--- snort-2.3.3.orig/src/sfutil/Makefile.in +++ snort-2.3.3/src/sfutil/Makefile.in @@ -1,8 +1,8 @@ -# Makefile.in generated by automake 1.6.3 from Makefile.am. +# Makefile.in generated by automake 1.9.6 from Makefile.am. # @configure_input@ -# Copyright 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002 -# Free Software Foundation, Inc. +# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +# 2003, 2004, 2005 Free Software Foundation, Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -13,77 +13,151 @@ # PARTICULAR PURPOSE. @SET_MAKE@ -SHELL = @SHELL@ srcdir = @srcdir@ top_srcdir = @top_srcdir@ VPATH = @srcdir@ -prefix = @prefix@ -exec_prefix = @exec_prefix@ - -bindir = @bindir@ -sbindir = @sbindir@ -libexecdir = @libexecdir@ -datadir = @datadir@ -sysconfdir = @sysconfdir@ -sharedstatedir = @sharedstatedir@ -localstatedir = @localstatedir@ -libdir = @libdir@ -infodir = @infodir@ -mandir = @mandir@ -includedir = @includedir@ -oldincludedir = /usr/include pkgdatadir = $(datadir)/@PACKAGE@ pkglibdir = $(libdir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ top_builddir = ../.. - -ACLOCAL = @ACLOCAL@ -AUTOCONF = @AUTOCONF@ -AUTOMAKE = @AUTOMAKE@ -AUTOHEADER = @AUTOHEADER@ - am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd INSTALL = @INSTALL@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_DATA = @INSTALL_DATA@ install_sh_DATA = $(install_sh) -c -m 644 install_sh_PROGRAM = $(install_sh) -c install_sh_SCRIPT = $(install_sh) -c -INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_HEADER = $(INSTALL_DATA) -transform = @program_transform_name@ +transform = $(program_transform_name) NORMAL_INSTALL = : PRE_INSTALL = : POST_INSTALL = : NORMAL_UNINSTALL = : PRE_UNINSTALL = : POST_UNINSTALL = : -host_alias = @host_alias@ +build_triplet = @build@ host_triplet = @host@ - -EXEEXT = @EXEEXT@ -OBJEXT = @OBJEXT@ -PATH_SEPARATOR = @PATH_SEPARATOR@ +subdir = src/sfutil +DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in +ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 +am__aclocal_m4_deps = $(top_srcdir)/configure.in +am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ + $(ACLOCAL_M4) +mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs +CONFIG_HEADER = $(top_builddir)/config.h +CONFIG_CLEAN_FILES = +LIBRARIES = $(noinst_LIBRARIES) +AR = ar +ARFLAGS = cru +libsfutil_a_AR = $(AR) $(ARFLAGS) +libsfutil_a_LIBADD = +am_libsfutil_a_OBJECTS = sfghash.$(OBJEXT) sfhashfcn.$(OBJEXT) \ + sflsq.$(OBJEXT) sfmemcap.$(OBJEXT) sfthd.$(OBJEXT) \ + sfxhash.$(OBJEXT) ipobj.$(OBJEXT) mwm.$(OBJEXT) \ + sfksearch.$(OBJEXT) acsmx.$(OBJEXT) acsmx2.$(OBJEXT) \ + mpse.$(OBJEXT) util_math.$(OBJEXT) util_net.$(OBJEXT) \ + util_str.$(OBJEXT) asn1.$(OBJEXT) sfeventq.$(OBJEXT) \ + sfsnprintfappend.$(OBJEXT) +libsfutil_a_OBJECTS = $(am_libsfutil_a_OBJECTS) +DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir) +depcomp = +am__depfiles_maybe = +COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ + $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +CCLD = $(CC) +LINK = $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@ +SOURCES = $(libsfutil_a_SOURCES) +DIST_SOURCES = $(libsfutil_a_SOURCES) +ETAGS = etags +CTAGS = ctags +DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) +ACLOCAL = @ACLOCAL@ +AMDEP_FALSE = @AMDEP_FALSE@ +AMDEP_TRUE = @AMDEP_TRUE@ AMTAR = @AMTAR@ +AUTOCONF = @AUTOCONF@ +AUTOHEADER = @AUTOHEADER@ +AUTOMAKE = @AUTOMAKE@ AWK = @AWK@ CC = @CC@ +CCDEPMODE = @CCDEPMODE@ +CFLAGS = @CFLAGS@ +CPP = @CPP@ +CPPFLAGS = @CPPFLAGS@ +CYGPATH_W = @CYGPATH_W@ +DEFS = @DEFS@ DEPDIR = @DEPDIR@ - +ECHO_C = @ECHO_C@ +ECHO_N = @ECHO_N@ +ECHO_T = @ECHO_T@ +EGREP = @EGREP@ +EXEEXT = @EXEEXT@ INCLUDES = @INCLUDES@ +INSTALL_DATA = @INSTALL_DATA@ +INSTALL_PROGRAM = @INSTALL_PROGRAM@ +INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +LDFLAGS = @LDFLAGS@ +LIBOBJS = @LIBOBJS@ +LIBS = @LIBS@ +LTLIBOBJS = @LTLIBOBJS@ +MAINT = @MAINT@ +MAINTAINER_MODE_FALSE = @MAINTAINER_MODE_FALSE@ +MAINTAINER_MODE_TRUE = @MAINTAINER_MODE_TRUE@ +MAKEINFO = @MAKEINFO@ +OBJEXT = @OBJEXT@ PACKAGE = @PACKAGE@ +PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +PACKAGE_NAME = @PACKAGE_NAME@ +PACKAGE_STRING = @PACKAGE_STRING@ +PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_VERSION = @PACKAGE_VERSION@ +PATH_SEPARATOR = @PATH_SEPARATOR@ RANLIB = @RANLIB@ +SET_MAKE = @SET_MAKE@ +SHELL = @SHELL@ STRIP = @STRIP@ VERSION = @VERSION@ +ac_ct_CC = @ac_ct_CC@ +ac_ct_RANLIB = @ac_ct_RANLIB@ +ac_ct_STRIP = @ac_ct_STRIP@ +am__fastdepCC_FALSE = @am__fastdepCC_FALSE@ +am__fastdepCC_TRUE = @am__fastdepCC_TRUE@ am__include = @am__include@ +am__leading_dot = @am__leading_dot@ am__quote = @am__quote@ +am__tar = @am__tar@ +am__untar = @am__untar@ +bindir = @bindir@ +build = @build@ +build_alias = @build_alias@ +build_cpu = @build_cpu@ +build_os = @build_os@ +build_vendor = @build_vendor@ +datadir = @datadir@ +exec_prefix = @exec_prefix@ extra_incl = @extra_incl@ +host = @host@ +host_alias = @host_alias@ +host_cpu = @host_cpu@ +host_os = @host_os@ +host_vendor = @host_vendor@ +includedir = @includedir@ +infodir = @infodir@ install_sh = @install_sh@ +libdir = @libdir@ +libexecdir = @libexecdir@ +localstatedir = @localstatedir@ +mandir = @mandir@ +mkdir_p = @mkdir_p@ +oldincludedir = @oldincludedir@ +prefix = @prefix@ +program_transform_name = @program_transform_name@ +sbindir = @sbindir@ +sharedstatedir = @sharedstatedir@ +sysconfdir = @sysconfdir@ +target_alias = @target_alias@ AUTOMAKE_OPTIONS = foreign no-dependencies - noinst_LIBRARIES = libsfutil.a - libsfutil_a_SOURCES = sfghash.c sfghash.h \ sfhashfcn.c sfhashfcn.h \ sflsq.c sflsq.h \ @@ -104,50 +178,39 @@ sfeventq.c sfeventq.h \ sfsnprintfappend.c sfsnprintfappend.h -subdir = src/sfutil -mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs -CONFIG_HEADER = $(top_builddir)/config.h -CONFIG_CLEAN_FILES = -LIBRARIES = $(noinst_LIBRARIES) - -libsfutil_a_AR = $(AR) cru -libsfutil_a_LIBADD = -am_libsfutil_a_OBJECTS = sfghash.$(OBJEXT) sfhashfcn.$(OBJEXT) \ - sflsq.$(OBJEXT) sfmemcap.$(OBJEXT) sfthd.$(OBJEXT) \ - sfxhash.$(OBJEXT) ipobj.$(OBJEXT) mwm.$(OBJEXT) \ - sfksearch.$(OBJEXT) acsmx.$(OBJEXT) acsmx2.$(OBJEXT) \ - mpse.$(OBJEXT) util_math.$(OBJEXT) util_net.$(OBJEXT) \ - util_str.$(OBJEXT) asn1.$(OBJEXT) sfeventq.$(OBJEXT) \ - sfsnprintfappend.$(OBJEXT) -libsfutil_a_OBJECTS = $(am_libsfutil_a_OBJECTS) - -DEFS = @DEFS@ -DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir) -CPPFLAGS = @CPPFLAGS@ -LDFLAGS = @LDFLAGS@ -LIBS = @LIBS@ -depcomp = -am__depfiles_maybe = -COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ - $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -CCLD = $(CC) -LINK = $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@ -CFLAGS = @CFLAGS@ -DIST_SOURCES = $(libsfutil_a_SOURCES) -DIST_COMMON = Makefile.am Makefile.in -SOURCES = $(libsfutil_a_SOURCES) - all: all-am .SUFFIXES: .SUFFIXES: .c .o .obj -$(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) +$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps) + @for dep in $?; do \ + case '$(am__configure_deps)' in \ + *$$dep*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ + && exit 0; \ + exit 1;; \ + esac; \ + done; \ + echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign src/sfutil/Makefile'; \ cd $(top_srcdir) && \ $(AUTOMAKE) --foreign src/sfutil/Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe) - -AR = ar +.PRECIOUS: Makefile +Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status + @case '$?' in \ + *config.status*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ + *) \ + echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ + cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ + esac; + +$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh + +$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh clean-noinstLIBRARIES: -test -z "$(noinst_LIBRARIES)" || rm -f $(noinst_LIBRARIES) @@ -157,23 +220,18 @@ $(RANLIB) libsfutil.a mostlyclean-compile: - -rm -f *.$(OBJEXT) core *.core + -rm -f *.$(OBJEXT) distclean-compile: -rm -f *.tab.c .c.o: - $(COMPILE) -c `test -f '$<' || echo '$(srcdir)/'`$< + $(COMPILE) -c $< .c.obj: - $(COMPILE) -c `cygpath -w $<` + $(COMPILE) -c `$(CYGPATH_W) '$<'` uninstall-info-am: -ETAGS = etags -ETAGSFLAGS = - -tags: TAGS - ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ @@ -182,6 +240,7 @@ $(AWK) ' { files[$$0] = 1; } \ END { for (i in files) print i; }'`; \ mkid -fID $$unique +tags: TAGS TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) @@ -193,8 +252,24 @@ done | \ $(AWK) ' { files[$$0] = 1; } \ END { for (i in files) print i; }'`; \ - test -z "$(ETAGS_ARGS)$$tags$$unique" \ - || $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$tags $$unique; \ + fi +ctags: CTAGS +CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + tags=; \ + here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) ' { files[$$0] = 1; } \ + END { for (i in files) print i; }'`; \ + test -z "$(CTAGS_ARGS)$$tags$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ $$tags $$unique GTAGS: @@ -203,19 +278,21 @@ && gtags -i $(GTAGS_ARGS) $$here distclean-tags: - -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) - -top_distdir = ../.. -distdir = $(top_distdir)/$(PACKAGE)-$(VERSION) + -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags distdir: $(DISTFILES) - @list='$(DISTFILES)'; for file in $$list; do \ + @srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; \ + topsrcdirstrip=`echo "$(top_srcdir)" | sed 's|.|.|g'`; \ + list='$(DISTFILES)'; for file in $$list; do \ + case $$file in \ + $(srcdir)/*) file=`echo "$$file" | sed "s|^$$srcdirstrip/||"`;; \ + $(top_srcdir)/*) file=`echo "$$file" | sed "s|^$$topsrcdirstrip/|$(top_builddir)/|"`;; \ + esac; \ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ dir=`echo "$$file" | sed -e 's,/[^/]*$$,,'`; \ if test "$$dir" != "$$file" && test "$$dir" != "."; then \ dir="/$$dir"; \ - $(mkinstalldirs) "$(distdir)$$dir"; \ + $(mkdir_p) "$(distdir)$$dir"; \ else \ dir=''; \ fi; \ @@ -233,9 +310,7 @@ check-am: all-am check: check-am all-am: Makefile $(LIBRARIES) - installdirs: - install: install-am install-exec: install-exec-am install-data: install-data-am @@ -247,7 +322,7 @@ installcheck: installcheck-am install-strip: $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - INSTALL_STRIP_FLAG=-s \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ `test -z '$(STRIP)' || \ echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install mostlyclean-generic: @@ -255,7 +330,7 @@ clean-generic: distclean-generic: - -rm -f Makefile $(CONFIG_CLEAN_FILES) + -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) maintainer-clean-generic: @echo "This command is intended for maintainers to use" @@ -265,7 +340,7 @@ clean-am: clean-generic clean-noinstLIBRARIES mostlyclean-am distclean: distclean-am - + -rm -f Makefile distclean-am: clean-am distclean-compile distclean-generic \ distclean-tags @@ -273,6 +348,8 @@ dvi-am: +html: html-am + info: info-am info-am: @@ -288,24 +365,33 @@ installcheck-am: maintainer-clean: maintainer-clean-am - + -rm -f Makefile maintainer-clean-am: distclean-am maintainer-clean-generic mostlyclean: mostlyclean-am mostlyclean-am: mostlyclean-compile mostlyclean-generic +pdf: pdf-am + +pdf-am: + +ps: ps-am + +ps-am: + uninstall-am: uninstall-info-am -.PHONY: GTAGS all all-am check check-am clean clean-generic \ - clean-noinstLIBRARIES distclean distclean-compile \ - distclean-generic distclean-tags distdir dvi dvi-am info \ - info-am install install-am install-data install-data-am \ - install-exec install-exec-am install-info install-info-am \ - install-man install-strip installcheck installcheck-am \ - installdirs maintainer-clean maintainer-clean-generic \ - mostlyclean mostlyclean-compile mostlyclean-generic tags \ - uninstall uninstall-am uninstall-info-am +.PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \ + clean-noinstLIBRARIES ctags distclean distclean-compile \ + distclean-generic distclean-tags distdir dvi dvi-am html \ + html-am info info-am install install-am install-data \ + install-data-am install-exec install-exec-am install-info \ + install-info-am install-man install-strip installcheck \ + installcheck-am installdirs maintainer-clean \ + maintainer-clean-generic mostlyclean mostlyclean-compile \ + mostlyclean-generic pdf pdf-am ps ps-am tags uninstall \ + uninstall-am uninstall-info-am # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. --- snort-2.3.3.orig/src/win32/Makefile.in +++ snort-2.3.3/src/win32/Makefile.in @@ -1,8 +1,8 @@ -# Makefile.in generated by automake 1.6.3 from Makefile.am. +# Makefile.in generated by automake 1.9.6 from Makefile.am. # @configure_input@ -# Copyright 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002 -# Free Software Foundation, Inc. +# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +# 2003, 2004, 2005 Free Software Foundation, Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -13,72 +13,128 @@ # PARTICULAR PURPOSE. @SET_MAKE@ -SHELL = @SHELL@ - srcdir = @srcdir@ top_srcdir = @top_srcdir@ VPATH = @srcdir@ -prefix = @prefix@ -exec_prefix = @exec_prefix@ - -bindir = @bindir@ -sbindir = @sbindir@ -libexecdir = @libexecdir@ -datadir = @datadir@ -sysconfdir = @sysconfdir@ -sharedstatedir = @sharedstatedir@ -localstatedir = @localstatedir@ -libdir = @libdir@ -infodir = @infodir@ -mandir = @mandir@ -includedir = @includedir@ -oldincludedir = /usr/include pkgdatadir = $(datadir)/@PACKAGE@ pkglibdir = $(libdir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ top_builddir = ../.. - -ACLOCAL = @ACLOCAL@ -AUTOCONF = @AUTOCONF@ -AUTOMAKE = @AUTOMAKE@ -AUTOHEADER = @AUTOHEADER@ - am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd INSTALL = @INSTALL@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_DATA = @INSTALL_DATA@ install_sh_DATA = $(install_sh) -c -m 644 install_sh_PROGRAM = $(install_sh) -c install_sh_SCRIPT = $(install_sh) -c -INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_HEADER = $(INSTALL_DATA) -transform = @program_transform_name@ +transform = $(program_transform_name) NORMAL_INSTALL = : PRE_INSTALL = : POST_INSTALL = : NORMAL_UNINSTALL = : PRE_UNINSTALL = : POST_UNINSTALL = : -host_alias = @host_alias@ +build_triplet = @build@ host_triplet = @host@ - -EXEEXT = @EXEEXT@ -OBJEXT = @OBJEXT@ -PATH_SEPARATOR = @PATH_SEPARATOR@ +subdir = src/win32 +DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in +ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 +am__aclocal_m4_deps = $(top_srcdir)/configure.in +am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ + $(ACLOCAL_M4) +mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs +CONFIG_HEADER = $(top_builddir)/config.h +CONFIG_CLEAN_FILES = +depcomp = +am__depfiles_maybe = +SOURCES = +DIST_SOURCES = +DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) +ACLOCAL = @ACLOCAL@ +AMDEP_FALSE = @AMDEP_FALSE@ +AMDEP_TRUE = @AMDEP_TRUE@ AMTAR = @AMTAR@ +AUTOCONF = @AUTOCONF@ +AUTOHEADER = @AUTOHEADER@ +AUTOMAKE = @AUTOMAKE@ AWK = @AWK@ CC = @CC@ +CCDEPMODE = @CCDEPMODE@ +CFLAGS = @CFLAGS@ +CPP = @CPP@ +CPPFLAGS = @CPPFLAGS@ +CYGPATH_W = @CYGPATH_W@ +DEFS = @DEFS@ DEPDIR = @DEPDIR@ +ECHO_C = @ECHO_C@ +ECHO_N = @ECHO_N@ +ECHO_T = @ECHO_T@ +EGREP = @EGREP@ +EXEEXT = @EXEEXT@ INCLUDES = @INCLUDES@ +INSTALL_DATA = @INSTALL_DATA@ +INSTALL_PROGRAM = @INSTALL_PROGRAM@ +INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +LDFLAGS = @LDFLAGS@ +LIBOBJS = @LIBOBJS@ +LIBS = @LIBS@ +LTLIBOBJS = @LTLIBOBJS@ +MAINT = @MAINT@ +MAINTAINER_MODE_FALSE = @MAINTAINER_MODE_FALSE@ +MAINTAINER_MODE_TRUE = @MAINTAINER_MODE_TRUE@ +MAKEINFO = @MAKEINFO@ +OBJEXT = @OBJEXT@ PACKAGE = @PACKAGE@ +PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +PACKAGE_NAME = @PACKAGE_NAME@ +PACKAGE_STRING = @PACKAGE_STRING@ +PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_VERSION = @PACKAGE_VERSION@ +PATH_SEPARATOR = @PATH_SEPARATOR@ RANLIB = @RANLIB@ +SET_MAKE = @SET_MAKE@ +SHELL = @SHELL@ STRIP = @STRIP@ VERSION = @VERSION@ +ac_ct_CC = @ac_ct_CC@ +ac_ct_RANLIB = @ac_ct_RANLIB@ +ac_ct_STRIP = @ac_ct_STRIP@ +am__fastdepCC_FALSE = @am__fastdepCC_FALSE@ +am__fastdepCC_TRUE = @am__fastdepCC_TRUE@ am__include = @am__include@ +am__leading_dot = @am__leading_dot@ am__quote = @am__quote@ +am__tar = @am__tar@ +am__untar = @am__untar@ +bindir = @bindir@ +build = @build@ +build_alias = @build_alias@ +build_cpu = @build_cpu@ +build_os = @build_os@ +build_vendor = @build_vendor@ +datadir = @datadir@ +exec_prefix = @exec_prefix@ extra_incl = @extra_incl@ +host = @host@ +host_alias = @host_alias@ +host_cpu = @host_cpu@ +host_os = @host_os@ +host_vendor = @host_vendor@ +includedir = @includedir@ +infodir = @infodir@ install_sh = @install_sh@ +libdir = @libdir@ +libexecdir = @libexecdir@ +localstatedir = @localstatedir@ +mandir = @mandir@ +mkdir_p = @mkdir_p@ +oldincludedir = @oldincludedir@ +prefix = @prefix@ +program_transform_name = @program_transform_name@ +sbindir = @sbindir@ +sharedstatedir = @sharedstatedir@ +sysconfdir = @sysconfdir@ +target_alias = @target_alias@ # $Id: Makefile.am,v 1.10 2004/06/23 15:01:01 jhewlett Exp $ AUTOMAKE_OPTIONS = foreign no-dependencies @@ -176,39 +232,60 @@ ./WIN32-Prj/snort.dsw \ ./WIN32-Prj/snort.mak -subdir = src/win32 -mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs -CONFIG_HEADER = $(top_builddir)/config.h -CONFIG_CLEAN_FILES = -depcomp = -am__depfiles_maybe = -DIST_SOURCES = -DIST_COMMON = Makefile.am Makefile.in all: all-am .SUFFIXES: -$(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) +$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps) + @for dep in $?; do \ + case '$(am__configure_deps)' in \ + *$$dep*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ + && exit 0; \ + exit 1;; \ + esac; \ + done; \ + echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign src/win32/Makefile'; \ cd $(top_srcdir) && \ $(AUTOMAKE) --foreign src/win32/Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe) +.PRECIOUS: Makefile +Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status + @case '$?' in \ + *config.status*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ + *) \ + echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ + cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ + esac; + +$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh + +$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh uninstall-info-am: tags: TAGS TAGS: -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) +ctags: CTAGS +CTAGS: -top_distdir = ../.. -distdir = $(top_distdir)/$(PACKAGE)-$(VERSION) distdir: $(DISTFILES) - $(mkinstalldirs) $(distdir)/./WIN32-Code $(distdir)/./WIN32-Includes $(distdir)/./WIN32-Includes/NET $(distdir)/./WIN32-Includes/NETINET $(distdir)/./WIN32-Includes/libnet $(distdir)/./WIN32-Includes/mysql $(distdir)/./WIN32-Includes/rpc $(distdir)/./WIN32-Libraries $(distdir)/./WIN32-Libraries/libnet $(distdir)/./WIN32-Libraries/mysql $(distdir)/./WIN32-Prj - @list='$(DISTFILES)'; for file in $$list; do \ + $(mkdir_p) $(distdir)/./WIN32-Code $(distdir)/./WIN32-Includes $(distdir)/./WIN32-Includes/NET $(distdir)/./WIN32-Includes/NETINET $(distdir)/./WIN32-Includes/libnet $(distdir)/./WIN32-Includes/mysql $(distdir)/./WIN32-Includes/rpc $(distdir)/./WIN32-Libraries $(distdir)/./WIN32-Libraries/libnet $(distdir)/./WIN32-Libraries/mysql $(distdir)/./WIN32-Prj + @srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; \ + topsrcdirstrip=`echo "$(top_srcdir)" | sed 's|.|.|g'`; \ + list='$(DISTFILES)'; for file in $$list; do \ + case $$file in \ + $(srcdir)/*) file=`echo "$$file" | sed "s|^$$srcdirstrip/||"`;; \ + $(top_srcdir)/*) file=`echo "$$file" | sed "s|^$$topsrcdirstrip/|$(top_builddir)/|"`;; \ + esac; \ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ dir=`echo "$$file" | sed -e 's,/[^/]*$$,,'`; \ if test "$$dir" != "$$file" && test "$$dir" != "."; then \ dir="/$$dir"; \ - $(mkinstalldirs) "$(distdir)$$dir"; \ + $(mkdir_p) "$(distdir)$$dir"; \ else \ dir=''; \ fi; \ @@ -226,9 +303,7 @@ check-am: all-am check: check-am all-am: Makefile - installdirs: - install: install-am install-exec: install-exec-am install-data: install-data-am @@ -240,7 +315,7 @@ installcheck: installcheck-am install-strip: $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - INSTALL_STRIP_FLAG=-s \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ `test -z '$(STRIP)' || \ echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install mostlyclean-generic: @@ -248,7 +323,7 @@ clean-generic: distclean-generic: - -rm -f Makefile $(CONFIG_CLEAN_FILES) + -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) maintainer-clean-generic: @echo "This command is intended for maintainers to use" @@ -258,13 +333,15 @@ clean-am: clean-generic mostlyclean-am distclean: distclean-am - + -rm -f Makefile distclean-am: clean-am distclean-generic dvi: dvi-am dvi-am: +html: html-am + info: info-am info-am: @@ -280,22 +357,31 @@ installcheck-am: maintainer-clean: maintainer-clean-am - + -rm -f Makefile maintainer-clean-am: distclean-am maintainer-clean-generic mostlyclean: mostlyclean-am mostlyclean-am: mostlyclean-generic +pdf: pdf-am + +pdf-am: + +ps: ps-am + +ps-am: + uninstall-am: uninstall-info-am .PHONY: all all-am check check-am clean clean-generic distclean \ - distclean-generic distdir dvi dvi-am info info-am install \ - install-am install-data install-data-am install-exec \ + distclean-generic distdir dvi dvi-am html html-am info info-am \ + install install-am install-data install-data-am install-exec \ install-exec-am install-info install-info-am install-man \ install-strip installcheck installcheck-am installdirs \ maintainer-clean maintainer-clean-generic mostlyclean \ - mostlyclean-generic uninstall uninstall-am uninstall-info-am + mostlyclean-generic pdf pdf-am ps ps-am uninstall uninstall-am \ + uninstall-info-am # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. --- snort-2.3.3.orig/src/output-plugins/spo_alert_fast.c +++ snort-2.3.3/src/output-plugins/spo_alert_fast.c @@ -243,14 +243,14 @@ data = (SpoAlertFastData *)SnortAlloc(sizeof(SpoAlertFastData)); - DEBUG_WRAP(DebugMessage(DEBUG_LOG, "ParseAlertFastArgs: %s\n", args);); - if(args == NULL) { data->file = OpenAlertFile(NULL); return data; } + DEBUG_WRAP(DebugMessage(DEBUG_LOG, "ParseAlertFastArgs: %s\n", args);); + toks = mSplit(args, " ", 2, &num_toks, 0); if(strcasecmp("stdout", toks[0]) == 0) data->file = stdout; --- snort-2.3.3.orig/src/output-plugins/spo_alert_full.c +++ snort-2.3.3/src/output-plugins/spo_alert_full.c @@ -236,12 +236,12 @@ SpoAlertFullData *data; data = (SpoAlertFullData *)SnortAlloc(sizeof(SpoAlertFullData)); - DEBUG_WRAP(DebugMessage(DEBUG_LOG,"ParseAlertFullArgs: %s\n", args);); if(args == NULL) { data->file = OpenAlertFile(NULL); return data; } + DEBUG_WRAP(DebugMessage(DEBUG_LOG,"ParseAlertFullArgs: %s\n", args);); toks = mSplit(args, " ", 2, &num_toks, 0); if(strcasecmp("stdout", toks[0]) == 0) --- snort-2.3.3.orig/src/output-plugins/Makefile.in +++ snort-2.3.3/src/output-plugins/Makefile.in @@ -1,8 +1,8 @@ -# Makefile.in generated by automake 1.6.3 from Makefile.am. +# Makefile.in generated by automake 1.9.6 from Makefile.am. # @configure_input@ -# Copyright 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002 -# Free Software Foundation, Inc. +# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +# 2003, 2004, 2005 Free Software Foundation, Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -13,77 +13,150 @@ # PARTICULAR PURPOSE. @SET_MAKE@ -SHELL = @SHELL@ srcdir = @srcdir@ top_srcdir = @top_srcdir@ VPATH = @srcdir@ -prefix = @prefix@ -exec_prefix = @exec_prefix@ - -bindir = @bindir@ -sbindir = @sbindir@ -libexecdir = @libexecdir@ -datadir = @datadir@ -sysconfdir = @sysconfdir@ -sharedstatedir = @sharedstatedir@ -localstatedir = @localstatedir@ -libdir = @libdir@ -infodir = @infodir@ -mandir = @mandir@ -includedir = @includedir@ -oldincludedir = /usr/include pkgdatadir = $(datadir)/@PACKAGE@ pkglibdir = $(libdir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ top_builddir = ../.. - -ACLOCAL = @ACLOCAL@ -AUTOCONF = @AUTOCONF@ -AUTOMAKE = @AUTOMAKE@ -AUTOHEADER = @AUTOHEADER@ - am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd INSTALL = @INSTALL@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_DATA = @INSTALL_DATA@ install_sh_DATA = $(install_sh) -c -m 644 install_sh_PROGRAM = $(install_sh) -c install_sh_SCRIPT = $(install_sh) -c -INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_HEADER = $(INSTALL_DATA) -transform = @program_transform_name@ +transform = $(program_transform_name) NORMAL_INSTALL = : PRE_INSTALL = : POST_INSTALL = : NORMAL_UNINSTALL = : PRE_UNINSTALL = : POST_UNINSTALL = : -host_alias = @host_alias@ +build_triplet = @build@ host_triplet = @host@ - -EXEEXT = @EXEEXT@ -OBJEXT = @OBJEXT@ -PATH_SEPARATOR = @PATH_SEPARATOR@ +subdir = src/output-plugins +DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in +ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 +am__aclocal_m4_deps = $(top_srcdir)/configure.in +am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ + $(ACLOCAL_M4) +mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs +CONFIG_HEADER = $(top_builddir)/config.h +CONFIG_CLEAN_FILES = +LIBRARIES = $(noinst_LIBRARIES) +AR = ar +ARFLAGS = cru +libspo_a_AR = $(AR) $(ARFLAGS) +libspo_a_LIBADD = +am_libspo_a_OBJECTS = spo_alert_fast.$(OBJEXT) \ + spo_alert_full.$(OBJEXT) spo_alert_syslog.$(OBJEXT) \ + spo_alert_unixsock.$(OBJEXT) spo_csv.$(OBJEXT) \ + spo_database.$(OBJEXT) spo_log_null.$(OBJEXT) \ + spo_log_tcpdump.$(OBJEXT) spo_unified.$(OBJEXT) \ + spo_log_ascii.$(OBJEXT) spo_alert_sf_socket.$(OBJEXT) +libspo_a_OBJECTS = $(am_libspo_a_OBJECTS) +DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir) +depcomp = +am__depfiles_maybe = +COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ + $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +CCLD = $(CC) +LINK = $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@ +SOURCES = $(libspo_a_SOURCES) +DIST_SOURCES = $(libspo_a_SOURCES) +ETAGS = etags +CTAGS = ctags +DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) +ACLOCAL = @ACLOCAL@ +AMDEP_FALSE = @AMDEP_FALSE@ +AMDEP_TRUE = @AMDEP_TRUE@ AMTAR = @AMTAR@ +AUTOCONF = @AUTOCONF@ +AUTOHEADER = @AUTOHEADER@ +AUTOMAKE = @AUTOMAKE@ AWK = @AWK@ CC = @CC@ +CCDEPMODE = @CCDEPMODE@ +CFLAGS = @CFLAGS@ +CPP = @CPP@ +CPPFLAGS = @CPPFLAGS@ +CYGPATH_W = @CYGPATH_W@ +DEFS = @DEFS@ DEPDIR = @DEPDIR@ - +ECHO_C = @ECHO_C@ +ECHO_N = @ECHO_N@ +ECHO_T = @ECHO_T@ +EGREP = @EGREP@ +EXEEXT = @EXEEXT@ INCLUDES = @INCLUDES@ +INSTALL_DATA = @INSTALL_DATA@ +INSTALL_PROGRAM = @INSTALL_PROGRAM@ +INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +LDFLAGS = @LDFLAGS@ +LIBOBJS = @LIBOBJS@ +LIBS = @LIBS@ +LTLIBOBJS = @LTLIBOBJS@ +MAINT = @MAINT@ +MAINTAINER_MODE_FALSE = @MAINTAINER_MODE_FALSE@ +MAINTAINER_MODE_TRUE = @MAINTAINER_MODE_TRUE@ +MAKEINFO = @MAKEINFO@ +OBJEXT = @OBJEXT@ PACKAGE = @PACKAGE@ +PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +PACKAGE_NAME = @PACKAGE_NAME@ +PACKAGE_STRING = @PACKAGE_STRING@ +PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_VERSION = @PACKAGE_VERSION@ +PATH_SEPARATOR = @PATH_SEPARATOR@ RANLIB = @RANLIB@ +SET_MAKE = @SET_MAKE@ +SHELL = @SHELL@ STRIP = @STRIP@ VERSION = @VERSION@ +ac_ct_CC = @ac_ct_CC@ +ac_ct_RANLIB = @ac_ct_RANLIB@ +ac_ct_STRIP = @ac_ct_STRIP@ +am__fastdepCC_FALSE = @am__fastdepCC_FALSE@ +am__fastdepCC_TRUE = @am__fastdepCC_TRUE@ am__include = @am__include@ +am__leading_dot = @am__leading_dot@ am__quote = @am__quote@ +am__tar = @am__tar@ +am__untar = @am__untar@ +bindir = @bindir@ +build = @build@ +build_alias = @build_alias@ +build_cpu = @build_cpu@ +build_os = @build_os@ +build_vendor = @build_vendor@ +datadir = @datadir@ +exec_prefix = @exec_prefix@ extra_incl = @extra_incl@ +host = @host@ +host_alias = @host_alias@ +host_cpu = @host_cpu@ +host_os = @host_os@ +host_vendor = @host_vendor@ +includedir = @includedir@ +infodir = @infodir@ install_sh = @install_sh@ +libdir = @libdir@ +libexecdir = @libexecdir@ +localstatedir = @localstatedir@ +mandir = @mandir@ +mkdir_p = @mkdir_p@ +oldincludedir = @oldincludedir@ +prefix = @prefix@ +program_transform_name = @program_transform_name@ +sbindir = @sbindir@ +sharedstatedir = @sharedstatedir@ +sysconfdir = @sysconfdir@ +target_alias = @target_alias@ AUTOMAKE_OPTIONS = foreign no-dependencies - noinst_LIBRARIES = libspo.a - libspo_a_SOURCES = spo_alert_fast.c spo_alert_fast.h \ spo_alert_full.c spo_alert_full.h \ spo_alert_syslog.c spo_alert_syslog.h spo_alert_unixsock.c \ @@ -92,48 +165,39 @@ spo_log_tcpdump.h spo_unified.c spo_unified.h spo_log_ascii.c spo_log_ascii.h \ spo_alert_sf_socket.h spo_alert_sf_socket.c -subdir = src/output-plugins -mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs -CONFIG_HEADER = $(top_builddir)/config.h -CONFIG_CLEAN_FILES = -LIBRARIES = $(noinst_LIBRARIES) - -libspo_a_AR = $(AR) cru -libspo_a_LIBADD = -am_libspo_a_OBJECTS = spo_alert_fast.$(OBJEXT) spo_alert_full.$(OBJEXT) \ - spo_alert_syslog.$(OBJEXT) spo_alert_unixsock.$(OBJEXT) \ - spo_csv.$(OBJEXT) spo_database.$(OBJEXT) spo_log_null.$(OBJEXT) \ - spo_log_tcpdump.$(OBJEXT) spo_unified.$(OBJEXT) \ - spo_log_ascii.$(OBJEXT) spo_alert_sf_socket.$(OBJEXT) -libspo_a_OBJECTS = $(am_libspo_a_OBJECTS) - -DEFS = @DEFS@ -DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir) -CPPFLAGS = @CPPFLAGS@ -LDFLAGS = @LDFLAGS@ -LIBS = @LIBS@ -depcomp = -am__depfiles_maybe = -COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ - $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -CCLD = $(CC) -LINK = $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@ -CFLAGS = @CFLAGS@ -DIST_SOURCES = $(libspo_a_SOURCES) -DIST_COMMON = Makefile.am Makefile.in -SOURCES = $(libspo_a_SOURCES) - all: all-am .SUFFIXES: .SUFFIXES: .c .o .obj -$(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) +$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps) + @for dep in $?; do \ + case '$(am__configure_deps)' in \ + *$$dep*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ + && exit 0; \ + exit 1;; \ + esac; \ + done; \ + echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign src/output-plugins/Makefile'; \ cd $(top_srcdir) && \ $(AUTOMAKE) --foreign src/output-plugins/Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe) - -AR = ar +.PRECIOUS: Makefile +Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status + @case '$?' in \ + *config.status*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ + *) \ + echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ + cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ + esac; + +$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh + +$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh clean-noinstLIBRARIES: -test -z "$(noinst_LIBRARIES)" || rm -f $(noinst_LIBRARIES) @@ -143,23 +207,18 @@ $(RANLIB) libspo.a mostlyclean-compile: - -rm -f *.$(OBJEXT) core *.core + -rm -f *.$(OBJEXT) distclean-compile: -rm -f *.tab.c .c.o: - $(COMPILE) -c `test -f '$<' || echo '$(srcdir)/'`$< + $(COMPILE) -c $< .c.obj: - $(COMPILE) -c `cygpath -w $<` + $(COMPILE) -c `$(CYGPATH_W) '$<'` uninstall-info-am: -ETAGS = etags -ETAGSFLAGS = - -tags: TAGS - ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ @@ -168,6 +227,7 @@ $(AWK) ' { files[$$0] = 1; } \ END { for (i in files) print i; }'`; \ mkid -fID $$unique +tags: TAGS TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) @@ -179,8 +239,24 @@ done | \ $(AWK) ' { files[$$0] = 1; } \ END { for (i in files) print i; }'`; \ - test -z "$(ETAGS_ARGS)$$tags$$unique" \ - || $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$tags $$unique; \ + fi +ctags: CTAGS +CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + tags=; \ + here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) ' { files[$$0] = 1; } \ + END { for (i in files) print i; }'`; \ + test -z "$(CTAGS_ARGS)$$tags$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ $$tags $$unique GTAGS: @@ -189,19 +265,21 @@ && gtags -i $(GTAGS_ARGS) $$here distclean-tags: - -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) - -top_distdir = ../.. -distdir = $(top_distdir)/$(PACKAGE)-$(VERSION) + -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags distdir: $(DISTFILES) - @list='$(DISTFILES)'; for file in $$list; do \ + @srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; \ + topsrcdirstrip=`echo "$(top_srcdir)" | sed 's|.|.|g'`; \ + list='$(DISTFILES)'; for file in $$list; do \ + case $$file in \ + $(srcdir)/*) file=`echo "$$file" | sed "s|^$$srcdirstrip/||"`;; \ + $(top_srcdir)/*) file=`echo "$$file" | sed "s|^$$topsrcdirstrip/|$(top_builddir)/|"`;; \ + esac; \ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ dir=`echo "$$file" | sed -e 's,/[^/]*$$,,'`; \ if test "$$dir" != "$$file" && test "$$dir" != "."; then \ dir="/$$dir"; \ - $(mkinstalldirs) "$(distdir)$$dir"; \ + $(mkdir_p) "$(distdir)$$dir"; \ else \ dir=''; \ fi; \ @@ -219,9 +297,7 @@ check-am: all-am check: check-am all-am: Makefile $(LIBRARIES) - installdirs: - install: install-am install-exec: install-exec-am install-data: install-data-am @@ -233,7 +309,7 @@ installcheck: installcheck-am install-strip: $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - INSTALL_STRIP_FLAG=-s \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ `test -z '$(STRIP)' || \ echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install mostlyclean-generic: @@ -241,7 +317,7 @@ clean-generic: distclean-generic: - -rm -f Makefile $(CONFIG_CLEAN_FILES) + -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) maintainer-clean-generic: @echo "This command is intended for maintainers to use" @@ -251,7 +327,7 @@ clean-am: clean-generic clean-noinstLIBRARIES mostlyclean-am distclean: distclean-am - + -rm -f Makefile distclean-am: clean-am distclean-compile distclean-generic \ distclean-tags @@ -259,6 +335,8 @@ dvi-am: +html: html-am + info: info-am info-am: @@ -274,24 +352,33 @@ installcheck-am: maintainer-clean: maintainer-clean-am - + -rm -f Makefile maintainer-clean-am: distclean-am maintainer-clean-generic mostlyclean: mostlyclean-am mostlyclean-am: mostlyclean-compile mostlyclean-generic +pdf: pdf-am + +pdf-am: + +ps: ps-am + +ps-am: + uninstall-am: uninstall-info-am -.PHONY: GTAGS all all-am check check-am clean clean-generic \ - clean-noinstLIBRARIES distclean distclean-compile \ - distclean-generic distclean-tags distdir dvi dvi-am info \ - info-am install install-am install-data install-data-am \ - install-exec install-exec-am install-info install-info-am \ - install-man install-strip installcheck installcheck-am \ - installdirs maintainer-clean maintainer-clean-generic \ - mostlyclean mostlyclean-compile mostlyclean-generic tags \ - uninstall uninstall-am uninstall-info-am +.PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \ + clean-noinstLIBRARIES ctags distclean distclean-compile \ + distclean-generic distclean-tags distdir dvi dvi-am html \ + html-am info info-am install install-am install-data \ + install-data-am install-exec install-exec-am install-info \ + install-info-am install-man install-strip installcheck \ + installcheck-am installdirs maintainer-clean \ + maintainer-clean-generic mostlyclean mostlyclean-compile \ + mostlyclean-generic pdf pdf-am ps ps-am tags uninstall \ + uninstall-am uninstall-info-am # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. --- snort-2.3.3.orig/src/output-plugins/spo_database.c +++ snort-2.3.3/src/output-plugins/spo_database.c @@ -1896,8 +1896,8 @@ select0 = (char *) SnortAlloc(MAX_QUERY_LENGTH+1); -#if defined(ENABLE_MSSQL) || defined(ENABLE_ODBC) - if ( data->shared->dbtype_id == DB_MSSQL || +#if defined(ENABLE_MSSQL) || defined(ENABLE_ODBC) + if ( data->shared->dbtype_id == DB_MSSQL || (data->shared->dbtype_id==DB_ODBC && data->u_underlying_dbtype_id==DB_MSSQL) ) { /* "schema" is a keyword in SQL Server, so use square brackets @@ -1910,9 +1910,23 @@ else #endif { +#if defined(ENABLE_MYSQL) + if (data->shared->dbtype_id == DB_MYSQL) + { + /* "schema" is a keyword in MYSQL, so use `schema` + * to indicate that we are referring to the table + */ + snprintf(select0, MAX_QUERY_LENGTH, + "SELECT vseq " + "FROM `schema`"); + } + else +#endif + { snprintf(select0, MAX_QUERY_LENGTH, "SELECT vseq " "FROM schema"); + } } schema_version = Select(select0,data); --- snort-2.3.3.orig/src/detection-plugins/Makefile.in +++ snort-2.3.3/src/detection-plugins/Makefile.in @@ -1,8 +1,8 @@ -# Makefile.in generated by automake 1.6.3 from Makefile.am. +# Makefile.in generated by automake 1.9.6 from Makefile.am. # @configure_input@ -# Copyright 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002 -# Free Software Foundation, Inc. +# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +# 2003, 2004, 2005 Free Software Foundation, Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -13,77 +13,158 @@ # PARTICULAR PURPOSE. @SET_MAKE@ -SHELL = @SHELL@ srcdir = @srcdir@ top_srcdir = @top_srcdir@ VPATH = @srcdir@ -prefix = @prefix@ -exec_prefix = @exec_prefix@ - -bindir = @bindir@ -sbindir = @sbindir@ -libexecdir = @libexecdir@ -datadir = @datadir@ -sysconfdir = @sysconfdir@ -sharedstatedir = @sharedstatedir@ -localstatedir = @localstatedir@ -libdir = @libdir@ -infodir = @infodir@ -mandir = @mandir@ -includedir = @includedir@ -oldincludedir = /usr/include pkgdatadir = $(datadir)/@PACKAGE@ pkglibdir = $(libdir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ top_builddir = ../.. - -ACLOCAL = @ACLOCAL@ -AUTOCONF = @AUTOCONF@ -AUTOMAKE = @AUTOMAKE@ -AUTOHEADER = @AUTOHEADER@ - am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd INSTALL = @INSTALL@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_DATA = @INSTALL_DATA@ install_sh_DATA = $(install_sh) -c -m 644 install_sh_PROGRAM = $(install_sh) -c install_sh_SCRIPT = $(install_sh) -c -INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_HEADER = $(INSTALL_DATA) -transform = @program_transform_name@ +transform = $(program_transform_name) NORMAL_INSTALL = : PRE_INSTALL = : POST_INSTALL = : NORMAL_UNINSTALL = : PRE_UNINSTALL = : POST_UNINSTALL = : -host_alias = @host_alias@ +build_triplet = @build@ host_triplet = @host@ - -EXEEXT = @EXEEXT@ -OBJEXT = @OBJEXT@ -PATH_SEPARATOR = @PATH_SEPARATOR@ +subdir = src/detection-plugins +DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in +ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 +am__aclocal_m4_deps = $(top_srcdir)/configure.in +am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ + $(ACLOCAL_M4) +mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs +CONFIG_HEADER = $(top_builddir)/config.h +CONFIG_CLEAN_FILES = +LIBRARIES = $(noinst_LIBRARIES) +AR = ar +ARFLAGS = cru +libspd_a_AR = $(AR) $(ARFLAGS) +libspd_a_LIBADD = +am_libspd_a_OBJECTS = sp_dsize_check.$(OBJEXT) \ + sp_icmp_code_check.$(OBJEXT) sp_icmp_id_check.$(OBJEXT) \ + sp_icmp_seq_check.$(OBJEXT) sp_icmp_type_check.$(OBJEXT) \ + sp_ip_fragbits.$(OBJEXT) sp_ip_id_check.$(OBJEXT) \ + sp_ip_proto.$(OBJEXT) sp_ip_same_check.$(OBJEXT) \ + sp_ip_tos_check.$(OBJEXT) sp_ipoption_check.$(OBJEXT) \ + sp_pattern_match.$(OBJEXT) sp_react.$(OBJEXT) \ + sp_respond.$(OBJEXT) sp_rpc_check.$(OBJEXT) \ + sp_session.$(OBJEXT) sp_tcp_ack_check.$(OBJEXT) \ + sp_tcp_flag_check.$(OBJEXT) sp_tcp_seq_check.$(OBJEXT) \ + sp_tcp_win_check.$(OBJEXT) sp_ttl_check.$(OBJEXT) \ + sp_clientserver.$(OBJEXT) sp_byte_check.$(OBJEXT) \ + sp_byte_jump.$(OBJEXT) sp_pcre.$(OBJEXT) sp_isdataat.$(OBJEXT) \ + sp_flowbits.$(OBJEXT) sp_asn1.$(OBJEXT) +libspd_a_OBJECTS = $(am_libspd_a_OBJECTS) +DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir) +depcomp = +am__depfiles_maybe = +COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ + $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +CCLD = $(CC) +LINK = $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@ +SOURCES = $(libspd_a_SOURCES) +DIST_SOURCES = $(libspd_a_SOURCES) +ETAGS = etags +CTAGS = ctags +DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) +ACLOCAL = @ACLOCAL@ +AMDEP_FALSE = @AMDEP_FALSE@ +AMDEP_TRUE = @AMDEP_TRUE@ AMTAR = @AMTAR@ +AUTOCONF = @AUTOCONF@ +AUTOHEADER = @AUTOHEADER@ +AUTOMAKE = @AUTOMAKE@ AWK = @AWK@ CC = @CC@ +CCDEPMODE = @CCDEPMODE@ +CFLAGS = @CFLAGS@ +CPP = @CPP@ +CPPFLAGS = @CPPFLAGS@ +CYGPATH_W = @CYGPATH_W@ +DEFS = @DEFS@ DEPDIR = @DEPDIR@ - +ECHO_C = @ECHO_C@ +ECHO_N = @ECHO_N@ +ECHO_T = @ECHO_T@ +EGREP = @EGREP@ +EXEEXT = @EXEEXT@ INCLUDES = @INCLUDES@ +INSTALL_DATA = @INSTALL_DATA@ +INSTALL_PROGRAM = @INSTALL_PROGRAM@ +INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +LDFLAGS = @LDFLAGS@ +LIBOBJS = @LIBOBJS@ +LIBS = @LIBS@ +LTLIBOBJS = @LTLIBOBJS@ +MAINT = @MAINT@ +MAINTAINER_MODE_FALSE = @MAINTAINER_MODE_FALSE@ +MAINTAINER_MODE_TRUE = @MAINTAINER_MODE_TRUE@ +MAKEINFO = @MAKEINFO@ +OBJEXT = @OBJEXT@ PACKAGE = @PACKAGE@ +PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +PACKAGE_NAME = @PACKAGE_NAME@ +PACKAGE_STRING = @PACKAGE_STRING@ +PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_VERSION = @PACKAGE_VERSION@ +PATH_SEPARATOR = @PATH_SEPARATOR@ RANLIB = @RANLIB@ +SET_MAKE = @SET_MAKE@ +SHELL = @SHELL@ STRIP = @STRIP@ VERSION = @VERSION@ +ac_ct_CC = @ac_ct_CC@ +ac_ct_RANLIB = @ac_ct_RANLIB@ +ac_ct_STRIP = @ac_ct_STRIP@ +am__fastdepCC_FALSE = @am__fastdepCC_FALSE@ +am__fastdepCC_TRUE = @am__fastdepCC_TRUE@ am__include = @am__include@ +am__leading_dot = @am__leading_dot@ am__quote = @am__quote@ +am__tar = @am__tar@ +am__untar = @am__untar@ +bindir = @bindir@ +build = @build@ +build_alias = @build_alias@ +build_cpu = @build_cpu@ +build_os = @build_os@ +build_vendor = @build_vendor@ +datadir = @datadir@ +exec_prefix = @exec_prefix@ extra_incl = @extra_incl@ +host = @host@ +host_alias = @host_alias@ +host_cpu = @host_cpu@ +host_os = @host_os@ +host_vendor = @host_vendor@ +includedir = @includedir@ +infodir = @infodir@ install_sh = @install_sh@ +libdir = @libdir@ +libexecdir = @libexecdir@ +localstatedir = @localstatedir@ +mandir = @mandir@ +mkdir_p = @mkdir_p@ +oldincludedir = @oldincludedir@ +prefix = @prefix@ +program_transform_name = @program_transform_name@ +sbindir = @sbindir@ +sharedstatedir = @sharedstatedir@ +sysconfdir = @sysconfdir@ +target_alias = @target_alias@ AUTOMAKE_OPTIONS = foreign no-dependencies - noinst_LIBRARIES = libspd.a - libspd_a_SOURCES = sp_dsize_check.c sp_dsize_check.h sp_icmp_code_check.c \ sp_icmp_code_check.h sp_icmp_id_check.c sp_icmp_id_check.h sp_icmp_seq_check.c \ sp_icmp_seq_check.h sp_icmp_type_check.c sp_icmp_type_check.h sp_ip_fragbits.c \ @@ -99,57 +180,39 @@ sp_byte_jump.c sp_byte_jump.h sp_pcre.c sp_pcre.h sp_isdataat.c sp_isdataat.h \ sp_flowbits.c sp_flowbits.h sp_asn1.c sp_asn1.h -subdir = src/detection-plugins -mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs -CONFIG_HEADER = $(top_builddir)/config.h -CONFIG_CLEAN_FILES = -LIBRARIES = $(noinst_LIBRARIES) - -libspd_a_AR = $(AR) cru -libspd_a_LIBADD = -am_libspd_a_OBJECTS = sp_dsize_check.$(OBJEXT) \ - sp_icmp_code_check.$(OBJEXT) sp_icmp_id_check.$(OBJEXT) \ - sp_icmp_seq_check.$(OBJEXT) sp_icmp_type_check.$(OBJEXT) \ - sp_ip_fragbits.$(OBJEXT) sp_ip_id_check.$(OBJEXT) \ - sp_ip_proto.$(OBJEXT) sp_ip_same_check.$(OBJEXT) \ - sp_ip_tos_check.$(OBJEXT) sp_ipoption_check.$(OBJEXT) \ - sp_pattern_match.$(OBJEXT) sp_react.$(OBJEXT) \ - sp_respond.$(OBJEXT) sp_rpc_check.$(OBJEXT) \ - sp_session.$(OBJEXT) sp_tcp_ack_check.$(OBJEXT) \ - sp_tcp_flag_check.$(OBJEXT) sp_tcp_seq_check.$(OBJEXT) \ - sp_tcp_win_check.$(OBJEXT) sp_ttl_check.$(OBJEXT) \ - sp_clientserver.$(OBJEXT) sp_byte_check.$(OBJEXT) \ - sp_byte_jump.$(OBJEXT) sp_pcre.$(OBJEXT) sp_isdataat.$(OBJEXT) \ - sp_flowbits.$(OBJEXT) sp_asn1.$(OBJEXT) -libspd_a_OBJECTS = $(am_libspd_a_OBJECTS) - -DEFS = @DEFS@ -DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir) -CPPFLAGS = @CPPFLAGS@ -LDFLAGS = @LDFLAGS@ -LIBS = @LIBS@ -depcomp = -am__depfiles_maybe = -COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ - $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -CCLD = $(CC) -LINK = $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@ -CFLAGS = @CFLAGS@ -DIST_SOURCES = $(libspd_a_SOURCES) -DIST_COMMON = Makefile.am Makefile.in -SOURCES = $(libspd_a_SOURCES) - all: all-am .SUFFIXES: .SUFFIXES: .c .o .obj -$(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) +$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps) + @for dep in $?; do \ + case '$(am__configure_deps)' in \ + *$$dep*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ + && exit 0; \ + exit 1;; \ + esac; \ + done; \ + echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign src/detection-plugins/Makefile'; \ cd $(top_srcdir) && \ $(AUTOMAKE) --foreign src/detection-plugins/Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe) - -AR = ar +.PRECIOUS: Makefile +Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status + @case '$?' in \ + *config.status*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ + *) \ + echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ + cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ + esac; + +$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh + +$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh clean-noinstLIBRARIES: -test -z "$(noinst_LIBRARIES)" || rm -f $(noinst_LIBRARIES) @@ -159,23 +222,18 @@ $(RANLIB) libspd.a mostlyclean-compile: - -rm -f *.$(OBJEXT) core *.core + -rm -f *.$(OBJEXT) distclean-compile: -rm -f *.tab.c .c.o: - $(COMPILE) -c `test -f '$<' || echo '$(srcdir)/'`$< + $(COMPILE) -c $< .c.obj: - $(COMPILE) -c `cygpath -w $<` + $(COMPILE) -c `$(CYGPATH_W) '$<'` uninstall-info-am: -ETAGS = etags -ETAGSFLAGS = - -tags: TAGS - ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ @@ -184,6 +242,7 @@ $(AWK) ' { files[$$0] = 1; } \ END { for (i in files) print i; }'`; \ mkid -fID $$unique +tags: TAGS TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) @@ -195,8 +254,24 @@ done | \ $(AWK) ' { files[$$0] = 1; } \ END { for (i in files) print i; }'`; \ - test -z "$(ETAGS_ARGS)$$tags$$unique" \ - || $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$tags $$unique; \ + fi +ctags: CTAGS +CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + tags=; \ + here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) ' { files[$$0] = 1; } \ + END { for (i in files) print i; }'`; \ + test -z "$(CTAGS_ARGS)$$tags$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ $$tags $$unique GTAGS: @@ -205,19 +280,21 @@ && gtags -i $(GTAGS_ARGS) $$here distclean-tags: - -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) - -top_distdir = ../.. -distdir = $(top_distdir)/$(PACKAGE)-$(VERSION) + -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags distdir: $(DISTFILES) - @list='$(DISTFILES)'; for file in $$list; do \ + @srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; \ + topsrcdirstrip=`echo "$(top_srcdir)" | sed 's|.|.|g'`; \ + list='$(DISTFILES)'; for file in $$list; do \ + case $$file in \ + $(srcdir)/*) file=`echo "$$file" | sed "s|^$$srcdirstrip/||"`;; \ + $(top_srcdir)/*) file=`echo "$$file" | sed "s|^$$topsrcdirstrip/|$(top_builddir)/|"`;; \ + esac; \ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ dir=`echo "$$file" | sed -e 's,/[^/]*$$,,'`; \ if test "$$dir" != "$$file" && test "$$dir" != "."; then \ dir="/$$dir"; \ - $(mkinstalldirs) "$(distdir)$$dir"; \ + $(mkdir_p) "$(distdir)$$dir"; \ else \ dir=''; \ fi; \ @@ -235,9 +312,7 @@ check-am: all-am check: check-am all-am: Makefile $(LIBRARIES) - installdirs: - install: install-am install-exec: install-exec-am install-data: install-data-am @@ -249,7 +324,7 @@ installcheck: installcheck-am install-strip: $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - INSTALL_STRIP_FLAG=-s \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ `test -z '$(STRIP)' || \ echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install mostlyclean-generic: @@ -257,7 +332,7 @@ clean-generic: distclean-generic: - -rm -f Makefile $(CONFIG_CLEAN_FILES) + -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) maintainer-clean-generic: @echo "This command is intended for maintainers to use" @@ -267,7 +342,7 @@ clean-am: clean-generic clean-noinstLIBRARIES mostlyclean-am distclean: distclean-am - + -rm -f Makefile distclean-am: clean-am distclean-compile distclean-generic \ distclean-tags @@ -275,6 +350,8 @@ dvi-am: +html: html-am + info: info-am info-am: @@ -290,24 +367,33 @@ installcheck-am: maintainer-clean: maintainer-clean-am - + -rm -f Makefile maintainer-clean-am: distclean-am maintainer-clean-generic mostlyclean: mostlyclean-am mostlyclean-am: mostlyclean-compile mostlyclean-generic +pdf: pdf-am + +pdf-am: + +ps: ps-am + +ps-am: + uninstall-am: uninstall-info-am -.PHONY: GTAGS all all-am check check-am clean clean-generic \ - clean-noinstLIBRARIES distclean distclean-compile \ - distclean-generic distclean-tags distdir dvi dvi-am info \ - info-am install install-am install-data install-data-am \ - install-exec install-exec-am install-info install-info-am \ - install-man install-strip installcheck installcheck-am \ - installdirs maintainer-clean maintainer-clean-generic \ - mostlyclean mostlyclean-compile mostlyclean-generic tags \ - uninstall uninstall-am uninstall-info-am +.PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \ + clean-noinstLIBRARIES ctags distclean distclean-compile \ + distclean-generic distclean-tags distdir dvi dvi-am html \ + html-am info info-am install install-am install-data \ + install-data-am install-exec install-exec-am install-info \ + install-info-am install-man install-strip installcheck \ + installcheck-am installdirs maintainer-clean \ + maintainer-clean-generic mostlyclean mostlyclean-compile \ + mostlyclean-generic pdf pdf-am ps ps-am tags uninstall \ + uninstall-am uninstall-info-am # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. --- snort-2.3.3.orig/src/preprocessors/flow/portscan/Makefile.in +++ snort-2.3.3/src/preprocessors/flow/portscan/Makefile.in @@ -1,8 +1,8 @@ -# Makefile.in generated by automake 1.6.3 from Makefile.am. +# Makefile.in generated by automake 1.9.6 from Makefile.am. # @configure_input@ -# Copyright 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002 -# Free Software Foundation, Inc. +# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +# 2003, 2004, 2005 Free Software Foundation, Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -13,123 +13,186 @@ # PARTICULAR PURPOSE. @SET_MAKE@ -SHELL = @SHELL@ srcdir = @srcdir@ top_srcdir = @top_srcdir@ VPATH = @srcdir@ -prefix = @prefix@ -exec_prefix = @exec_prefix@ - -bindir = @bindir@ -sbindir = @sbindir@ -libexecdir = @libexecdir@ -datadir = @datadir@ -sysconfdir = @sysconfdir@ -sharedstatedir = @sharedstatedir@ -localstatedir = @localstatedir@ -libdir = @libdir@ -infodir = @infodir@ -mandir = @mandir@ -includedir = @includedir@ -oldincludedir = /usr/include pkgdatadir = $(datadir)/@PACKAGE@ pkglibdir = $(libdir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ top_builddir = ../../../.. - -ACLOCAL = @ACLOCAL@ -AUTOCONF = @AUTOCONF@ -AUTOMAKE = @AUTOMAKE@ -AUTOHEADER = @AUTOHEADER@ - am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd INSTALL = @INSTALL@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_DATA = @INSTALL_DATA@ install_sh_DATA = $(install_sh) -c -m 644 install_sh_PROGRAM = $(install_sh) -c install_sh_SCRIPT = $(install_sh) -c -INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_HEADER = $(INSTALL_DATA) -transform = @program_transform_name@ +transform = $(program_transform_name) NORMAL_INSTALL = : PRE_INSTALL = : POST_INSTALL = : NORMAL_UNINSTALL = : PRE_UNINSTALL = : POST_UNINSTALL = : -host_alias = @host_alias@ +build_triplet = @build@ host_triplet = @host@ - -EXEEXT = @EXEEXT@ -OBJEXT = @OBJEXT@ -PATH_SEPARATOR = @PATH_SEPARATOR@ +subdir = src/preprocessors/flow/portscan +DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in +ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 +am__aclocal_m4_deps = $(top_srcdir)/configure.in +am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ + $(ACLOCAL_M4) +mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs +CONFIG_HEADER = $(top_builddir)/config.h +CONFIG_CLEAN_FILES = +LIBRARIES = $(noinst_LIBRARIES) +AR = ar +ARFLAGS = cru +libportscan_a_AR = $(AR) $(ARFLAGS) +libportscan_a_LIBADD = +am_libportscan_a_OBJECTS = flowps.$(OBJEXT) scoreboard.$(OBJEXT) \ + unique_tracker.$(OBJEXT) flowps_snort.$(OBJEXT) \ + server_stats.$(OBJEXT) +libportscan_a_OBJECTS = $(am_libportscan_a_OBJECTS) +DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir) +depcomp = +am__depfiles_maybe = +COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ + $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +CCLD = $(CC) +LINK = $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@ +SOURCES = $(libportscan_a_SOURCES) +DIST_SOURCES = $(libportscan_a_SOURCES) +ETAGS = etags +CTAGS = ctags +DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) +ACLOCAL = @ACLOCAL@ +AMDEP_FALSE = @AMDEP_FALSE@ +AMDEP_TRUE = @AMDEP_TRUE@ AMTAR = @AMTAR@ +AUTOCONF = @AUTOCONF@ +AUTOHEADER = @AUTOHEADER@ +AUTOMAKE = @AUTOMAKE@ AWK = @AWK@ CC = @CC@ +CCDEPMODE = @CCDEPMODE@ +CFLAGS = @CFLAGS@ +CPP = @CPP@ +CPPFLAGS = @CPPFLAGS@ +CYGPATH_W = @CYGPATH_W@ +DEFS = @DEFS@ DEPDIR = @DEPDIR@ - +ECHO_C = @ECHO_C@ +ECHO_N = @ECHO_N@ +ECHO_T = @ECHO_T@ +EGREP = @EGREP@ +EXEEXT = @EXEEXT@ INCLUDES = @INCLUDES@ +INSTALL_DATA = @INSTALL_DATA@ +INSTALL_PROGRAM = @INSTALL_PROGRAM@ +INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +LDFLAGS = @LDFLAGS@ +LIBOBJS = @LIBOBJS@ +LIBS = @LIBS@ +LTLIBOBJS = @LTLIBOBJS@ +MAINT = @MAINT@ +MAINTAINER_MODE_FALSE = @MAINTAINER_MODE_FALSE@ +MAINTAINER_MODE_TRUE = @MAINTAINER_MODE_TRUE@ +MAKEINFO = @MAKEINFO@ +OBJEXT = @OBJEXT@ PACKAGE = @PACKAGE@ +PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +PACKAGE_NAME = @PACKAGE_NAME@ +PACKAGE_STRING = @PACKAGE_STRING@ +PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_VERSION = @PACKAGE_VERSION@ +PATH_SEPARATOR = @PATH_SEPARATOR@ RANLIB = @RANLIB@ +SET_MAKE = @SET_MAKE@ +SHELL = @SHELL@ STRIP = @STRIP@ VERSION = @VERSION@ +ac_ct_CC = @ac_ct_CC@ +ac_ct_RANLIB = @ac_ct_RANLIB@ +ac_ct_STRIP = @ac_ct_STRIP@ +am__fastdepCC_FALSE = @am__fastdepCC_FALSE@ +am__fastdepCC_TRUE = @am__fastdepCC_TRUE@ am__include = @am__include@ +am__leading_dot = @am__leading_dot@ am__quote = @am__quote@ +am__tar = @am__tar@ +am__untar = @am__untar@ +bindir = @bindir@ +build = @build@ +build_alias = @build_alias@ +build_cpu = @build_cpu@ +build_os = @build_os@ +build_vendor = @build_vendor@ +datadir = @datadir@ +exec_prefix = @exec_prefix@ extra_incl = @extra_incl@ +host = @host@ +host_alias = @host_alias@ +host_cpu = @host_cpu@ +host_os = @host_os@ +host_vendor = @host_vendor@ +includedir = @includedir@ +infodir = @infodir@ install_sh = @install_sh@ +libdir = @libdir@ +libexecdir = @libexecdir@ +localstatedir = @localstatedir@ +mandir = @mandir@ +mkdir_p = @mkdir_p@ +oldincludedir = @oldincludedir@ +prefix = @prefix@ +program_transform_name = @program_transform_name@ +sbindir = @sbindir@ +sharedstatedir = @sharedstatedir@ +sysconfdir = @sysconfdir@ +target_alias = @target_alias@ AUTOMAKE_OPTIONS = foreign no-dependencies - noinst_LIBRARIES = libportscan.a - libportscan_a_SOURCES = flowps.h flowps.c \ scoreboard.h scoreboard.c \ unique_tracker.h unique_tracker.c\ flowps_snort.h flowps_snort.c \ server_stats.c server_stats.h -subdir = src/preprocessors/flow/portscan -mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs -CONFIG_HEADER = $(top_builddir)/config.h -CONFIG_CLEAN_FILES = -LIBRARIES = $(noinst_LIBRARIES) - -libportscan_a_AR = $(AR) cru -libportscan_a_LIBADD = -am_libportscan_a_OBJECTS = flowps.$(OBJEXT) scoreboard.$(OBJEXT) \ - unique_tracker.$(OBJEXT) flowps_snort.$(OBJEXT) \ - server_stats.$(OBJEXT) -libportscan_a_OBJECTS = $(am_libportscan_a_OBJECTS) - -DEFS = @DEFS@ -DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir) -CPPFLAGS = @CPPFLAGS@ -LDFLAGS = @LDFLAGS@ -LIBS = @LIBS@ -depcomp = -am__depfiles_maybe = -COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ - $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -CCLD = $(CC) -LINK = $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@ -CFLAGS = @CFLAGS@ -DIST_SOURCES = $(libportscan_a_SOURCES) -DIST_COMMON = Makefile.am Makefile.in -SOURCES = $(libportscan_a_SOURCES) - all: all-am .SUFFIXES: .SUFFIXES: .c .o .obj -$(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) +$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps) + @for dep in $?; do \ + case '$(am__configure_deps)' in \ + *$$dep*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ + && exit 0; \ + exit 1;; \ + esac; \ + done; \ + echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign src/preprocessors/flow/portscan/Makefile'; \ cd $(top_srcdir) && \ $(AUTOMAKE) --foreign src/preprocessors/flow/portscan/Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe) - -AR = ar +.PRECIOUS: Makefile +Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status + @case '$?' in \ + *config.status*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ + *) \ + echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ + cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ + esac; + +$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh + +$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh clean-noinstLIBRARIES: -test -z "$(noinst_LIBRARIES)" || rm -f $(noinst_LIBRARIES) @@ -139,23 +202,18 @@ $(RANLIB) libportscan.a mostlyclean-compile: - -rm -f *.$(OBJEXT) core *.core + -rm -f *.$(OBJEXT) distclean-compile: -rm -f *.tab.c .c.o: - $(COMPILE) -c `test -f '$<' || echo '$(srcdir)/'`$< + $(COMPILE) -c $< .c.obj: - $(COMPILE) -c `cygpath -w $<` + $(COMPILE) -c `$(CYGPATH_W) '$<'` uninstall-info-am: -ETAGS = etags -ETAGSFLAGS = - -tags: TAGS - ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ @@ -164,6 +222,7 @@ $(AWK) ' { files[$$0] = 1; } \ END { for (i in files) print i; }'`; \ mkid -fID $$unique +tags: TAGS TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) @@ -175,8 +234,24 @@ done | \ $(AWK) ' { files[$$0] = 1; } \ END { for (i in files) print i; }'`; \ - test -z "$(ETAGS_ARGS)$$tags$$unique" \ - || $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$tags $$unique; \ + fi +ctags: CTAGS +CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + tags=; \ + here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) ' { files[$$0] = 1; } \ + END { for (i in files) print i; }'`; \ + test -z "$(CTAGS_ARGS)$$tags$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ $$tags $$unique GTAGS: @@ -185,19 +260,21 @@ && gtags -i $(GTAGS_ARGS) $$here distclean-tags: - -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) - -top_distdir = ../../../.. -distdir = $(top_distdir)/$(PACKAGE)-$(VERSION) + -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags distdir: $(DISTFILES) - @list='$(DISTFILES)'; for file in $$list; do \ + @srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; \ + topsrcdirstrip=`echo "$(top_srcdir)" | sed 's|.|.|g'`; \ + list='$(DISTFILES)'; for file in $$list; do \ + case $$file in \ + $(srcdir)/*) file=`echo "$$file" | sed "s|^$$srcdirstrip/||"`;; \ + $(top_srcdir)/*) file=`echo "$$file" | sed "s|^$$topsrcdirstrip/|$(top_builddir)/|"`;; \ + esac; \ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ dir=`echo "$$file" | sed -e 's,/[^/]*$$,,'`; \ if test "$$dir" != "$$file" && test "$$dir" != "."; then \ dir="/$$dir"; \ - $(mkinstalldirs) "$(distdir)$$dir"; \ + $(mkdir_p) "$(distdir)$$dir"; \ else \ dir=''; \ fi; \ @@ -215,9 +292,7 @@ check-am: all-am check: check-am all-am: Makefile $(LIBRARIES) - installdirs: - install: install-am install-exec: install-exec-am install-data: install-data-am @@ -229,7 +304,7 @@ installcheck: installcheck-am install-strip: $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - INSTALL_STRIP_FLAG=-s \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ `test -z '$(STRIP)' || \ echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install mostlyclean-generic: @@ -237,7 +312,7 @@ clean-generic: distclean-generic: - -rm -f Makefile $(CONFIG_CLEAN_FILES) + -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) maintainer-clean-generic: @echo "This command is intended for maintainers to use" @@ -247,7 +322,7 @@ clean-am: clean-generic clean-noinstLIBRARIES mostlyclean-am distclean: distclean-am - + -rm -f Makefile distclean-am: clean-am distclean-compile distclean-generic \ distclean-tags @@ -255,6 +330,8 @@ dvi-am: +html: html-am + info: info-am info-am: @@ -270,24 +347,33 @@ installcheck-am: maintainer-clean: maintainer-clean-am - + -rm -f Makefile maintainer-clean-am: distclean-am maintainer-clean-generic mostlyclean: mostlyclean-am mostlyclean-am: mostlyclean-compile mostlyclean-generic +pdf: pdf-am + +pdf-am: + +ps: ps-am + +ps-am: + uninstall-am: uninstall-info-am -.PHONY: GTAGS all all-am check check-am clean clean-generic \ - clean-noinstLIBRARIES distclean distclean-compile \ - distclean-generic distclean-tags distdir dvi dvi-am info \ - info-am install install-am install-data install-data-am \ - install-exec install-exec-am install-info install-info-am \ - install-man install-strip installcheck installcheck-am \ - installdirs maintainer-clean maintainer-clean-generic \ - mostlyclean mostlyclean-compile mostlyclean-generic tags \ - uninstall uninstall-am uninstall-info-am +.PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \ + clean-noinstLIBRARIES ctags distclean distclean-compile \ + distclean-generic distclean-tags distdir dvi dvi-am html \ + html-am info info-am install install-am install-data \ + install-data-am install-exec install-exec-am install-info \ + install-info-am install-man install-strip installcheck \ + installcheck-am installdirs maintainer-clean \ + maintainer-clean-generic mostlyclean mostlyclean-compile \ + mostlyclean-generic pdf pdf-am ps ps-am tags uninstall \ + uninstall-am uninstall-info-am # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. --- snort-2.3.3.orig/src/preprocessors/flow/int-snort/Makefile.in +++ snort-2.3.3/src/preprocessors/flow/int-snort/Makefile.in @@ -1,8 +1,8 @@ -# Makefile.in generated by automake 1.6.3 from Makefile.am. +# Makefile.in generated by automake 1.9.6 from Makefile.am. # @configure_input@ -# Copyright 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002 -# Free Software Foundation, Inc. +# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +# 2003, 2004, 2005 Free Software Foundation, Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -13,116 +13,179 @@ # PARTICULAR PURPOSE. @SET_MAKE@ -SHELL = @SHELL@ srcdir = @srcdir@ top_srcdir = @top_srcdir@ VPATH = @srcdir@ -prefix = @prefix@ -exec_prefix = @exec_prefix@ - -bindir = @bindir@ -sbindir = @sbindir@ -libexecdir = @libexecdir@ -datadir = @datadir@ -sysconfdir = @sysconfdir@ -sharedstatedir = @sharedstatedir@ -localstatedir = @localstatedir@ -libdir = @libdir@ -infodir = @infodir@ -mandir = @mandir@ -includedir = @includedir@ -oldincludedir = /usr/include pkgdatadir = $(datadir)/@PACKAGE@ pkglibdir = $(libdir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ top_builddir = ../../../.. - -ACLOCAL = @ACLOCAL@ -AUTOCONF = @AUTOCONF@ -AUTOMAKE = @AUTOMAKE@ -AUTOHEADER = @AUTOHEADER@ - am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd INSTALL = @INSTALL@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_DATA = @INSTALL_DATA@ install_sh_DATA = $(install_sh) -c -m 644 install_sh_PROGRAM = $(install_sh) -c install_sh_SCRIPT = $(install_sh) -c -INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_HEADER = $(INSTALL_DATA) -transform = @program_transform_name@ +transform = $(program_transform_name) NORMAL_INSTALL = : PRE_INSTALL = : POST_INSTALL = : NORMAL_UNINSTALL = : PRE_UNINSTALL = : POST_UNINSTALL = : -host_alias = @host_alias@ +build_triplet = @build@ host_triplet = @host@ - -EXEEXT = @EXEEXT@ -OBJEXT = @OBJEXT@ -PATH_SEPARATOR = @PATH_SEPARATOR@ +subdir = src/preprocessors/flow/int-snort +DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in +ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 +am__aclocal_m4_deps = $(top_srcdir)/configure.in +am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ + $(ACLOCAL_M4) +mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs +CONFIG_HEADER = $(top_builddir)/config.h +CONFIG_CLEAN_FILES = +LIBRARIES = $(noinst_LIBRARIES) +AR = ar +ARFLAGS = cru +libintsnort_a_AR = $(AR) $(ARFLAGS) +libintsnort_a_LIBADD = +am_libintsnort_a_OBJECTS = flow_packet.$(OBJEXT) +libintsnort_a_OBJECTS = $(am_libintsnort_a_OBJECTS) +DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir) +depcomp = +am__depfiles_maybe = +COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ + $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +CCLD = $(CC) +LINK = $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@ +SOURCES = $(libintsnort_a_SOURCES) +DIST_SOURCES = $(libintsnort_a_SOURCES) +ETAGS = etags +CTAGS = ctags +DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) +ACLOCAL = @ACLOCAL@ +AMDEP_FALSE = @AMDEP_FALSE@ +AMDEP_TRUE = @AMDEP_TRUE@ AMTAR = @AMTAR@ +AUTOCONF = @AUTOCONF@ +AUTOHEADER = @AUTOHEADER@ +AUTOMAKE = @AUTOMAKE@ AWK = @AWK@ CC = @CC@ +CCDEPMODE = @CCDEPMODE@ +CFLAGS = @CFLAGS@ +CPP = @CPP@ +CPPFLAGS = @CPPFLAGS@ +CYGPATH_W = @CYGPATH_W@ +DEFS = @DEFS@ DEPDIR = @DEPDIR@ - +ECHO_C = @ECHO_C@ +ECHO_N = @ECHO_N@ +ECHO_T = @ECHO_T@ +EGREP = @EGREP@ +EXEEXT = @EXEEXT@ INCLUDES = @INCLUDES@ +INSTALL_DATA = @INSTALL_DATA@ +INSTALL_PROGRAM = @INSTALL_PROGRAM@ +INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +LDFLAGS = @LDFLAGS@ +LIBOBJS = @LIBOBJS@ +LIBS = @LIBS@ +LTLIBOBJS = @LTLIBOBJS@ +MAINT = @MAINT@ +MAINTAINER_MODE_FALSE = @MAINTAINER_MODE_FALSE@ +MAINTAINER_MODE_TRUE = @MAINTAINER_MODE_TRUE@ +MAKEINFO = @MAKEINFO@ +OBJEXT = @OBJEXT@ PACKAGE = @PACKAGE@ +PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +PACKAGE_NAME = @PACKAGE_NAME@ +PACKAGE_STRING = @PACKAGE_STRING@ +PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_VERSION = @PACKAGE_VERSION@ +PATH_SEPARATOR = @PATH_SEPARATOR@ RANLIB = @RANLIB@ +SET_MAKE = @SET_MAKE@ +SHELL = @SHELL@ STRIP = @STRIP@ VERSION = @VERSION@ +ac_ct_CC = @ac_ct_CC@ +ac_ct_RANLIB = @ac_ct_RANLIB@ +ac_ct_STRIP = @ac_ct_STRIP@ +am__fastdepCC_FALSE = @am__fastdepCC_FALSE@ +am__fastdepCC_TRUE = @am__fastdepCC_TRUE@ am__include = @am__include@ +am__leading_dot = @am__leading_dot@ am__quote = @am__quote@ +am__tar = @am__tar@ +am__untar = @am__untar@ +bindir = @bindir@ +build = @build@ +build_alias = @build_alias@ +build_cpu = @build_cpu@ +build_os = @build_os@ +build_vendor = @build_vendor@ +datadir = @datadir@ +exec_prefix = @exec_prefix@ extra_incl = @extra_incl@ +host = @host@ +host_alias = @host_alias@ +host_cpu = @host_cpu@ +host_os = @host_os@ +host_vendor = @host_vendor@ +includedir = @includedir@ +infodir = @infodir@ install_sh = @install_sh@ +libdir = @libdir@ +libexecdir = @libexecdir@ +localstatedir = @localstatedir@ +mandir = @mandir@ +mkdir_p = @mkdir_p@ +oldincludedir = @oldincludedir@ +prefix = @prefix@ +program_transform_name = @program_transform_name@ +sbindir = @sbindir@ +sharedstatedir = @sharedstatedir@ +sysconfdir = @sysconfdir@ +target_alias = @target_alias@ AUTOMAKE_OPTIONS = foreign no-dependencies - noinst_LIBRARIES = libintsnort.a - libintsnort_a_SOURCES = flow_packet.h flow_packet.c -subdir = src/preprocessors/flow/int-snort -mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs -CONFIG_HEADER = $(top_builddir)/config.h -CONFIG_CLEAN_FILES = -LIBRARIES = $(noinst_LIBRARIES) - -libintsnort_a_AR = $(AR) cru -libintsnort_a_LIBADD = -am_libintsnort_a_OBJECTS = flow_packet.$(OBJEXT) -libintsnort_a_OBJECTS = $(am_libintsnort_a_OBJECTS) - -DEFS = @DEFS@ -DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir) -CPPFLAGS = @CPPFLAGS@ -LDFLAGS = @LDFLAGS@ -LIBS = @LIBS@ -depcomp = -am__depfiles_maybe = -COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ - $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -CCLD = $(CC) -LINK = $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@ -CFLAGS = @CFLAGS@ -DIST_SOURCES = $(libintsnort_a_SOURCES) -DIST_COMMON = Makefile.am Makefile.in -SOURCES = $(libintsnort_a_SOURCES) - all: all-am .SUFFIXES: .SUFFIXES: .c .o .obj -$(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) +$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps) + @for dep in $?; do \ + case '$(am__configure_deps)' in \ + *$$dep*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ + && exit 0; \ + exit 1;; \ + esac; \ + done; \ + echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign src/preprocessors/flow/int-snort/Makefile'; \ cd $(top_srcdir) && \ $(AUTOMAKE) --foreign src/preprocessors/flow/int-snort/Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe) - -AR = ar +.PRECIOUS: Makefile +Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status + @case '$?' in \ + *config.status*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ + *) \ + echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ + cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ + esac; + +$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh + +$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh clean-noinstLIBRARIES: -test -z "$(noinst_LIBRARIES)" || rm -f $(noinst_LIBRARIES) @@ -132,23 +195,18 @@ $(RANLIB) libintsnort.a mostlyclean-compile: - -rm -f *.$(OBJEXT) core *.core + -rm -f *.$(OBJEXT) distclean-compile: -rm -f *.tab.c .c.o: - $(COMPILE) -c `test -f '$<' || echo '$(srcdir)/'`$< + $(COMPILE) -c $< .c.obj: - $(COMPILE) -c `cygpath -w $<` + $(COMPILE) -c `$(CYGPATH_W) '$<'` uninstall-info-am: -ETAGS = etags -ETAGSFLAGS = - -tags: TAGS - ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ @@ -157,6 +215,7 @@ $(AWK) ' { files[$$0] = 1; } \ END { for (i in files) print i; }'`; \ mkid -fID $$unique +tags: TAGS TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) @@ -168,8 +227,24 @@ done | \ $(AWK) ' { files[$$0] = 1; } \ END { for (i in files) print i; }'`; \ - test -z "$(ETAGS_ARGS)$$tags$$unique" \ - || $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$tags $$unique; \ + fi +ctags: CTAGS +CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + tags=; \ + here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) ' { files[$$0] = 1; } \ + END { for (i in files) print i; }'`; \ + test -z "$(CTAGS_ARGS)$$tags$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ $$tags $$unique GTAGS: @@ -178,19 +253,21 @@ && gtags -i $(GTAGS_ARGS) $$here distclean-tags: - -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) - -top_distdir = ../../../.. -distdir = $(top_distdir)/$(PACKAGE)-$(VERSION) + -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags distdir: $(DISTFILES) - @list='$(DISTFILES)'; for file in $$list; do \ + @srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; \ + topsrcdirstrip=`echo "$(top_srcdir)" | sed 's|.|.|g'`; \ + list='$(DISTFILES)'; for file in $$list; do \ + case $$file in \ + $(srcdir)/*) file=`echo "$$file" | sed "s|^$$srcdirstrip/||"`;; \ + $(top_srcdir)/*) file=`echo "$$file" | sed "s|^$$topsrcdirstrip/|$(top_builddir)/|"`;; \ + esac; \ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ dir=`echo "$$file" | sed -e 's,/[^/]*$$,,'`; \ if test "$$dir" != "$$file" && test "$$dir" != "."; then \ dir="/$$dir"; \ - $(mkinstalldirs) "$(distdir)$$dir"; \ + $(mkdir_p) "$(distdir)$$dir"; \ else \ dir=''; \ fi; \ @@ -208,9 +285,7 @@ check-am: all-am check: check-am all-am: Makefile $(LIBRARIES) - installdirs: - install: install-am install-exec: install-exec-am install-data: install-data-am @@ -222,7 +297,7 @@ installcheck: installcheck-am install-strip: $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - INSTALL_STRIP_FLAG=-s \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ `test -z '$(STRIP)' || \ echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install mostlyclean-generic: @@ -230,7 +305,7 @@ clean-generic: distclean-generic: - -rm -f Makefile $(CONFIG_CLEAN_FILES) + -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) maintainer-clean-generic: @echo "This command is intended for maintainers to use" @@ -240,7 +315,7 @@ clean-am: clean-generic clean-noinstLIBRARIES mostlyclean-am distclean: distclean-am - + -rm -f Makefile distclean-am: clean-am distclean-compile distclean-generic \ distclean-tags @@ -248,6 +323,8 @@ dvi-am: +html: html-am + info: info-am info-am: @@ -263,24 +340,33 @@ installcheck-am: maintainer-clean: maintainer-clean-am - + -rm -f Makefile maintainer-clean-am: distclean-am maintainer-clean-generic mostlyclean: mostlyclean-am mostlyclean-am: mostlyclean-compile mostlyclean-generic +pdf: pdf-am + +pdf-am: + +ps: ps-am + +ps-am: + uninstall-am: uninstall-info-am -.PHONY: GTAGS all all-am check check-am clean clean-generic \ - clean-noinstLIBRARIES distclean distclean-compile \ - distclean-generic distclean-tags distdir dvi dvi-am info \ - info-am install install-am install-data install-data-am \ - install-exec install-exec-am install-info install-info-am \ - install-man install-strip installcheck installcheck-am \ - installdirs maintainer-clean maintainer-clean-generic \ - mostlyclean mostlyclean-compile mostlyclean-generic tags \ - uninstall uninstall-am uninstall-info-am +.PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \ + clean-noinstLIBRARIES ctags distclean distclean-compile \ + distclean-generic distclean-tags distdir dvi dvi-am html \ + html-am info info-am install install-am install-data \ + install-data-am install-exec install-exec-am install-info \ + install-info-am install-man install-strip installcheck \ + installcheck-am installdirs maintainer-clean \ + maintainer-clean-generic mostlyclean mostlyclean-compile \ + mostlyclean-generic pdf pdf-am ps ps-am tags uninstall \ + uninstall-am uninstall-info-am # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. --- snort-2.3.3.orig/src/preprocessors/flow/Makefile.in +++ snort-2.3.3/src/preprocessors/flow/Makefile.in @@ -1,8 +1,8 @@ -# Makefile.in generated by automake 1.6.3 from Makefile.am. +# Makefile.in generated by automake 1.9.6 from Makefile.am. # @configure_input@ -# Copyright 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002 -# Free Software Foundation, Inc. +# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +# 2003, 2004, 2005 Free Software Foundation, Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -13,77 +13,154 @@ # PARTICULAR PURPOSE. @SET_MAKE@ -SHELL = @SHELL@ srcdir = @srcdir@ top_srcdir = @top_srcdir@ VPATH = @srcdir@ -prefix = @prefix@ -exec_prefix = @exec_prefix@ - -bindir = @bindir@ -sbindir = @sbindir@ -libexecdir = @libexecdir@ -datadir = @datadir@ -sysconfdir = @sysconfdir@ -sharedstatedir = @sharedstatedir@ -localstatedir = @localstatedir@ -libdir = @libdir@ -infodir = @infodir@ -mandir = @mandir@ -includedir = @includedir@ -oldincludedir = /usr/include pkgdatadir = $(datadir)/@PACKAGE@ pkglibdir = $(libdir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ top_builddir = ../../.. - -ACLOCAL = @ACLOCAL@ -AUTOCONF = @AUTOCONF@ -AUTOMAKE = @AUTOMAKE@ -AUTOHEADER = @AUTOHEADER@ - am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd INSTALL = @INSTALL@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_DATA = @INSTALL_DATA@ install_sh_DATA = $(install_sh) -c -m 644 install_sh_PROGRAM = $(install_sh) -c install_sh_SCRIPT = $(install_sh) -c -INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_HEADER = $(INSTALL_DATA) -transform = @program_transform_name@ +transform = $(program_transform_name) NORMAL_INSTALL = : PRE_INSTALL = : POST_INSTALL = : NORMAL_UNINSTALL = : PRE_UNINSTALL = : POST_UNINSTALL = : -host_alias = @host_alias@ +build_triplet = @build@ host_triplet = @host@ - -EXEEXT = @EXEEXT@ -OBJEXT = @OBJEXT@ -PATH_SEPARATOR = @PATH_SEPARATOR@ +subdir = src/preprocessors/flow +DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in +ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 +am__aclocal_m4_deps = $(top_srcdir)/configure.in +am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ + $(ACLOCAL_M4) +mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs +CONFIG_HEADER = $(top_builddir)/config.h +CONFIG_CLEAN_FILES = +LIBRARIES = $(noinst_LIBRARIES) +AR = ar +ARFLAGS = cru +libflow_a_AR = $(AR) $(ARFLAGS) +libflow_a_LIBADD = +am_libflow_a_OBJECTS = flow.$(OBJEXT) flow_cache.$(OBJEXT) \ + flow_callback.$(OBJEXT) flow_class.$(OBJEXT) \ + flow_stat.$(OBJEXT) flow_hash.$(OBJEXT) flow_print.$(OBJEXT) +libflow_a_OBJECTS = $(am_libflow_a_OBJECTS) +DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir) +depcomp = $(SHELL) $(top_srcdir)/depcomp +am__depfiles_maybe = depfiles +COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ + $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +CCLD = $(CC) +LINK = $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@ +SOURCES = $(libflow_a_SOURCES) +DIST_SOURCES = $(libflow_a_SOURCES) +RECURSIVE_TARGETS = all-recursive check-recursive dvi-recursive \ + html-recursive info-recursive install-data-recursive \ + install-exec-recursive install-info-recursive \ + install-recursive installcheck-recursive installdirs-recursive \ + pdf-recursive ps-recursive uninstall-info-recursive \ + uninstall-recursive +ETAGS = etags +CTAGS = ctags +DIST_SUBDIRS = $(SUBDIRS) +DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) +ACLOCAL = @ACLOCAL@ +AMDEP_FALSE = @AMDEP_FALSE@ +AMDEP_TRUE = @AMDEP_TRUE@ AMTAR = @AMTAR@ +AUTOCONF = @AUTOCONF@ +AUTOHEADER = @AUTOHEADER@ +AUTOMAKE = @AUTOMAKE@ AWK = @AWK@ CC = @CC@ +CCDEPMODE = @CCDEPMODE@ +CFLAGS = @CFLAGS@ +CPP = @CPP@ +CPPFLAGS = @CPPFLAGS@ +CYGPATH_W = @CYGPATH_W@ +DEFS = @DEFS@ DEPDIR = @DEPDIR@ - +ECHO_C = @ECHO_C@ +ECHO_N = @ECHO_N@ +ECHO_T = @ECHO_T@ +EGREP = @EGREP@ +EXEEXT = @EXEEXT@ INCLUDES = @INCLUDES@ +INSTALL_DATA = @INSTALL_DATA@ +INSTALL_PROGRAM = @INSTALL_PROGRAM@ +INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +LDFLAGS = @LDFLAGS@ +LIBOBJS = @LIBOBJS@ +LIBS = @LIBS@ +LTLIBOBJS = @LTLIBOBJS@ +MAINT = @MAINT@ +MAINTAINER_MODE_FALSE = @MAINTAINER_MODE_FALSE@ +MAINTAINER_MODE_TRUE = @MAINTAINER_MODE_TRUE@ +MAKEINFO = @MAKEINFO@ +OBJEXT = @OBJEXT@ PACKAGE = @PACKAGE@ +PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +PACKAGE_NAME = @PACKAGE_NAME@ +PACKAGE_STRING = @PACKAGE_STRING@ +PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_VERSION = @PACKAGE_VERSION@ +PATH_SEPARATOR = @PATH_SEPARATOR@ RANLIB = @RANLIB@ +SET_MAKE = @SET_MAKE@ +SHELL = @SHELL@ STRIP = @STRIP@ VERSION = @VERSION@ +ac_ct_CC = @ac_ct_CC@ +ac_ct_RANLIB = @ac_ct_RANLIB@ +ac_ct_STRIP = @ac_ct_STRIP@ +am__fastdepCC_FALSE = @am__fastdepCC_FALSE@ +am__fastdepCC_TRUE = @am__fastdepCC_TRUE@ am__include = @am__include@ +am__leading_dot = @am__leading_dot@ am__quote = @am__quote@ +am__tar = @am__tar@ +am__untar = @am__untar@ +bindir = @bindir@ +build = @build@ +build_alias = @build_alias@ +build_cpu = @build_cpu@ +build_os = @build_os@ +build_vendor = @build_vendor@ +datadir = @datadir@ +exec_prefix = @exec_prefix@ extra_incl = @extra_incl@ +host = @host@ +host_alias = @host_alias@ +host_cpu = @host_cpu@ +host_os = @host_os@ +host_vendor = @host_vendor@ +includedir = @includedir@ +infodir = @infodir@ install_sh = @install_sh@ +libdir = @libdir@ +libexecdir = @libexecdir@ +localstatedir = @localstatedir@ +mandir = @mandir@ +mkdir_p = @mkdir_p@ +oldincludedir = @oldincludedir@ +prefix = @prefix@ +program_transform_name = @program_transform_name@ +sbindir = @sbindir@ +sharedstatedir = @sharedstatedir@ +sysconfdir = @sysconfdir@ +target_alias = @target_alias@ SUBDIRS = portscan int-snort - noinst_LIBRARIES = libflow.a - libflow_a_SOURCES = common_defs.h \ flow.c flow.h \ flow_cache.c flow_cache.h \ @@ -95,56 +172,39 @@ flow_hash.c flow_hash.h \ flow_print.c flow_print.h -subdir = src/preprocessors/flow -mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs -CONFIG_HEADER = $(top_builddir)/config.h -CONFIG_CLEAN_FILES = -LIBRARIES = $(noinst_LIBRARIES) - -libflow_a_AR = $(AR) cru -libflow_a_LIBADD = -am_libflow_a_OBJECTS = flow.$(OBJEXT) flow_cache.$(OBJEXT) \ - flow_callback.$(OBJEXT) flow_class.$(OBJEXT) \ - flow_stat.$(OBJEXT) flow_hash.$(OBJEXT) flow_print.$(OBJEXT) -libflow_a_OBJECTS = $(am_libflow_a_OBJECTS) - -DEFS = @DEFS@ -DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir) -CPPFLAGS = @CPPFLAGS@ -LDFLAGS = @LDFLAGS@ -LIBS = @LIBS@ -depcomp = $(SHELL) $(top_srcdir)/depcomp -am__depfiles_maybe = depfiles -@AMDEP_TRUE@DEP_FILES = ./$(DEPDIR)/flow.Po ./$(DEPDIR)/flow_cache.Po \ -@AMDEP_TRUE@ ./$(DEPDIR)/flow_callback.Po \ -@AMDEP_TRUE@ ./$(DEPDIR)/flow_class.Po ./$(DEPDIR)/flow_hash.Po \ -@AMDEP_TRUE@ ./$(DEPDIR)/flow_print.Po ./$(DEPDIR)/flow_stat.Po -COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ - $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -CCLD = $(CC) -LINK = $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@ -CFLAGS = @CFLAGS@ -DIST_SOURCES = $(libflow_a_SOURCES) - -RECURSIVE_TARGETS = info-recursive dvi-recursive install-info-recursive \ - uninstall-info-recursive all-recursive install-data-recursive \ - install-exec-recursive installdirs-recursive install-recursive \ - uninstall-recursive check-recursive installcheck-recursive -DIST_COMMON = Makefile.am Makefile.in -DIST_SUBDIRS = $(SUBDIRS) -SOURCES = $(libflow_a_SOURCES) - all: all-recursive .SUFFIXES: .SUFFIXES: .c .o .obj -$(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) +$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps) + @for dep in $?; do \ + case '$(am__configure_deps)' in \ + *$$dep*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ + && exit 0; \ + exit 1;; \ + esac; \ + done; \ + echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/preprocessors/flow/Makefile'; \ cd $(top_srcdir) && \ $(AUTOMAKE) --gnu src/preprocessors/flow/Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe) - -AR = ar +.PRECIOUS: Makefile +Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status + @case '$?' in \ + *config.status*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ + *) \ + echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ + cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ + esac; + +$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh + +$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh clean-noinstLIBRARIES: -test -z "$(noinst_LIBRARIES)" || rm -f $(noinst_LIBRARIES) @@ -154,7 +214,7 @@ $(RANLIB) libflow.a mostlyclean-compile: - -rm -f *.$(OBJEXT) core *.core + -rm -f *.$(OBJEXT) distclean-compile: -rm -f *.tab.c @@ -167,21 +227,19 @@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/flow_print.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/flow_stat.Po@am__quote@ -distclean-depend: - -rm -rf ./$(DEPDIR) - .c.o: -@AMDEP_TRUE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ -@AMDEP_TRUE@ depfile='$(DEPDIR)/$*.Po' tmpdepfile='$(DEPDIR)/$*.TPo' @AMDEPBACKSLASH@ -@AMDEP_TRUE@ $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ - $(COMPILE) -c `test -f '$<' || echo '$(srcdir)/'`$< +@am__fastdepCC_TRUE@ if $(COMPILE) -MT $@ -MD -MP -MF "$(DEPDIR)/$*.Tpo" -c -o $@ $<; \ +@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/$*.Tpo" "$(DEPDIR)/$*.Po"; else rm -f "$(DEPDIR)/$*.Tpo"; exit 1; fi +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c $< .c.obj: -@AMDEP_TRUE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ -@AMDEP_TRUE@ depfile='$(DEPDIR)/$*.Po' tmpdepfile='$(DEPDIR)/$*.TPo' @AMDEPBACKSLASH@ -@AMDEP_TRUE@ $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ - $(COMPILE) -c `cygpath -w $<` -CCDEPMODE = @CCDEPMODE@ +@am__fastdepCC_TRUE@ if $(COMPILE) -MT $@ -MD -MP -MF "$(DEPDIR)/$*.Tpo" -c -o $@ `$(CYGPATH_W) '$<'`; \ +@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/$*.Tpo" "$(DEPDIR)/$*.Po"; else rm -f "$(DEPDIR)/$*.Tpo"; exit 1; fi +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'` uninstall-info-am: # This directory's subdirectories are mostly independent; you can cd @@ -191,7 +249,13 @@ # (which will cause the Makefiles to be regenerated when you run `make'); # (2) otherwise, pass the desired values on the `make' command line. $(RECURSIVE_TARGETS): - @set fnord $$MAKEFLAGS; amf=$$2; \ + @failcom='exit 1'; \ + for f in x $$MAKEFLAGS; do \ + case $$f in \ + *=* | --[!k]*);; \ + *k*) failcom='fail=yes';; \ + esac; \ + done; \ dot_seen=no; \ target=`echo $@ | sed s/-recursive//`; \ list='$(SUBDIRS)'; for subdir in $$list; do \ @@ -203,7 +267,7 @@ local_target="$$target"; \ fi; \ (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \ - || case "$$amf" in *=*) exit 1;; *k*) fail=yes;; *) exit 1;; esac; \ + || eval $$failcom; \ done; \ if test "$$dot_seen" = "no"; then \ $(MAKE) $(AM_MAKEFLAGS) "$$target-am" || exit 1; \ @@ -211,7 +275,13 @@ mostlyclean-recursive clean-recursive distclean-recursive \ maintainer-clean-recursive: - @set fnord $$MAKEFLAGS; amf=$$2; \ + @failcom='exit 1'; \ + for f in x $$MAKEFLAGS; do \ + case $$f in \ + *=* | --[!k]*);; \ + *k*) failcom='fail=yes';; \ + esac; \ + done; \ dot_seen=no; \ case "$@" in \ distclean-* | maintainer-clean-*) list='$(DIST_SUBDIRS)' ;; \ @@ -232,17 +302,16 @@ local_target="$$target"; \ fi; \ (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \ - || case "$$amf" in *=*) exit 1;; *k*) fail=yes;; *) exit 1;; esac; \ + || eval $$failcom; \ done && test -z "$$fail" tags-recursive: list='$(SUBDIRS)'; for subdir in $$list; do \ test "$$subdir" = . || (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) tags); \ done - -ETAGS = etags -ETAGSFLAGS = - -tags: TAGS +ctags-recursive: + list='$(SUBDIRS)'; for subdir in $$list; do \ + test "$$subdir" = . || (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) ctags); \ + done ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ @@ -252,14 +321,23 @@ $(AWK) ' { files[$$0] = 1; } \ END { for (i in files) print i; }'`; \ mkid -fID $$unique +tags: TAGS TAGS: tags-recursive $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) tags=; \ here=`pwd`; \ + if ($(ETAGS) --etags-include --version) >/dev/null 2>&1; then \ + include_option=--etags-include; \ + empty_fix=.; \ + else \ + include_option=--include; \ + empty_fix=; \ + fi; \ list='$(SUBDIRS)'; for subdir in $$list; do \ if test "$$subdir" = .; then :; else \ - test -f $$subdir/TAGS && tags="$$tags -i $$here/$$subdir/TAGS"; \ + test ! -f $$subdir/TAGS || \ + tags="$$tags $$include_option=$$here/$$subdir/TAGS"; \ fi; \ done; \ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ @@ -268,8 +346,24 @@ done | \ $(AWK) ' { files[$$0] = 1; } \ END { for (i in files) print i; }'`; \ - test -z "$(ETAGS_ARGS)$$tags$$unique" \ - || $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$tags $$unique; \ + fi +ctags: CTAGS +CTAGS: ctags-recursive $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + tags=; \ + here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) ' { files[$$0] = 1; } \ + END { for (i in files) print i; }'`; \ + test -z "$(CTAGS_ARGS)$$tags$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ $$tags $$unique GTAGS: @@ -278,19 +372,21 @@ && gtags -i $(GTAGS_ARGS) $$here distclean-tags: - -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) - -top_distdir = ../../.. -distdir = $(top_distdir)/$(PACKAGE)-$(VERSION) + -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags distdir: $(DISTFILES) - @list='$(DISTFILES)'; for file in $$list; do \ + @srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; \ + topsrcdirstrip=`echo "$(top_srcdir)" | sed 's|.|.|g'`; \ + list='$(DISTFILES)'; for file in $$list; do \ + case $$file in \ + $(srcdir)/*) file=`echo "$$file" | sed "s|^$$srcdirstrip/||"`;; \ + $(top_srcdir)/*) file=`echo "$$file" | sed "s|^$$topsrcdirstrip/|$(top_builddir)/|"`;; \ + esac; \ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ dir=`echo "$$file" | sed -e 's,/[^/]*$$,,'`; \ if test "$$dir" != "$$file" && test "$$dir" != "."; then \ dir="/$$dir"; \ - $(mkinstalldirs) "$(distdir)$$dir"; \ + $(mkdir_p) "$(distdir)$$dir"; \ else \ dir=''; \ fi; \ @@ -305,15 +401,17 @@ || exit 1; \ fi; \ done - list='$(SUBDIRS)'; for subdir in $$list; do \ + list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ if test "$$subdir" = .; then :; else \ - test -d $(distdir)/$$subdir \ - || mkdir $(distdir)/$$subdir \ + test -d "$(distdir)/$$subdir" \ + || $(mkdir_p) "$(distdir)/$$subdir" \ || exit 1; \ + distdir=`$(am__cd) $(distdir) && pwd`; \ + top_distdir=`$(am__cd) $(top_distdir) && pwd`; \ (cd $$subdir && \ $(MAKE) $(AM_MAKEFLAGS) \ - top_distdir="$(top_distdir)" \ - distdir=../$(distdir)/$$subdir \ + top_distdir="$$top_distdir" \ + distdir="$$distdir/$$subdir" \ distdir) \ || exit 1; \ fi; \ @@ -323,7 +421,6 @@ all-am: Makefile $(LIBRARIES) installdirs: installdirs-recursive installdirs-am: - install: install-recursive install-exec: install-exec-recursive install-data: install-data-recursive @@ -335,7 +432,7 @@ installcheck: installcheck-recursive install-strip: $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - INSTALL_STRIP_FLAG=-s \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ `test -z '$(STRIP)' || \ echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install mostlyclean-generic: @@ -343,7 +440,7 @@ clean-generic: distclean-generic: - -rm -f Makefile $(CONFIG_CLEAN_FILES) + -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) maintainer-clean-generic: @echo "This command is intended for maintainers to use" @@ -353,14 +450,17 @@ clean-am: clean-generic clean-noinstLIBRARIES mostlyclean-am distclean: distclean-recursive - -distclean-am: clean-am distclean-compile distclean-depend \ - distclean-generic distclean-tags + -rm -rf ./$(DEPDIR) + -rm -f Makefile +distclean-am: clean-am distclean-compile distclean-generic \ + distclean-tags dvi: dvi-recursive dvi-am: +html: html-recursive + info: info-recursive info-am: @@ -376,32 +476,38 @@ installcheck-am: maintainer-clean: maintainer-clean-recursive - + -rm -rf ./$(DEPDIR) + -rm -f Makefile maintainer-clean-am: distclean-am maintainer-clean-generic mostlyclean: mostlyclean-recursive mostlyclean-am: mostlyclean-compile mostlyclean-generic +pdf: pdf-recursive + +pdf-am: + +ps: ps-recursive + +ps-am: + uninstall-am: uninstall-info-am uninstall-info: uninstall-info-recursive -.PHONY: $(RECURSIVE_TARGETS) GTAGS all all-am check check-am clean \ - clean-generic clean-noinstLIBRARIES clean-recursive distclean \ - distclean-compile distclean-depend distclean-generic \ - distclean-recursive distclean-tags distdir dvi dvi-am \ - dvi-recursive info info-am info-recursive install install-am \ - install-data install-data-am install-data-recursive \ - install-exec install-exec-am install-exec-recursive \ - install-info install-info-am install-info-recursive install-man \ - install-recursive install-strip installcheck installcheck-am \ - installdirs installdirs-am installdirs-recursive \ +.PHONY: $(RECURSIVE_TARGETS) CTAGS GTAGS all all-am check check-am \ + clean clean-generic clean-noinstLIBRARIES clean-recursive \ + ctags ctags-recursive distclean distclean-compile \ + distclean-generic distclean-recursive distclean-tags distdir \ + dvi dvi-am html html-am info info-am install install-am \ + install-data install-data-am install-exec install-exec-am \ + install-info install-info-am install-man install-strip \ + installcheck installcheck-am installdirs installdirs-am \ maintainer-clean maintainer-clean-generic \ maintainer-clean-recursive mostlyclean mostlyclean-compile \ - mostlyclean-generic mostlyclean-recursive tags tags-recursive \ - uninstall uninstall-am uninstall-info-am \ - uninstall-info-recursive uninstall-recursive + mostlyclean-generic mostlyclean-recursive pdf pdf-am ps ps-am \ + tags tags-recursive uninstall uninstall-am uninstall-info-am # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. --- snort-2.3.3.orig/src/preprocessors/HttpInspect/include/Makefile.in +++ snort-2.3.3/src/preprocessors/HttpInspect/include/Makefile.in @@ -1,8 +1,8 @@ -# Makefile.in generated by automake 1.6.3 from Makefile.am. +# Makefile.in generated by automake 1.9.6 from Makefile.am. # @configure_input@ -# Copyright 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002 -# Free Software Foundation, Inc. +# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +# 2003, 2004, 2005 Free Software Foundation, Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -13,74 +13,129 @@ # PARTICULAR PURPOSE. @SET_MAKE@ -SHELL = @SHELL@ - srcdir = @srcdir@ top_srcdir = @top_srcdir@ VPATH = @srcdir@ -prefix = @prefix@ -exec_prefix = @exec_prefix@ - -bindir = @bindir@ -sbindir = @sbindir@ -libexecdir = @libexecdir@ -datadir = @datadir@ -sysconfdir = @sysconfdir@ -sharedstatedir = @sharedstatedir@ -localstatedir = @localstatedir@ -libdir = @libdir@ -infodir = @infodir@ -mandir = @mandir@ -includedir = @includedir@ -oldincludedir = /usr/include pkgdatadir = $(datadir)/@PACKAGE@ pkglibdir = $(libdir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ top_builddir = ../../../.. - -ACLOCAL = @ACLOCAL@ -AUTOCONF = @AUTOCONF@ -AUTOMAKE = @AUTOMAKE@ -AUTOHEADER = @AUTOHEADER@ - am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd INSTALL = @INSTALL@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_DATA = @INSTALL_DATA@ install_sh_DATA = $(install_sh) -c -m 644 install_sh_PROGRAM = $(install_sh) -c install_sh_SCRIPT = $(install_sh) -c -INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_HEADER = $(INSTALL_DATA) -transform = @program_transform_name@ +transform = $(program_transform_name) NORMAL_INSTALL = : PRE_INSTALL = : POST_INSTALL = : NORMAL_UNINSTALL = : PRE_UNINSTALL = : POST_UNINSTALL = : -host_alias = @host_alias@ +build_triplet = @build@ host_triplet = @host@ - -EXEEXT = @EXEEXT@ -OBJEXT = @OBJEXT@ -PATH_SEPARATOR = @PATH_SEPARATOR@ +subdir = src/preprocessors/HttpInspect/include +DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in +ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 +am__aclocal_m4_deps = $(top_srcdir)/configure.in +am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ + $(ACLOCAL_M4) +mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs +CONFIG_HEADER = $(top_builddir)/config.h +CONFIG_CLEAN_FILES = +depcomp = +am__depfiles_maybe = +SOURCES = +DIST_SOURCES = +DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) +ACLOCAL = @ACLOCAL@ +AMDEP_FALSE = @AMDEP_FALSE@ +AMDEP_TRUE = @AMDEP_TRUE@ AMTAR = @AMTAR@ +AUTOCONF = @AUTOCONF@ +AUTOHEADER = @AUTOHEADER@ +AUTOMAKE = @AUTOMAKE@ AWK = @AWK@ CC = @CC@ +CCDEPMODE = @CCDEPMODE@ +CFLAGS = @CFLAGS@ +CPP = @CPP@ +CPPFLAGS = @CPPFLAGS@ +CYGPATH_W = @CYGPATH_W@ +DEFS = @DEFS@ DEPDIR = @DEPDIR@ +ECHO_C = @ECHO_C@ +ECHO_N = @ECHO_N@ +ECHO_T = @ECHO_T@ +EGREP = @EGREP@ +EXEEXT = @EXEEXT@ INCLUDES = @INCLUDES@ +INSTALL_DATA = @INSTALL_DATA@ +INSTALL_PROGRAM = @INSTALL_PROGRAM@ +INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +LDFLAGS = @LDFLAGS@ +LIBOBJS = @LIBOBJS@ +LIBS = @LIBS@ +LTLIBOBJS = @LTLIBOBJS@ +MAINT = @MAINT@ +MAINTAINER_MODE_FALSE = @MAINTAINER_MODE_FALSE@ +MAINTAINER_MODE_TRUE = @MAINTAINER_MODE_TRUE@ +MAKEINFO = @MAKEINFO@ +OBJEXT = @OBJEXT@ PACKAGE = @PACKAGE@ +PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +PACKAGE_NAME = @PACKAGE_NAME@ +PACKAGE_STRING = @PACKAGE_STRING@ +PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_VERSION = @PACKAGE_VERSION@ +PATH_SEPARATOR = @PATH_SEPARATOR@ RANLIB = @RANLIB@ +SET_MAKE = @SET_MAKE@ +SHELL = @SHELL@ STRIP = @STRIP@ VERSION = @VERSION@ +ac_ct_CC = @ac_ct_CC@ +ac_ct_RANLIB = @ac_ct_RANLIB@ +ac_ct_STRIP = @ac_ct_STRIP@ +am__fastdepCC_FALSE = @am__fastdepCC_FALSE@ +am__fastdepCC_TRUE = @am__fastdepCC_TRUE@ am__include = @am__include@ +am__leading_dot = @am__leading_dot@ am__quote = @am__quote@ +am__tar = @am__tar@ +am__untar = @am__untar@ +bindir = @bindir@ +build = @build@ +build_alias = @build_alias@ +build_cpu = @build_cpu@ +build_os = @build_os@ +build_vendor = @build_vendor@ +datadir = @datadir@ +exec_prefix = @exec_prefix@ extra_incl = @extra_incl@ +host = @host@ +host_alias = @host_alias@ +host_cpu = @host_cpu@ +host_os = @host_os@ +host_vendor = @host_vendor@ +includedir = @includedir@ +infodir = @infodir@ install_sh = @install_sh@ +libdir = @libdir@ +libexecdir = @libexecdir@ +localstatedir = @localstatedir@ +mandir = @mandir@ +mkdir_p = @mkdir_p@ +oldincludedir = @oldincludedir@ +prefix = @prefix@ +program_transform_name = @program_transform_name@ +sbindir = @sbindir@ +sharedstatedir = @sharedstatedir@ +sysconfdir = @sysconfdir@ +target_alias = @target_alias@ AUTOMAKE_OPTIONS = foreign no-dependencies - EXTRA_DIST = \ hi_ad.h \ hi_client.h \ @@ -102,38 +157,59 @@ hi_util_kmap.h \ hi_util_xmalloc.h -subdir = src/preprocessors/HttpInspect/include -mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs -CONFIG_HEADER = $(top_builddir)/config.h -CONFIG_CLEAN_FILES = -depcomp = -am__depfiles_maybe = -DIST_SOURCES = -DIST_COMMON = Makefile.am Makefile.in all: all-am .SUFFIXES: -$(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) +$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps) + @for dep in $?; do \ + case '$(am__configure_deps)' in \ + *$$dep*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ + && exit 0; \ + exit 1;; \ + esac; \ + done; \ + echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign src/preprocessors/HttpInspect/include/Makefile'; \ cd $(top_srcdir) && \ $(AUTOMAKE) --foreign src/preprocessors/HttpInspect/include/Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe) +.PRECIOUS: Makefile +Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status + @case '$?' in \ + *config.status*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ + *) \ + echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ + cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ + esac; + +$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh + +$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh uninstall-info-am: tags: TAGS TAGS: -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) +ctags: CTAGS +CTAGS: -top_distdir = ../../../.. -distdir = $(top_distdir)/$(PACKAGE)-$(VERSION) distdir: $(DISTFILES) - @list='$(DISTFILES)'; for file in $$list; do \ + @srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; \ + topsrcdirstrip=`echo "$(top_srcdir)" | sed 's|.|.|g'`; \ + list='$(DISTFILES)'; for file in $$list; do \ + case $$file in \ + $(srcdir)/*) file=`echo "$$file" | sed "s|^$$srcdirstrip/||"`;; \ + $(top_srcdir)/*) file=`echo "$$file" | sed "s|^$$topsrcdirstrip/|$(top_builddir)/|"`;; \ + esac; \ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ dir=`echo "$$file" | sed -e 's,/[^/]*$$,,'`; \ if test "$$dir" != "$$file" && test "$$dir" != "."; then \ dir="/$$dir"; \ - $(mkinstalldirs) "$(distdir)$$dir"; \ + $(mkdir_p) "$(distdir)$$dir"; \ else \ dir=''; \ fi; \ @@ -151,9 +227,7 @@ check-am: all-am check: check-am all-am: Makefile - installdirs: - install: install-am install-exec: install-exec-am install-data: install-data-am @@ -165,7 +239,7 @@ installcheck: installcheck-am install-strip: $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - INSTALL_STRIP_FLAG=-s \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ `test -z '$(STRIP)' || \ echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install mostlyclean-generic: @@ -173,7 +247,7 @@ clean-generic: distclean-generic: - -rm -f Makefile $(CONFIG_CLEAN_FILES) + -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) maintainer-clean-generic: @echo "This command is intended for maintainers to use" @@ -183,13 +257,15 @@ clean-am: clean-generic mostlyclean-am distclean: distclean-am - + -rm -f Makefile distclean-am: clean-am distclean-generic dvi: dvi-am dvi-am: +html: html-am + info: info-am info-am: @@ -205,22 +281,31 @@ installcheck-am: maintainer-clean: maintainer-clean-am - + -rm -f Makefile maintainer-clean-am: distclean-am maintainer-clean-generic mostlyclean: mostlyclean-am mostlyclean-am: mostlyclean-generic +pdf: pdf-am + +pdf-am: + +ps: ps-am + +ps-am: + uninstall-am: uninstall-info-am .PHONY: all all-am check check-am clean clean-generic distclean \ - distclean-generic distdir dvi dvi-am info info-am install \ - install-am install-data install-data-am install-exec \ + distclean-generic distdir dvi dvi-am html html-am info info-am \ + install install-am install-data install-data-am install-exec \ install-exec-am install-info install-info-am install-man \ install-strip installcheck installcheck-am installdirs \ maintainer-clean maintainer-clean-generic mostlyclean \ - mostlyclean-generic uninstall uninstall-am uninstall-info-am + mostlyclean-generic pdf pdf-am ps ps-am uninstall uninstall-am \ + uninstall-info-am # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. --- snort-2.3.3.orig/src/preprocessors/HttpInspect/utils/Makefile.in +++ snort-2.3.3/src/preprocessors/HttpInspect/utils/Makefile.in @@ -1,8 +1,8 @@ -# Makefile.in generated by automake 1.6.3 from Makefile.am. +# Makefile.in generated by automake 1.9.6 from Makefile.am. # @configure_input@ -# Copyright 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002 -# Free Software Foundation, Inc. +# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +# 2003, 2004, 2005 Free Software Foundation, Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -13,77 +13,146 @@ # PARTICULAR PURPOSE. @SET_MAKE@ -SHELL = @SHELL@ srcdir = @srcdir@ top_srcdir = @top_srcdir@ VPATH = @srcdir@ -prefix = @prefix@ -exec_prefix = @exec_prefix@ - -bindir = @bindir@ -sbindir = @sbindir@ -libexecdir = @libexecdir@ -datadir = @datadir@ -sysconfdir = @sysconfdir@ -sharedstatedir = @sharedstatedir@ -localstatedir = @localstatedir@ -libdir = @libdir@ -infodir = @infodir@ -mandir = @mandir@ -includedir = @includedir@ -oldincludedir = /usr/include pkgdatadir = $(datadir)/@PACKAGE@ pkglibdir = $(libdir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ top_builddir = ../../../.. - -ACLOCAL = @ACLOCAL@ -AUTOCONF = @AUTOCONF@ -AUTOMAKE = @AUTOMAKE@ -AUTOHEADER = @AUTOHEADER@ - am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd INSTALL = @INSTALL@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_DATA = @INSTALL_DATA@ install_sh_DATA = $(install_sh) -c -m 644 install_sh_PROGRAM = $(install_sh) -c install_sh_SCRIPT = $(install_sh) -c -INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_HEADER = $(INSTALL_DATA) -transform = @program_transform_name@ +transform = $(program_transform_name) NORMAL_INSTALL = : PRE_INSTALL = : POST_INSTALL = : NORMAL_UNINSTALL = : PRE_UNINSTALL = : POST_UNINSTALL = : -host_alias = @host_alias@ +build_triplet = @build@ host_triplet = @host@ - -EXEEXT = @EXEEXT@ -OBJEXT = @OBJEXT@ -PATH_SEPARATOR = @PATH_SEPARATOR@ +subdir = src/preprocessors/HttpInspect/utils +DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in +ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 +am__aclocal_m4_deps = $(top_srcdir)/configure.in +am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ + $(ACLOCAL_M4) +mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs +CONFIG_HEADER = $(top_builddir)/config.h +CONFIG_CLEAN_FILES = +LIBRARIES = $(noinst_LIBRARIES) +AR = ar +ARFLAGS = cru +libhi_utils_a_AR = $(AR) $(ARFLAGS) +libhi_utils_a_LIBADD = +am_libhi_utils_a_OBJECTS = hi_util_kmap.$(OBJEXT) \ + hi_util_xmalloc.$(OBJEXT) hi_util_hbm.$(OBJEXT) +libhi_utils_a_OBJECTS = $(am_libhi_utils_a_OBJECTS) +DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir) +depcomp = +am__depfiles_maybe = +COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ + $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +CCLD = $(CC) +LINK = $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@ +SOURCES = $(libhi_utils_a_SOURCES) +DIST_SOURCES = $(libhi_utils_a_SOURCES) +ETAGS = etags +CTAGS = ctags +DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) +ACLOCAL = @ACLOCAL@ +AMDEP_FALSE = @AMDEP_FALSE@ +AMDEP_TRUE = @AMDEP_TRUE@ AMTAR = @AMTAR@ +AUTOCONF = @AUTOCONF@ +AUTOHEADER = @AUTOHEADER@ +AUTOMAKE = @AUTOMAKE@ AWK = @AWK@ CC = @CC@ +CCDEPMODE = @CCDEPMODE@ +CFLAGS = @CFLAGS@ +CPP = @CPP@ +CPPFLAGS = @CPPFLAGS@ +CYGPATH_W = @CYGPATH_W@ +DEFS = @DEFS@ DEPDIR = @DEPDIR@ - +ECHO_C = @ECHO_C@ +ECHO_N = @ECHO_N@ +ECHO_T = @ECHO_T@ +EGREP = @EGREP@ +EXEEXT = @EXEEXT@ INCLUDES = @INCLUDES@ +INSTALL_DATA = @INSTALL_DATA@ +INSTALL_PROGRAM = @INSTALL_PROGRAM@ +INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +LDFLAGS = @LDFLAGS@ +LIBOBJS = @LIBOBJS@ +LIBS = @LIBS@ +LTLIBOBJS = @LTLIBOBJS@ +MAINT = @MAINT@ +MAINTAINER_MODE_FALSE = @MAINTAINER_MODE_FALSE@ +MAINTAINER_MODE_TRUE = @MAINTAINER_MODE_TRUE@ +MAKEINFO = @MAKEINFO@ +OBJEXT = @OBJEXT@ PACKAGE = @PACKAGE@ +PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +PACKAGE_NAME = @PACKAGE_NAME@ +PACKAGE_STRING = @PACKAGE_STRING@ +PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_VERSION = @PACKAGE_VERSION@ +PATH_SEPARATOR = @PATH_SEPARATOR@ RANLIB = @RANLIB@ +SET_MAKE = @SET_MAKE@ +SHELL = @SHELL@ STRIP = @STRIP@ VERSION = @VERSION@ +ac_ct_CC = @ac_ct_CC@ +ac_ct_RANLIB = @ac_ct_RANLIB@ +ac_ct_STRIP = @ac_ct_STRIP@ +am__fastdepCC_FALSE = @am__fastdepCC_FALSE@ +am__fastdepCC_TRUE = @am__fastdepCC_TRUE@ am__include = @am__include@ +am__leading_dot = @am__leading_dot@ am__quote = @am__quote@ +am__tar = @am__tar@ +am__untar = @am__untar@ +bindir = @bindir@ +build = @build@ +build_alias = @build_alias@ +build_cpu = @build_cpu@ +build_os = @build_os@ +build_vendor = @build_vendor@ +datadir = @datadir@ +exec_prefix = @exec_prefix@ extra_incl = @extra_incl@ +host = @host@ +host_alias = @host_alias@ +host_cpu = @host_cpu@ +host_os = @host_os@ +host_vendor = @host_vendor@ +includedir = @includedir@ +infodir = @infodir@ install_sh = @install_sh@ +libdir = @libdir@ +libexecdir = @libexecdir@ +localstatedir = @localstatedir@ +mandir = @mandir@ +mkdir_p = @mkdir_p@ +oldincludedir = @oldincludedir@ +prefix = @prefix@ +program_transform_name = @program_transform_name@ +sbindir = @sbindir@ +sharedstatedir = @sharedstatedir@ +sysconfdir = @sysconfdir@ +target_alias = @target_alias@ AUTOMAKE_OPTIONS = foreign no-dependencies - noinst_LIBRARIES = libhi_utils.a - libhi_utils_a_SOURCES = hi_util_kmap.c \ hi_util_xmalloc.c \ hi_util_hbm.c \ @@ -107,45 +176,39 @@ ../include/hi_util_kmap.h \ ../include/hi_util_xmalloc.h -subdir = src/preprocessors/HttpInspect/utils -mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs -CONFIG_HEADER = $(top_builddir)/config.h -CONFIG_CLEAN_FILES = -LIBRARIES = $(noinst_LIBRARIES) - -libhi_utils_a_AR = $(AR) cru -libhi_utils_a_LIBADD = -am_libhi_utils_a_OBJECTS = hi_util_kmap.$(OBJEXT) \ - hi_util_xmalloc.$(OBJEXT) hi_util_hbm.$(OBJEXT) -libhi_utils_a_OBJECTS = $(am_libhi_utils_a_OBJECTS) - -DEFS = @DEFS@ -DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir) -CPPFLAGS = @CPPFLAGS@ -LDFLAGS = @LDFLAGS@ -LIBS = @LIBS@ -depcomp = -am__depfiles_maybe = -COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ - $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -CCLD = $(CC) -LINK = $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@ -CFLAGS = @CFLAGS@ -DIST_SOURCES = $(libhi_utils_a_SOURCES) -DIST_COMMON = Makefile.am Makefile.in -SOURCES = $(libhi_utils_a_SOURCES) - all: all-am .SUFFIXES: .SUFFIXES: .c .o .obj -$(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) +$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps) + @for dep in $?; do \ + case '$(am__configure_deps)' in \ + *$$dep*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ + && exit 0; \ + exit 1;; \ + esac; \ + done; \ + echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign src/preprocessors/HttpInspect/utils/Makefile'; \ cd $(top_srcdir) && \ $(AUTOMAKE) --foreign src/preprocessors/HttpInspect/utils/Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe) - -AR = ar +.PRECIOUS: Makefile +Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status + @case '$?' in \ + *config.status*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ + *) \ + echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ + cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ + esac; + +$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh + +$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh clean-noinstLIBRARIES: -test -z "$(noinst_LIBRARIES)" || rm -f $(noinst_LIBRARIES) @@ -155,23 +218,18 @@ $(RANLIB) libhi_utils.a mostlyclean-compile: - -rm -f *.$(OBJEXT) core *.core + -rm -f *.$(OBJEXT) distclean-compile: -rm -f *.tab.c .c.o: - $(COMPILE) -c `test -f '$<' || echo '$(srcdir)/'`$< + $(COMPILE) -c $< .c.obj: - $(COMPILE) -c `cygpath -w $<` + $(COMPILE) -c `$(CYGPATH_W) '$<'` uninstall-info-am: -ETAGS = etags -ETAGSFLAGS = - -tags: TAGS - ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ @@ -180,6 +238,7 @@ $(AWK) ' { files[$$0] = 1; } \ END { for (i in files) print i; }'`; \ mkid -fID $$unique +tags: TAGS TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) @@ -191,8 +250,24 @@ done | \ $(AWK) ' { files[$$0] = 1; } \ END { for (i in files) print i; }'`; \ - test -z "$(ETAGS_ARGS)$$tags$$unique" \ - || $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$tags $$unique; \ + fi +ctags: CTAGS +CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + tags=; \ + here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) ' { files[$$0] = 1; } \ + END { for (i in files) print i; }'`; \ + test -z "$(CTAGS_ARGS)$$tags$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ $$tags $$unique GTAGS: @@ -201,19 +276,21 @@ && gtags -i $(GTAGS_ARGS) $$here distclean-tags: - -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) - -top_distdir = ../../../.. -distdir = $(top_distdir)/$(PACKAGE)-$(VERSION) + -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags distdir: $(DISTFILES) - @list='$(DISTFILES)'; for file in $$list; do \ + @srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; \ + topsrcdirstrip=`echo "$(top_srcdir)" | sed 's|.|.|g'`; \ + list='$(DISTFILES)'; for file in $$list; do \ + case $$file in \ + $(srcdir)/*) file=`echo "$$file" | sed "s|^$$srcdirstrip/||"`;; \ + $(top_srcdir)/*) file=`echo "$$file" | sed "s|^$$topsrcdirstrip/|$(top_builddir)/|"`;; \ + esac; \ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ dir=`echo "$$file" | sed -e 's,/[^/]*$$,,'`; \ if test "$$dir" != "$$file" && test "$$dir" != "."; then \ dir="/$$dir"; \ - $(mkinstalldirs) "$(distdir)$$dir"; \ + $(mkdir_p) "$(distdir)$$dir"; \ else \ dir=''; \ fi; \ @@ -231,9 +308,7 @@ check-am: all-am check: check-am all-am: Makefile $(LIBRARIES) - installdirs: - install: install-am install-exec: install-exec-am install-data: install-data-am @@ -245,7 +320,7 @@ installcheck: installcheck-am install-strip: $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - INSTALL_STRIP_FLAG=-s \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ `test -z '$(STRIP)' || \ echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install mostlyclean-generic: @@ -253,7 +328,7 @@ clean-generic: distclean-generic: - -rm -f Makefile $(CONFIG_CLEAN_FILES) + -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) maintainer-clean-generic: @echo "This command is intended for maintainers to use" @@ -263,7 +338,7 @@ clean-am: clean-generic clean-noinstLIBRARIES mostlyclean-am distclean: distclean-am - + -rm -f Makefile distclean-am: clean-am distclean-compile distclean-generic \ distclean-tags @@ -271,6 +346,8 @@ dvi-am: +html: html-am + info: info-am info-am: @@ -286,24 +363,33 @@ installcheck-am: maintainer-clean: maintainer-clean-am - + -rm -f Makefile maintainer-clean-am: distclean-am maintainer-clean-generic mostlyclean: mostlyclean-am mostlyclean-am: mostlyclean-compile mostlyclean-generic +pdf: pdf-am + +pdf-am: + +ps: ps-am + +ps-am: + uninstall-am: uninstall-info-am -.PHONY: GTAGS all all-am check check-am clean clean-generic \ - clean-noinstLIBRARIES distclean distclean-compile \ - distclean-generic distclean-tags distdir dvi dvi-am info \ - info-am install install-am install-data install-data-am \ - install-exec install-exec-am install-info install-info-am \ - install-man install-strip installcheck installcheck-am \ - installdirs maintainer-clean maintainer-clean-generic \ - mostlyclean mostlyclean-compile mostlyclean-generic tags \ - uninstall uninstall-am uninstall-info-am +.PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \ + clean-noinstLIBRARIES ctags distclean distclean-compile \ + distclean-generic distclean-tags distdir dvi dvi-am html \ + html-am info info-am install install-am install-data \ + install-data-am install-exec install-exec-am install-info \ + install-info-am install-man install-strip installcheck \ + installcheck-am installdirs maintainer-clean \ + maintainer-clean-generic mostlyclean mostlyclean-compile \ + mostlyclean-generic pdf pdf-am ps ps-am tags uninstall \ + uninstall-am uninstall-info-am # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. --- snort-2.3.3.orig/src/preprocessors/HttpInspect/user_interface/Makefile.in +++ snort-2.3.3/src/preprocessors/HttpInspect/user_interface/Makefile.in @@ -1,8 +1,8 @@ -# Makefile.in generated by automake 1.6.3 from Makefile.am. +# Makefile.in generated by automake 1.9.6 from Makefile.am. # @configure_input@ -# Copyright 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002 -# Free Software Foundation, Inc. +# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +# 2003, 2004, 2005 Free Software Foundation, Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -13,77 +13,146 @@ # PARTICULAR PURPOSE. @SET_MAKE@ -SHELL = @SHELL@ srcdir = @srcdir@ top_srcdir = @top_srcdir@ VPATH = @srcdir@ -prefix = @prefix@ -exec_prefix = @exec_prefix@ - -bindir = @bindir@ -sbindir = @sbindir@ -libexecdir = @libexecdir@ -datadir = @datadir@ -sysconfdir = @sysconfdir@ -sharedstatedir = @sharedstatedir@ -localstatedir = @localstatedir@ -libdir = @libdir@ -infodir = @infodir@ -mandir = @mandir@ -includedir = @includedir@ -oldincludedir = /usr/include pkgdatadir = $(datadir)/@PACKAGE@ pkglibdir = $(libdir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ top_builddir = ../../../.. - -ACLOCAL = @ACLOCAL@ -AUTOCONF = @AUTOCONF@ -AUTOMAKE = @AUTOMAKE@ -AUTOHEADER = @AUTOHEADER@ - am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd INSTALL = @INSTALL@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_DATA = @INSTALL_DATA@ install_sh_DATA = $(install_sh) -c -m 644 install_sh_PROGRAM = $(install_sh) -c install_sh_SCRIPT = $(install_sh) -c -INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_HEADER = $(INSTALL_DATA) -transform = @program_transform_name@ +transform = $(program_transform_name) NORMAL_INSTALL = : PRE_INSTALL = : POST_INSTALL = : NORMAL_UNINSTALL = : PRE_UNINSTALL = : POST_UNINSTALL = : -host_alias = @host_alias@ +build_triplet = @build@ host_triplet = @host@ - -EXEEXT = @EXEEXT@ -OBJEXT = @OBJEXT@ -PATH_SEPARATOR = @PATH_SEPARATOR@ +subdir = src/preprocessors/HttpInspect/user_interface +DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in +ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 +am__aclocal_m4_deps = $(top_srcdir)/configure.in +am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ + $(ACLOCAL_M4) +mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs +CONFIG_HEADER = $(top_builddir)/config.h +CONFIG_CLEAN_FILES = +LIBRARIES = $(noinst_LIBRARIES) +AR = ar +ARFLAGS = cru +libhi_ui_a_AR = $(AR) $(ARFLAGS) +libhi_ui_a_LIBADD = +am_libhi_ui_a_OBJECTS = hi_ui_config.$(OBJEXT) \ + hi_ui_server_lookup.$(OBJEXT) hi_ui_iis_unicode_map.$(OBJEXT) +libhi_ui_a_OBJECTS = $(am_libhi_ui_a_OBJECTS) +DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir) +depcomp = +am__depfiles_maybe = +COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ + $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +CCLD = $(CC) +LINK = $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@ +SOURCES = $(libhi_ui_a_SOURCES) +DIST_SOURCES = $(libhi_ui_a_SOURCES) +ETAGS = etags +CTAGS = ctags +DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) +ACLOCAL = @ACLOCAL@ +AMDEP_FALSE = @AMDEP_FALSE@ +AMDEP_TRUE = @AMDEP_TRUE@ AMTAR = @AMTAR@ +AUTOCONF = @AUTOCONF@ +AUTOHEADER = @AUTOHEADER@ +AUTOMAKE = @AUTOMAKE@ AWK = @AWK@ CC = @CC@ +CCDEPMODE = @CCDEPMODE@ +CFLAGS = @CFLAGS@ +CPP = @CPP@ +CPPFLAGS = @CPPFLAGS@ +CYGPATH_W = @CYGPATH_W@ +DEFS = @DEFS@ DEPDIR = @DEPDIR@ - +ECHO_C = @ECHO_C@ +ECHO_N = @ECHO_N@ +ECHO_T = @ECHO_T@ +EGREP = @EGREP@ +EXEEXT = @EXEEXT@ INCLUDES = @INCLUDES@ +INSTALL_DATA = @INSTALL_DATA@ +INSTALL_PROGRAM = @INSTALL_PROGRAM@ +INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +LDFLAGS = @LDFLAGS@ +LIBOBJS = @LIBOBJS@ +LIBS = @LIBS@ +LTLIBOBJS = @LTLIBOBJS@ +MAINT = @MAINT@ +MAINTAINER_MODE_FALSE = @MAINTAINER_MODE_FALSE@ +MAINTAINER_MODE_TRUE = @MAINTAINER_MODE_TRUE@ +MAKEINFO = @MAKEINFO@ +OBJEXT = @OBJEXT@ PACKAGE = @PACKAGE@ +PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +PACKAGE_NAME = @PACKAGE_NAME@ +PACKAGE_STRING = @PACKAGE_STRING@ +PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_VERSION = @PACKAGE_VERSION@ +PATH_SEPARATOR = @PATH_SEPARATOR@ RANLIB = @RANLIB@ +SET_MAKE = @SET_MAKE@ +SHELL = @SHELL@ STRIP = @STRIP@ VERSION = @VERSION@ +ac_ct_CC = @ac_ct_CC@ +ac_ct_RANLIB = @ac_ct_RANLIB@ +ac_ct_STRIP = @ac_ct_STRIP@ +am__fastdepCC_FALSE = @am__fastdepCC_FALSE@ +am__fastdepCC_TRUE = @am__fastdepCC_TRUE@ am__include = @am__include@ +am__leading_dot = @am__leading_dot@ am__quote = @am__quote@ +am__tar = @am__tar@ +am__untar = @am__untar@ +bindir = @bindir@ +build = @build@ +build_alias = @build_alias@ +build_cpu = @build_cpu@ +build_os = @build_os@ +build_vendor = @build_vendor@ +datadir = @datadir@ +exec_prefix = @exec_prefix@ extra_incl = @extra_incl@ +host = @host@ +host_alias = @host_alias@ +host_cpu = @host_cpu@ +host_os = @host_os@ +host_vendor = @host_vendor@ +includedir = @includedir@ +infodir = @infodir@ install_sh = @install_sh@ +libdir = @libdir@ +libexecdir = @libexecdir@ +localstatedir = @localstatedir@ +mandir = @mandir@ +mkdir_p = @mkdir_p@ +oldincludedir = @oldincludedir@ +prefix = @prefix@ +program_transform_name = @program_transform_name@ +sbindir = @sbindir@ +sharedstatedir = @sharedstatedir@ +sysconfdir = @sysconfdir@ +target_alias = @target_alias@ AUTOMAKE_OPTIONS = foreign no-dependencies - noinst_LIBRARIES = libhi_ui.a - libhi_ui_a_SOURCES = \ hi_ui_config.c \ hi_ui_server_lookup.c \ @@ -108,45 +177,39 @@ ../include/hi_util_kmap.h \ ../include/hi_util_xmalloc.h -subdir = src/preprocessors/HttpInspect/user_interface -mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs -CONFIG_HEADER = $(top_builddir)/config.h -CONFIG_CLEAN_FILES = -LIBRARIES = $(noinst_LIBRARIES) - -libhi_ui_a_AR = $(AR) cru -libhi_ui_a_LIBADD = -am_libhi_ui_a_OBJECTS = hi_ui_config.$(OBJEXT) \ - hi_ui_server_lookup.$(OBJEXT) hi_ui_iis_unicode_map.$(OBJEXT) -libhi_ui_a_OBJECTS = $(am_libhi_ui_a_OBJECTS) - -DEFS = @DEFS@ -DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir) -CPPFLAGS = @CPPFLAGS@ -LDFLAGS = @LDFLAGS@ -LIBS = @LIBS@ -depcomp = -am__depfiles_maybe = -COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ - $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -CCLD = $(CC) -LINK = $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@ -CFLAGS = @CFLAGS@ -DIST_SOURCES = $(libhi_ui_a_SOURCES) -DIST_COMMON = Makefile.am Makefile.in -SOURCES = $(libhi_ui_a_SOURCES) - all: all-am .SUFFIXES: .SUFFIXES: .c .o .obj -$(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) +$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps) + @for dep in $?; do \ + case '$(am__configure_deps)' in \ + *$$dep*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ + && exit 0; \ + exit 1;; \ + esac; \ + done; \ + echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign src/preprocessors/HttpInspect/user_interface/Makefile'; \ cd $(top_srcdir) && \ $(AUTOMAKE) --foreign src/preprocessors/HttpInspect/user_interface/Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe) - -AR = ar +.PRECIOUS: Makefile +Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status + @case '$?' in \ + *config.status*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ + *) \ + echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ + cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ + esac; + +$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh + +$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh clean-noinstLIBRARIES: -test -z "$(noinst_LIBRARIES)" || rm -f $(noinst_LIBRARIES) @@ -156,23 +219,18 @@ $(RANLIB) libhi_ui.a mostlyclean-compile: - -rm -f *.$(OBJEXT) core *.core + -rm -f *.$(OBJEXT) distclean-compile: -rm -f *.tab.c .c.o: - $(COMPILE) -c `test -f '$<' || echo '$(srcdir)/'`$< + $(COMPILE) -c $< .c.obj: - $(COMPILE) -c `cygpath -w $<` + $(COMPILE) -c `$(CYGPATH_W) '$<'` uninstall-info-am: -ETAGS = etags -ETAGSFLAGS = - -tags: TAGS - ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ @@ -181,6 +239,7 @@ $(AWK) ' { files[$$0] = 1; } \ END { for (i in files) print i; }'`; \ mkid -fID $$unique +tags: TAGS TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) @@ -192,8 +251,24 @@ done | \ $(AWK) ' { files[$$0] = 1; } \ END { for (i in files) print i; }'`; \ - test -z "$(ETAGS_ARGS)$$tags$$unique" \ - || $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$tags $$unique; \ + fi +ctags: CTAGS +CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + tags=; \ + here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) ' { files[$$0] = 1; } \ + END { for (i in files) print i; }'`; \ + test -z "$(CTAGS_ARGS)$$tags$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ $$tags $$unique GTAGS: @@ -202,19 +277,21 @@ && gtags -i $(GTAGS_ARGS) $$here distclean-tags: - -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) - -top_distdir = ../../../.. -distdir = $(top_distdir)/$(PACKAGE)-$(VERSION) + -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags distdir: $(DISTFILES) - @list='$(DISTFILES)'; for file in $$list; do \ + @srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; \ + topsrcdirstrip=`echo "$(top_srcdir)" | sed 's|.|.|g'`; \ + list='$(DISTFILES)'; for file in $$list; do \ + case $$file in \ + $(srcdir)/*) file=`echo "$$file" | sed "s|^$$srcdirstrip/||"`;; \ + $(top_srcdir)/*) file=`echo "$$file" | sed "s|^$$topsrcdirstrip/|$(top_builddir)/|"`;; \ + esac; \ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ dir=`echo "$$file" | sed -e 's,/[^/]*$$,,'`; \ if test "$$dir" != "$$file" && test "$$dir" != "."; then \ dir="/$$dir"; \ - $(mkinstalldirs) "$(distdir)$$dir"; \ + $(mkdir_p) "$(distdir)$$dir"; \ else \ dir=''; \ fi; \ @@ -232,9 +309,7 @@ check-am: all-am check: check-am all-am: Makefile $(LIBRARIES) - installdirs: - install: install-am install-exec: install-exec-am install-data: install-data-am @@ -246,7 +321,7 @@ installcheck: installcheck-am install-strip: $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - INSTALL_STRIP_FLAG=-s \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ `test -z '$(STRIP)' || \ echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install mostlyclean-generic: @@ -254,7 +329,7 @@ clean-generic: distclean-generic: - -rm -f Makefile $(CONFIG_CLEAN_FILES) + -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) maintainer-clean-generic: @echo "This command is intended for maintainers to use" @@ -264,7 +339,7 @@ clean-am: clean-generic clean-noinstLIBRARIES mostlyclean-am distclean: distclean-am - + -rm -f Makefile distclean-am: clean-am distclean-compile distclean-generic \ distclean-tags @@ -272,6 +347,8 @@ dvi-am: +html: html-am + info: info-am info-am: @@ -287,24 +364,33 @@ installcheck-am: maintainer-clean: maintainer-clean-am - + -rm -f Makefile maintainer-clean-am: distclean-am maintainer-clean-generic mostlyclean: mostlyclean-am mostlyclean-am: mostlyclean-compile mostlyclean-generic +pdf: pdf-am + +pdf-am: + +ps: ps-am + +ps-am: + uninstall-am: uninstall-info-am -.PHONY: GTAGS all all-am check check-am clean clean-generic \ - clean-noinstLIBRARIES distclean distclean-compile \ - distclean-generic distclean-tags distdir dvi dvi-am info \ - info-am install install-am install-data install-data-am \ - install-exec install-exec-am install-info install-info-am \ - install-man install-strip installcheck installcheck-am \ - installdirs maintainer-clean maintainer-clean-generic \ - mostlyclean mostlyclean-compile mostlyclean-generic tags \ - uninstall uninstall-am uninstall-info-am +.PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \ + clean-noinstLIBRARIES ctags distclean distclean-compile \ + distclean-generic distclean-tags distdir dvi dvi-am html \ + html-am info info-am install install-am install-data \ + install-data-am install-exec install-exec-am install-info \ + install-info-am install-man install-strip installcheck \ + installcheck-am installdirs maintainer-clean \ + maintainer-clean-generic mostlyclean mostlyclean-compile \ + mostlyclean-generic pdf pdf-am ps ps-am tags uninstall \ + uninstall-am uninstall-info-am # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. --- snort-2.3.3.orig/src/preprocessors/HttpInspect/session_inspection/Makefile.in +++ snort-2.3.3/src/preprocessors/HttpInspect/session_inspection/Makefile.in @@ -1,8 +1,8 @@ -# Makefile.in generated by automake 1.6.3 from Makefile.am. +# Makefile.in generated by automake 1.9.6 from Makefile.am. # @configure_input@ -# Copyright 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002 -# Free Software Foundation, Inc. +# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +# 2003, 2004, 2005 Free Software Foundation, Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -13,77 +13,145 @@ # PARTICULAR PURPOSE. @SET_MAKE@ -SHELL = @SHELL@ srcdir = @srcdir@ top_srcdir = @top_srcdir@ VPATH = @srcdir@ -prefix = @prefix@ -exec_prefix = @exec_prefix@ - -bindir = @bindir@ -sbindir = @sbindir@ -libexecdir = @libexecdir@ -datadir = @datadir@ -sysconfdir = @sysconfdir@ -sharedstatedir = @sharedstatedir@ -localstatedir = @localstatedir@ -libdir = @libdir@ -infodir = @infodir@ -mandir = @mandir@ -includedir = @includedir@ -oldincludedir = /usr/include pkgdatadir = $(datadir)/@PACKAGE@ pkglibdir = $(libdir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ top_builddir = ../../../.. - -ACLOCAL = @ACLOCAL@ -AUTOCONF = @AUTOCONF@ -AUTOMAKE = @AUTOMAKE@ -AUTOHEADER = @AUTOHEADER@ - am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd INSTALL = @INSTALL@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_DATA = @INSTALL_DATA@ install_sh_DATA = $(install_sh) -c -m 644 install_sh_PROGRAM = $(install_sh) -c install_sh_SCRIPT = $(install_sh) -c -INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_HEADER = $(INSTALL_DATA) -transform = @program_transform_name@ +transform = $(program_transform_name) NORMAL_INSTALL = : PRE_INSTALL = : POST_INSTALL = : NORMAL_UNINSTALL = : PRE_UNINSTALL = : POST_UNINSTALL = : -host_alias = @host_alias@ +build_triplet = @build@ host_triplet = @host@ - -EXEEXT = @EXEEXT@ -OBJEXT = @OBJEXT@ -PATH_SEPARATOR = @PATH_SEPARATOR@ +subdir = src/preprocessors/HttpInspect/session_inspection +DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in +ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 +am__aclocal_m4_deps = $(top_srcdir)/configure.in +am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ + $(ACLOCAL_M4) +mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs +CONFIG_HEADER = $(top_builddir)/config.h +CONFIG_CLEAN_FILES = +LIBRARIES = $(noinst_LIBRARIES) +AR = ar +ARFLAGS = cru +libhi_si_a_AR = $(AR) $(ARFLAGS) +libhi_si_a_LIBADD = +am_libhi_si_a_OBJECTS = hi_si.$(OBJEXT) +libhi_si_a_OBJECTS = $(am_libhi_si_a_OBJECTS) +DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir) +depcomp = +am__depfiles_maybe = +COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ + $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +CCLD = $(CC) +LINK = $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@ +SOURCES = $(libhi_si_a_SOURCES) +DIST_SOURCES = $(libhi_si_a_SOURCES) +ETAGS = etags +CTAGS = ctags +DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) +ACLOCAL = @ACLOCAL@ +AMDEP_FALSE = @AMDEP_FALSE@ +AMDEP_TRUE = @AMDEP_TRUE@ AMTAR = @AMTAR@ +AUTOCONF = @AUTOCONF@ +AUTOHEADER = @AUTOHEADER@ +AUTOMAKE = @AUTOMAKE@ AWK = @AWK@ CC = @CC@ +CCDEPMODE = @CCDEPMODE@ +CFLAGS = @CFLAGS@ +CPP = @CPP@ +CPPFLAGS = @CPPFLAGS@ +CYGPATH_W = @CYGPATH_W@ +DEFS = @DEFS@ DEPDIR = @DEPDIR@ - +ECHO_C = @ECHO_C@ +ECHO_N = @ECHO_N@ +ECHO_T = @ECHO_T@ +EGREP = @EGREP@ +EXEEXT = @EXEEXT@ INCLUDES = @INCLUDES@ +INSTALL_DATA = @INSTALL_DATA@ +INSTALL_PROGRAM = @INSTALL_PROGRAM@ +INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +LDFLAGS = @LDFLAGS@ +LIBOBJS = @LIBOBJS@ +LIBS = @LIBS@ +LTLIBOBJS = @LTLIBOBJS@ +MAINT = @MAINT@ +MAINTAINER_MODE_FALSE = @MAINTAINER_MODE_FALSE@ +MAINTAINER_MODE_TRUE = @MAINTAINER_MODE_TRUE@ +MAKEINFO = @MAKEINFO@ +OBJEXT = @OBJEXT@ PACKAGE = @PACKAGE@ +PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +PACKAGE_NAME = @PACKAGE_NAME@ +PACKAGE_STRING = @PACKAGE_STRING@ +PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_VERSION = @PACKAGE_VERSION@ +PATH_SEPARATOR = @PATH_SEPARATOR@ RANLIB = @RANLIB@ +SET_MAKE = @SET_MAKE@ +SHELL = @SHELL@ STRIP = @STRIP@ VERSION = @VERSION@ +ac_ct_CC = @ac_ct_CC@ +ac_ct_RANLIB = @ac_ct_RANLIB@ +ac_ct_STRIP = @ac_ct_STRIP@ +am__fastdepCC_FALSE = @am__fastdepCC_FALSE@ +am__fastdepCC_TRUE = @am__fastdepCC_TRUE@ am__include = @am__include@ +am__leading_dot = @am__leading_dot@ am__quote = @am__quote@ +am__tar = @am__tar@ +am__untar = @am__untar@ +bindir = @bindir@ +build = @build@ +build_alias = @build_alias@ +build_cpu = @build_cpu@ +build_os = @build_os@ +build_vendor = @build_vendor@ +datadir = @datadir@ +exec_prefix = @exec_prefix@ extra_incl = @extra_incl@ +host = @host@ +host_alias = @host_alias@ +host_cpu = @host_cpu@ +host_os = @host_os@ +host_vendor = @host_vendor@ +includedir = @includedir@ +infodir = @infodir@ install_sh = @install_sh@ +libdir = @libdir@ +libexecdir = @libexecdir@ +localstatedir = @localstatedir@ +mandir = @mandir@ +mkdir_p = @mkdir_p@ +oldincludedir = @oldincludedir@ +prefix = @prefix@ +program_transform_name = @program_transform_name@ +sbindir = @sbindir@ +sharedstatedir = @sharedstatedir@ +sysconfdir = @sysconfdir@ +target_alias = @target_alias@ AUTOMAKE_OPTIONS = foreign no-dependencies - noinst_LIBRARIES = libhi_si.a - libhi_si_a_SOURCES = \ hi_si.c \ ../include/hi_ad.h \ @@ -106,44 +174,39 @@ ../include/hi_util_kmap.h \ ../include/hi_util_xmalloc.h -subdir = src/preprocessors/HttpInspect/session_inspection -mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs -CONFIG_HEADER = $(top_builddir)/config.h -CONFIG_CLEAN_FILES = -LIBRARIES = $(noinst_LIBRARIES) - -libhi_si_a_AR = $(AR) cru -libhi_si_a_LIBADD = -am_libhi_si_a_OBJECTS = hi_si.$(OBJEXT) -libhi_si_a_OBJECTS = $(am_libhi_si_a_OBJECTS) - -DEFS = @DEFS@ -DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir) -CPPFLAGS = @CPPFLAGS@ -LDFLAGS = @LDFLAGS@ -LIBS = @LIBS@ -depcomp = -am__depfiles_maybe = -COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ - $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -CCLD = $(CC) -LINK = $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@ -CFLAGS = @CFLAGS@ -DIST_SOURCES = $(libhi_si_a_SOURCES) -DIST_COMMON = Makefile.am Makefile.in -SOURCES = $(libhi_si_a_SOURCES) - all: all-am .SUFFIXES: .SUFFIXES: .c .o .obj -$(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) +$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps) + @for dep in $?; do \ + case '$(am__configure_deps)' in \ + *$$dep*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ + && exit 0; \ + exit 1;; \ + esac; \ + done; \ + echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign src/preprocessors/HttpInspect/session_inspection/Makefile'; \ cd $(top_srcdir) && \ $(AUTOMAKE) --foreign src/preprocessors/HttpInspect/session_inspection/Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe) - -AR = ar +.PRECIOUS: Makefile +Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status + @case '$?' in \ + *config.status*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ + *) \ + echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ + cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ + esac; + +$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh + +$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh clean-noinstLIBRARIES: -test -z "$(noinst_LIBRARIES)" || rm -f $(noinst_LIBRARIES) @@ -153,23 +216,18 @@ $(RANLIB) libhi_si.a mostlyclean-compile: - -rm -f *.$(OBJEXT) core *.core + -rm -f *.$(OBJEXT) distclean-compile: -rm -f *.tab.c .c.o: - $(COMPILE) -c `test -f '$<' || echo '$(srcdir)/'`$< + $(COMPILE) -c $< .c.obj: - $(COMPILE) -c `cygpath -w $<` + $(COMPILE) -c `$(CYGPATH_W) '$<'` uninstall-info-am: -ETAGS = etags -ETAGSFLAGS = - -tags: TAGS - ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ @@ -178,6 +236,7 @@ $(AWK) ' { files[$$0] = 1; } \ END { for (i in files) print i; }'`; \ mkid -fID $$unique +tags: TAGS TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) @@ -189,8 +248,24 @@ done | \ $(AWK) ' { files[$$0] = 1; } \ END { for (i in files) print i; }'`; \ - test -z "$(ETAGS_ARGS)$$tags$$unique" \ - || $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$tags $$unique; \ + fi +ctags: CTAGS +CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + tags=; \ + here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) ' { files[$$0] = 1; } \ + END { for (i in files) print i; }'`; \ + test -z "$(CTAGS_ARGS)$$tags$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ $$tags $$unique GTAGS: @@ -199,19 +274,21 @@ && gtags -i $(GTAGS_ARGS) $$here distclean-tags: - -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) - -top_distdir = ../../../.. -distdir = $(top_distdir)/$(PACKAGE)-$(VERSION) + -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags distdir: $(DISTFILES) - @list='$(DISTFILES)'; for file in $$list; do \ + @srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; \ + topsrcdirstrip=`echo "$(top_srcdir)" | sed 's|.|.|g'`; \ + list='$(DISTFILES)'; for file in $$list; do \ + case $$file in \ + $(srcdir)/*) file=`echo "$$file" | sed "s|^$$srcdirstrip/||"`;; \ + $(top_srcdir)/*) file=`echo "$$file" | sed "s|^$$topsrcdirstrip/|$(top_builddir)/|"`;; \ + esac; \ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ dir=`echo "$$file" | sed -e 's,/[^/]*$$,,'`; \ if test "$$dir" != "$$file" && test "$$dir" != "."; then \ dir="/$$dir"; \ - $(mkinstalldirs) "$(distdir)$$dir"; \ + $(mkdir_p) "$(distdir)$$dir"; \ else \ dir=''; \ fi; \ @@ -229,9 +306,7 @@ check-am: all-am check: check-am all-am: Makefile $(LIBRARIES) - installdirs: - install: install-am install-exec: install-exec-am install-data: install-data-am @@ -243,7 +318,7 @@ installcheck: installcheck-am install-strip: $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - INSTALL_STRIP_FLAG=-s \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ `test -z '$(STRIP)' || \ echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install mostlyclean-generic: @@ -251,7 +326,7 @@ clean-generic: distclean-generic: - -rm -f Makefile $(CONFIG_CLEAN_FILES) + -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) maintainer-clean-generic: @echo "This command is intended for maintainers to use" @@ -261,7 +336,7 @@ clean-am: clean-generic clean-noinstLIBRARIES mostlyclean-am distclean: distclean-am - + -rm -f Makefile distclean-am: clean-am distclean-compile distclean-generic \ distclean-tags @@ -269,6 +344,8 @@ dvi-am: +html: html-am + info: info-am info-am: @@ -284,24 +361,33 @@ installcheck-am: maintainer-clean: maintainer-clean-am - + -rm -f Makefile maintainer-clean-am: distclean-am maintainer-clean-generic mostlyclean: mostlyclean-am mostlyclean-am: mostlyclean-compile mostlyclean-generic +pdf: pdf-am + +pdf-am: + +ps: ps-am + +ps-am: + uninstall-am: uninstall-info-am -.PHONY: GTAGS all all-am check check-am clean clean-generic \ - clean-noinstLIBRARIES distclean distclean-compile \ - distclean-generic distclean-tags distdir dvi dvi-am info \ - info-am install install-am install-data install-data-am \ - install-exec install-exec-am install-info install-info-am \ - install-man install-strip installcheck installcheck-am \ - installdirs maintainer-clean maintainer-clean-generic \ - mostlyclean mostlyclean-compile mostlyclean-generic tags \ - uninstall uninstall-am uninstall-info-am +.PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \ + clean-noinstLIBRARIES ctags distclean distclean-compile \ + distclean-generic distclean-tags distdir dvi dvi-am html \ + html-am info info-am install install-am install-data \ + install-data-am install-exec install-exec-am install-info \ + install-info-am install-man install-strip installcheck \ + installcheck-am installdirs maintainer-clean \ + maintainer-clean-generic mostlyclean mostlyclean-compile \ + mostlyclean-generic pdf pdf-am ps ps-am tags uninstall \ + uninstall-am uninstall-info-am # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. --- snort-2.3.3.orig/src/preprocessors/HttpInspect/mode_inspection/Makefile.in +++ snort-2.3.3/src/preprocessors/HttpInspect/mode_inspection/Makefile.in @@ -1,8 +1,8 @@ -# Makefile.in generated by automake 1.6.3 from Makefile.am. +# Makefile.in generated by automake 1.9.6 from Makefile.am. # @configure_input@ -# Copyright 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002 -# Free Software Foundation, Inc. +# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +# 2003, 2004, 2005 Free Software Foundation, Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -13,77 +13,145 @@ # PARTICULAR PURPOSE. @SET_MAKE@ -SHELL = @SHELL@ srcdir = @srcdir@ top_srcdir = @top_srcdir@ VPATH = @srcdir@ -prefix = @prefix@ -exec_prefix = @exec_prefix@ - -bindir = @bindir@ -sbindir = @sbindir@ -libexecdir = @libexecdir@ -datadir = @datadir@ -sysconfdir = @sysconfdir@ -sharedstatedir = @sharedstatedir@ -localstatedir = @localstatedir@ -libdir = @libdir@ -infodir = @infodir@ -mandir = @mandir@ -includedir = @includedir@ -oldincludedir = /usr/include pkgdatadir = $(datadir)/@PACKAGE@ pkglibdir = $(libdir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ top_builddir = ../../../.. - -ACLOCAL = @ACLOCAL@ -AUTOCONF = @AUTOCONF@ -AUTOMAKE = @AUTOMAKE@ -AUTOHEADER = @AUTOHEADER@ - am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd INSTALL = @INSTALL@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_DATA = @INSTALL_DATA@ install_sh_DATA = $(install_sh) -c -m 644 install_sh_PROGRAM = $(install_sh) -c install_sh_SCRIPT = $(install_sh) -c -INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_HEADER = $(INSTALL_DATA) -transform = @program_transform_name@ +transform = $(program_transform_name) NORMAL_INSTALL = : PRE_INSTALL = : POST_INSTALL = : NORMAL_UNINSTALL = : PRE_UNINSTALL = : POST_UNINSTALL = : -host_alias = @host_alias@ +build_triplet = @build@ host_triplet = @host@ - -EXEEXT = @EXEEXT@ -OBJEXT = @OBJEXT@ -PATH_SEPARATOR = @PATH_SEPARATOR@ +subdir = src/preprocessors/HttpInspect/mode_inspection +DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in +ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 +am__aclocal_m4_deps = $(top_srcdir)/configure.in +am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ + $(ACLOCAL_M4) +mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs +CONFIG_HEADER = $(top_builddir)/config.h +CONFIG_CLEAN_FILES = +LIBRARIES = $(noinst_LIBRARIES) +AR = ar +ARFLAGS = cru +libhi_mi_a_AR = $(AR) $(ARFLAGS) +libhi_mi_a_LIBADD = +am_libhi_mi_a_OBJECTS = hi_mi.$(OBJEXT) +libhi_mi_a_OBJECTS = $(am_libhi_mi_a_OBJECTS) +DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir) +depcomp = +am__depfiles_maybe = +COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ + $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +CCLD = $(CC) +LINK = $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@ +SOURCES = $(libhi_mi_a_SOURCES) +DIST_SOURCES = $(libhi_mi_a_SOURCES) +ETAGS = etags +CTAGS = ctags +DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) +ACLOCAL = @ACLOCAL@ +AMDEP_FALSE = @AMDEP_FALSE@ +AMDEP_TRUE = @AMDEP_TRUE@ AMTAR = @AMTAR@ +AUTOCONF = @AUTOCONF@ +AUTOHEADER = @AUTOHEADER@ +AUTOMAKE = @AUTOMAKE@ AWK = @AWK@ CC = @CC@ +CCDEPMODE = @CCDEPMODE@ +CFLAGS = @CFLAGS@ +CPP = @CPP@ +CPPFLAGS = @CPPFLAGS@ +CYGPATH_W = @CYGPATH_W@ +DEFS = @DEFS@ DEPDIR = @DEPDIR@ - +ECHO_C = @ECHO_C@ +ECHO_N = @ECHO_N@ +ECHO_T = @ECHO_T@ +EGREP = @EGREP@ +EXEEXT = @EXEEXT@ INCLUDES = @INCLUDES@ +INSTALL_DATA = @INSTALL_DATA@ +INSTALL_PROGRAM = @INSTALL_PROGRAM@ +INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +LDFLAGS = @LDFLAGS@ +LIBOBJS = @LIBOBJS@ +LIBS = @LIBS@ +LTLIBOBJS = @LTLIBOBJS@ +MAINT = @MAINT@ +MAINTAINER_MODE_FALSE = @MAINTAINER_MODE_FALSE@ +MAINTAINER_MODE_TRUE = @MAINTAINER_MODE_TRUE@ +MAKEINFO = @MAKEINFO@ +OBJEXT = @OBJEXT@ PACKAGE = @PACKAGE@ +PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +PACKAGE_NAME = @PACKAGE_NAME@ +PACKAGE_STRING = @PACKAGE_STRING@ +PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_VERSION = @PACKAGE_VERSION@ +PATH_SEPARATOR = @PATH_SEPARATOR@ RANLIB = @RANLIB@ +SET_MAKE = @SET_MAKE@ +SHELL = @SHELL@ STRIP = @STRIP@ VERSION = @VERSION@ +ac_ct_CC = @ac_ct_CC@ +ac_ct_RANLIB = @ac_ct_RANLIB@ +ac_ct_STRIP = @ac_ct_STRIP@ +am__fastdepCC_FALSE = @am__fastdepCC_FALSE@ +am__fastdepCC_TRUE = @am__fastdepCC_TRUE@ am__include = @am__include@ +am__leading_dot = @am__leading_dot@ am__quote = @am__quote@ +am__tar = @am__tar@ +am__untar = @am__untar@ +bindir = @bindir@ +build = @build@ +build_alias = @build_alias@ +build_cpu = @build_cpu@ +build_os = @build_os@ +build_vendor = @build_vendor@ +datadir = @datadir@ +exec_prefix = @exec_prefix@ extra_incl = @extra_incl@ +host = @host@ +host_alias = @host_alias@ +host_cpu = @host_cpu@ +host_os = @host_os@ +host_vendor = @host_vendor@ +includedir = @includedir@ +infodir = @infodir@ install_sh = @install_sh@ +libdir = @libdir@ +libexecdir = @libexecdir@ +localstatedir = @localstatedir@ +mandir = @mandir@ +mkdir_p = @mkdir_p@ +oldincludedir = @oldincludedir@ +prefix = @prefix@ +program_transform_name = @program_transform_name@ +sbindir = @sbindir@ +sharedstatedir = @sharedstatedir@ +sysconfdir = @sysconfdir@ +target_alias = @target_alias@ AUTOMAKE_OPTIONS = foreign no-dependencies - noinst_LIBRARIES = libhi_mi.a - libhi_mi_a_SOURCES = \ hi_mi.c \ ../include/hi_ad.h \ @@ -106,44 +174,39 @@ ../include/hi_util_kmap.h \ ../include/hi_util_xmalloc.h -subdir = src/preprocessors/HttpInspect/mode_inspection -mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs -CONFIG_HEADER = $(top_builddir)/config.h -CONFIG_CLEAN_FILES = -LIBRARIES = $(noinst_LIBRARIES) - -libhi_mi_a_AR = $(AR) cru -libhi_mi_a_LIBADD = -am_libhi_mi_a_OBJECTS = hi_mi.$(OBJEXT) -libhi_mi_a_OBJECTS = $(am_libhi_mi_a_OBJECTS) - -DEFS = @DEFS@ -DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir) -CPPFLAGS = @CPPFLAGS@ -LDFLAGS = @LDFLAGS@ -LIBS = @LIBS@ -depcomp = -am__depfiles_maybe = -COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ - $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -CCLD = $(CC) -LINK = $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@ -CFLAGS = @CFLAGS@ -DIST_SOURCES = $(libhi_mi_a_SOURCES) -DIST_COMMON = Makefile.am Makefile.in -SOURCES = $(libhi_mi_a_SOURCES) - all: all-am .SUFFIXES: .SUFFIXES: .c .o .obj -$(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) +$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps) + @for dep in $?; do \ + case '$(am__configure_deps)' in \ + *$$dep*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ + && exit 0; \ + exit 1;; \ + esac; \ + done; \ + echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign src/preprocessors/HttpInspect/mode_inspection/Makefile'; \ cd $(top_srcdir) && \ $(AUTOMAKE) --foreign src/preprocessors/HttpInspect/mode_inspection/Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe) - -AR = ar +.PRECIOUS: Makefile +Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status + @case '$?' in \ + *config.status*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ + *) \ + echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ + cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ + esac; + +$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh + +$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh clean-noinstLIBRARIES: -test -z "$(noinst_LIBRARIES)" || rm -f $(noinst_LIBRARIES) @@ -153,23 +216,18 @@ $(RANLIB) libhi_mi.a mostlyclean-compile: - -rm -f *.$(OBJEXT) core *.core + -rm -f *.$(OBJEXT) distclean-compile: -rm -f *.tab.c .c.o: - $(COMPILE) -c `test -f '$<' || echo '$(srcdir)/'`$< + $(COMPILE) -c $< .c.obj: - $(COMPILE) -c `cygpath -w $<` + $(COMPILE) -c `$(CYGPATH_W) '$<'` uninstall-info-am: -ETAGS = etags -ETAGSFLAGS = - -tags: TAGS - ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ @@ -178,6 +236,7 @@ $(AWK) ' { files[$$0] = 1; } \ END { for (i in files) print i; }'`; \ mkid -fID $$unique +tags: TAGS TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) @@ -189,8 +248,24 @@ done | \ $(AWK) ' { files[$$0] = 1; } \ END { for (i in files) print i; }'`; \ - test -z "$(ETAGS_ARGS)$$tags$$unique" \ - || $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$tags $$unique; \ + fi +ctags: CTAGS +CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + tags=; \ + here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) ' { files[$$0] = 1; } \ + END { for (i in files) print i; }'`; \ + test -z "$(CTAGS_ARGS)$$tags$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ $$tags $$unique GTAGS: @@ -199,19 +274,21 @@ && gtags -i $(GTAGS_ARGS) $$here distclean-tags: - -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) - -top_distdir = ../../../.. -distdir = $(top_distdir)/$(PACKAGE)-$(VERSION) + -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags distdir: $(DISTFILES) - @list='$(DISTFILES)'; for file in $$list; do \ + @srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; \ + topsrcdirstrip=`echo "$(top_srcdir)" | sed 's|.|.|g'`; \ + list='$(DISTFILES)'; for file in $$list; do \ + case $$file in \ + $(srcdir)/*) file=`echo "$$file" | sed "s|^$$srcdirstrip/||"`;; \ + $(top_srcdir)/*) file=`echo "$$file" | sed "s|^$$topsrcdirstrip/|$(top_builddir)/|"`;; \ + esac; \ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ dir=`echo "$$file" | sed -e 's,/[^/]*$$,,'`; \ if test "$$dir" != "$$file" && test "$$dir" != "."; then \ dir="/$$dir"; \ - $(mkinstalldirs) "$(distdir)$$dir"; \ + $(mkdir_p) "$(distdir)$$dir"; \ else \ dir=''; \ fi; \ @@ -229,9 +306,7 @@ check-am: all-am check: check-am all-am: Makefile $(LIBRARIES) - installdirs: - install: install-am install-exec: install-exec-am install-data: install-data-am @@ -243,7 +318,7 @@ installcheck: installcheck-am install-strip: $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - INSTALL_STRIP_FLAG=-s \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ `test -z '$(STRIP)' || \ echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install mostlyclean-generic: @@ -251,7 +326,7 @@ clean-generic: distclean-generic: - -rm -f Makefile $(CONFIG_CLEAN_FILES) + -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) maintainer-clean-generic: @echo "This command is intended for maintainers to use" @@ -261,7 +336,7 @@ clean-am: clean-generic clean-noinstLIBRARIES mostlyclean-am distclean: distclean-am - + -rm -f Makefile distclean-am: clean-am distclean-compile distclean-generic \ distclean-tags @@ -269,6 +344,8 @@ dvi-am: +html: html-am + info: info-am info-am: @@ -284,24 +361,33 @@ installcheck-am: maintainer-clean: maintainer-clean-am - + -rm -f Makefile maintainer-clean-am: distclean-am maintainer-clean-generic mostlyclean: mostlyclean-am mostlyclean-am: mostlyclean-compile mostlyclean-generic +pdf: pdf-am + +pdf-am: + +ps: ps-am + +ps-am: + uninstall-am: uninstall-info-am -.PHONY: GTAGS all all-am check check-am clean clean-generic \ - clean-noinstLIBRARIES distclean distclean-compile \ - distclean-generic distclean-tags distdir dvi dvi-am info \ - info-am install install-am install-data install-data-am \ - install-exec install-exec-am install-info install-info-am \ - install-man install-strip installcheck installcheck-am \ - installdirs maintainer-clean maintainer-clean-generic \ - mostlyclean mostlyclean-compile mostlyclean-generic tags \ - uninstall uninstall-am uninstall-info-am +.PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \ + clean-noinstLIBRARIES ctags distclean distclean-compile \ + distclean-generic distclean-tags distdir dvi dvi-am html \ + html-am info info-am install install-am install-data \ + install-data-am install-exec install-exec-am install-info \ + install-info-am install-man install-strip installcheck \ + installcheck-am installdirs maintainer-clean \ + maintainer-clean-generic mostlyclean mostlyclean-compile \ + mostlyclean-generic pdf pdf-am ps ps-am tags uninstall \ + uninstall-am uninstall-info-am # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. --- snort-2.3.3.orig/src/preprocessors/HttpInspect/anomaly_detection/Makefile.in +++ snort-2.3.3/src/preprocessors/HttpInspect/anomaly_detection/Makefile.in @@ -1,8 +1,8 @@ -# Makefile.in generated by automake 1.6.3 from Makefile.am. +# Makefile.in generated by automake 1.9.6 from Makefile.am. # @configure_input@ -# Copyright 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002 -# Free Software Foundation, Inc. +# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +# 2003, 2004, 2005 Free Software Foundation, Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -13,77 +13,145 @@ # PARTICULAR PURPOSE. @SET_MAKE@ -SHELL = @SHELL@ srcdir = @srcdir@ top_srcdir = @top_srcdir@ VPATH = @srcdir@ -prefix = @prefix@ -exec_prefix = @exec_prefix@ - -bindir = @bindir@ -sbindir = @sbindir@ -libexecdir = @libexecdir@ -datadir = @datadir@ -sysconfdir = @sysconfdir@ -sharedstatedir = @sharedstatedir@ -localstatedir = @localstatedir@ -libdir = @libdir@ -infodir = @infodir@ -mandir = @mandir@ -includedir = @includedir@ -oldincludedir = /usr/include pkgdatadir = $(datadir)/@PACKAGE@ pkglibdir = $(libdir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ top_builddir = ../../../.. - -ACLOCAL = @ACLOCAL@ -AUTOCONF = @AUTOCONF@ -AUTOMAKE = @AUTOMAKE@ -AUTOHEADER = @AUTOHEADER@ - am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd INSTALL = @INSTALL@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_DATA = @INSTALL_DATA@ install_sh_DATA = $(install_sh) -c -m 644 install_sh_PROGRAM = $(install_sh) -c install_sh_SCRIPT = $(install_sh) -c -INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_HEADER = $(INSTALL_DATA) -transform = @program_transform_name@ +transform = $(program_transform_name) NORMAL_INSTALL = : PRE_INSTALL = : POST_INSTALL = : NORMAL_UNINSTALL = : PRE_UNINSTALL = : POST_UNINSTALL = : -host_alias = @host_alias@ +build_triplet = @build@ host_triplet = @host@ - -EXEEXT = @EXEEXT@ -OBJEXT = @OBJEXT@ -PATH_SEPARATOR = @PATH_SEPARATOR@ +subdir = src/preprocessors/HttpInspect/anomaly_detection +DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in +ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 +am__aclocal_m4_deps = $(top_srcdir)/configure.in +am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ + $(ACLOCAL_M4) +mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs +CONFIG_HEADER = $(top_builddir)/config.h +CONFIG_CLEAN_FILES = +LIBRARIES = $(noinst_LIBRARIES) +AR = ar +ARFLAGS = cru +libhi_ad_a_AR = $(AR) $(ARFLAGS) +libhi_ad_a_LIBADD = +am_libhi_ad_a_OBJECTS = hi_ad.$(OBJEXT) +libhi_ad_a_OBJECTS = $(am_libhi_ad_a_OBJECTS) +DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir) +depcomp = +am__depfiles_maybe = +COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ + $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +CCLD = $(CC) +LINK = $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@ +SOURCES = $(libhi_ad_a_SOURCES) +DIST_SOURCES = $(libhi_ad_a_SOURCES) +ETAGS = etags +CTAGS = ctags +DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) +ACLOCAL = @ACLOCAL@ +AMDEP_FALSE = @AMDEP_FALSE@ +AMDEP_TRUE = @AMDEP_TRUE@ AMTAR = @AMTAR@ +AUTOCONF = @AUTOCONF@ +AUTOHEADER = @AUTOHEADER@ +AUTOMAKE = @AUTOMAKE@ AWK = @AWK@ CC = @CC@ +CCDEPMODE = @CCDEPMODE@ +CFLAGS = @CFLAGS@ +CPP = @CPP@ +CPPFLAGS = @CPPFLAGS@ +CYGPATH_W = @CYGPATH_W@ +DEFS = @DEFS@ DEPDIR = @DEPDIR@ - +ECHO_C = @ECHO_C@ +ECHO_N = @ECHO_N@ +ECHO_T = @ECHO_T@ +EGREP = @EGREP@ +EXEEXT = @EXEEXT@ INCLUDES = @INCLUDES@ +INSTALL_DATA = @INSTALL_DATA@ +INSTALL_PROGRAM = @INSTALL_PROGRAM@ +INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +LDFLAGS = @LDFLAGS@ +LIBOBJS = @LIBOBJS@ +LIBS = @LIBS@ +LTLIBOBJS = @LTLIBOBJS@ +MAINT = @MAINT@ +MAINTAINER_MODE_FALSE = @MAINTAINER_MODE_FALSE@ +MAINTAINER_MODE_TRUE = @MAINTAINER_MODE_TRUE@ +MAKEINFO = @MAKEINFO@ +OBJEXT = @OBJEXT@ PACKAGE = @PACKAGE@ +PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +PACKAGE_NAME = @PACKAGE_NAME@ +PACKAGE_STRING = @PACKAGE_STRING@ +PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_VERSION = @PACKAGE_VERSION@ +PATH_SEPARATOR = @PATH_SEPARATOR@ RANLIB = @RANLIB@ +SET_MAKE = @SET_MAKE@ +SHELL = @SHELL@ STRIP = @STRIP@ VERSION = @VERSION@ +ac_ct_CC = @ac_ct_CC@ +ac_ct_RANLIB = @ac_ct_RANLIB@ +ac_ct_STRIP = @ac_ct_STRIP@ +am__fastdepCC_FALSE = @am__fastdepCC_FALSE@ +am__fastdepCC_TRUE = @am__fastdepCC_TRUE@ am__include = @am__include@ +am__leading_dot = @am__leading_dot@ am__quote = @am__quote@ +am__tar = @am__tar@ +am__untar = @am__untar@ +bindir = @bindir@ +build = @build@ +build_alias = @build_alias@ +build_cpu = @build_cpu@ +build_os = @build_os@ +build_vendor = @build_vendor@ +datadir = @datadir@ +exec_prefix = @exec_prefix@ extra_incl = @extra_incl@ +host = @host@ +host_alias = @host_alias@ +host_cpu = @host_cpu@ +host_os = @host_os@ +host_vendor = @host_vendor@ +includedir = @includedir@ +infodir = @infodir@ install_sh = @install_sh@ +libdir = @libdir@ +libexecdir = @libexecdir@ +localstatedir = @localstatedir@ +mandir = @mandir@ +mkdir_p = @mkdir_p@ +oldincludedir = @oldincludedir@ +prefix = @prefix@ +program_transform_name = @program_transform_name@ +sbindir = @sbindir@ +sharedstatedir = @sharedstatedir@ +sysconfdir = @sysconfdir@ +target_alias = @target_alias@ AUTOMAKE_OPTIONS = foreign no-dependencies - noinst_LIBRARIES = libhi_ad.a - libhi_ad_a_SOURCES = \ hi_ad.c \ ../include/hi_ad.h \ @@ -106,44 +174,39 @@ ../include/hi_util_kmap.h \ ../include/hi_util_xmalloc.h -subdir = src/preprocessors/HttpInspect/anomaly_detection -mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs -CONFIG_HEADER = $(top_builddir)/config.h -CONFIG_CLEAN_FILES = -LIBRARIES = $(noinst_LIBRARIES) - -libhi_ad_a_AR = $(AR) cru -libhi_ad_a_LIBADD = -am_libhi_ad_a_OBJECTS = hi_ad.$(OBJEXT) -libhi_ad_a_OBJECTS = $(am_libhi_ad_a_OBJECTS) - -DEFS = @DEFS@ -DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir) -CPPFLAGS = @CPPFLAGS@ -LDFLAGS = @LDFLAGS@ -LIBS = @LIBS@ -depcomp = -am__depfiles_maybe = -COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ - $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -CCLD = $(CC) -LINK = $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@ -CFLAGS = @CFLAGS@ -DIST_SOURCES = $(libhi_ad_a_SOURCES) -DIST_COMMON = Makefile.am Makefile.in -SOURCES = $(libhi_ad_a_SOURCES) - all: all-am .SUFFIXES: .SUFFIXES: .c .o .obj -$(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) +$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps) + @for dep in $?; do \ + case '$(am__configure_deps)' in \ + *$$dep*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ + && exit 0; \ + exit 1;; \ + esac; \ + done; \ + echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign src/preprocessors/HttpInspect/anomaly_detection/Makefile'; \ cd $(top_srcdir) && \ $(AUTOMAKE) --foreign src/preprocessors/HttpInspect/anomaly_detection/Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe) - -AR = ar +.PRECIOUS: Makefile +Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status + @case '$?' in \ + *config.status*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ + *) \ + echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ + cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ + esac; + +$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh + +$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh clean-noinstLIBRARIES: -test -z "$(noinst_LIBRARIES)" || rm -f $(noinst_LIBRARIES) @@ -153,23 +216,18 @@ $(RANLIB) libhi_ad.a mostlyclean-compile: - -rm -f *.$(OBJEXT) core *.core + -rm -f *.$(OBJEXT) distclean-compile: -rm -f *.tab.c .c.o: - $(COMPILE) -c `test -f '$<' || echo '$(srcdir)/'`$< + $(COMPILE) -c $< .c.obj: - $(COMPILE) -c `cygpath -w $<` + $(COMPILE) -c `$(CYGPATH_W) '$<'` uninstall-info-am: -ETAGS = etags -ETAGSFLAGS = - -tags: TAGS - ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ @@ -178,6 +236,7 @@ $(AWK) ' { files[$$0] = 1; } \ END { for (i in files) print i; }'`; \ mkid -fID $$unique +tags: TAGS TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) @@ -189,8 +248,24 @@ done | \ $(AWK) ' { files[$$0] = 1; } \ END { for (i in files) print i; }'`; \ - test -z "$(ETAGS_ARGS)$$tags$$unique" \ - || $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$tags $$unique; \ + fi +ctags: CTAGS +CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + tags=; \ + here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) ' { files[$$0] = 1; } \ + END { for (i in files) print i; }'`; \ + test -z "$(CTAGS_ARGS)$$tags$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ $$tags $$unique GTAGS: @@ -199,19 +274,21 @@ && gtags -i $(GTAGS_ARGS) $$here distclean-tags: - -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) - -top_distdir = ../../../.. -distdir = $(top_distdir)/$(PACKAGE)-$(VERSION) + -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags distdir: $(DISTFILES) - @list='$(DISTFILES)'; for file in $$list; do \ + @srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; \ + topsrcdirstrip=`echo "$(top_srcdir)" | sed 's|.|.|g'`; \ + list='$(DISTFILES)'; for file in $$list; do \ + case $$file in \ + $(srcdir)/*) file=`echo "$$file" | sed "s|^$$srcdirstrip/||"`;; \ + $(top_srcdir)/*) file=`echo "$$file" | sed "s|^$$topsrcdirstrip/|$(top_builddir)/|"`;; \ + esac; \ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ dir=`echo "$$file" | sed -e 's,/[^/]*$$,,'`; \ if test "$$dir" != "$$file" && test "$$dir" != "."; then \ dir="/$$dir"; \ - $(mkinstalldirs) "$(distdir)$$dir"; \ + $(mkdir_p) "$(distdir)$$dir"; \ else \ dir=''; \ fi; \ @@ -229,9 +306,7 @@ check-am: all-am check: check-am all-am: Makefile $(LIBRARIES) - installdirs: - install: install-am install-exec: install-exec-am install-data: install-data-am @@ -243,7 +318,7 @@ installcheck: installcheck-am install-strip: $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - INSTALL_STRIP_FLAG=-s \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ `test -z '$(STRIP)' || \ echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install mostlyclean-generic: @@ -251,7 +326,7 @@ clean-generic: distclean-generic: - -rm -f Makefile $(CONFIG_CLEAN_FILES) + -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) maintainer-clean-generic: @echo "This command is intended for maintainers to use" @@ -261,7 +336,7 @@ clean-am: clean-generic clean-noinstLIBRARIES mostlyclean-am distclean: distclean-am - + -rm -f Makefile distclean-am: clean-am distclean-compile distclean-generic \ distclean-tags @@ -269,6 +344,8 @@ dvi-am: +html: html-am + info: info-am info-am: @@ -284,24 +361,33 @@ installcheck-am: maintainer-clean: maintainer-clean-am - + -rm -f Makefile maintainer-clean-am: distclean-am maintainer-clean-generic mostlyclean: mostlyclean-am mostlyclean-am: mostlyclean-compile mostlyclean-generic +pdf: pdf-am + +pdf-am: + +ps: ps-am + +ps-am: + uninstall-am: uninstall-info-am -.PHONY: GTAGS all all-am check check-am clean clean-generic \ - clean-noinstLIBRARIES distclean distclean-compile \ - distclean-generic distclean-tags distdir dvi dvi-am info \ - info-am install install-am install-data install-data-am \ - install-exec install-exec-am install-info install-info-am \ - install-man install-strip installcheck installcheck-am \ - installdirs maintainer-clean maintainer-clean-generic \ - mostlyclean mostlyclean-compile mostlyclean-generic tags \ - uninstall uninstall-am uninstall-info-am +.PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \ + clean-noinstLIBRARIES ctags distclean distclean-compile \ + distclean-generic distclean-tags distdir dvi dvi-am html \ + html-am info info-am install install-am install-data \ + install-data-am install-exec install-exec-am install-info \ + install-info-am install-man install-strip installcheck \ + installcheck-am installdirs maintainer-clean \ + maintainer-clean-generic mostlyclean mostlyclean-compile \ + mostlyclean-generic pdf pdf-am ps ps-am tags uninstall \ + uninstall-am uninstall-info-am # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. --- snort-2.3.3.orig/src/preprocessors/HttpInspect/event_output/Makefile.in +++ snort-2.3.3/src/preprocessors/HttpInspect/event_output/Makefile.in @@ -1,8 +1,8 @@ -# Makefile.in generated by automake 1.6.3 from Makefile.am. +# Makefile.in generated by automake 1.9.6 from Makefile.am. # @configure_input@ -# Copyright 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002 -# Free Software Foundation, Inc. +# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +# 2003, 2004, 2005 Free Software Foundation, Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -13,77 +13,145 @@ # PARTICULAR PURPOSE. @SET_MAKE@ -SHELL = @SHELL@ srcdir = @srcdir@ top_srcdir = @top_srcdir@ VPATH = @srcdir@ -prefix = @prefix@ -exec_prefix = @exec_prefix@ - -bindir = @bindir@ -sbindir = @sbindir@ -libexecdir = @libexecdir@ -datadir = @datadir@ -sysconfdir = @sysconfdir@ -sharedstatedir = @sharedstatedir@ -localstatedir = @localstatedir@ -libdir = @libdir@ -infodir = @infodir@ -mandir = @mandir@ -includedir = @includedir@ -oldincludedir = /usr/include pkgdatadir = $(datadir)/@PACKAGE@ pkglibdir = $(libdir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ top_builddir = ../../../.. - -ACLOCAL = @ACLOCAL@ -AUTOCONF = @AUTOCONF@ -AUTOMAKE = @AUTOMAKE@ -AUTOHEADER = @AUTOHEADER@ - am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd INSTALL = @INSTALL@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_DATA = @INSTALL_DATA@ install_sh_DATA = $(install_sh) -c -m 644 install_sh_PROGRAM = $(install_sh) -c install_sh_SCRIPT = $(install_sh) -c -INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_HEADER = $(INSTALL_DATA) -transform = @program_transform_name@ +transform = $(program_transform_name) NORMAL_INSTALL = : PRE_INSTALL = : POST_INSTALL = : NORMAL_UNINSTALL = : PRE_UNINSTALL = : POST_UNINSTALL = : -host_alias = @host_alias@ +build_triplet = @build@ host_triplet = @host@ - -EXEEXT = @EXEEXT@ -OBJEXT = @OBJEXT@ -PATH_SEPARATOR = @PATH_SEPARATOR@ +subdir = src/preprocessors/HttpInspect/event_output +DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in +ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 +am__aclocal_m4_deps = $(top_srcdir)/configure.in +am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ + $(ACLOCAL_M4) +mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs +CONFIG_HEADER = $(top_builddir)/config.h +CONFIG_CLEAN_FILES = +LIBRARIES = $(noinst_LIBRARIES) +AR = ar +ARFLAGS = cru +libhi_eo_a_AR = $(AR) $(ARFLAGS) +libhi_eo_a_LIBADD = +am_libhi_eo_a_OBJECTS = hi_eo_log.$(OBJEXT) +libhi_eo_a_OBJECTS = $(am_libhi_eo_a_OBJECTS) +DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir) +depcomp = +am__depfiles_maybe = +COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ + $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +CCLD = $(CC) +LINK = $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@ +SOURCES = $(libhi_eo_a_SOURCES) +DIST_SOURCES = $(libhi_eo_a_SOURCES) +ETAGS = etags +CTAGS = ctags +DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) +ACLOCAL = @ACLOCAL@ +AMDEP_FALSE = @AMDEP_FALSE@ +AMDEP_TRUE = @AMDEP_TRUE@ AMTAR = @AMTAR@ +AUTOCONF = @AUTOCONF@ +AUTOHEADER = @AUTOHEADER@ +AUTOMAKE = @AUTOMAKE@ AWK = @AWK@ CC = @CC@ +CCDEPMODE = @CCDEPMODE@ +CFLAGS = @CFLAGS@ +CPP = @CPP@ +CPPFLAGS = @CPPFLAGS@ +CYGPATH_W = @CYGPATH_W@ +DEFS = @DEFS@ DEPDIR = @DEPDIR@ - +ECHO_C = @ECHO_C@ +ECHO_N = @ECHO_N@ +ECHO_T = @ECHO_T@ +EGREP = @EGREP@ +EXEEXT = @EXEEXT@ INCLUDES = @INCLUDES@ +INSTALL_DATA = @INSTALL_DATA@ +INSTALL_PROGRAM = @INSTALL_PROGRAM@ +INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +LDFLAGS = @LDFLAGS@ +LIBOBJS = @LIBOBJS@ +LIBS = @LIBS@ +LTLIBOBJS = @LTLIBOBJS@ +MAINT = @MAINT@ +MAINTAINER_MODE_FALSE = @MAINTAINER_MODE_FALSE@ +MAINTAINER_MODE_TRUE = @MAINTAINER_MODE_TRUE@ +MAKEINFO = @MAKEINFO@ +OBJEXT = @OBJEXT@ PACKAGE = @PACKAGE@ +PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +PACKAGE_NAME = @PACKAGE_NAME@ +PACKAGE_STRING = @PACKAGE_STRING@ +PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_VERSION = @PACKAGE_VERSION@ +PATH_SEPARATOR = @PATH_SEPARATOR@ RANLIB = @RANLIB@ +SET_MAKE = @SET_MAKE@ +SHELL = @SHELL@ STRIP = @STRIP@ VERSION = @VERSION@ +ac_ct_CC = @ac_ct_CC@ +ac_ct_RANLIB = @ac_ct_RANLIB@ +ac_ct_STRIP = @ac_ct_STRIP@ +am__fastdepCC_FALSE = @am__fastdepCC_FALSE@ +am__fastdepCC_TRUE = @am__fastdepCC_TRUE@ am__include = @am__include@ +am__leading_dot = @am__leading_dot@ am__quote = @am__quote@ +am__tar = @am__tar@ +am__untar = @am__untar@ +bindir = @bindir@ +build = @build@ +build_alias = @build_alias@ +build_cpu = @build_cpu@ +build_os = @build_os@ +build_vendor = @build_vendor@ +datadir = @datadir@ +exec_prefix = @exec_prefix@ extra_incl = @extra_incl@ +host = @host@ +host_alias = @host_alias@ +host_cpu = @host_cpu@ +host_os = @host_os@ +host_vendor = @host_vendor@ +includedir = @includedir@ +infodir = @infodir@ install_sh = @install_sh@ +libdir = @libdir@ +libexecdir = @libexecdir@ +localstatedir = @localstatedir@ +mandir = @mandir@ +mkdir_p = @mkdir_p@ +oldincludedir = @oldincludedir@ +prefix = @prefix@ +program_transform_name = @program_transform_name@ +sbindir = @sbindir@ +sharedstatedir = @sharedstatedir@ +sysconfdir = @sysconfdir@ +target_alias = @target_alias@ AUTOMAKE_OPTIONS = foreign no-dependencies - noinst_LIBRARIES = libhi_eo.a - libhi_eo_a_SOURCES = \ hi_eo_log.c \ ../include/hi_ad.h \ @@ -106,44 +174,39 @@ ../include/hi_util_kmap.h \ ../include/hi_util_xmalloc.h -subdir = src/preprocessors/HttpInspect/event_output -mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs -CONFIG_HEADER = $(top_builddir)/config.h -CONFIG_CLEAN_FILES = -LIBRARIES = $(noinst_LIBRARIES) - -libhi_eo_a_AR = $(AR) cru -libhi_eo_a_LIBADD = -am_libhi_eo_a_OBJECTS = hi_eo_log.$(OBJEXT) -libhi_eo_a_OBJECTS = $(am_libhi_eo_a_OBJECTS) - -DEFS = @DEFS@ -DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir) -CPPFLAGS = @CPPFLAGS@ -LDFLAGS = @LDFLAGS@ -LIBS = @LIBS@ -depcomp = -am__depfiles_maybe = -COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ - $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -CCLD = $(CC) -LINK = $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@ -CFLAGS = @CFLAGS@ -DIST_SOURCES = $(libhi_eo_a_SOURCES) -DIST_COMMON = Makefile.am Makefile.in -SOURCES = $(libhi_eo_a_SOURCES) - all: all-am .SUFFIXES: .SUFFIXES: .c .o .obj -$(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) +$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps) + @for dep in $?; do \ + case '$(am__configure_deps)' in \ + *$$dep*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ + && exit 0; \ + exit 1;; \ + esac; \ + done; \ + echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign src/preprocessors/HttpInspect/event_output/Makefile'; \ cd $(top_srcdir) && \ $(AUTOMAKE) --foreign src/preprocessors/HttpInspect/event_output/Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe) - -AR = ar +.PRECIOUS: Makefile +Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status + @case '$?' in \ + *config.status*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ + *) \ + echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ + cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ + esac; + +$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh + +$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh clean-noinstLIBRARIES: -test -z "$(noinst_LIBRARIES)" || rm -f $(noinst_LIBRARIES) @@ -153,23 +216,18 @@ $(RANLIB) libhi_eo.a mostlyclean-compile: - -rm -f *.$(OBJEXT) core *.core + -rm -f *.$(OBJEXT) distclean-compile: -rm -f *.tab.c .c.o: - $(COMPILE) -c `test -f '$<' || echo '$(srcdir)/'`$< + $(COMPILE) -c $< .c.obj: - $(COMPILE) -c `cygpath -w $<` + $(COMPILE) -c `$(CYGPATH_W) '$<'` uninstall-info-am: -ETAGS = etags -ETAGSFLAGS = - -tags: TAGS - ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ @@ -178,6 +236,7 @@ $(AWK) ' { files[$$0] = 1; } \ END { for (i in files) print i; }'`; \ mkid -fID $$unique +tags: TAGS TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) @@ -189,8 +248,24 @@ done | \ $(AWK) ' { files[$$0] = 1; } \ END { for (i in files) print i; }'`; \ - test -z "$(ETAGS_ARGS)$$tags$$unique" \ - || $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$tags $$unique; \ + fi +ctags: CTAGS +CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + tags=; \ + here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) ' { files[$$0] = 1; } \ + END { for (i in files) print i; }'`; \ + test -z "$(CTAGS_ARGS)$$tags$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ $$tags $$unique GTAGS: @@ -199,19 +274,21 @@ && gtags -i $(GTAGS_ARGS) $$here distclean-tags: - -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) - -top_distdir = ../../../.. -distdir = $(top_distdir)/$(PACKAGE)-$(VERSION) + -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags distdir: $(DISTFILES) - @list='$(DISTFILES)'; for file in $$list; do \ + @srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; \ + topsrcdirstrip=`echo "$(top_srcdir)" | sed 's|.|.|g'`; \ + list='$(DISTFILES)'; for file in $$list; do \ + case $$file in \ + $(srcdir)/*) file=`echo "$$file" | sed "s|^$$srcdirstrip/||"`;; \ + $(top_srcdir)/*) file=`echo "$$file" | sed "s|^$$topsrcdirstrip/|$(top_builddir)/|"`;; \ + esac; \ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ dir=`echo "$$file" | sed -e 's,/[^/]*$$,,'`; \ if test "$$dir" != "$$file" && test "$$dir" != "."; then \ dir="/$$dir"; \ - $(mkinstalldirs) "$(distdir)$$dir"; \ + $(mkdir_p) "$(distdir)$$dir"; \ else \ dir=''; \ fi; \ @@ -229,9 +306,7 @@ check-am: all-am check: check-am all-am: Makefile $(LIBRARIES) - installdirs: - install: install-am install-exec: install-exec-am install-data: install-data-am @@ -243,7 +318,7 @@ installcheck: installcheck-am install-strip: $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - INSTALL_STRIP_FLAG=-s \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ `test -z '$(STRIP)' || \ echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install mostlyclean-generic: @@ -251,7 +326,7 @@ clean-generic: distclean-generic: - -rm -f Makefile $(CONFIG_CLEAN_FILES) + -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) maintainer-clean-generic: @echo "This command is intended for maintainers to use" @@ -261,7 +336,7 @@ clean-am: clean-generic clean-noinstLIBRARIES mostlyclean-am distclean: distclean-am - + -rm -f Makefile distclean-am: clean-am distclean-compile distclean-generic \ distclean-tags @@ -269,6 +344,8 @@ dvi-am: +html: html-am + info: info-am info-am: @@ -284,24 +361,33 @@ installcheck-am: maintainer-clean: maintainer-clean-am - + -rm -f Makefile maintainer-clean-am: distclean-am maintainer-clean-generic mostlyclean: mostlyclean-am mostlyclean-am: mostlyclean-compile mostlyclean-generic +pdf: pdf-am + +pdf-am: + +ps: ps-am + +ps-am: + uninstall-am: uninstall-info-am -.PHONY: GTAGS all all-am check check-am clean clean-generic \ - clean-noinstLIBRARIES distclean distclean-compile \ - distclean-generic distclean-tags distdir dvi dvi-am info \ - info-am install install-am install-data install-data-am \ - install-exec install-exec-am install-info install-info-am \ - install-man install-strip installcheck installcheck-am \ - installdirs maintainer-clean maintainer-clean-generic \ - mostlyclean mostlyclean-compile mostlyclean-generic tags \ - uninstall uninstall-am uninstall-info-am +.PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \ + clean-noinstLIBRARIES ctags distclean distclean-compile \ + distclean-generic distclean-tags distdir dvi dvi-am html \ + html-am info info-am install install-am install-data \ + install-data-am install-exec install-exec-am install-info \ + install-info-am install-man install-strip installcheck \ + installcheck-am installdirs maintainer-clean \ + maintainer-clean-generic mostlyclean mostlyclean-compile \ + mostlyclean-generic pdf pdf-am ps ps-am tags uninstall \ + uninstall-am uninstall-info-am # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. --- snort-2.3.3.orig/src/preprocessors/HttpInspect/server/Makefile.in +++ snort-2.3.3/src/preprocessors/HttpInspect/server/Makefile.in @@ -1,8 +1,8 @@ -# Makefile.in generated by automake 1.6.3 from Makefile.am. +# Makefile.in generated by automake 1.9.6 from Makefile.am. # @configure_input@ -# Copyright 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002 -# Free Software Foundation, Inc. +# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +# 2003, 2004, 2005 Free Software Foundation, Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -13,77 +13,145 @@ # PARTICULAR PURPOSE. @SET_MAKE@ -SHELL = @SHELL@ srcdir = @srcdir@ top_srcdir = @top_srcdir@ VPATH = @srcdir@ -prefix = @prefix@ -exec_prefix = @exec_prefix@ - -bindir = @bindir@ -sbindir = @sbindir@ -libexecdir = @libexecdir@ -datadir = @datadir@ -sysconfdir = @sysconfdir@ -sharedstatedir = @sharedstatedir@ -localstatedir = @localstatedir@ -libdir = @libdir@ -infodir = @infodir@ -mandir = @mandir@ -includedir = @includedir@ -oldincludedir = /usr/include pkgdatadir = $(datadir)/@PACKAGE@ pkglibdir = $(libdir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ top_builddir = ../../../.. - -ACLOCAL = @ACLOCAL@ -AUTOCONF = @AUTOCONF@ -AUTOMAKE = @AUTOMAKE@ -AUTOHEADER = @AUTOHEADER@ - am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd INSTALL = @INSTALL@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_DATA = @INSTALL_DATA@ install_sh_DATA = $(install_sh) -c -m 644 install_sh_PROGRAM = $(install_sh) -c install_sh_SCRIPT = $(install_sh) -c -INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_HEADER = $(INSTALL_DATA) -transform = @program_transform_name@ +transform = $(program_transform_name) NORMAL_INSTALL = : PRE_INSTALL = : POST_INSTALL = : NORMAL_UNINSTALL = : PRE_UNINSTALL = : POST_UNINSTALL = : -host_alias = @host_alias@ +build_triplet = @build@ host_triplet = @host@ - -EXEEXT = @EXEEXT@ -OBJEXT = @OBJEXT@ -PATH_SEPARATOR = @PATH_SEPARATOR@ +subdir = src/preprocessors/HttpInspect/server +DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in +ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 +am__aclocal_m4_deps = $(top_srcdir)/configure.in +am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ + $(ACLOCAL_M4) +mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs +CONFIG_HEADER = $(top_builddir)/config.h +CONFIG_CLEAN_FILES = +LIBRARIES = $(noinst_LIBRARIES) +AR = ar +ARFLAGS = cru +libhi_server_a_AR = $(AR) $(ARFLAGS) +libhi_server_a_LIBADD = +am_libhi_server_a_OBJECTS = hi_server.