To move the thousands of documentation files for the rules into
> the rules tarballs. If you've ever checked Snort out of CVS you'll
> know why this is a Good Thing.
>
> [*] New additions
> * Added new IP defragmentation preprocessor, Frag3. The frag3 preprocessor
> is a target-based IP defragmentation module, and is intended as a
> replacement for the frag2 module. Check out the README.frag3 for full
> info on this new preprocessor.
>
> * Libprelude support has been added (enable with --enable-prelude).
> Thanks Yoann Vandoorselaere!
>
> * An "ftpbounce" rule detection plugin was added for easier detection of
> FTP bounce attacks.
>
> * Added a new Snort config option, "ignore_ports," to ignore packets
> based on port number. This is similar to bpf filters, but done within
> snort.conf.
>
> [*] Improvements
> * Snort startup messages printed in syslog now contain a PID before each
> entry. Thanks Sekure for initially bringing this up.
>
> * Stream4: Performance improvements.
>
> * Stream4: Added 'max_session_limit' option which limits number of
> concurrent sessions tracked. Added favor_old/favor_new options that
> affect order in which packets are put together for reassembly.
>
> * Stream4: New configuration options to manage flushpoints for improved
> anti-evasion. The flush_behavior option selects flushpoint management
> mode. New flush_base, flush_range, and flush_seed manage randomized
> flushing. Check out the snort.conf file for full config data on the
> new flush options.
>
> * Added two more alerts for BackOrifice client and server packets. This
> allows specific alerts to be suppressed.
>
> * PerfMon preprocessor updated to include more detailed stats for rebuilt
> packets (applayer, wire, fragmented & TCP). Also added 'atexitonly'
> option that dumps stats at exit of snort, and command line -Z flag to
> specify the file to which stats are logged.
>
> * Added new Http Inspect config item, "tab_uri_delimiter," which if
> specified, lets a tab character (0x09) act as the delimiter for a URI.
>
> * Added a '-G' command line flag to snort that specifies the Snort
> instance log identifier. It takes a single argument that can be either
> hex (prefaced with 0x) or decimal. The unified log files will include
> the instance ID when the -G flag is used.
>
> * "Same SRC/DST" (sid 527) and "Loopback Traffic" (sid 528) are now
> handled in the IP decoder. Those sids are now considered obsolete.
>
> * Http_Inspect "flow_depth" option now accepts a -1 value which tells
> Snort to ignore all server-side traffic.
>
> * RPMs have been updated to be more portable, and also now include a
> "--with inline" option for those wanting to build Inline RPMs. Thanks
> Daniel Wittenberg and JP Vossen for your help!
>
> * Many, many bug fixes have also gone into this release, please see the
> ChangeLog for details.
|
|
Ride initial import
|
|
|
|
community. While these rules are available as is, the VRT performs basic tests
to ensure that new rules will not break Snort. These rules are distributed
under the GPL and are freely available to all open source Snort users.
|
|
|
|
layers 2, 3, 4 and 7.
Basically, you forge each layer of a frame (Net::Packet::IPv4 for layer 3,
Net::Packet::TCP for layer 4 ; for example), and pack all of this into a
Net::Packet::Frame object. Then, you can send the frame to the network, and
receive it easily, since the response is automatically searched for and
matched against the request.
|
|
|
|
formats described by RFC1884. If Math::Base85 is installed, formats
described in RFC1924 are also valid. It will generate "IP6.INT."
strings (as described in RFC1886) if you are inclined to play with
DNS records.
|
|
|
|
in traditional address/netmask format and in the new CIDR format.
There are also methods for calculating the network and broadcast
address and also to see check if a given address is in a specific
network.
|
|
Bump to nb2
|
|
changes:
-Enabled code for shutting down idle sockd processes.
-Return immediate error if username/password is wrong
-better preserve TCP semantics across connections
-bugfixes
|
|
according to rfc2251 the credentials are indeed "context specific"
(in terms of ASN.1)
bump PKGREVISION
|
|
and other streaming media client don't use that protocol any more.
|
|
changes:
* fix a bug when uncomplete aor is provided in registration.
* forget to allow record-routing for SUBSCRIBE and NOTIFY.
* new option to reload regularly ip for server without fixed ip.
* Send 403 Forbidden for wrong login. (instead of 404)
|
|
|
|
Georg Schwarz in pkgsrc-wip
|
|
is not the maintainer.
|
|
* Changes in zebra
** IRDP support is added.
* Changes in ripd
** Set receive UDP socket buffer to large value.
* Changes in ospfd
** Fix problem of OpenBSD-3.4 IP header length treatment.
* Changes in ospf6d
** Area support is added.
* Changes in bgpd
** Old commands are removed
"show ipv6 summary"
"show ipv6 mbgp summary"
** New ospf6d implementation is introduced. This is rewrite of whole
ospf6d code to make it far much better than old code.
* Changes in vtysh
** Many bugs and problems are fixed. All of user of vtysh should
update to zebra-0.95.
|
|
|
|
file's sole purpose was to provide a dependency on pkg-config and set
some environment variables. Instead, turn pkg-config into a "tool"
in the tools framework, where the pkg-config wrapper automatically
adds PKG_CONFIG_LIBDIR to the environment before invoking the real
pkg-config.
For all package Makefiles that included pkg-config/buildlink3.mk, remove
that inclusion and replace it with USE_TOOLS+=pkg-config.
|
|
For UNIX, 1.3.87 is the latest version in the 1.4 release cycle.
It includes several Linux client fixes as well as portability changes.
For UNIX, 1.3.86 is the latest version in the 1.4 release cycle.
It includes several Linux client fixes as well as portability changes.
http://openafs.org/frameset/dl/openafs/1.3.87/ChangeLog
|
|
was copied in pre-patch wasn't applied.
This fix an installation problem.
|
|
|
|
and capture
|
|
distribution)
|
|
|
|
bump PKGREVISION
|
|
Bump package revision because of this change.
|
|
|
|
|
|
Tor 0.1.0.14 fixes the second half of an important bug in the security of
our crypto handshakes. This time for sure. :) All clients should upgrade.
o Bugfixes on 0.1.0.x:
- Fix the other half of the bug with crypto handshakes.
- Fix an assert trigger if you send a 'signal term' via the
controller when it's listening for 'event info' messages.
|
|
* A bug fix
|
|
Requested by Joerg Sonnenberger.
|
|
Also enable the enable_bad_libc_workaround by default for NetBSD,
FreeBSD, OpenBSD and Darwin.
Changes in this release:
- Identify trackerless torrent files
- Not saving pause/play state across invocations of the GUI
- Small fixes to windows installer and corrupt config file recovery
- A number of small bug fixes
|
|
as operating system version specific and bump package version.
|
|
|
|
|
|
|