$(OBJEXT) +libhi_server_a_OBJECTS = $(am_libhi_server_a_OBJECTS) +DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir) +depcomp = +am__depfiles_maybe = +COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ + $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +CCLD = $(CC) +LINK = $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@ +SOURCES = $(libhi_server_a_SOURCES) +DIST_SOURCES = $(libhi_server_a_SOURCES) +ETAGS = etags +CTAGS = ctags +DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) +ACLOCAL = @ACLOCAL@ +AMDEP_FALSE = @AMDEP_FALSE@ +AMDEP_TRUE = @AMDEP_TRUE@ AMTAR = @AMTAR@ +AUTOCONF = @AUTOCONF@ +AUTOHEADER = @AUTOHEADER@ +AUTOMAKE = @AUTOMAKE@ AWK = @AWK@ CC = @CC@ +CCDEPMODE = @CCDEPMODE@ +CFLAGS = @CFLAGS@ +CPP = @CPP@ +CPPFLAGS = @CPPFLAGS@ +CYGPATH_W = @CYGPATH_W@ +DEFS = @DEFS@ DEPDIR = @DEPDIR@ - +ECHO_C = @ECHO_C@ +ECHO_N = @ECHO_N@ +ECHO_T = @ECHO_T@ +EGREP = @EGREP@ +EXEEXT = @EXEEXT@ INCLUDES = @INCLUDES@ +INSTALL_DATA = @INSTALL_DATA@ +INSTALL_PROGRAM = @INSTALL_PROGRAM@ +INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +LDFLAGS = @LDFLAGS@ +LIBOBJS = @LIBOBJS@ +LIBS = @LIBS@ +LTLIBOBJS = @LTLIBOBJS@ +MAINT = @MAINT@ +MAINTAINER_MODE_FALSE = @MAINTAINER_MODE_FALSE@ +MAINTAINER_MODE_TRUE = @MAINTAINER_MODE_TRUE@ +MAKEINFO = @MAKEINFO@ +OBJEXT = @OBJEXT@ PACKAGE = @PACKAGE@ +PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +PACKAGE_NAME = @PACKAGE_NAME@ +PACKAGE_STRING = @PACKAGE_STRING@ +PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_VERSION = @PACKAGE_VERSION@ +PATH_SEPARATOR = @PATH_SEPARATOR@ RANLIB = @RANLIB@ +SET_MAKE = @SET_MAKE@ +SHELL = @SHELL@ STRIP = @STRIP@ VERSION = @VERSION@ +ac_ct_CC = @ac_ct_CC@ +ac_ct_RANLIB = @ac_ct_RANLIB@ +ac_ct_STRIP = @ac_ct_STRIP@ +am__fastdepCC_FALSE = @am__fastdepCC_FALSE@ +am__fastdepCC_TRUE = @am__fastdepCC_TRUE@ am__include = @am__include@ +am__leading_dot = @am__leading_dot@ am__quote = @am__quote@ +am__tar = @am__tar@ +am__untar = @am__untar@ +bindir = @bindir@ +build = @build@ +build_alias = @build_alias@ +build_cpu = @build_cpu@ +build_os = @build_os@ +build_vendor = @build_vendor@ +datadir = @datadir@ +exec_prefix = @exec_prefix@ extra_incl = @extra_incl@ +host = @host@ +host_alias = @host_alias@ +host_cpu = @host_cpu@ +host_os = @host_os@ +host_vendor = @host_vendor@ +includedir = @includedir@ +infodir = @infodir@ install_sh = @install_sh@ +libdir = @libdir@ +libexecdir = @libexecdir@ +localstatedir = @localstatedir@ +mandir = @mandir@ +mkdir_p = @mkdir_p@ +oldincludedir = @oldincludedir@ +prefix = @prefix@ +program_transform_name = @program_transform_name@ +sbindir = @sbindir@ +sharedstatedir = @sharedstatedir@ +sysconfdir = @sysconfdir@ +target_alias = @target_alias@ AUTOMAKE_OPTIONS = foreign no-dependencies - noinst_LIBRARIES = libhi_server.a - libhi_server_a_SOURCES = \ hi_server.c \ ../include/hi_ad.h \ @@ -106,44 +174,39 @@ ../include/hi_util_kmap.h \ ../include/hi_util_xmalloc.h -subdir = src/preprocessors/HttpInspect/server -mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs -CONFIG_HEADER = $(top_builddir)/config.h -CONFIG_CLEAN_FILES = -LIBRARIES = $(noinst_LIBRARIES) - -libhi_server_a_AR = $(AR) cru -libhi_server_a_LIBADD = -am_libhi_server_a_OBJECTS = hi_server.$(OBJEXT) -libhi_server_a_OBJECTS = $(am_libhi_server_a_OBJECTS) - -DEFS = @DEFS@ -DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir) -CPPFLAGS = @CPPFLAGS@ -LDFLAGS = @LDFLAGS@ -LIBS = @LIBS@ -depcomp = -am__depfiles_maybe = -COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ - $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -CCLD = $(CC) -LINK = $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@ -CFLAGS = @CFLAGS@ -DIST_SOURCES = $(libhi_server_a_SOURCES) -DIST_COMMON = Makefile.am Makefile.in -SOURCES = $(libhi_server_a_SOURCES) - all: all-am .SUFFIXES: .SUFFIXES: .c .o .obj -$(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) +$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps) + @for dep in $?; do \ + case '$(am__configure_deps)' in \ + *$$dep*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ + && exit 0; \ + exit 1;; \ + esac; \ + done; \ + echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign src/preprocessors/HttpInspect/server/Makefile'; \ cd $(top_srcdir) && \ $(AUTOMAKE) --foreign src/preprocessors/HttpInspect/server/Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe) - -AR = ar +.PRECIOUS: Makefile +Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status + @case '$?' in \ + *config.status*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ + *) \ + echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ + cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ + esac; + +$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh + +$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh clean-noinstLIBRARIES: -test -z "$(noinst_LIBRARIES)" || rm -f $(noinst_LIBRARIES) @@ -153,23 +216,18 @@ $(RANLIB) libhi_server.a mostlyclean-compile: - -rm -f *.$(OBJEXT) core *.core + -rm -f *.$(OBJEXT) distclean-compile: -rm -f *.tab.c .c.o: - $(COMPILE) -c `test -f '$<' || echo '$(srcdir)/'`$< + $(COMPILE) -c $< .c.obj: - $(COMPILE) -c `cygpath -w $<` + $(COMPILE) -c `$(CYGPATH_W) '$<'` uninstall-info-am: -ETAGS = etags -ETAGSFLAGS = - -tags: TAGS - ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ @@ -178,6 +236,7 @@ $(AWK) ' { files[$$0] = 1; } \ END { for (i in files) print i; }'`; \ mkid -fID $$unique +tags: TAGS TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) @@ -189,8 +248,24 @@ done | \ $(AWK) ' { files[$$0] = 1; } \ END { for (i in files) print i; }'`; \ - test -z "$(ETAGS_ARGS)$$tags$$unique" \ - || $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$tags $$unique; \ + fi +ctags: CTAGS +CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + tags=; \ + here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) ' { files[$$0] = 1; } \ + END { for (i in files) print i; }'`; \ + test -z "$(CTAGS_ARGS)$$tags$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ $$tags $$unique GTAGS: @@ -199,19 +274,21 @@ && gtags -i $(GTAGS_ARGS) $$here distclean-tags: - -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) - -top_distdir = ../../../.. -distdir = $(top_distdir)/$(PACKAGE)-$(VERSION) + -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags distdir: $(DISTFILES) - @list='$(DISTFILES)'; for file in $$list; do \ + @srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; \ + topsrcdirstrip=`echo "$(top_srcdir)" | sed 's|.|.|g'`; \ + list='$(DISTFILES)'; for file in $$list; do \ + case $$file in \ + $(srcdir)/*) file=`echo "$$file" | sed "s|^$$srcdirstrip/||"`;; \ + $(top_srcdir)/*) file=`echo "$$file" | sed "s|^$$topsrcdirstrip/|$(top_builddir)/|"`;; \ + esac; \ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ dir=`echo "$$file" | sed -e 's,/[^/]*$$,,'`; \ if test "$$dir" != "$$file" && test "$$dir" != "."; then \ dir="/$$dir"; \ - $(mkinstalldirs) "$(distdir)$$dir"; \ + $(mkdir_p) "$(distdir)$$dir"; \ else \ dir=''; \ fi; \ @@ -229,9 +306,7 @@ check-am: all-am check: check-am all-am: Makefile $(LIBRARIES) - installdirs: - install: install-am install-exec: install-exec-am install-data: install-data-am @@ -243,7 +318,7 @@ installcheck: installcheck-am install-strip: $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - INSTALL_STRIP_FLAG=-s \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ `test -z '$(STRIP)' || \ echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install mostlyclean-generic: @@ -251,7 +326,7 @@ clean-generic: distclean-generic: - -rm -f Makefile $(CONFIG_CLEAN_FILES) + -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) maintainer-clean-generic: @echo "This command is intended for maintainers to use" @@ -261,7 +336,7 @@ clean-am: clean-generic clean-noinstLIBRARIES mostlyclean-am distclean: distclean-am - + -rm -f Makefile distclean-am: clean-am distclean-compile distclean-generic \ distclean-tags @@ -269,6 +344,8 @@ dvi-am: +html: html-am + info: info-am info-am: @@ -284,24 +361,33 @@ installcheck-am: maintainer-clean: maintainer-clean-am - + -rm -f Makefile maintainer-clean-am: distclean-am maintainer-clean-generic mostlyclean: mostlyclean-am mostlyclean-am: mostlyclean-compile mostlyclean-generic +pdf: pdf-am + +pdf-am: + +ps: ps-am + +ps-am: + uninstall-am: uninstall-info-am -.PHONY: GTAGS all all-am check check-am clean clean-generic \ - clean-noinstLIBRARIES distclean distclean-compile \ - distclean-generic distclean-tags distdir dvi dvi-am info \ - info-am install install-am install-data install-data-am \ - install-exec install-exec-am install-info install-info-am \ - install-man install-strip installcheck installcheck-am \ - installdirs maintainer-clean maintainer-clean-generic \ - mostlyclean mostlyclean-compile mostlyclean-generic tags \ - uninstall uninstall-am uninstall-info-am +.PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \ + clean-noinstLIBRARIES ctags distclean distclean-compile \ + distclean-generic distclean-tags distdir dvi dvi-am html \ + html-am info info-am install install-am install-data \ + install-data-am install-exec install-exec-am install-info \ + install-info-am install-man install-strip installcheck \ + installcheck-am installdirs maintainer-clean \ + maintainer-clean-generic mostlyclean mostlyclean-compile \ + mostlyclean-generic pdf pdf-am ps ps-am tags uninstall \ + uninstall-am uninstall-info-am # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. --- snort-2.3.3.orig/src/preprocessors/HttpInspect/client/Makefile.in +++ snort-2.3.3/src/preprocessors/HttpInspect/client/Makefile.in @@ -1,8 +1,8 @@ -# Makefile.in generated by automake 1.6.3 from Makefile.am. +# Makefile.in generated by automake 1.9.6 from Makefile.am. # @configure_input@ -# Copyright 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002 -# Free Software Foundation, Inc. +# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +# 2003, 2004, 2005 Free Software Foundation, Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -13,77 +13,146 @@ # PARTICULAR PURPOSE. @SET_MAKE@ -SHELL = @SHELL@ srcdir = @srcdir@ top_srcdir = @top_srcdir@ VPATH = @srcdir@ -prefix = @prefix@ -exec_prefix = @exec_prefix@ - -bindir = @bindir@ -sbindir = @sbindir@ -libexecdir = @libexecdir@ -datadir = @datadir@ -sysconfdir = @sysconfdir@ -sharedstatedir = @sharedstatedir@ -localstatedir = @localstatedir@ -libdir = @libdir@ -infodir = @infodir@ -mandir = @mandir@ -includedir = @includedir@ -oldincludedir = /usr/include pkgdatadir = $(datadir)/@PACKAGE@ pkglibdir = $(libdir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ top_builddir = ../../../.. - -ACLOCAL = @ACLOCAL@ -AUTOCONF = @AUTOCONF@ -AUTOMAKE = @AUTOMAKE@ -AUTOHEADER = @AUTOHEADER@ - am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd INSTALL = @INSTALL@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_DATA = @INSTALL_DATA@ install_sh_DATA = $(install_sh) -c -m 644 install_sh_PROGRAM = $(install_sh) -c install_sh_SCRIPT = $(install_sh) -c -INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_HEADER = $(INSTALL_DATA) -transform = @program_transform_name@ +transform = $(program_transform_name) NORMAL_INSTALL = : PRE_INSTALL = : POST_INSTALL = : NORMAL_UNINSTALL = : PRE_UNINSTALL = : POST_UNINSTALL = : -host_alias = @host_alias@ +build_triplet = @build@ host_triplet = @host@ - -EXEEXT = @EXEEXT@ -OBJEXT = @OBJEXT@ -PATH_SEPARATOR = @PATH_SEPARATOR@ +subdir = src/preprocessors/HttpInspect/client +DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in +ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 +am__aclocal_m4_deps = $(top_srcdir)/configure.in +am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ + $(ACLOCAL_M4) +mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs +CONFIG_HEADER = $(top_builddir)/config.h +CONFIG_CLEAN_FILES = +LIBRARIES = $(noinst_LIBRARIES) +AR = ar +ARFLAGS = cru +libhi_client_a_AR = $(AR) $(ARFLAGS) +libhi_client_a_LIBADD = +am_libhi_client_a_OBJECTS = hi_client.$(OBJEXT) \ + hi_client_norm.$(OBJEXT) +libhi_client_a_OBJECTS = $(am_libhi_client_a_OBJECTS) +DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir) +depcomp = +am__depfiles_maybe = +COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ + $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +CCLD = $(CC) +LINK = $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@ +SOURCES = $(libhi_client_a_SOURCES) +DIST_SOURCES = $(libhi_client_a_SOURCES) +ETAGS = etags +CTAGS = ctags +DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) +ACLOCAL = @ACLOCAL@ +AMDEP_FALSE = @AMDEP_FALSE@ +AMDEP_TRUE = @AMDEP_TRUE@ AMTAR = @AMTAR@ +AUTOCONF = @AUTOCONF@ +AUTOHEADER = @AUTOHEADER@ +AUTOMAKE = @AUTOMAKE@ AWK = @AWK@ CC = @CC@ +CCDEPMODE = @CCDEPMODE@ +CFLAGS = @CFLAGS@ +CPP = @CPP@ +CPPFLAGS = @CPPFLAGS@ +CYGPATH_W = @CYGPATH_W@ +DEFS = @DEFS@ DEPDIR = @DEPDIR@ - +ECHO_C = @ECHO_C@ +ECHO_N = @ECHO_N@ +ECHO_T = @ECHO_T@ +EGREP = @EGREP@ +EXEEXT = @EXEEXT@ INCLUDES = @INCLUDES@ +INSTALL_DATA = @INSTALL_DATA@ +INSTALL_PROGRAM = @INSTALL_PROGRAM@ +INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +LDFLAGS = @LDFLAGS@ +LIBOBJS = @LIBOBJS@ +LIBS = @LIBS@ +LTLIBOBJS = @LTLIBOBJS@ +MAINT = @MAINT@ +MAINTAINER_MODE_FALSE = @MAINTAINER_MODE_FALSE@ +MAINTAINER_MODE_TRUE = @MAINTAINER_MODE_TRUE@ +MAKEINFO = @MAKEINFO@ +OBJEXT = @OBJEXT@ PACKAGE = @PACKAGE@ +PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +PACKAGE_NAME = @PACKAGE_NAME@ +PACKAGE_STRING = @PACKAGE_STRING@ +PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_VERSION = @PACKAGE_VERSION@ +PATH_SEPARATOR = @PATH_SEPARATOR@ RANLIB = @RANLIB@ +SET_MAKE = @SET_MAKE@ +SHELL = @SHELL@ STRIP = @STRIP@ VERSION = @VERSION@ +ac_ct_CC = @ac_ct_CC@ +ac_ct_RANLIB = @ac_ct_RANLIB@ +ac_ct_STRIP = @ac_ct_STRIP@ +am__fastdepCC_FALSE = @am__fastdepCC_FALSE@ +am__fastdepCC_TRUE = @am__fastdepCC_TRUE@ am__include = @am__include@ +am__leading_dot = @am__leading_dot@ am__quote = @am__quote@ +am__tar = @am__tar@ +am__untar = @am__untar@ +bindir = @bindir@ +build = @build@ +build_alias = @build_alias@ +build_cpu = @build_cpu@ +build_os = @build_os@ +build_vendor = @build_vendor@ +datadir = @datadir@ +exec_prefix = @exec_prefix@ extra_incl = @extra_incl@ +host = @host@ +host_alias = @host_alias@ +host_cpu = @host_cpu@ +host_os = @host_os@ +host_vendor = @host_vendor@ +includedir = @includedir@ +infodir = @infodir@ install_sh = @install_sh@ +libdir = @libdir@ +libexecdir = @libexecdir@ +localstatedir = @localstatedir@ +mandir = @mandir@ +mkdir_p = @mkdir_p@ +oldincludedir = @oldincludedir@ +prefix = @prefix@ +program_transform_name = @program_transform_name@ +sbindir = @sbindir@ +sharedstatedir = @sharedstatedir@ +sysconfdir = @sysconfdir@ +target_alias = @target_alias@ AUTOMAKE_OPTIONS = foreign no-dependencies - noinst_LIBRARIES = libhi_client.a - libhi_client_a_SOURCES = \ hi_client.c \ hi_client_norm.c \ @@ -107,44 +176,39 @@ ../include/hi_util_kmap.h \ ../include/hi_util_xmalloc.h -subdir = src/preprocessors/HttpInspect/client -mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs -CONFIG_HEADER = $(top_builddir)/config.h -CONFIG_CLEAN_FILES = -LIBRARIES = $(noinst_LIBRARIES) - -libhi_client_a_AR = $(AR) cru -libhi_client_a_LIBADD = -am_libhi_client_a_OBJECTS = hi_client.$(OBJEXT) hi_client_norm.$(OBJEXT) -libhi_client_a_OBJECTS = $(am_libhi_client_a_OBJECTS) - -DEFS = @DEFS@ -DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir) -CPPFLAGS = @CPPFLAGS@ -LDFLAGS = @LDFLAGS@ -LIBS = @LIBS@ -depcomp = -am__depfiles_maybe = -COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ - $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -CCLD = $(CC) -LINK = $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@ -CFLAGS = @CFLAGS@ -DIST_SOURCES = $(libhi_client_a_SOURCES) -DIST_COMMON = Makefile.am Makefile.in -SOURCES = $(libhi_client_a_SOURCES) - all: all-am .SUFFIXES: .SUFFIXES: .c .o .obj -$(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) +$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps) + @for dep in $?; do \ + case '$(am__configure_deps)' in \ + *$$dep*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ + && exit 0; \ + exit 1;; \ + esac; \ + done; \ + echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign src/preprocessors/HttpInspect/client/Makefile'; \ cd $(top_srcdir) && \ $(AUTOMAKE) --foreign src/preprocessors/HttpInspect/client/Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe) - -AR = ar +.PRECIOUS: Makefile +Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status + @case '$?' in \ + *config.status*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ + *) \ + echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ + cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ + esac; + +$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh + +$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh clean-noinstLIBRARIES: -test -z "$(noinst_LIBRARIES)" || rm -f $(noinst_LIBRARIES) @@ -154,23 +218,18 @@ $(RANLIB) libhi_client.a mostlyclean-compile: - -rm -f *.$(OBJEXT) core *.core + -rm -f *.$(OBJEXT) distclean-compile: -rm -f *.tab.c .c.o: - $(COMPILE) -c `test -f '$<' || echo '$(srcdir)/'`$< + $(COMPILE) -c $< .c.obj: - $(COMPILE) -c `cygpath -w $<` + $(COMPILE) -c `$(CYGPATH_W) '$<'` uninstall-info-am: -ETAGS = etags -ETAGSFLAGS = - -tags: TAGS - ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ @@ -179,6 +238,7 @@ $(AWK) ' { files[$$0] = 1; } \ END { for (i in files) print i; }'`; \ mkid -fID $$unique +tags: TAGS TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) @@ -190,8 +250,24 @@ done | \ $(AWK) ' { files[$$0] = 1; } \ END { for (i in files) print i; }'`; \ - test -z "$(ETAGS_ARGS)$$tags$$unique" \ - || $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$tags $$unique; \ + fi +ctags: CTAGS +CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + tags=; \ + here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) ' { files[$$0] = 1; } \ + END { for (i in files) print i; }'`; \ + test -z "$(CTAGS_ARGS)$$tags$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ $$tags $$unique GTAGS: @@ -200,19 +276,21 @@ && gtags -i $(GTAGS_ARGS) $$here distclean-tags: - -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) - -top_distdir = ../../../.. -distdir = $(top_distdir)/$(PACKAGE)-$(VERSION) + -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags distdir: $(DISTFILES) - @list='$(DISTFILES)'; for file in $$list; do \ + @srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; \ + topsrcdirstrip=`echo "$(top_srcdir)" | sed 's|.|.|g'`; \ + list='$(DISTFILES)'; for file in $$list; do \ + case $$file in \ + $(srcdir)/*) file=`echo "$$file" | sed "s|^$$srcdirstrip/||"`;; \ + $(top_srcdir)/*) file=`echo "$$file" | sed "s|^$$topsrcdirstrip/|$(top_builddir)/|"`;; \ + esac; \ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ dir=`echo "$$file" | sed -e 's,/[^/]*$$,,'`; \ if test "$$dir" != "$$file" && test "$$dir" != "."; then \ dir="/$$dir"; \ - $(mkinstalldirs) "$(distdir)$$dir"; \ + $(mkdir_p) "$(distdir)$$dir"; \ else \ dir=''; \ fi; \ @@ -230,9 +308,7 @@ check-am: all-am check: check-am all-am: Makefile $(LIBRARIES) - installdirs: - install: install-am install-exec: install-exec-am install-data: install-data-am @@ -244,7 +320,7 @@ installcheck: installcheck-am install-strip: $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - INSTALL_STRIP_FLAG=-s \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ `test -z '$(STRIP)' || \ echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install mostlyclean-generic: @@ -252,7 +328,7 @@ clean-generic: distclean-generic: - -rm -f Makefile $(CONFIG_CLEAN_FILES) + -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) maintainer-clean-generic: @echo "This command is intended for maintainers to use" @@ -262,7 +338,7 @@ clean-am: clean-generic clean-noinstLIBRARIES mostlyclean-am distclean: distclean-am - + -rm -f Makefile distclean-am: clean-am distclean-compile distclean-generic \ distclean-tags @@ -270,6 +346,8 @@ dvi-am: +html: html-am + info: info-am info-am: @@ -285,24 +363,33 @@ installcheck-am: maintainer-clean: maintainer-clean-am - + -rm -f Makefile maintainer-clean-am: distclean-am maintainer-clean-generic mostlyclean: mostlyclean-am mostlyclean-am: mostlyclean-compile mostlyclean-generic +pdf: pdf-am + +pdf-am: + +ps: ps-am + +ps-am: + uninstall-am: uninstall-info-am -.PHONY: GTAGS all all-am check check-am clean clean-generic \ - clean-noinstLIBRARIES distclean distclean-compile \ - distclean-generic distclean-tags distdir dvi dvi-am info \ - info-am install install-am install-data install-data-am \ - install-exec install-exec-am install-info install-info-am \ - install-man install-strip installcheck installcheck-am \ - installdirs maintainer-clean maintainer-clean-generic \ - mostlyclean mostlyclean-compile mostlyclean-generic tags \ - uninstall uninstall-am uninstall-info-am +.PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \ + clean-noinstLIBRARIES ctags distclean distclean-compile \ + distclean-generic distclean-tags distdir dvi dvi-am html \ + html-am info info-am install install-am install-data \ + install-data-am install-exec install-exec-am install-info \ + install-info-am install-man install-strip installcheck \ + installcheck-am installdirs maintainer-clean \ + maintainer-clean-generic mostlyclean mostlyclean-compile \ + mostlyclean-generic pdf pdf-am ps ps-am tags uninstall \ + uninstall-am uninstall-info-am # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. --- snort-2.3.3.orig/src/preprocessors/HttpInspect/normalization/Makefile.in +++ snort-2.3.3/src/preprocessors/HttpInspect/normalization/Makefile.in @@ -1,8 +1,8 @@ -# Makefile.in generated by automake 1.6.3 from Makefile.am. +# Makefile.in generated by automake 1.9.6 from Makefile.am. # @configure_input@ -# Copyright 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002 -# Free Software Foundation, Inc. +# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +# 2003, 2004, 2005 Free Software Foundation, Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -13,77 +13,145 @@ # PARTICULAR PURPOSE. @SET_MAKE@ -SHELL = @SHELL@ srcdir = @srcdir@ top_srcdir = @top_srcdir@ VPATH = @srcdir@ -prefix = @prefix@ -exec_prefix = @exec_prefix@ - -bindir = @bindir@ -sbindir = @sbindir@ -libexecdir = @libexecdir@ -datadir = @datadir@ -sysconfdir = @sysconfdir@ -sharedstatedir = @sharedstatedir@ -localstatedir = @localstatedir@ -libdir = @libdir@ -infodir = @infodir@ -mandir = @mandir@ -includedir = @includedir@ -oldincludedir = /usr/include pkgdatadir = $(datadir)/@PACKAGE@ pkglibdir = $(libdir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ top_builddir = ../../../.. - -ACLOCAL = @ACLOCAL@ -AUTOCONF = @AUTOCONF@ -AUTOMAKE = @AUTOMAKE@ -AUTOHEADER = @AUTOHEADER@ - am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd INSTALL = @INSTALL@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_DATA = @INSTALL_DATA@ install_sh_DATA = $(install_sh) -c -m 644 install_sh_PROGRAM = $(install_sh) -c install_sh_SCRIPT = $(install_sh) -c -INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_HEADER = $(INSTALL_DATA) -transform = @program_transform_name@ +transform = $(program_transform_name) NORMAL_INSTALL = : PRE_INSTALL = : POST_INSTALL = : NORMAL_UNINSTALL = : PRE_UNINSTALL = : POST_UNINSTALL = : -host_alias = @host_alias@ +build_triplet = @build@ host_triplet = @host@ - -EXEEXT = @EXEEXT@ -OBJEXT = @OBJEXT@ -PATH_SEPARATOR = @PATH_SEPARATOR@ +subdir = src/preprocessors/HttpInspect/normalization +DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in +ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 +am__aclocal_m4_deps = $(top_srcdir)/configure.in +am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ + $(ACLOCAL_M4) +mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs +CONFIG_HEADER = $(top_builddir)/config.h +CONFIG_CLEAN_FILES = +LIBRARIES = $(noinst_LIBRARIES) +AR = ar +ARFLAGS = cru +libhi_norm_a_AR = $(AR) $(ARFLAGS) +libhi_norm_a_LIBADD = +am_libhi_norm_a_OBJECTS = hi_norm.$(OBJEXT) +libhi_norm_a_OBJECTS = $(am_libhi_norm_a_OBJECTS) +DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir) +depcomp = +am__depfiles_maybe = +COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ + $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +CCLD = $(CC) +LINK = $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@ +SOURCES = $(libhi_norm_a_SOURCES) +DIST_SOURCES = $(libhi_norm_a_SOURCES) +ETAGS = etags +CTAGS = ctags +DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) +ACLOCAL = @ACLOCAL@ +AMDEP_FALSE = @AMDEP_FALSE@ +AMDEP_TRUE = @AMDEP_TRUE@ AMTAR = @AMTAR@ +AUTOCONF = @AUTOCONF@ +AUTOHEADER = @AUTOHEADER@ +AUTOMAKE = @AUTOMAKE@ AWK = @AWK@ CC = @CC@ +CCDEPMODE = @CCDEPMODE@ +CFLAGS = @CFLAGS@ +CPP = @CPP@ +CPPFLAGS = @CPPFLAGS@ +CYGPATH_W = @CYGPATH_W@ +DEFS = @DEFS@ DEPDIR = @DEPDIR@ - +ECHO_C = @ECHO_C@ +ECHO_N = @ECHO_N@ +ECHO_T = @ECHO_T@ +EGREP = @EGREP@ +EXEEXT = @EXEEXT@ INCLUDES = @INCLUDES@ +INSTALL_DATA = @INSTALL_DATA@ +INSTALL_PROGRAM = @INSTALL_PROGRAM@ +INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +LDFLAGS = @LDFLAGS@ +LIBOBJS = @LIBOBJS@ +LIBS = @LIBS@ +LTLIBOBJS = @LTLIBOBJS@ +MAINT = @MAINT@ +MAINTAINER_MODE_FALSE = @MAINTAINER_MODE_FALSE@ +MAINTAINER_MODE_TRUE = @MAINTAINER_MODE_TRUE@ +MAKEINFO = @MAKEINFO@ +OBJEXT = @OBJEXT@ PACKAGE = @PACKAGE@ +PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +PACKAGE_NAME = @PACKAGE_NAME@ +PACKAGE_STRING = @PACKAGE_STRING@ +PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_VERSION = @PACKAGE_VERSION@ +PATH_SEPARATOR = @PATH_SEPARATOR@ RANLIB = @RANLIB@ +SET_MAKE = @SET_MAKE@ +SHELL = @SHELL@ STRIP = @STRIP@ VERSION = @VERSION@ +ac_ct_CC = @ac_ct_CC@ +ac_ct_RANLIB = @ac_ct_RANLIB@ +ac_ct_STRIP = @ac_ct_STRIP@ +am__fastdepCC_FALSE = @am__fastdepCC_FALSE@ +am__fastdepCC_TRUE = @am__fastdepCC_TRUE@ am__include = @am__include@ +am__leading_dot = @am__leading_dot@ am__quote = @am__quote@ +am__tar = @am__tar@ +am__untar = @am__untar@ +bindir = @bindir@ +build = @build@ +build_alias = @build_alias@ +build_cpu = @build_cpu@ +build_os = @build_os@ +build_vendor = @build_vendor@ +datadir = @datadir@ +exec_prefix = @exec_prefix@ extra_incl = @extra_incl@ +host = @host@ +host_alias = @host_alias@ +host_cpu = @host_cpu@ +host_os = @host_os@ +host_vendor = @host_vendor@ +includedir = @includedir@ +infodir = @infodir@ install_sh = @install_sh@ +libdir = @libdir@ +libexecdir = @libexecdir@ +localstatedir = @localstatedir@ +mandir = @mandir@ +mkdir_p = @mkdir_p@ +oldincludedir = @oldincludedir@ +prefix = @prefix@ +program_transform_name = @program_transform_name@ +sbindir = @sbindir@ +sharedstatedir = @sharedstatedir@ +sysconfdir = @sysconfdir@ +target_alias = @target_alias@ AUTOMAKE_OPTIONS = foreign no-dependencies - noinst_LIBRARIES = libhi_norm.a - libhi_norm_a_SOURCES = \ hi_norm.c \ ../include/hi_ad.h \ @@ -106,44 +174,39 @@ ../include/hi_util_kmap.h \ ../include/hi_util_xmalloc.h -subdir = src/preprocessors/HttpInspect/normalization -mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs -CONFIG_HEADER = $(top_builddir)/config.h -CONFIG_CLEAN_FILES = -LIBRARIES = $(noinst_LIBRARIES) - -libhi_norm_a_AR = $(AR) cru -libhi_norm_a_LIBADD = -am_libhi_norm_a_OBJECTS = hi_norm.$(OBJEXT) -libhi_norm_a_OBJECTS = $(am_libhi_norm_a_OBJECTS) - -DEFS = @DEFS@ -DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir) -CPPFLAGS = @CPPFLAGS@ -LDFLAGS = @LDFLAGS@ -LIBS = @LIBS@ -depcomp = -am__depfiles_maybe = -COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ - $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -CCLD = $(CC) -LINK = $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@ -CFLAGS = @CFLAGS@ -DIST_SOURCES = $(libhi_norm_a_SOURCES) -DIST_COMMON = Makefile.am Makefile.in -SOURCES = $(libhi_norm_a_SOURCES) - all: all-am .SUFFIXES: .SUFFIXES: .c .o .obj -$(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) +$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps) + @for dep in $?; do \ + case '$(am__configure_deps)' in \ + *$$dep*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ + && exit 0; \ + exit 1;; \ + esac; \ + done; \ + echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign src/preprocessors/HttpInspect/normalization/Makefile'; \ cd $(top_srcdir) && \ $(AUTOMAKE) --foreign src/preprocessors/HttpInspect/normalization/Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe) - -AR = ar +.PRECIOUS: Makefile +Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status + @case '$?' in \ + *config.status*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ + *) \ + echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ + cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ + esac; + +$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh + +$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh clean-noinstLIBRARIES: -test -z "$(noinst_LIBRARIES)" || rm -f $(noinst_LIBRARIES) @@ -153,23 +216,18 @@ $(RANLIB) libhi_norm.a mostlyclean-compile: - -rm -f *.$(OBJEXT) core *.core + -rm -f *.$(OBJEXT) distclean-compile: -rm -f *.tab.c .c.o: - $(COMPILE) -c `test -f '$<' || echo '$(srcdir)/'`$< + $(COMPILE) -c $< .c.obj: - $(COMPILE) -c `cygpath -w $<` + $(COMPILE) -c `$(CYGPATH_W) '$<'` uninstall-info-am: -ETAGS = etags -ETAGSFLAGS = - -tags: TAGS - ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ @@ -178,6 +236,7 @@ $(AWK) ' { files[$$0] = 1; } \ END { for (i in files) print i; }'`; \ mkid -fID $$unique +tags: TAGS TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) @@ -189,8 +248,24 @@ done | \ $(AWK) ' { files[$$0] = 1; } \ END { for (i in files) print i; }'`; \ - test -z "$(ETAGS_ARGS)$$tags$$unique" \ - || $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$tags $$unique; \ + fi +ctags: CTAGS +CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + tags=; \ + here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) ' { files[$$0] = 1; } \ + END { for (i in files) print i; }'`; \ + test -z "$(CTAGS_ARGS)$$tags$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ $$tags $$unique GTAGS: @@ -199,19 +274,21 @@ && gtags -i $(GTAGS_ARGS) $$here distclean-tags: - -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) - -top_distdir = ../../../.. -distdir = $(top_distdir)/$(PACKAGE)-$(VERSION) + -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags distdir: $(DISTFILES) - @list='$(DISTFILES)'; for file in $$list; do \ + @srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; \ + topsrcdirstrip=`echo "$(top_srcdir)" | sed 's|.|.|g'`; \ + list='$(DISTFILES)'; for file in $$list; do \ + case $$file in \ + $(srcdir)/*) file=`echo "$$file" | sed "s|^$$srcdirstrip/||"`;; \ + $(top_srcdir)/*) file=`echo "$$file" | sed "s|^$$topsrcdirstrip/|$(top_builddir)/|"`;; \ + esac; \ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ dir=`echo "$$file" | sed -e 's,/[^/]*$$,,'`; \ if test "$$dir" != "$$file" && test "$$dir" != "."; then \ dir="/$$dir"; \ - $(mkinstalldirs) "$(distdir)$$dir"; \ + $(mkdir_p) "$(distdir)$$dir"; \ else \ dir=''; \ fi; \ @@ -229,9 +306,7 @@ check-am: all-am check: check-am all-am: Makefile $(LIBRARIES) - installdirs: - install: install-am install-exec: install-exec-am install-data: install-data-am @@ -243,7 +318,7 @@ installcheck: installcheck-am install-strip: $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - INSTALL_STRIP_FLAG=-s \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ `test -z '$(STRIP)' || \ echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install mostlyclean-generic: @@ -251,7 +326,7 @@ clean-generic: distclean-generic: - -rm -f Makefile $(CONFIG_CLEAN_FILES) + -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) maintainer-clean-generic: @echo "This command is intended for maintainers to use" @@ -261,7 +336,7 @@ clean-am: clean-generic clean-noinstLIBRARIES mostlyclean-am distclean: distclean-am - + -rm -f Makefile distclean-am: clean-am distclean-compile distclean-generic \ distclean-tags @@ -269,6 +344,8 @@ dvi-am: +html: html-am + info: info-am info-am: @@ -284,24 +361,33 @@ installcheck-am: maintainer-clean: maintainer-clean-am - + -rm -f Makefile maintainer-clean-am: distclean-am maintainer-clean-generic mostlyclean: mostlyclean-am mostlyclean-am: mostlyclean-compile mostlyclean-generic +pdf: pdf-am + +pdf-am: + +ps: ps-am + +ps-am: + uninstall-am: uninstall-info-am -.PHONY: GTAGS all all-am check check-am clean clean-generic \ - clean-noinstLIBRARIES distclean distclean-compile \ - distclean-generic distclean-tags distdir dvi dvi-am info \ - info-am install install-am install-data install-data-am \ - install-exec install-exec-am install-info install-info-am \ - install-man install-strip installcheck installcheck-am \ - installdirs maintainer-clean maintainer-clean-generic \ - mostlyclean mostlyclean-compile mostlyclean-generic tags \ - uninstall uninstall-am uninstall-info-am +.PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \ + clean-noinstLIBRARIES ctags distclean distclean-compile \ + distclean-generic distclean-tags distdir dvi dvi-am html \ + html-am info info-am install install-am install-data \ + install-data-am install-exec install-exec-am install-info \ + install-info-am install-man install-strip installcheck \ + installcheck-am installdirs maintainer-clean \ + maintainer-clean-generic mostlyclean mostlyclean-compile \ + mostlyclean-generic pdf pdf-am ps ps-am tags uninstall \ + uninstall-am uninstall-info-am # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. --- snort-2.3.3.orig/src/preprocessors/HttpInspect/Makefile.in +++ snort-2.3.3/src/preprocessors/HttpInspect/Makefile.in @@ -1,8 +1,8 @@ -# Makefile.in generated by automake 1.6.3 from Makefile.am. +# Makefile.in generated by automake 1.9.6 from Makefile.am. # @configure_input@ -# Copyright 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002 -# Free Software Foundation, Inc. +# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +# 2003, 2004, 2005 Free Software Foundation, Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -13,83 +13,164 @@ # PARTICULAR PURPOSE. @SET_MAKE@ -SHELL = @SHELL@ srcdir = @srcdir@ top_srcdir = @top_srcdir@ VPATH = @srcdir@ -prefix = @prefix@ -exec_prefix = @exec_prefix@ - -bindir = @bindir@ -sbindir = @sbindir@ -libexecdir = @libexecdir@ -datadir = @datadir@ -sysconfdir = @sysconfdir@ -sharedstatedir = @sharedstatedir@ -localstatedir = @localstatedir@ -libdir = @libdir@ -infodir = @infodir@ -mandir = @mandir@ -includedir = @includedir@ -oldincludedir = /usr/include pkgdatadir = $(datadir)/@PACKAGE@ pkglibdir = $(libdir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ top_builddir = ../../.. - -ACLOCAL = @ACLOCAL@ -AUTOCONF = @AUTOCONF@ -AUTOMAKE = @AUTOMAKE@ -AUTOHEADER = @AUTOHEADER@ - am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd INSTALL = @INSTALL@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_DATA = @INSTALL_DATA@ install_sh_DATA = $(install_sh) -c -m 644 install_sh_PROGRAM = $(install_sh) -c install_sh_SCRIPT = $(install_sh) -c -INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_HEADER = $(INSTALL_DATA) -transform = @program_transform_name@ +transform = $(program_transform_name) NORMAL_INSTALL = : PRE_INSTALL = : POST_INSTALL = : NORMAL_UNINSTALL = : PRE_UNINSTALL = : POST_UNINSTALL = : -host_alias = @host_alias@ +build_triplet = @build@ host_triplet = @host@ - -EXEEXT = @EXEEXT@ -OBJEXT = @OBJEXT@ -PATH_SEPARATOR = @PATH_SEPARATOR@ +subdir = src/preprocessors/HttpInspect +DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in +ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 +am__aclocal_m4_deps = $(top_srcdir)/configure.in +am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ + $(ACLOCAL_M4) +mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs +CONFIG_HEADER = $(top_builddir)/config.h +CONFIG_CLEAN_FILES = +LIBRARIES = $(noinst_LIBRARIES) +AR = ar +ARFLAGS = cru +libhttp_inspect_a_AR = $(AR) $(ARFLAGS) +libhttp_inspect_a_DEPENDENCIES = user_interface/hi_ui_config.o \ + user_interface/hi_ui_server_lookup.o \ + user_interface/hi_ui_iis_unicode_map.o \ + session_inspection/hi_si.o mode_inspection/hi_mi.o \ + anomaly_detection/hi_ad.o utils/hi_util_kmap.o \ + utils/hi_util_xmalloc.o utils/hi_util_hbm.o \ + event_output/hi_eo_log.o client/hi_client.o \ + client/hi_client_norm.o server/hi_server.o \ + normalization/hi_norm.o +am_libhttp_inspect_a_OBJECTS = +libhttp_inspect_a_OBJECTS = $(am_libhttp_inspect_a_OBJECTS) +DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir) +depcomp = +am__depfiles_maybe = +COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ + $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +CCLD = $(CC) +LINK = $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@ +SOURCES = $(libhttp_inspect_a_SOURCES) +DIST_SOURCES = $(libhttp_inspect_a_SOURCES) +RECURSIVE_TARGETS = all-recursive check-recursive dvi-recursive \ + html-recursive info-recursive install-data-recursive \ + install-exec-recursive install-info-recursive \ + install-recursive installcheck-recursive installdirs-recursive \ + pdf-recursive ps-recursive uninstall-info-recursive \ + uninstall-recursive +ETAGS = etags +CTAGS = ctags +DIST_SUBDIRS = $(SUBDIRS) +DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) +ACLOCAL = @ACLOCAL@ +AMDEP_FALSE = @AMDEP_FALSE@ +AMDEP_TRUE = @AMDEP_TRUE@ AMTAR = @AMTAR@ +AUTOCONF = @AUTOCONF@ +AUTOHEADER = @AUTOHEADER@ +AUTOMAKE = @AUTOMAKE@ AWK = @AWK@ CC = @CC@ +CCDEPMODE = @CCDEPMODE@ +CFLAGS = @CFLAGS@ +CPP = @CPP@ +CPPFLAGS = @CPPFLAGS@ +CYGPATH_W = @CYGPATH_W@ +DEFS = @DEFS@ DEPDIR = @DEPDIR@ - +ECHO_C = @ECHO_C@ +ECHO_N = @ECHO_N@ +ECHO_T = @ECHO_T@ +EGREP = @EGREP@ +EXEEXT = @EXEEXT@ INCLUDES = @INCLUDES@ +INSTALL_DATA = @INSTALL_DATA@ +INSTALL_PROGRAM = @INSTALL_PROGRAM@ +INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +LDFLAGS = @LDFLAGS@ +LIBOBJS = @LIBOBJS@ +LIBS = @LIBS@ +LTLIBOBJS = @LTLIBOBJS@ +MAINT = @MAINT@ +MAINTAINER_MODE_FALSE = @MAINTAINER_MODE_FALSE@ +MAINTAINER_MODE_TRUE = @MAINTAINER_MODE_TRUE@ +MAKEINFO = @MAKEINFO@ +OBJEXT = @OBJEXT@ PACKAGE = @PACKAGE@ +PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +PACKAGE_NAME = @PACKAGE_NAME@ +PACKAGE_STRING = @PACKAGE_STRING@ +PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_VERSION = @PACKAGE_VERSION@ +PATH_SEPARATOR = @PATH_SEPARATOR@ RANLIB = @RANLIB@ +SET_MAKE = @SET_MAKE@ +SHELL = @SHELL@ STRIP = @STRIP@ VERSION = @VERSION@ +ac_ct_CC = @ac_ct_CC@ +ac_ct_RANLIB = @ac_ct_RANLIB@ +ac_ct_STRIP = @ac_ct_STRIP@ +am__fastdepCC_FALSE = @am__fastdepCC_FALSE@ +am__fastdepCC_TRUE = @am__fastdepCC_TRUE@ am__include = @am__include@ +am__leading_dot = @am__leading_dot@ am__quote = @am__quote@ +am__tar = @am__tar@ +am__untar = @am__untar@ +bindir = @bindir@ +build = @build@ +build_alias = @build_alias@ +build_cpu = @build_cpu@ +build_os = @build_os@ +build_vendor = @build_vendor@ +datadir = @datadir@ +exec_prefix = @exec_prefix@ extra_incl = @extra_incl@ +host = @host@ +host_alias = @host_alias@ +host_cpu = @host_cpu@ +host_os = @host_os@ +host_vendor = @host_vendor@ +includedir = @includedir@ +infodir = @infodir@ install_sh = @install_sh@ +libdir = @libdir@ +libexecdir = @libexecdir@ +localstatedir = @localstatedir@ +mandir = @mandir@ +mkdir_p = @mkdir_p@ +oldincludedir = @oldincludedir@ +prefix = @prefix@ +program_transform_name = @program_transform_name@ +sbindir = @sbindir@ +sharedstatedir = @sharedstatedir@ +sysconfdir = @sysconfdir@ +target_alias = @target_alias@ AUTOMAKE_OPTIONS = foreign no-dependencies - noinst_LIBRARIES = libhttp_inspect.a - libhttp_inspect_a_SOURCES = - SUBDIRS = include utils user_interface session_inspection mode_inspection \ anomaly_detection event_output server client normalization - libhttp_inspect_a_LIBADD = \ user_interface/hi_ui_config.o \ user_interface/hi_ui_server_lookup.o \ @@ -106,57 +187,38 @@ server/hi_server.o \ normalization/hi_norm.o -subdir = src/preprocessors/HttpInspect -mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs -CONFIG_HEADER = $(top_builddir)/config.h -CONFIG_CLEAN_FILES = -LIBRARIES = $(noinst_LIBRARIES) - -libhttp_inspect_a_AR = $(AR) cru -libhttp_inspect_a_DEPENDENCIES = user_interface/hi_ui_config.o \ - user_interface/hi_ui_server_lookup.o \ - user_interface/hi_ui_iis_unicode_map.o \ - session_inspection/hi_si.o mode_inspection/hi_mi.o \ - anomaly_detection/hi_ad.o utils/hi_util_kmap.o \ - utils/hi_util_xmalloc.o utils/hi_util_hbm.o \ - event_output/hi_eo_log.o client/hi_client.o \ - client/hi_client_norm.o server/hi_server.o \ - normalization/hi_norm.o -am_libhttp_inspect_a_OBJECTS = -libhttp_inspect_a_OBJECTS = $(am_libhttp_inspect_a_OBJECTS) - -DEFS = @DEFS@ -DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir) -CPPFLAGS = @CPPFLAGS@ -LDFLAGS = @LDFLAGS@ -LIBS = @LIBS@ -depcomp = -am__depfiles_maybe = -CFLAGS = @CFLAGS@ -COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ - $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -CCLD = $(CC) -LINK = $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@ -DIST_SOURCES = $(libhttp_inspect_a_SOURCES) - -RECURSIVE_TARGETS = info-recursive dvi-recursive install-info-recursive \ - uninstall-info-recursive all-recursive install-data-recursive \ - install-exec-recursive installdirs-recursive install-recursive \ - uninstall-recursive check-recursive installcheck-recursive -DIST_COMMON = Makefile.am Makefile.in -DIST_SUBDIRS = $(SUBDIRS) -SOURCES = $(libhttp_inspect_a_SOURCES) - all: all-recursive .SUFFIXES: -$(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) +$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps) + @for dep in $?; do \ + case '$(am__configure_deps)' in \ + *$$dep*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ + && exit 0; \ + exit 1;; \ + esac; \ + done; \ + echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign src/preprocessors/HttpInspect/Makefile'; \ cd $(top_srcdir) && \ $(AUTOMAKE) --foreign src/preprocessors/HttpInspect/Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe) - -AR = ar +.PRECIOUS: Makefile +Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status + @case '$?' in \ + *config.status*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ + *) \ + echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ + cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ + esac; + +$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh + +$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh clean-noinstLIBRARIES: -test -z "$(noinst_LIBRARIES)" || rm -f $(noinst_LIBRARIES) @@ -166,7 +228,7 @@ $(RANLIB) libhttp_inspect.a mostlyclean-compile: - -rm -f *.$(OBJEXT) core *.core + -rm -f *.$(OBJEXT) distclean-compile: -rm -f *.tab.c @@ -179,7 +241,13 @@ # (which will cause the Makefiles to be regenerated when you run `make'); # (2) otherwise, pass the desired values on the `make' command line. $(RECURSIVE_TARGETS): - @set fnord $$MAKEFLAGS; amf=$$2; \ + @failcom='exit 1'; \ + for f in x $$MAKEFLAGS; do \ + case $$f in \ + *=* | --[!k]*);; \ + *k*) failcom='fail=yes';; \ + esac; \ + done; \ dot_seen=no; \ target=`echo $@ | sed s/-recursive//`; \ list='$(SUBDIRS)'; for subdir in $$list; do \ @@ -191,7 +259,7 @@ local_target="$$target"; \ fi; \ (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \ - || case "$$amf" in *=*) exit 1;; *k*) fail=yes;; *) exit 1;; esac; \ + || eval $$failcom; \ done; \ if test "$$dot_seen" = "no"; then \ $(MAKE) $(AM_MAKEFLAGS) "$$target-am" || exit 1; \ @@ -199,7 +267,13 @@ mostlyclean-recursive clean-recursive distclean-recursive \ maintainer-clean-recursive: - @set fnord $$MAKEFLAGS; amf=$$2; \ + @failcom='exit 1'; \ + for f in x $$MAKEFLAGS; do \ + case $$f in \ + *=* | --[!k]*);; \ + *k*) failcom='fail=yes';; \ + esac; \ + done; \ dot_seen=no; \ case "$@" in \ distclean-* | maintainer-clean-*) list='$(DIST_SUBDIRS)' ;; \ @@ -220,17 +294,16 @@ local_target="$$target"; \ fi; \ (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \ - || case "$$amf" in *=*) exit 1;; *k*) fail=yes;; *) exit 1;; esac; \ + || eval $$failcom; \ done && test -z "$$fail" tags-recursive: list='$(SUBDIRS)'; for subdir in $$list; do \ test "$$subdir" = . || (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) tags); \ done - -ETAGS = etags -ETAGSFLAGS = - -tags: TAGS +ctags-recursive: + list='$(SUBDIRS)'; for subdir in $$list; do \ + test "$$subdir" = . || (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) ctags); \ + done ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ @@ -240,14 +313,23 @@ $(AWK) ' { files[$$0] = 1; } \ END { for (i in files) print i; }'`; \ mkid -fID $$unique +tags: TAGS TAGS: tags-recursive $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) tags=; \ here=`pwd`; \ + if ($(ETAGS) --etags-include --version) >/dev/null 2>&1; then \ + include_option=--etags-include; \ + empty_fix=.; \ + else \ + include_option=--include; \ + empty_fix=; \ + fi; \ list='$(SUBDIRS)'; for subdir in $$list; do \ if test "$$subdir" = .; then :; else \ - test -f $$subdir/TAGS && tags="$$tags -i $$here/$$subdir/TAGS"; \ + test ! -f $$subdir/TAGS || \ + tags="$$tags $$include_option=$$here/$$subdir/TAGS"; \ fi; \ done; \ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ @@ -256,8 +338,24 @@ done | \ $(AWK) ' { files[$$0] = 1; } \ END { for (i in files) print i; }'`; \ - test -z "$(ETAGS_ARGS)$$tags$$unique" \ - || $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$tags $$unique; \ + fi +ctags: CTAGS +CTAGS: ctags-recursive $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + tags=; \ + here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) ' { files[$$0] = 1; } \ + END { for (i in files) print i; }'`; \ + test -z "$(CTAGS_ARGS)$$tags$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ $$tags $$unique GTAGS: @@ -266,19 +364,21 @@ && gtags -i $(GTAGS_ARGS) $$here distclean-tags: - -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) - -top_distdir = ../../.. -distdir = $(top_distdir)/$(PACKAGE)-$(VERSION) + -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags distdir: $(DISTFILES) - @list='$(DISTFILES)'; for file in $$list; do \ + @srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; \ + topsrcdirstrip=`echo "$(top_srcdir)" | sed 's|.|.|g'`; \ + list='$(DISTFILES)'; for file in $$list; do \ + case $$file in \ + $(srcdir)/*) file=`echo "$$file" | sed "s|^$$srcdirstrip/||"`;; \ + $(top_srcdir)/*) file=`echo "$$file" | sed "s|^$$topsrcdirstrip/|$(top_builddir)/|"`;; \ + esac; \ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ dir=`echo "$$file" | sed -e 's,/[^/]*$$,,'`; \ if test "$$dir" != "$$file" && test "$$dir" != "."; then \ dir="/$$dir"; \ - $(mkinstalldirs) "$(distdir)$$dir"; \ + $(mkdir_p) "$(distdir)$$dir"; \ else \ dir=''; \ fi; \ @@ -293,15 +393,17 @@ || exit 1; \ fi; \ done - list='$(SUBDIRS)'; for subdir in $$list; do \ + list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ if test "$$subdir" = .; then :; else \ - test -d $(distdir)/$$subdir \ - || mkdir $(distdir)/$$subdir \ + test -d "$(distdir)/$$subdir" \ + || $(mkdir_p) "$(distdir)/$$subdir" \ || exit 1; \ + distdir=`$(am__cd) $(distdir) && pwd`; \ + top_distdir=`$(am__cd) $(top_distdir) && pwd`; \ (cd $$subdir && \ $(MAKE) $(AM_MAKEFLAGS) \ - top_distdir="$(top_distdir)" \ - distdir=../$(distdir)/$$subdir \ + top_distdir="$$top_distdir" \ + distdir="$$distdir/$$subdir" \ distdir) \ || exit 1; \ fi; \ @@ -311,7 +413,6 @@ all-am: Makefile $(LIBRARIES) installdirs: installdirs-recursive installdirs-am: - install: install-recursive install-exec: install-exec-recursive install-data: install-data-recursive @@ -323,7 +424,7 @@ installcheck: installcheck-recursive install-strip: $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - INSTALL_STRIP_FLAG=-s \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ `test -z '$(STRIP)' || \ echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install mostlyclean-generic: @@ -331,7 +432,7 @@ clean-generic: distclean-generic: - -rm -f Makefile $(CONFIG_CLEAN_FILES) + -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) maintainer-clean-generic: @echo "This command is intended for maintainers to use" @@ -341,7 +442,7 @@ clean-am: clean-generic clean-noinstLIBRARIES mostlyclean-am distclean: distclean-recursive - + -rm -f Makefile distclean-am: clean-am distclean-compile distclean-generic \ distclean-tags @@ -349,6 +450,8 @@ dvi-am: +html: html-recursive + info: info-recursive info-am: @@ -364,31 +467,37 @@ installcheck-am: maintainer-clean: maintainer-clean-recursive - + -rm -f Makefile maintainer-clean-am: distclean-am maintainer-clean-generic mostlyclean: mostlyclean-recursive mostlyclean-am: mostlyclean-compile mostlyclean-generic +pdf: pdf-recursive + +pdf-am: + +ps: ps-recursive + +ps-am: + uninstall-am: uninstall-info-am uninstall-info: uninstall-info-recursive -.PHONY: $(RECURSIVE_TARGETS) GTAGS all all-am check check-am clean \ - clean-generic clean-noinstLIBRARIES clean-recursive distclean \ - distclean-compile distclean-generic distclean-recursive \ - distclean-tags distdir dvi dvi-am dvi-recursive info info-am \ - info-recursive install install-am install-data install-data-am \ - install-data-recursive install-exec install-exec-am \ - install-exec-recursive install-info install-info-am \ - install-info-recursive install-man install-recursive \ - install-strip installcheck installcheck-am installdirs \ - installdirs-am installdirs-recursive maintainer-clean \ - maintainer-clean-generic maintainer-clean-recursive mostlyclean \ - mostlyclean-compile mostlyclean-generic mostlyclean-recursive \ - tags tags-recursive uninstall uninstall-am uninstall-info-am \ - uninstall-info-recursive uninstall-recursive +.PHONY: $(RECURSIVE_TARGETS) CTAGS GTAGS all all-am check check-am \ + clean clean-generic clean-noinstLIBRARIES clean-recursive \ + ctags ctags-recursive distclean distclean-compile \ + distclean-generic distclean-recursive distclean-tags distdir \ + dvi dvi-am html html-am info info-am install install-am \ + install-data install-data-am install-exec install-exec-am \ + install-info install-info-am install-man install-strip \ + installcheck installcheck-am installdirs installdirs-am \ + maintainer-clean maintainer-clean-generic \ + maintainer-clean-recursive mostlyclean mostlyclean-compile \ + mostlyclean-generic mostlyclean-recursive pdf pdf-am ps ps-am \ + tags tags-recursive uninstall uninstall-am uninstall-info-am # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. --- snort-2.3.3.orig/src/preprocessors/Makefile.in +++ snort-2.3.3/src/preprocessors/Makefile.in @@ -1,8 +1,8 @@ -# Makefile.in generated by automake 1.6.3 from Makefile.am. +# Makefile.in generated by automake 1.9.6 from Makefile.am. # @configure_input@ -# Copyright 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002 -# Free Software Foundation, Inc. +# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +# 2003, 2004, 2005 Free Software Foundation, Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -13,79 +13,163 @@ # PARTICULAR PURPOSE. @SET_MAKE@ -SHELL = @SHELL@ srcdir = @srcdir@ top_srcdir = @top_srcdir@ VPATH = @srcdir@ -prefix = @prefix@ -exec_prefix = @exec_prefix@ - -bindir = @bindir@ -sbindir = @sbindir@ -libexecdir = @libexecdir@ -datadir = @datadir@ -sysconfdir = @sysconfdir@ -sharedstatedir = @sharedstatedir@ -localstatedir = @localstatedir@ -libdir = @libdir@ -infodir = @infodir@ -mandir = @mandir@ -includedir = @includedir@ -oldincludedir = /usr/include pkgdatadir = $(datadir)/@PACKAGE@ pkglibdir = $(libdir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ top_builddir = ../.. - -ACLOCAL = @ACLOCAL@ -AUTOCONF = @AUTOCONF@ -AUTOMAKE = @AUTOMAKE@ -AUTOHEADER = @AUTOHEADER@ - am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd INSTALL = @INSTALL@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_DATA = @INSTALL_DATA@ install_sh_DATA = $(install_sh) -c -m 644 install_sh_PROGRAM = $(install_sh) -c install_sh_SCRIPT = $(install_sh) -c -INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_HEADER = $(INSTALL_DATA) -transform = @program_transform_name@ +transform = $(program_transform_name) NORMAL_INSTALL = : PRE_INSTALL = : POST_INSTALL = : NORMAL_UNINSTALL = : PRE_UNINSTALL = : POST_UNINSTALL = : -host_alias = @host_alias@ +build_triplet = @build@ host_triplet = @host@ - -EXEEXT = @EXEEXT@ -OBJEXT = @OBJEXT@ -PATH_SEPARATOR = @PATH_SEPARATOR@ +subdir = src/preprocessors +DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in +ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 +am__aclocal_m4_deps = $(top_srcdir)/configure.in +am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ + $(ACLOCAL_M4) +mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs +CONFIG_HEADER = $(top_builddir)/config.h +CONFIG_CLEAN_FILES = +LIBRARIES = $(noinst_LIBRARIES) +AR = ar +ARFLAGS = cru +libspp_a_AR = $(AR) $(ARFLAGS) +libspp_a_LIBADD = +am_libspp_a_OBJECTS = spp_arpspoof.$(OBJEXT) spp_bo.$(OBJEXT) \ + spp_frag2.$(OBJEXT) spp_portscan.$(OBJEXT) \ + spp_rpc_decode.$(OBJEXT) spp_stream4.$(OBJEXT) \ + spp_telnet_negotiation.$(OBJEXT) spp_perfmonitor.$(OBJEXT) \ + spp_conversation.$(OBJEXT) spp_portscan2.$(OBJEXT) \ + perf.$(OBJEXT) perf-base.$(OBJEXT) perf-flow.$(OBJEXT) \ + perf-event.$(OBJEXT) sfprocpidstats.$(OBJEXT) \ + spp_httpinspect.$(OBJEXT) snort_httpinspect.$(OBJEXT) \ + spp_flow.$(OBJEXT) portscan.$(OBJEXT) spp_sfportscan.$(OBJEXT) \ + spp_xlink2state.$(OBJEXT) xlink2state.$(OBJEXT) \ + str_search.$(OBJEXT) +libspp_a_OBJECTS = $(am_libspp_a_OBJECTS) +DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir) +depcomp = +am__depfiles_maybe = +COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ + $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +CCLD = $(CC) +LINK = $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@ +SOURCES = $(libspp_a_SOURCES) +DIST_SOURCES = $(libspp_a_SOURCES) +RECURSIVE_TARGETS = all-recursive check-recursive dvi-recursive \ + html-recursive info-recursive install-data-recursive \ + install-exec-recursive install-info-recursive \ + install-recursive installcheck-recursive installdirs-recursive \ + pdf-recursive ps-recursive uninstall-info-recursive \ + uninstall-recursive +ETAGS = etags +CTAGS = ctags +DIST_SUBDIRS = $(SUBDIRS) +DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) +ACLOCAL = @ACLOCAL@ +AMDEP_FALSE = @AMDEP_FALSE@ +AMDEP_TRUE = @AMDEP_TRUE@ AMTAR = @AMTAR@ +AUTOCONF = @AUTOCONF@ +AUTOHEADER = @AUTOHEADER@ +AUTOMAKE = @AUTOMAKE@ AWK = @AWK@ CC = @CC@ +CCDEPMODE = @CCDEPMODE@ +CFLAGS = @CFLAGS@ +CPP = @CPP@ +CPPFLAGS = @CPPFLAGS@ +CYGPATH_W = @CYGPATH_W@ +DEFS = @DEFS@ DEPDIR = @DEPDIR@ - +ECHO_C = @ECHO_C@ +ECHO_N = @ECHO_N@ +ECHO_T = @ECHO_T@ +EGREP = @EGREP@ +EXEEXT = @EXEEXT@ INCLUDES = @INCLUDES@ +INSTALL_DATA = @INSTALL_DATA@ +INSTALL_PROGRAM = @INSTALL_PROGRAM@ +INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +LDFLAGS = @LDFLAGS@ +LIBOBJS = @LIBOBJS@ +LIBS = @LIBS@ +LTLIBOBJS = @LTLIBOBJS@ +MAINT = @MAINT@ +MAINTAINER_MODE_FALSE = @MAINTAINER_MODE_FALSE@ +MAINTAINER_MODE_TRUE = @MAINTAINER_MODE_TRUE@ +MAKEINFO = @MAKEINFO@ +OBJEXT = @OBJEXT@ PACKAGE = @PACKAGE@ +PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +PACKAGE_NAME = @PACKAGE_NAME@ +PACKAGE_STRING = @PACKAGE_STRING@ +PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_VERSION = @PACKAGE_VERSION@ +PATH_SEPARATOR = @PATH_SEPARATOR@ RANLIB = @RANLIB@ +SET_MAKE = @SET_MAKE@ +SHELL = @SHELL@ STRIP = @STRIP@ VERSION = @VERSION@ +ac_ct_CC = @ac_ct_CC@ +ac_ct_RANLIB = @ac_ct_RANLIB@ +ac_ct_STRIP = @ac_ct_STRIP@ +am__fastdepCC_FALSE = @am__fastdepCC_FALSE@ +am__fastdepCC_TRUE = @am__fastdepCC_TRUE@ am__include = @am__include@ +am__leading_dot = @am__leading_dot@ am__quote = @am__quote@ +am__tar = @am__tar@ +am__untar = @am__untar@ +bindir = @bindir@ +build = @build@ +build_alias = @build_alias@ +build_cpu = @build_cpu@ +build_os = @build_os@ +build_vendor = @build_vendor@ +datadir = @datadir@ +exec_prefix = @exec_prefix@ extra_incl = @extra_incl@ +host = @host@ +host_alias = @host_alias@ +host_cpu = @host_cpu@ +host_os = @host_os@ +host_vendor = @host_vendor@ +includedir = @includedir@ +infodir = @infodir@ install_sh = @install_sh@ +libdir = @libdir@ +libexecdir = @libexecdir@ +localstatedir = @localstatedir@ +mandir = @mandir@ +mkdir_p = @mkdir_p@ +oldincludedir = @oldincludedir@ +prefix = @prefix@ +program_transform_name = @program_transform_name@ +sbindir = @sbindir@ +sharedstatedir = @sharedstatedir@ +sysconfdir = @sysconfdir@ +target_alias = @target_alias@ AUTOMAKE_OPTIONS = foreign no-dependencies - noinst_LIBRARIES = libspp.a - SUBDIRS = flow HttpInspect - libspp_a_SOURCES = spp_arpspoof.c spp_arpspoof.h spp_bo.c spp_bo.h \ spp_frag2.c spp_frag2.h \ spp_portscan.c spp_portscan.h spp_rpc_decode.c spp_rpc_decode.h \ @@ -108,60 +192,39 @@ str_search.c str_search.h \ stream.h -subdir = src/preprocessors -mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs -CONFIG_HEADER = $(top_builddir)/config.h -CONFIG_CLEAN_FILES = -LIBRARIES = $(noinst_LIBRARIES) - -libspp_a_AR = $(AR) cru -libspp_a_LIBADD = -am_libspp_a_OBJECTS = spp_arpspoof.$(OBJEXT) spp_bo.$(OBJEXT) \ - spp_frag2.$(OBJEXT) spp_portscan.$(OBJEXT) \ - spp_rpc_decode.$(OBJEXT) spp_stream4.$(OBJEXT) \ - spp_telnet_negotiation.$(OBJEXT) spp_perfmonitor.$(OBJEXT) \ - spp_conversation.$(OBJEXT) spp_portscan2.$(OBJEXT) \ - perf.$(OBJEXT) perf-base.$(OBJEXT) perf-flow.$(OBJEXT) \ - perf-event.$(OBJEXT) sfprocpidstats.$(OBJEXT) \ - spp_httpinspect.$(OBJEXT) snort_httpinspect.$(OBJEXT) \ - spp_flow.$(OBJEXT) portscan.$(OBJEXT) spp_sfportscan.$(OBJEXT) \ - spp_xlink2state.$(OBJEXT) xlink2state.$(OBJEXT) \ - str_search.$(OBJEXT) -libspp_a_OBJECTS = $(am_libspp_a_OBJECTS) - -DEFS = @DEFS@ -DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir) -CPPFLAGS = @CPPFLAGS@ -LDFLAGS = @LDFLAGS@ -LIBS = @LIBS@ -depcomp = -am__depfiles_maybe = -COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ - $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -CCLD = $(CC) -LINK = $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@ -CFLAGS = @CFLAGS@ -DIST_SOURCES = $(libspp_a_SOURCES) - -RECURSIVE_TARGETS = info-recursive dvi-recursive install-info-recursive \ - uninstall-info-recursive all-recursive install-data-recursive \ - install-exec-recursive installdirs-recursive install-recursive \ - uninstall-recursive check-recursive installcheck-recursive -DIST_COMMON = Makefile.am Makefile.in -DIST_SUBDIRS = $(SUBDIRS) -SOURCES = $(libspp_a_SOURCES) - all: all-recursive .SUFFIXES: .SUFFIXES: .c .o .obj -$(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) +$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps) + @for dep in $?; do \ + case '$(am__configure_deps)' in \ + *$$dep*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ + && exit 0; \ + exit 1;; \ + esac; \ + done; \ + echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign src/preprocessors/Makefile'; \ cd $(top_srcdir) && \ $(AUTOMAKE) --foreign src/preprocessors/Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe) - -AR = ar +.PRECIOUS: Makefile +Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status + @case '$?' in \ + *config.status*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ + *) \ + echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ + cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ + esac; + +$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh + +$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh clean-noinstLIBRARIES: -test -z "$(noinst_LIBRARIES)" || rm -f $(noinst_LIBRARIES) @@ -171,16 +234,16 @@ $(RANLIB) libspp.a mostlyclean-compile: - -rm -f *.$(OBJEXT) core *.core + -rm -f *.$(OBJEXT) distclean-compile: -rm -f *.tab.c .c.o: - $(COMPILE) -c `test -f '$<' || echo '$(srcdir)/'`$< + $(COMPILE) -c $< .c.obj: - $(COMPILE) -c `cygpath -w $<` + $(COMPILE) -c `$(CYGPATH_W) '$<'` uninstall-info-am: # This directory's subdirectories are mostly independent; you can cd @@ -190,7 +253,13 @@ # (which will cause the Makefiles to be regenerated when you run `make'); # (2) otherwise, pass the desired values on the `make' command line. $(RECURSIVE_TARGETS): - @set fnord $$MAKEFLAGS; amf=$$2; \ + @failcom='exit 1'; \ + for f in x $$MAKEFLAGS; do \ + case $$f in \ + *=* | --[!k]*);; \ + *k*) failcom='fail=yes';; \ + esac; \ + done; \ dot_seen=no; \ target=`echo $@ | sed s/-recursive//`; \ list='$(SUBDIRS)'; for subdir in $$list; do \ @@ -202,7 +271,7 @@ local_target="$$target"; \ fi; \ (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \ - || case "$$amf" in *=*) exit 1;; *k*) fail=yes;; *) exit 1;; esac; \ + || eval $$failcom; \ done; \ if test "$$dot_seen" = "no"; then \ $(MAKE) $(AM_MAKEFLAGS) "$$target-am" || exit 1; \ @@ -210,7 +279,13 @@ mostlyclean-recursive clean-recursive distclean-recursive \ maintainer-clean-recursive: - @set fnord $$MAKEFLAGS; amf=$$2; \ + @failcom='exit 1'; \ + for f in x $$MAKEFLAGS; do \ + case $$f in \ + *=* | --[!k]*);; \ + *k*) failcom='fail=yes';; \ + esac; \ + done; \ dot_seen=no; \ case "$@" in \ distclean-* | maintainer-clean-*) list='$(DIST_SUBDIRS)' ;; \ @@ -231,17 +306,16 @@ local_target="$$target"; \ fi; \ (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \ - || case "$$amf" in *=*) exit 1;; *k*) fail=yes;; *) exit 1;; esac; \ + || eval $$failcom; \ done && test -z "$$fail" tags-recursive: list='$(SUBDIRS)'; for subdir in $$list; do \ test "$$subdir" = . || (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) tags); \ done - -ETAGS = etags -ETAGSFLAGS = - -tags: TAGS +ctags-recursive: + list='$(SUBDIRS)'; for subdir in $$list; do \ + test "$$subdir" = . || (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) ctags); \ + done ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ @@ -251,14 +325,23 @@ $(AWK) ' { files[$$0] = 1; } \ END { for (i in files) print i; }'`; \ mkid -fID $$unique +tags: TAGS TAGS: tags-recursive $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) tags=; \ here=`pwd`; \ + if ($(ETAGS) --etags-include --version) >/dev/null 2>&1; then \ + include_option=--etags-include; \ + empty_fix=.; \ + else \ + include_option=--include; \ + empty_fix=; \ + fi; \ list='$(SUBDIRS)'; for subdir in $$list; do \ if test "$$subdir" = .; then :; else \ - test -f $$subdir/TAGS && tags="$$tags -i $$here/$$subdir/TAGS"; \ + test ! -f $$subdir/TAGS || \ + tags="$$tags $$include_option=$$here/$$subdir/TAGS"; \ fi; \ done; \ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ @@ -267,8 +350,24 @@ done | \ $(AWK) ' { files[$$0] = 1; } \ END { for (i in files) print i; }'`; \ - test -z "$(ETAGS_ARGS)$$tags$$unique" \ - || $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$tags $$unique; \ + fi +ctags: CTAGS +CTAGS: ctags-recursive $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + tags=; \ + here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) ' { files[$$0] = 1; } \ + END { for (i in files) print i; }'`; \ + test -z "$(CTAGS_ARGS)$$tags$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ $$tags $$unique GTAGS: @@ -277,19 +376,21 @@ && gtags -i $(GTAGS_ARGS) $$here distclean-tags: - -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) - -top_distdir = ../.. -distdir = $(top_distdir)/$(PACKAGE)-$(VERSION) + -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags distdir: $(DISTFILES) - @list='$(DISTFILES)'; for file in $$list; do \ + @srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; \ + topsrcdirstrip=`echo "$(top_srcdir)" | sed 's|.|.|g'`; \ + list='$(DISTFILES)'; for file in $$list; do \ + case $$file in \ + $(srcdir)/*) file=`echo "$$file" | sed "s|^$$srcdirstrip/||"`;; \ + $(top_srcdir)/*) file=`echo "$$file" | sed "s|^$$topsrcdirstrip/|$(top_builddir)/|"`;; \ + esac; \ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ dir=`echo "$$file" | sed -e 's,/[^/]*$$,,'`; \ if test "$$dir" != "$$file" && test "$$dir" != "."; then \ dir="/$$dir"; \ - $(mkinstalldirs) "$(distdir)$$dir"; \ + $(mkdir_p) "$(distdir)$$dir"; \ else \ dir=''; \ fi; \ @@ -304,15 +405,17 @@ || exit 1; \ fi; \ done - list='$(SUBDIRS)'; for subdir in $$list; do \ + list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ if test "$$subdir" = .; then :; else \ - test -d $(distdir)/$$subdir \ - || mkdir $(distdir)/$$subdir \ + test -d "$(distdir)/$$subdir" \ + || $(mkdir_p) "$(distdir)/$$subdir" \ || exit 1; \ + distdir=`$(am__cd) $(distdir) && pwd`; \ + top_distdir=`$(am__cd) $(top_distdir) && pwd`; \ (cd $$subdir && \ $(MAKE) $(AM_MAKEFLAGS) \ - top_distdir="$(top_distdir)" \ - distdir=../$(distdir)/$$subdir \ + top_distdir="$$top_distdir" \ + distdir="$$distdir/$$subdir" \ distdir) \ || exit 1; \ fi; \ @@ -322,7 +425,6 @@ all-am: Makefile $(LIBRARIES) installdirs: installdirs-recursive installdirs-am: - install: install-recursive install-exec: install-exec-recursive install-data: install-data-recursive @@ -334,7 +436,7 @@ installcheck: installcheck-recursive install-strip: $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - INSTALL_STRIP_FLAG=-s \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ `test -z '$(STRIP)' || \ echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install mostlyclean-generic: @@ -342,7 +444,7 @@ clean-generic: distclean-generic: - -rm -f Makefile $(CONFIG_CLEAN_FILES) + -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) maintainer-clean-generic: @echo "This command is intended for maintainers to use" @@ -352,7 +454,7 @@ clean-am: clean-generic clean-noinstLIBRARIES mostlyclean-am distclean: distclean-recursive - + -rm -f Makefile distclean-am: clean-am distclean-compile distclean-generic \ distclean-tags @@ -360,6 +462,8 @@ dvi-am: +html: html-recursive + info: info-recursive info-am: @@ -375,31 +479,37 @@ installcheck-am: maintainer-clean: maintainer-clean-recursive - + -rm -f Makefile maintainer-clean-am: distclean-am maintainer-clean-generic mostlyclean: mostlyclean-recursive mostlyclean-am: mostlyclean-compile mostlyclean-generic +pdf: pdf-recursive + +pdf-am: + +ps: ps-recursive + +ps-am: + uninstall-am: uninstall-info-am uninstall-info: uninstall-info-recursive -.PHONY: $(RECURSIVE_TARGETS) GTAGS all all-am check check-am clean \ - clean-generic clean-noinstLIBRARIES clean-recursive distclean \ - distclean-compile distclean-generic distclean-recursive \ - distclean-tags distdir dvi dvi-am dvi-recursive info info-am \ - info-recursive install install-am install-data install-data-am \ - install-data-recursive install-exec install-exec-am \ - install-exec-recursive install-info install-info-am \ - install-info-recursive install-man install-recursive \ - install-strip installcheck installcheck-am installdirs \ - installdirs-am installdirs-recursive maintainer-clean \ - maintainer-clean-generic maintainer-clean-recursive mostlyclean \ - mostlyclean-compile mostlyclean-generic mostlyclean-recursive \ - tags tags-recursive uninstall uninstall-am uninstall-info-am \ - uninstall-info-recursive uninstall-recursive +.PHONY: $(RECURSIVE_TARGETS) CTAGS GTAGS all all-am check check-am \ + clean clean-generic clean-noinstLIBRARIES clean-recursive \ + ctags ctags-recursive distclean distclean-compile \ + distclean-generic distclean-recursive distclean-tags distdir \ + dvi dvi-am html html-am info info-am install install-am \ + install-data install-data-am install-exec install-exec-am \ + install-info install-info-am install-man install-strip \ + installcheck installcheck-am installdirs installdirs-am \ + maintainer-clean maintainer-clean-generic \ + maintainer-clean-recursive mostlyclean mostlyclean-compile \ + mostlyclean-generic mostlyclean-recursive pdf pdf-am ps ps-am \ + tags tags-recursive uninstall uninstall-am uninstall-info-am # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. --- snort-2.3.3.orig/src/parser/Makefile.in +++ snort-2.3.3/src/parser/Makefile.in @@ -1,8 +1,8 @@ -# Makefile.in generated by automake 1.6.3 from Makefile.am. +# Makefile.in generated by automake 1.9.6 from Makefile.am. # @configure_input@ -# Copyright 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002 -# Free Software Foundation, Inc. +# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +# 2003, 2004, 2005 Free Software Foundation, Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -13,116 +13,179 @@ # PARTICULAR PURPOSE. @SET_MAKE@ -SHELL = @SHELL@ srcdir = @srcdir@ top_srcdir = @top_srcdir@ VPATH = @srcdir@ -prefix = @prefix@ -exec_prefix = @exec_prefix@ - -bindir = @bindir@ -sbindir = @sbindir@ -libexecdir = @libexecdir@ -datadir = @datadir@ -sysconfdir = @sysconfdir@ -sharedstatedir = @sharedstatedir@ -localstatedir = @localstatedir@ -libdir = @libdir@ -infodir = @infodir@ -mandir = @mandir@ -includedir = @includedir@ -oldincludedir = /usr/include pkgdatadir = $(datadir)/@PACKAGE@ pkglibdir = $(libdir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ top_builddir = ../.. - -ACLOCAL = @ACLOCAL@ -AUTOCONF = @AUTOCONF@ -AUTOMAKE = @AUTOMAKE@ -AUTOHEADER = @AUTOHEADER@ - am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd INSTALL = @INSTALL@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_DATA = @INSTALL_DATA@ install_sh_DATA = $(install_sh) -c -m 644 install_sh_PROGRAM = $(install_sh) -c install_sh_SCRIPT = $(install_sh) -c -INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_HEADER = $(INSTALL_DATA) -transform = @program_transform_name@ +transform = $(program_transform_name) NORMAL_INSTALL = : PRE_INSTALL = : POST_INSTALL = : NORMAL_UNINSTALL = : PRE_UNINSTALL = : POST_UNINSTALL = : -host_alias = @host_alias@ +build_triplet = @build@ host_triplet = @host@ - -EXEEXT = @EXEEXT@ -OBJEXT = @OBJEXT@ -PATH_SEPARATOR = @PATH_SEPARATOR@ +subdir = src/parser +DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in +ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 +am__aclocal_m4_deps = $(top_srcdir)/configure.in +am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ + $(ACLOCAL_M4) +mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs +CONFIG_HEADER = $(top_builddir)/config.h +CONFIG_CLEAN_FILES = +LIBRARIES = $(noinst_LIBRARIES) +AR = ar +ARFLAGS = cru +libparser_a_AR = $(AR) $(ARFLAGS) +libparser_a_LIBADD = +am_libparser_a_OBJECTS = IpAddrSet.$(OBJEXT) +libparser_a_OBJECTS = $(am_libparser_a_OBJECTS) +DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir) +depcomp = +am__depfiles_maybe = +COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ + $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +CCLD = $(CC) +LINK = $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@ +SOURCES = $(libparser_a_SOURCES) +DIST_SOURCES = $(libparser_a_SOURCES) +ETAGS = etags +CTAGS = ctags +DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) +ACLOCAL = @ACLOCAL@ +AMDEP_FALSE = @AMDEP_FALSE@ +AMDEP_TRUE = @AMDEP_TRUE@ AMTAR = @AMTAR@ +AUTOCONF = @AUTOCONF@ +AUTOHEADER = @AUTOHEADER@ +AUTOMAKE = @AUTOMAKE@ AWK = @AWK@ CC = @CC@ +CCDEPMODE = @CCDEPMODE@ +CFLAGS = @CFLAGS@ +CPP = @CPP@ +CPPFLAGS = @CPPFLAGS@ +CYGPATH_W = @CYGPATH_W@ +DEFS = @DEFS@ DEPDIR = @DEPDIR@ - +ECHO_C = @ECHO_C@ +ECHO_N = @ECHO_N@ +ECHO_T = @ECHO_T@ +EGREP = @EGREP@ +EXEEXT = @EXEEXT@ INCLUDES = @INCLUDES@ +INSTALL_DATA = @INSTALL_DATA@ +INSTALL_PROGRAM = @INSTALL_PROGRAM@ +INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +LDFLAGS = @LDFLAGS@ +LIBOBJS = @LIBOBJS@ +LIBS = @LIBS@ +LTLIBOBJS = @LTLIBOBJS@ +MAINT = @MAINT@ +MAINTAINER_MODE_FALSE = @MAINTAINER_MODE_FALSE@ +MAINTAINER_MODE_TRUE = @MAINTAINER_MODE_TRUE@ +MAKEINFO = @MAKEINFO@ +OBJEXT = @OBJEXT@ PACKAGE = @PACKAGE@ +PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +PACKAGE_NAME = @PACKAGE_NAME@ +PACKAGE_STRING = @PACKAGE_STRING@ +PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_VERSION = @PACKAGE_VERSION@ +PATH_SEPARATOR = @PATH_SEPARATOR@ RANLIB = @RANLIB@ +SET_MAKE = @SET_MAKE@ +SHELL = @SHELL@ STRIP = @STRIP@ VERSION = @VERSION@ +ac_ct_CC = @ac_ct_CC@ +ac_ct_RANLIB = @ac_ct_RANLIB@ +ac_ct_STRIP = @ac_ct_STRIP@ +am__fastdepCC_FALSE = @am__fastdepCC_FALSE@ +am__fastdepCC_TRUE = @am__fastdepCC_TRUE@ am__include = @am__include@ +am__leading_dot = @am__leading_dot@ am__quote = @am__quote@ +am__tar = @am__tar@ +am__untar = @am__untar@ +bindir = @bindir@ +build = @build@ +build_alias = @build_alias@ +build_cpu = @build_cpu@ +build_os = @build_os@ +build_vendor = @build_vendor@ +datadir = @datadir@ +exec_prefix = @exec_prefix@ extra_incl = @extra_incl@ +host = @host@ +host_alias = @host_alias@ +host_cpu = @host_cpu@ +host_os = @host_os@ +host_vendor = @host_vendor@ +includedir = @includedir@ +infodir = @infodir@ install_sh = @install_sh@ +libdir = @libdir@ +libexecdir = @libexecdir@ +localstatedir = @localstatedir@ +mandir = @mandir@ +mkdir_p = @mkdir_p@ +oldincludedir = @oldincludedir@ +prefix = @prefix@ +program_transform_name = @program_transform_name@ +sbindir = @sbindir@ +sharedstatedir = @sharedstatedir@ +sysconfdir = @sysconfdir@ +target_alias = @target_alias@ AUTOMAKE_OPTIONS = foreign no-dependencies - noinst_LIBRARIES = libparser.a - libparser_a_SOURCES = IpAddrSet.c IpAddrSet.h -subdir = src/parser -mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs -CONFIG_HEADER = $(top_builddir)/config.h -CONFIG_CLEAN_FILES = -LIBRARIES = $(noinst_LIBRARIES) - -libparser_a_AR = $(AR) cru -libparser_a_LIBADD = -am_libparser_a_OBJECTS = IpAddrSet.$(OBJEXT) -libparser_a_OBJECTS = $(am_libparser_a_OBJECTS) - -DEFS = @DEFS@ -DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir) -CPPFLAGS = @CPPFLAGS@ -LDFLAGS = @LDFLAGS@ -LIBS = @LIBS@ -depcomp = -am__depfiles_maybe = -COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ - $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -CCLD = $(CC) -LINK = $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@ -CFLAGS = @CFLAGS@ -DIST_SOURCES = $(libparser_a_SOURCES) -DIST_COMMON = Makefile.am Makefile.in -SOURCES = $(libparser_a_SOURCES) - all: all-am .SUFFIXES: .SUFFIXES: .c .o .obj -$(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) +$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps) + @for dep in $?; do \ + case '$(am__configure_deps)' in \ + *$$dep*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ + && exit 0; \ + exit 1;; \ + esac; \ + done; \ + echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign src/parser/Makefile'; \ cd $(top_srcdir) && \ $(AUTOMAKE) --foreign src/parser/Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe) - -AR = ar +.PRECIOUS: Makefile +Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status + @case '$?' in \ + *config.status*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ + *) \ + echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ + cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ + esac; + +$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh + +$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh clean-noinstLIBRARIES: -test -z "$(noinst_LIBRARIES)" || rm -f $(noinst_LIBRARIES) @@ -132,23 +195,18 @@ $(RANLIB) libparser.a mostlyclean-compile: - -rm -f *.$(OBJEXT) core *.core + -rm -f *.$(OBJEXT) distclean-compile: -rm -f *.tab.c .c.o: - $(COMPILE) -c `test -f '$<' || echo '$(srcdir)/'`$< + $(COMPILE) -c $< .c.obj: - $(COMPILE) -c `cygpath -w $<` + $(COMPILE) -c `$(CYGPATH_W) '$<'` uninstall-info-am: -ETAGS = etags -ETAGSFLAGS = - -tags: TAGS - ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ @@ -157,6 +215,7 @@ $(AWK) ' { files[$$0] = 1; } \ END { for (i in files) print i; }'`; \ mkid -fID $$unique +tags: TAGS TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) @@ -168,8 +227,24 @@ done | \ $(AWK) ' { files[$$0] = 1; } \ END { for (i in files) print i; }'`; \ - test -z "$(ETAGS_ARGS)$$tags$$unique" \ - || $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$tags $$unique; \ + fi +ctags: CTAGS +CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + tags=; \ + here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) ' { files[$$0] = 1; } \ + END { for (i in files) print i; }'`; \ + test -z "$(CTAGS_ARGS)$$tags$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ $$tags $$unique GTAGS: @@ -178,19 +253,21 @@ && gtags -i $(GTAGS_ARGS) $$here distclean-tags: - -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) - -top_distdir = ../.. -distdir = $(top_distdir)/$(PACKAGE)-$(VERSION) + -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags distdir: $(DISTFILES) - @list='$(DISTFILES)'; for file in $$list; do \ + @srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; \ + topsrcdirstrip=`echo "$(top_srcdir)" | sed 's|.|.|g'`; \ + list='$(DISTFILES)'; for file in $$list; do \ + case $$file in \ + $(srcdir)/*) file=`echo "$$file" | sed "s|^$$srcdirstrip/||"`;; \ + $(top_srcdir)/*) file=`echo "$$file" | sed "s|^$$topsrcdirstrip/|$(top_builddir)/|"`;; \ + esac; \ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ dir=`echo "$$file" | sed -e 's,/[^/]*$$,,'`; \ if test "$$dir" != "$$file" && test "$$dir" != "."; then \ dir="/$$dir"; \ - $(mkinstalldirs) "$(distdir)$$dir"; \ + $(mkdir_p) "$(distdir)$$dir"; \ else \ dir=''; \ fi; \ @@ -208,9 +285,7 @@ check-am: all-am check: check-am all-am: Makefile $(LIBRARIES) - installdirs: - install: install-am install-exec: install-exec-am install-data: install-data-am @@ -222,7 +297,7 @@ installcheck: installcheck-am install-strip: $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - INSTALL_STRIP_FLAG=-s \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ `test -z '$(STRIP)' || \ echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install mostlyclean-generic: @@ -230,7 +305,7 @@ clean-generic: distclean-generic: - -rm -f Makefile $(CONFIG_CLEAN_FILES) + -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) maintainer-clean-generic: @echo "This command is intended for maintainers to use" @@ -240,7 +315,7 @@ clean-am: clean-generic clean-noinstLIBRARIES mostlyclean-am distclean: distclean-am - + -rm -f Makefile distclean-am: clean-am distclean-compile distclean-generic \ distclean-tags @@ -248,6 +323,8 @@ dvi-am: +html: html-am + info: info-am info-am: @@ -263,24 +340,33 @@ installcheck-am: maintainer-clean: maintainer-clean-am - + -rm -f Makefile maintainer-clean-am: distclean-am maintainer-clean-generic mostlyclean: mostlyclean-am mostlyclean-am: mostlyclean-compile mostlyclean-generic +pdf: pdf-am + +pdf-am: + +ps: ps-am + +ps-am: + uninstall-am: uninstall-info-am -.PHONY: GTAGS all all-am check check-am clean clean-generic \ - clean-noinstLIBRARIES distclean distclean-compile \ - distclean-generic distclean-tags distdir dvi dvi-am info \ - info-am install install-am install-data install-data-am \ - install-exec install-exec-am install-info install-info-am \ - install-man install-strip installcheck installcheck-am \ - installdirs maintainer-clean maintainer-clean-generic \ - mostlyclean mostlyclean-compile mostlyclean-generic tags \ - uninstall uninstall-am uninstall-info-am +.PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \ + clean-noinstLIBRARIES ctags distclean distclean-compile \ + distclean-generic distclean-tags distdir dvi dvi-am html \ + html-am info info-am install install-am install-data \ + install-data-am install-exec install-exec-am install-info \ + install-info-am install-man install-strip installcheck \ + installcheck-am installdirs maintainer-clean \ + maintainer-clean-generic mostlyclean mostlyclean-compile \ + mostlyclean-generic pdf pdf-am ps ps-am tags uninstall \ + uninstall-am uninstall-info-am # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. --- snort-2.3.3.orig/src/Makefile.in +++ snort-2.3.3/src/Makefile.in @@ -1,8 +1,8 @@ -# Makefile.in generated by automake 1.6.3 from Makefile.am. +# Makefile.in generated by automake 1.9.6 from Makefile.am. # @configure_input@ -# Copyright 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002 -# Free Software Foundation, Inc. +# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +# 2003, 2004, 2005 Free Software Foundation, Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -13,77 +13,164 @@ # PARTICULAR PURPOSE. @SET_MAKE@ -SHELL = @SHELL@ srcdir = @srcdir@ top_srcdir = @top_srcdir@ VPATH = @srcdir@ -prefix = @prefix@ -exec_prefix = @exec_prefix@ - -bindir = @bindir@ -sbindir = @sbindir@ -libexecdir = @libexecdir@ -datadir = @datadir@ -sysconfdir = @sysconfdir@ -sharedstatedir = @sharedstatedir@ -localstatedir = @localstatedir@ -libdir = @libdir@ -infodir = @infodir@ -mandir = @mandir@ -includedir = @includedir@ -oldincludedir = /usr/include pkgdatadir = $(datadir)/@PACKAGE@ pkglibdir = $(libdir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ top_builddir = .. - -ACLOCAL = @ACLOCAL@ -AUTOCONF = @AUTOCONF@ -AUTOMAKE = @AUTOMAKE@ -AUTOHEADER = @AUTOHEADER@ - am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd INSTALL = @INSTALL@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_DATA = @INSTALL_DATA@ install_sh_DATA = $(install_sh) -c -m 644 install_sh_PROGRAM = $(install_sh) -c install_sh_SCRIPT = $(install_sh) -c -INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_HEADER = $(INSTALL_DATA) -transform = @program_transform_name@ +transform = $(program_transform_name) NORMAL_INSTALL = : PRE_INSTALL = : POST_INSTALL = : NORMAL_UNINSTALL = : PRE_UNINSTALL = : POST_UNINSTALL = : -host_alias = @host_alias@ +build_triplet = @build@ host_triplet = @host@ - -EXEEXT = @EXEEXT@ -OBJEXT = @OBJEXT@ -PATH_SEPARATOR = @PATH_SEPARATOR@ +bin_PROGRAMS = snort$(EXEEXT) +subdir = src +DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in +ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 +am__aclocal_m4_deps = $(top_srcdir)/configure.in +am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ + $(ACLOCAL_M4) +mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs +CONFIG_HEADER = $(top_builddir)/config.h +CONFIG_CLEAN_FILES = +am__installdirs = "$(DESTDIR)$(bindir)" +binPROGRAMS_INSTALL = $(INSTALL_PROGRAM) +PROGRAMS = $(bin_PROGRAMS) +am_snort_OBJECTS = codes.$(OBJEXT) debug.$(OBJEXT) decode.$(OBJEXT) \ + log.$(OBJEXT) mstring.$(OBJEXT) parser.$(OBJEXT) \ + plugbase.$(OBJEXT) snort.$(OBJEXT) snprintf.$(OBJEXT) \ + strlcatu.$(OBJEXT) strlcpyu.$(OBJEXT) tag.$(OBJEXT) \ + ubi_BinTree.$(OBJEXT) ubi_SplayTree.$(OBJEXT) util.$(OBJEXT) \ + detect.$(OBJEXT) signature.$(OBJEXT) mempool.$(OBJEXT) \ + sf_sdlist.$(OBJEXT) fpcreate.$(OBJEXT) fpdetect.$(OBJEXT) \ + pcrm.$(OBJEXT) byte_extract.$(OBJEXT) sfthreshold.$(OBJEXT) \ + packet_time.$(OBJEXT) event_wrapper.$(OBJEXT) \ + event_queue.$(OBJEXT) inline.$(OBJEXT) +snort_OBJECTS = $(am_snort_OBJECTS) +snort_DEPENDENCIES = output-plugins/libspo.a \ + detection-plugins/libspd.a preprocessors/libspp.a \ + preprocessors/flow/portscan/libportscan.a \ + preprocessors/flow/libflow.a parser/libparser.a \ + preprocessors/HttpInspect/libhttp_inspect.a sfutil/libsfutil.a +DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir) +depcomp = +am__depfiles_maybe = +COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ + $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +CCLD = $(CC) +LINK = $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@ +SOURCES = $(snort_SOURCES) +DIST_SOURCES = $(snort_SOURCES) +RECURSIVE_TARGETS = all-recursive check-recursive dvi-recursive \ + html-recursive info-recursive install-data-recursive \ + install-exec-recursive install-info-recursive \ + install-recursive installcheck-recursive installdirs-recursive \ + pdf-recursive ps-recursive uninstall-info-recursive \ + uninstall-recursive +ETAGS = etags +CTAGS = ctags +DIST_SUBDIRS = $(SUBDIRS) +DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) +ACLOCAL = @ACLOCAL@ +AMDEP_FALSE = @AMDEP_FALSE@ +AMDEP_TRUE = @AMDEP_TRUE@ AMTAR = @AMTAR@ +AUTOCONF = @AUTOCONF@ +AUTOHEADER = @AUTOHEADER@ +AUTOMAKE = @AUTOMAKE@ AWK = @AWK@ CC = @CC@ +CCDEPMODE = @CCDEPMODE@ +CFLAGS = @CFLAGS@ +CPP = @CPP@ +CPPFLAGS = @CPPFLAGS@ +CYGPATH_W = @CYGPATH_W@ +DEFS = @DEFS@ DEPDIR = @DEPDIR@ - +ECHO_C = @ECHO_C@ +ECHO_N = @ECHO_N@ +ECHO_T = @ECHO_T@ +EGREP = @EGREP@ +EXEEXT = @EXEEXT@ INCLUDES = @INCLUDES@ +INSTALL_DATA = @INSTALL_DATA@ +INSTALL_PROGRAM = @INSTALL_PROGRAM@ +INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +LDFLAGS = @LDFLAGS@ +LIBOBJS = @LIBOBJS@ +LIBS = @LIBS@ +LTLIBOBJS = @LTLIBOBJS@ +MAINT = @MAINT@ +MAINTAINER_MODE_FALSE = @MAINTAINER_MODE_FALSE@ +MAINTAINER_MODE_TRUE = @MAINTAINER_MODE_TRUE@ +MAKEINFO = @MAKEINFO@ +OBJEXT = @OBJEXT@ PACKAGE = @PACKAGE@ +PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +PACKAGE_NAME = @PACKAGE_NAME@ +PACKAGE_STRING = @PACKAGE_STRING@ +PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_VERSION = @PACKAGE_VERSION@ +PATH_SEPARATOR = @PATH_SEPARATOR@ RANLIB = @RANLIB@ +SET_MAKE = @SET_MAKE@ +SHELL = @SHELL@ STRIP = @STRIP@ VERSION = @VERSION@ +ac_ct_CC = @ac_ct_CC@ +ac_ct_RANLIB = @ac_ct_RANLIB@ +ac_ct_STRIP = @ac_ct_STRIP@ +am__fastdepCC_FALSE = @am__fastdepCC_FALSE@ +am__fastdepCC_TRUE = @am__fastdepCC_TRUE@ am__include = @am__include@ +am__leading_dot = @am__leading_dot@ am__quote = @am__quote@ +am__tar = @am__tar@ +am__untar = @am__untar@ +bindir = @bindir@ +build = @build@ +build_alias = @build_alias@ +build_cpu = @build_cpu@ +build_os = @build_os@ +build_vendor = @build_vendor@ +datadir = @datadir@ +exec_prefix = @exec_prefix@ extra_incl = @extra_incl@ +host = @host@ +host_alias = @host_alias@ +host_cpu = @host_cpu@ +host_os = @host_os@ +host_vendor = @host_vendor@ +includedir = @includedir@ +infodir = @infodir@ install_sh = @install_sh@ +libdir = @libdir@ +libexecdir = @libexecdir@ +localstatedir = @localstatedir@ +mandir = @mandir@ +mkdir_p = @mkdir_p@ +oldincludedir = @oldincludedir@ +prefix = @prefix@ +program_transform_name = @program_transform_name@ +sbindir = @sbindir@ +sharedstatedir = @sharedstatedir@ +sysconfdir = @sysconfdir@ +target_alias = @target_alias@ AUTOMAKE_OPTIONS = foreign no-dependencies - -bin_PROGRAMS = snort - snort_SOURCES = cdefs.h \ event.h \ fatal.h \ @@ -128,7 +215,6 @@ event_queue.c event_queue.h \ inline.c inline.h - snort_LDADD = output-plugins/libspo.a \ detection-plugins/libspd.a \ preprocessors/libspp.a \ @@ -138,75 +224,50 @@ preprocessors/HttpInspect/libhttp_inspect.a \ sfutil/libsfutil.a - SUBDIRS = sfutil win32 output-plugins detection-plugins preprocessors parser -subdir = src -mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs -CONFIG_HEADER = $(top_builddir)/config.h -CONFIG_CLEAN_FILES = -bin_PROGRAMS = snort$(EXEEXT) -PROGRAMS = $(bin_PROGRAMS) - -am_snort_OBJECTS = codes.$(OBJEXT) debug.$(OBJEXT) decode.$(OBJEXT) \ - log.$(OBJEXT) mstring.$(OBJEXT) parser.$(OBJEXT) \ - plugbase.$(OBJEXT) snort.$(OBJEXT) snprintf.$(OBJEXT) \ - strlcatu.$(OBJEXT) strlcpyu.$(OBJEXT) tag.$(OBJEXT) \ - ubi_BinTree.$(OBJEXT) ubi_SplayTree.$(OBJEXT) util.$(OBJEXT) \ - detect.$(OBJEXT) signature.$(OBJEXT) mempool.$(OBJEXT) \ - sf_sdlist.$(OBJEXT) fpcreate.$(OBJEXT) fpdetect.$(OBJEXT) \ - pcrm.$(OBJEXT) byte_extract.$(OBJEXT) sfthreshold.$(OBJEXT) \ - packet_time.$(OBJEXT) event_wrapper.$(OBJEXT) \ - event_queue.$(OBJEXT) inline.$(OBJEXT) -snort_OBJECTS = $(am_snort_OBJECTS) -snort_DEPENDENCIES = output-plugins/libspo.a detection-plugins/libspd.a \ - preprocessors/libspp.a \ - preprocessors/flow/portscan/libportscan.a \ - preprocessors/flow/libflow.a parser/libparser.a \ - preprocessors/HttpInspect/libhttp_inspect.a sfutil/libsfutil.a -snort_LDFLAGS = - -DEFS = @DEFS@ -DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir) -CPPFLAGS = @CPPFLAGS@ -LDFLAGS = @LDFLAGS@ -LIBS = @LIBS@ -depcomp = -am__depfiles_maybe = -COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ - $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -CCLD = $(CC) -LINK = $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@ -CFLAGS = @CFLAGS@ -DIST_SOURCES = $(snort_SOURCES) - -RECURSIVE_TARGETS = info-recursive dvi-recursive install-info-recursive \ - uninstall-info-recursive all-recursive install-data-recursive \ - install-exec-recursive installdirs-recursive install-recursive \ - uninstall-recursive check-recursive installcheck-recursive -DIST_COMMON = Makefile.am Makefile.in -DIST_SUBDIRS = $(SUBDIRS) -SOURCES = $(snort_SOURCES) - all: all-recursive .SUFFIXES: .SUFFIXES: .c .o .obj -$(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) +$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps) + @for dep in $?; do \ + case '$(am__configure_deps)' in \ + *$$dep*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ + && exit 0; \ + exit 1;; \ + esac; \ + done; \ + echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign src/Makefile'; \ cd $(top_srcdir) && \ $(AUTOMAKE) --foreign src/Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe) -binPROGRAMS_INSTALL = $(INSTALL_PROGRAM) +.PRECIOUS: Makefile +Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status + @case '$?' in \ + *config.status*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ + *) \ + echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ + cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ + esac; + +$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh + +$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh install-binPROGRAMS: $(bin_PROGRAMS) @$(NORMAL_INSTALL) - $(mkinstalldirs) $(DESTDIR)$(bindir) + test -z "$(bindir)" || $(mkdir_p) "$(DESTDIR)$(bindir)" @list='$(bin_PROGRAMS)'; for p in $$list; do \ p1=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ if test -f $$p \ ; then \ f=`echo "$$p1" | sed 's,^.*/,,;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " $(INSTALL_PROGRAM_ENV) $(binPROGRAMS_INSTALL) $$p $(DESTDIR)$(bindir)/$$f"; \ - $(INSTALL_PROGRAM_ENV) $(binPROGRAMS_INSTALL) $$p $(DESTDIR)$(bindir)/$$f; \ + echo " $(INSTALL_PROGRAM_ENV) $(binPROGRAMS_INSTALL) '$$p' '$(DESTDIR)$(bindir)/$$f'"; \ + $(INSTALL_PROGRAM_ENV) $(binPROGRAMS_INSTALL) "$$p" "$(DESTDIR)$(bindir)/$$f" || exit 1; \ else :; fi; \ done @@ -214,8 +275,8 @@ @$(NORMAL_UNINSTALL) @list='$(bin_PROGRAMS)'; for p in $$list; do \ f=`echo "$$p" | sed 's,^.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " rm -f $(DESTDIR)$(bindir)/$$f"; \ - rm -f $(DESTDIR)$(bindir)/$$f; \ + echo " rm -f '$(DESTDIR)$(bindir)/$$f'"; \ + rm -f "$(DESTDIR)$(bindir)/$$f"; \ done clean-binPROGRAMS: @@ -225,16 +286,16 @@ $(LINK) $(snort_LDFLAGS) $(snort_OBJECTS) $(snort_LDADD) $(LIBS) mostlyclean-compile: - -rm -f *.$(OBJEXT) core *.core + -rm -f *.$(OBJEXT) distclean-compile: -rm -f *.tab.c .c.o: - $(COMPILE) -c `test -f '$<' || echo '$(srcdir)/'`$< + $(COMPILE) -c $< .c.obj: - $(COMPILE) -c `cygpath -w $<` + $(COMPILE) -c `$(CYGPATH_W) '$<'` uninstall-info-am: # This directory's subdirectories are mostly independent; you can cd @@ -244,7 +305,13 @@ # (which will cause the Makefiles to be regenerated when you run `make'); # (2) otherwise, pass the desired values on the `make' command line. $(RECURSIVE_TARGETS): - @set fnord $$MAKEFLAGS; amf=$$2; \ + @failcom='exit 1'; \ + for f in x $$MAKEFLAGS; do \ + case $$f in \ + *=* | --[!k]*);; \ + *k*) failcom='fail=yes';; \ + esac; \ + done; \ dot_seen=no; \ target=`echo $@ | sed s/-recursive//`; \ list='$(SUBDIRS)'; for subdir in $$list; do \ @@ -256,7 +323,7 @@ local_target="$$target"; \ fi; \ (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \ - || case "$$amf" in *=*) exit 1;; *k*) fail=yes;; *) exit 1;; esac; \ + || eval $$failcom; \ done; \ if test "$$dot_seen" = "no"; then \ $(MAKE) $(AM_MAKEFLAGS) "$$target-am" || exit 1; \ @@ -264,7 +331,13 @@ mostlyclean-recursive clean-recursive distclean-recursive \ maintainer-clean-recursive: - @set fnord $$MAKEFLAGS; amf=$$2; \ + @failcom='exit 1'; \ + for f in x $$MAKEFLAGS; do \ + case $$f in \ + *=* | --[!k]*);; \ + *k*) failcom='fail=yes';; \ + esac; \ + done; \ dot_seen=no; \ case "$@" in \ distclean-* | maintainer-clean-*) list='$(DIST_SUBDIRS)' ;; \ @@ -285,17 +358,16 @@ local_target="$$target"; \ fi; \ (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \ - || case "$$amf" in *=*) exit 1;; *k*) fail=yes;; *) exit 1;; esac; \ + || eval $$failcom; \ done && test -z "$$fail" tags-recursive: list='$(SUBDIRS)'; for subdir in $$list; do \ test "$$subdir" = . || (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) tags); \ done - -ETAGS = etags -ETAGSFLAGS = - -tags: TAGS +ctags-recursive: + list='$(SUBDIRS)'; for subdir in $$list; do \ + test "$$subdir" = . || (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) ctags); \ + done ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ @@ -305,14 +377,23 @@ $(AWK) ' { files[$$0] = 1; } \ END { for (i in files) print i; }'`; \ mkid -fID $$unique +tags: TAGS TAGS: tags-recursive $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) tags=; \ here=`pwd`; \ + if ($(ETAGS) --etags-include --version) >/dev/null 2>&1; then \ + include_option=--etags-include; \ + empty_fix=.; \ + else \ + include_option=--include; \ + empty_fix=; \ + fi; \ list='$(SUBDIRS)'; for subdir in $$list; do \ if test "$$subdir" = .; then :; else \ - test -f $$subdir/TAGS && tags="$$tags -i $$here/$$subdir/TAGS"; \ + test ! -f $$subdir/TAGS || \ + tags="$$tags $$include_option=$$here/$$subdir/TAGS"; \ fi; \ done; \ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ @@ -321,8 +402,24 @@ done | \ $(AWK) ' { files[$$0] = 1; } \ END { for (i in files) print i; }'`; \ - test -z "$(ETAGS_ARGS)$$tags$$unique" \ - || $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$tags $$unique; \ + fi +ctags: CTAGS +CTAGS: ctags-recursive $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + tags=; \ + here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) ' { files[$$0] = 1; } \ + END { for (i in files) print i; }'`; \ + test -z "$(CTAGS_ARGS)$$tags$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ $$tags $$unique GTAGS: @@ -331,19 +428,21 @@ && gtags -i $(GTAGS_ARGS) $$here distclean-tags: - -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) - -top_distdir = .. -distdir = $(top_distdir)/$(PACKAGE)-$(VERSION) + -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags distdir: $(DISTFILES) - @list='$(DISTFILES)'; for file in $$list; do \ + @srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; \ + topsrcdirstrip=`echo "$(top_srcdir)" | sed 's|.|.|g'`; \ + list='$(DISTFILES)'; for file in $$list; do \ + case $$file in \ + $(srcdir)/*) file=`echo "$$file" | sed "s|^$$srcdirstrip/||"`;; \ + $(top_srcdir)/*) file=`echo "$$file" | sed "s|^$$topsrcdirstrip/|$(top_builddir)/|"`;; \ + esac; \ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ dir=`echo "$$file" | sed -e 's,/[^/]*$$,,'`; \ if test "$$dir" != "$$file" && test "$$dir" != "."; then \ dir="/$$dir"; \ - $(mkinstalldirs) "$(distdir)$$dir"; \ + $(mkdir_p) "$(distdir)$$dir"; \ else \ dir=''; \ fi; \ @@ -358,15 +457,17 @@ || exit 1; \ fi; \ done - list='$(SUBDIRS)'; for subdir in $$list; do \ + list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ if test "$$subdir" = .; then :; else \ - test -d $(distdir)/$$subdir \ - || mkdir $(distdir)/$$subdir \ + test -d "$(distdir)/$$subdir" \ + || $(mkdir_p) "$(distdir)/$$subdir" \ || exit 1; \ + distdir=`$(am__cd) $(distdir) && pwd`; \ + top_distdir=`$(am__cd) $(top_distdir) && pwd`; \ (cd $$subdir && \ $(MAKE) $(AM_MAKEFLAGS) \ - top_distdir="$(top_distdir)" \ - distdir=../$(distdir)/$$subdir \ + top_distdir="$$top_distdir" \ + distdir="$$distdir/$$subdir" \ distdir) \ || exit 1; \ fi; \ @@ -376,8 +477,9 @@ all-am: Makefile $(PROGRAMS) installdirs: installdirs-recursive installdirs-am: - $(mkinstalldirs) $(DESTDIR)$(bindir) - + for dir in "$(DESTDIR)$(bindir)"; do \ + test -z "$$dir" || $(mkdir_p) "$$dir"; \ + done install: install-recursive install-exec: install-exec-recursive install-data: install-data-recursive @@ -389,7 +491,7 @@ installcheck: installcheck-recursive install-strip: $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - INSTALL_STRIP_FLAG=-s \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ `test -z '$(STRIP)' || \ echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install mostlyclean-generic: @@ -397,7 +499,7 @@ clean-generic: distclean-generic: - -rm -f Makefile $(CONFIG_CLEAN_FILES) + -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) maintainer-clean-generic: @echo "This command is intended for maintainers to use" @@ -407,7 +509,7 @@ clean-am: clean-binPROGRAMS clean-generic mostlyclean-am distclean: distclean-recursive - + -rm -f Makefile distclean-am: clean-am distclean-compile distclean-generic \ distclean-tags @@ -415,6 +517,8 @@ dvi-am: +html: html-recursive + info: info-recursive info-am: @@ -430,32 +534,38 @@ installcheck-am: maintainer-clean: maintainer-clean-recursive - + -rm -f Makefile maintainer-clean-am: distclean-am maintainer-clean-generic mostlyclean: mostlyclean-recursive mostlyclean-am: mostlyclean-compile mostlyclean-generic +pdf: pdf-recursive + +pdf-am: + +ps: ps-recursive + +ps-am: + uninstall-am: uninstall-binPROGRAMS uninstall-info-am uninstall-info: uninstall-info-recursive -.PHONY: $(RECURSIVE_TARGETS) GTAGS all all-am check check-am clean \ - clean-binPROGRAMS clean-generic clean-recursive distclean \ - distclean-compile distclean-generic distclean-recursive \ - distclean-tags distdir dvi dvi-am dvi-recursive info info-am \ - info-recursive install install-am install-binPROGRAMS \ - install-data install-data-am install-data-recursive \ - install-exec install-exec-am install-exec-recursive \ - install-info install-info-am install-info-recursive install-man \ - install-recursive install-strip installcheck installcheck-am \ - installdirs installdirs-am installdirs-recursive \ +.PHONY: $(RECURSIVE_TARGETS) CTAGS GTAGS all all-am check check-am \ + clean clean-binPROGRAMS clean-generic clean-recursive ctags \ + ctags-recursive distclean distclean-compile distclean-generic \ + distclean-recursive distclean-tags distdir dvi dvi-am html \ + html-am info info-am install install-am install-binPROGRAMS \ + install-data install-data-am install-exec install-exec-am \ + install-info install-info-am install-man install-strip \ + installcheck installcheck-am installdirs installdirs-am \ maintainer-clean maintainer-clean-generic \ maintainer-clean-recursive mostlyclean mostlyclean-compile \ - mostlyclean-generic mostlyclean-recursive tags tags-recursive \ - uninstall uninstall-am uninstall-binPROGRAMS uninstall-info-am \ - uninstall-info-recursive uninstall-recursive + mostlyclean-generic mostlyclean-recursive pdf pdf-am ps ps-am \ + tags tags-recursive uninstall uninstall-am \ + uninstall-binPROGRAMS uninstall-info-am # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. --- snort-2.3.3.orig/src/log.c +++ snort-2.3.3/src/log.c @@ -1478,8 +1478,10 @@ { for(j = 0; j < p->ip_options[i].len; j++) { - fprintf(fp, "%02X", p->ip_options[i].data[j]); - + if (p->ip_options[i].data) + fprintf(fp, "%02X", p->ip_options[i].data[j]); + else + fprintf(fp, "%02X", 0); if((j % 2) == 0) fprintf(fp, " "); } @@ -1522,7 +1524,8 @@ case TCPOPT_MAXSEG: bzero((char *) tmp, 5); fwrite("MSS: ", 5, 1, fp); - memcpy(tmp, p->tcp_options[i].data, 2); + if (p->tcp_options[i].data) + memcpy(tmp, p->tcp_options[i].data, 2); fprintf(fp, "%u ", EXTRACT_16BITS(tmp)); break; @@ -1535,15 +1538,20 @@ break; case TCPOPT_WSCALE: - fprintf(fp, "WS: %u ", p->tcp_options[i].data[0]); + if (p->tcp_options[i].data) + fprintf(fp, "WS: %u ", p->tcp_options[i].data[0]); + else + fprintf(fp, "WS: %u ", 0); break; case TCPOPT_SACK: bzero((char *) tmp, 5); - memcpy(tmp, p->tcp_options[i].data, 2); + if (p->tcp_options[i].data) + memcpy(tmp, p->tcp_options[i].data, 2); fprintf(fp, "Sack: %u@", EXTRACT_16BITS(tmp)); bzero((char *) tmp, 5); - memcpy(tmp, (p->tcp_options[i].data) + 2, 2); + if (p->tcp_options[i].data) + memcpy(tmp, (p->tcp_options[i].data) + 2, 2); fprintf(fp, "%u ", EXTRACT_16BITS(tmp)); break; @@ -1553,40 +1561,47 @@ case TCPOPT_ECHO: bzero((char *) tmp, 5); - memcpy(tmp, p->tcp_options[i].data, 4); + if (p->tcp_options[i].data) + memcpy(tmp, p->tcp_options[i].data, 4); fprintf(fp, "Echo: %u ", EXTRACT_32BITS(tmp)); break; case TCPOPT_ECHOREPLY: bzero((char *) tmp, 5); - memcpy(tmp, p->tcp_options[i].data, 4); + if (p->tcp_options[i].data) + memcpy(tmp, p->tcp_options[i].data, 4); fprintf(fp, "Echo Rep: %u ", EXTRACT_32BITS(tmp)); break; case TCPOPT_TIMESTAMP: bzero((char *) tmp, 5); - memcpy(tmp, p->tcp_options[i].data, 4); + if (p->tcp_options[i].data) + memcpy(tmp, p->tcp_options[i].data, 4); fprintf(fp, "TS: %u ", EXTRACT_32BITS(tmp)); bzero((char *) tmp, 5); - memcpy(tmp, (p->tcp_options[i].data) + 4, 4); + if (p->tcp_options[i].data) + memcpy(tmp, (p->tcp_options[i].data) + 4, 4); fprintf(fp, "%u ", EXTRACT_32BITS(tmp)); break; case TCPOPT_CC: bzero((char *) tmp, 5); - memcpy(tmp, p->tcp_options[i].data, 4); + if (p->tcp_options[i].data) + memcpy(tmp, p->tcp_options[i].data, 4); fprintf(fp, "CC %u ", EXTRACT_32BITS(tmp)); break; case TCPOPT_CCNEW: bzero((char *) tmp, 5); - memcpy(tmp, p->tcp_options[i].data, 4); + if (p->tcp_options[i].data) + memcpy(tmp, p->tcp_options[i].data, 4); fprintf(fp, "CCNEW: %u ", EXTRACT_32BITS(tmp)); break; case TCPOPT_CCECHO: bzero((char *) tmp, 5); - memcpy(tmp, p->tcp_options[i].data, 4); + if (p->tcp_options[i].data) + memcpy(tmp, p->tcp_options[i].data, 4); fprintf(fp, "CCECHO: %u ", EXTRACT_32BITS(tmp)); break; @@ -1598,7 +1613,10 @@ for(j = 0; j < p->tcp_options[i].len; j++) { - fprintf(fp, "%02X", p->tcp_options[i].data[j]); + if (p->tcp_options[i].data) + fprintf(fp, "%02X", p->tcp_options[i].data[j]); + else + fprintf(fp, "%02X", 0); if((j % 2) == 0) fprintf(fp, " "); --- snort-2.3.3.orig/doc/Makefile.am +++ snort-2.3.3/doc/Makefile.am @@ -24,7 +24,7 @@ snort_schema_v106.pdf \ README.wireless PROBLEMS RULES.todo WISHLIST faq.pdf faq.tex -DISTCLEANFILES= snort_manual.log snort_manual.toc snort_manual.aux faq.pdf faq.tex snort_manual.pdf +DISTCLEANFILES= snort_manual.log snort_manual.toc snort_manual.aux faq.pdf snort_manual.pdf faq.log faq.toc faq.aux doc_DIR = $(prefix)/doc --- snort-2.3.3.orig/doc/faq.out +++ snort-2.3.3/doc/faq.out @@ -0,0 +1,136 @@ +\BOOKMARK [1][-]{section.1}{Background}{} +\BOOKMARK [2][-]{subsection.1.1}{How do you pronounce the names of some of these guys who work on Snort?}{section.1} +\BOOKMARK [2][-]{subsection.1.2}{Is Fyodor Yarochkin the same Fyodor who wrote nmap?}{section.1} +\BOOKMARK [2][-]{subsection.1.3}{Where do I get more help on Snort?}{section.1} +\BOOKMARK [2][-]{subsection.1.4}{Where can I get more reading and courses about IDS?}{section.1} +\BOOKMARK [2][-]{subsection.1.5}{Does Snort handle IP defragmentation?}{section.1} +\BOOKMARK [2][-]{subsection.1.6}{Does Snort perform TCP stream reassembly?}{section.1} +\BOOKMARK [2][-]{subsection.1.7}{Does Snort perform stateful protocol analysis?}{section.1} +\BOOKMARK [2][-]{subsection.1.8}{I'm on a switched network, can I still use Snort?}{section.1} +\BOOKMARK [2][-]{subsection.1.9}{Is Snort vulnerable to IDS noise generators like ``Stick'' and ``Snot''?}{section.1} +\BOOKMARK [2][-]{subsection.1.10}{Can Snort be evaded by the use of polymorphic mutators on shellcode?}{section.1} +\BOOKMARK [2][-]{subsection.1.11}{Does Snort log the full packets when it generates alerts? }{section.1} +\BOOKMARK [1][-]{section.2}{Getting Started}{} +\BOOKMARK [2][-]{subsection.2.1}{Where do I find binary packages for BlueHat BSD-Linux-RT?}{section.2} +\BOOKMARK [2][-]{subsection.2.2}{How do I run Snort?}{section.2} +\BOOKMARK [2][-]{subsection.2.3}{Where are my log files located? What are they named?}{section.2} +\BOOKMARK [2][-]{subsection.2.4}{Why does Snort complain about /var/log/snort?}{section.2} +\BOOKMARK [2][-]{subsection.2.5}{Where's a good place to physically put a Snort sensor?}{section.2} +\BOOKMARK [2][-]{subsection.2.6}{Libpcap complains about permissions problems, what's going on?}{section.2} +\BOOKMARK [2][-]{subsection.2.7}{ I've got RedHat and ....}{section.2} +\BOOKMARK [2][-]{subsection.2.8}{Where do I get the latest version of libpcap? }{section.2} +\BOOKMARK [2][-]{subsection.2.9}{Where do I get the latest version of Winpcap?}{section.2} +\BOOKMARK [2][-]{subsection.2.10}{What version of Winpcap do I need?}{section.2} +\BOOKMARK [2][-]{subsection.2.11}{Why does building Snort complain about missing references? }{section.2} +\BOOKMARK [2][-]{subsection.2.12}{Why does building snort fail with errors about yylex and lex\137init? }{section.2} +\BOOKMARK [2][-]{subsection.2.13}{I want to build a Snort box. Will this handle traffic? }{section.2} +\BOOKMARK [2][-]{subsection.2.14}{What are CIDR netmasks? }{section.2} +\BOOKMARK [2][-]{subsection.2.15}{What is the use of the ``-r'' switch to read tcpdump files? }{section.2} +\BOOKMARK [1][-]{section.3}{Configuring Snort}{} +\BOOKMARK [2][-]{subsection.3.1}{How do I setup snort on a `stealth' interface? }{section.3} +\BOOKMARK [2][-]{subsection.3.2}{How do I setup a receive-only ethernet cable?}{section.3} +\BOOKMARK [2][-]{subsection.3.3}{What are HOME\137NET and EXTERNAL\137NET?}{section.3} +\BOOKMARK [2][-]{subsection.3.4}{My network spans multiple subnets. How do I define HOME\137NET?}{section.3} +\BOOKMARK [2][-]{subsection.3.5}{How do I set EXTERNAL\137NET?}{section.3} +\BOOKMARK [2][-]{subsection.3.6}{How can I run Snort on multiple interfaces simultaneously?}{section.3} +\BOOKMARK [2][-]{subsection.3.7}{My IP address is assigned dynamically to my interface, can I use Snort with it?}{section.3} +\BOOKMARK [2][-]{subsection.3.8}{I have one network card and two aliases, how can I force Snort to ``listen'' on both addresses?}{section.3} +\BOOKMARK [2][-]{subsection.3.9}{How do I ignore traffic coming from a particular host or hosts?}{section.3} +\BOOKMARK [2][-]{subsection.3.10}{How do I get Snort to log the packet payload as well as the header?}{section.3} +\BOOKMARK [2][-]{subsection.3.11}{Why are there no subdirectories under /var/log/snort for IP addresses?}{section.3} +\BOOKMARK [2][-]{subsection.3.12}{How do you get Snort to ignore some traffic?}{section.3} +\BOOKMARK [2][-]{subsection.3.13}{Why does the portscan plugin log ``stealth'' packets even though the host is in the portscan-ignorehosts list? }{section.3} +\BOOKMARK [2][-]{subsection.3.14}{What the heck is a ``Stealth scan''?}{section.3} +\BOOKMARK [2][-]{subsection.3.15}{What the heck is a SYNFIN scan?}{section.3} +\BOOKMARK [2][-]{subsection.3.16}{Which takes precedence, commandline or rule file ?}{section.3} +\BOOKMARK [2][-]{subsection.3.17}{How does rule ordering work?}{section.3} +\BOOKMARK [2][-]{subsection.3.18}{How do I configure stream4?}{section.3} +\BOOKMARK [2][-]{subsection.3.19}{Where does one obtain new/modifed rules? How do you merge them in?}{section.3} +\BOOKMARK [2][-]{subsection.3.20}{How do you get the latest Snort via cvs?}{section.3} +\BOOKMARK [2][-]{subsection.3.21}{How do I use a remote syslog machine?}{section.3} +\BOOKMARK [2][-]{subsection.3.22}{How do I build this ACID thing?}{section.3} +\BOOKMARK [1][-]{section.4}{Rules and Alerts}{} +\BOOKMARK [2][-]{subsection.4.1}{Errors loading rules files}{section.4} +\BOOKMARK [2][-]{subsection.4.2}{Snort says ``Rule IP addr \(``1.1.1.1''\) didn't x-late, WTF?''}{section.4} +\BOOKMARK [2][-]{subsection.4.3}{Snort is behind a firewall \(ipf/pf/ipchains/ipfilter\) and awfully quiet...}{section.4} +\BOOKMARK [2][-]{subsection.4.4}{Does snort see packets filtered by IPTables/IPChains/IPF/PF?}{section.4} +\BOOKMARK [2][-]{subsection.4.5}{I'm getting large amounts of . What should I do? Where can I go to find out more about it? }{section.4} +\BOOKMARK [2][-]{subsection.4.6}{What about all these false alarms? }{section.4} +\BOOKMARK [2][-]{subsection.4.7}{What are all these ICMP files in subdirectories under /var/log/snort? }{section.4} +\BOOKMARK [2][-]{subsection.4.8}{Why does the program generate alerts on packets that have pass rules? }{section.4} +\BOOKMARK [2][-]{subsection.4.9}{What are all these ``ICMP destination unreachable'' alerts? }{section.4} +\BOOKMARK [2][-]{subsection.4.10}{Why do many Snort rules have the flags P \(TCP PuSH\) and A \(TCP ACK\) set? }{section.4} +\BOOKMARK [2][-]{subsection.4.11}{What are these IDS codes in the alert names? }{section.4} +\BOOKMARK [2][-]{subsection.4.12}{Snort says BACKDOOR SIGNATURE... does my machine have a Trojan? }{section.4} +\BOOKMARK [2][-]{subsection.4.13}{What about ``CGI Null Byte attacks?'' }{section.4} +\BOOKMARK [2][-]{subsection.4.14}{Why do certain alerts seem to have `unknown' IPs in ACID? }{section.4} +\BOOKMARK [2][-]{subsection.4.15}{Can priorities be assigned to alerts using ACID? }{section.4} +\BOOKMARK [2][-]{subsection.4.16}{What about `SMB Name Wildcard' alerts? }{section.4} +\BOOKMARK [2][-]{subsection.4.17}{What the heck is a SYNFIN scan? }{section.4} +\BOOKMARK [2][-]{subsection.4.18}{I am getting too many ``IIS Unicode attack detected'' and/or ``CGI Null Byte attack detected'' false positives. How can I turn this detection off? }{section.4} +\BOOKMARK [2][-]{subsection.4.19}{How do I test Snort alerts and logging?}{section.4} +\BOOKMARK [2][-]{subsection.4.20}{What is the difference between ``Alerting'' and ``Logging''?}{section.4} +\BOOKMARK [2][-]{subsection.4.21}{Are rule keywords ORed or ANDed together?}{section.4} +\BOOKMARK [2][-]{subsection.4.22}{Can Snort trigger a rule by MAC addresses?}{section.4} +\BOOKMARK [2][-]{subsection.4.23}{How can I deactivate a rule?}{section.4} +\BOOKMARK [2][-]{subsection.4.24}{How can I define an address to be anything except some hosts?}{section.4} +\BOOKMARK [2][-]{subsection.4.25}{After I add new rules or comment out rules how do I make Snort reload?}{section.4} +\BOOKMARK [2][-]{subsection.4.26}{Where do the distance and within keywords work from to modify content searches in rules?}{section.4} +\BOOKMARK [2][-]{subsection.4.27}{How can I specify a list of ports in a rule?}{section.4} +\BOOKMARK [2][-]{subsection.4.28}{How can I protect web servers running on ports other than 80?}{section.4} +\BOOKMARK [2][-]{subsection.4.29}{How do I turn off ``spp:possible EVASIVE RST detection'' alerts?}{section.4} +\BOOKMARK [2][-]{subsection.4.30}{Is there a private SID number range so my rules don't conflict?}{section.4} +\BOOKMARK [2][-]{subsection.4.31}{How long can address lists, variables, or rules be?}{section.4} +\BOOKMARK [2][-]{subsection.4.32}{What do the numbers \(ie: [116:56:1]\) in front of a Snort alert mean?}{section.4} +\BOOKMARK [1][-]{section.5}{Getting Fancy}{} +\BOOKMARK [2][-]{subsection.5.1}{I hear people talking about ``Barnyard''. What's that?}{section.5} +\BOOKMARK [2][-]{subsection.5.2}{How do I process those Snort logs into reports?}{section.5} +\BOOKMARK [2][-]{subsection.5.3}{How do I log to multiple databases or output plugins?}{section.5} +\BOOKMARK [2][-]{subsection.5.4}{How can I test Snort without having an Ethernet card or a connection to other computers? }{section.5} +\BOOKMARK [2][-]{subsection.5.5}{How to start Snort as a win32 service? }{section.5} +\BOOKMARK [2][-]{subsection.5.6}{Is it possible with snort to add a ipfilter/ipfw rule to a firewall? }{section.5} +\BOOKMARK [2][-]{subsection.5.7}{What is the best way to use Snort to block attack traffic?}{section.5} +\BOOKMARK [2][-]{subsection.5.8}{Snort complains about the ``react'' keyword...}{section.5} +\BOOKMARK [2][-]{subsection.5.9}{How do I get Snort to e-mail me alerts?}{section.5} +\BOOKMARK [2][-]{subsection.5.10}{How do I log a specific type of traffic and send alerts to syslog?}{section.5} +\BOOKMARK [2][-]{subsection.5.11}{Is it possible to have Snort call an external program when an alert is raised?}{section.5} +\BOOKMARK [2][-]{subsection.5.12}{How can I use Snort to log HTTP URLs or SMTP traffic?}{section.5} +\BOOKMARK [2][-]{subsection.5.13}{How can I move data from the snort db to snort\137archive db like ACID does?}{section.5} +\BOOKMARK [2][-]{subsection.5.14}{What are some resources that I can use to understand more about source addresses logged and where they are coming from?}{section.5} +\BOOKMARK [2][-]{subsection.5.15}{How do I understand this traffic and do IDS alert analysis?}{section.5} +\BOOKMARK [2][-]{subsection.5.16}{How can I examine logged packets in more detail?}{section.5} +\BOOKMARK [1][-]{section.6}{Problems}{} +\BOOKMARK [2][-]{subsection.6.1}{ I think I found a bug in Snort. Now what?}{section.6} +\BOOKMARK [2][-]{subsection.6.2}{SMB alerts aren't working, what's wrong? }{section.6} +\BOOKMARK [2][-]{subsection.6.3}{Snort says ``Garbage Packet with Null Pointer discarded!'' Huh?}{section.6} +\BOOKMARK [2][-]{subsection.6.4}{Snort says ``Ran Out Of Space.'' Huh?}{section.6} +\BOOKMARK [2][-]{subsection.6.5}{My ACID db connection times-out when performing long operations \(e.g. deleting a large number of alerts\).}{section.6} +\BOOKMARK [2][-]{subsection.6.6}{Why does ACID keep changing my sensor number and how do I keep it consistent?}{section.6} +\BOOKMARK [2][-]{subsection.6.7}{Why does snort report ``Packet loss statistics are unavailable under Linux?''}{section.6} +\BOOKMARK [2][-]{subsection.6.8}{My /var/log/snort directory gets very large...}{section.6} +\BOOKMARK [2][-]{subsection.6.9}{Why does the `error deleting alert' message occur when attempting to delete an alert with ACID? }{section.6} +\BOOKMARK [2][-]{subsection.6.10}{ACID appears to be broken in Lynx }{section.6} +\BOOKMARK [2][-]{subsection.6.11}{I am getting `snort [pid] uses obsolete \(PF\137INET, SOCK\137PACKET\)' warnings. What's wrong?}{section.6} +\BOOKMARK [2][-]{subsection.6.12}{On HPUX I get device lan0 open: recv\137ack: promisc\137phys: Invalid argument}{section.6} +\BOOKMARK [2][-]{subsection.6.13}{Snort is dying with a `can not create file' error and I have plenty of diskspace. What's wrong?}{section.6} +\BOOKMARK [2][-]{subsection.6.14}{I am using Snort on Windows and receive an ``OpenPcap\(\) error upon startup: ERROR: OpenPcap\(\) device open: Error opening adapter'' message. What's wrong? }{section.6} +\BOOKMARK [2][-]{subsection.6.15}{Snort is not logging to my database}{section.6} +\BOOKMARK [2][-]{subsection.6.16}{Portscans are not being logged to my database }{section.6} +\BOOKMARK [2][-]{subsection.6.17}{Snort is not logging to syslog}{section.6} +\BOOKMARK [2][-]{subsection.6.18}{I am still getting bombarded with spp\137portscan messages even though the IP that I am getting the portscan from is in my \044DNS\137SERVERs var }{section.6} +\BOOKMARK [2][-]{subsection.6.19}{Why does chrooted Snort die when I send it a SIGHUP? }{section.6} +\BOOKMARK [2][-]{subsection.6.20}{My snort crashes, how do I restart it?}{section.6} +\BOOKMARK [2][-]{subsection.6.21}{Why can't snort see one of the 10Mbps or 100Mbps traffic on my autoswitch hub?}{section.6} +\BOOKMARK [2][-]{subsection.6.22}{Trying to install snort it says: ``bad interpreter: No such file or directory''}{section.6} +\BOOKMARK [2][-]{subsection.6.23}{I'm not seeing any interfaces listed under Win32.}{section.6} +\BOOKMARK [2][-]{subsection.6.24}{It's not working on Win32, how can I tell if my problem is Snort or WinPcap?}{section.6} +\BOOKMARK [2][-]{subsection.6.25}{I just downloaded a new ruleset and now Snort fails, complaining about the rules.}{section.6} +\BOOKMARK [2][-]{subsection.6.26}{How do I speed up ACID and MySQL?}{section.6} +\BOOKMARK [2][-]{subsection.6.27}{Why am I seeing so many ``SMTP RCPT TO overflow'' alerts ?}{section.6} +\BOOKMARK [2][-]{subsection.6.28}{I'm getting lots of *ICMP Ping Speedera*, is this bad?}{section.6} +\BOOKMARK [2][-]{subsection.6.29}{Why are my unified alert times off by +/- N hours?}{section.6} +\BOOKMARK [2][-]{subsection.6.30}{I try to start Snort and it gives an error like ``ERROR: Unable to open rules file: /root/.snortrc or /root//root/.snortrc.'' What can I do to fix this?}{section.6} +\BOOKMARK [1][-]{section.7}{Development}{} +\BOOKMARK [2][-]{subsection.7.1}{How do you put Snort in debug mode? }{section.7} +\BOOKMARK [1][-]{section.8}{Miscellaneous}{} +\BOOKMARK [2][-]{subsection.8.1}{What's this about a Snort drinking game?}{section.8} --- snort-2.3.3.orig/doc/faq.tex +++ snort-2.3.3/doc/faq.tex @@ -2,7 +2,7 @@ %latex2html -info 0 -local_icons -show_section_numbers -link 2 -split +1 faq.tex \documentclass{article} -\usepackage{html} +\usepackage{hyperref} \usepackage{graphicx} \usepackage{fancyheadings} \usepackage{makeidx} @@ -99,11 +99,11 @@ \newpage -\begin{latexonly} +%\begin{latexonly} \tableofcontents \newpage -\end{latexonly} +%\end{latexonly} \section{Background} --- snort-2.3.3.orig/doc/Makefile.in +++ snort-2.3.3/doc/Makefile.in @@ -1,8 +1,8 @@ -# Makefile.in generated by automake 1.6.3 from Makefile.am. +# Makefile.in generated by automake 1.9.6 from Makefile.am. # @configure_input@ -# Copyright 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002 -# Free Software Foundation, Inc. +# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +# 2003, 2004, 2005 Free Software Foundation, Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -13,74 +13,130 @@ # PARTICULAR PURPOSE. @SET_MAKE@ -SHELL = @SHELL@ - srcdir = @srcdir@ top_srcdir = @top_srcdir@ VPATH = @srcdir@ -prefix = @prefix@ -exec_prefix = @exec_prefix@ - -bindir = @bindir@ -sbindir = @sbindir@ -libexecdir = @libexecdir@ -datadir = @datadir@ -sysconfdir = @sysconfdir@ -sharedstatedir = @sharedstatedir@ -localstatedir = @localstatedir@ -libdir = @libdir@ -infodir = @infodir@ -mandir = @mandir@ -includedir = @includedir@ -oldincludedir = /usr/include pkgdatadir = $(datadir)/@PACKAGE@ pkglibdir = $(libdir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ top_builddir = .. - -ACLOCAL = @ACLOCAL@ -AUTOCONF = @AUTOCONF@ -AUTOMAKE = @AUTOMAKE@ -AUTOHEADER = @AUTOHEADER@ - am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd INSTALL = @INSTALL@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_DATA = @INSTALL_DATA@ install_sh_DATA = $(install_sh) -c -m 644 install_sh_PROGRAM = $(install_sh) -c install_sh_SCRIPT = $(install_sh) -c -INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_HEADER = $(INSTALL_DATA) -transform = @program_transform_name@ +transform = $(program_transform_name) NORMAL_INSTALL = : PRE_INSTALL = : POST_INSTALL = : NORMAL_UNINSTALL = : PRE_UNINSTALL = : POST_UNINSTALL = : -host_alias = @host_alias@ +build_triplet = @build@ host_triplet = @host@ - -EXEEXT = @EXEEXT@ -OBJEXT = @OBJEXT@ -PATH_SEPARATOR = @PATH_SEPARATOR@ +subdir = doc +DIST_COMMON = README $(srcdir)/Makefile.am $(srcdir)/Makefile.in \ + AUTHORS INSTALL NEWS TODO +ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 +am__aclocal_m4_deps = $(top_srcdir)/configure.in +am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ + $(ACLOCAL_M4) +mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs +CONFIG_HEADER = $(top_builddir)/config.h +CONFIG_CLEAN_FILES = +depcomp = +am__depfiles_maybe = +SOURCES = +DIST_SOURCES = +DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) +ACLOCAL = @ACLOCAL@ +AMDEP_FALSE = @AMDEP_FALSE@ +AMDEP_TRUE = @AMDEP_TRUE@ AMTAR = @AMTAR@ +AUTOCONF = @AUTOCONF@ +AUTOHEADER = @AUTOHEADER@ +AUTOMAKE = @AUTOMAKE@ AWK = @AWK@ CC = @CC@ +CCDEPMODE = @CCDEPMODE@ +CFLAGS = @CFLAGS@ +CPP = @CPP@ +CPPFLAGS = @CPPFLAGS@ +CYGPATH_W = @CYGPATH_W@ +DEFS = @DEFS@ DEPDIR = @DEPDIR@ +ECHO_C = @ECHO_C@ +ECHO_N = @ECHO_N@ +ECHO_T = @ECHO_T@ +EGREP = @EGREP@ +EXEEXT = @EXEEXT@ INCLUDES = @INCLUDES@ +INSTALL_DATA = @INSTALL_DATA@ +INSTALL_PROGRAM = @INSTALL_PROGRAM@ +INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +LDFLAGS = @LDFLAGS@ +LIBOBJS = @LIBOBJS@ +LIBS = @LIBS@ +LTLIBOBJS = @LTLIBOBJS@ +MAINT = @MAINT@ +MAINTAINER_MODE_FALSE = @MAINTAINER_MODE_FALSE@ +MAINTAINER_MODE_TRUE = @MAINTAINER_MODE_TRUE@ +MAKEINFO = @MAKEINFO@ +OBJEXT = @OBJEXT@ PACKAGE = @PACKAGE@ +PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +PACKAGE_NAME = @PACKAGE_NAME@ +PACKAGE_STRING = @PACKAGE_STRING@ +PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_VERSION = @PACKAGE_VERSION@ +PATH_SEPARATOR = @PATH_SEPARATOR@ RANLIB = @RANLIB@ +SET_MAKE = @SET_MAKE@ +SHELL = @SHELL@ STRIP = @STRIP@ VERSION = @VERSION@ +ac_ct_CC = @ac_ct_CC@ +ac_ct_RANLIB = @ac_ct_RANLIB@ +ac_ct_STRIP = @ac_ct_STRIP@ +am__fastdepCC_FALSE = @am__fastdepCC_FALSE@ +am__fastdepCC_TRUE = @am__fastdepCC_TRUE@ am__include = @am__include@ +am__leading_dot = @am__leading_dot@ am__quote = @am__quote@ +am__tar = @am__tar@ +am__untar = @am__untar@ +bindir = @bindir@ +build = @build@ +build_alias = @build_alias@ +build_cpu = @build_cpu@ +build_os = @build_os@ +build_vendor = @build_vendor@ +datadir = @datadir@ +exec_prefix = @exec_prefix@ extra_incl = @extra_incl@ +host = @host@ +host_alias = @host_alias@ +host_cpu = @host_cpu@ +host_os = @host_os@ +host_vendor = @host_vendor@ +includedir = @includedir@ +infodir = @infodir@ install_sh = @install_sh@ +libdir = @libdir@ +libexecdir = @libexecdir@ +localstatedir = @localstatedir@ +mandir = @mandir@ +mkdir_p = @mkdir_p@ +oldincludedir = @oldincludedir@ +prefix = @prefix@ +program_transform_name = @program_transform_name@ +sbindir = @sbindir@ +sharedstatedir = @sharedstatedir@ +sysconfdir = @sysconfdir@ +target_alias = @target_alias@ AUTOMAKE_OPTIONS = foreign no-dependencies - EXTRA_DIST = AUTHORS NEWS BUGS README \ CREDITS \ snort_manual.pdf snort_manual.tex INSTALL USAGE \ @@ -104,50 +160,63 @@ snort_schema_v106.pdf \ README.wireless PROBLEMS RULES.todo WISHLIST faq.pdf faq.tex - -DISTCLEANFILES = snort_manual.log snort_manual.toc snort_manual.aux faq.pdf faq.tex snort_manual.pdf - +DISTCLEANFILES = snort_manual.log snort_manual.toc snort_manual.aux faq.pdf snort_manual.pdf faq.log faq.toc faq.aux doc_DIR = $(prefix)/doc - SUFFIXES = .tex .dvi .ps -subdir = doc -mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs -CONFIG_HEADER = $(top_builddir)/config.h -CONFIG_CLEAN_FILES = -depcomp = -am__depfiles_maybe = -CFLAGS = @CFLAGS@ -COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ - $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -CCLD = $(CC) -LINK = $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@ -DIST_SOURCES = -DIST_COMMON = README AUTHORS INSTALL Makefile.am Makefile.in NEWS TODO all: all-am .SUFFIXES: .SUFFIXES: .tex .dvi .ps .pdf -$(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) +$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps) + @for dep in $?; do \ + case '$(am__configure_deps)' in \ + *$$dep*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ + && exit 0; \ + exit 1;; \ + esac; \ + done; \ + echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign doc/Makefile'; \ cd $(top_srcdir) && \ $(AUTOMAKE) --foreign doc/Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe) +.PRECIOUS: Makefile +Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status + @case '$?' in \ + *config.status*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ + *) \ + echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ + cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ + esac; + +$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh + +$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh uninstall-info-am: tags: TAGS TAGS: -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) +ctags: CTAGS +CTAGS: -top_distdir = .. -distdir = $(top_distdir)/$(PACKAGE)-$(VERSION) distdir: $(DISTFILES) - @list='$(DISTFILES)'; for file in $$list; do \ + @srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; \ + topsrcdirstrip=`echo "$(top_srcdir)" | sed 's|.|.|g'`; \ + list='$(DISTFILES)'; for file in $$list; do \ + case $$file in \ + $(srcdir)/*) file=`echo "$$file" | sed "s|^$$srcdirstrip/||"`;; \ + $(top_srcdir)/*) file=`echo "$$file" | sed "s|^$$topsrcdirstrip/|$(top_builddir)/|"`;; \ + esac; \ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ dir=`echo "$$file" | sed -e 's,/[^/]*$$,,'`; \ if test "$$dir" != "$$file" && test "$$dir" != "."; then \ dir="/$$dir"; \ - $(mkinstalldirs) "$(distdir)$$dir"; \ + $(mkdir_p) "$(distdir)$$dir"; \ else \ dir=''; \ fi; \ @@ -165,9 +234,7 @@ check-am: all-am check: check-am all-am: Makefile - installdirs: - install: install-am install-exec: install-exec-am install-data: install-data-am @@ -179,7 +246,7 @@ installcheck: installcheck-am install-strip: $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - INSTALL_STRIP_FLAG=-s \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ `test -z '$(STRIP)' || \ echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install mostlyclean-generic: @@ -187,7 +254,7 @@ clean-generic: distclean-generic: - -rm -f Makefile $(CONFIG_CLEAN_FILES) + -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) -test -z "$(DISTCLEANFILES)" || rm -f $(DISTCLEANFILES) maintainer-clean-generic: @@ -198,13 +265,15 @@ clean-am: clean-generic mostlyclean-am distclean: distclean-am - + -rm -f Makefile distclean-am: clean-am distclean-generic dvi: dvi-am dvi-am: +html: html-am + info: info-am info-am: @@ -220,22 +289,31 @@ installcheck-am: maintainer-clean: maintainer-clean-am - + -rm -f Makefile maintainer-clean-am: distclean-am maintainer-clean-generic mostlyclean: mostlyclean-am mostlyclean-am: mostlyclean-generic +pdf: pdf-am + +pdf-am: + +ps: ps-am + +ps-am: + uninstall-am: uninstall-info-am .PHONY: all all-am check check-am clean clean-generic distclean \ - distclean-generic distdir dvi dvi-am info info-am install \ - install-am install-data install-data-am install-exec \ + distclean-generic distdir dvi dvi-am html html-am info info-am \ + install install-am install-data install-data-am install-exec \ install-exec-am install-info install-info-am install-man \ install-strip installcheck installcheck-am installdirs \ maintainer-clean maintainer-clean-generic mostlyclean \ - mostlyclean-generic uninstall uninstall-am uninstall-info-am + mostlyclean-generic pdf pdf-am ps ps-am uninstall uninstall-am \ + uninstall-info-am .tex.dvi: --- snort-2.3.3.orig/etc/Makefile.in +++ snort-2.3.3/etc/Makefile.in @@ -1,8 +1,8 @@ -# Makefile.in generated by automake 1.6.3 from Makefile.am. +# Makefile.in generated by automake 1.9.6 from Makefile.am. # @configure_input@ -# Copyright 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002 -# Free Software Foundation, Inc. +# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +# 2003, 2004, 2005 Free Software Foundation, Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -13,109 +13,185 @@ # PARTICULAR PURPOSE. @SET_MAKE@ -SHELL = @SHELL@ - srcdir = @srcdir@ top_srcdir = @top_srcdir@ VPATH = @srcdir@ -prefix = @prefix@ -exec_prefix = @exec_prefix@ - -bindir = @bindir@ -sbindir = @sbindir@ -libexecdir = @libexecdir@ -datadir = @datadir@ -sysconfdir = @sysconfdir@ -sharedstatedir = @sharedstatedir@ -localstatedir = @localstatedir@ -libdir = @libdir@ -infodir = @infodir@ -mandir = @mandir@ -includedir = @includedir@ -oldincludedir = /usr/include pkgdatadir = $(datadir)/@PACKAGE@ pkglibdir = $(libdir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ top_builddir = .. - -ACLOCAL = @ACLOCAL@ -AUTOCONF = @AUTOCONF@ -AUTOMAKE = @AUTOMAKE@ -AUTOHEADER = @AUTOHEADER@ - am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd INSTALL = @INSTALL@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_DATA = @INSTALL_DATA@ install_sh_DATA = $(install_sh) -c -m 644 install_sh_PROGRAM = $(install_sh) -c install_sh_SCRIPT = $(install_sh) -c -INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_HEADER = $(INSTALL_DATA) -transform = @program_transform_name@ +transform = $(program_transform_name) NORMAL_INSTALL = : PRE_INSTALL = : POST_INSTALL = : NORMAL_UNINSTALL = : PRE_UNINSTALL = : POST_UNINSTALL = : -host_alias = @host_alias@ +build_triplet = @build@ host_triplet = @host@ - -EXEEXT = @EXEEXT@ -OBJEXT = @OBJEXT@ -PATH_SEPARATOR = @PATH_SEPARATOR@ +subdir = etc +DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in +ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 +am__aclocal_m4_deps = $(top_srcdir)/configure.in +am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ + $(ACLOCAL_M4) +mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs +CONFIG_HEADER = $(top_builddir)/config.h +CONFIG_CLEAN_FILES = +depcomp = +am__depfiles_maybe = +SOURCES = +DIST_SOURCES = +DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) +ACLOCAL = @ACLOCAL@ +AMDEP_FALSE = @AMDEP_FALSE@ +AMDEP_TRUE = @AMDEP_TRUE@ AMTAR = @AMTAR@ +AUTOCONF = @AUTOCONF@ +AUTOHEADER = @AUTOHEADER@ +AUTOMAKE = @AUTOMAKE@ AWK = @AWK@ CC = @CC@ +CCDEPMODE = @CCDEPMODE@ +CFLAGS = @CFLAGS@ +CPP = @CPP@ +CPPFLAGS = @CPPFLAGS@ +CYGPATH_W = @CYGPATH_W@ +DEFS = @DEFS@ DEPDIR = @DEPDIR@ +ECHO_C = @ECHO_C@ +ECHO_N = @ECHO_N@ +ECHO_T = @ECHO_T@ +EGREP = @EGREP@ +EXEEXT = @EXEEXT@ INCLUDES = @INCLUDES@ +INSTALL_DATA = @INSTALL_DATA@ +INSTALL_PROGRAM = @INSTALL_PROGRAM@ +INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +LDFLAGS = @LDFLAGS@ +LIBOBJS = @LIBOBJS@ +LIBS = @LIBS@ +LTLIBOBJS = @LTLIBOBJS@ +MAINT = @MAINT@ +MAINTAINER_MODE_FALSE = @MAINTAINER_MODE_FALSE@ +MAINTAINER_MODE_TRUE = @MAINTAINER_MODE_TRUE@ +MAKEINFO = @MAKEINFO@ +OBJEXT = @OBJEXT@ PACKAGE = @PACKAGE@ +PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +PACKAGE_NAME = @PACKAGE_NAME@ +PACKAGE_STRING = @PACKAGE_STRING@ +PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_VERSION = @PACKAGE_VERSION@ +PATH_SEPARATOR = @PATH_SEPARATOR@ RANLIB = @RANLIB@ +SET_MAKE = @SET_MAKE@ +SHELL = @SHELL@ STRIP = @STRIP@ VERSION = @VERSION@ +ac_ct_CC = @ac_ct_CC@ +ac_ct_RANLIB = @ac_ct_RANLIB@ +ac_ct_STRIP = @ac_ct_STRIP@ +am__fastdepCC_FALSE = @am__fastdepCC_FALSE@ +am__fastdepCC_TRUE = @am__fastdepCC_TRUE@ am__include = @am__include@ +am__leading_dot = @am__leading_dot@ am__quote = @am__quote@ +am__tar = @am__tar@ +am__untar = @am__untar@ +bindir = @bindir@ +build = @build@ +build_alias = @build_alias@ +build_cpu = @build_cpu@ +build_os = @build_os@ +build_vendor = @build_vendor@ +datadir = @datadir@ +exec_prefix = @exec_prefix@ extra_incl = @extra_incl@ +host = @host@ +host_alias = @host_alias@ +host_cpu = @host_cpu@ +host_os = @host_os@ +host_vendor = @host_vendor@ +includedir = @includedir@ +infodir = @infodir@ install_sh = @install_sh@ +libdir = @libdir@ +libexecdir = @libexecdir@ +localstatedir = @localstatedir@ +mandir = @mandir@ +mkdir_p = @mkdir_p@ +oldincludedir = @oldincludedir@ +prefix = @prefix@ +program_transform_name = @program_transform_name@ +sbindir = @sbindir@ +sharedstatedir = @sharedstatedir@ +sysconfdir = @sysconfdir@ +target_alias = @target_alias@ AUTOMAKE_OPTIONS = foreign no-dependencies - EXTRA_DIST = sid sid-msg.map snort.conf classification.config gen-msg.map \ reference.config generators unicode.map threshold.conf -subdir = etc -mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs -CONFIG_HEADER = $(top_builddir)/config.h -CONFIG_CLEAN_FILES = -depcomp = -am__depfiles_maybe = -DIST_SOURCES = -DIST_COMMON = Makefile.am Makefile.in all: all-am .SUFFIXES: -$(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) +$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps) + @for dep in $?; do \ + case '$(am__configure_deps)' in \ + *$$dep*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ + && exit 0; \ + exit 1;; \ + esac; \ + done; \ + echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign etc/Makefile'; \ cd $(top_srcdir) && \ $(AUTOMAKE) --foreign etc/Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe) +.PRECIOUS: Makefile +Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status + @case '$?' in \ + *config.status*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ + *) \ + echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ + cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ + esac; + +$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh + +$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh uninstall-info-am: tags: TAGS TAGS: -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) +ctags: CTAGS +CTAGS: -top_distdir = .. -distdir = $(top_distdir)/$(PACKAGE)-$(VERSION) distdir: $(DISTFILES) - @list='$(DISTFILES)'; for file in $$list; do \ + @srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; \ + topsrcdirstrip=`echo "$(top_srcdir)" | sed 's|.|.|g'`; \ + list='$(DISTFILES)'; for file in $$list; do \ + case $$file in \ + $(srcdir)/*) file=`echo "$$file" | sed "s|^$$srcdirstrip/||"`;; \ + $(top_srcdir)/*) file=`echo "$$file" | sed "s|^$$topsrcdirstrip/|$(top_builddir)/|"`;; \ + esac; \ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ dir=`echo "$$file" | sed -e 's,/[^/]*$$,,'`; \ if test "$$dir" != "$$file" && test "$$dir" != "."; then \ dir="/$$dir"; \ - $(mkinstalldirs) "$(distdir)$$dir"; \ + $(mkdir_p) "$(distdir)$$dir"; \ else \ dir=''; \ fi; \ @@ -133,9 +209,7 @@ check-am: all-am check: check-am all-am: Makefile - installdirs: - install: install-am install-exec: install-exec-am install-data: install-data-am @@ -147,7 +221,7 @@ installcheck: installcheck-am install-strip: $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - INSTALL_STRIP_FLAG=-s \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ `test -z '$(STRIP)' || \ echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install mostlyclean-generic: @@ -155,7 +229,7 @@ clean-generic: distclean-generic: - -rm -f Makefile $(CONFIG_CLEAN_FILES) + -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) maintainer-clean-generic: @echo "This command is intended for maintainers to use" @@ -165,13 +239,15 @@ clean-am: clean-generic mostlyclean-am distclean: distclean-am - + -rm -f Makefile distclean-am: clean-am distclean-generic dvi: dvi-am dvi-am: +html: html-am + info: info-am info-am: @@ -187,22 +263,31 @@ installcheck-am: maintainer-clean: maintainer-clean-am - + -rm -f Makefile maintainer-clean-am: distclean-am maintainer-clean-generic mostlyclean: mostlyclean-am mostlyclean-am: mostlyclean-generic +pdf: pdf-am + +pdf-am: + +ps: ps-am + +ps-am: + uninstall-am: uninstall-info-am .PHONY: all all-am check check-am clean clean-generic distclean \ - distclean-generic distdir dvi dvi-am info info-am install \ - install-am install-data install-data-am install-exec \ + distclean-generic distdir dvi dvi-am html html-am info info-am \ + install install-am install-data install-data-am install-exec \ install-exec-am install-info install-info-am install-man \ install-strip installcheck installcheck-am installdirs \ maintainer-clean maintainer-clean-generic mostlyclean \ - mostlyclean-generic uninstall uninstall-am uninstall-info-am + mostlyclean-generic pdf pdf-am ps ps-am uninstall uninstall-am \ + uninstall-info-am # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. --- snort-2.3.3.orig/etc/snort.conf +++ snort-2.3.3/etc/snort.conf @@ -44,7 +44,7 @@ var HOME_NET any # Set up the external network addresses as well. A good start may be "any" -var EXTERNAL_NET any +var EXTERNAL_NET !$HOME_NET # Configure your server lists. This allows snort to only look for attacks to # systems that have a service up. Why look for HTTP attacks if you are not @@ -106,7 +106,7 @@ # Path to your rules files (this can be a relative path) # Note for Windows users: You are advised to make this an absolute path, # such as: c:\snort\rules -var RULE_PATH ../rules +var RULE_PATH /etc/snort/rules # Configure the snort decoder # ============================ @@ -272,7 +272,7 @@ # 13 Stealth scan: SYN-FIN scan # 14 TCP forward overlap -preprocessor stream4: disable_evasion_alerts +preprocessor stream4: disable_evasion_alerts detect_scans # tcp stream reassembly directive # no arguments loads the default configuration @@ -297,11 +297,9 @@ # lots of options available here. See doc/README.http_inspect. # unicode.map should be wherever your snort.conf lives, or given # a full path to where snort can find it. -preprocessor http_inspect: global \ - iis_unicode_map unicode.map 1252 +preprocessor http_inspect: global iis_unicode_map unicode.map 1252 -preprocessor http_inspect_server: server default \ - profile all ports { 80 8080 8180 } oversize_dir_length 500 +preprocessor http_inspect_server: server default profile all ports { 80 8080 8180 } oversize_dir_length 500 # # Example unique server configuration @@ -527,13 +525,23 @@ # ------------------------------------------------- # The only argument is the output file name. # -# output log_tcpdump: tcpdump.log +output log_tcpdump: tcpdump.log # database: log to a variety of databases # --------------------------------------- # See the README.database file for more information about configuring # and using this plugin. # +# +# Keep your paws off of these (#DBSTART#) and (#DBEND#) tokens +# or you *will* break the configure process (snort-pgsql/snort-mysql only) +# Anything you put between them will be removed on (re)configure. +# +# (#DBSTART#) +# (#DBEND#) +# +# +# # output database: log, mysql, user=root password=test dbname=db host=localhost # output database: alert, postgresql, user=snort dbname=snort # output database: log, odbc, user=snort dbname=snort @@ -700,7 +708,7 @@ # include $RULE_PATH/porn.rules # include $RULE_PATH/info.rules # include $RULE_PATH/icmp-info.rules - include $RULE_PATH/virus.rules +# include $RULE_PATH/virus.rules # include $RULE_PATH/chat.rules # include $RULE_PATH/multimedia.rules # include $RULE_PATH/p2p.rules @@ -712,4 +720,4 @@ # Note for Windows users: You are advised to make this an absolute path, # such as: c:\snort\etc\threshold.conf # Uncomment if needed. -# include threshold.conf +include threshold.conf --- snort-2.3.3.orig/rules/cgi-bin.list +++ snort-2.3.3/rules/cgi-bin.list @@ -0,0 +1,16 @@ +# (C) Copyright 2001,2002 Brian Caswell, et al. All rights reserved. +# $Id: cgi-bin.list,v 1.3 2002/08/18 20:28:43 cazz Exp $ +#-------------- +# cgi-bin list +#-------------- +# if content-list actually worked, this would be our content-list for +# the different CGI bin directories we would check for. + +"/cgi-bin/" +"/cgi/" +"/cgi-local/" +"/perl/" +"/mod_perl/" +"/scripts/" +"/comps/" +"/cgi-bin-sdb/" --- snort-2.3.3.orig/rules/generators +++ snort-2.3.3/rules/generators @@ -0,0 +1,37 @@ +# Master Registry of Snort Generator Ids +# +# +# This file is used to maintain unique generator ids for files even if +# the default snort configuration doesn't include some patch that is +# required for a specific preprocessor to work +# +# +# +# Maintainer: Chris Green +# +# Contact cmg@sourcefire.com for an assignment + +rules_subsystem 1 # Snort Rules Engine +tag_subsystem 2 # Tagging Subsystem +portscan 100 # Portscan1 +minfrag 101 # Minfrag [ removed ] +http_decode 102 # HTTP decode 1/2 +defrag 103 # First defragmenter [ removed ] +spade 104 # SPADE [ not included anymore ] +bo 105 # Back Orifice +rpc_decode 106 # RPC Preprocessor +stream2 107 # 2nd stream preprocessor [removed] +stream3 108 # 3rd stream preprocessor (AVL nightmare) [ removed ] +telnet_neg 109 # telnet option decoder +unidecode 110 # unicode decoder +stream4 111 # Stream4 preprocessor +arpspoof 112 # Arp Spoof detector +frag2 113 # 2nd fragment preprocessor +fnord 114 # NOP detector [ removed ] +asn1 115 # ASN.1 Validator [ removed ] +decode 116 # Snort Internal Decoder +scan2 117 # portscan2 +conversation 118 # conversation +reserved 119 # TBA +reserved 120 # TBA +snmp 121 # Andrew Baker's newer SNMP decoder --- snort-2.3.3.orig/rules/sid +++ snort-2.3.3/rules/sid @@ -0,0 +1,2 @@ +# $Id: sid,v 1.129.2.8 2004/11/11 20:23:50 bmc Exp $ +3005 --- snort-2.3.3.orig/rules/sid-msg.map +++ snort-2.3.3/rules/sid-msg.map @@ -0,0 +1,2825 @@ +# $Id: sid-msg.map,v 1.147.2.8 2004/11/11 20:23:50 bmc Exp $ +# Format: SID || MSG || Optional References || Optional References ... +# SID -> MSG map + +103 || BACKDOOR subseven 22 || arachnids,485 || url,www.hackfix.org/subseven/ +104 || BACKDOOR - Dagger_1.4.0_client_connect || arachnids,483 || url,www.tlsecurity.net/backdoor/Dagger.1.4.html +105 || BACKDOOR - Dagger_1.4.0 || arachnids,484 || url,www.tlsecurity.net/backdoor/Dagger.1.4.html +106 || BACKDOOR ACKcmdC trojan scan || arachnids,445 +107 || BACKDOOR subseven DEFCON8 2.1 access +108 || BACKDOOR QAZ Worm Client Login access || MCAFEE,98775 +109 || BACKDOOR netbus active || arachnids,401 +110 || BACKDOOR netbus getinfo || arachnids,403 +111 || BACKDOOR netbus getinfo || arachnids,403 +112 || BACKDOOR BackOrifice access || arachnids,400 +113 || BACKDOOR DeepThroat access || arachnids,405 +114 || BACKDOOR netbus active || arachnids,401 +115 || BACKDOOR netbus 2 active || arachnids,401 +116 || BACKDOOR BackOrifice access || arachnids,399 +117 || BACKDOOR Infector.1.x || arachnids,315 +118 || BACKDOOR SatansBackdoor.2.0.Beta || arachnids,316 +119 || BACKDOOR Doly 2.0 access || arachnids,312 +120 || BACKDOOR Infector 1.6 Server to Client || cve,1999-0660 || nessus,11157 +121 || BACKDOOR Infector 1.6 Client to Server Connection Request || cve,1999-0660 || nessus,11157 +122 || BACKDOOR DeepThroat 3.1 System Info Client Request || arachnids,106 +124 || BACKDOOR DeepThroat 3.1 FTP Status Client Request || arachnids,106 +125 || BACKDOOR DeepThroat 3.1 E-Mail Info From Server || arachnids,106 +126 || BACKDOOR DeepThroat 3.1 E-Mail Info Client Request || arachnids,106 +127 || BACKDOOR DeepThroat 3.1 Server Status From Server || arachnids,106 +128 || BACKDOOR DeepThroat 3.1 Server Status Client Request || arachnids,106 +129 || BACKDOOR DeepThroat 3.1 Drive Info From Server || arachnids,106 +130 || BACKDOOR DeepThroat 3.1 System Info From Server || arachnids,106 +131 || BACKDOOR DeepThroat 3.1 Drive Info Client Request || arachnids,106 +132 || BACKDOOR DeepThroat 3.1 Server FTP Port Change From Server || arachnids,106 +133 || BACKDOOR DeepThroat 3.1 Cached Passwords Client Request || arachnids,106 +134 || BACKDOOR DeepThroat 3.1 RAS Passwords Client Request || arachnids,106 +135 || BACKDOOR DeepThroat 3.1 Server Password Change Client Request || arachnids,106 +136 || BACKDOOR DeepThroat 3.1 Server Password Remove Client Request || arachnids,106 +137 || BACKDOOR DeepThroat 3.1 Rehash Client Request || arachnids,106 +138 || BACKDOOR DeepThroat 3.1 Server Rehash Client Request || arachnids,106 +140 || BACKDOOR DeepThroat 3.1 ICQ Alert OFF Client Request || arachnids,106 +141 || BACKDOOR HackAttack 1.20 Connect +142 || BACKDOOR DeepThroat 3.1 ICQ Alert ON Client Request || arachnids,106 +143 || BACKDOOR DeepThroat 3.1 Change Wallpaper Client Request || arachnids,106 +144 || FTP ADMw0rm ftp login attempt || arachnids,01 +145 || BACKDOOR GirlFriendaccess || arachnids,98 +146 || BACKDOOR NetSphere access || arachnids,76 +147 || BACKDOOR GateCrasher || arachnids,99 +148 || BACKDOOR DeepThroat 3.1 Keylogger Active on Network || arachnids,106 +149 || BACKDOOR DeepThroat 3.1 Client Sending Data to Server on Network || arachnids,106 +150 || BACKDOOR DeepThroat 3.1 Server Active on Network || arachnids,106 +151 || BACKDOOR DeepThroat 3.1 Client Sending Data to Server on Network || arachnids,106 +152 || BACKDOOR BackConstruction 2.1 Connection +153 || BACKDOOR DonaldDick 1.53 Traffic || mcafee,98575 +154 || BACKDOOR DeepThroat 3.1 Wrong Password || arachnids,106 +155 || BACKDOOR NetSphere 1.31.337 access || arachnids,76 +156 || BACKDOOR DeepThroat 3.1 Visible Window List Client Request || arachnids,106 +157 || BACKDOOR BackConstruction 2.1 Client FTP Open Request +158 || BACKDOOR BackConstruction 2.1 Server FTP Open Reply +159 || BACKDOOR NetMetro File List || arachnids,79 +160 || BACKDOOR NetMetro Incoming Traffic || arachnids,79 +161 || BACKDOOR Matrix 2.0 Client connect || arachnids,83 +162 || BACKDOOR Matrix 2.0 Server access || arachnids,83 +163 || BACKDOOR WinCrash 1.0 Server Active || arachnids,36 +164 || BACKDOOR DeepThroat 3.1 Server Active on Network || arachnids,106 +165 || BACKDOOR DeepThroat 3.1 Keylogger on Server ON || arachnids,106 +166 || BACKDOOR DeepThroat 3.1 Show Picture Client Request || arachnids,106 +167 || BACKDOOR DeepThroat 3.1 Hide/Show Clock Client Request || arachnids,106 +168 || BACKDOOR DeepThroat 3.1 Hide/Show Desktop Client Request || arachnids,106 +169 || BACKDOOR DeepThroat 3.1 Swap Mouse Buttons Client Request || arachnids,106 +170 || BACKDOOR DeepThroat 3.1 Enable/Disable CTRL-ALT-DEL Client Request || arachnids,106 +171 || BACKDOOR DeepThroat 3.1 Freeze Mouse Client Request || arachnids,106 +172 || BACKDOOR DeepThroat 3.1 Show Dialog Box Client Request || arachnids,106 +173 || BACKDOOR DeepThroat 3.1 Show Replyable Dialog Box Client Request || arachnids,106 +174 || BACKDOOR DeepThroat 3.1 Hide/Show Start Button Client Request || arachnids,106 +175 || BACKDOOR DeepThroat 3.1 Resolution Change Client Request || arachnids,106 +176 || BACKDOOR DeepThroat 3.1 Hide/Show Start Button Client Request || arachnids,106 +177 || BACKDOOR DeepThroat 3.1 Keylogger on Server OFF || arachnids,106 +179 || BACKDOOR DeepThroat 3.1 FTP Server Port Client Request || arachnids,106 +180 || BACKDOOR DeepThroat 3.1 Process List Client request || arachnids,106 +181 || BACKDOOR DeepThroat 3.1 Close Port Scan Client Request || arachnids,106 +182 || BACKDOOR DeepThroat 3.1 Registry Add Client Request || arachnids,106 +183 || BACKDOOR SIGNATURE - Q ICMP || arachnids,202 +184 || BACKDOOR Q access || arachnids,203 +185 || BACKDOOR CDK || arachnids,263 +186 || BACKDOOR DeepThroat 3.1 Monitor on/off Client Request || arachnids,106 +187 || BACKDOOR DeepThroat 3.1 Delete File Client Request || arachnids,106 +188 || BACKDOOR DeepThroat 3.1 Kill Window Client Request || arachnids,106 +189 || BACKDOOR DeepThroat 3.1 Disable Window Client Request || arachnids,106 +190 || BACKDOOR DeepThroat 3.1 Enable Window Client Request || arachnids,106 +191 || BACKDOOR DeepThroat 3.1 Change Window Title Client Request || arachnids,106 +192 || BACKDOOR DeepThroat 3.1 Hide Window Client Request || arachnids,106 +193 || BACKDOOR DeepThroat 3.1 Show Window Client Request || arachnids,106 +194 || BACKDOOR DeepThroat 3.1 Send Text to Window Client Request || arachnids,106 +195 || BACKDOOR DeepThroat 3.1 Server Response || arachnids,106 || mcafee,98574 || nessus,10053 +196 || BACKDOOR DeepThroat 3.1 Hide/Show Systray Client Request || arachnids,106 +197 || BACKDOOR DeepThroat 3.1 Create Directory Client Request || arachnids,106 +198 || BACKDOOR DeepThroat 3.1 All Window List Client Request || arachnids,106 +199 || BACKDOOR DeepThroat 3.1 Play Sound Client Request || arachnids,106 +200 || BACKDOOR DeepThroat 3.1 Run Program Normal Client Request || arachnids,106 +201 || BACKDOOR DeepThroat 3.1 Run Program Hidden Client Request || arachnids,106 +202 || BACKDOOR DeepThroat 3.1 Get NET File Client Request || arachnids,106 +203 || BACKDOOR DeepThroat 3.1 Find File Client Request || arachnids,106 +204 || BACKDOOR DeepThroat 3.1 Find File Client Request || arachnids,106 +205 || BACKDOOR DeepThroat 3.1 HUP Modem Client Request || arachnids,106 +206 || BACKDOOR DeepThroat 3.1 CD ROM Open Client Request || arachnids,106 +207 || BACKDOOR DeepThroat 3.1 CD ROM Close Client Request || arachnids,106 +208 || BACKDOOR PhaseZero Server Active on Network +209 || BACKDOOR w00w00 attempt || arachnids,510 +210 || BACKDOOR attempt +211 || BACKDOOR MISC r00t attempt +212 || BACKDOOR MISC rewt attempt +213 || BACKDOOR MISC Linux rootkit attempt +214 || BACKDOOR MISC Linux rootkit attempt lrkr0x +215 || BACKDOOR MISC Linux rootkit attempt +216 || BACKDOOR MISC Linux rootkit satori attempt || arachnids,516 +217 || BACKDOOR MISC sm4ck attempt +218 || BACKDOOR MISC Solaris 2.5 attempt +219 || BACKDOOR HidePak backdoor attempt +220 || BACKDOOR HideSource backdoor attempt +221 || DDOS TFN Probe || arachnids,443 +222 || DDOS tfn2k icmp possible communication || arachnids,425 +223 || DDOS Trin00 Daemon to Master PONG message detected || arachnids,187 +224 || DDOS Stacheldraht server spoof || arachnids,193 +225 || DDOS Stacheldraht gag server response || arachnids,195 +226 || DDOS Stacheldraht server response || arachnids,191 +227 || DDOS Stacheldraht client spoofworks || arachnids,192 +228 || DDOS TFN client command BE || arachnids,184 +229 || DDOS Stacheldraht client check skillz || arachnids,190 +230 || DDOS shaft client login to handler || arachnids,254 || url,security.royans.net/info/posts/bugtraq_ddos3.shtml +231 || DDOS Trin00 Daemon to Master message detected || arachnids,186 +232 || DDOS Trin00 Daemon to Master *HELLO* message detected || arachnids,185 || url,www.sans.org/newlook/resources/IDFAQ/trinoo.htm +233 || DDOS Trin00 Attacker to Master default startup password || arachnids,197 +234 || DDOS Trin00 Attacker to Master default password +235 || DDOS Trin00 Attacker to Master default mdie password +236 || DDOS Stacheldraht client check gag || arachnids,194 +237 || DDOS Trin00 Master to Daemon default password attempt || arachnids,197 +238 || DDOS TFN server response || arachnids,182 +239 || DDOS shaft handler to agent || arachnids,255 +240 || DDOS shaft agent to handler || arachnids,256 +241 || DDOS shaft synflood || arachnids,253 || cve,2000-0138 +243 || DDOS mstream agent to handler +244 || DDOS mstream handler to agent || cve,2000-0138 +245 || DDOS mstream handler ping to agent || cve,2000-0138 +246 || DDOS mstream agent pong to handler +247 || DDOS mstream client to handler || cve,2000-0138 +248 || DDOS mstream handler to client || cve,2000-0138 +249 || DDOS mstream client to handler || arachnids,111 || cve,2000-0138 +250 || DDOS mstream handler to client || cve,2000-0138 +251 || DDOS - TFN client command LE || arachnids,183 +252 || DNS named iquery attempt || arachnids,277 || bugtraq,134 || cve,1999-0009 || url,www.rfc-editor.org/rfc/rfc1035.txt +253 || DNS SPOOF query response PTR with TTL of 1 min. and no authority +254 || DNS SPOOF query response with TTL of 1 min. and no authority +255 || DNS zone transfer TCP || arachnids,212 || cve,1999-0532 || nessus,10595 +256 || DNS named authors attempt || arachnids,480 || nessus,10728 +257 || DNS named version attempt || arachnids,278 || nessus,10028 +258 || DNS EXPLOIT named 8.2->8.2.1 || bugtraq,788 || cve,1999-0833 +259 || DNS EXPLOIT named overflow ADM || bugtraq,788 || cve,1999-0833 +260 || DNS EXPLOIT named overflow ADMROCKS || bugtraq,788 || cve,1999-0833 || url,www.cert.org/advisories/CA-1999-14.html +261 || DNS EXPLOIT named overflow attempt || url,www.cert.org/advisories/CA-1998-05.html +262 || DNS EXPLOIT x86 Linux overflow attempt +264 || DNS EXPLOIT x86 Linux overflow attempt +265 || DNS EXPLOIT x86 Linux overflow attempt ADMv2 +266 || DNS EXPLOIT x86 FreeBSD overflow attempt +267 || DNS EXPLOIT sparc overflow attempt +268 || DOS Jolt attack || cve,1999-0345 +269 || DOS Land attack || bugtraq,2666 || cve,1999-0016 +270 || DOS Teardrop attack || bugtraq,124 || cve,1999-0015 || nessus,10279 || url,www.cert.org/advisories/CA-1997-28.html +271 || DOS UDP echo+chargen bomb || cve,1999-0103 || cve,1999-0635 +272 || DOS IGMP dos attack || bugtraq,514 || cve,1999-0918 +273 || DOS IGMP dos attack || bugtraq,514 || cve,1999-0918 +274 || DOS ath || arachnids,264 || cve,1999-1228 +275 || DOS NAPTHA || bugtraq,2022 || cve,2000-1039 || url,razor.bindview.com/publish/advisories/adv_NAPTHA.html || url,www.cert.org/advisories/CA-2000-21.html || url,www.microsoft.com/technet/security/bulletin/MS00-091.mspx +276 || DOS Real Audio Server || arachnids,411 || bugtraq,1288 || cve,2000-0474 +277 || DOS Real Server template.html || bugtraq,1288 || cve,2000-0474 +278 || DOS Real Server template.html || bugtraq,1288 || cve,2000-0474 +279 || DOS Bay/Nortel Nautica Marlin || bugtraq,1009 || cve,2000-0221 +281 || DOS Ascend Route || arachnids,262 || bugtraq,714 || cve,1999-0060 +282 || DOS arkiea backup || arachnids,261 || bugtraq,662 || cve,1999-0788 +283 || EXPLOIT Netscape 4.7 client overflow || arachnids,215 || bugtraq,822 || cve,1999-1189 || cve,2000-1187 +284 || POP2 x86 Linux overflow || bugtraq,283 || cve,1999-0920 || nessus,10130 +285 || POP2 x86 Linux overflow || bugtraq,283 || cve,1999-0920 || nessus,10130 +286 || POP3 EXPLOIT x86 BSD overflow || bugtraq,133 || cve,1999-0006 || nessus,10196 +287 || POP3 EXPLOIT x86 BSD overflow +288 || POP3 EXPLOIT x86 Linux overflow +289 || POP3 EXPLOIT x86 SCO overflow || bugtraq,156 || cve,1999-0006 +290 || POP3 EXPLOIT qpopper overflow || bugtraq,830 || cve,1999-0822 || nessus,10184 +291 || NNTP Cassandra Overflow || arachnids,274 || bugtraq,1156 || cve,2000-0341 +292 || EXPLOIT x86 Linux samba overflow || bugtraq,1816 || bugtraq,536 || cve,1999-0182 || cve,1999-0811 +293 || IMAP EXPLOIT overflow +295 || IMAP EXPLOIT x86 linux overflow || bugtraq,130 || cve,1999-0005 +296 || IMAP EXPLOIT x86 linux overflow || bugtraq,130 || cve,1999-0005 +297 || IMAP EXPLOIT x86 linux overflow || bugtraq,130 || cve,1999-0005 +298 || IMAP EXPLOIT x86 linux overflow || bugtraq,130 || cve,1999-0005 +299 || IMAP EXPLOIT x86 linux overflow || bugtraq,130 || cve,1999-0005 +300 || EXPLOIT nlps x86 Solaris overflow || bugtraq,2319 +301 || EXPLOIT LPRng overflow || bugtraq,1712 || cve,2000-0917 +302 || EXPLOIT Redhat 7.0 lprd overflow || bugtraq,1712 || cve,2000-0917 +303 || DNS EXPLOIT named tsig overflow attempt || arachnids,482 || bugtraq,2302 || cve,2001-0010 +304 || EXPLOIT SCO calserver overflow || bugtraq,2353 || cve,2000-0306 +305 || EXPLOIT delegate proxy overflow || arachnids,267 || bugtraq,808 || cve,2000-0165 +306 || EXPLOIT VQServer admin || bugtraq,1610 || cve,2000-0766 || url,www.vqsoft.com/vq/server/docs/other/control.html +307 || EXPLOIT CHAT IRC topic overflow || bugtraq,573 || cve,1999-0672 +308 || EXPLOIT NextFTP client overflow || bugtraq,572 || cve,1999-0671 +309 || EXPLOIT sniffit overflow || arachnids,273 || bugtraq,1158 || cve,2000-0343 +310 || EXPLOIT x86 windows MailMax overflow || bugtraq,2312 || cve,1999-0404 +311 || EXPLOIT Netscape 4.7 unsucessful overflow || arachnids,214 || bugtraq,822 || cve,1999-1189 || cve,2000-1187 +312 || EXPLOIT ntpdx overflow attempt || arachnids,492 || bugtraq,2540 || cve,2001-0414 +313 || EXPLOIT ntalkd x86 Linux overflow || bugtraq,210 +314 || DNS EXPLOIT named tsig overflow attempt || bugtraq,2303 || cve,2001-0010 +315 || EXPLOIT x86 Linux mountd overflow || bugtraq,121 || cve,1999-0002 +316 || EXPLOIT x86 Linux mountd overflow || bugtraq,121 || cve,1999-0002 +317 || EXPLOIT x86 Linux mountd overflow || bugtraq,121 || cve,1999-0002 +318 || EXPLOIT bootp x86 bsd overfow || bugtraq,324 || cve,1999-0914 +319 || EXPLOIT bootp x86 linux overflow || cve,1999-0389 || cve,1999-0798 || cve,1999-0799 +320 || FINGER cmd_rootsh backdoor attempt || nessus,10070 || url,www.sans.org/y2k/TFN_toolkit.htm || url,www.sans.org/y2k/fingerd.htm +321 || FINGER account enumeration attempt || nessus,10788 +322 || FINGER search query || arachnids,375 || cve,1999-0259 +323 || FINGER root query || arachnids,376 +324 || FINGER null request || arachnids,377 +325 || FINGER probe 0 attempt || arachnids,378 +326 || FINGER remote command execution attempt || arachnids,379 || bugtraq,974 || cve,1999-0150 +327 || FINGER remote command pipe execution attempt || arachnids,380 || bugtraq,2220 || cve,1999-0152 +328 || FINGER bomb attempt || arachnids,381 || cve,1999-0106 +329 || FINGER cybercop redirection || arachnids,11 +330 || FINGER redirection attempt || arachnids,251 || cve,1999-0105 || nessus,10073 +331 || FINGER cybercop query || arachnids,132 || cve,1999-0612 +332 || FINGER 0 query || arachnids,131 || arachnids,378 || cve,1999-0197 || nessus,10069 +333 || FINGER . query || arachnids,130 || cve,1999-0198 || nessus,10072 +334 || FTP .forward || arachnids,319 +335 || FTP .rhosts || arachnids,328 +336 || FTP CWD ~root attempt || arachnids,318 || cve,1999-0082 +337 || FTP CEL overflow attempt || arachnids,257 || bugtraq,679 || cve,1999-0789 || nessus,10009 +338 || FTP EXPLOIT format string || arachnids,453 || bugtraq,1387 || cve,2000-0573 +339 || FTP EXPLOIT OpenBSD x86 ftpd || arachnids,446 || bugtraq,2124 || cve,2001-0053 +340 || FTP EXPLOIT overflow +341 || FTP EXPLOIT overflow +342 || FTP EXPLOIT wu-ftpd 2.6.0 site exec format string overflow Solaris 2.8 || arachnids,451 || bugtraq,1387 || cve,2000-0573 +343 || FTP EXPLOIT wu-ftpd 2.6.0 site exec format string overflow FreeBSD || arachnids,228 || bugtraq,1387 || cve,2000-0573 +344 || FTP EXPLOIT wu-ftpd 2.6.0 site exec format string overflow Linux || arachnids,287 || bugtraq,1387 || cve,2000-0573 +345 || FTP EXPLOIT wu-ftpd 2.6.0 site exec format string overflow generic || arachnids,285 || bugtraq,1387 || cve,2000-0573 || nessus,10452 +346 || FTP EXPLOIT wu-ftpd 2.6.0 site exec format string check || arachnids,286 || bugtraq,1387 || cve,2000-0573 +348 || FTP EXPLOIT wu-ftpd 2.6.0 || arachnids,440 || bugtraq,1387 +349 || FTP EXPLOIT MKD overflow || bugtraq,113 || bugtraq,2242 || cve,1999-0368 +350 || FTP EXPLOIT x86 linux overflow || bugtraq,113 || bugtraq,2242 || cve,1999-0368 +351 || FTP EXPLOIT x86 linux overflow || bugtraq,113 || bugtraq,2242 || cve,1999-0368 +352 || FTP EXPLOIT x86 linux overflow || bugtraq,113 || cve,1999-0368 +353 || FTP adm scan || arachnids,332 +354 || FTP iss scan || arachnids,331 +355 || FTP pass wh00t || arachnids,324 +356 || FTP passwd retrieval attempt || arachnids,213 +357 || FTP piss scan +358 || FTP saint scan || arachnids,330 +359 || FTP satan scan || arachnids,329 +360 || FTP serv-u directory transversal || bugtraq,2052 || cve,2001-0054 +361 || FTP SITE EXEC attempt || arachnids,317 || bugtraq,2241 || cve,1999-0080 || cve,1999-0955 +362 || FTP tar parameters || arachnids,134 || bugtraq,2240 || cve,1999-0202 || cve,1999-0997 +363 || ICMP IRDP router advertisement || arachnids,173 || bugtraq,578 || cve,1999-0875 +364 || ICMP IRDP router selection || arachnids,174 || bugtraq,578 || cve,1999-0875 +365 || ICMP PING undefined code +366 || ICMP PING *NIX +368 || ICMP PING BSDtype || arachnids,152 +369 || ICMP PING BayRS Router || arachnids,438 || arachnids,444 +370 || ICMP PING BeOS4.x || arachnids,151 +371 || ICMP PING Cisco Type.x || arachnids,153 +372 || ICMP PING Delphi-Piette Windows || arachnids,155 +373 || ICMP PING Flowpoint2200 or Network Management Software || arachnids,156 +374 || ICMP PING IP NetMonitor Macintosh || arachnids,157 +375 || ICMP PING LINUX/*BSD || arachnids,447 +376 || ICMP PING Microsoft Windows || arachnids,159 +377 || ICMP PING Network Toolbox 3 Windows || arachnids,161 +378 || ICMP PING Ping-O-MeterWindows || arachnids,164 +379 || ICMP PING Pinger Windows || arachnids,163 +380 || ICMP PING Seer Windows || arachnids,166 +381 || ICMP PING Sun Solaris || arachnids,448 +382 || ICMP PING Windows || arachnids,169 +384 || ICMP PING +385 || ICMP traceroute || arachnids,118 +386 || ICMP Address Mask Reply +387 || ICMP Address Mask Reply undefined code +388 || ICMP Address Mask Request +389 || ICMP Address Mask Request undefined code +390 || ICMP Alternate Host Address +391 || ICMP Alternate Host Address undefined code +392 || ICMP Datagram Conversion Error +393 || ICMP Datagram Conversion Error undefined code +394 || ICMP Destination Unreachable Destination Host Unknown +395 || ICMP Destination Unreachable Destination Network Unknown +396 || ICMP Destination Unreachable Fragmentation Needed and DF bit was set +397 || ICMP Destination Unreachable Host Precedence Violation +398 || ICMP Destination Unreachable Host Unreachable for Type of Service +399 || ICMP Destination Unreachable Host Unreachable +400 || ICMP Destination Unreachable Network Unreachable for Type of Service +401 || ICMP Destination Unreachable Network Unreachable +402 || ICMP Destination Unreachable Port Unreachable +403 || ICMP Destination Unreachable Precedence Cutoff in effect +404 || ICMP Destination Unreachable Protocol Unreachable +405 || ICMP Destination Unreachable Source Host Isolated +406 || ICMP Destination Unreachable Source Route Failed +407 || ICMP Destination Unreachable cndefined code +408 || ICMP Echo Reply +409 || ICMP Echo Reply undefined code +410 || ICMP Fragment Reassembly Time Exceeded +411 || ICMP IPV6 I-Am-Here +412 || ICMP IPV6 I-Am-Here undefined code +413 || ICMP IPV6 Where-Are-You +414 || ICMP IPV6 Where-Are-You undefined code +415 || ICMP Information Reply +416 || ICMP Information Reply undefined code +417 || ICMP Information Request +418 || ICMP Information Request undefined code +419 || ICMP Mobile Host Redirect +420 || ICMP Mobile Host Redirect undefined code +421 || ICMP Mobile Registration Reply +422 || ICMP Mobile Registration Reply undefined code +423 || ICMP Mobile Registration Request +424 || ICMP Mobile Registration Request undefined code +425 || ICMP Parameter Problem Bad Length +426 || ICMP Parameter Problem Missing a Required Option +427 || ICMP Parameter Problem Unspecified Error +428 || ICMP Parameter Problem undefined Code +429 || ICMP Photuris Reserved +430 || ICMP Photuris Unknown Security Parameters Index +431 || ICMP Photuris Valid Security Parameters, But Authentication Failed +432 || ICMP Photuris Valid Security Parameters, But Decryption Failed +433 || ICMP Photuris undefined code! +436 || ICMP Redirect for TOS and Host +437 || ICMP Redirect for TOS and Network +438 || ICMP Redirect undefined code +439 || ICMP Reserved for Security Type 19 +440 || ICMP Reserved for Security Type 19 undefined code +441 || ICMP Router Advertisement || arachnids,173 +443 || ICMP Router Selection || arachnids,174 +445 || ICMP SKIP +446 || ICMP SKIP undefined code +448 || ICMP Source Quench undefined code +449 || ICMP Time-To-Live Exceeded in Transit +450 || ICMP Time-To-Live Exceeded in Transit undefined code +451 || ICMP Timestamp Reply +452 || ICMP Timestamp Reply undefined code +453 || ICMP Timestamp Request +454 || ICMP Timestamp Request undefined code +455 || ICMP Traceroute ipopts || arachnids,238 +456 || ICMP Traceroute +457 || ICMP Traceroute undefined code +458 || ICMP unassigned type 1 +459 || ICMP unassigned type 1 undefined code +460 || ICMP unassigned type 2 +461 || ICMP unassigned type 2 undefined code +462 || ICMP unassigned type 7 +463 || ICMP unassigned type 7 undefined code +465 || ICMP ISS Pinger || arachnids,158 +466 || ICMP L3retriever Ping || arachnids,311 +467 || ICMP Nemesis v1.1 Echo || arachnids,449 +469 || ICMP PING NMAP || arachnids,162 +471 || ICMP icmpenum v1.1.1 || arachnids,450 +472 || ICMP redirect host || arachnids,135 || cve,1999-0265 +473 || ICMP redirect net || arachnids,199 || cve,1999-0265 +474 || ICMP superscan echo +475 || ICMP traceroute ipopts || arachnids,238 +476 || ICMP webtrends scanner || arachnids,307 +477 || ICMP Source Quench +478 || ICMP Broadscan Smurf Scanner +480 || ICMP PING speedera +481 || ICMP TJPingPro1.1Build 2 Windows || arachnids,167 +482 || ICMP PING WhatsupGold Windows || arachnids,168 +483 || ICMP PING CyberKit 2.2 Windows || arachnids,154 +484 || ICMP PING Sniffer Pro/NetXRay network scan +485 || ICMP Destination Unreachable Communication Administratively Prohibited +486 || ICMP Destination Unreachable Communication with Destination Host is Administratively Prohibited +487 || ICMP Destination Unreachable Communication with Destination Network is Administratively Prohibited +488 || INFO Connection Closed MSG from Port 80 +489 || INFO FTP no password || arachnids,322 +490 || INFO battle-mail traffic +491 || INFO FTP Bad login +492 || INFO TELNET Bad Login +493 || INFO psyBNC access +494 || ATTACK-RESPONSES command completed || bugtraq,1806 +495 || ATTACK-RESPONSES command error +496 || ATTACK RESPONSES directory listing +497 || ATTACK-RESPONSES file copied ok || bugtraq,1806 || cve,2000-0884 +498 || ATTACK-RESPONSES id check returned root +499 || ICMP Large ICMP Packet || arachnids,246 +500 || MISC source route lssr || arachnids,418 || bugtraq,646 || cve,1999-0909 +501 || MISC source route lssre || arachnids,420 || bugtraq,646 || cve,1999-0909 +502 || MISC source route ssrr || arachnids,422 +503 || MISC Source Port 20 to <1024 || arachnids,06 +504 || MISC source port 53 to <1024 || arachnids,07 +505 || MISC Insecure TIMBUKTU Password || arachnids,229 +506 || MISC ramen worm incoming || arachnids,460 +507 || MISC PCAnywhere Attempted Administrator Login +508 || MISC gopher proxy || arachnids,409 +509 || WEB-MISC PCCS mysql database admin tool access || arachnids,300 || bugtraq,1557 || cve,2000-0707 || nessus,10783 +510 || POLICY HP JetDirect LCD modification attempt || arachnids,302 || bugtraq,2245 +511 || MISC Invalid PCAnywhere Login +512 || MISC PCAnywhere Failed Login || arachnids,240 +513 || MISC Cisco Catalyst Remote Access || arachnids,129 || bugtraq,705 || cve,1999-0430 +514 || MISC ramen worm || arachnids,461 +516 || MISC SNMP NT UserList || nessus,10546 +517 || MISC xdmcp query || arachnids,476 +518 || TFTP Put || arachnids,148 || cve,1999-0183 +519 || TFTP parent directory || arachnids,137 || cve,1999-0183 || cve,2002-1209 +520 || TFTP root directory || arachnids,138 || cve,1999-0183 +521 || MISC Large UDP Packet || arachnids,247 +522 || MISC Tiny Fragments +523 || BAD-TRAFFIC ip reserved bit set +524 || BAD-TRAFFIC tcp port 0 traffic +525 || BAD-TRAFFIC udp port 0 traffic || bugtraq,576 || cve,1999-0675 || nessus,10074 +526 || BAD-TRAFFIC data in TCP SYN packet || url,www.cert.org/incident_notes/IN-99-07.html +527 || BAD-TRAFFIC same SRC/DST || bugtraq,2666 || cve,1999-0016 || url,www.cert.org/advisories/CA-1997-28.html +528 || BAD-TRAFFIC loopback traffic || url,rr.sans.org/firewall/egress.php +529 || NETBIOS DOS RFPoison || arachnids,454 +530 || NETBIOS NT NULL session || arachnids,204 || bugtraq,1163 || cve,2000-0347 +532 || NETBIOS SMB ADMIN$ share access +533 || NETBIOS SMB C$ share access +534 || NETBIOS SMB CD.. || arachnids,338 +535 || NETBIOS SMB CD... || arachnids,337 +536 || NETBIOS SMB D$ share access +537 || NETBIOS SMB IPC$ share access +538 || NETBIOS SMB IPC$ unicode share access +539 || NETBIOS Samba clientaccess || arachnids,341 +540 || CHAT MSN message +541 || CHAT ICQ access +542 || CHAT IRC nick change +543 || POLICY FTP 'STOR 1MB' possible warez site +544 || POLICY FTP 'RETR 1MB' possible warez site +545 || POLICY FTP 'CWD / ' possible warez site +546 || POLICY FTP 'CWD ' possible warez site +547 || POLICY FTP 'MKD ' possible warez site +548 || POLICY FTP 'MKD .' possible warez site +549 || P2P napster login +550 || P2P napster new user login +551 || P2P napster download attempt +552 || P2P napster upload request +553 || POLICY FTP anonymous login attempt +554 || POLICY FTP 'MKD / ' possible warez site +555 || POLICY WinGate telnet server response || arachnids,366 || cve,1999-0657 +556 || P2P Outbound GNUTella client request +557 || P2P GNUTella client request +558 || INFO Outbound GNUTella client request +559 || P2P Inbound GNUTella client request +560 || POLICY VNC server response +561 || P2P Napster Client Data +562 || P2P Napster Client Data +563 || P2P Napster Client Data +564 || P2P Napster Client Data +565 || P2P Napster Server Login +566 || POLICY PCAnywhere server response || arachnids,239 +567 || POLICY SMTP relaying denied || arachnids,249 || url,mail-abuse.org/tsi/ar-fix.html +568 || POLICY HP JetDirect LCD modification attempt || arachnids,302 || bugtraq,2245 +569 || RPC snmpXdmi overflow attempt TCP || bugtraq,2417 || cve,2001-0236 || url,www.cert.org/advisories/CA-2001-05.html +570 || RPC EXPLOIT ttdbserv solaris overflow || arachnids,242 || bugtraq,122 || cve,1999-0003 || url,www.cert.org/advisories/CA-2001-27.html +571 || RPC EXPLOIT ttdbserv Solaris overflow || arachnids,242 || bugtraq,122 || cve,1999-0003 || url,www.cert.org/advisories/CA-2001-27.html +572 || RPC DOS ttdbserv Solaris || arachnids,241 || bugtraq,122 || cve,1999-0003 +573 || RPC AMD Overflow || arachnids,217 || cve,1999-0704 +574 || RPC mountd TCP export request || arachnids,26 +575 || RPC portmap admind request UDP || arachnids,18 +576 || RPC portmap amountd request UDP || arachnids,19 +577 || RPC portmap bootparam request UDP || arachnids,16 || cve,1999-0647 +578 || RPC portmap cmsd request UDP || arachnids,17 +579 || RPC portmap mountd request UDP || arachnids,13 +580 || RPC portmap nisd request UDP || arachnids,21 +581 || RPC portmap pcnfsd request UDP || arachnids,22 +582 || RPC portmap rexd request UDP || arachnids,23 +583 || RPC portmap rstatd request UDP || arachnids,10 +584 || RPC portmap rusers request UDP || arachnids,133 || cve,1999-0626 +585 || RPC portmap sadmind request UDP || arachnids,20 +586 || RPC portmap selection_svc request UDP || arachnids,25 +587 || RPC portmap status request UDP || arachnids,15 +588 || RPC portmap ttdbserv request UDP || arachnids,24 || bugtraq,122 || bugtraq,3382 || cve,1999-0003 || cve,1999-0687 || cve,1999-1075 || cve,2001-0717 || url,www.cert.org/advisories/CA-2001-05.html +589 || RPC portmap yppasswd request UDP || arachnids,14 +590 || RPC portmap ypserv request UDP || arachnids,12 || bugtraq,5914 || bugtraq,6016 || cve,2000-1042 || cve,2000-1043 || cve,2002-1232 +591 || RPC portmap ypupdated request TCP || arachnids,125 +592 || RPC rstatd query || arachnids,9 +593 || RPC portmap snmpXdmi request TCP || bugtraq,2417 || cve,2001-0236 || url,www.cert.org/advisories/CA-2001-05.html +595 || RPC portmap espd request TCP || bugtraq,2714 || cve,2001-0331 +596 || RPC portmap listing || arachnids,429 +597 || RPC portmap listing || arachnids,429 +598 || RPC portmap listing TCP 111 || arachnids,428 +599 || RPC portmap listing TCP 32771 || arachnids,429 +600 || RPC EXPLOIT statdx || arachnids,442 +601 || RSERVICES rlogin LinuxNIS +602 || RSERVICES rlogin bin || arachnids,384 +603 || RSERVICES rlogin echo++ || arachnids,385 +604 || RSERVICES rsh froot || arachnids,387 +605 || RSERVICES rlogin login failure || arachnids,393 +606 || RSERVICES rlogin root || arachnids,389 +607 || RSERVICES rsh bin || arachnids,390 +608 || RSERVICES rsh echo + + || arachnids,388 +609 || RSERVICES rsh froot || arachnids,387 +610 || RSERVICES rsh root || arachnids,391 +611 || RSERVICES rlogin login failure || arachnids,392 +612 || RPC rusers query UDP || cve,1999-0626 +613 || SCAN myscan || arachnids,439 +614 || BACKDOOR hack-a-tack attempt || arachnids,314 +615 || SCAN SOCKS Proxy attempt || url,help.undernet.org/proxyscan/ +616 || SCAN ident version request || arachnids,303 +617 || SCAN ssh-research-scanner +618 || SCAN Squid Proxy attempt +619 || SCAN cybercop os probe || arachnids,146 +620 || SCAN Proxy Port 8080 attempt +621 || SCAN FIN || arachnids,27 +622 || SCAN ipEye SYN scan || arachnids,236 +623 || SCAN NULL || arachnids,4 +624 || SCAN SYN FIN || arachnids,198 +625 || SCAN XMAS || arachnids,144 +626 || SCAN cybercop os PA12 attempt || arachnids,149 +627 || SCAN cybercop os SFU12 probe || arachnids,150 +628 || SCAN nmap TCP || arachnids,28 +629 || SCAN nmap fingerprint attempt || arachnids,05 +630 || SCAN synscan portscan || arachnids,441 +631 || SMTP ehlo cybercop attempt || arachnids,372 +632 || SMTP expn cybercop attempt || arachnids,371 +634 || SCAN Amanda client version request +635 || SCAN XTACACS logout || arachnids,408 +636 || SCAN cybercop udp bomb || arachnids,363 +637 || SCAN Webtrends Scanner UDP Probe || arachnids,308 +638 || SHELLCODE SGI NOOP || arachnids,356 +639 || SHELLCODE SGI NOOP || arachnids,357 +640 || SHELLCODE AIX NOOP +641 || SHELLCODE Digital UNIX NOOP || arachnids,352 +642 || SHELLCODE HP-UX NOOP || arachnids,358 +643 || SHELLCODE HP-UX NOOP || arachnids,359 +644 || SHELLCODE sparc NOOP || arachnids,345 +645 || SHELLCODE sparc NOOP || arachnids,353 +646 || SHELLCODE sparc NOOP || arachnids,355 +647 || SHELLCODE sparc setuid 0 || arachnids,282 +648 || SHELLCODE x86 NOOP || arachnids,181 +649 || SHELLCODE x86 setgid 0 || arachnids,284 +650 || SHELLCODE x86 setuid 0 || arachnids,436 +651 || SHELLCODE x86 stealth NOOP || arachnids,291 +652 || SHELLCODE Linux shellcode || arachnids,343 +653 || SHELLCODE x86 0x90 unicode NOOP +654 || SMTP RCPT TO overflow || bugtraq,2283 || bugtraq,9696 || cve,2001-0260 +655 || SMTP sendmail 8.6.9 exploit || arachnids,140 || bugtraq,2311 || cve,1999-0204 +656 || SMTP EXPLOIT x86 windows CSMMail overflow || bugtraq,895 || cve,2000-0042 +657 || SMTP chameleon overflow || arachnids,266 || bugtraq,2387 || cve,1999-0261 +658 || SMTP exchange mime DOS || bugtraq,1869 || cve,2000-1006 || nessus,10558 +659 || SMTP expn decode || arachnids,32 || cve,1999-0096 || nessus,10248 +660 || SMTP expn root || arachnids,31 || cve,1999-0531 || nessus,10249 +661 || SMTP majordomo ifs || arachnids,143 || bugtraq,2310 || cve,1999-0207 || cve,1999-0208 +662 || SMTP sendmail 5.5.5 exploit || arachnids,119 || cve,1999-0203 || nessus,10258 +663 || SMTP rcpt to command attempt || arachnids,172 || bugtraq,1 || cve,1999-0095 +664 || SMTP RCPT TO decode attempt || arachnids,121 || bugtraq,2308 || cve,1999-0203 +665 || SMTP sendmail 5.6.5 exploit || arachnids,122 || bugtraq,2308 || cve,1999-0203 +666 || SMTP sendmail 8.4.1 exploit || arachnids,120 +667 || SMTP sendmail 8.6.10 exploit || arachnids,123 || bugtraq,2311 || cve,1999-0204 +668 || SMTP sendmail 8.6.10 exploit || arachnids,124 || bugtraq,2311 || cve,1999-0204 +669 || SMTP sendmail 8.6.9 exploit || arachnids,142 || bugtraq,2311 || cve,1999-0204 +670 || SMTP sendmail 8.6.9 exploit || arachnids,139 || bugtraq,2311 || cve,1999-0204 +671 || SMTP sendmail 8.6.9c exploit || arachnids,141 || bugtraq,2311 || cve,1999-0204 +672 || SMTP vrfy decode || arachnids,373 || bugtraq,10248 || cve,1999-0096 +673 || MS-SQL sp_start_job - program execution +674 || MS-SQL xp_displayparamstmt possible buffer overflow || bugtraq,2030 || cve,2000-1081 || url,www.microsoft.com/technet/security/bulletin/MS00-092.mspx +675 || MS-SQL xp_setsqlsecurity possible buffer overflow || bugtraq,2043 || cve,2000-1088 || url,www.microsoft.com/technet/security/bulletin/MS00-092.mspx +676 || MS-SQL/SMB sp_start_job - program execution +677 || MS-SQL/SMB sp_password password change +678 || MS-SQL/SMB sp_delete_alert log file deletion +679 || MS-SQL/SMB sp_adduser database user creation +680 || MS-SQL/SMB sa login failed || bugtraq,4797 || cve,2000-1209 +681 || MS-SQL/SMB xp_cmdshell program execution +682 || MS-SQL xp_enumresultset possible buffer overflow || bugtraq,2031 || cve,2000-1082 || url,www.microsoft.com/technet/security/bulletin/MS00-092.mspx +683 || MS-SQL sp_password - password change +684 || MS-SQL sp_delete_alert log file deletion +685 || MS-SQL sp_adduser - database user creation +686 || MS-SQL xp_reg* - registry access || bugtraq,5205 || cve,2002-0642 || nessus,10642 +687 || MS-SQL xp_cmdshell - program execution +688 || MS-SQL sa login failed || bugtraq,4797 || cve,2000-1209 || nessus,10673 +689 || MS-SQL/SMB xp_reg* registry access || bugtraq,5205 || cve,2002-0642 || nessus,10642 +690 || MS-SQL/SMB xp_printstatements possible buffer overflow || bugtraq,2041 || cve,2000-1086 || url,www.microsoft.com/technet/security/bulletin/MS00-092.mspx +691 || MS-SQL shellcode attempt +692 || MS-SQL/SMB shellcode attempt +693 || MS-SQL shellcode attempt +694 || MS-SQL/SMB shellcode attempt +695 || MS-SQL/SMB xp_sprintf possible buffer overflow || bugtraq,1204 || url,www.microsoft.com/technet/security/bulletin/MS01-060.mspx +696 || MS-SQL/SMB xp_showcolv possible buffer overflow || bugtraq,2038 || cve,2000-1083 || url,www.microsoft.com/technet/security/bulletin/MS00-092.mspx +697 || MS-SQL/SMB xp_peekqueue possible buffer overflow || bugtraq,2040 || cve,2000-1085 || url,www.microsoft.com/technet/security/bulletin/MS00-092.mspx +698 || MS-SQL/SMB xp_proxiedmetadata possible buffer overflow || bugtraq,2042 || cve,2000-1087 || url,www.microsoft.com/technet/security/bulletin/MS00-092.mspx +699 || MS-SQL xp_printstatements possible buffer overflow || bugtraq,2041 || cve,2000-1086 || url,www.microsoft.com/technet/security/bulletin/MS00-092.mspx +700 || MS-SQL/SMB xp_updatecolvbm possible buffer overflow || bugtraq,2039 || cve,2000-1084 || url,www.microsoft.com/technet/security/bulletin/MS00-092.mspx +701 || MS-SQL xp_updatecolvbm possible buffer overflow || bugtraq,2039 || cve,2000-1084 || url,www.microsoft.com/technet/security/bulletin/MS00-092.mspx +702 || MS-SQL/SMB xp_displayparamstmt possible buffer overflow || bugtraq,2030 || cve,2000-1081 || url,www.microsoft.com/technet/security/bulletin/MS00-092.mspx +703 || MS-SQL/SMB xp_setsqlsecurity possible buffer overflow || bugtraq,2043 || cve,2000-1088 || url,www.microsoft.com/technet/security/bulletin/MS00-092.mspx +704 || MS-SQL xp_sprintf possible buffer overflow || bugtraq,1204 || cve,2001-0542 || url,www.microsoft.com/technet/security/bulletin/MS01-060.mspx +705 || MS-SQL xp_showcolv possible buffer overflow || bugtraq,2038 || cve,2000-1083 || url,www.microsoft.com/technet/security/bulletin/MS00-092.mspx +706 || MS-SQL xp_peekqueue possible buffer overflow || bugtraq,2040 || cve,2000-1085 || url,www.microsoft.com/technet/security/bulletin/MS00-092.mspx +707 || MS-SQL xp_proxiedmetadata possible buffer overflow || bugtraq,2024 || cve,1999-0287 || cve,2000-1087 || url,www.microsoft.com/technet/security/bulletin/MS00-092.mspx +708 || MS-SQL/SMB xp_enumresultset possible buffer overflow || bugtraq,2031 || cve,2000-1082 || url,www.microsoft.com/technet/security/bulletin/MS00-092.mspx +709 || TELNET 4Dgifts SGI account attempt || cve,1999-0501 || nessus,11243 +710 || TELNET EZsetup account attempt || cve,1999-0501 || nessus,11244 +711 || TELNET SGI telnetd format bug || arachnids,304 || bugtraq,1572 || cve,2000-0733 +712 || TELNET ld_library_path || arachnids,367 || bugtraq,459 || cve,1999-0073 +713 || TELNET livingston DOS || arachnids,370 || bugtraq,2225 || cve,1999-0218 +714 || TELNET resolv_host_conf || arachnids,369 || bugtraq,2181 || cve,2001-0170 +715 || TELNET Attempted SU from wrong group +716 || TELNET access || arachnids,08 || cve,1999-0619 || nessus,10280 +717 || TELNET not on console || arachnids,365 +718 || TELNET login incorrect || arachnids,127 +719 || TELNET root login +720 || Virus - SnowWhite Trojan Incoming +721 || VIRUS OUTBOUND bad file attachment +722 || Virus - Possible NAVIDAD Worm +723 || Virus - Possible MyRomeo Worm +724 || Virus - Possible MyRomeo Worm +725 || Virus - Possible MyRomeo Worm +726 || Virus - Possible MyRomeo Worm +727 || Virus - Possible MyRomeo Worm +728 || Virus - Possible MyRomeo Worm +729 || VIRUS OUTBOUND .scr file attachment +730 || VIRUS OUTBOUND .shs file attachment +731 || Virus - Possible QAZ Worm || MCAFEE,98775 +732 || Virus - Possible QAZ Worm Infection || MCAFEE,98775 +733 || Virus - Possible QAZ Worm Calling Home || MCAFEE,98775 +734 || Virus - Possible Matrix worm +735 || Virus - Possible MyRomeo Worm +736 || Virus - Successful eurocalculator execution +737 || Virus - Possible eurocalculator.exe file +738 || Virus - Possible Pikachu Pokemon Virus || MCAFEE,98696 +739 || Virus - Possible Triplesix Worm || MCAFEE,10389 +740 || Virus - Possible Tune.vbs || MCAFEE,10497 +741 || Virus - Possible NAIL Worm || MCAFEE,10109 +742 || Virus - Possible NAIL Worm || MCAFEE,10109 +743 || Virus - Possible NAIL Worm || MCAFEE,10109 +744 || Virus - Possible NAIL Worm || MCAFEE,10109 +745 || Virus - Possible Papa Worm || MCAFEE,10145 +746 || Virus - Possible Freelink Worm || MCAFEE,10225 +747 || Virus - Possible Simbiosis Worm +748 || Virus - Possible BADASS Worm || MCAFEE,10388 +749 || Virus - Possible ExploreZip.B Worm || MCAFEE,10471 +751 || Virus - Possible wscript.KakWorm || MCAFEE,10509 +752 || Virus Possible Suppl Worm || MCAFEE,10361 +753 || Virus - Possible NewApt.Worm - theobbq.exe || MCAFEE,10540 +754 || Virus - Possible Word Macro - VALE || MCAFEE,10502 +755 || Virus - Possible IROK Worm || MCAFEE,98552 +756 || Virus - Possible Fix2001 Worm || MCAFEE,10355 +757 || Virus - Possible Y2K Zelu Trojan || MCAFEE,10505 +758 || Virus - Possible The_Fly Trojan || MCAFEE,10478 +759 || Virus - Possible Word Macro - VALE || MCAFEE,10502 +760 || Virus - Possible Passion Worm || MCAFEE,10467 +761 || Virus - Possible NewApt.Worm - cooler3.exe || MCAFEE,10540 +762 || Virus - Possible NewApt.Worm - party.exe || MCAFEE,10540 +763 || Virus - Possible NewApt.Worm - hog.exe || MCAFEE,10540 +764 || Virus - Possible NewApt.Worm - goal1.exe || MCAFEE,10540 +765 || Virus - Possible NewApt.Worm - pirate.exe || MCAFEE,10540 +766 || Virus - Possible NewApt.Worm - video.exe || MCAFEE,10540 +767 || Virus - Possible NewApt.Worm - baby.exe || MCAFEE,10540 +768 || Virus - Possible NewApt.Worm - cooler1.exe || MCAFEE,10540 +769 || Virus - Possible NewApt.Worm - boss.exe || MCAFEE,10540 +770 || Virus - Possible NewApt.Worm - g-zilla.exe || MCAFEE,10540 +771 || Virus - Possible ToadieE-mail Trojan || MCAFEE,10540 +772 || Virus - Possible PrettyPark Trojan || MCAFEE,10175 +773 || Virus - Possible Happy99 Virus || MCAFEE,10144 +774 || Virus - Possible CheckThis Trojan +775 || Virus - Possible Bubbleboy Worm || MCAFEE,10418 +776 || Virus - Possible NewApt.Worm - copier.exe || MCAFEE,10540 +777 || Virus - Possible MyPics Worm || MCAFEE,10467 +778 || Virus - Possible Babylonia - X-MAS.exe || MCAFEE,10461 +779 || Virus - Possible NewApt.Worm - gadget.exe || MCAFEE,10540 +780 || Virus - Possible NewApt.Worm - irnglant.exe || MCAFEE,10540 +781 || Virus - Possible NewApt.Worm - casper.exe || MCAFEE,10540 +782 || Virus - Possible NewApt.Worm - fborfw.exe || MCAFEE,10540 +783 || Virus - Possible NewApt.Worm - saddam.exe || MCAFEE,10540 +784 || Virus - Possible NewApt.Worm - bboy.exe || MCAFEE,10540 +785 || Virus - Possible NewApt.Worm - monica.exe || MCAFEE,10540 +786 || Virus - Possible NewApt.Worm - goal.exe || MCAFEE,10540 +787 || Virus - Possible NewApt.Worm - panther.exe || MCAFEE,10540 +788 || Virus - Possible NewApt.Worm - chestburst.exe || MCAFEE,10540 +789 || Virus - Possible NewApt.Worm - farter.exe || MCAFEE,1054 +790 || Virus - Possible Common Sense Worm +791 || Virus - Possible NewApt.Worm - cupid2.exe || MCAFEE,10540 +792 || Virus - Possible Resume Worm || MCAFEE,98661 +793 || VIRUS OUTBOUND .vbs file attachment +794 || Virus - Possible Resume Worm || MCAFEE,98661 +795 || Virus - Possible Worm - txt.vbs file +796 || Virus - Possible Worm - xls.vbs file +797 || Virus - Possible Worm - jpg.vbs file +798 || Virus - Possible Worm - gif.vbs file +799 || Virus - Possible Timofonica Worm || MCAFEE,98674 +800 || Virus - Possible Resume Worm || MCAFEE,98661 +801 || Virus - Possible Worm - doc.vbs file +802 || Virus - Possbile Zipped Files Trojan || MCAFEE,10450 +803 || WEB-CGI HyperSeek hsx.cgi directory traversal attempt || bugtraq,2314 || cve,2001-0253 || nessus,10602 +804 || WEB-CGI SWSoft ASPSeek Overflow attempt || bugtraq,2492 || cve,2001-0476 +805 || WEB-CGI webspeed access || arachnids,467 || bugtraq,969 || cve,2000-0127 || nessus,10304 +806 || WEB-CGI yabb directory traversal attempt || arachnids,462 || bugtraq,1668 || cve,2000-0853 +807 || WEB-CGI /wwwboard/passwd.txt access || arachnids,463 || bugtraq,649 || cve,1999-0953 || cve,1999-0954 || nessus,10321 +808 || WEB-CGI webdriver access || arachnids,473 || bugtraq,2166 || nessus,10592 +809 || WEB-CGI whois_raw.cgi arbitrary command execution attempt || arachnids,466 || bugtraq,304 || cve,1999-1063 || nessus,10306 +810 || WEB-CGI whois_raw.cgi access || arachnids,466 || bugtraq,304 || cve,1999-1063 || nessus,10306 +811 || WEB-CGI websitepro path access || arachnids,468 || bugtraq,932 || cve,2000-0066 +812 || WEB-CGI webplus version access || arachnids,470 || bugtraq,1102 || cve,2000-0282 +813 || WEB-CGI webplus directory traversal || arachnids,471 || bugtraq,1102 || cve,2000-0282 +815 || WEB-CGI websendmail access || arachnids,469 || bugtraq,2077 || cve,1999-0196 || nessus,10301 +817 || WEB-CGI dcboard.cgi invalid user addition attempt || bugtraq,2728 || cve,2001-0527 || nessus,10583 +818 || WEB-CGI dcforum.cgi access || bugtraq,2728 || cve,2001-0527 || nessus,10583 +819 || WEB-CGI mmstdod.cgi access || bugtraq,2063 || cve,2001-0021 || nessus,10566 +820 || WEB-CGI anaconda directory transversal attempt || bugtraq,2338 || bugtraq,2388 || cve,2000-0975 || cve,2001-0308 +821 || WEB-CGI imagemap.exe overflow attempt || arachnids,412 || bugtraq,739 || cve,1999-0951 || nessus,10122 +823 || WEB-CGI cvsweb.cgi access || bugtraq,1469 || cve,2000-0670 || nessus,10465 +824 || WEB-CGI php.cgi access || arachnids,232 || bugtraq,2250 || bugtraq,712 || cve,1999-0238 || cve,1999-058 || nessus,10178 +825 || WEB-CGI glimpse access || bugtraq,2026 || cve,1999-0147 || nessus,10095 +826 || WEB-CGI htmlscript access || bugtraq,2001 || cve,1999-0264 || nessus,10106 +827 || WEB-CGI info2www access || bugtraq,1995 || cve,1999-0266 || nessus,10127 +828 || WEB-CGI maillist.pl access +829 || WEB-CGI nph-test-cgi access || arachnids,224 || bugtraq,686 || cve,1999-0045 || nessus,10165 +830 || WEB-CGI NPH-publish access || cve,1999-1177 || nessus,10164 +832 || WEB-CGI perl.exe access || arachnids,219 || cve,1999-0509 || nessus,10173 || url,www.cert.org/advisories/CA-1996-11.html +833 || WEB-CGI rguest.exe access || bugtraq,2024 || cve,1999-0287 || cve,1999-0467 +834 || WEB-CGI rwwwshell.pl access || url,www.itsecurity.com/papers/p37.htm +835 || WEB-CGI test-cgi access || arachnids,218 || bugtraq,2003 || cve,1999-0070 || nessus,10282 +836 || WEB-CGI textcounter.pl access || bugtraq,2265 || cve,1999-1479 || nessus,11451 +837 || WEB-CGI uploader.exe access || cve,1999-0177 || nessus,10291 +838 || WEB-CGI webgais access || arachnids,472 || bugtraq,2058 || cve,1999-0176 || nessus,10300 +839 || WEB-CGI finger access || arachnids,221 || cve,1999-0612 || nessus,10071 +840 || WEB-CGI perlshop.cgi access || cve,1999-1374 +841 || WEB-CGI pfdisplay.cgi access || bugtraq,64 || cve,1999-0270 || nessus,10174 +842 || WEB-CGI aglimpse access || bugtraq,2026 || cve,1999-0147 || nessus,10095 +843 || WEB-CGI anform2 access || arachnids,225 || bugtraq,719 || cve,1999-0066 +844 || WEB-CGI args.bat access || cve,1999-1180 || nessus,11465 +845 || WEB-CGI AT-admin.cgi access || cve,1999-1072 +846 || WEB-CGI bnbform.cgi access || bugtraq,2147 || cve,1999-0937 +847 || WEB-CGI campas access || bugtraq,1975 || cve,1999-0146 || nessus,10035 +848 || WEB-CGI view-source directory traversal || bugtraq,2251 || bugtraq,8883 || cve,1999-0174 +849 || WEB-CGI view-source access || bugtraq,2251 || bugtraq,8883 || cve,1999-0174 +850 || WEB-CGI wais.pl access +851 || WEB-CGI files.pl access || cve,1999-1081 +852 || WEB-CGI wguest.exe access || bugtraq,2024 || cve,1999-0287 || cve,1999-0467 +853 || WEB-CGI wrap access || arachnids,234 || bugtraq,373 || cve,1999-0149 || nessus,10317 +854 || WEB-CGI classifieds.cgi access || bugtraq,2020 || cve,1999-0934 +855 || WEB-CGI edit.pl access || bugtraq,2713 +856 || WEB-CGI environ.cgi access +857 || WEB-CGI faxsurvey access || bugtraq,2056 || cve,1999-0262 || nessus,10067 +858 || WEB-CGI filemail access || cve,1999-1154 +859 || WEB-CGI man.sh access || bugtraq,2276 || cve,1999-1179 +860 || WEB-CGI snork.bat access || arachnids,220 || bugtraq,1053 || cve,2000-0169 +861 || WEB-CGI w3-msql access || arachnids,210 || bugtraq,591 || bugtraq,898 || cve,1999-0276 || cve,1999-0753 || cve,2000-0012 || nessus,10296 +862 || WEB-CGI csh access || cve,1999-0509 || url,www.cert.org/advisories/CA-1996-11.html +863 || WEB-CGI day5datacopier.cgi access || cve,1999-1232 +864 || WEB-CGI day5datanotifier.cgi access || cve,1999-1232 +865 || WEB-CGI ksh access || cve,1999-0509 || url,www.cert.org/advisories/CA-1996-11.html +866 || WEB-CGI post-query access || bugtraq,6752 || cve,2001-0291 +867 || WEB-CGI visadmin.exe access || bugtraq,1808 || cve,1999-0970 || cve,1999-1970 || nessus,10295 +868 || WEB-CGI rsh access || cve,1999-0509 || url,www.cert.org/advisories/CA-1996-11.html +869 || WEB-CGI dumpenv.pl access || cve,1999-1178 || nessus,10060 +870 || WEB-CGI snorkerz.cmd access +871 || WEB-CGI survey.cgi access || bugtraq,1817 || cve,1999-0936 +872 || WEB-CGI tcsh access || cve,1999-0509 || url,www.cert.org/advisories/CA-1996-11.html +873 || WEB-CGI scriptalias access || arachnids,227 || bugtraq,2300 || cve,1999-0236 +874 || WEB-CGI w3-msql solaris x86 access || arachnids,211 || cve,1999-0276 +875 || WEB-CGI win-c-sample.exe access || arachnids,231 || bugtraq,2078 || cve,1999-0178 || nessus,10008 +877 || WEB-CGI rksh access || cve,1999-0509 || url,www.cert.org/advisories/CA-1996-11.html +878 || WEB-CGI w3tvars.pm access +879 || WEB-CGI admin.pl access || bugtraq,3839 || url,online.securityfocus.com/archive/1/249355 +880 || WEB-CGI LWGate access || url,www.netspace.org/~dwb/lwgate/lwgate-history.html || url,www.wiretrip.net/rfp/p/doc.asp/i2/d6.htm +881 || WEB-CGI archie access +882 || WEB-CGI calendar access +883 || WEB-CGI flexform access || url,www.wiretrip.net/rfp/p/doc.asp/i2/d6.htm +884 || WEB-CGI formmail access || arachnids,226 || bugtraq,1187 || bugtraq,2079 || cve,1999-0172 || cve,2000-0411 || nessus,10076 || nessus,10782 +885 || WEB-CGI bash access || cve,1999-0509 || url,www.cert.org/advisories/CA-1996-11.html +886 || WEB-CGI phf access || arachnids,128 || bugtraq,629 || cve,1999-0067 +887 || WEB-CGI www-sql access || url,marc.theaimsgroup.com/?l=bugtraq&m=88704258804054&w=2 +888 || WEB-CGI wwwadmin.pl access +889 || WEB-CGI ppdscgi.exe access || bugtraq,491 || nessus,10187 || url,online.securityfocus.com/archive/1/16878 +890 || WEB-CGI sendform.cgi access || bugtraq,5286 || cve,2002-0710 || url,www.scn.org/help/sendform.txt +891 || WEB-CGI upload.pl access +892 || WEB-CGI AnyForm2 access || bugtraq,719 || cve,1999-0066 || nessus,10277 +893 || WEB-CGI MachineInfo access || cve,1999-1067 +894 || WEB-CGI bb-hist.sh access || bugtraq,142 || cve,1999-1462 || nessus,10025 +895 || WEB-CGI redirect access || bugtraq,1179 || cve,2000-0382 +896 || WEB-CGI way-board access || bugtraq,2370 || cve,2001-0214 || nessus,10610 +897 || WEB-CGI pals-cgi access || bugtraq,2372 || cve,2001-0216 || cve,2001-0217 || nessus,10611 +898 || WEB-CGI commerce.cgi access || bugtraq,2361 || cve,2001-0210 || nessus,10612 +899 || WEB-CGI Amaya templates sendtemp.pl directory traversal attempt || bugtraq,2504 || cve,2001-0272 +900 || WEB-CGI webspirs.cgi directory traversal attempt || bugtraq,2362 || cve,2001-0211 || nessus,10616 +901 || WEB-CGI webspirs.cgi access || bugtraq,2362 || cve,2001-0211 || nessus,10616 +902 || WEB-CGI tstisapi.dll access || bugtraq,2381 || cve,2001-0302 +903 || WEB-COLDFUSION cfcache.map access || bugtraq,917 || cve,2000-0057 +904 || WEB-COLDFUSION exampleapp application.cfm || bugtraq,1021 || cve,2000-0189 +905 || WEB-COLDFUSION application.cfm access || bugtraq,1021 || cve,2000-0189 +906 || WEB-COLDFUSION getfile.cfm access || bugtraq,229 || cve,1999-0800 +907 || WEB-COLDFUSION addcontent.cfm access +908 || WEB-COLDFUSION administrator access || bugtraq,1314 || cve,2000-0538 +909 || WEB-COLDFUSION datasource username attempt || bugtraq,550 +910 || WEB-COLDFUSION fileexists.cfm access || bugtraq,550 +911 || WEB-COLDFUSION exprcalc access || bugtraq,115 || bugtraq,550 || cve,1999-0455 +912 || WEB-COLDFUSION parks access || bugtraq,550 +913 || WEB-COLDFUSION cfappman access || bugtraq,550 +914 || WEB-COLDFUSION beaninfo access || bugtraq,550 +915 || WEB-COLDFUSION evaluate.cfm access || bugtraq,550 +916 || WEB-COLDFUSION getodbcdsn access || bugtraq,550 +917 || WEB-COLDFUSION db connections flush attempt || bugtraq,550 +918 || WEB-COLDFUSION expeval access || bugtraq,550 || cve,1999-0477 +919 || WEB-COLDFUSION datasource passwordattempt || bugtraq,550 +920 || WEB-COLDFUSION datasource attempt || bugtraq,550 +921 || WEB-COLDFUSION admin encrypt attempt || bugtraq,550 +922 || WEB-COLDFUSION displayfile access || bugtraq,550 +923 || WEB-COLDFUSION getodbcin attempt || bugtraq,550 +924 || WEB-COLDFUSION admin decrypt attempt || bugtraq,550 +925 || WEB-COLDFUSION mainframeset access || bugtraq,550 +926 || WEB-COLDFUSION set odbc ini attempt || bugtraq,550 +927 || WEB-COLDFUSION settings refresh attempt || bugtraq,550 +928 || WEB-COLDFUSION exampleapp access +929 || WEB-COLDFUSION CFUSION_VERIFYMAIL access || bugtraq,550 +930 || WEB-COLDFUSION snippets attempt || bugtraq,550 +931 || WEB-COLDFUSION cfmlsyntaxcheck.cfm access || bugtraq,550 +932 || WEB-COLDFUSION application.cfm access || arachnids,268 || bugtraq,550 || cve,2000-0189 +933 || WEB-COLDFUSION onrequestend.cfm access || arachnids,269 || bugtraq,550 || cve,2000-0189 +935 || WEB-COLDFUSION startstop DOS access || bugtraq,247 +936 || WEB-COLDFUSION gettempdirectory.cfm access || bugtraq,550 +937 || WEB-FRONTPAGE _vti_rpc access || bugtraq,2144 || cve,2001-0096 || nessus,10585 +939 || WEB-FRONTPAGE posting || bugtraq,2144 || cve,2001-0096 || nessus,10585 +940 || WEB-FRONTPAGE shtml.dll access || arachnids,292 || bugtraq,1174 || bugtraq,1594 || bugtraq,1595 || cve,2000-0413 || cve,2000-0746 || nessus,11395 || url,www.microsoft.com/technet/security/bulletin/ms00-060.mspx +941 || WEB-FRONTPAGE contents.htm access +942 || WEB-FRONTPAGE orders.htm access +943 || WEB-FRONTPAGE fpsrvadm.exe access +944 || WEB-FRONTPAGE fpremadm.exe access +945 || WEB-FRONTPAGE fpadmin.htm access +946 || WEB-FRONTPAGE fpadmcgi.exe access +947 || WEB-FRONTPAGE orders.txt access +948 || WEB-FRONTPAGE form_results access || cve,1999-1052 +949 || WEB-FRONTPAGE registrations.htm access +950 || WEB-FRONTPAGE cfgwiz.exe access +951 || WEB-FRONTPAGE authors.pwd access || bugtraq,989 || cve,1999-0386 || nessus,10078 +952 || WEB-FRONTPAGE author.exe access +953 || WEB-FRONTPAGE administrators.pwd access || bugtraq,1205 +954 || WEB-FRONTPAGE form_results.htm access || cve,1999-1052 +955 || WEB-FRONTPAGE access.cnf access || bugtraq,4078 || nessus,10575 +956 || WEB-FRONTPAGE register.txt access +957 || WEB-FRONTPAGE registrations.txt access +958 || WEB-FRONTPAGE service.cnf access || bugtraq,4078 || nessus,10575 +959 || WEB-FRONTPAGE service.pwd || bugtraq,1205 +960 || WEB-FRONTPAGE service.stp access +961 || WEB-FRONTPAGE services.cnf access || bugtraq,4078 || nessus,10575 +962 || WEB-FRONTPAGE shtml.exe access || bugtraq,1174 || bugtraq,1608 || bugtraq,5804 || cve,2000-0413 || cve,2000-0709 || cve,2002-0692 || nessus,10405 || nessus,11311 +963 || WEB-FRONTPAGE svcacl.cnf access || bugtraq,4078 || nessus,10575 +964 || WEB-FRONTPAGE users.pwd access +965 || WEB-FRONTPAGE writeto.cnf access || bugtraq,4078 || nessus,10575 +966 || WEB-FRONTPAGE .... request || arachnids,248 || bugtraq,989 || cve,1999-0386 || cve,2000-0153 || nessus,10142 +967 || WEB-FRONTPAGE dvwssr.dll access || arachnids,271 || bugtraq,1108 || bugtraq,1109 || cve,2000-0260 || url,www.microsoft.com/technet/security/bulletin/ms00-025.mspx +968 || WEB-FRONTPAGE register.htm access +969 || WEB-IIS WebDAV file lock attempt || bugtraq,2736 +970 || WEB-IIS multiple decode attempt || bugtraq,2708 || cve,2001-0333 || nessus,10671 +971 || WEB-IIS ISAPI .printer access || arachnids,533 || bugtraq,2674 || cve,2001-0241 || nessus,10661 +972 || WEB-IIS %2E-asp access || bugtraq,1814 || cve,1999-0253 +973 || WEB-IIS *.idc attempt || bugtraq,1448 || cve,1999-0874 || cve,2000-0661 +974 || WEB-IIS Directory transversal attempt || bugtraq,2218 || cve,1999-0229 +975 || WEB-IIS Alternate Data streams ASP file access attempt || bugtraq,149 || cve,1999-0278 || nessus,10362 || url,support.microsoft.com/default.aspx?scid=kb\ +976 || WEB-IIS .bat? access || bugtraq,2023 || cve,1999-0233 || url,support.microsoft.com/support/kb/articles/Q148/1/88.asp || url,support.microsoft.com/support/kb/articles/Q155/0/56.asp +977 || WEB-IIS .cnf access || bugtraq,4078 || nessus,10575 +978 || WEB-IIS ASP contents view || bugtraq,1084 || cve,2000-0302 || nessus,10356 +979 || WEB-IIS ASP contents view || bugtraq,1861 || cve,2000-0942 +980 || WEB-IIS CGImail.exe access || bugtraq,1623 || cve,2000-0726 +981 || WEB-IIS unicode directory traversal attempt || bugtraq,1806 || cve,2000-0884 || nessus,10537 +982 || WEB-IIS unicode directory traversal attempt || bugtraq,1806 || cve,2000-0884 || nessus,10537 +983 || WEB-IIS unicode directory traversal attempt || bugtraq,1806 || cve,2000-0884 || nessus,10537 +984 || WEB-IIS JET VBA access || bugtraq,307 || cve,1999-0874 || nessus,10116 +985 || WEB-IIS JET VBA access || bugtraq,286 || cve,1999-0874 +986 || WEB-IIS MSProxy access || url,support.microsoft.com/?kbid=331066 +987 || WEB-IIS .htr access || bugtraq,1488 || cve,2000-0630 || nessus,10680 +988 || WEB-IIS SAM Attempt || url,www.ciac.org/ciac/bulletins/h-45.shtml +989 || BACKDOOR sensepost.exe command shell attempt || nessus,11003 +990 || WEB-FRONTPAGE _vti_inf.html access || nessus,11455 +991 || WEB-IIS achg.htr access || bugtraq,2110 || cve,1999-0407 +992 || WEB-IIS adctest.asp access +993 || WEB-IIS iisadmin access || bugtraq,189 || cve,1999-1538 || nessus,11032 +994 || WEB-IIS /scripts/iisadmin/default.htm access +995 || WEB-IIS ism.dll access || bugtraq,189 || cve,1999-1538 || cve,2000-0630 +996 || WEB-IIS anot.htr access || bugtraq,2110 || cve,1999-0407 +997 || WEB-IIS asp-dot attempt || bugtraq,1814 || nessus,10363 +998 || WEB-IIS asp-srch attempt +999 || WEB-IIS bdir access || bugtraq,2280 +1000 || WEB-IIS bdir.htr access || bugtraq,2280 || nessus,10577 +1001 || WEB-MISC carbo.dll access || bugtraq,2126 || cve,1999-1069 +1002 || WEB-IIS cmd.exe access +1003 || WEB-IIS cmd? access +1004 || WEB-IIS codebrowser Exair access || cve,1999-0499 || cve,1999-0815 +1005 || WEB-IIS codebrowser SDK access || bugtraq,167 || cve,1999-0736 +1007 || WEB-IIS cross-site scripting attempt || bugtraq,119 || bugtraq,1594 || bugtraq,1595 || cve,2000-0746 || cve,2000-1104 || nessus,10572 +1008 || WEB-IIS del attempt +1009 || WEB-IIS directory listing || nessus,10573 +1010 || WEB-IIS encoding access || arachnids,200 || bugtraq,886 || cve,2000-0024 +1011 || WEB-IIS exec-src access +1012 || WEB-IIS fpcount attempt || bugtraq,2252 || cve,1999-1376 +1013 || WEB-IIS fpcount access || bugtraq,2252 || cve,1999-1376 +1015 || WEB-IIS getdrvs.exe access +1016 || WEB-IIS global.asa access || cve,2000-0778 || nessus,10491 || nessus,10991 +1017 || WEB-IIS idc-srch attempt || cve,1999-0874 +1018 || WEB-IIS iisadmpwd attempt || bugtraq,1191 || bugtraq,2110 || cve,2000-0304 +1019 || WEB-IIS index server file source code attempt || bugtraq,1084 || cve,2000-0302 || nessus,10356 +1020 || WEB-IIS isc$data attempt || bugtraq,307 || cve,1999-0874 || nessus,10116 +1021 || WEB-IIS ism.dll attempt || bugtraq,1193 || cve,2000-0457 || nessus,10680 +1022 || WEB-IIS jet vba access || bugtraq,286 || cve,1999-0874 +1023 || WEB-IIS msadcs.dll access || bugtraq,529 || cve,1999-1011 || nessus,10357 +1024 || WEB-IIS newdsn.exe access || bugtraq,1818 || cve,1999-0191 || nessus,10360 +1025 || WEB-IIS perl access +1026 || WEB-IIS perl-browse newline attempt || bugtraq,6833 +1027 || WEB-IIS perl-browse space attempt || bugtraq,6833 +1028 || WEB-IIS query.asp access || bugtraq,193 || cve,1999-0449 +1029 || WEB-IIS scripts-browse access || nessus,11032 +1030 || WEB-IIS search97.vts access || bugtraq,162 +1031 || WEB-IIS /SiteServer/Publishing/viewcode.asp access || nessus,10576 +1032 || WEB-IIS showcode access || nessus,10576 +1033 || WEB-IIS showcode access || nessus,10576 +1034 || WEB-IIS showcode access || nessus,10576 +1035 || WEB-IIS showcode access || nessus,10576 +1036 || WEB-IIS showcode access || nessus,10576 +1037 || WEB-IIS showcode.asp access || bugtraq,167 || cve,1999-0736 || nessus,10007 +1038 || WEB-IIS site server config access || bugtraq,256 || cve,1999-1520 +1039 || WEB-IIS srch.htm access +1040 || WEB-IIS srchadm access || nessus,11032 +1041 || WEB-IIS uploadn.asp access || bugtraq,1811 || cve,1999-0360 +1042 || WEB-IIS view source via translate header || arachnids,305 || bugtraq,1578 +1043 || WEB-IIS viewcode.asp access || cve,1999-0737 || nessus,10576 +1044 || WEB-IIS webhits access || arachnids,237 || bugtraq,950 || cve,2000-0097 +1045 || WEB-IIS Unauthorized IP Access Attempt +1046 || WEB-IIS site/iisamples access || nessus,10370 +1047 || WEB-MISC Netscape Enterprise DOS || bugtraq,2294 || cve,2001-0251 +1048 || WEB-MISC Netscape Enterprise directory listing attempt || bugtraq,2285 || cve,2001-0250 +1049 || WEB-MISC iPlanet ../../ DOS attempt || bugtraq,2282 || cve,2001-0252 +1050 || WEB-MISC iPlanet GETPROPERTIES attempt || bugtraq,2732 || cve,2001-0746 +1051 || WEB-CGI technote main.cgi file directory traversal attempt || bugtraq,2156 || cve,2001-0075 || nessus,10584 +1052 || WEB-CGI technote print.cgi directory traversal attempt || bugtraq,2156 || cve,2001-0075 || nessus,10584 +1053 || WEB-CGI ads.cgi command execution attempt || bugtraq,2103 || cve,2001-0025 || nessus,11464 +1054 || WEB-MISC weblogic/tomcat .jsp view source attempt || bugtraq,2527 +1055 || WEB-MISC Tomcat directory traversal attempt || bugtraq,2518 +1056 || WEB-MISC Tomcat view source attempt || bugtraq,2527 || cve,2001-0590 +1057 || WEB-MISC ftp attempt +1058 || WEB-MISC xp_enumdsn attempt +1059 || WEB-MISC xp_filelist attempt +1060 || WEB-MISC xp_availablemedia attempt +1061 || WEB-MISC xp_cmdshell attempt +1062 || WEB-MISC nc.exe attempt +1064 || WEB-MISC wsh attempt +1065 || WEB-MISC rcmd attempt +1066 || WEB-MISC telnet attempt +1067 || WEB-MISC net attempt +1068 || WEB-MISC tftp attempt +1069 || WEB-MISC xp_regread attempt +1070 || WEB-MISC WebDAV search access || arachnids,474 || bugtraq,1756 || cve,2000-0951 +1071 || WEB-MISC .htpasswd access +1072 || WEB-MISC Lotus Domino directory traversal || bugtraq,2173 || cve,2001-0009 || nessus,12248 +1073 || WEB-MISC webhits.exe access || bugtraq,950 || cve,2000-0097 +1075 || WEB-IIS postinfo.asp access || bugtraq,1811 || cve,1999-0360 +1076 || WEB-IIS repost.asp access || nessus,10372 +1077 || WEB-MISC queryhit.htm access || nessus,10370 +1078 || WEB-MISC counter.exe access || bugtraq,267 || cve,1999-1030 +1079 || WEB-MISC WebDAV propfind access || bugtraq,1656 || cve,2000-0869 +1080 || WEB-MISC unify eWave ServletExec upload || bugtraq,1868 || bugtraq,1876 || cve,2000-1024 || cve,2000-1025 || nessus,10570 +1081 || WEB-MISC Netscape Servers suite DOS || bugtraq,1868 || cve,2000-1025 +1082 || WEB-MISC amazon 1-click cookie theft || bugtraq,1194 || cve,2000-0439 +1083 || WEB-MISC unify eWave ServletExec DOS || bugtraq,1868 || cve,2000-1025 +1084 || WEB-MISC Allaire JRUN DOS attempt || bugtraq,2337 || cve,2000-1049 +1085 || WEB-PHP strings overflow || arachnids,431 || bugtraq,802 +1086 || WEB-PHP strings overflow || arachnids,430 || bugtraq,1786 || cve,2000-0967 +1087 || WEB-MISC whisker tab splice attack || arachnids,415 || url,www.wiretrip.net/rfp/pages/whitepapers/whiskerids.html +1088 || WEB-CGI eXtropia webstore directory traversal || bugtraq,1774 || cve,2000-1005 || nessus,10532 +1089 || WEB-CGI shopping cart directory traversal || bugtraq,1777 || cve,2000-0921 +1090 || WEB-CGI Allaire Pro Web Shell attempt +1091 || WEB-MISC ICQ Webfront HTTP DOS || bugtraq,1463 || cve,2000-1078 +1092 || WEB-CGI Armada Style Master Index directory traversal || bugtraq,1772 || cve,2000-0924 || nessus,10562 || url,www.synnergy.net/downloads/advisories/SLA-2000-16.masterindex.txt +1093 || WEB-CGI cached_feed.cgi moreover shopping cart directory traversal || bugtraq,1762 || cve,2000-0906 +1094 || WEB-CGI webstore directory traversal || bugtraq,1774 || cve,2000-1005 +1095 || WEB-MISC Talentsoft Web+ Source Code view access || bugtraq,1722 || url,archives.neohapsis.com/archives/ntbugtraq/2000-q3/0168.html +1096 || WEB-MISC Talentsoft Web+ internal IP Address access || bugtraq,1720 || url,archives.neohapsis.com/archives/ntbugtraq/2000-q3/0168.html +1097 || WEB-CGI Talentsoft Web+ exploit attempt || bugtraq,1725 +1098 || WEB-MISC SmartWin CyberOffice Shopping Cart access || bugtraq,1734 || cve,2000-0925 +1099 || WEB-MISC cybercop scan || arachnids,374 +1100 || WEB-MISC L3retriever HTTP Probe || arachnids,310 +1101 || WEB-MISC Webtrends HTTP probe || arachnids,309 +1102 || WEB-MISC nessus 1.X 404 probe || arachnids,301 +1103 || WEB-MISC Netscape admin passwd || bugtraq,1579 || nessus,10468 +1104 || WEB-MISC whisker space splice attack || arachnids,296 || url,www.wiretrip.net/rfp/pages/whitepapers/whiskerids.html +1105 || WEB-MISC BigBrother access || bugtraq,1455 || cve,2000-0638 || nessus,10460 +1106 || WEB-CGI Poll-it access || bugtraq,1431 || cve,2000-0590 || nessus,10459 +1107 || WEB-MISC ftp.pl access || bugtraq,1471 || cve,2000-0674 || nessus,10467 +1108 || WEB-MISC Tomcat server snoop access || bugtraq,1532 || cve,2000-0760 +1109 || WEB-MISC ROXEN directory list attempt || bugtraq,1510 || cve,2000-0671 +1110 || WEB-MISC apache source.asp file access || bugtraq,1457 || cve,2000-0628 || nessus,10480 +1111 || WEB-MISC Tomcat server exploit access || bugtraq,1548 || cve,2000-0672 || nessus,10477 +1112 || WEB-MISC http directory traversal || arachnids,298 +1113 || WEB-MISC http directory traversal || arachnids,297 +1114 || WEB-MISC prefix-get // +1115 || WEB-MISC ICQ webserver DOS || cve,1999-0474 || url,www.securiteam.com/exploits/2ZUQ1QAQOG.html +1116 || WEB-MISC Lotus DelDoc attempt +1117 || WEB-MISC Lotus EditDoc attempt || url,www.securiteam.com/exploits/5NP080A1RE.html +1118 || WEB-MISC ls%20-l +1119 || WEB-MISC mlog.phtml access || bugtraq,713 || cve,1999-0068 || cve,1999-0346 +1120 || WEB-MISC mylog.phtml access || bugtraq,713 || cve,1999-0068 || cve,1999-0346 +1121 || WEB-MISC O'Reilly args.bat access +1122 || WEB-MISC /etc/passwd +1123 || WEB-MISC ?PageServices access || bugtraq,1063 || bugtraq,7621 || cve,1999-0269 +1124 || WEB-MISC Ecommerce check.txt access +1125 || WEB-MISC webcart access || cve,1999-0610 || nessus,10298 +1126 || WEB-MISC AuthChangeUrl access || bugtraq,1191 || cve,2000-0304 +1127 || WEB-MISC convert.bas access || bugtraq,2025 || cve,1999-0175 +1128 || WEB-MISC cpshost.dll access || bugtraq,1811 || bugtraq,4002 || cve,1999-0360 +1129 || WEB-MISC .htaccess access +1130 || WEB-MISC .wwwacl access +1131 || WEB-MISC .wwwacl access +1132 || WEB-MISC Netscape Unixware overflow || arachnids,180 || bugtraq,908 || cve,1999-0744 +1133 || SCAN cybercop os probe || arachnids,145 +1134 || WEB-PHP Phorum admin access || arachnids,205 || bugtraq,2271 +1136 || WEB-MISC cd.. +1137 || WEB-PHP Phorum authentication access || arachnids,206 || bugtraq,2274 +1138 || WEB-MISC Cisco Web DOS attempt || arachnids,275 +1139 || WEB-MISC whisker HEAD/./ || url,www.wiretrip.net/rfp/pages/whitepapers/whiskerids.html +1140 || WEB-MISC guestbook.pl access || arachnids,228 || bugtraq,776 || cve,1999-0237 || cve,1999-1053 || nessus,10099 +1141 || WEB-MISC handler access || arachnids,235 || bugtraq,380 || cve,1999-0148 || nessus,10100 +1142 || WEB-MISC /.... access +1143 || WEB-MISC ///cgi-bin access || nessus,11032 +1144 || WEB-MISC /cgi-bin/// access || nessus,11032 +1145 || WEB-MISC /~root access +1146 || WEB-MISC Ecommerce import.txt access +1147 || WEB-MISC cat%20 access || bugtraq,374 || cve,1999-0039 +1148 || WEB-MISC Ecommerce import.txt access +1149 || WEB-CGI count.cgi access || bugtraq,128 || cve,1999-0021 || nessus,10049 +1150 || WEB-MISC Domino catalog.nsf access || nessus,10629 +1151 || WEB-MISC Domino domcfg.nsf access || nessus,10629 +1152 || WEB-MISC Domino domlog.nsf access || nessus,10629 +1153 || WEB-MISC Domino log.nsf access || nessus,10629 +1154 || WEB-MISC Domino names.nsf access || nessus,10629 +1155 || WEB-MISC Ecommerce checks.txt access || bugtraq,2281 +1156 || WEB-MISC apache directory disclosure attempt || bugtraq,2503 +1157 || WEB-MISC Netscape PublishingXpert access || cve,2000-1196 || nessus,10364 +1158 || WEB-MISC windmail.exe access || arachnids,465 || bugtraq,1073 || cve,2000-0242 || nessus,10365 +1159 || WEB-MISC webplus access || bugtraq,1174 || bugtraq,1720 || bugtraq,1722 || bugtraq,1725 || cve,2000-1005 +1160 || WEB-MISC Netscape dir index wp || arachnids,270 || bugtraq,1063 || cve,2000-0236 +1161 || WEB-PHP piranha passwd.php3 access || arachnids,272 || bugtraq,1149 || cve,2000-0322 +1162 || WEB-MISC cart 32 AdminPwd access || bugtraq,1153 || cve,2000-0429 +1163 || WEB-CGI webdist.cgi access || bugtraq,374 || cve,1999-0039 || nessus,10299 +1164 || WEB-MISC shopping cart access || bugtraq,1983 || bugtraq,2049 || cve,1999-0607 || cve,2000-1188 +1165 || WEB-MISC Novell Groupwise gwweb.exe access || bugtraq,879 || cve,1999-1005 || cve,1999-1006 || nessus,10877 +1166 || WEB-MISC ws_ftp.ini access || bugtraq,547 || cve,1999-1078 +1167 || WEB-MISC rpm_query access || bugtraq,1036 || cve,2000-0192 || nessus,10340 +1168 || WEB-MISC mall log order access || bugtraq,2266 || cve,1999-0606 +1171 || WEB-MISC whisker HEAD with large datagram || url,www.wiretrip.net/rfp/pages/whitepapers/whiskerids.html +1172 || WEB-CGI bigconf.cgi access || bugtraq,778 || cve,1999-1550 || nessus,10027 +1173 || WEB-MISC architext_query.pl access || bugtraq,2248 || cve,1999-0279 || nessus,10064 || url,www2.fedcirc.gov/alerts/advisories/1998/txt/fedcirc.98.03.txt +1174 || WEB-CGI /cgi-bin/jj access || bugtraq,2002 || cve,1999-0260 || nessus,10131 +1175 || WEB-MISC wwwboard.pl access || bugtraq,1795 || bugtraq,649 || cve,1999-0930 || cve,1999-0954 +1176 || WEB-MISC order.log access +1177 || WEB-MISC Netscape Enterprise Server directory view || bugtraq,1063 +1178 || WEB-PHP Phorum read access || arachnids,208 +1179 || WEB-PHP Phorum violation access || arachnids,209 || bugtraq,2272 +1180 || WEB-MISC get32.exe access || arachnids,258 || bugtraq,1485 || bugtraq,770 || cve,1999-0885 || nessus,10011 +1181 || WEB-MISC Annex Terminal DOS attempt || arachnids,260 || cve,1999-1070 || nessus,10017 +1182 || WEB-MISC cgitest.exe attempt || arachnids,265 || bugtraq,1313 || bugtraq,3885 || cve,2000-0521 || cve,2002-0128 || nessus,10040 || nessus,10623 +1183 || WEB-MISC Netscape Enterprise Server directory view || bugtraq,1063 || cve,2000-0236 || nessus,10352 +1184 || WEB-MISC Netscape Enterprise Server directory view || bugtraq,1063 || cve,2000-0236 +1185 || WEB-CGI bizdbsearch attempt || bugtraq,1104 || cve,2000-0287 || nessus,10383 +1186 || WEB-MISC Netscape Enterprise Server directory view || bugtraq,1063 +1187 || WEB-MISC SalesLogix Eviewer web command attempt || bugtraq,1078 || bugtraq,1089 || cve,2000-0278 || cve,2000-0289 +1188 || WEB-MISC Netscape Enterprise Server directory view || bugtraq,1063 +1189 || WEB-MISC Netscape Enterprise Server directory view || bugtraq,1063 +1190 || WEB-MISC Netscape Enterprise Server directory view || bugtraq,1063 +1191 || WEB-MISC Netscape Enterprise Server directory view || bugtraq,1063 +1192 || WEB-MISC Trend Micro OfficeScan access || bugtraq,1057 +1193 || WEB-MISC oracle web arbitrary command execution attempt || bugtraq,1053 || cve,2000-0169 || nessus,10348 +1194 || WEB-CGI sojourn.cgi File attempt || bugtraq,1052 || cve,2000-0180 || nessus,10349 +1195 || WEB-CGI sojourn.cgi access || bugtraq,1052 || cve,2000-0180 || nessus,10349 +1196 || WEB-CGI SGI InfoSearch fname attempt || arachnids,290 || bugtraq,1031 || cve,2000-0207 +1197 || WEB-PHP Phorum code access || arachnids,207 +1198 || WEB-MISC Netscape Enterprise Server directory view || bugtraq,1063 +1199 || WEB-MISC Compaq Insight directory traversal || arachnids,244 || bugtraq,282 || cve,1999-0771 +1200 || ATTACK-RESPONSES Invalid URL || url,www.microsoft.com/technet/security/bulletin/MS00-063.mspx +1201 || ATTACK-RESPONSES 403 Forbidden +1202 || WEB-MISC search.vts access || bugtraq,162 +1204 || WEB-CGI ax-admin.cgi access +1205 || WEB-CGI axs.cgi access +1206 || WEB-CGI cachemgr.cgi access || bugtraq,2059 || cve,1999-0710 || nessus,10034 +1207 || WEB-MISC htgrep access || cve,2000-0832 +1208 || WEB-CGI responder.cgi access || bugtraq,3155 +1209 || WEB-MISC .nsconfig access +1211 || WEB-CGI web-map.cgi access +1212 || WEB-MISC Admin_files access +1213 || WEB-MISC backup access +1214 || WEB-MISC intranet access || nessus,11626 +1215 || WEB-CGI ministats admin access +1216 || WEB-MISC filemail access || cve,1999-1154 || cve,1999-1155 || url,www.securityfocus.com/archive/1/11175 +1217 || WEB-MISC plusmail access || bugtraq,2653 || cve,2000-0074 || nessus,10181 +1218 || WEB-MISC adminlogin access || bugtraq,1164 || bugtraq,1175 || nessus,11748 +1219 || WEB-CGI dfire.cgi access || bugtraq,0564 || bugtraq,564 || cve,1999-0913 +1220 || WEB-MISC ultraboard access || bugtraq,1164 || bugtraq,1175 || nessus,11748 +1221 || WEB-MISC musicat empower access || bugtraq,2374 || cve,2001-0224 || nessus,10609 +1222 || WEB-CGI pals-cgi arbitrary file access attempt || bugtraq,2372 || cve,2001-0217 || nessus,10611 +1224 || WEB-MISC ROADS search.pl attempt || bugtraq,2371 || cve,2001-0215 || nessus,10627 +1225 || X11 MIT Magic Cookie detected || arachnids,396 +1226 || X11 xopen || arachnids,395 +1227 || X11 outbound client connection detected || arachnids,126 +1228 || SCAN nmap XMAS || arachnids,30 +1229 || FTP CWD ... || bugtraq,9237 +1230 || WEB-MISC VirusWall FtpSave access || bugtraq,2808 || cve,2001-0432 || nessus,10733 +1231 || WEB-MISC VirusWall catinfo access || bugtraq,2579 || bugtraq,2808 || cve,2001-0432 || nessus,10650 +1232 || WEB-MISC VirusWall catinfo access || bugtraq,2579 || bugtraq,2808 || cve,2001-0432 || nessus,10650 +1233 || WEB-CLIENT Outlook EML access || nessus,10767 +1234 || WEB-MISC VirusWall FtpSaveCSP access || bugtraq,2808 || cve,2001-0432 || nessus,10733 +1235 || WEB-MISC VirusWall FtpSaveCVP access || bugtraq,2808 || cve,2001-0432 || nessus,10733 +1236 || WEB-MISC Tomcat sourecode view +1237 || WEB-MISC Tomcat sourecode view +1238 || WEB-MISC Tomcat sourecode view +1239 || NETBIOS RFParalyze Attempt || bugtraq,1163 || cve,2000-0347 || nessus,10392 +1240 || EXPLOIT MDBMS overflow || bugtraq,1252 || cve,2000-0446 +1241 || WEB-MISC SWEditServlet directory traversal attempt || bugtraq,2868 || cve,2001-0555 +1242 || WEB-IIS ISAPI .ida access || arachnids,552 || bugtraq,1065 || cve,2000-0071 +1243 || WEB-IIS ISAPI .ida attempt || arachnids,552 || bugtraq,1065 || cve,2000-0071 +1244 || WEB-IIS ISAPI .idq attempt || arachnids,553 || bugtraq,1065 || bugtraq,968 || cve,2000-0071 || cve,2000-0126 || nessus,10115 +1245 || WEB-IIS ISAPI .idq access || arachnids,553 || bugtraq,1065 || cve,2000-0071 +1246 || WEB-FRONTPAGE rad overflow attempt || arachnids,555 || bugtraq,2906 || cve,2001-0341 || url,www.microsoft.com/technet/security/bulletin/MS01-035.mspx +1247 || WEB-FRONTPAGE rad overflow attempt || bugtraq,2906 || cve,2001-0341 +1248 || WEB-FRONTPAGE rad fp30reg.dll access || arachnids,555 || bugtraq,2906 || cve,2001-0341 || url,www.microsoft.com/technet/security/bulletin/MS01-035.mspx +1249 || WEB-FRONTPAGE frontpage rad fp4areg.dll access || bugtraq,2906 || cve,2001-0341 +1250 || WEB-MISC Cisco IOS HTTP configuration attempt || bugtraq,2936 || cve,2001-0537 +1251 || INFO TELNET Bad Login +1252 || TELNET bsd telnet exploit response || bugtraq,3064 || cve,2001-0554 || nessus,10709 +1253 || TELNET bsd exploit client finishing || bugtraq,3064 || cve,2001-0554 || nessus,10709 +1254 || WEB-PHP PHPLIB remote command attempt || bugtraq,3079 || cve,2001-1370 +1255 || WEB-PHP PHPLIB remote command attempt || bugtraq,3079 || cve,2001-1370 +1256 || WEB-IIS CodeRed v2 root.exe access || url,www.cert.org/advisories/CA-2001-19.html +1257 || DOS Winnuke attack || bugtraq,2010 || cve,1999-0153 +1258 || WEB-MISC HP OpenView Manager DOS || bugtraq,2845 || cve,2001-0552 +1259 || WEB-MISC SWEditServlet access || bugtraq,2868 +1260 || WEB-MISC long basic authorization string || bugtraq,3230 || cve,2001-1067 +1261 || EXPLOIT AIX pdnsd overflow || bugtraq,3237 || bugtraq,590 || cve,1999-0745 +1262 || RPC portmap admind request TCP || arachnids,18 +1263 || RPC portmap amountd request TCP || arachnids,19 +1264 || RPC portmap bootparam request TCP || arachnids,16 || cve,1999-0647 +1265 || RPC portmap cmsd request TCP || arachnids,17 +1266 || RPC portmap mountd request TCP || arachnids,13 +1267 || RPC portmap nisd request TCP || arachnids,21 +1268 || RPC portmap pcnfsd request TCP || arachnids,22 +1269 || RPC portmap rexd request TCP || arachnids,23 +1270 || RPC portmap rstatd request TCP || arachnids,10 +1271 || RPC portmap rusers request TCP || arachnids,133 || cve,1999-0626 +1272 || RPC portmap sadmind request TCP || arachnids,20 +1273 || RPC portmap selection_svc request TCP || arachnids,25 +1274 || RPC portmap ttdbserv request TCP || arachnids,24 || bugtraq,122 || bugtraq,3382 || cve,1999-0003 || cve,1999-0687 || cve,1999-1075 || cve,2001-0717 || url,www.cert.org/advisories/CA-2001-05.html +1275 || RPC portmap yppasswd request TCP || arachnids,14 +1276 || RPC portmap ypserv request TCP || arachnids,12 || bugtraq,5914 || bugtraq,6016 || cve,2000-1042 || cve,2000-1043 || cve,2002-1232 +1277 || RPC portmap ypupdated request UDP || arachnids,125 +1278 || RPC rstatd query || arachnids,9 +1279 || RPC portmap snmpXdmi request UDP || bugtraq,2417 || cve,2001-0236 || url,www.cert.org/advisories/CA-2001-05.html +1280 || RPC portmap listing UDP 111 || arachnids,428 +1281 || RPC portmap listing UDP 32771 || arachnids,429 +1282 || RPC EXPLOIT statdx || arachnids,442 +1283 || WEB-IIS outlook web dos || bugtraq,3223 +1284 || WEB-CLIENT readme.eml download attempt || url,www.cert.org/advisories/CA-2001-26.html +1285 || WEB-IIS msdac access || nessus,11032 +1286 || WEB-IIS _mem_bin access || nessus,11032 +1287 || WEB-IIS scripts access +1288 || WEB-FRONTPAGE /_vti_bin/ access || nessus,11032 +1289 || TFTP GET Admin.dll || url,www.cert.org/advisories/CA-2001-26.html +1290 || WEB-CLIENT readme.eml autoload attempt || url,www.cert.org/advisories/CA-2001-26.html +1291 || WEB-MISC sml3com access || bugtraq,2721 || cve,2001-0740 +1292 || ATTACK-RESPONSES directory listing +1293 || NETBIOS nimda .eml || url,www.f-secure.com/v-descs/nimda.shtml +1294 || NETBIOS nimda .nws || url,www.f-secure.com/v-descs/nimda.shtml +1295 || NETBIOS nimda RICHED20.DLL || url,www.f-secure.com/v-descs/nimda.shtml +1296 || RPC portmap request yppasswdd || bugtraq,2763 +1297 || RPC portmap request yppasswdd || bugtraq,2763 +1298 || RPC portmap tooltalk request TCP || bugtraq,3382 || cve,1999-0003 || cve,1999-0687 || cve,1999-1075 || cve,2001-0717 || url,www.cert.org/advisories/CA-2001-05.html +1299 || RPC portmap tooltalk request UDP || bugtraq,3382 || cve,1999-0003 || cve,1999-0687 || cve,1999-1075 || cve,2001-0717 || url,www.cert.org/advisories/CA-2001-05.html +1300 || WEB-PHP admin.php file upload attempt || bugtraq,3361 || cve,2001-1032 +1301 || WEB-PHP admin.php access || bugtraq,3361 || bugtraq,7532 || bugtraq,9270 || cve,2001-1032 +1302 || WEB-MISC console.exe access || bugtraq,3375 || cve,2001-1252 +1303 || WEB-MISC cs.exe access || bugtraq,3375 || cve,2001-1252 +1304 || WEB-CGI txt2html.cgi access +1305 || WEB-CGI txt2html.cgi directory traversal attempt +1306 || WEB-CGI store.cgi product directory traversal attempt || bugtraq,2385 || cve,2001-0305 +1307 || WEB-CGI store.cgi access || bugtraq,2385 || cve,2001-0305 || nessus,10639 +1308 || WEB-CGI sendmessage.cgi access || bugtraq,3673 || cve,2001-1100 +1309 || WEB-CGI zsh access || cve,1999-0509 || url,www.cert.org/advisories/CA-1996-11.html +1321 || BAD-TRAFFIC 0 ttl || url,support.microsoft.com/default.aspx?scid=kb\ || url,www.isi.edu/in-notes/rfc1122.txt +1322 || BAD-TRAFFIC bad frag bits +1323 || EXPLOIT rwhoisd format string attempt || bugtraq,3474 || cve,2001-0838 +1324 || EXPLOIT ssh CRC32 overflow /bin/sh || bugtraq,2347 || cve,2001-0144 || cve,2001-0572 +1325 || EXPLOIT ssh CRC32 overflow filler || bugtraq,2347 || cve,2001-0144 || cve,2001-0572 +1326 || EXPLOIT ssh CRC32 overflow NOOP || bugtraq,2347 || cve,2001-0144 || cve,2001-0572 +1327 || EXPLOIT ssh CRC32 overflow || bugtraq,2347 || cve,2001-0144 || cve,2001-0572 +1328 || WEB-ATTACKS /bin/ps command attempt +1329 || WEB-ATTACKS ps command attempt +1330 || WEB-ATTACKS wget command attempt || bugtraq,10361 +1331 || WEB-ATTACKS uname -a command attempt +1332 || WEB-ATTACKS /usr/bin/id command attempt +1333 || WEB-ATTACKS id command attempt +1334 || WEB-ATTACKS echo command attempt +1335 || WEB-ATTACKS kill command attempt +1336 || WEB-ATTACKS chmod command attempt +1337 || WEB-ATTACKS chgrp command attempt +1338 || WEB-ATTACKS chown command attempt +1339 || WEB-ATTACKS chsh command attempt +1340 || WEB-ATTACKS tftp command attempt +1341 || WEB-ATTACKS /usr/bin/gcc command attempt +1342 || WEB-ATTACKS gcc command attempt +1343 || WEB-ATTACKS /usr/bin/cc command attempt +1344 || WEB-ATTACKS cc command attempt +1345 || WEB-ATTACKS /usr/bin/cpp command attempt +1346 || WEB-ATTACKS cpp command attempt +1347 || WEB-ATTACKS /usr/bin/g++ command attempt +1348 || WEB-ATTACKS g++ command attempt +1349 || WEB-ATTACKS bin/python access attempt +1350 || WEB-ATTACKS python access attempt +1351 || WEB-ATTACKS bin/tclsh execution attempt +1352 || WEB-ATTACKS tclsh execution attempt +1353 || WEB-ATTACKS bin/nasm command attempt +1354 || WEB-ATTACKS nasm command attempt +1355 || WEB-ATTACKS /usr/bin/perl execution attempt +1356 || WEB-ATTACKS perl execution attempt +1357 || WEB-ATTACKS nt admin addition attempt +1358 || WEB-ATTACKS traceroute command attempt +1359 || WEB-ATTACKS ping command attempt +1360 || WEB-ATTACKS netcat command attempt +1361 || WEB-ATTACKS nmap command attempt +1362 || WEB-ATTACKS xterm command attempt +1363 || WEB-ATTACKS X application to remote host attempt +1364 || WEB-ATTACKS lsof command attempt +1365 || WEB-ATTACKS rm command attempt +1366 || WEB-ATTACKS mail command attempt +1367 || WEB-ATTACKS mail command attempt +1368 || WEB-ATTACKS /bin/ls| command attempt +1369 || WEB-ATTACKS /bin/ls command attempt +1370 || WEB-ATTACKS /etc/inetd.conf access +1371 || WEB-ATTACKS /etc/motd access +1372 || WEB-ATTACKS /etc/shadow access +1373 || WEB-ATTACKS conf/httpd.conf attempt +1374 || WEB-MISC .htgroup access +1375 || WEB-MISC sadmind worm access || url,www.cert.org/advisories/CA-2001-11.html +1376 || WEB-MISC jrun directory browse attempt || bugtraq,3592 +1377 || FTP wu-ftp bad file completion attempt [ || bugtraq,3581 || bugtraq,3707 || cve,2001-0550 || cve,2001-0886 +1378 || FTP wu-ftp bad file completion attempt { || bugtraq,3581 || bugtraq,3707 || cve,2001-0550 || cve,2001-0886 +1379 || FTP STAT overflow attempt || bugtraq,3507 || bugtraq,8542 || cve,2001-0325 || cve,2001-1021 || url,labs.defcom.com/adv/2001/def-2001-31.txt +1380 || WEB-IIS cross-site scripting attempt || bugtraq,119 || bugtraq,1594 || bugtraq,1595 || cve,2000-0746 || cve,2000-1104 || nessus,10572 +1381 || WEB-MISC Trend Micro OfficeScan attempt || bugtraq,1057 +1382 || EXPLOIT CHAT IRC Ettercap parse overflow attempt || url,www.bugtraq.org/dev/GOBBLES-12.txt +1383 || P2P Fastrack kazaa/morpheus GET request || url,www.kazaa.com || url,www.musiccity.com/technology.htm +1384 || MISC UPnP malformed advertisement || bugtraq,3723 || cve,2001-0876 || cve,2001-0877 || url,www.microsoft.com/technet/security/bulletin/MS01-059.mspx +1385 || WEB-MISC mod-plsql administration access || bugtraq,3726 || bugtraq,3727 || cve,2001-1216 || cve,2001-1217 || nessus,10849 +1386 || MS-SQL/SMB raiserror possible buffer overflow || bugtraq,3733 || cve,2001-0542 || url,www.microsoft.com/technet/security/bulletin/MS01-060.mspx +1387 || MS-SQL raiserror possible buffer overflow || bugtraq,3733 || cve,2001-0542 || nessus,11217 +1388 || MISC UPnP Location overflow || bugtraq,3723 || cve,2001-0876 +1389 || WEB-MISC viewcode.jse access || bugtraq,3715 +1390 || SHELLCODE x86 inc ebx NOOP +1391 || WEB-MISC Phorecast remote code execution attempt || bugtraq,3388 || cve,2001-1049 +1392 || WEB-CGI lastlines.cgi access || bugtraq,3754 || bugtraq,3755 || cve,2001-1205 || cve,2001-1206 +1393 || MISC AIM AddGame attempt || bugtraq,3769 || cve,2002-0005 || url,www.w00w00.org/files/w00aimexp/ +1394 || SHELLCODE x86 NOOP +1395 || WEB-CGI zml.cgi attempt || bugtraq,3759 || cve,2001-1209 +1396 || WEB-CGI zml.cgi access || bugtraq,3759 || cve,2001-1209 +1397 || WEB-CGI wayboard attempt || bugtraq,2370 || cve,2001-0214 +1398 || EXPLOIT CDE dtspcd exploit attempt || bugtraq,3517 || cve,2001-0803 || url,www.cert.org/advisories/CA-2002-01.html +1399 || WEB-PHP PHP-Nuke remote file include attempt || bugtraq,3889 || cve,2002-0206 +1400 || WEB-IIS /scripts/samples/ access || nessus,10370 +1401 || WEB-IIS /msadc/samples/ access || bugtraq,167 || cve,1999-0736 || nessus,1007 +1402 || WEB-IIS iissamples access || nessus,11032 +1403 || WEB-MISC viewcode access || cve,1999-0737 || nessus,10576 || nessus,12048 +1404 || WEB-MISC showcode access || bugtraq,167 || cve,1999-0736 || nessus,10007 +1405 || WEB-CGI AHG search.cgi access || bugtraq,3985 +1406 || WEB-CGI agora.cgi access || bugtraq,3702 || bugtraq,3976 || cve,2001-1199 || cve,2002-0215 || nessus,10836 +1407 || WEB-PHP smssend.php access || bugtraq,3982 || cve,2002-0220 +1408 || DOS MSDTC attempt || bugtraq,4006 || cve,2002-0224 || nessus,10939 +1409 || SNMP community string buffer overflow attempt || bugtraq,4088 || bugtraq,4089 || bugtraq,4132 || cve,2002-0012 || cve,2002-0013 || url,www.cert.org/advisories/CA-2002-03.html +1410 || WEB-CGI dcboard.cgi access || bugtraq,2728 || cve,2001-0527 || nessus,10583 +1411 || SNMP public access udp || bugtraq,2112 || bugtraq,4088 || bugtraq,4089 || cve,1999-0517 || cve,2002-0012 || cve,2002-0013 +1412 || SNMP public access tcp || bugtraq,2112 || bugtraq,4088 || bugtraq,4089 || bugtraq,7212 || cve,1999-0517 || cve,2002-0012 || cve,2002-0013 +1413 || SNMP private access udp || bugtraq,4088 || bugtraq,4089 || bugtraq,4132 || bugtraq,7212 || cve,2002-0012 || cve,2002-0013 +1414 || SNMP private access tcp || bugtraq,4088 || bugtraq,4089 || bugtraq,4132 || cve,2002-0012 || cve,2002-0013 +1415 || SNMP Broadcast request || bugtraq,4088 || bugtraq,4089 || bugtraq,4132 || cve,2002-0012 || cve,2002-0013 +1416 || SNMP broadcast trap || bugtraq,4088 || bugtraq,4089 || bugtraq,4132 || cve,2002-0012 || cve,2002-0013 +1417 || SNMP request udp || bugtraq,4088 || bugtraq,4089 || bugtraq,4132 || cve,2002-0012 || cve,2002-0013 +1418 || SNMP request tcp || bugtraq,4088 || bugtraq,4089 || bugtraq,4132 || cve,2002-0012 || cve,2002-0013 +1419 || SNMP trap udp || bugtraq,4088 || bugtraq,4089 || bugtraq,4132 || cve,2002-0012 || cve,2002-0013 +1420 || SNMP trap tcp || bugtraq,4088 || bugtraq,4089 || bugtraq,4132 || cve,2002-0012 || cve,2002-0013 +1421 || SNMP AgentX/tcp request || bugtraq,4088 || bugtraq,4089 || bugtraq,4132 || cve,2002-0012 || cve,2002-0013 +1422 || SNMP community string buffer overflow attempt with evasion || bugtraq,4088 || bugtraq,4089 || bugtraq,4132 || cve,2002-0012 || cve,2002-0013 || url,www.cert.org/advisories/CA-2002-03.html +1423 || WEB-PHP content-disposition memchr overflow || bugtraq,4183 || cve,2002-0081 || nessus,10867 +1424 || SHELLCODE x86 0xEB0C NOOP +1425 || WEB-PHP content-disposition || bugtraq,4183 || cve,2002-0081 || nessus,10867 +1426 || SNMP PROTOS test-suite-req-app attempt || url,www.ee.oulu.fi/research/ouspg/protos/testing/c06/snmpv1/index.html +1427 || SNMP PROTOS test-suite-trap-app attempt || url,www.ee.oulu.fi/research/ouspg/protos/testing/c06/snmpv1/index.html +1428 || MULTIMEDIA audio galaxy keepalive +1429 || POLICY poll.gotomypc.com access || url,www.gotomypc.com/help2.tmpl +1430 || TELNET Solaris memory mismanagement exploit attempt +1431 || BAD-TRAFFIC syn to multicast address +1432 || P2P GNUTella client request +1433 || WEB-MISC .history access +1434 || WEB-MISC .bash_history access || bugtraq,337 || cve,1999-0408 +1435 || DNS named authors attempt || arachnids,480 || nessus,10728 +1436 || MULTIMEDIA Quicktime User Agent access +1437 || MULTIMEDIA Windows Media download +1438 || MULTIMEDIA Windows Media Video download +1439 || MULTIMEDIA Shoutcast playlist redirection +1440 || MULTIMEDIA Icecast playlist redirection +1441 || TFTP GET nc.exe +1442 || TFTP GET shadow +1443 || TFTP GET passwd +1444 || TFTP Get +1445 || POLICY FTP file_id.diz access possible warez site +1446 || SMTP vrfy root +1447 || MISC MS Terminal server request RDP || bugtraq,3099 || cve,2001-0540 +1448 || MISC MS Terminal server request || bugtraq,3099 || cve,2001-0540 || url,www.microsoft.com/technet/security/bulletin/MS01-040.mspx +1449 || POLICY FTP anonymous ftp login attempt +1450 || SMTP expn *@ || cve,1999-1200 +1451 || WEB-CGI NPH-publish access || bugtraq,2563 || cve,2001-0400 +1452 || WEB-CGI args.cmd access || cve,1999-1180 || nessus,11465 +1453 || WEB-CGI AT-generated.cgi access || cve,1999-1072 +1454 || WEB-CGI wwwwais access || cve,2001-0223 || nessus,10597 +1455 || WEB-CGI calender.pl access || cve,2000-0432 +1456 || WEB-CGI calender_admin.pl access || cve,2000-0432 +1457 || WEB-CGI user_update_admin.pl access || bugtraq,1486 || cve,2000-0627 +1458 || WEB-CGI user_update_passwd.pl access || bugtraq,1486 || cve,2000-0627 +1459 || WEB-CGI bb-histlog.sh access || bugtraq,142 || cve,1999-1462 || nessus,10025 +1460 || WEB-CGI bb-histsvc.sh access || bugtraq,142 || cve,1999-1462 +1461 || WEB-CGI bb-rep.sh access || bugtraq,142 || cve,1999-1462 +1462 || WEB-CGI bb-replog.sh access || bugtraq,142 || cve,1999-1462 +1463 || CHAT IRC message +1464 || ATTACK-RESPONSES oracle one hour install || nessus,10737 +1465 || WEB-CGI auktion.cgi access || bugtraq,2367 || cve,2001-0212 || nessus,10638 +1466 || WEB-CGI cgiforum.pl access || bugtraq,1963 || cve,2000-1171 || nessus,10552 +1467 || WEB-CGI directorypro.cgi access || bugtraq,2793 || cve,2001-0780 +1468 || WEB-CGI Web Shopper shopper.cgi attempt || bugtraq,1776 || cve,2000-0922 +1469 || WEB-CGI Web Shopper shopper.cgi access || bugtraq,1776 || cve,2000-0922 +1470 || WEB-CGI listrec.pl access || bugtraq,3328 || cve,2001-0997 +1471 || WEB-CGI mailnews.cgi access || bugtraq,2391 || cve,2001-0271 || nessus,10641 +1472 || WEB-CGI book.cgi access || bugtraq,3178 || cve,2001-1114 || nessus,10721 +1473 || WEB-CGI newsdesk.cgi access || bugtraq,2172 || cve,2001-0232 +1474 || WEB-CGI cal_make.pl access || bugtraq,2663 || cve,2001-0463 || nessus,10664 +1475 || WEB-CGI mailit.pl access || nessus,10417 +1476 || WEB-CGI sdbsearch.cgi access || cve,2001-1130 || nessus,10503 || nessus,10720 +1477 || WEB-CGI swc attempt +1478 || WEB-CGI swc access || nessus,10493 +1479 || WEB-CGI ttawebtop.cgi arbitrary file attempt || bugtraq,2890 || cve,2001-0805 || nessus,10696 +1480 || WEB-CGI ttawebtop.cgi access || bugtraq,2890 || cve,2001-0805 || nessus,10696 +1481 || WEB-CGI upload.cgi access || nessus,10290 +1482 || WEB-CGI view_source access || bugtraq,2251 || cve,1999-0174 || nessus,10294 +1483 || WEB-CGI ustorekeeper.pl access || cve,2001-0466 || nessus,10646 +1484 || WEB-IIS /isapi/tstisapi.dll access || bugtraq,2381 || cve,2001-0302 +1485 || WEB-IIS mkilog.exe access || nessus,10359 +1486 || WEB-IIS ctss.idc access || nessus,10359 +1487 || WEB-IIS /iisadmpwd/aexp2.htr access || bugtraq,2110 || bugtraq,4236 || cve,1999-0407 || cve,2002-0421 || nessus,10371 +1488 || WEB-CGI store.cgi directory traversal attempt || bugtraq,2385 || cve,2001-0305 || nessus,10639 +1489 || WEB-MISC /~nobody access || nessus,10484 +1490 || WEB-PHP Phorum /support/common.php attempt || bugtraq,1997 +1491 || WEB-PHP Phorum /support/common.php access || bugtraq,1997 || bugtraq,9361 +1492 || WEB-MISC RBS ISP /newuser directory traversal attempt || bugtraq,1704 || cve,2000-1036 || nessus,10521 +1493 || WEB-MISC RBS ISP /newuser access || bugtraq,1704 || cve,2000-1036 || nessus,10521 +1494 || WEB-CGI SIX webboard generate.cgi attempt || bugtraq,3175 || cve,2001-1115 || nessus,10725 +1495 || WEB-CGI SIX webboard generate.cgi access || bugtraq,3175 || cve,2001-1115 +1496 || WEB-CGI spin_client.cgi access || nessus,10393 +1497 || WEB-MISC cross site scripting attempt +1498 || WEB-MISC PIX firewall manager directory traversal attempt || bugtraq,691 || cve,1999-0158 || nessus,10819 +1499 || WEB-MISC SiteScope Service access || nessus,10778 +1500 || WEB-MISC ExAir access || bugtraq,193 || cve,1999-0449 || nessus,10002 || nessus,10003 || nessus,10004 +1501 || WEB-CGI a1stats a1disp3.cgi directory traversal attempt || bugtraq,2705 || cve,2001-0561 || nessus,10669 +1502 || WEB-CGI a1stats a1disp3.cgi access || bugtraq,2705 || cve,2001-0561 || nessus,10669 +1503 || WEB-CGI admentor admin.asp access || bugtraq,4152 || cve,2002-0308 || nessus,10880 || url,www.securiteam.com/windowsntfocus/5DP0N1F6AW.html +1504 || MISC AFS access || nessus,10441 +1505 || WEB-CGI alchemy http server PRN arbitrary command execution attempt || bugtraq,3599 || cve,2001-0871 +1506 || WEB-CGI alchemy http server NUL arbitrary command execution attempt || bugtraq,3599 || cve,2001-0871 +1507 || WEB-CGI alibaba.pl arbitrary command execution attempt || cve,1999-0885 || nessus,10013 +1508 || WEB-CGI alibaba.pl access || bugtraq,770 || cve ,CAN-1999-0885 || nessus,10013 +1509 || WEB-CGI AltaVista Intranet Search directory traversal attempt || bugtraq,896 || cve,2000-0039 || nessus,10015 +1510 || WEB-CGI test.bat arbitrary command execution attempt || bugtraq,762 || cve,1999-0947 || nessus,10016 +1511 || WEB-CGI test.bat access || bugtraq,762 || cve,1999-0947 || nessus,10016 +1512 || WEB-CGI input.bat arbitrary command execution attempt || bugtraq,762 || cve,1999-0947 || nessus,10016 +1513 || WEB-CGI input.bat access || bugtraq,762 || cve,1999-0947 || nessus,10016 +1514 || WEB-CGI input2.bat arbitrary command execution attempt || bugtraq,762 || cve,1999-0947 || nessus,10016 +1515 || WEB-CGI input2.bat access || bugtraq,762 || cve,1999-0947 || nessus,10016 +1516 || WEB-CGI envout.bat arbitrary command execution attempt || bugtraq,762 || cve,1999-0947 || nessus,10016 +1517 || WEB-CGI envout.bat access || bugtraq,762 || cve,1999-0947 || nessus,10016 +1518 || WEB-MISC nstelemetry.adp access || nessus,10753 +1519 || WEB-MISC apache ?M=D directory list attempt || bugtraq,3009 || cve,2001-0731 +1520 || WEB-MISC server-info access || url,httpd.apache.org/docs/mod/mod_info.html +1521 || WEB-MISC server-status access || url,httpd.apache.org/docs/mod/mod_info.html +1522 || WEB-MISC ans.pl attempt || bugtraq,4147 || bugtraq,4149 || cve,2002-0306 || cve,2002-0307 || nessus,10875 +1523 || WEB-MISC ans.pl access || bugtraq,4147 || bugtraq,4149 || cve,2002-0306 || cve,2002-0307 || nessus,10875 +1524 || WEB-MISC AxisStorpoint CD attempt || bugtraq,1025 || cve,2000-0191 || nessus,10023 +1525 || WEB-MISC Axis Storpoint CD access || bugtraq,1025 || cve,2000-0191 || nessus,10023 +1526 || WEB-MISC basilix sendmail.inc access || cve,2001-1044 || nessus,10601 +1527 || WEB-MISC basilix mysql.class access || cve,2001-1044 || nessus,10601 +1528 || WEB-MISC BBoard access || bugtraq,1459 || cve,2000-0629 || nessus,10507 +1529 || FTP SITE overflow attempt || cve,1999-0838 || cve,2001-0755 || cve,2001-0770 +1530 || FTP format string attempt || bugtraq,1387 || bugtraq,2240 || bugtraq,726 || cve,1999-0997 || cve,2000-0573 || nessus,10452 +1531 || WEB-CGI bb-hist.sh attempt || bugtraq,142 || cve,1999-1462 || nessus,10025 +1532 || WEB-CGI bb-hostscv.sh attempt || bugtraq,1455 || cve,2000-0638 || nessus,10460 +1533 || WEB-CGI bb-hostscv.sh access || bugtraq,1455 || cve,2000-0638 || nessus,10460 +1534 || WEB-CGI agora.cgi attempt || bugtraq,3702 || bugtraq,3976 || cve,2001-1199 || cve,2002-0215 || nessus,10836 +1535 || WEB-CGI bizdbsearch access || bugtraq,1104 || cve,2000-0287 || nessus,10383 +1536 || WEB-CGI calendar_admin.pl arbitrary command execution attempt || cve,2000-0432 +1537 || WEB-CGI calendar_admin.pl access || cve,2000-0432 +1538 || NNTP AUTHINFO USER overflow attempt || arachnids,274 || bugtraq,1156 || cve,2000-0341 +1539 || WEB-CGI /cgi-bin/ls access || bugtraq,936 || cve,2000-0079 +1540 || WEB-COLDFUSION ?Mode=debug attempt || nessus,10797 +1541 || FINGER version query +1542 || WEB-CGI cgimail access || bugtraq,1623 || cve,2000-0726 || nessus,11721 +1543 || WEB-CGI cgiwrap access || bugtraq,1238 || bugtraq,3084 || bugtraq,777 || cve,1999-1530 || cve,2000-0431 || cve,2001-0987 || nessus,10041 +1544 || WEB-MISC Cisco Catalyst command execution attempt || bugtraq,1846 || cve,2000-0945 || nessus,10545 +1545 || DOS Cisco attempt +1546 || WEB-MISC Cisco /%% DOS attempt || bugtraq,1154 || cve,2000-0380 +1547 || WEB-CGI csSearch.cgi arbitrary command execution attempt || bugtraq,4368 || cve,2002-0495 || nessus,10924 +1548 || WEB-CGI csSearch.cgi access || bugtraq,4368 || cve,2002-0495 || nessus,10924 +1549 || SMTP HELO overflow attempt || bugtraq,7726 || bugtraq,895 || cve,2000-0042 || nessus,10324 || nessus,11674 +1550 || SMTP ETRN overflow attempt || bugtraq,1297 || cve,2000-0490 || nessus,10438 +1551 || WEB-MISC /CVS/Entries access || nessus,10922 || nessus,11032 +1552 || WEB-MISC cvsweb version access || cve,2000-0670 +1553 || WEB-CGI /cart/cart.cgi access || bugtraq,1115 || cve,2000-0252 +1554 || WEB-CGI dbman db.cgi access || bugtraq,1178 || cve,2000-0381 || nessus,10403 +1555 || WEB-CGI DCShop access || bugtraq,2889 || cve,2001-0821 +1556 || WEB-CGI DCShop orders.txt access || bugtraq,2889 || cve,2001-0821 +1557 || WEB-CGI DCShop auth_user_file.txt access || bugtraq,2889 || cve,2001-0821 +1558 || WEB-MISC Delegate whois overflow attempt || cve,2000-0165 +1559 || WEB-MISC /doc/packages access || bugtraq,1707 || cve,2000-1016 || nessus,10518 || nessus,11032 +1560 || WEB-MISC /doc/ access || bugtraq,318 || cve,1999-0678 +1561 || WEB-MISC ?open access +1562 || FTP SITE CHOWN overflow attempt || bugtraq,2120 || cve,2001-0065 +1563 || WEB-MISC login.htm attempt || bugtraq,665 || cve,1999-1533 +1564 || WEB-MISC login.htm access || bugtraq,665 || cve,1999-1533 +1565 || WEB-CGI eshop.pl arbitrary commane execution attempt || bugtraq,3340 || cve,2001-1014 +1566 || WEB-CGI eshop.pl access || bugtraq,3340 || cve,2001-1014 +1567 || WEB-IIS /exchange/root.asp attempt || bugtraq,3301 || cve,2001-0660 || nessus,10755 || nessus,10781 +1568 || WEB-IIS /exchange/root.asp access || bugtraq,3301 || cve,2001-0660 || nessus,10755 || nessus,10781 +1569 || WEB-CGI loadpage.cgi directory traversal attempt || bugtraq,2109 || cve,2000-1092 +1570 || WEB-CGI loadpage.cgi access || bugtraq,2109 || cve,2000-1092 +1571 || WEB-CGI dcforum.cgi directory traversal attempt || bugtraq,2611 || cve,2001-0436 || cve,2001-0437 +1572 || WEB-CGI commerce.cgi arbitrary file access attempt || bugtraq,2361 || cve,2001-0210 || nessus,10612 +1573 || WEB-CGI cgiforum.pl attempt || bugtraq,1963 || cve,2000-1171 || nessus,10552 +1574 || WEB-CGI directorypro.cgi attempt || bugtraq,2793 || cve,2001-0780 +1575 || WEB-MISC Domino mab.nsf access || bugtraq,4022 || nessus,10953 +1576 || WEB-MISC Domino cersvr.nsf access || nessus,10629 +1577 || WEB-MISC Domino setup.nsf access || nessus,10629 +1578 || WEB-MISC Domino statrep.nsf access || nessus,10629 +1579 || WEB-MISC Domino webadmin.nsf access || bugtraq,9900 || bugtraq,9901 || nessus,10629 +1580 || WEB-MISC Domino events4.nsf access || nessus,10629 +1581 || WEB-MISC Domino ntsync4.nsf access || nessus,10629 +1582 || WEB-MISC Domino collect4.nsf access || nessus,10629 +1583 || WEB-MISC Domino mailw46.nsf access || nessus,10629 +1584 || WEB-MISC Domino bookmark.nsf access || nessus,10629 +1585 || WEB-MISC Domino agentrunner.nsf access || nessus,10629 +1586 || WEB-MISC Domino mail.box access || bugtraq,881 || nessus,10629 +1587 || WEB-MISC cgitest.exe access || arachnids,265 || bugtraq,1313 || bugtraq,3885 || cve,2000-0521 || cve,2002-0128 || nessus,10040 || nessus,10623 || nessus,11131 +1588 || WEB-MISC SalesLogix Eviewer access || bugtraq,1078 || bugtraq,1089 || cve,2000-0278 || cve,2000-0289 +1589 || WEB-MISC musicat empower attempt || bugtraq,2374 || cve,2001-0224 || nessus,10609 +1590 || WEB-CGI faqmanager.cgi arbitrary file access attempt || bugtraq,3810 || nessus,10837 +1591 || WEB-CGI faqmanager.cgi access || bugtraq,3810 || nessus,10837 +1592 || WEB-CGI /fcgi-bin/echo.exe access || nessus,10838 +1593 || WEB-CGI FormHandler.cgi external site redirection attempt || bugtraq,798 || bugtraq,799 || cve,1999-1050 || nessus,10075 +1594 || WEB-CGI FormHandler.cgi access || bugtraq,798 || bugtraq,799 || cve,1999-1050 || nessus,10075 +1595 || WEB-IIS htimage.exe access || bugtraq,1117 || bugtraq,964 || cve,2000-0122 || cve,2000-0256 || nessus,10376 +1597 || WEB-CGI guestbook.cgi access || cve,1999-0237 || nessus,10098 +1598 || WEB-CGI Home Free search.cgi directory traversal attempt || bugtraq,921 || cve,2000-0054 +1599 || WEB-CGI search.cgi access || bugtraq,921 || cve,2000-0054 +1600 || WEB-CGI htsearch arbitrary configuration file attempt || cve,2000-0208 +1601 || WEB-CGI htsearch arbitrary file read attempt || bugtraq,1026 || cve,2000-0208 || nessus,10105 +1602 || WEB-CGI htsearch access || bugtraq,1026 || cve,2000-0208 || nessus,10105 +1603 || WEB-MISC DELETE attempt || nessus,10498 +1604 || WEB-MISC iChat directory traversal attempt || cve,1999-0897 +1605 || DOS iParty DOS attempt || bugtraq,6844 || cve,1999-1566 +1606 || WEB-CGI icat access || cve,1999-1069 +1607 || WEB-CGI HyperSeek hsx.cgi access || bugtraq,2314 || cve,2001-0253 || nessus,10602 +1608 || WEB-CGI htmlscript attempt || bugtraq,2001 || cve,1999-0264 || nessus,10106 +1609 || WEB-CGI faxsurvey arbitrary file read attempt || bugtraq,2056 || cve,1999-0262 || nessus,10067 +1610 || WEB-CGI formmail arbitrary command execution attempt || arachnids,226 || bugtraq,1187 || bugtraq,2079 || cve,1999-0172 || cve,2000-0411 || nessus,10076 || nessus,10782 +1611 || WEB-CGI eXtropia webstore access || bugtraq,1774 || cve,2000-1005 || nessus,10532 +1612 || WEB-MISC ftp.pl attempt || bugtraq,1471 || cve,2000-0674 || nessus,10467 +1613 || WEB-MISC handler attempt || arachnids,235 || bugtraq,380 || cve,1999-0148 || nessus,10100 +1614 || WEB-MISC Novell Groupwise gwweb.exe attempt || bugtraq,879 || cve,1999-1005 || cve,1999-1006 || nessus,10877 +1615 || WEB-MISC htgrep attempt || cve,2000-0832 +1616 || DNS named version attempt || arachnids,278 || nessus,10028 +1617 || WEB-CGI Bugzilla doeditvotes.cgi access || bugtraq,3800 || cve,2002-0011 +1618 || WEB-IIS .asp chunked Transfer-Encoding || bugtraq,4474 || bugtraq,4485 || cve,2002-0071 || cve,2002-0079 || nessus,10932 +1619 || EXPERIMENTAL WEB-IIS .htr request || bugtraq,4474 || cve,2002-0071 || nessus,10932 +1620 || BAD TRAFFIC Non-Standard IP protocol +1621 || FTP CMD overflow attempt +1622 || FTP RNFR ././ attempt +1623 || FTP invalid MODE +1624 || FTP large PWD command +1625 || FTP large SYST command +1626 || WEB-IIS /StoreCSVS/InstantOrder.asmx request +1627 || BAD-TRAFFIC Unassigned/Reserved IP protocol || url,www.iana.org/assignments/protocol-numbers +1628 || WEB-CGI FormHandler.cgi directory traversal attempt attempt || bugtraq,798 || bugtraq,799 || cve,1999-1050 || nessus,10075 +1629 || OTHER-IDS SecureNetPro traffic +1631 || CHAT AIM login +1632 || CHAT AIM send message +1633 || CHAT AIM receive message +1634 || POP3 PASS overflow attempt || bugtraq,791 || cve,1999-1511 || nessus,10325 +1635 || POP3 APOP overflow attempt || bugtraq,1652 || cve,2000-0840 || cve,2000-0841 || nessus,10559 +1636 || MISC Xtramail Username overflow attempt || bugtraq,791 || cve,1999-1511 || nessus,10323 +1637 || WEB-CGI yabb access || arachnids,462 || bugtraq,1668 || cve,2000-0853 +1638 || SCAN SSH Version map attempt +1639 || CHAT IRC DCC file transfer request +1640 || CHAT IRC DCC chat request +1641 || DOS DB2 dos attempt || bugtraq,3010 || cve,2001-1143 || nessus,10871 +1642 || WEB-CGI document.d2w access || bugtraq,2017 || cve,2000-1110 +1643 || WEB-CGI db2www access || cve,2000-0677 +1644 || WEB-CGI test-cgi attempt || arachnids,218 || bugtraq,2003 || cve,1999-0070 || nessus,10282 +1645 || WEB-CGI testcgi access || bugtraq,7214 || nessus,11610 +1646 || WEB-CGI test.cgi access +1647 || WEB-CGI faxsurvey attempt full path || bugtraq,2056 || cve,1999-0262 || nessus,10067 +1648 || WEB-CGI perl.exe command attempt || arachnids,219 || cve,1999-0509 || nessus,10173 || url,www.cert.org/advisories/CA-1996-11.html +1649 || WEB-CGI perl command attempt || arachnids,219 || cve,1999-0509 || nessus,10173 || url,www.cert.org/advisories/CA-1996-11.html +1650 || WEB-CGI tst.bat access || bugtraq,770 || cve,1999-0885 || nessus,10014 +1651 || WEB-CGI environ.pl access +1652 || WEB-CGI campus attempt || bugtraq,1975 || cve,1999-0146 || nessus,10035 +1653 || WEB-CGI campus access || bugtraq,1975 || cve,1999-0146 || nessus,10035 +1654 || WEB-CGI cart32.exe access || bugtraq,1153 +1655 || WEB-CGI pfdispaly.cgi arbitrary command execution attempt || cve,1999-0270 || nessus,10174 +1656 || WEB-CGI pfdispaly.cgi access || cve,1999-0270 || nessus,10174 +1657 || WEB-CGI pagelog.cgi directory traversal attempt || bugtraq,1864 || cve,2000-0940 || nessus,10591 +1658 || WEB-CGI pagelog.cgi access || bugtraq,1864 || cve,2000-0940 || nessus,10591 +1659 || WEB-COLDFUSION sendmail.cfm access +1660 || WEB-IIS trace.axd access || nessus,10993 +1661 || WEB-IIS cmd32.exe access +1662 || WEB-MISC /~ftp access +1663 || WEB-MISC *%0a.pl access +1664 || WEB-MISC mkplog.exe access +1665 || WEB-MISC mkilog.exe access +1666 || ATTACK-RESPONSES index of /cgi-bin/ response || nessus,10039 +1667 || WEB-MISC cross site scripting HTML Image tag set to javascript attempt || bugtraq,4858 || cve,2002-0902 +1668 || WEB-CGI /cgi-bin/ access +1669 || WEB-CGI /cgi-dos/ access +1670 || WEB-MISC /home/ftp access || nessus,11032 +1671 || WEB-MISC /home/www access || nessus,11032 +1672 || FTP CWD ~ attempt || bugtraq,2601 || bugtraq,9215 || cve,2001-0421 +1673 || ORACLE EXECUTE_SYSTEM attempt +1674 || ORACLE connect_data remote version detection attempt +1675 || ORACLE misparsed login response +1676 || ORACLE select union attempt +1677 || ORACLE select like '%' attempt +1678 || ORACLE select like '%' attempt backslash escaped +1679 || ORACLE describe attempt +1680 || ORACLE all_constraints access +1681 || ORACLE all_views access +1682 || ORACLE all_source access +1683 || ORACLE all_tables access +1684 || ORACLE all_tab_columns access +1685 || ORACLE all_tab_privs access +1686 || ORACLE dba_tablespace access +1687 || ORACLE dba_tables access +1688 || ORACLE user_tablespace access +1689 || ORACLE sys.all_users access +1690 || ORACLE grant attempt +1691 || ORACLE ALTER USER attempt +1692 || ORACLE drop table attempt +1693 || ORACLE create table attempt +1694 || ORACLE alter table attempt +1695 || ORACLE truncate table attempt +1696 || ORACLE create database attempt +1697 || ORACLE alter database attempt +1698 || ORACLE execute_system attempt +1699 || P2P Fastrack kazaa/morpheus traffic || url,www.kazaa.com +1700 || WEB-CGI imagemap.exe access || arachnids,412 || bugtraq,739 || cve,1999-0951 || nessus,10122 +1701 || WEB-CGI calendar-admin.pl access || bugtraq,1215 +1702 || WEB-CGI Amaya templates sendtemp.pl access || bugtraq,2504 || cve,2001-0272 +1703 || WEB-CGI auktion.cgi directory traversal attempt || bugtraq,2367 || cve,2001-0212 || nessus,10638 +1704 || WEB-CGI cal_make.pl directory traversal attempt || bugtraq,2663 || cve,2001-0463 || nessus,10664 +1705 || WEB-CGI echo.bat arbitrary command execution attempt || bugtraq,1002 || cve,2000-0213 || nessus,10246 +1706 || WEB-CGI echo.bat access || bugtraq,1002 || cve,2000-0213 || nessus,10246 +1707 || WEB-CGI hello.bat arbitrary command execution attempt || bugtraq,1002 || cve,2000-0213 || nessus,10246 +1708 || WEB-CGI hello.bat access || bugtraq,1002 || cve,2000-0213 || nessus,10246 +1709 || WEB-CGI ad.cgi access || bugtraq,2103 || cve,2001-0025 || nessus,11464 +1710 || WEB-CGI bbs_forum.cgi access || bugtraq,2177 || cve,2001-0123 || url,www.cgisecurity.com/advisory/3.1.txt +1711 || WEB-CGI bsguest.cgi access || bugtraq,2159 || cve,2001-0099 +1712 || WEB-CGI bslist.cgi access || bugtraq,2160 || cve,2001-0100 +1713 || WEB-CGI cgforum.cgi access || bugtraq,1951 || cve,2000-1132 +1714 || WEB-CGI newdesk access +1715 || WEB-CGI register.cgi access || bugtraq,2157 || cve,2001-0076 +1716 || WEB-CGI gbook.cgi access || bugtraq,1940 || cve,2000-1131 +1717 || WEB-CGI simplestguest.cgi access || bugtraq,2106 || cve,2001-0022 +1718 || WEB-CGI statsconfig.pl access || bugtraq,2211 || cve,2001-0113 +1719 || WEB-CGI talkback.cgi directory traversal attempt || bugtraq,2547 || cve,2001-0420 +1720 || WEB-CGI talkback.cgi access || bugtraq,2547 || cve,2001-0420 +1721 || WEB-CGI adcycle access || bugtraq,3741 || cve,2001-1226 +1722 || WEB-CGI MachineInfo access || cve,1999-1067 +1723 || WEB-CGI emumail.cgi NULL attempt || bugtraq,5824 || cve,2002-1526 +1724 || WEB-CGI emumail.cgi access || bugtraq,5824 || cve,2002-1526 +1725 || WEB-IIS +.htr code fragment attempt || bugtraq,1488 || cve,2000-0630 || nessus,10680 +1726 || WEB-IIS doctodep.btr access +1727 || WEB-CGI SGI InfoSearch fname access || arachnids,290 || bugtraq,1031 || cve,2000-0207 +1728 || FTP CWD ~ attempt || bugtraq,2601 || cve,2001-0421 +1729 || CHAT IRC channel join +1730 || WEB-CGI ustorekeeper.pl directory traversal attempt || cve,2001-0466 || nessus,10645 +1731 || WEB-CGI a1stats access || bugtraq,2705 || cve,2001-0561 || nessus,10669 +1732 || RPC portmap rwalld request UDP +1733 || RPC portmap rwalld request TCP +1734 || FTP USER overflow attempt || bugtraq,10078 || bugtraq,1227 || bugtraq,1504 || bugtraq,1690 || bugtraq,4638 || bugtraq,7307 || bugtraq,8376 || cve,1999-1510 || cve,1999-1514 || cve,1999-1519 || cve,1999-1539 || cve,2000-0479 || cve,2000-0656 || cve,2000-0761 || cve,2000-0943 || cve,2000-1035 || cve,2000-1194 || cve,2001-0256 || cve,2001-0794 || cve,2001-0826 || cve,2002-0126 || cve,2002-1522 || cve,2003-0271 || cve,2004-0286 +1735 || WEB-CLIENT XMLHttpRequest attempt || bugtraq,4628 || cve,2002-0354 +1736 || WEB-PHP squirrel mail spell-check arbitrary command attempt || bugtraq,3952 +1737 || WEB-PHP squirrel mail theme arbitrary command attempt || bugtraq,4385 || cve,2002-0516 +1738 || WEB-MISC global.inc access || bugtraq,4612 || cve,2002-0614 +1739 || WEB-PHP DNSTools administrator authentication bypass attempt || bugtraq,4617 || cve,2002-0613 +1740 || WEB-PHP DNSTools authentication bypass attempt || bugtraq,4617 || cve,2002-0613 +1741 || WEB-PHP DNSTools access || bugtraq,4617 || cve,2002-0613 +1742 || WEB-PHP Blahz-DNS dostuff.php modify user attempt || bugtraq,4618 || cve,2002-0599 +1743 || WEB-PHP Blahz-DNS dostuff.php access || bugtraq,4618 || cve,2002-0599 +1744 || WEB-MISC SecureSite authentication bypass attempt || bugtraq,4621 +1745 || WEB-PHP Messagerie supp_membre.php access || bugtraq,4635 +1746 || RPC portmap cachefsd request UDP || bugtraq,4674 || cve,2002-0033 || cve,2002-0084 +1747 || RPC portmap cachefsd request TCP || bugtraq,4674 || cve,2002-0033 || cve,2002-0084 +1748 || FTP command overflow attempt || bugtraq,4638 || cve,2002-0606 +1749 || EXPERIMENTAL WEB-IIS .NET trace.axd access +1750 || WEB-IIS users.xml access +1751 || EXPLOIT cachefsd buffer overflow attempt || bugtraq,4631 || cve,2002-0084 || nessus,10951 +1752 || MISC AIM AddExternalApp attempt || url,www.w00w00.org/files/w00aimexp/ +1753 || WEB-IIS as_web.exe access || bugtraq,4670 +1754 || WEB-IIS as_web4.exe access || bugtraq,4670 +1755 || IMAP partial body buffer overflow attempt || bugtraq,4713 || cve,2002-0379 +1756 || WEB-IIS NewsPro administration authentication attempt || bugtraq,4672 +1757 || WEB-MISC b2 arbitrary command execution attempt || bugtraq,4673 || cve,2002-0734 || cve,2002-1466 || nessus,11667 +1758 || WEB-MISC b2 access || bugtraq,4673 || cve,2002-0734 || cve,2002-1466 || nessus,11667 +1759 || MS-SQL xp_cmdshell program execution 445 +1760 || OTHER-IDS ISS RealSecure 6 event collector connection attempt +1761 || OTHER-IDS ISS RealSecure 6 daemon connection attempt +1762 || WEB-CGI phf arbitrary command execution attempt || arachnids,128 || bugtraq,629 || cve,1999-0067 +1763 || WEB-CGI Nortel Contivity cgiproc DOS attempt || bugtraq,938 || cve,2000-0063 || cve,2000-0064 || nessus,10160 +1764 || WEB-CGI Nortel Contivity cgiproc DOS attempt || bugtraq,938 || cve,2000-0063 || cve,2000-0064 || nessus,10160 +1765 || WEB-CGI Nortel Contivity cgiproc access || bugtraq,938 || cve,2000-0063 || cve,2000-0064 || nessus,10160 +1766 || WEB-MISC search.dll directory listing attempt || bugtraq,1684 || cve,2000-0835 || nessus,10514 +1767 || WEB-MISC search.dll access || bugtraq,1684 || cve,2000-0835 || nessus,10514 +1768 || WEB-IIS header field buffer overflow attempt || bugtraq,4476 || cve,2002-0150 +1769 || WEB-MISC .DS_Store access || url,www.macintouch.com/mosxreaderreports46.html +1770 || WEB-MISC .FBCIndex access || url,www.securiteam.com/securitynews/5LP0O005FS.html +1771 || POLICY IPSec PGPNet connection attempt +1772 || WEB-IIS pbserver access || url,www.microsoft.com/technet/security/bulletin/ms00-094.mspx +1773 || WEB-PHP php.exe access || url,www.securitytracker.com/alerts/2002/Jan/1003104.html +1774 || WEB-PHP bb_smilies.php access || url,www.securiteam.com/securitynews/Serious_security_hole_in_PHP-Nuke__bb_smilies_.html +1775 || MYSQL root login attempt +1776 || MYSQL show databases attempt +1777 || FTP EXPLOIT STAT * dos attempt || bugtraq,4482 || cve,2002-0073 || nessus,10934 +1778 || FTP EXPLOIT STAT ? dos attempt || bugtraq,4482 || cve,2002-0073 || nessus,10934 +1779 || FTP CWD .... attempt || bugtraq,4884 +1780 || IMAP EXPLOIT partial body overflow attempt || bugtraq,4713 || cve,2002-0379 +1787 || WEB-CGI csPassword.cgi access || bugtraq,4885 || bugtraq,4886 || bugtraq,4887 || bugtraq,4889 || cve,2002-0917 || cve,2002-0918 +1788 || WEB-CGI csPassword password.cgi.tmp access || bugtraq,4889 || cve,2002-0920 +1789 || CHAT IRC dns request +1790 || CHAT IRC dns response +1791 || BACKDOOR fragroute trojan connection attempt || bugtraq,4898 +1792 || NNTP return code buffer overflow attempt || bugtraq,4900 || cve,2002-0909 +1800 || VIRUS Klez Incoming +1801 || WEB-IIS .asp HTTP header buffer overflow attempt || bugtraq,4476 || cve,2002-0150 +1802 || WEB-IIS .asa HTTP header buffer overflow attempt || bugtraq,4476 || cve,2002-0150 +1803 || WEB-IIS .cer HTTP header buffer overflow attempt || bugtraq,4476 || cve,2002-0150 +1804 || WEB-IIS .cdx HTTP header buffer overflow attempt || bugtraq,4476 || cve,2002-0150 +1805 || WEB-CGI Oracle reports CGI access || bugtraq,4848 || cve,2002-0947 +1806 || WEB-IIS .htr chunked Transfer-Encoding || bugtraq,4855 || bugtraq,5003 || cve,2002-0364 +1807 || WEB-MISC Chunked-Encoding transfer attempt || bugtraq,4474 || bugtraq,4485 || bugtraq,5033 || cve,2002-0071 || cve,2002-0079 || cve,2002-0392 +1808 || WEB-MISC apache chunked encoding memory corruption exploit attempt || bugtraq,5033 || cve,2002-0392 +1809 || WEB-MISC Apache Chunked-Encoding worm attempt || bugtraq,4474 || bugtraq,4485 || bugtraq,5033 || cve,2002-0071 || cve,2002-0079 || cve,2002-0392 +1810 || ATTACK-RESPONSES successful gobbles ssh exploit GOBBLE || bugtraq,2370 || bugtraq,5093 || cve,2001-0214 || cve,2002-0390 || cve,2002-0639 +1811 || ATTACK-RESPONSES successful gobbles ssh exploit uname || bugtraq,5093 || cve,2002-0390 || cve,2002-0639 +1812 || EXPLOIT gobbles SSH exploit attempt || bugtraq,5093 || cve,2002-0390 || cve,2002-0639 +1813 || ICMP digital island bandwidth query +1814 || WEB-MISC CISCO VoIP DOS ATTEMPT || bugtraq,4794 || cve,2002-0882 || nessus,11013 +1815 || WEB-PHP directory.php arbitrary command attempt || bugtraq,4278 || cve,2002-0434 +1816 || WEB-PHP directory.php access || bugtraq,4278 || cve,2002-0434 +1817 || WEB-IIS MS Site Server default login attempt || nessus,11018 +1818 || WEB-IIS MS Site Server admin attempt || nessus,11018 +1819 || MISC Alcatel PABX 4400 connection attempt || nessus,11019 +1820 || WEB-MISC IBM Net.Commerce orderdspc.d2w access || bugtraq,2350 || cve,2001-0319 || nessus,11020 +1821 || EXPLOIT LPD dvips remote command execution attempt || bugtraq,3241 || cve,2001-1002 || nessus,11023 +1822 || WEB-CGI alienform.cgi directory traversal attempt || bugtraq,4983 || cve,2002-0934 || nessus,11027 +1823 || WEB-CGI AlienForm af.cgi directory traversal attempt || bugtraq,4983 || cve,2002-0934 || nessus,11027 +1824 || WEB-CGI alienform.cgi access || bugtraq,4983 || cve,2002-0934 || nessus,11027 +1825 || WEB-CGI AlienForm af.cgi access || bugtraq,4983 || cve,2002-0934 || nessus,11027 +1826 || WEB-MISC WEB-INF access || nessus,11037 +1827 || WEB-MISC Tomcat servlet mapping cross site scripting attempt || bugtraq,5193 || cve,2002-0682 || nessus,11041 +1828 || WEB-MISC iPlanet Search directory traversal attempt || bugtraq,5191 || cve,2002-1042 || nessus,11043 +1829 || WEB-MISC Tomcat TroubleShooter servlet access || bugtraq,4575 || nessus,11046 +1830 || WEB-MISC Tomcat SnoopServlet servlet access || bugtraq,4575 || nessus,11046 +1831 || WEB-MISC jigsaw dos attempt || nessus,11047 +1832 || CHAT ICQ forced user addition || bugtraq,3226 || cve,2001-1305 +1834 || WEB-PHP PHP-Wiki cross site scripting attempt || bugtraq,5254 || cve,2002-1070 +1835 || WEB-MISC Macromedia SiteSpring cross site scripting attempt || bugtraq,5249 || cve,2002-1027 +1838 || EXPLOIT SSH server banner overflow || bugtraq,5287 || cve,2002-1059 +1839 || WEB-MISC mailman cross site scripting attempt || bugtraq,5298 || cve,2002-0855 +1840 || WEB-CLIENT Javascript document.domain attempt || bugtraq,5346 || cve,2002-0815 +1841 || WEB-CLIENT Javascript URL host spoofing attempt || bugtraq,5293 +1842 || IMAP login buffer overflow attempt || bugtraq,502 || cve,1999-0005 || cve,1999-1557 || nessus,10123 || nessus,10125 +1843 || BACKDOOR trinity connection attempt || cve,2000-0138 || nessus,10501 +1844 || IMAP authenticate overflow attempt || cve,1999-0042 || nessus,10292 +1845 || IMAP list literal overflow attempt || bugtraq,1110 || cve,2000-0284 || nessus,10374 +1846 || POLICY vncviewer Java applet download attempt || nessus,10758 +1847 || WEB-MISC webalizer access || bugtraq,3473 || cve,1999-0643 || cve,2001-0835 || nessus,10816 +1848 || WEB-MISC webcart-lite access || cve,1999-0610 || nessus,10298 +1849 || WEB-MISC webfind.exe access || bugtraq,1487 || cve,2000-0622 || nessus,10475 +1850 || WEB-CGI way-board.cgi access || nessus,10610 +1851 || WEB-MISC active.log access || bugtraq,1497 || cve,2000-0642 || nessus,10470 +1852 || WEB-MISC robots.txt access || nessus,10302 +1853 || BACKDOOR win-trin00 connection attempt || cve,2000-0138 || nessus,10307 +1854 || DDOS Stacheldraht handler->agent niggahbitch || url,staff.washington.edu/dittrich/misc/stacheldraht.analysis +1855 || DDOS Stacheldraht agent->handler skillz || url,staff.washington.edu/dittrich/misc/stacheldraht.analysis +1856 || DDOS Stacheldraht handler->agent ficken || url,staff.washington.edu/dittrich/misc/stacheldraht.analysis +1857 || WEB-MISC robot.txt access || nessus,10302 +1858 || WEB-MISC CISCO PIX Firewall Manager directory traversal attempt || bugtraq,691 || cve,1999-0158 || nessus,10819 +1859 || WEB-MISC Sun JavaServer default password login attempt || cve,1999-0508 || nessus,10995 +1860 || WEB-MISC Linksys router default password login attempt || nessus,10999 +1861 || WEB-MISC Linksys router default username and password login attempt || nessus,10999 +1862 || WEB-CGI mrtg.cgi directory traversal attempt || bugtraq,4017 || cve,2002-0232 || nessus,11001 +1864 || FTP SITE NEWER attempt || cve,1999-0880 || nessus,10319 +1865 || WEB-CGI webdist.cgi arbitrary command attempt || bugtraq,374 || cve,1999-0039 || nessus,10299 +1866 || POP3 USER overflow attempt || bugtraq,789 || cve,1999-0494 || nessus,10311 +1867 || MISC xdmcp info query || nessus,10891 +1868 || WEB-CGI story.pl arbitrary file read attempt || bugtraq,3028 || cve,2001-0804 || nessus,10817 +1869 || WEB-CGI story.pl access || bugtraq,3028 || cve,2001-0804 || nessus,10817 +1870 || WEB-CGI siteUserMod.cgi access || bugtraq,951 || cve,2000-0117 || nessus,10253 +1871 || WEB-MISC Oracle XSQLConfig.xml access || bugtraq,4290 || cve,2002-0568 || nessus,10855 +1872 || WEB-MISC Oracle Dynamic Monitoring Services dms access || nessus,10848 +1873 || WEB-MISC globals.jsa access || bugtraq,4034 || cve,2002-0562 || nessus,10850 +1874 || WEB-MISC Oracle Java Process Manager access || nessus,10851 +1875 || WEB-CGI cgicso access || bugtraq,6141 || nessus,10779 || nessus,10780 +1876 || WEB-CGI nph-publish.cgi access || cve,1999-1177 || nessus,10164 +1877 || WEB-CGI printenv access || bugtraq,1658 || cve,2000-0868 || nessus,10188 || nessus,10503 +1878 || WEB-CGI sdbsearch.cgi access || bugtraq,1658 || cve,2000-0868 || nessus,10503 +1879 || WEB-CGI book.cgi arbitrary command execution attempt || bugtraq,3178 || cve,2001-1114 || nessus,10721 +1880 || WEB-MISC oracle web application server access || bugtraq,1053 || cve,2000-0169 || nessus,10348 +1881 || WEB-MISC bad HTTP/1.1 request, Potentially worm attack || url,securityresponse.symantec.com/avcenter/security/Content/2002.09.13.html +1882 || ATTACK-RESPONSES id check returned userid +1883 || ATTACK-RESPONSES id check returned nobody +1884 || ATTACK-RESPONSES id check returned web +1885 || ATTACK-RESPONSES id check returned http +1886 || ATTACK-RESPONSES id check returned apache +1887 || MISC OpenSSL Worm traffic || url,www.cert.org/advisories/CA-2002-27.html +1888 || FTP SITE CPWD overflow attempt || bugtraq,5427 || cve,2002-0826 +1889 || MISC slapper worm admin traffic || url,isc.incidents.org/analysis.html?id=167 || url,www.cert.org/advisories/CA-2002-27.html +1890 || RPC status GHBN format string attack || bugtraq,1480 || cve,2000-0666 +1891 || RPC status GHBN format string attack || bugtraq,1480 || cve,2000-0666 +1892 || SNMP null community string attempt || bugtraq,2112 || bugtraq,8974 || cve,1999-0517 +1893 || SNMP missing community string attempt || bugtraq,2112 || cve,1999-0517 +1894 || EXPLOIT kadmind buffer overflow attempt || bugtraq,5731 || bugtraq,6024 || cve,2002-1226 || cve,2002-1235 || url,www.kb.cert.org/vuls/id/875073 +1895 || EXPLOIT kadmind buffer overflow attempt || bugtraq,5731 || bugtraq,6024 || cve,2002-1226 || cve,2002-1235 || url,www.kb.cert.org/vuls/id/875073 +1896 || EXPLOIT kadmind buffer overflow attempt || bugtraq,5731 || bugtraq,6024 || cve,2002-1226 || cve,2002-1235 || url,www.kb.cert.org/vuls/id/875073 +1897 || EXPLOIT kadmind buffer overflow attempt || bugtraq,5731 || bugtraq,6024 || cve,2002-1226 || cve,2002-1235 || url,www.kb.cert.org/vuls/id/875073 +1898 || EXPLOIT kadmind buffer overflow attempt || bugtraq,5731 || bugtraq,6024 || cve,2002-1226 || cve,2002-1235 || url,www.kb.cert.org/vuls/id/875073 +1899 || EXPLOIT kadmind buffer overflow attempt || bugtraq,5731 || bugtraq,6024 || cve,2002-1226 || cve,2002-1235 || url,www.kb.cert.org/vuls/id/875073 +1900 || ATTACK-RESPONSES successful kadmind buffer overflow attempt || bugtraq,5731 || bugtraq,6024 || cve,2002-1226 || cve,2002-1235 || url,www.kb.cert.org/vuls/id/875073 +1901 || ATTACK-RESPONSES successful kadmind buffer overflow attempt || bugtraq,5731 || bugtraq,6024 || cve,2002-1226 || cve,2002-1235 || url,www.kb.cert.org/vuls/id/875073 +1902 || IMAP lsub literal overflow attempt || bugtraq,1110 || cve,2000-0284 || nessus,10374 +1903 || IMAP rename overflow attempt || bugtraq,1110 || cve,2000-0284 || nessus,10374 +1904 || IMAP find overflow attempt || bugtraq,1110 || cve,2000-0284 || nessus,10374 +1905 || RPC AMD UDP amqproc_mount plog overflow attempt || bugtraq,614 || cve,1999-0704 +1906 || RPC AMD TCP amqproc_mount plog overflow attempt || bugtraq,614 || cve,1999-0704 +1907 || RPC CMSD UDP CMSD_CREATE buffer overflow attempt || bugtraq,524 || cve,1999-0696 +1908 || RPC CMSD TCP CMSD_CREATE buffer overflow attempt || bugtraq,524 || cve,1999-0696 +1909 || RPC CMSD TCP CMSD_INSERT buffer overflow attempt || cve,1999-0696 || url,www.cert.org/advisories/CA-99-08-cmsd.html +1910 || RPC CMSD udp CMSD_INSERT buffer overflow attempt || cve,1999-0696 || url,www.cert.org/advisories/CA-99-08-cmsd.html +1911 || RPC sadmind UDP NETMGT_PROC_SERVICE CLIENT_DOMAIN overflow attempt || bugtraq,0866 || bugtraq,866 || cve,1999-0977 +1912 || RPC sadmind TCP NETMGT_PROC_SERVICE CLIENT_DOMAIN overflow attempt || bugtraq,0866 || bugtraq,866 || cve,1999-0977 +1913 || RPC STATD UDP stat mon_name format string exploit attempt || bugtraq,1480 || cve,2000-0666 +1914 || RPC STATD TCP stat mon_name format string exploit attempt || bugtraq,1480 || cve,2000-0666 +1915 || RPC STATD UDP monitor mon_name format string exploit attempt || bugtraq,1480 || cve,2000-0666 +1916 || RPC STATD TCP monitor mon_name format string exploit attempt || bugtraq,1480 || cve,2000-0666 +1917 || SCAN UPnP service discover attempt +1918 || SCAN SolarWinds IP scan attempt +1919 || FTP CWD overflow attempt || bugtraq,1227 || bugtraq,1690 || bugtraq,6869 || bugtraq,7251 || bugtraq,7950 || cve,1999-0219 || cve,1999-1058 || cve,1999-1510 || cve,2000-1035 || cve,2000-1194 || cve,2001-0781 || cve,2002-0126 || cve,2002-0405 +1920 || FTP SITE NEWER overflow attempt || bugtraq,229 || cve,1999-0800 +1921 || FTP SITE ZIPCHK overflow attempt || cve,2000-0040 +1922 || RPC portmap proxy attempt TCP +1923 || RPC portmap proxy attempt UDP +1924 || RPC mountd UDP export request || arachnids,26 +1925 || RPC mountd TCP exportall request || arachnids,26 +1926 || RPC mountd UDP exportall request || arachnids,26 +1927 || FTP authorized_keys +1928 || FTP shadow retrieval attempt +1929 || BACKDOOR TCPDUMP/PCAP trojan traffic || url,hlug.fscker.com +1930 || IMAP auth literal overflow attempt || cve,1999-0005 +1931 || WEB-CGI rpc-nlog.pl access || cve,1999-1278 +1932 || WEB-CGI rpc-smb.pl access || cve,1999-1278 +1933 || WEB-CGI cart.cgi access || bugtraq,1115 || cve,2000-0252 || nessus,10368 +1934 || POP2 FOLD overflow attempt || bugtraq,283 || cve,1999-0920 || nessus,10130 +1935 || POP2 FOLD arbitrary file attempt +1936 || POP3 AUTH overflow attempt || cve,1999-0822 || nessus,10184 +1937 || POP3 LIST overflow attempt || bugtraq,948 || cve,2000-0096 || nessus,10197 +1938 || POP3 XTND overflow attempt +1939 || MISC bootp hardware address length overflow || cve,1999-0798 +1940 || MISC bootp invalid hardware type || cve,1999-0798 +1941 || TFTP GET filename overflow attempt || bugtraq,5328 || cve,2002-0813 +1942 || FTP RMDIR overflow attempt || bugtraq,819 +1943 || WEB-MISC /Carello/add.exe access || bugtraq,1245 || cve,2000-0396 || nessus,11776 +1944 || WEB-MISC /ecscripts/ecware.exe access || bugtraq,6066 +1945 || WEB-IIS unicode directory traversal attempt || bugtraq,1806 || cve,2000-0884 || nessus,10537 +1946 || WEB-MISC answerbook2 admin attempt || bugtraq,5383 || cve,2000-0696 +1947 || WEB-MISC answerbook2 arbitrary command execution attempt || bugtraq,1556 || cve,2000-0697 +1948 || DNS zone transfer UDP || arachnids,212 || cve,1999-0532 || nessus,10595 +1949 || RPC portmap SET attempt TCP 111 +1950 || RPC portmap SET attempt UDP 111 +1951 || RPC mountd TCP mount request +1952 || RPC mountd UDP mount request +1953 || RPC AMD TCP pid request +1954 || RPC AMD UDP pid request +1955 || RPC AMD TCP version request +1956 || RPC AMD UDP version request || bugtraq,1554 || cve,2000-0696 +1957 || RPC sadmind UDP PING || bugtraq,866 +1958 || RPC sadmind TCP PING || bugtraq,866 +1959 || RPC portmap NFS request UDP +1960 || RPC portmap NFS request TCP +1961 || RPC portmap RQUOTA request UDP +1962 || RPC portmap RQUOTA request TCP +1963 || RPC RQUOTA getquota overflow attempt UDP || bugtraq,864 || cve,1999-0974 +1964 || RPC tooltalk UDP overflow attempt || bugtraq,122 || cve,1999-0003 +1965 || RPC tooltalk TCP overflow attempt || bugtraq,122 || cve,1999-0003 +1966 || MISC GlobalSunTech Access Point Information Disclosure attempt || bugtraq,6100 +1967 || WEB-PHP phpbb quick-reply.php arbitrary command attempt || bugtraq,6173 +1968 || WEB-PHP phpbb quick-reply.php access || bugtraq,6173 +1969 || WEB-MISC ion-p access || bugtraq,6091 || cve,2002-1559 +1970 || WEB-IIS MDAC Content-Type overflow attempt || bugtraq,6214 || cve,2002-1142 || url,www.foundstone.com/knowledge/randd-advisories-display.html?id=337 +1971 || FTP SITE EXEC format string attempt +1972 || FTP PASS overflow attempt || bugtraq,10078 || bugtraq,10720 || bugtraq,1690 || bugtraq,3884 || bugtraq,8601 || bugtraq,9285 || cve,1999-1519 || cve,1999-1539 || cve,2000-1035 || cve,2002-0126 || cve,2002-0895 +1973 || FTP MKD overflow attempt || bugtraq,612 || bugtraq,7278 || bugtraq,9872 || cve,1999-0911 || nessus,12108 +1974 || FTP REST overflow attempt || bugtraq,2972 || cve,2001-0826 +1975 || FTP DELE overflow attempt || bugtraq,2972 || cve,2001-0826 || cve,2001-1021 +1976 || FTP RMD overflow attempt || bugtraq,2972 || cve,2000-0133 || cve,2001-0826 || cve,2001-1021 +1977 || WEB-MISC xp_regwrite attempt +1978 || WEB-MISC xp_regdeletekey attempt +1979 || WEB-MISC perl post attempt || bugtraq,5520 || cve,2002-1436 || nessus,11158 +1980 || BACKDOOR DeepThroat 3.1 Connection attempt || mcafee,98574 || nessus,10053 +1981 || BACKDOOR DeepThroat 3.1 Connection attempt [3150] || mcafee,98574 || nessus,10053 +1982 || BACKDOOR DeepThroat 3.1 Server Response [3150] || arachnids,106 || mcafee,98574 || nessus,10053 +1983 || BACKDOOR DeepThroat 3.1 Connection attempt [4120] || mcafee,98574 || nessus,10053 +1984 || BACKDOOR DeepThroat 3.1 Server Response [4120] || arachnids,106 || mcafee,98574 || nessus,10053 +1985 || BACKDOOR Doly 1.5 server response +1986 || CHAT MSN file transfer request +1987 || MISC xfs overflow attempt || bugtraq,6241 || cve,2002-1317 || nessus,11188 +1988 || CHAT MSN file transfer accept +1989 || CHAT MSN file transfer reject +1990 || CHAT MSN user search +1991 || CHAT MSN login attempt +1992 || FTP LIST directory traversal attempt || bugtraq,2618 || cve,2001-0680 || cve,2002-1054 || nessus,11112 +1993 || IMAP login literal buffer overflow attempt || bugtraq,6298 +1994 || WEB-CGI vpasswd.cgi access || bugtraq,6038 || nessus,11165 +1995 || WEB-CGI alya.cgi access || nessus,11118 +1996 || WEB-CGI viralator.cgi access || bugtraq,3495 || cve,2001-0849 || nessus,11107 +1997 || WEB-PHP read_body.php access attempt || bugtraq,6302 || cve,2002-1341 +1998 || WEB-PHP calendar.php access || bugtraq,5820 || bugtraq,9353 || nessus,11179 +1999 || WEB-PHP edit_image.php access || bugtraq,3288 || cve,2001-1020 || nessus,11104 +2000 || WEB-PHP readmsg.php access || cve,2001-1408 || nessus,11073 +2001 || WEB-CGI smartsearch.cgi access || bugtraq,7133 +2002 || WEB-PHP remote include path +2003 || MS-SQL Worm propagation attempt || bugtraq,5310 || bugtraq,5311 || cve,2002-0649 || nessus,11214 || url,vil.nai.com/vil/content/v_99992.htm +2004 || MS-SQL Worm propagation attempt OUTBOUND || bugtraq,5310 || bugtraq,5311 || cve,2002-0649 || nessus,11214 || url,vil.nai.com/vil/content/v_99992.htm +2005 || RPC portmap kcms_server request UDP || bugtraq,6665 || cve,2003-0027 || url,www.kb.cert.org/vuls/id/850785 +2006 || RPC portmap kcms_server request TCP || bugtraq,6665 || cve,2003-0027 || url,www.kb.cert.org/vuls/id/850785 +2007 || RPC kcms_server directory traversal attempt || bugtraq,6665 || cve,2003-0027 || url,www.kb.cert.org/vuls/id/850785 +2008 || MISC CVS invalid user authentication response +2009 || MISC CVS invalid repository response +2010 || MISC CVS double free exploit attempt response || bugtraq,6650 || cve,2003-0015 +2011 || MISC CVS invalid directory response || bugtraq,6650 || cve,2003-0015 +2012 || MISC CVS missing cvsroot response +2013 || MISC CVS invalid module response +2014 || RPC portmap UNSET attempt TCP 111 || bugtraq,1892 +2015 || RPC portmap UNSET attempt UDP 111 || bugtraq,1892 +2016 || RPC portmap status request TCP || arachnids,15 +2017 || RPC portmap espd request UDP || bugtraq,2714 || cve,2001-0331 +2018 || RPC mountd TCP dump request +2019 || RPC mountd UDP dump request +2020 || RPC mountd TCP unmount request +2021 || RPC mountd UDP unmount request +2022 || RPC mountd TCP unmountall request +2023 || RPC mountd UDP unmountall request +2024 || RPC RQUOTA getquota overflow attempt TCP || bugtraq,864 || cve,1999-0974 +2025 || RPC yppasswd username overflow attempt UDP || bugtraq,2763 || cve,2001-0779 +2026 || RPC yppasswd username overflow attempt TCP || bugtraq,2763 || cve,2001-0779 +2027 || RPC yppasswd old password overflow attempt UDP +2028 || RPC yppasswd old password overflow attempt TCP +2029 || RPC yppasswd new password overflow attempt UDP +2030 || RPC yppasswd new password overflow attempt TCP +2031 || RPC yppasswd user update UDP +2032 || RPC yppasswd user update TCP +2033 || RPC ypserv maplist request UDP || bugtraq,5914 || bugtraq,6016 || cve,2002-1232 +2034 || RPC ypserv maplist request TCP || Cve,CAN-2002-1232 || bugtraq,5914 || bugtraq,6016 +2035 || RPC portmap network-status-monitor request UDP +2036 || RPC portmap network-status-monitor request TCP +2037 || RPC network-status-monitor mon-callback request UDP +2038 || RPC network-status-monitor mon-callback request TCP +2039 || MISC bootp hostname format string attempt || bugtraq,4701 || cve,2002-0702 || nessus,11312 +2040 || POLICY xtacacs login attempt +2041 || MISC xtacacs failed login response +2042 || POLICY xtacacs accepted login response +2043 || MISC isakmp login failed +2044 || POLICY PPTP Start Control Request attempt +2045 || RPC snmpXdmi overflow attempt UDP || bugtraq,2417 || cve,2001-0236 || url,www.cert.org/advisories/CA-2001-05.html +2046 || IMAP partial body.peek buffer overflow attempt || bugtraq,4713 || cve,2002-0379 +2047 || MISC rsyncd module list access +2048 || MISC rsyncd overflow attempt || bugtraq,9153 || cve,2003-0962 || nessus,11943 +2049 || MS-SQL ping attempt || nessus,10674 +2050 || MS-SQL version overflow attempt || bugtraq,5310 || cve,2002-0649 || nessus,10674 +2051 || WEB-CGI cached_feed.cgi moreover shopping cart access || bugtraq,1762 || cve,2000-0906 +2052 || WEB-CGI overflow.cgi access || bugtraq,6326 || cve,2002-1361 || nessus,11190 || url,www.cert.org/advisories/CA-2002-35.html +2053 || WEB-CGI process_bug.cgi access || bugtraq,3272 || cve,2002-0008 +2054 || WEB-CGI enter_bug.cgi arbitrary command attempt || cve,2002-0008 +2055 || WEB-CGI enter_bug.cgi access || cve,2002-0008 +2056 || WEB-MISC TRACE attempt || bugtraq,9561 || nessus,11213 || url,www.whitehatsec.com/press_releases/WH-PR-20030120.pdf +2057 || WEB-MISC helpout.exe access || bugtraq,6002 || cve,2002-1169 || nessus,11162 +2058 || WEB-MISC MsmMask.exe attempt || nessus,11163 +2059 || WEB-MISC MsmMask.exe access || nessus,11163 +2060 || WEB-MISC DB4Web access || nessus,11180 +2061 || WEB-MISC Tomcat null byte directory listing attempt || bugtraq,2518 || bugtraq,6721 || cve,2003-0042 +2062 || WEB-MISC iPlanet .perf access || nessus,11220 +2063 || WEB-MISC Demarc SQL injection attempt || bugtraq,4520 || cve,2002-0539 +2064 || WEB-MISC Lotus Notes .csp script source download attempt || bugtraq,6841 +2065 || WEB-MISC Lotus Notes .csp script source download attempt +2066 || WEB-MISC Lotus Notes .pl script source download attempt || bugtraq,6841 +2067 || WEB-MISC Lotus Notes .exe script source download attempt || bugtraq,6841 +2068 || WEB-MISC BitKeeper arbitrary command attempt || bugtraq,6588 +2069 || WEB-MISC chip.ini access || bugtraq,2755 || bugtraq,2775 || cve,2001-0749 || cve,2001-0771 +2070 || WEB-MISC post32.exe arbitrary command attempt || bugtraq,1485 +2071 || WEB-MISC post32.exe access || bugtraq,1485 +2072 || WEB-MISC lyris.pl access || bugtraq,1584 || cve,2000-0758 +2073 || WEB-MISC globals.pl access || bugtraq,2671 || cve,2001-0330 +2074 || WEB-PHP Mambo uploadimage.php upload php file attempt || bugtraq,6572 +2075 || WEB-PHP Mambo upload.php upload php file attempt || bugtraq,6572 +2076 || WEB-PHP Mambo uploadimage.php access || bugtraq,6572 +2077 || WEB-PHP Mambo upload.php access || bugtraq,6572 +2078 || WEB-PHP phpBB privmsg.php access || bugtraq,6634 +2079 || RPC portmap nlockmgr request UDP || bugtraq,1372 || cve,2000-0508 +2080 || RPC portmap nlockmgr request TCP || bugtraq,1372 || cve,2000-0508 +2081 || RPC portmap rpc.xfsmd request UDP || bugtraq,5072 || bugtraq,5075 || cve,2002-0359 +2082 || RPC portmap rpc.xfsmd request TCP || bugtraq,5072 || bugtraq,5075 || cve,2002-0359 +2083 || RPC rpc.xfsmd xfs_export attempt UDP || bugtraq,5072 || bugtraq,5075 || cve,2002-0359 +2084 || RPC rpc.xfsmd xfs_export attempt TCP || bugtraq,5072 || bugtraq,5075 || cve,2002-0359 +2085 || WEB-CGI parse_xml.cgi access || bugtraq,6960 || cve,2003-0054 +2086 || WEB-CGI streaming server parse_xml.cgi access || bugtraq,6960 || cve,2003-0054 +2087 || SMTP From comment overflow attempt || bugtraq,6991 || cve,2002-1337 || url,www.kb.cert.org/vuls/id/398025 +2088 || RPC ypupdated arbitrary command attempt UDP +2089 || RPC ypupdated arbitrary command attempt TCP +2090 || WEB-IIS WEBDAV exploit attempt || bugtraq,7116 || bugtraq,7716 || cve,2003-0109 || nessus,11413 || url,www.microsoft.com/technet/security/bulletin/ms03-007.mspx +2091 || WEB-IIS WEBDAV nessus safe scan attempt || bugtraq,7116 || cve,2003-0109 || nessus,11412 || nessus,11413 || url,www.microsoft.com/technet/security/bulletin/ms03-007.mspx +2092 || RPC portmap proxy integer overflow attempt UDP || bugtraq,7123 || cve,2003-0028 +2093 || RPC portmap proxy integer overflow attempt TCP || bugtraq,7123 || cve,2003-0028 +2094 || RPC CMSD UDP CMSD_CREATE array buffer overflow attempt || bugtraq,5356 || cve,2002-0391 +2095 || RPC CMSD TCP CMSD_CREATE array buffer overflow attempt || bugtraq,5356 || cve,2002-0391 +2100 || BACKDOOR SubSeven 2.1 Gold server connection response || mcafee,10566 || nessus,10409 +2101 || NETBIOS SMB SMB_COM_TRANSACTION Max Parameter and Max Count of 0 DOS Attempt || bugtraq,5556 || cve,2002-0724 || nessus,11110 || url,www.corest.com/common/showdoc.php?idx=262 || url,www.microsoft.com/technet/security/bulletin/MS02-045.mspx +2102 || NETBIOS SMB SMB_COM_TRANSACTION Max Data Count of 0 DOS Attempt || bugtraq,5556 || cve,2002-0724 || nessus,11110 || url,www.corest.com/common/showdoc.php?idx=262 || url,www.microsoft.com/technet/security/bulletin/MS02-045.mspx +2103 || NETBIOS SMB trans2open buffer overflow attempt || bugtraq,7294 || cve,2003-0201 || url,www.digitaldefense.net/labs/advisories/DDI-1013.txt +2104 || ATTACK-RESPONSES rexec username too long response || bugtraq,7459 +2105 || IMAP authenticate literal overflow attempt || cve,1999-0042 || nessus,10292 +2106 || IMAP lsub overflow attempt || bugtraq,1110 || cve,2000-0284 || nessus,10374 +2107 || IMAP create buffer overflow attempt || bugtraq,7446 +2108 || POP3 CAPA overflow attempt +2109 || POP3 TOP overflow attempt +2110 || POP3 STAT overflow attempt +2111 || POP3 DELE overflow attempt +2112 || POP3 RSET overflow attempt +2113 || RSERVICES rexec username overflow attempt +2114 || RSERVICES rexec password overflow attempt +2115 || WEB-CGI album.pl access || bugtraq,7444 || nessus,11581 +2116 || WEB-CGI chipcfg.cgi access || bugtraq,2767 || cve,2001-1341 || url,archives.neohapsis.com/archives/bugtraq/2001-05/0233.html +2117 || WEB-IIS Battleaxe Forum login.asp access || bugtraq,7416 || cve,2003-0215 +2118 || IMAP list overflow attempt || bugtraq,1110 || cve,2000-0284 || nessus,10374 +2119 || IMAP rename literal overflow attempt || bugtraq,1110 || cve,2000-0284 || nessus,10374 +2120 || IMAP create literal buffer overflow attempt || bugtraq,7446 +2121 || POP3 DELE negative argument attempt || bugtraq,6053 || bugtraq,7445 || cve,2002-1539 +2122 || POP3 UIDL negative argument attempt || bugtraq,6053 || cve,2002-1539 || nessus,11570 +2123 || ATTACK-RESPONSES Microsoft cmd.exe banner || nessus,11633 +2124 || BACKDOOR Remote PC Access connection attempt || nessus,11673 +2125 || FTP CWD Root directory transversal attempt || bugtraq,7674 || cve,2003-0392 || nessus,11677 +2126 || MISC Microsoft PPTP Start Control Request buffer overflow attempt || bugtraq,5807 || cve,2002-1214 +2127 || WEB-CGI ikonboard.cgi access || bugtraq,7361 || nessus,11605 +2128 || WEB-CGI swsrv.cgi access || bugtraq,7510 || cve,2003-0217 || nessus,11608 +2129 || WEB-IIS nsiislog.dll access || bugtraq,8035 || cve,2003-0227 || cve,2003-0349 || nessus,11664 || url,www.microsoft.com/technet/security/bulletin/ms03-018.mspx +2130 || WEB-IIS IISProtect siteadmin.asp access || bugtraq,7675 || cve,2003-0377 || nessus,11662 +2131 || WEB-IIS IISProtect access || nessus,11661 +2132 || WEB-IIS Synchrologic Email Accelerator userid list access attempt || nessus,11657 +2133 || WEB-IIS MS BizTalk server access || bugtraq,7469 || bugtraq,7470 || cve,2003-0117 || cve,2003-0118 || nessus,11638 +2134 || WEB-IIS register.asp access || nessus,11621 +2135 || WEB-MISC philboard.mdb access || nessus,11682 +2136 || WEB-MISC philboard_admin.asp authentication bypass attempt || bugtraq,7739 || nessus,11675 +2137 || WEB-MISC philboard_admin.asp access || bugtraq,7739 || nessus,11675 +2138 || WEB-MISC logicworks.ini access || bugtraq,6996 || nessus,11639 +2139 || WEB-MISC /*.shtml access || bugtraq,1517 || cve,2000-0683 || nessus,11604 +2140 || WEB-PHP p-news.php access || nessus,11669 +2141 || WEB-PHP shoutbox.php directory traversal attempt || nessus,11668 +2142 || WEB-PHP shoutbox.php access || nessus,11668 +2143 || WEB-PHP b2 cafelog gm-2-b2.php remote file include attempt || nessus,11667 +2144 || WEB-PHP b2 cafelog gm-2-b2.php access || nessus,11667 +2145 || WEB-PHP TextPortal admin.php default password admin attempt || bugtraq,7673 || nessus,11660 +2146 || WEB-PHP TextPortal admin.php default password 12345 attempt || bugtraq,7673 || nessus,11660 +2147 || WEB-PHP BLNews objects.inc.php4 remote file include attempt || bugtraq,7677 || cve,2003-0394 || nessus,11647 +2148 || WEB-PHP BLNews objects.inc.php4 access || bugtraq,7677 || cve,2003-0394 || nessus,11647 +2149 || WEB-PHP Turba status.php access || nessus,11646 +2150 || WEB-PHP ttCMS header.php remote file include attempt || bugtraq,7542 || bugtraq,7543 || bugtraq,7625 || nessus,11636 +2151 || WEB-PHP ttCMS header.php access || bugtraq,7542 || bugtraq,7543 || bugtraq,7625 || nessus,11636 +2152 || WEB-PHP test.php access || nessus,11617 +2153 || WEB-PHP autohtml.php directory traversal attempt || nessus,11630 +2154 || WEB-PHP autohtml.php access || nessus,11630 +2155 || WEB-PHP ttforum remote file include attempt || bugtraq,7542 || bugtraq,7543 || nessus,11615 +2156 || WEB-MISC mod_gzip_status access || nessus,11685 +2157 || WEB-IIS IISProtect globaladmin.asp access || nessus,11661 +2158 || MISC BGP invalid length || bugtraq,6213 || cve,2002-1350 || url,sf.net/tracker/index.php?func=detail&aid=744523&group_id=53066&atid=469575 +2159 || MISC BGP invalid type 0 || bugtraq,6213 || cve,2002-1350 +2160 || VIRUS OUTBOUND .exe file attachment +2161 || VIRUS OUTBOUND .doc file attachment +2162 || VIRUS OUTBOUND .hta file attachment +2163 || VIRUS OUTBOUND .chm file attachment +2164 || VIRUS OUTBOUND .reg file attachment +2165 || VIRUS OUTBOUND .ini file attachment +2166 || VIRUS OUTBOUND .bat file attachment +2167 || VIRUS OUTBOUND .diz file attachment +2168 || VIRUS OUTBOUND .cpp file attachment +2169 || VIRUS OUTBOUND .dll file attachment +2170 || VIRUS OUTBOUND .vxd file attachment +2171 || VIRUS OUTBOUND .sys file attachment +2172 || VIRUS OUTBOUND .com file attachment +2173 || VIRUS OUTBOUND .hsq file attachment +2174 || NETBIOS SMB winreg create tree attempt +2175 || NETBIOS SMB winreg unicode create tree attempt +2176 || NETBIOS SMB startup folder access +2177 || NETBIOS SMB startup folder unicode access +2178 || FTP USER format string attempt || bugtraq,7474 || bugtraq,7776 || bugtraq,9262 || bugtraq,9402 || bugtraq,9600 || bugtraq,9800 || cve,2004-0277 || nessus,10041 || nessus,11687 +2179 || FTP PASS format string attempt || bugtraq,7474 || bugtraq,9262 || bugtraq,9800 || cve,2000-0699 +2180 || P2P BitTorrent announce request +2181 || P2P BitTorrent transfer +2182 || BACKDOOR typot trojan traffic || mcafee,100406 +2183 || SMTP Content-Transfer-Encoding overflow attempt || cve,2003-0161 || url,www.cert.org/advisories/CA-2003-12.html +2184 || RPC mountd TCP mount path overflow attempt || bugtraq,8179 || cve,2003-0252 || nessus,11800 +2185 || RPC mountd UDP mount path overflow attempt || bugtraq,8179 || cve,2003-0252 || nessus,11800 +2186 || BAD-TRAFFIC IP Proto 53 SWIPE || bugtraq,8211 || cve,2003-0567 +2187 || BAD-TRAFFIC IP Proto 55 IP Mobility || bugtraq,8211 || cve,2003-0567 +2188 || BAD-TRAFFIC IP Proto 77 Sun ND || bugtraq,8211 || cve,2003-0567 +2189 || BAD-TRAFFIC IP Proto 103 PIM || bugtraq,8211 || cve,2003-0567 +2190 || NETBIOS DCERPC invalid bind attempt +2191 || NETBIOS SMB DCERPC invalid bind attempt +2192 || NETBIOS DCERPC ISystemActivator bind attempt || bugtraq,8205 || cve,2003-0352 || nessus,11808 || url,www.microsoft.com/technet/security/bulletin/MS03-026.mspx +2193 || NETBIOS SMB-DS DCERPC ISystemActivator bind attempt || bugtraq,8205 || cve,2003-0352 || nessus,11808 || url,www.microsoft.com/technet/security/bulletin/MS03-026.mspx +2194 || WEB-CGI CSMailto.cgi access || bugtraq,4579 || bugtraq,6265 || cve,2002-0749 || nessus,11748 +2195 || WEB-CGI alert.cgi access || bugtraq,4211 || bugtraq,4579 || cve,2002-0346 || nessus,11748 +2196 || WEB-CGI catgy.cgi access || bugtraq,3714 || bugtraq,4579 || cve,2001-1212 || nessus,11748 +2197 || WEB-CGI cvsview2.cgi access || bugtraq,4579 || bugtraq,5517 || cve,2003-0153 || nessus,11748 +2198 || WEB-CGI cvslog.cgi access || bugtraq,4579 || bugtraq,5517 || cve,2003-0153 || nessus,11748 +2199 || WEB-CGI multidiff.cgi access || bugtraq,4579 || bugtraq,5517 || cve,2003-0153 || nessus,11748 +2200 || WEB-CGI dnewsweb.cgi access || bugtraq,1172 || bugtraq,4579 || cve,2000-0423 || nessus,11748 +2201 || WEB-CGI download.cgi access || bugtraq,4579 || cve,1999-1377 || nessus,11748 +2202 || WEB-CGI edit_action.cgi access || bugtraq,3698 || bugtraq,4579 || cve,2001-1196 || nessus,11748 +2203 || WEB-CGI everythingform.cgi access || bugtraq,2101 || bugtraq,4579 || cve,2001-0023 || nessus,11748 +2204 || WEB-CGI ezadmin.cgi access || bugtraq,4068 || bugtraq,4579 || cve,2002-0263 || nessus,11748 +2205 || WEB-CGI ezboard.cgi access || bugtraq,4068 || bugtraq,4579 || cve,2002-0263 || nessus,11748 +2206 || WEB-CGI ezman.cgi access || bugtraq,4068 || bugtraq,4579 || cve,2002-0263 || nessus,11748 +2207 || WEB-CGI fileseek.cgi access || bugtraq,4579 || bugtraq,6784 || cve,2002-0611 || nessus,11748 +2208 || WEB-CGI fom.cgi access || bugtraq,4579 || cve,2002-0230 || nessus,11748 +2209 || WEB-CGI getdoc.cgi access || bugtraq,4579 || cve,2000-0288 || nessus,11748 +2210 || WEB-CGI global.cgi access || bugtraq,4579 || cve,2000-0952 || nessus,11748 +2211 || WEB-CGI guestserver.cgi access || bugtraq,4579 || cve,2001-0180 || nessus,11748 +2212 || WEB-CGI imageFolio.cgi access || bugtraq,4579 || bugtraq,6265 || cve,2002-1334 || nessus,11748 +2213 || WEB-CGI mailfile.cgi access || bugtraq,1807 || bugtraq,4579 || cve,2000-0977 || nessus,11748 +2214 || WEB-CGI mailview.cgi access || bugtraq,1335 || bugtraq,4579 || cve,2000-0526 || nessus,11748 +2215 || WEB-CGI nsManager.cgi access || bugtraq,1710 || bugtraq,4579 || cve,2000-1023 || nessus,11748 +2216 || WEB-CGI readmail.cgi access || bugtraq,3427 || bugtraq,4579 || cve,2001-1283 || nessus,11748 +2217 || WEB-CGI printmail.cgi access || bugtraq,3427 || bugtraq,4579 || cve,2001-1283 || nessus,11748 +2218 || WEB-CGI service.cgi access || bugtraq,4211 || bugtraq,4579 || cve,2002-0346 || nessus,11748 +2219 || WEB-CGI setpasswd.cgi access || bugtraq,2212 || bugtraq,4579 || cve,2001-0133 || nessus,11748 +2220 || WEB-CGI simplestmail.cgi access || bugtraq,2106 || bugtraq,4579 || cve,2001-0022 || nessus,11748 +2221 || WEB-CGI ws_mail.cgi access || bugtraq,2861 || bugtraq,4579 || cve,2001-1343 || nessus,11748 +2222 || WEB-CGI nph-exploitscanget.cgi access || bugtraq,7910 || bugtraq,7911 || bugtraq,7913 || cve,2003-0434 || nessus,11740 +2223 || WEB-CGI csNews.cgi access || bugtraq,4994 || cve,2002-0923 || nessus,11726 +2224 || WEB-CGI psunami.cgi access || bugtraq,6607 || nessus,11750 +2225 || WEB-CGI gozila.cgi access || bugtraq,6086 || cve,2002-1236 || nessus,11773 +2226 || WEB-PHP pmachine remote file include attempt || bugtraq,7919 || nessus,11739 +2227 || WEB-PHP forum_details.php access || bugtraq,7933 || nessus,11760 +2228 || WEB-PHP phpMyAdmin db_details_importdocsql.php access || bugtraq,7962 || bugtraq,7965 || nessus,11761 +2229 || WEB-PHP viewtopic.php access || bugtraq,7979 || cve,2003-0486 || nessus,11767 +2230 || WEB-MISC NetGear router default password login attempt admin/password || nessus,11737 +2231 || WEB-MISC register.dll access || bugtraq,3327 || cve,2001-0958 || nessus,11747 +2232 || WEB-MISC ContentFilter.dll access || bugtraq,3327 || cve,2001-0958 || nessus,11747 +2233 || WEB-MISC SFNofitication.dll access || bugtraq,3327 || cve,2001-0958 || nessus,11747 +2234 || WEB-MISC TOP10.dll access || bugtraq,3327 || cve,2001-0958 || nessus,11747 +2235 || WEB-MISC SpamExcp.dll access || bugtraq,3327 || cve,2001-0958 || nessus,11747 +2236 || WEB-MISC spamrule.dll access || bugtraq,3327 || cve,2001-0958 || nessus,11747 +2237 || WEB-MISC cgiWebupdate.exe access || bugtraq,3216 || cve,2001-1150 || nessus,11722 +2238 || WEB-MISC WebLogic ConsoleHelp view source attempt || bugtraq,1518 || cve,2000-0682 || nessus,11724 +2239 || WEB-MISC redirect.exe access || bugtraq,1256 || cve,2000-0401 +2240 || WEB-MISC changepw.exe access || bugtraq,1256 || cve,2000-0401 +2241 || WEB-MISC cwmail.exe access || bugtraq,4093 || cve,2002-0273 || nessus,11727 +2242 || WEB-MISC ddicgi.exe access || bugtraq,1657 || cve,2000-0826 || nessus,11728 +2243 || WEB-MISC ndcgi.exe access || cve,2001-0922 || nessus,11730 +2244 || WEB-MISC VsSetCookie.exe access || bugtraq,3784 || cve,2002-0236 || nessus,11731 +2245 || WEB-MISC Webnews.exe access || bugtraq,4124 || cve,2002-0290 || nessus,11732 +2246 || WEB-MISC webadmin.dll access || bugtraq,7438 || bugtraq,7439 || bugtraq,8024 || cve,2003-0471 || nessus,11771 +2247 || WEB-IIS UploadScript11.asp access || cve,2001-0938 +2248 || WEB-IIS DirectoryListing.asp access || cve,2001-0938 +2249 || WEB-IIS /pcadmin/login.asp access || bugtraq,8103 || nessus,11785 +2250 || POP3 USER format string attempt || bugtraq,10976 || bugtraq,7667 || cve,2003-0391 || nessus,11742 +2251 || NETBIOS DCERPC Remote Activation bind attempt || bugtraq,8234 || bugtraq,8458 || cve,2003-0528 || cve,2003-0605 || cve,2003-0715 || nessus,11798 || nessus,11835 || url,www.microsoft.com/technet/security/bulletin/MS03-039.mspx +2252 || NETBIOS SMB-DS DCERPC Remote Activation bind attempt || bugtraq,8234 || bugtraq,8458 || cve,2003-0528 || cve,2003-0605 || cve,2003-0715 || nessus,11798 || nessus,11835 || url,www.microsoft.com/technet/security/bulletin/MS03-039.mspx +2253 || SMTP XEXCH50 overflow attempt || bugtraq,8838 || cve,2003-0714 || nessus,11889 || url,www.microsoft.com/technet/security/bulletin/MS03-046.mspx +2254 || SMTP XEXCH50 overflow with evasion attempt || url,www.microsoft.com/technet/security/bulletin/MS03-046.mspx +2255 || RPC sadmind query with root credentials attempt TCP +2256 || RPC sadmind query with root credentials attempt UDP +2257 || NETBIOS DCERPC Messenger Service buffer overflow attempt || bugtraq,8826 || cve,2003-0717 || nessus,11888 || nessus,11890 || url,www.microsoft.com/technet/security/bulletin/MS03-043.mspx +2258 || NETBIOS SMB-DS DCERPC Messenger Service buffer overflow attempt || bugtraq,8826 || cve,2003-0717 || nessus,11888 || nessus,11890 || url,www.microsoft.com/technet/security/bulletin/MS03-043.mspx +2259 || SMTP EXPN overflow attempt || bugtraq,6991 || bugtraq,7230 || cve,2002-1337 || cve,2003-0161 +2260 || SMTP VRFY overflow attempt || bugtraq,6991 || bugtraq,7230 || cve,2002-1337 || cve,2003-0161 +2261 || SMTP SEND FROM sendmail prescan too many addresses overflow || bugtraq,6991 || cve,2002-1337 || nessus,11316 +2262 || SMTP SEND FROM sendmail prescan too long addresses overflow || bugtraq,7230 || cve,2003-0161 +2263 || SMTP SAML FROM sendmail prescan too many addresses overflow || bugtraq,6991 || cve,2002-1337 +2264 || SMTP SAML FROM sendmail prescan too long addresses overflow || bugtraq,7230 || cve,2003-0161 +2265 || SMTP SOML FROM sendmail prescan too many addresses overflow || bugtraq,6991 || cve,2002-1337 +2266 || SMTP SOML FROM sendmail prescan too long addresses overflow || bugtraq,7230 || cve,2003-0161 +2267 || SMTP MAIL FROM sendmail prescan too many addresses overflow || bugtraq,6991 || cve,2002-1337 +2268 || SMTP MAIL FROM sendmail prescan too long addresses overflow || bugtraq,7230 || cve,2003-0161 +2269 || SMTP RCPT TO sendmail prescan too many addresses overflow || bugtraq,6991 || cve,2002-1337 +2270 || SMTP RCPT TO sendmail prescan too long addresses overflow || bugtraq,7230 || cve,2003-0161 +2271 || BACKDOOR FsSniffer connection attempt || nessus,11854 +2272 || FTP LIST integer overflow attempt || bugtraq,8875 || cve,2003-0853 || cve,2003-0854 +2273 || IMAP login brute force attempt +2274 || POP3 login brute force attempt +2275 || SMTP AUTH LOGON brute force attempt +2276 || WEB-MISC oracle portal demo access || nessus,11918 +2277 || WEB-MISC PeopleSoft PeopleBooks psdoccgi access || bugtraq,9037 || bugtraq,9038 || cve,2003-0626 || cve,2003-0627 +2278 || WEB-MISC client negative Content-Length attempt || bugtraq,9098 || bugtraq,9476 || bugtraq,9576 || cve,2004-0095 +2279 || WEB-PHP UpdateClasses.php access || bugtraq,9057 +2280 || WEB-PHP Title.php access || bugtraq,9057 +2281 || WEB-PHP Setup.php access || bugtraq,9057 +2282 || WEB-PHP GlobalFunctions.php access || bugtraq,9057 +2283 || WEB-PHP DatabaseFunctions.php access || bugtraq,9057 +2284 || WEB-PHP rolis guestbook remote file include attempt || bugtraq,9057 +2285 || WEB-PHP rolis guestbook access || bugtraq,9057 +2286 || WEB-PHP friends.php access || bugtraq,9088 +2287 || WEB-PHP Advanced Poll admin_comment.php access || bugtraq,8890 || nessus,11487 +2288 || WEB-PHP Advanced Poll admin_edit.php access || bugtraq,8890 || nessus,11487 +2289 || WEB-PHP Advanced Poll admin_embed.php access || bugtraq,8890 || nessus,11487 +2290 || WEB-PHP Advanced Poll admin_help.php access || bugtraq,8890 || nessus,11487 +2291 || WEB-PHP Advanced Poll admin_license.php access || bugtraq,8890 || nessus,11487 +2292 || WEB-PHP Advanced Poll admin_logout.php access || bugtraq,8890 || nessus,11487 +2293 || WEB-PHP Advanced Poll admin_password.php access || bugtraq,8890 || nessus,11487 +2294 || WEB-PHP Advanced Poll admin_preview.php access || bugtraq,8890 || nessus,11487 +2295 || WEB-PHP Advanced Poll admin_settings.php access || bugtraq,8890 || nessus,11487 +2296 || WEB-PHP Advanced Poll admin_stats.php access || bugtraq,8890 || nessus,11487 +2297 || WEB-PHP Advanced Poll admin_templates_misc.php access || bugtraq,8890 || nessus,11487 +2298 || WEB-PHP Advanced Poll admin_templates.php access || bugtraq,8890 || nessus,11487 +2299 || WEB-PHP Advanced Poll admin_tpl_misc_new.php access || bugtraq,8890 || nessus,11487 +2300 || WEB-PHP Advanced Poll admin_tpl_new.php access || bugtraq,8890 || nessus,11487 +2301 || WEB-PHP Advanced Poll booth.php access || bugtraq,8890 || nessus,11487 +2302 || WEB-PHP Advanced Poll poll_ssi.php access || bugtraq,8890 || nessus,11487 +2303 || WEB-PHP Advanced Poll popup.php access || bugtraq,8890 || nessus,11487 +2304 || WEB-PHP files.inc.php access || bugtraq,8910 +2305 || WEB-PHP chatbox.php access || bugtraq,8930 +2306 || WEB-PHP gallery remote file include attempt || bugtraq,8814 || nessus,11876 +2307 || WEB-PHP PayPal Storefront remote file include attempt || bugtraq,8791 || nessus,11873 +2308 || NETBIOS SMB DCERPC Workstation Service unicode bind attempt || bugtraq,9011 || cve,2003-0812 || url,www.microsoft.com/technet/security/bulletin/MS03-049.mspx +2309 || NETBIOS SMB DCERPC Workstation Service bind attempt || bugtraq,9011 || cve,2003-0812 || url,www.microsoft.com/technet/security/bulletin/MS03-049.mspx +2310 || NETBIOS SMB-DS DCERPC Workstation Service unicode bind attempt || bugtraq,9011 || cve,2003-0812 || url,www.microsoft.com/technet/security/bulletin/MS03-049.mspx +2311 || NETBIOS SMB-DS DCERPC Workstation Service bind attempt || bugtraq,9011 || cve,2003-0812 || url,www.microsoft.com/technet/security/bulletin/MS03-049.mspx +2312 || SHELLCODE x86 0x71FB7BAB NOOP +2313 || SHELLCODE x86 0x71FB7BAB NOOP unicode +2314 || SHELLCODE x86 0x90 NOOP unicode +2315 || NETBIOS DCERPC Workstation Service direct service bind attempt || bugtraq,9011 || cve,2003-0812 || url,www.microsoft.com/technet/security/bulletin/MS03-049.mspx +2316 || NETBIOS DCERPC Workstation Service direct service access attempt || bugtraq,9011 || cve,2003-0812 || url,www.microsoft.com/technet/security/bulletin/MS03-049.mspx +2317 || MISC CVS non-relative path error response || bugtraq,9178 || cve,2003-0977 +2318 || MISC CVS non-relative path access attempt || bugtraq,9178 || cve,2003-0977 +2319 || EXPLOIT ebola PASS overflow attempt || bugtraq,9156 +2320 || EXPLOIT ebola USER overflow attempt || bugtraq,9156 +2321 || WEB-IIS foxweb.exe access || nessus,11939 +2322 || WEB-IIS foxweb.dll access || nessus,11939 +2323 || WEB-CGI quickstore.cgi access || bugtraq,9282 || nessus,11975 +2324 || WEB-IIS VP-ASP shopsearch.asp access || bugtraq,9133 || bugtraq,9134 || nessus,11942 +2325 || WEB-IIS VP-ASP ShopDisplayProducts.asp access || bugtraq,9133 || bugtraq,9134 || nessus,11942 +2326 || WEB-IIS sgdynamo.exe access || bugtraq,4720 || cve,2002-0375 || nessus,11955 +2327 || WEB-MISC bsml.pl access || bugtraq,9311 || nessus,11973 +2328 || WEB-PHP authentication_index.php access || cve,2004-0032 || nessus,11982 +2329 || MS-SQL probe response overflow attempt || bugtraq,9407 || cve,2003-0903 || url,www.microsoft.com/technet/security/bulletin/MS04-003.mspx +2330 || IMAP auth overflow attempt || bugtraq,8861 +2331 || WEB-PHP MatrikzGB privilege escalation attempt || bugtraq,8430 +2332 || FTP MKDIR format string attempt || bugtraq,9262 +2333 || FTP RENAME format string attempt || bugtraq,9262 +2334 || FTP Yak! FTP server default account login attempt || bugtraq,9072 +2335 || FTP RMD / attempt || bugtraq,9159 +2336 || TFTP NULL command attempt || bugtraq,7575 +2337 || TFTP PUT filename overflow attempt || bugtraq,7819 || bugtraq,8505 || cve,2003-0380 +2338 || FTP LIST buffer overflow attempt || bugtraq,10181 || bugtraq,6869 || bugtraq,7251 || bugtraq,7861 || bugtraq,8486 || bugtraq,9675 || cve,1999-0349 || cve,1999-1510 || cve,2000-0129 +2339 || TFTP NULL command attempt || bugtraq,7575 +2340 || FTP SITE CHMOD overflow attempt || bugtraq,10181 || bugtraq,9483 || bugtraq,9675 || cve,1999-0838 || nessus,12037 +2341 || WEB-PHP DCP-Portal remote file include attempt || bugtraq,6525 +2342 || WEB-PHP DCP-Portal remote file include attempt || bugtraq,6525 +2343 || FTP STOR overflow attempt || bugtraq,8668 || cve,2000-0133 +2344 || FTP XCWD overflow attempt || bugtraq,8704 +2345 || WEB-PHP PhpGedView search.php access || bugtraq,9369 || cve,2004-0032 +2346 || WEB-PHP myPHPNuke chatheader.php access || bugtraq,6544 +2347 || WEB-PHP myPHPNuke partner.php access || bugtraq,6544 +2348 || NETBIOS SMB-DS DCERPC print spool bind attempt +2349 || NETBIOS SMB-DS DCERPC enumerate printers request attempt +2350 || NETBIOS DCERPC ISystemActivator bind accept || bugtraq,8205 || cve,2003-0352 || nessus,11808 || url,www.microsoft.com/technet/security/bulletin/MS03-026.mspx +2351 || NETBIOS DCERPC ISystemActivator path overflow attempt little endian || bugtraq,8205 || cve,2003-0352 || nessus,11808 || url,www.microsoft.com/technet/security/bulletin/MS03-026.mspx +2352 || NETBIOS DCERPC ISystemActivator path overflow attempt big endian || bugtraq,8205 || cve,2003-0352 || nessus,11808 || url,www.microsoft.com/technet/security/bulletin/MS03-026.mspx +2353 || WEB-PHP IdeaBox cord.php file include || bugtraq,7488 +2354 || WEB-PHP IdeaBox notification.php file include || bugtraq,7488 +2355 || WEB-PHP Invision Board emailer.php file include || bugtraq,7204 +2356 || WEB-PHP WebChat db_mysql.php file include || bugtraq,7000 +2357 || WEB-PHP WebChat english.php file include || bugtraq,7000 +2358 || WEB-PHP Typo3 translations.php file include || bugtraq,6984 +2359 || WEB-PHP Invision Board ipchat.php file include || bugtraq,6976 +2360 || WEB-PHP myphpPagetool pt_config.inc file include || bugtraq,6744 +2361 || WEB-PHP news.php file include || bugtraq,6674 +2362 || WEB-PHP YaBB SE packages.php file include || bugtraq,6663 +2363 || WEB-PHP Cyboards default_header.php access || bugtraq,6597 +2364 || WEB-PHP Cyboards options_form.php access || bugtraq,6597 +2365 || WEB-PHP newsPHP Language file include attempt || bugtraq,8488 +2366 || WEB-PHP PhpGedView PGV authentication_index.php base directory manipulation attempt || bugtraq,9368 || cve,2004-0030 +2367 || WEB-PHP PhpGedView PGV functions.php base directory manipulation attempt || bugtraq,9368 || cve,2004-0030 +2368 || WEB-PHP PhpGedView PGV config_gedcom.php base directory manipulation attempt || bugtraq,9368 || cve,2004-0030 +2369 || WEB-MISC ISAPISkeleton.dll access || bugtraq,9516 +2370 || WEB-MISC BugPort config.conf file access || bugtraq,9542 +2371 || WEB-MISC Sample_showcode.html access || bugtraq,9555 +2372 || WEB-PHP Photopost PHP Pro showphoto.php access || bugtraq,9557 +2373 || FTP XMKD overflow attempt || bugtraq,7909 || cve,2000-0133 || cve,2001-1021 +2374 || FTP NLST overflow attempt || bugtraq,10184 || bugtraq,7909 || bugtraq,9675 || cve,1999-1544 +2375 || BACKDOOR DoomJuice file upload attempt || url,securityresponse.symantec.com/avcenter/venc/data/w32.hllw.doomjuice.html +2376 || EXPLOIT ISAKMP first payload certificate request length overflow attempt || bugtraq,9582 || cve,2004-0040 +2377 || EXPLOIT ISAKMP second payload certificate request length overflow attempt || bugtraq,9582 || cve,2004-0040 +2378 || EXPLOIT ISAKMP third payload certificate request length overflow attempt || bugtraq,9582 || cve,2004-0040 +2379 || EXPLOIT ISAKMP forth payload certificate request length overflow attempt || bugtraq,9582 || cve,2004-0040 +2380 || EXPLOIT ISAKMP fifth payload certificate request length overflow attempt || bugtraq,9582 || cve,2004-0040 +2381 || WEB-MISC schema overflow attempt || bugtraq,9581 || cve,2004-0039 || nessus,12084 +2382 || NETBIOS SMB DCERPC NTLMSSP asn1 overflow attempt || bugtraq,9633 || bugtraq,9635 || cve,2003-0818 || nessus,12052 || nessus,12065 +2383 || NETBIOS SMB-DS DCERPC NTLMSSP asn1 overflow attempt || bugtraq,9633 || bugtraq,9635 || cve,2003-0818 || nessus,12052 || nessus,12065 +2384 || NETBIOS SMB NTLMSSP invalid mechlistMIC attempt || bugtraq,9633 || bugtraq,9635 || cve,2003-0818 || nessus,12052 || nessus,12054 || nessus,12065 +2385 || NETBIOS SMB-DS DCERPC NTLMSSP invalid mechlistMIC attempt || bugtraq,9633 || bugtraq,9635 || cve,2003-0818 || nessus,12052 || nessus,12054 || nessus,12065 +2386 || WEB-IIS NTLM ASN.1 vulnerability scan attempt || bugtraq,9633 || bugtraq,9635 || cve,2003-0818 || nessus,12052 || nessus,12055 || nessus,12065 +2387 || WEB-CGI view_broadcast.cgi access || bugtraq,8257 || cve,2003-0422 +2388 || WEB-CGI streaming server view_broadcast.cgi access || bugtraq,8257 || cve,2003-0422 +2389 || FTP RNTO overflow attempt || bugtraq,8315 || cve,2000-0133 || cve,2001-1021 || cve,2003-0466 +2390 || FTP STOU overflow attempt || bugtraq,8315 || cve,2003-0466 +2391 || FTP APPE overflow attempt || bugtraq,8315 || bugtraq,8542 || cve,2000-0133 || cve,2003-0466 +2392 || FTP RETR overflow attempt || bugtraq,8315 || cve,2003-0466 || cve,2004-0287 || cve,2004-0298 +2393 || WEB-PHP /_admin access || bugtraq,9537 || nessus,12032 +2394 || WEB-MISC Compaq web-based management agent denial of service attempt || bugtraq,8014 +2395 || WEB-MISC InteractiveQuery.jsp access || bugtraq,8938 || cve,2003-0624 +2396 || WEB-CGI CCBill whereami.cgi arbitrary command execution attempt || bugtraq,8095 || url,secunia.com/advisories/9191/ +2397 || WEB-CGI CCBill whereami.cgi access || bugtraq,8095 || url,secunia.com/advisories/9191/ +2398 || WEB-PHP WAnewsletter newsletter.php file include attempt || bugtraq,6965 +2399 || WEB-PHP WAnewsletter db_type.php access || bugtraq,6964 +2400 || WEB-MISC edittag.pl access || bugtraq,6675 +2401 || NETBIOS SMB Session Setup AndX request username overflow attempt || bugtraq,9752 || url,www.eeye.com/html/Research/Advisories/AD20040226.html +2402 || NETBIOS SMB-DS Session Setup AndX request username overflow attempt || bugtraq,9752 || url,www.eeye.com/html/Research/Advisories/AD20040226.html +2403 || NETBIOS SMB Session Setup AndX request unicode username overflow attempt || bugtraq,9752 || url,www.eeye.com/html/Research/Advisories/AD20040226.html +2404 || NETBIOS SMB-DS Session Setup AndX request unicode username overflow attempt || bugtraq,9752 || url,www.eeye.com/html/Research/Advisories/AD20040226.html +2405 || WEB-PHP phptest.php access || bugtraq,9737 +2406 || TELNET APC SmartSlot default admin account attempt || bugtraq,9681 || cve,2004-0311 || nessus,12066 +2407 || WEB-MISC util.pl access || bugtraq,9748 +2408 || WEB-MISC Invision Power Board search.pl access || bugtraq,9766 +2409 || POP3 APOP USER overflow attempt || bugtraq,9794 +2410 || WEB-PHP IGeneric Free Shopping Cart page.php access || bugtraq,9773 +2411 || WEB-MISC Real Server DESCRIBE buffer overflow attempt || bugtraq,8476 || url,www.service.real.com/help/faq/security/rootexploit091103.html +2412 || ATTACK-RESPONSES successful cross site scripting forced download attempt +2413 || EXPLOIT ISAKMP delete hash with empty hash attempt || bugtraq,9416 || bugtraq,9417 || cve,2004-0164 +2414 || EXPLOIT ISAKMP initial contact notification without SPI attempt || bugtraq,9416 || bugtraq,9417 || cve,2004-0164 +2415 || EXPLOIT ISAKMP second payload initial contact notification without SPI attempt || bugtraq,9416 || bugtraq,9417 || cve,2004-0164 +2416 || FTP invalid MDTM command attempt || bugtraq,9751 || cve,2001-1021 || cve,2004-0330 +2417 || FTP format string attempt +2418 || MISC MS Terminal Server no encryption session initiation attempt || url,www.microsoft.com/technet/security/bulletin/MS01-052.mspx +2419 || MULTIMEDIA realplayer .ram playlist download attempt +2420 || MULTIMEDIA realplayer .rmp playlist download attempt +2421 || MULTIMEDIA realplayer .smi playlist download attempt +2422 || MULTIMEDIA realplayer .rt playlist download attempt +2423 || MULTIMEDIA realplayer .rp playlist download attempt +2424 || NNTP sendsys overflow attempt || bugtraq,9382 || cve,2004-00045 +2425 || NNTP senduuname overflow attempt || bugtraq,9382 || cve,2004-00045 +2426 || NNTP version overflow attempt || bugtraq,9382 || cve,2004-00045 +2427 || NNTP checkgroups overflow attempt || bugtraq,9382 || cve,2004-00045 +2428 || NNTP ihave overflow attempt || bugtraq,9382 || cve,2004-00045 +2429 || NNTP sendme overflow attempt || bugtraq,9382 || cve,2004-00045 +2430 || NNTP newgroup overflow attempt || bugtraq,9382 || cve,2004-00045 +2431 || NNTP rmgroup overflow attempt || bugtraq,9382 || cve,2004-00045 +2432 || NNTP article post without path attempt +2433 || WEB-CGI MDaemon form2raw.cgi overflow attempt || bugtraq,9317 || url,secunia.com/advisories/10512/ +2434 || WEB-CGI MDaemon form2raw.cgi access || bugtraq,9317 || url,secunia.com/advisories/10512/ +2435 || WEB-CLIENT Microsoft emf metafile access || bugtraq,10120 || bugtraq,9707 || cve,2003-0906 +2436 || WEB-CLIENT Microsoft wmf metafile access || bugtraq,10120 || bugtraq,9707 || cve,2003-0906 +2437 || WEB-CLIENT RealPlayer arbitrary javascript command attempt || bugtraq,8453 || bugtraq,9378 || cve,2003-0726 +2438 || WEB-CLIENT RealPlayer playlist file URL overflow attempt || bugtraq,9579 || cve,2004-0258 +2439 || WEB-CLIENT RealPlayer playlist http URL overflow attempt || bugtraq,9579 || cve,2004-0258 +2440 || WEB-CLIENT RealPlayer playlist rtsp URL overflow attempt || bugtraq,9579 || cve,2004-0258 +2441 || WEB-MISC NetObserve authentication bypass attempt || bugtraq,9319 +2442 || WEB-MISC Quicktime User-Agent buffer overflow attempt || bugtraq,9735 || cve,2004-0169 +2443 || EXPLOIT ICQ SRV_MULTI/SRV_META_USER first name overflow attempt || url,www.eeye.com/html/Research/Advisories/AD20040318.html +2444 || EXPLOIT ICQ SRV_MULTI/SRV_META_USER first name overflow attempt || url,www.eeye.com/html/Research/Advisories/AD20040318.html +2445 || EXPLOIT ICQ SRV_MULTI/SRV_META_USER last name overflow attempt || url,www.eeye.com/html/Research/Advisories/AD20040318.html +2446 || EXPLOIT ICQ SRV_MULTI/SRV_META_USER email overflow attempt || url,www.eeye.com/html/Research/Advisories/AD20040318.html +2447 || WEB-MISC ServletManager access || bugtraq,3697 || cve,2001-1195 || nessus,12122 +2448 || WEB-MISC setinfo.hts access || bugtraq,9973 || nessus,12120 +2449 || FTP ALLO overflow attempt || bugtraq,9953 +2450 || CHAT Yahoo IM successful logon +2451 || CHAT Yahoo IM voicechat +2452 || CHAT Yahoo IM ping +2453 || CHAT Yahoo IM conference invitation +2454 || CHAT Yahoo IM conference logon success +2455 || CHAT Yahoo IM conference message +2456 || CHAT Yahoo IM file transfer request +2457 || CHAT Yahoo IM message +2458 || CHAT Yahoo IM successful chat join +2459 || CHAT Yahoo IM conference offer invitation +2460 || CHAT Yahoo IM conference request +2461 || CHAT Yahoo IM conference watch +2462 || EXPLOIT IGMP IGAP account overflow attempt || bugtraq,9952 || cve,2004-0176 || cve,2004-0367 +2463 || EXPLOIT IGMP IGAP message overflow attempt || bugtraq,9952 || cve,2004-0176 || cve,2004-0367 +2464 || EXPLOIT EIGRP prefix length overflow attempt || bugtraq,9952 || cve,2004-0176 || cve,2004-0367 +2465 || NETBIOS SMB-DS IPC$ share access +2466 || NETBIOS SMB-DS IPC$ unicode share access +2467 || NETBIOS SMB D$ unicode share access +2468 || NETBIOS SMB-DS D$ share access +2469 || NETBIOS SMB-DS D$ unicode share access +2470 || NETBIOS SMB C$ unicode share access +2471 || NETBIOS SMB-DS C$ share access +2472 || NETBIOS SMB-DS C$ unicode share access +2473 || NETBIOS SMB ADMIN$ unicode share access +2474 || NETBIOS SMB-DS ADMIN$ share access +2475 || NETBIOS SMB-DS ADMIN$ unicode share access +2476 || NETBIOS SMB-DS winreg create tree attempt +2477 || NETBIOS SMB-DS winreg unicode create tree attempt +2478 || NETBIOS SMB-DS winreg bind attempt +2479 || NETBIOS SMB-DS winreg unicode bind attempt +2480 || NETBIOS SMB-DS InitiateSystemShutdown unicode attempt +2481 || NETBIOS SMB-DS InitiateSystemShutdown unicode little endian attempt +2482 || NETBIOS SMB-DS InitiateSystemShutdown attempt +2483 || NETBIOS SMB-DS InitiateSystemShutdown little endian attempt +2484 || WEB-MISC source.jsp access || nessus,12119 +2485 || WEB-CLIENT Nortan antivirus sysmspam.dll load attempt || bugtraq,9916 || cve,2004-0363 +2486 || DOS ISAKMP invalid identification payload attempt || bugtraq,10004 || cve,2004-0184 +2487 || SMTP WinZip MIME content-type buffer overflow || bugtraq,9758 || cve,2004-0333 || nessus,12621 +2488 || SMTP WinZip MIME content-disposition buffer overflow || bugtraq,9758 || cve,2004-0333 || nessus,12621 +2489 || EXPLOIT esignal STREAMQUOTE buffer overflow attempt || bugtraq,9978 +2490 || EXPLOIT esignal SNAPQUOTE buffer overflow attempt || bugtraq,9978 +2491 || NETBIOS SMB-DS DCERPC ISystemActivator unicode bind attempt || bugtraq,8811 || cve,2003-0813 || nessus,12206 || url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx +2492 || NETBIOS SMB DCERPC ISystemActivator bind attempt || bugtraq,8811 || cve,2003-0813 || nessus,12206 || url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx +2493 || NETBIOS SMB DCERPC ISystemActivator unicode bind attempt || bugtraq,8811 || cve,2003-0813 || nessus,12206 || url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx +2494 || NETBIOS DCEPRC ORPCThis request flood attempt || bugtraq,8811 || cve,2003-0813 || nessus,12206 || url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx +2495 || NETBIOS SMB DCEPRC ORPCThis request flood attempt || bugtraq,8811 || cve,2003-0813 || nessus,12206 || url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx +2496 || NETBIOS SMB-DS DCEPRC ORPCThis request flood attempt || bugtraq,8811 || cve,2003-0813 || nessus,12206 || url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx +2497 || IMAP SSLv3 invalid data version attempt || bugtraq,10115 || cve,2004-0120 || nessus,12204 || url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx +2498 || IMAP SSLv3 invalid timestamp attempt || bugtraq,10115 || cve,2004-0120 || nessus,12204 || url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx +2499 || MISC LDAP SSLv3 invalid timestamp attempt || bugtraq,10115 || cve,2004-0120 || nessus,12204 || url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx +2500 || MISC LDAP SSLv3 invalid data version attempt || url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx +2501 || POP3 SSLv3 invalid timestamp attempt || bugtraq,10115 || cve,2004-0120 || nessus,12204 || url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx +2502 || POP3 SSLv3 invalid data version attempt || bugtraq,10115 || cve,2004-0120 || nessus,12204 || url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx +2503 || SMTP SSLv3 invalid timestamp attempt || bugtraq,10115 || cve,2004-0120 || nessus,12204 || url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx +2504 || SMTP SSLv3 invalid data version attempt || bugtraq,10115 || cve,2004-0120 || nessus,12204 || url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx +2505 || WEB-MISC SSLv3 invalid data version attempt || bugtraq,10115 || cve,2004-0120 || nessus,12204 || url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx +2506 || WEB-MISC SSLv3 invalid timestamp attempt || bugtraq,10115 || cve,2004-0120 || nessus,12204 || url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx +2507 || NETBIOS DCERPC LSASS bind attempt || bugtraq,10108 || cve,2003-0533 || url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx +2508 || NETBIOS DCERPC LSASS DsRolerUpgradeDownlevelServer Exploit attempt || bugtraq,10108 || cve,2003-0533 || url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx +2509 || NETBIOS SMB DCERPC LSASS unicode bind attempt || bugtraq,10108 || cve,2003-0533 || url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx +2510 || NETBIOS SMB DCERPC LSASS bind attempt || bugtraq,10108 || cve,2003-0533 || url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx +2511 || NETBIOS SMB DCERPC LSASS DsRolerUpgradeDownlevelServer exploit attempt || bugtraq,10108 || cve,2003-0533 || url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx +2512 || NETBIOS SMB-DS DCERPC LSASS bind attempt || bugtraq,10108 || cve,2003-0533 || url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx +2513 || NETBIOS SMB-DS DCERPC LSASS unicode bind attempt || bugtraq,10108 || cve,2003-0533 || url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx +2514 || NETBIOS SMB-DS DCERPC LSASS DsRolerUpgradeDownlevelServer exploit attempt || bugtraq,10108 || cve,2003-0533 || url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx +2515 || WEB-MISC PCT Client_Hello overflow attempt || bugtraq,10116 || cve,2003-0719 || url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx +2516 || MISC LDAP PCT Client_Hello overflow attempt || bugtraq,10116 || cve,2003-0719 || url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx +2517 || IMAP PCT Client_Hello overflow attempt || bugtraq,10116 || cve,2003-0719 || url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx +2518 || POP3 PCT Client_Hello overflow attempt || bugtraq,10116 || cve,2003-0719 || url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx +2519 || SMTP Client_Hello overflow attempt || bugtraq,10116 || cve,2003-0719 || url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx +2520 || WEB-MISC SSLv3 Client_Hello request +2521 || WEB-MISC SSLv3 Server_Hello request +2522 || WEB-MISC SSLv3 invalid Client_Hello attempt || cve,2004-0120 || nessus,12204 || url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx +2523 || DOS BGP spoofed connection reset attempt || bugtraq,10183 || cve,2004-0230 || url,www.uniras.gov.uk/vuls/2004/236929/index.htm +2524 || NETBIOS DCERPC LSASS direct bind attempt || bugtraq,10108 || cve,2003-0533 || url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx +2525 || NETBIOS SMB DCERPC LSASS direct bind attempt || bugtraq,10108 || cve,2003-0533 || url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx +2526 || NETBIOS SMB-DS DCERPC LSASS direct bind attempt || bugtraq,10108 || cve,2003-0533 || url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx +2527 || SMTP STARTTLS attempt +2528 || SMTP TLS PCT Client_Hello overflow attempt || bugtraq,10116 || cve,2003-0719 || url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx +2529 || IMAP SSLv3 Client_Hello request || cve,2004-0120 || nessus,12204 || url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx +2530 || IMAP SSLv3 Server_Hello request || cve,2004-0120 || nessus,12204 || url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx +2531 || IMAP SSLv3 invalid Client_Hello attempt || cve,2004-0120 || nessus,12204 || url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx +2532 || MISC LDAP SSLv3 Client_Hello request || cve,2004-0120 || nessus,12204 || url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx +2533 || MISC LDAP SSLv3 Server_Hello request || cve,2004-0120 || nessus,12204 || url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx +2534 || MISC LDAP SSLv3 invalid Client_Hello attempt || cve,2004-0120 || nessus,12204 || url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx +2535 || POP3 SSLv3 Client_Hello request || cve,2004-0120 || nessus,12204 || url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx +2536 || POP3 SSLv3 Server_Hello request || cve,2004-0120 || nessus,12204 || url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx +2537 || POP3 SSLv3 invalid Client_Hello attempt || cve,2004-0120 || nessus,12204 || url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx +2538 || SMTP SSLv3 Client_Hello request || cve,2004-0120 || nessus,12204 || url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx +2539 || SMTP SSLv3 Server_Hello request || cve,2004-0120 || nessus,12204 || url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx +2540 || SMTP SSLv3 invalid Client_Hello attempt || cve,2004-0120 || nessus,12204 || url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx +2541 || SMTP TLS SSLv3 invalid data version attempt || bugtraq,10115 || cve,2004-0120 || nessus,12204 || url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx +2542 || SMTP TLS SSLv3 Client_Hello request || cve,2004-0120 || nessus,12204 || url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx +2543 || SMTP TLS SSLv3 Server_Hello request || cve,2004-0120 || nessus,12204 || url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx +2544 || SMTP TLS SSLv3 invalid Client_Hello attempt || cve,2004-0120 || nessus,12204 || url,www.microsoft.com/technet/security/bulletin/MS04-011.mspx +2545 || EXPLOIT AFP FPLoginExt username buffer overflow attempt || bugtraq,10271 || cve,2004-0430 || url,www.atstake.com/research/advisories/2004/a050304-1.txt +2546 || FTP MDTM overflow attempt || bugtraq,9751 || cve,2001-1021 || cve,2004-0330 || nessus,12080 +2547 || MISC HP Web JetAdmin remote file upload attempt || bugtraq,9978 +2548 || MISC HP Web JetAdmin setinfo access || bugtraq,9972 +2549 || MISC HP Web JetAdmin file write attempt || bugtraq,9973 +2550 || EXPLOIT winamp XM module name overflow || url,www.nextgenss.com/advisories/winampheap.txt +2551 || EXPLOIT Oracle Web Cache GET overflow attempt || bugtraq,9868 || cve,2004-0385 || nessus,12126 +2552 || EXPLOIT Oracle Web Cache HEAD overflow attempt || bugtraq,9868 || cve,2004-0385 || nessus,12126 +2553 || EXPLOIT Oracle Web Cache PUT overflow attempt || bugtraq,9868 || cve,2004-0385 || nessus,12126 +2554 || EXPLOIT Oracle Web Cache POST overflow attempt || bugtraq,9868 || cve,2004-0385 || nessus,12126 +2555 || EXPLOIT Oracle Web Cache TRACE overflow attempt || bugtraq,9868 || cve,2004-0385 || nessus,12126 +2556 || EXPLOIT Oracle Web Cache DELETE overflow attempt || bugtraq,9868 || cve,2004-0385 || nessus,12126 +2557 || EXPLOIT Oracle Web Cache LOCK overflow attempt || bugtraq,9868 || cve,2004-0385 || nessus,12126 +2558 || EXPLOIT Oracle Web Cache MKCOL overflow attempt || bugtraq,9868 || cve,2004-0385 || nessus,12126 +2559 || EXPLOIT Oracle Web Cache COPY overflow attempt || bugtraq,9868 || cve,2004-0385 || nessus,12126 +2560 || EXPLOIT Oracle Web Cache MOVE overflow attempt || bugtraq,9868 || cve,2004-0385 || nessus,12126 +2561 || MISC rsync backup-dir directory traversal attempt || bugtraq,10247 || cve,2004-0426 || nessus,12230 +2562 || WEB-MISC McAfee ePO file upload attempt || bugtraq,10200 || cve,2004-0038 +2563 || NETBIOS NS lookup response name overflow attempt || bugtraq,10333 || bugtraq,10334 || cve,2004-0444 || cve,2004-0445 || url,www.eeye.com/html/Research/Advisories/AD20040512A.html +2564 || NETBIOS NS lookup short response attempt || bugtraq,10334 || bugtraq,10335 || cve,2004-0444 || cve,2004-0445 || url,www.eeye.com/html/Research/Advisories/AD20040512C.html +2565 || WEB-PHP modules.php access || bugtraq,9879 +2566 || WEB-PHP PHPBB viewforum.php access || bugtraq,9865 || bugtraq,9866 || nessus,12093 +2567 || WEB-CGI Emumail init.emu access || bugtraq,9861 || nessus,12095 +2568 || WEB-CGI Emumail emumail.fcgi access || bugtraq,9861 || nessus,12095 +2569 || WEB-MISC cPanel resetpass access || bugtraq,9848 +2570 || WEB-MISC Invalid HTTP Version String || bugtraq,9809 || nessus,11593 +2571 || WEB-IIS SmarterTools SmarterMail frmGetAttachment.aspx access || bugtraq,9805 +2572 || WEB-IIS SmarterTools SmarterMail login.aspx buffer overflow attempt || bugtraq,9805 +2573 || WEB-IIS SmarterTools SmarterMail frmCompose.asp access || bugtraq,9805 +2574 || FTP RETR format string attempt || bugtraq,9800 +2575 || WEB-PHP Opt-X header.php remote file include attempt || bugtraq,9732 +2576 || ORACLE dbms_repcat.generate_replication_support buffer overflow attempt || url,www.appsecinc.com/Policy/PolicyCheck93.html +2577 || WEB-CLIENT local resource redirection attempt || cve,2004-0549 || url,www.kb.cert.org/vuls/id/713878 +2578 || EXPLOIT kerberos principal name overflow UDP || url,web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2003-005-buf.txt +2579 || EXPLOIT kerberos principal name overflow TCP || url,web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2003-005-buf.txt +2580 || WEB-MISC server negative Content-Length attempt || cve,2004-0492 || url,www.guninski.com/modproxy1.html +2581 || WEB-MISC Crystal Reports crystalimagehandler.aspx access || cve,2004-0204 || url,www.microsoft.com/security/bulletins/200406_crystal.mspx +2582 || WEB-MISC Crystal Reports crystalImageHandler.aspx directory traversal attempt || bugtraq,10260 || cve,2004-0204 || nessus,12271 || url,www.microsoft.com/security/bulletins/200406_crystal.mspx +2583 || MISC CVS Max-dotdot integer overflow attempt || bugtraq,10499 || cve,2004-0417 +2584 || EXPLOIT eMule buffer overflow attempt || bugtraq,10039 || nessus,12233 +2585 || WEB-MISC nessus 2.x 404 probe || nessus,10386 +2586 || P2P eDonkey transfer || url,www.kom.e-technik.tu-darmstadt.de/publications/abstracts/HB02-1.html +2587 || P2P eDonkey server response || url,www.emule-project.net +2588 || WEB-PHP TUTOS path disclosure attempt || bugtraq,10129 || url,www.securiteam.com/unixfocus/5FP0J15CKE.html +2589 || WEB-CLIENT Content-Disposition CLSID command attempt || bugtraq,9510 || cve,2004-0420 || url,www.microsoft.com/technet/security/bulletin/ms04-024.mspx +2590 || SMTP MAIL FROM overflow attempt || bugtraq,10290 || cve,2004-0399 || url,www.guninski.com/exim1.html +2591 || SMTP From command overflow attempt || bugtraq,10291 || cve,2004-0400 || url,www.guninski.com/exim1.html +2592 || SMTP ReplyTo command overflow attempt || bugtraq,10291 || cve,2004-0400 || url,www.guninski.com/exim1.html +2593 || SMTP Sender command overflow attempt || bugtraq,10291 || cve,2004-0400 || url,www.guninski.com/exim1.html +2594 || SMTP To command overflow attempt || bugtraq,10291 || cve,2004-0400 || url,www.guninski.com/exim1.html +2595 || SMTP CC command overflow attempt || bugtraq,10291 || cve,2004-0400 || url,www.guninski.com/exim1.html +2596 || SMTP BCC command overflow attempt || bugtraq,10291 || cve,2004-0400 || url,www.guninski.com/exim1.html +2597 || WEB-MISC Samba SWAT Authorization overflow attempt || bugtraq,10780 +2598 || WEB-MISC Samba SWAT Authorization port 901 overflow attempt || bugtraq,10780 +2599 || ORACLE dbms_repcat.add_grouped_column buffer overflow attempt +2600 || ORACLE add_grouped_column ordered sname/oname buffer overflow attempt || url,www.appsecinc.com/Policy/PolicyCheck633.html +2601 || ORACLE dbms_repcat.drop_master_repgroup buffer overflow attempt +2602 || ORACLE drop_master_repgroup ordered gname buffer overflow attempt || url,www.appsecinc.com/Policy/PolicyCheck87.html +2603 || ORACLE dbms_repcat.create_mview_repgroup buffer overflow attempt || url,www.appsecinc.com/Policy/PolicyCheck633.html +2604 || ORACLE create_mview_repgroup ordered fname buffer overflow attempt || url,www.appsecinc.com/Policy/PolicyCheck633.html +2605 || ORACLE dbms_repcat.compare_old_values buffer overflow attempt || url,www.appsecinc.com/Policy/PolicyCheck91.html +2606 || ORACLE dbms_repcat.comment_on_repobject buffer overflow attempt || url,www.appsecinc.com/Policy/PolicyCheck634.html +2607 || ORACLE comment_on_repobject ordered type buffer overflow attempt || url,www.appsecinc.com/Policy/PolicyCheck634.html +2608 || ORACLE sysdbms_repcat_rgt.check_ddl_text buffer overflow attempt || url,www.appsecinc.com/Policy/PolicyCheck97.html +2609 || ORACLE dbms_repcat.cancel_statistics buffer overflow attempt +2610 || ORACLE cancel_statistics ordered sname/oname buffer overflow attempt || url,www.appsecinc.com/Policy/PolicyCheck633.html +2611 || ORACLE LINK metadata buffer overflow attempt || bugtraq,7453 || cve,2003-0222 || url,archives.neohapsis.com/archives/bugtraq/2003-04/0360.html +2612 || ORACLE sys.dbms_repcat_auth.revoke_surrogate_repcat buffer overflow attempt || url,www.appsecinc.com/Policy/PolicyCheck97.html +2613 || ORACLE revoke_surrogate_repcat ordered userid buffer overflow attempt || url,www.appsecinc.com/Policy/PolicyCheck97.html +2614 || ORACLE time_zone buffer overflow attempt || bugtraq,9587 || url,www.nextgenss.com/advisories/ora_time_zone.txt +2615 || ORACLE sys.dbms_repcat_auth.grant_surrogate_repcat buffer overflow attempt || url,www.appsecinc.com/Policy/PolicyCheck97.html +2616 || ORACLE grant_surrogate_repcat ordered userid buffer overflow attempt || url,www.appsecinc.com/Policy/PolicyCheck97.html +2617 || ORACLE sys.dbms_repcat.alter_mview_propagation buffer overflow attempt || url,www.appsecinc.com/Policy/PolicyCheck632.html +2618 || ORACLE alter_mview_propagation ordered gname buffer overflow attempt || url,www.appsecinc.com/Policy/PolicyCheck632.html +2619 || ORACLE dbms_repcat.alter_master_repobject buffer overflow attempt || url,www.appsecinc.com/Policy/PolicyCheck634.html +2620 || ORACLE alter_master_repobject ordered type buffer overflow attempt || url,www.appsecinc.com/Policy/PolicyCheck634.html +2621 || ORACLE dbms_repcat_sna_utl.register_flavor_change buffer overflow attempt || url,www.appsecinc.com/Policy/PolicyCheck97.html +2622 || ORACLE dbms_repcat_utl.drop_an_object buffer overflow attempt || url,www.appsecinc.com/Policy/PolicyCheck97.html +2623 || ORACLE dbms_repcat_sna_utl.create_snapshot_repgroup buffer overflow attempt || url,www.appsecinc.com/Policy/PolicyCheck97.html +2624 || ORACLE dbms_repcat_admin.unregister_user_repgroup buffer overflow attempt || url,www.appsecinc.com/Policy/PolicyCheck94.html +2625 || ORACLE unregister_user_repgroup ordered privilege_type buffer overflow attempt || url,www.appsecinc.com/Policy/PolicyCheck94.html +2626 || ORACLE dbms_repcat.send_old_values buffer overflow attempt || url,www.appsecinc.com/Policy/PolicyCheck91.html +2627 || ORACLE dbms_repcat.repcat_import_check buffer overflow attempt || url,www.appsecinc.com/Policy/PolicyCheck90.html +2628 || ORACLE repcat_import_check ordered gowner/gname buffer overflow attempt || url,www.appsecinc.com/Policy/PolicyCheck90.html +2629 || ORACLE dbms_repcat_admin.register_user_repgroup buffer overflow attempt || url,www.appsecinc.com/Policy/PolicyCheck94.html +2630 || ORACLE register_user_repgroup ordered privilege_type buffer overflow attempt || url,www.appsecinc.com/Policy/PolicyCheck94.html +2631 || ORACLE dbms_repcat.refresh_mview_repgroup buffer overflow attempt || url,www.appsecinc.com/Policy/PolicyCheck90.html +2632 || ORACLE refresh_mview_repgroup ordered gowner buffer overflow attempt || url,www.appsecinc.com/Policy/PolicyCheck90.html +2633 || ORACLE sys.dbms_rectifier_diff.rectify buffer overflow attempt || url,www.appsecinc.com/Policy/PolicyCheck97.html +2634 || ORACLE rectifier_diff ordered sname1 buffer overflow attempt || url,www.appsecinc.com/Policy/PolicyCheck97.html +2635 || ORACLE dbms_offline_snapshot.end_load buffer overflow attempt || url,www.appsecinc.com/Policy/PolicyCheck632.html +2636 || ORACLE snapshot.end_load ordered gname buffer overflow attempt || url,www.appsecinc.com/Policy/PolicyCheck632.html +2637 || ORACLE dbms_repcat.drop_master_repobject buffer overflow attempt || url,www.appsecinc.com/Policy/PolicyCheck634.html +2638 || ORACLE drop_master_repobject ordered type buffer overflow attempt || url,www.appsecinc.com/Policy/PolicyCheck634.html +2639 || ORACLE dbms_repcat.drop_mview_repgroup buffer overflow attempt || url,www.appsecinc.com/Policy/PolicyCheck90.html +2640 || ORACLE drop_mview_repgroup ordered gowner/gname buffer overflow attempt || url,www.appsecinc.com/Policy/PolicyCheck90.html +2641 || ORACLE dbms_repcat_instantiate.drop_site_instantiation buffer overflow attempt +2642 || ORACLE drop_site_instantiation ordered refresh_template_name buffer overflow attempt || url,www.appsecinc.com/Policy/PolicyCheck629.html +2643 || ORACLE sys.dbms_repcat_fla.ensure_not_published buffer overflow attempt || url,www.appsecinc.com/Policy/PolicyCheck96.html +2644 || ORACLE from_tz buffer overflow attempt || url,www.nextgenss.com/advisories/ora_from_tz.txt +2645 || ORACLE dbms_repcat_instantiate.instantiate_offline buffer overflow attempt +2646 || ORACLE instantiate_offline ordered refresh_template_name buffer overflow attempt || url,www.appsecinc.com/Policy/PolicyCheck630.html +2647 || ORACLE dbms_repcat_instantiate.instantiate_online buffer overflow attempt +2648 || ORACLE instantiate_online ordered refresh_template_name buffer overflow attempt || url,www.appsecinc.com/Policy/PolicyCheck631.html +2649 || ORACLE service_name buffer overflow attempt || url,www.appsecinc.com/Policy/PolicyCheck52.html +2650 || ORACLE user name buffer overflow attempt || url,www.appsecinc.com/Policy/PolicyCheck62.html +2651 || ORACLE NUMTODSINTERVAL/NUMTOYMINTERVAL buffer overflow attempt || bugtraq,9587 || url,www.nextgenss.com/advisories/ora_numtodsinterval.txt || url,www.nextgenss.com/advisories/ora_numtoyminterval.txt +2652 || ORACLE dbms_offline_og.begin_load buffer overflow attempt || url,www.appsecinc.com/Policy/PolicyCheck632.html +2653 || ORACLE og.begin_load ordered gname buffer overflow attempt || url,www.appsecinc.com/Policy/PolicyCheck632.html +2654 || WEB-PHP PHPNuke Forum viewtopic SQL insertion attempt || bugtraq,7193 +2655 || MISC HP Web JetAdmin ExecuteFile admin access || bugtraq,10224 +2656 || EXPLOIT SSLv2 Client_Hello Challenge Length overflow attempt +2657 || EXPLOIT SSLv2 Client_Hello with pad Challenge Length overflow attempt +2658 || WEB-MISC SSLv2 Client_Hello request +2659 || WEB-MISC SSLv2 Client_Hello with pad request +2660 || WEB-MISC SSLv2 Server_Hello request +2661 || WEB-MISC TLS1 Client_Hello request +2662 || WEB-MISC TLS1 Server_Hello request +2663 || WEB-CGI WhatsUpGold instancename overflow attempt || bugtraq,11043 || cve,2004-0798 +2664 || IMAP login format string attempt || bugtraq,10976 +2665 || IMAP login literal format string attempt || bugtraq,10976 +2666 || POP3 PASS format string attempt || bugtraq,10976 +2667 || WEB-IIS ping.asp access || nessus,10968 +2668 || WEB-CGI processit access || nessus,10649 +2669 || WEB-CGI ibillpm.pl access || bugtraq,3476 || nessus,11083 +2670 || WEB-CGI pgpmail.pl access || cve,2001-0937 || nessus,11070 +2671 || WEB-CLIENT bitmap BitmapOffset integer overflow attempt || bugtraq,9663 || cve,2004-0566 +2672 || WEB-MISC sresult.exe access || bugtraq,10837 || nessus,14186 +2673 || WEB-CLIENT libpng tRNS overflow attempt || bugtraq,10872 || cve,2004-0597 +2674 || ORACLE dbms_repcat.add_delete_resolution buffer overflow attempt +2675 || ORACLE dbms_repcat_rgt.instantiate_offline buffer overflow attempt +2676 || ORACLE dbms_repcat_rgt.drop_site_instantiation buffer overflow attempt +2677 || ORACLE dbms_repcat_rgt.instantiate_online buffer overflow attempt +2678 || ORACLE ctx_output.start_log buffer overflow attempt +2679 || ORACLE sys.dbms_system.ksdwrt buffer overflow attempt +2680 || ORACLE ctxsys.driddlr.subindexpopulate buffer overflow attempt +2681 || ORACLE mdsys.sdo_admin.sdo_code_size buffer overflow attempt +2682 || ORACLE mdsys.md2.validate_geom buffer overflow attempt +2683 || ORACLE mdsys.md2.sdo_code_size buffer overflow attempt +2684 || ORACLE sys.ltutil.pushdeferredtxns buffer overflow attempt +2685 || ORACLE sys.dbms_repcat_rq.add_column buffer overflow attempt +2686 || ORACLE sys.dbms_rectifier_diff.differences buffer overflow attempt || url,www.appsecinc.com/Policy/PolicyCheck97.html +2687 || ORACLE sys.dbms_internal_repcat.validate buffer overflow attempt +2688 || ORACLE sys.dbms_internal_repcat.enable_receiver_trace buffer overflow attempt +2689 || ORACLE sys.dbms_internal_repcat.disable_receiver_trace buffer overflow attempt +2690 || ORACLE sys.dbms_defer_repcat.enable_propagation_to_dblink buffer overflow attempt +2691 || ORACLE sys.dbms_defer_internal_sys.parallel_push_recovery buffer overflow attempt +2692 || ORACLE sys.dbms_aqadm_sys.verify_queue_types buffer overflow attempt +2693 || ORACLE sys.dbms_aqadm.verify_queue_types_no_queue buffer overflow attempt +2694 || ORACLE sys.dbms_aqadm.verify_queue_types_get_nrp buffer overflow attempt +2695 || ORACLE sys.dbms_aq_import_internal.aq_table_defn_update buffer overflow attempt +2696 || ORACLE sys.dbms_repcat_utl.is_master buffer overflow attempt +2697 || ORACLE alter file buffer overflow attempt +2698 || ORACLE create file buffer overflow attempt +2699 || ORACLE TO_CHAR buffer overflow attempt +2700 || ORACLE numtoyminterval buffer overflow attempt +2701 || WEB-MISC Oracle iSQLPlus sid overflow attempt || bugtraq,10871 || url,www.nextgenss.com/advisories/ora-isqlplus.txt +2702 || WEB-MISC Oracle iSQLPlus username overflow attempt || bugtraq,10871 || url,www.nextgenss.com/advisories/ora-isqlplus.txt +2703 || WEB-MISC Oracle iSQLPlus login.uix username overflow attempt || bugtraq,10871 || url,www.nextgenss.com/advisories/ora-isqlplus.txt +2704 || WEB-MISC Oracle 10g iSQLPlus login.unix connectID overflow attempt || bugtraq,10871 || url,www.nextgenss.com/advisories/ora-isqlplus.txt +2705 || WEB-CLIENT JPEG parser heap overflow attempt || bugtraq,11173 || cve,2004-0200 || url,www.microsoft.com/security/bulletins/200409_jpeg.mspx +2706 || WEB-CLIENT JPEG transfer +2707 || WEB-CLIENT JPEG parser multipacket heap overflow || bugtraq,11173 || cve,2004-0200 || url,www.microsoft.com/security/bulletins/200409_jpeg.mspx +2708 || ORACLE dbms_offline_og.begin_flavor_change buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2709 || ORACLE dbms_offline_og.begin_instantiation buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2710 || ORACLE dbms_offline_og.begin_load buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2711 || ORACLE dbms_offline_og.end_flavor_change buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2712 || ORACLE dbms_offline_og.end_instantiation buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2713 || ORACLE dbms_offline_og.end_load buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2714 || ORACLE dbms_offline_og.resume_subset_of_masters buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2715 || ORACLE dbms_offline_snapshot.begin_load buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2716 || ORACLE dbms_offline_snapshot.end_load buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2717 || ORACLE dbms_rectifier_diff.differences buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2718 || ORACLE dbms_rectifier_diff.rectify buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2719 || ORACLE dbms_repcat.abort_flavor_definition buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2720 || ORACLE dbms_repcat.add_column_group_to_flavor buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2721 || ORACLE dbms_repcat.add_columns_to_flavor buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2722 || ORACLE dbms_repcat.add_object_to_flavor buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2723 || ORACLE dbms_repcat.add_priority_char buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2724 || ORACLE dbms_repcat.add_priority_date buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2725 || ORACLE dbms_repcat.add_priority_nchar buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2726 || ORACLE dbms_repcat.add_priority_number buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2727 || ORACLE dbms_repcat.add_priority_nvarchar2 buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2728 || ORACLE dbms_repcat.add_priority_raw buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2729 || ORACLE dbms_repcat.add_priority_varchar2 buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2730 || ORACLE dbms_repcat.add_site_priority_site buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2731 || ORACLE dbms_repcat.add_unique_resolution buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2732 || ORACLE dbms_repcat.add_update_resolution buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2733 || ORACLE dbms_repcat.alter_master_propagation buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2734 || ORACLE dbms_repcat.alter_mview_propagation buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2735 || ORACLE dbms_repcat.alter_priority_char buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2736 || ORACLE dbms_repcat.alter_priority_date buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2737 || ORACLE dbms_repcat.alter_priority_nchar buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2738 || ORACLE dbms_repcat.alter_priority_number buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2739 || ORACLE dbms_repcat.alter_priority_nvarchar2 buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2740 || ORACLE dbms_repcat.alter_priority_raw buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2741 || ORACLE dbms_repcat.alter_priority buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2742 || ORACLE dbms_repcat.alter_priority_varchar2 buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2743 || ORACLE dbms_repcat.alter_site_priority_site buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2744 || ORACLE dbms_repcat.alter_site_priority buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2745 || ORACLE dbms_repcat.alter_snapshot_propagation buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2746 || ORACLE dbms_repcat_auth.revoke_surrogate_repcat buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2747 || ORACLE dbms_repcat.begin_flavor_definition buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2748 || ORACLE dbms_repcat.comment_on_column_group buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2749 || ORACLE dbms_repcat.comment_on_delete_resolution buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2750 || ORACLE dbms_repcat.comment_on_mview_repsites buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2751 || ORACLE dbms_repcat.comment_on_priority_group buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2752 || ORACLE dbms_repcat.comment_on_repgroup buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2753 || ORACLE dbms_repcat.comment_on_repsites buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2754 || ORACLE dbms_repcat.comment_on_site_priority buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2755 || ORACLE dbms_repcat.comment_on_unique_resolution buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2756 || ORACLE dbms_repcat.comment_on_update_resolution buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2757 || ORACLE dbms_repcat.create_master_repgroup buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2758 || ORACLE dbms_repcat.create_master_repobject buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2759 || ORACLE dbms_repcat.create_snapshot_repgroup buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2760 || ORACLE dbms_repcat.define_column_group buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2761 || ORACLE dbms_repcat.define_priority_group buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2762 || ORACLE dbms_repcat.define_site_priority buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2763 || ORACLE dbms_repcat.do_deferred_repcat_admin buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2764 || ORACLE dbms_repcat.drop_column_group_from_flavor buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2765 || ORACLE dbms_repcat.drop_column_group buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2766 || ORACLE dbms_repcat.drop_columns_from_flavor buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2767 || ORACLE dbms_repcat.drop_delete_resolution buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2768 || ORACLE dbms_repcat.drop_grouped_column buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2769 || ORACLE dbms_repcat.drop_mview_repobject buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2770 || ORACLE dbms_repcat.drop_object_from_flavor buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2771 || ORACLE dbms_repcat.drop_priority_char buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2772 || ORACLE dbms_repcat.drop_priority_date buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2773 || ORACLE dbms_repcat.drop_priority_nchar buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2774 || ORACLE dbms_repcat.drop_priority_number buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2775 || ORACLE dbms_repcat.drop_priority_nvarchar2 buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2776 || ORACLE dbms_repcat.drop_priority_raw buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2777 || ORACLE dbms_repcat.drop_priority buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2778 || ORACLE dbms_repcat.drop_priority_varchar2 buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2779 || ORACLE dbms_repcat.drop_site_priority_site buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2780 || ORACLE dbms_repcat.drop_site_priority buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2781 || ORACLE dbms_repcat.drop_snapshot_repgroup buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2782 || ORACLE dbms_repcat.drop_snapshot_repobject buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2783 || ORACLE dbms_repcat.drop_unique_resolution buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2784 || ORACLE dbms_repcat.drop_update_resolution buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2785 || ORACLE dbms_repcat.execute_ddl buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2786 || ORACLE dbms_repcat.generate_replication_package buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2787 || ORACLE dbms_repcat_instantiate.instantiate_online buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2788 || ORACLE dbms_repcat.make_column_group buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2789 || ORACLE dbms_repcat.obsolete_flavor_definition buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2790 || ORACLE dbms_repcat.publish_flavor_definition buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2791 || ORACLE dbms_repcat.purge_flavor_definition buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2792 || ORACLE dbms_repcat.purge_master_log buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2793 || ORACLE dbms_repcat.purge_statistics buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2794 || ORACLE dbms_repcat.refresh_mview_repgroup buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2795 || ORACLE dbms_repcat.refresh_snapshot_repgroup buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2796 || ORACLE dbms_repcat.register_mview_repgroup buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2797 || ORACLE dbms_repcat.register_snapshot_repgroup buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2798 || ORACLE dbms_repcat.register_statistics buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2799 || ORACLE dbms_repcat.relocate_masterdef buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2800 || ORACLE dbms_repcat.rename_shadow_column_group buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2801 || ORACLE dbms_repcat.resume_master_activity buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2802 || ORACLE dbms_repcat_rgt.check_ddl_text buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2803 || ORACLE dbms_repcat_rgt.drop_site_instantiation buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2804 || ORACLE dbms_repcat.send_and_compare_old_values buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2805 || ORACLE dbms_repcat.set_columns buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2806 || ORACLE dbms_repcat.set_local_flavor buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2807 || ORACLE dbms_repcat.specify_new_masters buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2808 || ORACLE dbms_repcat.suspend_master_activity buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2809 || ORACLE dbms_repcat.unregister_mview_repgroup buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2810 || ORACLE dbms_repcat.unregister_snapshot_repgroup buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2811 || ORACLE dbms_repcat.validate_flavor_definition buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2812 || ORACLE dbms_repcat.validate_for_local_flavor buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2813 || ORACLE sys.dbms_repcat_fla.abort_flavor_definition buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2814 || ORACLE sys.dbms_repcat_fla.add_object_to_flavor buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2815 || ORACLE sys.dbms_repcat_fla.begin_flavor_definition buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2816 || ORACLE sys.dbms_repcat_fla.drop_object_from_flavor buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2817 || ORACLE sys.dbms_repcat_fla_mas.add_column_group_to_flavor buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2818 || ORACLE sys.dbms_repcat_fla_mas.add_columns_to_flavor buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2819 || ORACLE sys.dbms_repcat_fla_mas.drop_column_group_from_flavor buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2820 || ORACLE sys.dbms_repcat_fla_mas.drop_columns_from_flavor buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2821 || ORACLE sys.dbms_repcat_fla_mas.obsolete_flavor_definition buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2822 || ORACLE sys.dbms_repcat_fla_mas.publish_flavor_definition buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2823 || ORACLE sys.dbms_repcat_fla_mas.purge_flavor_definition buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2824 || ORACLE sys.dbms_repcat_fla.set_local_flavor buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2825 || ORACLE sys.dbms_repcat_fla.validate_flavor_definition buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2826 || ORACLE sys.dbms_repcat_fla.validate_for_local_flavor buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2827 || ORACLE sys.dbms_repcat_mas.alter_master_repobject buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2828 || ORACLE sys.dbms_repcat_mas.comment_on_repgroup buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2829 || ORACLE sys.dbms_repcat_mas.comment_on_repobject buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2830 || ORACLE sys.dbms_repcat_mas.create_master_repgroup buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2831 || ORACLE sys.dbms_repcat_mas.create_master_repobject buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2832 || ORACLE sys.dbms_repcat_mas.do_deferred_repcat_admin buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2833 || ORACLE sys.dbms_repcat_mas.drop_master_repgroup buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2834 || ORACLE sys.dbms_repcat_mas.generate_replication_package buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2835 || ORACLE sys.dbms_repcat_mas.purge_master_log buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2836 || ORACLE sys.dbms_repcat_mas.relocate_masterdef buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2837 || ORACLE sys.dbms_repcat_mas.rename_shadow_column_group buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2838 || ORACLE sys.dbms_repcat_mas.resume_master_activity buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2839 || ORACLE sys.dbms_repcat_mas.suspend_master_activity buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2840 || ORACLE sys.dbms_repcat_sna_utl.alter_snapshot_propagation buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2841 || ORACLE sys.dbms_repcat_sna_utl.create_snapshot_repgroup buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2842 || ORACLE sys.dbms_repcat_sna_utl.drop_snapshot_repgroup buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2843 || ORACLE sys.dbms_repcat_sna_utl.drop_snapshot_repobject buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2844 || ORACLE sys.dbms_repcat_sna_utl.refresh_snapshot_repgroup buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2845 || ORACLE sys.dbms_repcat_sna_utl.register_snapshot_repgroup buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2846 || ORACLE sys.dbms_repcat_sna_utl.repcat_import_check buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2847 || ORACLE sys.dbms_repcat_sna_utl.unregister_snapshot_repgroup buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2848 || ORACLE sys.dbms_repcat_utl4.drop_master_repobject buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2849 || ORACLE sys.dbms_repcat_utl.drop_an_object buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2850 || ORACLE dbms_repcat.create_mview_repobject buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2851 || ORACLE dbms_repcat.create_snapshot_repobject buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2852 || ORACLE dbms_repcat.generate_mview_support buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2853 || ORACLE dbms_repcat.generate_replication_trigger buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2854 || ORACLE dbms_repcat.generate_snapshot_support buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2855 || ORACLE dbms_repcat.remove_master_databases buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2856 || ORACLE dbms_repcat.switch_mview_master buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2857 || ORACLE dbms_repcat.switch_snapshot_master buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2858 || ORACLE sys.dbms_repcat_conf.add_delete_resolution buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2859 || ORACLE sys.dbms_repcat_conf.add_priority_char buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2860 || ORACLE sys.dbms_repcat_conf.add_priority_date buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2861 || ORACLE sys.dbms_repcat_conf.add_priority_nchar buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2862 || ORACLE sys.dbms_repcat_conf.add_priority_number buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2863 || ORACLE sys.dbms_repcat_conf.add_priority_nvarchar2 buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2864 || ORACLE sys.dbms_repcat_conf.add_priority_raw buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2865 || ORACLE sys.dbms_repcat_conf.add_priority_varchar2 buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2866 || ORACLE sys.dbms_repcat_conf.add_site_priority_site buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2867 || ORACLE sys.dbms_repcat_conf.add_unique_resolution buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2868 || ORACLE sys.dbms_repcat_conf.add_update_resolution buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2869 || ORACLE sys.dbms_repcat_conf.alter_priority_char buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2870 || ORACLE sys.dbms_repcat_conf.alter_priority_date buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2871 || ORACLE sys.dbms_repcat_conf.alter_priority_nchar buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2872 || ORACLE sys.dbms_repcat_conf.alter_priority_number buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2873 || ORACLE sys.dbms_repcat_conf.alter_priority_nvarchar2 buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2874 || ORACLE sys.dbms_repcat_conf.alter_priority_raw buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2875 || ORACLE sys.dbms_repcat_conf.alter_priority buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2876 || ORACLE sys.dbms_repcat_conf.alter_priority_varchar2 buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2877 || ORACLE sys.dbms_repcat_conf.alter_site_priority_site buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2878 || ORACLE sys.dbms_repcat_conf.alter_site_priority buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2879 || ORACLE sys.dbms_repcat_conf.cancel_statistics buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2880 || ORACLE sys.dbms_repcat_conf.comment_on_delete_resolution buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2881 || ORACLE sys.dbms_repcat_conf.comment_on_priority_group buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2882 || ORACLE sys.dbms_repcat_conf.comment_on_site_priority buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2883 || ORACLE sys.dbms_repcat_conf.comment_on_unique_resolution buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2884 || ORACLE sys.dbms_repcat_conf.comment_on_update_resolution buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2885 || ORACLE sys.dbms_repcat_conf.define_priority_group buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2886 || ORACLE sys.dbms_repcat_conf.define_site_priority buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2887 || ORACLE sys.dbms_repcat_conf.drop_delete_resolution buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2888 || ORACLE sys.dbms_repcat_conf.drop_priority_char buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2889 || ORACLE sys.dbms_repcat_conf.drop_priority_date buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2890 || ORACLE sys.dbms_repcat_conf.drop_priority_nchar buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2891 || ORACLE sys.dbms_repcat_conf.drop_priority_number buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2892 || ORACLE sys.dbms_repcat_conf.drop_priority_nvarchar2 buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2893 || ORACLE sys.dbms_repcat_conf.drop_priority_raw buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2894 || ORACLE sys.dbms_repcat_conf.drop_priority buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2895 || ORACLE sys.dbms_repcat_conf.drop_priority_varchar2 buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2896 || ORACLE sys.dbms_repcat_conf.drop_site_priority_site buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2897 || ORACLE sys.dbms_repcat_conf.drop_site_priority buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2898 || ORACLE sys.dbms_repcat_conf.drop_unique_resolution buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2899 || ORACLE sys.dbms_repcat_conf.drop_update_resolution buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2900 || ORACLE sys.dbms_repcat_conf.purge_statistics buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2901 || ORACLE sys.dbms_repcat_conf.register_statistics buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2902 || ORACLE sys.dbms_repcat_sna.alter_snapshot_propagation buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2903 || ORACLE sys.dbms_repcat_sna.create_snapshot_repgroup buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2904 || ORACLE sys.dbms_repcat_sna.create_snapshot_repobject buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2905 || ORACLE sys.dbms_repcat_sna.create_snapshot_repschema buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2906 || ORACLE sys.dbms_repcat_sna.drop_snapshot_repgroup buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2907 || ORACLE sys.dbms_repcat_sna.drop_snapshot_repobject buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2908 || ORACLE sys.dbms_repcat_sna.drop_snapshot_repschema buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2909 || ORACLE sys.dbms_repcat_sna.generate_snapshot_support buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2910 || ORACLE sys.dbms_repcat_sna.refresh_snapshot_repgroup buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2911 || ORACLE sys.dbms_repcat_sna.refresh_snapshot_repschema buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2912 || ORACLE sys.dbms_repcat_sna.register_snapshot_repgroup buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2913 || ORACLE sys.dbms_repcat_sna.repcat_import_check buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2914 || ORACLE sys.dbms_repcat_sna.set_local_flavor buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2915 || ORACLE sys.dbms_repcat_sna.switch_snapshot_master buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2916 || ORACLE sys.dbms_repcat_sna.unregister_snapshot_repgroup buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2917 || ORACLE sys.dbms_repcat_sna_utl.switch_snapshot_master buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2918 || ORACLE sys.dbms_repcat_sna.validate_for_local_flavor buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2919 || ORACLE sys.dbms_repcat_untrusted.register_snapshot_repgroup buffer overflow attempt || url,www.appsecinc.com/resources/alerts/oracle/2004-0001/25.html +2921 || DNS UDP inverse query || bugtraq,2302 || cve,2001-0010 +2922 || DNS TCP inverse query || bugtraq,2302 || cve,2001-0010 +2923 || NETBIOS SMB repeated logon failure +2924 || NETBIOS SMB-DS repeated logon failure +2925 || INFO web bug 0x0 gif attempt +2926 || WEB-PHP PhpGedView PGV base directory manipulation || bugtraq,9368 +2927 || NNTP XPAT pattern overflow attempt || cve,2004-0574 || url,www.microsoft.com/technet/security/bulletin/MS04-036.mspx +2928 || NETBIOS SMB nddeapi create tree attempt || bugtraq,11372 || cve,CAN-2004-0206 +2929 || NETBIOS SMB nddeapi unicode create tree attempt || bugtraq,11372 || cve,CAN-2004-0206 +2930 || NETBIOS SMB-DS nddeapi create tree attempt || bugtraq,11372 || cve,CAN-2004-0206 +2931 || NETBIOS SMB-DS nddeapi unicode create tree attempt || bugtraq,11372 || cve,CAN-2004-0206 +2932 || NETBIOS SMB nddeapi bind attempt || bugtraq,11372 || cve,CAN-2004-0206 +2933 || NETBIOS SMB nddeapi unicode bind attempt || bugtraq,11372 || cve,CAN-2004-0206 +2934 || NETBIOS SMB-DS nddeapi bind attempt || bugtraq,11372 || cve,CAN-2004-0206 +2935 || NETBIOS SMB-DS nddeapi unicode bind attempt || bugtraq,11372 || cve,CAN-2004-0206 +2936 || NETBIOS SMB NDdeSetTrustedShareW overflow attempt || bugtraq,11372 || cve,CAN-2004-0206 +2937 || NETBIOS SMB NDdeSetTrustedShareW unicode overflow attempt || bugtraq,11372 || cve,CAN-2004-0206 +2938 || NETBIOS SMB-DS NDdeSetTrustedShareW overflow attempt || bugtraq,11372 || cve,CAN-2004-0206 +2939 || NETBIOS SMB-DS NDdeSetTrustedShareW unicode overflow attempt || bugtraq,11372 || cve,CAN-2004-0206 +2940 || NETBIOS SMB winreg bind attempt +2941 || NETBIOS SMB winreg unicode bind attempt +2942 || NETBIOS SMB InitiateSystemShutdown attempt +2943 || NETBIOS SMB InitiateSystemShutdown little endian attempt +2944 || NETBIOS SMB InitiateSystemShutdown unicode attempt +2945 || NETBIOS SMB InitiateSystemShutdown unicode little endian attempt +2946 || NETBIOS SMB NDdeSetTrustedShareW little endian overflow attempt || bugtraq,11372 || cve,CAN-2004-0206 +2947 || NETBIOS SMB NDdeSetTrustedShareW unicode little endian overflow attempt || bugtraq,11372 || cve,CAN-2004-0206 +2948 || NETBIOS SMB-DS NDdeSetTrustedShareW little endian overflow attempt || bugtraq,11372 || cve,CAN-2004-0206 +2949 || NETBIOS SMB-DS NDdeSetTrustedShareW unicode little endian overflow attempt || bugtraq,11372 || cve,CAN-2004-0206 +2950 || NETBIOS SMB too many stacked requests +2951 || NETBIOS SMB-DS too many stacked requests +2952 || NETBIOS SMB IPC$ andx share access +2953 || NETBIOS SMB IPC$ unicode andx share access +2954 || NETBIOS SMB-DS IPC$ andx share access +2955 || NETBIOS SMB-DS IPC$ unicode andx share access +2956 || NETBIOS SMB nddeapi andx create tree attempt || bugtraq,11372 || cve,CAN-2004-0206 +2957 || NETBIOS SMB nddeapi unicode andx create tree attempt || bugtraq,11372 || cve,CAN-2004-0206 +2958 || NETBIOS SMB-DS nddeapi andx create tree attempt || bugtraq,11372 || cve,CAN-2004-0206 +2959 || NETBIOS SMB-DS nddeapi unicode andx create tree attempt || bugtraq,11372 || cve,CAN-2004-0206 +2960 || NETBIOS SMB nddeapi andx bind attempt || bugtraq,11372 || cve,CAN-2004-0206 +2961 || NETBIOS SMB nddeapi unicode andx bind attempt || bugtraq,11372 || cve,CAN-2004-0206 +2962 || NETBIOS SMB-DS nddeapi andx bind attempt || bugtraq,11372 || cve,CAN-2004-0206 +2963 || NETBIOS SMB-DS nddeapi unicode andx bind attempt || bugtraq,11372 || cve,CAN-2004-0206 +2964 || NETBIOS SMB NDdeSetTrustedShareW andx overflow attempt || bugtraq,11372 || cve,CAN-2004-0206 +2965 || NETBIOS SMB NDdeSetTrustedShareW little endian andx overflow attempt || bugtraq,11372 || cve,CAN-2004-0206 +2966 || NETBIOS SMB NDdeSetTrustedShareW unicode andx overflow attempt || bugtraq,11372 || cve,CAN-2004-0206 +2967 || NETBIOS SMB NDdeSetTrustedShareW unicode little endian andx overflow attempt || bugtraq,11372 || cve,CAN-2004-0206 +2968 || NETBIOS SMB-DS NDdeSetTrustedShareW andx overflow attempt || bugtraq,11372 || cve,CAN-2004-0206 +2969 || NETBIOS SMB-DS NDdeSetTrustedShareW little endian andx overflow attempt || bugtraq,11372 || cve,CAN-2004-0206 +2970 || NETBIOS SMB-DS NDdeSetTrustedShareW unicode andx overflow attempt || bugtraq,11372 || cve,CAN-2004-0206 +2971 || NETBIOS SMB-DS NDdeSetTrustedShareW unicode little endian andx overflow attempt || bugtraq,11372 || cve,CAN-2004-0206 +2972 || NETBIOS SMB D$ andx share access +2973 || NETBIOS SMB D$ unicode andx share access +2974 || NETBIOS SMB-DS D$ andx share access +2975 || NETBIOS SMB-DS D$ unicode andx share access +2976 || NETBIOS SMB C$ andx share access +2977 || NETBIOS SMB C$ unicode andx share access +2978 || NETBIOS SMB-DS C$ andx share access +2979 || NETBIOS SMB-DS C$ unicode andx share access +2980 || NETBIOS SMB ADMIN$ andx share access +2981 || NETBIOS SMB ADMIN$ unicode andx share access +2982 || NETBIOS SMB-DS ADMIN$ andx share access +2983 || NETBIOS SMB-DS ADMIN$ unicode andx share access +2984 || NETBIOS SMB winreg andx create tree attempt +2985 || NETBIOS SMB winreg unicode andx create tree attempt +2986 || NETBIOS SMB-DS winreg andx create tree attempt +2987 || NETBIOS SMB-DS winreg unicode andx create tree attempt +2988 || NETBIOS SMB winreg andx bind attempt +2989 || NETBIOS SMB winreg unicode andx bind attempt +2990 || NETBIOS SMB-DS winreg andx bind attempt +2991 || NETBIOS SMB-DS winreg unicode andx bind attempt +2992 || NETBIOS SMB InitiateSystemShutdown andx attempt +2993 || NETBIOS SMB InitiateSystemShutdown little endian andx attempt +2994 || NETBIOS SMB InitiateSystemShutdown unicode andx attempt +2995 || NETBIOS SMB InitiateSystemShutdown unicode little endian andx attempt +2996 || NETBIOS SMB-DS InitiateSystemShutdown andx attempt +2997 || NETBIOS SMB-DS InitiateSystemShutdown little endian andx attempt +2998 || NETBIOS SMB-DS InitiateSystemShutdown unicode andx attempt +2999 || NETBIOS SMB-DS InitiateSystemShutdown unicode little endian andx attempt --- snort-2.3.3.orig/rules/Makefile.in +++ snort-2.3.3/rules/Makefile.in @@ -1,8 +1,8 @@ -# Makefile.in generated by automake 1.6.3 from Makefile.am. +# Makefile.in generated by automake 1.9.6 from Makefile.am. # @configure_input@ -# Copyright 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002 -# Free Software Foundation, Inc. +# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +# 2003, 2004, 2005 Free Software Foundation, Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -13,74 +13,129 @@ # PARTICULAR PURPOSE. @SET_MAKE@ -SHELL = @SHELL@ - srcdir = @srcdir@ top_srcdir = @top_srcdir@ VPATH = @srcdir@ -prefix = @prefix@ -exec_prefix = @exec_prefix@ - -bindir = @bindir@ -sbindir = @sbindir@ -libexecdir = @libexecdir@ -datadir = @datadir@ -sysconfdir = @sysconfdir@ -sharedstatedir = @sharedstatedir@ -localstatedir = @localstatedir@ -libdir = @libdir@ -infodir = @infodir@ -mandir = @mandir@ -includedir = @includedir@ -oldincludedir = /usr/include pkgdatadir = $(datadir)/@PACKAGE@ pkglibdir = $(libdir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ top_builddir = .. - -ACLOCAL = @ACLOCAL@ -AUTOCONF = @AUTOCONF@ -AUTOMAKE = @AUTOMAKE@ -AUTOHEADER = @AUTOHEADER@ - am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd INSTALL = @INSTALL@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_DATA = @INSTALL_DATA@ install_sh_DATA = $(install_sh) -c -m 644 install_sh_PROGRAM = $(install_sh) -c install_sh_SCRIPT = $(install_sh) -c -INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_HEADER = $(INSTALL_DATA) -transform = @program_transform_name@ +transform = $(program_transform_name) NORMAL_INSTALL = : PRE_INSTALL = : POST_INSTALL = : NORMAL_UNINSTALL = : PRE_UNINSTALL = : POST_UNINSTALL = : -host_alias = @host_alias@ +build_triplet = @build@ host_triplet = @host@ - -EXEEXT = @EXEEXT@ -OBJEXT = @OBJEXT@ -PATH_SEPARATOR = @PATH_SEPARATOR@ +subdir = rules +DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in +ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 +am__aclocal_m4_deps = $(top_srcdir)/configure.in +am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ + $(ACLOCAL_M4) +mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs +CONFIG_HEADER = $(top_builddir)/config.h +CONFIG_CLEAN_FILES = +depcomp = +am__depfiles_maybe = +SOURCES = +DIST_SOURCES = +DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) +ACLOCAL = @ACLOCAL@ +AMDEP_FALSE = @AMDEP_FALSE@ +AMDEP_TRUE = @AMDEP_TRUE@ AMTAR = @AMTAR@ +AUTOCONF = @AUTOCONF@ +AUTOHEADER = @AUTOHEADER@ +AUTOMAKE = @AUTOMAKE@ AWK = @AWK@ CC = @CC@ +CCDEPMODE = @CCDEPMODE@ +CFLAGS = @CFLAGS@ +CPP = @CPP@ +CPPFLAGS = @CPPFLAGS@ +CYGPATH_W = @CYGPATH_W@ +DEFS = @DEFS@ DEPDIR = @DEPDIR@ +ECHO_C = @ECHO_C@ +ECHO_N = @ECHO_N@ +ECHO_T = @ECHO_T@ +EGREP = @EGREP@ +EXEEXT = @EXEEXT@ INCLUDES = @INCLUDES@ +INSTALL_DATA = @INSTALL_DATA@ +INSTALL_PROGRAM = @INSTALL_PROGRAM@ +INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +LDFLAGS = @LDFLAGS@ +LIBOBJS = @LIBOBJS@ +LIBS = @LIBS@ +LTLIBOBJS = @LTLIBOBJS@ +MAINT = @MAINT@ +MAINTAINER_MODE_FALSE = @MAINTAINER_MODE_FALSE@ +MAINTAINER_MODE_TRUE = @MAINTAINER_MODE_TRUE@ +MAKEINFO = @MAKEINFO@ +OBJEXT = @OBJEXT@ PACKAGE = @PACKAGE@ +PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +PACKAGE_NAME = @PACKAGE_NAME@ +PACKAGE_STRING = @PACKAGE_STRING@ +PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_VERSION = @PACKAGE_VERSION@ +PATH_SEPARATOR = @PATH_SEPARATOR@ RANLIB = @RANLIB@ +SET_MAKE = @SET_MAKE@ +SHELL = @SHELL@ STRIP = @STRIP@ VERSION = @VERSION@ +ac_ct_CC = @ac_ct_CC@ +ac_ct_RANLIB = @ac_ct_RANLIB@ +ac_ct_STRIP = @ac_ct_STRIP@ +am__fastdepCC_FALSE = @am__fastdepCC_FALSE@ +am__fastdepCC_TRUE = @am__fastdepCC_TRUE@ am__include = @am__include@ +am__leading_dot = @am__leading_dot@ am__quote = @am__quote@ +am__tar = @am__tar@ +am__untar = @am__untar@ +bindir = @bindir@ +build = @build@ +build_alias = @build_alias@ +build_cpu = @build_cpu@ +build_os = @build_os@ +build_vendor = @build_vendor@ +datadir = @datadir@ +exec_prefix = @exec_prefix@ extra_incl = @extra_incl@ +host = @host@ +host_alias = @host_alias@ +host_cpu = @host_cpu@ +host_os = @host_os@ +host_vendor = @host_vendor@ +includedir = @includedir@ +infodir = @infodir@ install_sh = @install_sh@ +libdir = @libdir@ +libexecdir = @libexecdir@ +localstatedir = @localstatedir@ +mandir = @mandir@ +mkdir_p = @mkdir_p@ +oldincludedir = @oldincludedir@ +prefix = @prefix@ +program_transform_name = @program_transform_name@ +sbindir = @sbindir@ +sharedstatedir = @sharedstatedir@ +sysconfdir = @sysconfdir@ +target_alias = @target_alias@ AUTOMAKE_OPTIONS = foreign no-dependencies - EXTRA_DIST = attack-responses.rules backdoor.rules bad-traffic.rules \ chat.rules ddos.rules deleted.rules dns.rules dos.rules experimental.rules \ exploit.rules finger.rules ftp.rules icmp-info.rules icmp.rules imap.rules \ @@ -91,38 +146,59 @@ web-cgi.rules web-client.rules web-coldfusion.rules web-frontpage.rules \ web-iis.rules web-misc.rules web-php.rules x11.rules pop2.rules -subdir = rules -mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs -CONFIG_HEADER = $(top_builddir)/config.h -CONFIG_CLEAN_FILES = -depcomp = -am__depfiles_maybe = -DIST_SOURCES = -DIST_COMMON = Makefile.am Makefile.in all: all-am .SUFFIXES: -$(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) +$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps) + @for dep in $?; do \ + case '$(am__configure_deps)' in \ + *$$dep*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ + && exit 0; \ + exit 1;; \ + esac; \ + done; \ + echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign rules/Makefile'; \ cd $(top_srcdir) && \ $(AUTOMAKE) --foreign rules/Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe) +.PRECIOUS: Makefile +Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status + @case '$?' in \ + *config.status*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ + *) \ + echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ + cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ + esac; + +$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh + +$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh uninstall-info-am: tags: TAGS TAGS: -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) +ctags: CTAGS +CTAGS: -top_distdir = .. -distdir = $(top_distdir)/$(PACKAGE)-$(VERSION) distdir: $(DISTFILES) - @list='$(DISTFILES)'; for file in $$list; do \ + @srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; \ + topsrcdirstrip=`echo "$(top_srcdir)" | sed 's|.|.|g'`; \ + list='$(DISTFILES)'; for file in $$list; do \ + case $$file in \ + $(srcdir)/*) file=`echo "$$file" | sed "s|^$$srcdirstrip/||"`;; \ + $(top_srcdir)/*) file=`echo "$$file" | sed "s|^$$topsrcdirstrip/|$(top_builddir)/|"`;; \ + esac; \ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ dir=`echo "$$file" | sed -e 's,/[^/]*$$,,'`; \ if test "$$dir" != "$$file" && test "$$dir" != "."; then \ dir="/$$dir"; \ - $(mkinstalldirs) "$(distdir)$$dir"; \ + $(mkdir_p) "$(distdir)$$dir"; \ else \ dir=''; \ fi; \ @@ -140,9 +216,7 @@ check-am: all-am check: check-am all-am: Makefile - installdirs: - install: install-am install-exec: install-exec-am install-data: install-data-am @@ -154,7 +228,7 @@ installcheck: installcheck-am install-strip: $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - INSTALL_STRIP_FLAG=-s \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ `test -z '$(STRIP)' || \ echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install mostlyclean-generic: @@ -162,7 +236,7 @@ clean-generic: distclean-generic: - -rm -f Makefile $(CONFIG_CLEAN_FILES) + -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) maintainer-clean-generic: @echo "This command is intended for maintainers to use" @@ -172,13 +246,15 @@ clean-am: clean-generic mostlyclean-am distclean: distclean-am - + -rm -f Makefile distclean-am: clean-am distclean-generic dvi: dvi-am dvi-am: +html: html-am + info: info-am info-am: @@ -194,22 +270,31 @@ installcheck-am: maintainer-clean: maintainer-clean-am - + -rm -f Makefile maintainer-clean-am: distclean-am maintainer-clean-generic mostlyclean: mostlyclean-am mostlyclean-am: mostlyclean-generic +pdf: pdf-am + +pdf-am: + +ps: ps-am + +ps-am: + uninstall-am: uninstall-info-am .PHONY: all all-am check check-am clean clean-generic distclean \ - distclean-generic distdir dvi dvi-am info info-am install \ - install-am install-data install-data-am install-exec \ + distclean-generic distdir dvi dvi-am html html-am info info-am \ + install install-am install-data install-data-am install-exec \ install-exec-am install-info install-info-am install-man \ install-strip installcheck installcheck-am installdirs \ maintainer-clean maintainer-clean-generic mostlyclean \ - mostlyclean-generic uninstall uninstall-am uninstall-info-am + mostlyclean-generic pdf pdf-am ps ps-am uninstall uninstall-am \ + uninstall-info-am # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. --- snort-2.3.3.orig/rules/snort.conf +++ snort-2.3.3/rules/snort.conf @@ -0,0 +1,625 @@ +#-------------------------------------------------- +# http://www.snort.org Snort 2.2.0 Ruleset +# Contact: snort-sigs@lists.sourceforge.net +#-------------------------------------------------- +# $Id: snort.conf,v 1.142.2.4 2004/09/27 15:36:37 bmc Exp $ +# +################################################### +# This file contains a sample snort configuration. +# You can take the following steps to create your own custom configuration: +# +# 1) Set the network variables for your network +# 2) Configure preprocessors +# 3) Configure output plugins +# 4) Customize your rule set +# +################################################### +# Step #1: Set the network variables: +# +# You must change the following variables to reflect your local network. The +# variable is currently setup for an RFC 1918 address space. +# +# You can specify it explicitly as: +# +# var HOME_NET 10.1.1.0/24 +# +# or use global variable $_ADDRESS which will be always +# initialized to IP address and netmask of the network interface which you run +# snort at. Under Windows, this must be specified as +# $(_ADDRESS), such as: +# $(\Device\Packet_{12345678-90AB-CDEF-1234567890AB}_ADDRESS) +# +# var HOME_NET $eth0_ADDRESS +# +# You can specify lists of IP addresses for HOME_NET +# by separating the IPs with commas like this: +# +# var HOME_NET [10.1.1.0/24,192.168.1.0/24] +# +# MAKE SURE YOU DON'T PLACE ANY SPACES IN YOUR LIST! +# +# or you can specify the variable to be any IP address +# like this: + +var HOME_NET any + +# Set up the external network addresses as well. A good start may be "any" +var EXTERNAL_NET any + +# Configure your server lists. This allows snort to only look for attacks to +# systems that have a service up. Why look for HTTP attacks if you are not +# running a web server? This allows quick filtering based on IP addresses +# These configurations MUST follow the same configuration scheme as defined +# above for $HOME_NET. + +# List of DNS servers on your network +var DNS_SERVERS $HOME_NET + +# List of SMTP servers on your network +var SMTP_SERVERS $HOME_NET + +# List of web servers on your network +var HTTP_SERVERS $HOME_NET + +# List of sql servers on your network +var SQL_SERVERS $HOME_NET + +# List of telnet servers on your network +var TELNET_SERVERS $HOME_NET + +# List of snmp servers on your network +var SNMP_SERVERS $HOME_NET + +# Configure your service ports. This allows snort to look for attacks destined +# to a specific application only on the ports that application runs on. For +# example, if you run a web server on port 8081, set your HTTP_PORTS variable +# like this: +# +# var HTTP_PORTS 8081 +# +# Port lists must either be continuous [eg 80:8080], or a single port [eg 80]. +# We will adding support for a real list of ports in the future. + +# Ports you run web servers on +# +# Please note: [80,8080] does not work. +# If you wish to define multiple HTTP ports, +# +## var HTTP_PORTS 80 +## include somefile.rules +## var HTTP_PORTS 8080 +## include somefile.rules +var HTTP_PORTS 80 + +# Ports you want to look for SHELLCODE on. +var SHELLCODE_PORTS !80 + +# Ports you do oracle attacks on +var ORACLE_PORTS 1521 + +# other variables +# +# AIM servers. AOL has a habit of adding new AIM servers, so instead of +# modifying the signatures when they do, we add them to this list of servers. +var AIM_SERVERS [64.12.24.0/23,64.12.28.0/23,64.12.161.0/24,64.12.163.0/24,64.12.200.0/24,205.188.3.0/24,205.188.5.0/24,205.188.7.0/24,205.188.9.0/24,205.188.153.0/24,205.188.179.0/24,205.188.248.0/24] + +# Path to your rules files (this can be a relative path) +# Note for Windows users: You are advised to make this an absolute path, +# such as: c:\snort\rules +var RULE_PATH ../rules + +# Configure the snort decoder +# ============================ +# +# Snort's decoder will alert on lots of things such as header +# truncation or options of unusual length or infrequently used tcp options +# +# +# Stop generic decode events: +# +# config disable_decode_alerts +# +# Stop Alerts on experimental TCP options +# +# config disable_tcpopt_experimental_alerts +# +# Stop Alerts on obsolete TCP options +# +# config disable_tcpopt_obsolete_alerts +# +# Stop Alerts on T/TCP alerts +# +# In snort 2.0.1 and above, this only alerts when a TCP option is detected +# that shows T/TCP being actively used on the network. If this is normal +# behavior for your network, disable the next option. +# +# config disable_tcpopt_ttcp_alerts +# +# Stop Alerts on all other TCPOption type events: +# +# config disable_tcpopt_alerts +# +# Stop Alerts on invalid ip options +# +# config disable_ipopt_alerts + +# Configure the detection engine +# =============================== +# +# Use a different pattern matcher in case you have a machine with very limited +# resources: +# +# config detection: search-method lowmem + +################################################### +# Step #2: Configure preprocessors +# +# General configuration for preprocessors is of +# the form +# preprocessor : + +# Configure Flow tracking module +# ------------------------------- +# +# The Flow tracking module is meant to start unifying the state keeping +# mechanisms of snort into a single place. Right now, only a portscan detector +# is implemented but in the long term, many of the stateful subsystems of +# snort will be migrated over to becoming flow plugins. This must be enabled +# for flow-portscan to work correctly. +# +# See README.flow for additional information +# +preprocessor flow: stats_interval 0 hash 2 + +# frag2: IP defragmentation support +# ------------------------------- +# This preprocessor performs IP defragmentation. This plugin will also detect +# people launching fragmentation attacks (usually DoS) against hosts. No +# arguments loads the default configuration of the preprocessor, which is a 60 +# second timeout and a 4MB fragment buffer. + +# The following (comma delimited) options are available for frag2 +# timeout [seconds] - sets the number of [seconds] that an unfinished +# fragment will be kept around waiting for completion, +# if this time expires the fragment will be flushed +# memcap [bytes] - limit frag2 memory usage to [number] bytes +# (default: 4194304) +# +# min_ttl [number] - minimum ttl to accept +# +# ttl_limit [number] - difference of ttl to accept without alerting +# will cause false positves with router flap +# +# Frag2 uses Generator ID 113 and uses the following SIDS +# for that GID: +# SID Event description +# ----- ------------------- +# 1 Oversized fragment (reassembled frag > 64k bytes) +# 2 Teardrop-type attack + +preprocessor frag2 + +# stream4: stateful inspection/stream reassembly for Snort +#---------------------------------------------------------------------- +# Use in concert with the -z [all|est] command line switch to defeat stick/snot +# against TCP rules. Also performs full TCP stream reassembly, stateful +# inspection of TCP streams, etc. Can statefully detect various portscan +# types, fingerprinting, ECN, etc. + +# stateful inspection directive +# no arguments loads the defaults (timeout 30, memcap 8388608) +# options (options are comma delimited): +# detect_scans - stream4 will detect stealth portscans and generate alerts +# when it sees them when this option is set +# detect_state_problems - detect TCP state problems, this tends to be very +# noisy because there are a lot of crappy ip stack +# implementations out there +# +# disable_evasion_alerts - turn off the possibly noisy mitigation of +# overlapping sequences. +# +# +# min_ttl [number] - set a minium ttl that snort will accept to +# stream reassembly +# +# ttl_limit [number] - differential of the initial ttl on a session versus +# the normal that someone may be playing games. +# Routing flap may cause lots of false positives. +# +# keepstats [machine|binary] - keep session statistics, add "machine" to +# get them in a flat format for machine reading, add +# "binary" to get them in a unified binary output +# format +# noinspect - turn off stateful inspection only +# timeout [number] - set the session timeout counter to [number] seconds, +# default is 30 seconds +# memcap [number] - limit stream4 memory usage to [number] bytes +# log_flushed_streams - if an event is detected on a stream this option will +# cause all packets that are stored in the stream4 +# packet buffers to be flushed to disk. This only +# works when logging in pcap mode! +# +# Stream4 uses Generator ID 111 and uses the following SIDS +# for that GID: +# SID Event description +# ----- ------------------- +# 1 Stealth activity +# 2 Evasive RST packet +# 3 Evasive TCP packet retransmission +# 4 TCP Window violation +# 5 Data on SYN packet +# 6 Stealth scan: full XMAS +# 7 Stealth scan: SYN-ACK-PSH-URG +# 8 Stealth scan: FIN scan +# 9 Stealth scan: NULL scan +# 10 Stealth scan: NMAP XMAS scan +# 11 Stealth scan: Vecna scan +# 12 Stealth scan: NMAP fingerprint scan stateful detect +# 13 Stealth scan: SYN-FIN scan +# 14 TCP forward overlap + +preprocessor stream4: disable_evasion_alerts + +# tcp stream reassembly directive +# no arguments loads the default configuration +# Only reassemble the client, +# Only reassemble the default list of ports (See below), +# Give alerts for "bad" streams +# +# Available options (comma delimited): +# clientonly - reassemble traffic for the client side of a connection only +# serveronly - reassemble traffic for the server side of a connection only +# both - reassemble both sides of a session +# noalerts - turn off alerts from the stream reassembly stage of stream4 +# ports [list] - use the space separated list of ports in [list], "all" +# will turn on reassembly for all ports, "default" will turn +# on reassembly for ports 21, 23, 25, 53, 80, 143, 110, 111 +# and 513 + +preprocessor stream4_reassemble + +# http_inspect: normalize and detect HTTP traffic and protocol anomalies +# +# lots of options available here. See doc/README.http_inspect. +# unicode.map should be wherever your snort.conf lives, or given +# a full path to where snort can find it. +preprocessor http_inspect: global \ + iis_unicode_map unicode.map 1252 + +preprocessor http_inspect_server: server default \ + profile all ports { 80 8080 8180 } oversize_dir_length 500 + +# +# Example unqiue server configuration +# +#preprocessor http_inspect_server: server 1.1.1.1 \ +# ports { 80 3128 8080 } \ +# flow_depth 0 \ +# ascii no \ +# double_decode yes \ +# non_rfc_char { 0x00 } \ +# chunk_length 500000 \ +# non_strict \ +# oversize_dir_length 300 \ +# no_alerts + + +# rpc_decode: normalize RPC traffic +# --------------------------------- +# RPC may be sent in alternate encodings besides the usual 4-byte encoding +# that is used by default. This plugin takes the port numbers that RPC +# services are running on as arguments - it is assumed that the given ports +# are actually running this type of service. If not, change the ports or turn +# it off. +# The RPC decode preprocessor uses generator ID 106 +# +# arguments: space separated list +# alert_fragments - alert on any rpc fragmented TCP data +# no_alert_multiple_requests - don't alert when >1 rpc query is in a packet +# no_alert_large_fragments - don't alert when the fragmented +# sizes exceed the current packet size +# no_alert_incomplete - don't alert when a single segment +# exceeds the current packet size + +preprocessor rpc_decode: 111 32771 + +# bo: Back Orifice detector +# ------------------------- +# Detects Back Orifice traffic on the network. Takes no arguments in 2.0. +# +# The Back Orifice detector uses Generator ID 105 and uses the +# following SIDS for that GID: +# SID Event description +# ----- ------------------- +# 1 Back Orifice traffic detected + +preprocessor bo + +# telnet_decode: Telnet negotiation string normalizer +# --------------------------------------------------- +# This preprocessor "normalizes" telnet negotiation strings from telnet and ftp +# traffic. It works in much the same way as the http_decode preprocessor, +# searching for traffic that breaks up the normal data stream of a protocol and +# replacing it with a normalized representation of that traffic so that the +# "content" pattern matching keyword can work without requiring modifications. +# This preprocessor requires no arguments. +# Portscan uses Generator ID 109 and does not generate any SID currently. + +preprocessor telnet_decode + +# Flow-Portscan: detect a variety of portscans +# --------------------------------------- +# Note: The Flow preprocessor (above) must first be enabled for Flow-Portscan to +# work. +# +# This module detects portscans based off of flow creation in the flow +# preprocessors. The goal is to catch one->many hosts and one->many +# ports scans. +# +# Flow-Portscan has numerous options available, please read +# README.flow-portscan for help configuring this option. + +# Flow-Portscan uses Generator ID 121 and uses the following SIDS for that GID: +# SID Event description +# ----- ------------------- +# 1 flow-portscan: Fixed Scale Scanner Limit Exceeded +# 2 flow-portscan: Sliding Scale Scanner Limit Exceeded +# 3 flow-portscan: Fixed Scale Talker Limit Exceeded +# 4 flow-portscan: Sliding Scale Talker Limit Exceeded + +# preprocessor flow-portscan: \ +# talker-sliding-scale-factor 0.50 \ +# talker-fixed-threshold 30 \ +# talker-sliding-threshold 30 \ +# talker-sliding-window 20 \ +# talker-fixed-window 30 \ +# scoreboard-rows-talker 30000 \ +# server-watchnet [10.2.0.0/30] \ +# server-ignore-limit 200 \ +# server-rows 65535 \ +# server-learning-time 14400 \ +# server-scanner-limit 4 \ +# scanner-sliding-window 20 \ +# scanner-sliding-scale-factor 0.50 \ +# scanner-fixed-threshold 15 \ +# scanner-sliding-threshold 40 \ +# scanner-fixed-window 15 \ +# scoreboard-rows-scanner 30000 \ +# src-ignore-net [192.168.1.1/32,192.168.0.0/24] \ +# dst-ignore-net [10.0.0.0/30] \ +# alert-mode once \ +# output-mode msg \ +# tcp-penalties on + +# arpspoof +#---------------------------------------- +# Experimental ARP detection code from Jeff Nathan, detects ARP attacks, +# unicast ARP requests, and specific ARP mapping monitoring. To make use of +# this preprocessor you must specify the IP and hardware address of hosts on +# the same layer 2 segment as you. Specify one host IP MAC combo per line. +# Also takes a "-unicast" option to turn on unicast ARP request detection. +# Arpspoof uses Generator ID 112 and uses the following SIDS for that GID: + +# SID Event description +# ----- ------------------- +# 1 Unicast ARP request +# 2 Etherframe ARP mismatch (src) +# 3 Etherframe ARP mismatch (dst) +# 4 ARP cache overwrite attack + +#preprocessor arpspoof +#preprocessor arpspoof_detect_host: 192.168.40.1 f0:0f:00:f0:0f:00 + + +# Performance Statistics +# ---------------------- +# Documentation for this is provided in the Snort Manual. You should read it. +# It is included in the release distribution as doc/snort_manual.pdf +# +# preprocessor perfmonitor: time 300 file /var/snort/snort.stats pktcnt 10000 + +#################################################################### +# Step #3: Configure output plugins +# +# Uncomment and configure the output plugins you decide to use. General +# configuration for output plugins is of the form: +# +# output : +# +# alert_syslog: log alerts to syslog +# ---------------------------------- +# Use one or more syslog facilities as arguments. Win32 can also optionally +# specify a particular hostname/port. Under Win32, the default hostname is +# '127.0.0.1', and the default port is 514. +# +# [Unix flavours should use this format...] +# output alert_syslog: LOG_AUTH LOG_ALERT +# +# [Win32 can use any of these formats...] +# output alert_syslog: LOG_AUTH LOG_ALERT +# output alert_syslog: host=hostname, LOG_AUTH LOG_ALERT +# output alert_syslog: host=hostname:port, LOG_AUTH LOG_ALERT + +# log_tcpdump: log packets in binary tcpdump format +# ------------------------------------------------- +# The only argument is the output file name. +# +# output log_tcpdump: tcpdump.log + +# database: log to a variety of databases +# --------------------------------------- +# See the README.database file for more information about configuring +# and using this plugin. +# +# output database: log, mysql, user=root password=test dbname=db host=localhost +# output database: alert, postgresql, user=snort dbname=snort +# output database: log, odbc, user=snort dbname=snort +# output database: log, mssql, dbname=snort user=snort password=test +# output database: log, oracle, dbname=snort user=snort password=test + +# unified: Snort unified binary format alerting and logging +# ------------------------------------------------------------- +# The unified output plugin provides two new formats for logging and generating +# alerts from Snort, the "unified" format. The unified format is a straight +# binary format for logging data out of Snort that is designed to be fast and +# efficient. Used with barnyard (the new alert/log processor), most of the +# overhead for logging and alerting to various slow storage mechanisms such as +# databases or the network can now be avoided. +# +# Check out the spo_unified.h file for the data formats. +# +# Two arguments are supported. +# filename - base filename to write to (current time_t is appended) +# limit - maximum size of spool file in MB (default: 128) +# +# output alert_unified: filename snort.alert, limit 128 +# output log_unified: filename snort.log, limit 128 + +# You can optionally define new rule types and associate one or more output +# plugins specifically to that type. +# +# This example will create a type that will log to just tcpdump. +# ruletype suspicious +# { +# type log +# output log_tcpdump: suspicious.log +# } +# +# EXAMPLE RULE FOR SUSPICIOUS RULETYPE: +# suspicious tcp $HOME_NET any -> $HOME_NET 6667 (msg:"Internal IRC Server";) +# +# This example will create a rule type that will log to syslog and a mysql +# database: +# ruletype redalert +# { +# type alert +# output alert_syslog: LOG_AUTH LOG_ALERT +# output database: log, mysql, user=snort dbname=snort host=localhost +# } +# +# EXAMPLE RULE FOR REDALERT RULETYPE: +# redalert tcp $HOME_NET any -> $EXTERNAL_NET 31337 \ +# (msg:"Someone is being LEET"; flags:A+;) + +# +# Include classification & priority settings +# Note for Windows users: You are advised to make this an absolute path, +# such as: c:\snort\etc\classification.config +# + +include classification.config + +# +# Include reference systems +# Note for Windows users: You are advised to make this an absolute path, +# such as: c:\snort\etc\reference.config +# + +include reference.config + +#################################################################### +# Step #4: Customize your rule set +# +# Up to date snort rules are available at http://www.snort.org +# +# The snort web site has documentation about how to write your own custom snort +# rules. +# +# The rules included with this distribution generate alerts based on on +# suspicious activity. Depending on your network environment, your security +# policies, and what you consider to be suspicious, some of these rules may +# either generate false positives ore may be detecting activity you consider to +# be acceptable; therefore, you are encouraged to comment out rules that are +# not applicable in your environment. +# +# The following individuals contributed many of rules in this distribution. +# +# Credits: +# Ron Gula of Network Security Wizards +# Max Vision +# Martin Markgraf +# Fyodor Yarochkin +# Nick Rogness +# Jim Forster +# Scott McIntyre +# Tom Vandepoel +# Brian Caswell +# Zeno +# Ryan Russell + + + +#========================================= +# Include all relevant rulesets here +# +# The following rulesets are disabled by default: +# +# web-attacks, backdoor, shellcode, policy, porn, info, icmp-info, virus, +# chat, multimedia, and p2p +# +# These rules are either site policy specific or require tuning in order to not +# generate false positive alerts in most enviornments. +# +# Please read the specific include file for more information and +# README.alert_order for how rule ordering affects how alerts are triggered. +#========================================= + +include $RULE_PATH/local.rules +include $RULE_PATH/bad-traffic.rules +include $RULE_PATH/exploit.rules +include $RULE_PATH/scan.rules +include $RULE_PATH/finger.rules +include $RULE_PATH/ftp.rules +include $RULE_PATH/telnet.rules +include $RULE_PATH/rpc.rules +include $RULE_PATH/rservices.rules +include $RULE_PATH/dos.rules +include $RULE_PATH/ddos.rules +include $RULE_PATH/dns.rules +include $RULE_PATH/tftp.rules + +include $RULE_PATH/web-cgi.rules +include $RULE_PATH/web-coldfusion.rules +include $RULE_PATH/web-iis.rules +include $RULE_PATH/web-frontpage.rules +include $RULE_PATH/web-misc.rules +include $RULE_PATH/web-client.rules +include $RULE_PATH/web-php.rules + +include $RULE_PATH/sql.rules +include $RULE_PATH/x11.rules +include $RULE_PATH/icmp.rules +include $RULE_PATH/netbios.rules +include $RULE_PATH/misc.rules +include $RULE_PATH/attack-responses.rules +include $RULE_PATH/oracle.rules +include $RULE_PATH/mysql.rules +include $RULE_PATH/snmp.rules + +include $RULE_PATH/smtp.rules +include $RULE_PATH/imap.rules +include $RULE_PATH/pop2.rules +include $RULE_PATH/pop3.rules + +include $RULE_PATH/nntp.rules +include $RULE_PATH/other-ids.rules +# include $RULE_PATH/web-attacks.rules +# include $RULE_PATH/backdoor.rules +# include $RULE_PATH/shellcode.rules +# include $RULE_PATH/policy.rules +# include $RULE_PATH/porn.rules +# include $RULE_PATH/info.rules +# include $RULE_PATH/icmp-info.rules + include $RULE_PATH/virus.rules +# include $RULE_PATH/chat.rules +# include $RULE_PATH/multimedia.rules +# include $RULE_PATH/p2p.rules +include $RULE_PATH/experimental.rules + +# Include any thresholding or suppression commands. See threshold.conf in the +# /etc directory for details. Commands don't necessarily need to be +# contained in this conf, but a separate conf makes it easier to maintain them. +# Note for Windows users: You are advised to make this an absolute path, +# such as: c:\snort\etc\threshold.conf +# Uncomment if needed. +# include threshold.conf --- snort-2.3.3.orig/rules/unicode.map +++ snort-2.3.3/rules/unicode.map @@ -0,0 +1,104 @@ +# Windows Version: 5.00.2195 +# OEM codepage: 437 +# ACP codepage: 1252 + +# INSTALLED CODEPAGES +10000 (MAC - Roman) + + +10079 (MAC - Icelandic) + + +1250 (ANSI - Central Europe) +00a1:21 00a2:63 00a3:4c 00a5:59 00aa:61 00b2:32 00b3:33 00b9:31 00ba:6f 00bc:31 00bd:31 00be:33 00c0:41 00c3:41 00c5:41 00c6:41 00c8:45 00ca:45 00cc:49 00cf:49 00d1:4e 00d2:4f 00d5:4f 00d8:4f 00d9:55 00db:55 00e0:61 00e3:61 00e5:61 00e6:61 00e8:65 00ea:65 00ec:69 00ef:69 00f1:6e 00f2:6f 00f5:6f 00f8:6f 00f9:75 00fb:75 00ff:79 0100:41 0101:61 0108:43 0109:63 010a:43 010b:63 0112:45 0113:65 0114:45 0115:65 0116:45 0117:65 011c:47 011d:67 011e:47 011f:67 0120:47 0121:67 0122:47 0123:67 0124:48 0125:68 0126:48 0127:68 0128:49 0129:69 012a:49 012b:69 012c:49 012d:69 012e:49 012f:69 0130:49 0131:69 0134:4a 0135:6a 0136:4b 0137:6b 013b:4c 013c:6c 0145:4e 0146:6e 014c:4f 014d:6f 014e:4f 014f:6f 0152:4f 0153:6f 0156:52 0157:72 015c:53 015d:73 0166:54 0167:74 0168:55 0169:75 016a:55 016b:75 016c:55 016d:75 0172:55 0173:75 0174:57 0175:77 0176:59 0177:79 0178:59 0180:62 0191:46 0192:66 0197:49 019a:6c 019f:4f 01a0:4f 01a1:6f 01ab:74 01ae:54 01af:55 01b0:75 01b6:7a 01c0:7c 01c3:21 01cd:41 01ce:61 01cf:49 01d0:69 01d1:4f 01d2:6f 01d3:55 01d4:75 01d5:55 01d6:75 01d7:55 01d8:75 01d9:55 01da:75 01db:55 01dc:75 01de:41 01df:61 01e4:47 01e5:67 01e6:47 01e7:67 01e8:4b 01e9:6b 01ea:4f 01eb:6f 01ec:4f 01ed:6f 01f0:6a 0261:67 02b9:27 02ba:22 02bc:27 02c4:5e 02c6:5e 02c8:27 02cb:60 02cd:5f 02dc:7e 0300:60 0302:5e 0303:7e 030e:22 0331:5f 0332:5f 037e:3b 04bb:68 0589:3a 066a:25 2000:20 2001:20 2002:20 2003:20 2004:20 2005:20 2006:20 2010:2d 2011:2d 2032:27 2035:60 203c:21 2044:2f 2074:34 2075:35 2076:36 2077:37 2078:38 2080:30 2081:31 2082:32 2083:33 2084:34 2085:35 2086:36 2087:37 2088:38 2089:39 2102:43 2107:45 210a:67 210b:48 210c:48 210d:48 210e:68 2110:49 2111:49 2112:4c 2113:6c 2115:4e 2118:50 2119:50 211a:51 211b:52 211c:52 211d:52 2124:5a 2128:5a 212a:4b 212c:42 212d:43 212e:65 212f:65 2130:45 2131:46 2133:4d 2134:6f 2191:5e 2194:2d 2195:7c 21a8:7c 2212:2d 2215:2f 2216:5c 2217:2a 221f:4c 2223:7c 2236:3a 223c:7e 2303:5e 2329:3c 232a:3e 2502:2d 250c:2d 2514:4c 2518:2d 251c:2b 2524:2b 252c:54 2534:2b 253c:2b 2550:3d 2554:2d 255a:4c 255d:2d 2566:54 256c:2b 2580:2d 2584:2d 2588:2d 2591:2d 2592:2d 2593:2d 25ac:2d 25b2:5e 25ba:3e 25c4:3c 25cb:30 25d9:30 263c:30 2640:2b 2642:3e 266a:64 266b:64 2758:7c 3000:20 3008:3c 3009:3e 301a:5b 301b:5d ff01:21 ff02:22 ff03:23 ff04:24 ff05:25 ff06:26 ff07:27 ff08:28 ff09:29 ff0a:2a ff0b:2b ff0c:2c ff0d:2d ff0e:2e ff0f:2f ff10:30 ff11:31 ff12:32 ff13:33 ff14:34 ff15:35 ff16:36 ff17:37 ff18:38 ff19:39 ff1a:3a ff1b:3b ff1c:3c ff1d:3d ff1e:3e ff20:40 ff21:41 ff22:42 ff23:43 ff24:44 ff25:45 ff26:46 ff27:47 ff28:48 ff29:49 ff2a:4a ff2b:4b ff2c:4c ff2d:4d ff2e:4e ff2f:4f ff30:50 ff31:51 ff32:52 ff33:53 ff34:54 ff35:55 ff36:56 ff37:57 ff38:58 ff39:59 ff3a:5a ff3b:5b ff3c:5c ff3d:5d ff3e:5e ff3f:5f ff40:60 ff41:61 ff42:62 ff43:63 ff44:64 ff45:65 ff46:66 ff47:67 ff48:68 ff49:69 ff4a:6a ff4b:6b ff4c:6c ff4d:6d ff4e:6e ff4f:6f ff50:70 ff51:71 ff52:72 ff53:73 ff54:74 ff55:75 ff56:76 ff57:77 ff58:78 ff59:79 ff5a:7a ff5b:7b ff5c:7c ff5d:7d ff5e:7e + +1251 (ANSI - Cyrillic) +00c0:41 00c1:41 00c2:41 00c3:41 00c4:41 00c5:41 00c7:43 00c8:45 00c9:45 00ca:45 00cb:45 00cc:49 00cd:49 00ce:49 00cf:49 00d1:4e 00d2:4f 00d3:4f 00d4:4f 00d5:4f 00d6:4f 00d8:4f 00d9:55 00da:55 00db:55 00dc:55 00dd:59 00e0:61 00e1:61 00e2:61 00e3:61 00e4:61 00e5:61 00e7:63 00e8:65 00e9:65 00ea:65 00eb:65 00ec:69 00ed:69 00ee:69 00ef:69 00f1:6e 00f2:6f 00f3:6f 00f4:6f 00f5:6f 00f6:6f 00f8:6f 00f9:75 00fa:75 00fb:75 00fc:75 00fd:79 00ff:79 0100:41 0101:61 0102:41 0103:61 0104:41 0105:61 0106:43 0107:63 0108:43 0109:63 010a:43 010b:63 010c:43 010d:63 010e:44 010f:64 0110:44 0111:64 0112:45 0113:65 0114:45 0115:65 0116:45 0117:65 0118:45 0119:65 011a:45 011b:65 011c:47 011d:67 011e:47 011f:67 0120:47 0121:67 0122:47 0123:67 0124:48 0125:68 0126:48 0127:68 0128:49 0129:69 012a:49 012b:69 012c:49 012d:69 012e:49 012f:69 0130:49 0134:4a 0135:6a 0136:4b 0137:6b 0139:4c 013a:6c 013b:4c 013c:6c 013d:4c 013e:6c 0141:4c 0142:6c 0143:4e 0144:6e 0145:4e 0146:6e 0147:4e 0148:6e 014c:4f 014d:6f 014e:4f 014f:6f 0150:4f 0151:6f 0154:52 0155:72 0156:52 0157:72 0158:52 0159:72 015a:53 015b:73 015c:53 015d:73 015e:53 015f:73 0160:53 0161:73 0162:54 0163:74 0164:54 0165:74 0166:54 0167:74 0168:55 0169:75 016a:55 016b:75 016c:55 016d:75 016e:55 016f:75 0170:55 0171:75 0172:55 0173:75 0174:57 0175:77 0176:59 0177:79 0178:59 0179:5a 017b:5a 017c:7a 017d:5a 017e:7a 0180:62 0197:49 019a:6c 019f:4f 01a0:4f 01a1:6f 01ab:74 01ae:54 01af:55 01b0:75 01cd:41 01ce:61 01cf:49 01d0:69 01d1:4f 01d2:6f 01d3:55 01d4:75 01d5:55 01d6:75 01d7:55 01d8:75 01d9:55 01da:75 01db:55 01dc:75 01de:41 01df:61 01e4:47 01e5:67 01e6:47 01e7:67 01e8:4b 01e9:6b 01ea:4f 01eb:6f 01ec:4f 01ed:6f 01f0:6a 203c:21 2190:3c 2191:5e 2192:3e 2193:76 2194:2d 221a:76 221f:4c 2500:2d 250c:2d 2514:4c 2518:2d 251c:2b 2524:2b 252c:54 2534:2b 253c:2b 2550:3d 2552:2d 2558:4c 2559:4c 255a:4c 255b:2d 255c:2d 255d:2d 2564:54 2565:54 2566:54 256a:2b 256b:2b 256c:2b 2580:2d 2584:2d 2588:2d 2591:2d 2592:2d 2593:2d 25ac:2d 25b2:5e 25ba:3e 25c4:3c 25cb:30 25d9:30 263a:4f 263b:4f 263c:30 2640:2b 2642:3e 266a:64 266b:64 ff01:21 ff02:22 ff03:23 ff04:24 ff05:25 ff06:26 ff07:27 ff08:28 ff09:29 ff0a:2a ff0b:2b ff0c:2c ff0d:2d ff0e:2e ff0f:2f ff10:30 ff11:31 ff12:32 ff13:33 ff14:34 ff15:35 ff16:36 ff17:37 ff18:38 ff19:39 ff1a:3a ff1b:3b ff1c:3c ff1d:3d ff1e:3e ff20:40 ff21:41 ff22:42 ff23:43 ff24:44 ff25:45 ff26:46 ff27:47 ff28:48 ff29:49 ff2a:4a ff2b:4b ff2c:4c ff2d:4d ff2e:4e ff2f:4f ff30:50 ff31:51 ff32:52 ff33:53 ff34:54 ff35:55 ff36:56 ff37:57 ff38:58 ff39:59 ff3a:5a ff3b:5b ff3c:5c ff3d:5d ff3e:5e ff3f:5f ff40:60 ff41:61 ff42:62 ff43:63 ff44:64 ff45:65 ff46:66 ff47:67 ff48:68 ff49:69 ff4a:6a ff4b:6b ff4c:6c ff4d:6d ff4e:6e ff4f:6f ff50:70 ff51:71 ff52:72 ff53:73 ff54:74 ff55:75 ff56:76 ff57:77 ff58:78 ff59:79 ff5a:7a ff5b:7b ff5c:7c ff5d:7d ff5e:7e + +1252 (ANSI - Latin I) +0100:41 0101:61 0102:41 0103:61 0104:41 0105:61 0106:43 0107:63 0108:43 0109:63 010a:43 010b:63 010c:43 010d:63 010e:44 010f:64 0111:64 0112:45 0113:65 0114:45 0115:65 0116:45 0117:65 0118:45 0119:65 011a:45 011b:65 011c:47 011d:67 011e:47 011f:67 0120:47 0121:67 0122:47 0123:67 0124:48 0125:68 0126:48 0127:68 0128:49 0129:69 012a:49 012b:69 012c:49 012d:69 012e:49 012f:69 0130:49 0131:69 0134:4a 0135:6a 0136:4b 0137:6b 0139:4c 013a:6c 013b:4c 013c:6c 013d:4c 013e:6c 0141:4c 0142:6c 0143:4e 0144:6e 0145:4e 0146:6e 0147:4e 0148:6e 014c:4f 014d:6f 014e:4f 014f:6f 0150:4f 0151:6f 0154:52 0155:72 0156:52 0157:72 0158:52 0159:72 015a:53 015b:73 015c:53 015d:73 015e:53 015f:73 0162:54 0163:74 0164:54 0165:74 0166:54 0167:74 0168:55 0169:75 016a:55 016b:75 016c:55 016d:75 016e:55 016f:75 0170:55 0171:75 0172:55 0173:75 0174:57 0175:77 0176:59 0177:79 0179:5a 017b:5a 017c:7a 0180:62 0197:49 019a:6c 019f:4f 01a0:4f 01a1:6f 01ab:74 01ae:54 01af:55 01b0:75 01b6:7a 01c0:7c 01c3:21 01cd:41 01ce:61 01cf:49 01d0:69 01d1:4f 01d2:6f 01d3:55 01d4:75 01d5:55 01d6:75 01d7:55 01d8:75 01d9:55 01da:75 01db:55 01dc:75 01de:41 01df:61 01e4:47 01e5:67 01e6:47 01e7:67 01e8:4b 01e9:6b 01ea:4f 01eb:6f 01ec:4f 01ed:6f 01f0:6a 0261:67 02b9:27 02ba:22 02bc:27 02c4:5e 02c8:27 02cb:60 02cd:5f 0300:60 0302:5e 0303:7e 030e:22 0331:5f 0332:5f 037e:3b 0393:47 0398:54 03a3:53 03a6:46 03a9:4f 03b1:61 03b4:64 03b5:65 03c0:70 03c3:73 03c4:74 03c6:66 04bb:68 0589:3a 066a:25 2000:20 2001:20 2002:20 2003:20 2004:20 2005:20 2006:20 2010:2d 2011:2d 2017:3d 2032:27 2035:60 2044:2f 2074:34 2075:35 2076:36 2077:37 2078:38 207f:6e 2080:30 2081:31 2082:32 2083:33 2084:34 2085:35 2086:36 2087:37 2088:38 2089:39 20a7:50 2102:43 2107:45 210a:67 210b:48 210c:48 210d:48 210e:68 2110:49 2111:49 2112:4c 2113:6c 2115:4e 2118:50 2119:50 211a:51 211b:52 211c:52 211d:52 2124:5a 2128:5a 212a:4b 212c:42 212d:43 212e:65 212f:65 2130:45 2131:46 2133:4d 2134:6f 2212:2d 2215:2f 2216:5c 2217:2a 221a:76 221e:38 2223:7c 2229:6e 2236:3a 223c:7e 2261:3d 2264:3d 2265:3d 2303:5e 2320:28 2321:29 2329:3c 232a:3e 2500:2d 250c:2b 2510:2b 2514:2b 2518:2b 251c:2b 252c:2d 2534:2d 253c:2b 2550:2d 2552:2b 2553:2b 2554:2b 2555:2b 2556:2b 2557:2b 2558:2b 2559:2b 255a:2b 255b:2b 255c:2b 255d:2b 2564:2d 2565:2d 2566:2d 2567:2d 2568:2d 2569:2d 256a:2b 256b:2b 256c:2b 2584:5f 2758:7c 3000:20 3008:3c 3009:3e 301a:5b 301b:5d ff01:21 ff02:22 ff03:23 ff04:24 ff05:25 ff06:26 ff07:27 ff08:28 ff09:29 ff0a:2a ff0b:2b ff0c:2c ff0d:2d ff0e:2e ff0f:2f ff10:30 ff11:31 ff12:32 ff13:33 ff14:34 ff15:35 ff16:36 ff17:37 ff18:38 ff19:39 ff1a:3a ff1b:3b ff1c:3c ff1d:3d ff1e:3e ff20:40 ff21:41 ff22:42 ff23:43 ff24:44 ff25:45 ff26:46 ff27:47 ff28:48 ff29:49 ff2a:4a ff2b:4b ff2c:4c ff2d:4d ff2e:4e ff2f:4f ff30:50 ff31:51 ff32:52 ff33:53 ff34:54 ff35:55 ff36:56 ff37:57 ff38:58 ff39:59 ff3a:5a ff3b:5b ff3c:5c ff3d:5d ff3e:5e ff3f:5f ff40:60 ff41:61 ff42:62 ff43:63 ff44:64 ff45:65 ff46:66 ff47:67 ff48:68 ff49:69 ff4a:6a ff4b:6b ff4c:6c ff4d:6d ff4e:6e ff4f:6f ff50:70 ff51:71 ff52:72 ff53:73 ff54:74 ff55:75 ff56:76 ff57:77 ff58:78 ff59:79 ff5a:7a ff5b:7b ff5c:7c ff5d:7d ff5e:7e + +1253 (ANSI - Greek) +00b4:2f 00c0:41 00c1:41 00c2:41 00c3:41 00c4:41 00c5:41 00c7:43 00c8:45 00c9:45 00ca:45 00cb:45 00cc:49 00cd:49 00ce:49 00cf:49 00d1:4e 00d2:4f 00d3:4f 00d4:4f 00d5:4f 00d6:4f 00d8:4f 00d9:55 00da:55 00db:55 00dc:55 00dd:59 00e0:61 00e1:61 00e2:61 00e3:61 00e4:61 00e5:61 00e7:63 00e8:65 00e9:65 00ea:65 00eb:65 00ec:69 00ed:69 00ee:69 00ef:69 00f1:6e 00f2:6f 00f3:6f 00f4:6f 00f5:6f 00f6:6f 00f8:6f 00f9:75 00fa:75 00fb:75 00fc:75 00fd:79 00ff:79 0100:41 0101:61 0102:41 0103:61 0104:41 0105:61 0106:43 0107:63 0108:43 0109:63 010a:43 010b:63 010c:43 010d:63 010e:44 010f:64 0110:44 0111:64 0112:45 0113:65 0114:45 0115:65 0116:45 0117:65 0118:45 0119:65 011a:45 011b:65 011c:47 011d:67 011e:47 011f:67 0120:47 0121:67 0122:47 0123:67 0124:48 0125:68 0126:48 0127:68 0128:49 0129:69 012a:49 012b:69 012c:49 012d:69 012e:49 012f:69 0130:49 0134:4a 0135:6a 0136:4b 0137:6b 0139:4c 013a:6c 013b:4c 013c:6c 013d:4c 013e:6c 0141:4c 0142:6c 0143:4e 0144:6e 0145:4e 0146:6e 0147:4e 0148:6e 014c:4f 014d:6f 014e:4f 014f:6f 0150:4f 0151:6f 0154:52 0155:72 0156:52 0157:72 0158:52 0159:72 015a:53 015b:73 015c:53 015d:73 015e:53 015f:73 0160:53 0161:73 0162:54 0163:74 0164:54 0165:74 0166:54 0167:74 0168:55 0169:75 016a:55 016b:75 016c:55 016d:75 016e:55 016f:75 0170:55 0171:75 0172:55 0173:75 0174:57 0175:77 0176:59 0177:79 0178:59 0179:5a 017b:5a 017c:7a 017d:5a 017e:7a 0180:62 0197:49 019a:6c 019f:4f 01a0:4f 01a1:6f 01ab:74 01ae:54 01af:55 01b0:75 01cd:41 01ce:61 01cf:49 01d0:69 01d1:4f 01d2:6f 01d3:55 01d4:75 01d5:55 01d6:75 01d7:55 01d8:75 01d9:55 01da:75 01db:55 01dc:75 01de:41 01df:61 01e4:47 01e5:67 01e6:47 01e7:67 01e8:4b 01e9:6b 01ea:4f 01eb:6f 01ec:4f 01ed:6f 01f0:6a 037e:3b 203c:21 2190:3c 2191:5e 2192:3e 2193:76 2194:2d 221f:4c 2500:2d 250c:2d 2514:4c 2518:2d 251c:2b 2524:2b 252c:54 2534:2b 253c:2b 2550:3d 2554:2d 255a:4c 255d:2d 2566:54 256c:2b 2580:2d 2584:2d 2588:2d 2591:2d 2592:2d 2593:2d 25ac:2d 25b2:5e 25ba:3e 25c4:3c 25cb:30 25d9:30 263a:4f 263b:4f 263c:30 2640:2b 2642:3e 266a:64 266b:64 ff01:21 ff02:22 ff03:23 ff04:24 ff05:25 ff06:26 ff07:27 ff08:28 ff09:29 ff0a:2a ff0b:2b ff0c:2c ff0d:2d ff0e:2e ff0f:2f ff10:30 ff11:31 ff12:32 ff13:33 ff14:34 ff15:35 ff16:36 ff17:37 ff18:38 ff19:39 ff1a:3a ff1b:3b ff1c:3c ff1d:3d ff1e:3e ff20:40 ff21:41 ff22:42 ff23:43 ff24:44 ff25:45 ff26:46 ff27:47 ff28:48 ff29:49 ff2a:4a ff2b:4b ff2c:4c ff2d:4d ff2e:4e ff2f:4f ff30:50 ff31:51 ff32:52 ff33:53 ff34:54 ff35:55 ff36:56 ff37:57 ff38:58 ff39:59 ff3a:5a ff3b:5b ff3c:5c ff3d:5d ff3e:5e ff3f:5f ff40:60 ff41:61 ff42:62 ff43:63 ff44:64 ff45:65 ff46:66 ff47:67 ff48:68 ff49:69 ff4a:6a ff4b:6b ff4c:6c ff4d:6d ff4e:6e ff4f:6f ff50:70 ff51:71 ff52:72 ff53:73 ff54:74 ff55:75 ff56:76 ff57:77 ff58:78 ff59:79 ff5a:7a ff5b:7b ff5c:7c ff5d:7d ff5e:7e + +1254 (ANSI - Turkish) +00dd:59 00fd:79 0100:41 0101:61 0102:41 0103:61 0104:41 0105:61 0106:43 0107:63 0108:43 0109:63 010a:43 010b:63 010c:43 010d:63 010e:44 010f:64 0110:44 0111:64 0112:45 0113:65 0114:45 0115:65 0116:45 0117:65 0118:45 0119:65 011a:45 011b:65 011c:47 011d:67 0120:47 0121:67 0122:47 0123:67 0124:48 0125:68 0126:48 0127:68 0128:49 0129:69 012a:49 012b:69 012c:49 012d:69 012e:49 012f:69 0134:4a 0135:6a 0136:4b 0137:6b 0139:4c 013a:6c 013b:4c 013c:6c 013d:4c 013e:6c 0141:4c 0142:6c 0143:4e 0144:6e 0145:4e 0146:6e 0147:4e 0148:6e 014c:4f 014d:6f 014e:4f 014f:6f 0150:4f 0151:6f 0154:52 0155:72 0156:52 0157:72 0158:52 0159:72 015a:53 015b:73 015c:53 015d:73 0162:54 0163:74 0164:54 0165:74 0166:54 0167:74 0168:55 0169:75 016a:55 016b:75 016c:55 016d:75 016e:55 016f:75 0170:55 0171:75 0172:55 0173:75 0174:57 0175:77 0176:59 0177:79 0179:5a 017b:5a 017c:7a 017d:5a 017e:7a 0180:62 0189:44 0197:49 019a:6c 019f:4f 01a0:4f 01a1:6f 01ab:74 01ae:54 01af:55 01b0:75 01b6:7a 01c0:7c 01c3:21 01cd:41 01ce:61 01cf:49 01d0:69 01d1:4f 01d2:6f 01d3:55 01d4:75 01d5:55 01d6:75 01d7:55 01d8:75 01d9:55 01da:75 01db:55 01dc:75 01de:41 01df:61 01e4:47 01e5:67 01e6:47 01e7:67 01e8:4b 01e9:6b 01ea:4f 01eb:6f 01ec:4f 01ed:6f 01f0:6a 0261:67 02b9:27 02ba:22 02bc:27 02c4:5e 02c7:5e 02c8:27 02cb:60 02cd:5f 02d8:5e 02d9:27 0300:60 0302:5e 0331:5f 0332:5f 04bb:68 0589:3a 066a:25 2000:20 2001:20 2002:20 2003:20 2004:20 2005:20 2006:20 2010:2d 2011:2d 2032:27 2035:60 203c:21 2044:2f 2074:34 2075:35 2076:36 2077:37 2078:38 2081:30 2084:34 2085:35 2086:36 2087:37 2088:38 2089:39 2102:43 2107:45 210a:67 210b:48 210c:48 210d:48 210e:68 2110:49 2111:49 2112:4c 2113:6c 2115:4e 2118:50 2119:50 211a:51 211b:52 211c:52 211d:52 2124:5a 2128:5a 212a:4b 212c:42 212d:43 212e:65 212f:65 2130:45 2131:46 2133:4d 2134:6f 2191:5e 2193:76 2194:2d 2195:7c 21a8:7c 2212:2d 2215:2f 2216:5c 2217:2a 221f:4c 2223:7c 2236:3a 223c:7e 2303:5e 2329:3c 232a:3e 2502:2d 250c:2d 2514:4c 2518:2d 251c:2b 2524:2b 252c:54 2534:2b 253c:2b 2550:3d 2554:2d 255a:4c 255d:2d 2566:54 256c:2b 2580:2d 2584:2d 2588:2d 2591:2d 2592:2d 2593:2d 25ac:2d 25b2:5e 25ba:3e 25c4:3c 25cb:30 25d9:30 263a:4f 263b:4f 263c:30 2640:2b 2642:3e 266a:64 266b:64 2758:7c 3000:20 3008:3c 3009:3e 301a:5b 301b:3d 301d:22 301e:22 ff01:21 ff02:22 ff03:23 ff04:24 ff05:25 ff06:26 ff07:27 ff08:28 ff09:29 ff0a:2a ff0b:2b ff0c:2c ff0d:2d ff0e:2e ff0f:2f ff10:30 ff11:31 ff12:32 ff13:33 ff14:34 ff15:35 ff16:36 ff17:37 ff18:38 ff19:39 ff1a:3a ff1b:3b ff1c:3c ff1d:3d ff1e:3e ff20:40 ff21:41 ff22:42 ff23:43 ff24:44 ff25:45 ff26:46 ff27:47 ff28:48 ff29:49 ff2a:4a ff2b:4b ff2c:4c ff2d:4d ff2e:4e ff2f:4f ff30:50 ff31:51 ff32:52 ff33:53 ff34:54 ff35:55 ff36:56 ff37:57 ff38:58 ff39:59 ff3a:5a ff3b:5b ff3c:5c ff3d:5d ff3e:5e ff3f:5f ff40:60 ff41:61 ff42:62 ff43:63 ff44:64 ff45:65 ff46:66 ff47:67 ff48:68 ff49:69 ff4a:6a ff4b:6b ff4c:6c ff4d:6d ff4e:6e ff4f:6f ff50:70 ff51:71 ff52:72 ff53:73 ff54:74 ff55:75 ff56:76 ff57:77 ff58:78 ff59:79 ff5a:7a ff5b:7b ff5c:7c ff5d:7d ff5e:7e + +1255 (ANSI - Hebrew) +0191:46 ff01:21 ff02:22 ff03:23 ff04:24 ff05:25 ff06:26 ff07:27 ff08:28 ff09:29 ff0a:2a ff0b:2b ff0c:2c ff0d:2d ff0e:2e ff0f:2f ff10:30 ff11:31 ff12:32 ff13:33 ff14:34 ff15:35 ff16:36 ff17:37 ff18:38 ff19:39 ff1a:3a ff1b:3b ff1c:3c ff1d:3d ff1e:3e ff20:40 ff21:41 ff22:42 ff23:43 ff24:44 ff25:45 ff26:46 ff27:47 ff28:48 ff29:49 ff2a:4a ff2b:4b ff2c:4c ff2d:4d ff2e:4e ff2f:4f ff30:50 ff31:51 ff32:52 ff33:53 ff34:54 ff35:55 ff36:56 ff37:57 ff38:58 ff39:59 ff3a:5a ff3b:5b ff3c:5c ff3d:5d ff3e:5e ff3f:5f ff40:60 ff41:61 ff42:62 ff43:63 ff44:64 ff45:65 ff46:66 ff47:67 ff48:68 ff49:69 ff4a:6a ff4b:6b ff4c:6c ff4d:6d ff4e:6e ff4f:6f ff50:70 ff51:71 ff52:72 ff53:73 ff54:74 ff55:75 ff56:76 ff57:77 ff58:78 ff59:79 ff5a:7a ff5b:7b ff5c:7c ff5d:7d ff5e:7e + +1256 (ANSI - Arabic) +00c0:41 00c2:41 00c7:43 00c8:45 00c9:45 00ca:45 00cb:45 00ce:49 00cf:49 00d4:4f 00d9:55 00db:55 00dc:55 0191:46 ff01:21 ff02:22 ff03:23 ff04:24 ff05:25 ff06:26 ff07:27 ff08:28 ff09:29 ff0a:2a ff0b:2b ff0c:2c ff0d:2d ff0e:2e ff0f:2f ff10:30 ff11:31 ff12:32 ff13:33 ff14:34 ff15:35 ff16:36 ff17:37 ff18:38 ff19:39 ff1a:3a ff1b:3b ff1c:3c ff1d:3d ff1e:3e ff20:40 ff21:41 ff22:42 ff23:43 ff24:44 ff25:45 ff26:46 ff27:47 ff28:48 ff29:49 ff2a:4a ff2b:4b ff2c:4c ff2d:4d ff2e:4e ff2f:4f ff30:50 ff31:51 ff32:52 ff33:53 ff34:54 ff35:55 ff36:56 ff37:57 ff38:58 ff39:59 ff3a:5a ff3b:5b ff3c:5c ff3d:5d ff3e:5e ff3f:5f ff40:60 ff41:61 ff42:62 ff43:63 ff44:64 ff45:65 ff46:66 ff47:67 ff48:68 ff49:69 ff4a:6a ff4b:6b ff4c:6c ff4d:6d ff4e:6e ff4f:6f ff50:70 ff51:71 ff52:72 ff53:73 ff54:74 ff55:75 ff56:76 ff57:77 ff58:78 ff59:79 ff5a:7a ff5b:7b ff5c:7c ff5d:7d ff5e:7e + +1257 (ANSI - Baltic) +ff01:21 ff02:22 ff03:23 ff04:24 ff05:25 ff06:26 ff07:27 ff08:28 ff09:29 ff0a:2a ff0b:2b ff0c:2c ff0d:2d ff0e:2e ff0f:2f ff10:30 ff11:31 ff12:32 ff13:33 ff14:34 ff15:35 ff16:36 ff17:37 ff18:38 ff19:39 ff1a:3a ff1b:3b ff1c:3c ff1d:3d ff1e:3e ff20:40 ff21:41 ff22:42 ff23:43 ff24:44 ff25:45 ff26:46 ff27:47 ff28:48 ff29:49 ff2a:4a ff2b:4b ff2c:4c ff2d:4d ff2e:4e ff2f:4f ff30:50 ff31:51 ff32:52 ff33:53 ff34:54 ff35:55 ff36:56 ff37:57 ff38:58 ff39:59 ff3a:5a ff3b:5b ff3c:5c ff3d:5d ff3e:5e ff3f:5f ff40:60 ff41:61 ff42:62 ff43:63 ff44:64 ff45:65 ff46:66 ff47:67 ff48:68 ff49:69 ff4a:6a ff4b:6b ff4c:6c ff4d:6d ff4e:6e ff4f:6f ff50:70 ff51:71 ff52:72 ff53:73 ff54:74 ff55:75 ff56:76 ff57:77 ff58:78 ff59:79 ff5a:7a ff5b:7b ff5c:7c ff5d:7d ff5e:7e + +1258 (ANSI/OEM - Viet Nam) +ff01:21 ff02:22 ff03:23 ff04:24 ff05:25 ff06:26 ff07:27 ff08:28 ff09:29 ff0a:2a ff0b:2b ff0c:2c ff0d:2d ff0e:2e ff0f:2f ff10:30 ff11:31 ff12:32 ff13:33 ff14:34 ff15:35 ff16:36 ff17:37 ff18:38 ff19:39 ff1a:3a ff1b:3b ff1c:3c ff1d:3d ff1e:3e ff20:40 ff21:41 ff22:42 ff23:43 ff24:44 ff25:45 ff26:46 ff27:47 ff28:48 ff29:49 ff2a:4a ff2b:4b ff2c:4c ff2d:4d ff2e:4e ff2f:4f ff30:50 ff31:51 ff32:52 ff33:53 ff34:54 ff35:55 ff36:56 ff37:57 ff38:58 ff39:59 ff3a:5a ff3b:5b ff3c:5c ff3d:5d ff3e:5e ff3f:5f ff40:60 ff41:61 ff42:62 ff43:63 ff44:64 ff45:65 ff46:66 ff47:67 ff48:68 ff49:69 ff4a:6a ff4b:6b ff4c:6c ff4d:6d ff4e:6e ff4f:6f ff50:70 ff51:71 ff52:72 ff53:73 ff54:74 ff55:75 ff56:76 ff57:77 ff58:78 ff59:79 ff5a:7a ff5b:7b ff5c:7c ff5d:7d ff5e:7e + +#INVALID CODEPAGE: 1361 +20127 (US-ASCII) +00a0:20 00a1:21 00a2:63 00a4:24 00a5:59 00a6:7c 00a9:43 00aa:61 00ab:3c 00ad:2d 00ae:52 00b2:32 00b3:33 00b7:2e 00b8:2c 00b9:31 00ba:6f 00bb:3e 00c0:41 00c1:41 00c2:41 00c3:41 00c4:41 00c5:41 00c6:41 00c7:43 00c8:45 00c9:45 00ca:45 00cb:45 00cc:49 00cd:49 00ce:49 00cf:49 00d0:44 00d1:4e 00d2:4f 00d3:4f 00d4:4f 00d5:4f 00d6:4f 00d8:4f 00d9:55 00da:55 00db:55 00dc:55 00dd:59 00e0:61 00e1:61 00e2:61 00e3:61 00e4:61 00e5:61 00e6:61 00e7:63 00e8:65 00e9:65 00ea:65 00eb:65 00ec:69 00ed:69 00ee:69 00ef:69 00f1:6e 00f2:6f 00f3:6f 00f4:6f 00f5:6f 00f6:6f 00f8:6f 00f9:75 00fa:75 00fb:75 00fc:75 00fd:79 00ff:79 0100:41 0101:61 0102:41 0103:61 0104:41 0105:61 0106:43 0107:63 0108:43 0109:63 010a:43 010b:63 010c:43 010d:63 010e:44 010f:64 0110:44 0111:64 0112:45 0113:65 0114:45 0115:65 0116:45 0117:65 0118:45 0119:65 011a:45 011b:65 011c:47 011d:67 011e:47 011f:67 0120:47 0121:67 0122:47 0123:67 0124:48 0125:68 0126:48 0127:68 0128:49 0129:69 012a:49 012b:69 012c:49 012d:69 012e:49 012f:69 0130:49 0131:69 0134:4a 0135:6a 0136:4b 0137:6b 0139:4c 013a:6c 013b:4c 013c:6c 013d:4c 013e:6c 0141:4c 0142:6c 0143:4e 0144:6e 0145:4e 0146:6e 0147:4e 0148:6e 014c:4f 014d:6f 014e:4f 014f:6f 0150:4f 0151:6f 0152:4f 0153:6f 0154:52 0155:72 0156:52 0157:72 0158:52 0159:72 015a:53 015b:73 015c:53 015d:73 015e:53 015f:73 0160:53 0161:73 0162:54 0163:74 0164:54 0165:74 0166:54 0167:74 0168:55 0169:75 016a:55 016b:75 016c:55 016d:75 016e:55 016f:75 0170:55 0171:75 0172:55 0173:75 0174:57 0175:77 0176:59 0177:79 0178:59 0179:5a 017b:5a 017c:7a 017d:5a 017e:7a 0180:62 0189:44 0191:46 0192:66 0197:49 019a:6c 019f:4f 01a0:4f 01a1:6f 01ab:74 01ae:54 01af:55 01b0:75 01b6:7a 01cd:41 01ce:61 01cf:49 01d0:69 01d1:4f 01d2:6f 01d3:55 01d4:75 01d5:55 01d6:75 01d7:55 01d8:75 01d9:55 01da:75 01db:55 01dc:75 01de:41 01df:61 01e4:47 01e5:67 01e6:47 01e7:67 01e8:4b 01e9:6b 01ea:4f 01eb:6f 01ec:4f 01ed:6f 01f0:6a 0261:67 02b9:27 02ba:22 02bc:27 02c4:5e 02c6:5e 02c8:27 02cb:60 02cd:5f 02dc:7e 0300:60 0302:5e 0303:7e 030e:22 0331:5f 0332:5f 2000:20 2001:20 2002:20 2003:20 2004:20 2005:20 2006:20 2010:2d 2011:2d 2013:2d 2014:2d 2018:27 2019:27 201a:2c 201c:22 201d:22 201e:22 2022:2e 2026:2e 2032:27 2035:60 2039:3c 203a:3e 2122:54 ff01:21 ff02:22 ff03:23 ff04:24 ff05:25 ff06:26 ff07:27 ff08:28 ff09:29 ff0a:2a ff0b:2b ff0c:2c ff0d:2d ff0e:2e ff0f:2f ff10:30 ff11:31 ff12:32 ff13:33 ff14:34 ff15:35 ff16:36 ff17:37 ff18:38 ff19:39 ff1a:3a ff1b:3b ff1c:3c ff1d:3d ff1e:3e ff20:40 ff21:41 ff22:42 ff23:43 ff24:44 ff25:45 ff26:46 ff27:47 ff28:48 ff29:49 ff2a:4a ff2b:4b ff2c:4c ff2d:4d ff2e:4e ff2f:4f ff30:50 ff31:51 ff32:52 ff33:53 ff34:54 ff35:55 ff36:56 ff37:57 ff38:58 ff39:59 ff3a:5a ff3b:5b ff3c:5c ff3d:5d ff3e:5e ff3f:5f ff40:60 ff41:61 ff42:62 ff43:63 ff44:64 ff45:65 ff46:66 ff47:67 ff48:68 ff49:69 ff4a:6a ff4b:6b ff4c:6c ff4d:6d ff4e:6e ff4f:6f ff50:70 ff51:71 ff52:72 ff53:73 ff54:74 ff55:75 ff56:76 ff57:77 ff58:78 ff59:79 ff5a:7a ff5b:7b ff5c:7c ff5d:7d ff5e:7e + +20261 (T.61) +f8dd:5c f8de:5e f8df:60 f8e0:7b f8fc:7d f8fd:7e f8fe:7f + +20866 (Russian - KOI8) +00a7:15 00ab:3c 00ad:2d 00ae:52 00b1:2b 00b6:14 00bb:3e 00c0:41 00c1:41 00c2:41 00c3:41 00c4:41 00c5:41 00c7:43 00c8:45 00c9:45 00ca:45 00cb:45 00cc:49 00cd:49 00ce:49 00cf:49 00d1:4e 00d2:4f 00d3:4f 00d4:4f 00d5:4f 00d6:4f 00d8:4f 00d9:55 00da:55 00db:55 00dc:55 00dd:59 00e0:61 00e1:61 00e2:61 00e3:61 00e4:61 00e5:61 00e7:63 00e8:65 00e9:65 00ea:65 00eb:65 00ec:69 00ed:69 00ee:69 00ef:69 00f1:6e 00f2:6f 00f3:6f 00f4:6f 00f5:6f 00f6:6f 00f8:6f 00f9:75 00fa:75 00fb:75 00fc:75 00fd:79 00ff:79 0100:41 0101:61 0102:41 0103:61 0104:41 0105:61 0106:43 0107:63 0108:43 0109:63 010a:43 010b:63 010c:43 010d:63 010e:44 010f:64 0110:44 0111:64 0112:45 0113:65 0114:45 0115:65 0116:45 0117:65 0118:45 0119:65 011a:45 011b:65 011c:47 011d:67 011e:47 011f:67 0120:47 0121:67 0122:47 0123:67 0124:48 0125:68 0126:48 0127:68 0128:49 0129:69 012a:49 012b:69 012c:49 012d:69 012e:49 012f:69 0130:49 0134:4a 0135:6a 0136:4b 0137:6b 0139:4c 013a:6c 013b:4c 013c:6c 013d:4c 013e:6c 0141:4c 0142:6c 0143:4e 0144:6e 0145:4e 0146:6e 0147:4e 0148:6e 014c:4f 014d:6f 014e:4f 014f:6f 0150:4f 0151:6f 0154:52 0155:72 0156:52 0157:72 0158:52 0159:72 015a:53 015b:73 015c:53 015d:73 015e:53 015f:73 0160:53 0161:73 0162:54 0163:74 0164:54 0165:74 0166:54 0167:74 0168:55 0169:75 016a:55 016b:75 016c:55 016d:75 016e:55 016f:75 0170:55 0171:75 0172:55 0173:75 0174:57 0175:77 0176:59 0177:79 0178:59 0179:5a 017b:5a 017c:7a 017d:5a 017e:7a 0180:62 0197:49 019a:6c 019f:4f 01a0:4f 01a1:6f 01ab:74 01ae:54 01af:55 01b0:75 01cd:41 01ce:61 01cf:49 01d0:69 01d1:4f 01d2:6f 01d3:55 01d4:75 01d5:55 01d6:75 01d7:55 01d8:75 01d9:55 01da:75 01db:55 01dc:75 01de:41 01df:61 01e4:47 01e5:67 01e6:47 01e7:67 01e8:4b 01e9:6b 01ea:4f 01eb:6f 01ec:4f 01ed:6f 01f0:6a 2013:2d 2014:2d 2018:27 2019:27 201a:27 201c:22 201d:22 201e:22 2022:07 2026:3a 2030:25 2039:3c 203a:3e 203c:13 2122:54 2190:1b 2191:18 2192:1a 2193:19 2194:1d 2195:12 21a8:17 221f:1c 2302:7f 25ac:16 25b2:1e 25ba:10 25bc:1f 25c4:11 25cb:09 25d8:08 25d9:0a 263a:01 263b:02 263c:0f 2640:0c 2642:0b 2660:06 2663:05 2665:03 2666:04 266a:0d 266b:0e + +28591 (ISO 8859-1 Latin I) +0100:41 0101:61 0102:41 0103:61 0104:41 0105:61 0106:43 0107:63 0108:43 0109:63 010a:43 010b:63 010c:43 010d:63 010e:44 010f:64 0110:44 0111:64 0112:45 0113:65 0114:45 0115:65 0116:45 0117:65 0118:45 0119:65 011a:45 011b:65 011c:47 011d:67 011e:47 011f:67 0120:47 0121:67 0122:47 0123:67 0124:48 0125:68 0126:48 0127:68 0128:49 0129:69 012a:49 012b:69 012c:49 012d:69 012e:49 012f:69 0130:49 0131:69 0134:4a 0135:6a 0136:4b 0137:6b 0139:4c 013a:6c 013b:4c 013c:6c 013d:4c 013e:6c 0141:4c 0142:6c 0143:4e 0144:6e 0145:4e 0146:6e 0147:4e 0148:6e 014c:4f 014d:6f 014e:4f 014f:6f 0150:4f 0151:6f 0152:4f 0153:6f 0154:52 0155:72 0156:52 0157:72 0158:52 0159:72 015a:53 015b:73 015c:53 015d:73 015e:53 015f:73 0160:53 0161:73 0162:54 0163:74 0164:54 0165:74 0166:54 0167:74 0168:55 0169:75 016a:55 016b:75 016c:55 016d:75 016e:55 016f:75 0170:55 0171:75 0172:55 0173:75 0174:57 0175:77 0176:59 0177:79 0178:59 0179:5a 017b:5a 017c:7a 017d:5a 017e:7a 0180:62 0189:44 0191:46 0192:66 0197:49 019a:6c 019f:4f 01a0:4f 01a1:6f 01ab:74 01ae:54 01af:55 01b0:75 01b6:7a 01cd:41 01ce:61 01cf:49 01d0:69 01d1:4f 01d2:6f 01d3:55 01d4:75 01d5:55 01d6:75 01d7:55 01d8:75 01d9:55 01da:75 01db:55 01dc:75 01de:41 01df:61 01e4:47 01e5:67 01e6:47 01e7:67 01e8:4b 01e9:6b 01ea:4f 01eb:6f 01ec:4f 01ed:6f 01f0:6a 0261:67 02b9:27 02ba:22 02bc:27 02c4:5e 02c6:5e 02c8:27 02cb:60 02cd:5f 02dc:7e 0300:60 0302:5e 0303:7e 030e:22 0331:5f 0332:5f 2000:20 2001:20 2002:20 2003:20 2004:20 2005:20 2006:20 2010:2d 2011:2d 2013:2d 2014:2d 2018:27 2019:27 201a:2c 201c:22 201d:22 201e:22 2022:2e 2026:2e 2032:27 2035:60 2039:3c 203a:3e 2122:54 ff01:21 ff02:22 ff03:23 ff04:24 ff05:25 ff06:26 ff07:27 ff08:28 ff09:29 ff0a:2a ff0b:2b ff0c:2c ff0d:2d ff0e:2e ff0f:2f ff10:30 ff11:31 ff12:32 ff13:33 ff14:34 ff15:35 ff16:36 ff17:37 ff18:38 ff19:39 ff1a:3a ff1b:3b ff1c:3c ff1d:3d ff1e:3e ff20:40 ff21:41 ff22:42 ff23:43 ff24:44 ff25:45 ff26:46 ff27:47 ff28:48 ff29:49 ff2a:4a ff2b:4b ff2c:4c ff2d:4d ff2e:4e ff2f:4f ff30:50 ff31:51 ff32:52 ff33:53 ff34:54 ff35:55 ff36:56 ff37:57 ff38:58 ff39:59 ff3a:5a ff3b:5b ff3c:5c ff3d:5d ff3e:5e ff3f:5f ff40:60 ff41:61 ff42:62 ff43:63 ff44:64 ff45:65 ff46:66 ff47:67 ff48:68 ff49:69 ff4a:6a ff4b:6b ff4c:6c ff4d:6d ff4e:6e ff4f:6f ff50:70 ff51:71 ff52:72 ff53:73 ff54:74 ff55:75 ff56:76 ff57:77 ff58:78 ff59:79 ff5a:7a ff5b:7b ff5c:7c ff5d:7d ff5e:7e + +28592 (ISO 8859-2 Central Europe) +00a1:21 00a2:63 00a5:59 00a6:7c 00a9:43 00aa:61 00ab:3c 00ae:52 00b2:32 00b3:33 00b7:2e 00b9:31 00ba:6f 00bb:3e 00c0:41 00c3:41 00c5:41 00c6:41 00c8:45 00ca:45 00cc:49 00cf:49 00d0:44 00d1:4e 00d2:4f 00d5:4f 00d8:4f 00d9:55 00db:55 00e0:61 00e3:61 00e5:61 00e6:61 00e8:65 00ea:65 00ec:69 00ef:69 00f1:6e 00f2:6f 00f5:6f 00f8:6f 00f9:75 00fb:75 00ff:79 0100:41 0101:61 0108:43 0109:63 010a:43 010b:63 0112:45 0113:65 0114:45 0115:65 0116:45 0117:65 011c:47 011d:67 011e:47 011f:67 0120:47 0121:67 0122:47 0123:67 0124:48 0125:68 0126:48 0127:68 0128:49 0129:69 012a:49 012b:69 012c:49 012d:69 012e:49 012f:69 0130:49 0131:69 0134:4a 0135:6a 0136:4b 0137:6b 013b:4c 013c:6c 0145:4e 0146:6e 014c:4f 014d:6f 014e:4f 014f:6f 0152:4f 0153:6f 0156:52 0157:72 015c:53 015d:73 0166:54 0167:74 0168:55 0169:75 016a:55 016b:75 016c:55 016d:75 0172:55 0173:75 0174:57 0175:77 0176:59 0177:79 0178:59 0180:62 0189:44 0191:46 0192:66 0197:49 019a:6c 019f:4f 01a0:4f 01a1:6f 01ab:74 01ae:54 01af:55 01b0:75 01b6:7a 01cd:41 01ce:61 01cf:49 01d0:69 01d1:4f 01d2:6f 01d3:55 01d4:75 01d5:55 01d6:75 01d7:55 01d8:75 01d9:55 01da:75 01db:55 01dc:75 01de:41 01df:61 01e4:47 01e5:67 01e6:47 01e7:67 01e8:4b 01e9:6b 01ea:4f 01eb:6f 01ec:4f 01ed:6f 01f0:6a 0261:67 02b9:27 02ba:22 02bc:27 02c4:5e 02c6:5e 02c8:27 02cb:60 02cd:5f 02dc:7e 0300:60 0302:5e 0303:7e 030e:22 0331:5f 0332:5f 2000:20 2001:20 2002:20 2003:20 2004:20 2005:20 2006:20 2010:2d 2011:2d 2013:2d 2014:2d 2018:27 2019:27 201a:2c 201c:22 201d:22 201e:22 2022:2e 2026:2e 2032:27 2035:60 2039:3c 203a:3e 2122:54 ff01:21 ff02:22 ff03:23 ff04:24 ff05:25 ff06:26 ff07:27 ff08:28 ff09:29 ff0a:2a ff0b:2b ff0c:2c ff0d:2d ff0e:2e ff0f:2f ff10:30 ff11:31 ff12:32 ff13:33 ff14:34 ff15:35 ff16:36 ff17:37 ff18:38 ff19:39 ff1a:3a ff1b:3b ff1c:3c ff1d:3d ff1e:3e ff20:40 ff21:41 ff22:42 ff23:43 ff24:44 ff25:45 ff26:46 ff27:47 ff28:48 ff29:49 ff2a:4a ff2b:4b ff2c:4c ff2d:4d ff2e:4e ff2f:4f ff30:50 ff31:51 ff32:52 ff33:53 ff34:54 ff35:55 ff36:56 ff37:57 ff38:58 ff39:59 ff3a:5a ff3b:5b ff3c:5c ff3d:5d ff3e:5e ff3f:5f ff40:60 ff41:61 ff42:62 ff43:63 ff44:64 ff45:65 ff46:66 ff47:67 ff48:68 ff49:69 ff4a:6a ff4b:6b ff4c:6c ff4d:6d ff4e:6e ff4f:6f ff50:70 ff51:71 ff52:72 ff53:73 ff54:74 ff55:75 ff56:76 ff57:77 ff58:78 ff59:79 ff5a:7a ff5b:7b ff5c:7c ff5d:7d ff5e:7e + +#INVALID CODEPAGE: 28595 +#INVALID CODEPAGE: 28597 +28605 (ISO 8859-15 Latin 9) +00a6:7c 0100:41 0101:61 0102:41 0103:61 0104:41 0105:61 0106:43 0107:63 0108:43 0109:63 010a:43 010b:63 010c:43 010d:63 010e:44 010f:64 0112:45 0113:65 0114:45 0115:65 0116:45 0117:65 0118:45 0119:65 011a:45 011b:65 011c:47 011d:67 011e:47 011f:67 0120:47 0121:67 0122:47 0123:67 0124:48 0125:68 0126:48 0127:68 0128:49 0129:69 012a:49 012b:69 012c:49 012d:69 012e:49 012f:69 0130:49 0131:69 0134:4a 0135:6a 0136:4b 0137:6b 0138:6b 0139:4c 013a:6c 013b:4c 013c:6c 013d:4c 013e:6c 0141:4c 0142:6c 0143:4e 0144:6e 0145:4e 0146:6e 0147:4e 0148:6e 014a:4e 014b:6e 014c:4f 014d:6f 014e:4f 014f:6f 0150:4f 0151:6f 0154:52 0155:72 0156:52 0157:72 0158:52 0159:72 015a:53 015b:73 015c:53 015d:73 015e:53 015f:73 0162:54 0163:74 0164:54 0165:74 0166:54 0167:74 0168:54 0169:74 016a:55 016b:75 016c:55 016d:75 016e:55 016f:75 0170:55 0171:75 0172:55 0173:75 0174:57 0175:77 0176:59 0177:79 0179:5a 017b:5a 017c:7a 0180:62 0189:44 0191:46 0192:66 0197:49 019a:6c 019f:4f 01a0:4f 01a1:6f 01ab:74 01ae:54 01af:55 01b0:75 01b6:7a 01cd:41 01ce:61 01cf:49 01d0:69 01d1:4f 01d2:6f 01d3:55 01d4:75 01d5:55 01d6:75 01d7:55 01d8:75 01d9:55 01da:75 01db:55 01dc:75 01de:41 01df:61 01e4:47 01e5:67 01e6:47 01e7:67 01e8:4b 01e9:6b 01ea:4f 01eb:6f 01ec:4f 01ed:6f 01f0:6a 0261:67 02b9:27 02ba:22 02bc:27 02c4:5e 02c6:5e 02c8:27 02cb:60 02cd:5f 02dc:7e 0300:60 0302:5e 0303:7e 030e:22 0331:5f 0332:5f 2000:20 2001:20 2002:20 2003:20 2004:20 2005:20 2006:20 2010:2d 2011:2d 2013:2d 2014:2d 2018:27 2019:27 201a:2c 201c:22 201d:22 201e:22 2022:2e 2026:2e 2032:27 2035:60 2039:3c 203a:3e 2122:54 ff01:21 ff02:22 ff03:23 ff04:24 ff05:25 ff06:26 ff07:27 ff08:28 ff09:29 ff0a:2a ff0b:2b ff0c:2c ff0d:2d ff0e:2e ff0f:2f ff10:30 ff11:31 ff12:32 ff13:33 ff14:34 ff15:35 ff16:36 ff17:37 ff18:38 ff19:39 ff1a:3a ff1b:3b ff1c:3c ff1d:3d ff1e:3e ff20:40 ff21:41 ff22:42 ff23:43 ff24:44 ff25:45 ff26:46 ff27:47 ff28:48 ff29:49 ff2a:4a ff2b:4b ff2c:4c ff2d:4d ff2e:4e ff2f:4f ff30:50 ff31:51 ff32:52 ff33:53 ff34:54 ff35:55 ff36:56 ff37:57 ff38:58 ff39:59 ff3a:5a ff3b:5b ff3c:5c ff3d:5d ff3e:5e ff3f:5f ff40:60 ff41:61 ff42:62 ff43:63 ff44:64 ff45:65 ff46:66 ff47:67 ff48:68 ff49:69 ff4a:6a ff4b:6b ff4c:6c ff4d:6d ff4e:6e ff4f:6f ff50:70 ff51:71 ff52:72 ff53:73 ff54:74 ff55:75 ff56:76 ff57:77 ff58:78 ff59:79 ff5a:7a ff5b:7b ff5c:7c ff5d:7d ff5e:7e + +37 (IBM EBCDIC - U.S./Canada) +0004:37 0005:2d 0006:2e 0007:2f 0008:16 0009:05 000a:25 0014:3c 0015:3d 0016:32 0017:26 001a:3f 001b:27 0020:40 0021:5a 0022:7f 0023:7b 0024:5b 0025:6c 0026:50 0027:7d 0028:4d 0029:5d 002a:5c 002b:4e 002c:6b 002d:60 002e:4b 002f:61 003a:7a 003b:5e 003c:4c 003d:7e 003e:6e 003f:6f 0040:7c 005f:6d 0060:79 007c:4f 007f:07 0080:20 0081:21 0082:22 0083:23 0084:24 0085:15 0086:06 0087:17 0088:28 0089:29 008a:2a 008b:2b 008c:2c 008d:09 008e:0a 008f:1b 0090:30 0091:31 0092:1a 0093:33 0094:34 0095:35 0096:36 0097:08 0098:38 0099:39 009a:3a 009b:3b 009c:04 009d:14 009e:3e 00a0:41 00a2:4a 00a6:6a 00ac:5f 00c0:64 00c1:65 00c2:62 00c3:66 00c4:63 00c5:67 00c7:68 00c8:74 00c9:71 00ca:72 00cb:73 00cc:78 00cd:75 00ce:76 00cf:77 00d1:69 00df:59 00e0:44 00e1:45 00e2:42 00e3:46 00e4:43 00e5:47 00e7:48 00e8:54 00e9:51 00ea:52 00eb:53 00ec:58 00ed:55 00ee:56 00ef:57 00f1:49 00f8:70 ff01:5a ff02:7f ff03:7b ff04:5b ff05:6c ff06:50 ff07:7d ff08:4d ff09:5d ff0a:5c ff0b:4e ff0c:6b ff0d:60 ff0e:4b ff0f:61 ff1a:7a ff1b:5e ff1c:4c ff1d:7e ff1e:6e ff20:7c ff3f:6d ff40:79 ff5c:4f + +437 (OEM - United States) +00a4:0f 00a7:15 00a8:22 00a9:63 00ad:2d 00ae:72 00af:5f 00b3:33 00b4:27 00b6:14 00b8:2c 00b9:31 00be:5f 00c0:41 00c1:41 00c2:41 00c3:41 00c8:45 00ca:45 00cb:45 00cc:49 00cd:49 00ce:49 00cf:49 00d0:44 00d2:4f 00d3:4f 00d4:4f 00d5:4f 00d7:78 00d8:4f 00d9:55 00da:55 00db:55 00dd:59 00de:5f 00e3:61 00f0:64 00f5:6f 00f8:6f 00fd:79 00fe:5f 0100:41 0101:61 0102:41 0103:61 0104:41 0105:61 0106:43 0107:63 0108:43 0109:63 010a:43 010b:63 010c:43 010d:63 010e:44 010f:64 0110:44 0111:64 0112:45 0113:65 0114:45 0115:65 0116:45 0117:65 0118:45 0119:65 011a:45 011b:65 011c:47 011d:67 011e:47 011f:67 0120:47 0121:67 0122:47 0123:67 0124:48 0125:68 0126:48 0127:68 0128:49 0129:69 012a:49 012b:69 012c:49 012d:69 012e:49 012f:69 0130:49 0131:69 0134:4a 0135:6a 0136:4b 0137:6b 0139:4c 013a:6c 013b:4c 013c:6c 013d:4c 013e:6c 0141:4c 0142:6c 0143:4e 0144:6e 0145:4e 0146:6e 0147:4e 0148:6e 014c:4f 014d:6f 014e:4f 014f:6f 0150:4f 0151:6f 0152:4f 0153:6f 0154:52 0155:72 0156:52 0157:72 0158:52 0159:72 015a:53 015b:73 015c:53 015d:73 015e:53 015f:73 0160:53 0161:73 0162:54 0163:74 0164:54 0165:74 0166:54 0167:74 0168:55 0169:75 016a:55 016b:75 016c:55 016d:75 016e:55 016f:75 0170:55 0171:75 0172:55 0173:75 0174:57 0175:77 0176:59 0177:79 0178:59 0179:5a 017b:5a 017c:7a 017d:5a 017e:7a 0180:62 0189:44 0197:49 019a:6c 019f:4f 01a0:4f 01a1:6f 01ab:74 01ae:54 01af:55 01b0:75 01b6:7a 01c0:7c 01c3:21 01cd:41 01ce:61 01cf:49 01d0:69 01d1:4f 01d2:6f 01d3:55 01d4:75 01d5:55 01d6:75 01d7:55 01d8:75 01d9:55 01da:75 01db:55 01dc:75 01de:41 01df:61 01e4:47 01e5:67 01e6:47 01e7:67 01e8:4b 01e9:6b 01ea:4f 01eb:6f 01ec:4f 01ed:6f 01f0:6a 0261:67 02b9:27 02ba:22 02bc:27 02c4:5e 02c6:5e 02c8:27 02ca:27 02cb:60 02cd:5f 02dc:7e 0300:60 0301:27 0302:5e 0303:7e 0308:22 030e:22 0327:2c 0331:5f 0332:5f 037e:3b 04bb:68 0589:3a 066a:25 2000:20 2001:20 2002:20 2003:20 2004:20 2005:20 2006:20 2010:2d 2011:2d 2013:2d 2014:2d 2017:5f 2018:60 2019:27 201a:2c 201c:22 201d:22 201e:2c 2020:2b 2022:07 2026:2e 2030:25 2032:27 2035:60 2039:3c 203a:3e 203c:13 2044:2f 2074:34 2075:35 2076:36 2077:37 2078:38 2080:30 2081:31 2082:32 2083:33 2084:34 2085:35 2086:36 2087:37 2088:38 2089:39 20dd:09 2102:43 2107:45 210a:67 210b:48 210c:48 210d:48 210e:68 2110:49 2111:49 2112:4c 2113:6c 2115:4e 2118:50 2119:50 211a:51 211b:52 211c:52 211d:52 2122:54 2124:5a 2128:5a 212a:4b 212c:42 212d:43 212e:65 212f:65 2130:45 2131:46 2133:4d 2134:6f 2190:1b 2191:18 2192:1a 2193:19 2194:1d 2195:12 21a8:17 2212:2d 2215:2f 2216:5c 2217:2a 221f:1c 2223:7c 2236:3a 223c:7e 2302:7f 2303:5e 2329:3c 232a:3e 25ac:16 25b2:1e 25ba:10 25bc:1f 25c4:11 25cb:09 25d8:08 25d9:0a 263a:01 263b:02 263c:0f 2640:0c 2642:0b 2660:06 2663:05 2665:03 2666:04 266a:0d 266b:0e 2758:7c 3000:20 3007:09 3008:3c 3009:3e 301a:5b 301b:5d ff01:21 ff02:22 ff03:23 ff04:24 ff05:25 ff06:26 ff07:27 ff08:28 ff09:29 ff0a:2a ff0b:2b ff0c:2c ff0d:2d ff0e:2e ff0f:2f ff10:30 ff11:31 ff12:32 ff13:33 ff14:34 ff15:35 ff16:36 ff17:37 ff18:38 ff19:39 ff1a:3a ff1b:3b ff1c:3c ff1d:3d ff1e:3e ff20:40 ff21:41 ff22:42 ff23:43 ff24:44 ff25:45 ff26:46 ff27:47 ff28:48 ff29:49 ff2a:4a ff2b:4b ff2c:4c ff2d:4d ff2e:4e ff2f:4f ff30:50 ff31:51 ff32:52 ff33:53 ff34:54 ff35:55 ff36:56 ff37:57 ff38:58 ff39:59 ff3a:5a ff3b:5b ff3c:5c ff3d:5d ff3e:5e ff3f:5f ff40:60 ff41:61 ff42:62 ff43:63 ff44:64 ff45:65 ff46:66 ff47:67 ff48:68 ff49:69 ff4a:6a ff4b:6b ff4c:6c ff4d:6d ff4e:6e ff4f:6f ff50:70 ff51:71 ff52:72 ff53:73 ff54:74 ff55:75 ff56:76 ff57:77 ff58:78 ff59:79 ff5a:7a ff5b:7b ff5c:7c ff5d:7d ff5e:7e + +500 (IBM EBCDIC - International) +0004:37 0005:2d 0006:2e 0007:2f 0008:16 0009:05 000a:25 0014:3c 0015:3d 0016:32 0017:26 001a:3f 001b:27 0020:40 0021:4f 0022:7f 0023:7b 0024:5b 0025:6c 0026:50 0027:7d 0028:4d 0029:5d 002a:5c 002b:4e 002c:6b 002d:60 002e:4b 002f:61 003a:7a 003b:5e 003c:4c 003d:7e 003e:6e 003f:6f 0040:7c 005b:4a 005d:5a 005e:5f 005f:6d 0060:79 007f:07 0080:20 0081:21 0082:22 0083:23 0084:24 0085:15 0086:06 0087:17 0088:28 0089:29 008a:2a 008b:2b 008c:2c 008d:09 008e:0a 008f:1b 0090:30 0091:31 0092:1a 0093:33 0094:34 0095:35 0096:36 0097:08 0098:38 0099:39 009a:3a 009b:3b 009c:04 009d:14 009e:3e 00a0:41 00a6:6a 00c0:64 00c1:65 00c2:62 00c3:66 00c4:63 00c5:67 00c7:68 00c8:74 00c9:71 00ca:72 00cb:73 00cc:78 00cd:75 00ce:76 00cf:77 00d1:69 00df:59 00e0:44 00e1:45 00e2:42 00e3:46 00e4:43 00e5:47 00e7:48 00e8:54 00e9:51 00ea:52 00eb:53 00ec:58 00ed:55 00ee:56 00ef:57 00f1:49 00f8:70 ff01:4f ff02:7f ff03:7b ff04:5b ff05:6c ff06:50 ff07:7d ff08:4d ff09:5d ff0a:5c ff0b:4e ff0c:6b ff0d:60 ff0e:4b ff0f:61 ff1a:7a ff1b:5e ff1c:4c ff1d:7e ff1e:6e ff20:7c ff3b:4a ff3d:5a ff3e:5f ff3f:6d ff40:79 + +850 (OEM - Multilingual Latin I) +0100:41 0101:61 0102:41 0103:61 0104:41 0105:61 0106:43 0107:63 0108:43 0109:63 010a:43 010b:63 010c:43 010d:63 010e:44 010f:64 0110:44 0111:64 0112:45 0113:65 0114:45 0115:65 0116:45 0117:65 0118:45 0119:65 011a:45 011b:65 011c:47 011d:67 011e:47 011f:67 0120:47 0121:67 0122:47 0123:67 0124:48 0125:68 0126:48 0127:68 0128:49 0129:69 012a:49 012b:69 012c:49 012d:69 012e:49 012f:69 0130:49 0134:4a 0135:6a 0136:4b 0137:6b 0139:4c 013a:6c 013b:4c 013c:6c 013d:4c 013e:6c 0141:4c 0142:6c 0143:4e 0144:6e 0145:4e 0146:6e 0147:4e 0148:6e 014c:4f 014d:6f 014e:4f 014f:6f 0150:4f 0151:6f 0152:4f 0153:6f 0154:52 0155:72 0156:52 0157:72 0158:52 0159:72 015a:53 015b:73 015c:53 015d:73 015e:53 015f:73 0160:53 0161:73 0162:54 0163:74 0164:54 0165:74 0166:54 0167:74 0168:55 0169:75 016a:55 016b:75 016c:55 016d:75 016e:55 016f:75 0170:55 0171:75 0172:55 0173:75 0174:57 0175:77 0176:59 0177:79 0178:59 0179:5a 017b:5a 017c:7a 017d:5a 017e:7a 0180:62 0189:44 0197:49 019a:6c 019f:4f 01a0:4f 01a1:6f 01a9:53 01ab:74 01ae:54 01af:55 01b0:75 01b6:5a 01c3:21 01cd:41 01ce:61 01cf:49 01d0:69 01d1:4f 01d2:6f 01d3:55 01d4:75 01d5:55 01d6:75 01d7:55 01d8:75 01d9:55 01da:75 01db:55 01dc:75 01de:41 01df:61 01e4:47 01e5:67 01e6:47 01e7:67 01e8:4b 01e9:6b 01ea:4f 01eb:6f 01ec:4f 01ed:6f 01f0:6a 0261:67 02ba:22 02bc:27 02c4:5e 02c6:5e 02c8:27 02cb:27 02cd:5f 02dc:7e 0300:27 0302:5e 0303:7e 030e:22 0331:5f 0332:5f 037e:3b 0393:47 03a3:53 03a6:46 03a9:4f 03b1:61 03b4:64 03b5:65 03c0:70 03c3:73 03c4:74 03c6:66 04bb:68 0589:3a 066a:25 2000:20 2001:20 2002:20 2003:20 2004:20 2005:20 2006:20 2010:2d 2011:2d 2013:2d 2014:2d 2018:27 2019:27 201a:27 201c:22 201d:22 201e:22 2022:07 2024:07 2026:2e 2030:25 2039:3c 203a:3e 203c:13 2044:2f 2070:30 2074:34 2075:35 2076:36 2077:37 2078:39 207f:6e 2080:30 2084:34 2085:35 2086:36 2087:37 2088:38 2089:39 20a7:50 20dd:4f 2102:43 2107:45 210a:67 210b:48 210c:48 210d:48 210e:68 2110:49 2111:49 2112:4c 2113:6c 2115:4e 2118:50 2119:50 211a:51 211b:52 211c:52 211d:52 2122:54 2124:5a 2126:4f 2128:5a 212a:4b 212c:42 212d:43 212e:65 212f:65 2130:45 2131:46 2133:4d 2134:6f 2190:1b 2191:18 2192:1a 2193:19 2194:1d 2195:12 21a8:17 2211:53 2212:2d 2215:2f 2216:2f 2217:2a 2219:07 221a:56 221e:38 221f:1c 2229:6e 2236:3a 223c:7e 2248:7e 2261:3d 2264:3d 2265:3d 2302:7f 2303:5e 2320:28 2321:29 2329:3c 232a:3e 25ac:16 25b2:1e 25ba:10 25bc:1f 25c4:11 25cb:09 25d8:08 25d9:0a 263a:01 263b:02 263c:0f 2640:0c 2642:0b 2660:06 2663:05 2665:03 2666:04 266a:0d 266b:0e 2713:56 3000:20 3007:4f 3008:3c 3009:3e 301a:5b 301b:5d ff01:21 ff02:22 ff03:23 ff04:24 ff05:25 ff06:26 ff07:27 ff08:28 ff09:29 ff0a:2a ff0b:2b ff0c:2c ff0d:2d ff0e:2e ff0f:2f ff10:30 ff11:31 ff12:32 ff13:33 ff14:34 ff15:35 ff16:36 ff17:37 ff18:38 ff19:39 ff1a:3a ff1b:3b ff1c:3c ff1d:3d ff1e:3e ff20:40 ff21:41 ff22:42 ff23:43 ff24:44 ff25:45 ff26:46 ff27:47 ff28:48 ff29:49 ff2a:4a ff2b:4b ff2c:4c ff2d:4d ff2e:4e ff2f:4f ff30:50 ff31:51 ff32:52 ff33:53 ff34:54 ff35:55 ff36:56 ff37:57 ff38:58 ff39:59 ff3a:5a ff3b:5b ff3c:5c ff3d:5d ff3e:5e ff3f:5f ff40:60 ff41:61 ff42:62 ff43:63 ff44:64 ff45:65 ff46:66 ff47:67 ff48:68 ff49:69 ff4a:6a ff4b:6b ff4c:6c ff4d:6d ff4e:6e ff4f:6f ff50:70 ff51:71 ff52:72 ff53:73 ff54:74 ff55:75 ff56:76 ff57:77 ff58:78 ff59:79 ff5a:7a ff5b:7b ff5c:7c ff5d:7d ff5e:7e + +860 (OEM - Portuguese) +00a4:0f 00a5:59 00a7:15 00a8:22 00a9:63 00ad:5f 00ae:72 00af:16 00b3:33 00b4:2f 00b6:14 00b8:2c 00b9:31 00be:33 00c4:41 00c5:41 00c6:41 00cb:45 00ce:49 00cf:49 00d0:44 00d6:4f 00d7:58 00d8:4f 00db:55 00dd:59 00de:54 00e4:61 00e5:61 00e6:61 00eb:65 00ee:69 00ef:69 00f0:64 00f6:6f 00f8:6f 00fb:75 00fd:79 00fe:74 00ff:79 0100:41 0101:61 0102:41 0103:61 0104:41 0105:61 0106:43 0107:63 0108:43 0109:63 010a:43 010b:63 010c:43 010d:63 010e:44 010f:64 0110:44 0111:64 0112:45 0113:65 0114:45 0115:65 0116:45 0117:65 0118:45 0119:65 011a:45 011b:65 011c:47 011d:67 011e:47 011f:67 0120:47 0121:67 0122:47 0123:67 0124:48 0125:68 0126:48 0127:68 0128:49 0129:69 012a:49 012b:69 012c:49 012d:69 012e:49 012f:69 0130:49 0131:69 0134:4a 0135:6a 0136:4b 0137:6b 0139:4c 013a:6c 013b:4c 013c:6c 013d:4c 013e:6c 0141:4c 0142:6c 0143:4e 0144:6e 0145:4e 0146:6e 0147:4e 0148:6e 014c:4f 014d:6f 014e:4f 014f:6f 0150:4f 0151:6f 0152:4f 0153:6f 0154:52 0155:72 0156:52 0157:72 0158:52 0159:72 015a:53 015b:73 015c:53 015d:73 015e:53 015f:73 0160:5c 0161:7c 0162:54 0163:74 0164:54 0165:74 0166:54 0167:74 0168:55 0169:75 016a:55 016b:75 016c:55 016d:75 016e:55 016f:75 0170:55 0171:75 0172:55 0173:75 0174:57 0175:77 0176:59 0177:79 0178:59 0179:5a 017b:5a 017c:7a 017d:5a 017e:7a 0180:62 0189:44 0191:46 0192:66 0197:49 019a:6c 019f:4f 01a0:4f 01a1:6f 01ab:74 01ae:54 01af:55 01b0:75 01b6:7a 01c0:7c 01c3:21 01cd:41 01ce:61 01cf:49 01d0:69 01d1:4f 01d2:6f 01d3:55 01d4:75 01d5:55 01d6:75 01d7:55 01d8:75 01d9:55 01da:75 01db:55 01dc:75 01de:41 01df:61 01e4:47 01e5:67 01e6:47 01e7:67 01e8:4b 01e9:6b 01ea:4f 01eb:6f 01ec:4f 01ed:6f 01f0:6a 0261:67 0278:66 02b9:27 02ba:22 02bc:27 02c4:5e 02c6:5e 02c8:27 02c9:16 02ca:2f 02cb:60 02cd:5f 02dc:7e 0300:60 0301:2f 0302:5e 0303:7e 0304:16 0305:16 0308:22 030e:22 0327:2c 0331:5f 0332:5f 037e:3b 04bb:68 0589:3a 066a:25 2000:20 2001:20 2002:20 2003:20 2004:20 2005:20 2006:20 2010:5f 2011:5f 2013:5f 2014:5f 2017:5f 2018:27 2019:27 201a:2c 201c:22 201d:22 201e:22 2022:07 2024:07 2026:2e 2030:25 2032:27 2035:60 2039:3c 203a:3e 203c:13 2044:2f 2070:30 2074:34 2075:35 2076:36 2077:37 2078:38 2080:30 2081:31 2083:33 2084:34 2085:35 2086:36 2087:37 2088:38 2089:39 20dd:4f 2102:43 2107:45 210a:67 210b:48 210c:48 210d:48 210e:68 2110:49 2111:49 2112:4c 2113:6c 2115:4e 2118:70 2119:50 211a:51 211b:52 211c:52 211d:52 2122:74 2124:5a 2128:5a 212a:4b 212b:41 212c:42 212d:43 212e:65 212f:65 2130:45 2131:46 2133:4d 2134:6f 2190:1b 2191:18 2192:1a 2193:19 2194:1d 2195:12 21a8:17 2205:4f 2212:5f 2215:2f 2216:5c 2217:2a 221f:1c 2223:7c 2236:3a 223c:7e 22c5:07 2302:7f 2303:5e 2329:3c 232a:3e 25ac:16 25b2:1e 25ba:10 25bc:1f 25c4:11 25cb:09 25d8:08 25d9:0a 263a:01 263b:02 263c:0f 2640:0c 2642:0b 2660:06 2663:05 2665:03 2666:04 266a:0d 266b:0e 3000:20 3007:4f 3008:3c 3009:3e 301a:5b 301b:5d 30fb:07 + +861 (OEM - Icelandic) +00a2:63 00a4:0f 00a5:59 00a7:15 00a8:22 00a9:63 00aa:61 00ad:5f 00ae:72 00af:16 00b3:33 00b4:2f 00b6:14 00b8:2c 00b9:31 00ba:6f 00be:33 00c0:41 00c2:41 00c3:41 00c8:45 00ca:45 00cb:45 00cc:49 00ce:49 00cf:49 00d1:4e 00d2:4f 00d4:4f 00d5:4f 00d7:58 00d9:55 00db:55 00e3:61 00ec:69 00ee:69 00ef:69 00f1:6e 00f2:6f 00f5:6f 00f9:75 00ff:79 0100:41 0101:61 0102:41 0103:61 0104:41 0105:61 0106:43 0107:63 0108:43 0109:63 010a:43 010b:63 010c:43 010d:63 010e:44 010f:64 0111:64 0112:45 0113:65 0114:45 0115:65 0116:45 0117:65 0118:45 0119:65 011a:45 011b:65 011c:47 011d:67 011e:47 011f:67 0120:47 0121:67 0122:47 0123:67 0124:48 0125:68 0126:48 0127:68 0128:49 0129:69 012a:49 012b:69 012c:49 012d:69 012e:49 012f:69 0130:49 0131:69 0134:4a 0135:6a 0136:4b 0137:6b 0139:4c 013a:6c 013b:4c 013c:6c 013d:4c 013e:6c 0141:4c 0142:6c 0143:4e 0144:6e 0145:4e 0146:6e 0147:4e 0148:6e 014c:4f 014d:6f 014e:4f 014f:6f 0150:4f 0151:6f 0152:4f 0153:6f 0154:52 0155:72 0156:52 0157:72 0158:52 0159:72 015a:53 015b:73 015c:53 015d:73 015e:53 015f:73 0160:53 0161:73 0162:54 0163:74 0164:54 0165:74 0166:54 0167:74 0168:55 0169:75 016a:55 016b:75 016c:55 016d:75 016e:55 016f:75 0170:55 0171:75 0172:55 0173:75 0174:57 0175:77 0176:59 0177:79 0178:59 0179:5a 017b:5a 017c:7a 017d:5a 017e:7a 0180:62 0197:49 019a:6c 019f:4f 01a0:4f 01a1:6f 01ab:74 01ae:54 01af:55 01b0:75 01b6:7a 01c3:21 01cd:41 01ce:61 01cf:49 01d0:69 01d1:4f 01d2:6f 01d3:55 01d4:75 01d5:55 01d6:75 01d7:55 01d8:75 01d9:55 01da:75 01db:55 01dc:75 01de:41 01df:61 01e4:47 01e5:67 01e6:47 01e7:67 01e8:4b 01e9:6b 01ea:4f 01eb:6f 01ec:4f 01ed:6f 01f0:6a 0261:67 0278:66 02b9:27 02ba:22 02bc:27 02c4:5e 02c6:5e 02c8:27 02c9:16 02ca:2f 02cb:60 02cd:5f 02dc:7e 0300:60 0301:2f 0302:5e 0303:7e 0304:16 0305:16 0308:22 030e:22 0327:2c 0331:5f 0332:5f 037e:3b 04bb:68 0589:3a 066a:25 2000:20 2001:20 2002:20 2003:20 2004:20 2005:20 2006:20 2010:2d 2011:2d 2013:2d 2014:2d 2017:5f 2018:27 2019:27 201a:27 201c:22 201d:22 201e:22 2022:07 2024:07 2026:07 2030:25 2032:27 2035:27 2039:3c 203a:3e 203c:13 2044:2f 2070:30 2074:34 2075:35 2076:36 2077:37 2078:38 2080:30 2081:31 2083:33 2084:34 2085:35 2086:36 2087:37 2088:38 2089:39 20dd:4f 2102:43 2107:45 210a:67 210b:48 210c:48 210d:48 210e:68 2110:49 2111:49 2112:4c 2113:6c 2115:4e 2118:70 2119:50 211a:51 211b:52 211c:52 211d:52 2122:74 2124:5a 2128:5a 212a:4b 212c:42 212d:43 212e:65 212f:65 2130:45 2131:46 2133:4d 2134:6f 2190:1b 2191:18 2192:1a 2193:19 2194:1d 2195:12 21a8:17 2205:4f 2212:5f 2215:2f 2216:5c 2217:2a 221f:1c 2223:7c 2236:3a 223c:7e 22c5:07 2302:7f 2303:5e 2329:3c 232a:3e 25ac:16 25b2:1e 25ba:10 25bc:1f 25c4:11 25cb:09 25d8:08 25d9:0a 263a:01 263b:02 263c:0f 2640:0c 2642:0b 2660:06 2663:05 2665:03 2666:04 266a:0d 266b:0e 3000:20 3007:4f 3008:3c 3009:3e 301a:5b 301b:5d 30fb:07 + +863 (OEM - Canadian French) +00a1:21 00a5:59 00a9:63 00aa:61 00ad:16 00ae:72 00b9:33 00ba:6f 00c1:41 00c3:41 00c4:41 00c5:41 00c6:41 00cc:49 00cd:49 00d0:44 00d1:4e 00d2:4f 00d3:4f 00d5:4f 00d6:4f 00d7:58 00d8:4f 00da:55 00dd:59 00de:54 00e1:61 00e3:61 00e4:61 00e5:61 00e6:61 00ec:69 00ed:69 00f0:64 00f1:6e 00f2:6f 00f5:6f 00f6:6f 00f8:6f 00fd:79 00fe:74 00ff:79 0100:41 0101:61 0102:41 0103:61 0104:41 0105:61 0106:43 0107:63 0108:43 0109:63 010a:43 010b:63 010c:43 010d:63 010e:44 010f:64 0110:44 0111:64 0112:45 0113:65 0114:45 0115:65 0116:45 0117:65 0118:45 0119:65 011a:45 011b:65 011c:47 011d:67 011e:47 011f:67 0120:47 0121:67 0122:47 0123:67 0124:48 0125:68 0126:48 0127:68 0128:49 0129:69 012a:49 012b:69 012c:49 012d:69 012e:49 012f:69 0130:49 0131:69 0134:4a 0135:6a 0136:4b 0137:6b 0139:4c 013a:6c 013b:4c 013c:6c 013d:4c 013e:6c 0141:4c 0142:6c 0143:4e 0144:6e 0145:4e 0146:6e 0147:4e 0148:6e 014c:4f 014d:6f 014e:4f 014f:6f 0150:4f 0151:6f 0152:4f 0153:6f 0154:52 0155:72 0156:52 0157:72 0158:52 0159:72 015a:53 015b:73 015c:53 015d:73 015e:53 015f:73 0160:53 0161:73 0162:54 0163:74 0164:54 0165:74 0166:54 0167:74 0168:55 0169:75 016a:55 016b:75 016c:55 016d:75 016e:55 016f:75 0170:55 0171:75 0172:55 0173:75 0174:57 0175:77 0176:59 0177:79 0178:59 0179:5a 017b:5a 017c:7a 017d:5a 017e:7a 0180:62 0189:44 0197:49 019a:6c 019f:4f 01a0:4f 01a1:6f 01ab:74 01ae:54 01af:55 01b0:75 01b6:7a 01c3:21 01cd:41 01ce:61 01cf:49 01d0:69 01d1:4f 01d2:6f 01d3:55 01d4:75 01d5:55 01d6:75 01d7:55 01d8:75 01d9:55 01da:75 01db:55 01dc:75 01de:41 01df:61 01e4:47 01e5:67 01e6:47 01e7:67 01e8:4b 01e9:6b 01ea:4f 01eb:6f 01ec:4f 01ed:6f 01f0:6a 0261:67 02b9:22 02ba:27 02bc:27 02c4:5e 02c6:5e 02c8:27 02c9:16 02cb:60 02cd:5f 02dc:7e 0300:60 0302:5e 0303:7e 0304:16 0305:16 0331:5f 0332:5f 037e:3b 04bb:68 0589:3a 066a:25 2000:20 2001:20 2002:20 2003:20 2004:20 2005:20 2006:20 2010:2d 2011:2d 2013:2d 2014:2d 2018:27 2019:27 201a:27 201c:22 201d:22 201e:22 2022:07 2024:07 2026:07 2030:25 2032:27 2035:27 2039:3c 203a:3e 203c:13 2044:2f 2070:30 2074:34 2075:35 2076:36 2077:37 2078:38 2080:30 2081:31 2084:34 2085:35 2086:36 2087:37 2088:38 2089:39 20a7:50 20dd:4f 2102:43 2107:45 210a:67 210b:48 210c:48 210d:48 210e:68 2110:49 2111:49 2112:4c 2113:6c 2115:4e 2118:70 2119:50 211a:51 211b:52 211c:52 211d:52 2122:74 2124:5a 2128:5a 212a:4b 212b:41 212c:42 212d:43 212e:65 212f:65 2130:45 2131:46 2133:4d 2134:6f 2190:1b 2191:18 2192:1a 2193:19 2194:1d 2195:12 21a8:17 2205:4f 2212:5f 2215:2f 2216:5c 2217:2a 221f:1c 2223:7c 2236:3a 223c:7e 22c5:07 2302:7f 2303:5e 2329:3c 232a:3e 25ac:16 25b2:1e 25ba:10 25bc:1f 25c4:11 25cb:09 25d8:08 25d9:0a 263a:01 263b:02 263c:0f 2640:0c 2642:0b 2660:06 2663:05 2665:03 2666:04 266a:0d 266b:0e 3000:20 3007:4f 3008:3c 3009:3e 301a:5b 301b:5d 30fb:07 + +865 (OEM - Nordic) +00a2:63 00a5:59 00a7:15 00a8:22 00a9:63 00ad:5f 00ae:72 00af:16 00b3:33 00b4:2f 00b6:14 00b8:2c 00b9:31 00bb:3e 00be:33 00c0:41 00c1:41 00c2:41 00c3:41 00c8:45 00ca:45 00cb:45 00cc:49 00cd:49 00ce:49 00cf:49 00d0:44 00d2:4f 00d3:4f 00d4:4f 00d5:4f 00d7:58 00d9:55 00da:55 00db:55 00dd:59 00de:54 00e3:61 00f0:64 00f5:6f 00fd:79 00fe:74 0100:41 0101:61 0102:41 0103:61 0104:41 0105:61 0106:43 0107:63 0108:43 0109:63 010a:43 010b:63 010c:43 010d:63 010e:44 010f:64 0110:44 0111:64 0112:45 0113:65 0114:45 0115:65 0116:45 0117:65 0118:45 0119:65 011a:45 011b:65 011c:47 011d:67 011e:47 011f:67 0120:47 0121:67 0122:47 0123:67 0124:48 0125:68 0126:48 0127:68 0128:49 0129:69 012a:49 012b:69 012c:49 012d:69 012e:49 012f:69 0130:49 0131:69 0134:4a 0135:6a 0136:4b 0137:6b 0139:4c 013a:6c 013b:4c 013c:6c 013d:4c 013e:6c 0141:4c 0142:6c 0143:4e 0144:6e 0145:4e 0146:6e 0147:4e 0148:6e 014c:4f 014d:6f 014e:4f 014f:6f 0150:4f 0151:6f 0152:4f 0153:6f 0154:52 0155:72 0156:52 0157:72 0158:52 0159:72 015a:53 015b:73 015c:53 015d:73 015e:53 015f:73 0160:53 0161:73 0162:54 0163:74 0164:54 0165:74 0166:54 0167:74 0168:55 0169:75 016a:55 016b:75 016c:55 016d:75 016e:55 016f:75 0170:55 0171:75 0172:55 0173:75 0174:57 0175:77 0176:59 0177:79 0178:59 0179:5a 017b:5a 017c:7a 017d:5a 017e:7a 0180:62 0189:44 0197:49 019a:6c 019f:4f 01a0:4f 01a1:6f 01ab:74 01ae:54 01af:55 01b0:75 01b6:7a 01c3:21 01cd:41 01ce:61 01cf:49 01d0:69 01d1:4f 01d2:6f 01d3:55 01d4:75 01d5:55 01d6:75 01d7:55 01d8:75 01d9:55 01da:75 01db:55 01dc:75 01de:41 01df:61 01e4:47 01e5:67 01e6:47 01e7:67 01e8:4b 01e9:6b 01ea:4f 01eb:6f 01ec:4f 01ed:6f 01f0:6a 0261:67 02b9:27 02ba:22 02bc:27 02c4:5e 02c6:5e 02c8:27 02c9:16 02ca:2f 02cb:60 02cd:5f 02dc:7e 0300:60 0301:2f 0302:5e 0303:7e 0304:16 0305:16 0308:22 030e:22 0327:2c 0331:5f 0332:5f 037e:3b 04bb:68 0589:3a 066a:25 2000:20 2001:20 2002:20 2003:20 2004:20 2005:20 2006:20 2010:2d 2011:2d 2013:2d 2014:2d 2017:5f 2018:27 2019:27 201a:27 201c:22 201d:22 201e:22 2022:07 2024:07 2026:07 2030:25 2032:27 2035:27 2039:3c 203a:3e 203c:13 2044:2f 2070:30 2074:34 2075:35 2076:36 2077:37 2078:38 2080:30 2081:31 2083:33 2084:34 2085:35 2086:36 2087:37 2088:38 2089:39 20dd:4f 2102:43 2107:45 210a:67 210b:48 210c:48 210d:48 210e:68 2110:49 2111:49 2112:4c 2113:6c 2115:4e 2118:70 2119:50 211a:51 211b:52 211c:52 211d:52 2122:74 2124:5a 2128:5a 212a:4b 212c:42 212d:43 212e:65 212f:65 2130:45 2131:46 2133:4d 2134:6f 2190:1b 2191:18 2192:1a 2193:19 2194:1d 2195:12 21a8:17 2205:4f 2212:5f 2215:2f 2216:5c 2217:2a 221f:1c 2223:7c 2236:3a 223c:7e 226b:3c 22c5:07 2302:7f 2303:5e 2329:3c 232a:3e 25ac:16 25b2:1e 25ba:10 25bc:1f 25c4:11 25cb:09 25d8:08 25d9:0a 263a:01 263b:02 263c:0f 2640:0c 2642:0b 2660:06 2663:05 2665:03 2666:04 266a:0d 266b:0e 3000:20 3007:4f 3008:3c 3009:3e 300b:3e 301a:5b 301b:5d 30fb:07 + +874 (ANSI/OEM - Thai) +00a7:15 00b6:14 203c:13 2190:1b 2191:18 2192:1a 2193:19 2194:1d 2195:12 21a8:17 221f:1c 2302:7f 25ac:16 25b2:1e 25ba:10 25bc:1f 25c4:11 25cb:09 25d8:08 25d9:0a 263a:01 263b:02 263c:0f 2640:0c 2642:0b 2660:06 2663:05 2665:03 2666:04 266a:0d 266b:0e ff01:21 ff02:22 ff03:23 ff04:24 ff05:25 ff06:26 ff07:27 ff08:28 ff09:29 ff0a:2a ff0b:2b ff0c:2c ff0d:2d ff0e:2e ff0f:2f ff10:30 ff11:31 ff12:32 ff13:33 ff14:34 ff15:35 ff16:36 ff17:37 ff18:38 ff19:39 ff1a:3a ff1b:3b ff1c:3c ff1d:3d ff1e:3e ff20:40 ff21:41 ff22:42 ff23:43 ff24:44 ff25:45 ff26:46 ff27:47 ff28:48 ff29:49 ff2a:4a ff2b:4b ff2c:4c ff2d:4d ff2e:4e ff2f:4f ff30:50 ff31:51 ff32:52 ff33:53 ff34:54 ff35:55 ff36:56 ff37:57 ff38:58 ff39:59 ff3a:5a ff3b:5b ff3c:5c ff3d:5d ff3e:5e ff3f:5f ff40:60 ff41:61 ff42:62 ff43:63 ff44:64 ff45:65 ff46:66 ff47:67 ff48:68 ff49:69 ff4a:6a ff4b:6b ff4c:6c ff4d:6d ff4e:6e ff4f:6f ff50:70 ff51:71 ff52:72 ff53:73 ff54:74 ff55:75 ff56:76 ff57:77 ff58:78 ff59:79 ff5a:7a ff5b:7b ff5c:7c ff5d:7d ff5e:7e + +932 (ANSI/OEM - Japanese Shift-JIS) +00a1:21 00a5:5c 00a6:7c 00a9:63 00aa:61 00ad:2d 00ae:52 00b2:32 00b3:33 00b9:31 00ba:6f 00c0:41 00c1:41 00c2:41 00c3:41 00c4:41 00c5:41 00c6:41 00c7:43 00c8:45 00c9:45 00ca:45 00cb:45 00cc:49 00cd:49 00ce:49 00cf:49 00d0:44 00d1:4e 00d2:4f 00d3:4f 00d4:4f 00d5:4f 00d6:4f 00d8:4f 00d9:55 00da:55 00db:55 00dc:55 00dd:59 00de:54 00df:73 00e0:61 00e1:61 00e2:61 00e3:61 00e4:61 00e5:61 00e6:61 00e7:63 00e8:65 00e9:65 00ea:65 00eb:65 00ec:69 00ed:69 00ee:69 00ef:69 00f0:64 00f1:6e 00f2:6f 00f3:6f 00f4:6f 00f5:6f 00f6:6f 00f8:6f 00f9:75 00fa:75 00fb:75 00fc:75 00fd:79 00fe:74 00ff:79 + +936 (ANSI/OEM - Simplified Chinese GBK) +00a6:7c 00aa:61 00ad:2d 00b2:32 00b3:33 00b9:31 00ba:6f 00d0:44 00dd:59 00de:54 00e2:61 00f0:65 00fd:79 00fe:74 + +949 (ANSI/OEM - Korean) +00a6:7c 00c0:41 00c1:41 00c2:41 00c3:41 00c4:41 00c5:41 00c7:43 00c8:45 00c9:45 00ca:45 00cb:45 00cc:49 00cd:49 00ce:49 00cf:49 00d1:4e 00d2:4f 00d3:4f 00d4:4f 00d5:4f 00d6:4f 00d9:55 00da:55 00db:55 00dc:55 00dd:59 00e0:61 00e1:61 00e2:61 00e3:61 00e4:61 00e5:61 00e7:63 00e8:65 00e9:65 00ea:65 00eb:65 00ec:69 00ed:69 00ee:69 00ef:69 00f1:6e 00f2:6f 00f3:6f 00f4:6f 00f5:6f 00f6:6f 00f9:75 00fa:75 00fb:75 00fc:75 00fd:79 00ff:79 20a9:5c + +950 (ANSI/OEM - Traditional Chinese Big5) +00a1:21 00a6:7c 00a9:63 00aa:61 00ad:2d 00ae:52 00b2:32 00b3:33 00b9:31 00ba:6f 00c0:41 00c1:41 00c2:41 00c3:41 00c4:41 00c5:41 00c6:41 00c7:43 00c8:45 00c9:45 00ca:45 00cb:45 00cc:49 00cd:49 00ce:49 00cf:49 00d0:44 00d1:4e 00d2:4f 00d3:4f 00d4:4f 00d5:4f 00d6:4f 00d8:4f 00d9:55 00da:55 00db:55 00dc:55 00dd:59 00de:54 00df:73 00e0:61 00e1:61 00e2:61 00e3:61 00e4:61 00e5:61 00e6:61 00e7:63 00e8:65 00e9:65 00ea:65 00eb:65 00ec:69 00ed:69 00ee:69 00ef:69 00f0:65 00f1:6e 00f2:6f 00f3:6f 00f4:6f 00f5:6f 00f6:6f 00f8:6f 00f9:75 00fa:75 00fb:75 00fc:75 00fd:79 00fe:74 00ff:79 + +65000 (UTF-7) + + +65001 (UTF-8) + + --- snort-2.3.3.orig/rules/threshold.conf +++ snort-2.3.3/rules/threshold.conf @@ -0,0 +1,61 @@ +# Configure Thresholding and Suppression +# ====================================== +# +# Thresholding: +# +# This feature is used to reduce the number of logged alerts for noisy rules. +# This can be tuned to significantly reduce false alarms, and it can also be +# used to write a newer breed of rules. Thresholding commands limit the number +# of times a particular event is logged during a specified time interval. +# There are 3 types of thresholding: +# +# 1) Limit +# Alert on the 1st M events during the time interval, then ignore +# events +# for the rest of the time interval. +# 2) Threshold +# Alert every M times we see this event during the time interval. +# 3) Both +# Alert once per time interval after seeing M occurrences of the +# event, +# then ignore any additional events during the time interval. +# +# Threshold commands are formatted as: +# threshold gen_id gen-id, sig_id sig-id, type limit|threshold|both, track +# by_src|by_dst, count n , seconds m +# +# Limit to logging 1 event per 60 seconds +# threshold gen_id 1, sig_id 1851, type limit, track by_src, count 1, seconds +# 60 + +# Global Threshold - Limit to logging 1 event per 60 seconds per IP triggering +# each rule (rules are gen_id 1). +# threshold gen_id 1, sig_id 0, type limit, track by_src, count 1, seconds 60 + +# Global Threshold - Limit to logging 1 event per 60 seconds per IP triggering +# any alert for any event generator +# threshold gen_id 0, sig_id 0, type limit, track by_src, count 1, seconds 60 +# +# Thresholding does not need to be a stand-alone command, and can instead be +# written directly into a rule. Please see README.thresholding for more +# information on thresholding. +# +# Suppression: +# +# Suppression commands are standalone commands that reference generators and +# sids and IP addresses via a CIDR block. This allows a rule to be completely +# suppressed, or suppressed when the causitive traffic is going to or comming +# from a specific IP or group of IP addresses. +# +# Suppress this event completely +# +# suppress gen_id 1, sig_id 1852 +# +# Suppress this event from this IP +# +# suppress gen_id 1, sig_id 1852, track by_src, ip 10.1.1.54 +# +# Suppress this event to this CIDR block +# +# suppress gen_id 1, sig_id 1852, track by_dst, ip 10.1.1.0/24 + --- snort-2.3.3.orig/rules/reference.config +++ snort-2.3.3/rules/reference.config @@ -0,0 +1,14 @@ +# $Id: reference.config,v 1.4 2003/10/20 15:03:04 chrisgreen Exp $ +# The following defines URLs for the references found in the rules +# +# config reference: system URL + +config reference: bugtraq http://www.securityfocus.com/bid/ +config reference: cve http://cve.mitre.org/cgi-bin/cvename.cgi?name= +config reference: arachNIDS http://www.whitehats.com/info/IDS + +# Note, this one needs a suffix as well.... lets add that in a bit. +config reference: McAfee http://vil.nai.com/vil/content/v_ +config reference: nessus http://cgi.nessus.org/plugins/dump.php3?id= +config reference: url http:// + --- snort-2.3.3.orig/rules/classification.config +++ snort-2.3.3/rules/classification.config @@ -0,0 +1,66 @@ +# $Id: classification.config,v 1.11 2003/10/20 15:03:03 chrisgreen Exp $ +# The following includes information for prioritizing rules +# +# Each classification includes a shortname, a description, and a default +# priority for that classification. +# +# This allows alerts to be classified and prioritized. You can specify +# what priority each classification has. Any rule can override the default +# priority for that rule. +# +# Here are a few example rules: +# +# alert TCP any any -> any 80 (msg: "EXPLOIT ntpdx overflow"; +# dsize: > 128; classtype:attempted-admin; priority:10; +# +# alert TCP any any -> any 25 (msg:"SMTP expn root"; flags:A+; \ +# content:"expn root"; nocase; classtype:attempted-recon;) +# +# The first rule will set its type to "attempted-admin" and override +# the default priority for that type to 10. +# +# The second rule set its type to "attempted-recon" and set its +# priority to the default for that type. +# + +# +# config classification:shortname,short description,priority +# + +config classification: not-suspicious,Not Suspicious Traffic,3 +config classification: unknown,Unknown Traffic,3 +config classification: bad-unknown,Potentially Bad Traffic, 2 +config classification: attempted-recon,Attempted Information Leak,2 +config classification: successful-recon-limited,Information Leak,2 +config classification: successful-recon-largescale,Large Scale Information Leak,2 +config classification: attempted-dos,Attempted Denial of Service,2 +config classification: successful-dos,Denial of Service,2 +config classification: attempted-user,Attempted User Privilege Gain,1 +config classification: unsuccessful-user,Unsuccessful User Privilege Gain,1 +config classification: successful-user,Successful User Privilege Gain,1 +config classification: attempted-admin,Attempted Administrator Privilege Gain,1 +config classification: successful-admin,Successful Administrator Privilege Gain,1 + + +# NEW CLASSIFICATIONS +config classification: rpc-portmap-decode,Decode of an RPC Query,2 +config classification: shellcode-detect,Executable code was detected,1 +config classification: string-detect,A suspicious string was detected,3 +config classification: suspicious-filename-detect,A suspicious filename was detected,2 +config classification: suspicious-login,An attempted login using a suspicious username was detected,2 +config classification: system-call-detect,A system call was detected,2 +config classification: tcp-connection,A TCP connection was detected,4 +config classification: trojan-activity,A Network Trojan was detected, 1 +config classification: unusual-client-port-connection,A client was using an unusual port,2 +config classification: network-scan,Detection of a Network Scan,3 +config classification: denial-of-service,Detection of a Denial of Service Attack,2 +config classification: non-standard-protocol,Detection of a non-standard protocol or event,2 +config classification: protocol-command-decode,Generic Protocol Command Decode,3 +config classification: web-application-activity,access to a potentially vulnerable web application,2 +config classification: web-application-attack,Web Application Attack,1 +config classification: misc-activity,Misc activity,3 +config classification: misc-attack,Misc Attack,2 +config classification: icmp-event,Generic ICMP event,3 +config classification: kickass-porn,SCORE! Get the lotion!,1 +config classification: policy-violation,Potential Corporate Privacy Violation,1 +config classification: default-login-attempt,Attempt to login by a default username and password,2 --- snort-2.3.3.orig/rules/gen-msg.map +++ snort-2.3.3/rules/gen-msg.map @@ -0,0 +1,131 @@ +# $Id: gen-msg.map,v 1.13.4.1 2004/09/14 21:09:08 bmc Exp $ +# GENERATORS -> msg map +# Format: generatorid || signatureid || MSG + +1 || 1 || snort general alert +2 || 1 || tag: Tagged Packet +100 || 1 || spp_portscan: Portscan Detected +100 || 2 || spp_portscan: Portscan Status +100 || 3 || spp_portscan: Portscan Ended +101 || 1 || spp_minfrag: minfrag alert +102 || 1 || http_decode: Unicode Attack +102 || 2 || http_decode: CGI NULL Byte Attack +102 || 3 || http_decode: large method attempted +102 || 4 || http_decode: missing uri +102 || 5 || http_decode: double encoding detected +102 || 6 || http_decode: illegal hex values detected +102 || 7 || http_decode: overlong character detected +103 || 1 || spp_defrag: Fragmentation Overflow Detected +103 || 2 || spp_defrag: Stale Fragments Discarded +104 || 1 || spp_anomsensor: SPADE Anomaly Threshold Exceeded +104 || 2 || spp_anomsensor: SPADE Anomaly Threshold Adjusted +105 || 1 || spp_bo: Back Orifice Traffic Detected +106 || 1 || spp_rpc_decode: Fragmented RPC Records +106 || 2 || spp_rpc_decode: Multiple Records in one packet +106 || 3 || spp_rpc_decode: Large RPC Record Fragment +106 || 4 || spp_rpc_decode: Incomplete RPC segment +110 || 1 || spp_unidecode: CGI NULL Attack +110 || 2 || spp_unidecode: Directory Traversal +110 || 3 || spp_unidecode: Unknown Mapping +110 || 4 || spp_unidecode: Invalid Mapping +111 || 1 || spp_stream4: Stealth Activity Detected +111 || 2 || spp_stream4: Evasive Reset Packet +111 || 3 || spp_stream4: Retransmission +111 || 4 || spp_stream4: Window Violation +111 || 5 || spp_stream4: Data on SYN Packet +111 || 6 || spp_stream4: Full XMAS Stealth Scan +111 || 7 || spp_stream4: SAPU Stealth Scan +111 || 8 || spp_stream4: FIN Stealth Scan +111 || 9 || spp_stream4: NULL Stealth Scan +111 || 10 || spp_stream4: NMAP XMAS Stealth Scan +111 || 11 || spp_stream4: VECNA Stealth Scan +111 || 12 || spp_stream4: NMAP Fingerprint Stateful Detection +111 || 13 || spp_stream4: SYN FIN Stealth Scan +111 || 14 || spp_stream4: TCP forward overlap detected +111 || 15 || spp_stream4: TTL Evasion attempt +111 || 16 || spp_stream4: Evasive retransmitited data attempt +111 || 17 || spp_stream4: Evasive retransmitited data with the data split attempt +111 || 18 || spp_stream4: Multiple acked +111 || 19 || spp_stream4: Shifting to Emegency Session Mode +111 || 20 || spp_stream4: Shifting to Suspend Mode +112 || 1 || spp_arpspoof: Directed ARP Request +112 || 2 || spp_arpspoof: Etherframe ARP Mismatch SRC +112 || 3 || spp_arpspoof: Etherframe ARP Mismatch DST +112 || 4 || spp_arpspoof: ARP Cache Overwrite Attack +113 || 1 || spp_frag2: Oversized Frag +113 || 2 || spp_frag2: Teardrop/Fragmentation Overlap Attack +113 || 3 || spp_frag2: TTL evasion detected +113 || 4 || spp_frag2: overlap detected +113 || 5 || spp_frag2: Duplicate first fragments +113 || 6 || spp_frag2: memcap exceeded +113 || 7 || spp_frag2: Out of order fragments +113 || 8 || spp_frag2: IP Options on Fragmented Packet +113 || 9 || spp_frag2: Shifting to Emegency Session Mode +113 || 10 || spp_frag2: Shifting to Suspend Mode +114 || 1 || spp_fnord: Possible Mutated GENERIC NOP Sled detected +114 || 2 || spp_fnord: Possible Mutated IA32 NOP Sled detected +114 || 3 || spp_fnord: Possible Mutated HPPA NOP Sled detected +114 || 4 || spp_fnord: Possible Mutated SPARC NOP Sled detected +115 || 1 || spp_asn1: Indefinite ASN.1 length encoding +115 || 2 || spp_asn1: Invalid ASN.1 length encoding +115 || 3 || spp_asn1: ASN.1 oversized item, possible overflow +115 || 4 || spp_asn1: ASN.1 spec violation, possible overflow +115 || 5 || spp_asn1: ASN.1 Attack: Datum length > packet length +116 || 1 || snort_decoder: Not IPv4 datagram! +116 || 2 || snort_decoder: WARNING: Not IPv4 datagram! +116 || 3 || snort_decoder: WARNING: hlen < IP_HEADER_LEN! +116 || 4 || snort_decoder: Bad IPv4 Options +116 || 5 || snort_decoder: Truncated IPv4 Options +116 || 45 || snort_decoder: TCP packet len is smaller than 20 bytes! +116 || 46 || snort_decoder: TCP Data Offset is less than 5! +116 || 47 || snort_decoder: TCP Data Offset is longer than payload! +116 || 54 || snort_decoder: Tcp Options found with bad lengths +116 || 55 || snort_decoder: Truncated Tcp Options +116 || 56 || snort_decoder: T/TCP Detected +116 || 57 || snort_decoder: Obsolete TCP options +116 || 58 || snort_decoder: Experimental TCP options +116 || 95 || snort_decoder: Truncated UDP Header! +116 || 96 || snort_decoder: Invalid UDP header, length field < 8 +116 || 97 || snort_decoder: Short UDP packet, length field > payload length +116 || 105 || snort_decoder: ICMP Header Truncated! +116 || 106 || snort_decoder: ICMP Timestamp Header Truncated! +116 || 107 || snort_decoder: ICMP Address Header Truncated! +116 || 108 || snort_decoder: Unknown Datagram decoding problem! +116 || 109 || snort_decoder: Unknown Datagram decoding problem! +116 || 110 || snort_decoder: Truncated EAP Header! +116 || 111 || snort_decoder: EAP Key Truncated! +116 || 112 || snort_decoder: EAP Header Truncated! +116 || 120 || snort_decoder: WARNING: Bad PPPOE frame detected! +116 || 130 || snort_decoder: WARNING: Bad VLAN Frame! +116 || 131 || snort_decoder: WARNING: Bad LLC header! +116 || 132 || snort_decoder: WARNING: Bad Extra LLC Info! +116 || 133 || snort_decoder: WARNING: Bad 802.11 LLC header! +116 || 134 || snort_decoder: WARNING: Bad 802.11 Extra LLC Info! +116 || 140 || snort_decoder: WARNING: Bad Token Ring Header! +116 || 141 || snort_decoder: WARNING: Bad Token Ring ETHLLC Header! +116 || 142 || snort_decoder: WARNING: Bad Token Ring MRLEN Header! +116 || 143 || snort_decoder: WARNING: Bad Token Ring MR Header! +117 || 1 || spp_portscan2: Portscan detected! +118 || 1 || spp_conversation: Bad IP protocol! +119 || 1 || http_inspect: ASCII ENCODING +119 || 2 || http_inspect: DOUBLE DECODING ATTACK +119 || 3 || http_inspect: U ENCODING +119 || 4 || http_inspect: BARE BYTE UNICODE ENCODING +119 || 5 || http_inspect: BASE36 ENCODING +119 || 6 || http_inspect: UTF-8 ENCODING +119 || 7 || http_inspect: IIS UNICODE CODEPOINT ENCODING +119 || 8 || http_inspect: MULTI_SLASH ENCODING +119 || 9 || http_inspect: IIS BACKSLASH EVASION +119 || 10 || http_inspect: SELF DIRECTORY TRAVERSAL +119 || 11 || http_inspect: DIRECTORY TRAVERSAL +119 || 12 || http_inspect: APACHE WHITESPACE (TAB) +119 || 13 || http_inspect: NON-RFC HTTP DELIMITER +119 || 14 || http_inspect: NON-RFC DEFINED CHAR +119 || 15 || http_inspect: OVERSIZE REQUEST-URI DIRECTORY +119 || 16 || http_inspect: OVERSIZE CHUNK ENCODING +119 || 17 || http_inspect: UNAUTHORIZED PROXY USE DETECTED +120 || 1 || http_inspect: ANOMALOUS HTTP SERVER ON UNDEFINED HTTP PORT +121 || 1 || flow-portscan: Fixed Scale Scanner Limit Exceeded +121 || 2 || flow-portscan: Sliding Scale Scanner Limit Exceeded +121 || 3 || flow-portscan: Fixed Scale Talker Limit Exceeded +121 || 4 || flow-portscan: Sliding Scale Talker Limit Exceeded --- snort-2.3.3.orig/templates/Makefile.in +++ snort-2.3.3/templates/Makefile.in @@ -1,8 +1,8 @@ -# Makefile.in generated by automake 1.6.3 from Makefile.am. +# Makefile.in generated by automake 1.9.6 from Makefile.am. # @configure_input@ -# Copyright 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002 -# Free Software Foundation, Inc. +# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +# 2003, 2004, 2005 Free Software Foundation, Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -13,107 +13,183 @@ # PARTICULAR PURPOSE. @SET_MAKE@ -SHELL = @SHELL@ - srcdir = @srcdir@ top_srcdir = @top_srcdir@ VPATH = @srcdir@ -prefix = @prefix@ -exec_prefix = @exec_prefix@ - -bindir = @bindir@ -sbindir = @sbindir@ -libexecdir = @libexecdir@ -datadir = @datadir@ -sysconfdir = @sysconfdir@ -sharedstatedir = @sharedstatedir@ -localstatedir = @localstatedir@ -libdir = @libdir@ -infodir = @infodir@ -mandir = @mandir@ -includedir = @includedir@ -oldincludedir = /usr/include pkgdatadir = $(datadir)/@PACKAGE@ pkglibdir = $(libdir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ top_builddir = .. - -ACLOCAL = @ACLOCAL@ -AUTOCONF = @AUTOCONF@ -AUTOMAKE = @AUTOMAKE@ -AUTOHEADER = @AUTOHEADER@ - am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd INSTALL = @INSTALL@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_DATA = @INSTALL_DATA@ install_sh_DATA = $(install_sh) -c -m 644 install_sh_PROGRAM = $(install_sh) -c install_sh_SCRIPT = $(install_sh) -c -INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_HEADER = $(INSTALL_DATA) -transform = @program_transform_name@ +transform = $(program_transform_name) NORMAL_INSTALL = : PRE_INSTALL = : POST_INSTALL = : NORMAL_UNINSTALL = : PRE_UNINSTALL = : POST_UNINSTALL = : -host_alias = @host_alias@ +build_triplet = @build@ host_triplet = @host@ - -EXEEXT = @EXEEXT@ -OBJEXT = @OBJEXT@ -PATH_SEPARATOR = @PATH_SEPARATOR@ +subdir = templates +DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in +ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 +am__aclocal_m4_deps = $(top_srcdir)/configure.in +am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ + $(ACLOCAL_M4) +mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs +CONFIG_HEADER = $(top_builddir)/config.h +CONFIG_CLEAN_FILES = +depcomp = +am__depfiles_maybe = +SOURCES = +DIST_SOURCES = +DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) +ACLOCAL = @ACLOCAL@ +AMDEP_FALSE = @AMDEP_FALSE@ +AMDEP_TRUE = @AMDEP_TRUE@ AMTAR = @AMTAR@ +AUTOCONF = @AUTOCONF@ +AUTOHEADER = @AUTOHEADER@ +AUTOMAKE = @AUTOMAKE@ AWK = @AWK@ CC = @CC@ +CCDEPMODE = @CCDEPMODE@ +CFLAGS = @CFLAGS@ +CPP = @CPP@ +CPPFLAGS = @CPPFLAGS@ +CYGPATH_W = @CYGPATH_W@ +DEFS = @DEFS@ DEPDIR = @DEPDIR@ +ECHO_C = @ECHO_C@ +ECHO_N = @ECHO_N@ +ECHO_T = @ECHO_T@ +EGREP = @EGREP@ +EXEEXT = @EXEEXT@ INCLUDES = @INCLUDES@ +INSTALL_DATA = @INSTALL_DATA@ +INSTALL_PROGRAM = @INSTALL_PROGRAM@ +INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +LDFLAGS = @LDFLAGS@ +LIBOBJS = @LIBOBJS@ +LIBS = @LIBS@ +LTLIBOBJS = @LTLIBOBJS@ +MAINT = @MAINT@ +MAINTAINER_MODE_FALSE = @MAINTAINER_MODE_FALSE@ +MAINTAINER_MODE_TRUE = @MAINTAINER_MODE_TRUE@ +MAKEINFO = @MAKEINFO@ +OBJEXT = @OBJEXT@ PACKAGE = @PACKAGE@ +PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +PACKAGE_NAME = @PACKAGE_NAME@ +PACKAGE_STRING = @PACKAGE_STRING@ +PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_VERSION = @PACKAGE_VERSION@ +PATH_SEPARATOR = @PATH_SEPARATOR@ RANLIB = @RANLIB@ +SET_MAKE = @SET_MAKE@ +SHELL = @SHELL@ STRIP = @STRIP@ VERSION = @VERSION@ +ac_ct_CC = @ac_ct_CC@ +ac_ct_RANLIB = @ac_ct_RANLIB@ +ac_ct_STRIP = @ac_ct_STRIP@ +am__fastdepCC_FALSE = @am__fastdepCC_FALSE@ +am__fastdepCC_TRUE = @am__fastdepCC_TRUE@ am__include = @am__include@ +am__leading_dot = @am__leading_dot@ am__quote = @am__quote@ +am__tar = @am__tar@ +am__untar = @am__untar@ +bindir = @bindir@ +build = @build@ +build_alias = @build_alias@ +build_cpu = @build_cpu@ +build_os = @build_os@ +build_vendor = @build_vendor@ +datadir = @datadir@ +exec_prefix = @exec_prefix@ extra_incl = @extra_incl@ +host = @host@ +host_alias = @host_alias@ +host_cpu = @host_cpu@ +host_os = @host_os@ +host_vendor = @host_vendor@ +includedir = @includedir@ +infodir = @infodir@ install_sh = @install_sh@ +libdir = @libdir@ +libexecdir = @libexecdir@ +localstatedir = @localstatedir@ +mandir = @mandir@ +mkdir_p = @mkdir_p@ +oldincludedir = @oldincludedir@ +prefix = @prefix@ +program_transform_name = @program_transform_name@ +sbindir = @sbindir@ +sharedstatedir = @sharedstatedir@ +sysconfdir = @sysconfdir@ +target_alias = @target_alias@ AUTOMAKE_OPTIONS = foreign no-dependencies - EXTRA_DIST = sp_template.c spp_template.c sp_template.h spp_template.h -subdir = templates -mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs -CONFIG_HEADER = $(top_builddir)/config.h -CONFIG_CLEAN_FILES = -depcomp = -am__depfiles_maybe = -DIST_SOURCES = -DIST_COMMON = Makefile.am Makefile.in all: all-am .SUFFIXES: -$(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) +$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps) + @for dep in $?; do \ + case '$(am__configure_deps)' in \ + *$$dep*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ + && exit 0; \ + exit 1;; \ + esac; \ + done; \ + echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign templates/Makefile'; \ cd $(top_srcdir) && \ $(AUTOMAKE) --foreign templates/Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe) +.PRECIOUS: Makefile +Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status + @case '$?' in \ + *config.status*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ + *) \ + echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ + cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ + esac; + +$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh + +$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh uninstall-info-am: tags: TAGS TAGS: -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) +ctags: CTAGS +CTAGS: -top_distdir = .. -distdir = $(top_distdir)/$(PACKAGE)-$(VERSION) distdir: $(DISTFILES) - @list='$(DISTFILES)'; for file in $$list; do \ + @srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; \ + topsrcdirstrip=`echo "$(top_srcdir)" | sed 's|.|.|g'`; \ + list='$(DISTFILES)'; for file in $$list; do \ + case $$file in \ + $(srcdir)/*) file=`echo "$$file" | sed "s|^$$srcdirstrip/||"`;; \ + $(top_srcdir)/*) file=`echo "$$file" | sed "s|^$$topsrcdirstrip/|$(top_builddir)/|"`;; \ + esac; \ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ dir=`echo "$$file" | sed -e 's,/[^/]*$$,,'`; \ if test "$$dir" != "$$file" && test "$$dir" != "."; then \ dir="/$$dir"; \ - $(mkinstalldirs) "$(distdir)$$dir"; \ + $(mkdir_p) "$(distdir)$$dir"; \ else \ dir=''; \ fi; \ @@ -131,9 +207,7 @@ check-am: all-am check: check-am all-am: Makefile - installdirs: - install: install-am install-exec: install-exec-am install-data: install-data-am @@ -145,7 +219,7 @@ installcheck: installcheck-am install-strip: $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - INSTALL_STRIP_FLAG=-s \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ `test -z '$(STRIP)' || \ echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install mostlyclean-generic: @@ -153,7 +227,7 @@ clean-generic: distclean-generic: - -rm -f Makefile $(CONFIG_CLEAN_FILES) + -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) maintainer-clean-generic: @echo "This command is intended for maintainers to use" @@ -163,13 +237,15 @@ clean-am: clean-generic mostlyclean-am distclean: distclean-am - + -rm -f Makefile distclean-am: clean-am distclean-generic dvi: dvi-am dvi-am: +html: html-am + info: info-am info-am: @@ -185,22 +261,31 @@ installcheck-am: maintainer-clean: maintainer-clean-am - + -rm -f Makefile maintainer-clean-am: distclean-am maintainer-clean-generic mostlyclean: mostlyclean-am mostlyclean-am: mostlyclean-generic +pdf: pdf-am + +pdf-am: + +ps: ps-am + +ps-am: + uninstall-am: uninstall-info-am .PHONY: all all-am check check-am clean clean-generic distclean \ - distclean-generic distdir dvi dvi-am info info-am install \ - install-am install-data install-data-am install-exec \ + distclean-generic distdir dvi dvi-am html html-am info info-am \ + install install-am install-data install-data-am install-exec \ install-exec-am install-info install-info-am install-man \ install-strip installcheck installcheck-am installdirs \ maintainer-clean maintainer-clean-generic mostlyclean \ - mostlyclean-generic uninstall uninstall-am uninstall-info-am + mostlyclean-generic pdf pdf-am ps ps-am uninstall uninstall-am \ + uninstall-info-am # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. --- snort-2.3.3.orig/contrib/Makefile.in +++ snort-2.3.3/contrib/Makefile.in @@ -1,8 +1,8 @@ -# Makefile.in generated by automake 1.6.3 from Makefile.am. +# Makefile.in generated by automake 1.9.6 from Makefile.am. # @configure_input@ -# Copyright 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002 -# Free Software Foundation, Inc. +# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +# 2003, 2004, 2005 Free Software Foundation, Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -13,109 +13,185 @@ # PARTICULAR PURPOSE. @SET_MAKE@ -SHELL = @SHELL@ - srcdir = @srcdir@ top_srcdir = @top_srcdir@ VPATH = @srcdir@ -prefix = @prefix@ -exec_prefix = @exec_prefix@ - -bindir = @bindir@ -sbindir = @sbindir@ -libexecdir = @libexecdir@ -datadir = @datadir@ -sysconfdir = @sysconfdir@ -sharedstatedir = @sharedstatedir@ -localstatedir = @localstatedir@ -libdir = @libdir@ -infodir = @infodir@ -mandir = @mandir@ -includedir = @includedir@ -oldincludedir = /usr/include pkgdatadir = $(datadir)/@PACKAGE@ pkglibdir = $(libdir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ top_builddir = .. - -ACLOCAL = @ACLOCAL@ -AUTOCONF = @AUTOCONF@ -AUTOMAKE = @AUTOMAKE@ -AUTOHEADER = @AUTOHEADER@ - am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd INSTALL = @INSTALL@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_DATA = @INSTALL_DATA@ install_sh_DATA = $(install_sh) -c -m 644 install_sh_PROGRAM = $(install_sh) -c install_sh_SCRIPT = $(install_sh) -c -INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_HEADER = $(INSTALL_DATA) -transform = @program_transform_name@ +transform = $(program_transform_name) NORMAL_INSTALL = : PRE_INSTALL = : POST_INSTALL = : NORMAL_UNINSTALL = : PRE_UNINSTALL = : POST_UNINSTALL = : -host_alias = @host_alias@ +build_triplet = @build@ host_triplet = @host@ - -EXEEXT = @EXEEXT@ -OBJEXT = @OBJEXT@ -PATH_SEPARATOR = @PATH_SEPARATOR@ +subdir = contrib +DIST_COMMON = README $(srcdir)/Makefile.am $(srcdir)/Makefile.in +ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 +am__aclocal_m4_deps = $(top_srcdir)/configure.in +am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ + $(ACLOCAL_M4) +mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs +CONFIG_HEADER = $(top_builddir)/config.h +CONFIG_CLEAN_FILES = +depcomp = +am__depfiles_maybe = +SOURCES = +DIST_SOURCES = +DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) +ACLOCAL = @ACLOCAL@ +AMDEP_FALSE = @AMDEP_FALSE@ +AMDEP_TRUE = @AMDEP_TRUE@ AMTAR = @AMTAR@ +AUTOCONF = @AUTOCONF@ +AUTOHEADER = @AUTOHEADER@ +AUTOMAKE = @AUTOMAKE@ AWK = @AWK@ CC = @CC@ +CCDEPMODE = @CCDEPMODE@ +CFLAGS = @CFLAGS@ +CPP = @CPP@ +CPPFLAGS = @CPPFLAGS@ +CYGPATH_W = @CYGPATH_W@ +DEFS = @DEFS@ DEPDIR = @DEPDIR@ +ECHO_C = @ECHO_C@ +ECHO_N = @ECHO_N@ +ECHO_T = @ECHO_T@ +EGREP = @EGREP@ +EXEEXT = @EXEEXT@ INCLUDES = @INCLUDES@ +INSTALL_DATA = @INSTALL_DATA@ +INSTALL_PROGRAM = @INSTALL_PROGRAM@ +INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +LDFLAGS = @LDFLAGS@ +LIBOBJS = @LIBOBJS@ +LIBS = @LIBS@ +LTLIBOBJS = @LTLIBOBJS@ +MAINT = @MAINT@ +MAINTAINER_MODE_FALSE = @MAINTAINER_MODE_FALSE@ +MAINTAINER_MODE_TRUE = @MAINTAINER_MODE_TRUE@ +MAKEINFO = @MAKEINFO@ +OBJEXT = @OBJEXT@ PACKAGE = @PACKAGE@ +PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +PACKAGE_NAME = @PACKAGE_NAME@ +PACKAGE_STRING = @PACKAGE_STRING@ +PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_VERSION = @PACKAGE_VERSION@ +PATH_SEPARATOR = @PATH_SEPARATOR@ RANLIB = @RANLIB@ +SET_MAKE = @SET_MAKE@ +SHELL = @SHELL@ STRIP = @STRIP@ VERSION = @VERSION@ +ac_ct_CC = @ac_ct_CC@ +ac_ct_RANLIB = @ac_ct_RANLIB@ +ac_ct_STRIP = @ac_ct_STRIP@ +am__fastdepCC_FALSE = @am__fastdepCC_FALSE@ +am__fastdepCC_TRUE = @am__fastdepCC_TRUE@ am__include = @am__include@ +am__leading_dot = @am__leading_dot@ am__quote = @am__quote@ +am__tar = @am__tar@ +am__untar = @am__untar@ +bindir = @bindir@ +build = @build@ +build_alias = @build_alias@ +build_cpu = @build_cpu@ +build_os = @build_os@ +build_vendor = @build_vendor@ +datadir = @datadir@ +exec_prefix = @exec_prefix@ extra_incl = @extra_incl@ +host = @host@ +host_alias = @host_alias@ +host_cpu = @host_cpu@ +host_os = @host_os@ +host_vendor = @host_vendor@ +includedir = @includedir@ +infodir = @infodir@ install_sh = @install_sh@ +libdir = @libdir@ +libexecdir = @libexecdir@ +localstatedir = @localstatedir@ +mandir = @mandir@ +mkdir_p = @mkdir_p@ +oldincludedir = @oldincludedir@ +prefix = @prefix@ +program_transform_name = @program_transform_name@ +sbindir = @sbindir@ +sharedstatedir = @sharedstatedir@ +sysconfdir = @sysconfdir@ +target_alias = @target_alias@ AUTOMAKE_OPTIONS = foreign no-dependencies - EXTRA_DIST = Makefile.am \ README -subdir = contrib -mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs -CONFIG_HEADER = $(top_builddir)/config.h -CONFIG_CLEAN_FILES = -depcomp = -am__depfiles_maybe = -DIST_SOURCES = -DIST_COMMON = README Makefile.am Makefile.in all: all-am .SUFFIXES: -$(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) +$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps) + @for dep in $?; do \ + case '$(am__configure_deps)' in \ + *$$dep*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ + && exit 0; \ + exit 1;; \ + esac; \ + done; \ + echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign contrib/Makefile'; \ cd $(top_srcdir) && \ $(AUTOMAKE) --foreign contrib/Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe) +.PRECIOUS: Makefile +Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status + @case '$?' in \ + *config.status*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ + *) \ + echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ + cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ + esac; + +$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh + +$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh uninstall-info-am: tags: TAGS TAGS: -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) +ctags: CTAGS +CTAGS: -top_distdir = .. -distdir = $(top_distdir)/$(PACKAGE)-$(VERSION) distdir: $(DISTFILES) - @list='$(DISTFILES)'; for file in $$list; do \ + @srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; \ + topsrcdirstrip=`echo "$(top_srcdir)" | sed 's|.|.|g'`; \ + list='$(DISTFILES)'; for file in $$list; do \ + case $$file in \ + $(srcdir)/*) file=`echo "$$file" | sed "s|^$$srcdirstrip/||"`;; \ + $(top_srcdir)/*) file=`echo "$$file" | sed "s|^$$topsrcdirstrip/|$(top_builddir)/|"`;; \ + esac; \ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ dir=`echo "$$file" | sed -e 's,/[^/]*$$,,'`; \ if test "$$dir" != "$$file" && test "$$dir" != "."; then \ dir="/$$dir"; \ - $(mkinstalldirs) "$(distdir)$$dir"; \ + $(mkdir_p) "$(distdir)$$dir"; \ else \ dir=''; \ fi; \ @@ -133,9 +209,7 @@ check-am: all-am check: check-am all-am: Makefile - installdirs: - install: install-am install-exec: install-exec-am install-data: install-data-am @@ -147,7 +221,7 @@ installcheck: installcheck-am install-strip: $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - INSTALL_STRIP_FLAG=-s \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ `test -z '$(STRIP)' || \ echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install mostlyclean-generic: @@ -155,7 +229,7 @@ clean-generic: distclean-generic: - -rm -f Makefile $(CONFIG_CLEAN_FILES) + -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) maintainer-clean-generic: @echo "This command is intended for maintainers to use" @@ -165,13 +239,15 @@ clean-am: clean-generic mostlyclean-am distclean: distclean-am - + -rm -f Makefile distclean-am: clean-am distclean-generic dvi: dvi-am dvi-am: +html: html-am + info: info-am info-am: @@ -187,22 +263,31 @@ installcheck-am: maintainer-clean: maintainer-clean-am - + -rm -f Makefile maintainer-clean-am: distclean-am maintainer-clean-generic mostlyclean: mostlyclean-am mostlyclean-am: mostlyclean-generic +pdf: pdf-am + +pdf-am: + +ps: ps-am + +ps-am: + uninstall-am: uninstall-info-am .PHONY: all all-am check check-am clean clean-generic distclean \ - distclean-generic distdir dvi dvi-am info info-am install \ - install-am install-data install-data-am install-exec \ + distclean-generic distdir dvi dvi-am html html-am info info-am \ + install install-am install-data install-data-am install-exec \ install-exec-am install-info install-info-am install-man \ install-strip installcheck installcheck-am installdirs \ maintainer-clean maintainer-clean-generic mostlyclean \ - mostlyclean-generic uninstall uninstall-am uninstall-info-am + mostlyclean-generic pdf pdf-am ps ps-am uninstall uninstall-am \ + uninstall-info-am # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. --- snort-2.3.3.orig/schemas/create_mysql +++ snort-2.3.3/schemas/create_mysql @@ -20,10 +20,10 @@ # along with this program; if not, write to the Free Software # Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. -CREATE TABLE schema ( vseq INT UNSIGNED NOT NULL, +CREATE TABLE `schema` ( vseq INT UNSIGNED NOT NULL, ctime DATETIME NOT NULL, PRIMARY KEY (vseq)); -INSERT INTO schema (vseq, ctime) VALUES ('106', now()); +INSERT INTO `schema` (vseq, ctime) VALUES ('106', now()); CREATE TABLE event ( sid INT UNSIGNED NOT NULL, cid INT UNSIGNED NOT NULL, --- snort-2.3.3.orig/schemas/Makefile.in +++ snort-2.3.3/schemas/Makefile.in @@ -1,8 +1,8 @@ -# Makefile.in generated by automake 1.6.3 from Makefile.am. +# Makefile.in generated by automake 1.9.6 from Makefile.am. # @configure_input@ -# Copyright 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002 -# Free Software Foundation, Inc. +# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +# 2003, 2004, 2005 Free Software Foundation, Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -13,112 +13,188 @@ # PARTICULAR PURPOSE. @SET_MAKE@ -SHELL = @SHELL@ - srcdir = @srcdir@ top_srcdir = @top_srcdir@ VPATH = @srcdir@ -prefix = @prefix@ -exec_prefix = @exec_prefix@ - -bindir = @bindir@ -sbindir = @sbindir@ -libexecdir = @libexecdir@ -datadir = @datadir@ -sysconfdir = @sysconfdir@ -sharedstatedir = @sharedstatedir@ -localstatedir = @localstatedir@ -libdir = @libdir@ -infodir = @infodir@ -mandir = @mandir@ -includedir = @includedir@ -oldincludedir = /usr/include pkgdatadir = $(datadir)/@PACKAGE@ pkglibdir = $(libdir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ top_builddir = .. - -ACLOCAL = @ACLOCAL@ -AUTOCONF = @AUTOCONF@ -AUTOMAKE = @AUTOMAKE@ -AUTOHEADER = @AUTOHEADER@ - am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd INSTALL = @INSTALL@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_DATA = @INSTALL_DATA@ install_sh_DATA = $(install_sh) -c -m 644 install_sh_PROGRAM = $(install_sh) -c install_sh_SCRIPT = $(install_sh) -c -INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_HEADER = $(INSTALL_DATA) -transform = @program_transform_name@ +transform = $(program_transform_name) NORMAL_INSTALL = : PRE_INSTALL = : POST_INSTALL = : NORMAL_UNINSTALL = : PRE_UNINSTALL = : POST_UNINSTALL = : -host_alias = @host_alias@ +build_triplet = @build@ host_triplet = @host@ - -EXEEXT = @EXEEXT@ -OBJEXT = @OBJEXT@ -PATH_SEPARATOR = @PATH_SEPARATOR@ +subdir = schemas +DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in +ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 +am__aclocal_m4_deps = $(top_srcdir)/configure.in +am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ + $(ACLOCAL_M4) +mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs +CONFIG_HEADER = $(top_builddir)/config.h +CONFIG_CLEAN_FILES = +depcomp = +am__depfiles_maybe = +SOURCES = +DIST_SOURCES = +DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) +ACLOCAL = @ACLOCAL@ +AMDEP_FALSE = @AMDEP_FALSE@ +AMDEP_TRUE = @AMDEP_TRUE@ AMTAR = @AMTAR@ +AUTOCONF = @AUTOCONF@ +AUTOHEADER = @AUTOHEADER@ +AUTOMAKE = @AUTOMAKE@ AWK = @AWK@ CC = @CC@ +CCDEPMODE = @CCDEPMODE@ +CFLAGS = @CFLAGS@ +CPP = @CPP@ +CPPFLAGS = @CPPFLAGS@ +CYGPATH_W = @CYGPATH_W@ +DEFS = @DEFS@ DEPDIR = @DEPDIR@ +ECHO_C = @ECHO_C@ +ECHO_N = @ECHO_N@ +ECHO_T = @ECHO_T@ +EGREP = @EGREP@ +EXEEXT = @EXEEXT@ INCLUDES = @INCLUDES@ +INSTALL_DATA = @INSTALL_DATA@ +INSTALL_PROGRAM = @INSTALL_PROGRAM@ +INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +LDFLAGS = @LDFLAGS@ +LIBOBJS = @LIBOBJS@ +LIBS = @LIBS@ +LTLIBOBJS = @LTLIBOBJS@ +MAINT = @MAINT@ +MAINTAINER_MODE_FALSE = @MAINTAINER_MODE_FALSE@ +MAINTAINER_MODE_TRUE = @MAINTAINER_MODE_TRUE@ +MAKEINFO = @MAKEINFO@ +OBJEXT = @OBJEXT@ PACKAGE = @PACKAGE@ +PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +PACKAGE_NAME = @PACKAGE_NAME@ +PACKAGE_STRING = @PACKAGE_STRING@ +PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_VERSION = @PACKAGE_VERSION@ +PATH_SEPARATOR = @PATH_SEPARATOR@ RANLIB = @RANLIB@ +SET_MAKE = @SET_MAKE@ +SHELL = @SHELL@ STRIP = @STRIP@ VERSION = @VERSION@ +ac_ct_CC = @ac_ct_CC@ +ac_ct_RANLIB = @ac_ct_RANLIB@ +ac_ct_STRIP = @ac_ct_STRIP@ +am__fastdepCC_FALSE = @am__fastdepCC_FALSE@ +am__fastdepCC_TRUE = @am__fastdepCC_TRUE@ am__include = @am__include@ +am__leading_dot = @am__leading_dot@ am__quote = @am__quote@ +am__tar = @am__tar@ +am__untar = @am__untar@ +bindir = @bindir@ +build = @build@ +build_alias = @build_alias@ +build_cpu = @build_cpu@ +build_os = @build_os@ +build_vendor = @build_vendor@ +datadir = @datadir@ +exec_prefix = @exec_prefix@ extra_incl = @extra_incl@ +host = @host@ +host_alias = @host_alias@ +host_cpu = @host_cpu@ +host_os = @host_os@ +host_vendor = @host_vendor@ +includedir = @includedir@ +infodir = @infodir@ install_sh = @install_sh@ +libdir = @libdir@ +libexecdir = @libexecdir@ +localstatedir = @localstatedir@ +mandir = @mandir@ +mkdir_p = @mkdir_p@ +oldincludedir = @oldincludedir@ +prefix = @prefix@ +program_transform_name = @program_transform_name@ +sbindir = @sbindir@ +sharedstatedir = @sharedstatedir@ +sysconfdir = @sysconfdir@ +target_alias = @target_alias@ AUTOMAKE_OPTIONS = foreign no-dependencies - EXTRA_DIST = Makefile.am \ create_mssql \ create_mysql \ create_oracle.sql \ create_postgresql -subdir = schemas -mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs -CONFIG_HEADER = $(top_builddir)/config.h -CONFIG_CLEAN_FILES = -depcomp = -am__depfiles_maybe = -DIST_SOURCES = -DIST_COMMON = Makefile.am Makefile.in all: all-am .SUFFIXES: -$(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) +$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps) + @for dep in $?; do \ + case '$(am__configure_deps)' in \ + *$$dep*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ + && exit 0; \ + exit 1;; \ + esac; \ + done; \ + echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign schemas/Makefile'; \ cd $(top_srcdir) && \ $(AUTOMAKE) --foreign schemas/Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe) +.PRECIOUS: Makefile +Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status + @case '$?' in \ + *config.status*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ + *) \ + echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ + cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ + esac; + +$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh + +$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh uninstall-info-am: tags: TAGS TAGS: -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) +ctags: CTAGS +CTAGS: -top_distdir = .. -distdir = $(top_distdir)/$(PACKAGE)-$(VERSION) distdir: $(DISTFILES) - @list='$(DISTFILES)'; for file in $$list; do \ + @srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; \ + topsrcdirstrip=`echo "$(top_srcdir)" | sed 's|.|.|g'`; \ + list='$(DISTFILES)'; for file in $$list; do \ + case $$file in \ + $(srcdir)/*) file=`echo "$$file" | sed "s|^$$srcdirstrip/||"`;; \ + $(top_srcdir)/*) file=`echo "$$file" | sed "s|^$$topsrcdirstrip/|$(top_builddir)/|"`;; \ + esac; \ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ dir=`echo "$$file" | sed -e 's,/[^/]*$$,,'`; \ if test "$$dir" != "$$file" && test "$$dir" != "."; then \ dir="/$$dir"; \ - $(mkinstalldirs) "$(distdir)$$dir"; \ + $(mkdir_p) "$(distdir)$$dir"; \ else \ dir=''; \ fi; \ @@ -136,9 +212,7 @@ check-am: all-am check: check-am all-am: Makefile - installdirs: - install: install-am install-exec: install-exec-am install-data: install-data-am @@ -150,7 +224,7 @@ installcheck: installcheck-am install-strip: $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - INSTALL_STRIP_FLAG=-s \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ `test -z '$(STRIP)' || \ echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install mostlyclean-generic: @@ -158,7 +232,7 @@ clean-generic: distclean-generic: - -rm -f Makefile $(CONFIG_CLEAN_FILES) + -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) maintainer-clean-generic: @echo "This command is intended for maintainers to use" @@ -168,13 +242,15 @@ clean-am: clean-generic mostlyclean-am distclean: distclean-am - + -rm -f Makefile distclean-am: clean-am distclean-generic dvi: dvi-am dvi-am: +html: html-am + info: info-am info-am: @@ -190,22 +266,31 @@ installcheck-am: maintainer-clean: maintainer-clean-am - + -rm -f Makefile maintainer-clean-am: distclean-am maintainer-clean-generic mostlyclean: mostlyclean-am mostlyclean-am: mostlyclean-generic +pdf: pdf-am + +pdf-am: + +ps: ps-am + +ps-am: + uninstall-am: uninstall-info-am .PHONY: all all-am check check-am clean clean-generic distclean \ - distclean-generic distdir dvi dvi-am info info-am install \ - install-am install-data install-data-am install-exec \ + distclean-generic distdir dvi dvi-am html html-am info info-am \ + install install-am install-data install-data-am install-exec \ install-exec-am install-info install-info-am install-man \ install-strip installcheck installcheck-am installdirs \ maintainer-clean maintainer-clean-generic mostlyclean \ - mostlyclean-generic uninstall uninstall-am uninstall-info-am + mostlyclean-generic pdf pdf-am ps ps-am uninstall uninstall-am \ + uninstall-info-am # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. --- snort-2.3.3.orig/rpm/Makefile.in +++ snort-2.3.3/rpm/Makefile.in @@ -1,8 +1,8 @@ -# Makefile.in generated by automake 1.6.3 from Makefile.am. +# Makefile.in generated by automake 1.9.6 from Makefile.am. # @configure_input@ -# Copyright 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002 -# Free Software Foundation, Inc. +# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +# 2003, 2004, 2005 Free Software Foundation, Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -13,74 +13,129 @@ # PARTICULAR PURPOSE. @SET_MAKE@ -SHELL = @SHELL@ - srcdir = @srcdir@ top_srcdir = @top_srcdir@ VPATH = @srcdir@ -prefix = @prefix@ -exec_prefix = @exec_prefix@ - -bindir = @bindir@ -sbindir = @sbindir@ -libexecdir = @libexecdir@ -datadir = @datadir@ -sysconfdir = @sysconfdir@ -sharedstatedir = @sharedstatedir@ -localstatedir = @localstatedir@ -libdir = @libdir@ -infodir = @infodir@ -mandir = @mandir@ -includedir = @includedir@ -oldincludedir = /usr/include pkgdatadir = $(datadir)/@PACKAGE@ pkglibdir = $(libdir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ top_builddir = .. - -ACLOCAL = @ACLOCAL@ -AUTOCONF = @AUTOCONF@ -AUTOMAKE = @AUTOMAKE@ -AUTOHEADER = @AUTOHEADER@ - am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd INSTALL = @INSTALL@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_DATA = @INSTALL_DATA@ install_sh_DATA = $(install_sh) -c -m 644 install_sh_PROGRAM = $(install_sh) -c install_sh_SCRIPT = $(install_sh) -c -INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_HEADER = $(INSTALL_DATA) -transform = @program_transform_name@ +transform = $(program_transform_name) NORMAL_INSTALL = : PRE_INSTALL = : POST_INSTALL = : NORMAL_UNINSTALL = : PRE_UNINSTALL = : POST_UNINSTALL = : -host_alias = @host_alias@ +build_triplet = @build@ host_triplet = @host@ - -EXEEXT = @EXEEXT@ -OBJEXT = @OBJEXT@ -PATH_SEPARATOR = @PATH_SEPARATOR@ +subdir = rpm +DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in +ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 +am__aclocal_m4_deps = $(top_srcdir)/configure.in +am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ + $(ACLOCAL_M4) +mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs +CONFIG_HEADER = $(top_builddir)/config.h +CONFIG_CLEAN_FILES = +depcomp = +am__depfiles_maybe = +SOURCES = +DIST_SOURCES = +DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) +ACLOCAL = @ACLOCAL@ +AMDEP_FALSE = @AMDEP_FALSE@ +AMDEP_TRUE = @AMDEP_TRUE@ AMTAR = @AMTAR@ +AUTOCONF = @AUTOCONF@ +AUTOHEADER = @AUTOHEADER@ +AUTOMAKE = @AUTOMAKE@ AWK = @AWK@ CC = @CC@ +CCDEPMODE = @CCDEPMODE@ +CFLAGS = @CFLAGS@ +CPP = @CPP@ +CPPFLAGS = @CPPFLAGS@ +CYGPATH_W = @CYGPATH_W@ +DEFS = @DEFS@ DEPDIR = @DEPDIR@ +ECHO_C = @ECHO_C@ +ECHO_N = @ECHO_N@ +ECHO_T = @ECHO_T@ +EGREP = @EGREP@ +EXEEXT = @EXEEXT@ INCLUDES = @INCLUDES@ +INSTALL_DATA = @INSTALL_DATA@ +INSTALL_PROGRAM = @INSTALL_PROGRAM@ +INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +LDFLAGS = @LDFLAGS@ +LIBOBJS = @LIBOBJS@ +LIBS = @LIBS@ +LTLIBOBJS = @LTLIBOBJS@ +MAINT = @MAINT@ +MAINTAINER_MODE_FALSE = @MAINTAINER_MODE_FALSE@ +MAINTAINER_MODE_TRUE = @MAINTAINER_MODE_TRUE@ +MAKEINFO = @MAKEINFO@ +OBJEXT = @OBJEXT@ PACKAGE = @PACKAGE@ +PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +PACKAGE_NAME = @PACKAGE_NAME@ +PACKAGE_STRING = @PACKAGE_STRING@ +PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_VERSION = @PACKAGE_VERSION@ +PATH_SEPARATOR = @PATH_SEPARATOR@ RANLIB = @RANLIB@ +SET_MAKE = @SET_MAKE@ +SHELL = @SHELL@ STRIP = @STRIP@ VERSION = @VERSION@ +ac_ct_CC = @ac_ct_CC@ +ac_ct_RANLIB = @ac_ct_RANLIB@ +ac_ct_STRIP = @ac_ct_STRIP@ +am__fastdepCC_FALSE = @am__fastdepCC_FALSE@ +am__fastdepCC_TRUE = @am__fastdepCC_TRUE@ am__include = @am__include@ +am__leading_dot = @am__leading_dot@ am__quote = @am__quote@ +am__tar = @am__tar@ +am__untar = @am__untar@ +bindir = @bindir@ +build = @build@ +build_alias = @build_alias@ +build_cpu = @build_cpu@ +build_os = @build_os@ +build_vendor = @build_vendor@ +datadir = @datadir@ +exec_prefix = @exec_prefix@ extra_incl = @extra_incl@ +host = @host@ +host_alias = @host_alias@ +host_cpu = @host_cpu@ +host_os = @host_os@ +host_vendor = @host_vendor@ +includedir = @includedir@ +infodir = @infodir@ install_sh = @install_sh@ +libdir = @libdir@ +libexecdir = @libexecdir@ +localstatedir = @localstatedir@ +mandir = @mandir@ +mkdir_p = @mkdir_p@ +oldincludedir = @oldincludedir@ +prefix = @prefix@ +program_transform_name = @program_transform_name@ +sbindir = @sbindir@ +sharedstatedir = @sharedstatedir@ +sysconfdir = @sysconfdir@ +target_alias = @target_alias@ AUTOMAKE_OPTIONS = foreign no-dependencies - EXTRA_DIST = Makefile.am \ CHANGES.rpms \ generate-all-rpms \ @@ -92,38 +147,59 @@ snort.org.spec \ snort.sysconfig -subdir = rpm -mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs -CONFIG_HEADER = $(top_builddir)/config.h -CONFIG_CLEAN_FILES = -depcomp = -am__depfiles_maybe = -DIST_SOURCES = -DIST_COMMON = Makefile.am Makefile.in all: all-am .SUFFIXES: -$(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) +$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps) + @for dep in $?; do \ + case '$(am__configure_deps)' in \ + *$$dep*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ + && exit 0; \ + exit 1;; \ + esac; \ + done; \ + echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign rpm/Makefile'; \ cd $(top_srcdir) && \ $(AUTOMAKE) --foreign rpm/Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe) +.PRECIOUS: Makefile +Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status + @case '$?' in \ + *config.status*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ + *) \ + echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ + cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ + esac; + +$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh + +$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh uninstall-info-am: tags: TAGS TAGS: -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) +ctags: CTAGS +CTAGS: -top_distdir = .. -distdir = $(top_distdir)/$(PACKAGE)-$(VERSION) distdir: $(DISTFILES) - @list='$(DISTFILES)'; for file in $$list; do \ + @srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; \ + topsrcdirstrip=`echo "$(top_srcdir)" | sed 's|.|.|g'`; \ + list='$(DISTFILES)'; for file in $$list; do \ + case $$file in \ + $(srcdir)/*) file=`echo "$$file" | sed "s|^$$srcdirstrip/||"`;; \ + $(top_srcdir)/*) file=`echo "$$file" | sed "s|^$$topsrcdirstrip/|$(top_builddir)/|"`;; \ + esac; \ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ dir=`echo "$$file" | sed -e 's,/[^/]*$$,,'`; \ if test "$$dir" != "$$file" && test "$$dir" != "."; then \ dir="/$$dir"; \ - $(mkinstalldirs) "$(distdir)$$dir"; \ + $(mkdir_p) "$(distdir)$$dir"; \ else \ dir=''; \ fi; \ @@ -141,9 +217,7 @@ check-am: all-am check: check-am all-am: Makefile - installdirs: - install: install-am install-exec: install-exec-am install-data: install-data-am @@ -155,7 +229,7 @@ installcheck: installcheck-am install-strip: $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - INSTALL_STRIP_FLAG=-s \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ `test -z '$(STRIP)' || \ echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install mostlyclean-generic: @@ -163,7 +237,7 @@ clean-generic: distclean-generic: - -rm -f Makefile $(CONFIG_CLEAN_FILES) + -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) maintainer-clean-generic: @echo "This command is intended for maintainers to use" @@ -173,13 +247,15 @@ clean-am: clean-generic mostlyclean-am distclean: distclean-am - + -rm -f Makefile distclean-am: clean-am distclean-generic dvi: dvi-am dvi-am: +html: html-am + info: info-am info-am: @@ -195,22 +271,31 @@ installcheck-am: maintainer-clean: maintainer-clean-am - + -rm -f Makefile maintainer-clean-am: distclean-am maintainer-clean-generic mostlyclean: mostlyclean-am mostlyclean-am: mostlyclean-generic +pdf: pdf-am + +pdf-am: + +ps: ps-am + +ps-am: + uninstall-am: uninstall-info-am .PHONY: all all-am check check-am clean clean-generic distclean \ - distclean-generic distdir dvi dvi-am info info-am install \ - install-am install-data install-data-am install-exec \ + distclean-generic distdir dvi dvi-am html html-am info info-am \ + install install-am install-data install-data-am install-exec \ install-exec-am install-info install-info-am install-man \ install-strip installcheck installcheck-am installdirs \ maintainer-clean maintainer-clean-generic mostlyclean \ - mostlyclean-generic uninstall uninstall-am uninstall-info-am + mostlyclean-generic pdf pdf-am ps ps-am uninstall uninstall-am \ + uninstall-info-am # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. --- snort-2.3.3.orig/configure.in +++ snort-2.3.3/configure.in @@ -2,6 +2,10 @@ AC_PREREQ(2.50) AC_INIT(src/snort.c) AM_CONFIG_HEADER(config.h) + +# Added to change the output of aclocal and automake. +AM_MAINTAINER_MODE + # When changing the snort version, please also update the VERSION # definition in "src/win32/WIN32-Includes/config.h" AM_INIT_AUTOMAKE(snort,2.3.3) @@ -288,7 +292,7 @@ echo " http://www.tcpdump.org" echo " or use the --with-libpcap-* options, if you have it installed" echo " in unusual place" - exit + exit 1 fi default_directory="/usr /usr/local" @@ -304,7 +308,7 @@ done echo "**********************************************" echo - exit + exit 1 ]) AC_ARG_WITH(libpcre_includes, @@ -335,7 +339,7 @@ echo echo " ERROR! Libpcre header not found, go get it from" echo " http://www.pcre.org" - exit + exit 1 fi # Verify that we have the library @@ -346,7 +350,7 @@ echo " ERROR! Libpcre library not found, go get it from" echo " http://www.pcre.org" echo - exit + exit 1 fi AC_ARG_WITH(libnet_includes, @@ -511,6 +515,11 @@ [ with_postgresql="$withval" ], [ with_postgresql=no ]) +AC_ARG_WITH(pgsql_includes, + [ --with-pgsql-includes=DIR postgresql include directory], + [with_pgsql_includes="$withval" ], + [with_pgsql_includes=no ]) + if test "$with_postgresql" != "no"; then if test "$with_postgresql" = "yes"; then postgresql_directory="$default_directory /usr/local/pgsql /usr/pgsql /usr/local" @@ -525,54 +534,76 @@ AC_MSG_CHECKING(for postgresql) - for i in $postgresql_directory; do - if test -r $i/include/pgsql/libpq-fe.h; then - POSTGRESQL_DIR=$i - POSTGRESQL_INC_DIR=$i/include/pgsql - elif test -r $i/include/libpq-fe.h; then - POSTGRESQL_DIR=$i - POSTGRESQL_INC_DIR=$i/include - elif test -r $i/include/postgresql/libpq-fe.h; then - POSTGRESQL_DIR=$i - POSTGRESQL_INC_DIR=$i/include/postgresql - fi - done + if test "$with_pgsql_includes" != "no"; then + for i in $with_pgsql_includes $postgresql_directory; do + if test -r $i/libpq-fe.h; then + POSTGRESQL_INC_DIR=$i + elif test -r $i/include/pgsql/libpq-fe.h; then + POSTGRESQL_INC_DIR=$i/include/pgsql + elif test -r $i/include/libpq-fe.h; then + POSTGRESQL_INC_DIR=$i/include + elif test -r $i/include/postgresql/libpq-fe.h; then + POSTGRESQL_INC_DIR=$i/include/postgresql + fi + done + fi - if test -z "$POSTGRESQL_DIR"; then + if test -z "$POSTGRESQL_INC_DIR"; then + for i in $postgresql_directory; do + if test -r $i/include/pgsql/libpq-fe.h; then + POSTGRESQL_DIR=$i + POSTGRESQL_INC_DIR=$i/include/pgsql + elif test -r $i/include/libpq-fe.h; then + POSTGRESQL_DIR=$i + POSTGRESQL_INC_DIR=$i/include + elif test -r $i/include/postgresql/libpq-fe.h; then + POSTGRESQL_DIR=$i + POSTGRESQL_INC_DIR=$i/include/postgresql + fi + done + fi + + if test -z "$POSTGRESQL_INC_DIR"; then if test "$postgresql_fail" != "no"; then tmp="" - for i in $postgesql_directory; do + if test "$with_pgsql_includes" != "no"; then + tmp="$tmp $with_pgsql_includes" + fi + for i in $postgresql_directory; do tmp="$tmp $i/include $i/include/pgsql" done FAIL_MESSAGE("postgresql header file (libpq-fe.h)", $tmp) else AC_MSG_RESULT(no) fi - else + fi - for i in lib lib/pgsql; do - str="$POSTGRESQL_DIR/$i/libpq.*" - for j in `echo $str`; do - if test -r $j; then - POSTGRESQL_LIB_DIR="$POSTGRESQL_DIR/$i" - break 2 - fi - done - done + if test -z "$POSTGRESQL_DIR"; then + for dir in $postgresql_directory; do + for i in lib lib/pgsql; do + str="$dir/$i/libpq.*" + for j in `echo $str`; do + if test -r $j; then + POSTGRESQL_LIB_DIR="$dir/$i" + break 2 + fi + done + done + done + fi - if test -z "$POSTGRESQL_LIB_DIR"; then - if test "$postgresql_fail" != "no"; then - FAIL_MESSAGE("postgresql library libpq", - "$POSTGRESQL_DIR/lib $POSTGRESQL_DIR/lib/pgsql") - else - AC_MSG_RESULT(no); - fi - else - AC_MSG_RESULT(yes) - LDFLAGS="${LDFLAGS} -L${POSTGRESQL_LIB_DIR}" - CPPFLAGS="${CPPFLAGS} -I${POSTGRESQL_INC_DIR} -DENABLE_POSTGRESQL" - LIBS="${LIBS} -lpq" - fi + if test -z "$POSTGRESQL_LIB_DIR"; then + if test "$postgresql_fail" != "no"; then + FAIL_MESSAGE("postgresql library libpq", + "$POSTGRESQL_DIR/lib $POSTGRESQL_DIR/lib/pgsql") + else + AC_MSG_RESULT(no); + fi + else + AC_MSG_RESULT(yes) + LDFLAGS="${LDFLAGS} -L${POSTGRESQL_LIB_DIR}" + CPPFLAGS="${CPPFLAGS} -I${POSTGRESQL_INC_DIR} -DENABLE_POSTGRESQL" + LIBS="${LIBS} -lpq" fi fi @@ -681,7 +712,7 @@ echo " www.netfilter.org or use the --with-libipq-* options, " echo " if you have it installed in unusual place" echo - exit + exit 1 fi fi @@ -737,7 +768,7 @@ echo " http://www.packetfactory.net/projects/libnet/" echo " or use the --with-libnet-* options, if you have it installed" echo " in unusual place" - exit + exit 1 fi AC_MSG_CHECKING(for libnet version 1.0.2a) @@ -781,7 +812,7 @@ echo " http://www.packetfactory.net/projects/libnet/" echo " or use the --with-libnet-* options, if you have it installed" echo " in unusual place" - exit + exit 1 fi fi --- snort-2.3.3.orig/aclocal.m4 +++ snort-2.3.3/aclocal.m4 @@ -1,7 +1,7 @@ -# aclocal.m4 generated automatically by aclocal 1.6.3 -*- Autoconf -*- +# generated automatically by aclocal 1.9.6 -*- Autoconf -*- -# Copyright 1996, 1997, 1998, 1999, 2000, 2001, 2002 -# Free Software Foundation, Inc. +# Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004, +# 2005 Free Software Foundation, Inc. # This file is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -11,385 +11,32 @@ # even the implied warranty of MERCHANTABILITY or FITNESS FOR A # PARTICULAR PURPOSE. -# Like AC_CONFIG_HEADER, but automatically create stamp file. -*- Autoconf -*- - -# Copyright 1996, 1997, 2000, 2001 Free Software Foundation, Inc. - -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 2, or (at your option) -# any later version. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. - -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA -# 02111-1307, USA. - -AC_PREREQ([2.52]) - -# serial 6 - -# When config.status generates a header, we must update the stamp-h file. -# This file resides in the same directory as the config header -# that is generated. We must strip everything past the first ":", -# and everything past the last "/". - -# _AM_DIRNAME(PATH) -# ----------------- -# Like AS_DIRNAME, only do it during macro expansion -AC_DEFUN([_AM_DIRNAME], - [m4_if(regexp([$1], [^.*[^/]//*[^/][^/]*/*$]), -1, - m4_if(regexp([$1], [^//\([^/]\|$\)]), -1, - m4_if(regexp([$1], [^/.*]), -1, - [.], - patsubst([$1], [^\(/\).*], [\1])), - patsubst([$1], [^\(//\)\([^/].*\|$\)], [\1])), - patsubst([$1], [^\(.*[^/]\)//*[^/][^/]*/*$], [\1]))[]dnl -])# _AM_DIRNAME - - -# The stamp files are numbered to have different names. -# We could number them on a directory basis, but that's additional -# complications, let's have a unique counter. -m4_define([_AM_STAMP_Count], [0]) - - -# _AM_STAMP(HEADER) -# ----------------- -# The name of the stamp file for HEADER. -AC_DEFUN([_AM_STAMP], -[m4_define([_AM_STAMP_Count], m4_incr(_AM_STAMP_Count))dnl -AS_ESCAPE(_AM_DIRNAME(patsubst([$1], - [:.*])))/stamp-h[]_AM_STAMP_Count]) - - -# _AM_CONFIG_HEADER(HEADER[:SOURCES], COMMANDS, INIT-COMMANDS) -# ------------------------------------------------------------ -# We used to try to get a real timestamp in stamp-h. But the fear is that -# that will cause unnecessary cvs conflicts. -AC_DEFUN([_AM_CONFIG_HEADER], -[# Add the stamp file to the list of files AC keeps track of, -# along with our hook. -AC_CONFIG_HEADERS([$1], - [# update the timestamp -echo 'timestamp for $1' >"_AM_STAMP([$1])" -$2], - [$3]) -])# _AM_CONFIG_HEADER - - -# AM_CONFIG_HEADER(HEADER[:SOURCES]..., COMMANDS, INIT-COMMANDS) -# -------------------------------------------------------------- -AC_DEFUN([AM_CONFIG_HEADER], -[AC_FOREACH([_AM_File], [$1], [_AM_CONFIG_HEADER(_AM_File, [$2], [$3])]) -])# AM_CONFIG_HEADER - -# Do all the work for Automake. -*- Autoconf -*- - -# This macro actually does too much some checks are only needed if -# your package does certain things. But this isn't really a big deal. - -# Copyright 1996, 1997, 1998, 1999, 2000, 2001, 2002 -# Free Software Foundation, Inc. - -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 2, or (at your option) -# any later version. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. - -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA -# 02111-1307, USA. - -# serial 8 - -# There are a few dirty hacks below to avoid letting `AC_PROG_CC' be -# written in clear, in which case automake, when reading aclocal.m4, -# will think it sees a *use*, and therefore will trigger all it's -# C support machinery. Also note that it means that autoscan, seeing -# CC etc. in the Makefile, will ask for an AC_PROG_CC use... - - -AC_PREREQ([2.52]) - -# Autoconf 2.50 wants to disallow AM_ names. We explicitly allow -# the ones we care about. -m4_pattern_allow([^AM_[A-Z]+FLAGS$])dnl - -# AM_INIT_AUTOMAKE(PACKAGE, VERSION, [NO-DEFINE]) -# AM_INIT_AUTOMAKE([OPTIONS]) -# ----------------------------------------------- -# The call with PACKAGE and VERSION arguments is the old style -# call (pre autoconf-2.50), which is being phased out. PACKAGE -# and VERSION should now be passed to AC_INIT and removed from -# the call to AM_INIT_AUTOMAKE. -# We support both call styles for the transition. After -# the next Automake release, Autoconf can make the AC_INIT -# arguments mandatory, and then we can depend on a new Autoconf -# release and drop the old call support. -AC_DEFUN([AM_INIT_AUTOMAKE], -[AC_REQUIRE([AM_SET_CURRENT_AUTOMAKE_VERSION])dnl - AC_REQUIRE([AC_PROG_INSTALL])dnl -# test to see if srcdir already configured -if test "`cd $srcdir && pwd`" != "`pwd`" && - test -f $srcdir/config.status; then - AC_MSG_ERROR([source directory already configured; run "make distclean" there first]) -fi - -# Define the identity of the package. -dnl Distinguish between old-style and new-style calls. -m4_ifval([$2], -[m4_ifval([$3], [_AM_SET_OPTION([no-define])])dnl - AC_SUBST([PACKAGE], [$1])dnl - AC_SUBST([VERSION], [$2])], -[_AM_SET_OPTIONS([$1])dnl - AC_SUBST([PACKAGE], [AC_PACKAGE_TARNAME])dnl - AC_SUBST([VERSION], [AC_PACKAGE_VERSION])])dnl - -_AM_IF_OPTION([no-define],, -[AC_DEFINE_UNQUOTED(PACKAGE, "$PACKAGE", [Name of package]) - AC_DEFINE_UNQUOTED(VERSION, "$VERSION", [Version number of package])])dnl - -# Some tools Automake needs. -AC_REQUIRE([AM_SANITY_CHECK])dnl -AC_REQUIRE([AC_ARG_PROGRAM])dnl -AM_MISSING_PROG(ACLOCAL, aclocal-${am__api_version}) -AM_MISSING_PROG(AUTOCONF, autoconf) -AM_MISSING_PROG(AUTOMAKE, automake-${am__api_version}) -AM_MISSING_PROG(AUTOHEADER, autoheader) -AM_MISSING_PROG(MAKEINFO, makeinfo) -AM_MISSING_PROG(AMTAR, tar) -AM_PROG_INSTALL_SH -AM_PROG_INSTALL_STRIP -# We need awk for the "check" target. The system "awk" is bad on -# some platforms. -AC_REQUIRE([AC_PROG_AWK])dnl -AC_REQUIRE([AC_PROG_MAKE_SET])dnl - -_AM_IF_OPTION([no-dependencies],, -[AC_PROVIDE_IFELSE([AC_PROG_][CC], - [_AM_DEPENDENCIES(CC)], - [define([AC_PROG_][CC], - defn([AC_PROG_][CC])[_AM_DEPENDENCIES(CC)])])dnl -AC_PROVIDE_IFELSE([AC_PROG_][CXX], - [_AM_DEPENDENCIES(CXX)], - [define([AC_PROG_][CXX], - defn([AC_PROG_][CXX])[_AM_DEPENDENCIES(CXX)])])dnl -]) -]) - -# Copyright 2002 Free Software Foundation, Inc. - -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 2, or (at your option) -# any later version. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. - -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA +# Copyright (C) 2002, 2003, 2005 Free Software Foundation, Inc. +# +# This file is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. # AM_AUTOMAKE_VERSION(VERSION) # ---------------------------- # Automake X.Y traces this macro to ensure aclocal.m4 has been # generated from the m4 files accompanying Automake X.Y. -AC_DEFUN([AM_AUTOMAKE_VERSION],[am__api_version="1.6"]) +AC_DEFUN([AM_AUTOMAKE_VERSION], [am__api_version="1.9"]) # AM_SET_CURRENT_AUTOMAKE_VERSION # ------------------------------- # Call AM_AUTOMAKE_VERSION so it can be traced. # This function is AC_REQUIREd by AC_INIT_AUTOMAKE. AC_DEFUN([AM_SET_CURRENT_AUTOMAKE_VERSION], - [AM_AUTOMAKE_VERSION([1.6.3])]) - -# Helper functions for option handling. -*- Autoconf -*- - -# Copyright 2001, 2002 Free Software Foundation, Inc. + [AM_AUTOMAKE_VERSION([1.9.6])]) -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 2, or (at your option) -# any later version. +# AM_AUX_DIR_EXPAND -*- Autoconf -*- -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. - -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA -# 02111-1307, USA. - -# serial 2 - -# _AM_MANGLE_OPTION(NAME) -# ----------------------- -AC_DEFUN([_AM_MANGLE_OPTION], -[[_AM_OPTION_]m4_bpatsubst($1, [[^a-zA-Z0-9_]], [_])]) - -# _AM_SET_OPTION(NAME) -# ------------------------------ -# Set option NAME. Presently that only means defining a flag for this option. -AC_DEFUN([_AM_SET_OPTION], -[m4_define(_AM_MANGLE_OPTION([$1]), 1)]) - -# _AM_SET_OPTIONS(OPTIONS) -# ---------------------------------- -# OPTIONS is a space-separated list of Automake options. -AC_DEFUN([_AM_SET_OPTIONS], -[AC_FOREACH([_AM_Option], [$1], [_AM_SET_OPTION(_AM_Option)])]) - -# _AM_IF_OPTION(OPTION, IF-SET, [IF-NOT-SET]) -# ------------------------------------------- -# Execute IF-SET if OPTION is set, IF-NOT-SET otherwise. -AC_DEFUN([_AM_IF_OPTION], -[m4_ifset(_AM_MANGLE_OPTION([$1]), [$2], [$3])]) - -# -# Check to make sure that the build environment is sane. +# Copyright (C) 2001, 2003, 2005 Free Software Foundation, Inc. # - -# Copyright 1996, 1997, 2000, 2001 Free Software Foundation, Inc. - -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 2, or (at your option) -# any later version. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. - -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA -# 02111-1307, USA. - -# serial 3 - -# AM_SANITY_CHECK -# --------------- -AC_DEFUN([AM_SANITY_CHECK], -[AC_MSG_CHECKING([whether build environment is sane]) -# Just in case -sleep 1 -echo timestamp > conftest.file -# Do `set' in a subshell so we don't clobber the current shell's -# arguments. Must try -L first in case configure is actually a -# symlink; some systems play weird games with the mod time of symlinks -# (eg FreeBSD returns the mod time of the symlink's containing -# directory). -if ( - set X `ls -Lt $srcdir/configure conftest.file 2> /dev/null` - if test "$[*]" = "X"; then - # -L didn't work. - set X `ls -t $srcdir/configure conftest.file` - fi - rm -f conftest.file - if test "$[*]" != "X $srcdir/configure conftest.file" \ - && test "$[*]" != "X conftest.file $srcdir/configure"; then - - # If neither matched, then we have a broken ls. This can happen - # if, for instance, CONFIG_SHELL is bash and it inherits a - # broken ls alias from the environment. This has actually - # happened. Such a system could not be considered "sane". - AC_MSG_ERROR([ls -t appears to fail. Make sure there is not a broken -alias in your environment]) - fi - - test "$[2]" = conftest.file - ) -then - # Ok. - : -else - AC_MSG_ERROR([newly created file is older than distributed files! -Check your system clock]) -fi -AC_MSG_RESULT(yes)]) - -# -*- Autoconf -*- - - -# Copyright 1997, 1999, 2000, 2001 Free Software Foundation, Inc. - -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 2, or (at your option) -# any later version. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. - -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA -# 02111-1307, USA. - -# serial 3 - -# AM_MISSING_PROG(NAME, PROGRAM) -# ------------------------------ -AC_DEFUN([AM_MISSING_PROG], -[AC_REQUIRE([AM_MISSING_HAS_RUN]) -$1=${$1-"${am_missing_run}$2"} -AC_SUBST($1)]) - - -# AM_MISSING_HAS_RUN -# ------------------ -# Define MISSING if not defined so far and test if it supports --run. -# If it does, set am_missing_run to use it, otherwise, to nothing. -AC_DEFUN([AM_MISSING_HAS_RUN], -[AC_REQUIRE([AM_AUX_DIR_EXPAND])dnl -test x"${MISSING+set}" = xset || MISSING="\${SHELL} $am_aux_dir/missing" -# Use eval to expand $SHELL -if eval "$MISSING --run true"; then - am_missing_run="$MISSING --run " -else - am_missing_run= - AC_MSG_WARN([`missing' script is too old or missing]) -fi -]) - -# AM_AUX_DIR_EXPAND - -# Copyright 2001 Free Software Foundation, Inc. - -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 2, or (at your option) -# any later version. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. - -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA -# 02111-1307, USA. +# This file is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. # For projects using AC_CONFIG_AUX_DIR([foo]), Autoconf sets # $ac_aux_dir to `$srcdir/foo'. In other projects, it is set to @@ -429,98 +76,78 @@ # absolute PATH. The drawback is that using absolute paths prevent a # configured tree to be moved without reconfiguration. -# Rely on autoconf to set up CDPATH properly. -AC_PREREQ([2.50]) - -AC_DEFUN([AM_AUX_DIR_EXPAND], [ +AC_DEFUN([AM_AUX_DIR_EXPAND], +[dnl Rely on autoconf to set up CDPATH properly. +AC_PREREQ([2.50])dnl # expand $ac_aux_dir to an absolute path am_aux_dir=`cd $ac_aux_dir && pwd` ]) -# AM_PROG_INSTALL_SH -# ------------------ -# Define $install_sh. -# Copyright 2001 Free Software Foundation, Inc. +# Copyright (C) 1996, 1997, 1999, 2000, 2001, 2002, 2003, 2005 +# Free Software Foundation, Inc. +# +# This file is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 2, or (at your option) -# any later version. +# serial 4 -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. - -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA -# 02111-1307, USA. +# This was merged into AC_PROG_CC in Autoconf. -AC_DEFUN([AM_PROG_INSTALL_SH], -[AC_REQUIRE([AM_AUX_DIR_EXPAND])dnl -install_sh=${install_sh-"$am_aux_dir/install-sh"} -AC_SUBST(install_sh)]) +AU_DEFUN([AM_PROG_CC_STDC], +[AC_PROG_CC +AC_DIAGNOSE([obsolete], [$0: + your code should no longer depend upon `am_cv_prog_cc_stdc', but upon + `ac_cv_prog_cc_stdc'. Remove this warning and the assignment when + you adjust the code. You can also remove the above call to + AC_PROG_CC if you already called it elsewhere.]) +am_cv_prog_cc_stdc=$ac_cv_prog_cc_stdc +]) +AU_DEFUN([fp_PROG_CC_STDC]) -# AM_PROG_INSTALL_STRIP +# AM_CONDITIONAL -*- Autoconf -*- -# Copyright 2001 Free Software Foundation, Inc. +# Copyright (C) 1997, 2000, 2001, 2003, 2004, 2005 +# Free Software Foundation, Inc. +# +# This file is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 2, or (at your option) -# any later version. +# serial 7 -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. - -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA -# 02111-1307, USA. +# AM_CONDITIONAL(NAME, SHELL-CONDITION) +# ------------------------------------- +# Define a conditional. +AC_DEFUN([AM_CONDITIONAL], +[AC_PREREQ(2.52)dnl + ifelse([$1], [TRUE], [AC_FATAL([$0: invalid condition: $1])], + [$1], [FALSE], [AC_FATAL([$0: invalid condition: $1])])dnl +AC_SUBST([$1_TRUE]) +AC_SUBST([$1_FALSE]) +if $2; then + $1_TRUE= + $1_FALSE='#' +else + $1_TRUE='#' + $1_FALSE= +fi +AC_CONFIG_COMMANDS_PRE( +[if test -z "${$1_TRUE}" && test -z "${$1_FALSE}"; then + AC_MSG_ERROR([[conditional "$1" was never defined. +Usually this means the macro was only invoked conditionally.]]) +fi])]) -# One issue with vendor `install' (even GNU) is that you can't -# specify the program used to strip binaries. This is especially -# annoying in cross-compiling environments, where the build's strip -# is unlikely to handle the host's binaries. -# Fortunately install-sh will honor a STRIPPROG variable, so we -# always use install-sh in `make install-strip', and initialize -# STRIPPROG with the value of the STRIP variable (set by the user). -AC_DEFUN([AM_PROG_INSTALL_STRIP], -[AC_REQUIRE([AM_PROG_INSTALL_SH])dnl -# Installed binaries are usually stripped using `strip' when the user -# run `make install-strip'. However `strip' might not be the right -# tool to use in cross-compilation environments, therefore Automake -# will honor the `STRIP' environment variable to overrule this program. -dnl Don't test for $cross_compiling = yes, because it might be `maybe'. -if test "$cross_compiling" != no; then - AC_CHECK_TOOL([STRIP], [strip], :) -fi -INSTALL_STRIP_PROGRAM="\${SHELL} \$(install_sh) -c -s" -AC_SUBST([INSTALL_STRIP_PROGRAM])]) - -# serial 4 -*- Autoconf -*- - -# Copyright 1999, 2000, 2001 Free Software Foundation, Inc. -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 2, or (at your option) -# any later version. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. - -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA -# 02111-1307, USA. +# Copyright (C) 1999, 2000, 2001, 2002, 2003, 2004, 2005 +# Free Software Foundation, Inc. +# +# This file is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. +# serial 8 # There are a few dirty hacks below to avoid letting `AC_PROG_CC' be # written in clear, in which case automake, when reading aclocal.m4, @@ -529,7 +156,6 @@ # CC etc. in the Makefile, will ask for an AC_PROG_CC use... - # _AM_DEPENDENCIES(NAME) # ---------------------- # See how the compiler implements dependency checking. @@ -565,18 +191,34 @@ # using a relative directory. cp "$am_depcomp" conftest.dir cd conftest.dir + # We will build objects and dependencies in a subdirectory because + # it helps to detect inapplicable dependency modes. For instance + # both Tru64's cc and ICC support -MD to output dependencies as a + # side effect of compilation, but ICC will put the dependencies in + # the current directory while Tru64 will put them in the object + # directory. + mkdir sub am_cv_$1_dependencies_compiler_type=none if test "$am_compiler_list" = ""; then am_compiler_list=`sed -n ['s/^#*\([a-zA-Z0-9]*\))$/\1/p'] < ./depcomp` fi for depmode in $am_compiler_list; do + # Setup a source with many dependencies, because some compilers + # like to wrap large dependency lists on column 80 (with \), and + # we should not choose a depcomp mode which is confused by this. + # # We need to recreate these files for each test, as the compiler may # overwrite some of them when testing with obscure command lines. # This happens at least with the AIX C compiler. - echo '#include "conftest.h"' > conftest.c - echo 'int i;' > conftest.h - echo "${am__include} ${am__quote}conftest.Po${am__quote}" > confmf + : > sub/conftest.c + for i in 1 2 3 4 5 6; do + echo '#include "conftst'$i'.h"' >> sub/conftest.c + # Using `: > sub/conftst$i.h' creates only sub/conftst1.h with + # Solaris 8's {/usr,}/bin/sh. + touch sub/conftst$i.h + done + echo "${am__include} ${am__quote}sub/conftest.Po${am__quote}" > confmf case $depmode in nosideeffect) @@ -594,13 +236,25 @@ # mode. It turns out that the SunPro C++ compiler does not properly # handle `-M -o', and we need to detect this. if depmode=$depmode \ - source=conftest.c object=conftest.o \ - depfile=conftest.Po tmpdepfile=conftest.TPo \ - $SHELL ./depcomp $depcc -c conftest.c -o conftest.o >/dev/null 2>&1 && - grep conftest.h conftest.Po > /dev/null 2>&1 && + source=sub/conftest.c object=sub/conftest.${OBJEXT-o} \ + depfile=sub/conftest.Po tmpdepfile=sub/conftest.TPo \ + $SHELL ./depcomp $depcc -c -o sub/conftest.${OBJEXT-o} sub/conftest.c \ + >/dev/null 2>conftest.err && + grep sub/conftst6.h sub/conftest.Po > /dev/null 2>&1 && + grep sub/conftest.${OBJEXT-o} sub/conftest.Po > /dev/null 2>&1 && ${MAKE-make} -s -f confmf > /dev/null 2>&1; then - am_cv_$1_dependencies_compiler_type=$depmode - break + # icc doesn't choke on unknown options, it will just issue warnings + # or remarks (even with -Werror). So we grep stderr for any message + # that says an option was ignored or not supported. + # When given -MP, icc 7.0 and 7.1 complain thusly: + # icc: Command line warning: ignoring option '-M'; no argument required + # The diagnosis changed in icc 8.0: + # icc: Command line remark: option '-MP' not supported + if (grep 'ignoring option' conftest.err || + grep 'not supported' conftest.err) >/dev/null 2>&1; then :; else + am_cv_$1_dependencies_compiler_type=$depmode + break + fi fi done @@ -611,6 +265,9 @@ fi ]) AC_SUBST([$1DEPMODE], [depmode=$am_cv_$1_dependencies_compiler_type]) +AM_CONDITIONAL([am__fastdep$1], [ + test "x$enable_dependency_tracking" != xno \ + && test "$am_cv_$1_dependencies_compiler_type" = gcc3]) ]) @@ -619,16 +276,8 @@ # Choose a directory name for dependency files. # This macro is AC_REQUIREd in _AM_DEPENDENCIES AC_DEFUN([AM_SET_DEPDIR], -[rm -f .deps 2>/dev/null -mkdir .deps 2>/dev/null -if test -d .deps; then - DEPDIR=.deps -else - # MS-DOS does not allow filenames that begin with a dot. - DEPDIR=_deps -fi -rmdir .deps 2>/dev/null -AC_SUBST([DEPDIR]) +[AC_REQUIRE([AM_SET_LEADING_DOT])dnl +AC_SUBST([DEPDIR], ["${am__leading_dot}deps"])dnl ]) @@ -636,8 +285,8 @@ # ------------ AC_DEFUN([AM_DEP_TRACK], [AC_ARG_ENABLE(dependency-tracking, -[ --disable-dependency-tracking Speeds up one-time builds - --enable-dependency-tracking Do not reject slow dependency extractors]) +[ --disable-dependency-tracking speeds up one-time build + --enable-dependency-tracking do not reject slow dependency extractors]) if test "x$enable_dependency_tracking" != xno; then am_depcomp="$ac_aux_dir/depcomp" AMDEPBACKSLASH='\' @@ -646,26 +295,16 @@ AC_SUBST([AMDEPBACKSLASH]) ]) -# Generate code to set up dependency tracking. -*- Autoconf -*- +# Generate code to set up dependency tracking. -*- Autoconf -*- -# Copyright 1999, 2000, 2001, 2002 Free Software Foundation, Inc. - -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 2, or (at your option) -# any later version. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. - -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA -# 02111-1307, USA. +# Copyright (C) 1999, 2000, 2001, 2002, 2003, 2004, 2005 +# Free Software Foundation, Inc. +# +# This file is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. -#serial 2 +#serial 3 # _AM_OUTPUT_DEPENDENCY_COMMANDS # ------------------------------ @@ -684,27 +323,21 @@ else continue fi - grep '^DEP_FILES *= *[[^ @%:@]]' < "$mf" > /dev/null || continue - # Extract the definition of DEP_FILES from the Makefile without - # running `make'. - DEPDIR=`sed -n -e '/^DEPDIR = / s///p' < "$mf"` + # Extract the definition of DEPDIR, am__include, and am__quote + # from the Makefile without running `make'. + DEPDIR=`sed -n 's/^DEPDIR = //p' < "$mf"` test -z "$DEPDIR" && continue + am__include=`sed -n 's/^am__include = //p' < "$mf"` + test -z "am__include" && continue + am__quote=`sed -n 's/^am__quote = //p' < "$mf"` # When using ansi2knr, U may be empty or an underscore; expand it - U=`sed -n -e '/^U = / s///p' < "$mf"` - test -d "$dirpart/$DEPDIR" || mkdir "$dirpart/$DEPDIR" - # We invoke sed twice because it is the simplest approach to - # changing $(DEPDIR) to its actual value in the expansion. - for file in `sed -n -e ' - /^DEP_FILES = .*\\\\$/ { - s/^DEP_FILES = // - :loop - s/\\\\$// - p - n - /\\\\$/ b loop - p - } - /^DEP_FILES = / s/^DEP_FILES = //p' < "$mf" | \ + U=`sed -n 's/^U = //p' < "$mf"` + # Find all dependency output files, they are included files with + # $(DEPDIR) in their names. We invoke sed twice because it is the + # simplest approach to changing $(DEPDIR) to its actual value in the + # expansion. + for file in `sed -n " + s/^$am__include $am__quote\(.*(DEPDIR).*\)$am__quote"'$/\1/p' <"$mf" | \ sed -e 's/\$(DEPDIR)/'"$DEPDIR"'/g' -e 's/\$U/'"$U"'/g'`; do # Make sure the directory exists. test -f "$dirpart/$file" && continue @@ -730,33 +363,215 @@ [AMDEP_TRUE="$AMDEP_TRUE" ac_aux_dir="$ac_aux_dir"]) ]) -# Copyright 2001 Free Software Foundation, Inc. -*- Autoconf -*- +# Copyright (C) 1996, 1997, 2000, 2001, 2003, 2005 +# Free Software Foundation, Inc. +# +# This file is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 2, or (at your option) -# any later version. +# serial 8 -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. - -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA -# 02111-1307, USA. +# AM_CONFIG_HEADER is obsolete. It has been replaced by AC_CONFIG_HEADERS. +AU_DEFUN([AM_CONFIG_HEADER], [AC_CONFIG_HEADERS($@)]) + +# Do all the work for Automake. -*- Autoconf -*- + +# Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005 +# Free Software Foundation, Inc. +# +# This file is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# serial 12 + +# This macro actually does too much. Some checks are only needed if +# your package does certain things. But this isn't really a big deal. + +# AM_INIT_AUTOMAKE(PACKAGE, VERSION, [NO-DEFINE]) +# AM_INIT_AUTOMAKE([OPTIONS]) +# ----------------------------------------------- +# The call with PACKAGE and VERSION arguments is the old style +# call (pre autoconf-2.50), which is being phased out. PACKAGE +# and VERSION should now be passed to AC_INIT and removed from +# the call to AM_INIT_AUTOMAKE. +# We support both call styles for the transition. After +# the next Automake release, Autoconf can make the AC_INIT +# arguments mandatory, and then we can depend on a new Autoconf +# release and drop the old call support. +AC_DEFUN([AM_INIT_AUTOMAKE], +[AC_PREREQ([2.58])dnl +dnl Autoconf wants to disallow AM_ names. We explicitly allow +dnl the ones we care about. +m4_pattern_allow([^AM_[A-Z]+FLAGS$])dnl +AC_REQUIRE([AM_SET_CURRENT_AUTOMAKE_VERSION])dnl +AC_REQUIRE([AC_PROG_INSTALL])dnl +# test to see if srcdir already configured +if test "`cd $srcdir && pwd`" != "`pwd`" && + test -f $srcdir/config.status; then + AC_MSG_ERROR([source directory already configured; run "make distclean" there first]) +fi + +# test whether we have cygpath +if test -z "$CYGPATH_W"; then + if (cygpath --version) >/dev/null 2>/dev/null; then + CYGPATH_W='cygpath -w' + else + CYGPATH_W=echo + fi +fi +AC_SUBST([CYGPATH_W]) + +# Define the identity of the package. +dnl Distinguish between old-style and new-style calls. +m4_ifval([$2], +[m4_ifval([$3], [_AM_SET_OPTION([no-define])])dnl + AC_SUBST([PACKAGE], [$1])dnl + AC_SUBST([VERSION], [$2])], +[_AM_SET_OPTIONS([$1])dnl + AC_SUBST([PACKAGE], ['AC_PACKAGE_TARNAME'])dnl + AC_SUBST([VERSION], ['AC_PACKAGE_VERSION'])])dnl + +_AM_IF_OPTION([no-define],, +[AC_DEFINE_UNQUOTED(PACKAGE, "$PACKAGE", [Name of package]) + AC_DEFINE_UNQUOTED(VERSION, "$VERSION", [Version number of package])])dnl + +# Some tools Automake needs. +AC_REQUIRE([AM_SANITY_CHECK])dnl +AC_REQUIRE([AC_ARG_PROGRAM])dnl +AM_MISSING_PROG(ACLOCAL, aclocal-${am__api_version}) +AM_MISSING_PROG(AUTOCONF, autoconf) +AM_MISSING_PROG(AUTOMAKE, automake-${am__api_version}) +AM_MISSING_PROG(AUTOHEADER, autoheader) +AM_MISSING_PROG(MAKEINFO, makeinfo) +AM_PROG_INSTALL_SH +AM_PROG_INSTALL_STRIP +AC_REQUIRE([AM_PROG_MKDIR_P])dnl +# We need awk for the "check" target. The system "awk" is bad on +# some platforms. +AC_REQUIRE([AC_PROG_AWK])dnl +AC_REQUIRE([AC_PROG_MAKE_SET])dnl +AC_REQUIRE([AM_SET_LEADING_DOT])dnl +_AM_IF_OPTION([tar-ustar], [_AM_PROG_TAR([ustar])], + [_AM_IF_OPTION([tar-pax], [_AM_PROG_TAR([pax])], + [_AM_PROG_TAR([v7])])]) +_AM_IF_OPTION([no-dependencies],, +[AC_PROVIDE_IFELSE([AC_PROG_CC], + [_AM_DEPENDENCIES(CC)], + [define([AC_PROG_CC], + defn([AC_PROG_CC])[_AM_DEPENDENCIES(CC)])])dnl +AC_PROVIDE_IFELSE([AC_PROG_CXX], + [_AM_DEPENDENCIES(CXX)], + [define([AC_PROG_CXX], + defn([AC_PROG_CXX])[_AM_DEPENDENCIES(CXX)])])dnl +]) +]) + + +# When config.status generates a header, we must update the stamp-h file. +# This file resides in the same directory as the config header +# that is generated. The stamp files are numbered to have different names. + +# Autoconf calls _AC_AM_CONFIG_HEADER_HOOK (when defined) in the +# loop where config.status creates the headers, so we can generate +# our stamp files there. +AC_DEFUN([_AC_AM_CONFIG_HEADER_HOOK], +[# Compute $1's index in $config_headers. +_am_stamp_count=1 +for _am_header in $config_headers :; do + case $_am_header in + $1 | $1:* ) + break ;; + * ) + _am_stamp_count=`expr $_am_stamp_count + 1` ;; + esac +done +echo "timestamp for $1" >`AS_DIRNAME([$1])`/stamp-h[]$_am_stamp_count]) + +# Copyright (C) 2001, 2003, 2005 Free Software Foundation, Inc. +# +# This file is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# AM_PROG_INSTALL_SH +# ------------------ +# Define $install_sh. +AC_DEFUN([AM_PROG_INSTALL_SH], +[AC_REQUIRE([AM_AUX_DIR_EXPAND])dnl +install_sh=${install_sh-"$am_aux_dir/install-sh"} +AC_SUBST(install_sh)]) + +# Copyright (C) 2003, 2005 Free Software Foundation, Inc. +# +# This file is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. # serial 2 +# Check whether the underlying file-system supports filenames +# with a leading dot. For instance MS-DOS doesn't. +AC_DEFUN([AM_SET_LEADING_DOT], +[rm -rf .tst 2>/dev/null +mkdir .tst 2>/dev/null +if test -d .tst; then + am__leading_dot=. +else + am__leading_dot=_ +fi +rmdir .tst 2>/dev/null +AC_SUBST([am__leading_dot])]) + +# Add --enable-maintainer-mode option to configure. -*- Autoconf -*- +# From Jim Meyering + +# Copyright (C) 1996, 1998, 2000, 2001, 2002, 2003, 2004, 2005 +# Free Software Foundation, Inc. +# +# This file is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# serial 4 + +AC_DEFUN([AM_MAINTAINER_MODE], +[AC_MSG_CHECKING([whether to enable maintainer-specific portions of Makefiles]) + dnl maintainer-mode is disabled by default + AC_ARG_ENABLE(maintainer-mode, +[ --enable-maintainer-mode enable make rules and dependencies not useful + (and sometimes confusing) to the casual installer], + USE_MAINTAINER_MODE=$enableval, + USE_MAINTAINER_MODE=no) + AC_MSG_RESULT([$USE_MAINTAINER_MODE]) + AM_CONDITIONAL(MAINTAINER_MODE, [test $USE_MAINTAINER_MODE = yes]) + MAINT=$MAINTAINER_MODE_TRUE + AC_SUBST(MAINT)dnl +] +) + +AU_DEFUN([jm_MAINTAINER_MODE], [AM_MAINTAINER_MODE]) + +# Check to see how 'make' treats includes. -*- Autoconf -*- + +# Copyright (C) 2001, 2002, 2003, 2005 Free Software Foundation, Inc. +# +# This file is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# serial 3 + # AM_MAKE_INCLUDE() # ----------------- # Check to see how make treats includes. AC_DEFUN([AM_MAKE_INCLUDE], [am_make=${MAKE-make} cat > confinc << 'END' -doit: +am__doit: @echo done +.PHONY: am__doit END # If we don't find an include directive, just comment out the code. AC_MSG_CHECKING([for style of include used by $am_make]) @@ -770,7 +585,7 @@ # In particular we don't look at `^make:' because GNU make might # be invoked under some other name (usually "gmake"), in which # case it prints its new name instead of `make'. -if test "`$am_make -s -f confmf 2> /dev/null | fgrep -v 'ing directory'`" = "done"; then +if test "`$am_make -s -f confmf 2> /dev/null | grep -v 'ing directory'`" = "done"; then am__include=include am__quote= _am_result=GNU @@ -784,159 +599,316 @@ _am_result=BSD fi fi -AC_SUBST(am__include) -AC_SUBST(am__quote) -AC_MSG_RESULT($_am_result) +AC_SUBST([am__include]) +AC_SUBST([am__quote]) +AC_MSG_RESULT([$_am_result]) rm -f confinc confmf ]) -# AM_CONDITIONAL -*- Autoconf -*- +# Fake the existence of programs that GNU maintainers use. -*- Autoconf -*- + +# Copyright (C) 1997, 1999, 2000, 2001, 2003, 2005 +# Free Software Foundation, Inc. +# +# This file is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. -# Copyright 1997, 2000, 2001 Free Software Foundation, Inc. +# serial 4 -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 2, or (at your option) -# any later version. +# AM_MISSING_PROG(NAME, PROGRAM) +# ------------------------------ +AC_DEFUN([AM_MISSING_PROG], +[AC_REQUIRE([AM_MISSING_HAS_RUN]) +$1=${$1-"${am_missing_run}$2"} +AC_SUBST($1)]) -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. - -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA -# 02111-1307, USA. -# serial 5 +# AM_MISSING_HAS_RUN +# ------------------ +# Define MISSING if not defined so far and test if it supports --run. +# If it does, set am_missing_run to use it, otherwise, to nothing. +AC_DEFUN([AM_MISSING_HAS_RUN], +[AC_REQUIRE([AM_AUX_DIR_EXPAND])dnl +test x"${MISSING+set}" = xset || MISSING="\${SHELL} $am_aux_dir/missing" +# Use eval to expand $SHELL +if eval "$MISSING --run true"; then + am_missing_run="$MISSING --run " +else + am_missing_run= + AC_MSG_WARN([`missing' script is too old or missing]) +fi +]) -AC_PREREQ(2.52) +# Copyright (C) 2003, 2004, 2005 Free Software Foundation, Inc. +# +# This file is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. -# AM_CONDITIONAL(NAME, SHELL-CONDITION) -# ------------------------------------- -# Define a conditional. -AC_DEFUN([AM_CONDITIONAL], -[ifelse([$1], [TRUE], [AC_FATAL([$0: invalid condition: $1])], - [$1], [FALSE], [AC_FATAL([$0: invalid condition: $1])])dnl -AC_SUBST([$1_TRUE]) -AC_SUBST([$1_FALSE]) -if $2; then - $1_TRUE= - $1_FALSE='#' +# AM_PROG_MKDIR_P +# --------------- +# Check whether `mkdir -p' is supported, fallback to mkinstalldirs otherwise. +# +# Automake 1.8 used `mkdir -m 0755 -p --' to ensure that directories +# created by `make install' are always world readable, even if the +# installer happens to have an overly restrictive umask (e.g. 077). +# This was a mistake. There are at least two reasons why we must not +# use `-m 0755': +# - it causes special bits like SGID to be ignored, +# - it may be too restrictive (some setups expect 775 directories). +# +# Do not use -m 0755 and let people choose whatever they expect by +# setting umask. +# +# We cannot accept any implementation of `mkdir' that recognizes `-p'. +# Some implementations (such as Solaris 8's) are not thread-safe: if a +# parallel make tries to run `mkdir -p a/b' and `mkdir -p a/c' +# concurrently, both version can detect that a/ is missing, but only +# one can create it and the other will error out. Consequently we +# restrict ourselves to GNU make (using the --version option ensures +# this.) +AC_DEFUN([AM_PROG_MKDIR_P], +[if mkdir -p --version . >/dev/null 2>&1 && test ! -d ./--version; then + # We used to keeping the `.' as first argument, in order to + # allow $(mkdir_p) to be used without argument. As in + # $(mkdir_p) $(somedir) + # where $(somedir) is conditionally defined. However this is wrong + # for two reasons: + # 1. if the package is installed by a user who cannot write `.' + # make install will fail, + # 2. the above comment should most certainly read + # $(mkdir_p) $(DESTDIR)$(somedir) + # so it does not work when $(somedir) is undefined and + # $(DESTDIR) is not. + # To support the latter case, we have to write + # test -z "$(somedir)" || $(mkdir_p) $(DESTDIR)$(somedir), + # so the `.' trick is pointless. + mkdir_p='mkdir -p --' else - $1_TRUE='#' - $1_FALSE= + # On NextStep and OpenStep, the `mkdir' command does not + # recognize any option. It will interpret all options as + # directories to create, and then abort because `.' already + # exists. + for d in ./-p ./--version; + do + test -d $d && rmdir $d + done + # $(mkinstalldirs) is defined by Automake if mkinstalldirs exists. + if test -f "$ac_aux_dir/mkinstalldirs"; then + mkdir_p='$(mkinstalldirs)' + else + mkdir_p='$(install_sh) -d' + fi fi -AC_CONFIG_COMMANDS_PRE( -[if test -z "${$1_TRUE}" && test -z "${$1_FALSE}"; then - AC_MSG_ERROR([conditional \"$1\" was never defined. -Usually this means the macro was only invoked conditionally.]) -fi])]) +AC_SUBST([mkdir_p])]) + +# Helper functions for option handling. -*- Autoconf -*- +# Copyright (C) 2001, 2002, 2003, 2005 Free Software Foundation, Inc. +# +# This file is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. -# Copyright 1996, 1997, 1999, 2000, 2001 Free Software Foundation, Inc. +# serial 3 -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 2, or (at your option) -# any later version. +# _AM_MANGLE_OPTION(NAME) +# ----------------------- +AC_DEFUN([_AM_MANGLE_OPTION], +[[_AM_OPTION_]m4_bpatsubst($1, [[^a-zA-Z0-9_]], [_])]) -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. - -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA -# 02111-1307, USA. - -# serial 1 - -# @defmac AC_PROG_CC_STDC -# @maindex PROG_CC_STDC -# @ovindex CC -# If the C compiler in not in ANSI C mode by default, try to add an option -# to output variable @code{CC} to make it so. This macro tries various -# options that select ANSI C on some system or another. It considers the -# compiler to be in ANSI C mode if it handles function prototypes correctly. -# -# If you use this macro, you should check after calling it whether the C -# compiler has been set to accept ANSI C; if not, the shell variable -# @code{am_cv_prog_cc_stdc} is set to @samp{no}. If you wrote your source -# code in ANSI C, you can make an un-ANSIfied copy of it by using the -# program @code{ansi2knr}, which comes with Ghostscript. -# @end defmac - -AC_DEFUN([AM_PROG_CC_STDC], -[AC_REQUIRE([AC_PROG_CC]) -AC_BEFORE([$0], [AC_C_INLINE]) -AC_BEFORE([$0], [AC_C_CONST]) -dnl Force this before AC_PROG_CPP. Some cpp's, eg on HPUX, require -dnl a magic option to avoid problems with ANSI preprocessor commands -dnl like #elif. -dnl FIXME: can't do this because then AC_AIX won't work due to a -dnl circular dependency. -dnl AC_BEFORE([$0], [AC_PROG_CPP]) -AC_MSG_CHECKING([for ${CC-cc} option to accept ANSI C]) -AC_CACHE_VAL(am_cv_prog_cc_stdc, -[am_cv_prog_cc_stdc=no -ac_save_CC="$CC" -# Don't try gcc -ansi; that turns off useful extensions and -# breaks some systems' header files. -# AIX -qlanglvl=ansi -# Ultrix and OSF/1 -std1 -# HP-UX 10.20 and later -Ae -# HP-UX older versions -Aa -D_HPUX_SOURCE -# SVR4 -Xc -D__EXTENSIONS__ -for ac_arg in "" -qlanglvl=ansi -std1 -Ae "-Aa -D_HPUX_SOURCE" "-Xc -D__EXTENSIONS__" -do - CC="$ac_save_CC $ac_arg" - AC_TRY_COMPILE( -[#include -#include -#include -#include -/* Most of the following tests are stolen from RCS 5.7's src/conf.sh. */ -struct buf { int x; }; -FILE * (*rcsopen) (struct buf *, struct stat *, int); -static char *e (p, i) - char **p; - int i; -{ - return p[i]; -} -static char *f (char * (*g) (char **, int), char **p, ...) -{ - char *s; - va_list v; - va_start (v,p); - s = g (p, va_arg (v,int)); - va_end (v); - return s; -} -int test (int i, double x); -struct s1 {int (*f) (int a);}; -struct s2 {int (*f) (double a);}; -int pairnames (int, char **, FILE *(*)(struct buf *, struct stat *, int), int, int); -int argc; -char **argv; -], [ -return f (e, argv, 0) != argv[0] || f (e, argv, 1) != argv[1]; -], -[am_cv_prog_cc_stdc="$ac_arg"; break]) -done -CC="$ac_save_CC" -]) -if test -z "$am_cv_prog_cc_stdc"; then - AC_MSG_RESULT([none needed]) +# _AM_SET_OPTION(NAME) +# ------------------------------ +# Set option NAME. Presently that only means defining a flag for this option. +AC_DEFUN([_AM_SET_OPTION], +[m4_define(_AM_MANGLE_OPTION([$1]), 1)]) + +# _AM_SET_OPTIONS(OPTIONS) +# ---------------------------------- +# OPTIONS is a space-separated list of Automake options. +AC_DEFUN([_AM_SET_OPTIONS], +[AC_FOREACH([_AM_Option], [$1], [_AM_SET_OPTION(_AM_Option)])]) + +# _AM_IF_OPTION(OPTION, IF-SET, [IF-NOT-SET]) +# ------------------------------------------- +# Execute IF-SET if OPTION is set, IF-NOT-SET otherwise. +AC_DEFUN([_AM_IF_OPTION], +[m4_ifset(_AM_MANGLE_OPTION([$1]), [$2], [$3])]) + +# Check to make sure that the build environment is sane. -*- Autoconf -*- + +# Copyright (C) 1996, 1997, 2000, 2001, 2003, 2005 +# Free Software Foundation, Inc. +# +# This file is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# serial 4 + +# AM_SANITY_CHECK +# --------------- +AC_DEFUN([AM_SANITY_CHECK], +[AC_MSG_CHECKING([whether build environment is sane]) +# Just in case +sleep 1 +echo timestamp > conftest.file +# Do `set' in a subshell so we don't clobber the current shell's +# arguments. Must try -L first in case configure is actually a +# symlink; some systems play weird games with the mod time of symlinks +# (eg FreeBSD returns the mod time of the symlink's containing +# directory). +if ( + set X `ls -Lt $srcdir/configure conftest.file 2> /dev/null` + if test "$[*]" = "X"; then + # -L didn't work. + set X `ls -t $srcdir/configure conftest.file` + fi + rm -f conftest.file + if test "$[*]" != "X $srcdir/configure conftest.file" \ + && test "$[*]" != "X conftest.file $srcdir/configure"; then + + # If neither matched, then we have a broken ls. This can happen + # if, for instance, CONFIG_SHELL is bash and it inherits a + # broken ls alias from the environment. This has actually + # happened. Such a system could not be considered "sane". + AC_MSG_ERROR([ls -t appears to fail. Make sure there is not a broken +alias in your environment]) + fi + + test "$[2]" = conftest.file + ) +then + # Ok. + : else - AC_MSG_RESULT([$am_cv_prog_cc_stdc]) + AC_MSG_ERROR([newly created file is older than distributed files! +Check your system clock]) fi -case "x$am_cv_prog_cc_stdc" in - x|xno) ;; - *) CC="$CC $am_cv_prog_cc_stdc" ;; -esac -]) +AC_MSG_RESULT(yes)]) + +# Copyright (C) 2001, 2003, 2005 Free Software Foundation, Inc. +# +# This file is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# AM_PROG_INSTALL_STRIP +# --------------------- +# One issue with vendor `install' (even GNU) is that you can't +# specify the program used to strip binaries. This is especially +# annoying in cross-compiling environments, where the build's strip +# is unlikely to handle the host's binaries. +# Fortunately install-sh will honor a STRIPPROG variable, so we +# always use install-sh in `make install-strip', and initialize +# STRIPPROG with the value of the STRIP variable (set by the user). +AC_DEFUN([AM_PROG_INSTALL_STRIP], +[AC_REQUIRE([AM_PROG_INSTALL_SH])dnl +# Installed binaries are usually stripped using `strip' when the user +# run `make install-strip'. However `strip' might not be the right +# tool to use in cross-compilation environments, therefore Automake +# will honor the `STRIP' environment variable to overrule this program. +dnl Don't test for $cross_compiling = yes, because it might be `maybe'. +if test "$cross_compiling" != no; then + AC_CHECK_TOOL([STRIP], [strip], :) +fi +INSTALL_STRIP_PROGRAM="\${SHELL} \$(install_sh) -c -s" +AC_SUBST([INSTALL_STRIP_PROGRAM])]) + +# Check how to create a tarball. -*- Autoconf -*- + +# Copyright (C) 2004, 2005 Free Software Foundation, Inc. +# +# This file is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# serial 2 + +# _AM_PROG_TAR(FORMAT) +# -------------------- +# Check how to create a tarball in format FORMAT. +# FORMAT should be one of `v7', `ustar', or `pax'. +# +# Substitute a variable $(am__tar) that is a command +# writing to stdout a FORMAT-tarball containing the directory +# $tardir. +# tardir=directory && $(am__tar) > result.tar +# +# Substitute a variable $(am__untar) that extract such +# a tarball read from stdin. +# $(am__untar) < result.tar +AC_DEFUN([_AM_PROG_TAR], +[# Always define AMTAR for backward compatibility. +AM_MISSING_PROG([AMTAR], [tar]) +m4_if([$1], [v7], + [am__tar='${AMTAR} chof - "$$tardir"'; am__untar='${AMTAR} xf -'], + [m4_case([$1], [ustar],, [pax],, + [m4_fatal([Unknown tar format])]) +AC_MSG_CHECKING([how to create a $1 tar archive]) +# Loop over all known methods to create a tar archive until one works. +_am_tools='gnutar m4_if([$1], [ustar], [plaintar]) pax cpio none' +_am_tools=${am_cv_prog_tar_$1-$_am_tools} +# Do not fold the above two line into one, because Tru64 sh and +# Solaris sh will not grok spaces in the rhs of `-'. +for _am_tool in $_am_tools +do + case $_am_tool in + gnutar) + for _am_tar in tar gnutar gtar; + do + AM_RUN_LOG([$_am_tar --version]) && break + done + am__tar="$_am_tar --format=m4_if([$1], [pax], [posix], [$1]) -chf - "'"$$tardir"' + am__tar_="$_am_tar --format=m4_if([$1], [pax], [posix], [$1]) -chf - "'"$tardir"' + am__untar="$_am_tar -xf -" + ;; + plaintar) + # Must skip GNU tar: if it does not support --format= it doesn't create + # ustar tarball either. + (tar --version) >/dev/null 2>&1 && continue + am__tar='tar chf - "$$tardir"' + am__tar_='tar chf - "$tardir"' + am__untar='tar xf -' + ;; + pax) + am__tar='pax -L -x $1 -w "$$tardir"' + am__tar_='pax -L -x $1 -w "$tardir"' + am__untar='pax -r' + ;; + cpio) + am__tar='find "$$tardir" -print | cpio -o -H $1 -L' + am__tar_='find "$tardir" -print | cpio -o -H $1 -L' + am__untar='cpio -i -H $1 -d' + ;; + none) + am__tar=false + am__tar_=false + am__untar=false + ;; + esac + + # If the value was cached, stop now. We just wanted to have am__tar + # and am__untar set. + test -n "${am_cv_prog_tar_$1}" && break + + # tar/untar a dummy directory, and stop if the command works + rm -rf conftest.dir + mkdir conftest.dir + echo GrepMe > conftest.dir/file + AM_RUN_LOG([tardir=conftest.dir && eval $am__tar_ >conftest.tar]) + rm -rf conftest.dir + if test -s conftest.tar; then + AM_RUN_LOG([$am__untar /dev/null 2>&1 && break + fi +done +rm -rf conftest.dir + +AC_CACHE_VAL([am_cv_prog_tar_$1], [am_cv_prog_tar_$1=$_am_tool]) +AC_MSG_RESULT([$am_cv_prog_tar_$1])]) +AC_SUBST([am__tar]) +AC_SUBST([am__untar]) +]) # _AM_PROG_TAR --- snort-2.3.3.orig/snort.8 +++ snort-2.3.3/snort.8 @@ -247,7 +247,7 @@ Show the version number and exit. .IP -X Dump the raw packet data starting at the link layer. This switch overrides the -'-d' switch. +\&'-d' switch. .IP -y Include the year in alert and log files .IP -z --- snort-2.3.3.orig/config.sub +++ snort-2.3.3/config.sub @@ -1,9 +1,9 @@ #! /bin/sh # Configuration validation subroutine script. # Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, -# 2000, 2001, 2002 Free Software Foundation, Inc. +# 2000, 2001, 2002, 2003, 2004, 2005 Free Software Foundation, Inc. -timestamp='2002-01-02' +timestamp='2005-07-08' # This file is (in principle) common to ALL GNU software. # The presence of a machine in this file suggests that SOME GNU software @@ -21,14 +21,15 @@ # # You should have received a copy of the GNU General Public License # along with this program; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place - Suite 330, -# Boston, MA 02111-1307, USA. - +# Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA +# 02110-1301, USA. +# # As a special exception to the GNU General Public License, if you # distribute this file as part of a program that contains a # configuration script generated by Autoconf, you may include it under # the same distribution terms that you use for the rest of that program. + # Please send patches to . Submit a context # diff and a properly formatted ChangeLog entry. # @@ -70,7 +71,7 @@ version="\ GNU config.sub ($timestamp) -Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001 +Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005 Free Software Foundation, Inc. This is free software; see the source for copying conditions. There is NO @@ -83,11 +84,11 @@ while test $# -gt 0 ; do case $1 in --time-stamp | --time* | -t ) - echo "$timestamp" ; exit 0 ;; + echo "$timestamp" ; exit ;; --version | -v ) - echo "$version" ; exit 0 ;; + echo "$version" ; exit ;; --help | --h* | -h ) - echo "$usage"; exit 0 ;; + echo "$usage"; exit ;; -- ) # Stop option processing shift; break ;; - ) # Use stdin as input. @@ -99,7 +100,7 @@ *local*) # First pass through any local machine types. echo $1 - exit 0;; + exit ;; * ) break ;; @@ -118,7 +119,8 @@ # Here we must recognize all the valid KERNEL-OS combinations. maybe_os=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\2/'` case $maybe_os in - nto-qnx* | linux-gnu* | storm-chaos* | os2-emx* | windows32-*) + nto-qnx* | linux-gnu* | linux-dietlibc | linux-uclibc* | uclinux-uclibc* | uclinux-gnu* | \ + kfreebsd*-gnu* | knetbsd*-gnu* | netbsd*-gnu* | storm-chaos* | os2-emx* | rtmk-nova*) os=-$maybe_os basic_machine=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\1/'` ;; @@ -144,7 +146,7 @@ -convergent* | -ncr* | -news | -32* | -3600* | -3100* | -hitachi* |\ -c[123]* | -convex* | -sun | -crds | -omron* | -dg | -ultra | -tti* | \ -harris | -dolphin | -highlevel | -gould | -cbm | -ns | -masscomp | \ - -apple | -axis) + -apple | -axis | -knuth | -cray) os= basic_machine=$1 ;; @@ -228,34 +230,55 @@ | a29k \ | alpha | alphaev[4-8] | alphaev56 | alphaev6[78] | alphapca5[67] \ | alpha64 | alpha64ev[4-8] | alpha64ev56 | alpha64ev6[78] | alpha64pca5[67] \ + | am33_2.0 \ | arc | arm | arm[bl]e | arme[lb] | armv[2345] | armv[345][lb] | avr \ + | bfin \ | c4x | clipper \ - | d10v | d30v | dsp16xx \ - | fr30 \ + | d10v | d30v | dlx | dsp16xx \ + | fr30 | frv \ | h8300 | h8500 | hppa | hppa1.[01] | hppa2.0 | hppa2.0[nw] | hppa64 \ | i370 | i860 | i960 | ia64 \ - | m32r | m68000 | m68k | m88k | mcore \ - | mips16 | mips64 | mips64el | mips64orion | mips64orionel \ - | mips64vr4100 | mips64vr4100el | mips64vr4300 \ - | mips64vr4300el | mips64vr5000 | mips64vr5000el \ - | mipsbe | mipseb | mipsel | mipsle | mipstx39 | mipstx39el \ - | mipsisa32 \ + | ip2k | iq2000 \ + | m32r | m32rle | m68000 | m68k | m88k | maxq | mcore \ + | mips | mipsbe | mipseb | mipsel | mipsle \ + | mips16 \ + | mips64 | mips64el \ + | mips64vr | mips64vrel \ + | mips64orion | mips64orionel \ + | mips64vr4100 | mips64vr4100el \ + | mips64vr4300 | mips64vr4300el \ + | mips64vr5000 | mips64vr5000el \ + | mips64vr5900 | mips64vr5900el \ + | mipsisa32 | mipsisa32el \ + | mipsisa32r2 | mipsisa32r2el \ + | mipsisa64 | mipsisa64el \ + | mipsisa64r2 | mipsisa64r2el \ + | mipsisa64sb1 | mipsisa64sb1el \ + | mipsisa64sr71k | mipsisa64sr71kel \ + | mipstx39 | mipstx39el \ | mn10200 | mn10300 \ + | ms1 \ + | msp430 \ | ns16k | ns32k \ - | openrisc \ + | or32 \ | pdp10 | pdp11 | pj | pjl \ | powerpc | powerpc64 | powerpc64le | powerpcle | ppcbe \ | pyramid \ - | sh | sh[34] | sh[34]eb | shbe | shle \ - | sparc | sparc64 | sparclet | sparclite | sparcv9 | sparcv9b \ + | sh | sh[1234] | sh[24]a | sh[23]e | sh[34]eb | shbe | shle | sh[1234]le | sh3ele \ + | sh64 | sh64le \ + | sparc | sparc64 | sparc64b | sparc86x | sparclet | sparclite \ + | sparcv8 | sparcv9 | sparcv9b \ | strongarm \ - | tahoe | thumb | tic80 | tron \ + | tahoe | thumb | tic4x | tic80 | tron \ | v850 | v850e \ | we32k \ - | x86 | xscale | xstormy16 | xtensa \ + | x86 | xscale | xscalee[bl] | xstormy16 | xtensa \ | z8k) basic_machine=$basic_machine-unknown ;; + m32c) + basic_machine=$basic_machine-unknown + ;; m6811 | m68hc11 | m6812 | m68hc12) # Motorola 68HC11/12. basic_machine=$basic_machine-unknown @@ -281,41 +304,63 @@ | alpha-* | alphaev[4-8]-* | alphaev56-* | alphaev6[78]-* \ | alpha64-* | alpha64ev[4-8]-* | alpha64ev56-* | alpha64ev6[78]-* \ | alphapca5[67]-* | alpha64pca5[67]-* | arc-* \ - | arm-* | armbe-* | armle-* | armv*-* \ + | arm-* | armbe-* | armle-* | armeb-* | armv*-* \ | avr-* \ - | bs2000-* \ - | c[123]* | c30-* | [cjt]90-* | c54x-* \ - | clipper-* | cray2-* | cydra-* \ - | d10v-* | d30v-* \ + | bfin-* | bs2000-* \ + | c[123]* | c30-* | [cjt]90-* | c4x-* | c54x-* | c55x-* | c6x-* \ + | clipper-* | craynv-* | cydra-* \ + | d10v-* | d30v-* | dlx-* \ | elxsi-* \ - | f30[01]-* | f700-* | fr30-* | fx80-* \ + | f30[01]-* | f700-* | fr30-* | frv-* | fx80-* \ | h8300-* | h8500-* \ | hppa-* | hppa1.[01]-* | hppa2.0-* | hppa2.0[nw]-* | hppa64-* \ | i*86-* | i860-* | i960-* | ia64-* \ - | m32r-* \ - | m68000-* | m680[01234]0-* | m68360-* | m683?2-* | m68k-* \ - | m88110-* | m88k-* | mcore-* \ - | mips-* | mips16-* | mips64-* | mips64el-* | mips64orion-* \ - | mips64orionel-* | mips64vr4100-* | mips64vr4100el-* \ - | mips64vr4300-* | mips64vr4300el-* | mipsbe-* | mipseb-* \ - | mipsle-* | mipsel-* | mipstx39-* | mipstx39el-* \ + | ip2k-* | iq2000-* \ + | m32r-* | m32rle-* \ + | m68000-* | m680[012346]0-* | m68360-* | m683?2-* | m68k-* \ + | m88110-* | m88k-* | maxq-* | mcore-* \ + | mips-* | mipsbe-* | mipseb-* | mipsel-* | mipsle-* \ + | mips16-* \ + | mips64-* | mips64el-* \ + | mips64vr-* | mips64vrel-* \ + | mips64orion-* | mips64orionel-* \ + | mips64vr4100-* | mips64vr4100el-* \ + | mips64vr4300-* | mips64vr4300el-* \ + | mips64vr5000-* | mips64vr5000el-* \ + | mips64vr5900-* | mips64vr5900el-* \ + | mipsisa32-* | mipsisa32el-* \ + | mipsisa32r2-* | mipsisa32r2el-* \ + | mipsisa64-* | mipsisa64el-* \ + | mipsisa64r2-* | mipsisa64r2el-* \ + | mipsisa64sb1-* | mipsisa64sb1el-* \ + | mipsisa64sr71k-* | mipsisa64sr71kel-* \ + | mipstx39-* | mipstx39el-* \ + | mmix-* \ + | ms1-* \ + | msp430-* \ | none-* | np1-* | ns16k-* | ns32k-* \ | orion-* \ | pdp10-* | pdp11-* | pj-* | pjl-* | pn-* | power-* \ | powerpc-* | powerpc64-* | powerpc64le-* | powerpcle-* | ppcbe-* \ | pyramid-* \ | romp-* | rs6000-* \ - | sh-* | sh[34]-* | sh[34]eb-* | shbe-* | shle-* \ - | sparc-* | sparc64-* | sparc86x-* | sparclite-* \ - | sparcv9-* | sparcv9b-* | strongarm-* | sv1-* \ - | t3e-* | tahoe-* | thumb-* | tic30-* | tic54x-* | tic80-* | tron-* \ + | sh-* | sh[1234]-* | sh[24]a-* | sh[23]e-* | sh[34]eb-* | shbe-* \ + | shle-* | sh[1234]le-* | sh3ele-* | sh64-* | sh64le-* \ + | sparc-* | sparc64-* | sparc64b-* | sparc86x-* | sparclet-* \ + | sparclite-* \ + | sparcv8-* | sparcv9-* | sparcv9b-* | strongarm-* | sv1-* | sx?-* \ + | tahoe-* | thumb-* \ + | tic30-* | tic4x-* | tic54x-* | tic55x-* | tic6x-* | tic80-* \ + | tron-* \ | v850-* | v850e-* | vax-* \ | we32k-* \ - | x86-* | x86_64-* | xmp-* | xps100-* | xscale-* | xstormy16-* \ - | xtensa-* \ + | x86-* | x86_64-* | xps100-* | xscale-* | xscalee[bl]-* \ + | xstormy16-* | xtensa-* \ | ymp-* \ | z8k-*) ;; + m32c-*) + ;; # Recognize the various machine names and aliases which stand # for a CPU type and a company and sometimes even an OS. 386bsd) @@ -332,6 +377,9 @@ basic_machine=a29k-amd os=-udi ;; + abacus) + basic_machine=abacus-unknown + ;; adobe68k) basic_machine=m68010-adobe os=-scout @@ -346,6 +394,12 @@ basic_machine=a29k-none os=-bsd ;; + amd64) + basic_machine=x86_64-pc + ;; + amd64-*) + basic_machine=x86_64-`echo $basic_machine | sed 's/^[^-]*-//'` + ;; amdahl) basic_machine=580-amdahl os=-sysv @@ -377,6 +431,10 @@ basic_machine=ns32k-sequent os=-dynix ;; + c90) + basic_machine=c90-cray + os=-unicos + ;; convex-c1) basic_machine=c1-convex os=-bsd @@ -397,24 +455,31 @@ basic_machine=c38-convex os=-bsd ;; - cray | ymp) - basic_machine=ymp-cray + cray | j90) + basic_machine=j90-cray os=-unicos ;; - cray2) - basic_machine=cray2-cray - os=-unicos + craynv) + basic_machine=craynv-cray + os=-unicosmp ;; - [cjt]90) - basic_machine=${basic_machine}-cray - os=-unicos + cr16c) + basic_machine=cr16c-unknown + os=-elf ;; crds | unos) basic_machine=m68k-crds ;; + crisv32 | crisv32-* | etraxfs*) + basic_machine=crisv32-axis + ;; cris | cris-* | etrax*) basic_machine=cris-axis ;; + crx) + basic_machine=crx-unknown + os=-elf + ;; da30 | da30-*) basic_machine=m68k-da30 ;; @@ -437,6 +502,10 @@ basic_machine=m88k-motorola os=-sysv3 ;; + djgpp) + basic_machine=i586-pc + os=-msdosdjgpp + ;; dpx20 | dpx20-*) basic_machine=rs6000-bull os=-bosx @@ -609,24 +678,12 @@ basic_machine=m68k-atari os=-mint ;; - mipsel*-linux*) - basic_machine=mipsel-unknown - os=-linux-gnu - ;; - mips*-linux*) - basic_machine=mips-unknown - os=-linux-gnu - ;; mips3*-*) basic_machine=`echo $basic_machine | sed -e 's/mips3/mips64/'` ;; mips3*) basic_machine=`echo $basic_machine | sed -e 's/mips3/mips64/'`-unknown ;; - mmix*) - basic_machine=mmix-knuth - os=-mmixware - ;; monitor) basic_machine=m68k-rom68k os=-coff @@ -714,6 +771,13 @@ basic_machine=hppa1.1-oki os=-proelf ;; + openrisc | openrisc-*) + basic_machine=or32-unknown + ;; + os400) + basic_machine=powerpc-ibm + os=-os400 + ;; OSE68000 | ose68000) basic_machine=m68000-ericsson os=-ose @@ -736,49 +800,55 @@ pbb) basic_machine=m68k-tti ;; - pc532 | pc532-*) + pc532 | pc532-*) basic_machine=ns32k-pc532 ;; pentium | p5 | k5 | k6 | nexgen | viac3) basic_machine=i586-pc ;; - pentiumpro | p6 | 6x86 | athlon) + pentiumpro | p6 | 6x86 | athlon | athlon_*) basic_machine=i686-pc ;; - pentiumii | pentium2) + pentiumii | pentium2 | pentiumiii | pentium3) basic_machine=i686-pc ;; + pentium4) + basic_machine=i786-pc + ;; pentium-* | p5-* | k5-* | k6-* | nexgen-* | viac3-*) basic_machine=i586-`echo $basic_machine | sed 's/^[^-]*-//'` ;; pentiumpro-* | p6-* | 6x86-* | athlon-*) basic_machine=i686-`echo $basic_machine | sed 's/^[^-]*-//'` ;; - pentiumii-* | pentium2-*) + pentiumii-* | pentium2-* | pentiumiii-* | pentium3-*) basic_machine=i686-`echo $basic_machine | sed 's/^[^-]*-//'` ;; + pentium4-*) + basic_machine=i786-`echo $basic_machine | sed 's/^[^-]*-//'` + ;; pn) basic_machine=pn-gould ;; power) basic_machine=power-ibm ;; ppc) basic_machine=powerpc-unknown - ;; + ;; ppc-*) basic_machine=powerpc-`echo $basic_machine | sed 's/^[^-]*-//'` ;; ppcle | powerpclittle | ppc-le | powerpc-little) basic_machine=powerpcle-unknown - ;; + ;; ppcle-* | powerpclittle-*) basic_machine=powerpcle-`echo $basic_machine | sed 's/^[^-]*-//'` ;; ppc64) basic_machine=powerpc64-unknown - ;; + ;; ppc64-*) basic_machine=powerpc64-`echo $basic_machine | sed 's/^[^-]*-//'` ;; ppc64le | powerpc64little | ppc64-le | powerpc64-little) basic_machine=powerpc64le-unknown - ;; + ;; ppc64le-* | powerpc64little-*) basic_machine=powerpc64le-`echo $basic_machine | sed 's/^[^-]*-//'` ;; @@ -809,6 +879,16 @@ basic_machine=a29k-amd os=-udi ;; + sb1) + basic_machine=mipsisa64sb1-unknown + ;; + sb1el) + basic_machine=mipsisa64sb1el-unknown + ;; + sei) + basic_machine=mips-sei + os=-seiux + ;; sequent) basic_machine=i386-sequent ;; @@ -816,6 +896,9 @@ basic_machine=sh-hitachi os=-hms ;; + sh64) + basic_machine=sh64-unknown + ;; sparclite-wrs | simso-wrs) basic_machine=sparclite-wrs os=-vxworks @@ -883,13 +966,25 @@ os=-dynix ;; t3e) - basic_machine=t3e-cray + basic_machine=alphaev5-cray + os=-unicos + ;; + t90) + basic_machine=t90-cray os=-unicos ;; tic54x | c54x*) basic_machine=tic54x-unknown os=-coff ;; + tic55x | c55x*) + basic_machine=tic55x-unknown + os=-coff + ;; + tic6x | c6x*) + basic_machine=tic6x-unknown + os=-coff + ;; tx39) basic_machine=mipstx39-unknown ;; @@ -903,6 +998,10 @@ tower | tower-32) basic_machine=m68k-ncr ;; + tpf) + basic_machine=s390x-ibm + os=-tpf + ;; udi29k) basic_machine=a29k-amd os=-udi @@ -924,8 +1023,8 @@ os=-vms ;; vpp*|vx|vx-*) - basic_machine=f301-fujitsu - ;; + basic_machine=f301-fujitsu + ;; vxworks960) basic_machine=i960-wrs os=-vxworks @@ -946,17 +1045,17 @@ basic_machine=hppa1.1-winbond os=-proelf ;; - windows32) - basic_machine=i386-pc - os=-windows32-msvcrt - ;; - xmp) - basic_machine=xmp-cray - os=-unicos + xbox) + basic_machine=i686-pc + os=-mingw32 ;; - xps | xps100) + xps | xps100) basic_machine=xps100-honeywell ;; + ymp) + basic_machine=ymp-cray + os=-unicos + ;; z8k-*-coff) basic_machine=z8k-unknown os=-sim @@ -977,16 +1076,12 @@ op60c) basic_machine=hppa1.1-oki ;; - mips) - if [ x$os = x-linux-gnu ]; then - basic_machine=mips-unknown - else - basic_machine=mips-mips - fi - ;; romp) basic_machine=romp-ibm ;; + mmix) + basic_machine=mmix-knuth + ;; rs6000) basic_machine=rs6000-ibm ;; @@ -1003,13 +1098,13 @@ we32k) basic_machine=we32k-att ;; - sh3 | sh4 | sh3eb | sh4eb) + sh[1234] | sh[24]a | sh[34]eb | sh[1234]le | sh[23]ele) basic_machine=sh-unknown ;; - sparc | sparcv9 | sparcv9b) + sparc | sparcv8 | sparcv9 | sparcv9b) basic_machine=sparc-sun ;; - cydra) + cydra) basic_machine=cydra-cydrome ;; orion) @@ -1024,10 +1119,6 @@ pmac | pmac-mpw) basic_machine=powerpc-apple ;; - c4x*) - basic_machine=c4x-none - os=-coff - ;; *-unknown) # Make sure to match an already-canonicalized machine name. ;; @@ -1083,17 +1174,21 @@ | -aos* \ | -nindy* | -vxsim* | -vxworks* | -ebmon* | -hms* | -mvs* \ | -clix* | -riscos* | -uniplus* | -iris* | -rtu* | -xenix* \ - | -hiux* | -386bsd* | -netbsd* | -openbsd* | -freebsd* | -riscix* \ - | -lynxos* | -bosx* | -nextstep* | -cxux* | -aout* | -elf* | -oabi* \ + | -hiux* | -386bsd* | -knetbsd* | -mirbsd* | -netbsd* | -openbsd* \ + | -ekkobsd* | -kfreebsd* | -freebsd* | -riscix* | -lynxos* \ + | -bosx* | -nextstep* | -cxux* | -aout* | -elf* | -oabi* \ | -ptx* | -coff* | -ecoff* | -winnt* | -domain* | -vsta* \ | -udi* | -eabi* | -lites* | -ieee* | -go32* | -aux* \ | -chorusos* | -chorusrdb* \ | -cygwin* | -pe* | -psos* | -moss* | -proelf* | -rtems* \ - | -mingw32* | -linux-gnu* | -uxpv* | -beos* | -mpeix* | -udk* \ - | -interix* | -uwin* | -rhapsody* | -darwin* | -opened* \ + | -mingw32* | -linux-gnu* | -linux-uclibc* | -uxpv* | -beos* | -mpeix* | -udk* \ + | -interix* | -uwin* | -mks* | -rhapsody* | -darwin* | -opened* \ | -openstep* | -oskit* | -conix* | -pw32* | -nonstopux* \ | -storm-chaos* | -tops10* | -tenex* | -tops20* | -its* \ - | -os2* | -vos* | -palmos* | -uclinux* | -nucleus* | -morphos*) + | -os2* | -vos* | -palmos* | -uclinux* | -nucleus* \ + | -morphos* | -superux* | -rtmk* | -rtmk-nova* | -windiss* \ + | -powermax* | -dnix* | -nx6 | -nx7 | -sei* | -dragonfly* \ + | -skyos* | -haiku*) # Remember, each alternative MUST END IN *, to match a version number. ;; -qnx*) @@ -1105,16 +1200,21 @@ ;; esac ;; + -nto-qnx*) + ;; -nto*) - os=-nto-qnx + os=`echo $os | sed -e 's|nto|nto-qnx|'` ;; -sim | -es1800* | -hms* | -xray | -os68k* | -none* | -v88r* \ - | -windows* | -osx | -abug | -netware* | -os9* | -beos* \ + | -windows* | -osx | -abug | -netware* | -os9* | -beos* | -haiku* \ | -macos* | -mpw* | -magic* | -mmixware* | -mon960* | -lnews*) ;; -mac*) os=`echo $os | sed -e 's|mac|macos|'` ;; + -linux-dietlibc) + os=-linux-dietlibc + ;; -linux*) os=`echo $os | sed -e 's|linux|linux-gnu|'` ;; @@ -1127,6 +1227,9 @@ -opened*) os=-openedition ;; + -os400*) + os=-os400 + ;; -wince*) os=-wince ;; @@ -1148,14 +1251,20 @@ -atheos*) os=-atheos ;; + -syllable*) + os=-syllable + ;; -386bsd) os=-bsd ;; -ctix* | -uts*) os=-sysv ;; + -nova*) + os=-rtmk-nova + ;; -ns2 ) - os=-nextstep2 + os=-nextstep2 ;; -nsk*) os=-nsk @@ -1167,6 +1276,9 @@ -sinix*) os=-sysv4 ;; + -tpf*) + os=-tpf + ;; -triton*) os=-sysv3 ;; @@ -1194,8 +1306,17 @@ -xenix) os=-xenix ;; - -*mint | -mint[0-9]* | -*MiNT | -MiNT[0-9]*) - os=-mint + -*mint | -mint[0-9]* | -*MiNT | -MiNT[0-9]*) + os=-mint + ;; + -aros*) + os=-aros + ;; + -kaos*) + os=-kaos + ;; + -zvmoe) + os=-zvmoe ;; -none) ;; @@ -1228,11 +1349,14 @@ arm*-semi) os=-aout ;; + c4x-* | tic4x-*) + os=-coff + ;; # This must come before the *-dec entry. pdp10-*) os=-tops20 ;; - pdp11-*) + pdp11-*) os=-none ;; *-dec | vax-*) @@ -1259,6 +1383,9 @@ mips*-*) os=-elf ;; + or32-*) + os=-coff + ;; *-tti) # must be before sparc entry or we get the wrong os. os=-sysv3 ;; @@ -1268,9 +1395,15 @@ *-be) os=-beos ;; + *-haiku) + os=-haiku + ;; *-ibm) os=-aix ;; + *-knuth) + os=-mmixware + ;; *-wec) os=-proelf ;; @@ -1322,19 +1455,19 @@ *-next) os=-nextstep3 ;; - *-gould) + *-gould) os=-sysv ;; - *-highlevel) + *-highlevel) os=-bsd ;; *-encore) os=-bsd ;; - *-sgi) + *-sgi) os=-irix ;; - *-siemens) + *-siemens) os=-sysv4 ;; *-masscomp) @@ -1403,10 +1536,16 @@ -mvs* | -opened*) vendor=ibm ;; + -os400*) + vendor=ibm + ;; -ptx*) vendor=sequent ;; - -vxsim* | -vxworks*) + -tpf*) + vendor=ibm + ;; + -vxsim* | -vxworks* | -windiss*) vendor=wrs ;; -aux*) @@ -1430,7 +1569,7 @@ esac echo $basic_machine$os -exit 0 +exit # Local variables: # eval: (add-hook 'write-file-hooks 'time-stamp) --- snort-2.3.3.orig/debian/snort-mysql.templates +++ snort-2.3.3/debian/snort-mysql.templates @@ -0,0 +1,186 @@ +Template: snort-mysql/startup +Type: select +_Choices: boot, dialup, manual +Default: boot +_Description: When should Snort be started? + Snort can be started during boot, when connecting to the net with pppd or + only when you manually start it via /usr/sbin/snort. + +Template: snort-mysql/interface +Type: string +Default: eth0 +_Description: On which interface(s) should Snort listen? + Please enter the name(s) of the interface(s) which Snort should listen on. + The names of the available interfaces are provided by either running + 'ip link show' of 'ifconfig'. + This value usually is 'eth0', but you might want to vary this depending + on your environment, if you are using a dialup connection 'ppp0' might + be more appropiate. + . + Notice that Snort is usually configured to inspect all traffic coming + from the Internet, so the interface you add here is usually the same the + 'default route' is on. You can determine which interface is used + for this running either '/sbin/ip ro sh' or '/sbin/route -n' (look for + 'default' or '0.0.0.0'). + . + It is also not uncommon to run Snort on an interface with no IP + and configured in promiscuous mode, if this is your case, select the + interface in this system that is physically connected to the network + you want to inspect, enable promiscuous mode later on and make sure + that the network traffic is sent to this interface (either connected + to a 'port mirroring/spanning' port in a switch, to a hub or to a tap) + . + You can configure multiple interfaces here, just by adding more than + one interface name separated by spaces. Each interface can have its + specific configuration. + +Template: snort-mysql/address_range +Type: string +Default: 192.168.0.0/16 +_Description: Please enter the address range that Snort will listen on. + You have to use CIDR form, i.e. 192.168.1.0/24 for a block of 256 IPs or + 192.168.1.42/32 for just one. Specify multiple addresses on a single line + separated by ',' (comma characters), no spaces allowed! + . + If you want you can specify 'any', to not trust any side of the network. + . + Notice that if you are using multiple interfaces this definition will + be used as the HOME_NET definition of all of them. + +Template: snort-mysql/disable_promiscuous +Type: boolean +Default: false +_Description: Should Snort disable promiscuous mode on the interface? + Disabling promiscuous mode means that Snort will only see packets + addressed to it's own interface. Enabling it allows Snort to check + every packet that passes ethernet segment even if it's a connection + between two other computers. + . + Disable promiscuous mode if you are configuring Snort on an interface + without a configured IP address. + +Template: snort-mysql/reverse_order +Type: boolean +Default: false +_Description: Should Snort's rules testing order be changed to Pass|Alert|Log? + If you change Snort's rules testing order to Pass|Alert|Log, they will be + applied in Pass->Alert->Log order, instead of standard Alert->Pass->Log. + This will prevent people from having to make huge Berky Packet Filter + command line arguments to filter their alert rules. + +Template: snort-mysql/send_stats +Type: boolean +Default: true +_Description: Should daily summaries be sent by e-mail? + This Snort installation provides a cron job that runs daily and + summarises the information of Snort logs to a selected email address. + If you want to disable this feature say 'no' here. + +Template: snort-mysql/stats_rcpt +Type: string +Default: root +_Description: Who should receive the daily statistics mails? + A cron job running daily will summarise the information of the logs + generated by Snort using a script called 'snort-stat'. Introduce + here the recipient of these mails. The default value is the system + administrator. If you keep this value, make sure that the mail of + the administrator is redirected to a user that actually reads those + mails. + + +Template: snort-mysql/options +Type: string +_Description: If you want to specify custom options to Snort, please specify them here. + +Template: snort-mysql/stats_treshold +Type: string +Default: 1 +_Description: An alert needs to appear more times than this number to be included in the daily statistics. + +Template: snort-mysql/config_parameters +Type: note +_Description: This system uses an obsolete configuration file + Your system has an obsolete configuration file + (/etc/snort/snort.common.parameters) + which has been automatically converted into the new configuration + file format (at /etc/default/snort). Please review the new configuration + and remove the obsolete one. Until you do this, the init.d script + will not use the new configuration and you will not take advantage + of the benefits introduced in newer releases. + +Template: snort-mysql/configure_db +Type: boolean +Default: true +_Description: Do you want to set up a database for snort-mysql to log to? + You only need to do this the first time you install snort-mysql. Before + you go on, make sure you have (1) the hostname of a machine running a + mysql server set up to allow tcp connections from this host, (2) a + database on that server, (3) a username and password to access the + database. If you don't have _all_ of these, either select 'no' and run + with regular file logging support, or fix this first. You can always + configure database logging later, by reconfiguring the snort-mysql + package with 'dpkg-reconfigure -plow snort-mysql' + +Template: snort-mysql/needs_db_config +Type: note +_Description: Snort needs a configured database to log to before it starts. + Snort needs a configured database before it can successfully start up. + In order to create the structure you need to run the following commands + AFTER the package is installed: + cd /usr/share/doc/snort-mysql/ + zcat create_mysql.gz | mysql -u -h -p + Fill in the correct values for the user, host, and database names. + MySQL will prompt you for the password. + . + After you created the database structure, you will need to start Snort + manually. + +Template: snort-mysql/db_host +Type: string +_Description: Please enter the hostname of the mysql database server to use. + Make sure it has been set up correctly to allow incoming connections from + this host! + +Template: snort-mysql/db_database +Type: string +_Description: Please enter the name of the database to use. + Make sure this database has been created and your database user has write + access to this database. + +Template: snort-mysql/db_user +Type: string +_Description: Please enter the name of the database user you want to use. + Make sure this user has been created and has write access. + +Template: snort-mysql/db_pass +Type: password +_Description: Please enter the password for the database connection. + Please enter a password to connect to the Snort Alert database. + +Template: snort-mysql/please_restart_manually +Type: note +_Description: You are running Snort manually. + Please restart Snort using: + /etc/init.d/snort start + to let the settings take effect. + +Template: snort-mysql/config_error +Type: note +_Description: There is an error in your configuration + Your Snort configuration is not correct and Snort will not be able to start + up normally. Please review your configuration and fix it. If you do not + do this, Snort package upgrades will probably break. To check which error + is being generated run '/usr/sbin/snort -T -c /etc/snort/snort.conf' + (or point to an alternate configuration file if you are using different + files for different interfaces) + +Template: snort-mysql/config_parameters +Type: note +_Description: This system uses an obsolete configuration file + Your system has an obsolete configuration file + (/etc/snort/snort.common.parameters) + which has been automatically converted into the new configuration + file format (at /etc/default/snort). Please review the new configuration + and remove the obsolete one. Until you do this, the init.d script + will not use the new configuration and you will not take advantage + of the benefits introduced in newer releases. --- snort-2.3.3.orig/debian/snort-doc.doc-base.manual +++ snort-2.3.3/debian/snort-doc.doc-base.manual @@ -0,0 +1,11 @@ +Document: snort-manual +Title: Snort Users Manual +Author: Martin Roesch +Abstract: Users manual to the Snort NIDS + The users manual to the Snort network intrusion detection system, + providing an overview of snort and how to write rule files for it. +Section: Apps/Net + +Format: pdf +Files: /usr/share/doc/snort-doc/snort_manual.pdf.gz + --- snort-2.3.3.orig/debian/CVS/Repository +++ snort-2.3.3/debian/CVS/Repository @@ -0,0 +1 @@ +snort/debian --- snort-2.3.3.orig/debian/CVS/Root +++ snort-2.3.3/debian/CVS/Root @@ -0,0 +1 @@ +:ext:ssmeenk@cvs.alioth.debian.org:/cvsroot/pkg-snort --- snort-2.3.3.orig/debian/CVS/Entries +++ snort-2.3.3/debian/CVS/Entries @@ -0,0 +1,51 @@ +/README.Debian/1.1.1.1/Fri Aug 22 11:01:26 2003// +/README.Maintainer/1.1.1.1/Fri Aug 22 11:01:26 2003// +/chown/1.1.1.1/Fri Aug 22 11:01:25 2003// +/copyright/1.1.1.1/Fri Aug 22 11:01:26 2003// +/rules/1.5/Sun Aug 24 11:07:51 2003// +/snort-common.conffiles/1.1.1.1/Fri Aug 22 11:01:25 2003// +/snort-common.dirs/1.1.1.1/Fri Aug 22 11:01:26 2003// +/snort-doc.dirs/1.1.1.1/Fri Aug 22 11:01:25 2003// +/snort-doc.doc-base.manual/1.1.1.1/Fri Aug 22 11:01:25 2003// +/snort-doc.doc-base.paper/1.1.1.1/Fri Aug 22 11:01:26 2003// +/snort-doc.docs/1.1.1.1/Fri Aug 22 11:01:25 2003// +/snort-mysql.conffiles/1.1.1.1/Fri Aug 22 11:01:26 2003// +/snort-mysql.config/1.1.1.1/Fri Aug 22 11:01:26 2003// +/snort-mysql.dirs/1.1.1.1/Fri Aug 22 11:01:26 2003// +/snort-mysql.preinst/1.1.1.1/Fri Aug 22 11:01:26 2003// +/snort-mysql.prerm/1.1.1.1/Fri Aug 22 11:01:25 2003// +/snort-mysql.templates/1.2/Sun Aug 24 09:35:27 2003// +/snort-pgsql.conffiles/1.1.1.1/Fri Aug 22 11:01:25 2003// +/snort-pgsql.config/1.1.1.1/Fri Aug 22 11:01:26 2003// +/snort-pgsql.dirs/1.1.1.1/Fri Aug 22 11:01:26 2003// +/snort-pgsql.preinst/1.1.1.1/Fri Aug 22 11:01:25 2003// +/snort-pgsql.prerm/1.1.1.1/Fri Aug 22 11:01:26 2003// +/snort-pgsql.templates/1.2/Sun Aug 24 09:35:27 2003// +/snort-rules-default.conffiles/1.1.1.1/Fri Aug 22 11:01:26 2003// +/snort-rules-default.dirs/1.1.1.1/Fri Aug 22 11:01:26 2003// +/snort-rules-default.preinst/1.1.1.1/Fri Aug 22 11:01:26 2003// +/snort-stat.8/1.1.1.1/Fri Aug 22 11:01:25 2003// +/snort.conffiles/1.1.1.1/Fri Aug 22 11:01:26 2003// +/snort.config/1.1.1.1/Fri Aug 22 11:01:25 2003// +/snort.cron.daily/1.2/Sun Aug 24 12:57:48 2003// +/snort.debian.conf/1.1.1.1/Fri Aug 22 11:01:26 2003// +/snort.dirs/1.1.1.1/Fri Aug 22 11:01:26 2003// +/snort.docs/1.1.1.1/Fri Aug 22 11:01:26 2003// +/snort.examples/1.1.1.1/Fri Aug 22 11:01:26 2003// +/snort.logrotate/1.1.1.1/Fri Aug 22 11:01:26 2003// +/snort.preinst/1.1.1.1/Fri Aug 22 11:01:25 2003// +/snort.prerm/1.1.1.1/Fri Aug 22 11:01:26 2003// +/snort.snort/1.1.1.1/Fri Aug 22 11:01:26 2003// +/snort.templates/1.2/Sun Aug 24 09:35:27 2003// +D/my//// +D/po//// +/control/1.4/Mon Sep 8 17:39:19 2003// +/snort-mysql.postinst/1.3/Mon Sep 8 17:39:19 2003// +/snort-mysql.postrm/1.2/Mon Sep 8 17:39:19 2003// +/snort-pgsql.postinst/1.2/Mon Sep 8 17:39:19 2003// +/snort-pgsql.postrm/1.2/Mon Sep 8 17:39:19 2003// +/snort-rules-default.postrm/1.1/Wed Aug 27 07:54:23 2003// +/snort.postinst/1.2/Mon Sep 8 17:39:19 2003// +/snort.postrm/1.2/Mon Sep 8 17:39:19 2003// +/changelog/1.7/Mon Sep 8 19:18:39 2003// +/snort.init.d/1.4/Mon Sep 8 22:04:19 2003// --- snort-2.3.3.orig/debian/snort-pgsql.config +++ snort-2.3.3/debian/snort-pgsql.config @@ -0,0 +1,79 @@ +#!/bin/sh -e + +. /usr/share/debconf/confmodule + +db_input low snort-pgsql/startup || true +db_go + +# /etc/ppp/ip-up.d/snort-pgsql is called with interface and IP number +db_get snort-pgsql/startup +if [ "x$RET" = "xdialup" ]; then + db_set snort-pgsql/interface "" + db_set snort-pgsql/address_range "" + db_set snort-pgsql/disable_promiscuous true +else + db_beginblock + db_input medium snort-pgsql/interface || true + db_input high snort-pgsql/address_range || true + db_input low snort-pgsql/disable_promiscuous || true + db_endblock + db_go +fi + +db_beginblock +db_input low snort-pgsql/reverse_order || true +db_input low snort-pgsql/options || true +db_endblock +db_go + +db_beginblock +db_input low snort-pgsql/send_stats || true +db_go + +db_get snort-pgsql/send_stats +if [ $RET = true ]; then + db_beginblock + db_input medium snort-pgsql/stats_rcpt || true + db_input low snort-pgsql/stats_treshold || true + db_endblock + db_go +fi + +db_input high snort-pgsql/configure_db || true +db_go +db_get snort-pgsql/configure_db +if [ "x$RET" = "xtrue" ]; then + db_beginblock + db_input medium snort-pgsql/db_host || true + db_input medium snort-pgsql/db_database || true + db_input medium snort-pgsql/db_user || true + db_input medium snort-pgsql/db_pass || true + db_get snort-pgsql/wait_for_db_config || true + if [ "x$RET" = "xtrue" ]; then + db_set snort-pgsql/needs_db_config "true" || true + else + db_input medium snort-pgsql/needs_db_config || true + fi + db_endblock + db_go +fi + +DEFAULT=/etc/default/snort +PARAMETERS=/etc/snort/snort.common.parameters +if [ -e "$DEFAULT" ] && [ -e "$PARAMETERS" ] ; then + db_beginblock + db_input medium snort-pgsql/config_parameters || true + db_endblock + db_go +fi + + +db_get snort-pgsql/startup +if [ "x$RET" = "xmanual" ]; then + db_beginblock + db_input medium snort-pgsql/please_restart_manually || true + db_endblock + db_go +fi + +db_stop --- snort-2.3.3.orig/debian/snort-pgsql.prerm +++ snort-2.3.3/debian/snort-pgsql.prerm @@ -0,0 +1,52 @@ +#! /bin/sh +# prerm script for snort +# +# see: dh_installdeb(1) + +set -e + +# summary of how this script can be called: +# * `remove' +# * `upgrade' +# * `failed-upgrade' +# * `remove' `in-favour' +# * `deconfigure' `in-favour' +# `removing' +# +# for details, see /usr/doc/packaging-manual/ + +case "$1" in + remove|upgrade|deconfigure) + if [ -x /usr/sbin/invoke-rc.d ]; then + invoke-rc.d snort stop || true + else + /etc/init.d/snort stop || true + fi + ;; + failed-upgrade) + ;; + *) + echo "prerm called with unknown argument \`$1'" >&2 + exit 0 + ;; +esac + +# no matter if dialup, manual or boot modus! +#if [ -x /usr/sbin/invoke-rc.d ]; then +# invoke-rc.d snort stop || true +#else +# /etc/init.d/snort stop || true +#fi +# this used to be done with /etc/init.d/snort. +# Older versions of snort just kill every process with 'snort' in the +# name, so also 'snort.prerm'. This fixes that. +ps cax | grep ' snort$' | awk '{print $1}' | + xargs --no-run-if-empty kill -s KILL >/dev/null +rm -f /var/run/snort_*.pid + +# dh_installdeb will replace this with shell code automatically +# generated by other debhelper scripts. + +#DEBHELPER# + +exit 0 --- snort-2.3.3.orig/debian/snort.docs +++ snort-2.3.3/debian/snort.docs @@ -0,0 +1,12 @@ +doc/AUTHORS +doc/BUGS +doc/CREDITS +doc/NEWS +doc/README +doc/README.FLEXRESP +doc/README.PLUGINS +doc/USAGE +doc/README.database +doc/README.csv +debian/my/snort_rules.html +debian/README.Maintainer --- snort-2.3.3.orig/debian/snort-pgsql.postrm +++ snort-2.3.3/debian/snort-pgsql.postrm @@ -0,0 +1,66 @@ +#! /bin/sh +# postrm script for snort +# +# see: dh_installdeb(1) + +set -e + +# summary of how this script can be called: +# * `remove' +# * `purge' +# * `upgrade' +# * `failed-upgrade' +# * `abort-install' +# * `abort-install' +# * `abort-upgrade' +# * `disappear' overwrit>r> +# for details, see /usr/doc/packaging-manual/ + +# TODO : Should use /etc/default/snort definitions? + +case "$1" in + purge|disappear) + # Remove logfiles + rm -rf /var/log/snort/ + + # Remove configuration + if [ -e /etc/snort/snort.debian.conf ] ; then + rm /etc/snort/snort.debian.conf + fi + if [ -e /etc/snort/snort.common.parameters ] ; then + rm /etc/snort/snort.common.parameters + fi + if [ -e /etc/default/snort ] ; then + rm /etc/default/snort + fi + if [ -e /etc/snort/db-pending-config ] ; then + rm /etc/snort/db-pending-config + fi + + # Remove configuration dir + rmdir --ignore-fail-on-non-empty /etc/snort + + # Remove init.d + update-rc.d -f snort remove >/dev/null + + # Remove user/group + if ! getent passwd | grep -q "^snort:"; then + userdel snort 2>/dev/null || true + fi + if ! getent group | grep -q "^snort:" ; then + delgroup --only-if-empty snort 2>/dev/null || true + fi + ;; + remove|upgrade|failed-upgrade|abort-install|abort-upgrade) + # nothing + # We may not delete the user snort, as there may be + # files owned by it in /var/log/snort and /etc/snort. + ;; +esac + +# dh_installdeb will replace this with shell code automatically +# generated by other debhelper scripts. + +#DEBHELPER# + + --- snort-2.3.3.orig/debian/changelog +++ snort-2.3.3/debian/changelog @@ -0,0 +1,1495 @@ +snort (2.3.3-6) unstable; urgency=medium + + * Recompile to use latest libmysqlclient libraries (Closes: #366748) + * Remove the following unused dependencies as suggested by Stefan Huehner: + libsnmp4.2-dev and libssl-dev (and their --with calls in debian/rules) . I'm + still keeping the coreutils | fileutils dependency since I still want to + compile this package in woody.(Closes: #365874) + * Also remove DH_COMPAT from debian/rules as suggested by Stefan Huehner in + #365874 + * Move 'debian/my/lisapaper.txt' to snort-doc.docs and remove from snort, + snort-pgsql and snort-mysql doc files (Closes: #340091) + * Have faq.tex use hyperref.sty instead of latex2html's html.sty and comment + the \latexonly definitions. This makes latex2html unnecessary to + build the package (Closes: #365872) + * doc-base files now point to the compressed PDF documents (lintian fix) + * Updated debconf translations: + - French translation provided by Christian Perrier (Closes: #359285) + + -- Javier Fernandez-Sanguino Pen~a Mon, 29 May 2006 20:05:29 +0200 + +snort (2.3.3-5) unstable; urgency=low + + * Updated Build-Dependencies to use libmysqlclient15-dev instead of the + old libmysqlclient10 library (Closes: #356706) + * Add a 'DEBIAN_SNORT_SEND_STATS' option (controlled by debconf) to allow + users to define if snort should send daily stats. Users that want to + change the frequency should manually move over the cron.daily script + to other cron.XXX locations (Closes: #353035) + * Updated debconf translations: + - Dutch translation with patch provided by Peter Vandenabeele + - Spanish Debconf translation ('send_stats' template) + * Do not indent '@' in the e-mail of users that receive the stats (Closes: #335803) + * Preliminary code (only in snort.config) to detect if the default interface + is up when configuring Snort, the Debconf question priority is raised if + the interface is not up or it does not exist and the user is pestered + if he still provides an invalid answer (unless he doesn't see the + question, which is the case if running with debconf priority set to + 'high', in this case, we bail out) + Note: will introduce this in the DB packages after it gets some testing + out there. + * Change the Debconf priority of the note that warns that the configuration + is not working to 'critical' (was 'high') + * Acknowledge NMU made by Margarita: + * Drop automake1.6 dependency in Build-Depends (Closes: #335143) + * Updated config.guess and config.sub with the latest versions available + to prevent FTBFS on GNU/k*BSD (Closes: #342446) + * Updated german debconf translation with patch provided by Erik Schanze + (Closes: #345855) + + -- Javier Fernandez-Sanguino Pen~a Wed, 22 Mar 2006 02:09:01 +0100 + +snort (2.3.3-4) unstable; urgency=low + + * Build-Depend on newer automake version: 1.7 (Closes: #335143) + + -- Javier Fernandez-Sanguino Pen~a Tue, 17 Jan 2006 02:10:41 +0100 + +snort (2.3.3-3) unstable; urgency=low + + * Properly remove the snort user on purge. + + -- Javier Fernandez-Sanguino Pen~a Thu, 20 Oct 2005 01:13:47 +0200 + +snort (2.3.3-2.1) unstable; urgency=low + + * NMU to drop automake1.6 dependency (Closes: #335143) + * Updated config.guess and config.sub (Closes: #342446) + * Updated german debconf translation (Closes: #345855) + + -- Margarita Manterola Sun, 22 Jan 2006 21:54:43 -0300 + +snort (2.3.3-2) unstable; urgency=high + + * Backport the following changes introduced in 2.4.1. Upstream changelog: + * src/log.c: + Fix problem in sniffer mode when incomplete TCP option data is received. + Thanks A Hernandez for the find. + (Closes: #328134) + Note: This is a "security" bug but no CVE is assigned, it is actually + something that can happen only if a Snort user willingly shoots himself + on the foot (uses ASCII logging mode) or if he uses the fast output + mode with some non-default options. + For a detailed view see: + Martin Roesch's mail "Snort DoS Fallacies" to snort-users and bugtraq: + http://marc.theaimsgroup.com/?l=bugtraq&m=112665341207363&w=2 + http://marc.theaimsgroup.com/?l=snort-users&m=112657845119746&w=2 + http://marc.theaimsgroup.com/?l=snort-users&m=112667020331513&w=2 + http://marc.theaimsgroup.com/?l=snort-devel&m=112672013010948&w=2 + and also + http://www.snort.org/pub-bin/snortnews.cgi#58 + To summarise: The only recommended alert methods in a production sensor + are unified, syslog or database. And unified is The Right Way to run + a sensor (others have important performance issues under high load ) + NOTE to Debian Security teams: I don't believe this bug merits a DSA + (or a DTSA for that matter) + (Closes: #328134) + * Backport the following changes introduced in 2.4.2. Upstream changelog: + * src/output-plugins/spo_log_database.c: + * schemas/create_mysql: + Fixes to address schema being a keyword in MySQL 5.0. Thanks Wes Young, + Adolfo Gomez, and Aleem Mawji for the updates. + (Closes: #327791) + * Added Swedish translation provided by Daniel Nylander (Closes: #330834) + + -- Javier Fernandez-Sanguino Pen~a Fri, 30 Sep 2005 21:21:43 +0200 + +snort (2.3.3-1) unstable; urgency=low + + * New upstream release. + * Use upstream's FAQ in PDF format instead of debian/my/FAQ.txt, also + have the FAQ available only in the snort-doc package (after fixing + the Makefile so that the faq.tex file does not get removed on distclean) + * Fix typo in snort.8 manpage (Closes: #326538) + * Fixed address of the FSF in debian/copyright + * Updated debconf translations: + - Vietnamese provided by Clytie Siddall + + -- Javier Fernandez-Sanguino Pen~a Wed, 31 Aug 2005 19:47:16 +0200 + +snort (2.3.2-8) unstable; urgency=low + + * _Really_ use debhelper compat version 4 now + * Remove debian/*conffiles since debhelper now marks them as config files + + -- Javier Fernandez-Sanguino Pen~a Sat, 27 Aug 2005 01:50:40 +0200 + +snort (2.3.2-7) unstable; urgency=low + + * Fix lintian warnings + * Fix error in database config scripts (when not upgrading, the + wait_for_db_config key does not exist) (Closes: #325223) + * Updated debconf translations: + - French provided by Christian Perrier + + -- Javier Fernandez-Sanguino Pen~a Thu, 25 Aug 2005 21:52:19 +0200 + +snort (2.3.2-6) unstable; urgency=low + + * Add Dependency on "debconf | debconf-2.0" as requested by Joey Hess + * Use Debhelper compatibility version 4 + * New mechanism for database packages: + - Introduce a mechanism to create /etc/snort/db-pending-config on + initial installation of the database packages. + - Have the init.d script abort the start attempt if the + /etc/snort/db-pending-config file exists. + - Describe how to setup the database support in README-database.Debian + and install this document in the database packages. + (Closes: #205683, #219696, #265735, #265878, #290104, #291616) + * po-debconf changes: + (still waiting a little bit before switching to dbconfig-common) + - Sinchronise all the debconf templates of the different snort + variants. + - Change the wait_for_db_config message, now called 'needs_db_config' + and provides slightly different information. + - Fixed typos in German debconf translation courtesy of Jens Seidel + (Closes: #313906) + - Added Japanese translation contributed by Hideki Yamane + (Closes: #310096) + - Added Vietnamese translation contributed by Clytie Siddall + (Closes: #318695) + - Added Czech translation contributed by Jan Outrata (Closes: #321738) + - Updated the Spanish translation. + - Improve the debconf dialog with suggestions from Justin B Rye + (Closes: #306269) + - Fix the templates so that all the files use the same strings, that + should reduce the workload of translating almost identical lines. + (but also fuzzies more of the translations above) + + -- Javier Fernandez-Sanguino Pen~a Thu, 25 Aug 2005 14:59:29 +0200 + +snort (2.3.2-5) unstable; urgency=medium + + * Medium priority since it seems some buildds are not auto building + snort ok and this changes fix it. + * Use PostgreSQL 8.0 now as requested by Martin Pitt. Basicly just + changed the build-depends and use 'pg_config --includedir' when + setting the location of the PostgreSQL location. + * Changes to configure.in: (Closes: #313499) + * Fixed configure.in so that it uses the --with dir directly first + (intead of looking for $i/include and stuff like that). + * Fixed configure.in so that it outputs the PostgreSQL directories + it tested by fixing a typo. + * Have all ERROR messages abort with an exit 1 so that the Makefile breaks + and we will notice the error if doing an automatic build. + + + -- Javier Fernandez-Sanguino Pen~a Tue, 14 Jun 2005 19:33:49 +0200 + +snort (2.3.2-4) unstable; urgency=low + + * Snort, snort-pgsql and snort-mysql now depend on either coreutils + or earlier packages which provided 'stat'. This should prevent + partial-upgrades of woody systems which prevent snort's init scripts + from running (Closes: #311616) + + -- Javier Fernandez-Sanguino Pen~a Fri, 3 Jun 2005 16:24:50 +0200 + +snort (2.3.2-3) unstable; urgency=high + + * Pre-Depend on adduser since we use it on preinst + * Changed debian/TODO + * Snort-common now Replaces old snort versions (1.8.4beta1-1) since + the configuration files where moved there from snort. + Save for the ppp configuration file which was moved from snort-common to + snort. Snort now Replaces snort-common versions previous to 2.0.2-3, + that introduced the change, cannot conflict since we will end up with + circular dependencies. (Closes: #311257) + * Check MD5sums before rule files are moved from the old location to the + new one in snort-rules-default's preinst when upgrading. + If the files have not been changed from the ones provided + by the woody version then remove them (Closes: #311263) + + -- Javier Fernandez-Sanguino Pen~a Wed, 1 Jun 2005 09:47:04 +0200 + +snort (2.3.2-2) unstable; urgency=low + + * Have snort-common Conflict on versions prior to the Source-Version to + prevent users upgrading snort-common without upgrading snort. + (Closes: #300785 + * Fixed homepage location of Snort (Closes: #300727) + * Fixed snort-stat so it can be used when the -y option is used with Snort, + thanks to the patch provided by Chirik (Closes: #200276) + * Updated German translation courtesy of Erik Schanze + + -- Javier Fernandez-Sanguino Pen~a Tue, 22 Mar 2005 01:26:55 +0100 + +snort (2.3.2-1) unstable; urgency=low + + * New upstream release. + - Fixes some bugs in preprocessors + - Rules updates + * Fixed format of NEWS file, updated the version of the changelog entry so + that everybody will read it on next upgrade (Closes: #299334) + * Added debconf french translation provided by Christian Perrier (Closes: #299016) + * Updated debconf dutch translation provided by Peter Vandenabeele (Closes: #296152) + * The PPP script will now use the new /etc/default/snort mechanism + (Closes: 298003 + + -- Javier Fernandez-Sanguino Pen~a Mon, 14 Mar 2005 13:26:45 +0100 + +snort (2.3.0-7) unstable; urgency=low + + * Do not change the permissions of /var/log/snort/ and + /etc/snort/snort.conf if the administrator has setup an override + using dpkg-statoverride (Closes: #296927) + * Updated translation to Catalan with the one provided by Aleix Badia i + Bosch + + -- Javier Fernandez-Sanguino Pen~a Sat, 26 Feb 2005 13:09:14 +0100 + +snort (2.3.0-6) unstable; urgency=low + + * Added tetex-extra to Build-Depends (Closes: #296814) + * Refer to the proper file in debconf template (Closes: #296809) + * Updated the spanish debconf translation. + + -- Javier Fernandez-Sanguino Pen~a Fri, 25 Feb 2005 00:43:19 +0100 + +snort (2.3.0-5) unstable; urgency=low + + * Upload of the experimental package to unstable + Even though I don't get to fix #205683 and friends (and I would + like to, before the release) + This release Closes #283816, #241995, #289405, #247603 + * Do not rotate log files if empty (Closes: #193299) + * Added dutch translation (Closes: #247603) + * Added yet another TODO item + + -- Javier Fernandez-Sanguino Pen~a Tue, 22 Feb 2005 21:36:40 +0100 + +snort (2.3.0-4) experimental; urgency=low + + * Call dh_installdocs with -i or -a depending on target, rename + (Closes: #295228, #294755) + * NEWS.Debian file to NEWS + + -- Javier Fernandez-Sanguino Pen~a Tue, 15 Feb 2005 08:33:34 +0100 + +snort (2.3.0-3) experimental; urgency=low + + * Create manual in build-indep location (Closes: #294755) + * Fixed location of snort_manual and lisapaper in their respective + doc-base files. + * Added a reference to the FAQ through a new doc-base file. + + -- Javier Fernandez-Sanguino Pen~a Sat, 12 Feb 2005 12:23:35 +0100 + +snort (2.3.0-2) experimental; urgency=low + + * Improved postrm purge action by removing also obsolete configuration + (since it's no longer in the conffiles) and the group. Also, synced all + postrm scripts (mysql did not included the rmdir /etc/snort code) + + -- Javier Fernandez-Sanguino Pen~a Wed, 9 Feb 2005 08:44:05 +0100 + +snort (2.3.0-1) experimental; urgency=low + + (First attempt at experimental, to avoid breaking installations running sid) + * New upstream release + * This version now uses libnet1, changed Build-Depends (Closes: #241995) + * Introduced /etc/default/snort and removed /etc/snort/common.parameters + this makes it easier to check for common situations (parsing the parameter + file is quite complicated). The old common.parameters file is moved + over to /etc/default/snort automatically, but retained in case + the parsing has not been done properly (and will not be used until + the common.parameters file is removed). This is described in the + NEWS.Debian file. + * Fixed the postint call so that the passwd and group are checked before + they are created. Also fix chown call (still used '.' instead of ':') + * Introduce a check for the status of Snort's logdirectory, it checks if + it belongs to Snort (Closes: #247603) + * This release provides debconf support for snort sensors in + multiple interfaces (Closes: #283816) + * Run update-debconf, seems I had not done this when I last made changes + in the templates in 2.2.0-8 + * Included the documentation available, including signatures. Also + added the LaTeX manual included as well as the additional Build-Depends + on tetex-bin and gs-common + * Updated the FAQ (was about time!) from http://www.snort.org/docs/FAQ.txt + * Added a README.docs file (pointing people to more documents) + * Updated translations: + - German, provided by Erik Schanze (Closes: #289405) + + -- Javier Fernandez-Sanguino Pen~a Wed, 26 Jan 2005 09:18:53 +0100 + +snort (2.2.0-9) unstable; urgency=low + + * Removed old (obsolete) converstion of PPPENV in /var/tmp in postinst + which actually might open up security holes when using dialup access + and installing/upgrading the package. + * Updated translations: + - Japanese, provided by Hideki Yamane (closes: #283128) + - French, provided by Christian Perrier (closes: #284559) + + -- Javier Fernandez-Sanguino Pen~a Mon, 20 Dec 2004 01:35:21 +0100 + +snort (2.2.0-8) unstable; urgency=low + + * Updated the README.Debian file with proper information on how to setup + multiple interfaces and rewrote the Debconf question to specify that + it can be used to define multiple interfaces (Closes: #283816) + * Added some additional TODO notes + + -- Javier Fernandez-Sanguino Pen~a Wed, 1 Dec 2004 17:04:38 +0100 + +snort (2.2.0-7) unstable; urgency=low + + * Make snort-common Arch: all (Closes: #278987) + * The installation will now check if you are using a configuration that + will not be able to work with the current Snort version and will forewarn + you. The package installation will still fail (if Snort is started + automatically) but the administrator will be pointed to where the + error is (Closes: #165107) + * Use dh_installman instead of dh_installmanpages and provide proper + PACKAGE.manpages file since dh_installmanpages now fails to create the + snort-common package properly. + * Updated to the latest rules snapshot + * Added an 'update-rules' target in debian/rules that downloads the + latest rules snapshot and installs it in the package. + [ Translations ] + * Dutch update, provided by cobaco (Closes: #278719) + * Japanese update, provided by Hideki Yamane (Closes: #279028) + * French update, provided by Christian Perrier (Closes: #279833) + * German update, provided by Erik Schanze (Closes: #280964) + + -- Javier Fernandez-Sanguino Pen~a Sat, 30 Oct 2004 22:47:34 +0200 + +snort (2.2.0-6) unstable; urgency=low + + * Added a 'config-check' option in init.d to test the user's configuration + file. This could be used to determine (in postinst) if snort should be + restarted and warn the user (not yet done). This will help fix #165107, + #165351 (since similar user mistakes would be detected), #276565 and + #247665. + * Added more information to the TODOs + * Moved DEBIAN_TRESHOLD to DEBIAN_THRESHOLD (save for the debconf value + in order to avoid reseting it) (Closes: #256581) + * Removed double space in template (Closes: #275936) + * The snort-rules package now Suggests: snort instead of depending on it + (Closes: #249697) + * Updated rules with the latest snapshot. + + -- Javier Fernandez-Sanguino Pen~a Mon, 25 Oct 2004 23:47:45 +0200 + +snort (2.2.0-5) unstable; urgency=low + + * Rules update + + -- Javier Fernandez-Sanguino Pen~a Wed, 13 Oct 2004 12:11:21 +0200 + +snort (2.2.0-4) unstable; urgency=medium + + * Fix typo introduced in previous upload that prevents + ppp init script from loading properly common.parameters (Closes: #275439) + + -- Javier Fernandez-Sanguino Pen~a Fri, 8 Oct 2004 09:50:06 +0200 + +snort (2.2.0-3) unstable; urgency=high + + * Added config-file discovery to ppp init.scripts so that Snort is + started (-c) with the proper configuration file if available or + snort.conf if not. Setting high severity so that users running + Snort with PPP don't end up with a full /var filesystem (Closes: #268707) + * Fixed bashism in /etc/ppp/if-up.d/snort + * Modified the init.d an if-up.d scripts so that + /etc/snort/snort.common.parameters is only used if it exists. + * Snort-rules-default now Recommends: oinkmaster + now that it is in the archive (accepted 01 Oct 2004), this does not + close #191105 since IMHO a better signature update mechanism should + be introduced. Also updated the related TODO item. + * Added a FAQ Q&A regarding rule updates in README.Debian + * Added code to detect for deprecated preprocessors and warn the user, + curretnly the code will not touch the configuration files himself and + will not detect if you are using the standard package configuration file. + It will prevent users from having configuration issues, however + (Closes: #247665) + * Modified the init.d file so you can use 'status' to determine if + the Snort sensors are up or not. + * Updated the 2.2 rule set with the snapshot provided at snort.org, new rules + include detection of the recent JPEG exploit (Closes: #274244) + * Fixed typo in templates (unfuzzied modified entries) and updated + JA translation provided by Hideki Yamane (Closes: #273138) + + -- Javier Fernandez-Sanguino Pen~a Sat, 2 Oct 2004 12:41:50 +0200 + +snort (2.2.0-2) unstable; urgency=low + + * Taking over maintainership of this package (Closes: #265343) + * Have Snort{,-mysql,-pgsql} depend on the same versions of the + common packages (was not done in the previous release) + * Updated JA translation (Closes: #271755) + * Added a list of todo items in debian/TODO + + -- Javier Fernandez-Sanguino Pen~a Wed, 15 Sep 2004 10:42:43 +0200 + +snort (2.2.0-1) unstable; urgency=low + + + The 'Please Adopt Me!' release. + + + Fixed build-depends on libpcap0.8-dev closes: #263923 + + Fixed failure to start on multiple interfaces, each interface + now uses it's own configuration file. Closes: #248908 + + Snort{,-mysql,-pgsql} depend on the same versioned rules + common + Closes: #257078 + + NL, DE, pt_BR, FR, JA translations added + Closes: #265508, #264301, #246553, #246374, #239206 + + New upstream release closes: #262297 + + -- Sander Smeenk Sun, 15 Aug 2004 15:24:39 +0200 + +snort (2.1.2-2) unstable; urgency=low + + ! Once again: Thanks Mario 'BitKoenig' Holbe for your great help: + + Moved 'dialup' interface guessing from ppp/ip-up to postinst + + Cleanup restart: only restart current running interfaces + This also cleans up: 'dialup' logcheck failure, if no snort running + + Prepare for multisensor support + + Use start-stop-daemon --retry instead of sleep and kill -9 + + Use invoke-rc.d only, if it exists + Closes: #191574 + + Correct please_restart to please_restart_manually + + Re-Unified prerm and postinst scripts + + Fix the backward-compatible just-kill-them-all in prerm; + do we really need it? It definitely didn't work before and + since the old-package prerm is called anyways, we shouldn't. + + Simplify snort.debian.conf creation + + + snort-doc/examples now has a snort-rules auto-update script! + Closes: #242521, thanks Marcel! + + Updated fr.po by Christian Perrier + Closes: #244048, thanks Christian! + + Recent changes to init / ip-{up,down} scripts fixed this bug: + Closes: #226236 + + Fixed database schema's in {pg,my}sql packages. This does not fix + the 'schema is not installed when debconf prompts for it'-problem. + Closes: #244017 + + Problem with snort-pgsql.template fixed. + Closes: #244175 + + -- Sander Smeenk Sun, 18 Apr 2004 14:39:19 +0200 + +snort (2.1.2-1) unstable; urgency=low + + + New upstream release + + Templates corrected (reflect same text at shared options, typos) + + + -b switch removed from snort startup, log_tcpdump changed to snort.log + Closes: #241425, #171190 + + French debconf translation by Christian Perrier + Closes: #241991 + + Added checks on purge of snort-rules-default. Fixed breakage + Closes: #239542 + + Firewall interaction is explained in the FAQ + Closes: #217174 + + Snort now has snort.common.options, and no -b anymore. + Closes: #217244 + + Changed helptext in snort.debian.conf to be more generic. + Closes: #196694 + + Improved dialup suppport. MANY Thanks to Mario 'BitKoenig' Holbe for + his great work on this subject and the changes to the init script! + Closes: #226236 + + -- Sander Smeenk Sun, 4 Apr 2004 15:12:27 +0100 + +snort (2.1.1-1) unstable; urgency=low + + + New upstream release + Closes: #238427 + + Added catalan debconf templates (debian/po/ca.po) + Closes: #236644 + + Fixed packaging bugs. + + Applied following changes by Javier Fernández-Sanguino Peña. Thanks!! + * Snort group is now created using --system in all packages + Closes: #231580 + * Both the cron.daily script and the postinst scripts set a default + value for STATS_RCPT and STATS_TRESHOLD to avoid buggy behaviours + if the user does not setup a proper value when interfacing with + debconf. Still, these values should be checked in the config + scripts. (Closes: #173331) + * Snort-stat now exists if there are no results which will avoid + it from sending empty emails + (Closes: #217913, #174508, #192401, #172529) + * Improved the explanations in several templates (Closes: #217173) + * Updated Japanese translation (and fixed some po format errors, + hopefully without damaging the po file) (Closes: #226680) + * Included Catalan debconf translation (Closes: #236644) + * Updated pt-BR debconf translation (Closes: #228244) + * Re-Added (partial) spanish debconf translation (it seems that + the work I did back in december 2001 has not been moved to po-debconf!) + + -- Sander Smeenk Wed, 17 Mar 2004 18:46:28 +0100 + +snort (2.1.0-4) unstable; urgency=low + + + Fixed FTBFS with -B flag specified to dpkg-buildpackage + Thanks Pascal Hakim. + + Restart target in init.d script requires a sleep on slow systems. + Thanks Marco Gaiarin. + + Updated the ja.po templates + + -- Sander Smeenk Wed, 1 Mar 2004 00:00:00 +0100 + +snort (2.1.0-3) unstable; urgency=low + + + Split binary-indep packages from binary-arch target + Closes: #226072, #157708, #185806 + + ip-up.d script now correctly guesses the PPPENV settings + Closes: #225956 + + Updated the fr.po templates + Closes: #225906 + + -- Sander Smeenk Sun, 04 Jan 2004 12:51:38 +0100 + +snort (2.1.0-2) unstable; urgency=low + + + Added example init.d script to manage multiple sensors. + + No longer kills custom daemons at init.d stop + Closes: #181637 + + Fixed build-dependency on libpcre3-dev + Closes: #225707 + + Fixed manpage to reflect new SIGHUP handling + Closes: #122689 + + Already implemented 'statesaving' dialup scripts + Closes: #101725 + + Changed default flow-portscan configuration + Closes: #225506 + + -- Sander Smeenk Fri, 02 Jan 2004 13:01:54 +0100 + +snort (2.1.0-1) unstable; urgency=low + + + New upstream version + + Depend on perl-modules for perlscripts + Closes: #212805 + + Fixed breakage of upgrades when conffiles were removed by user + Closes: #207970 + + Added japanese translation of templates + Closes: #224191 + + -- Sander Smeenk Sun, 21 Dec 2003 15:48:55 +0100 + +snort (2.0.2-3) unstable; urgency=low + + * ip-up.d/snort and init.d/snort now use the same startup arguments + with an extra config file that holds the common parameters. + Closes: #217244 + + ip-{up,down}.d/snort moved from snort-common to snort{,-mysql,-pgsql} + * Clarified debconf questions. Fixed typos, corrected grammar. + Closes: #217173 + * Updated what documenation files are included. + Closes: #217174 + + -- Sander Smeenk Fri, 24 Oct 2003 18:05:26 +0200 + +snort (2.0.2-2) unstable; urgency=low + + * Fixed 'native package' problem + Closes: #216326 + + * Fixed syntaxerrors in init script + Closes: #215142 + + -- Sander Smeenk Sun, 19 Oct 2003 16:11:09 +0200 + +snort (2.0.2-1) unstable; urgency=low + + Pascal: + * Make snort-rules-default depend on a recent version of snort + Closes: #135603 + * Delete configuration files and log files on purge. + Closes: #180043 + + Sander: + * Fixed the init.d script to not start snort in dialup mode at boot. + Closes: #207291, #208003 + + -- Sander Smeenk Wed, 08 Oct 2003 21:09:34 +1000 + +snort (2.0.1-3) unstable; urgency=low + + + Fixed FTBFS: automake1.6 dependency (Closes: #207010) + + -- Sander Smeenk Mon, 25 Aug 2003 10:45:31 +0200 + +snort (2.0.1-2) unstable; urgency=low + + + Snort now co-maintained by Pascal Hakim + + + fr.po added, forgot the NMU by Christian Perrier + + Untranslatable strings marked for translation fixed + Closes: #206972, #192952 + + create_postgresql.gz has been updated and now uses 'TIMESTAMP' + Closes: #206372 + + Changed the init.d's "start" section to support dialup mode + Closes: #205873 + + SNMP support has been removed upstream, I forgot to remove the MIB + message from snort-common + Closes: #206668 + + Since the MIB note was removed, this also fixes inapropriate use of + debconf, which Closes: #205085 + + -- Sander Smeenk Sun, 24 Aug 2003 11:41:23 +0200 + +snort (2.0.1-1) unstable; urgency=low + + + New upstream source + + -- Sander Smeenk Tue, 19 Aug 2003 16:32:46 +0200 + +snort (2.0.0-3.1) unstable; urgency=low + + + Eeps! Forgot my versioned dependencies! + + -- Sander Smeenk Mon, 05 May 2003 21:02:13 +0200 + +snort (2.0.0-3) unstable; urgency=low + + + Added 'Provides: Snort' to snort-{pg,my}sql (Closes: #190064) + + Moved parameter -b to snort.conf (Closes: #190748) + + Seems fixed, according to submitter (Closes: #184596) + + Fixed ppp/ip-up.d/snort, first source, then test (Closes: #190999, #191894) + + Dependency on libpq3 isn't mandatory since postgresql-dev depends on it. + (Closes: #191570) + + -- Sander Smeenk Mon, 05 May 2003 20:27:03 +0200 + +snort (2.0.0-2) unstable; urgency=low + + + Fixed PPP environment variables in ip-up.d. (Closes: #190107) + I really don't know how to support multiple instances of snort here + + Versioned depends on snort-rules-default (Closes: #190111) + + Fixed wrong pid-finding init.d script (Closes: #190154) + + cronjob 'snort' renamed to '5snort' again (Closes: #190303) + + -- Sander Smeenk Wed, 23 Apr 2003 21:00:23 +0200 + +snort (2.0.0-1) unstable; urgency=high + + + New Upstream version + + SECURITY FIXES (Closes: #189267) + - XML logging and SNMP notification seems to be removed upstream ? + + + The init.d script has added intelligence that will hopefully detect + wether snort was running in manual mode / dialup mode when logrotate + ran, and leave it in that state (Closes: #186060) + + Tried to fix snort-stat by adding -a option (Closes: #186214) + + Renamed cronjob 5snort to snort (Closes: #186380) + + Rebuilt with new libsnmp-0.4.2 linking (Closes: #186415) + + po-debconf patch applied, thanks (Closes: #186881) + + Including sid-msg.map and gen-msg.map (Closes: #187291) + + -- Sander Smeenk Sat, 05 Apr 2003 13:32:18 +0200 + +snort (1.9.1-4) unstable; urgency=low + + + Added dependency on perl-modules to snort-common (Closes: #185180) + + Attempt 1 at fixing snort-stat again (Closes: #184622) + + init.d script tells how to start snort on dialup system (Closes: #181074) + + snort-stat supports -a now (scan whole file) (Closes: #184282) + + -- Sander Smeenk Tue, 18 Mar 2003 21:37:47 +0100 + +snort (1.9.1-3) unstable; urgency=low + + + Fixed Override Disparities + + Added section to snort-paper (Closes: #183988, #183388) + + -- Sander Smeenk Wed, 12 Mar 2003 09:04:30 +0100 + +snort (1.9.1-2) unstable; urgency=low + + + Fixed PostgreSQL CreateDB-scheme (Closes: #181733) + + Fixed snort-doc (Closes: #183988, #183388) + + A supposed fix for #181477 introduced a new bug which is now fixed + (Closes: #184128, #184071) + + Fixed -s commandline argument. It doesn't need an argument. + (Closes: #183790) + + Startup arguments for init.d invocation and pppd invocation are now + 'the same' (Closes: #183554) + + -- Sander Smeenk Mon, 10 Mar 2003 23:57:12 +0100 + +snort (1.9.1-1) unstable; urgency=high + + * SECURITY FIX + ISS X-Force has discovered a remotely exploitable buffer overflow + condition in Snort. A buffer overflow flaw exists in Snort RPC + preprocessing code that is vulnerable to attack. + + -- Sander Smeenk Mon, 03 Mar 2003 21:15:27 +0100 + +snort (1.9.0rel-4) unstable; urgency=low + + + Changed logrotate (Closes: #176495) + + Renamed 'portscan2' to 'portscan2.log' (Closes: #173978) + + Recompile Fixed PostgreSQL dependency (Closes: #175977) + + Applied patch against snort-stat (Closes: #175657) + + Added 'portscan2-ignorehosts' example + enabled for $HOME_NET + (Closes: #173985) + + Marks old 'snort.rules.files' OBSOLETE (Closes: #173981) + + Fixed snort-stat manpage to reflect alert.log (Closes: #175364) + + Fixed snort-pgsql logging bug with last_cid (Closes: #166722) + + Updated snort-rules-default to latest version + + Recompile fixed libsnmp5 dependency (Closes: #183094, #182722) + + Init scripts fixed (Closes: #181497) + + Changed rights on /var/log/snort to snort.adm (Closes: #180216) + + Fixed mkdir -p in snort-rules-default preinst (Closes: #180046) + + -- Sander Smeenk Sat, 25 Jan 2003 16:48:40 +0100 + +snort (1.9.0rel-3) unstable; urgency=low + + + Using invoke-rc.d instead of direct /etc/init.d calls (Closes: #165135) + + -- Sander Smeenk Thu, 17 Oct 2002 11:35:42 +0200 + +snort (1.9.0rel-2) unstable; urgency=low + + + Fixed Startup in Manual mode (Closes: #164644) + + Fixed failing preinst in snort-rules-default (Closes: #164643) + + No more useless cron messages (Closes: #158490) + + Manually changed snort.c to fix -s cmdline problem (Closes: #164969) + + DISABLED OLD PORTSCAN PREPROCESSOR, REPLACED BY PORTSCAN2 PREPROCESSOR + + -- Sander Smeenk Wed, 16 Oct 2002 19:58:29 +0200 + +snort (1.9.0rel-1) unstable; urgency=low + + + New Upstream Version + + Moves old /etc/snort/*.rules to new rules/ directory + (Closes: #158447, #160888) + + Closes: #158845, leftover bug fixed in previous upload. + + Files *were* created with incorrect permissions (Closes: #162386) + + Fixed Logrotate (Closes: #158042, #159456) + + -- Sander Smeenk Sat, 31 Aug 2002 15:59:16 +0200 + +snort (1.9.0beta4-5) unstable; urgency=low + + + ASN.1 Decoder turned OFF because of TOO MANY LOGENTRIES! + * Fixed Bugs (Closes: #157443) + + Commented out the 'Initializing Output Plugins!' message. + + + + Changed to logrotate to rotate logfiles (Closes: #157706) + * Unreproducable, but changed to new rotation system (Closes: #156896) + + + + Specified 'portscan2.log' as portscan2 preprocessor logfile + + Supports 'any' in the address range question to not trust + any side of the network. Wishlist but no bug was filed for this. + + Fixed faulty information in templates (Closes: #158708) + + Added README.PHP in contrib/ for clearness (Closes: #158714) + + snort-stat reported hostname with \n at the end, chomped off now. + + -- Sander Smeenk Fri, 23 Aug 2002 22:17:20 +0200 + +snort (1.9.0beta4-4) unstable; urgency=low + + + Severe postinst breakage when installing newer versions + of Snort from scratch. Fixed. + + Fixed world-writable logfiles problem (Closes: #155893) + + Password-field must be filled in. + + snort-mysql's postinst put postgresql config in snort.conf :( + + -- Sander Smeenk Tue, 20 Aug 2002 13:21:42 +0200 + +snort (1.9.0beta4-3) unstable; urgency=low + + + Fixed world-writable logfiles problem (Closes: #155893) + + Password-field must be filled in. + + snort-mysql's postinst put postgresql config in snort.conf :( + + -- Sander Smeenk Tue, 20 Aug 2002 11:11:35 +0200 + +snort (1.9.0beta4-2) unstable; urgency=low + + + Found nicer way of fixing #155893 (Closes: #155893) + + Typo two typos in bugnumbers. + Previous #153221 should be (Closes: #153211) + Previous #156119 should be (Closes: #156199) + Sorry for the mixups. It was late :/ + + Fixed b0rking preinsts (Closes: #157085) + + -- Sander Smeenk Fri, 16 Aug 2002 00:03:41 +0200 + +snort (1.9.0beta4-1) unstable; urgency=low + + + Fixes world readable configuration file problem (Closes: #154977, #155484) + + XML output should work in this release (Closes: #153845) + + MIB's moved to /usr/share/snmp/mibs (Closes: #153221) + + snort-stat now uses threshold (Closes: #147197) + + SMTP rules have been disabled per default (Closes: #153817) + + Fixed typo's in debconf screens (Closes: #154687) + + 'Hacked around' the logfiles-not-group-readable problem (Closes: #155893) + + Upload accepted (Closes: #156119) + + Leftover bugs that have been fixed earlier (Closes: #134979) + + * Fixed but no-bugreports: + + 'Initializing Plugins' log-message removed from src/plugbase.c + + Rules have moved from /etc/snort to /etc/snort/rules/ + + snort-{pg,my}sql now update the snort.conf file properly + + stream4 evasion-detection disabled + + more... + + -- Sander Smeenk Wed, 14 Aug 2002 22:00:24 +0200 + +snort (1.8.7-4) unstable; urgency=low + + + Typo in snort-stat, fixed. + + -- Sander Smeenk Sat, 03 Aug 2002 11:21:49 +0200 + +snort (1.8.7-3) unstable; urgency=low + + + snort-stat now shows hostname from where it's reporting. + + ruleset tuning (Closes: #155084) + + i see no rules with <- direction specifier, snort starts + just the way it should with telnet.rules and backdoor.rules + (Closes: #153400) + + Specific major-version Build-Depends on libsnmp4.2-dev (Closes: #155163) + + -- Sander Smeenk Sat, 03 Aug 2002 01:34:49 +0200 + +snort (1.8.7-2) unstable; urgency=low + + + Fixed situations where snort got restarted by cronscript while + being started in dialup-mode. Snort should support -HUP'ing. + + Fixed typo in /etc/snort/snort.conf (Closes: #152840, #152671) + + Fixed stupid snmpd.conf auto-addition, that was bad (Closes: #153074) + + Each MTA supplies 'sendmail' and each system has 'MTA' (Closes: #151678) + + Snort-pgsql has debconf 'help' on configuring a DB (Closes: #149661) + + Fixed snort-mysql.config problem (Closes: #110952) + + Multiple subnets problem fixed (Closes: #146861) + * Maintainer Wipes Forehead. + + -- Sander Smeenk Thu, 11 Jul 2002 21:06:50 +0200 + +snort (1.8.7-1) unstable; urgency=low + + + NEW UPSTREAM! + * No more local-{first,last} creation in preinst (Closes: #152184) + * var EXTERNAL_NET !$HOME_NET in snort.conf (Closes: #152182) + + -- Sander Smeenk Mon, 8 Jul 2002 10:59:16 +0200 + +snort (1.8.6-6) unstable; urgency=low + + * Fixed serious log-rotation problem (Closes: #151922) + * Fixed typo in rules file: --enable-snmp versus --with-snmp + + Reported in private mail, no bugs to close. + * New ruleset & config & classification (Closes: #152070) + * Not a bug (Closes: #152068) + + -- Sander Smeenk Fri, 5 Jul 2002 23:23:09 +0200 + +snort (1.8.6-5) unstable; urgency=low + + * Fixed 5snort cronjob, thanks for the patches. + + Closes: #151336, #151341, #151393, #151395 + * Can't check this problem, it looks fixed to me. + + Closes: #94709 + * Cronjob has been reworked so it uses /var/log/snort/alert, also + snort.conf has been configured to log to syslog by default. + + Closes: #146680 + * Debconf frontend now supports multiple addresses (ranges) in + address_range question. + + Closes: #66932 + * Bug-submitter thinks this bug is fixes now. + + Closes: #104074 + * Weird unaligned traps on alpha are unconfirmed snort-related. + Also, haven't heard anyone else about this. + + Closes: #130675 + * Fixed the debconf script's perl-regexp to support multiple + subnet-definition seperated by commas + + Closes: #146945 + * Once more fixed /etc/snort/snort.conf _NOT_ to log to syslog, + since that would stop logging to /var/log/snort/alert, and that + would break the snort-stat cronjob, and more. + + -- Sander Smeenk Sun, 30 Jun 2002 00:29:26 +0200 + +snort (1.8.6-4) unstable; urgency=low + + + Fixed POSIX shell incompatibility (Closes: #150409) + + Fixed Suggests instead of Recommends on snort-doc. + (Closes: #150768, #150702) + + Fixed RULE_PATH setting in snort.conf + + Fixed syslog default log-type in snort.conf (Closes: #46680, #124169) + + The cronjob in this release _tries_ syslogd-listfiles, and if + that is not available defaults to /var/log/auth.log. (Closes: #120991) + + Added section in README.Debian about FLEXRESP rules and + snort-not-starting because of permission denied (Closes: #132577) + + Fixed Subject: in body instead of headers (Closes: #132220, #145836) + + Fixed 'misleading comments' in snort.conf (Closes: #145749) + + The empty snort.conf problem was fixed in 1.8.6-1? (Closes: #144218) + + This was fixed in an earlier release (Closes: #134792) + + Applied patch against cronjob (Closes: #151229) + + Package 'debianutils' is in base and required, so no dependancies + are nescasary (Closes: #145837) + + Subjectless email fixed (Closes: #145876) + + Cronjob emails daily-alerts instead of weekly (Closes: #145901) + + Looks fixed to me (Closes: #136220) + + Thanks for the patches everyone!! Greatly appreciated! (Closes: #151257) + + -- Sander Smeenk Fri, 28 Jun 2002 11:22:13 +0200 + +snort (1.8.6-3) unstable; urgency=low + + * New Maintainer! Sander Smeenk + + POSTGRESQL SUPPORT WHOO (Closes: #108348) + + -- Sander Smeenk Tue, 4 Jun 2002 21:28:15 +0200 + +snort (1.8.6-2) unstable; urgency=low + + * [debian/snort-rules-default.conffiles] Added missing entries. + * [debian/rules] Honour DEB_BUILD_OPTIONS. + * [debian/rules] Use a variable to hold configure options that are common + to the variant packages. + * [debian/rules] Use debhelper *.dirs . + * [debian/*.doc-base] New. + * Bumped Standards-Version. + * Previous uploads fixed more bugs than noted. + (Closes: #142508, #143294, #131948) + * Enabled SNMP support. + * Added Spanish translations to debconf templates. (Closes: #126725) + * Changes above by JHM (thanks!) + * Added a new snort_stat.pl (Closes: #143875, #131887, #143962) + + -- Robert van der Meulen Mon, 29 Apr 2002 13:03:24 +0200 + +snort (1.8.6-1) unstable; urgency=low + + * Sander Smeenk fixed: + + Closes: #111533, #131047 + * Changed snort.template and made a clear text about what HOME_NET + is used for. I had to remove the de_DE and pt_BR translations though. + + Closes: #134063 + * The postinst now creates /etc/snort/snort.debian.conf if it doesn't + exist by echoing a basic content into the file. Kinda ugly, but it + works. + + Closes: #132220, #134898, #136848, #139143, #139423 + * These are all about snort-stat and empty daily emails. + Reported against version 1.7-9, and it seems to be fixed now. + + Closes: #109135, #117010 + * Typo. Fixed. + + Closes: #104447 + * Ooooooh ns.somehost.tld is portscanning me! Add the nameservers + to the DNS_SERVER value in snort.conf. Although I think this was fixed + in 1.8.4beta2 + + Closes: #116169 + * I added 1 or 2 lines of short descriptive text to each package's + description. It should be more clear now. + + Closes: #67176, #130242, #133591, #79095, #102320 + * These are left-over bugs. Fixed in earlier releases. + + Closes: #128689, #131049 + * Fixed the init.d script so that it doesn't say "already started" on + errors. Snort returns 0(good) or 1(bad), not 2. + + Closes: #143268 + * The supplied patch didn't contain any valid patchable entries. The + script has changed that much that I assume it has been fixed already. + * Thanks, smeenk :) + + -- Robert van der Meulen Fri, 19 Apr 2002 16:21:35 +0200 + +snort (1.8.4beta1-2) unstable; urgency=low + + * Fixed 'Depends:' of 'snort' package to depend on new-style snort-common + package. (Closes: #131730) + * Marked some /etc/ files as conffiles (Closes: #132823) + * Fixed build problems on some arches (Closes: #132912, #131741) + * Fixed quoting error in virus.rules (Closes: #131947) + * Fixed snort-common Replaces: line (Closes: #131701, #133106) + * Removed snort.debian.conf from the package (Closes: #132517) + * Fixed initscript to allow for multiple subnets (Closes: #125686) + + -- Robert van der Meulen Sun, 10 Feb 2002 16:11:55 +0100 + +snort (1.8.4beta1-1) unstable; urgency=low + + * New upstream release (Closes: #131517, #106093, #115955, #118270, #127564) + * Moved config stuff to snort-common (Closes: #109862) + * Fixed debconf instuctions for dialup (Closes: #113250) + * Fixed snort-stat (Closes: #115873, #116964) + * New upstream has icmp-info rules reordered (Closes: #111832) + * Gave 'count' a bit more room in email reports (Closes: #102657) + * Fixed snort cron script to not kill snort in dialup mode (Closes: #97950) + * Fixed snort cron script to not send empty emails (Closes: #112100,#117079) + * Fixed HOME_NET variable passing in init script (Closes: #117886) + + -- Robert van der Meulen Sun, 10 Feb 2002 15:41:40 +0100 + +snort (1.8p1-1) unstable; urgency=low + + * New upstream release + * Depend on system-log-daemon|syslogd (Closes: #102511) + * Fixed snort-stat empty log reports (Closes: #107515, #98944, #103542) + * Fixed logfile pattern (Closes: #102787) + + -- Robert van der Meulen Tue, 14 Aug 2001 20:37:43 +0200 + +snort (1.7-9) unstable; urgency=low + + * Removed 'snort.debian.conf' from the 'conffiles' to avoid it being + replaced. (Closes: #96950) + * Fixed a lot of errors in the manpage. (Closes: #99873, #101868) + * Removed '-s' option, and enabled logging to syslog in snort.conf. + (Closes: #101873) + * Fixed inconsequent ip-up.d and init.d behaviour (Closes: #101874) + * Added pt_BR support (Closes: #93219) + * Make snort stop before purging/removing. + + -- Robert van der Meulen Sun, 15 Jul 2001 14:04:35 +0200 + +snort (1.7-8) unstable; urgency=low + + * Have snort depend on system-log-daemon (Closes: #99203) + * Changed package description (Closes: #99302) + * Changed debconf 'extra options' question (Closes: #99303) + + -- Robert van der Meulen Sun, 17 Jun 2001 19:16:59 +0200 + +snort (1.7-7) unstable; urgency=low + + * Added a modified version of 'snort-stat', from Christian Hammers + (Closes: #93739) + * Changed '5snort' to do syslogd-listfiles --auth, to correctly list + logfiles using the 'auth' facility. (Closes: #97467) + * Modified crontab file to correctly keep /var/log/snort clean. + (Closes: #97465, #97003) + + -- Robert van der Meulen Tue, 15 May 2001 20:40:03 +0200 + +snort (1.7-6) unstable; urgency=low + + * Added more paths in /etc/init.d/snort (Closes: #94651) + * Removed non-US dependency on libssl096 (Closes: #92748) + * Fixed old man-page synopsis bug (Closes: #90889) + * Added 'please restart' notice for dialup users that upgrade(Closes: #90979). + * Fixed 'snort.conf' indiscrepancy (comma-seperated versus + whitespace-separated) (Closes: #93742) + * Added '-d' option for startup (Closes: #78667) + * Added snort FAQ (Closes: #91219) + + -- Robert van der Meulen Mon, 30 Apr 2001 01:34:25 +0200 + +snort (1.7-5) unstable; urgency=low + + * fixed no-pidfile bug when using dialup interfaces. (Closes: #89133) + * forgot to close host-timeout bug (Closes: #87838) + * Removed bashisms from cron script (Closes: #88596) + * Fixed start-stop-daemon paths in init.d script (Closes: #88678) + * Corrected multiple -i startup option typo (Closes: #89131) + * Added mysql support (Closes: #89840) + * Applied 'unaligned trap on alpha' patches from Paul Slootman + (Closes: #85684, #81092) + + -- Robert van der Meulen Thu, 22 Mar 2001 22:40:51 +0100 + +snort (1.7-4) unstable; urgency=low + + * lets-fix-lots-of-bugs release + * Fixed snort-stat: + - output is now 79 chars wide. (Closes: #70649) + - output written to tempfile first, to work around 'host' timing out + sometimes. (Closes: #74937) + * There is no 'WARNING' message on startup, anymore (Closes: #79289) + * Fixed crontab script to reflect /var/log/portscan.log -> + /var/log/snort/portscan.log change. (Closes: #85571) + * Fixed syntax error in cron file (*shame*) (Closes: #85686) + * added check for existence of /var/log/snort/portscan.log in + cron file (Closes: #86596 ) + * Fixed syslog dependency problem (syslogd|syslog-ng) (Closes: #85807) + * Changed crontab file to allow for multiple auth.* files (Closes: #84183) + * Snort doesn't crash on empty logfiles. (Closes: #85284 ) + * Snort generates correct snort-stat messages on a dialup link now. + (Closes: #82504) + + -- Robert van der Meulen Fri, 2 Mar 2001 23:32:40 +0100 + +snort (1.7-3) unstable; urgency=low + + * Fixed a couple of bugs in the startup scripts for dialup. Closes: #85201 + * Made postinst modify /etc/snort/snort.debian.conf. Closes: #85156 + * 'hardwired' /etc/ppp/ip-up.d/snort to use the PPP interface. Closes: #85218 + * Fixed problem with multiple 'auth' logfiles. Closes: #84316 + + -- Robert van der Meulen Fri, 9 Feb 2001 23:47:19 +0100 + +snort (1.7-2) unstable; urgency=low + + * Fixed a small bug in the cron.daily script; snort.conf -> snort.debian.conf + + -- Robert van der Meulen Tue, 6 Feb 2001 23:47:31 +0100 + +snort (1.7-1) unstable; urgency=low + + * New upstream version. + * New maintainer + * Moved /etc/snort/snort-lib to /etc/snort/snort.conf + /etc/snort/snort.conf was a script to set DEBIAN config variables, + it now is the base rule file. + /etc/snort/snort.debian.conf does the 'old' job. + * modified startup parameters for 'new style' + + -- Robert van der Meulen Sun, 4 Feb 2001 23:31:02 +0100 + +snort (1.6.3a-5) unstable; urgency=low + + * Accidently typed "echo" instead of "kill" in init script. Closes: #84345 + + -- Christian Hammers Thu, 1 Feb 2001 11:05:16 +0100 + +snort (1.6.3a-4) unstable; urgency=low + + * Enhanced init.d script. Fixes problems with cron rotations. + * Now depends on debhelper. Closes: #75462 + * Added german translation for debconf menus. Closes: #83873 + * Is no longer accidently a "native Debian" package. Closes: #82097 + * Problem with libmysqlclient.so.9 fixed long ago. Closes: #74798, 74806 + * Debconf should be work fine now. Closes: #59726, #70711 + * Adopted new homepage URL. Closes: #69805 + * Problem no longer reproducable. Closes: #67732, #67734 + * Added dependency to the virtual package "syslogd". Closes: #84183 + + -- Christian Hammers Wed, 31 Jan 2001 00:38:22 +0100 + +snort (1.6.3a-3) unstable; urgency=low + + * Changed the "interface" debconf question to medium. Closes: #80996 + + -- Christian Hammers Wed, 31 Jan 2001 00:10:01 +0100 + +snort (1.6.3a-2) testing unstable; urgency=low + + * Ok, forgot the ">/dev/null" after a savelog cron command... + + -- Christian Hammers Sun, 31 Dec 2000 01:11:37 +0100 + +snort (1.6.3a-1) testing unstable; urgency=low + + * This is still 1.6.3! + Somehow the .orig.tar.gz got renamed so I have to make a new + -1 upload. + * Added rotation of /var/log/portscan.log. Closes: #80864 + + -- Christian Hammers Sat, 30 Dec 2000 17:52:58 +0100 + +snort (1.6.3-8) unstable; urgency=low + + * writed more good english in debconf template. Closes: #78367 + * Adjusted debconf question for email recipient to "medium". + + -- Christian Hammers Fri, 1 Dec 2000 20:01:38 +0100 + +snort (1.6.3-7) unstable; urgency=low + + * Recompiled against new kernel to handle pppeo. + (requested by jeffml@pobox.com) + + -- Christian Hammers Sun, 26 Nov 2000 14:55:25 +0100 + +snort (1.6.3-6) unstable; urgency=low + + * Added debhelper to build depends. Closes #75462 + + -- Christian Hammers Wed, 25 Oct 2000 10:51:23 +0200 + +snort (1.6.3-5) unstable; urgency=medium + + * Recompiled against libmysqlclient10. + + -- Christian Hammers Tue, 17 Oct 2000 11:00:11 +0200 + +snort (1.6.3-4) unstable; urgency=low + + * Added dependencies to adduser >= 3.11. Closes: #69425 + + -- Christian Hammers Sun, 20 Aug 2000 08:53:50 +0200 + +snort (1.6.3-3) unstable; urgency=low + + * Made postinst/preinst idempotent. Closes: 67732, 67734 + + -- Christian Hammers Sun, 20 Aug 2000 08:53:37 +0200 + +snort (1.6.3-2) unstable; urgency=low + + * Disabled defrag-preprocessor due to upstream bugs. + + -- Christian Hammers Mon, 24 Jul 2000 17:21:18 +0200 + +snort (1.6.3-1) unstable; urgency=low + + * New upstream release. + * Now chrooted to /var/log/snort and running as snort:snort! + * More scan detections added. + * Applied fixed from Ian Zimmerman. Thanks. Closes: #66057 + + -- Christian Hammers Sun, 23 Jul 2000 14:11:50 +0200 + +snort (1.6.2.2-1) unstable; urgency=low + + * New upstream release 1.6.2.2. Minor patches. + + -- Christian Hammers Sun, 9 Jul 2000 23:21:16 +0200 + +snort (1.6.1-1) unstable; urgency=low + + * Many new scans for known vulnerabilities included! + + -- Christian Hammers Sat, 8 Jul 2000 17:06:47 +0200 + +snort (1.6-1) unstable; urgency=low + + * New upstream major release. + + -- Christian Hammers Tue, 4 Jul 2000 18:40:34 +0200 + +snort (1.5.1-12) unstable; urgency=low + + * Removed warning for port 53 source port traffic because old BINDs + generated them. Closes: #65107 + + -- Christian Hammers Tue, 6 Jun 2000 19:07:06 +0200 + +snort (1.5.1-11) frozen unstable; urgency=low + + * Package could not be build on powerpc because there were some + obsolete AM_PROG_INSTALL (now AC_PROG_INSTALL) statements in + aclocal.m4. Closes: #57916 + * Improved documentation about reading the tcpdump-style binary log + file. Closes: #57789 + + -- Christian Hammers Sun, 13 Feb 2000 18:23:58 +0100 + +snort (1.5.1-10) frozen unstable; urgency=low + + * Make sure that snort's cron.daily script gets renamed to the new + name in snort.preinst so that it won't be called twice. + + -- Christian Hammers Wed, 9 Feb 2000 12:37:53 +0100 + +snort (1.5.1-9) frozen unstable; urgency=low + + * Argh! Forgot to remove a malicious line in cron.daily. Closes: #57611 + + -- Christian Hammers Wed, 9 Feb 2000 11:10:53 +0100 + +snort (1.5.1-8) frozen unstable; urgency=low + + * Added "exit 0" to cron.daily script. + + -- Christian Hammers Sat, 5 Feb 2000 16:07:05 +0100 + +snort (1.5.1-7) frozen unstable; urgency=low + + * Applied upstream patch to get binary mode working. + Now this is really 1.5.1 and not 1.5patch1, btw. + * switched logging to tcpdump compatible binary mode so that + snort is usable on 100MBit networks. Closes: #55949 + * fixed daily report of the weekly rotated auth.log. Closes: #56476 + * cron job restarts snort correctly. Closes: #56608 + * postinst should start snort only if $startup=="boot". + * sanified snort.config (thank to Mario Holbe, again) + * removed debconf-bug compatibility. Closes: #54990 + + -- Christian Hammers Sat, 29 Jan 2000 17:57:34 +0100 + +snort (1.5.1-5) frozen unstable; urgency=low + + * User may only enter one interface and no comma seperated list that + confuses the postscript, too. Closes: #55567 + * Explained a debconf question. Closes: #55568 + * Fixed email address in copyright. + * uncommented all backdoor-lib rules that do only whatch for a + port >=1024, ignoring the content since they produce too much + false-positives. (as requested by chirik@castlefur.com) + * Added a note that this isn't actually 1.5.1 but 1.5patch1. + * Included "real" manpage that upstream author wrote. + + -- Christian Hammers Sat, 22 Jan 2000 15:30:32 +0100 + +snort (1.5.1-4) frozen unstable; urgency=low + + * Workaroung for debconf bug (#55317). + * Do not ask user for IP range when using dialup-mode. + (They normally wouldn't know!) + * + + -- Christian Hammers Sat, 22 Jan 2000 15:00:25 +0100 + +snort (1.5.1-3) frozen unstable; urgency=medium + + * Fixed cron script. Closes: #54553 + * The following was done by --- Mario Holbe --- thanks again! + * Fixed quoting of metacharacters in postinst. Closes: #54984 + * replaced the snort.options thingy by a sh-based snort.conf + - removed it from snort-lib + - changed the README.Maintainer comment + - changed rule for it + - created snort.conf with slightly beautified variables + * modified ip-down.d to work with new snort.conf + * modified ip-up.d to work with new snort.conf + * modified snort.init.d to work with new snort.conf Closes: #54553 + - this closes some bugs in 1.5.1-2, which i've not submitted :-) + * modified snort-stat to work with new snort.conf Closes: #54555 + * modified snort.cron.daily to work with new snort.conf/snort-stat + * added new snort/stats_treshold to snort.templates + * modified snort.config to work with new config variable + * modified snort.postinst to work with new snort.conf + * modified snort.postrm to remove snort.conf if purge + * all over all: did some beauifying :) + + -- Christian Hammers Fri, 14 Jan 2000 21:09:42 +0100 + +snort (1.5.1-2) unstable; urgency=low + + * I was diligently and added five more debconf options :) Closing: #54227 + - receipient of the daily statistic mail + - start at boot/ip-up/manual + - interface + - promiscuous mode + - reverse order + * Enhanced the snort-stat script with help from Mario Holbe. Closes: #54369 + + -- Christian Hammers Fri, 14 Jan 2000 21:09:36 +0100 + +snort (1.5.1-1) unstable; urgency=low + + * Fixed cron script with the new logging method. + Closes: #54226, #54275 + * Applied upstream patch1 and one from the mailing list. + Closes: #54225, #54224 + * Added README.Debian with a small FAQ. + * Changed configuration and added a /etc/snort/snort.options file. + + -- Christian Hammers Tue, 11 Jan 2000 22:56:33 +0100 + +snort (1.5-2) unstable; urgency=low + + * Fixed typo. Closes: #54269 + + -- Christian Hammers Sun, 9 Jan 2000 18:58:45 +0100 + +snort (1.5-1) unstable; urgency=low + + * New upstream release. + Features speed burst and modularization of the rules file. + * Now using syslog facility to log to /var/log/auth.log. + (Details are still available in /var/log/snort/) + * Daily generation of scan statistic via cron script. + + -- Christian Hammers Sun, 9 Jan 2000 18:58:39 +0100 + +snort (1.3.1-8) unstable; urgency=low + + * Sorry, future timestamps in package. Closes: #51848 + (too much Y2K testing, I guess) + + -- Christian Hammers Sun, 5 Dec 1999 16:49:56 +0100 + +snort (1.3.1-7) unstable; urgency=medium + + * Changed prio to high since it's an grave bug that was closed. + * Closes: #51130 + + -- Christian Hammers Tue, 15 Feb 2000 00:34:59 +0100 + +snort (1.3.1-6) unstable; urgency=medium + + * Snort stalles after installation due to debconf misuse. + * Closes: #51130 + + -- Christian Hammers Wed, 24 Nov 1999 00:29:39 +0100 + +snort (1.3.1-5) unstable; urgency=low + + * Added debconf support to enter address range. + + -- Christian Hammers Mon, 22 Nov 1999 20:13:41 +0100 + +snort (1.3.1-4) unstable; urgency=low + + * Extended archiving of log files. Closes: #50176 + + -- Christian Hammers Mon, 22 Nov 1999 00:56:38 +0100 + +snort (1.3.1-3) unstable; urgency=low + + * Registered cron script as config file. Closes: #48391 + + -- Christian Hammers Wed, 27 Oct 1999 18:36:06 +0200 + +snort (1.3.1-2) unstable; urgency=low + + * Added the non-promiscuous flag (-p) to the man-page. + + -- Christian Hammers Sun, 24 Oct 1999 18:52:20 +0200 + +snort (1.3.1-1) unstable; urgency=low + + * New upstream version. + * Many bugfixes. + + -- Christian Hammers Thu, 14 Oct 1999 00:20:35 +0200 + +snort (1.2.1-3) unstable; urgency=low + + * Included the LISA'99 Conference paper as documentation. + * FHS compliant. + * Improved /etc/cron.daily script. Fixes: #44568. + + -- Christian Hammers Fri, 10 Sep 1999 01:55:22 +0200 + +snort (1.2.1-2) unstable; urgency=low + + * Added a nice manpage (thanks to Peter T. Breuer). Closes #44127. + + -- Christian Hammers Tue, 7 Sep 1999 17:15:51 +0200 + +snort (1.2.1-1) unstable; urgency=low + + * New upstream release with fixes and speed improvement. (fixes: #43049) + + -- Christian Hammers Mon, 30 Aug 1999 21:15:10 +0200 + +snort (1.2-2) unstable; urgency=low + + * Made cron.daily a bit quieter. (fixes: #43049) + + -- Christian Hammers Mon, 16 Aug 1999 23:05:16 +0200 + +snort (1.2-1) unstable; urgency=low + + * New upstream version with great performance improve. + + -- Christian Hammers Mon, 2 Aug 1999 20:37:09 +0200 + +snort (1.1-2) unstable; urgency=low + + * Made better default IP in config file and fixed typo. + + -- Christian Hammers Tue, 13 Jul 1999 00:02:48 +0200 + +snort (1.1-1) unstable; urgency=low + + * Initial Release. + + -- Christian Hammers Mon, 12 Jul 1999 21:30:57 +0200 + +Local variables: +mode: debian-changelog +End: --- snort-2.3.3.orig/debian/snort.common.parameters +++ snort-2.3.3/debian/snort.common.parameters @@ -0,0 +1 @@ +-m 027 -D -l /var/log/snort -d -u snort -g snort --- snort-2.3.3.orig/debian/snort.postinst +++ snort-2.3.3/debian/snort.postinst @@ -0,0 +1,199 @@ +#!/bin/sh -e + +CONFIG=/etc/snort/snort.debian.conf + +. /usr/share/debconf/confmodule +test $DEBIAN_SCRIPT_DEBUG && set -v -x + +# summary of how this script can be called: +# * `configure' +# * `abort-upgrade' +# * `abort-remove' `in-favour' +# +# * `abort-deconfigure' `in-favour' +# `removing' +# +# for details, see /usr/doc/packaging-manual/ +# +# quoting from the policy: +# Any necessary prompting should almost always be confined to the +# post-installation script, and should be protected with a conditional +# so that unnecessary prompting doesn't happen if a package's +# installation fails and the `postinst' is called with `abort-upgrade', +# `abort-remove' or `abort-deconfigure'. + +case "$1" in + install) + ;; + upgrade) + db_get snort/startup || true + if [ "$RET" = "manual" ]; then + echo "You have chosen to (re)start snort manually." + echo "Please restart Snort manually." + sleep 2 + #db_fset snort/please_restart_manually seen false + #db_beginblock + #db_input high snort/please_restart_manually || true + #db_endblock + #db_go + #db_stop + fi + ;; + configure) + # edit config file + db_get snort/startup || true; STARTUP=$RET + db_get snort/interface || true; INTERFACE="$RET" + db_get snort/address_range || true; ADDRESS_RANGE="$RET" + db_get snort/disable_promiscuous || true; DISABLE_PROMISCUOUS=$RET + db_get snort/reverse_order || true; REVERSE_ORDER=$RET + db_get snort/send_stats || true; STATS_SEND="$RET" + db_get snort/stats_rcpt || true; STATS_RCPT="$RET" + db_get snort/stats_treshold || true; STATS_THRESHOLD="$RET" + db_get snort/options || true; OPTIONS="$RET" + + test "$DISABLE_PROMISCUOUS" = "true" && OPTIONS="$OPTIONS -p" + test "$REVERSE_ORDER" = "true" && OPTIONS="$OPTIONS -o" + # Failsafe in case the values above are blank (jfs) + [ -z "$STATS_RCPT" ] && STATS_RCPT=root + [ -z "$STATS_THRESHOLD" ] && STATS_THRESHOLD=1 + # STATS_RCPT=`echo "$STATS_RCPT" | sed -e 's/@/\\\\@/g' -e 's/,/\\\\,/g'` + + cat <$CONFIG +# This file is used for options that are changed by Debian to leave +# the original lib files untouched. +# You have to use "dpkg-reconfigure snort" to change them. + +DEBIAN_SNORT_STARTUP="$STARTUP" +DEBIAN_SNORT_HOME_NET="$ADDRESS_RANGE" +DEBIAN_SNORT_OPTIONS="$OPTIONS" +DEBIAN_SNORT_INTERFACE="$INTERFACE" +DEBIAN_SNORT_SEND_STATS="$STATS_SEND" +DEBIAN_SNORT_STATS_RCPT="$STATS_RCPT" +DEBIAN_SNORT_STATS_THRESHOLD="$STATS_THRESHOLD" +EOF + + if [ -f /etc/snort/snort.conf ]; then + # Ensure the config file is readable by root.root and mode 600 + if ! dpkg-statoverride --list /etc/snort/snort.conf >/dev/null + then + chown root:snort /etc/snort/snort.conf + chmod 640 /etc/snort/snort.conf + fi + fi + + db_stop + + # Check for left-over files from woody packages. + OLDCONF=/etc/snort/snort.rules.conf + if [ -f $OLDCONF ]; then + mv $OLDCONF $OLDCONF.OBSOLETE + fi + + # Update the rc.d's + update-rc.d snort defaults >/dev/null + + # in the case we reconfigure we have to restart and not just to start. + if [ -x /usr/sbin/invoke-rc.d ]; then + invoke-rc.d snort stop || true + else + /etc/init.d/snort stop || true + fi + ;; + abort-upgrade) + ;; + *) + echo "postinst called with unknown argument \`$1'" >&2 + exit 0 + ;; +esac + +if [ "$STARTUP" = "dialup" ]; then + + # Try to guess environments for all pppds we have no .env for... + for PPPD_PID in $(pidof pppd ipppd); do + # If we got an empty PID (however), we break here + test "$PPPD_PID" || continue + + # + # This is a lot of shell voodoo, let's try to figure it out: + # 1. egrep: + # It greps for our current pppd PID in all pppd and ipppd + # pidfiles. + # It *should* return exactly one file name: the one with + # our current pppd PID in it; however, to be safe, we fence + # it with a head -1. + # 2. basename $(egrep ...) .pid: + # It takes the file name from the egrep and strips off its + # path and the .pid suffix + # 3. sed: + # Unfortunately the filenames of pppd and ipppd differ: + # pppd uses $INTERFACE.pid, while ipppd uses + # ipppd.$INTERFACE.pid. + # The .pid is already stripped off by basename, thus, we + # just strip off any "ipppd." prefix and end up in the + # plain interface name. + # Maybe pppd decides to change it's pidfile naming + # convention according to ipppd somewhere in the future, + # thus, we use '^i\?pppd\.' (sed eregex) and thus strip + # off all "ipppd." and all "pppd." prefixes. This doesn't + # harm anyways. + # Because of the pppd pidfile naming convention, our + # approach works always with ipppd and mostly with pppd: + # the latter only, if the user did not decide to rename + # his ppp interface to something else than ppp* + # (not possible currently, afaics). + # + PPP_IFACE=$(basename $(egrep -l "^[[:space:]]*$PPPD_PID[[:space:]]*\$" /var/run/ppp*.pid /var/run/ipppd.*.pid 2> /dev/null | head -1) .pid | sed -e 's/^i\?pppd\.//') + + # + # If we got no interface from pidfiles (because there are no + # pidfiles, for example), we assume the most common case: + # one pppd with default route set. + # This is ugly, but there is no other chance. Let's hope, + # nobody ever manages multiple pppds without pidfiles for + # them. + # + test "$PPP_IFACE" || PPP_IFACE=$(route -n | + awk '/^0\.0\.0\.0 / { print $8 }') + + # If we couldn't discover an interface name, we break here + test "$PPP_IFACE" || continue + + PPP_LOCAL=$(ifconfig $PPP_IFACE | + awk '/inet addr:/ { gsub("addr:", ""); print $2 }') + + # If we couldn't discover a local IP, we break here + test "$PPP_LOCAL" || continue + + ENVFILE=/var/run/snort_$PPP_IFACE.env + + # If we already have an .env for that interface, we break here + test -e "$ENVFILE" && continue + + # Write .env for that interface + echo "Creating missing $ENVFILE" + echo "PPPD_PID=$PPPD_PID" > "$ENVFILE" + echo "PPP_IFACE=$PPP_IFACE" >> "$ENVFILE" + echo "PPP_LOCAL=$PPP_LOCAL" >> "$ENVFILE" + + # If such a snort is still running, just kill it + ps -ef | grep /usr/sbin/snort | grep "$PPP_LOCAL" | + grep "$PPP_IFACE" | awk '{ print $2 }' | + xargs --no-run-if-empty kill -s KILL >/dev/null + done +fi + +if [ "$STARTUP" = "boot" ] || [ "$STARTUP" = "dialup" ]; then + if [ -x /usr/sbin/invoke-rc.d ]; then + invoke-rc.d snort start || true + else + /etc/init.d/snort start || true + fi +fi + +# dh_installdeb will replace this with shell code automatically +# generated by other debhelper scripts. + +#DEBHELPER# + +exit 0 --- snort-2.3.3.orig/debian/snort-common.manpages +++ snort-2.3.3/debian/snort-common.manpages @@ -0,0 +1 @@ +debian/snort-stat.8 --- snort-2.3.3.orig/debian/snort-pgsql.templates +++ snort-2.3.3/debian/snort-pgsql.templates @@ -0,0 +1,185 @@ +Template: snort-pgsql/startup +Type: select +_Choices: boot, dialup, manual +Default: boot +_Description: When should Snort be started? + Snort can be started during boot, when connecting to the net with pppd or + only when you manually start it via /usr/sbin/snort. + +Template: snort-pgsql/interface +Type: string +Default: eth0 +_Description: On which interface(s) should Snort listen? + Please enter the name(s) of the interface(s) which Snort should listen on. + The names of the available interfaces are provided by either running + 'ip link show' of 'ifconfig'. + This value usually is 'eth0', but you might want to vary this depending + on your environment, if you are using a dialup connection 'ppp0' might + be more appropiate. + . + Notice that Snort is usually configured to inspect all traffic coming + from the Internet, so the interface you add here is usually the same the + 'default route' is on. You can determine which interface is used + for this running either '/sbin/ip ro sh' or '/sbin/route -n' (look for + 'default' or '0.0.0.0'). + . + It is also not uncommon to run Snort on an interface with no IP + and configured in promiscuous mode, if this is your case, select the + interface in this system that is physically connected to the network + you want to inspect, enable promiscuous mode later on and make sure + that the network traffic is sent to this interface (either connected + to a 'port mirroring/spanning' port in a switch, to a hub or to a tap) + . + You can configure multiple interfaces here, just by adding more than + one interface name separated by spaces. Each interface can have its + specific configuration. + +Template: snort-pgsql/address_range +Type: string +Default: 192.168.0.0/16 +_Description: Please enter the address range that Snort will listen on. + You have to use CIDR form, i.e. 192.168.1.0/24 for a block of 256 IPs or + 192.168.1.42/32 for just one. Specify multiple addresses on a single line + separated by ',' (comma characters), no spaces allowed! + . + If you want you can specify 'any', to not trust any side of the network. + . + Notice that if you are using multiple interfaces this definition will + be used as the HOME_NET definition of all of them. + +Template: snort-pgsql/disable_promiscuous +Type: boolean +Default: false +_Description: Should Snort disable promiscuous mode on the interface? + Disabling promiscuous mode means that Snort will only see packets + addressed to it's own interface. Enabling it allows Snort to check + every packet that passes ethernet segment even if it's a connection + between two other computers. + . + Disable promiscuous mode if you are configuring Snort on an interface + without a configured IP address. + +Template: snort-pgsql/reverse_order +Type: boolean +Default: false +_Description: Should Snort's rules testing order be changed to Pass|Alert|Log? + If you change Snort's rules testing order to Pass|Alert|Log, they will be + applied in Pass->Alert->Log order, instead of standard Alert->Pass->Log. + This will prevent people from having to make huge Berky Packet Filter + command line arguments to filter their alert rules. + +Template: snort-pgsql/send_stats +Type: boolean +Default: true +_Description: Should daily summaries be sent by e-mail? + This Snort installation provides a cron job that runs daily and + summarises the information of Snort logs to a selected email address. + If you want to disable this feature say 'no' here. + +Template: snort-pgsql/stats_rcpt +Type: string +Default: root +_Description: Who should receive the daily statistics mails? + A cron job running daily will summarise the information of the logs + generated by Snort using a script called 'snort-stat'. Introduce + here the recipient of these mails. The default value is the system + administrator. If you keep this value, make sure that the mail of + the administrator is redirected to a user that actually reads those + mails. + +Template: snort-pgsql/options +Type: string +_Description: If you want to specify custom options to Snort, please specify them here. + +Template: snort-pgsql/stats_treshold +Type: string +Default: 1 +_Description: An alert needs to appear more times than this number to be included in the daily statistics. + +Template: snort-pgsql/config_parameters +Type: note +_Description: This system uses an obsolete configuration file + Your system has an obsolete configuration file + (/etc/snort/snort.common.parameters) + which has been automatically converted into the new configuration + file format (at /etc/default/snort). Please review the new configuration + and remove the obsolete one. Until you do this, the init.d script + will not use the new configuration and you will not take advantage + of the benefits introduced in newer releases. + +Template: snort-pgsql/configure_db +Type: boolean +Default: true +_Description: Do you want to set up a database for snort-pgsql to log to? + You only need to do this the first time you install snort-pgsql. Before + you go on, make sure you have (1) the hostname of a machine running a + pgsql server set up to allow tcp connections from this host, (2) a + database on that server, (3) a username and password to access the + database. If you don't have _all_ of these, either select 'no' and run + with regular file logging support, or fix this first. You can always + configure database logging later, by reconfiguring the snort-pgsql + package with 'dpkg-reconfigure -plow snort-pgsql' + +Template: snort-pgsql/needs_db_config +Type: note +_Description: Snort needs a configured database to log to before it starts. + Snort needs a configured database before it can successfully start up. + In order to create the structure you need to run the following commands + AFTER the package is installed: + cd /usr/share/doc/snort-pgsql/ + zcat create_postgresql.gz | psql -U -h -W + Fill in the correct values for the user, host, and database names. + PostgreSQL will prompt you for the password. + . + After you created the database structure, you will need to start Snort + manually. + +Template: snort-pgsql/db_host +Type: string +_Description: Please enter the hostname of the pgsql database server to use. + Make sure it has been set up correctly to allow incoming connections from + this host! + +Template: snort-pgsql/db_database +Type: string +_Description: Please enter the name of the database to use. + Make sure this database has been created and your database user has write + access to this database. + +Template: snort-pgsql/db_user +Type: string +_Description: Please enter the name of the database user you want to use. + Make sure this user has been created and has write access. + +Template: snort-pgsql/db_pass +Type: password +_Description: Please enter the password for the database connection. + Please enter a password to connect to the Snort Alert database. + +Template: snort-pgsql/please_restart_manually +Type: note +_Description: You are running Snort manually. + Please restart Snort using: + /etc/init.d/snort start + to let the settings take effect. + +Template: snort-pgsql/config_error +Type: note +_Description: There is an error in your configuration + Your Snort configuration is not correct and Snort will not be able to start + up normally. Please review your configuration and fix it. If you do not + do this, Snort package upgrades will probably break. To check which error + is being generated run '/usr/sbin/snort -T -c /etc/snort/snort.conf' + (or point to an alternate configuration file if you are using different + files for different interfaces) + +Template: snort-pgsql/config_parameters +Type: note +_Description: This system uses an obsolete configuration file + Your system has an obsolete configuration file + (/etc/snort/snort.common.parameters) + which has been automatically converted into the new configuration + file format (at /etc/default/snort). Please review the new configuration + and remove the obsolete one. Until you do this, the init.d script + will not use the new configuration and you will not take advantage + of the benefits introduced in newer releases. --- snort-2.3.3.orig/debian/snort.manpages +++ snort-2.3.3/debian/snort.manpages @@ -0,0 +1 @@ +snort.8 --- snort-2.3.3.orig/debian/snort-mysql.postrm +++ snort-2.3.3/debian/snort-mysql.postrm @@ -0,0 +1,66 @@ +#! /bin/sh +# postrm script for snort +# +# see: dh_installdeb(1) + +set -e + +# summary of how this script can be called: +# * `remove' +# * `purge' +# * `upgrade' +# * `failed-upgrade' +# * `abort-install' +# * `abort-install' +# * `abort-upgrade' +# * `disappear' overwrit>r> +# for details, see /usr/doc/packaging-manual/ + +# TODO : Should use /etc/default/snort definitions? + +case "$1" in + purge|disappear) + # Remove logfiles + rm -rf /var/log/snort/ + + # Remove configuration + if [ -e /etc/snort/snort.debian.conf ] ; then + rm /etc/snort/snort.debian.conf + fi + if [ -e /etc/snort/snort.common.parameters ] ; then + rm /etc/snort/snort.common.parameters + fi + if [ -e /etc/default/snort ] ; then + rm /etc/default/snort + fi + if [ -e /etc/snort/db-pending-config ] ; then + rm /etc/snort/db-pending-config + fi + + # Remove configuration dir + rmdir --ignore-fail-on-non-empty /etc/snort + + # Remove init.d + update-rc.d -f snort remove >/dev/null + + # Remove user/group + if ! getent passwd | grep -q "^snort:"; then + userdel snort 2>/dev/null || true + fi + if ! getent group | grep -q "^snort:" ; then + delgroup --only-if-empty snort 2>/dev/null || true + fi + ;; + remove|upgrade|failed-upgrade|abort-install|abort-upgrade) + # nothing + # We may not delete the user snort, as there may be + # files owned by it in /var/log/snort and /etc/snort. + ;; +esac + +# dh_installdeb will replace this with shell code automatically +# generated by other debhelper scripts. + +#DEBHELPER# + + --- snort-2.3.3.orig/debian/snort-doc.doc-base.faq +++ snort-2.3.3/debian/snort-doc.doc-base.faq @@ -0,0 +1,11 @@ +Document: snort-FAQ +Title: Snort FAQ +Author: The Snort Core Team +Abstract: Frequently Asked Questions for the Snort NIDS + This document provides answers to some of the most common + (and frequently asked) questions related to the Snort network + intrusion detection system. +Section: Apps/Net + +Format: pdf +Files: /usr/share/doc/snort-doc/faq.pdf.gz --- snort-2.3.3.orig/debian/snort-doc.docs +++ snort-2.3.3/debian/snort-doc.docs @@ -0,0 +1,26 @@ +debian/README.docs +doc/README +doc/README.alert_order +doc/README.asn1 +doc/README.csv +doc/README.database +doc/README.event_queue +doc/README.FLEXRESP +doc/README.flow +doc/README.flowbits +doc/README.flow-portscan +doc/README.http_inspect +doc/README.INLINE +doc/README.PLUGINS +doc/README.sfportscan +doc/README.thresholding +doc/README.UNSOCK +doc/README.wireless +doc/RULES.todo +doc/snort_schema_v106.pdf +doc/snort_manual.pdf +doc/faq.pdf +doc/TODO +doc/USAGE +doc/WISHLIST +debian/my/lisapaper.txt --- snort-2.3.3.orig/debian/snort-mysql.docs +++ snort-2.3.3/debian/snort-mysql.docs @@ -0,0 +1,13 @@ +doc/AUTHORS +doc/BUGS +doc/CREDITS +doc/NEWS +doc/README +doc/README.FLEXRESP +doc/README.PLUGINS +doc/USAGE +doc/README.database +doc/README.csv +debian/my/snort_rules.html +debian/README.Maintainer +debian/README-database.Debian --- snort-2.3.3.orig/debian/snort.templates +++ snort-2.3.3/debian/snort.templates @@ -0,0 +1,135 @@ +Template: snort/startup +Type: select +_Choices: boot, dialup, manual +Default: boot +_Description: When should Snort be started? + Snort can be started during boot, when connecting to the net with pppd or + only when you manually start it via /usr/sbin/snort. + +Template: snort/interface +Type: string +Default: eth0 +_Description: On which interface(s) should Snort listen? + Please enter the name(s) of the interface(s) which Snort should listen on. + The names of the available interfaces are provided by either running + 'ip link show' of 'ifconfig'. + This value usually is 'eth0', but you might want to vary this depending + on your environment, if you are using a dialup connection 'ppp0' might + be more appropiate. + . + Notice that Snort is usually configured to inspect all traffic coming + from the Internet, so the interface you add here is usually the same the + 'default route' is on. You can determine which interface is used + for this running either '/sbin/ip ro sh' or '/sbin/route -n' (look for + 'default' or '0.0.0.0'). + . + It is also not uncommon to run Snort on an interface with no IP + and configured in promiscuous mode, if this is your case, select the + interface in this system that is physically connected to the network + you want to inspect, enable promiscuous mode later on and make sure + that the network traffic is sent to this interface (either connected + to a 'port mirroring/spanning' port in a switch, to a hub or to a tap) + . + You can configure multiple interfaces here, just by adding more than + one interface name separated by spaces. Each interface can have its + specific configuration. + +Template: snort/address_range +Type: string +Default: 192.168.0.0/16 +_Description: Please enter the address range that Snort will listen on. + You have to use CIDR form, i.e. 192.168.1.0/24 for a block of 256 IPs or + 192.168.1.42/32 for just one. Specify multiple addresses on a single line + separated by ',' (comma characters), no spaces allowed! + . + If you want you can specify 'any', to not trust any side of the network. + . + Notice that if you are using multiple interfaces this definition will + be used as the HOME_NET definition of all of them. + +Template: snort/disable_promiscuous +Type: boolean +Default: false +_Description: Should Snort disable promiscuous mode on the interface? + Disabling promiscuous mode means that Snort will only see packets + addressed to it's own interface. Enabling it allows Snort to check + every packet that passes ethernet segment even if it's a connection + between two other computers. + . + Disable promiscuous mode if you are configuring Snort on an interface + without a configured IP address. + +Template: snort/invalid_interface +Type: note +_Description: Invalid interface + One of the interfaces you specified is not valid (it might not exist on the system + or be down). Please introduce a valid interface when answering the question + of which interface(s) should Snort listen on. + . + If you did not configure an interface then the package is trying to use the default + ('eth0') which does not seem to be valid in your system. + +Template: snort/reverse_order +Type: boolean +Default: false +_Description: Should Snort's rules testing order be changed to Pass|Alert|Log? + If you change Snort's rules testing order to Pass|Alert|Log, they will be + applied in Pass->Alert->Log order, instead of standard Alert->Pass->Log. + This will prevent people from having to make huge Berky Packet Filter + command line arguments to filter their alert rules. + +Template: snort/send_stats +Type: boolean +Default: true +_Description: Should daily summaries be sent by e-mail? + This Snort installation provides a cron job that runs daily and + summarises the information of Snort logs to a selected email address. + If you want to disable this feature say 'no' here. + +Template: snort/stats_rcpt +Type: string +Default: root +_Description: Who should receive the daily statistics mails? + A cron job running daily will summarise the information of the logs + generated by Snort using a script called 'snort-stat'. Introduce + here the recipient of these mails. The default value is the system + administrator. If you keep this value, make sure that the mail of + the administrator is redirected to a user that actually reads those + mails. + +Template: snort/options +Type: string +_Description: If you want to specify custom options to Snort, please specify them here. + +Template: snort/stats_treshold +Type: string +Default: 1 +_Description: An alert needs to appear more times than this number to be included in the daily statistics. + +Template: snort/please_restart_manually +Type: note +_Description: You are running Snort manually. + Please restart Snort using: + /etc/init.d/snort start + to let the settings take effect. + +Template: snort/config_error +Type: note +_Description: There is an error in your configuration + Your Snort configuration is not correct and Snort will not be able to start + up normally. Please review your configuration and fix it. If you do not + do this, Snort package upgrades will probably break. To check which error + is being generated run '/usr/sbin/snort -T -c /etc/snort/snort.conf' + (or point to an alternate configuration file if you are using different + files for different interfaces) + +Template: snort/config_parameters +Type: note +_Description: This system uses an obsolete configuration file + Your system has an obsolete configuration file + (/etc/snort/snort.common.parameters) + which has been automatically converted into the new configuration + file format (at /etc/default/snort). Please review the new configuration + and remove the obsolete one. Until you do this, the init.d script + will not use the new configuration and you will not take advantage + of the benefits introduced in newer releases. --- snort-2.3.3.orig/debian/snort.dirs +++ snort-2.3.3/debian/snort.dirs @@ -0,0 +1,11 @@ +etc/cron.daily +etc/init.d +etc/logrotate.d +etc/default +etc/ppp/ip-down.d +etc/ppp/ip-up.d +etc/snort +usr/sbin +usr/share/doc/snort +usr/share/man/man8 +var/log/snort --- snort-2.3.3.orig/debian/snort.postrm +++ snort-2.3.3/debian/snort.postrm @@ -0,0 +1,63 @@ +#! /bin/sh +# postrm script for snort +# +# see: dh_installdeb(1) + +set -e + +# summary of how this script can be called: +# * `remove' +# * `purge' +# * `upgrade' +# * `failed-upgrade' +# * `abort-install' +# * `abort-install' +# * `abort-upgrade' +# * `disappear' overwrit>r> +# for details, see /usr/doc/packaging-manual/ + +# TODO : Should use /etc/default/snort definitions? + +case "$1" in + purge|disappear) + # Remove logfiles + rm -rf /var/log/snort/ + + # Remove configuration + if [ -e /etc/snort/snort.debian.conf ] ; then + rm /etc/snort/snort.debian.conf + fi + if [ -e /etc/snort/snort.common.parameters ] ; then + rm /etc/snort/snort.common.parameters + fi + if [ -e /etc/default/snort ] ; then + rm /etc/default/snort + fi + + # Remove configuration dir + rmdir --ignore-fail-on-non-empty /etc/snort + + # Remove init.d + update-rc.d -f snort remove >/dev/null + + # Remove user/group + if getent passwd | grep -q "^snort:"; then + userdel snort 2>/dev/null || true + fi + if getent group | grep -q "^snort:" ; then + delgroup --only-if-empty snort 2>/dev/null || true + fi + ;; + remove|upgrade|failed-upgrade|abort-install|abort-upgrade) + # nothing + # We may not delete the user snort, as there may be + # files owned by it in /var/log/snort and /etc/snort. + ;; +esac + +# dh_installdeb will replace this with shell code automatically +# generated by other debhelper scripts. + +#DEBHELPER# + + --- snort-2.3.3.orig/debian/snort-common.dirs +++ snort-2.3.3/debian/snort-common.dirs @@ -0,0 +1,3 @@ +/etc/cron.daily +/etc/snort +/usr/sbin --- snort-2.3.3.orig/debian/snort.cron.daily +++ snort-2.3.3/debian/snort.cron.daily @@ -0,0 +1,35 @@ +#!/bin/sh -e + +test -f /usr/sbin/snort || exit 0 + +LOGFILE=/var/log/snort/alert +PATH=/bin:/usr/bin:/sbin:/usr/sbin +CONFIG=/etc/snort/snort.debian.conf +. $CONFIG + +# Don't generate stats if we are configured not to +[ "$DEBIAN_SNORT_SEND_STATS" = "false" ] && exit 0 + +export DEBIAN_SNORT_STATS_RCPT DEBIAN_SNORT_STATS_THRESHOLD + +# Just in case it's not properly configured for whatever reason +[ -z "$DEBIAN_SNORT_STATS_THRESHOLD" ] && DEBIAN_SNORT_STATS_THRESHOLD=1 +[ -z "$DEBIAN_SNORT_STATS_RCPT" ] && DEBIAN_SNORT_STATS_RCPT=root + +# Cannot use logrotate to rotate these logfiles... +# 'rotate' saved RAW-Ethernet streams +# New snort has different naming scheme, old one still here for upgrades +find /var/log/snort -name "snort-*@*.log" -mtime +15 | xargs --no-run-if-empty rm +find /var/log/snort -name "tcpdump.log.*" -mtime +15 | xargs --no-run-if-empty rm +find /var/log/snort -name "snort.log.*" -mtime +15 | xargs --no-run-if-empty rm + +# Mail snort stats +if [ -s $LOGFILE ]; then + (echo "To: $DEBIAN_SNORT_STATS_RCPT"; snort-stat -a -t $DEBIAN_SNORT_STATS_THRESHOLD < $LOGFILE) | sendmail -t +fi + +# Restarting snort is now handled by the logrotate configuration. +# The 'intelligence' of not to start in certain startup-modes moved +# to the init.d script as well. + +exit 0 --- snort-2.3.3.orig/debian/control +++ snort-2.3.3/debian/control @@ -0,0 +1,123 @@ +Source: snort +Section: net +Priority: optional +Maintainer: Javier Fernandez-Sanguino Pen~a +Uploaders: Pascal Hakim +Build-Depends: libnet1-dev, libpcap0.8-dev, libpcre3-dev, debhelper (>= 4.1.13), libmysqlclient15-dev | libmysqlclient-dev, libpq-dev, po-debconf (>= 0.5.0), tetex-bin, tetex-extra, gs-common +Standards-Version: 3.5.6 + +Package: snort +Architecture: any +Pre-Depends: adduser (>= 3.11) +Depends: snort-rules-default (>= ${Source-Version}), debconf (>= 0.2.80) | debconf-2.0, syslogd | system-log-daemon, ${shlibs:Depends}, snort-common (>= ${Source-Version}), logrotate, coreutils | fileutils (>= 4.1.9) | stat (>= 3.0) +Conflicts: snort-mysql, snort-pgsql +Replaces: snort-common (<< 2.0.2-3) +Recommends: snort-doc +Description: Flexible Network Intrusion Detection System + Snort is a libpcap-based packet sniffer/logger which can be used as a + lightweight network intrusion detection system. It features rules + based logging and can perform content searching/matching in addition + to being used to detect a variety of other attacks and probes, such + as buffer overflows, stealth port scans, CGI attacks, SMB probes, and + much more. Snort has a real-time alerting capability, with alerts being + sent to syslog, a separate "alert" file, or even to a Windows computer + via Samba. + . + This package provides the plain-vanilla snort distribution and does not + provide database support (available in snort-pgsql and snort-mysql). + . + Homepage: http://www.snort.org + +Package: snort-common +Architecture: all +Pre-Depends: adduser (>= 3.11) +Depends: perl-modules, debconf (>= 0.2.80) | debconf-2.0, syslogd | system-log-daemon, ${shlibs:Depends} +Conflicts: snort (<< ${Source-Version}) +Replaces: snort (<< 1.8.4beta1-1) +Suggests: snort-doc +Description: Flexible Network Intrusion Detection System [common files] + Snort is a libpcap-based packet sniffer/logger which can be used as a + lightweight network intrusion detection system. It features rules + based logging and can perform content searching/matching in addition + to being used to detect a variety of other attacks and probes, such + as buffer overflows, stealth port scans, CGI attacks, SMB probes, and + much more. Snort has a real-time alerting capability, with alerts being + sent to syslog, a separate "alert" file, or even to a Windows computer + via Samba. + . + This is a common package which holds cron jobs, tools and config files used + by all Snort-based packages. + . + Homepage: http://www.snort.org + +Package: snort-doc +Architecture: all +Priority: optional +Section: doc +Description: Documentation for the Snort IDS [documentation] + Snort is a libpcap-based packet sniffer/logger which can be used as a + lightweight network intrusion detection system. It features rules + based logging and can perform content searching/matching in addition + to being used to detect a variety of other attacks and probes, such + as buffer overflows, stealth port scans, CGI attacks, SMB probes, and + much more. Snort has a real-time alerting capability, with alerts being + sent to syslog, a separate "alert" file, or even to a Windows computer + via Samba. + . + Homepage: http://www.snort.org + +Package: snort-mysql +Provides: snort +Architecture: any +Priority: extra +Pre-Depends: adduser (>= 3.11) +Depends: snort-rules-default (>= ${Source-Version}), debconf (>= 0.2.80) | debconf-2.0, syslogd | system-log-daemon, ${shlibs:Depends}, snort-common (>= ${Source-Version}), logrotate, coreutils | fileutils (>= 4.1.9) | stat (>= 3.0) +Conflicts: snort, snort-pgsql +Description: Flexible Network Intrusion Detection System [MySQL] + Distribution of Snort with support for logging to a MySQL database. + . + Snort is a libpcap-based packet sniffer/logger which can be used as a + lightweight network intrusion detection system. It features rules + based logging and can perform content searching/matching in addition + to being used to detect a variety of other attacks and probes, such + as buffer overflows, stealth port scans, CGI attacks, SMB probes, and + much more. Snort has a real-time alerting capability, with alerts being + sent to syslog, a separate "alert" file, or even to a Windows computer + via Samba. + . + Homepage: http://www.snort.org + +Package: snort-pgsql +Provides: snort +Architecture: any +Priority: optional +Depends: snort-rules-default (>= ${Source-Version}), debconf (>= 0.2.80) | debconf-2.0, adduser (>= 3.11), syslogd | system-log-daemon, ${shlibs:Depends}, snort-common (>= ${Source-Version}), logrotate, coreutils | fileutils (>= 4.1.9) | stat (>= 3.0) +Conflicts: snort, snort-mysql +Description: Flexible Network Intrusion Detection System [PostgreSQL] + Distribution of Snort with support for logging to a PostgreSQL dbase. + . + Snort is a libpcap-based packet sniffer/logger which can be used as a + lightweight network intrusion detection system. It features rules + based logging and can perform content searching/matching in addition + to being used to detect a variety of other attacks and probes, such + as buffer overflows, stealth port scans, CGI attacks, SMB probes, and + much more. Snort has a real-time alerting capability, with alerts being + sent to syslog, a separate "alert" file, or even to a Windows computer + via Samba. + . + Homepage: http://www.snort.org + +Package: snort-rules-default +Provides: snort-rules +Architecture: all +Depends: debconf (>= 0.2.80) | debconf-2.0, adduser (>= 3.11), syslogd | system-log-daemon, ${shlibs:Depends} +Suggests: snort (>= 2.2.0) | snort-pgsql (>= 2.2.0) | snort-mysql (>= 2.2.0) +Recommends: oinkmaster +Description: Flexible Network Intrusion Detection System ruleset + Snort default ruleset which provides a common set of accepted and test + network intrusion detection rules developed by the Snort community. + . + These rules can be used as a basis for development of additional rules. + . + Homepage: http://www.snort.org/rules/ + --- snort-2.3.3.orig/debian/snort-pgsql.docs +++ snort-2.3.3/debian/snort-pgsql.docs @@ -0,0 +1,13 @@ +doc/AUTHORS +doc/BUGS +doc/CREDITS +doc/NEWS +doc/README +doc/README.FLEXRESP +doc/README.PLUGINS +doc/USAGE +doc/README.database +doc/README.csv +debian/my/snort_rules.html +debian/README.Maintainer +debian/README-database.Debian --- snort-2.3.3.orig/debian/snort.default +++ snort-2.3.3/debian/snort.default @@ -0,0 +1,8 @@ +# Parameters for the daemon +PARAMS="-m 027 -D -d " +# Logging directory +LOGDIR="/var/log/snort" +# Snort user +SNORTUSER="snort" +# Snort group +SNORTGROUP="snort" --- snort-2.3.3.orig/debian/snort-pgsql.postinst +++ snort-2.3.3/debian/snort-pgsql.postinst @@ -0,0 +1,253 @@ +#!/bin/sh -e + +CONFIG=/etc/snort/snort.debian.conf + +. /usr/share/debconf/confmodule +test $DEBIAN_SCRIPT_DEBUG && set -v -x + +# summary of how this script can be called: +# * `configure' +# * `abort-upgrade' +# * `abort-remove' `in-favour' +# +# * `abort-deconfigure' `in-favour' +# `removing' +# +# for details, see /usr/doc/packaging-manual/ +# +# quoting from the policy: +# Any necessary prompting should almost always be confined to the +# post-installation script, and should be protected with a conditional +# so that unnecessary prompting doesn't happen if a package's +# installation fails and the `postinst' is called with `abort-upgrade', +# `abort-remove' or `abort-deconfigure'. + +case "$1" in + install) + ;; + upgrade) + db_get snort-pgsql/startup || true + if [ "$RET" = "manual" ]; then + #db_fset snort-pgsql/please_restart_manually seen false + db_beginblock + db_input high snort-pgsql/please_restart_manually || true + db_endblock + db_go + db_stop + fi + ;; + configure) + # edit config file + db_get snort-pgsql/startup || true; STARTUP=$RET + db_get snort-pgsql/interface || true; INTERFACE="$RET" + db_get snort-pgsql/address_range || true; ADDRESS_RANGE="$RET" + db_get snort-pgsql/disable_promiscuous || true; DISABLE_PROMISCUOUS=$RET + db_get snort-pgsql/reverse_order || true; REVERSE_ORDER=$RET + db_get snort-pgsql/send_stats || true; STATS_SEND="$RET" + db_get snort-pgsql/stats_rcpt || true; STATS_RCPT="$RET" + db_get snort-pgsql/stats_treshold || true; STATS_THRESHOLD="$RET" + db_get snort-pgsql/options || true; OPTIONS="$RET" + + test "$DISABLE_PROMISCUOUS" = "true" && OPTIONS="$OPTIONS -p" + test "$REVERSE_ORDER" = "true" && OPTIONS="$OPTIONS -o" + # Failsafe in case the values above are blank (jfs) + [ -z "$STATS_RCPT" ] && STATS_RCPT=root + [ -z "$STATS_THRESHOLD" ] && STATS_THRESHOLD=1 + #STATS_RCPT=`echo "$STATS_RCPT" | sed -e 's/@/\\\\@/g' -e 's/,/\\\\,/g'` + + cat <$CONFIG +# This file is used for options that are changed by Debian to leave +# the original lib files untouched. +# You have to use "dpkg-reconfigure snort" to change them. + +DEBIAN_SNORT_STARTUP="$STARTUP" +DEBIAN_SNORT_HOME_NET="$ADDRESS_RANGE" +DEBIAN_SNORT_OPTIONS="$OPTIONS" +DEBIAN_SNORT_INTERFACE="$INTERFACE" +DEBIAN_SNORT_SEND_STATS="$STATS_SEND" +DEBIAN_SNORT_STATS_RCPT="$STATS_RCPT" +DEBIAN_SNORT_STATS_THRESHOLD="$STATS_THRESHOLD" +EOF + + if [ -f /etc/snort/snort.conf ]; then + # insert database config stuff in the configuration file, + # or configure it for syslog-logging. + db_get snort-pgsql/configure_db + if [ "$RET" = "true" ]; then + db_get snort-pgsql/db_host || true; DB_HOST=$RET + db_get snort-pgsql/db_database || true; DB_DATABASE=$RET + db_get snort-pgsql/db_user || true; DB_USER=$RET + db_get snort-pgsql/db_pass || true; DB_PASS=$RET + + # Here we put the database stuff in the config file. + TEMPFILE=`mktemp` + cat /etc/snort/snort.conf | while read LINE + do + if [ "$LINE" = "# (#DBSTART#)" ] + then + echo "# (#DBSTART#)" >> $TEMPFILE + echo -n "output database: log, postgresql, " >> $TEMPFILE + if [ $DB_USER ] + then + echo -n "user=$DB_USER " >> $TEMPFILE + fi + if [ $DB_PASS ] + then + echo -n "password=$DB_PASS " >> $TEMPFILE + fi + if [ $DB_DATABASE ] + then + echo -n "dbname=$DB_DATABASE " >> $TEMPFILE + fi + if [ $DB_HOST ] + then + echo -n "host=$DB_HOST " >> $TEMPFILE + fi + echo " " >> $TEMPFILE + echo "# (#DBEND#)" >> $TEMPFILE + break + else + echo $LINE >> $TEMPFILE + fi + done + + WRITE=0 + cat /etc/snort/snort.conf | while read LINE + do + if [ $WRITE -eq 1 ] + then + echo $LINE >> $TEMPFILE + fi + + if [ "$LINE" = "# (#DBEND#)" ] + then + WRITE=1 + fi + done + mv -f $TEMPFILE /etc/snort/snort.conf + fi + + # Ensure the config file is readable by root.root and mode 600 + if ! dpkg-statoverride --list /etc/snort/snort.conf >/dev/null + then + chown root:snort /etc/snort/snort.conf + chmod 640 /etc/snort/snort.conf + fi + fi + + db_stop + + # Check for left-over files from woody packages. + OLDCONF=/etc/snort/snort.rules.conf + if [ -f $OLDCONF ]; then + mv $OLDCONF $OLDCONF.OBSOLETE + fi + + # Update the rc.d's + update-rc.d snort defaults >/dev/null + + # in the case we reconfigure we have to restart and not just to start. + if [ -x /usr/sbin/invoke-rc.d ]; then + invoke-rc.d snort stop || true + else + /etc/init.d/snort stop || true + fi + ;; + abort-upgrade) + ;; + *) + echo "postinst called with unknown argument \`$1'" >&2 + exit 0 + ;; +esac + +if [ "$STARTUP" = "dialup" ]; then + + # Try to guess environments for all pppds we have no .env for... + for PPPD_PID in $(pidof pppd ipppd); do + # If we got an empty PID (however), we break here + test "$PPPD_PID" || continue + + # + # This is a lot of shell voodoo, let's try to figure it out: + # 1. egrep: + # It greps for our current pppd PID in all pppd and ipppd + # pidfiles. + # It *should* return exactly one file name: the one with + # our current pppd PID in it; however, to be safe, we fence + # it with a head -1. + # 2. basename $(egrep ...) .pid: + # It takes the file name from the egrep and strips off its + # path and the .pid suffix + # 3. sed: + # Unfortunately the filenames of pppd and ipppd differ: + # pppd uses $INTERFACE.pid, while ipppd uses + # ipppd.$INTERFACE.pid. + # The .pid is already stripped off by basename, thus, we + # just strip off any "ipppd." prefix and end up in the + # plain interface name. + # Maybe pppd decides to change it's pidfile naming + # convention according to ipppd somewhere in the future, + # thus, we use '^i\?pppd\.' (sed eregex) and thus strip + # off all "ipppd." and all "pppd." prefixes. This doesn't + # harm anyways. + # Because of the pppd pidfile naming convention, our + # approach works always with ipppd and mostly with pppd: + # the latter only, if the user did not decide to rename + # his ppp interface to something else than ppp* + # (not possible currently, afaics). + # + PPP_IFACE=$(basename $(egrep -l "^[[:space:]]*$PPPD_PID[[:space:]]*\$" /var/run/ppp*.pid /var/run/ipppd.*.pid 2> /dev/null | head -1) .pid | sed -e 's/^i\?pppd\.//') + + # + # If we got no interface from pidfiles (because there are no + # pidfiles, for example), we assume the most common case: + # one pppd with default route set. + # This is ugly, but there is no other chance. Let's hope, + # nobody ever manages multiple pppds without pidfiles for + # them. + # + test "$PPP_IFACE" || PPP_IFACE=$(route -n | + awk '/^0\.0\.0\.0 / { print $8 }') + + # If we couldn't discover an interface name, we break here + test "$PPP_IFACE" || continue + + PPP_LOCAL=$(ifconfig $PPP_IFACE | + awk '/inet addr:/ { gsub("addr:", ""); print $2 }') + + # If we couldn't discover a local IP, we break here + test "$PPP_LOCAL" || continue + + ENVFILE=/var/run/snort_$PPP_IFACE.env + + # If we already have an .env for that interface, we break here + test -e "$ENVFILE" && continue + + # Write .env for that interface + echo "Creating missing $ENVFILE" + echo "PPPD_PID=$PPPD_PID" > "$ENVFILE" + echo "PPP_IFACE=$PPP_IFACE" >> "$ENVFILE" + echo "PPP_LOCAL=$PPP_LOCAL" >> "$ENVFILE" + + # If such a snort is still running, just kill it + ps -ef | grep /usr/sbin/snort | grep "$PPP_LOCAL" | + grep "$PPP_IFACE" | awk '{ print $2 }' | + xargs --no-run-if-empty kill -s KILL >/dev/null + done +fi + +if [ "$STARTUP" = "boot" ] || [ "$STARTUP" = "dialup" ]; then + if [ -x /usr/sbin/invoke-rc.d ]; then + invoke-rc.d snort start || true + else + /etc/init.d/snort start || true + fi +fi + +# dh_installdeb will replace this with shell code automatically +# generated by other debhelper scripts. + +#DEBHELPER# + +exit 0 --- snort-2.3.3.orig/debian/snort-mysql.config +++ snort-2.3.3/debian/snort-mysql.config @@ -0,0 +1,78 @@ +#!/bin/sh -e + +. /usr/share/debconf/confmodule + +db_input low snort-mysql/startup || true +db_go + +# /etc/ppp/ip-up.d/snort-mysql is called with interface and IP number +db_get snort-mysql/startup +if [ "x$RET" = "xdialup" ]; then + db_set snort-mysql/interface "" + db_set snort-mysql/address_range "" + db_set snort-mysql/disable_promiscuous true +else + db_beginblock + db_input medium snort-mysql/interface || true + db_input high snort-mysql/address_range || true + db_input low snort-mysql/disable_promiscuous || true + db_endblock + db_go +fi + +db_beginblock +db_input low snort-mysql/reverse_order || true +db_input low snort-mysql/options || true +db_endblock +db_go + +db_beginblock +db_input low snort-mysql/send_stats || true +db_go + +db_get snort-mysql/send_stats +if [ $RET = true ]; then + db_beginblock + db_input medium snort-mysql/stats_rcpt || true + db_input low snort-mysql/stats_treshold || true + db_endblock + db_go +fi + +db_input high snort-mysql/configure_db || true +db_go +db_get snort-mysql/configure_db +if [ "x$RET" = "xtrue" ]; then + db_beginblock + db_input medium snort-mysql/db_host || true + db_input medium snort-mysql/db_database || true + db_input medium snort-mysql/db_user || true + db_input medium snort-mysql/db_pass || true + db_get snort-pgsql/wait_for_db_config || true + if [ "x$RET" = "xtrue" ]; then + db_set snort-mysql/needs_db_config "true" || true + else + db_input medium snort-mysql/needs_db_config || true + fi + db_endblock + db_go +fi + +DEFAULT=/etc/default/snort +PARAMETERS=/etc/snort/snort.common.parameters +if [ -e "$DEFAULT" ] && [ -e "$PARAMETERS" ] ; then + db_beginblock + db_input medium snort-mysql/config_parameters || true + db_endblock + db_go +fi + +db_get snort-mysql/startup +if [ "x$RET" = "xmanual" ]; then + db_beginblock + db_input medium snort-mysql/please_restart_manually || true + db_endblock + db_go +fi + +db_stop --- snort-2.3.3.orig/debian/oldrules.md5 +++ snort-2.3.3/debian/oldrules.md5 @@ -0,0 +1,33 @@ +3bc265bef3ff5fc675f9f1acf8ea6390 attack-responses.rules +c20eb0f3f140b7659ebd37f2e3553f2d backdoor.rules +08b710276367c03fcd26d1b3512a870d bad-traffic.rules +48683f29e6452e4e43f1af004f537485 ddos.rules +f605e07289ace0adc279aa46225834a5 dns.rules +b231ab5af973df5f06201f16be8a37ff dos.rules +31788f18caaed776f021e5029bdd6757 exploit.rules +3f0c90491298edd0dfc37a6afc9ffac6 finger.rules +a2f2068460b622a85624b664d9108b36 ftp.rules +c580f094d32435915f893c2661fb73dc icmp-info.rules +3abbb384dd222225560ec87b324b63ce icmp.rules +9159fed0eda9c16245f4c6edb94c0d7c info.rules +8005f28d5e2400c474a7b765029eefb5 local.rules +8204b5ce028496bca3f95a06dfca10b9 misc.rules +f63f7c3c9a9f627521b0dcce1e134f1f netbios.rules +fe402fc3c9e795ea22af59be84683be5 policy.rules +00b1e66fe86b46bf94460320ca71d972 porn.rules +c23be32425937a87219ccd0ee4f85813 rpc.rules +82a173d9144a11ea1e686fcec730549a rservices.rules +c9dd621a43c896dde6dd2da09575897f scan.rules +55a0e660ea08c314cf4d5c19f7973f83 shellcode.rules +b304d4b570e94112d6b025d6a55007c1 smtp.rules +ccff2e48615eb7d27466b26a9dd66b66 sql.rules +f68e3bee2ab97ce729f20a0f4751ca04 telnet.rules +a263d7e4526e8012aafd9daf62690519 tftp.rules +2abd1c03364a8a1c01650764cf2af2f1 virus.rules +fe239ae24a682d3d47251c28689fc9ec web-attacks.rules +2e99d333c4ab20bfd3f5694915b6d591 web-cgi.rules +3051d9dda0ed859487580733b2a318d2 web-coldfusion.rules +b7fc9e8371d04b5ec203651c15135657 web-frontpage.rules +e7100df55b15a262f45d0a2940594d1f web-iis.rules +028a217dbdc67fea026a1f7c3dd6560b web-misc.rules +6e85b6a55b84bffc29fd58b8e6747b65 x11.rules --- snort-2.3.3.orig/debian/snort-pgsql.manpages +++ snort-2.3.3/debian/snort-pgsql.manpages @@ -0,0 +1 @@ +snort.8 --- snort-2.3.3.orig/debian/snort-common.templates +++ snort-2.3.3/debian/snort-common.templates @@ -0,0 +1,11 @@ +Template: snort/deprecated_config +Type: note +_Description: Your configuration file is deprecated + Your Snort configuration file (/etc/snort/snort.conf) uses deprecated + options no longer available for this Snort release. + Snort will not be able to start unless you provide a correct configuration + file. You can substitute your configuration file with the one provided + in this package or fix it manually by removing deprecated options. + . + The following deprecated options were found in your configuration file: + ${DEP_CONFIG} --- snort-2.3.3.orig/debian/snort-rules-default.preinst +++ snort-2.3.3/debian/snort-rules-default.preinst @@ -0,0 +1,126 @@ +#!/bin/sh + +# Preinst for snort-common-rules, currently only handles +# migration from old /etc/snort to new /etc/snort setup +# + +check_md5() { +# if the MD5sum matches the user has not modified it, remove it +# if it does not match then just move it to the new location + [ ! -f "$1" ] && return 1 + [ -z "$2" ] && return 1 + if md5sum $1 2>/dev/null |grep -q $2; then + echo "Removing $1 since it has not been changed" + rm -f $1 + else + # Optionally move to a directory + if [ -n "$3" ] && [ -d "$3" ] ; then + echo "Moving $1 to $3" + mv $1 $3 + fi + fi +} + + +if [ ! -d /etc/snort/rules ] +then + mkdir -p /etc/snort/rules + chown root:root /etc/snort/rules + chmod 755 /etc/snort/rules +fi + +case "$1" in + install|upgrade) + if [ "x$2" != "x" ] ; then + if dpkg --compare-versions $2 lt 1.9.0beta4-1 ; then + if [ ! -z "`ls /etc/snort/*.rules 2>/dev/null | head -1`" ] + then + echo "Checking if old rulefiles have been changed" + echo " +3bc265bef3ff5fc675f9f1acf8ea6390 attack-responses.rules +3bc265bef3ff5fc675f9f1acf8ea6390 attack-responses.rules +c20eb0f3f140b7659ebd37f2e3553f2d backdoor.rules +08b710276367c03fcd26d1b3512a870d bad-traffic.rules +48683f29e6452e4e43f1af004f537485 ddos.rules +f605e07289ace0adc279aa46225834a5 dns.rules +b231ab5af973df5f06201f16be8a37ff dos.rules +31788f18caaed776f021e5029bdd6757 exploit.rules +3f0c90491298edd0dfc37a6afc9ffac6 finger.rules +a2f2068460b622a85624b664d9108b36 ftp.rules +c580f094d32435915f893c2661fb73dc icmp-info.rules +3abbb384dd222225560ec87b324b63ce icmp.rules +9159fed0eda9c16245f4c6edb94c0d7c info.rules +8005f28d5e2400c474a7b765029eefb5 local.rules +8204b5ce028496bca3f95a06dfca10b9 misc.rules +f63f7c3c9a9f627521b0dcce1e134f1f netbios.rules +fe402fc3c9e795ea22af59be84683be5 policy.rules +00b1e66fe86b46bf94460320ca71d972 porn.rules +c23be32425937a87219ccd0ee4f85813 rpc.rules +82a173d9144a11ea1e686fcec730549a rservices.rules +c9dd621a43c896dde6dd2da09575897f scan.rules +55a0e660ea08c314cf4d5c19f7973f83 shellcode.rules +b304d4b570e94112d6b025d6a55007c1 smtp.rules +ccff2e48615eb7d27466b26a9dd66b66 sql.rules +f68e3bee2ab97ce729f20a0f4751ca04 telnet.rules +a263d7e4526e8012aafd9daf62690519 tftp.rules +2abd1c03364a8a1c01650764cf2af2f1 virus.rules +fe239ae24a682d3d47251c28689fc9ec web-attacks.rules +2e99d333c4ab20bfd3f5694915b6d591 web-cgi.rules +3051d9dda0ed859487580733b2a318d2 web-coldfusion.rules +b7fc9e8371d04b5ec203651c15135657 web-frontpage.rules +e7100df55b15a262f45d0a2940594d1f web-iis.rules +028a217dbdc67fea026a1f7c3dd6560b web-misc.rules +6e85b6a55b84bffc29fd58b8e6747b65 x11.rules +c20eb0f3f140b7659ebd37f2e3553f2d backdoor.rules +08b710276367c03fcd26d1b3512a870d bad-traffic.rules +48683f29e6452e4e43f1af004f537485 ddos.rules +f605e07289ace0adc279aa46225834a5 dns.rules +b231ab5af973df5f06201f16be8a37ff dos.rules +31788f18caaed776f021e5029bdd6757 exploit.rules +3f0c90491298edd0dfc37a6afc9ffac6 finger.rules +a2f2068460b622a85624b664d9108b36 ftp.rules +c580f094d32435915f893c2661fb73dc icmp-info.rules +3abbb384dd222225560ec87b324b63ce icmp.rules +9159fed0eda9c16245f4c6edb94c0d7c info.rules +8005f28d5e2400c474a7b765029eefb5 local.rules +8204b5ce028496bca3f95a06dfca10b9 misc.rules +f63f7c3c9a9f627521b0dcce1e134f1f netbios.rules +fe402fc3c9e795ea22af59be84683be5 policy.rules +00b1e66fe86b46bf94460320ca71d972 porn.rules +c23be32425937a87219ccd0ee4f85813 rpc.rules +82a173d9144a11ea1e686fcec730549a rservices.rules +c9dd621a43c896dde6dd2da09575897f scan.rules +55a0e660ea08c314cf4d5c19f7973f83 shellcode.rules +b304d4b570e94112d6b025d6a55007c1 smtp.rules +ccff2e48615eb7d27466b26a9dd66b66 sql.rules +f68e3bee2ab97ce729f20a0f4751ca04 telnet.rules +a263d7e4526e8012aafd9daf62690519 tftp.rules +2abd1c03364a8a1c01650764cf2af2f1 virus.rules +fe239ae24a682d3d47251c28689fc9ec web-attacks.rules +2e99d333c4ab20bfd3f5694915b6d591 web-cgi.rules +3051d9dda0ed859487580733b2a318d2 web-coldfusion.rules +b7fc9e8371d04b5ec203651c15135657 web-frontpage.rules +e7100df55b15a262f45d0a2940594d1f web-iis.rules +028a217dbdc67fea026a1f7c3dd6560b web-misc.rules +6e85b6a55b84bffc29fd58b8e6747b65 x11.rules +" | + while read md5sum file ; do + check_md5 /etc/snort/$file $md5sum /etc/snort/rules/ + done + echo "Finished check of old rulefiles" + # Classification config modified? + check_md5 /etc/snort/classification.config 183a351fc8c3a60ed9fbbb8194e4eda1 + fi + fi + fi + ;; + abort-upgrade) + ;; + *) + echo "preinst called with unknown argument \`$1'" >&2 + exit 1 + ;; +esac + + +#DEBHELPER# --- snort-2.3.3.orig/debian/snort-pgsql.dirs +++ snort-2.3.3/debian/snort-pgsql.dirs @@ -0,0 +1,11 @@ +etc/cron.daily +etc/init.d +etc/logrotate.d +etc/default +etc/ppp/ip-down.d +etc/ppp/ip-up.d +etc/snort +usr/sbin +usr/share/doc/snort +usr/share/man/man8 +var/log/snort --- snort-2.3.3.orig/debian/README-database.Debian +++ snort-2.3.3/debian/README-database.Debian @@ -0,0 +1,100 @@ + + SNORT WITH DATABASE SUPPORT +------------------------------ + If you are using snort-pgsql or snort-mysql please notice that you have + to create the database structure right after installing the package + and start Snort manually. + + In order to create the database structure do: + + - if using PostgreSQL + $ cd /usr/share/doc/snort-pgsql/ + $ zcat create_postgresql.gz | psql -U -h -W + + - if using MySQL + $ cd /usr/share/doc/snort-mysql/ + $ zcat create_mysql.gz | mysql -u -h -p + + In either case fill in the correct values for the user, host, and + database names. Depending on the user priviledges set on the database + you can use the same user that Snort will use to access the + database or an admin user. In either case, the user you use should + have priviledges to create tables and indexes. Once created you have + to grant the user your configured in Debconf so that it has priviledges + over the tables created through the schema. + + Once you have setup the database, you will need to start Snort manually + since it was left unstarted after the installation. To do this + remove the file '/etc/snort/db-pending-configuration' and then + do '/etc/init.d/snort start'. Confirm that snort is working and up + by running '/etc/init.d/snort status' and reviewing the messages in + the /var/log/daemon.log syslog file. + + CREATING THE DATABASE +----------------------- + + Notice that in order for the above to work you need to create first + a database. + + Consider that you have defined the following information when asked + to in the Debconf dialogs when installing the package: + + Database User: snort + Database Password: snort-db + Database name: snort + + For Mysql you can do this: + + [ running as an mysql user with admin privileges ] + $ mysql + mysql> CREATE DATABASE snort + mysql> SET PASSWORD FOR snort@localhost=PASSWORD('snort-db'); + mysql> grant CREATE, INSERT, SELECT, UPDATE on snort.* to snort@localhost; + mysql> grant CREATE, INSERT, SELECT, UPDATE on snort.* to snort; + mysql> flush privileges; + [ you can confirm the changes above running ] + mysql> show grants for 'snort'@'localhost'; + + And then you can run the command above as: + + $ zcat create_mysql.gz | mysql -u snort -p snort + + For PosgreSQL you can do this: + + [ running as user 'posgres' ] + $ psql template1 + template1=# CREATE DATABASE snort; + CREATE DATABASE + template1=# \q + $ zcat create_postgresql.gz | psql snort + [ creates the database ] + + If you are using authentication based on passwords in your Postgres + database use this: + + $ psql snort + snort=# CREATE USER snort PASSWORD 'snort-db'; + CREATE USER + snort=# GRANT INSERT, SELECT, UPDATE ON TABLE data,detail,encoding, + event,icmphdr,iphdr,opt,reference,reference_system,schema,sensor, + sig_class,signature,sig_reference,tcphdr,udphdr TO snort; + GRANT + [ now you can confirm that it was indeed created ] + snort=# SELECT * FROM pg_user WHERE usename='snort'; + snort=#\q + + You should be able now to connect to the Postgres database with: + + $ psql -U snort --password snort + + Alternatively, if the sensor is running on the same server as the database + you could use 'ident' authentication, since the Snort sensor will be running + as user 'snort'. Use this line in /etc/postgresql/pg_hba.conf: + +------------------------------------------------------------------------------ +host all all 127.0.0.1 255.255.255.255 ident sameuser +------------------------------------------------------------------------------ + + + -- Javier Fernandez-Sanguino Pen~a + Thu, 25 Aug 2005 16:44:46 +0200 --- snort-2.3.3.orig/debian/snort-doc.doc-base.paper +++ snort-2.3.3/debian/snort-doc.doc-base.paper @@ -0,0 +1,16 @@ +Document: snort-paper +Title: Snort - Lightweight Intrusion Detection for Networks +Author: Martin Roesch +Abstract: An overview of Snort NIDS + Network intrusion detection systems (NIDS) are an important part of any + network security architecture. They provide a layer of defense which + monitors network traffic for predefined suspicious activity or patterns, and + alert system administrators when potential hostile traffic is detected. + Commercial NIDS have many differences, but Information Systems departments + must face the commonalities that they share such as significant system + footprint, complex deployment and high monetary cost. Snort was designed to + address these issues. +Section: Apps/Net + +Format: text +Files: /usr/share/doc/snort-doc/lisapaper.txt.gz --- snort-2.3.3.orig/debian/cs.po +++ snort-2.3.3/debian/cs.po @@ -0,0 +1,567 @@ +# +# Translators, if you are not familiar with the PO format, gettext +# documentation is worth reading, especially sections dedicated to +# this format, e.g. by running: +# info -n '(gettext)PO Files' +# info -n '(gettext)Header Entry' +# +# Some information specific to po-debconf are available at +# /usr/share/doc/po-debconf/README-trans +# or http://www.debian.org/intl/l10n/po-debconf/README-trans +# +# Developers do not need to manually edit POT or PO files. +# +msgid "" +msgstr "" +"Project-Id-Version: snort\n" +"Report-Msgid-Bugs-To: \n" +"POT-Creation-Date: 2005-02-25 01:01+0100\n" +"PO-Revision-Date: 2005-08-06 18:52+0200\n" +"Last-Translator: Jan Outrata \n" +"Language-Team: Czech \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=ISO-8859-2\n" +"Content-Transfer-Encoding: 8bit\n" + +#. Type: select +#. Choices +#: ../snort.templates:3 ../snort-mysql.templates:3 ../snort-pgsql.templates:3 +msgid "boot, dialup, manual" +msgstr "boot, dialup, ruènì" + +#. Type: select +#. Description +#: ../snort.templates:5 ../snort-mysql.templates:5 ../snort-pgsql.templates:5 +msgid "When should Snort be started?" +msgstr "Kdy má být Snort spou¹tìn?" + +#. Type: select +#. Description +#: ../snort.templates:5 ../snort-mysql.templates:5 ../snort-pgsql.templates:5 +msgid "" +"Snort can be started during boot, when connecting to the net with pppd or " +"only when you manually start it via /usr/sbin/snort." +msgstr "" +"Snort mù¾e být spu¹tìn bìhem startu systému (boot), pøi pøipojování k " +"síti pomocí pppd (dialup) nebo jen kdy¾ jej spustíte ruènì pøes " +"/usr/sbin/snort." + +#. Type: string +#. Description +#: ../snort.templates:12 +msgid "On which interface(s) should Snort listen?" +msgstr "Na kterém (kterých) rozhraní (rozhraních) má Snort naslouchat?" + +#. Type: string +#. Description +#: ../snort.templates:12 +msgid "" +"Please enter the interface(s) name(s) which snort should listen on. The name " +"of the available interfaces are provided by running 'ip link show'. This " +"value usually is 'eth0', but you might want to vary this depending on your " +"environment, if you are using a dialup connection 'ppp0' might be more " +"appropiate." +msgstr "" +"Zadejte jméno (jména) rozhraní, na kterém (kterých) má snort " +"naslouchat. Jména dostupných rozhraní získáte spu¹tìním 'ip link " +"show'. Tato hodnota je obvykle 'eth0', ale mù¾ete chtít jinou v " +"závislosti na va¹em prostøedí, pokud pou¾íváte vytáèené pøipojení, " +"'ppp0' mù¾e být vhodnìj¹í." + +#. Type: string +#. Description +#: ../snort.templates:12 ../snort-pgsql.templates:12 +msgid "" +"Notice that Snort is usually configured to inspect all traffic coming from " +"the Internet, so the interface you add here is usually the same the 'default " +"route' is on. You can determine which interface is used for this running " +"either '/sbin/ip ro sh' or '/sbin/route -n' (look for 'default' or " +"'0.0.0.0')." +msgstr "" +"Snort je obvykle konfigurován pro sledování ve¹kerého provozu " +"pøicházejícího z Internetu, tak¾e rozhraní, které zde pøidáte, je " +"obvykle stejné jako je 'výchozí smìrování (default route)'. Které " +"rozhraní se pro toto pou¾ívá, mù¾ete zjistit spu¹tìním buï '/sbin/ip " +"ro sh' nebo '/sbin/route -n' (hledejte 'default' nebo '0.0.0.0')." + +#. Type: string +#. Description +#: ../snort.templates:12 ../snort-mysql.templates:12 +#: ../snort-pgsql.templates:12 +msgid "" +"It is also not uncommon to run Snort on an interface with no IP and " +"configured in promiscuous mode, if this is your case, select the interface " +"in this system that is physically connected to the network you want to " +"inspect, enable promiscuous mode later on and make sure that the network " +"traffic is sent to this interface (either connected to a 'port mirroring/" +"spanning' port in a switch, to a hub or to a tap)" +msgstr "" +"Také není neobvyklé spustit Snort na rozhraní bez IP adresy a " +"nastaveném do promiskuitního módu, pokud je to vá¹ pøípad, vyberte " +"rozhraní systému fyzicky pøipojené k síti a které chcete sledovat, " +"potom povolte promiskuitní mód a ujistìte se, ¾e je sí»ový provoz " +"posílán na toto rozhraní (buï pøipojené k 'port mirroring/spanning' " +"portu switche, k hubu nebo k tap rozhraní." + +#. Type: string +#. Description +#: ../snort.templates:12 +msgid "" +"You can configure multiple interfaces here, just by adding more than one " +"interface name separated by spaces. Each interface can have its specific " +"configuration." +msgstr "" +"Mù¾ete zde také zadat více rozhraní, jednodu¹e zapsáním více ne¾ " +"jednoho jména rozhraní, oddìlených mezerami. Ka¾dé rozhraní mù¾e mít " +"své specifické nastavení." + +#. Type: string +#. Description +#: ../snort.templates:39 ../snort-mysql.templates:35 +#: ../snort-pgsql.templates:35 +msgid "Please enter the address range that Snort will listen on." +msgstr "Zadejte adresní rozsah, na kterém bude Snort naslouchat." + +#. Type: string +#. Description +#: ../snort.templates:39 ../snort-mysql.templates:35 +#: ../snort-pgsql.templates:35 +msgid "" +"You have to use CIDR form, i.e. 192.168.1.0/24 for a block of 256 IPs or " +"192.168.1.42/32 for just one. Specify multiple addresses on a single line " +"separated by ',' (comma characters), no spaces allowed!" +msgstr "" +"Musíte pou¾ít zápis CIDR, t.j. 192.168.1.0/24 pro blok 256 IP adres " +"nebo 192.168.1.42/32 pro jednu jedinou adresu. Více adres zadejte na " +"jednom øádku oddìlené ',' (èárka), bez mezer!" + +#. Type: string +#. Description +#: ../snort.templates:39 ../snort-mysql.templates:35 +#: ../snort-pgsql.templates:35 +msgid "" +"If you want you can specify 'any', to not trust any side of the network." +msgstr "" +"Jestli chcete, mù¾ete zadat 'any', pokud nedùvìøujete ¾ádné stranì " +"sítì." + +#. Type: string +#. Description +#: ../snort.templates:39 +msgid "" +"Notice that if you are using multiple interfaces this definition will be " +"used as the HOME_NET definition of all of them." +msgstr "" +"Pokud pou¾íváte více rozhraní, bude tato definice pou¾ita jako " +"definice HOME_NET pro v¹echna z nich." + +#. Type: boolean +#. Description +#: ../snort.templates:52 ../snort-mysql.templates:45 +msgid "Should Snort disable promiscuous mode on the interface?" +msgstr "Má Snort zakázat promiskuitní mód na tomto rozhraní?" + +#. Type: boolean +#. Description +#: ../snort.templates:52 ../snort-mysql.templates:45 +#: ../snort-pgsql.templates:45 +msgid "" +"Disabling promiscuous mode means that Snort will only see packets addressed " +"to it's own interface. Enabling it allows Snort to check every packet that " +"passes ethernet segment even if it's a connection between two other " +"computers." +msgstr "" +"Zakázání promiskuitního módu znamená, ¾e Snort uvidí jen pakety " +"adresované jeho vlastnímu rozhraní. Povolení dovoluje Snortu " +"kontrolovat ka¾dý paket, který prochází ethernetovým segmentem, i kdy¾ " +"je to spojení mezi jinými dvìma poèítaèi." + +#. Type: boolean +#. Description +#: ../snort.templates:52 ../snort-mysql.templates:45 +#: ../snort-pgsql.templates:45 +msgid "" +"Disable promiscuous mode if you are configuring Snort on an interface " +"without a configured IP address." +msgstr "" +"Zaka¾te promiskuitní mód, jestli¾e konfigurujete Snort na rozhraní bez " +"nastavené IP adresy." + +#. Type: boolean +#. Description +#: ../snort.templates:64 ../snort-mysql.templates:57 +#: ../snort-pgsql.templates:57 +msgid "Should Snort's rules testing order be changed to Pass|Alert|Log?" +msgstr "Má být poøadí testovacích pravidel Snortu zmìnìno na Pass|Alert|Log?" + +#. Type: boolean +#. Description +#: ../snort.templates:64 ../snort-mysql.templates:57 +#: ../snort-pgsql.templates:57 +msgid "" +"If you change Snort's rules testing order to Pass|Alert|Log, they will be " +"applied in Pass->Alert->Log order, instead of standard Alert->Pass->Log. " +"This will prevent people from having to make huge Berky Packet Filter " +"command line arguments to filter their alert rules." +msgstr "" +"Jestli¾e zmìníte poøadí testovacích pravidel Snortu na Pass|Alert|Log " +"(Propustit|Upozornit|Logovat), budou aplikována v poøadí " +"Pass->Alert->Log, místo standardního Alert->Pass->Log. Tím pøedejdete " +"nutnosti vytváøet rozsáhlé parametry pøíkazového øádku Berkeley Packet " +"Filtru pro filtrování upozoròovacích pravidel." + +#. Type: string +#. Description +#: ../snort.templates:73 ../snort-mysql.templates:66 +#: ../snort-pgsql.templates:66 +msgid "Who should receive the daily statistics mails?" +msgstr "Kdo má dostávat denní maily se statistikami?" + +#. Type: string +#. Description +#: ../snort.templates:73 +msgid "" +"A cron job running daily will summarise the information of the logs " +"generated by Snort using a script called 'snort-stat'. Introduce here the " +"recipient of these mails. The default value is the system administrator. If " +"you keep this value, make sure that the mail of the administrator is " +"redirected to a user that actually reads those mails." +msgstr "" +"Úloha pro cron spou¹tìná dennì shrnuje pomocí skriptu 'snort-stat' " +"informace z logù generovaných Snortem. Uveïte zde pøíjemnce tìchto " +"mailù. Výchozí hodnota je administrátor systému. Pokud tuto hodnotu " +"zachováte, ujistìte se, ¾e po¹ta pro administrátora je pøesmìrována " +"u¾ivateli, který ve skuteènosti ète tyto maily." + +#. Type: string +#. Description +#: ../snort.templates:83 ../snort-mysql.templates:70 +#: ../snort-pgsql.templates:70 +msgid "" +"If you want to specify custom options to Snort, please specify them here." +msgstr "Pokud chcete zadat vlastní parametry Snortu, zadejte je zde." + +#. Type: string +#. Description +#: ../snort.templates:88 ../snort-mysql.templates:75 +#: ../snort-pgsql.templates:75 +msgid "" +"An alert needs to appear more times than this number to be included in the " +"daily statistics." +msgstr "" +"Upozornìní se musí vyskytnout vícekrát ne¾ toto èíslo, aby bylo " +"obsa¾eno v denní statistice." + +#. Type: note +#. Description +#: ../snort.templates:92 ../snort-mysql.templates:136 +#: ../snort-pgsql.templates:136 +msgid "You are running Snort manually." +msgstr "Spou¹títe Snort ruènì." + +#. Type: note +#. Description +#: ../snort.templates:92 ../snort-mysql.templates:136 +#: ../snort-pgsql.templates:136 +msgid "" +"Please restart Snort using:\n" +" /etc/init.d/snort start\n" +"to let the settings take effect." +msgstr "" +"Restartujte Snort pomocí:\n" +" /etc/init.d/snort start\n" +"aby nastavení nabyla platnosti." + +#. Type: note +#. Description +#: ../snort.templates:99 +msgid "There is an error in your configuration" +msgstr "Ve va¹í konfiguraci je chyba" + +#. Type: note +#. Description +#: ../snort.templates:99 +msgid "" +"Your Snort configuration is not correct and Snort will not be able to start " +"up normally. Please review your configuration and fix it. If you do not do " +"this, Snort package upgrades will probably break. To check which error is " +"being generated run '/usr/sbin/snort -T -c /etc/snort/snort.conf' (or point " +"to an alternate configuration file if you are using different files for " +"different interfaces)" +msgstr "" +"Va¹e konfigurace Snortu není správná a proto se nebude moci normálnì " +"spustit. Zkontrolujte konfiguraci a opravte to. Pokud to neudìláte, " +"aktualizace balíèku Snortu pravdìpodobnì skonèí s chybou. Pro " +"zji¹tìní, jaká chyba je generována, spus»te '/usr/sbin/snort -T -c " +"/etc/snort/snort.conf' (nebo zadejte jiný konfiguraèní soubor, " +"jestli¾e pou¾íváte rùzné soubory pro rùzná rozhraní)" + +#. Type: note +#. Description +#: ../snort.templates:109 ../snort-mysql.templates:79 +#: ../snort-pgsql.templates:79 +msgid "This system uses an obsolete configuration file" +msgstr "Tento systém pou¾ívá zastaralý konfiguraèní soubor" + +#. Type: note +#. Description +#: ../snort.templates:109 ../snort-mysql.templates:79 +#: ../snort-pgsql.templates:79 +msgid "" +"Your system has an obsolete configuration file (/etc/snort/snort.common." +"parameters) which has been automatically converted into the new " +"configuration file format (at /etc/default/snort). Please review the new " +"configuration and remove the obsolete one. Until you do this, the init.d " +"script will not use the new configuration and you will not take advantage of " +"the benefits introduced in newer releases." +msgstr "" +"Vá¹ systém obsahuje zastaralý konfiguraèní soubor " +"(/etc/snort/snort.common.parameters), který byl automaticky pøeveden " +"do nového formátu konfiguraèního souboru (v " +"/etc/default/snort). Zkontrolujte novou konfiguraci a odstraòte tu " +"zastaralou. Dokud to neudìláte, skript init.d nebude pou¾ívat novou " +"konfiguraci a nevyu¾ijete tak výhod pøedstavených v nových verzích." + +#. Type: string +#. Description +#: ../snort-mysql.templates:12 ../snort-pgsql.templates:12 +msgid "On which interface should Snort listen?" +msgstr "Na kterém rozhraní má Snort naslouchat?" + +#. Type: string +#. Description +#: ../snort-mysql.templates:12 ../snort-pgsql.templates:12 +msgid "" +"Please enter the interface name which snort should listen on. The name of " +"the available interfaces are provided by running 'ip link show'. This value " +"usually is 'eth0', but you might want to vary this depending on your " +"environment, if you are using a dialup connection 'ppp0' might be more " +"appropiate." +msgstr "" +"Zadejte jméno rozhraní, na kterém má snort naslouchat. Jména " +"dostupných rozhraní získáte spu¹tìním 'ip link show'. Tato hodnota je " +"obvykle 'eth0', ale mù¾ete chtít jinou v závislosti na va¹em " +"prostøedí, pokud pou¾íváte vytáèené pøipojení, 'ppp0' mù¾e být " +"vhodnìj¹í." + +#. Type: string +#. Description +#: ../snort-mysql.templates:12 +msgid "" +"Notice that Snort is usually configured to inspect all traffic coming from " +"the Internet, so the interface you add here is usually the same the 'default " +"route' is on. You can determine which interface is used for this running " +"either 'ip route show' or '/sbin/route -n' (look for 'default' or '0.0.0.0')." +msgstr "" +"Snort je obvykle konfigurován pro sledování ve¹kerého provozu " +"pøicházejícího z Internetu, tak¾e rozhraní, které zde pøidáte, je " +"obvykle stejné jako je 'výchozí smìrování (default route)'. Které " +"rozhraní se pro toto pou¾ívá, mù¾ete zjistit spu¹tìním buï 'ip route " +"show' nebo '/sbin/route -n' (hledejte 'default' nebo '0.0.0.0')." + +#. Type: boolean +#. Description +#: ../snort-mysql.templates:91 +msgid "Do you want to set up a database for snort-mysql to log to?" +msgstr "Chcete nastavit databázi, ke které se má snort-mysql pøihlásit?" + +#. Type: boolean +#. Description +#: ../snort-mysql.templates:91 +msgid "" +"You only need to do this the first time you install snort-mysql. Before you " +"go on, make sure you have (1) the hostname of a machine running a mysql " +"server set up to allow tcp connections from this host, (2) a database on " +"that server, (3) a username and password to access the database. If you " +"don't have _all_ of these, either select 'no' and run with regular file " +"logging support, or fix this first. You can always configure database " +"logging later, by reconfiguring the snort-mysql package with 'dpkg-" +"reconfigure -plow snort-mysql'" +msgstr "" +"Toto je potøeba udìlat jen pøi první instalaci snort-mysql. Ne¾ budete " +"pokraèovat, ujistìte se, ¾e máte (1) jméno poèítaèe, na kterém bì¾í " +"mysql server, nastaveno pro povolení tcp spojení z tohoto poèítaèe, " +"(2) databázi na tom serveru, (3) u¾ivatelské jméno a heslo pro pøístup " +"do databáze. Pokud nemáte tohle _v¹echno_, zvolte 'ne' a spokojte se s " +"podporou logování do normálního souboru, nebo to nejdøív " +"napravte. V¾dycky mù¾ete nastavit logování do databáze pozdìji " +"rekonfigurováním balíèku snort-mysql pomocí 'dpkg-reconfigure -plow " +"snort-mysql'" + +#. Type: note +#. Description +#: ../snort-mysql.templates:103 ../snort-pgsql.templates:103 +msgid "Snort needs a configured database to log to." +msgstr "Snort potøebuje nastavit databázi, ke které se má pøihlásit." + +#. Type: note +#. Description +#: ../snort-mysql.templates:103 +msgid "" +"Please create the database structure now, using the following command:\n" +" cd /usr/share/doc/snort-mysql/\n" +" zcat create_mysql.gz | mysql -u -h -p \n" +"Fill in the correct values for the user, host, and database names. MySQL " +"will prompt you for the password." +msgstr "" +"Vytvoøte nyní strukturu databáze, pomocí následujícího pøíkazu:\n" +" cd /usr/share/doc/snort-mysql/\n" +" zcat create_mysql.gz | mysql -u -h -p \n" +"Doplòte správné hodnoty pro u¾ivatele, poèítaè a jméno databáze. MySQL " +"se vás zeptá na heslo." + +#. Type: note +#. Description +#: ../snort-mysql.templates:103 ../snort-pgsql.templates:103 +msgid "After you created the database structure, press 'ok' to continue." +msgstr "Po vytvoøení struktury databáze zmáèknìte 'ok' pro pokraèování." + +#. Type: string +#. Description +#: ../snort-mysql.templates:114 +msgid "Please enter the hostname of the mysql database server to use." +msgstr "" +"Zadejte jméno poèítaèe s mysql databázovým serverem, který se má " +"pou¾ít." + +#. Type: string +#. Description +#: ../snort-mysql.templates:114 ../snort-pgsql.templates:114 +msgid "" +"Make sure it has been set up correctly to allow incoming connections from " +"this host!" +msgstr "" +"Ujistìte se, ¾e bylo správnì nastaveno povolení pøíchozích spojení z " +"tohoto poèítaèe!" + +#. Type: string +#. Description +#: ../snort-mysql.templates:120 ../snort-pgsql.templates:120 +msgid "Please enter the name of the database to use." +msgstr "Zadejte jméno databáze, která se má pou¾ít." + +#. Type: string +#. Description +#: ../snort-mysql.templates:120 ../snort-pgsql.templates:120 +msgid "" +"Make sure this database has been created and your database user has write " +"access to this database." +msgstr "" +"Ujistìte se, ¾e byla tato databáze vytvoøena a ¾e má databázový " +"u¾ivatel právo zápisu do této databáze." + +#. Type: string +#. Description +#: ../snort-mysql.templates:126 ../snort-pgsql.templates:126 +msgid "Please enter the name of the database user you want to use." +msgstr "Zadejte jméno databázového u¾ivatele, které chcete pou¾ít." + +#. Type: string +#. Description +#: ../snort-mysql.templates:126 ../snort-pgsql.templates:126 +msgid "Make sure this user has been created and has write access." +msgstr "Ujistìte se, ¾e byl tento u¾ivatel vytvoøen a ¾e má právo zápisu." + +#. Type: password +#. Description +#: ../snort-mysql.templates:131 ../snort-pgsql.templates:131 +msgid "Please enter the password for the database connection." +msgstr "Zadejte heslo pro pøipojení k databázi." + +#. Type: password +#. Description +#: ../snort-mysql.templates:131 ../snort-pgsql.templates:131 +msgid "Please enter a password to connect to the Snort Alert database." +msgstr "Zadejte heslo pro pøipojení k Snort Alert databázi." + +#. Type: boolean +#. Description +#: ../snort-pgsql.templates:45 +msgid "Should Snort disable promiscous mode on the interface?" +msgstr "Má Snort zakázat promiskuitní mód na tomto rozhraní?" + +#. Type: boolean +#. Description +#: ../snort-pgsql.templates:91 +msgid "Do you want to set up a database for snort-pgsql to log to?" +msgstr "Chcete nastavit databázi, ke které se má snort-pgsql pøihlásit?" + +#. Type: boolean +#. Description +#: ../snort-pgsql.templates:91 +msgid "" +"You only need to do this the first time you install snort-pgsql. Before you " +"go on, make sure you have (1) the hostname of a machine running a pgsql " +"server set up to allow tcp connections from this host, (2) a database on " +"that server, (3) a username and password to access the database. If you " +"don't have _all_ of these, either select 'no' and run with regular file " +"logging support, or fix this first. You can always configure database " +"logging later, by reconfiguring the snort-pgsql package with 'dpkg-" +"reconfigure -plow snort-pgsql'" +msgstr "" +"Toto je potøeba udìlat jen pøi první instalaci snort-pgsql. Ne¾ budete " +"pokraèovat, ujistìte se, ¾e máte (1) jméno poèítaèe, na kterém bì¾í " +"pgsql server, nastaveno pro povolení tcp spojení z tohoto poèítaèe, " +"(2) databázi na tom serveru, (3) u¾ivatelské jméno a heslo pro pøístup " +"do databáze. Pokud nemáte tohle _v¹echno_, zvolte 'ne' a spokojte se s " +"podporou logování do normálního souboru, nebo to nejdøív " +"napravte. V¾dycky mù¾ete nastavit logování do databáze pozdìji " +"rekonfigurováním balíèku snort-pgsql pomocí 'dpkg-reconfigure -plow " +"snort-pgsql'" + +#. Type: note +#. Description +#: ../snort-pgsql.templates:103 +msgid "" +"Please create the database structure now, using the following command:\n" +" cd /usr/share/doc/snort-pgsql/\n" +" zcat create_pgsql.gz | psql -U -h -W \n" +"Fill in the correct values for the user, host, and database names. " +"PostgreSQL will prompt you for the password." +msgstr "" +"Vytvoøte nyní strukturu databáze, pomocí následujícího pøíkazu:\n" +" cd /usr/share/doc/snort-pgsql/\n" +" zcat create_pgsql.gz | psql -U -h -W \n" +"Doplòte správné hodnoty pro u¾ivatele, poèítaè a jméno " +"databáze. PostgreSQL se vás zeptá na heslo." + +#. Type: string +#. Description +#: ../snort-pgsql.templates:114 +msgid "Please enter the hostname of the pgsql database server to use." +msgstr "" +"Zadejte jméno poèítaèe s pgsql databázovým serverem, který se má " +"pou¾ít." + +#. Type: note +#. Description +#: ../snort-common.templates:3 +msgid "Your configuration file is deprecated" +msgstr "Vá¹ konfiguraèní soubor obsahuje zru¹ené volby." + +#. Type: note +#. Description +#: ../snort-common.templates:3 +msgid "" +"Your Snort configuration file (/etc/snort/snort.conf) uses deprecated " +"options no longer available for this Snort release. Snort will not be able " +"to start unless you provide a correct configuration file. You can substitute " +"your configuration file with the one provided in this package or fix it " +"manually by removing deprecated options." +msgstr "" +"Vá¹ konfiguraèní soubor Snortu (/etc/snort/snort.conf) pou¾ívá zru¹ené " +"volby, které ji¾ nejsou v tomto vydání Snortu dostupné. Snort se " +"nebude moci spustit, pokud neposkytnete korektní konfiruraèní " +"soubor. Mù¾ete nahradit vá¹ konfiguraèní soubor souborem obsa¾eným v " +"tomto balíèku nebo to opravit ruènì odstranìním zru¹ených voleb." + +#. Type: note +#. Description +#: ../snort-common.templates:3 +msgid "" +"The following deprecated options were found in your configuration file: " +"${DEP_CONFIG}" +msgstr "" +"Ve va¹em konfiguraèním souboru byly nalezeny následující zru¹ené " +"volby: " +"${DEP_CONFIG}" --- snort-2.3.3.orig/debian/snort.preinst +++ snort-2.3.3/debian/snort.preinst @@ -0,0 +1,109 @@ +#!/bin/sh + +set -e + +# summary of how this script can be called: +# * `install' +# * `install' +# * `upgrade' +# * `abort-upgrade' + +DEFAULT=/etc/default/snort +PARAMETERS=/etc/snort/snort.common.parameters + +check_parameters() { +# Check if the old parameters file is there and this is +# an upgrade (default is not) + # Abort if either the old parameters file does not exist + # or if the new default has already been installed + [ ! -r "$PARAMETERS" ] && return + [ -r "$DEFAULT" ] && return + + # Extract our values from there + logdir=`cat $PARAMETERS | perl -ne 'print $1 if /-l\s+([\w\/]+)/'` + user_snort=`cat $PARAMETERS | perl -ne 'print $1 if /-u\s+(\w+)/'` + group_snort=`cat $PARAMETERS | perl -ne 'print $1 if /-g\s+(\w+)/'` + extraparms=`cat $PARAMETERS | sed -e 's/-l[[:space:]]\+[\/[:alnum:]]\+[[:space:]]\+//g; s/-u[[:space:]]\+[[:alnum:]]\+[[:space:]]*//g; s/-g[[:space:]]\+[[:alnum:]]\+[[:space:]]*//g;'` + echo "Creating new $DEFAULT configuration based on $PARAMETERS" + cat <$DEFAULT +# Parameters for the daemon +PARAMS="$extraparms" +# Logging directory +LOGDIR="$logdir" +# Snort user +SNORTUSER="$user_snort" +# Snort group +SNORTGROUP="$group_snort" +EOF + return +} + +case "$1" in + install|upgrade) + + check_parameters + [ -r "$DEFAULT" ] && . $DEFAULT + # Sane defaults, just in case + [ -z "$SNORTUSER" ] && SNORTUSER=snort + [ -z "$SNORTGROUP" ] && SNORTGROUP=snort + [ -z "$LOGDIR" ] && LOGDIR=/var/log/snort + + # create snort user to avoid running snort as root + # 1. create group if not existing + if ! getent group | grep -q "^$SNORTGROUP:" ; then + addgroup --quiet --system $SNORTGROUP 2>/dev/null || true + fi + # 2. create homedir if not existing + test -d $LOGDIR || mkdir $LOGDIR + # 3. create user if not existing + if ! getent passwd | grep -q "^$SNORTUSER:"; then + adduser --quiet \ + --system \ + --ingroup $SNORTGROUP \ + --no-create-home \ + --disabled-password \ + $SNORTUSER 2>/dev/null || true + fi + # 4. adjust passwd entry + usermod -c "Snort IDS" \ + -d $LOGDIR \ + -g $SNORTGROUP \ + $SNORTUSER + # 5. adjust file and directory permissions + if ! dpkg-statoverride --list $LOGDIR >/dev/null + then + chown -R $SNORTUSER:adm $LOGDIR + chmod u=rwx,g=rxs,o= $LOGDIR + fi + + # setup /etc/snort + test -d /etc/snort || mkdir /etc/snort + + # move config file to new location + if [ -e /etc/snort.conf ]; then + mv /etc/snort.conf /etc/snort/snort.conf + fi + + # rename probably existing cron job with old name + if [ -e /etc/cron.daily/snort ]; then + mv /etc/cron.daily/snort /etc/cron.daily/5snort + fi + + + ;; + configure) + ;; + abort-upgrade) + ;; + *) + echo "preinst called with unknown argument \`$1'" >&2 + exit 0 + ;; +esac + +# dh_installdeb will replace this with shell code automatically +# generated by other debhelper scripts. + +#DEBHELPER# + +exit 0 --- snort-2.3.3.orig/debian/snort-common.postinst +++ snort-2.3.3/debian/snort-common.postinst @@ -0,0 +1,59 @@ +#!/bin/sh -e + +. /usr/share/debconf/confmodule + + +# This is a list of deprecated preprocessors used to detect +# bad configuration that will prevent Snort from running +# based on http://cvs.snort.org/viewcvs.cgi/snort/src/preprocessors/Attic/ +OLD_PREPROCESSORS="http_decode anomsensor asn1 defrag defrag2 fnord httpflow minfrag tcp_stream tcp_stream2 tcp_stream3 unidecode" +# List of valid preprocessors (taken from src/preprocessor) +# [Currently not used since the user might have custom preprocessors] +VALID_PREPROCESSORS="arpspoof bo conversation flow frag2 httpinspect perfmonitor portscan2 portscan rpc_decode stream4 telnet_negotiation" + +CONFIG_FILE=/etc/snort/snort.conf +deprecated=0 + +if test -f $CONFIG_FILE +then + for prep in $OLD_PREPROCESSORS + do + found_deprecated=`egrep "^preprocessor $prep:+" $CONFIG_FILE | sed -e 's/:.*//'` + if [ -n "$found_deprecated" ] ; then + deprecated=1 + deprecated_list="$found_deprecated $deprecated_list" + fi + done +fi + +# We should warn the user if +# a) the snort.conf does not match the md5sum [TODO] +# b) we found some deprecated preprocessor +if [ "$deprecated" -eq 1 ] ; then + deprecated_list=`echo $deprecated_list |sed -e 's/ $//'` +# echo "Your $CONFIG_FILE is using out of date preprocessors ($deprecated_list) you should upgrade!" + db_subst snort/deprecated_config DEP_CONFIG "$deprecated_list" || true + db_input high snort/deprecated_config || true + db_go || true +fi + +# Check if Snort will be able to run properly +# Obviously, if you are using deprecated preprocessors it's not going +# to work either +# TODO: Maybe it's also best if we could tell dpkg that snort should +# not be started if this fails. +if [ "$deprecated" -ne 1 ] ; then + if [ -x /etc/init.d/snort ] ; then + set +e + /etc/init.d/snort config-check >/dev/null 2>&1 + if [ $? -ne 0 ] ; then + db_input critical snort/config_error || true + db_go || true + fi + set -e + fi +fi + +db_stop + +exit 0 --- snort-2.3.3.orig/debian/snort.config +++ snort-2.3.3/debian/snort.config @@ -0,0 +1,117 @@ +#!/bin/sh -e + +. /usr/share/debconf/confmodule + +[ -r /etc/snort/snort.debian.conf ] && . /etc/snort/snort.debian.conf + +check_interfaces() { +# Check the interface status, abort with error if a configured one is not +# available + [ -z "$INTERFACES" ] && return 0 + ints=`echo $INTERFACES | sed -e 's/,/ /g'` + for iface in $ints; do + if ! ifconfig "$iface" | grep -w UP >/dev/null; then + return 1 + fi + done + return 0 +} + +db_input low snort/startup || true +db_go + +# /etc/ppp/ip-up.d/snort is called with interface and IP number +db_get snort/startup +if [ "$RET" = "dialup" ]; then + db_set snort/interface "" + db_set snort/address_range "" + db_set snort/disable_promiscuous true +else + db_beginblock + # Interface default in case the configuration file does not exist + if [ -z "$DEBIAN_SNORT_INTERFACE" ] ; then + INTERFACES=eth0 + else + INTERFACES=$DEBIAN_SNORT_INTERFACE + fi + + # Ask for a valid set of interfaces + ok='' + count=0 + while [ ! "$ok" ] && [ "$count" -lt 2 ]; do + # Depending on whether the default interface is up or down we set the + # question priority + priority='medium' + if ! check_interfaces + then + priority='high' + db_fset snort/interface seen false + fi + set +e + db_input $priority snort/interface + if [ $? -eq 30 ]; then + # User is not being shown the question, break out + break + fi + set -e + db_go || true + # Check the interfaces + db_get snort/interface + INTERFACES=$RET + if ! check_interfaces ; then + db_fset snort/invalid_interface seen false + db_input critical snort/invalid_interface + else + ok='yes' + fi + # Increment the count, we only go through this two times + count=$(($count+1)) + done + + db_input high snort/address_range || true + db_input low snort/disable_promiscuous || true + db_endblock + db_go +fi + +db_beginblock +db_input low snort/reverse_order || true +db_input low snort/options || true +db_endblock +db_go + +db_beginblock +db_input low snort/send_stats || true +db_go + +db_get snort/send_stats +if [ $RET = true ]; then +# TODO: This values should not be empty (even +# if we default to 'root' and '1' in the scripts) +# so the config script should check wether the +# values here are legitimate. + db_beginblock + db_input medium snort/stats_rcpt || true + db_input low snort/stats_treshold || true + db_endblock + db_go +fi + +db_get snort/startup +if [ $RET = "manual" ]; then + db_beginblock + db_input medium snort/please_restart_manually || true + db_endblock + db_go +fi + +DEFAULT=/etc/default/snort +PARAMETERS=/etc/snort/snort.common.parameters +if [ -e "$DEFAULT" ] && [ -e "$PARAMETERS" ] ; then + db_beginblock + db_input medium snort/config_parameters || true + db_endblock + db_go +fi + +db_stop --- snort-2.3.3.orig/debian/snort-rules-default.dirs +++ snort-2.3.3/debian/snort-rules-default.dirs @@ -0,0 +1 @@ +etc/snort/rules --- snort-2.3.3.orig/debian/snort.debian.conf +++ snort-2.3.3/debian/snort.debian.conf @@ -0,0 +1,12 @@ +# This file is used for options that are changed by Debian to leave +# the original lib files untouched. +# You have to use "dpkg-reconfigure snort(-flavour)?" to change them. +# +# Replace (-flavour)? by pgsql, mysql or keep it empty depending on +# what flavour of Snort you run. +# +DEBIAN_SNORT_STARTUP=boot +DEBIAN_SNORT_HOME_NET="192.168.0.0/16" +DEBIAN_SNORT_OPTIONS="-i eth0" +DEBIAN_SNORT_STATS_RCPT="root" +DEBIAN_SNORT_STATS_THRESHOLD="1" --- snort-2.3.3.orig/debian/README.docs +++ snort-2.3.3/debian/README.docs @@ -0,0 +1,3 @@ + +Please notice that additional documentation is available at +http://www.snort.org/docs/ --- snort-2.3.3.orig/debian/snort.init.d +++ snort-2.3.3/debian/snort.init.d @@ -0,0 +1,254 @@ +#!/bin/sh -e + +test $DEBIAN_SCRIPT_DEBUG && set -v -x + +DAEMON=/usr/sbin/snort +NAME=snort +DESC="Network Intrusion Detection System" + +CONFIG=/etc/snort/snort.debian.conf +# Old (obsolete) way to provide parameters +if [ -r /etc/snort/snort.common.parameters ] ; then + COMMON=`cat /etc/snort/snort.common.parameters` +elif [ -r /etc/default/snort ] ; then +# Only read this if the old configuration is not present + . /etc/default/snort + COMMON="$PARAMS -l $LOGDIR -u $SNORTUSER -g $SNORTGROUP" +fi + +test -x $DAEMON || exit 0 +test -f $CONFIG && . $CONFIG +test -z "$DEBIAN_SNORT_HOME_NET" && DEBIAN_SNORT_HOME_NET="192.168.0.0/16" + +# to find the lib files +cd /etc/snort + +check_log_dir() { +# Does the logging directory belong to Snort? + # If we cannot determine the logdir return without error + # (we will not check it) + # This will only be used by people using /etc/default/snort + [ -n "$LOGDIR" ] || return 0 + [ -n "$SNORTUSER" ] || return 0 + if [ ! -e "$LOGDIR" ] ; then + echo -n "ERR: logging directory $LOGDIR does not exist" + return 1 + elif [ ! -d "$LOGDIR" ] ; then + echo -n "ERR: logging directory $LOGDIR does not exist" + return 1 + else + real_log_user=`stat -c %U $LOGDIR` + # An alternative way is to check if the snort user can create + # a file there... + if [ "$real_log_user" != "$SNORTUSER" ] ; then + echo -n "ERR: logging directory $LOGDIR does not belong to the snort user $SNORTUSER" + return 1 + fi + fi + return 0 +} + +case "$1" in + start) + if [ -e /etc/snort/db-pending-config ] ; then + echo "WARN: /etc/snort/db-pending-config file found" + echo "WARN: Snort will not start as its database is not yet configured." + echo "WARN: Please configure the database as described in" + echo "WARN: /usr/share/doc/snort-{pgsql,mysql}/README-database.Debian" + echo "WARN: and remove /etc/snort/db-pending-config" + exit 1 + fi + + echo -n "Starting $DESC: " + if ! check_log_dir; then + echo " will not start $DESC!" + exit 1 + fi + if [ "$DEBIAN_SNORT_STARTUP" = "dialup" ]; then + shift + set +e + /etc/ppp/ip-up.d/snort "$@" + exit $? + fi + + # Usually, we start all interfaces + interfaces="$DEBIAN_SNORT_INTERFACE" + + # If we are requested to start a specific interface... + test "$2" && interfaces="$2" + + myret=0 + got_instance=0 + for interface in $interfaces; do + got_instance=1 + echo -n "$NAME($interface)" + + PIDFILE=/var/run/snort_$interface.pid + + fail="failed (check /var/log/daemon.log)" + /sbin/start-stop-daemon --stop --signal 0 --quiet \ + --pidfile "$PIDFILE" --exec $DAEMON >/dev/null && + fail="already running" + + CONFIGFILE=/etc/snort/snort.$interface.conf + if [ ! -e "$CONFIGFILE" ]; then + echo "No /etc/snort/snort.$interface.conf, defaulting to snort.conf" + CONFIGFILE=/etc/snort/snort.conf + fi + + set +e + /sbin/start-stop-daemon --start --quiet --pidfile "$PIDFILE" \ + --exec $DAEMON -- $COMMON $DEBIAN_SNORT_OPTIONS \ + -c $CONFIGFILE \ + -S "HOME_NET=[$DEBIAN_SNORT_HOME_NET]" \ + -i $interface >/dev/null + ret=$? + set -e + case "$ret" in + 0) + echo "." + ;; + *) + echo "...$fail." + myret=$(expr "$myret" + 1) + ;; + esac + done + + if [ "$got_instance" = 0 ]; then + echo "No snort instance found to be started!" >&2 + exit 1 + fi + + exit $myret + ;; + stop) + if [ "$DEBIAN_SNORT_STARTUP" = "dialup" ]; then + shift + set +e + /etc/ppp/ip-down.d/snort "$@" + exit $? + fi + + # Usually, we stop all current running interfaces + pidpattern=/var/run/snort_*.pid + + # If we are requested to stop a specific interface... + test "$2" && pidpattern=/var/run/snort_"$2".pid + + got_instance=0 + for PIDFILE in $pidpattern; do + # This check is also needed, if the above pattern doesn't match + test -f "$PIDFILE" || continue + + got_instance=1 + interface=$(basename "$PIDFILE" .pid | sed -e 's/^snort_//') + + echo -n "Stopping $DESC: $NAME($interface)" + + /sbin/start-stop-daemon --stop --retry 5 --quiet --oknodo \ + --pidfile "$PIDFILE" --exec $DAEMON >/dev/null + rm -f "$PIDFILE" + + echo "." + done + + if [ "$got_instance" = 0 ]; then + echo "No snort instance found to be stopped!" >&2 + fi + ;; + restart|force-restart|reload|force-reload) + # Usually, we restart all current running interfaces + pidpattern=/var/run/snort_*.pid + + # If we are requested to restart a specific interface... + test "$2" && pidpattern=/var/run/snort_"$2".pid + + got_instance=0 + for PIDFILE in $pidpattern; do + # This check is also needed, if the above pattern doesn't match + test -f "$PIDFILE" || continue + + got_instance=1 + interface=$(basename "$PIDFILE" .pid | sed -e 's/^snort_//') + $0 stop $interface || true + $0 start $interface || true + done + + if [ "$got_instance" = 0 ]; then + echo "No snort instance found to be restarted!" >&2 + fi + ;; + status) + echo -n "Status of snort daemon(s):" + interfaces="$DEBIAN_SNORT_INTERFACE" + # If we are requested to check for a specific interface... + test "$2" && interfaces="$2" + for interface in $interfaces; do + echo -n " $interface " + pidfile=/var/run/snort_$interface.pid + if [ -f "$pidfile" ] ; then + pidval=`cat $pidfile` + if ps -p $pidval | grep -q snort; then + echo -n "(ok)" + else + echo -n "(nok!)" + fi + else + echo -n "(nok!)" + fi + done + echo "." + ;; + config-check) + if [ "$DEBIAN_SNORT_STARTUP" = "dialup" ]; then + echo "Config-check is currently not supported for snort in Dialup configuration" + exit 0 + fi + + # usually, we test all interfaces + interfaces="$DEBIAN_SNORT_INTERFACE" + # if we are requested to test a specific interface... + test "$2" && interfaces="$2" + + myret=0 + got_instance=0 + for interface in $interfaces; do + got_instance=1 + echo -n "checking $desc config: $name($interface)" + + CONFIGFILE=/etc/snort/snort.$interface.conf + if [ ! -e "$CONFIGFILE" ]; then + CONFIGFILE=/etc/snort/snort.conf + fi + COMMON=`echo $COMMON | sed -e 's/-D//'` + set +e + $DAEMON -T $COMMON $DEBIAN_SNORT_OPTIONS \ + -c $CONFIGFILE \ + -S "HOME_NET=[$DEBIAN_SNORT_HOME_NET]" \ + -i $interface >/dev/null 2>&1 + ret=$? + set -e + case "$ret" in + 0) + echo ".ok." + ;; + *) + echo "...failed." + myret=$(expr "$myret" + 1) + ;; + esac + done + if [ "$got_instance" = 0 ]; then + echo "no snort instance found to be started!" >&2 + exit 1 + fi + + exit $myret + ;; + *) + echo "Usage: $0 {start|stop|restart|force-restart|reload|force-reload|status|config-check}" + exit 1 + ;; +esac +exit 0 --- snort-2.3.3.orig/debian/snort-mysql.examples +++ snort-2.3.3/debian/snort-mysql.examples @@ -0,0 +1 @@ +debian/my/snort_rules_update --- snort-2.3.3.orig/debian/snort-mysql.dirs +++ snort-2.3.3/debian/snort-mysql.dirs @@ -0,0 +1,11 @@ +etc/cron.daily +etc/init.d +etc/logrotate.d +etc/default +etc/ppp/ip-down.d +etc/ppp/ip-up.d +etc/snort +usr/sbin +usr/share/doc/snort +usr/share/man/man8 +var/log/snort --- snort-2.3.3.orig/debian/snort.examples +++ snort-2.3.3/debian/snort.examples @@ -0,0 +1 @@ +debian/my/snort_rules_update --- snort-2.3.3.orig/debian/NEWS +++ snort-2.3.3/debian/NEWS @@ -0,0 +1,17 @@ +snort (2.3.2-1) unstable; urgency=medium + + * In Snort version 2.3.0 and later the preferred configuration method + uses /etc/default/snort rather than /etc/snort/snort.common.parameters. + The new approach makes it possible to introduce improvements in the + init.d script, such as sanity checks for common misconfigurations. + + * Upgrading automatically generates the file /etc/default/snort + from /etc/snort/snort.common.parameters. + + * Since the automatically generated file may not be correct, you should + inspect it or create a new one to your liking. If the configuration + file is correct, delete /etc/snort/snort.common.parameters and restart + the server to use the new file. The system will run Snort with the old + configuration file until you do so. + + -- Javier Fernandez-Sanguino Pen~a Tue, 8 Feb 2005 23:55:57 +0100 --- snort-2.3.3.orig/debian/snort-mysql.preinst +++ snort-2.3.3/debian/snort-mysql.preinst @@ -0,0 +1,114 @@ +#!/bin/sh + +set -e + +# summary of how this script can be called: +# * `install' +# * `install' +# * `upgrade' +# * `abort-upgrade' + +DEFAULT=/etc/default/snort +PARAMETERS=/etc/snort/snort.common.parameters + +check_parameters() { +# Check if the old parameters file is there and this is +# an upgrade (default is not) + # Abort if either the old parameters file does not exist + # or if the new default has already been installed + [ ! -r "$PARAMETERS" ] && return + [ -r "$DEFAULT" ] && return + + # Extract our values from there + logdir=`cat $PARAMETERS | perl -ne 'print $1 if /-l\s+([\w\/]+)/'` + user_snort=`cat $PARAMETERS | perl -ne 'print $1 if /-u\s+(\w+)/'` + group_snort=`cat $PARAMETERS | perl -ne 'print $1 if /-g\s+(\w+)/'` + extraparms=`cat $PARAMETERS | sed -e 's/-l[[:space:]]\+[\/[:alnum:]]\+[[:space:]]\+//g; s/-u[[:space:]]\+[[:alnum:]]\+[[:space:]]*//g; s/-g[[:space:]]\+[[:alnum:]]\+[[:space:]]*//g;'` + echo "Creating new $DEFAULT configuration based on $PARAMETERS" + cat <$DEFAULT +# Parameters for the daemon +PARAMS="$extraparms" +# Logging directory +LOGDIR="$logdir" +# Snort user +SNORTUSER="$user_snort" +# Snort group +SNORTGROUP="$group_snort" +EOF + return +} + +case "$1" in + install|upgrade) + + check_parameters + [ -r "$DEFAULT" ] && . $DEFAULT + # Sane defaults, just in case + [ -z "$SNORTUSER" ] && SNORTUSER=snort + [ -z "$SNORTGROUP" ] && SNORTGROUP=snort + [ -z "$LOGDIR" ] && LOGDIR=/var/log/snort + + # create snort user to avoid running snort as root + # 1. create group if not existing + if ! getent group | grep -q "^$SNORTGROUP:" ; then + addgroup --quiet --system $SNORTGROUP 2>/dev/null || true + fi + # 2. create homedir if not existing + test -d $LOGDIR || mkdir $LOGDIR + # 3. create user if not existing + if ! getent passwd | grep -q "^$SNORTUSER:"; then + adduser --quiet \ + --system \ + --ingroup $SNORTGROUP \ + --no-create-home \ + --disabled-password \ + $SNORTUSER 2>/dev/null || true + fi + # 4. adjust passwd entry + usermod -c "Snort IDS" \ + -d $LOGDIR \ + -g $SNORTGROUP \ + $SNORTUSER + # 5. adjust file and directory permissions + if ! dpkg-statoverride --list $LOGDIR >/dev/null + then + chown -R $SNORTUSER:adm $LOGDIR + chmod u=rwx,g=rxs,o= $LOGDIR + fi + + # setup /etc/snort + test -d /etc/snort || mkdir /etc/snort + + # move config file to new location + if [ -e /etc/snort.conf ]; then + mv /etc/snort.conf /etc/snort/snort.conf + fi + + # rename probably existing cron job with old name + if [ -e /etc/cron.daily/snort ]; then + mv /etc/cron.daily/snort /etc/cron.daily/5snort + fi + + # If this is the first time we are installation then create + # the /etc/snort/db-pending-config + if [ "$1" = "install" ] && [ -z "$2" ] ; then + touch /etc/snort/db-pending-config + fi + + ;; + configure) + ;; + abort-upgrade) + ;; + *) + echo "preinst called with unknown argument \`$1'" >&2 + exit 0 + ;; +esac + +# dh_installdeb will replace this with shell code automatically +# generated by other debhelper scripts. + +#DEBHELPER# + +exit 0 --- snort-2.3.3.orig/debian/snort-rules-default.postrm +++ snort-2.3.3/debian/snort-rules-default.postrm @@ -0,0 +1,41 @@ +#! /bin/sh +# postrm script for snort-rules-default +# +# see: dh_installdeb(1) + +set -e + +# summary of how this script can be called: +# * `remove' +# * `purge' +# * `upgrade' +# * `failed-upgrade' +# * `abort-install' +# * `abort-install' +# * `abort-upgrade' +# * `disappear' overwrit>r> +# for details, see /usr/doc/packaging-manual/ + +case "$1" in + purge|disappear) + if [ -d /etc/snort/rules ]; then + rmdir --ignore-fail-on-non-empty /etc/snort/rules + fi + if [ -d /etc/snort ]; then + rmdir --ignore-fail-on-non-empty /etc/snort + fi + ;; + + remove|upgrade|failed-upgrade|abort-install|abort-upgrade) + ;; +esac + +# dh_installdeb will replace this with shell code automatically +# generated by other debhelper scripts. + +#DEBHELPER# + +if [ "$1" = purge ] && [ -e /usr/share/debconf/confmodule ]; then + . /usr/share/debconf/confmodule + db_purge +fi --- snort-2.3.3.orig/debian/snort-mysql.postinst +++ snort-2.3.3/debian/snort-mysql.postinst @@ -0,0 +1,251 @@ +#!/bin/sh -e + +CONFIG=/etc/snort/snort.debian.conf + +. /usr/share/debconf/confmodule +test $DEBIAN_SCRIPT_DEBUG && set -v -x + +# summary of how this script can be called: +# * `configure' +# * `abort-upgrade' +# * `abort-remove' `in-favour' +# +# * `abort-deconfigure' `in-favour' +# `removing' +# +# for details, see /usr/doc/packaging-manual/ +# +# quoting from the policy: +# Any necessary prompting should almost always be confined to the +# post-installation script, and should be protected with a conditional +# so that unnecessary prompting doesn't happen if a package's +# installation fails and the `postinst' is called with `abort-upgrade', +# `abort-remove' or `abort-deconfigure'. + +case "$1" in + install) + ;; + upgrade) + db_get snort-mysql/startup || true + if [ "$RET" = "manual" ]; then + #db_fset snort-mysql/please_restart_manually seen false + db_beginblock + db_input high snort-mysql/please_restart_manually || true + db_endblock + db_go + db_stop + fi + ;; + configure) + # edit config file + db_get snort-mysql/startup || true; STARTUP=$RET + db_get snort-mysql/interface || true; INTERFACE="$RET" + db_get snort-mysql/address_range || true; ADDRESS_RANGE="$RET" + db_get snort-mysql/disable_promiscuous || true; DISABLE_PROMISCUOUS=$RET + db_get snort-mysql/reverse_order || true; REVERSE_ORDER=$RET + db_get snort-mysql/send_stats || true; STATS_SEND="$RET" + db_get snort-mysql/stats_rcpt || true; STATS_RCPT="$RET" + db_get snort-mysql/stats_treshold || true; STATS_THRESHOLD="$RET" + db_get snort-mysql/options || true; OPTIONS="$RET" + + test "$DISABLE_PROMISCUOUS" = "true" && OPTIONS="$OPTIONS -p" + test "$REVERSE_ORDER" = "true" && OPTIONS="$OPTIONS -o" + # Failsafe in case the values above are blank (jfs) + [ -z "$STATS_RCPT" ] && STATS_RCPT=root + [ -z "$STATS_THRESHOLD" ] && STATS_THRESHOLD=1 + #STATS_RCPT=`echo "$STATS_RCPT" | sed -e 's/@/\\\\@/g' -e 's/,/\\\\,/g'` + + cat <$CONFIG +# This file is used for options that are changed by Debian to leave +# the original lib files untouched. +# You have to use "dpkg-reconfigure snort" to change them. + +DEBIAN_SNORT_STARTUP="$STARTUP" +DEBIAN_SNORT_HOME_NET="$ADDRESS_RANGE" +DEBIAN_SNORT_OPTIONS="$OPTIONS" +DEBIAN_SNORT_INTERFACE="$INTERFACE" +DEBIAN_SNORT_SEND_STATS="$STATS_SEND" +DEBIAN_SNORT_STATS_RCPT="$STATS_RCPT" +DEBIAN_SNORT_STATS_THRESHOLD="$STATS_THRESHOLD" +EOF + + if [ -f /etc/snort/snort.conf ]; then + # insert database config stuff in the configuration file, + # or configure it for syslog-logging. + db_get snort-mysql/configure_db + if [ "$RET" = "true" ]; then + db_get snort-mysql/db_host || true; DB_HOST=$RET + db_get snort-mysql/db_database || true; DB_DATABASE=$RET + db_get snort-mysql/db_user || true; DB_USER=$RET + db_get snort-mysql/db_pass || true; DB_PASS=$RET + + # Here we put the database stuff in the config file. + TEMPFILE=`mktemp` + cat /etc/snort/snort.conf | while read LINE + do + if [ "$LINE" = "# (#DBSTART#)" ] + then + echo "# (#DBSTART#)" >> $TEMPFILE + echo -n "output database: log, mysql, " >> $TEMPFILE + if [ $DB_USER ] + then + echo -n "user=$DB_USER " >> $TEMPFILE + fi + if [ $DB_PASS ] + then + echo -n "password=$DB_PASS " >> $TEMPFILE + fi + if [ $DB_DATABASE ] + then + echo -n "dbname=$DB_DATABASE " >> $TEMPFILE + fi + if [ $DB_HOST ] + then + echo -n "host=$DB_HOST " >> $TEMPFILE + fi + echo " " >> $TEMPFILE + echo "# (#DBEND#)" >> $TEMPFILE + break + else + echo $LINE >> $TEMPFILE + fi + done + + WRITE=0 + cat /etc/snort/snort.conf | while read LINE + do + if [ $WRITE -eq 1 ] + then + echo $LINE >> $TEMPFILE + fi + + if [ "$LINE" = "# (#DBEND#)" ] + then + WRITE=1 + fi + done + mv -f $TEMPFILE /etc/snort/snort.conf + fi + + # Ensure the config file is readable by root.root and mode 600 + if ! dpkg-statoverride --list /etc/snort/snort.conf >/dev/null + then + chown root:snort /etc/snort/snort.conf + chmod 640 /etc/snort/snort.conf + fi + fi + + db_stop + + # Check for left-over files from woody packages. + OLDCONF=/etc/snort/snort.rules.conf + if [ -f $OLDCONF ]; then + mv $OLDCONF $OLDCONF.OBSOLETE + fi + + # Update the rc.d's + update-rc.d snort defaults >/dev/null + + # in the case we reconfigure we have to restart and not just to start. + if [ -x /usr/sbin/invoke-rc.d ]; then + invoke-rc.d snort stop || true + else + /etc/init.d/snort stop || true + fi + ;; + abort-upgrade) + ;; + *) + echo "postinst called with unknown argument \`$1'" >&2 + exit 0 + ;; +esac + +if [ "$STARTUP" = "dialup" ]; then + + # Try to guess environments for all pppds we have no .env for... + for PPPD_PID in $(pidof pppd ipppd); do + # If we got an empty PID (however), we break here + test "$PPPD_PID" || continue + + # + # This is a lot of shell voodoo, let's try to figure it out: + # 1. egrep: + # It greps for our current pppd PID in all pppd and ipppd + # pidfiles. + # It *should* return exactly one file name: the one with + # our current pppd PID in it; however, to be safe, we fence + # it with a head -1. + # 2. basename $(egrep ...) .pid: + # It takes the file name from the egrep and strips off its + # path and the .pid suffix + # 3. sed: + # Unfortunately the filenames of pppd and ipppd differ: + # pppd uses $INTERFACE.pid, while ipppd uses + # ipppd.$INTERFACE.pid. + # The .pid is already stripped off by basename, thus, we + # just strip off any "ipppd." prefix and end up in the + # plain interface name. + # Maybe pppd decides to change it's pidfile naming + # convention according to ipppd somewhere in the future, + # thus, we use '^i\?pppd\.' (sed eregex) and thus strip + # off all "ipppd." and all "pppd." prefixes. This doesn't + # harm anyways. + # Because of the pppd pidfile naming convention, our + # approach works always with ipppd and mostly with pppd: + # the latter only, if the user did not decide to rename + # his ppp interface to something else than ppp* + # (not possible currently, afaics). + # + PPP_IFACE=$(basename $(egrep -l "^[[:space:]]*$PPPD_PID[[:space:]]*\$" /var/run/ppp*.pid /var/run/ipppd.*.pid 2> /dev/null | head -1) .pid | sed -e 's/^i\?pppd\.//') + + # + # If we got no interface from pidfiles (because there are no + # pidfiles, for example), we assume the most common case: + # one pppd with default route set. + # This is ugly, but there is no other chance. Let's hope, + # nobody ever manages multiple pppds without pidfiles for + # them. + # + test "$PPP_IFACE" || PPP_IFACE=$(route -n | awk '/^0\.0\.0\.0 / { print $8 }') + + # If we couldn't discover an interface name, we break here + test "$PPP_IFACE" || continue + + PPP_LOCAL=$(ifconfig $PPP_IFACE | awk '/inet addr:/ { gsub("addr:", ""); print $2 }') + + # If we couldn't discover a local IP, we break here + test "$PPP_LOCAL" || continue + + ENVFILE=/var/run/snort_$PPP_IFACE.env + + # If we already have an .env for that interface, we break here + test -e "$ENVFILE" && continue + + # Write .env for that interface + echo "Creating missing $ENVFILE" + echo "PPPD_PID=$PPPD_PID" > "$ENVFILE" + echo "PPP_IFACE=$PPP_IFACE" >> "$ENVFILE" + echo "PPP_LOCAL=$PPP_LOCAL" >> "$ENVFILE" + + # If such a snort is still running, just kill it + ps -ef | grep /usr/sbin/snort | grep "$PPP_LOCAL" | + grep "$PPP_IFACE" | awk '{ print $2 }' | + xargs --no-run-if-empty kill -s KILL >/dev/null + done +fi + +if [ "$STARTUP" = "boot" ] || [ "$STARTUP" = "dialup" ]; then + if [ -x /usr/sbin/invoke-rc.d ]; then + invoke-rc.d snort start || true + else + /etc/init.d/snort start || true + fi +fi + +# dh_installdeb will replace this with shell code automatically +# generated by other debhelper scripts. + +#DEBHELPER# + +exit 0 --- snort-2.3.3.orig/debian/copyright +++ snort-2.3.3/debian/copyright @@ -0,0 +1,28 @@ +This package was adopted by Sander Smeenk +Tue, 4 Jun 2002 21:56:15 +0200 + +This package was debianized by Robert van der Meulen +Sun Feb 4 17:20:36 CET 2001. + +It was downloaded from http://www.snort.org/ + +Upstream Author: Martin Roesch + +Copyright: + + This package is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 dated June, 1991. + + This package is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this package; if not, write to the Free Software + Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, + MA 02110-1301 USA + +On Debian GNU/Linux systems, the complete text of the GNU General +Public License can be found in `/usr/share/common-licenses/GPL'. --- snort-2.3.3.orig/debian/snort-doc.examples +++ snort-2.3.3/debian/snort-doc.examples @@ -0,0 +1 @@ +debian/my/snort_rules_update --- snort-2.3.3.orig/debian/README.Debian +++ snort-2.3.3/debian/README.Debian @@ -0,0 +1,151 @@ + + SNORT WITH DATABASE SUPPORT +------------------------------ + If you are using snort-pgsql or snort-mysql please notice that you have + to create the database structure right after installing the package + and start Snort manually. + + In order to create the database structure do: + + - if using PostgreSQL + $ cd /usr/share/doc/snort-pgsql/ + $ zcat create_postgresql.gz | psql -U -h -W + + - if using MySQL + $ cd /usr/share/doc/snort-mysql/ + $ zcat create_mysql.gz | mysql -u -h -p + + In either case fill in the correct values for the user, host, and + database names. Depending on the user priviledges set on the database + you can use the same user that Snort will use to access the + database or an admin user. In either case, the user you use should + have priviledges to create tables and indexes. Once created you have + to grant the user your configured in Debconf so that it has priviledges + over the tables created through the schema. + + Once you have setup the database, you will need to start Snort manually + since it was left unstarted after the installation. To do this + remove the file '/etc/snort/db-pending-config' and then + do '/etc/init.d/snort start'. Confirm that snort is working and up + by running '/etc/init.d/snort status' and reviewing the messages in + the /var/log/daemon.log syslog file. + + SNORT ON MULTIPLE INTERFACES +------------------------------ + +This package of snort is capable of managing multiple interfaces. The +current init.d script is capable of launching more than one snort +instance. You just need to answer the debconf question "On which +interface(s) should snort listen on" with a list (separated by spaces +of interafes you want to use). This actually modifies the value of +DEBIAN_SNORT_INTERFACE definition in /etc/snort/snort.debian.conf. + +Afterwards, you need to create different +/etc/snort/snort.$INTERFACE.conf configuration files (where $INTERFACE +is your interface names, e.g., eth0 or eth1) for each interface you +want Snort to listen on. All sensors can use the same rule set so it's +easy to update them and all your sensors simultaneously. If no +/etc/snort/snort.$INTERFACE.conf file exists for a given interface, +then the regular /etc/snort/snort.conf file is used. + +Notice, however, that the same HOME_NET definition will be used for +all interfaces (the answer to the "address range snort will listen +on"). The debconf scripts don't currently support a way to give +different HOME_NET definitions to different interfaces. + +This is still work in progress. Please file bugs to the snort package. + +----------------------------------------------------------------------------- + + DATABASE CHANGES +------------------ + +The database layout has changed a bit since 1.9.0beta4: + + - DB schema v106 + - Added the sensor.last_cid field to the schema so the + database can store the last used cid for a given sensor. + This field will ensure that a cid will never be reused. + + Upgrading from v105 -> v106 is as simple as: + + mysql> ALTER TABLE sensor ADD last_cid INT UNSIGNED NOT NULL; + mysql> UPDATE schema SET vseq=106; + + psql> ALTER TABLE sensor ADD last_cid INT8; + psql> UPDATE schema SET vseq=106; + +----------------------------------------------------------------------------- + + FREQUENT QUESTIONS AND ANSWERS +--------------------------------- + +Q. I want to use FLEXRESP rules, but snort won't start with those rules + enabled! What is wrong, what should I do? +A. FLEXRESP rules need root-priviledges to access raw ethernet interface. + To resolve this, start snort as root. + +Q0. I can reconfigure snort as often as I want but it won't ask me any + questions! +A0. You are probably victim of a bug in an older version of debconf. Just do: + dpkg-reconfigure --priority=low debconf; dpkg-reconfigure snort + +Q1. How can I test snort without having an ethernet card or a connection + to other computers ? +A1. You have to use routing between two dummy devices: + # modprobe -a dummy (The dummy device has to be build by the kernel) + # ifconfig dummy0 192.168.0.1 + # ifconfig dummy0:0 192.168.0.2 + # telnet 192.168.0.3 12345 + + It's important that the second IP is on the same interface and not + e.g. dummy1 or dummy2 and that the IP you try to access is *not* one + of those you put on the interfaces. Use snort's ability to hear in + promiscuous mode on an IP address range. (HOMEDIR=192.168.0.0/16) + +Q2. I saw that syslog logging is enabled, but I can't see any warnings in + /var/log/syslog ? +A2. That's because /etc/syslog.conf directs every output for the syslog + facility LOG_AUTH to the /var/log/auth.log file. You can still find + detail information about every logged scan in /var/log/snort/. + +Q3. You told me about the files in /var/log/snort, but I can't read them! +A3. For performance reasons they are logged in tcpdump-binary format. You + can read them with "tcpdump -r /var/log/snort/snort.log" or + mkdir /tmp/dir + cd /etc/snort + . snort.conf + snort -r /var/log/snort/snort.log \ + -S "HOME_NET=$DEBIAN_SNORT_HOME_NET" \ + -c /etc/snort/snort.conf-lib \ + -l /tmp/dir + The "-l /tmp/dir" creates the files in the /tmp/dir directory which MUST + be existing. You can use -s instead for logging to /var/log/auth.log. + +Q4. It seems you disabled some checks and modified snort-lib, why? +A4. Because they either generated too many false positives or generate too + much noise for harmless things like traceroutes or nmap fingerprint + attempts. These modifications are marked by a leading #debian#. + For more information see /usr/share/doc/snort/README.Maintainer. + +Q5. How can I update my rule database with the Debian packages? + (Hint: I'm running stable) +A5. Signature updates are provided by the snort-rules-default package but + if you are using stable, you will not see any changes in that package + since they are not allowed for stable releases. If you want to keep + your ruleset up-to-date you have two options: + + - Use the snort-rules-default from the unstable distribution, this + might work as long as it does not belong to a different Snort + release since in between releases snort rules might be updated + in such a way that they are not backwards compatible. + - Use a script to manage rule updates, such as 'oinkmaster' (currently + provided as a Debian package) or 'updateSnort' + - Use a backported version of Snort which includes these signatures. + + Always make sure that your new rules will be loaded fine by the sensor + by using 'snort -T' + + See also upstreams Snort FAQ item 3.18 + + -- Javier Fernandez-Sanguino Pen~a , Wed Dec 1 17:01:30 2004 --- snort-2.3.3.orig/debian/snort-pgsql.examples +++ snort-2.3.3/debian/snort-pgsql.examples @@ -0,0 +1 @@ +debian/my/snort_rules_update --- snort-2.3.3.orig/debian/snort-stat.8 +++ snort-2.3.3/debian/snort-stat.8 @@ -0,0 +1,21 @@ +.Dd January 3, 1999 +.Dt SNORT-STAT 8 +.Os Gnu/Linux +.Sh NAME +.Nm snort-stat +.Nd generates statistic of scans detected by snort +.Sh SYNOPSIS +.Nm cat /var/log/auth.log | /usr/sbin/snort-stat +.Sh DESCRIPTION +.Nm snort-stat +is a small script that generates a nice statistic on the port scans that +were detected by snort and reported via /var/log/snort/alert.log. +The output of this script is mailed to a user that is setup in +/etc/snort/snort.debian.conf. +The cron script /etc/cron.daily/5snort uses this script. +.Sh SEE ALSO +.Xr snort 8 +.Sh AUTHORS +The script is mostly based on the snort-stat from Yen-Ming Chen . +The hostname resolving, the big shrinkage and this manpage were done by +Christian Hammers . --- snort-2.3.3.orig/debian/snort-mysql.manpages +++ snort-2.3.3/debian/snort-mysql.manpages @@ -0,0 +1 @@ +snort.8 --- snort-2.3.3.orig/debian/snort.prerm +++ snort-2.3.3/debian/snort.prerm @@ -0,0 +1,52 @@ +#! /bin/sh +# prerm script for snort +# +# see: dh_installdeb(1) + +set -e + +# summary of how this script can be called: +# * `remove' +# * `upgrade' +# * `failed-upgrade' +# * `remove' `in-favour' +# * `deconfigure' `in-favour' +# `removing' +# +# for details, see /usr/doc/packaging-manual/ + +case "$1" in + remove|upgrade|deconfigure) + if [ -x /usr/sbin/invoke-rc.d ]; then + invoke-rc.d snort stop || true + else + /etc/init.d/snort stop || true + fi + ;; + failed-upgrade) + ;; + *) + echo "prerm called with unknown argument \`$1'" >&2 + exit 0 + ;; +esac + +# no matter if dialup, manual or boot modus! +#if [ -x /usr/sbin/invoke-rc.d ]; then +# invoke-rc.d snort stop || true +#else +# /etc/init.d/snort stop || true +#fi +# this used to be done with /etc/init.d/snort. +# Older versions of snort just kill every process with 'snort' in the +# name, so also 'snort.prerm'. This fixes that. +ps cax | grep ' snort$' | awk '{print $1}' | + xargs --no-run-if-empty kill -s KILL >/dev/null +rm -f /var/run/snort_*.pid + +# dh_installdeb will replace this with shell code automatically +# generated by other debhelper scripts. + +#DEBHELPER# + +exit 0 --- snort-2.3.3.orig/debian/po/vi.po +++ snort-2.3.3/debian/po/vi.po @@ -0,0 +1,607 @@ +# Vietnamese translation for snort. +# Copyright © 2005 Free Software Foundation, Inc. +# Clytie Siddall , 2005. +# +msgid "" +msgstr "" +"Project-Id-Version:snort 2.3.2-6\n" +"Report-Msgid-Bugs-To: jfs@computer.org\n" +"POT-Creation-Date: 2006-03-22 09:15+0100\n" +"PO-Revision-Date: 2005-08-29 13:03+0930\n" +"Last-Translator: Clytie Siddall \n" +"Language-Team: Vietnamese \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=utf-8\n" +"Content-Transfer-Encoding: 8bit\n" +"Plural-Forms: nplurals=1; plural=0\n" +"X-Generator: LocFactoryEditor 1.2.2\n" + +#. Type: select +#. Choices +#: ../snort.templates:3 ../snort-mysql.templates:3 ../snort-pgsql.templates:3 +msgid "boot, dialup, manual" +msgstr "khởi Ä‘á»™ng, quay số, thủ công" + +#. Type: select +#. Description +#: ../snort.templates:5 ../snort-mysql.templates:5 ../snort-pgsql.templates:5 +msgid "When should Snort be started?" +msgstr "Khi nào nên khởi chạy Snort?" + +#. Type: select +#. Description +#: ../snort.templates:5 ../snort-mysql.templates:5 ../snort-pgsql.templates:5 +msgid "" +"Snort can be started during boot, when connecting to the net with pppd or " +"only when you manually start it via /usr/sbin/snort." +msgstr "" +"Có thể khởi chạy Snort trong khi khởi Ä‘á»™ng máy, khi kết nối đến Mạng dùng " +"pppd, hoặc chỉ khi bạn tá»± khởi chạy nó thông qua ." + +#. Type: string +#. Description +#: ../snort.templates:12 ../snort-mysql.templates:12 +#: ../snort-pgsql.templates:12 +msgid "On which interface(s) should Snort listen?" +msgstr "Snort nên lắng nghe trên giao diện nào?" + +#. Type: string +#. Description +#: ../snort.templates:12 ../snort-mysql.templates:12 +#: ../snort-pgsql.templates:12 +msgid "" +"Please enter the name(s) of the interface(s) which Snort should listen on. " +"The names of the available interfaces are provided by either running 'ip " +"link show' of 'ifconfig'. This value usually is 'eth0', but you might want " +"to vary this depending on your environment, if you are using a dialup " +"connection 'ppp0' might be more appropiate." +msgstr "" +"Hãy nhập những tên giao diện nÆ¡i trình Snort nên lắng nghe trên chúng. (Có " +"thể xem tên của má»i giao diện sẵn sàng bằng cách chạy lệnh « ip link show » " +"của « ifconfig ».) Giá trị này thÆ°á»ng là « eth0 », nhÆ°ng mà có lẽ bạn muốn " +"chá»n má»™t giao diện khác: lấy thí dụ, nếu bạn kết nối bằng quay số, giá trị « " +"ppp0 » có thể là thích hợp hÆ¡n." + +#. Type: string +#. Description +#: ../snort.templates:12 ../snort-mysql.templates:12 +#: ../snort-pgsql.templates:12 +msgid "" +"Notice that Snort is usually configured to inspect all traffic coming from " +"the Internet, so the interface you add here is usually the same the 'default " +"route' is on. You can determine which interface is used for this running " +"either '/sbin/ip ro sh' or '/sbin/route -n' (look for 'default' or " +"'0.0.0.0')." +msgstr "" +"Hãy ghi chú rằng trình Snort thÆ°á»ng được cấu hình để kiểm tra tất cả tải từ " +"Mạng, thì giao diện bạn thêm vào đây thÆ°á»ng là cùng má»™t giao diện vá»›i Ä‘iá»u " +"có « Ä‘Æ°á»ng mặc định » (default route). Bạn có thể quyết định giao diện nào " +"được dùng bằng cách chạy lệnh « /sbin/ip ro sh » hay « /sbin/route -n » (hãy " +"tìm « default » hay « 0.0.0.0 »)." + +#. Type: string +#. Description +#: ../snort.templates:12 ../snort-mysql.templates:12 +#: ../snort-pgsql.templates:12 +msgid "" +"It is also not uncommon to run Snort on an interface with no IP and " +"configured in promiscuous mode, if this is your case, select the interface " +"in this system that is physically connected to the network you want to " +"inspect, enable promiscuous mode later on and make sure that the network " +"traffic is sent to this interface (either connected to a 'port mirroring/" +"spanning' port in a switch, to a hub or to a tap)" +msgstr "" +"CÅ©ng thÆ°á»ng là chạy trình Snort trên má»™t giao diện không có địa chỉ IP được " +"cấu hình trong chế Ä‘á»™ không phân biệt (promiscuous mode). Nếu bạn làm nhÆ° " +"thế, hãy chá»n giao diện trong hệ thống này có kết nối hợp lý đến mạng bạn " +"muốn kiểm tra, hiệu lá»±c chế Ä‘á»™ không phân biệt sau này, và đảm bảo tất cả " +"tải trên mạng được gởi cho giao diện này (hoặc được kết nối đến má»™t cổng " +"«nhân bản/nối» trong công tắt, đến thiết bị trung tâm mạng, hoặc đến dây rẽ)." + +#. Type: string +#. Description +#: ../snort.templates:12 ../snort-mysql.templates:12 +#: ../snort-pgsql.templates:12 +msgid "" +"You can configure multiple interfaces here, just by adding more than one " +"interface name separated by spaces. Each interface can have its specific " +"configuration." +msgstr "" +"Tại đây bạn có thể cấu hình nhiá»u giao diện, trong danh sách định giá»›i bằng " +"dấu cách. Má»—i giao diện có thể có cấu hình riêng." + +#. Type: string +#. Description +#: ../snort.templates:40 ../snort-mysql.templates:40 +#: ../snort-pgsql.templates:40 +msgid "Please enter the address range that Snort will listen on." +msgstr "Hãy nhập phạm vị địa chỉ mà trình Snort sẽ lắng nghe trên nó." + +#. Type: string +#. Description +#: ../snort.templates:40 ../snort-mysql.templates:40 +#: ../snort-pgsql.templates:40 +msgid "" +"You have to use CIDR form, i.e. 192.168.1.0/24 for a block of 256 IPs or " +"192.168.1.42/32 for just one. Specify multiple addresses on a single line " +"separated by ',' (comma characters), no spaces allowed!" +msgstr "" +"Bạn cần phải sá»­ dụng dạng CIDR, tức là « 192.168.1.0/24 » cho má»™t khối 256 " +"địa chỉ IP, hay « 192.168.1.42/32 » cho chỉ má»™t Ä‘iá»u. Hãy ghi rõ nhiá»u địa " +"chỉ trong má»™t dòng riêng lẻ, định giá»›i bằng dấu phẩy « , », không cho phép " +"dấu cách nào." + +#. Type: string +#. Description +#: ../snort.templates:40 ../snort-mysql.templates:40 +#: ../snort-pgsql.templates:40 +msgid "" +"If you want you can specify 'any', to not trust any side of the network." +msgstr "" +"Nếu bạn muốn, có thể ghi rõ « any » (bất cứ Ä‘iá»u nào), để không tin bất cứ " +"bên mạng nào." + +#. Type: string +#. Description +#: ../snort.templates:40 ../snort-mysql.templates:40 +#: ../snort-pgsql.templates:40 +msgid "" +"Notice that if you are using multiple interfaces this definition will be " +"used as the HOME_NET definition of all of them." +msgstr "" +"Hãy ghi chú rằng nếu bạn Ä‘ang sá»­ dụng nhiá»u giao diện thì lá»i định nghÄ©a này " +"sẽ được dùng là lá»i định nghÄ©a « HOME_NET » của tất cả. " + +#. Type: boolean +#. Description +#: ../snort.templates:53 ../snort-mysql.templates:53 +#: ../snort-pgsql.templates:53 +msgid "Should Snort disable promiscuous mode on the interface?" +msgstr "" +"Trình Snort nên vô hiệu hóa chế Ä‘á»™ không phân biệt trong giao diện này không?" + +#. Type: boolean +#. Description +#: ../snort.templates:53 ../snort-mysql.templates:53 +#: ../snort-pgsql.templates:53 +msgid "" +"Disabling promiscuous mode means that Snort will only see packets addressed " +"to it's own interface. Enabling it allows Snort to check every packet that " +"passes ethernet segment even if it's a connection between two other " +"computers." +msgstr "" +"Vô hiệu hóa chế Ä‘á»™ không phân biệt có nghÄ©a là trình Snort sẽ xem chỉ những " +"gói tin được gởi cho địa chỉ của giao diện của chính nó. Hiệu lá»±c chế Ä‘á»™ này " +"cho phép trình Snort kiểm tra má»i gói tin qua Ä‘oạn Ethernet, thậm chí nêÌu " +"chỉ có kết nối giữa hai máy khác." + +#. Type: boolean +#. Description +#: ../snort.templates:53 ../snort-mysql.templates:53 +#: ../snort-pgsql.templates:53 +msgid "" +"Disable promiscuous mode if you are configuring Snort on an interface " +"without a configured IP address." +msgstr "" +"Vô hiệu hóa chế Ä‘á»™ không phân biệt nếu bạn Ä‘ang cấu hình trình Snort trên " +"má»™t giao diện không có địa chỉ IP được cấu hình." + +#. Type: note +#. Description +#: ../snort.templates:64 +msgid "Invalid interface" +msgstr "" + +#. Type: note +#. Description +#: ../snort.templates:64 +msgid "" +"One of the interfaces you specified is not valid (it might not exist on the " +"system or be down). Please introduce a valid interface when answering the " +"question of which interface(s) should Snort listen on." +msgstr "" + +#. Type: note +#. Description +#: ../snort.templates:64 +msgid "" +"If you did not configure an interface then the package is trying to use the " +"default ('eth0') which does not seem to be valid in your system." +msgstr "" + +#. Type: boolean +#. Description +#: ../snort.templates:75 ../snort-mysql.templates:65 +#: ../snort-pgsql.templates:65 +msgid "Should Snort's rules testing order be changed to Pass|Alert|Log?" +msgstr "" +"Thứ tá»± kiểm tra quy tắc của Snort nên thay đổi thành « Pass|Alert|Log » " +"không?" + +#. Type: boolean +#. Description +#: ../snort.templates:75 ../snort-mysql.templates:65 +#: ../snort-pgsql.templates:65 +msgid "" +"If you change Snort's rules testing order to Pass|Alert|Log, they will be " +"applied in Pass->Alert->Log order, instead of standard Alert->Pass->Log. " +"This will prevent people from having to make huge Berky Packet Filter " +"command line arguments to filter their alert rules." +msgstr "" +"Nếu bạn thay đổi thứ tá»± kiểm tra quy tắc của trình Snort thành «Pass|Alert|" +"Log» thì nó sẽ áp dụng các quy tắc theo thứ tá»± « Pass→Alert→Log » (qua→báo " +"Ä‘á»™ng→ghi lÆ°u), thay vào thứ tá»± chuẩn « Alert→Pass→Log » (báo Ä‘á»™ng→qua→ghi " +"lÆ°u). Làm nhÆ° thế sẽ tránh ngÆ°á»i cần phải tạo đối số dòng lệnh « Berky " +"Packet Filter » (bá»™ lá»c gói tin Berky) lá»›n quá để lá»c những quy tắc báo Ä‘á»™ng " +"của há»." + +#. Type: boolean +#. Description +#: ../snort.templates:84 ../snort-mysql.templates:74 +#: ../snort-pgsql.templates:74 +msgid "Should daily summaries be sent by e-mail?" +msgstr "" + +#. Type: boolean +#. Description +#: ../snort.templates:84 ../snort-mysql.templates:74 +#: ../snort-pgsql.templates:74 +msgid "" +"This Snort installation provides a cron job that runs daily and summarises " +"the information of Snort logs to a selected email address. If you want to " +"disable this feature say 'no' here." +msgstr "" + +#. Type: string +#. Description +#: ../snort.templates:92 ../snort-mysql.templates:82 +#: ../snort-pgsql.templates:82 +msgid "Who should receive the daily statistics mails?" +msgstr "Ai nên nhận những thÆ° thống kê hàng ngày?" + +#. Type: string +#. Description +#: ../snort.templates:92 ../snort-mysql.templates:82 +#: ../snort-pgsql.templates:82 +msgid "" +"A cron job running daily will summarise the information of the logs " +"generated by Snort using a script called 'snort-stat'. Introduce here the " +"recipient of these mails. The default value is the system administrator. If " +"you keep this value, make sure that the mail of the administrator is " +"redirected to a user that actually reads those mails." +msgstr "" +"Má»™t công việc định ká»· (cron job) chạy hàng ngày sẽ tóm tắt thông tin của các " +"bản ghi do trình Snort tạo ra, dùng má»™t tập lệnh được gá»i là « snort-stat ». " +"Tại đây hãy nhập tên của ngÆ°á»i sẽ nhận các thÆ° này. Giá trị mặc định là quản " +"trị hệ thống. Nếu bạn giữ giá trị này, hãy đảm bảo các thÆ° được gởi cho quản " +"trị hệ thống có phải được chuyển tiếp cho má»™t ngÆ°á»i dùng thật sá»± Ä‘á»c hết." + +#. Type: string +#. Description +#: ../snort.templates:102 ../snort-mysql.templates:93 +#: ../snort-pgsql.templates:92 +msgid "" +"If you want to specify custom options to Snort, please specify them here." +msgstr "" +"Nếu bạn muốn ghi rõ má»™t số tùy chá»n riêng cho trình Snort, hãy nhập vào đây." + +#. Type: string +#. Description +#: ../snort.templates:107 ../snort-mysql.templates:98 +#: ../snort-pgsql.templates:97 +msgid "" +"An alert needs to appear more times than this number to be included in the " +"daily statistics." +msgstr "" +"Äể được gồm trong thống kê hàng ngày, má»™t báo Ä‘á»™ng cần xuất hiện số lần hÆ¡n " +"số này." + +#. Type: note +#. Description +#: ../snort.templates:111 ../snort-mysql.templates:162 +#: ../snort-pgsql.templates:161 +msgid "You are running Snort manually." +msgstr "Bạn Ä‘ang tá»± chạy trình Snort." + +#. Type: note +#. Description +#: ../snort.templates:111 ../snort-mysql.templates:162 +#: ../snort-pgsql.templates:161 +msgid "" +"Please restart Snort using:\n" +" /etc/init.d/snort start\n" +"to let the settings take effect." +msgstr "" +"Hãy khởi chạy lại trình Snort, dùng lệnh:\n" +"« /etc/init.d/snort start »\n" +"để hoạt hóa thiết lập." + +#. Type: note +#. Description +#: ../snort.templates:118 ../snort-mysql.templates:169 +#: ../snort-pgsql.templates:168 +msgid "There is an error in your configuration" +msgstr "Gặp lá»—i trong cấu hình bạn." + +#. Type: note +#. Description +#: ../snort.templates:118 ../snort-mysql.templates:169 +#: ../snort-pgsql.templates:168 +msgid "" +"Your Snort configuration is not correct and Snort will not be able to start " +"up normally. Please review your configuration and fix it. If you do not do " +"this, Snort package upgrades will probably break. To check which error is " +"being generated run '/usr/sbin/snort -T -c /etc/snort/snort.conf' (or point " +"to an alternate configuration file if you are using different files for " +"different interfaces)" +msgstr "" +"Cấu hình Snort bạn không đúng, nên trình Snort sẽ không thể khởi chạy lại " +"má»™t cách bình thÆ°á»ng. Hãy xem lại cấu hình rồi sá»­a nó. Nếu bạn không sá»­a thì " +"rất có thể là các việc nâng cấp gói Snort sẽ không hoạt Ä‘á»™ng. Äể kiểm tra " +"xem lá»—i nào được tạo ra, hãy chạy lệnh « /usr/sbin/snort -T -c /etc/snort/" +"snort.conf » (hoặc chỉ tá»›i má»™t tập tin cấu hình khác, nếu bạn Ä‘ang sá»­ dụng " +"tập tin riêng cho giao diện riêng)." + +#. Type: note +#. Description +#: ../snort.templates:128 ../snort-mysql.templates:179 +#: ../snort-pgsql.templates:178 +msgid "This system uses an obsolete configuration file" +msgstr "Hệ thống này dùng má»™t tập tin cấu hình cÅ©." + +#. Type: note +#. Description +#: ../snort.templates:128 ../snort-mysql.templates:179 +#: ../snort-pgsql.templates:178 +msgid "" +"Your system has an obsolete configuration file (/etc/snort/snort.common." +"parameters) which has been automatically converted into the new " +"configuration file format (at /etc/default/snort). Please review the new " +"configuration and remove the obsolete one. Until you do this, the init.d " +"script will not use the new configuration and you will not take advantage of " +"the benefits introduced in newer releases." +msgstr "" +"Hệ thống bạn có má»™t tập tin cấu hình cÅ© () đã được chuyển đổi tá»± Ä‘á»™ng sang khuôn dạng tập tin cấu hình má»›i " +"(tại ). Bạn hãy xem lại cấu hình má»›i là đúng, rồi loại " +"bá» tập tin cÅ©. Cho đến khi bạn làm nhÆ° thế, tập lệnh « init.d » sẽ không " +"dùng cấu hình má»›i, và bạn sẽ không thể nhá»› dịp những lợi ích được giá»›i thiệu " +"trong phiên bản má»›i." + +#. Type: note +#. Description +#: ../snort-mysql.templates:102 +msgid "" +"Your system has an obsolete configuration file (/etc/snort/snort.common." +"parameters) which has been automatically converted into the new " +"configuration file format (at /etc/default/snort). Please review the new " +"configuration and remove the obsolete one. Until you do this, the init.d " +"script will not use the new configuration and you will not take advantage of " +"the benefits introduced in newer releases." +msgstr "" +"Hệ thống bạn có má»™t tập tin cấu hình cÅ© () đã được chuyển đổi tá»± Ä‘á»™ng sang khuôn dạng tập tin cấu hình má»›i " +"(tại «/etc/default/snort»). Bạn hãy xem lại cấu hình má»›i là đúng, rồi loại " +"bá» tập tin cÅ©. Cho đến khi bạn làm nhÆ° thế, tập lệnh « init.d » sẽ không " +"dùng cấu hình má»›i, và bạn sẽ không thể nhá»› dịp những lợi ích được giá»›i thiệu " +"trong phiên bản má»›i." + +#. Type: boolean +#. Description +#: ../snort-mysql.templates:114 +msgid "Do you want to set up a database for snort-mysql to log to?" +msgstr "" +"Bạn có muốn thiết lập má»™t cÆ¡ sở dữ liệu cho phép snort-mysql đăng nhập không?" + +#. Type: boolean +#. Description +#: ../snort-mysql.templates:114 +msgid "" +"You only need to do this the first time you install snort-mysql. Before you " +"go on, make sure you have (1) the hostname of a machine running a mysql " +"server set up to allow tcp connections from this host, (2) a database on " +"that server, (3) a username and password to access the database. If you " +"don't have _all_ of these, either select 'no' and run with regular file " +"logging support, or fix this first. You can always configure database " +"logging later, by reconfiguring the snort-mysql package with 'dpkg-" +"reconfigure -plow snort-mysql'" +msgstr "" +"Bạn cần làm nhÆ° thế chỉ lần đầu tiên cài đặt snort-mysql. TrÆ°á»›c khi tiếp " +"tục, bạn hãy đảm bảo có thông tin này:\n" +" 1. tên máy của má»™t máy có chạy má»™t trình phục vụ MySQL, được thiết lập để " +"cho phép sá»± kết nối TCP từ máy này;\n" +" 2. má»™t cÆ¡ sở dữ liệu trong trình phục vụ ấy;\n" +" 3. tên ngÆ°á»i dùng và mật khẩu có thể truy cập cÆ¡ sở dữ liệu ấy.\n" +"Nếu bạn chÆ°a có _tất cả_ các Ä‘iá»u này, hãy hoặc chá»n «Không» (no) và chạy " +"vá»›i cách há»— trợ ghi lÆ°u vào tập tin, hoặc tập hợp thông tin thiếu trÆ°á»›c tiếp " +"tục. Bạn vẫn có thể cấu hình ghi lÆ°u vào cÆ¡ sở dữ liệu sau này, bằng cách " +"cấu hình lại gói snort-mysql dùng lệnh « dpkg-reconfigure -plow snort-mysql " +"»." + +#. Type: note +#. Description +#: ../snort-mysql.templates:126 ../snort-pgsql.templates:125 +msgid "Snort needs a configured database to log to before it starts." +msgstr "" +"Äể khởi chạy trình Snort, cần phải có má»™t cÆ¡ sở dữ liệu được cấu hình để cho " +"phép trình Snort đăng nhập." + +#. Type: note +#. Description +#: ../snort-mysql.templates:126 +msgid "" +"Snort needs a configured database before it can successfully start up. In " +"order to create the structure you need to run the following commands AFTER " +"the package is installed:\n" +" cd /usr/share/doc/snort-mysql/\n" +" zcat create_mysql.gz | mysql -u -h -p \n" +"Fill in the correct values for the user, host, and database names. MySQL " +"will prompt you for the password." +msgstr "" +"Trình Snort cần thiết má»™t cÆ¡ sở dữ liệu đã cấu hình, trÆ°á»›c khi nó có thể " +"khởi chạy được. Äể tạo cấu trúc này, bạn hãy chạy những lệnh theo đây SAU " +"KHI cài đặt gói:\n" +"« cd /usr/share/doc/snort-mysql/\n" +" zcat create_mysql.gz | mysql -u -h -p " +" »\n" +"Bạn hãy Ä‘iá»n vào các giá trị đúng cho tên ngÆ°á»i dùng, tên máy và tên cÆ¡ sở " +"dữ liệu. Trình MySQL sẽ nhắc bạn nhập mật khẩu." + +#. Type: note +#. Description +#: ../snort-mysql.templates:126 ../snort-pgsql.templates:125 +msgid "" +"After you created the database structure, you will need to start Snort " +"manually." +msgstr "" +"Sau khi bạn tạo cấu trúc cÆ¡ sở dữ liệu, cần phải tá»± khởi chạy trình Snort." + +#. Type: string +#. Description +#: ../snort-mysql.templates:140 +msgid "Please enter the hostname of the mysql database server to use." +msgstr "" +"Hãy nhập tên máy của máy chạy trình phục vụ cÆ¡ sở dữ liệu MySQL cần dùng." + +#. Type: string +#. Description +#: ../snort-mysql.templates:140 ../snort-pgsql.templates:139 +msgid "" +"Make sure it has been set up correctly to allow incoming connections from " +"this host!" +msgstr "" +"• Hãy đảm bảo nó đã được thiết lập cho đúng để cho phép sá»± kết nối đến từ " +"máy này. •" + +#. Type: string +#. Description +#: ../snort-mysql.templates:146 ../snort-pgsql.templates:145 +msgid "Please enter the name of the database to use." +msgstr "Hãy nhập tên cÆ¡ sở dữ liệu cần dùng." + +#. Type: string +#. Description +#: ../snort-mysql.templates:146 ../snort-pgsql.templates:145 +msgid "" +"Make sure this database has been created and your database user has write " +"access to this database." +msgstr "" +"Hãy đảm bảo cÆ¡ sở dữ liệu này đã được tạo, và ngÆ°á»i dùng cÆ¡ sở dữ liệu có " +"quyá»n ghi vào nó." + +#. Type: string +#. Description +#: ../snort-mysql.templates:152 ../snort-pgsql.templates:151 +msgid "Please enter the name of the database user you want to use." +msgstr "Hãy nhập tên của ngÆ°á»i dùng cÆ¡ sở dữ liệu mà bạn muốn dùng." + +#. Type: string +#. Description +#: ../snort-mysql.templates:152 ../snort-pgsql.templates:151 +msgid "Make sure this user has been created and has write access." +msgstr "Hãy đảm bảo ngÆ°á»i dùng này đã được tạo, và có quyá»n ghi." + +#. Type: password +#. Description +#: ../snort-mysql.templates:157 ../snort-pgsql.templates:156 +msgid "Please enter the password for the database connection." +msgstr "Hãy nhập mật khẩu cho sá»± kết nối đến cÆ¡ sở dữ liệu." + +#. Type: password +#. Description +#: ../snort-mysql.templates:157 ../snort-pgsql.templates:156 +msgid "Please enter a password to connect to the Snort Alert database." +msgstr "Hãy nhập mật khẩu để kết nối đến cÆ¡ sở dữ liệu Báo Ä‘á»™ng Snort." + +#. Type: boolean +#. Description +#: ../snort-pgsql.templates:113 +msgid "Do you want to set up a database for snort-pgsql to log to?" +msgstr "" +"Bạn có muốn thiết lập má»™t cÆ¡ sở dữ liệu cho phép snort-pgsql đăng nhập không?" + +#. Type: boolean +#. Description +#: ../snort-pgsql.templates:113 +msgid "" +"You only need to do this the first time you install snort-pgsql. Before you " +"go on, make sure you have (1) the hostname of a machine running a pgsql " +"server set up to allow tcp connections from this host, (2) a database on " +"that server, (3) a username and password to access the database. If you " +"don't have _all_ of these, either select 'no' and run with regular file " +"logging support, or fix this first. You can always configure database " +"logging later, by reconfiguring the snort-pgsql package with 'dpkg-" +"reconfigure -plow snort-pgsql'" +msgstr "" +"Bạn cần làm nhÆ° thế chỉ lần đầu tiên cài đặt snort-pgsql. TrÆ°á»›c khi tiếp " +"tục, bạn hãy đảm bảo có thông tin này:\n" +" 1. tên máy của má»™t máy có chạy má»™t trình phục vụ PostgreSQL, được thiết lập " +"để cho phép sá»± kết nối TCP từ máy này;\n" +" 2. má»™t cÆ¡ sở dữ liệu trong trình phục vụ ấy;\n" +" 3. tên ngÆ°á»i dùng và mật khẩu có thể truy cập cÆ¡ sở dữ liệu ấy.\n" +"Nếu bạn chÆ°a có _tất cả_ các Ä‘iá»u này, hãy hoặc chá»n « Không » (no) và chạy " +"vá»›i cách há»— trợ ghi lÆ°u vào tập tin, hoặc tập hợp thông tin thiếu trÆ°á»›c tiếp " +"tục. Bạn vẫn có thể cấu hình ghi lÆ°u vào cÆ¡ sở dữ liệu sau này, bằng cách " +"cấu hình lại gói snort-mysql dùng lệnh « dpkg-reconfigure -plow snort-pgsql " +"»." + +#. Type: note +#. Description +#: ../snort-pgsql.templates:125 +msgid "" +"Snort needs a configured database before it can successfully start up. In " +"order to create the structure you need to run the following commands AFTER " +"the package is installed:\n" +" cd /usr/share/doc/snort-pgsql/\n" +" zcat create_postgresql.gz | psql -U -h -W \n" +"Fill in the correct values for the user, host, and database names. " +"PostgreSQL will prompt you for the password." +msgstr "" +"Trình Snort cần thiết má»™t cÆ¡ sở dữ liệu đã cấu hình, trÆ°á»›c khi nó có thể " +"khởi chạy được. Äể tạo cấu trúc này, bạn hãy chạy những lệnh theo đây SAU " +"KHI cài đặt gói:\n" +"« cd /usr/share/doc/snort-pgsql/\n" +" zcat create_pgsql.gz | psql -u -h -p " +"»\n" +"Bạn hãy Ä‘iá»n vào các giá trị đúng cho tên ngÆ°á»i dùng, tên máy và tên cÆ¡ sở " +"dữ liệu. Trình PostgreSQL sẽ nhắc bạn nhập mật khẩu." + +#. Type: string +#. Description +#: ../snort-pgsql.templates:139 +msgid "Please enter the hostname of the pgsql database server to use." +msgstr "" +"Hãy nhập tên máy của máy chạy trình phục vụ cÆ¡ sở dữ liệu PostgreSQL cần " +"dùng." + +#. Type: note +#. Description +#: ../snort-common.templates:3 +msgid "Your configuration file is deprecated" +msgstr "Tập tin cấu hình bạn bị phản đối." + +#. Type: note +#. Description +#: ../snort-common.templates:3 +msgid "" +"Your Snort configuration file (/etc/snort/snort.conf) uses deprecated " +"options no longer available for this Snort release. Snort will not be able " +"to start unless you provide a correct configuration file. You can substitute " +"your configuration file with the one provided in this package or fix it " +"manually by removing deprecated options." +msgstr "" +"Tập tin cấu hình Snort () có dùng tùy chá»n bị phản " +"đối không còn sẵn sàng lại cho phiên bản Snort này. Trình Snort không thể " +"khởi chạy cho đến bạn cung cấp má»™t tập tin cấu hình đúng. Bạn có thể thay " +"thế tập tin cấu hình cÅ© bằng Ä‘iá»u được cung cấp trong gói này, hoặc tá»± sá»­a " +"nó bằng cách loại bá» các tùy chá»n bị phản đối." + +#. Type: note +#. Description +#: ../snort-common.templates:3 +msgid "" +"The following deprecated options were found in your configuration file: " +"${DEP_CONFIG}" +msgstr "" +"Tìm thấy những tùy chá»n bị phản đối này trong tập tin cấu hình bạn:\n" +"${DEP_CONFIG}" --- snort-2.3.3.orig/debian/po/pt_BR.po +++ snort-2.3.3/debian/po/pt_BR.po @@ -0,0 +1,802 @@ +# +# Translators, if you are not familiar with the PO format, gettext +# documentation is worth reading, especially sections dedicated to +# this format, e.g. by running: +# info -n '(gettext)PO Files' +# info -n '(gettext)Header Entry' +# +# Some information specific to po-debconf are available at +# /usr/share/doc/po-debconf/README-trans +# or http://www.debian.org/intl/l10n/po-debconf/README-trans +# +# Developers do not need to manually edit POT or PO files. +# +msgid "" +msgstr "" +"Project-Id-Version: snort\n" +"Report-Msgid-Bugs-To: jfs@computer.org\n" +"POT-Creation-Date: 2006-03-22 09:15+0100\n" +"PO-Revision-Date: 2004-08-07 22:06-0300\n" +"Last-Translator: André Luís Lopes \n" +"Language-Team: Debian-BR Project \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=ISO-8859-1\n" +"Content-Transfer-Encoding: 8bit\n" + +#. Type: select +#. Choices +#: ../snort.templates:3 ../snort-mysql.templates:3 ../snort-pgsql.templates:3 +msgid "boot, dialup, manual" +msgstr "inicialização, discagem, manual" + +#. Type: select +#. Description +#: ../snort.templates:5 ../snort-mysql.templates:5 ../snort-pgsql.templates:5 +msgid "When should Snort be started?" +msgstr "Quando o Snort deve ser iniciado ?" + +#. Type: select +#. Description +#: ../snort.templates:5 ../snort-mysql.templates:5 ../snort-pgsql.templates:5 +msgid "" +"Snort can be started during boot, when connecting to the net with pppd or " +"only when you manually start it via /usr/sbin/snort." +msgstr "" +"O Snort pode ser iniciado durante a inicialização da máquina, quando " +"conectando a Internet com o pppd ou somente quando você iniciar manualmente " +"através do comando /usr/sbin/snort." + +#. Type: string +#. Description +#: ../snort.templates:12 ../snort-mysql.templates:12 +#: ../snort-pgsql.templates:12 +#, fuzzy +msgid "On which interface(s) should Snort listen?" +msgstr "Em qual interface de rede o Snort deve ouvir ?" + +#. Type: string +#. Description +#: ../snort.templates:12 ../snort-mysql.templates:12 +#: ../snort-pgsql.templates:12 +#, fuzzy +msgid "" +"Please enter the name(s) of the interface(s) which Snort should listen on. " +"The names of the available interfaces are provided by either running 'ip " +"link show' of 'ifconfig'. This value usually is 'eth0', but you might want " +"to vary this depending on your environment, if you are using a dialup " +"connection 'ppp0' might be more appropiate." +msgstr "" +"Por favor, informe o nome da interface na qual o snort deverá ouvir. O nome " +"das interfaces disponíveis podem ser visualizados executando-se o comando " +"'ip link show'. Esse valor geralmente é 'eth0', mas você pode querer variar " +"isso dependendo de seu ambiente, caso você esteja usando uma conexão " +"discada, 'ppp0' pode ser mais apropriado." + +#. Type: string +#. Description +#: ../snort.templates:12 ../snort-mysql.templates:12 +#: ../snort-pgsql.templates:12 +msgid "" +"Notice that Snort is usually configured to inspect all traffic coming from " +"the Internet, so the interface you add here is usually the same the 'default " +"route' is on. You can determine which interface is used for this running " +"either '/sbin/ip ro sh' or '/sbin/route -n' (look for 'default' or " +"'0.0.0.0')." +msgstr "" +"Note que o Snort é geralmente configurado para inspecionar todo tráfego " +"chegando da Internet, de modo que a interface que você adicionar aqui " +"geralmente é a mesma onde a 'rota padrão' está. Você pode determinar qual " +"interface é usada para isso executando o comando '/sbin/ip ro sh' ou '/sbin/" +"route -n' (procure por 'default' ou '0.0.0.0')." + +#. Type: string +#. Description +#: ../snort.templates:12 ../snort-mysql.templates:12 +#: ../snort-pgsql.templates:12 +msgid "" +"It is also not uncommon to run Snort on an interface with no IP and " +"configured in promiscuous mode, if this is your case, select the interface " +"in this system that is physically connected to the network you want to " +"inspect, enable promiscuous mode later on and make sure that the network " +"traffic is sent to this interface (either connected to a 'port mirroring/" +"spanning' port in a switch, to a hub or to a tap)" +msgstr "" +"Também não é incomum executar o Snort em uma interface sem endereço IP e " +"configurada em modo promíscuo, caso esse seja seu caso, selecione a " +"interface neste sistema que esteja fisicamente conectada a rede que você " +"quer inspecionar, habilite o modo promíscuo depois e certifique-se de que o " +"tráfego de rede seja enviada para essa interface (conectado a uma porta " +"'port mirroring/spanning' em um switch, a um hub ou a uma tap)" + +#. Type: string +#. Description +#: ../snort.templates:12 ../snort-mysql.templates:12 +#: ../snort-pgsql.templates:12 +msgid "" +"You can configure multiple interfaces here, just by adding more than one " +"interface name separated by spaces. Each interface can have its specific " +"configuration." +msgstr "" + +#. Type: string +#. Description +#: ../snort.templates:40 ../snort-mysql.templates:40 +#: ../snort-pgsql.templates:40 +msgid "Please enter the address range that Snort will listen on." +msgstr "Por favor, especifique a faixa de endereços na qual o Snort irá ouvir." + +#. Type: string +#. Description +#: ../snort.templates:40 ../snort-mysql.templates:40 +#: ../snort-pgsql.templates:40 +msgid "" +"You have to use CIDR form, i.e. 192.168.1.0/24 for a block of 256 IPs or " +"192.168.1.42/32 for just one. Specify multiple addresses on a single line " +"separated by ',' (comma characters), no spaces allowed!" +msgstr "" +"Você precisará usar a notação CIDR, ou seja, 192.168.1.0/24 para um bloco de " +"256 IPs ou 192.168.1.42/32 para um único host. Especifique múltiplos " +"endereços em uma única linha separados por ',' (caracter vírgula). Espaços " +"não são permitidos !" + +#. Type: string +#. Description +#: ../snort.templates:40 ../snort-mysql.templates:40 +#: ../snort-pgsql.templates:40 +msgid "" +"If you want you can specify 'any', to not trust any side of the network." +msgstr "" +"Caso você queira, é possível especificar 'any', para não confiar em nenhum " +"dos lados da rede." + +#. Type: string +#. Description +#: ../snort.templates:40 ../snort-mysql.templates:40 +#: ../snort-pgsql.templates:40 +msgid "" +"Notice that if you are using multiple interfaces this definition will be " +"used as the HOME_NET definition of all of them." +msgstr "" + +#. Type: boolean +#. Description +#: ../snort.templates:53 ../snort-mysql.templates:53 +#: ../snort-pgsql.templates:53 +msgid "Should Snort disable promiscuous mode on the interface?" +msgstr "O Snort deve desabilitar o modo promíscuo na interface ?" + +#. Type: boolean +#. Description +#: ../snort.templates:53 ../snort-mysql.templates:53 +#: ../snort-pgsql.templates:53 +msgid "" +"Disabling promiscuous mode means that Snort will only see packets addressed " +"to it's own interface. Enabling it allows Snort to check every packet that " +"passes ethernet segment even if it's a connection between two other " +"computers." +msgstr "" +"Desabilitar o modo promíscuo significa que o Snort irá somente ver pacotes " +"destinados a sua própria interface. Habilitar o modo promíscuo permitirá que " +"o Snort cheque cada pacote que passa pelo segmento ethernet mesmo caso os " +"pacotes façam parte de uma conexão entre dois outros computadores." + +#. Type: boolean +#. Description +#: ../snort.templates:53 ../snort-mysql.templates:53 +#: ../snort-pgsql.templates:53 +msgid "" +"Disable promiscuous mode if you are configuring Snort on an interface " +"without a configured IP address." +msgstr "" +"Desabilite o modo promíscuo caso você esteja configurando o Snort em uma " +"interface sem um endereço IP configurado." + +#. Type: note +#. Description +#: ../snort.templates:64 +msgid "Invalid interface" +msgstr "" + +#. Type: note +#. Description +#: ../snort.templates:64 +msgid "" +"One of the interfaces you specified is not valid (it might not exist on the " +"system or be down). Please introduce a valid interface when answering the " +"question of which interface(s) should Snort listen on." +msgstr "" + +#. Type: note +#. Description +#: ../snort.templates:64 +msgid "" +"If you did not configure an interface then the package is trying to use the " +"default ('eth0') which does not seem to be valid in your system." +msgstr "" + +#. Type: boolean +#. Description +#: ../snort.templates:75 ../snort-mysql.templates:65 +#: ../snort-pgsql.templates:65 +msgid "Should Snort's rules testing order be changed to Pass|Alert|Log?" +msgstr "" +"A ordem de teste das regras do Snort deve ser mudada para Passar|Alertar|" +"Logar ?" + +#. Type: boolean +#. Description +#: ../snort.templates:75 ../snort-mysql.templates:65 +#: ../snort-pgsql.templates:65 +msgid "" +"If you change Snort's rules testing order to Pass|Alert|Log, they will be " +"applied in Pass->Alert->Log order, instead of standard Alert->Pass->Log. " +"This will prevent people from having to make huge Berky Packet Filter " +"command line arguments to filter their alert rules." +msgstr "" +"Caso você mude a ordem de teste das regras do Snort para Passar|Alertar|" +"Logar, as regras serão aplicadas na ordem Passar->Alertar->Logar, ao invés " +"da ordem padrão Alertar->Passar->Logar. Isso evitará que os usuários do " +"Snort tenham que fazer grandes argumentos de linha de comando Berkely Packet " +"Filtering para filtrar suas regras de alerta." + +#. Type: boolean +#. Description +#: ../snort.templates:84 ../snort-mysql.templates:74 +#: ../snort-pgsql.templates:74 +msgid "Should daily summaries be sent by e-mail?" +msgstr "" + +#. Type: boolean +#. Description +#: ../snort.templates:84 ../snort-mysql.templates:74 +#: ../snort-pgsql.templates:74 +msgid "" +"This Snort installation provides a cron job that runs daily and summarises " +"the information of Snort logs to a selected email address. If you want to " +"disable this feature say 'no' here." +msgstr "" + +#. Type: string +#. Description +#: ../snort.templates:92 ../snort-mysql.templates:82 +#: ../snort-pgsql.templates:82 +msgid "Who should receive the daily statistics mails?" +msgstr "Quem deverá receber os e-mails de estatísticas diárias ?" + +#. Type: string +#. Description +#: ../snort.templates:92 ../snort-mysql.templates:82 +#: ../snort-pgsql.templates:82 +msgid "" +"A cron job running daily will summarise the information of the logs " +"generated by Snort using a script called 'snort-stat'. Introduce here the " +"recipient of these mails. The default value is the system administrator. If " +"you keep this value, make sure that the mail of the administrator is " +"redirected to a user that actually reads those mails." +msgstr "" +"Um job cron executado diariamente irá sumarizar a informação dos logs " +"gerados pelo Snort usando um script chamado 'snort-stat'. Informe aqui o " +"destinatário dessas mensagens. O valor padrão é o administrador do sistema. " +"Caso você mantenha esse valor, certifique-se de que as mensagens para o " +"administrador sejam redirecionadas para um usuário que na verdade leia essas " +"mensagens." + +#. Type: string +#. Description +#: ../snort.templates:102 ../snort-mysql.templates:93 +#: ../snort-pgsql.templates:92 +msgid "" +"If you want to specify custom options to Snort, please specify them here." +msgstr "" +"Caso você queira especificar opções personalizadas para o Snort, por favor, " +"especifique-os aqui." + +#. Type: string +#. Description +#: ../snort.templates:107 ../snort-mysql.templates:98 +#: ../snort-pgsql.templates:97 +msgid "" +"An alert needs to appear more times than this number to be included in the " +"daily statistics." +msgstr "" +"Um alerta precisa aparecer mais do que esta quantidade de vezes para ser " +"considerado nas estatísticas diárias." + +#. Type: note +#. Description +#: ../snort.templates:111 ../snort-mysql.templates:162 +#: ../snort-pgsql.templates:161 +msgid "You are running Snort manually." +msgstr "Você está executando o Snort manualmente." + +#. Type: note +#. Description +#: ../snort.templates:111 ../snort-mysql.templates:162 +#: ../snort-pgsql.templates:161 +msgid "" +"Please restart Snort using:\n" +" /etc/init.d/snort start\n" +"to let the settings take effect." +msgstr "" +"Por favor reinicie o Snort usando :\n" +" /etc/init.d/snort start\n" +"para fazer com que as configurações tenham efeito." + +#. Type: note +#. Description +#: ../snort.templates:118 ../snort-mysql.templates:169 +#: ../snort-pgsql.templates:168 +msgid "There is an error in your configuration" +msgstr "" + +#. Type: note +#. Description +#: ../snort.templates:118 ../snort-mysql.templates:169 +#: ../snort-pgsql.templates:168 +msgid "" +"Your Snort configuration is not correct and Snort will not be able to start " +"up normally. Please review your configuration and fix it. If you do not do " +"this, Snort package upgrades will probably break. To check which error is " +"being generated run '/usr/sbin/snort -T -c /etc/snort/snort.conf' (or point " +"to an alternate configuration file if you are using different files for " +"different interfaces)" +msgstr "" + +#. Type: note +#. Description +#: ../snort.templates:128 ../snort-mysql.templates:179 +#: ../snort-pgsql.templates:178 +msgid "This system uses an obsolete configuration file" +msgstr "" + +#. Type: note +#. Description +#: ../snort.templates:128 ../snort-mysql.templates:179 +#: ../snort-pgsql.templates:178 +msgid "" +"Your system has an obsolete configuration file (/etc/snort/snort.common." +"parameters) which has been automatically converted into the new " +"configuration file format (at /etc/default/snort). Please review the new " +"configuration and remove the obsolete one. Until you do this, the init.d " +"script will not use the new configuration and you will not take advantage of " +"the benefits introduced in newer releases." +msgstr "" + +#. Type: note +#. Description +#: ../snort-mysql.templates:102 +msgid "" +"Your system has an obsolete configuration file (/etc/snort/snort.common." +"parameters) which has been automatically converted into the new " +"configuration file format (at /etc/default/snort). Please review the new " +"configuration and remove the obsolete one. Until you do this, the init.d " +"script will not use the new configuration and you will not take advantage of " +"the benefits introduced in newer releases." +msgstr "" + +#. Type: boolean +#. Description +#: ../snort-mysql.templates:114 +msgid "Do you want to set up a database for snort-mysql to log to?" +msgstr "" +"Você deseja configurar uma base de dados para o snort-mysql armazenar seus " +"logs ?" + +#. Type: boolean +#. Description +#: ../snort-mysql.templates:114 +msgid "" +"You only need to do this the first time you install snort-mysql. Before you " +"go on, make sure you have (1) the hostname of a machine running a mysql " +"server set up to allow tcp connections from this host, (2) a database on " +"that server, (3) a username and password to access the database. If you " +"don't have _all_ of these, either select 'no' and run with regular file " +"logging support, or fix this first. You can always configure database " +"logging later, by reconfiguring the snort-mysql package with 'dpkg-" +"reconfigure -plow snort-mysql'" +msgstr "" +"Você precisa fazer isso somente na primeira vez que você instalar o snort-" +"mysql. Antes de prosseguir, certifique-se de possuir (1) o hostname da " +"máquina executando um servidor mysql, configurado para permitir conexões tcp " +"originadas desse host, (2) uma base de dados nesse servidor, (3) um nome de " +"usuário e senha para acessar a base de dados. Caso você não tenha _tudo_ " +"isso, selecione 'não' e execute o snort com o suporte comum de logging em " +"arquivo ou providencie tudo o que é necessário antecipadamente. Você poderá " +"sempre configurar o logging em base de dados posteriormente, reconfigurando " +"o pacote snort-mysql com o comando 'dpkg-reconfigure -plow snort-mysql'" + +#. Type: note +#. Description +#: ../snort-mysql.templates:126 ../snort-pgsql.templates:125 +#, fuzzy +msgid "Snort needs a configured database to log to before it starts." +msgstr "" +"O Snort depende de um base de dados configuradas para armazenar seus logs." + +#. Type: note +#. Description +#: ../snort-mysql.templates:126 +#, fuzzy +msgid "" +"Snort needs a configured database before it can successfully start up. In " +"order to create the structure you need to run the following commands AFTER " +"the package is installed:\n" +" cd /usr/share/doc/snort-mysql/\n" +" zcat create_mysql.gz | mysql -u -h -p \n" +"Fill in the correct values for the user, host, and database names. MySQL " +"will prompt you for the password." +msgstr "" +"Por favor, crie a estrutura da base de dados agora, usando o comando a " +"seguir :\n" +" cd /usr/share/doc/snort-mysql/\n" +" zcat create_mysql.gz | mysql -u -h -p \n" +"Informando os valores corretos para usuário, host e nome da base de dados. O " +"MySQL irá solicitar a senha." + +#. Type: note +#. Description +#: ../snort-mysql.templates:126 ../snort-pgsql.templates:125 +#, fuzzy +msgid "" +"After you created the database structure, you will need to start Snort " +"manually." +msgstr "" +"Depois de ter criado a estrutura da base de dados, pressione 'ok' para " +"continuar." + +#. Type: string +#. Description +#: ../snort-mysql.templates:140 +msgid "Please enter the hostname of the mysql database server to use." +msgstr "" +"Por favor, informe o hostname do servidor de base de dados mysql a ser " +"utilizado." + +#. Type: string +#. Description +#: ../snort-mysql.templates:140 ../snort-pgsql.templates:139 +msgid "" +"Make sure it has been set up correctly to allow incoming connections from " +"this host!" +msgstr "" +"Certifique-se de ter configurado a base de dados corretamente para permitir " +"conexões originadas deste host !" + +#. Type: string +#. Description +#: ../snort-mysql.templates:146 ../snort-pgsql.templates:145 +msgid "Please enter the name of the database to use." +msgstr "Por favor, informe o nome da base de dados a ser usada." + +#. Type: string +#. Description +#: ../snort-mysql.templates:146 ../snort-pgsql.templates:145 +msgid "" +"Make sure this database has been created and your database user has write " +"access to this database." +msgstr "" +"Certifique-se de que essa base de dados tenha sido criada e que seu usuário " +"tenha acesso de escrita nessa base de dados." + +#. Type: string +#. Description +#: ../snort-mysql.templates:152 ../snort-pgsql.templates:151 +msgid "Please enter the name of the database user you want to use." +msgstr "" +"Por favor, informe o nome do usuário desejado para acessar a base dados." + +#. Type: string +#. Description +#: ../snort-mysql.templates:152 ../snort-pgsql.templates:151 +msgid "Make sure this user has been created and has write access." +msgstr "" +"Certifique-se que esse usuário tenha sido criado e tenha acesso de escrita." + +#. Type: password +#. Description +#: ../snort-mysql.templates:157 ../snort-pgsql.templates:156 +msgid "Please enter the password for the database connection." +msgstr "Por favor, informe a senha para conexão na base de dados." + +#. Type: password +#. Description +#: ../snort-mysql.templates:157 ../snort-pgsql.templates:156 +msgid "Please enter a password to connect to the Snort Alert database." +msgstr "" +"Por favor, informe uma senha para conexão na base de dados de Alertas do " +"Snort." + +#. Type: boolean +#. Description +#: ../snort-pgsql.templates:113 +msgid "Do you want to set up a database for snort-pgsql to log to?" +msgstr "" +"Você deseja configurar uma base de dados para o snort-pgsql armazenar seus " +"logs ?" + +#. Type: boolean +#. Description +#: ../snort-pgsql.templates:113 +msgid "" +"You only need to do this the first time you install snort-pgsql. Before you " +"go on, make sure you have (1) the hostname of a machine running a pgsql " +"server set up to allow tcp connections from this host, (2) a database on " +"that server, (3) a username and password to access the database. If you " +"don't have _all_ of these, either select 'no' and run with regular file " +"logging support, or fix this first. You can always configure database " +"logging later, by reconfiguring the snort-pgsql package with 'dpkg-" +"reconfigure -plow snort-pgsql'" +msgstr "" +"Você precisa fazer isso somente na primeira vez que você instalar o snort-" +"pgsql. Antes de prosseguir, certifique-se de possuir (1) o hostname da " +"máquina executando um servidor pgsql, configurado para permitir conexões tcp " +"originadas desse host, (2) uma base de dados nesse servidor, (3) um nome de " +"usuário e senha para acessar a base de dados. Caso você não tenha _tudo_ " +"isso, selecione 'não' e execute o snort com o suporte comum de logging em " +"arquivo ou providencie tudo o que é necessário antecipadamente. Você poderá " +"sempre configurar o logging em base de dados posteriormente, reconfigurando " +"o pacote snort-pgsql com o comando 'dpkg-reconfigure -plow snort-pgsql'" + +#. Type: note +#. Description +#: ../snort-pgsql.templates:125 +#, fuzzy +msgid "" +"Snort needs a configured database before it can successfully start up. In " +"order to create the structure you need to run the following commands AFTER " +"the package is installed:\n" +" cd /usr/share/doc/snort-pgsql/\n" +" zcat create_postgresql.gz | psql -U -h -W \n" +"Fill in the correct values for the user, host, and database names. " +"PostgreSQL will prompt you for the password." +msgstr "" +"Por favor, crie a estrutura da base de dados agora, usando o comando a " +"seguir :\n" +" cd /usr/share/doc/snort-mysql/\n" +" zcat create_pgsql.gz | psql -U -h -W \n" +"Informando os valores corretos para usuário, host e nome da base de dados. O " +"PostgreSQL irá solicitar a senha." + +#. Type: string +#. Description +#: ../snort-pgsql.templates:139 +msgid "Please enter the hostname of the pgsql database server to use." +msgstr "" +"Por favor, informe o hostname do servidor de base de dados pgsql a ser " +"utilizado." + +#. Type: note +#. Description +#: ../snort-common.templates:3 +msgid "Your configuration file is deprecated" +msgstr "" + +#. Type: note +#. Description +#: ../snort-common.templates:3 +msgid "" +"Your Snort configuration file (/etc/snort/snort.conf) uses deprecated " +"options no longer available for this Snort release. Snort will not be able " +"to start unless you provide a correct configuration file. You can substitute " +"your configuration file with the one provided in this package or fix it " +"manually by removing deprecated options." +msgstr "" + +#. Type: note +#. Description +#: ../snort-common.templates:3 +msgid "" +"The following deprecated options were found in your configuration file: " +"${DEP_CONFIG}" +msgstr "" + +#, fuzzy +#~ msgid "" +#~ "Please enter the name(s) of the interface(s) which Snort should listen " +#~ "on. The names of the available interfaces are provided by either running " +#~ "'ip link show' of 'ifconfig'. This value usually is 'eth0', but you might " +#~ "want to vary this depending on your environment, if you are using a " +#~ "dialup connection 'ppp0' might be more appropiate." +#~ msgstr "" +#~ "Por favor, informe o nome da interface na qual o snort deverá ouvir. O " +#~ "nome das interfaces disponíveis podem ser visualizados executando-se o " +#~ "comando 'ip link show'. Esse valor geralmente é 'eth0', mas você pode " +#~ "querer variar isso dependendo de seu ambiente, caso você esteja usando " +#~ "uma conexão discada, 'ppp0' pode ser mais apropriado." + +#~ msgid "On which interface should Snort listen?" +#~ msgstr "Em qual interface de rede o Snort deve ouvir ?" + +#~ msgid "" +#~ "Please enter the interface name which snort should listen on. The name of " +#~ "the available interfaces are provided by running 'ip link show'. This " +#~ "value usually is 'eth0', but you might want to vary this depending on " +#~ "your environment, if you are using a dialup connection 'ppp0' might be " +#~ "more appropiate." +#~ msgstr "" +#~ "Por favor, informe o nome da interface na qual o snort deverá ouvir. O " +#~ "nome das interfaces disponíveis podem ser visualizados executando-se o " +#~ "comando 'ip link show'. Esse valor geralmente é 'eth0', mas você pode " +#~ "querer variar isso dependendo de seu ambiente, caso você esteja usando " +#~ "uma conexão discada, 'ppp0' pode ser mais apropriado." + +#~ msgid "" +#~ "Notice that Snort is usually configured to inspect all traffic coming " +#~ "from the Internet, so the interface you add here is usually the same the " +#~ "'default route' is on. You can determine which interface is used for " +#~ "this running either 'ip route show' or '/sbin/route -n' (look for " +#~ "'default' or '0.0.0.0')." +#~ msgstr "" +#~ "Note que o Snort é geralmente configurado para inspecionar todo tráfego " +#~ "chegando da Internet, de modo que a interface que você adicionar aqui " +#~ "geralmente é a mesma onde a 'rota padrão' está. Você pode determinar qual " +#~ "interface é usada para isso executando o comando '/sbin/ip ro sh' ou '/" +#~ "sbin/route -n' (procure por 'default' ou '0.0.0.0')." + +#~ msgid "Should Snort disable promiscous mode on the interface?" +#~ msgstr "O Snort deve desabilitar o modo promíscuo na interface ?" + +#~ msgid "On which interface Snort should listen? (only one!)" +#~ msgstr "Em qual interface de rede o Snort deve ouvir ? (somente uma !)" + +#~ msgid "What address range should Snort consider to be local?" +#~ msgstr "Qual faixa de endereços o Snort deve considerar local ?" + +#~ msgid "" +#~ "You have to use CIDR form, i.e. 192.168.1.0/24 for a block of 256 IPs or " +#~ "192.168.1.42/32 for just one. Specify multiple addresses on a single " +#~ "line, seperated by ',' (comma characters). No spaces allowed!" +#~ msgstr "" +#~ "Você precisa usar o formato CIDR, ou seja, 192.168.1.0/24 para um bloco " +#~ "de 256 IPs ou 192.168.1.42/32 para um único host. Especifique múltiplos " +#~ "endereços em uma única linha, separados por ',' (caracter de vírgula). " +#~ "Espaços não são permitidos !" + +#~ msgid "" +#~ "Disabling the promiscuous mode means that Snort will only see packets " +#~ "addressed to its own interface. Enabling allows it to check every packet " +#~ "that passes the ethernet even if it's a connection between two other " +#~ "computers" +#~ msgstr "" +#~ "Desabilitar o modo promíscuo significa que o Snort irá somente ver " +#~ "pacotes destinados a sua própria interface. Habilitar o modo promíscuo " +#~ "permitirá que o Snort cheque cada pacote que passa pela ethernet mesmo " +#~ "caso os pacotes façam parte de uma conexão entre dois outros computadores." + +#~ msgid "When should snort be started?" +#~ msgstr "Quando o Snort deve ser iniciado ?" + +#~ msgid "Please enter the address range that snort will listen on." +#~ msgstr "" +#~ "Por favor especifique a faixa de endereços na qual o Snort irá ouvir." + +#~ msgid "" +#~ "You have to use CIDR form, i.e. 192.168.1.0/24 for a block of 256 IPs or " +#~ "192.168.1.42/32 for just one. Specify multiple addresses on a single " +#~ "line, separated by ',' (comma characters). No spaces allowed!" +#~ msgstr "" +#~ "Você precisará usar a notação CIDR, ou seja, 192.168.1.0/24 para um bloco " +#~ "de 256 IPs ou 192.168.1.42/32 para um único host. Especifique múltiplos " +#~ "endereços em uma única linha separados por ',' (caracter vírgula). " +#~ "Espaços não são permitidos !" + +#~ msgid "" +#~ "Disabling the promiscuous mode means that snort will only see packets " +#~ "addressed to it's own interface. Enabling allows it to check every packet " +#~ "that passes the ethernet even if it's a connection between two other " +#~ "computers" +#~ msgstr "" +#~ "Desabilitar o modo promíscuo significa que o Snort irá somente ver " +#~ "pacotes destinados a sua própria interface. Habilitar o modo promíscuo " +#~ "permitirá que o Snort cheque cada pacote que passa pela ethernet mesmo " +#~ "caso os pacotes façam parte de uma conexão entre dois outros computadores." + +#~ msgid "Should snort's rules testing order be changed to Pass|Alert|Log?" +#~ msgstr "" +#~ "A ordem de teste das regras do Snort devem ser mudadas para Passar|" +#~ "Alertar|Logar ?" + +#~ msgid "" +#~ "If you change snort's rules testing order to Pass|Alert|Log, they will be " +#~ "applied in Pass->Alert->Log order, instead of standard Alert->Pass->Log. " +#~ "This will prevent people from having to make huge BPF command line " +#~ "arguments to filter their alert rules." +#~ msgstr "" +#~ "Caso você mude a ordem de teste das regras do Snort para Passar|Alertar|" +#~ "Logar as regras serão aplicadas na ordem Passar->Alertar->Logar ao invés " +#~ "da ordem padrão Alertar->Passar->Logar. Isso evitará que os usuários do " +#~ "Snort tenham que fazer grandes argumentos de linha de comando BFP para " +#~ "filtrar suas regras de alerta." + +#~ msgid "" +#~ "You only need to do this the first time you install snort-pgsql. Before " +#~ "you go on, make sure you have the following things at hand: - The " +#~ "hostname of a machine running a pgsql server, set up to allow TCP\n" +#~ " connections to the database (from this host).\n" +#~ "- A database on the database server - A username and password for a user " +#~ "that has write access to this database. If you don't have _all_ of these, " +#~ "either select 'no' and run with regular file logging support, or fix this " +#~ "first. You can always configure database logging later, by reconfiguring " +#~ "the snort-pgsql package." +#~ msgstr "" +#~ "Você precisa fazer isso somente na primeira vez que você instalar o Snort-" +#~ "MySQL. Antes de prosseguir, certifique-se de ter em mãos as seguintes " +#~ "informações : \n" +#~ "- O hostname da máquina onde se encontra o servidor PostgreSQL, " +#~ "configurado para permitir conexões TCP originadas desse host.\n" +#~ "- Uma base de dados nesse servidor PostgreSQL.\n" +#~ "- Um nome de usuário que possua acesso de escrita na base dados e sua " +#~ "senha.\n" +#~ " . Caso você não possua _tudo_ isso, selecione 'Não' e execute o Snort " +#~ "com o suporte comum de logging em arquivo ou providencie tudo o que é " +#~ "necessário antecipadamente. Você poderá sempre configurar o logging em " +#~ "base de dados posteriormente, reconfigurando o pacote snort-pgsql." + +#~ msgid "" +#~ "Please create the database structure now, using the following command:\n" +#~ " cd /usr/share/doc/snort-pgsql/\n" +#~ " zcat create_postgresql.gz | psql -u -h \n" +#~ "Filling in the correct values for the user, host, and database names. The " +#~ "pgsql tool will prompt you for the password." +#~ msgstr "" +#~ "Por favor crie a estrutura da base de dados agora, usando o comando a " +#~ "seguir :\n" +#~ " cd /usr/share/doc/snort-pgsql/\n" +#~ " zcat create_postgresql.gz | psql -u -h \n" +#~ "Informando os valores corretos para usuário, host e nome da base de " +#~ "dados. O PostgreSQL irá solicitar a senha." + +#~ msgid "Please enter the password for the database connection" +#~ msgstr "" +#~ "Por favor informe a senha a ser usada pelo Snort para a conexão com a " +#~ "base de dados" + +#~ msgid "Please enter a password to connect to the SNORT Alert database" +#~ msgstr "" +#~ "Por favor informe uma senha para se conectar a base de dados de Alertas " +#~ "do Snort." + +#~ msgid "You are running snort manually." +#~ msgstr "Você está executando o Snort manualmente." + +#~ msgid "" +#~ "Please restart snort using:\n" +#~ " /etc/init.d/snort start\n" +#~ "to let the settings take effect." +#~ msgstr "" +#~ "Por favor reinicie o Snort usando :\n" +#~ " /etc/init.d/snort start\n" +#~ "para fazer com que as configurações tenham efeito." + +#~ msgid "MIB-File addition for snmpd" +#~ msgstr "Adição de Arquivo-MIB para o snmpd" + +#~ msgid "" +#~ "Snort-common comes with two MIB-files for your snmpd to load, so it knows " +#~ "about Snort's information. It is impossible for me to add these MIB-files " +#~ "to your snmpd automatically. So if you want to have snort information " +#~ "from your snmpd, please read the documentation that came with your snmpd " +#~ "on how to install external MIB additions." +#~ msgstr "" +#~ "O Snort-common é fornecido com dois arquivos-MIB para seu servidor snmpd " +#~ "carregar, de forma que seu servidor snmpd obtenha informações sobre o " +#~ "Snort. É impossível para esse assistente adicionar esses arquivos-MIB " +#~ "automaticamente em seu snmpd. Portanto caso você queira obter informações " +#~ "do Snort a partir de seu snmpd, por favor leia a documentação que " +#~ "acompanha seu snmpd sobre como instalar adições MIB externas." + +#~ msgid "Snort-common placed these two MIB-files in /usr/share/snmp/mibs/" +#~ msgstr "" +#~ "O Snort-common colocou esses dois arquivos-MIB em /usr/share/snmpd/mibs/" + +#~ msgid "eth0" +#~ msgstr "eth0" + +#~ msgid "192.168.0.0/16" +#~ msgstr "192.168.0.0/16" + +#~ msgid "root" +#~ msgstr "root" + +#~ msgid "1" +#~ msgstr "1" --- snort-2.3.3.orig/debian/po/nl.po +++ snort-2.3.3/debian/po/nl.po @@ -0,0 +1,684 @@ +# Translators, if you are not familiar with the PO format, gettext +# documentation is worth reading, especially sections dedicated to +# this format, e.g. by running: +# info -n '(gettext)PO Files' +# info -n '(gettext)Header Entry' +# Some information specific to po-debconf are available at +# /usr/share/doc/po-debconf/README-trans +# or http://www.debian.org/intl/l10n/po-debconf/README-trans +# Developers do not need to manually edit POT or PO files. +# Bart Cornelis , 2005. +# +# +msgid "" +msgstr "" +"Project-Id-Version: snort\n" +"Report-Msgid-Bugs-To: jfs@computer.org\n" +"POT-Creation-Date: 2006-03-22 09:15+0100\n" +"PO-Revision-Date: 2005-11-27 11:45+0100\n" +"Last-Translator: Peter Vandenabeele \n" +"Language-Team: debian-l10n-dutch \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=iso-8859-15\n" +"Content-Transfer-Encoding: 8bit\n" + +# Type: select +# Choices +#. Type: select +#. Choices +#: ../snort.templates:3 ../snort-mysql.templates:3 ../snort-pgsql.templates:3 +msgid "boot, dialup, manual" +msgstr "bij het opstarten, bij het inbellen, handmatig" + +# Type: select +# Description +#. Type: select +#. Description +#: ../snort.templates:5 ../snort-mysql.templates:5 ../snort-pgsql.templates:5 +msgid "When should Snort be started?" +msgstr "Wanneer dient Snort opgestart te worden?" + +# Type: select +# Description +#. Type: select +#. Description +#: ../snort.templates:5 ../snort-mysql.templates:5 ../snort-pgsql.templates:5 +msgid "" +"Snort can be started during boot, when connecting to the net with pppd or " +"only when you manually start it via /usr/sbin/snort." +msgstr "" +"Snort kan opgestart worden tijdens het opstarten van de computer, bij het " +"openen van de netwerkverbinding door pppd of wanneer u het handmatig opstart." +"via /usr/bin/snort." + +# Type: string +# Description +#. Type: string +#. Description +#: ../snort.templates:12 ../snort-mysql.templates:12 +#: ../snort-pgsql.templates:12 +msgid "On which interface(s) should Snort listen?" +msgstr "Op welke interface(s) moet Snort luisteren?" + +#. Type: string +#. Description +#: ../snort.templates:12 ../snort-mysql.templates:12 +#: ../snort-pgsql.templates:12 +msgid "" +"Please enter the name(s) of the interface(s) which Snort should listen on. " +"The names of the available interfaces are provided by either running 'ip " +"link show' of 'ifconfig'. This value usually is 'eth0', but you might want " +"to vary this depending on your environment, if you are using a dialup " +"connection 'ppp0' might be more appropiate." +msgstr "" +"Gelieve de naam in te geven van de interface(s) waarop Snort dient te " +"luisteren. U komt de namen van beschikbare interfaces te weten met het " +"commando 'ip link show' of 'ifconfig'. Gewoonlijk is deze waarde 'eth0', " +"maar afhankelijk van uw omgeving wilt u dit misschien aanpassen. Als u een " +"inbelverbinding gebruikt, is 'ppp0' waarschijnlijk meer van toepassing." + +#. Type: string +#. Description +#: ../snort.templates:12 ../snort-mysql.templates:12 +#: ../snort-pgsql.templates:12 +msgid "" +"Notice that Snort is usually configured to inspect all traffic coming from " +"the Internet, so the interface you add here is usually the same the 'default " +"route' is on. You can determine which interface is used for this running " +"either '/sbin/ip ro sh' or '/sbin/route -n' (look for 'default' or " +"'0.0.0.0')." +msgstr "" +"Merk op dat snort normaal ingesteld is om alle van het Internet afkomstige " +"verkeer te onderzoeken. Bijgevolg is de hier opgegeven interface normaal " +"dezelfde die de 'default route' heeft. Om te bepalen welke interface " +"gebruikt wordt, kunt u '/sbin/ip ro sh' of '/sbin/route -n' uitvoeren (zoek " +"naar 'default' of '0.0.0.0')." + +#. Type: string +#. Description +#: ../snort.templates:12 ../snort-mysql.templates:12 +#: ../snort-pgsql.templates:12 +msgid "" +"It is also not uncommon to run Snort on an interface with no IP and " +"configured in promiscuous mode, if this is your case, select the interface " +"in this system that is physically connected to the network you want to " +"inspect, enable promiscuous mode later on and make sure that the network " +"traffic is sent to this interface (either connected to a 'port mirroring/" +"spanning' port in a switch, to a hub or to a tap)" +msgstr "" +"Het is ook niet ongewoon om Snort te draaien op een interface zonder IP en " +"geconfigureerd in promiscue modus. In dat geval selecteert u de interface " +"die fysiek verbonden is met het netwerk dat u wilt onderzoeken, activeert u " +"later de promiscue modus en verzekert u zich ervan dat het netwerkverkeer " +"naar deze interface verzonden wordt (dus deze dient verbonden te zijn via " +"een 'port mirroring/spanning'-poort op een switch, via een hub, of via een " +"tap)" + +#. Type: string +#. Description +#: ../snort.templates:12 ../snort-mysql.templates:12 +#: ../snort-pgsql.templates:12 +msgid "" +"You can configure multiple interfaces here, just by adding more than one " +"interface name separated by spaces. Each interface can have its specific " +"configuration." +msgstr "" +"U kunt hier verschillende interfaces definiëren, door meer dan één naam van " +"een interface te vermelden, gescheiden door spaties. Elke interface kan zijn " +"eigen specifieke configuratie hebben." + +# Type: string +# Description +#. Type: string +#. Description +#: ../snort.templates:40 ../snort-mysql.templates:40 +#: ../snort-pgsql.templates:40 +msgid "Please enter the address range that Snort will listen on." +msgstr "Op welk adresbereik dient Snort te luisteren?" + +# Type: string +# Description +#. Type: string +#. Description +#: ../snort.templates:40 ../snort-mysql.templates:40 +#: ../snort-pgsql.templates:40 +msgid "" +"You have to use CIDR form, i.e. 192.168.1.0/24 for a block of 256 IPs or " +"192.168.1.42/32 for just one. Specify multiple addresses on a single line " +"separated by ',' (comma characters), no spaces allowed!" +msgstr "" +"U dient de CIDR-vorm te gebruiken (dit is 192.168.1.0/24 voor een blok van " +"256 IP-adressen of 192.168.1.42/32 voor één enkel IP-adres). U kunt meerdere " +"adressen opgeven op één regel door ze te scheiden met kommas; spaties zijn " +"hierbij niet toegestaan!" + +# Type: string +# Description +#. Type: string +#. Description +#: ../snort.templates:40 ../snort-mysql.templates:40 +#: ../snort-pgsql.templates:40 +msgid "" +"If you want you can specify 'any', to not trust any side of the network." +msgstr "" +"Wanneer u geen enkel deel van het netwerk wilt vertrouwen, kunt 'any' " +"opgeven." + +#. Type: string +#. Description +#: ../snort.templates:40 ../snort-mysql.templates:40 +#: ../snort-pgsql.templates:40 +msgid "" +"Notice that if you are using multiple interfaces this definition will be " +"used as the HOME_NET definition of all of them." +msgstr "" +"Merk op dat als u meerdere interfaces gebruikt, deze definitie gebruikt zal " +"worden als de HOME_NET definitie van al deze interfaces." + +# Type: boolean +# Description +#. Type: boolean +#. Description +#: ../snort.templates:53 ../snort-mysql.templates:53 +#: ../snort-pgsql.templates:53 +msgid "Should Snort disable promiscuous mode on the interface?" +msgstr "Wilt u dat Snort de promiscue modus van de interface uitschakelt?" + +# Type: boolean +# Description +#. Type: boolean +#. Description +#: ../snort.templates:53 ../snort-mysql.templates:53 +#: ../snort-pgsql.templates:53 +msgid "" +"Disabling promiscuous mode means that Snort will only see packets addressed " +"to it's own interface. Enabling it allows Snort to check every packet that " +"passes ethernet segment even if it's a connection between two other " +"computers." +msgstr "" +"Uitschakelen van de promiscue modus betekent dat Snort enkel die pakketten " +"ziet die bestemd zijn voor zijn eigen interface. Het inschakelen van de " +"promiscue modus laat Snort toe om elk op dit ethernet-segment langskomend " +"pakket te controleren, zelfs als het een pakket is van een verbinding tussen " +"twee andere computers." + +#. Type: boolean +#. Description +#: ../snort.templates:53 ../snort-mysql.templates:53 +#: ../snort-pgsql.templates:53 +msgid "" +"Disable promiscuous mode if you are configuring Snort on an interface " +"without a configured IP address." +msgstr "" +"Als u Snort instelt op een interface zonder IP-adres dient u de promiscue " +"modus uit te schakelen." + +#. Type: note +#. Description +#: ../snort.templates:64 +msgid "Invalid interface" +msgstr "" + +#. Type: note +#. Description +#: ../snort.templates:64 +msgid "" +"One of the interfaces you specified is not valid (it might not exist on the " +"system or be down). Please introduce a valid interface when answering the " +"question of which interface(s) should Snort listen on." +msgstr "" + +#. Type: note +#. Description +#: ../snort.templates:64 +msgid "" +"If you did not configure an interface then the package is trying to use the " +"default ('eth0') which does not seem to be valid in your system." +msgstr "" + +# Type: boolean +# Description +#. Type: boolean +#. Description +#: ../snort.templates:75 ../snort-mysql.templates:65 +#: ../snort-pgsql.templates:65 +msgid "Should Snort's rules testing order be changed to Pass|Alert|Log?" +msgstr "" +"Moet de volgorde van het testen van de regels van Snort aangepast worden " +"naar Pass|Alert|Log (doorlaten|alarmeren|loggen) ?" + +# Type: boolean +# Description +#. Type: boolean +#. Description +#: ../snort.templates:75 ../snort-mysql.templates:65 +#: ../snort-pgsql.templates:65 +msgid "" +"If you change Snort's rules testing order to Pass|Alert|Log, they will be " +"applied in Pass->Alert->Log order, instead of standard Alert->Pass->Log. " +"This will prevent people from having to make huge Berky Packet Filter " +"command line arguments to filter their alert rules." +msgstr "" +"Wanneer u de volgorde van het testen van de regels van Snort verandert naar " +"'Pass|Alert|Log', zullen de regels toegepast worden in de volgorde Pass-" +">Alert->Log, in plaats van Alert->Pass->Log. Dit voorkomt dat men enorme " +"'Berky Packet Filter' commandoregel-argumenten dient te gebruiken om de " +"'alert'-regels uit te filteren." + +#. Type: boolean +#. Description +#: ../snort.templates:84 ../snort-mysql.templates:74 +#: ../snort-pgsql.templates:74 +msgid "Should daily summaries be sent by e-mail?" +msgstr "" + +#. Type: boolean +#. Description +#: ../snort.templates:84 ../snort-mysql.templates:74 +#: ../snort-pgsql.templates:74 +msgid "" +"This Snort installation provides a cron job that runs daily and summarises " +"the information of Snort logs to a selected email address. If you want to " +"disable this feature say 'no' here." +msgstr "" + +# Type: string +# Description +#. Type: string +#. Description +#: ../snort.templates:92 ../snort-mysql.templates:82 +#: ../snort-pgsql.templates:82 +msgid "Who should receive the daily statistics mails?" +msgstr "Naar wie dienen de dagelijkse statistieken verstuurd te worden?" + +#. Type: string +#. Description +#: ../snort.templates:92 ../snort-mysql.templates:82 +#: ../snort-pgsql.templates:82 +msgid "" +"A cron job running daily will summarise the information of the logs " +"generated by Snort using a script called 'snort-stat'. Introduce here the " +"recipient of these mails. The default value is the system administrator. If " +"you keep this value, make sure that the mail of the administrator is " +"redirected to a user that actually reads those mails." +msgstr "" +"Een dagelijks uitgevoerde taak (cron job) vat de informatie in de door snort " +"gegenereerde logboeken samen met een script (genaamd 'snort-stat'). Hier " +"geeft u aan wie deze e-mails zal ontvangen. De standaardwaarde is de " +"systeembeheerder. Als u dit zo laat, dient u ervoor te zorgen dat de e-mail " +"van de beheerder omgeleid wordt naar een gebruiker die deze berichten ook " +"daadwerkelijk nakijkt." + +# Type: string +# Description +#. Type: string +#. Description +#: ../snort.templates:102 ../snort-mysql.templates:93 +#: ../snort-pgsql.templates:92 +msgid "" +"If you want to specify custom options to Snort, please specify them here." +msgstr "" +"Als u speciale opties aan Snort wil meegeven, kunt u deze hier opgeven." + +# Type: string +# Description +#. Type: string +#. Description +#: ../snort.templates:107 ../snort-mysql.templates:98 +#: ../snort-pgsql.templates:97 +msgid "" +"An alert needs to appear more times than this number to be included in the " +"daily statistics." +msgstr "" +"Opdat een waarschuwing weergegeven zou worden in de dagelijkse statistieken " +"dient het vaker dan het hier opgeven aantal keer voor te komen." + +# Type: note +# Description +#. Type: note +#. Description +#: ../snort.templates:111 ../snort-mysql.templates:162 +#: ../snort-pgsql.templates:161 +msgid "You are running Snort manually." +msgstr "U voert Snort handmatig uit." + +# Type: note +# Description +#. Type: note +#. Description +#: ../snort.templates:111 ../snort-mysql.templates:162 +#: ../snort-pgsql.templates:161 +msgid "" +"Please restart Snort using:\n" +" /etc/init.d/snort start\n" +"to let the settings take effect." +msgstr "" +"Gelieve Snort te herstarten via:\n" +" /etc/init.d/snort restart\n" +"om de instellingen in werking te doen treden." + +#. Type: note +#. Description +#: ../snort.templates:118 ../snort-mysql.templates:169 +#: ../snort-pgsql.templates:168 +msgid "There is an error in your configuration" +msgstr "Er is een fout in uw configuratie" + +#. Type: note +#. Description +#: ../snort.templates:118 ../snort-mysql.templates:169 +#: ../snort-pgsql.templates:168 +msgid "" +"Your Snort configuration is not correct and Snort will not be able to start " +"up normally. Please review your configuration and fix it. If you do not do " +"this, Snort package upgrades will probably break. To check which error is " +"being generated run '/usr/sbin/snort -T -c /etc/snort/snort.conf' (or point " +"to an alternate configuration file if you are using different files for " +"different interfaces)" +msgstr "" +"Uw Snort configuratie is niet correct en Snort zal niet in staat zijn om " +"normaal op te starten. Gelieve uw configuratiebestand na te kijken en te " +"corrigeren. Als u dit niet doet, zullen latere opwaarderingen vermoedelijk " +"niet correct werken. Voer dan '/usr/sbin/snort -T -c /etc/snort/snort.conf' " +"uit om te controleren welke fout wordt gegenereerd (of verwijs naar een " +"alternatief configuratiebestand als u verschillende configuratiebestanden " +"gebruikt voor verschillende interfaces)." + +#. Type: note +#. Description +#: ../snort.templates:128 ../snort-mysql.templates:179 +#: ../snort-pgsql.templates:178 +msgid "This system uses an obsolete configuration file" +msgstr "Dit systeem gebruikt een verouderd configuratie bestand" + +#. Type: note +#. Description +#: ../snort.templates:128 ../snort-mysql.templates:179 +#: ../snort-pgsql.templates:178 +msgid "" +"Your system has an obsolete configuration file (/etc/snort/snort.common." +"parameters) which has been automatically converted into the new " +"configuration file format (at /etc/default/snort). Please review the new " +"configuration and remove the obsolete one. Until you do this, the init.d " +"script will not use the new configuration and you will not take advantage of " +"the benefits introduced in newer releases." +msgstr "" +"Uw systeem heeft een verouderd configuratiebestand (/etc/snort/snort.common." +"parameters) dat nu automatisch is omgezet in een nieuw " +"configuratiebestandsformaat (in /etc/default/snort). Kijkt u aub het nieuwe " +"configuratiebestand na en verwijder het verouderde bestand. Tot u dit doet, " +"zal het init.d script de nieuwe configratie niet gebruiken en zal u niet " +"kunnen genieten van de voordelen die de nieuwere versies bieden." + +#. Type: note +#. Description +#: ../snort-mysql.templates:102 +msgid "" +"Your system has an obsolete configuration file (/etc/snort/snort.common." +"parameters) which has been automatically converted into the new " +"configuration file format (at /etc/default/snort). Please review the new " +"configuration and remove the obsolete one. Until you do this, the init.d " +"script will not use the new configuration and you will not take advantage of " +"the benefits introduced in newer releases." +msgstr "" +"Uw systeem heeft een verouderd configratiebestand (/etc/snort/snort.common." +"parameters) dat automatisch is omgezet in het nieuwe " +"configuratiebestandsformaat (in /etc/default/snort). Gelieve de nieuwe " +"configuratie na te kijken en de verouderde configuratie te verwijderen. " +"Zolang dit niet is gebeurd, zal het init.d script de nieuwe configuratie " +"niet gebruiken en zal u geen gebruik kunnen maken van de voordelen die zijn " +"geintroduceerd in de nieuwe versies." + +# Type: boolean +# Description +#. Type: boolean +#. Description +#: ../snort-mysql.templates:114 +msgid "Do you want to set up a database for snort-mysql to log to?" +msgstr "" +"Wilt u een een database opzetten waar snort-mysql het logboek in kan " +"bijhouden?" + +# Type: boolean +# Description +#. Type: boolean +#. Description +#: ../snort-mysql.templates:114 +msgid "" +"You only need to do this the first time you install snort-mysql. Before you " +"go on, make sure you have (1) the hostname of a machine running a mysql " +"server set up to allow tcp connections from this host, (2) a database on " +"that server, (3) a username and password to access the database. If you " +"don't have _all_ of these, either select 'no' and run with regular file " +"logging support, or fix this first. You can always configure database " +"logging later, by reconfiguring the snort-mysql package with 'dpkg-" +"reconfigure -plow snort-mysql'" +msgstr "" +"Dit dient enkel de eerste keer dat u snort-mysql installeert te gebeuren. " +"Voordat u verder gaat, dient u over de volgende informatie te beschikken:\n" +" (1) de computernaam van een mysql-databaseserver die verbindingen van deze " +"machine aanvaardt\n" +" (2) een database op die server\n" +" (3) een gebruikersnaam en wachtwoord die toegang verlenen tot die " +"database\n" +"Als u niet over _al_ deze informatie beschikt, kunt u daar ofwel eerst voor " +"zorgen, ofwel 'nee' kiezen en het logboek gewoon in een bestand opslaan. U " +"kunt het databaselogboek altijd later instellen via het commando 'dpkg-" +"reconfigure -plow snort-mysql'" + +# Type: note +# Description +#. Type: note +#. Description +#: ../snort-mysql.templates:126 ../snort-pgsql.templates:125 +msgid "Snort needs a configured database to log to before it starts." +msgstr "" +"Snort heeft voor het starten een geconfigureerde database nodig voor het " +"logboek." + +# Type: note +# Description +#. Type: note +#. Description +#: ../snort-mysql.templates:126 +msgid "" +"Snort needs a configured database before it can successfully start up. In " +"order to create the structure you need to run the following commands AFTER " +"the package is installed:\n" +" cd /usr/share/doc/snort-mysql/\n" +" zcat create_mysql.gz | mysql -u -h -p \n" +"Fill in the correct values for the user, host, and database names. MySQL " +"will prompt you for the password." +msgstr "" +"Snort heeft een geconfigureerde database nodig voor het succesvol kan " +"opstarten. Om de structuur aan te maken, moet u volgende commando's " +"uitvoeren NADAT het pakket is geinstalleerd:\n" +" cd /usr/share/doc/snort-mysql/\n" +" zcat create_mysql.gz | mysql -u -h -p \n" +"Hierbij dient u de juiste waarden voor , , en " +" in te vullen. MySQL vraagt u om het wachtwoord." + +# Type: note +# Description +#. Type: note +#. Description +#: ../snort-mysql.templates:126 ../snort-pgsql.templates:125 +msgid "" +"After you created the database structure, you will need to start Snort " +"manually." +msgstr "" +"Nadat u de database struktuur heeft aangemaakt, moet u Snort manueel starten." + +# Type: string +# Description +#. Type: string +#. Description +#: ../snort-mysql.templates:140 +msgid "Please enter the hostname of the mysql database server to use." +msgstr "Wat is de computernaam van de te gebruiken MySQL-databaseserver?" + +# Type: string +# Description +#. Type: string +#. Description +#: ../snort-mysql.templates:140 ../snort-pgsql.templates:139 +msgid "" +"Make sure it has been set up correctly to allow incoming connections from " +"this host!" +msgstr "" +"U dient ervoor te zorgen dat deze correct is ingesteld is om inkomende " +"verbindingen van deze computer te aanvaarden!" + +# Type: string +# Description +#. Type: string +#. Description +#: ../snort-mysql.templates:146 ../snort-pgsql.templates:145 +msgid "Please enter the name of the database to use." +msgstr "Wat is de naam van de te gebruiken database?" + +# Type: string +# Description +#. Type: string +#. Description +#: ../snort-mysql.templates:146 ../snort-pgsql.templates:145 +msgid "" +"Make sure this database has been created and your database user has write " +"access to this database." +msgstr "" +"U dient ervoor te zorgen dat de database aangemaakt is en uw " +"databasegebruiker schrijfrechten heeft voor deze database." + +# Type: string +# Description +#. Type: string +#. Description +#: ../snort-mysql.templates:152 ../snort-pgsql.templates:151 +msgid "Please enter the name of the database user you want to use." +msgstr "Wat is de naam van de te gebruiken databasegebruiker?" + +# Type: string +# Description +#. Type: string +#. Description +#: ../snort-mysql.templates:152 ../snort-pgsql.templates:151 +msgid "Make sure this user has been created and has write access." +msgstr "" +"U dient ervoor te zorgen dat deze gebruiker aangemaakt is en schrijfrechten " +"heeft." + +# Type: password +# Description +#. Type: password +#. Description +#: ../snort-mysql.templates:157 ../snort-pgsql.templates:156 +msgid "Please enter the password for the database connection." +msgstr "Wat is het wachtwoord voor de databaseverbinding?" + +# Type: password +# Description +#. Type: password +#. Description +#: ../snort-mysql.templates:157 ../snort-pgsql.templates:156 +msgid "Please enter a password to connect to the Snort Alert database." +msgstr "" +"Wat is het wachtwoord om verbinding te maken met de Snort-Alertdatabase?" + +# Type: boolean +# Description +#. Type: boolean +#. Description +#: ../snort-pgsql.templates:113 +msgid "Do you want to set up a database for snort-pgsql to log to?" +msgstr "" +"Wilt u een database opzetten waar snort-pgsql het logboek in kan bijhouden?" + +# Type: boolean +# Description +#. Type: boolean +#. Description +#: ../snort-pgsql.templates:113 +msgid "" +"You only need to do this the first time you install snort-pgsql. Before you " +"go on, make sure you have (1) the hostname of a machine running a pgsql " +"server set up to allow tcp connections from this host, (2) a database on " +"that server, (3) a username and password to access the database. If you " +"don't have _all_ of these, either select 'no' and run with regular file " +"logging support, or fix this first. You can always configure database " +"logging later, by reconfiguring the snort-pgsql package with 'dpkg-" +"reconfigure -plow snort-pgsql'" +msgstr "" +"Dit dient enkel de eerste keer dat u snort-pgsql installeert te gebeuren. " +"Voordat u verder gaat, dient u over de volgende informatie te beschikken:\n" +" (1) de computernaam van een pgql-databaseserver die verbindingen van deze " +"machine aanvaardt\n" +" (2) een database op die server\n" +" (3) een gebruikersnaam en wachtwoord die toegang verlenen tot die " +"database\n" +"Als u niet over _al_ deze informatie beschikt, kunt u daar ofwel eerst voor " +"zorgen, ofwel 'nee' kiezen en het logboek gewoon in een bestand opslaan. U " +"kunt het databaselogboek altijd later instellen via het commando 'dpkg-" +"reconfigure -plow snort-pgsql" + +# Type: note +# Description +#. Type: note +#. Description +#: ../snort-pgsql.templates:125 +msgid "" +"Snort needs a configured database before it can successfully start up. In " +"order to create the structure you need to run the following commands AFTER " +"the package is installed:\n" +" cd /usr/share/doc/snort-pgsql/\n" +" zcat create_postgresql.gz | psql -U -h -W \n" +"Fill in the correct values for the user, host, and database names. " +"PostgreSQL will prompt you for the password." +msgstr "" +"Snort heeft een geconfigureerde database nodig voor het succesvol kan " +"opstarten. Om de struktuur aan te maken, moet u volgende commando's " +"uitvoeren NADAT het pakket is geinstalleerd:\n" +" cd /usr/share/doc/snort-pgsql/\n" +" zcat create_postgresql.gz | psql -U -h -W " +"\n" +"Hierbij dient u de juiste waarden voor , , en " +" in te vullen. PostgreSQL vraagt u om het wachtwoord." + +# Type: string +# Description +#. Type: string +#. Description +#: ../snort-pgsql.templates:139 +msgid "Please enter the hostname of the pgsql database server to use." +msgstr "Wat is de computernaam van de te gebruiken pgsql-databaseserver?" + +#. Type: note +#. Description +#: ../snort-common.templates:3 +msgid "Your configuration file is deprecated" +msgstr "Uw configuratiebestand is verouderd" + +#. Type: note +#. Description +#: ../snort-common.templates:3 +msgid "" +"Your Snort configuration file (/etc/snort/snort.conf) uses deprecated " +"options no longer available for this Snort release. Snort will not be able " +"to start unless you provide a correct configuration file. You can substitute " +"your configuration file with the one provided in this package or fix it " +"manually by removing deprecated options." +msgstr "" +"Uw snort-configuratiebestand (/etc/snort/snort.conf) maakt gebruik van " +"verouderde opties die door deze versie niet meer ondersteund worden. Met een " +"onjuist configuratiebestand kan snort niet opstarten. U kunt uw bestaande " +"configuratiebestand vervangen met het door dit pakket meegeleverde bestand, " +"of u kunt de verouderde opties handmatig verwijderen." + +#. Type: note +#. Description +#: ../snort-common.templates:3 +msgid "" +"The following deprecated options were found in your configuration file: " +"${DEP_CONFIG}" +msgstr "" +"De in uw configuratiebestand aangetroffen verouderde opties zijn: " +"${DEP_CONFIG}" --- snort-2.3.3.orig/debian/po/sv.po +++ snort-2.3.3/debian/po/sv.po @@ -0,0 +1,594 @@ +# Translators, if you are not familiar with the PO format, gettext +# documentation is worth reading, especially sections dedicated to +# this format, e.g. by running: +# info -n '(gettext)PO Files' +# info -n '(gettext)Header Entry' +# Some information specific to po-debconf are available at +# /usr/share/doc/po-debconf/README-trans +# or http://www.debian.org/intl/l10n/po-debconf/README-trans +# Developers do not need to manually edit POT or PO files. +# , fuzzy +# +# +msgid "" +msgstr "" +"Project-Id-Version: snort 2.3.3-1\n" +"Report-Msgid-Bugs-To: jfs@computer.org\n" +"POT-Creation-Date: 2006-03-22 09:15+0100\n" +"PO-Revision-Date: 2005-09-30 01:58-0700\n" +"Last-Translator: Daniel Nylander \n" +"Language-Team: Swedish \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=iso-8859-1\n" +"Content-Transfer-Encoding: 8bit\n" + +#. Type: select +#. Choices +#: ../snort.templates:3 ../snort-mysql.templates:3 ../snort-pgsql.templates:3 +msgid "boot, dialup, manual" +msgstr "boot, dialup, manuellt" + +#. Type: select +#. Description +#: ../snort.templates:5 ../snort-mysql.templates:5 ../snort-pgsql.templates:5 +msgid "When should Snort be started?" +msgstr "När ska Snort startas?" + +#. Type: select +#. Description +#: ../snort.templates:5 ../snort-mysql.templates:5 ../snort-pgsql.templates:5 +msgid "" +"Snort can be started during boot, when connecting to the net with pppd or " +"only when you manually start it via /usr/sbin/snort." +msgstr "" +"Snort kan startas vid uppstart, när uppkoppling mot nätverk sker (pppd) " +"eller bara när du manuellt startat den med /usr/sbin/snort." + +#. Type: string +#. Description +#: ../snort.templates:12 ../snort-mysql.templates:12 +#: ../snort-pgsql.templates:12 +msgid "On which interface(s) should Snort listen?" +msgstr "På vilket/vilka interface ska Snort lyssna?" + +#. Type: string +#. Description +#: ../snort.templates:12 ../snort-mysql.templates:12 +#: ../snort-pgsql.templates:12 +msgid "" +"Please enter the name(s) of the interface(s) which Snort should listen on. " +"The names of the available interfaces are provided by either running 'ip " +"link show' of 'ifconfig'. This value usually is 'eth0', but you might want " +"to vary this depending on your environment, if you are using a dialup " +"connection 'ppp0' might be more appropiate." +msgstr "" +"Ange namn(en) på de interface som Snort ska lyssna på. Namnen på de " +"tillgängliga interfacen får du fram genom att köra 'ip link show' eller " +"'ifconfig'.Detta värde är oftast 'eth0' men du kanske vill välja en annan " +"beroende på din miljö.Om du använder en uppringd förbindelse är antagligen " +"'ppp0' det bästa valet." + +#. Type: string +#. Description +#: ../snort.templates:12 ../snort-mysql.templates:12 +#: ../snort-pgsql.templates:12 +msgid "" +"Notice that Snort is usually configured to inspect all traffic coming from " +"the Internet, so the interface you add here is usually the same the 'default " +"route' is on. You can determine which interface is used for this running " +"either '/sbin/ip ro sh' or '/sbin/route -n' (look for 'default' or " +"'0.0.0.0')." +msgstr "" +"Notera att Snort är normalt konfigurerad att inspektera all trafik som " +"kommer från Internet så interfacet du lägger till här är normalt det samma " +"som din standard gateway är på. Du kan ta fram denna information genom att " +"köra '/sbin/ip ro sh' eller '/sbin/route -n' (leta efter 'default' eller " +"'0.0.0.0')." + +#. Type: string +#. Description +#: ../snort.templates:12 ../snort-mysql.templates:12 +#: ../snort-pgsql.templates:12 +msgid "" +"It is also not uncommon to run Snort on an interface with no IP and " +"configured in promiscuous mode, if this is your case, select the interface " +"in this system that is physically connected to the network you want to " +"inspect, enable promiscuous mode later on and make sure that the network " +"traffic is sent to this interface (either connected to a 'port mirroring/" +"spanning' port in a switch, to a hub or to a tap)" +msgstr "" +"Det är inte helt onormalt att köra Snort på ett interface utan IP-address " +"och som är konfigurerat i promiscuousläge. Om det är det du vill, välj " +"interface på detta system som är fysiskt kopplad till nätverket du vill " +"inspektera. Aktivera promiscuousläget efter det och kontrollera att " +"nätverkstrafiken skickas till detta interface (antingen kopplade till en " +"'port mirror/spanning'-port i en switch, en hub eller en tap)" + +#. Type: string +#. Description +#: ../snort.templates:12 ../snort-mysql.templates:12 +#: ../snort-pgsql.templates:12 +msgid "" +"You can configure multiple interfaces here, just by adding more than one " +"interface name separated by spaces. Each interface can have its specific " +"configuration." +msgstr "" +"Du kan konfigurera flera interface här, bara att lägga till fler än ett " +"interfacenamn separerade med mellanslag. Varje interface kan ha sin egen " +"specifika konfiguration." + +#. Type: string +#. Description +#: ../snort.templates:40 ../snort-mysql.templates:40 +#: ../snort-pgsql.templates:40 +msgid "Please enter the address range that Snort will listen on." +msgstr "Vänligen ange addressrymden som Snort ska lyssna på." + +#. Type: string +#. Description +#: ../snort.templates:40 ../snort-mysql.templates:40 +#: ../snort-pgsql.templates:40 +msgid "" +"You have to use CIDR form, i.e. 192.168.1.0/24 for a block of 256 IPs or " +"192.168.1.42/32 for just one. Specify multiple addresses on a single line " +"separated by ',' (comma characters), no spaces allowed!" +msgstr "" +"Du ska använda CIDR-formatet, typ 192.168.1.0/24 för ett block av 256 IP " +"eller 192.168.1.42/32 för bara en av dom. Specificera flera adresser på " +"samma rad separerade med ',' (komma-tecken), mellanslag är inte tillåtna!" + +#. Type: string +#. Description +#: ../snort.templates:40 ../snort-mysql.templates:40 +#: ../snort-pgsql.templates:40 +msgid "" +"If you want you can specify 'any', to not trust any side of the network." +msgstr "" +"Om du vill kan du specifisera 'any' för att inte lita på någon sida av " +"nätverket." + +#. Type: string +#. Description +#: ../snort.templates:40 ../snort-mysql.templates:40 +#: ../snort-pgsql.templates:40 +msgid "" +"Notice that if you are using multiple interfaces this definition will be " +"used as the HOME_NET definition of all of them." +msgstr "" +"Notera att om du använder flera interface kommer denna definition att " +"användas som HOME_NET definition på alla av dom." + +#. Type: boolean +#. Description +#: ../snort.templates:53 ../snort-mysql.templates:53 +#: ../snort-pgsql.templates:53 +msgid "Should Snort disable promiscuous mode on the interface?" +msgstr "Ska Snort stänga av promiscuousläget på interfacet?" + +#. Type: boolean +#. Description +#: ../snort.templates:53 ../snort-mysql.templates:53 +#: ../snort-pgsql.templates:53 +msgid "" +"Disabling promiscuous mode means that Snort will only see packets addressed " +"to it's own interface. Enabling it allows Snort to check every packet that " +"passes ethernet segment even if it's a connection between two other " +"computers." +msgstr "" +"Avaktivera promiscuousläget betyder att Snort bara kommer att se paket " +"addresserade till sitt eget interface. Aktivera det tillåter Snort att " +"undersöka varje paket som passerar Ethernet-segmentet även om det är " +"anslutning mellan två andra datorer." + +#. Type: boolean +#. Description +#: ../snort.templates:53 ../snort-mysql.templates:53 +#: ../snort-pgsql.templates:53 +msgid "" +"Disable promiscuous mode if you are configuring Snort on an interface " +"without a configured IP address." +msgstr "" +"Avaktivera promiscuousläget om du konfigurerar Snort på ett interface som " +"inte har en konfigurerad IP-address." + +#. Type: note +#. Description +#: ../snort.templates:64 +msgid "Invalid interface" +msgstr "" + +#. Type: note +#. Description +#: ../snort.templates:64 +msgid "" +"One of the interfaces you specified is not valid (it might not exist on the " +"system or be down). Please introduce a valid interface when answering the " +"question of which interface(s) should Snort listen on." +msgstr "" + +#. Type: note +#. Description +#: ../snort.templates:64 +msgid "" +"If you did not configure an interface then the package is trying to use the " +"default ('eth0') which does not seem to be valid in your system." +msgstr "" + +#. Type: boolean +#. Description +#: ../snort.templates:75 ../snort-mysql.templates:65 +#: ../snort-pgsql.templates:65 +msgid "Should Snort's rules testing order be changed to Pass|Alert|Log?" +msgstr "Ska testordningen för reglerna i Snort ändras til Pass|Alert|Log?" + +#. Type: boolean +#. Description +#: ../snort.templates:75 ../snort-mysql.templates:65 +#: ../snort-pgsql.templates:65 +msgid "" +"If you change Snort's rules testing order to Pass|Alert|Log, they will be " +"applied in Pass->Alert->Log order, instead of standard Alert->Pass->Log. " +"This will prevent people from having to make huge Berky Packet Filter " +"command line arguments to filter their alert rules." +msgstr "" +"Om du ändrar testordningen på Snort's regler till Pass|Alert|Log, kommer de " +"tillämpas i ordningen Pass->Alert->Log istället för standardordningen Alert-" +">Pass->Log. Detta förebygger folk från att skapa stora Berky Packet Filter " +"kommandolinje-argument för att filtrera deras alert-regler." + +#. Type: boolean +#. Description +#: ../snort.templates:84 ../snort-mysql.templates:74 +#: ../snort-pgsql.templates:74 +msgid "Should daily summaries be sent by e-mail?" +msgstr "" + +#. Type: boolean +#. Description +#: ../snort.templates:84 ../snort-mysql.templates:74 +#: ../snort-pgsql.templates:74 +msgid "" +"This Snort installation provides a cron job that runs daily and summarises " +"the information of Snort logs to a selected email address. If you want to " +"disable this feature say 'no' here." +msgstr "" + +#. Type: string +#. Description +#: ../snort.templates:92 ../snort-mysql.templates:82 +#: ../snort-pgsql.templates:82 +msgid "Who should receive the daily statistics mails?" +msgstr "Vem ska ta emot de dagliga e-postrapporterna?" + +#. Type: string +#. Description +#: ../snort.templates:92 ../snort-mysql.templates:82 +#: ../snort-pgsql.templates:82 +msgid "" +"A cron job running daily will summarise the information of the logs " +"generated by Snort using a script called 'snort-stat'. Introduce here the " +"recipient of these mails. The default value is the system administrator. If " +"you keep this value, make sure that the mail of the administrator is " +"redirected to a user that actually reads those mails." +msgstr "" +"Ett cronjob körs dagligen skapar en rapport av information i loggarna som " +"Snort genererar genom ett att köra ett skript som heter 'snort-stat'. Ange " +"här vem som ska ta emot dessa rapporter (via e-post). Standardvärden här är " +"systemadministratören. Om du behåller detta värde, kontrollera att e-posten " +"till administratören är omdirigerad till en användare som har möjlighet att " +"läsa e-posten." + +#. Type: string +#. Description +#: ../snort.templates:102 ../snort-mysql.templates:93 +#: ../snort-pgsql.templates:92 +msgid "" +"If you want to specify custom options to Snort, please specify them here." +msgstr "Om du vill, kan du specifisera egna inställningar för Snort här." + +#. Type: string +#. Description +#: ../snort.templates:107 ../snort-mysql.templates:98 +#: ../snort-pgsql.templates:97 +msgid "" +"An alert needs to appear more times than this number to be included in the " +"daily statistics." +msgstr "" +"Ett alarm behöver dyka upp fler gånger än detta nummer för att bli " +"inkluderade i den dagliga rapporten." + +#. Type: note +#. Description +#: ../snort.templates:111 ../snort-mysql.templates:162 +#: ../snort-pgsql.templates:161 +msgid "You are running Snort manually." +msgstr "Du kör Snort manuellt." + +#. Type: note +#. Description +#: ../snort.templates:111 ../snort-mysql.templates:162 +#: ../snort-pgsql.templates:161 +msgid "" +"Please restart Snort using:\n" +" /etc/init.d/snort start\n" +"to let the settings take effect." +msgstr "" +"Vänligen starta om Snort med:\n" +" /etc/init.d/snort start\n" +"för att ändringarna ska aktiveras." + +#. Type: note +#. Description +#: ../snort.templates:118 ../snort-mysql.templates:169 +#: ../snort-pgsql.templates:168 +msgid "There is an error in your configuration" +msgstr "Det är ett fel i din konfiguration" + +#. Type: note +#. Description +#: ../snort.templates:118 ../snort-mysql.templates:169 +#: ../snort-pgsql.templates:168 +msgid "" +"Your Snort configuration is not correct and Snort will not be able to start " +"up normally. Please review your configuration and fix it. If you do not do " +"this, Snort package upgrades will probably break. To check which error is " +"being generated run '/usr/sbin/snort -T -c /etc/snort/snort.conf' (or point " +"to an alternate configuration file if you are using different files for " +"different interfaces)" +msgstr "" +"Din Snort-konfiguration är inte korrekt och Snort kommer inte att starta upp " +"normalt. Vänligen kontrollera din konfiguration och lös problemen. Om du " +"inte gör något åt detta kommer antagligen uppgraderingar av Snort-paket att " +"fallera. Att kontrollera vad som är fel kan göras med att köra '/usr/sbin/" +"snort -T -c /etc/snort/snort.conf' (eller peka på en alternativ " +"konfigurationsfil om du använder olika filer för olika interface)." + +#. Type: note +#. Description +#: ../snort.templates:128 ../snort-mysql.templates:179 +#: ../snort-pgsql.templates:178 +msgid "This system uses an obsolete configuration file" +msgstr "Detta system använder en gammal konfigurationsfil" + +#. Type: note +#. Description +#: ../snort.templates:128 ../snort-mysql.templates:179 +#: ../snort-pgsql.templates:178 +msgid "" +"Your system has an obsolete configuration file (/etc/snort/snort.common." +"parameters) which has been automatically converted into the new " +"configuration file format (at /etc/default/snort). Please review the new " +"configuration and remove the obsolete one. Until you do this, the init.d " +"script will not use the new configuration and you will not take advantage of " +"the benefits introduced in newer releases." +msgstr "" +"Ditt system har en gammal konfigurationsfil (/etc/snort/snort.common." +"parameters) vilken har blivit automatiskt konverterar till en ny " +"konfigurationsfil med nytt format (i /etc/default/snort). Kontrollera den " +"nya konfiguration och ta bort den gamla. Fram till att du gör detta kommer " +"init.d-skriptet inte använda den nya konfigurationen och du kan inte använda " +"de nya fördelarna i den nya versionen." + +#. Type: note +#. Description +#: ../snort-mysql.templates:102 +msgid "" +"Your system has an obsolete configuration file (/etc/snort/snort.common." +"parameters) which has been automatically converted into the new " +"configuration file format (at /etc/default/snort). Please review the new " +"configuration and remove the obsolete one. Until you do this, the init.d " +"script will not use the new configuration and you will not take advantage of " +"the benefits introduced in newer releases." +msgstr "" +"Ditt system har en gammal konfigurationsfil (/etc/snort/snort.common." +"parameters) vilken har blivit automatiskt konverterar till en ny " +"konfigurationsfil med nytt format (i /etc/default/snort). Kontrollera den " +"nya konfiguration och ta bort den gamla. Fram till att du gör detta kommer " +"init.d-skriptet inte använda den nya konfigurationen och du kan inte använda " +"de nya fördelarna i den nya versionen." + +#. Type: boolean +#. Description +#: ../snort-mysql.templates:114 +msgid "Do you want to set up a database for snort-mysql to log to?" +msgstr "Vill du konfigurera en databas för snort-mysql att logga in på?" + +#. Type: boolean +#. Description +#: ../snort-mysql.templates:114 +msgid "" +"You only need to do this the first time you install snort-mysql. Before you " +"go on, make sure you have (1) the hostname of a machine running a mysql " +"server set up to allow tcp connections from this host, (2) a database on " +"that server, (3) a username and password to access the database. If you " +"don't have _all_ of these, either select 'no' and run with regular file " +"logging support, or fix this first. You can always configure database " +"logging later, by reconfiguring the snort-mysql package with 'dpkg-" +"reconfigure -plow snort-mysql'" +msgstr "" +"Du behöver bara göra detta den första gången du installerar snort-mysql. " +"Före den fortsätter, kontrollera att du har (1) värdnamnet på maskinen som " +"kör MySQL-servern och som tillåter TCP-anslutningar från denna värd, (2) en " +"databas på den server, (3) ett användarnamn och lösenord för att koppla sig " +"mot databasen. Om du inte har _alla_ av dessa, antingen säg 'nej' och kör " +"med vanlig loggning mot fil eller lös problemet. Du kan alltid konfigurera " +"databasloggning senare genom att konfigurera om snort-mysql paketet med " +"kommandot 'dpkg-reconfigure -plow snort-mysql'." + +#. Type: note +#. Description +#: ../snort-mysql.templates:126 ../snort-pgsql.templates:125 +msgid "Snort needs a configured database to log to before it starts." +msgstr "" +"Snort behöver en konfigurerad databas att logga in på före den startas." + +#. Type: note +#. Description +#: ../snort-mysql.templates:126 +msgid "" +"Snort needs a configured database before it can successfully start up. In " +"order to create the structure you need to run the following commands AFTER " +"the package is installed:\n" +" cd /usr/share/doc/snort-mysql/\n" +" zcat create_mysql.gz | mysql -u -h -p \n" +"Fill in the correct values for the user, host, and database names. MySQL " +"will prompt you for the password." +msgstr "" +"Snort behöver en konfigurerad databas före den kan starta korrekt. För att " +"skapa databasstrukturen behöver du köra följande kommandon EFTER att paketet " +"har installerats:\n" +" cd /usr/share/doc/snort-mysql/\n" +" zcat create_mysql.gz | mysql -u -h -p \n" +"Fyll i de korrekta värdena för användaren, värd och databasens namn. MySQL " +"kommer att fråga dig efter lösenordet." + +#. Type: note +#. Description +#: ../snort-mysql.templates:126 ../snort-pgsql.templates:125 +msgid "" +"After you created the database structure, you will need to start Snort " +"manually." +msgstr "" +"Efter att du skapat databasstrukturen behöver du starta Snort manuellt." + +#. Type: string +#. Description +#: ../snort-mysql.templates:140 +msgid "Please enter the hostname of the mysql database server to use." +msgstr "Ange värdnamnet på servern som kör mysql databasen." + +#. Type: string +#. Description +#: ../snort-mysql.templates:140 ../snort-pgsql.templates:139 +msgid "" +"Make sure it has been set up correctly to allow incoming connections from " +"this host!" +msgstr "" +"Kontrollera att den har satts upp korrekt och att den tillåter inkommande " +"uppkopplingar från denna värd!" + +#. Type: string +#. Description +#: ../snort-mysql.templates:146 ../snort-pgsql.templates:145 +msgid "Please enter the name of the database to use." +msgstr "Ange namnet på databasen som ska användas." + +#. Type: string +#. Description +#: ../snort-mysql.templates:146 ../snort-pgsql.templates:145 +msgid "" +"Make sure this database has been created and your database user has write " +"access to this database." +msgstr "" +"Kontrollera att denna databas har skapats och att din databas-användare har " +"skrivrättigheter till denna databas." + +#. Type: string +#. Description +#: ../snort-mysql.templates:152 ../snort-pgsql.templates:151 +msgid "Please enter the name of the database user you want to use." +msgstr "Ange namnet på databas-användaren som ska användas." + +#. Type: string +#. Description +#: ../snort-mysql.templates:152 ../snort-pgsql.templates:151 +msgid "Make sure this user has been created and has write access." +msgstr "Kontrollera att denna användaren har skapats och har skrivrättigheter." + +#. Type: password +#. Description +#: ../snort-mysql.templates:157 ../snort-pgsql.templates:156 +msgid "Please enter the password for the database connection." +msgstr "Ange lösenordet för databasuppkopplingen." + +#. Type: password +#. Description +#: ../snort-mysql.templates:157 ../snort-pgsql.templates:156 +msgid "Please enter a password to connect to the Snort Alert database." +msgstr "Ange ett lösenord för uppkoppling mot Snort's Alert-databas." + +#. Type: boolean +#. Description +#: ../snort-pgsql.templates:113 +msgid "Do you want to set up a database for snort-pgsql to log to?" +msgstr "Vill du konfigurera en databas för snort-pgsql att logga in på?" + +#. Type: boolean +#. Description +#: ../snort-pgsql.templates:113 +msgid "" +"You only need to do this the first time you install snort-pgsql. Before you " +"go on, make sure you have (1) the hostname of a machine running a pgsql " +"server set up to allow tcp connections from this host, (2) a database on " +"that server, (3) a username and password to access the database. If you " +"don't have _all_ of these, either select 'no' and run with regular file " +"logging support, or fix this first. You can always configure database " +"logging later, by reconfiguring the snort-pgsql package with 'dpkg-" +"reconfigure -plow snort-pgsql'" +msgstr "" +"Du behöver bara göra detta den första gången du installerar snort-pgsql. " +"Före den fortsätter, kontrollera att du har (1) värdnamnet på maskinen som " +"kör pgsql-servern och som tillåter TCP-anslutningar från denna värd, (2) en " +"databas på den server, (3) ett användarnamn och lösenord för att koppla sig " +"mot databasen. Om du inte har _alla_ av dessa, antingen säg 'nej' och kör " +"med vanlig loggning mot fil eller lös problemet. Du kan alltid konfigurera " +"databasloggning senare genom att konfigurera om snort-pgsql paketet med " +"kommandot 'dpkg-reconfigure -plow snort-pgsql'." + +#. Type: note +#. Description +#: ../snort-pgsql.templates:125 +msgid "" +"Snort needs a configured database before it can successfully start up. In " +"order to create the structure you need to run the following commands AFTER " +"the package is installed:\n" +" cd /usr/share/doc/snort-pgsql/\n" +" zcat create_postgresql.gz | psql -U -h -W \n" +"Fill in the correct values for the user, host, and database names. " +"PostgreSQL will prompt you for the password." +msgstr "" +"Snort behöver en konfigurerad databas före den kan starta korrekt. För att " +"skapa databasstrukturen behöver du köra följande kommandon EFTER att paketet " +"har installerats:\n" +" cd /usr/share/doc/snort-pgsql/\n" +" zcat create_postgresql.gz | psql -U -h -W \n" +"Fyll i de korrekta värdena för användaren, värd och databasens namn. " +"PostgresSQL kommer att fråga dig efter lösenordet." + +#. Type: string +#. Description +#: ../snort-pgsql.templates:139 +msgid "Please enter the hostname of the pgsql database server to use." +msgstr "Ange värdnamnet på servern som kör pgsql databasen." + +#. Type: note +#. Description +#: ../snort-common.templates:3 +msgid "Your configuration file is deprecated" +msgstr "Din konfigurationsfil är inte användbar" + +#. Type: note +#. Description +#: ../snort-common.templates:3 +msgid "" +"Your Snort configuration file (/etc/snort/snort.conf) uses deprecated " +"options no longer available for this Snort release. Snort will not be able " +"to start unless you provide a correct configuration file. You can substitute " +"your configuration file with the one provided in this package or fix it " +"manually by removing deprecated options." +msgstr "" +"Din Snort-konfigurationsfil (/etc/snort/snort.conf) använder gamla " +"inställningar som inte längre används i denna Snort utgåva. Snort kan inte " +"starta om du har felaktigheter i konfigurationsfilen. Du kan byta ut din " +"konfigurationsfil med den som följer med detta paket eller lösa problemet " +"manuellt genom att ta bort de felaktiga inställningarna." + +#. Type: note +#. Description +#: ../snort-common.templates:3 +msgid "" +"The following deprecated options were found in your configuration file: " +"${DEP_CONFIG}" +msgstr "" +"De följande inställningarna som hittades i din konfigurationsfil är inte " +"längre giltiga: ${DEP_CONFIG}" --- snort-2.3.3.orig/debian/po/ja.po +++ snort-2.3.3/debian/po/ja.po @@ -0,0 +1,618 @@ +# +# Translators, if you are not familiar with the PO format, gettext +# documentation is worth reading, especially sections dedicated to +# this format, e.g. by running: +# info -n '(gettext)PO Files' +# info -n '(gettext)Header Entry' +# +# Some information specific to po-debconf are available at +# /usr/share/doc/po-debconf/README-trans +# or http://www.debian.org/intl/l10n/po-debconf/README-trans +# +# Developers do not need to manually edit POT or PO files. +# +# +msgid "" +msgstr "" +"Project-Id-Version: snort 2.3.2-2\n" +"Report-Msgid-Bugs-To: jfs@computer.org\n" +"POT-Creation-Date: 2006-03-22 09:15+0100\n" +"PO-Revision-Date: 2005-05-14 08:32+0900\n" +"Last-Translator: Hideki Yamane \n" +"Language-Team: Japanese \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=EUC-JP\n" +"Content-Transfer-Encoding: 8bit\n" + +#. Type: select +#. Choices +#: ../snort.templates:3 ../snort-mysql.templates:3 ../snort-pgsql.templates:3 +msgid "boot, dialup, manual" +msgstr "µ¯Æ°»þ, ¥À¥¤¥ä¥ë¥¢¥Ã¥×»þ, ¼êÆ°" + +#. Type: select +#. Description +#: ../snort.templates:5 ../snort-mysql.templates:5 ../snort-pgsql.templates:5 +msgid "When should Snort be started?" +msgstr "¤¤¤Ä Snort ¤òµ¯Æ°¤·¤Þ¤¹¤«?" + +#. Type: select +#. Description +#: ../snort.templates:5 ../snort-mysql.templates:5 ../snort-pgsql.templates:5 +msgid "" +"Snort can be started during boot, when connecting to the net with pppd or " +"only when you manually start it via /usr/sbin/snort." +msgstr "" +"Snort ¤Ï¡¢¥·¥¹¥Æ¥àµ¯Æ°Ãæ¡¢pppd ¤òÍøÍѤ·¤Æ¥Í¥Ã¥È¥ï¡¼¥¯¤ËÀܳ¤·¤¿»þ¡¢¤Þ¤¿¤Ï \"/" +"usr/sbin/snort\" ¤È¼êÆ°¤Ç¼Â¹Ô¤·¤¿»þ¤Î¤ß¡¢¤Î¤¤¤º¤ì¤«¤Çµ¯Æ°¤Ç¤­¤Þ¤¹¡£" + +#. Type: string +#. Description +#: ../snort.templates:12 ../snort-mysql.templates:12 +#: ../snort-pgsql.templates:12 +msgid "On which interface(s) should Snort listen?" +msgstr "Snort ¤Ï¤É¤Î¥¤¥ó¥¿¡¼¥Õ¥§¥¤¥¹¤Ç listen ¤·¤Þ¤¹¤«?" + +#. Type: string +#. Description +#: ../snort.templates:12 ../snort-mysql.templates:12 +#: ../snort-pgsql.templates:12 +#, fuzzy +msgid "" +"Please enter the name(s) of the interface(s) which Snort should listen on. " +"The names of the available interfaces are provided by either running 'ip " +"link show' of 'ifconfig'. This value usually is 'eth0', but you might want " +"to vary this depending on your environment, if you are using a dialup " +"connection 'ppp0' might be more appropiate." +msgstr "" +"Snort ¤¬ listen ¤¹¤Ù¤­¥¤¥ó¥¿¡¼¥Õ¥§¥¤¥¹Ì¾¤òÆþÎϤ·¤Æ¤¯¤À¤µ¤¤¡£»ØÄê²Äǽ¤Ê¥¤¥ó" +"¥¿¡¼¥Õ¥§¥¤¥¹¤Ï 'ip link show' ¤ò¼Â¹Ô¤¹¤ë¤È³Îǧ¤Ç¤­¤Þ¤¹¡£¤³¤ÎÃͤÏÂçÄñ¤Î¾ì¹ç " +"'eth0' ¤Ç¤¹¤¬¡¢¤³¤ì¤Ï´Ä¶­¤Ë¤È¤Æ¤â°Í¸¤¹¤ë¤Î¤Ç¡¢¥À¥¤¥ä¥ë¥¢¥Ã¥×Àܳ¤òÍøÍѤ·¤Æ¤¤" +"¤ë¾ì¹ç¤Ï 'ppp0' ¤Î¤Û¤¦¤¬¤è¤êŬÀÚ¤«¤â¤·¤ì¤Þ¤»¤ó ¡£" + +#. Type: string +#. Description +#: ../snort.templates:12 ../snort-mysql.templates:12 +#: ../snort-pgsql.templates:12 +msgid "" +"Notice that Snort is usually configured to inspect all traffic coming from " +"the Internet, so the interface you add here is usually the same the 'default " +"route' is on. You can determine which interface is used for this running " +"either '/sbin/ip ro sh' or '/sbin/route -n' (look for 'default' or " +"'0.0.0.0')." +msgstr "" +"Ä̾Snort ¤Ï¥¤¥ó¥¿¡¼¥Í¥Ã¥È¤«¤é¤ä¤Ã¤ÆÍè¤ë¤¹¤Ù¤Æ¤Î¥È¥é¥Õ¥£¥Ã¥¯¤ò¼õ¤±¼è¤ë¤è¤¦" +"¤ËÀßÄꤵ¤ì¤ë¤Î¤Ç¡¢¤³¤³¤ÇÄɲä·¤¿¥¤¥ó¥¿¡¼¥Õ¥§¥¤¥¹¤ÏÂçÄñ 'default route' ¤¬Â¸ºß" +"¤¹¤ë¤â¤Î¤ÈƱ¤¸¤Ç¤¢¤ë¤Î¤ËÃí°Õ¤·¤Æ¤¯¤À¤µ¤¤¡£'/sbin/ip ro sh' ¤Þ¤¿¤Ï '/sbin/" +"route -n' ¤ò¼Â¹Ô¤· ('default' ¤Þ¤¿¤Ï '0.0.0.0' ¤òõ¤·¤Æ)¡¢¤É¤Î¥¤¥ó¥¿¡¼¥Õ¥§¥¤" +"¥¹¤ò»È¤¦¤«¤ò·è¤á¤é¤ì¤Þ¤¹¡£" + +#. Type: string +#. Description +#: ../snort.templates:12 ../snort-mysql.templates:12 +#: ../snort-pgsql.templates:12 +msgid "" +"It is also not uncommon to run Snort on an interface with no IP and " +"configured in promiscuous mode, if this is your case, select the interface " +"in this system that is physically connected to the network you want to " +"inspect, enable promiscuous mode later on and make sure that the network " +"traffic is sent to this interface (either connected to a 'port mirroring/" +"spanning' port in a switch, to a hub or to a tap)" +msgstr "" +"IP ¤òÉÕÍ¿¤·¤Æ¤¤¤Ê¤¤¥¤¥ó¥¿¡¼¥Õ¥§¥¤¥¹¾å¤Ç promiscuous ¥â¡¼¥É¤Î Snort ¤òÆ°ºî¤µ¤»" +"¤ë¤Î¤Ï¤¢¤Þ¤ê°ìÈÌŪ¤Ç¤Ï¤¢¤ê¤Þ¤»¤ó¡£¤³¤ì¤ËÅö¤Æ¤Ï¤Þ¤ë¤è¤¦¤Ê¾ì¹ç¡¢¼õ¿®¤ò¹Ô¤¤¤¿¤¤" +"¥Í¥Ã¥È¥ï¡¼¥¯¤ËÂФ·¤ÆʪÍýŪ¤ËÀܳ¤µ¤ì¤Æ¤¤¤ë¤³¤Î¥·¥¹¥Æ¥à¾å¤Î¥¤¥ó¥¿¡¼¥Õ¥§¥¤¥¹¤ò" +"ÁªÂò¤·¡¢¸å¤Û¤É promiscuous ¥â¡¼¥É¤òÍ­¸ú¤Ë¤·¤Æ¥Í¥Ã¥È¥ï¡¼¥¯¥È¥é¥Õ¥£¥Ã¥¯¤¬¤³¤Î¥¤" +"¥ó¥¿¡¼¥Õ¥§¥¤¥¹ (¥¹¥¤¥Ã¥Á¤Î 'port mirrorin' ¥Ý¡¼¥È¡¦'spanning' ¥Ý¡¼¥È¤«¥ê¥Ô¡¼" +"¥¿¡¼¥Ï¥Ö¡¢¤¢¤ë¤¤¤Ï¥Í¥Ã¥È¥ï¡¼¥¯¥¿¥Ã¥×¤ËÀܳ¤µ¤ì¤Æ¤¤¤Þ¤¹) ¤Ëή¤ì¤Æ¤¤¤ë¤Î¤ò³Îǧ" +"¤·¤Æ¤¯¤À¤µ¤¤¡£" + +#. Type: string +#. Description +#: ../snort.templates:12 ../snort-mysql.templates:12 +#: ../snort-pgsql.templates:12 +msgid "" +"You can configure multiple interfaces here, just by adding more than one " +"interface name separated by spaces. Each interface can have its specific " +"configuration." +msgstr "" +"¤³¤³¤Ç¤Ïñ¤Ë°ì¤Ä°Ê¾å¤Î¥¤¥ó¥¿¡¼¥Õ¥§¥¤¥¹Ì¾¤ò¶õÇò¤Ç¶èÀڤ뤳¤È¤Ç¡¢Ê£¿ô¤Î¥¤¥ó¥¿¡¼" +"¥Õ¥§¥¤¥¹¤òÀßÄê¤Ç¤­¤Þ¤¹¡£¥¤¥ó¥¿¡¼¥Õ¥§¥¤¥¹¤´¤È¤Ë¸ÇÍ­¤ÎÀßÄ꤬²Äǽ¤Ç¤¹¡£" + +#. Type: string +#. Description +#: ../snort.templates:40 ../snort-mysql.templates:40 +#: ../snort-pgsql.templates:40 +msgid "Please enter the address range that Snort will listen on." +msgstr "Snort ¤¬ listen ¤¹¤ë¥¢¥É¥ì¥¹¤ÎÈϰϤòÆþÎϤ·¤Æ¤¯¤À¤µ¤¤¡£" + +#. Type: string +#. Description +#: ../snort.templates:40 ../snort-mysql.templates:40 +#: ../snort-pgsql.templates:40 +msgid "" +"You have to use CIDR form, i.e. 192.168.1.0/24 for a block of 256 IPs or " +"192.168.1.42/32 for just one. Specify multiple addresses on a single line " +"separated by ',' (comma characters), no spaces allowed!" +msgstr "" +"CIDR ·Á¼°¤Ç¤Îµ­½Ò¤¬É¬ÍפǤ¹¡£Î㤨¤Ð 192.168.1.0/24 ¤Ï 256 ¸Ä¤Î IP ¥Ö¥í¥Ã¥¯" +"¤Ç¡¢192.168.1.42/32 ¤Ï IP 1 ¸Ä¤È¤Ê¤ê¤Þ¤¹¡£Ê£¿ô¤Î¥¢¥É¥ì¥¹¤Ï 1 ¹Ô¤Ç ',' (¥«¥ó" +"¥Þ) ¤Ç¶èÀڤäƵ­½Ò¤·¤Þ¤¹¡£¥¹¥Ú¡¼¥¹ (¶õÇò) ¤Ï»È¤¨¤Þ¤»¤ó!" + +#. Type: string +#. Description +#: ../snort.templates:40 ../snort-mysql.templates:40 +#: ../snort-pgsql.templates:40 +msgid "" +"If you want you can specify 'any', to not trust any side of the network." +msgstr "" +"¥í¡¼¥«¥ë¥Í¥Ã¥È¥ï¡¼¥¯¡¦¸ø³«¥Í¥Ã¥È¥ï¡¼¥¯¤Î¤É¤Á¤é¤Î¥Í¥Ã¥È¥ï¡¼¥¯¤â¿®Íꤷ¤Æ¤¤¤Ê¤¤" +"¾ì¹ç¡¢ 'any' ¤È»ØÄꤷ¤Æ¤¯¤À¤µ¤¤¡£" + +#. Type: string +#. Description +#: ../snort.templates:40 ../snort-mysql.templates:40 +#: ../snort-pgsql.templates:40 +msgid "" +"Notice that if you are using multiple interfaces this definition will be " +"used as the HOME_NET definition of all of them." +msgstr "" +"Ê£¿ô¤Î¥¤¥ó¥¿¡¼¥Õ¥§¥¤¥¹¤ò»È¤Ã¤Æ¤¤¤ë¾ì¹ç¡¢¤³¤ÎÄêµÁ¤ÏÁ´¤Æ¤Î¥¤¥ó¥¿¡¼¥Õ¥§¥¤¥¹¤Î " +"HOME_NET ÄêµÁ¤È¤·¤ÆÍøÍѤµ¤ì¤ë¤³¤È¤ËÃí°Õ¤·¤Æ¤¯¤À¤µ¤¤¡£" + +#. Type: boolean +#. Description +#: ../snort.templates:53 ../snort-mysql.templates:53 +#: ../snort-pgsql.templates:53 +msgid "Should Snort disable promiscuous mode on the interface?" +msgstr "Snort ¤Ï¡¢¤³¤Î¥¤¥ó¥¿¡¼¥Õ¥§¥¤¥¹¤Ç promiscous ¥â¡¼¥É¤ò̵¸ú¤Ë¤·¤Þ¤¹¤«?" + +#. Type: boolean +#. Description +#: ../snort.templates:53 ../snort-mysql.templates:53 +#: ../snort-pgsql.templates:53 +msgid "" +"Disabling promiscuous mode means that Snort will only see packets addressed " +"to it's own interface. Enabling it allows Snort to check every packet that " +"passes ethernet segment even if it's a connection between two other " +"computers." +msgstr "" +"promiscuous ¥â¡¼¥É¤ò̵¸ú¤Ë¤¹¤ë¤³¤È¤Ë¤è¤Ã¤Æ Snort ¤Ï¼«¿È¤Î»ý¤Ä¥¤¥ó¥¿¡¼¥Õ¥§¥¤¥¹" +"¤Ø¸þ¤±¤é¤ì¤¿¥Ñ¥±¥Ã¥È¤Î¤ß¤ò´Æ»ë¤·¤Þ¤¹¡£Í­¸ú¤Ë¤¹¤ë¤È¡¢Â¾¤Î¥³¥ó¥Ô¥å¡¼¥¿´Ö¤Î¤ä¤ê" +"¼è¤ê¤ò´Þ¤á¤¿¥¤¡¼¥µ¥Í¥Ã¥È¥»¥°¥á¥ó¥È¾å¤ÎÁ´¤Æ¤Î¥Ñ¥±¥Ã¥È¤ò¥Á¥§¥Ã¥¯¤¹¤ë¤è¤¦¤Ë¤Ê¤ê" +"¤Þ¤¹¡£" + +#. Type: boolean +#. Description +#: ../snort.templates:53 ../snort-mysql.templates:53 +#: ../snort-pgsql.templates:53 +msgid "" +"Disable promiscuous mode if you are configuring Snort on an interface " +"without a configured IP address." +msgstr "" +"IP ¥¢¥É¥ì¥¹¤ÎÀßÄ꤬¤µ¤ì¤Æ¤¤¤Ê¤¤¥¤¥ó¥¿¡¼¥Õ¥§¥¤¥¹¾å¤Ç Snort ¤òÀßÄꤹ¤ë¾ì¹ç¤Ï " +"promiscuous ¥â¡¼¥É¤ò̵¸ú¤Ë¤·¤Æ¤¯¤À¤µ¤¤¡£" + +#. Type: note +#. Description +#: ../snort.templates:64 +msgid "Invalid interface" +msgstr "" + +#. Type: note +#. Description +#: ../snort.templates:64 +msgid "" +"One of the interfaces you specified is not valid (it might not exist on the " +"system or be down). Please introduce a valid interface when answering the " +"question of which interface(s) should Snort listen on." +msgstr "" + +#. Type: note +#. Description +#: ../snort.templates:64 +msgid "" +"If you did not configure an interface then the package is trying to use the " +"default ('eth0') which does not seem to be valid in your system." +msgstr "" + +#. Type: boolean +#. Description +#: ../snort.templates:75 ../snort-mysql.templates:65 +#: ../snort-pgsql.templates:65 +msgid "Should Snort's rules testing order be changed to Pass|Alert|Log?" +msgstr "Snort ¤Î¥ë¡¼¥ë¥»¥Ã¥È¤Î¥Æ¥¹¥È½ç¤ò Pass|Alert|Log ¤ËÊѹ¹¤·¤Þ¤¹¤«?" + +#. Type: boolean +#. Description +#: ../snort.templates:75 ../snort-mysql.templates:65 +#: ../snort-pgsql.templates:65 +msgid "" +"If you change Snort's rules testing order to Pass|Alert|Log, they will be " +"applied in Pass->Alert->Log order, instead of standard Alert->Pass->Log. " +"This will prevent people from having to make huge Berky Packet Filter " +"command line arguments to filter their alert rules." +msgstr "" +"Snort ¤Î¥ë¡¼¥ë¥»¥Ã¥È¤Î¥Æ¥¹¥È½ç¤ò Pass|Alert|Log ¤ËÊѹ¹¤·¤¿¾ì¹ç¡¢¥ë¡¼¥ë¥»¥Ã¥È" +"¤Ï Ä̾ï¤Î Alert->Pass->Log ¤Ç¤Ï¤Ê¤¯ Pass->Alert->Log ¤Î½çÈÖ¤ÇŬÍѤµ¤ì¤Þ¤¹¡£¤³" +"¤¦¤¹¤ë¤³¤È¤Ç alert ¥ë¡¼¥ë¤Î¥Õ¥£¥ë¥¿¤¹¤ë¤¿¤á¤ËĹÂç¤Ê Berky Packet Filter ¥³¥Þ" +"¥ó¥É¥é¥¤¥ó¤ò»ØÄꤷ¤Ê¤¯¤È¤â¤è¤¯¤Ê¤ê¤Þ¤¹¡£" + +#. Type: boolean +#. Description +#: ../snort.templates:84 ../snort-mysql.templates:74 +#: ../snort-pgsql.templates:74 +msgid "Should daily summaries be sent by e-mail?" +msgstr "" + +#. Type: boolean +#. Description +#: ../snort.templates:84 ../snort-mysql.templates:74 +#: ../snort-pgsql.templates:74 +msgid "" +"This Snort installation provides a cron job that runs daily and summarises " +"the information of Snort logs to a selected email address. If you want to " +"disable this feature say 'no' here." +msgstr "" + +#. Type: string +#. Description +#: ../snort.templates:92 ../snort-mysql.templates:82 +#: ../snort-pgsql.templates:82 +msgid "Who should receive the daily statistics mails?" +msgstr "郎Æü¼¡Åý·×¤Î¥á¡¼¥ë¤ò¼õ¤±¼è¤ê¤Þ¤¹¤«?" + +#. Type: string +#. Description +#: ../snort.templates:92 ../snort-mysql.templates:82 +#: ../snort-pgsql.templates:82 +msgid "" +"A cron job running daily will summarise the information of the logs " +"generated by Snort using a script called 'snort-stat'. Introduce here the " +"recipient of these mails. The default value is the system administrator. If " +"you keep this value, make sure that the mail of the administrator is " +"redirected to a user that actually reads those mails." +msgstr "" +"ËèÆü¼Â¹Ô¤µ¤ì¤ë cronjob ¤Ï 'snort-stat' ¤È¸Æ¤Ð¤ì¤ë¥¹¥¯¥ê¥×¥È¤ò»È¤¤¡¢Snort ¤Ë" +"¤è¤Ã¤ÆÀ¸À®¤µ¤ì¤ë¥í¥°¤Î¾ðÊó¤òÍ×Ìó¤·¤Þ¤¹¡£¤³¤³¤Ç¡¢¤³¤ì¤é¤Î¥á¡¼¥ë¤ò¼õ¤±¼è¤ê¿Í¤ò" +"»ØÄꤷ¤Æ¤¯¤À¤µ¤¤¡£É¸½à¤ÎÃͤϥ·¥¹¥Æ¥à´ÉÍý¼Ô¤Ç¤¹¡£¤³¤ÎÃͤΤޤޤˤ·¤Æ¤ª¤­¤¿¤¤¾ì" +"¹ç¤Ï¡¢´ÉÍý¼Ô¤Î¥á¡¼¥ë¤¬¤³¤ì¤é¤Î¥á¡¼¥ë¤òÆɤà¥æ¡¼¥¶¤Ë¼ÂºÝ¤ËžÁ÷¤µ¤ì¤Æ¤¤¤ë¤Î¤ò³Î" +"ǧ¤·¤Æ¤¯¤À¤µ¤¤¡£" + +#. Type: string +#. Description +#: ../snort.templates:102 ../snort-mysql.templates:93 +#: ../snort-pgsql.templates:92 +msgid "" +"If you want to specify custom options to Snort, please specify them here." +msgstr "Snort ¤Ë¥ª¥×¥·¥ç¥ó¤ò»ØÄꤷ¤¿¤¤¾ì¹ç¡¢¤³¤³¤ÇÆþÎϤ·¤Æ¤¯¤À¤µ¤¤¡£" + +#. Type: string +#. Description +#: ../snort.templates:107 ../snort-mysql.templates:98 +#: ../snort-pgsql.templates:97 +msgid "" +"An alert needs to appear more times than this number to be included in the " +"daily statistics." +msgstr "" +"Æü»þÅý·×¤ØÈ¿±Ç¤µ¤ì¤ë°Ù¤Ë¤Ï¡¢¤³¤Î²ó¿ô¤è¤ê¤â¥¢¥é¡¼¥È¤¬Â¿¤¯¸½¤ì¤ëɬÍפ¬¤¢¤ê¤Þ" +"¤¹¡£" + +#. Type: note +#. Description +#: ../snort.templates:111 ../snort-mysql.templates:162 +#: ../snort-pgsql.templates:161 +msgid "You are running Snort manually." +msgstr "¼êÆ°¤Ç Snort ¤òÆ°ºî¤µ¤»¤Æ¤¤¤Þ¤¹¡£" + +#. Type: note +#. Description +#: ../snort.templates:111 ../snort-mysql.templates:162 +#: ../snort-pgsql.templates:161 +msgid "" +"Please restart Snort using:\n" +" /etc/init.d/snort start\n" +"to let the settings take effect." +msgstr "" +"ÀßÄêÊѹ¹¤òÈ¿±Ç¤¹¤ë¤¿¤á¤Ë\n" +" /etc/init.d/snort restart\n" +" ¤È¤·¤Æ Snort ¤òºÆµ¯Æ°¤·¤Æ¤¯¤À¤µ¤¤¡£" + +#. Type: note +#. Description +#: ../snort.templates:118 ../snort-mysql.templates:169 +#: ../snort-pgsql.templates:168 +msgid "There is an error in your configuration" +msgstr "ÀßÄê¤Ë¥¨¥é¡¼¤¬¤¢¤ê¤Þ¤¹" + +#. Type: note +#. Description +#: ../snort.templates:118 ../snort-mysql.templates:169 +#: ../snort-pgsql.templates:168 +msgid "" +"Your Snort configuration is not correct and Snort will not be able to start " +"up normally. Please review your configuration and fix it. If you do not do " +"this, Snort package upgrades will probably break. To check which error is " +"being generated run '/usr/sbin/snort -T -c /etc/snort/snort.conf' (or point " +"to an alternate configuration file if you are using different files for " +"different interfaces)" +msgstr "" +"Snort ¤ÎÀßÄ꤬Àµ¤·¤¯¤Ê¤¤¤Î¤Ç¡¢¤½¤Î¤Þ¤Þ¤À¤È Snort ¤¬µ¯Æ°¤Ç¤­¤Ê¤¯¤Ê¤ê¤Þ¤¹¡£ÀßÄê" +"¤ò¸«Ä¾¤·¤Æ½¤Àµ¤·¤Æ¤¯¤À¤µ¤¤¡£¹Ô¤ï¤Ê¤¤¾ì¹ç¤Ï Snort ¥Ñ¥Ã¥±¡¼¥¸¤Î¥¢¥Ã¥×¥°¥ì¡¼¥É¤¬" +"¤Ç¤­¤Ê¤¯¤Ê¤ë¤Ç¤·¤ç¤¦¡£¤É¤³¤Ç¥¨¥é¡¼¤¬µ¯¤³¤Ã¤Æ¤¤¤ë¤Î¤«¤ò¥Á¥§¥Ã¥¯¤¹¤ë¤Ë¤Ï '/usr/" +"sbin/snort -T -c /etc/snort/snort.conf' ¤ò¼Â¹Ô¤·¤Æ¤¯¤À¤µ¤¤ (°Û¤Ê¤Ã¤¿¥¤¥ó¥¿¡¼" +"¥Õ¥§¥¤¥¹¤´¤È¤ËÊ̤Υե¡¥¤¥ë¤ò»È¤Ã¤Æ¤¤¤ë¤È¤¤¤¦¾ì¹ç¤Ï¡¢Â¾¤ÎÀßÄê¥Õ¥¡¥¤¥ë¤ò»ØÄꤷ" +"¤Æ¤¯¤À¤µ¤¤)¡£" + +#. Type: note +#. Description +#: ../snort.templates:128 ../snort-mysql.templates:179 +#: ../snort-pgsql.templates:178 +msgid "This system uses an obsolete configuration file" +msgstr "¸Å¤¤ÀßÄê¥Õ¥¡¥¤¥ë¤¬¤³¤Î¥·¥¹¥Æ¥à¤Ç¤Ï»È¤ï¤ì¤Æ¤¤¤Þ¤¹¡£" + +#. Type: note +#. Description +#: ../snort.templates:128 ../snort-mysql.templates:179 +#: ../snort-pgsql.templates:178 +#, fuzzy +msgid "" +"Your system has an obsolete configuration file (/etc/snort/snort.common." +"parameters) which has been automatically converted into the new " +"configuration file format (at /etc/default/snort). Please review the new " +"configuration and remove the obsolete one. Until you do this, the init.d " +"script will not use the new configuration and you will not take advantage of " +"the benefits introduced in newer releases." +msgstr "" +" (/etc/snort/snort.common.parameters) ¡£¤³¤ì¤Ï¼«Æ°Åª¤Ë¿·¤·¤¤ÀßÄê¥Õ¥¡¥¤¥ë·Á¼° " +"(/etc/default/snort ¤Ë¤¢¤ê¤Þ¤¹) ¤ËÊÑ´¹¤µ¤ì¤Æ¤¤¤Þ¤¹¡£¿·¤·¤¤ÀßÄê¤ò³Îǧ¤·¤Æ¡¢¸Å" +"¤¤ÀßÄê¤òºï½ü¤·¤Æ¤¯¤À¤µ¤¤¡£ºï½ü¤¹¤ë¤Þ¤Ç¡¢init.d ¥¹¥¯¥ê¥×¥È¤Ï¿·¤·¤¤ÀßÄê¤ò»È¤ª¤¦" +"¤È¤Ï¤·¤Ê¤¤¤Î¤Ç¿·¤·¤¤¥ê¥ê¡¼¥¹¤ÇƳÆþ¤µ¤ì¤¿ " + +#. Type: note +#. Description +#: ../snort-mysql.templates:102 +msgid "" +"Your system has an obsolete configuration file (/etc/snort/snort.common." +"parameters) which has been automatically converted into the new " +"configuration file format (at /etc/default/snort). Please review the new " +"configuration and remove the obsolete one. Until you do this, the init.d " +"script will not use the new configuration and you will not take advantage of " +"the benefits introduced in newer releases." +msgstr "" +" (/etc/snort/snort.common.parameters) ¡£¤³¤ì¤Ï¼«Æ°Åª¤Ë¿·¤·¤¤ÀßÄê¥Õ¥¡¥¤¥ë·Á¼° " +"(/etc/default/snort ¤Ë¤¢¤ê¤Þ¤¹) ¤ËÊÑ´¹¤µ¤ì¤Æ¤¤¤Þ¤¹¡£¿·¤·¤¤ÀßÄê¤ò³Îǧ¤·¤Æ¡¢¸Å" +"¤¤ÀßÄê¤òºï½ü¤·¤Æ¤¯¤À¤µ¤¤¡£ºï½ü¤¹¤ë¤Þ¤Ç¡¢init.d ¥¹¥¯¥ê¥×¥È¤Ï¿·¤·¤¤ÀßÄê¤ò»È¤ª¤¦" +"¤È¤Ï¤·¤Ê¤¤¤Î¤Ç¿·¤·¤¤¥ê¥ê¡¼¥¹¤ÇƳÆþ¤µ¤ì¤¿ " + +#. Type: boolean +#. Description +#: ../snort-mysql.templates:114 +msgid "Do you want to set up a database for snort-mysql to log to?" +msgstr "snort-mysql ¤òÍøÍѤ·¤Æ¥í¥°¤Ëµ­Ï¿¤¹¤ë¤¿¤á¡¢¥Ç¡¼¥¿¥Ù¡¼¥¹¤òÀßÄꤷ¤Þ¤¹¤«?" + +#. Type: boolean +#. Description +#: ../snort-mysql.templates:114 +msgid "" +"You only need to do this the first time you install snort-mysql. Before you " +"go on, make sure you have (1) the hostname of a machine running a mysql " +"server set up to allow tcp connections from this host, (2) a database on " +"that server, (3) a username and password to access the database. If you " +"don't have _all_ of these, either select 'no' and run with regular file " +"logging support, or fix this first. You can always configure database " +"logging later, by reconfiguring the snort-mysql package with 'dpkg-" +"reconfigure -plow snort-mysql'" +msgstr "" +"½é¤á¤Æ snort-mysql ¤ò¥¤¥ó¥¹¥È¡¼¥ë¤·¤¿»þ¤Î¤ß¡¢¤³¤ÎÀßÄê¤ò¹Ô¤¦É¬Íפ¬¤¢¤ê¤Þ¤¹¡£Â³" +"¹Ô¤ÎÁ°¤Ë¡¢(1) ¤³¤Î¥Û¥¹¥È¤«¤é¤Î TCP Àܳ¤¬µö²Ä¤µ¤ì¤Æ¤¤¤ë mysql ¥µ¡¼¥Ð¤Î¥Û¥¹¥È" +"̾¡¢(2) ¤½¤Î¥µ¡¼¥Ð¤Ç¤Î¥Ç¡¼¥¿¥Ù¡¼¥¹Ì¾¡¢(3) ¥Ç¡¼¥¿¥Ù¡¼¥¹¤Ë¥¢¥¯¥»¥¹¤¹¤ë¤¿¤á¤Î" +"¥æ¡¼¥¶Ì¾¤È¥Ñ¥¹¥ï¡¼¥É ¤ò³Îǧ¤·¤Æ¤¯¤À¤µ¤¤¡£¤³¤ì¤é¤¬¡Ö¤¹¤Ù¤Æ¡×¤½¤í¤Ã¤Æ¤¤¤Ê¤¤¾ì" +"¹ç¡¢ 'no' ¤òÁªÂò¤·¤ÆÄ̾ï¤Î¥Õ¥¡¥¤¥ë¤Ø¤Î¥í¥°µ­Ï¿¤ò¹Ô¤¦¤«¡¢¤Þ¤º¾ò·ï¤ò³Îǧ¤·¤Æ¤¯" +"¤À¤µ¤¤¡£¤Î¤Á¤Û¤É 'dpkg-reconfigure -plow snort-mysql' ¤È¤·¤Æ snort-mysql ¥Ñ¥Ã" +"¥±¡¼¥¸¤òºÆÀßÄꤷ¤Æ¡¢¥Ç¡¼¥¿¥Ù¡¼¥¹¤Ç¤Î¥í¥°µ­Ï¿ÀßÄê¤ÎÊѹ¹¤¬¤¤¤Ä¤Ç¤â²Äǽ¤Ç¤¹¡£" + +#. Type: note +#. Description +#: ../snort-mysql.templates:126 ../snort-pgsql.templates:125 +#, fuzzy +msgid "Snort needs a configured database to log to before it starts." +msgstr "Snort ¤Ç¤Ï¥í¥°¤òµ­Ï¿¤¹¤ë¤Î¤Ë¥Ç¡¼¥¿¥Ù¡¼¥¹¤ÎÀßÄ꤬ɬÍפǤ¹¡£" + +#. Type: note +#. Description +#: ../snort-mysql.templates:126 +#, fuzzy +msgid "" +"Snort needs a configured database before it can successfully start up. In " +"order to create the structure you need to run the following commands AFTER " +"the package is installed:\n" +" cd /usr/share/doc/snort-mysql/\n" +" zcat create_mysql.gz | mysql -u -h -p \n" +"Fill in the correct values for the user, host, and database names. MySQL " +"will prompt you for the password." +msgstr "" +"¤³¤³¤Ç°Ê²¼¤Î¥³¥Þ¥ó¥É¤òÆþÎϤ·¤Æ¡¢¥Ç¡¼¥¿¥Ù¡¼¥¹¤òºîÀ®¤·¤Æ¤¯¤À¤µ¤¤: \n" +" cd /usr/share/doc/snort-mysql/\n" +" zcat create_mysql.gz | mysql -u -h -p \n" +" ¥æ¡¼¥¶Ì¾¡¢¥Û¥¹¥È̾¡¢¥Ç¡¼¥¿¥Ù¡¼¥¹Ì¾¤ÏŬÅö¤Ê¤â¤Î¤òÅö¤Æ¤Ï¤á¤ÆÆþÎϤ·¤Æ¤¯¤À¤µ" +"¤¤¡£ MySQL ¤Ï¥Ñ¥¹¥ï¡¼¥É¤òÍ׵ᤷ¤Þ¤¹¡£" + +#. Type: note +#. Description +#: ../snort-mysql.templates:126 ../snort-pgsql.templates:125 +#, fuzzy +msgid "" +"After you created the database structure, you will need to start Snort " +"manually." +msgstr "¥Ç¡¼¥¿¥Ù¡¼¥¹ºîÀ®¸å¡¢'ok' ¤ò²¡¤·¤Æ³¹Ô¤·¤Æ¤¯¤À¤µ¤¤¡£" + +#. Type: string +#. Description +#: ../snort-mysql.templates:140 +msgid "Please enter the hostname of the mysql database server to use." +msgstr "mysql ¥µ¡¼¥Ð¤Î¥Û¥¹¥È̾¤òÆþÎϤ·¤Æ¤¯¤À¤µ¤¤¡£" + +#. Type: string +#. Description +#: ../snort-mysql.templates:140 ../snort-pgsql.templates:139 +msgid "" +"Make sure it has been set up correctly to allow incoming connections from " +"this host!" +msgstr "" +"¤³¤Î¥Û¥¹¥È¤«¤é¤ÎÀܳÍ׵᤬µö²Ä¤µ¤ì¤ë¤è¤¦¤Ë¡¢ÀßÄê¤òÀµ¤·¤¯¹Ô¤Ã¤Æ¤¯¤À¤µ¤¤!" + +#. Type: string +#. Description +#: ../snort-mysql.templates:146 ../snort-pgsql.templates:145 +msgid "Please enter the name of the database to use." +msgstr "»ÈÍѤ¹¤ë¥Ç¡¼¥¿¥Ù¡¼¥¹Ì¾¤òÆþÎϤ·¤Æ¤¯¤À¤µ¤¤¡£" + +#. Type: string +#. Description +#: ../snort-mysql.templates:146 ../snort-pgsql.templates:145 +msgid "" +"Make sure this database has been created and your database user has write " +"access to this database." +msgstr "" +"¤³¤Î¥Ç¡¼¥¿¥Ù¡¼¥¹¤¬´û¤Ëºî¤é¤ì¤Æ¤ª¤ê¡¢¥Ç¡¼¥¿¥Ù¡¼¥¹¥æ¡¼¥¶¤Ë½ñ¤­¹þ¤ß¸¢¸Â¤¬¤¢¤ë¤Î" +"¤ò³Îǧ¤·¤Æ¤¯¤À¤µ¤¤¡£" + +#. Type: string +#. Description +#: ../snort-mysql.templates:152 ../snort-pgsql.templates:151 +msgid "Please enter the name of the database user you want to use." +msgstr "»ÈÍѤ¹¤ë¥Ç¡¼¥¿¥Ù¡¼¥¹¤Î¥æ¡¼¥¶Ì¾¤òÆþÎϤ·¤Æ¤¯¤À¤µ¤¤¡£" + +#. Type: string +#. Description +#: ../snort-mysql.templates:152 ../snort-pgsql.templates:151 +msgid "Make sure this user has been created and has write access." +msgstr "" +"¥æ¡¼¥¶¤¬´û¤Ëºî¤é¤ì¤Æ¤ª¤ê¡¢½ñ¤­¹þ¤ß¸¢¸Â¤ò¤â¤Ã¤Æ¤¤¤ë¤³¤È¤ò³Îǧ¤·¤Æ¤¯¤À¤µ¤¤¡£" + +#. Type: password +#. Description +#: ../snort-mysql.templates:157 ../snort-pgsql.templates:156 +msgid "Please enter the password for the database connection." +msgstr "¥Ç¡¼¥¿¥Ù¡¼¥¹Àܳ¤Ë»ÈÍѤ¹¤ë¥Ñ¥¹¥ï¡¼¥É¤òÆþÎϤ·¤Æ¤¯¤À¤µ¤¤¡£" + +#. Type: password +#. Description +#: ../snort-mysql.templates:157 ../snort-pgsql.templates:156 +msgid "Please enter a password to connect to the Snort Alert database." +msgstr "" +"Snort ¥¢¥é¡¼¥È¥Ç¡¼¥¿¥Ù¡¼¥¹ ¤ËÀܳ¤¹¤ëºÝ¤Ë»ÈÍѤ¹¤ë¥Ñ¥¹¥ï¡¼¥É¤òÆþÎϤ·¤Æ¤¯¤À¤µ" +"¤¤¡£" + +#. Type: boolean +#. Description +#: ../snort-pgsql.templates:113 +msgid "Do you want to set up a database for snort-pgsql to log to?" +msgstr "snort-pqsql ¤òÍøÍѤ·¤Æ¥í¥°¤Ëµ­Ï¿¤¹¤ë¤¿¤á¡¢¥Ç¡¼¥¿¥Ù¡¼¥¹¤òÀßÄꤷ¤Þ¤¹¤«?" + +#. Type: boolean +#. Description +#: ../snort-pgsql.templates:113 +msgid "" +"You only need to do this the first time you install snort-pgsql. Before you " +"go on, make sure you have (1) the hostname of a machine running a pgsql " +"server set up to allow tcp connections from this host, (2) a database on " +"that server, (3) a username and password to access the database. If you " +"don't have _all_ of these, either select 'no' and run with regular file " +"logging support, or fix this first. You can always configure database " +"logging later, by reconfiguring the snort-pgsql package with 'dpkg-" +"reconfigure -plow snort-pgsql'" +msgstr "" +"½é¤á¤Æ snort-pgsql ¤ò¥¤¥ó¥¹¥È¡¼¥ë¤·¤¿»þ¤Î¤ß¡¢¤³¤ÎÀßÄê¤ò¹Ô¤¦É¬Íפ¬¤¢¤ê¤Þ¤¹¡£Â³" +"¹Ô¤ÎÁ°¤Ë¡¢(1) ¤³¤Î¥Û¥¹¥È¤«¤é¤Î TCP Àܳ¤¬µö²Ä¤µ¤ì¤Æ¤¤¤ë pgsql ¥µ¡¼¥Ð¤Î¥Û¥¹¥È" +"̾¡¢(2) ¤½¤Î¥µ¡¼¥Ð¤Ç¤Î¥Ç¡¼¥¿¥Ù¡¼¥¹Ì¾¡¢(3) ¥Ç¡¼¥¿¥Ù¡¼¥¹¤Ë¥¢¥¯¥»¥¹¤¹¤ë¤¿¤á¤Î" +"¥æ¡¼¥¶Ì¾¤È¥Ñ¥¹¥ï¡¼¥É ¤ò³Îǧ¤·¤Æ¤¯¤À¤µ¤¤¡£¤³¤ì¤é¤¬¡Ö¤¹¤Ù¤Æ¡×¤½¤í¤Ã¤Æ¤¤¤Ê¤¤¾ì" +"¹ç¡¢ 'no' ¤òÁªÂò¤·¤ÆÄ̾ï¤Î¥í¥°µ­Ï¿¤ò¹Ô¤¦¤«¡¢¤Þ¤º¾ò·ï¤ò³Îǧ¤·¤Æ¤¯¤À¤µ¤¤¡£¤Î¤Á" +"¤Û¤É 'dpkg-reconfigure -plow snort-pgsql' ¤È¼Â¹Ô¤· snort-mysql ¥Ñ¥Ã¥±¡¼¥¸¤òºÆ" +"ÀßÄꤷ¤Æ¡¢¥Ç¡¼¥¿¥Ù¡¼¥¹¤Ç¤Î¥í¥°µ­Ï¿ÀßÄê¤ÎÊѹ¹¤¬¤¤¤Ä¤Ç¤â²Äǽ¤Ç¤¹¡£" + +#. Type: note +#. Description +#: ../snort-pgsql.templates:125 +#, fuzzy +msgid "" +"Snort needs a configured database before it can successfully start up. In " +"order to create the structure you need to run the following commands AFTER " +"the package is installed:\n" +" cd /usr/share/doc/snort-pgsql/\n" +" zcat create_postgresql.gz | psql -U -h -W \n" +"Fill in the correct values for the user, host, and database names. " +"PostgreSQL will prompt you for the password." +msgstr "" +"¤³¤³¤Ç°Ê²¼¤Î¥³¥Þ¥ó¥É¤òÆþÎϤ·¤Æ¡¢¥Ç¡¼¥¿¥Ù¡¼¥¹¤òºîÀ®¤·¤Æ¤¯¤À¤µ¤¤: \n" +" cd /usr/share/doc/snort-pgsql/\n" +" zcat create_pgsql.gz | mysql -u -h -W \n" +" ¥æ¡¼¥¶Ì¾¡¢¥Û¥¹¥È̾¡¢¥Ç¡¼¥¿¥Ù¡¼¥¹Ì¾¤ÏŬÅö¤Ê¤â¤Î¤òÅö¤Æ¤Ï¤á¤ÆÆþÎϤ·¤Æ¤¯¤À¤µ" +"¤¤¡£ PostgreSQL ¤Ï¥Ñ¥¹¥ï¡¼¥É¤òÍ׵ᤷ¤Þ¤¹¡£" + +#. Type: string +#. Description +#: ../snort-pgsql.templates:139 +msgid "Please enter the hostname of the pgsql database server to use." +msgstr "PostgreSQL ¥µ¡¼¥Ð¤Î¥Û¥¹¥È̾¤òÆþÎϤ·¤Æ¤¯¤À¤µ¤¤¡£" + +#. Type: note +#. Description +#: ../snort-common.templates:3 +msgid "Your configuration file is deprecated" +msgstr "̵¸ú¤ÊÀßÄê¥Õ¥¡¥¤¥ë¤Ç¤¹" + +#. Type: note +#. Description +#: ../snort-common.templates:3 +msgid "" +"Your Snort configuration file (/etc/snort/snort.conf) uses deprecated " +"options no longer available for this Snort release. Snort will not be able " +"to start unless you provide a correct configuration file. You can substitute " +"your configuration file with the one provided in this package or fix it " +"manually by removing deprecated options." +msgstr "" +"Snort ¤ÎÀßÄê¥Õ¥¡¥¤¥ë (/etc/snort/snort.conf) ¤Ë¤Æ¡¢º£²ó¤Î¥ê¥ê¡¼¥¹¤«¤é»È¤¨¤Ê¤¯" +"¤Ê¤Ã¤¿Ìµ¸ú¤Ê¥ª¥×¥·¥ç¥ó¤ò»ØÄꤷ¤Æ¤¤¤Þ¤¹¡£ÀßÄê¥Õ¥¡¥¤¥ë¤ò½¤Àµ¤·¤Ê¤¤¸Â¤êµ¯Æ°¤Ç¤­" +"¤Ê¤¯¤Ê¤ê¤Þ¤¹¡£ÀßÄê¥Õ¥¡¥¤¥ë¤ò¤³¤Î¥Ñ¥Ã¥±¡¼¥¸¤¬Ä󶡤·¤Æ¤¤¤ë¤â¤Î¤ËÃÖ´¹¤¹¤ë¤«¡¢Ìµ" +"¸ú¤Ê¥ª¥×¥·¥ç¥ó¤ò¼êÆ°¤Çºï½ü¤¹¤ë¤«¤·¤Æ²óÈò¤Ç¤­¤Þ¤¹¡£" + +#. Type: note +#. Description +#: ../snort-common.templates:3 +msgid "" +"The following deprecated options were found in your configuration file: " +"${DEP_CONFIG}" +msgstr "ÀßÄê¥Õ¥¡¥¤¥ë¤Ç°Ê²¼¤Î̵¸ú¤Ê¥ª¥×¥·¥ç¥ó¤¬¸«¤Ä¤«¤ê¤Þ¤·¤¿: ${DEP_CONFIG}" + +#~ msgid "On which interface should Snort listen?" +#~ msgstr "Snort ¤Ï¤É¤Î¥¤¥ó¥¿¡¼¥Õ¥§¥¤¥¹¤Ç listen ¤·¤Þ¤¹¤«?" + +#~ msgid "" +#~ "Please enter the interface name which snort should listen on. The name of " +#~ "the available interfaces are provided by running 'ip link show'. This " +#~ "value usually is 'eth0', but you might want to vary this depending on " +#~ "your environment, if you are using a dialup connection 'ppp0' might be " +#~ "more appropiate." +#~ msgstr "" +#~ "Snort ¤¬ listen ¤¹¤Ù¤­¥¤¥ó¥¿¡¼¥Õ¥§¥¤¥¹Ì¾¤òÆþÎϤ·¤Æ¤¯¤À¤µ¤¤¡£»ØÄê²Äǽ¤Ê¥¤¥ó" +#~ "¥¿¡¼¥Õ¥§¥¤¥¹¤Ï 'ip link show' ¤ò¼Â¹Ô¤¹¤ë¤È³Îǧ¤Ç¤­¤Þ¤¹¡£¤³¤ÎÃͤÏÂçÄñ¤Î¾ì" +#~ "¹ç 'eth0' ¤Ç¤¹¤¬¡¢¤³¤ì¤Ï´Ä¶­¤Ë¤È¤Æ¤â°Í¸¤¹¤ë¤Î¤Ç¡¢¥À¥¤¥ä¥ë¥¢¥Ã¥×Àܳ¤òÍøÍÑ" +#~ "¤·¤Æ¤¤¤ë¾ì¹ç¤Ï 'ppp0' ¤Î¤Û¤¦¤¬¤è¤êŬÀÚ¤«¤â¤·¤ì¤Þ¤»¤ó ¡£" + +#~ msgid "" +#~ "Notice that Snort is usually configured to inspect all traffic coming " +#~ "from the Internet, so the interface you add here is usually the same the " +#~ "'default route' is on. You can determine which interface is used for " +#~ "this running either 'ip route show' or '/sbin/route -n' (look for " +#~ "'default' or '0.0.0.0')." +#~ msgstr "" +#~ "Ä̾Snort ¤Ï¥¤¥ó¥¿¡¼¥Í¥Ã¥È¤«¤é¤ä¤Ã¤ÆÍè¤ë¤¹¤Ù¤Æ¤Î¥È¥é¥Õ¥£¥Ã¥¯¤ò¼õ¤±¼è¤ë¤è" +#~ "¤¦¤ËÀßÄꤵ¤ì¤ë¤Î¤Ç¡¢¤³¤³¤ÇÄɲä·¤¿¥¤¥ó¥¿¡¼¥Õ¥§¥¤¥¹¤ÏÂçÄñ 'default route' " +#~ "¤¬Â¸ºß¤¹¤ë¤â¤Î¤ÈƱ¤¸¤È¤¤¤¦¤³¤È¤ËÃí°Õ¤·¤Æ¤¯¤À¤µ¤¤¡£'ip route show' ¤Þ¤¿¤Ï " +#~ "'/sbin/route -n' ¤ò¼Â¹Ô¤· ('default' ¤Þ¤¿¤Ï '0.0.0.0' ¤òõ¤·¤Æ)¡¢¤É¤Î¥¤¥ó" +#~ "¥¿¡¼¥Õ¥§¥¤¥¹¤ò»È¤¦¤«¤ò·è¤á¤ë¤³¤È¤¬¤Ç¤­¤Þ¤¹¡£" + +#~ msgid "Should Snort disable promiscous mode on the interface?" +#~ msgstr "¤³¤Î¥¤¥ó¥¿¡¼¥Õ¥§¥¤¥¹¤Ç promiscous ¥â¡¼¥É¤ò̵¸ú¤Ë¤·¤Þ¤¹¤«?" --- snort-2.3.3.orig/debian/po/templates.pot +++ snort-2.3.3/debian/po/templates.pot @@ -0,0 +1,478 @@ +# SOME DESCRIPTIVE TITLE. +# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER +# This file is distributed under the same license as the PACKAGE package. +# FIRST AUTHOR , YEAR. +# +#, fuzzy +msgid "" +msgstr "" +"Project-Id-Version: PACKAGE VERSION\n" +"Report-Msgid-Bugs-To: jfs@computer.org\n" +"POT-Creation-Date: 2006-03-22 09:15+0100\n" +"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" +"Last-Translator: FULL NAME \n" +"Language-Team: LANGUAGE \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=CHARSET\n" +"Content-Transfer-Encoding: 8bit\n" + +#. Type: select +#. Choices +#: ../snort.templates:3 ../snort-mysql.templates:3 ../snort-pgsql.templates:3 +msgid "boot, dialup, manual" +msgstr "" + +#. Type: select +#. Description +#: ../snort.templates:5 ../snort-mysql.templates:5 ../snort-pgsql.templates:5 +msgid "When should Snort be started?" +msgstr "" + +#. Type: select +#. Description +#: ../snort.templates:5 ../snort-mysql.templates:5 ../snort-pgsql.templates:5 +msgid "" +"Snort can be started during boot, when connecting to the net with pppd or " +"only when you manually start it via /usr/sbin/snort." +msgstr "" + +#. Type: string +#. Description +#: ../snort.templates:12 ../snort-mysql.templates:12 +#: ../snort-pgsql.templates:12 +msgid "On which interface(s) should Snort listen?" +msgstr "" + +#. Type: string +#. Description +#: ../snort.templates:12 ../snort-mysql.templates:12 +#: ../snort-pgsql.templates:12 +msgid "" +"Please enter the name(s) of the interface(s) which Snort should listen on. " +"The names of the available interfaces are provided by either running 'ip " +"link show' of 'ifconfig'. This value usually is 'eth0', but you might want " +"to vary this depending on your environment, if you are using a dialup " +"connection 'ppp0' might be more appropiate." +msgstr "" + +#. Type: string +#. Description +#: ../snort.templates:12 ../snort-mysql.templates:12 +#: ../snort-pgsql.templates:12 +msgid "" +"Notice that Snort is usually configured to inspect all traffic coming from " +"the Internet, so the interface you add here is usually the same the 'default " +"route' is on. You can determine which interface is used for this running " +"either '/sbin/ip ro sh' or '/sbin/route -n' (look for 'default' or " +"'0.0.0.0')." +msgstr "" + +#. Type: string +#. Description +#: ../snort.templates:12 ../snort-mysql.templates:12 +#: ../snort-pgsql.templates:12 +msgid "" +"It is also not uncommon to run Snort on an interface with no IP and " +"configured in promiscuous mode, if this is your case, select the interface " +"in this system that is physically connected to the network you want to " +"inspect, enable promiscuous mode later on and make sure that the network " +"traffic is sent to this interface (either connected to a 'port mirroring/" +"spanning' port in a switch, to a hub or to a tap)" +msgstr "" + +#. Type: string +#. Description +#: ../snort.templates:12 ../snort-mysql.templates:12 +#: ../snort-pgsql.templates:12 +msgid "" +"You can configure multiple interfaces here, just by adding more than one " +"interface name separated by spaces. Each interface can have its specific " +"configuration." +msgstr "" + +#. Type: string +#. Description +#: ../snort.templates:40 ../snort-mysql.templates:40 +#: ../snort-pgsql.templates:40 +msgid "Please enter the address range that Snort will listen on." +msgstr "" + +#. Type: string +#. Description +#: ../snort.templates:40 ../snort-mysql.templates:40 +#: ../snort-pgsql.templates:40 +msgid "" +"You have to use CIDR form, i.e. 192.168.1.0/24 for a block of 256 IPs or " +"192.168.1.42/32 for just one. Specify multiple addresses on a single line " +"separated by ',' (comma characters), no spaces allowed!" +msgstr "" + +#. Type: string +#. Description +#: ../snort.templates:40 ../snort-mysql.templates:40 +#: ../snort-pgsql.templates:40 +msgid "" +"If you want you can specify 'any', to not trust any side of the network." +msgstr "" + +#. Type: string +#. Description +#: ../snort.templates:40 ../snort-mysql.templates:40 +#: ../snort-pgsql.templates:40 +msgid "" +"Notice that if you are using multiple interfaces this definition will be " +"used as the HOME_NET definition of all of them." +msgstr "" + +#. Type: boolean +#. Description +#: ../snort.templates:53 ../snort-mysql.templates:53 +#: ../snort-pgsql.templates:53 +msgid "Should Snort disable promiscuous mode on the interface?" +msgstr "" + +#. Type: boolean +#. Description +#: ../snort.templates:53 ../snort-mysql.templates:53 +#: ../snort-pgsql.templates:53 +msgid "" +"Disabling promiscuous mode means that Snort will only see packets addressed " +"to it's own interface. Enabling it allows Snort to check every packet that " +"passes ethernet segment even if it's a connection between two other " +"computers." +msgstr "" + +#. Type: boolean +#. Description +#: ../snort.templates:53 ../snort-mysql.templates:53 +#: ../snort-pgsql.templates:53 +msgid "" +"Disable promiscuous mode if you are configuring Snort on an interface " +"without a configured IP address." +msgstr "" + +#. Type: note +#. Description +#: ../snort.templates:64 +msgid "Invalid interface" +msgstr "" + +#. Type: note +#. Description +#: ../snort.templates:64 +msgid "" +"One of the interfaces you specified is not valid (it might not exist on the " +"system or be down). Please introduce a valid interface when answering the " +"question of which interface(s) should Snort listen on." +msgstr "" + +#. Type: note +#. Description +#: ../snort.templates:64 +msgid "" +"If you did not configure an interface then the package is trying to use the " +"default ('eth0') which does not seem to be valid in your system." +msgstr "" + +#. Type: boolean +#. Description +#: ../snort.templates:75 ../snort-mysql.templates:65 +#: ../snort-pgsql.templates:65 +msgid "Should Snort's rules testing order be changed to Pass|Alert|Log?" +msgstr "" + +#. Type: boolean +#. Description +#: ../snort.templates:75 ../snort-mysql.templates:65 +#: ../snort-pgsql.templates:65 +msgid "" +"If you change Snort's rules testing order to Pass|Alert|Log, they will be " +"applied in Pass->Alert->Log order, instead of standard Alert->Pass->Log. " +"This will prevent people from having to make huge Berky Packet Filter " +"command line arguments to filter their alert rules." +msgstr "" + +#. Type: boolean +#. Description +#: ../snort.templates:84 ../snort-mysql.templates:74 +#: ../snort-pgsql.templates:74 +msgid "Should daily summaries be sent by e-mail?" +msgstr "" + +#. Type: boolean +#. Description +#: ../snort.templates:84 ../snort-mysql.templates:74 +#: ../snort-pgsql.templates:74 +msgid "" +"This Snort installation provides a cron job that runs daily and summarises " +"the information of Snort logs to a selected email address. If you want to " +"disable this feature say 'no' here." +msgstr "" + +#. Type: string +#. Description +#: ../snort.templates:92 ../snort-mysql.templates:82 +#: ../snort-pgsql.templates:82 +msgid "Who should receive the daily statistics mails?" +msgstr "" + +#. Type: string +#. Description +#: ../snort.templates:92 ../snort-mysql.templates:82 +#: ../snort-pgsql.templates:82 +msgid "" +"A cron job running daily will summarise the information of the logs " +"generated by Snort using a script called 'snort-stat'. Introduce here the " +"recipient of these mails. The default value is the system administrator. If " +"you keep this value, make sure that the mail of the administrator is " +"redirected to a user that actually reads those mails." +msgstr "" + +#. Type: string +#. Description +#: ../snort.templates:102 ../snort-mysql.templates:93 +#: ../snort-pgsql.templates:92 +msgid "" +"If you want to specify custom options to Snort, please specify them here." +msgstr "" + +#. Type: string +#. Description +#: ../snort.templates:107 ../snort-mysql.templates:98 +#: ../snort-pgsql.templates:97 +msgid "" +"An alert needs to appear more times than this number to be included in the " +"daily statistics." +msgstr "" + +#. Type: note +#. Description +#: ../snort.templates:111 ../snort-mysql.templates:162 +#: ../snort-pgsql.templates:161 +msgid "You are running Snort manually." +msgstr "" + +#. Type: note +#. Description +#: ../snort.templates:111 ../snort-mysql.templates:162 +#: ../snort-pgsql.templates:161 +msgid "" +"Please restart Snort using:\n" +" /etc/init.d/snort start\n" +"to let the settings take effect." +msgstr "" + +#. Type: note +#. Description +#: ../snort.templates:118 ../snort-mysql.templates:169 +#: ../snort-pgsql.templates:168 +msgid "There is an error in your configuration" +msgstr "" + +#. Type: note +#. Description +#: ../snort.templates:118 ../snort-mysql.templates:169 +#: ../snort-pgsql.templates:168 +msgid "" +"Your Snort configuration is not correct and Snort will not be able to start " +"up normally. Please review your configuration and fix it. If you do not do " +"this, Snort package upgrades will probably break. To check which error is " +"being generated run '/usr/sbin/snort -T -c /etc/snort/snort.conf' (or point " +"to an alternate configuration file if you are using different files for " +"different interfaces)" +msgstr "" + +#. Type: note +#. Description +#: ../snort.templates:128 ../snort-mysql.templates:179 +#: ../snort-pgsql.templates:178 +msgid "This system uses an obsolete configuration file" +msgstr "" + +#. Type: note +#. Description +#: ../snort.templates:128 ../snort-mysql.templates:179 +#: ../snort-pgsql.templates:178 +msgid "" +"Your system has an obsolete configuration file (/etc/snort/snort.common." +"parameters) which has been automatically converted into the new " +"configuration file format (at /etc/default/snort). Please review the new " +"configuration and remove the obsolete one. Until you do this, the init.d " +"script will not use the new configuration and you will not take advantage of " +"the benefits introduced in newer releases." +msgstr "" + +#. Type: note +#. Description +#: ../snort-mysql.templates:102 +msgid "" +"Your system has an obsolete configuration file (/etc/snort/snort.common." +"parameters) which has been automatically converted into the new " +"configuration file format (at /etc/default/snort). Please review the new " +"configuration and remove the obsolete one. Until you do this, the init.d " +"script will not use the new configuration and you will not take advantage of " +"the benefits introduced in newer releases." +msgstr "" + +#. Type: boolean +#. Description +#: ../snort-mysql.templates:114 +msgid "Do you want to set up a database for snort-mysql to log to?" +msgstr "" + +#. Type: boolean +#. Description +#: ../snort-mysql.templates:114 +msgid "" +"You only need to do this the first time you install snort-mysql. Before you " +"go on, make sure you have (1) the hostname of a machine running a mysql " +"server set up to allow tcp connections from this host, (2) a database on " +"that server, (3) a username and password to access the database. If you " +"don't have _all_ of these, either select 'no' and run with regular file " +"logging support, or fix this first. You can always configure database " +"logging later, by reconfiguring the snort-mysql package with 'dpkg-" +"reconfigure -plow snort-mysql'" +msgstr "" + +#. Type: note +#. Description +#: ../snort-mysql.templates:126 ../snort-pgsql.templates:125 +msgid "Snort needs a configured database to log to before it starts." +msgstr "" + +#. Type: note +#. Description +#: ../snort-mysql.templates:126 +msgid "" +"Snort needs a configured database before it can successfully start up. In " +"order to create the structure you need to run the following commands AFTER " +"the package is installed:\n" +" cd /usr/share/doc/snort-mysql/\n" +" zcat create_mysql.gz | mysql -u -h -p \n" +"Fill in the correct values for the user, host, and database names. MySQL " +"will prompt you for the password." +msgstr "" + +#. Type: note +#. Description +#: ../snort-mysql.templates:126 ../snort-pgsql.templates:125 +msgid "" +"After you created the database structure, you will need to start Snort " +"manually." +msgstr "" + +#. Type: string +#. Description +#: ../snort-mysql.templates:140 +msgid "Please enter the hostname of the mysql database server to use." +msgstr "" + +#. Type: string +#. Description +#: ../snort-mysql.templates:140 ../snort-pgsql.templates:139 +msgid "" +"Make sure it has been set up correctly to allow incoming connections from " +"this host!" +msgstr "" + +#. Type: string +#. Description +#: ../snort-mysql.templates:146 ../snort-pgsql.templates:145 +msgid "Please enter the name of the database to use." +msgstr "" + +#. Type: string +#. Description +#: ../snort-mysql.templates:146 ../snort-pgsql.templates:145 +msgid "" +"Make sure this database has been created and your database user has write " +"access to this database." +msgstr "" + +#. Type: string +#. Description +#: ../snort-mysql.templates:152 ../snort-pgsql.templates:151 +msgid "Please enter the name of the database user you want to use." +msgstr "" + +#. Type: string +#. Description +#: ../snort-mysql.templates:152 ../snort-pgsql.templates:151 +msgid "Make sure this user has been created and has write access." +msgstr "" + +#. Type: password +#. Description +#: ../snort-mysql.templates:157 ../snort-pgsql.templates:156 +msgid "Please enter the password for the database connection." +msgstr "" + +#. Type: password +#. Description +#: ../snort-mysql.templates:157 ../snort-pgsql.templates:156 +msgid "Please enter a password to connect to the Snort Alert database." +msgstr "" + +#. Type: boolean +#. Description +#: ../snort-pgsql.templates:113 +msgid "Do you want to set up a database for snort-pgsql to log to?" +msgstr "" + +#. Type: boolean +#. Description +#: ../snort-pgsql.templates:113 +msgid "" +"You only need to do this the first time you install snort-pgsql. Before you " +"go on, make sure you have (1) the hostname of a machine running a pgsql " +"server set up to allow tcp connections from this host, (2) a database on " +"that server, (3) a username and password to access the database. If you " +"don't have _all_ of these, either select 'no' and run with regular file " +"logging support, or fix this first. You can always configure database " +"logging later, by reconfiguring the snort-pgsql package with 'dpkg-" +"reconfigure -plow snort-pgsql'" +msgstr "" + +#. Type: note +#. Description +#: ../snort-pgsql.templates:125 +msgid "" +"Snort needs a configured database before it can successfully start up. In " +"order to create the structure you need to run the following commands AFTER " +"the package is installed:\n" +" cd /usr/share/doc/snort-pgsql/\n" +" zcat create_postgresql.gz | psql -U -h -W \n" +"Fill in the correct values for the user, host, and database names. " +"PostgreSQL will prompt you for the password." +msgstr "" + +#. Type: string +#. Description +#: ../snort-pgsql.templates:139 +msgid "Please enter the hostname of the pgsql database server to use." +msgstr "" + +#. Type: note +#. Description +#: ../snort-common.templates:3 +msgid "Your configuration file is deprecated" +msgstr "" + +#. Type: note +#. Description +#: ../snort-common.templates:3 +msgid "" +"Your Snort configuration file (/etc/snort/snort.conf) uses deprecated " +"options no longer available for this Snort release. Snort will not be able " +"to start unless you provide a correct configuration file. You can substitute " +"your configuration file with the one provided in this package or fix it " +"manually by removing deprecated options." +msgstr "" + +#. Type: note +#. Description +#: ../snort-common.templates:3 +msgid "" +"The following deprecated options were found in your configuration file: " +"${DEP_CONFIG}" +msgstr "" --- snort-2.3.3.orig/debian/po/fr.po +++ snort-2.3.3/debian/po/fr.po @@ -0,0 +1,633 @@ +# translation of fr.po to French +# +# Translators, if you are not familiar with the PO format, gettext +# documentation is worth reading, especially sections dedicated to +# this format, e.g. by running: +# info -n '(gettext)PO Files' +# info -n '(gettext)Header Entry' +# +# Some information specific to po-debconf are available at +# /usr/share/doc/po-debconf/README-trans +# or http://www.debian.org/intl/l10n/po-debconf/README-trans +# +# Developers do not need to manually edit POT or PO files. +# +# Christian Perrier , 2004, 2006. +msgid "" +msgstr "" +"Project-Id-Version: fr\n" +"Report-Msgid-Bugs-To: jfs@computer.org\n" +"POT-Creation-Date: 2006-03-22 09:15+0100\n" +"PO-Revision-Date: 2006-03-24 19:35+0100\n" +"Last-Translator: Christian Perrier \n" +"Language-Team: French \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=ISO-8859-15\n" +"Content-Transfer-Encoding: 8bit\n" +"X-Generator: KBabel 1.11.2\n" + +#. Type: select +#. Choices +#: ../snort.templates:3 ../snort-mysql.templates:3 ../snort-pgsql.templates:3 +msgid "boot, dialup, manual" +msgstr "Au démarrage, À la connexion, Manuellement " + +#. Type: select +#. Description +#: ../snort.templates:5 ../snort-mysql.templates:5 ../snort-pgsql.templates:5 +msgid "When should Snort be started?" +msgstr "Méthode de lancement de Snort :" + +#. Type: select +#. Description +#: ../snort.templates:5 ../snort-mysql.templates:5 ../snort-pgsql.templates:5 +msgid "" +"Snort can be started during boot, when connecting to the net with pppd or " +"only when you manually start it via /usr/sbin/snort." +msgstr "" +"Snort peut être lancé au démarrage du système, lors de la connexion au " +"réseau avec pppd ou à la demande via la commande « /usr/sbin/snort »." + +#. Type: string +#. Description +#: ../snort.templates:12 ../snort-mysql.templates:12 +#: ../snort-pgsql.templates:12 +msgid "On which interface(s) should Snort listen?" +msgstr "Interface(s) où Snort sera à l'écoute :" + +#. Type: string +#. Description +#: ../snort.templates:12 ../snort-mysql.templates:12 +#: ../snort-pgsql.templates:12 +msgid "" +"Please enter the name(s) of the interface(s) which Snort should listen on. " +"The names of the available interfaces are provided by either running 'ip " +"link show' of 'ifconfig'. This value usually is 'eth0', but you might want " +"to vary this depending on your environment, if you are using a dialup " +"connection 'ppp0' might be more appropiate." +msgstr "" +"Veuillez indiquer sur quelle(s) interface(s) Snort doit être à l'écoute. Le " +"nom des interfaces actuellement disponibles peut être obtenu avec la " +"commande « ip link show » ou « ifconfig ». La valeur la plus usuelle est " +"« eth0 » mais elle peut varier selon votre environnement : ainsi, si vous " +"utilisez une connexion ponctuelle (« dialup »), « ppp0 » est probablement " +"plus adapté." + +#. Type: string +#. Description +#: ../snort.templates:12 ../snort-mysql.templates:12 +#: ../snort-pgsql.templates:12 +msgid "" +"Notice that Snort is usually configured to inspect all traffic coming from " +"the Internet, so the interface you add here is usually the same the 'default " +"route' is on. You can determine which interface is used for this running " +"either '/sbin/ip ro sh' or '/sbin/route -n' (look for 'default' or " +"'0.0.0.0')." +msgstr "" +"Veuillez noter que Snort est en général configuré pour analyser tout le " +"trafic issu de l'Internet. En conséquence, l'interface à ajouter ici est " +"celle qu'utilise votre route par défaut. Vous pouvez obtenir cette " +"information avec les commandes « /sbin/ip ro sh » ou « /sbin/route -" +"n » (rechercher « default » ou « 0.0.0.0 »)." + +#. Type: string +#. Description +#: ../snort.templates:12 ../snort-mysql.templates:12 +#: ../snort-pgsql.templates:12 +msgid "" +"It is also not uncommon to run Snort on an interface with no IP and " +"configured in promiscuous mode, if this is your case, select the interface " +"in this system that is physically connected to the network you want to " +"inspect, enable promiscuous mode later on and make sure that the network " +"traffic is sent to this interface (either connected to a 'port mirroring/" +"spanning' port in a switch, to a hub or to a tap)" +msgstr "" +"Il est également fréquent d'utiliser Snort sur une interface sans adresse " +"IP, configuré en mode « promiscuous ». Dans ce cas, choisissez l'interface " +"connectée au réseau que vous voulez analyser et activez ce mode plus tard. " +"Assurez-vous que le trafic réseau est bien envoyé à cette interface (soit " +"connectée à un port de miroir ou de répartition, « mirroring/spanning port » " +"sur un commutateur réseau, soit connectée à un répartiteur ou à un « tap »)." + +#. Type: string +#. Description +#: ../snort.templates:12 ../snort-mysql.templates:12 +#: ../snort-pgsql.templates:12 +msgid "" +"You can configure multiple interfaces here, just by adding more than one " +"interface name separated by spaces. Each interface can have its specific " +"configuration." +msgstr "" +"Il est possible de configurer plusieurs interfaces en les mentionnant " +"toutes, séparées par des espaces. Chacune d'elles pourra avoir une " +"configuration différente." + +#. Type: string +#. Description +#: ../snort.templates:40 ../snort-mysql.templates:40 +#: ../snort-pgsql.templates:40 +msgid "Please enter the address range that Snort will listen on." +msgstr "Plage d'adresses surveillées par Snort :" + +#. Type: string +#. Description +#: ../snort.templates:40 ../snort-mysql.templates:40 +#: ../snort-pgsql.templates:40 +msgid "" +"You have to use CIDR form, i.e. 192.168.1.0/24 for a block of 256 IPs or " +"192.168.1.42/32 for just one. Specify multiple addresses on a single line " +"separated by ',' (comma characters), no spaces allowed!" +msgstr "" +"Vous devez utiliser le format CIDR, c'est-à-dire 192.168.1.0/24 pour un bloc " +"de 256 adresses IP ou 192.168.1.42/32 pour une seule adresse. Il est " +"possible d'indiquer plusieurs adresses sur une seule ligne en les séparant " +"par des virgules. Attention, les espaces ne sont pas autorisés !" + +#. Type: string +#. Description +#: ../snort.templates:40 ../snort-mysql.templates:40 +#: ../snort-pgsql.templates:40 +msgid "" +"If you want you can specify 'any', to not trust any side of the network." +msgstr "" +"Vous pouvez, si vous le souhaitez, indiquer « any » (n'importe lesquelles) " +"pour n'accorder votre confiance à aucune partie du réseau." + +#. Type: string +#. Description +#: ../snort.templates:40 ../snort-mysql.templates:40 +#: ../snort-pgsql.templates:40 +msgid "" +"Notice that if you are using multiple interfaces this definition will be " +"used as the HOME_NET definition of all of them." +msgstr "" +"Veuillez noter que si vous utilisez plusieurs interfaces, la valeur définie " +"ici sera la valeur HOME_NET pour chacune d'elles." + +#. Type: boolean +#. Description +#: ../snort.templates:53 ../snort-mysql.templates:53 +#: ../snort-pgsql.templates:53 +msgid "Should Snort disable promiscuous mode on the interface?" +msgstr "Faut-il désactiver le mode « promiscuous » sur l'interface ?" + +#. Type: boolean +#. Description +#: ../snort.templates:53 ../snort-mysql.templates:53 +#: ../snort-pgsql.templates:53 +msgid "" +"Disabling promiscuous mode means that Snort will only see packets addressed " +"to it's own interface. Enabling it allows Snort to check every packet that " +"passes ethernet segment even if it's a connection between two other " +"computers." +msgstr "" +"Si le mode « promiscuous » est désactivé, Snort ne verra que les paquets " +"adressés à sa propre interface. S'il est activé, il vérifiera chaque paquet " +"transitant sur l'Ethernet même s'il s'agit d'échanges entres deux autres " +"ordinateurs." + +#. Type: boolean +#. Description +#: ../snort.templates:53 ../snort-mysql.templates:53 +#: ../snort-pgsql.templates:53 +msgid "" +"Disable promiscuous mode if you are configuring Snort on an interface " +"without a configured IP address." +msgstr "" +"Désactivez cette option si vous configurez Snort sur une interface sans " +"adresse IP." + +#. Type: note +#. Description +#: ../snort.templates:64 +msgid "Invalid interface" +msgstr "Interface non valable" + +#. Type: note +#. Description +#: ../snort.templates:64 +msgid "" +"One of the interfaces you specified is not valid (it might not exist on the " +"system or be down). Please introduce a valid interface when answering the " +"question of which interface(s) should Snort listen on." +msgstr "" +"Une des interfaces que vous avez indiquées n'est pas valable (soit elle " +"n'existe pas sur le système soit elle n'est pas actuellement active). " +"Veuillez indiquer uniquement des interfaces valables." + +#. Type: note +#. Description +#: ../snort.templates:64 +msgid "" +"If you did not configure an interface then the package is trying to use the " +"default ('eth0') which does not seem to be valid in your system." +msgstr "" +"Si vous ne configurez pas d'interface, le paquet tentera d'utiliser " +"l'interface par défaut (« eth0 ») qui ne semble pas valable sur votre " +"système." + +#. Type: boolean +#. Description +#: ../snort.templates:75 ../snort-mysql.templates:65 +#: ../snort-pgsql.templates:65 +msgid "Should Snort's rules testing order be changed to Pass|Alert|Log?" +msgstr "" +"Faut-il modifier l'ordre de vérification de Snort en « Pass|Alert|Log » ?" + +#. Type: boolean +#. Description +#: ../snort.templates:75 ../snort-mysql.templates:65 +#: ../snort-pgsql.templates:65 +msgid "" +"If you change Snort's rules testing order to Pass|Alert|Log, they will be " +"applied in Pass->Alert->Log order, instead of standard Alert->Pass->Log. " +"This will prevent people from having to make huge Berky Packet Filter " +"command line arguments to filter their alert rules." +msgstr "" +"Si vous changez l'ordre de vérification de Snort en « Pass|Alert|" +"Log » (faire passer, alerter puis journaliser), les règles seront appliquées " +"dans cet ordre plutôt que l'ordre habituel Alert->Pass->Log (alerter, faire " +"passer puis journaliser). Cela permet d'éviter à certains l'utilisation " +"d'arguments complexes de ligne de commande Berky Packet Filter pour filtrer " +"les alarmes reçues." + +#. Type: boolean +#. Description +#: ../snort.templates:84 ../snort-mysql.templates:74 +#: ../snort-pgsql.templates:74 +msgid "Should daily summaries be sent by e-mail?" +msgstr "Faut-il envoyer des rapports quotidiens par courriel ?" + +#. Type: boolean +#. Description +#: ../snort.templates:84 ../snort-mysql.templates:74 +#: ../snort-pgsql.templates:74 +msgid "" +"This Snort installation provides a cron job that runs daily and summarises " +"the information of Snort logs to a selected email address. If you want to " +"disable this feature say 'no' here." +msgstr "" +"Le paquet de Snort permet d'utiliser une tâche quotidienne de cron qui " +"résume les informations contenues dans les journaux de Snort et l'envoie ç " +"une adresse électronique donnée. Ne choisissez pas cette option si vous ne " +"voulez pas recevoir ces rapports." + +#. Type: string +#. Description +#: ../snort.templates:92 ../snort-mysql.templates:82 +#: ../snort-pgsql.templates:82 +msgid "Who should receive the daily statistics mails?" +msgstr "Destinataire des courriers électroniques quotidiens de statistiques :" + +#. Type: string +#. Description +#: ../snort.templates:92 ../snort-mysql.templates:82 +#: ../snort-pgsql.templates:82 +msgid "" +"A cron job running daily will summarise the information of the logs " +"generated by Snort using a script called 'snort-stat'. Introduce here the " +"recipient of these mails. The default value is the system administrator. If " +"you keep this value, make sure that the mail of the administrator is " +"redirected to a user that actually reads those mails." +msgstr "" +"Une tâche quotidienne de cron générera un résumé de l'information des " +"journaux de Snort avec un script appelé « snort-stat ». Veuillez indiquer le " +"destinataire de ces courriels. Par défaut, ce sera le super-utilisateur. Si " +"vous conservez ce choix, veuillez vous assurer que les courriels qui lui " +"sont destinés sont redirigés vers un utilisateur qui les lira effectivement." + +#. Type: string +#. Description +#: ../snort.templates:102 ../snort-mysql.templates:93 +#: ../snort-pgsql.templates:92 +msgid "" +"If you want to specify custom options to Snort, please specify them here." +msgstr "" +"Si vous souhaitez utiliser des options personnelles avec Snort, veuillez les " +"indiquer ici." + +#. Type: string +#. Description +#: ../snort.templates:107 ../snort-mysql.templates:98 +#: ../snort-pgsql.templates:97 +msgid "" +"An alert needs to appear more times than this number to be included in the " +"daily statistics." +msgstr "" +"Une alerte doit apparaître une nombre de fois supérieur à celui indiqué pour " +"être comptabilisée dans les statistiques quotidiennes." + +#. Type: note +#. Description +#: ../snort.templates:111 ../snort-mysql.templates:162 +#: ../snort-pgsql.templates:161 +msgid "You are running Snort manually." +msgstr "Redémarrage nécessaire pour prise en compte des modifications" + +#. Type: note +#. Description +#: ../snort.templates:111 ../snort-mysql.templates:162 +#: ../snort-pgsql.templates:161 +msgid "" +"Please restart Snort using:\n" +" /etc/init.d/snort start\n" +"to let the settings take effect." +msgstr "" +"Veuillez redémarrer Snort avec :\n" +" /etc/init.d/snort restart\n" +"afin que ce réglage soit pris en compte." + +#. Type: note +#. Description +#: ../snort.templates:118 ../snort-mysql.templates:169 +#: ../snort-pgsql.templates:168 +msgid "There is an error in your configuration" +msgstr "Erreur dans la configuration" + +#. Type: note +#. Description +#: ../snort.templates:118 ../snort-mysql.templates:169 +#: ../snort-pgsql.templates:168 +msgid "" +"Your Snort configuration is not correct and Snort will not be able to start " +"up normally. Please review your configuration and fix it. If you do not do " +"this, Snort package upgrades will probably break. To check which error is " +"being generated run '/usr/sbin/snort -T -c /etc/snort/snort.conf' (or point " +"to an alternate configuration file if you are using different files for " +"different interfaces)" +msgstr "" +"Votre configuration de Snort est incorrecte, ce qui l'empêchera de démarrer " +"normalement. Veuillez la relire et la corriger. Dans le cas contraire, les " +"mises à niveau du paquet de Snort échoueront probablement. Pour découvrir " +"quelle est l'erreur, vous pouvez utiliser la commande « /usr/sbin/snort -T -" +"c /etc/snort/snort.conf » (au besoin en adaptant le chemin vers le fichier " +"de configuration si vous utilisez différents fichiers pour différentes " +"interfaces)." + +#. Type: note +#. Description +#: ../snort.templates:128 ../snort-mysql.templates:179 +#: ../snort-pgsql.templates:178 +msgid "This system uses an obsolete configuration file" +msgstr "Fichier de configuration obsolète" + +#. Type: note +#. Description +#: ../snort.templates:128 ../snort-mysql.templates:179 +#: ../snort-pgsql.templates:178 +msgid "" +"Your system has an obsolete configuration file (/etc/snort/snort.common." +"parameters) which has been automatically converted into the new " +"configuration file format (at /etc/default/snort). Please review the new " +"configuration and remove the obsolete one. Until you do this, the init.d " +"script will not use the new configuration and you will not take advantage of " +"the benefits introduced in newer releases." +msgstr "" +"Votre système utilise un fichier de configuration obsolète (/etc/snort/snort." +"common.parameters) qui a été automatiquement converti vers le nouveau format " +"(dans /etc/default/snort). Veuillez vérifier le nouveau fichier de " +"configuration et supprimer l'ancien. Tant que cela n'aura pas été fait, le " +"script de démarrage n'utilisera pas la nouvelle configuration et vous ne " +"bénéficierez pas des améliorations des versions plus récentes." + +#. Type: note +#. Description +#: ../snort-mysql.templates:102 +msgid "" +"Your system has an obsolete configuration file (/etc/snort/snort.common." +"parameters) which has been automatically converted into the new " +"configuration file format (at /etc/default/snort). Please review the new " +"configuration and remove the obsolete one. Until you do this, the init.d " +"script will not use the new configuration and you will not take advantage of " +"the benefits introduced in newer releases." +msgstr "" +"Votre système utilise un fichier de configuration obsolète (/etc/snort/snort." +"common.parameters) qui a été automatiquement converti vers le nouveau format " +"(dans /etc/default/snort). Veuillez vérifier le nouveau fichier de " +"configuration et supprimer l'ancien. Tant que cela n'aura pas été fait, le " +"script de démarrage n'utilisera pas la nouvelle configuration et vous ne " +"bénéficierez pas des améliorations des versions plus récentes. " + +#. Type: boolean +#. Description +#: ../snort-mysql.templates:114 +msgid "Do you want to set up a database for snort-mysql to log to?" +msgstr "" +"Faut-il configurer une base de données pour la journalisation de snort-" +"mysql ?" + +#. Type: boolean +#. Description +#: ../snort-mysql.templates:114 +msgid "" +"You only need to do this the first time you install snort-mysql. Before you " +"go on, make sure you have (1) the hostname of a machine running a mysql " +"server set up to allow tcp connections from this host, (2) a database on " +"that server, (3) a username and password to access the database. If you " +"don't have _all_ of these, either select 'no' and run with regular file " +"logging support, or fix this first. You can always configure database " +"logging later, by reconfiguring the snort-mysql package with 'dpkg-" +"reconfigure -plow snort-mysql'" +msgstr "" +"Cela ne doit être fait qu'une fois, à l'installation de snort-mysql. Avant " +"de continuer, assurez-vous d'avoir :\n" +" - le nom d'hôte d'un serveur de bases de données MySQL (qui doit accepter " +"les connexions TCP de cette machine) ;\n" +" - une base de données sur ce serveur ;\n" +" - un nom d'utilisateur et un mot de passe pour accéder à cette base de " +"données.\n" +"Si vous n'avez pas l'ensemble de ces informations, vous pouvez refuser ici " +"et continuer avec une journalisation simple dans un fichier ou bien corriger " +"cela au préalable. Il vous sera toujours possible de mettre en place la " +"journalisation dans une base de données ultérieurement en reconfigurant le " +"paquet snort-mysql avec la commande « dpkg-reconfigure snort-mysql »." + +#. Type: note +#. Description +#: ../snort-mysql.templates:126 ../snort-pgsql.templates:125 +msgid "Snort needs a configured database to log to before it starts." +msgstr "Base de données existante indispensable pour les journaux" + +#. Type: note +#. Description +#: ../snort-mysql.templates:126 +msgid "" +"Snort needs a configured database before it can successfully start up. In " +"order to create the structure you need to run the following commands AFTER " +"the package is installed:\n" +" cd /usr/share/doc/snort-mysql/\n" +" zcat create_mysql.gz | mysql -u -h -p \n" +"Fill in the correct values for the user, host, and database names. MySQL " +"will prompt you for the password." +msgstr "" +"Snort a besoin d'une base de données configurée pour pouvoir démarrer. " +"Veuillez créer la structure de base de données APRÈS l'installation du " +"paquet :\n" +" cd /usr/share/doc/snort-mysql/\n" +" zcat create_mysql.gz | mysql -u -h -p \n" +"Vous devez indiquer les valeurs appropriées pour l'utilisateur, l'hôte et le " +"nom de la base de données. MySQL vous demandera ensuite le mot de passe." + +#. Type: note +#. Description +#: ../snort-mysql.templates:126 ../snort-pgsql.templates:125 +msgid "" +"After you created the database structure, you will need to start Snort " +"manually." +msgstr "" +"Après avoir créé la structure de base de données de cette manière, validez " +"pour continuer." + +#. Type: string +#. Description +#: ../snort-mysql.templates:140 +msgid "Please enter the hostname of the mysql database server to use." +msgstr "Nom d'hôte du serveur de bases de données MySQL :" + +#. Type: string +#. Description +#: ../snort-mysql.templates:140 ../snort-pgsql.templates:139 +msgid "" +"Make sure it has been set up correctly to allow incoming connections from " +"this host!" +msgstr "" +"Vérifiez qu'il a été configuré de manière appropriée et qu'il accepte les " +"connexions entrantes depuis cette machine." + +#. Type: string +#. Description +#: ../snort-mysql.templates:146 ../snort-pgsql.templates:145 +msgid "Please enter the name of the database to use." +msgstr "Nom de la base de données :" + +#. Type: string +#. Description +#: ../snort-mysql.templates:146 ../snort-pgsql.templates:145 +msgid "" +"Make sure this database has been created and your database user has write " +"access to this database." +msgstr "" +"Vérifiez que cette base de données a été créée et que l'utilisateur que vous " +"indiquez a le droit d'y écrire." + +#. Type: string +#. Description +#: ../snort-mysql.templates:152 ../snort-pgsql.templates:151 +msgid "Please enter the name of the database user you want to use." +msgstr "Identifiant de connexion pour la base de données :" + +#. Type: string +#. Description +#: ../snort-mysql.templates:152 ../snort-pgsql.templates:151 +msgid "Make sure this user has been created and has write access." +msgstr "" +"Vérifiez que cet utilisateur existe et qu'il possède des droits d'écriture " +"sur la base de données." + +#. Type: password +#. Description +#: ../snort-mysql.templates:157 ../snort-pgsql.templates:156 +msgid "Please enter the password for the database connection." +msgstr "Mot de passe de connexion à la base de données :" + +#. Type: password +#. Description +#: ../snort-mysql.templates:157 ../snort-pgsql.templates:156 +msgid "Please enter a password to connect to the Snort Alert database." +msgstr "" +"Veuillez indiquer un mot de passe pour la connexion à la base de données " +"pour les alertes de Snort." + +#. Type: boolean +#. Description +#: ../snort-pgsql.templates:113 +msgid "Do you want to set up a database for snort-pgsql to log to?" +msgstr "" +"Faut-il configurer une base de données pour la journalisation de snort-" +"pgsql ?" + +#. Type: boolean +#. Description +#: ../snort-pgsql.templates:113 +msgid "" +"You only need to do this the first time you install snort-pgsql. Before you " +"go on, make sure you have (1) the hostname of a machine running a pgsql " +"server set up to allow tcp connections from this host, (2) a database on " +"that server, (3) a username and password to access the database. If you " +"don't have _all_ of these, either select 'no' and run with regular file " +"logging support, or fix this first. You can always configure database " +"logging later, by reconfiguring the snort-pgsql package with 'dpkg-" +"reconfigure -plow snort-pgsql'" +msgstr "" +"Cela ne doit être fait qu'une fois, à l'installation de snort-pgsql. Avant " +"de continuer, assurez-vous d'avoir :\n" +" - le nom d'hôte d'un serveur de bases de données PostgreSQL (qui doit " +"accepter les connexions TCP de cette machine) ;\n" +" - une base de données sur ce serveur ;\n" +" - un nom d'utilisateur et un mot de passe pour accéder à cette base de " +"données.\n" +"Si vous n'avez pas l'ensemble de ces informations, vous pouvez refuser ici " +"et continuer avec une journalisation simple dans un fichier ou bien corriger " +"cela au préalable. Il vous sera toujours possible de mettre en place la " +"journalisation dans une base de données ultérieurement en reconfigurant le " +"paquet snort-pgsql avec la commande « dpkg-reconfigure snort-pgsql »." + +#. Type: note +#. Description +#: ../snort-pgsql.templates:125 +msgid "" +"Snort needs a configured database before it can successfully start up. In " +"order to create the structure you need to run the following commands AFTER " +"the package is installed:\n" +" cd /usr/share/doc/snort-pgsql/\n" +" zcat create_postgresql.gz | psql -U -h -W \n" +"Fill in the correct values for the user, host, and database names. " +"PostgreSQL will prompt you for the password." +msgstr "" +"Snort a besoin d'une base de données configurée pour pouvoir démarrer. " +"Veuillez créer la structure de base de données APRÈS l'installation du " +"paquet :\n" +" cd /usr/share/doc/snort-pgsql/\n" +" zcat create_pgsql.gz | psql -U -h -W \n" +"Vous devez indiquer les valeurs appropriées pour l'utilisateur, l'hôte et le " +"nom de la base de données. PostgreSQL vous demandera ensuite le mot de passe." + +#. Type: string +#. Description +#: ../snort-pgsql.templates:139 +msgid "Please enter the hostname of the pgsql database server to use." +msgstr "Nom d'hôte du serveur de bases de données PostgreSQL :" + +#. Type: note +#. Description +#: ../snort-common.templates:3 +msgid "Your configuration file is deprecated" +msgstr "Fichier de configuration obsolète" + +#. Type: note +#. Description +#: ../snort-common.templates:3 +msgid "" +"Your Snort configuration file (/etc/snort/snort.conf) uses deprecated " +"options no longer available for this Snort release. Snort will not be able " +"to start unless you provide a correct configuration file. You can substitute " +"your configuration file with the one provided in this package or fix it " +"manually by removing deprecated options." +msgstr "" +"Votre fichier de configuration pour Snort (/etc/snort/snort.conf) utilise " +"des options qui ne sont plus disponibles dans cette version du logiciel. " +"Snort ne pourra pas démarrer tant que le fichier de configuration ne sera " +"pas corrigé. Vous pouvez remplacer ce fichier par celui fourni avec ce " +"paquet ou le corriger vous-même pour supprimer les options obsolètes." + +#. Type: note +#. Description +#: ../snort-common.templates:3 +msgid "" +"The following deprecated options were found in your configuration file: " +"${DEP_CONFIG}" +msgstr "" +"Liste des options obsolètes dans votre fichier de configuration : " +"${DEP_CONFIG}." --- snort-2.3.3.orig/debian/po/de.po +++ snort-2.3.3/debian/po/de.po @@ -0,0 +1,615 @@ +# translation of snort_2.3.3-3_de.po to German +# +# Translators, if you are not familiar with the PO format, gettext +# documentation is worth reading, especially sections dedicated to +# this format, e.g. by running: +# info -n '(gettext)PO Files' +# info -n '(gettext)Header Entry' +# Some information specific to po-debconf are available at +# /usr/share/doc/po-debconf/README-trans +# or http://www.debian.org/intl/l10n/po-debconf/README-trans# +# Developers do not need to manually edit POT or PO files. +# Erik Schanze , 2004, 2005. +# Erik Schanze , 2006. +# +msgid "" +msgstr "" +"Project-Id-Version: snort_2.3.3-3_de\n" +"Report-Msgid-Bugs-To: jfs@computer.org\n" +"POT-Creation-Date: 2006-03-22 09:15+0100\n" +"PO-Revision-Date: 2006-01-03 23:07+0100\n" +"Last-Translator: Erik Schanze \n" +"Language-Team: German \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" +"X-Generator: KBabel 1.10.2\n" +"Plural-Forms: nplurals=2; plural=(n != 1);\n" + +#. Type: select +#. Choices +#: ../snort.templates:3 ../snort-mysql.templates:3 ../snort-pgsql.templates:3 +msgid "boot, dialup, manual" +msgstr "Systemstart, Einwahl, manuell" + +#. Type: select +#. Description +#: ../snort.templates:5 ../snort-mysql.templates:5 ../snort-pgsql.templates:5 +msgid "When should Snort be started?" +msgstr "Wann soll Snort gestartet werden?" + +#. Type: select +#. Description +#: ../snort.templates:5 ../snort-mysql.templates:5 ../snort-pgsql.templates:5 +msgid "" +"Snort can be started during boot, when connecting to the net with pppd or " +"only when you manually start it via /usr/sbin/snort." +msgstr "" +"Snort kann beim Systemstart, bei der Einwahl ins Internet mit pppd oder nur " +"manuell mittels /usr/sbin/snort gestartet werden." + +#. Type: string +#. Description +#: ../snort.templates:12 ../snort-mysql.templates:12 +#: ../snort-pgsql.templates:12 +msgid "On which interface(s) should Snort listen?" +msgstr "" +"An welcher Schnittstelle bzw. welchen Schnittstellen soll Snort lauschen?" + +#. Type: string +#. Description +#: ../snort.templates:12 ../snort-mysql.templates:12 +#: ../snort-pgsql.templates:12 +msgid "" +"Please enter the name(s) of the interface(s) which Snort should listen on. " +"The names of the available interfaces are provided by either running 'ip " +"link show' of 'ifconfig'. This value usually is 'eth0', but you might want " +"to vary this depending on your environment, if you are using a dialup " +"connection 'ppp0' might be more appropiate." +msgstr "" +"Bitte geben Sie den/die Namen der Schnittstelle(n) ein, wo Snort lauschen " +"soll. Die Namen der verfügbaren Schnittstellen werden durch den Befehl 'ip " +"link show' oder 'ifconfig' angezeigt. Normalerweise ist das 'eth0', aber Sie " +"können das an Ihre Anforderungen anpassen. Wenn Sie eine Einwahlverbindung " +"benutzen, sollten Sie 'ppp0' verwenden." + +#. Type: string +#. Description +#: ../snort.templates:12 ../snort-mysql.templates:12 +#: ../snort-pgsql.templates:12 +msgid "" +"Notice that Snort is usually configured to inspect all traffic coming from " +"the Internet, so the interface you add here is usually the same the 'default " +"route' is on. You can determine which interface is used for this running " +"either '/sbin/ip ro sh' or '/sbin/route -n' (look for 'default' or " +"'0.0.0.0')." +msgstr "" +"Beachten Sie, dass Snort normalerweise so eingestellt ist, dass er den " +"gesamten ankommenden Verkehr aus dem Internet untersucht, deshalb sollte die " +"'Standard-Route' auf die Schnittstelle zeigen, die Sie hier angeben. Sie " +"können diese Schnittstelle mit dem Kommando '/sbin/ip ro sh' oder '/sbin/" +"route -n' (suchen Sie nach 'default' oder '0.0.0.0') herausfinden." + +#. Type: string +#. Description +#: ../snort.templates:12 ../snort-mysql.templates:12 +#: ../snort-pgsql.templates:12 +msgid "" +"It is also not uncommon to run Snort on an interface with no IP and " +"configured in promiscuous mode, if this is your case, select the interface " +"in this system that is physically connected to the network you want to " +"inspect, enable promiscuous mode later on and make sure that the network " +"traffic is sent to this interface (either connected to a 'port mirroring/" +"spanning' port in a switch, to a hub or to a tap)" +msgstr "" +"Es ist auch üblich, Snort an einer Schnittstelle ohne IP-Adresse im Modus " +"'promiscuous' zu betreiben. Wenn Sie das wollen, wählen Sie die " +"Schnittstelle aus, die physisch mit dem Netzwerk verbunden ist, das Sie " +"überwachen wollen, und schalten den Modus 'promiscuous' später ein. Stellen " +"Sie sicher, dass der Netzwerkverkehr die Schnittstelle erreicht. (entweder " +"an einen Anschluss 'port mirroring/spanning' eines Switches oder einen Hub " +"oder Tap." + +#. Type: string +#. Description +#: ../snort.templates:12 ../snort-mysql.templates:12 +#: ../snort-pgsql.templates:12 +msgid "" +"You can configure multiple interfaces here, just by adding more than one " +"interface name separated by spaces. Each interface can have its specific " +"configuration." +msgstr "" +"Sie mehrere Schnittstellen-Namen durch Leerzeichen getrennt eingeben. Jede " +"Schnittstelle kann ihre eigenen Einstellungen haben." + +#. Type: string +#. Description +#: ../snort.templates:40 ../snort-mysql.templates:40 +#: ../snort-pgsql.templates:40 +msgid "Please enter the address range that Snort will listen on." +msgstr "Bitte geben Sie den Adressbereich ein, an dem Snort lauschen soll." + +#. Type: string +#. Description +#: ../snort.templates:40 ../snort-mysql.templates:40 +#: ../snort-pgsql.templates:40 +msgid "" +"You have to use CIDR form, i.e. 192.168.1.0/24 for a block of 256 IPs or " +"192.168.1.42/32 for just one. Specify multiple addresses on a single line " +"separated by ',' (comma characters), no spaces allowed!" +msgstr "" +"Sie müssen das CIDR-Format benutzen, z. B. 192.168.1.0/24 für einen Block " +"von 256 IP-Adressen oder 192.168.1.42/32 für nur eine. Trennen Sie mehrere " +"IP-Adressen in einer Zeile durch ',' (Komma), Leerzeichen sind nicht erlaubt!" + +#. Type: string +#. Description +#: ../snort.templates:40 ../snort-mysql.templates:40 +#: ../snort-pgsql.templates:40 +msgid "" +"If you want you can specify 'any', to not trust any side of the network." +msgstr "" +"Sie können 'any' eingeben, um keiner Seite des Netzwerkes zu vertrauen." + +#. Type: string +#. Description +#: ../snort.templates:40 ../snort-mysql.templates:40 +#: ../snort-pgsql.templates:40 +msgid "" +"Notice that if you are using multiple interfaces this definition will be " +"used as the HOME_NET definition of all of them." +msgstr "" +"Beachten Sie, wenn Sie mehrere Schnittstellen benutzen, wird diese " +"Festlegung als HOME_NET-Definition für alle verwendet." + +#. Type: boolean +#. Description +#: ../snort.templates:53 ../snort-mysql.templates:53 +#: ../snort-pgsql.templates:53 +msgid "Should Snort disable promiscuous mode on the interface?" +msgstr "Soll Snort den Modus 'promiscuous' an der Schnittstelle ausschalten?" + +#. Type: boolean +#. Description +#: ../snort.templates:53 ../snort-mysql.templates:53 +#: ../snort-pgsql.templates:53 +msgid "" +"Disabling promiscuous mode means that Snort will only see packets addressed " +"to it's own interface. Enabling it allows Snort to check every packet that " +"passes ethernet segment even if it's a connection between two other " +"computers." +msgstr "" +"Das Ausschalten des Modus' 'promiscuous' bedeutet, dass Snort nur die Pakete " +"sehen wird, die an seine eigene Schnittstelle adressiert sind. Das " +"Einschalten ermöglicht es Snort, alle Pakete, die ein Netzwerk-Segmentes " +"durchlaufen, zu überprüfen, auch wenn es eine Verbindung zwischen zwei " +"anderen Rechnern ist." + +#. Type: boolean +#. Description +#: ../snort.templates:53 ../snort-mysql.templates:53 +#: ../snort-pgsql.templates:53 +msgid "" +"Disable promiscuous mode if you are configuring Snort on an interface " +"without a configured IP address." +msgstr "" +"Schalten Sie den Modus 'promiscuous' aus, wenn Sie Snort für eine " +"Schnittstelle einrichten, an der keine IP-Adresse eingestellt ist." + +#. Type: note +#. Description +#: ../snort.templates:64 +msgid "Invalid interface" +msgstr "" + +#. Type: note +#. Description +#: ../snort.templates:64 +msgid "" +"One of the interfaces you specified is not valid (it might not exist on the " +"system or be down). Please introduce a valid interface when answering the " +"question of which interface(s) should Snort listen on." +msgstr "" + +#. Type: note +#. Description +#: ../snort.templates:64 +msgid "" +"If you did not configure an interface then the package is trying to use the " +"default ('eth0') which does not seem to be valid in your system." +msgstr "" + +#. Type: boolean +#. Description +#: ../snort.templates:75 ../snort-mysql.templates:65 +#: ../snort-pgsql.templates:65 +msgid "Should Snort's rules testing order be changed to Pass|Alert|Log?" +msgstr "" +"Soll Snorts Reihenfolge der Test-Regeln auf Pass|Alert|Log geändert werden?" + +#. Type: boolean +#. Description +#: ../snort.templates:75 ../snort-mysql.templates:65 +#: ../snort-pgsql.templates:65 +msgid "" +"If you change Snort's rules testing order to Pass|Alert|Log, they will be " +"applied in Pass->Alert->Log order, instead of standard Alert->Pass->Log. " +"This will prevent people from having to make huge Berky Packet Filter " +"command line arguments to filter their alert rules." +msgstr "" +"Wenn Sie Snorts Reihenfolge der Test-Regeln auf Pass|Alert|Log ändern, " +"werden sie in der Reihenfolge Pass->Alert->Log angewendet, anstelle des " +"Standards Alert->Pass->Log. Das bewahrt die Leute davor, eine große Menge an " +"Kommandozeilen-Argumenten des Berky Paket Filters angeben zu müssen, um ihre " +"Alarm-Regeln zu filtern." + +#. Type: boolean +#. Description +#: ../snort.templates:84 ../snort-mysql.templates:74 +#: ../snort-pgsql.templates:74 +msgid "Should daily summaries be sent by e-mail?" +msgstr "" + +#. Type: boolean +#. Description +#: ../snort.templates:84 ../snort-mysql.templates:74 +#: ../snort-pgsql.templates:74 +msgid "" +"This Snort installation provides a cron job that runs daily and summarises " +"the information of Snort logs to a selected email address. If you want to " +"disable this feature say 'no' here." +msgstr "" + +#. Type: string +#. Description +#: ../snort.templates:92 ../snort-mysql.templates:82 +#: ../snort-pgsql.templates:82 +msgid "Who should receive the daily statistics mails?" +msgstr "Wer soll die tägliche Statistik per E-Mail erhalten?" + +#. Type: string +#. Description +#: ../snort.templates:92 ../snort-mysql.templates:82 +#: ../snort-pgsql.templates:82 +msgid "" +"A cron job running daily will summarise the information of the logs " +"generated by Snort using a script called 'snort-stat'. Introduce here the " +"recipient of these mails. The default value is the system administrator. If " +"you keep this value, make sure that the mail of the administrator is " +"redirected to a user that actually reads those mails." +msgstr "" +"Ein Cronjob, der täglich läuft, fasst die Informationen aus den " +"Protokolldateien, die Snort erzeugt, durch das Skript 'snort-stat' zusammen. " +"Geben Sie hier den Empfänger dieser E-Mails ein. Standardmäßig ist das der " +"Systemadministrator. Wenn Sie das so lassen, sorgen Sie dafür, dass die E-" +"Mails an den Administrator an einen Benutzer weitergeleitet werden, der " +"momentan solche E-Mails liest." + +#. Type: string +#. Description +#: ../snort.templates:102 ../snort-mysql.templates:93 +#: ../snort-pgsql.templates:92 +msgid "" +"If you want to specify custom options to Snort, please specify them here." +msgstr "" +"Wenn Sie Snort besondere Optionen mitgeben wollen, geben Sie die jetzt ein." + +#. Type: string +#. Description +#: ../snort.templates:107 ../snort-mysql.templates:98 +#: ../snort-pgsql.templates:97 +msgid "" +"An alert needs to appear more times than this number to be included in the " +"daily statistics." +msgstr "" +"Ein Alarm muss öfter als dieser Wert auftreten, um in die tägliche Statistik " +"aufgenommen zu werden." + +#. Type: note +#. Description +#: ../snort.templates:111 ../snort-mysql.templates:162 +#: ../snort-pgsql.templates:161 +msgid "You are running Snort manually." +msgstr "Sie lassen Snort manuell laufen." + +#. Type: note +#. Description +#: ../snort.templates:111 ../snort-mysql.templates:162 +#: ../snort-pgsql.templates:161 +msgid "" +"Please restart Snort using:\n" +" /etc/init.d/snort start\n" +"to let the settings take effect." +msgstr "" +"Bitte starten Sie Snort neu mittels:\n" +" /etc/init.d/snort start\n" +"damit die Einstellungen wirken können." + +#. Type: note +#. Description +#: ../snort.templates:118 ../snort-mysql.templates:169 +#: ../snort-pgsql.templates:168 +msgid "There is an error in your configuration" +msgstr "Fehler in Ihren Einstellungen" + +#. Type: note +#. Description +#: ../snort.templates:118 ../snort-mysql.templates:169 +#: ../snort-pgsql.templates:168 +msgid "" +"Your Snort configuration is not correct and Snort will not be able to start " +"up normally. Please review your configuration and fix it. If you do not do " +"this, Snort package upgrades will probably break. To check which error is " +"being generated run '/usr/sbin/snort -T -c /etc/snort/snort.conf' (or point " +"to an alternate configuration file if you are using different files for " +"different interfaces)" +msgstr "" +"Ihre Einstellungen von Snort sind nicht korrekt und Snort wird nicht normal " +"starten können. Bitte berichtigen Sie das. Wenn Sie das nicht beheben, " +"werden Paketaktualisierungen von Snort abbrechen. Um den Fehler zu " +"überprüfen, starten Sie '/usr/sbin/snort -T -c /etc/snort/snort.conf' (oder " +"geben eine andere Konfigurationsdatei an, wenn Sie verschiedene Dateien für " +"verschiedene Schnittstellen benutzen." + +#. Type: note +#. Description +#: ../snort.templates:128 ../snort-mysql.templates:179 +#: ../snort-pgsql.templates:178 +msgid "This system uses an obsolete configuration file" +msgstr "Das System benutzt eine veraltete Konfigurationsdatei " + +#. Type: note +#. Description +#: ../snort.templates:128 ../snort-mysql.templates:179 +#: ../snort-pgsql.templates:178 +msgid "" +"Your system has an obsolete configuration file (/etc/snort/snort.common." +"parameters) which has been automatically converted into the new " +"configuration file format (at /etc/default/snort). Please review the new " +"configuration and remove the obsolete one. Until you do this, the init.d " +"script will not use the new configuration and you will not take advantage of " +"the benefits introduced in newer releases." +msgstr "" +"Ihr System hat eine veraltete Konfigurationsdatei (/etc/snort/snort.common." +"parameters), die automatisch in das neue Format (nach /etc/default/snort) " +"umgewandelt wurde. Bitte üperprüfen Sie die neue Konfigurationsdatei und " +"löschen Sie die veraltete. Bis dahin wird das Startskript (in /etc/init.d) " +"die neue Konfiguration nicht verwenden und Sie können die Vorteile der neuen " +"Version nicht nutzen." + +#. Type: note +#. Description +#: ../snort-mysql.templates:102 +msgid "" +"Your system has an obsolete configuration file (/etc/snort/snort.common." +"parameters) which has been automatically converted into the new " +"configuration file format (at /etc/default/snort). Please review the new " +"configuration and remove the obsolete one. Until you do this, the init.d " +"script will not use the new configuration and you will not take advantage of " +"the benefits introduced in newer releases." +msgstr "" +"Ihr System hat eine veraltete Konfigurationsdatei (/etc/snort/snort.common." +"parameters), die automatisch in das neue Format (nach /etc/default/snort) " +"umgewandelt wurde. Bitte üperprüfen Sie die neue Konfigurationsdatei und " +"löschen Sie die veraltete. Bis dahin wird das Startskript (in /etc/init.d) " +"die neue Konfiguration nicht verwenden und Sie können die Vorteile der neuen " +"Version nicht nutzen." + +#. Type: boolean +#. Description +#: ../snort-mysql.templates:114 +msgid "Do you want to set up a database for snort-mysql to log to?" +msgstr "" +"Wollen Sie für snort-mysql eine Datenbank einrichten, in die es " +"protokolliert?" + +#. Type: boolean +#. Description +#: ../snort-mysql.templates:114 +msgid "" +"You only need to do this the first time you install snort-mysql. Before you " +"go on, make sure you have (1) the hostname of a machine running a mysql " +"server set up to allow tcp connections from this host, (2) a database on " +"that server, (3) a username and password to access the database. If you " +"don't have _all_ of these, either select 'no' and run with regular file " +"logging support, or fix this first. You can always configure database " +"logging later, by reconfiguring the snort-mysql package with 'dpkg-" +"reconfigure -plow snort-mysql'" +msgstr "" +"Das muss nur bei der ersten Installation von snort-mysql gemacht werden. " +"Bevor Sie weiter machen, stellen Sie sicher, dass Sie (1) den Namen des " +"Rechners kennen, auf dem ein MySQL-Server läuft und der TCP-Verbindungen von " +"Ihrem Rechner annimmt, dass (2) es eine Datenbank auf diesem Server gibt und " +"dass (3) Sie einen Datenbank-Benutzernamen mit Passwort kennen. Wenn Sie " +"nicht _alle_ dieser Angaben haben, besorgen Sie sich diese zuerst oder " +"wählen 'nein' aus und arbeiten mit Protokollierung in eine normale Datei. " +"Sie das Protokollieren in eine Datenbank später einschalten, indem Sie das " +"Paket snort-mysql mit dem Kommando 'dpkg-reconfigure -plow snort-mysql' neu " +"einrichten." + +#. Type: note +#. Description +#: ../snort-mysql.templates:126 ../snort-pgsql.templates:125 +msgid "Snort needs a configured database to log to before it starts." +msgstr "" +"Snort benötigt erst eine eingerichtete Datenbank in die es protokolliert." + +#. Type: note +#. Description +#: ../snort-mysql.templates:126 +msgid "" +"Snort needs a configured database before it can successfully start up. In " +"order to create the structure you need to run the following commands AFTER " +"the package is installed:\n" +" cd /usr/share/doc/snort-mysql/\n" +" zcat create_mysql.gz | mysql -u -h -p \n" +"Fill in the correct values for the user, host, and database names. MySQL " +"will prompt you for the password." +msgstr "" +"Snort benötigt eine eingerichtete Datenbank, bevor Sie es nutzen können. Um " +"diese aufzubauen, müssen Sie folgende Kommandos NACH der Installation " +"ausführen:\n" +" cd /usr/share/doc/snort-mysql/\n" +" zcat create_mysql.gz | mysql -u -h -p \n" +"Geben Sie die korrekten Werte für Benutzer, Rechner und Datenbankname ein. " +"MySQL wird Sie nach dem Passwort fragen." + +#. Type: note +#. Description +#: ../snort-mysql.templates:126 ../snort-pgsql.templates:125 +msgid "" +"After you created the database structure, you will need to start Snort " +"manually." +msgstr "" +"Wenn Sie die Datenbankstruktur angelegt haben, müssen Sie Snort noch starten." + +#. Type: string +#. Description +#: ../snort-mysql.templates:140 +msgid "Please enter the hostname of the mysql database server to use." +msgstr "" +"Bitte den Rechnernamen des verwendeten MySQL-Datenbank-Servers eingeben." + +#. Type: string +#. Description +#: ../snort-mysql.templates:140 ../snort-pgsql.templates:139 +msgid "" +"Make sure it has been set up correctly to allow incoming connections from " +"this host!" +msgstr "" +"Stellen Sie sicher, dass das er so eingerichtet ist, dass er Verbindungen " +"von diesem Rechner annimmt." + +#. Type: string +#. Description +#: ../snort-mysql.templates:146 ../snort-pgsql.templates:145 +msgid "Please enter the name of the database to use." +msgstr "Bitte den Namen der verwendeten Datenbank eingeben." + +#. Type: string +#. Description +#: ../snort-mysql.templates:146 ../snort-pgsql.templates:145 +msgid "" +"Make sure this database has been created and your database user has write " +"access to this database." +msgstr "" +"Stellen Sie sicher, dass die Datenbank angelegt wurde und Ihr Benutzer " +"Schreibzugriff auf die Datenbank hat." + +#. Type: string +#. Description +#: ../snort-mysql.templates:152 ../snort-pgsql.templates:151 +msgid "Please enter the name of the database user you want to use." +msgstr "Bitte den Namen der verwendeten Datenbank-Benutzers eingeben." + +#. Type: string +#. Description +#: ../snort-mysql.templates:152 ../snort-pgsql.templates:151 +msgid "Make sure this user has been created and has write access." +msgstr "" +"Stellen Sie sicher, dass der Benutzer angelegt wurde und Schreibzugriff auf " +"die Datenbank hat." + +#. Type: password +#. Description +#: ../snort-mysql.templates:157 ../snort-pgsql.templates:156 +msgid "Please enter the password for the database connection." +msgstr "Bitte das Passwort für die Datenbankverbindung eingeben." + +#. Type: password +#. Description +#: ../snort-mysql.templates:157 ../snort-pgsql.templates:156 +msgid "Please enter a password to connect to the Snort Alert database." +msgstr "" +"Bitte das Passwort für die Verbindung zur Alarm-Datenbank von Snort eingeben." + +#. Type: boolean +#. Description +#: ../snort-pgsql.templates:113 +msgid "Do you want to set up a database for snort-pgsql to log to?" +msgstr "" +"Wollen Sie für snort-pgsql eine Datenbank einrichten, in die es " +"protokolliert?" + +#. Type: boolean +#. Description +#: ../snort-pgsql.templates:113 +msgid "" +"You only need to do this the first time you install snort-pgsql. Before you " +"go on, make sure you have (1) the hostname of a machine running a pgsql " +"server set up to allow tcp connections from this host, (2) a database on " +"that server, (3) a username and password to access the database. If you " +"don't have _all_ of these, either select 'no' and run with regular file " +"logging support, or fix this first. You can always configure database " +"logging later, by reconfiguring the snort-pgsql package with 'dpkg-" +"reconfigure -plow snort-pgsql'" +msgstr "" +"Das muss nur bei der ersten Installation von snort-pgsql gemacht werden. " +"Bevor Sie weiter machen, stellen Sie sicher, dass Sie (1) den Namen des " +"Rechners kennen, auf dem ein PostgreSQL-Server läuft und der TCP-" +"Verbindungen von Ihrem Rechner annimmt, dass (2) es eine Datenbank auf " +"diesem Server gibt und dass (3) Sie einen Datenbank-Benutzernamen mit " +"Passwort kennen. Wenn Sie nicht _alle_ dieser Angaben haben, besorgen Sie " +"sich diese zuerst oder wählen 'nein' aus und arbeiten mit Protokollierung in " +"eine normale Datei. Sie das Protokollieren in eine Datenbank später " +"einschalten, indem Sie das Paket snort-pgsql mit dem Kommando 'dpkg-" +"reconfigure -plow snort-pgsql' neu einrichten." + +#. Type: note +#. Description +#: ../snort-pgsql.templates:125 +msgid "" +"Snort needs a configured database before it can successfully start up. In " +"order to create the structure you need to run the following commands AFTER " +"the package is installed:\n" +" cd /usr/share/doc/snort-pgsql/\n" +" zcat create_postgresql.gz | psql -U -h -W \n" +"Fill in the correct values for the user, host, and database names. " +"PostgreSQL will prompt you for the password." +msgstr "" +"Snort benötigt eine eingerichtete Datenbank, bevor Sie es nutzen können. Um " +"diese aufzubauen, müssen Sie folgende Kommandos NACH der Installation " +"ausführen:\n" +" cd /usr/share/doc/snort-pgsql/\n" +" zcat create_postgresql.gz | psql -U -h -W \n" +"Geben Sie die korrekten Werte für Benutzer, Rechner und Datenbankname ein. " +"PostgreSQL wird Sie nach dem Passwort fragen." + +#. Type: string +#. Description +#: ../snort-pgsql.templates:139 +msgid "Please enter the hostname of the pgsql database server to use." +msgstr "" +"Bitte den Rechnernamen des verwendeten PostgreSQL-Datenbank-Servers eingeben." + +#. Type: note +#. Description +#: ../snort-common.templates:3 +msgid "Your configuration file is deprecated" +msgstr "Ihre Konfigurationsdatei ist veraltet" + +#. Type: note +#. Description +#: ../snort-common.templates:3 +msgid "" +"Your Snort configuration file (/etc/snort/snort.conf) uses deprecated " +"options no longer available for this Snort release. Snort will not be able " +"to start unless you provide a correct configuration file. You can substitute " +"your configuration file with the one provided in this package or fix it " +"manually by removing deprecated options." +msgstr "" +"Ihre Snort-Konfigurationsdatei (/etc/snort/snort.conf) nutzt veraltete " +"Optionen, die ab dieser Version von Snort nicht mehr gültig sind. Snort kann " +"solange nicht starten, bis Sie eine richtige Konfigurationsdatei erstellen. " +"Sie können Ihre Konfigurationsdatei durch die des Pakets ersetzen oder durch " +"entfernen der veralteten Optionen manuell berichtigen." + +#. Type: note +#. Description +#: ../snort-common.templates:3 +msgid "" +"The following deprecated options were found in your configuration file: " +"${DEP_CONFIG}" +msgstr "" +"Folgende veraltete Optionen wurden in Ihrer Konfigurationsdatei gefunden: " +"${DEP_CONFIG}" --- snort-2.3.3.orig/debian/po/POTFILES.in +++ snort-2.3.3/debian/po/POTFILES.in @@ -0,0 +1,4 @@ +[type: gettext/rfc822deb] snort.templates +[type: gettext/rfc822deb] snort-mysql.templates +[type: gettext/rfc822deb] snort-pgsql.templates +[type: gettext/rfc822deb] snort-common.templates --- snort-2.3.3.orig/debian/po/es.po +++ snort-2.3.3/debian/po/es.po @@ -0,0 +1,701 @@ +# snort debconf translation to Spanish +# Copyright (C) 2004 Software in the Public Interest +# This file is distributed under the same license as the snort package. +# +# Changes: +# - Initial translation +# Javier Fernandez-Sanguino Peña , 2004 +# +# +# Traductores, si no conoce el formato PO, merece la pena leer la +# documentación de gettext, especialmente las secciones dedicadas a este +# formato, por ejemplo ejecutando: +# info -n '(gettext)PO Files' +# info -n '(gettext)Header Entry' +# +# Equipo de traducción al español, por favor, lean antes de traducir +# los siguientes documentos: +# +# - El proyecto de traducción de Debian al español +# http://www.debian.org/intl/spanish/coordinacion +# especialmente las notas de traducción en +# http://www.debian.org/intl/spanish/notas +# +# - La guía de traducción de po's de debconf: +# /usr/share/doc/po-debconf/README-trans +# o http://www.debian.org/intl/l10n/po-debconf/README-trans +# +msgid "" +msgstr "" +"Project-Id-Version: snort debconf 2.1.0-4.1\n" +"Report-Msgid-Bugs-To: jfs@computer.org\n" +"POT-Creation-Date: 2006-03-22 09:15+0100\n" +"PO-Revision-Date: 2006-03-22 09:21+0100\n" +"Last-Translator: Javier Fernandez-Sanguino Peña \n" +"Language-Team: Debian Spanish \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=iso-8859-1\n" +"Content-Transfer-Encoding: 8bit\n" + +#. Type: select +#. Choices +#: ../snort.templates:3 ../snort-mysql.templates:3 ../snort-pgsql.templates:3 +msgid "boot, dialup, manual" +msgstr "arranque, conexión, manual" + +#. Type: select +#. Description +#: ../snort.templates:5 ../snort-mysql.templates:5 ../snort-pgsql.templates:5 +msgid "When should Snort be started?" +msgstr "¿Cuando debería arrancarse Snort?" + +#. Type: select +#. Description +#: ../snort.templates:5 ../snort-mysql.templates:5 ../snort-pgsql.templates:5 +msgid "" +"Snort can be started during boot, when connecting to the net with pppd or " +"only when you manually start it via /usr/sbin/snort." +msgstr "" +"Snort se puede arrancar snort en el arranque del sistema, cuando el sistema " +"se conecte a Internet con pppd o sólo cuando lo arranque manualmente " +"ejecutandolo con «/usr/sbin/snort»." + +#. Type: string +#. Description +#: ../snort.templates:12 ../snort-mysql.templates:12 +#: ../snort-pgsql.templates:12 +msgid "On which interface(s) should Snort listen?" +msgstr "¿En qué interfaz(ces) debería escuchar Snort?" + +#. Type: string +#. Description +#: ../snort.templates:12 ../snort-mysql.templates:12 +#: ../snort-pgsql.templates:12 +msgid "" +"Please enter the name(s) of the interface(s) which Snort should listen on. " +"The names of the available interfaces are provided by either running 'ip " +"link show' of 'ifconfig'. This value usually is 'eth0', but you might want " +"to vary this depending on your environment, if you are using a dialup " +"connection 'ppp0' might be more appropiate." +msgstr "" +"Por favor, introduzca el nombre de la interfaz o interfaces en la que Snort " +"debe escuchar. Puede obtener los nombres de las interfaces ejecutando «ip " +"link show». Este valor suele ser «eth0», pero quizás desee variarlo " +"dependiendo de su entorno. Si está utilizando una conexión telefónica a " +"Internet basada en PPP puede ser más apropiado utilizar «ppp0»." + +#. Type: string +#. Description +#: ../snort.templates:12 ../snort-mysql.templates:12 +#: ../snort-pgsql.templates:12 +msgid "" +"Notice that Snort is usually configured to inspect all traffic coming from " +"the Internet, so the interface you add here is usually the same the 'default " +"route' is on. You can determine which interface is used for this running " +"either '/sbin/ip ro sh' or '/sbin/route -n' (look for 'default' or " +"'0.0.0.0')." +msgstr "" +"Tenga en cuenta que generalmente se configura a Snort para que analice todo " +"el tráfico que viene de Internet, así que la interfaz que se añade aquí es " +"generalmente la misma que tiene definida la ruta por omisión. Para " +"determinar qué interfaz se está utilizando para esto, ejecute bien «/sbin/ip " +"ro sh» o bien «/sbin/route -n» (busque aquellos valores asociados a " +"«default» o «0.0.0.0»)." + +#. Type: string +#. Description +#: ../snort.templates:12 ../snort-mysql.templates:12 +#: ../snort-pgsql.templates:12 +msgid "" +"It is also not uncommon to run Snort on an interface with no IP and " +"configured in promiscuous mode, if this is your case, select the interface " +"in this system that is physically connected to the network you want to " +"inspect, enable promiscuous mode later on and make sure that the network " +"traffic is sent to this interface (either connected to a 'port mirroring/" +"spanning' port in a switch, to a hub or to a tap)" +msgstr "" +"Tampoco es infrecuente ejecutar Snort en una interfaz sin dirección IP que " +"esté configurada en modo promiscuo. Si este es su caso, seleccione el " +"interfaz en el sistema que está físicamente conectado a la red que quiere " +"inspeccionar, active el modo promíscuo más adelante y asegúrese que el " +"tráfico de dicha red se está enviado a esa interfaz (bien conectándola a un " +"puerto del switch en modo «port mirroring/spanning», bien conectado a un hub " +"o a un tup)" + +#. Type: string +#. Description +#: ../snort.templates:12 ../snort-mysql.templates:12 +#: ../snort-pgsql.templates:12 +msgid "" +"You can configure multiple interfaces here, just by adding more than one " +"interface name separated by spaces. Each interface can have its specific " +"configuration." +msgstr "" +"Puede configurar múltiples interfaces simplemente añadiendo más de un nombre " +"y separándolo por espacios. Cada interfaz tiene su propia configuración." + +#. Type: string +#. Description +#: ../snort.templates:40 ../snort-mysql.templates:40 +#: ../snort-pgsql.templates:40 +msgid "Please enter the address range that Snort will listen on." +msgstr "Introduzca el intervalo de direcciones que monitorizará Snort." + +#. Type: string +#. Description +#: ../snort.templates:40 ../snort-mysql.templates:40 +#: ../snort-pgsql.templates:40 +msgid "" +"You have to use CIDR form, i.e. 192.168.1.0/24 for a block of 256 IPs or " +"192.168.1.42/32 for just one. Specify multiple addresses on a single line " +"separated by ',' (comma characters), no spaces allowed!" +msgstr "" +"Tiene que utilizar el formato CIDR, esto es, 192.168.1.0/24 para un bloque " +"de 256 IPs o 192.168.1.42/32 para sólo una dirección. Indique múltiples " +"direcciones en una sola línea separados por «,» (comas). No se permiten " +"espacios en blanco." + +#. Type: string +#. Description +#: ../snort.templates:40 ../snort-mysql.templates:40 +#: ../snort-pgsql.templates:40 +msgid "" +"If you want you can specify 'any', to not trust any side of the network." +msgstr "" +"Si quiere, puede especificar «any» (cualquiera) si no confía en ningún lado " +"de su red." + +#. Type: string +#. Description +#: ../snort.templates:40 ../snort-mysql.templates:40 +#: ../snort-pgsql.templates:40 +msgid "" +"Notice that if you are using multiple interfaces this definition will be " +"used as the HOME_NET definition of all of them." +msgstr "" +"Tenga en cuenta que si está utilizando múltiples interfaces se utilizará " +"esta definición como valor de «HOME_NET» para todos ellos." + +#. Type: boolean +#. Description +#: ../snort.templates:53 ../snort-mysql.templates:53 +#: ../snort-pgsql.templates:53 +msgid "Should Snort disable promiscuous mode on the interface?" +msgstr "¿Debería Snort deshabilitar el modo promíscuo en la interfaz?" + +#. Type: boolean +#. Description +#: ../snort.templates:53 ../snort-mysql.templates:53 +#: ../snort-pgsql.templates:53 +msgid "" +"Disabling promiscuous mode means that Snort will only see packets addressed " +"to it's own interface. Enabling it allows Snort to check every packet that " +"passes ethernet segment even if it's a connection between two other " +"computers." +msgstr "" +"Al deshabilitar el modo promíscuo snort sólo estará a la escucha de paquetes " +"dirigidos a su propia interfaz. Si lo activa le permitirá comprobar cada " +"paquete que pase el medio ethernet incluso aunque sea una conexión entre " +"otros dos sistemas." + +#. Type: boolean +#. Description +#: ../snort.templates:53 ../snort-mysql.templates:53 +#: ../snort-pgsql.templates:53 +msgid "" +"Disable promiscuous mode if you are configuring Snort on an interface " +"without a configured IP address." +msgstr "" +"Debería deshabilitar el modo promíscuo si está configurando Snort en una " +"interfaz sin direcciones IP." + +#. Type: note +#. Description +#: ../snort.templates:64 +msgid "Invalid interface" +msgstr "Interfaz inválida" + +#. Type: note +#. Description +#: ../snort.templates:64 +msgid "" +"One of the interfaces you specified is not valid (it might not exist on the " +"system or be down). Please introduce a valid interface when answering the " +"question of which interface(s) should Snort listen on." +msgstr "Una de las interfaces que ha especificado no es válida (puede que no exista en su sistema o no tenga enlace). Debe introducir una interfaz válida cuando se le pregunte en qué interfaz (o interfaces) debería escuchar Snort." + +#. Type: note +#. Description +#: ../snort.templates:64 +msgid "" +"If you did not configure an interface then the package is trying to use the " +"default ('eth0') which does not seem to be valid in your system." +msgstr "" + +#. Type: boolean +#. Description +#: ../snort.templates:75 ../snort-mysql.templates:65 +#: ../snort-pgsql.templates:65 +msgid "Should Snort's rules testing order be changed to Pass|Alert|Log?" +msgstr "¿Deberían cambiarse de orden las reglas de Pasar|Alertar|Registrar?" + +#. Type: boolean +#. Description +#: ../snort.templates:75 ../snort-mysql.templates:65 +#: ../snort-pgsql.templates:65 +msgid "" +"If you change Snort's rules testing order to Pass|Alert|Log, they will be " +"applied in Pass->Alert->Log order, instead of standard Alert->Pass->Log. " +"This will prevent people from having to make huge Berky Packet Filter " +"command line arguments to filter their alert rules." +msgstr "" +"Si cambia el orden de prueba de las reglas de snort a Pasar|Alertar|" +"Registrar, se aplicar?n el orden Pasar->Alertar->Registrar en lugar del " +"modo estándar Alertar->Pasar->Registrar. Esto evita que se tengan que " +"incluir muchos argumentos de línea de comandos con filtrado de paquetes para " +"filtrar sus propias reglas de alertas." + +#. Type: boolean +#. Description +#: ../snort.templates:84 ../snort-mysql.templates:74 +#: ../snort-pgsql.templates:74 +msgid "Should daily summaries be sent by e-mail?" +msgstr "¿Deberían enviarse resúmenes por correo electrónico?" + +#. Type: boolean +#. Description +#: ../snort.templates:84 ../snort-mysql.templates:74 +#: ../snort-pgsql.templates:74 +msgid "" +"This Snort installation provides a cron job that runs daily and summarises " +"the information of Snort logs to a selected email address. If you want to " +"disable this feature say 'no' here." +msgstr "" +"Esta instalación de Snort incluye una tarea del «cron» que se ejecuta " +"diariamente y realiza un resumen de información de los registros de Snort " +"que luego envía por correo electrónico a la dirección indicada. Responda " +"«no» a esta pregunta si desea deshabilitar esta funcionalidad." + +#. Type: string +#. Description +#: ../snort.templates:92 ../snort-mysql.templates:82 +#: ../snort-pgsql.templates:82 +msgid "Who should receive the daily statistics mails?" +msgstr "¿Quién debería recibir las estadísticas diarias?" + +#. Type: string +#. Description +#: ../snort.templates:92 ../snort-mysql.templates:82 +#: ../snort-pgsql.templates:82 +msgid "" +"A cron job running daily will summarise the information of the logs " +"generated by Snort using a script called 'snort-stat'. Introduce here the " +"recipient of these mails. The default value is the system administrator. If " +"you keep this value, make sure that the mail of the administrator is " +"redirected to a user that actually reads those mails." +msgstr "" +"Se ejecuta diariamente una tarea del «cron» para resumir la información de " +"los registros generados por Snort utilizando un programa llamado «snort-" +"stat». Indique aquí el receptor de dichos mensajes. El valor por defecto es " +"el administrator del sistema. Si mantiene este valor asegúrese de que los " +"correos de dicha cuenta son reenviados o leídos por algún usuario." + +#. Type: string +#. Description +#: ../snort.templates:102 ../snort-mysql.templates:93 +#: ../snort-pgsql.templates:92 +msgid "" +"If you want to specify custom options to Snort, please specify them here." +msgstr "Si quiere aadir opciones adicionales a Snort, especifiquelas aquí:" + +#. Type: string +#. Description +#: ../snort.templates:107 ../snort-mysql.templates:98 +#: ../snort-pgsql.templates:97 +msgid "" +"An alert needs to appear more times than this number to be included in the " +"daily statistics." +msgstr "" +"Una alerta debe aparecer más de éste número de veces para aparecer en las " +"estadísticas." + +#. Type: note +#. Description +#: ../snort.templates:111 ../snort-mysql.templates:162 +#: ../snort-pgsql.templates:161 +msgid "You are running Snort manually." +msgstr "Está ejecutando Snort manualmente." + +#. Type: note +#. Description +#: ../snort.templates:111 ../snort-mysql.templates:162 +#: ../snort-pgsql.templates:161 +msgid "" +"Please restart Snort using:\n" +" /etc/init.d/snort start\n" +"to let the settings take effect." +msgstr "" +"Por favor reinicie a Snort con:\n" +" /etc/init.d/snort start\n" +"para que los cambios tengan efecto." + +#. Type: note +#. Description +#: ../snort.templates:118 ../snort-mysql.templates:169 +#: ../snort-pgsql.templates:168 +msgid "There is an error in your configuration" +msgstr "Su configuración tiene un error" + +#. Type: note +#. Description +#: ../snort.templates:118 ../snort-mysql.templates:169 +#: ../snort-pgsql.templates:168 +msgid "" +"Your Snort configuration is not correct and Snort will not be able to start " +"up normally. Please review your configuration and fix it. If you do not do " +"this, Snort package upgrades will probably break. To check which error is " +"being generated run '/usr/sbin/snort -T -c /etc/snort/snort.conf' (or point " +"to an alternate configuration file if you are using different files for " +"different interfaces)" +msgstr "" +"Su configuración de Snort no es correcta y no se podrá arrancar éste con " +"normalidad. Por favor, revise su configuración y arreglela. Las " +"actualizaciones del paquete Snort fallarán si no lo hace. Para comprobar el " +"error que se genera ejecute «/usr/sbin/snort -T -c /etc/snort/snort.conf» (o " +"utilice otro fichero de configuración si utiliza ficheros distintos para " +"distintas interfaces)" + +#. Type: note +#. Description +#: ../snort.templates:128 ../snort-mysql.templates:179 +#: ../snort-pgsql.templates:178 +msgid "This system uses an obsolete configuration file" +msgstr "Este sistema utiliza un fichero de configuración obsoleto" + +#. Type: note +#. Description +#: ../snort.templates:128 ../snort-mysql.templates:179 +#: ../snort-pgsql.templates:178 +msgid "" +"Your system has an obsolete configuration file (/etc/snort/snort.common." +"parameters) which has been automatically converted into the new " +"configuration file format (at /etc/default/snort). Please review the new " +"configuration and remove the obsolete one. Until you do this, the init.d " +"script will not use the new configuration and you will not take advantage of " +"the benefits introduced in newer releases." +msgstr "" +"Su sistema tiene un fichero de configuración obsoleto (/etc/snort/snort." +"common.parameters) que ha sido convertido de forma automática al nuevo " +"formato de fichero de configuración (en /etc/default/snort). Por favor, " +"revise el nuevo fichero de configuración y borre el antigüo. El guión del " +"init.d no utilizará la nueva configuración hasta que lo borre y no podrá " +"aprovecharse de las ventajas introducidas en nuevas versiones." + +#. Type: note +#. Description +#: ../snort-mysql.templates:102 +msgid "" +"Your system has an obsolete configuration file (/etc/snort/snort.common." +"parameters) which has been automatically converted into the new " +"configuration file format (at /etc/default/snort). Please review the new " +"configuration and remove the obsolete one. Until you do this, the init.d " +"script will not use the new configuration and you will not take advantage of " +"the benefits introduced in newer releases." +msgstr "" +"Su sistema tiene un fichero de configuración obsoleto (/etc/snor/snort." +"common.parameters) que ha sido convertido de forma automática al nuevo " +"formato de fichero de configuración (en /etc/default/snort). Por favor, " +"revise el nuevo fichero de configuración y borre el antigüo. El guión del " +"init.d no utilizará la nueva configuración hasta que lo borre y no podrá " +"aprovecharse de las ventajas introducidas en nuevas versiones." + +#. Type: boolean +#. Description +#: ../snort-mysql.templates:114 +msgid "Do you want to set up a database for snort-mysql to log to?" +msgstr "" +"¿Quiere configurar una base de datos a la que snort-mysql enviará los " +"registros?" + +#. Type: boolean +#. Description +#: ../snort-mysql.templates:114 +msgid "" +"You only need to do this the first time you install snort-mysql. Before you " +"go on, make sure you have (1) the hostname of a machine running a mysql " +"server set up to allow tcp connections from this host, (2) a database on " +"that server, (3) a username and password to access the database. If you " +"don't have _all_ of these, either select 'no' and run with regular file " +"logging support, or fix this first. You can always configure database " +"logging later, by reconfiguring the snort-mysql package with 'dpkg-" +"reconfigure -plow snort-mysql'" +msgstr "" +"Sólo tiene que hacer ésto la primera vez que instale snort-mysql. Andes de " +"seguir adelante asegúrese de que (1) el nombre de servidor del equipo que " +"ejecuta la base de datos mysql permite realizar conexiones tcp desde éste " +"equipo, (2) hay una base de datos en ese servidor, (3) el nombre de usuario " +"y contraseña de acceso a la base de datos. Si no tiene _todos_ estos, escoja " +"«no» y continúe con la configuración habitual de registro, o arregle esto. " +"Siempre puede configurar la base de datos más adelante reconfigurando snort-" +"mysql utilizando: «dpkg-reconfigure -plow snort-mysql»" + +#. Type: note +#. Description +#: ../snort-mysql.templates:126 ../snort-pgsql.templates:125 +msgid "Snort needs a configured database to log to before it starts." +msgstr "Snort necesita tener una base de datos configurada antes de arrancar." + +#. Type: note +#. Description +#: ../snort-mysql.templates:126 +msgid "" +"Snort needs a configured database before it can successfully start up. In " +"order to create the structure you need to run the following commands AFTER " +"the package is installed:\n" +" cd /usr/share/doc/snort-mysql/\n" +" zcat create_mysql.gz | mysql -u -h -p \n" +"Fill in the correct values for the user, host, and database names. MySQL " +"will prompt you for the password." +msgstr "" +"Snort necesita una base de datos correctamente configurada para poder " +"arrancar. Para poder crear la estructura debe ejecutar las órdenes mostradas " +"a continuación DESPUÉS de instalar el paquete:\n" +" cd /usr/share/doc/snort-mysql/\n" +" zcat create_mysql.gz | mysql -u -h -p \n" +"Rellene correctamente los valores para el usuario, servidor y nombre de la " +"base de datos. MySQL le solicitará la contraseña." + +#. Type: note +#. Description +#: ../snort-mysql.templates:126 ../snort-pgsql.templates:125 +msgid "" +"After you created the database structure, you will need to start Snort " +"manually." +msgstr "" +"Deberá arrancar Snort manualmente después de haber creado la estructura de " +"la base de datos." + +#. Type: string +#. Description +#: ../snort-mysql.templates:140 +msgid "Please enter the hostname of the mysql database server to use." +msgstr "" +"Introduzca el nombre de servidor de la base de datos mysql que va a utilizar." + +#. Type: string +#. Description +#: ../snort-mysql.templates:140 ../snort-pgsql.templates:139 +msgid "" +"Make sure it has been set up correctly to allow incoming connections from " +"this host!" +msgstr "" +"¡Asegúrese de que se ha configurado correctamente para permitir conexiones " +"entrantes desde este servidor!" + +#. Type: string +#. Description +#: ../snort-mysql.templates:146 ../snort-pgsql.templates:145 +msgid "Please enter the name of the database to use." +msgstr "Por favor, indique el nombre de la base de datos a utilizar." + +#. Type: string +#. Description +#: ../snort-mysql.templates:146 ../snort-pgsql.templates:145 +msgid "" +"Make sure this database has been created and your database user has write " +"access to this database." +msgstr "" +"Asegúrese de que la base de datos ha sido creada y de que su usuario tiene " +"acceso de escritura a esta base de datos." + +#. Type: string +#. Description +#: ../snort-mysql.templates:152 ../snort-pgsql.templates:151 +msgid "Please enter the name of the database user you want to use." +msgstr "" +"Por favor, introduzca el nombre de usuario de la base de datos que quiere " +"utilizar." + +#. Type: string +#. Description +#: ../snort-mysql.templates:152 ../snort-pgsql.templates:151 +msgid "Make sure this user has been created and has write access." +msgstr "" +"Asegúrese de que el usuario ha sido creado y tiene permisos de escritura." + +#. Type: password +#. Description +#: ../snort-mysql.templates:157 ../snort-pgsql.templates:156 +msgid "Please enter the password for the database connection." +msgstr "" +"Por favor, introduzca la contraseña para la conexión con la base de datos." + +#. Type: password +#. Description +#: ../snort-mysql.templates:157 ../snort-pgsql.templates:156 +msgid "Please enter a password to connect to the Snort Alert database." +msgstr "" +"Por favor, introduzca la contraseña para conectarse a la base de datos de " +"alertas de Snort." + +#. Type: boolean +#. Description +#: ../snort-pgsql.templates:113 +msgid "Do you want to set up a database for snort-pgsql to log to?" +msgstr "¿Quiere preparar una base de datos para que la utilice snort-pgsql?" + +#. Type: boolean +#. Description +#: ../snort-pgsql.templates:113 +msgid "" +"You only need to do this the first time you install snort-pgsql. Before you " +"go on, make sure you have (1) the hostname of a machine running a pgsql " +"server set up to allow tcp connections from this host, (2) a database on " +"that server, (3) a username and password to access the database. If you " +"don't have _all_ of these, either select 'no' and run with regular file " +"logging support, or fix this first. You can always configure database " +"logging later, by reconfiguring the snort-pgsql package with 'dpkg-" +"reconfigure -plow snort-pgsql'" +msgstr "" +"Sólo tiene que hacer ésto la primera vez que instale snort-pgsql. Andes de " +"seguir adelante asegúrese de que (1) el nombre de servidor del equipo que " +"ejecuta la base de datos mysql permite realizar conexiones tcp desde éste " +"equipo, (2) hay una base de datos en ese servidor, (3) el nombre de usuario " +"y contraseña de acceso a la base de datos. Si no tiene _todos_ estos, escoja " +"«no» y continúe con la configuración habitual de registro, o arregle esto. " +"Siempre puede configurar la base de datos más adelante reconfigurando snort-" +"pgsql utilizando: «dpkg-reconfigure -plow snort-pgsql»" + +#. Type: note +#. Description +#: ../snort-pgsql.templates:125 +msgid "" +"Snort needs a configured database before it can successfully start up. In " +"order to create the structure you need to run the following commands AFTER " +"the package is installed:\n" +" cd /usr/share/doc/snort-pgsql/\n" +" zcat create_postgresql.gz | psql -U -h -W \n" +"Fill in the correct values for the user, host, and database names. " +"PostgreSQL will prompt you for the password." +msgstr "" +"Snort necesita una base de datos correctamente configurada para poder " +"arrancar.Para poder crear la estructura debe ejecutar las órdenes mostradas " +"a continuación DESPUÉS de instalar el paquete:\n" +" cd /usr/share/doc/snort-pgsql/\n" +" zcat create_pgsql.gz | psql -U -h -W \n" +"Rellene correctamente los valores para el usuario, servidor y nombre de la " +"base de datos. PostgreSQL le solicitará la contraseña." + +#. Type: string +#. Description +#: ../snort-pgsql.templates:139 +msgid "Please enter the hostname of the pgsql database server to use." +msgstr "" +"Introduzca el nombre de servidor de la base de datos psql que va a utilizar." + +#. Type: note +#. Description +#: ../snort-common.templates:3 +msgid "Your configuration file is deprecated" +msgstr "Su fichero de configuración es obsoleto" + +#. Type: note +#. Description +#: ../snort-common.templates:3 +msgid "" +"Your Snort configuration file (/etc/snort/snort.conf) uses deprecated " +"options no longer available for this Snort release. Snort will not be able " +"to start unless you provide a correct configuration file. You can substitute " +"your configuration file with the one provided in this package or fix it " +"manually by removing deprecated options." +msgstr "" +"Su fichero de configuración de Snort (/etc/snort/snort.conf) utiliza " +"opciones obsoletas que ya no están disponibles en esta versión de Snort. " +"Snort no podrá arrancar a menos que tenga un fichero de configuración " +"correcto. Puede sustituir este fichero de configuración por el que ofrece " +"este paquete o arreglarlo manualmente eliminando las opciones obsoletas." + +#. Type: note +#. Description +#: ../snort-common.templates:3 +msgid "" +"The following deprecated options were found in your configuration file: " +"${DEP_CONFIG}" +msgstr "" +"Se encontraron las siguientes opciones obsoletas en el fichero de " +"configuración: ${DEP_CONFIG}" + +#~ msgid "" +#~ "Your system has an obsolete configuration file (/etc/snort/snort.common." +#~ "parameters) which has been automatically converted into the new " +#~ "configuration file format (at /etc/default/snort). Please review the new " +#~ "configuration and remove the obsolete one. Until you do this, the init.d " +#~ "script will not use the new configuration and you will not take advantage " +#~ "of the benefits introduced in newer releases." +#~ msgstr "" +#~ "Su sistema tiene un fichero de configuración obsoleto (/etc/snor/snort." +#~ "common.parameters) que ha sido convertido de forma automática al nuevo " +#~ "formato de fichero de configuración (en /etc/default/snort). Por favor, " +#~ "revise el nuevo fichero de configuración y borre el antigüo. El guión del " +#~ "init.d no utilizará la nueva configuración hasta que lo borre y no podrá " +#~ "aprovecharse de las ventajas introducidas en nuevas versiones." + +#~ msgid "" +#~ "Please enter the name(s) of the interface(s) which Snort should listen " +#~ "on. The names of the available interfaces are provided by either running " +#~ "'ip link show' of 'ifconfig'. This value usually is 'eth0', but you might " +#~ "want to vary this depending on your environment, if you are using a " +#~ "dialup connection 'ppp0' might be more appropiate." +#~ msgstr "" +#~ "Por favor, introduzca el nombre de la interfaz o interfaces en la que " +#~ "Snort debe escuchar. Puede obtener los nombres de las interfaces " +#~ "ejecutando «ip link show». Este valor suele ser «eth0», pero quizás desee " +#~ "variarlo dependiendo de su entorno. Si está utilizando una conexión " +#~ "telefónica a Internet basada en PPP puede ser más apropiado utilizar " +#~ "«ppp0»." + +#~ msgid "On which interface should Snort listen?" +#~ msgstr "¿En qué interfaz debería escuchar Snort?" + +#~ msgid "" +#~ "Please enter the interface name which snort should listen on. The name of " +#~ "the available interfaces are provided by running 'ip link show'. This " +#~ "value usually is 'eth0', but you might want to vary this depending on " +#~ "your environment, if you are using a dialup connection 'ppp0' might be " +#~ "more appropiate." +#~ msgstr "" +#~ "Por favor, introduzca el nombre de la interfaz en la que Snort debe " +#~ "escuchar. Puede obtener los nombres de las interfaces ejecutando «ip link " +#~ "show». Este valor suele ser «eth0», pero quizás desee variarlo " +#~ "dependiendo de su entorno. Si está utilizando una conexión de teléfono " +#~ "mediante PPP a Internet puede ser más apropiado utilizar «ppp0»." + +#~ msgid "" +#~ "Notice that Snort is usually configured to inspect all traffic coming " +#~ "from the Internet, so the interface you add here is usually the same the " +#~ "'default route' is on. You can determine which interface is used for " +#~ "this running either 'ip route show' or '/sbin/route -n' (look for " +#~ "'default' or '0.0.0.0')." +#~ msgstr "" +#~ "Tenga en cuenta que generalmente se configura a Snort para que analice " +#~ "todo el tráfico que viene de Internet, así que la interfaz que se añade " +#~ "aquí es generalmente la misma que tiene definida la ruta por omisión. " +#~ "Para determinar qué interfaz se está utilizando para esto, ejecute bien " +#~ "«ip route show» o bien «/sbin/route -n» (busque aquellos valores " +#~ "asociados a «default» o «0.0.0.0»)." + +#~ msgid "Should Snort disable promiscous mode on the interface?" +#~ msgstr "¿Debería Snort deshabilitar el modo promíscuo en la interfaz?" + +#~ msgid "" +#~ "The configuration file found the following deprecated content: " +#~ "${DEP_CONFIG}" +#~ msgstr "" +#~ "Se encontraron las siguientes opciones obsoletas en el fichero de " +#~ "configuración: ${DEP_CONFIG}" + +#~ msgid "" +#~ "Please enter the interface name wich snort should listen on. F.e. eth0 " +#~ "Usually this is the interface the 'default route' is on. See '/sbin/ip " +#~ "ro sh' or '/sbin/route -n' and look for 'default' or '0.0.0.0'." +#~ msgstr "Introduzca el nombre de la interfaz " --- snort-2.3.3.orig/debian/po/ca.po +++ snort-2.3.3/debian/po/ca.po @@ -0,0 +1,805 @@ +# snort (debconf) translation to Catalan. +# Copyright (C) 1999, 2000, 2001, 2002, 2003, 2004, 2005 Free Software Foundation, Inc. +# Aleix Badia i Bosch 2005 +# +msgid "" +msgstr "" +"Project-Id-Version: snort_2.0.1-2_templates\n" +"Report-Msgid-Bugs-To: jfs@computer.org\n" +"POT-Creation-Date: 2006-03-22 09:15+0100\n" +"PO-Revision-Date: 2005-02-26 10:41+0100\n" +"Last-Translator: Aleix Badia i Bosch \n" +"Language-Team: Debian L10n Catalan \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=ISO-8859-1\n" +"Content-Transfer-Encoding: 8bit\n" + +#. Type: select +#. Choices +#: ../snort.templates:3 ../snort-mysql.templates:3 ../snort-pgsql.templates:3 +msgid "boot, dialup, manual" +msgstr "arrencada, marcatge directe, manual" + +#. Type: select +#. Description +#: ../snort.templates:5 ../snort-mysql.templates:5 ../snort-pgsql.templates:5 +msgid "When should Snort be started?" +msgstr "Quan s'hauria d'iniciar el Snort?" + +#. Type: select +#. Description +#: ../snort.templates:5 ../snort-mysql.templates:5 ../snort-pgsql.templates:5 +msgid "" +"Snort can be started during boot, when connecting to the net with pppd or " +"only when you manually start it via /usr/sbin/snort." +msgstr "" +"El Snort es pot iniciar a l'arrencada del sistema, quan el sistema es " +"connecti a la xarxa a través de pppd o iniciar-lo manualment via /usr/sbin/" +"snort." + +#. Type: string +#. Description +#: ../snort.templates:12 ../snort-mysql.templates:12 +#: ../snort-pgsql.templates:12 +msgid "On which interface(s) should Snort listen?" +msgstr "Quina interfície(s) hauria d'escoltar el Snort?" + +#. Type: string +#. Description +#: ../snort.templates:12 ../snort-mysql.templates:12 +#: ../snort-pgsql.templates:12 +#, fuzzy +msgid "" +"Please enter the name(s) of the interface(s) which Snort should listen on. " +"The names of the available interfaces are provided by either running 'ip " +"link show' of 'ifconfig'. This value usually is 'eth0', but you might want " +"to vary this depending on your environment, if you are using a dialup " +"connection 'ppp0' might be more appropiate." +msgstr "" +"Introduïu el nom de la interfície(s) que hauria d'escoltar el snort. El nom " +"de les interfícies disponibles el podeu aconseguir executant l'ordre 'ip " +"link show'. El valor acostuma a ser 'eth0', però us pot interessar modificar-" +"lo en funció de l'entorn, si utilitzeu el marcatge directe probablement us " +"interessi més el valor 'ppp0'." + +#. Type: string +#. Description +#: ../snort.templates:12 ../snort-mysql.templates:12 +#: ../snort-pgsql.templates:12 +msgid "" +"Notice that Snort is usually configured to inspect all traffic coming from " +"the Internet, so the interface you add here is usually the same the 'default " +"route' is on. You can determine which interface is used for this running " +"either '/sbin/ip ro sh' or '/sbin/route -n' (look for 'default' or " +"'0.0.0.0')." +msgstr "" +"Recordeu que el Snort acostuma a estar configurat per analitzar tot el " +"tràfic d'internet, la interfície a afegir acostuma a ser la mateixa que la " +"de la 'ruta per defecte'. Podeu obtenir la interfície executant l'ordre '/" +"sbin/ip ro sh' o '/sbin/route -n' (cerqueu 'default' o '0.0.0.0'). " + +#. Type: string +#. Description +#: ../snort.templates:12 ../snort-mysql.templates:12 +#: ../snort-pgsql.templates:12 +msgid "" +"It is also not uncommon to run Snort on an interface with no IP and " +"configured in promiscuous mode, if this is your case, select the interface " +"in this system that is physically connected to the network you want to " +"inspect, enable promiscuous mode later on and make sure that the network " +"traffic is sent to this interface (either connected to a 'port mirroring/" +"spanning' port in a switch, to a hub or to a tap)" +msgstr "" +"També es pot donar la situació d'executar el Snort en una interfície sense " +"IP i configurada en mode promiscu, si és el vostre cas, seleccioneu la " +"interfície que està físicament connectada a la xarxa que voleu analitzar, " +"posteriorment habiliteu el mode promiscu i assegureu-vos que el tràfic de la " +"xarxa s'envia a la interfície (connectada a un port 'port mirroring/" +"spanning' d'un commutador, a un concentrador o a un tap)" + +#. Type: string +#. Description +#: ../snort.templates:12 ../snort-mysql.templates:12 +#: ../snort-pgsql.templates:12 +msgid "" +"You can configure multiple interfaces here, just by adding more than one " +"interface name separated by spaces. Each interface can have its specific " +"configuration." +msgstr "" +"Podeu configurar múltiples interfície afegint més d'un nom d'interfície " +"separat per espais. Cada interfície pot tenir una configuració específica." + +#. Type: string +#. Description +#: ../snort.templates:40 ../snort-mysql.templates:40 +#: ../snort-pgsql.templates:40 +msgid "Please enter the address range that Snort will listen on." +msgstr "Introduïu el rang d'adreces que escoltarà el Snort." + +#. Type: string +#. Description +#: ../snort.templates:40 ../snort-mysql.templates:40 +#: ../snort-pgsql.templates:40 +msgid "" +"You have to use CIDR form, i.e. 192.168.1.0/24 for a block of 256 IPs or " +"192.168.1.42/32 for just one. Specify multiple addresses on a single line " +"separated by ',' (comma characters), no spaces allowed!" +msgstr "" +"Heu d'utilitzar el format CIDR, ex. 192.168.1.0/24 per un bloc de 256 IPs o " +"192.268.1.42/32 per una. Especifiqueu múltiples adreces separades per " +"',' (caràcters de coma) en una sola línia, no utilitzeu espais." + +#. Type: string +#. Description +#: ../snort.templates:40 ../snort-mysql.templates:40 +#: ../snort-pgsql.templates:40 +msgid "" +"If you want you can specify 'any', to not trust any side of the network." +msgstr "" +"Per no establir una relació de confiança amb cap part de la xarxa, podeu " +"especificar 'any'." + +#. Type: string +#. Description +#: ../snort.templates:40 ../snort-mysql.templates:40 +#: ../snort-pgsql.templates:40 +msgid "" +"Notice that if you are using multiple interfaces this definition will be " +"used as the HOME_NET definition of all of them." +msgstr "" +"Recordeu que si utilitzeu múltiples interfícies aquesta definició " +"s'utilitzarà com a definició HOME_NET de totes." + +#. Type: boolean +#. Description +#: ../snort.templates:53 ../snort-mysql.templates:53 +#: ../snort-pgsql.templates:53 +msgid "Should Snort disable promiscuous mode on the interface?" +msgstr "S'hauria d'inhabilitar el mode promiscu de la interfície?" + +#. Type: boolean +#. Description +#: ../snort.templates:53 ../snort-mysql.templates:53 +#: ../snort-pgsql.templates:53 +msgid "" +"Disabling promiscuous mode means that Snort will only see packets addressed " +"to it's own interface. Enabling it allows Snort to check every packet that " +"passes ethernet segment even if it's a connection between two other " +"computers." +msgstr "" +"Si s'inhabilita el mode promiscu, el Snort únicament veurà els paquets " +"adreçats a la seva pròpia interfície. Si s'habilita, el Snort pot comprovar " +"cada paquet que passa pel segment ethernet, encara que sigui entre d'altres " +"ordinador." + +#. Type: boolean +#. Description +#: ../snort.templates:53 ../snort-mysql.templates:53 +#: ../snort-pgsql.templates:53 +msgid "" +"Disable promiscuous mode if you are configuring Snort on an interface " +"without a configured IP address." +msgstr "" +"Si esteu configurant el Snort en una interfície sense una adreça d'IP " +"inhabiliteu el mode promiscu." + +#. Type: note +#. Description +#: ../snort.templates:64 +msgid "Invalid interface" +msgstr "" + +#. Type: note +#. Description +#: ../snort.templates:64 +msgid "" +"One of the interfaces you specified is not valid (it might not exist on the " +"system or be down). Please introduce a valid interface when answering the " +"question of which interface(s) should Snort listen on." +msgstr "" + +#. Type: note +#. Description +#: ../snort.templates:64 +msgid "" +"If you did not configure an interface then the package is trying to use the " +"default ('eth0') which does not seem to be valid in your system." +msgstr "" + +#. Type: boolean +#. Description +#: ../snort.templates:75 ../snort-mysql.templates:65 +#: ../snort-pgsql.templates:65 +msgid "Should Snort's rules testing order be changed to Pass|Alert|Log?" +msgstr "" +"S'hauria de canviar l'ordre de comprovació de les regles del Snort per Pass|" +"Alert|Log?" + +#. Type: boolean +#. Description +#: ../snort.templates:75 ../snort-mysql.templates:65 +#: ../snort-pgsql.templates:65 +msgid "" +"If you change Snort's rules testing order to Pass|Alert|Log, they will be " +"applied in Pass->Alert->Log order, instead of standard Alert->Pass->Log. " +"This will prevent people from having to make huge Berky Packet Filter " +"command line arguments to filter their alert rules." +msgstr "" +"Si canvieu l'ordre de comprovació de les regles del Snort per Pass|Alert|" +"Log, s'aplicaran en l'ordre Pass->Alert->Log, en comptes de l'estàndard " +"Alert->Pass->Log. Aquesta opció permetrà que els usuaris no hagin " +"d'utilitzar una gran quantitat d'arguments de la línia d'ordres del Berky " +"Packet Filter per filtrar les regles d'alerta." + +#. Type: boolean +#. Description +#: ../snort.templates:84 ../snort-mysql.templates:74 +#: ../snort-pgsql.templates:74 +msgid "Should daily summaries be sent by e-mail?" +msgstr "" + +#. Type: boolean +#. Description +#: ../snort.templates:84 ../snort-mysql.templates:74 +#: ../snort-pgsql.templates:74 +msgid "" +"This Snort installation provides a cron job that runs daily and summarises " +"the information of Snort logs to a selected email address. If you want to " +"disable this feature say 'no' here." +msgstr "" + +#. Type: string +#. Description +#: ../snort.templates:92 ../snort-mysql.templates:82 +#: ../snort-pgsql.templates:82 +msgid "Who should receive the daily statistics mails?" +msgstr "Qui hauria de rebre els missatges estadístics diaris?" + +#. Type: string +#. Description +#: ../snort.templates:92 ../snort-mysql.templates:82 +#: ../snort-pgsql.templates:82 +msgid "" +"A cron job running daily will summarise the information of the logs " +"generated by Snort using a script called 'snort-stat'. Introduce here the " +"recipient of these mails. The default value is the system administrator. If " +"you keep this value, make sure that the mail of the administrator is " +"redirected to a user that actually reads those mails." +msgstr "" +"Una tasca programada diàriament resumirà la informació dels registres del " +"Snort utilitzant una seqüència anomenada 'snort-stat'. Introduïu el " +"destinatari dels correus electrònics. El valor predeterminat és " +"l'administrador del sistema. Si manteniu el valor assegureu-vos que el " +"correu electrònic de l'administrador es redireccioni a una usuari que " +"llegeixi els missatges." + +#. Type: string +#. Description +#: ../snort.templates:102 ../snort-mysql.templates:93 +#: ../snort-pgsql.templates:92 +msgid "" +"If you want to specify custom options to Snort, please specify them here." +msgstr "Si voleu definir opcions personalitzades del Snort, feu-ho aquí." + +#. Type: string +#. Description +#: ../snort.templates:107 ../snort-mysql.templates:98 +#: ../snort-pgsql.templates:97 +msgid "" +"An alert needs to appear more times than this number to be included in the " +"daily statistics." +msgstr "" +"Una alerta s'inclourà a les estadístiques diàries quan aparegui un nombre de " +"vegades superior a l'indicat." + +#. Type: note +#. Description +#: ../snort.templates:111 ../snort-mysql.templates:162 +#: ../snort-pgsql.templates:161 +msgid "You are running Snort manually." +msgstr "Esteu executant el Snort manualment." + +#. Type: note +#. Description +#: ../snort.templates:111 ../snort-mysql.templates:162 +#: ../snort-pgsql.templates:161 +msgid "" +"Please restart Snort using:\n" +" /etc/init.d/snort start\n" +"to let the settings take effect." +msgstr "" +"Per fer efectius els canvis reinicieu el Snort utilitzant:\n" +" /etc/init.d/snort start\n" + +#. Type: note +#. Description +#: ../snort.templates:118 ../snort-mysql.templates:169 +#: ../snort-pgsql.templates:168 +msgid "There is an error in your configuration" +msgstr "Hi ha una error en la configuració" + +#. Type: note +#. Description +#: ../snort.templates:118 ../snort-mysql.templates:169 +#: ../snort-pgsql.templates:168 +msgid "" +"Your Snort configuration is not correct and Snort will not be able to start " +"up normally. Please review your configuration and fix it. If you do not do " +"this, Snort package upgrades will probably break. To check which error is " +"being generated run '/usr/sbin/snort -T -c /etc/snort/snort.conf' (or point " +"to an alternate configuration file if you are using different files for " +"different interfaces)" +msgstr "" +"La configuració del Snort no és correcte i no es podrà iniciar correctament. " +"Reviseu la configuració i arregleu-ne els errors. Si no ho feu probablement " +"no es podran realitzar correctament les actualitzacions del paquet Snort. " +"Per comprovar l'error executeu l'ordre '/usr/sbin/snort -T -c /etc/snort/" +"snort.conf' (si utilitzeu diferents fitxers per a diferents interfícies feu " +"referència a un altre fitxer de configuració)" + +#. Type: note +#. Description +#: ../snort.templates:128 ../snort-mysql.templates:179 +#: ../snort-pgsql.templates:178 +msgid "This system uses an obsolete configuration file" +msgstr "El sistema utilitza un fitxer de configuració obsolet" + +#. Type: note +#. Description +#: ../snort.templates:128 ../snort-mysql.templates:179 +#: ../snort-pgsql.templates:178 +#, fuzzy +msgid "" +"Your system has an obsolete configuration file (/etc/snort/snort.common." +"parameters) which has been automatically converted into the new " +"configuration file format (at /etc/default/snort). Please review the new " +"configuration and remove the obsolete one. Until you do this, the init.d " +"script will not use the new configuration and you will not take advantage of " +"the benefits introduced in newer releases." +msgstr "" +"El sistema té un fitxer de configuració obsolet (/etc/snort/snort.common." +"parameters) que s'ha convertit automàticament al nou format de fitxer de " +"configuració (a /etc/default/snort). Comproveu el nou fitxer de configuració " +"i suprimiu l'obsolet. Fins que no ho feu, la seqüència de l'init.d no " +"utilitzarà la nova configuració i no podreu utilitzar les característiques " +"afegides en les noves versions." + +#. Type: note +#. Description +#: ../snort-mysql.templates:102 +msgid "" +"Your system has an obsolete configuration file (/etc/snort/snort.common." +"parameters) which has been automatically converted into the new " +"configuration file format (at /etc/default/snort). Please review the new " +"configuration and remove the obsolete one. Until you do this, the init.d " +"script will not use the new configuration and you will not take advantage of " +"the benefits introduced in newer releases." +msgstr "" +"El sistema té un fitxer de configuració obsolet (/etc/snort/snort.common." +"parameters) que s'ha convertit automàticament al nou format de fitxer de " +"configuració (a /etc/default/snort). Comproveu el nou fitxer de configuració " +"i suprimiu l'obsolet. Fins que no ho feu, la seqüència de l'init.d no " +"utilitzarà la nova configuració i no podreu utilitzar les característiques " +"afegides en les noves versions." + +#. Type: boolean +#. Description +#: ../snort-mysql.templates:114 +msgid "Do you want to set up a database for snort-mysql to log to?" +msgstr "" +"Voleu configurar una base de dades on el snort-mysql hi registri dades?" + +#. Type: boolean +#. Description +#: ../snort-mysql.templates:114 +msgid "" +"You only need to do this the first time you install snort-mysql. Before you " +"go on, make sure you have (1) the hostname of a machine running a mysql " +"server set up to allow tcp connections from this host, (2) a database on " +"that server, (3) a username and password to access the database. If you " +"don't have _all_ of these, either select 'no' and run with regular file " +"logging support, or fix this first. You can always configure database " +"logging later, by reconfiguring the snort-mysql package with 'dpkg-" +"reconfigure -plow snort-mysql'" +msgstr "" +"Aquestes tasques només les heu de realitzar la primera vegada que instal·leu " +"el snort-mysql. Abans de continuar assegureu-vos de tenir(1) el nom d'un " +"servidor central on s'estigui executant un servidor de mysql que permeti " +"connexions tcp d'aquest ordinador. (2) una base de dades, (3) un nom " +"d'usuari i una contrasenya per accedir-hi. Si no teniu tots els elements de " +"la llista, solucioneu-ho o seleccioneu l'opció 'no' i utilitzeu el suport " +"tradicional de registre per fitxer. Posteriorment, sempre podreu configurar " +"el mode de registre reconfigurant el paquet snort-mysql utilitzant 'dpkg-" +"reconfigure -plow snort-mysql'" + +#. Type: note +#. Description +#: ../snort-mysql.templates:126 ../snort-pgsql.templates:125 +#, fuzzy +msgid "Snort needs a configured database to log to before it starts." +msgstr "" +"El Snort necessita una base de dades configurada per registrar-hi les dades." + +#. Type: note +#. Description +#: ../snort-mysql.templates:126 +#, fuzzy +msgid "" +"Snort needs a configured database before it can successfully start up. In " +"order to create the structure you need to run the following commands AFTER " +"the package is installed:\n" +" cd /usr/share/doc/snort-mysql/\n" +" zcat create_mysql.gz | mysql -u -h -p \n" +"Fill in the correct values for the user, host, and database names. MySQL " +"will prompt you for the password." +msgstr "" +"Creeu l'estructura de la base de dades utilitzant la següent ordre:\n" +" cd /usr/share/doc/snort-mysql/\n" +" zcat create_mysql.gz | mysql -u -h -p \n" +"Ompliu correctament les dades de l'usuari, ordinador central i nom de la " +"base de dades. El MySQL us demanarà la contrasenya." + +#. Type: note +#. Description +#: ../snort-mysql.templates:126 ../snort-pgsql.templates:125 +#, fuzzy +msgid "" +"After you created the database structure, you will need to start Snort " +"manually." +msgstr "" +"Un cop creada l'estructura de la base de dades, premeu 'd'acord' per " +"continuar." + +#. Type: string +#. Description +#: ../snort-mysql.templates:140 +msgid "Please enter the hostname of the mysql database server to use." +msgstr "" +"Introduïu el nom de l'ordinador central del servidor de base de dades de " +"MySQL a utilitzar." + +#. Type: string +#. Description +#: ../snort-mysql.templates:140 ../snort-pgsql.templates:139 +msgid "" +"Make sure it has been set up correctly to allow incoming connections from " +"this host!" +msgstr "" +"Abans de permetre les connexions a aquest ordinador, assegureu-vos que " +"estigui configurat correctament." + +#. Type: string +#. Description +#: ../snort-mysql.templates:146 ../snort-pgsql.templates:145 +msgid "Please enter the name of the database to use." +msgstr "Introduïu el nom de la base de dades a utilitzar." + +#. Type: string +#. Description +#: ../snort-mysql.templates:146 ../snort-pgsql.templates:145 +msgid "" +"Make sure this database has been created and your database user has write " +"access to this database." +msgstr "" +"Assegureu-vos que la base de dades existeixi i que el vostre usuari hi " +"tingui permís d'escriptura." + +#. Type: string +#. Description +#: ../snort-mysql.templates:152 ../snort-pgsql.templates:151 +msgid "Please enter the name of the database user you want to use." +msgstr "Introduïu el nom de usuari de la base de dades que voleu utilitzar." + +#. Type: string +#. Description +#: ../snort-mysql.templates:152 ../snort-pgsql.templates:151 +msgid "Make sure this user has been created and has write access." +msgstr "Assegureu-vos que l'usuari estigui creat i tingui permís d'escriptura." + +#. Type: password +#. Description +#: ../snort-mysql.templates:157 ../snort-pgsql.templates:156 +msgid "Please enter the password for the database connection." +msgstr "Introduïu la contrasenya per a la connexió amb la base de dades." + +#. Type: password +#. Description +#: ../snort-mysql.templates:157 ../snort-pgsql.templates:156 +msgid "Please enter a password to connect to the Snort Alert database." +msgstr "" +"Introduïu la contrasenya per connectar-vos a la base de dades d'alertes del " +"Snort." + +#. Type: boolean +#. Description +#: ../snort-pgsql.templates:113 +msgid "Do you want to set up a database for snort-pgsql to log to?" +msgstr "" +"Voleu configurar una base de dades on el snort-pgsql hi registri dades?" + +#. Type: boolean +#. Description +#: ../snort-pgsql.templates:113 +msgid "" +"You only need to do this the first time you install snort-pgsql. Before you " +"go on, make sure you have (1) the hostname of a machine running a pgsql " +"server set up to allow tcp connections from this host, (2) a database on " +"that server, (3) a username and password to access the database. If you " +"don't have _all_ of these, either select 'no' and run with regular file " +"logging support, or fix this first. You can always configure database " +"logging later, by reconfiguring the snort-pgsql package with 'dpkg-" +"reconfigure -plow snort-pgsql'" +msgstr "" +"Aquestes tasques només les heu de dur a terme la primera vegada que " +"instal·leu el snort-pgsql. Abans de continuar assegureu-vos de tenir(1) el " +"nom d'un servidor central on s'estigui executant el servidor de pgsql i que " +"permeti connexions tcp d'aquest ordinador. (2) una base de dades en aquest " +"servidor. (3) un nom d'usuari i una contrasenya per accedir a la base de " +"dades. Si no teniu tots els elements de la llista, solucioneu-ho o " +"seleccioneu l'opció 'no' i utilitzeu el suport tradicional de registre per " +"fitxer. Posteriorment, sempre podreu configurar el mode de registre " +"reconfigurant el paquet snort-pgsql a través de l'ordre 'dpkg-reconfigure -" +"plow snort-pgsql'" + +#. Type: note +#. Description +#: ../snort-pgsql.templates:125 +#, fuzzy +msgid "" +"Snort needs a configured database before it can successfully start up. In " +"order to create the structure you need to run the following commands AFTER " +"the package is installed:\n" +" cd /usr/share/doc/snort-pgsql/\n" +" zcat create_postgresql.gz | psql -U -h -W \n" +"Fill in the correct values for the user, host, and database names. " +"PostgreSQL will prompt you for the password." +msgstr "" +"Creeu l'estructura de la base de dades utilitzant l'ordre següent:\n" +" cd /usr/share/doc/snort-pgsql/\n" +" zcat create_pgsql.gz | pgsql -U -h -W \n" +"Ompliu correctament les dades de l'usuari, ordinador central i nom de la " +"base de dades. El PostgreSQL us demanarà la contrasenya." + +#. Type: string +#. Description +#: ../snort-pgsql.templates:139 +msgid "Please enter the hostname of the pgsql database server to use." +msgstr "" +"Introduïu el nom de l'ordinador central del servidor de base de dades de " +"pgsql a utilitzar." + +#. Type: note +#. Description +#: ../snort-common.templates:3 +msgid "Your configuration file is deprecated" +msgstr "El fitxer de configuració és obsolet" + +#. Type: note +#. Description +#: ../snort-common.templates:3 +msgid "" +"Your Snort configuration file (/etc/snort/snort.conf) uses deprecated " +"options no longer available for this Snort release. Snort will not be able " +"to start unless you provide a correct configuration file. You can substitute " +"your configuration file with the one provided in this package or fix it " +"manually by removing deprecated options." +msgstr "" +"El fitxer de configuració actual (/etc/snort/snort.conf) utilitza opcions " +"obsoletes que ja no estaran disponibles per a aquesta versió del Snort. No " +"el podreu iniciar si no utilitzeu un fitxer de configuració correcte. Podeu " +"substituir el fitxer de configuració pel proporcionat pel paquet o arreglar-" +"lo manualment suprimint les opcions obsoletes." + +#. Type: note +#. Description +#: ../snort-common.templates:3 +msgid "" +"The following deprecated options were found in your configuration file: " +"${DEP_CONFIG}" +msgstr "" +"S'han trobat les opcions obsoletes següents:\n" +"${DEP_CONFIG}" + +#, fuzzy +#~ msgid "" +#~ "Your system has an obsolete configuration file (/etc/snort/snort.common." +#~ "parameters) which has been automatically converted into the new " +#~ "configuration file format (at /etc/default/snort). Please review the new " +#~ "configuration and remove the obsolete one. Until you do this, the init.d " +#~ "script will not use the new configuration and you will not take advantage " +#~ "of the benefits introduced in newer releases." +#~ msgstr "" +#~ "El sistema té un fitxer de configuració obsolet (/etc/snort/snort.common." +#~ "parameters) que s'ha convertit automàticament al nou format de fitxer de " +#~ "configuració (a /etc/default/snort). Comproveu el nou fitxer de " +#~ "configuració i suprimiu l'obsolet. Fins que no ho feu, la seqüència de " +#~ "l'init.d no utilitzarà la nova configuració i no podreu utilitzar les " +#~ "característiques afegides en les noves versions." + +#, fuzzy +#~ msgid "" +#~ "Your system has an obsolete configuration file (/etc/snort/snort.common." +#~ "parameters) which has been automatically converted into the new " +#~ "configuration file format (at /etc/default/snort). Please review the new " +#~ "configuration and remove the obsolete one. Until you do this, the init.d " +#~ "script will not use the new configuration and you will not take advantage " +#~ "of the benefits introduced in newer releases." +#~ msgstr "" +#~ "El sistema té un fitxer de configuració obsolet (/etc/snort/snort.common." +#~ "parameters) que s'ha convertit automàticament al nou format de fitxer de " +#~ "configuració (a /etc/default/snort). Comproveu el nou fitxer de " +#~ "configuració i suprimiu l'obsolet. Fins que no ho feu, la seqüència de " +#~ "l'init.d no utilitzarà la nova configuració i no podreu utilitzar les " +#~ "característiques afegides en les noves versions." + +#, fuzzy +#~ msgid "" +#~ "Please enter the name(s) of the interface(s) which Snort should listen " +#~ "on. The names of the available interfaces are provided by either running " +#~ "'ip link show' of 'ifconfig'. This value usually is 'eth0', but you might " +#~ "want to vary this depending on your environment, if you are using a " +#~ "dialup connection 'ppp0' might be more appropiate." +#~ msgstr "" +#~ "Introduïu el nom de la interfície(s) que hauria d'escoltar el snort. El " +#~ "nom de les interfícies disponibles el podeu aconseguir executant l'ordre " +#~ "'ip link show'. El valor acostuma a ser 'eth0', però us pot interessar " +#~ "modificar-lo en funció de l'entorn, si utilitzeu el marcatge directe " +#~ "probablement us interessi més el valor 'ppp0'." + +#~ msgid "On which interface should Snort listen?" +#~ msgstr "Quina interfície hauria d'escoltar el Snort?" + +#~ msgid "" +#~ "Please enter the interface name which snort should listen on. The name of " +#~ "the available interfaces are provided by running 'ip link show'. This " +#~ "value usually is 'eth0', but you might want to vary this depending on " +#~ "your environment, if you are using a dialup connection 'ppp0' might be " +#~ "more appropiate." +#~ msgstr "" +#~ "Introduïu el nom de la interfície que haurà d'escoltar el snort. El nom " +#~ "de les interfícies disponibles el podeu aconseguir executant l'ordre 'ip " +#~ "link show'. El valor acostuma a ser 'eth0', però us pot interessar " +#~ "modificar-lo en funció de l'entorn, si utilitzeu el marcatge directe " +#~ "probablement us interessi més el valor 'ppp0'." + +#~ msgid "" +#~ "Notice that Snort is usually configured to inspect all traffic coming " +#~ "from the Internet, so the interface you add here is usually the same the " +#~ "'default route' is on. You can determine which interface is used for " +#~ "this running either 'ip route show' or '/sbin/route -n' (look for " +#~ "'default' or '0.0.0.0')." +#~ msgstr "" +#~ "Recordeu que el Snort acostuma a estar configurat per analitzar tot el " +#~ "tràfic d'internet, la interfície a afegir acostuma a ser la mateixa que " +#~ "la de la 'ruta per defecte'. Podeu obtenir-la executant l'ordre 'ip route " +#~ "show' o '/sbin/route -n' (cerqueu 'default' o '0.0.0.0')." + +#~ msgid "Should Snort disable promiscous mode on the interface?" +#~ msgstr "S'hauria d'inhabilitar el mode promiscu de la interfície?" + +#~ msgid "On which interface Snort should listen? (only one!)" +#~ msgstr "Quina interfície hauria d'escoltar el Snort? (només una!)" + +#~ msgid "What address range should Snort consider to be local?" +#~ msgstr "Quin rang d'adreces hauria de considerar local el Snort?" + +#~ msgid "" +#~ "You have to use CIDR form, i.e. 192.168.1.0/24 for a block of 256 IPs or " +#~ "192.168.1.42/32 for just one. Specify multiple addresses on a single " +#~ "line, seperated by ',' (comma characters). No spaces allowed!" +#~ msgstr "" +#~ "Heu d'utilitzar el format CIDR, ex. 192.168.1.0/24 per un bloc de 256 IPs " +#~ "o 192.268.1.42/32 per únicament una. Especifiqueu múltiples adreces " +#~ "separades per ',' (caràcters de coma) i en una sola línia. Els espais no " +#~ "estan permesos!" + +#~ msgid "" +#~ "Disabling the promiscuous mode means that Snort will only see packets " +#~ "addressed to its own interface. Enabling allows it to check every packet " +#~ "that passes the ethernet even if it's a connection between two other " +#~ "computers" +#~ msgstr "" +#~ "Si s'inhabilita el mode promiscu, el Snort únicament veurà els paquets " +#~ "adreçats a la seva pròpia interfície. Cal que l'habiliteu per comprovar " +#~ "cada paquet que passa per la xarxa ethernet, encara que sigui entre " +#~ "altres ordinadors." + +#~ msgid "When should snort be started?" +#~ msgstr "Quan s'hauria d'iniciar el Snort?" + +#~ msgid "Please enter the address range that snort will listen on." +#~ msgstr "Introduïu el rang d'adreces que escoltarà el Snort." + +#~ msgid "" +#~ "You have to use CIDR form, i.e. 192.168.1.0/24 for a block of 256 IPs or " +#~ "192.168.1.42/32 for just one. Specify multiple addresses on a single " +#~ "line, separated by ',' (comma characters). No spaces allowed!" +#~ msgstr "" +#~ "Heu d'utilitzar el format CIDR, ex. 192.168.1.0/24 per un bloc de 256 IPs " +#~ "o 192.268.1.42/32 per únicament una. Especifiqueu múltiples adreces " +#~ "separades per ',' (caràcters de coma) i en una sola línia. Els espais no " +#~ "estan permesos!" + +#~ msgid "" +#~ "Disabling the promiscuous mode means that snort will only see packets " +#~ "addressed to it's own interface. Enabling allows it to check every packet " +#~ "that passes the ethernet even if it's a connection between two other " +#~ "computers" +#~ msgstr "" +#~ "Si s'inhabilita el mode promiscu, el Snort únicament veurà els paquets " +#~ "adreçats a la seva pròpia interfície. Cal que l'habiliteu per comprovar " +#~ "cada paquet que passa per la xarxa ethernet, encara que sigui entre " +#~ "altres ordinadors." + +#~ msgid "Should snort's rules testing order be changed to Pass|Alert|Log?" +#~ msgstr "" +#~ "S'hauria de canviar l'ordre de comprovació de les regles del Snort per " +#~ "Pass|Alert|Log?" + +#~ msgid "" +#~ "If you change snort's rules testing order to Pass|Alert|Log, they will be " +#~ "applied in Pass->Alert->Log order, instead of standard Alert->Pass->Log. " +#~ "This will prevent people from having to make huge BPF command line " +#~ "arguments to filter their alert rules." +#~ msgstr "" +#~ "Si canvieu l'ordre de comprovació de les regles del Snort per Pass|Alert|" +#~ "Log, s'aplicaran en l'ordre Pass->Alert->Log, en compte del estàndard " +#~ "Alert->Pass->Log. Aquesta opció permetrà que els usuaris no hagin " +#~ "d'utilitzar una grna quantitat d'arguments de la línia d'ordres de BPF " +#~ "per filtrar les regles d'alerta." + +#~ msgid "" +#~ "You only need to do this the first time you install snort-pgsql. Before " +#~ "you go on, make sure you have the following things at hand: - The " +#~ "hostname of a machine running a pgsql server, set up to allow TCP\n" +#~ " connections to the database (from this host).\n" +#~ "- A database on the database server - A username and password for a user " +#~ "that has write access to this database. If you don't have _all_ of these, " +#~ "either select 'no' and run with regular file logging support, or fix this " +#~ "first. You can always configure database logging later, by reconfiguring " +#~ "the snort-pgsql package." +#~ msgstr "" +#~ "Aquestes tasques només les heu de realitzar la primera vegada que " +#~ "instal·leu el snort-mysql. Abans de continuar assegureu-vos de tenir(1) " +#~ "el nom d'un servidor central on s'estigui executant el servidor de PgSQL " +#~ "i que permeti connexions tcp d'aquest ordinador. (2) una base de dades en " +#~ "aquest servidor. (3) un nom d'usuari i una contrasenya per accedir a la " +#~ "base de dades. Si no teniu tots els elements de la llista, solucioneu-ho " +#~ "o seleccioneu l'opció 'no' i utilitzeu el suport tradicional de registre " +#~ "per fitxer. Posteriorment, sempre podreu configurar el mode de registre " +#~ "reconfigurant el paquet snort-pgsql." + +#~ msgid "" +#~ "Please create the database structure now, using the following command:\n" +#~ " cd /usr/share/doc/snort-pgsql/\n" +#~ " zcat create_postgresql.gz | psql -u -h \n" +#~ "Filling in the correct values for the user, host, and database names. The " +#~ "pgsql tool will prompt you for the password." +#~ msgstr "" +#~ "Creeu l'estructura de la base de dades utilitzant la següent ordre:\n" +#~ " cd /usr/share/doc/snort-pgsql/\n" +#~ " zcat create_postgresql.gz | pgsql -u -h " +#~ "\n" +#~ "Omplint correctament les dades de l'usuari, ordinador central i nom de la " +#~ "base de dades. El PgSQL us demanarà la contrasenya." + +#~ msgid "Please enter the password for the database connection" +#~ msgstr "Introduïu la contrasenya per la connexió amb la base de dades." + +#~ msgid "Please enter a password to connect to the SNORT Alert database" +#~ msgstr "" +#~ "Introduïu la contrasenya per la connexió a la base dades d'alerta de " +#~ "l'Stnort" + +#~ msgid "You are running snort manually." +#~ msgstr "Esteu executant el Snort manualment." + +#~ msgid "" +#~ "Please restart snort using:\n" +#~ " /etc/init.d/snort start\n" +#~ "to let the settings take effect." +#~ msgstr "" +#~ "Per l'efectivitat dels canvis reinicieu el Snort utilitzant:\n" +#~ " /etc/init.d/snort start\n" --- snort-2.3.3.orig/debian/rules +++ snort-2.3.3/debian/rules @@ -0,0 +1,217 @@ +#!/usr/bin/make -f +#-*- makefile -*- +# Made with the aid of dh_make, by Craig Small +# Sample debian/rules that uses debhelper. GNU copyright 1997 by Joey Hess. +# Some lines taken from debmake, by Christoph Lameter. + +export DH_VERBOSE=1 + +TMP=`pwd`/debian + +CFLAGS:=-g -O2 -D_GNU_SOURCE + +ifneq (,$(findstring debug,$(DEB_BUILD_OPTIONS))) + CFLAGS += -g +endif +ifeq (,$(findstring nostrip,$(DEB_BUILD_OPTIONS))) + INSTALL_PROGRAM += -s +endif + +export CFLAGS + +CONFFLAGS= --prefix=/usr \ + --bindir=\$$\{exec_prefix\}/sbin \ + --mandir=\$$\{exec_prefix\}/share/man \ + --enable-smbalerts +# Cannot enable flexresp since it builds only with libnet 1.0.2a +# --enable-flexresp \ + +build-indep: build-indep-stamp +build-indep-stamp: + dh_testdir + cd doc && make snort_manual.pdf + +build: build-stamp +build-stamp: + dh_testdir + + ./configure $(CONFFLAGS) \ + --with-mysql \ + --without-postgresql + + # Add here commands to compile the package. + $(MAKE) + mv src/snort src/snort-mysql + $(MAKE) clean + + ./configure $(CONFFLAGS) \ + --without-mysql \ + --with-postgresql \ + --with-pgsql-includes=`pg_config --includedir` + + # Add here commands to compile the package. + $(MAKE) + mv src/snort src/snort-pgsql + $(MAKE) clean + + ./configure $(CONFFLAGS) \ + --without-mysql \ + --without-postgresql + + # Add here commands to compile the package. + $(MAKE) + cd doc && $(MAKE) faq.pdf + $(MAKE) clean + + touch build-stamp + +clean: + dh_testdir + dh_testroot + rm -f build-stamp install-stamp + + # Add here commands to clean up after the build process. + -(cd doc && $(MAKE) distclean) + -$(MAKE) distclean + rm -f src/snort-mysql + rm -f src/snort-pgsql + rm -f doc/snort_manual.{pdf,ps,aux,log,toc} + + dh_clean + +install: install-stamp +install-stamp: build-stamp + dh_testdir + dh_testroot + dh_clean -k + dh_installdirs + + # Add here commands to install the package into debian/tmp. + $(MAKE) install prefix=$(TMP)/snort-common/usr/ + install -m 755 -o root -g root `pwd`/debian/snort.init.d $(TMP)/snort-mysql/etc/init.d/snort + install -m 755 -o root -g root `pwd`/debian/snort.init.d $(TMP)/snort-pgsql/etc/init.d/snort + install -m 755 -o root -g root `pwd`/debian/snort.init.d $(TMP)/snort/etc/init.d/snort + + install -m 755 -o root -g root `pwd`/debian/my/snort.ip-up.d $(TMP)/snort-mysql/etc/ppp/ip-up.d/snort + install -m 755 -o root -g root `pwd`/debian/my/snort.ip-up.d $(TMP)/snort-pgsql/etc/ppp/ip-up.d/snort + install -m 755 -o root -g root `pwd`/debian/my/snort.ip-up.d $(TMP)/snort/etc/ppp/ip-up.d/snort + install -m 755 -o root -g root `pwd`/debian/my/snort.ip-down.d $(TMP)/snort-mysql/etc/ppp/ip-down.d/snort + install -m 755 -o root -g root `pwd`/debian/my/snort.ip-down.d $(TMP)/snort-pgsql/etc/ppp/ip-down.d/snort + install -m 755 -o root -g root `pwd`/debian/my/snort.ip-down.d $(TMP)/snort/etc/ppp/ip-down.d/snort + rm -rf $(TMP)/snort-common/etc/ppp + +# install -m 644 -o root -g root `pwd`/debian/snort.common.parameters $(TMP)/snort-mysql/etc/snort/snort.common.parameters +# install -m 644 -o root -g root `pwd`/debian/snort.common.parameters $(TMP)/snort-pgsql/etc/snort/snort.common.parameters +# install -m 644 -o root -g root `pwd`/debian/snort.common.parameters $(TMP)/snort/etc/snort/snort.common.parameters + install -m 644 -o root -g root `pwd`/debian/snort.default $(TMP)/snort-mysql/etc/default/snort + install -m 644 -o root -g root `pwd`/debian/snort.default $(TMP)/snort-pgsql/etc/default/snort + install -m 644 -o root -g root `pwd`/debian/snort.default $(TMP)/snort/etc/default/snort + + install -m 644 -o root -g root `pwd`/debian/snort.logrotate $(TMP)/snort-mysql/etc/logrotate.d/snort + install -m 644 -o root -g root `pwd`/debian/snort.logrotate $(TMP)/snort-pgsql/etc/logrotate.d/snort + install -m 644 -o root -g root `pwd`/debian/snort.logrotate $(TMP)/snort/etc/logrotate.d/snort + + install -m 755 -o root -g root `pwd`/debian/snort.cron.daily $(TMP)/snort-common/etc/cron.daily/5snort + install -m 755 -o root -g root `pwd`/debian/my/snort-stat $(TMP)/snort-common/usr/sbin/ + install -m 644 -o root -g root `pwd`/etc/snort.conf $(TMP)/snort-common/etc/snort/ + install -m 644 -o root -g root `pwd`/etc/unicode.map $(TMP)/snort-common/etc/snort/ + install -m 644 -o root -g root `pwd`/etc/threshold.conf $(TMP)/snort-common/etc/snort/ + + cp rules/*.rules $(TMP)/snort-rules-default/etc/snort/rules/ +# mkdir -p $(TMP)/snort-rules-default/usr/share/snort/ +# install -m 644 -o root -g root `pwd`/debian/oldrules.md5 $(TMP)/snort-rules-default/usr/share/snort/oldrules.md5 + + cp etc/sid-msg.map $(TMP)/snort-rules-default/etc/snort/ + cp etc/gen-msg.map $(TMP)/snort-rules-default/etc/snort/ + cp etc/classification.config $(TMP)/snort-rules-default/etc/snort/ + cp etc/reference.config $(TMP)/snort-rules-default/etc/snort/ + + mv src/snort-mysql $(TMP)/snort-mysql/usr/sbin/snort + mv src/snort-pgsql $(TMP)/snort-pgsql/usr/sbin/snort + + mv $(TMP)/snort-common/usr/sbin/snort $(TMP)/snort/usr/sbin/snort + + touch install-stamp + +# Build architecture-independent files here. +binary-indep: build build-indep install + dh_testdir -i + dh_testroot -i + + dh_installdocs -i + dh_installexamples -i + dh_installdebconf -i + dh_installman -i + # Other adjustments + rm -rf $(TMP)/snort-doc/usr/share/doc/snort-doc/CVS + rm -rf $(TMP)/snort-doc/usr/share/doc/snort-doc/contrib/CVS + chmod +x $(TMP)/snort-doc/usr/share/doc/snort-doc/examples/snort* + cp -a doc/signatures/ $(TMP)/snort-doc/usr/share/doc/snort-doc/ + rm -rf $(TMP)/snort-doc/usr/share/man + rm -rf $(TMP)/snort-rules-default/usr/share/man + dh_undocumented -i + rm -rf $(TMP)/snort-common/usr/share/man/man8/snort.* + dh_installchangelogs -i ChangeLog + dh_link -i + dh_strip -i + dh_compress -i + dh_fixperms -i + dh_suidregister -i + dh_makeshlibs -i + dh_installdeb -i + dh_perl -i + dh_shlibdeps -i + dh_gencontrol -i + dh_md5sums -i + dh_builddeb -i + +# Build architecture-dependent files here. +binary-arch: build install + dh_testdir -a + dh_testroot -a + dh_installdocs -a + dh_installexamples -a + chmod +x $(TMP)/snort/usr/share/doc/snort/examples/snort* + chmod +x $(TMP)/snort-mysql/usr/share/doc/snort-mysql/examples/snort* + chmod +x $(TMP)/snort-pgsql/usr/share/doc/snort-pgsql/examples/snort* + dh_installdebconf -a + dh_installman -a + cp $(TMP)/snort-mysql/usr/share/doc/snort-mysql/copyright $(TMP)/snort/usr/share/doc/snort/ + rm -rf $(TMP)/snort-mysql/usr/share/man/man8/snort-stat.* + rm -rf $(TMP)/snort-pgsql/usr/share/man/man8/snort-stat.* + rm -rf $(TMP)/snort-rules-default/usr/share/man + rm -rf $(TMP)/snort/usr/share/man/man8/snort-stat.* + rm -rf $(TMP)/snort-common/usr/share/man/man8/snort.* + + mkdir -p $(TMP)/snort-mysql/usr/share/doc/snort-mysql/ + install -m 644 -o root -g root schemas/create_mysql $(TMP)/snort-mysql/usr/share/doc/snort-mysql/ + + mkdir -p $(TMP)/snort-pgsql/usr/share/doc/snort-pgsql/ + install -m 644 -o root -g root schemas/create_postgresql $(TMP)/snort-pgsql/usr/share/doc/snort-pgsql/ + + dh_undocumented -a + dh_installchangelogs -a ChangeLog + dh_link -a + dh_strip -a + dh_compress -a + dh_fixperms -a + dh_suidregister -a + dh_makeshlibs -a + dh_installdeb -a + dh_perl -a + dh_shlibdeps -a + dh_gencontrol -a + dh_md5sums -a + dh_builddeb -a + +source diff: + @echo >&2 'source and diff are obsolete - use dpkg-source -b'; false + +update-rules: + mv rules rules.old + wget -q -O ../snortrules-snapshot-2_2.tar.gz http://www.snort.org/dl/rules/snortrules-snapshot-2_2.tar.gz + tar -zxf ../snortrules-snapshot-2_2.tar.gz + if [ -d rules ] ; then mv rules.old/Makefile* rules/; rm -rf rules.old; fi + +binary: binary-indep binary-arch +.PHONY: build clean binary-indep binary-arch binary --- snort-2.3.3.orig/debian/snort.logrotate +++ snort-2.3.3/debian/snort.logrotate @@ -0,0 +1,12 @@ +/var/log/snort/portscan.log /var/log/snort/alert /var/log/snort/portscan2.log { + daily + rotate 7 + compress + missingok + notifempty + create 0640 snort adm + sharedscripts + postrotate + /etc/init.d/snort restart > /dev/null 2>&1 + endscript +} --- snort-2.3.3.orig/debian/README.Maintainer +++ snort-2.3.3/debian/README.Maintainer @@ -0,0 +1,24 @@ +# +# files modified outside the debian directory +# +snort-lib: + * Activated alert_syslog LOG_AUTH LOG_ALERT + * Activated output log_tcpdump snort.log # easier for logrotate + * Activated preprocessor defrag + * Commented out the HOME_NET variable - this will be set in + snort-startup-script. + * Commented out the DNS_SERVER variable. What's the benefit? + * Added 'include local-first' as first include and + 'include local-last' as last include for user-specific + extensions. + * Commented out backdoor-lib completely. Too many false positives. + * Commented out ping-lib completely. Too many false positives. + +I commented out the following detections as they either generated too many +false positives or generate too much noise for harmless things like +traceroutes or nmap fingerprint attempts. (marked by s/^/#debian#/) +scan-lib: + "detect fingerprinting attempts" + "Windows Traceroutes" + "Standard Traceroutes" + "dst port 8080" # http proxy --- snort-2.3.3.orig/debian/TODO +++ snort-2.3.3/debian/TODO @@ -0,0 +1,78 @@ + +TODO things for Snort in Debian +------------------------------- + +- Offer the user an option to automatically create the database since + the schemas (at /usr/share/doc/snort*) stuff is not available on installation. + Review what other packages (gnudip? horde? imp? sitebar? openwebmail?) + have done and consider the use of the generic user for database + administration. Note that database permissions for the 'snort' + user need to be properly setup! + Also see: http://lists.debian.org/debian-devel/2004/08/msg01104.html + http://lists.debian.org/debian-devel/2004/10/msg00340.html + and + http://lists.debian.org/debian-devel/2004/10/msg00962.html + + I probably need to take a look at how wwwconfig-common or use the + new dbconfig-common information does it... + +- Include Rpm improvements to the init.d file suchas : + + * The init.d file could use separate LOGDIR files per interface instead of + one for all instances (bound to break) just like it's done in the RedHat + init script. The check_logdir function should be called per possible LOGDIR + definition. If the LOGDIR did not exist it should be created with proper + permissions. + + Note: logrotate definitions will need to be changed if this is changed + + * stats option in the init.d file + * Additional /etc/default/snort parameters similar to the RPM ones for + compatibility + +- Include ntop improvements to init.d script: check if interface is up + +- Use LSB functions in Init.d script + +- Use ucf to integrate changes by the maintainer when upgrading + +- Break up the init.d script into reusable functions + Also: add a check in order to determine if the snort sensor started + up properly or it did not. + +- The check_log_dir check in the init.d script could best check if the + LOGDIR directory is writable by the snort user. It might not be good + (security-wise) to force it's owned by the snort user (since then + it would be able to remove its own logs) + +- Check if --enable-flexresp works with libnet 1.1.x + +- The snort-common package currently does not check if you _accepted_ the + config file provided, this is related to bug #247665 which is partially + fixed by the snort-common Source-Version depends introduced in 2.2.0-2 + +- Provide support to avoid specifying the address range for multiple + interfaces (or skip this if you have more than once and substitute + by a note telling the admin to configure this in the snort.$IFACE.conf + file). This could be done using 'ip addr show $IFACE' and extracting + the vaule from the 'inet' component. + +- Rewrite the "address range" question. It actually does not explain what + it is actually used for (HOME_NET) + +- Determine, if the interface is configured and up and has an assigned + IP address, the address range for the sensor in an automatic way + This should also handle multiple interfaces. + (see bug #248000) + +- Add some common logcheck rules (see #222584, and #217175) + +DONE + +- Have a way in preinst to migragte from the old common.parameters to the + new /etc/default/snort so that all users can benefit from it. + +- Provide an update script, as required in #191105 + Done: snort-rules-default currently recommends: 'oinkmaster' better + that than maintaining a separate update script unmaintained upstream. + --- snort-2.3.3.orig/debian/snort-mysql.prerm +++ snort-2.3.3/debian/snort-mysql.prerm @@ -0,0 +1,52 @@ +#! /bin/sh +# prerm script for snort +# +# see: dh_installdeb(1) + +set -e + +# summary of how this script can be called: +# * `remove' +# * `upgrade' +# * `failed-upgrade' +# * `remove' `in-favour' +# * `deconfigure' `in-favour' +# `removing' +# +# for details, see /usr/doc/packaging-manual/ + +case "$1" in + remove|upgrade|deconfigure) + if [ -x /usr/sbin/invoke-rc.d ]; then + invoke-rc.d snort stop || true + else + /etc/init.d/snort stop || true + fi + ;; + failed-upgrade) + ;; + *) + echo "prerm called with unknown argument \`$1'" >&2 + exit 0 + ;; +esac + +# no matter if dialup, manual or boot modus! +#if [ -x /usr/sbin/invoke-rc.d ]; then +# invoke-rc.d snort stop || true +#else +# /etc/init.d/snort stop || true +#fi +# this used to be done with /etc/init.d/snort. +# Older versions of snort just kill every process with 'snort' in the +# name, so also 'snort.prerm'. This fixes that. +ps cax | grep ' snort$' | awk '{print $1}' | + xargs --no-run-if-empty kill -s KILL >/dev/null +rm -f /var/run/snort_*.pid + +# dh_installdeb will replace this with shell code automatically +# generated by other debhelper scripts. + +#DEBHELPER# + +exit 0 --- snort-2.3.3.orig/debian/compat +++ snort-2.3.3/debian/compat @@ -0,0 +1 @@ +4 --- snort-2.3.3.orig/debian/snort-pgsql.preinst +++ snort-2.3.3/debian/snort-pgsql.preinst @@ -0,0 +1,114 @@ +#!/bin/sh + +set -e + +# summary of how this script can be called: +# * `install' +# * `install' +# * `upgrade' +# * `abort-upgrade' + +DEFAULT=/etc/default/snort +PARAMETERS=/etc/snort/snort.common.parameters + +check_parameters() { +# Check if the old parameters file is there and this is +# an upgrade (default is not) + # Abort if either the old parameters file does not exist + # or if the new default has already been installed + [ ! -r "$PARAMETERS" ] && return + [ -r "$DEFAULT" ] && return + + # Extract our values from there + logdir=`cat $PARAMETERS | perl -ne 'print $1 if /-l\s+([\w\/]+)/'` + user_snort=`cat $PARAMETERS | perl -ne 'print $1 if /-u\s+(\w+)/'` + group_snort=`cat $PARAMETERS | perl -ne 'print $1 if /-g\s+(\w+)/'` + extraparms=`cat $PARAMETERS | sed -e 's/-l[[:space:]]\+[\/[:alnum:]]\+[[:space:]]\+//g; s/-u[[:space:]]\+[[:alnum:]]\+[[:space:]]*//g; s/-g[[:space:]]\+[[:alnum:]]\+[[:space:]]*//g;'` + echo "Creating new $DEFAULT configuration based on $PARAMETERS" + cat <$DEFAULT +# Parameters for the daemon +PARAMS="$extraparms" +# Logging directory +LOGDIR="$logdir" +# Snort user +SNORTUSER="$user_snort" +# Snort group +SNORTGROUP="$group_snort" +EOF + return +} + +case "$1" in + install|upgrade) + + check_parameters + [ -r "$DEFAULT" ] && . $DEFAULT + # Sane defaults, just in case + [ -z "$SNORTUSER" ] && SNORTUSER=snort + [ -z "$SNORTGROUP" ] && SNORTGROUP=snort + [ -z "$LOGDIR" ] && LOGDIR=/var/log/snort + + # create snort user to avoid running snort as root + # 1. create group if not existing + if ! getent group | grep -q "^$SNORTGROUP:" ; then + addgroup --quiet --system $SNORTGROUP 2>/dev/null || true + fi + # 2. create homedir if not existing + test -d $LOGDIR || mkdir $LOGDIR + # 3. create user if not existing + if ! getent passwd | grep -q "^$SNORTUSER:"; then + adduser --quiet \ + --system \ + --ingroup $SNORTGROUP \ + --no-create-home \ + --disabled-password \ + $SNORTUSER 2>/dev/null || true + fi + # 4. adjust passwd entry + usermod -c "Snort IDS" \ + -d $LOGDIR \ + -g $SNORTGROUP \ + $SNORTUSER + # 5. adjust file and directory permissions + if ! dpkg-statoverride --list $LOGDIR >/dev/null + then + chown -R $SNORTUSER:adm $LOGDIR + chmod u=rwx,g=rxs,o= $LOGDIR + fi + + # setup /etc/snort + test -d /etc/snort || mkdir /etc/snort + + # move config file to new location + if [ -e /etc/snort.conf ]; then + mv /etc/snort.conf /etc/snort/snort.conf + fi + + # rename probably existing cron job with old name + if [ -e /etc/cron.daily/snort ]; then + mv /etc/cron.daily/snort /etc/cron.daily/5snort + fi + + # If this is the first time we are installation then create + # the /etc/snort/db-pending-config + if [ "$1" = "install" ] && [ -z "$2" ] ; then + touch /etc/snort/db-pending-config + fi + + ;; + configure) + ;; + abort-upgrade) + ;; + *) + echo "preinst called with unknown argument \`$1'" >&2 + exit 0 + ;; +esac + +# dh_installdeb will replace this with shell code automatically +# generated by other debhelper scripts. + +#DEBHELPER# + +exit 0 --- snort-2.3.3.orig/debian/snort-doc.dirs +++ snort-2.3.3/debian/snort-doc.dirs @@ -0,0 +1 @@ +/usr/share/doc/snort --- snort-2.3.3.orig/debian/my/CVS/Repository +++ snort-2.3.3/debian/my/CVS/Repository @@ -0,0 +1 @@ +snort/debian/my --- snort-2.3.3.orig/debian/my/CVS/Root +++ snort-2.3.3/debian/my/CVS/Root @@ -0,0 +1 @@ +:ext:ssmeenk@cvs.alioth.debian.org:/cvsroot/pkg-snort --- snort-2.3.3.orig/debian/my/CVS/Entries +++ snort-2.3.3/debian/my/CVS/Entries @@ -0,0 +1,8 @@ +/FAQ.html/1.1.1.1/Fri Aug 22 11:01:26 2003// +/diff/1.1.1.1/Fri Aug 22 11:01:26 2003// +/lisapaper.txt/1.1.1.1/Fri Aug 22 11:01:27 2003// +/snort-stat/1.1.1.1/Fri Aug 22 11:01:26 2003// +/snort.ip-down.d/1.1.1.1/Fri Aug 22 11:01:26 2003// +/snort_rules.html/1.1.1.1/Fri Aug 22 11:01:26 2003// +/snort.ip-up.d/1.2/Mon Sep 8 21:46:48 2003// +D --- snort-2.3.3.orig/debian/my/snort_rules.html +++ snort-2.3.3/debian/my/snort_rules.html @@ -0,0 +1,770 @@ + + + + + + + Writing Snort Rules + + + +
Writing Snort Rules +
How To write Snort rules and keep your sanity +
Current as of version 1.3.1.2 +
By Martin Roesch +
+
+Contents + + +
+
+
The Basics +
Snort uses a simple, lightweight rules description language +that is flexible and quite powerful.  There are a number of simple +guidelines to remember when developing Snort rules. +

The first is that Snort rules must be completely contained on a single +line, the Snort rule parser doesn't know how to handle rules on multiple +lines. +

Snort rules are divided into two logical sections, the rule header and +the rule options.  The rule header contains the rule's action, protocol, +source and destination IP addresses and netmasks, and the source and destination +ports information.  The rule option section contains alert messages +and information on which parts of the packet should be inspected to determine +if the rule action should be taken. +

Here is an example rule: +

+

+ + + +
+
alert tcp any any -> 192.168.1.0/24 111 (content:"|00 01 86 a5|"; +msg: "mountd access";)
+
+ +
Figure 1 - Sample Snort Rule
+ +

The text up to the first parenthesis is the rule header and the +section enclosed in parenthesis is the rule options.  The words +before the colons in the rule options section are called option keywords.  +Note that the rule options section is not specifically required by any +rule, they are just used for the sake of making tighter definitions of +packets to collect or alert on (or drop, for that matter).  All of +the elements in that make up a rule must be true for the indicated rule +action to be taken.  When taken together, the elements can be considered +to form a logical AND statement.  At the same time, the various rules +in a Snort rules library file can be considered to form a large logical +OR statement.  Let's begin by talking about the rule header section.

+ +
Rule Headers +
Rule Actions: +

The rule header contains the information that defines the "who, where, +and what" of a packet, as well as what to do in the event that a packet +with all the attributes indicated in the rule should show up.  The +first item in a rule is the rule action.  The rule action tells +Snort what to do when it finds a packet that matches the rule criteria.  +There are three available actions in Snort, alert, log, and pass. +

    +
  • +alert - generate an alert using the selected alert method, and then log +the packet
    • + +
  • +log - log the packet
    • + +
  • +pass - drop (ignore) the packet
    • +
+Protocols: +

The next field in a rule is the protocol.  There are three IP protocols +that Snort currently analyzes for suspicious behavior, tcp, udp, and icmp.  +In the future there may be more, such as ARP, IGRP, GRE, OSPF, RIP, IPX, +etc.

+ +
+
    +
  • +tcp
    • + +
  • +udp
    • + +
  • +icmp
    • +
+IP Addresses: +

The next portion of the rule header deals with the IP address and port +information for a given rule.  The keyword "any" may be used to define +any address.  Snort does not have a mechanism to provide host name +lookup for the IP address fields in the rules file.  The addresses +are formed by a straight numeric IP address and a CIDR +block.  The CIDR block indicates the netmask that should be applied +to the rule's address and any incoming packets that are tested against +the rule.  A CIDR block mask of /24 indicates a Class C network, /16 +a Class B network, and /32 indicates a specific machine address.  +For example, the address/CIDR combination 192.168.1.0/24 would signify +the block of addresses from 192.168.1.1 to 192.168.1.255.  Any rule +that used this designation for, say, the destination address would match +on any address in that range.  The CIDR designations give us a nice +short-hand way to designate large address spaces with just a few characters. +

In Figure 1, the source IP address was +set to match for any computer talking, and the destination address was +set to match on the 192.168.1.0 Class C network. +

There is an operator that can be applied to IP addresses, the negation +operator.  This operator tells Snort to match any IP address except +the +one indicated by the listed IP address.  The negation operator is +indicated with a "!".  For example, an easy modification to the initial +example is to make it alert on any traffic that originates outside of the +local net with the negation operator as shown in Figure 2. +

+

+ + + +
+
alert tcp !192.168.1.0/24 any -> 192.168.1.0/24 111 (content: "|00 +01 86 a5|"; msg: "external mountd access";)
+
+ +
Figure 2 - Example IP Address Negation Rule
+ +

This rule's IP addresses indicate "any tcp packet with a source IP address +not +originating from the internal network and a destination address on the  +internal network". +

Port Numbers +

Port numbers may be specified in a number of ways, including "any" ports, +static port definitions, ranges, and by negation.  "Any" ports are +a wildcard value, meaning literally any port.  Static ports are indicated +by a single port number, such as 111 for portmapper, 23 for telnet, or +80 for http, etc.  Port ranges are indicated with the range operator +":".  The range operator may be applied in a number of ways to take +on different meanings, such as in Figure 3. +
  +
  +

+ + + + + + + + + + + +
+
log udp any any -> 192.168.1.0/24 1:1024  +
log udp traffic coming from any port and destination ports ranging +from 1 to 1024
+
+
log tcp any any -> 192.168.1.0/24 :6000  +
log tcp traffic from any port going to ports less than or equal +to 6000
+
+
log tcp any :1024 -> 192.168.1.0/24 500:  +
log tcp traffic from priveleged ports less than or equal to 1024 +going to ports greater than or equal to 500
+
+ +
Figure 3 - Port Range Examples
+ +


+

Port negation is indicated by using the negation operator "!".  +The negation operator may be applied against any of the other rule types +(except any, which would translate to none, how Zen...).  For example, +if for some twisted reason you wanted to log everything except the X Windows +ports, you could do something like the rule in Figure 4. +
  +
  +

+ + + +
+
log tcp any any -> 192.168.1.0/24 !6000:6010
+
+ +
Figure 4 - Example of Port Negation
+ +


+

The Direction Operator +

The direction operator "->" indicates the orientation, or "direction", +of the traffic that the rule applies to.  The IP address and port +numbers on the left side of the direction operator is considered to be +the traffic coming from the source host, and the address and port information +on the right side of the operator is the destination host.  There +is also a bidirectional operator, which is indicated with a "<>" +symbol.  This tells Snort to consider the address/port pairs in either +the source or destination orientation.  This is handy for recording/analyzing +both sides of a conversation, such as telnet or POP3 sessions.  An +example of the bidirectional operator being used to record both sides of +a telnet session is shown in Figure 5. +
  +
  +

+ + + +
+
log !192.168.1.0/24 any <> 192.168.1.0/24 23
+
+ +
Figure 5 - Snort rules using the Bidirectional Operator
+
+Rule Options +
Rule options form the heart of Snort's intrusion detection +engine, combining ease of use with power and flexibility.  All Snort +rule options are separated from each other using the semicolon ";" character.  +Rule option keywords are separated from their arguments with a colon ":" +character. As of this writing, there are fifteen rule option keywords  +available for Snort: +
    +
  • +msg - prints a message in alerts and packet logs
    • + +
  • +logto - log the packet to a user specified filename instead of the standard +output file
    • + +
  • +minfrag - set a threshold value for the smallest acceptable IP fragment +size
    • + +
  • +ttl - test the IP header's TTL field value
    • + +
  • +id - test the IP header's fragment ID field for a specific value
    • + +
  • +dsize - test the packet's payload size against a value
    • + +
  • +content - search for a pattern in the  packet's payload
    • + +
  • +offset - modifier for the content option, sets the offset to begin attempting +a pattern match
    • + +
  • +depth - modifier for the content option, sets the maximum search depth +for a pattern match attempt
    • + +
  • +flags - test the TCP flags for certain values
    • + +
  • +seq - test the TCP sequence number field for a specific value
    • + +
  • +ack - test the TCP acknowledgement field for a specific value
    • + +
  • +itype - test the ICMP type field against a specific value
    • + +
  • +icode - test the ICMP code field against a specific value
    • + +
  • +session - dumps the application layer information for a given session
    • +
+ +


Msg +

The msg rule option tells the logging and alerting engine the +message to print along with a packet dump or to an alert.  It is a +simple text string that utilizes the "\" as an escape character to indicate +a discrete character that might otherwise confuse Snort's rules parser +(such as the semi-colon ";" character). +

Format: +

msg: "<message text>";
+ +


Logto +

The logto option tells Snort to log all packets that trigger +this rule to a special output log file.  This is especially handy +for combining data from things like NMAP activity, HTTP CGI scans, etc.  +It should be noted that this option does not work when Snort is in binary +logging mode. +

Format: +

logto: "<filename>";
+ +


Minfrag +

Minfrag sets a minimum size threshold for a fragmented packet.  +It is generally used in conjunction with a single alert rule to set a boundry +for the minimum fragment size that is acceptable on a network segment.  +It makes a handy detector for attackers that like to break their fragments +into tiny pieces before transmitting them to try to avoid detection mechaisms.  +Generally speaking, there is virtually no commercial network equipment +available that generates fragments smaller than 256-bytes, so people can +take advantage of this fact by setting their minfrag value somewhere below +that threshold.  See Figure 6 for an example of a rule that uses the +minfrag option. +

Format: +

minfrag: "<number>";
+ +
+ + + +
+
alert tcp any any -> any any (minfrag: 256; msg: "Tiny fragments +detected, possible hostile activity";)
+
+ +
Figure 6 - Minfrag Rule Option Example
+ +


+
+
+
+

TTL +

This rule option is used to set a specific time-to-live value to test +against.  The test it performs is only sucessful on an exact match.  +This option keyword was intended for use in the detection of traceroute +attempts. +

Format: +

ttl: "<number>";
+ID +

This option keyword is used to test for an exact match in the IP header +fragment ID field.  Some hacking tools (and other programs) set this +field specifically for various purposes, for example the value 31337 is +very popular with some hackers.  This can be turned against them by +putting a simple rule in place to test for this and some other "hacker +numbers". +

Format: +

id: "<number>;
+ +


Dsize +

The dsize option is used to test the packet payload size.  It may +be set to any value, plus use the greater than/less than signs to indicate +ranges and limits.  For example, if you know that a certain service +has a buffer of a certain size, you can set this option to watch for attempted +buffer overflows.  It has the added advantage of being a much faster +way to test for a buffer overflow than a payload content check. +

Format: +

dsize: [>|<] <number>; +
Note: The > and < operators are optional!
+ +


Content +

The content keyword is one of the more important features of Snort.  +It allows the user to set rules that search for specific content in the +packet payload and trigger response based on that data.  Whenever +a content option pattern match is performed, the Boyer-Moore pattern match +function is called and the (rather computationally expensive) test is performed +against the packet contents.  If data exactly matching the argument +data string os contained anywhere within the packet's payload, the test +is successful and the remainder of the rule option tests are performed.  +Be aware that this test is case sensitive. +

The option data for the content keyword is somewhat complex; it can +contain mixed text and binary data.  The binary data is generally +enclosed within the pipe ("|") character and represented as bytecode.  +Bytecode represents binary data as hexidecimal numbers and is a good shorthand +method for describing complex binary data.  Figure 7 contains an example +of mixed text and binary data in a Snort rule. +
  +
  +

+ + + +
+
alert tcp any any -> 192.168.1.0/24 143 (content: "|90C8 C0FF FFFF|/bin/sh"; +msg: "IMAP buffer overflow!";)
+
+ +
Figure 7 - Mixed Binary Bytecode and Text in a Content Rule Option
+ +

Format: +

content: "<content string>";
+ +


Offset +

The offset rule option is used as a modifier to rules using the content +option keyword.  This keyword modifies the starting search position +for the pattern match function from the beginning of the packet payload.  +It is very useful for things like CGI scan detection rules where the content +search string is never found in the first four bytes of the payload.  +Care should be taken against setting the offset value too "tightly" and +potentially missing an attack!  This rule option keyword cannot be +used without also specifying a content rule option. +

Format: +

offset: <number>;
+ +


Depth +

Depth is another content rule option modifier.  This sets the maximum +search depth for the content pattern match function to search from the +beginning of its search region.  It is useful for limiting the pattern +match function from performing inefficient searches once the possible search +region for a given set of content has been exceeded.  (Which is to +say, if you're searching for "cgi-bin/phf" in a web-bound packet, you probably +don't need to waste time searching the payload beyond the first 20 bytes!)  +See Figure 8 for an example of a combined content, offset, and depth search +rule. +

Format: +

depth: <number>;
+ +
  +
+ + + +
+
alert tcp any any -> 192.168.1.0/24 80 (content: "cgi-bin/phf"; +offset: 3; depth: 22; msg: "CGI-PHF attack";)
+
+ +
Figure 8 - Combined Content, Offset and Depth Rule
+ +


+
+
+
+
+

Flags +

This rule tests the TCP flags for an exact match.  There are actually +8 +flags +variables available in Snort: +

    +
  • +F - FIN (LSB in TCP Flags byte)
    • + +
  • +S - SYN
    • + +
  • +R - RST
    • + +
  • +P - PSH
    • + +
  • +A - ACK
    • + +
  • +U - URG
    • + +
  • +2 - Reserved bit 2
    • + +
  • +1 - Reserved bit 1 (MSB in TCP Flags byte)
    • +
+The reserved bits can be used to detect unusual behavior, such as IP stack +fingerprinting attempts or other suspicious activity.  All of the +flags are considered as a whole for this test, they must all be "up" for +this rule option to be successful.  For instance, Figure 9 shows a +SYN-FIN scan detection rule. +

Format: +

flags: <flag values>;
+ +
  +
+ + + +
+
alert any any -> 192.168.1.0/24 any (flags: SF; msg: "Possible +SYN FIN scan";)
+
+ +
Figure 9 - Sample TCP Flags Specification
+ +


+
+

Seq +

This rule option refers to the TCP sequence number.  Essentially, +it detects if the packet has a static sequence number set, and is therefore +pretty much unused.  It was included for the sake of completeness. +

Format: +

seq: <number>;
+ +


Ack +

The ack rule option keyword refers to the TCP header's acknowledge field.  +This rule has one practical purpose so far: detecting  NMAP +TCP pings.  A NMAP TCP ping sets this field to zero and sends a packet +with the TCP ACK flag set to determine if a network host is active.  +The rule to detect this activity is shown in Figure 10. +

Format: +

ack: <number>;
+ +
  +
+ + + +
+
alert any any -> 192.168.1.0/24 any (flags: A; ack: 0; msg: "NMAP +TCP ping";)
+
+ +
Figure 10 - TCP ACK Field Usage
+ +


+
+

Itype +

This rule tests the value of the ICMP type field.  It is set using +the numeric value of this field.  For a list of the available +values, look in the decode.h file included with Snort or in any ICMP reference.  +It should be noted that the values can be set out of range to detect invalid +ICMP type values that are sometimes used in denial of service and flooding +attacks. +

Format: +

itype: <number>;
+ +


Icode +

The icode rule option keyword is pretty much identical to the itype +rule, just set a numeric value in here and Snort will detect any traffic +using that ICMP code value.  Out of range values can also be set to +detect suspicious traffic. +

Format: +

icode: <number>;
+ +


Session +

The session keyword is brand new as of version 1.3.1.1 and is used to +extract the user data from TCP sessions.  It is extremely useful for +seeing what users are typing in telnet, rlogin, ftp, or even web sessions.  +There are two available argument keywords for the session rule option, +printable +or all.  The printable keyword only prints out data +that the user would normally see or be able to type.  The all +keyword substitutes non-printable characters with their hexadecimal equivalents.  +This function can slow Snort down considerably, so it shouldn't be used +in heavy load situations, and is probably best suited for post-processing +binary (tcpdump format) log files.  See Figure 11 for a good example +of a telnet session logging rule. +

Format: +

session: [printable|all];
+ +
  +
+ + + +
+
log tcp any any <> 192.168.1.0/24 23 (session: printable;)
+
+ +
Figure 11 - Logging Printable Telnet Session Data
+ +


+Advanced Rule +Concepts +
  +
Includes +

Versions of Snort after 1.3.1.2 include new rules file parsing functionality +developed by Christian Lademann, including two new rules file keywords.  +The first of these keywords is include.  The include +keyword allows other rule files to be included with the rules file that +indicated on the Snort command line. +

Format: +

include: <include file path/name>
+Note that there is no semicolon at the end of this line.  Included +files will substitute any predefined variable values into their own variable +references.  See the Variables section for more information on defining +and using variables in Snort rule files. +

Variables +

As of version 1.3.1.2, variables may be defined in Snort.  These +are simple substitution variables set with the var keyword as in +Figure 12. +

Format: +

var: <name> <value>
+ +
+ + + +
+
var MY_NET 192.168.1.0/24 +

alert tcp any any -> $MY_NET any (flags: S; msg: "SYN packet";) +
 

+ +
Figure 12 - Example of Variable Definition and Usage
+ +

The rule variable names can be modified in several ways.  You can +define meta-variables using the "$" operator.  These can be +used with the variable modifier operators, "?" and "-". +

    +
  • +$var - define meta variable
    • + +
  • +$(var) - replace with the contents of variable "var"
    • + +
  • +$(var:-default) - replace with the contents of the variable "var" or with +"default" if "var" is undefined.
    • + +
  • +$(var:?message) - replace with the contents of variable "var" or print +out the error message "message" and exit
    • +
+See figure 13 for an example of these rules modifiers in action. +
  +
  +
+ + + +
+
var MY_NET $(MY_NET:-192.168.1.0/24) +

log tcp any any -> $(MY_NET:?MY_NET is undefined!) 23 +
 

+ +
Figure 13 - Advanced Variable Usage Example
+ +
  +


+Building Good Rules +
There are some general concepts to keep in mind when developing +Snort rules to maximize efficiency and speed.  I will add to this +section as my muse wills. :) +

Content Rules are Case Sensitive +

Don't forget that content rules are case sensitive and that many programs +typically use uppercase letters to indicate commands.  FTP is a good +example of this.  Consider the following two rules: +

+

alert tcp any any -> 192.168.1.0/24 21 (content: "user root"; msg: "FTP +root login";) +
alert tcp any any -> 192.168.1.0/24 21 (content: "USER root"; msg: +"FTP root login";)

+ +

The second of those two rules will catch most every automated root login +attempt, but none that use lower case characters for "user".  Case +insensitivity is a feature that will probably be added in future versions +of Snort, but for now be aware that case counts! +

Speeding Up Rules That Have Content Options +

The order that rules are tested by the detection engine is completely +independent of the order that they are written in a rule.  The last +rule test that is done (when necessary) is always the content rule option.  +Take advantage of this fact by using other faster rule options that can +detect whether or not the content needs to be checked at all.  For +instance, most of the time when data is sent from client to server after +a TCP session is established, the PSH and ACK TCP flags are set on the +packet containing the data.  This fact can be taken advantage of by +rules that need to test payload content coming from the client to the sever +with a simple TCP flag test that is far less computationally expensive +than the pattern match algorithm.  Knowing this, a simple way to speed +up rules that use content options is to also perform a flag test, as in +Figure 14.  The basic idea is that if the PSH and ACK flags aren't +set, there's no need to test the packet payload for the given rule.  +If the flags are set, the additional computing power required to perform +the test is negligible. +
  +
  +

+ + + +
+
alert tcp any any -> 192.168.1.0/24 80 (content: "cgi-bin/phf"; +flags: PA; msg: "CGI-PHF probe";)
+
+ +
Figure 14 - Using TCP Flag Tests to Hasten Content Rules
+ +
  +


+
 

+
+ Version 1.0, All rights reserved, © Copyright 1999 Martin Roesch + + + --- snort-2.3.3.orig/debian/my/snort.ip-down.d +++ snort-2.3.3/debian/my/snort.ip-down.d @@ -0,0 +1,104 @@ +#!/bin/sh -e + +test $DEBIAN_SCRIPT_DEBUG && set -v -x + +# Initial configuration :) +DAEMON=/usr/sbin/snort +NAME=snort +DESC="Network Intrusion Detection System" + +CONFIG=/etc/snort/snort.debian.conf + +test -x $DAEMON || exit 0 +test -f $CONFIG && . $CONFIG +test "$DEBIAN_SNORT_STARTUP" = "dialup" || exit 0 + +if ! [ "$DEBIAN_SNORT_RECURSIVE" ]; then + # Acquire lock... + trap 'rm -f /var/run/snort.ppp.lock' 0 + for tries in $(seq 1 10); do + mkfifo /var/run/snort.ppp.lock 2>/dev/null && break + sleep 1 + done + # Now it's locked or timed out. + # In the latter case we assume stale lock. +fi + +# If we are started with ppp environment set... +if [ "$PPPD_PID" -a "$PPP_IFACE" -a "$PPP_LOCAL" ]; then + echo -n "Stopping $DESC: $NAME($PPP_IFACE)" + + PIDFILE=/var/run/snort_$PPP_IFACE.pid + ENVFILE=/var/run/snort_$PPP_IFACE.env + + test -f "$PIDFILE" && pid=$(cat "$PIDFILE") + + # We remove the saved environment, if we are not asked to + # keep them. DEBIAN_SNORT_KEEPENV is not set, if we're + # called by pppd, thus we always remove stale environments. + test $DEBIAN_SNORT_KEEPENV || rm -f "$ENVFILE" + + /sbin/start-stop-daemon --stop --retry 5 --quiet --oknodo \ + --pidfile "$PIDFILE" --exec $DAEMON >/dev/null + rm -f "$PIDFILE" + + echo "." + + exit 0 +fi + +# Else, we are started without ppp environment set... + +DEBIAN_SNORT_RECURSIVE=1 +export DEBIAN_SNORT_RECURSIVE + +# We keep the environments, thus the instances are restartable +DEBIAN_SNORT_KEEPENV=1 +export DEBIAN_SNORT_KEEPENV + +# If we have saved environments, check and probably stop them... +envpattern=/var/run/snort_*.env + +# If we are requested to stop one special environment... +test "$1" -a -z "$2" && envpattern=/var/run/snort_"$1".env + +myret=0 +got_instance=0 +for env in $envpattern; do + # This check is also needed, if the above pattern doesn't match + test -f "$env" || continue; + + . "$env" + + # Prevent endless recursion because of damaged environments + # Check, if the environment is still valid... + if [ "$PPPD_PID" -a "$PPP_IFACE" -a "$PPP_LOCAL" ] && + kill -0 $PPPD_PID 2>/dev/null && + ps -p $PPPD_PID | grep -q pppd; then + got_instance=1 + + export PPPD_PID PPP_IFACE PPP_LOCAL + # Because the stop of this particular environment could + # fail, we guard it + set +e + $0 "$@" + ret=$? + set -e + case "$ret" in + 0) + ;; + *) + myret=$(expr "$myret" + 1) + ;; + esac + else + rm -f "$env" + fi +done + +# If we found no saved environments, we don't need to stop anything +if [ "$got_instance" = 0 ]; then + echo "No snort instance found to be stopped!" >&2 +fi + +exit $myret --- snort-2.3.3.orig/debian/my/diff +++ snort-2.3.3/debian/my/diff @@ -0,0 +1,85 @@ +---- start diff --- + +*** snort-stat Tue Feb 27 10:26:02 2001 +---- snort-stat.tomeck Tue Feb 27 10:38:25 2001 +*************** +*** 100,110 **** + } + + # +! ################### print mail ################################## + # + +! open(MAIL,"| $sendmail $to") || die $!; +! printf MAIL "To: %s\n". + "Subject: %s: snort daily report\n\n". + "The log begins from: %3s %02d %02d:%02d:%02d\n". + "The log ends at: %3s %02d %02d:%02d:%02d\n". +---- 100,121 ---- + } + + # +! ################### Make tempfile ################################ + # + +! $cnt=0; +! while(1) { +! $tmpfile = "/tmp/snort-stat.$$.$cnt"; +! last unless -f $tmpfile; +! $cnt++; +! } +! +! # +! ################ Write report to tempfile ####################### +! # +! +! open(TMP,"> $tmpfile") || die $!; +! printf TMP "To: %s\n". + "Subject: %s: snort daily report\n\n". + "The log begins from: %3s %02d %02d:%02d:%02d\n". + "The log ends at: %3s %02d %02d:%02d:%02d\n". +*************** +*** 129,143 **** + $s0{$k}, $_[2], $_[1], $hostname + . + +! select(MAIL); + $^ = SAME_ATTACK_TOP; + $~ = SAME_ATTACK; + + foreach $k (sort { $s0{$b} <=> $s0{$a} } keys %s0) { + @_ = split ",",$k; + $hostname=`host $_[0] 2>/dev/null`; + $hostname=$_[0] if (not defined $hostname) || ($hostname eq ""); + $hostname=~ s/Name: //g; chomp($hostname); +! write if $s0{$k} > $treshold; + } +! close(MAIL) || die $!; +---- 140,164 ---- + $s0{$k}, $_[2], $_[1], $hostname + . + +! select(TMP); + $^ = SAME_ATTACK_TOP; + $~ = SAME_ATTACK; + + foreach $k (sort { $s0{$b} <=> $s0{$a} } keys %s0) { + @_ = split ",",$k; ++ last if $s0{$k} <= $treshold; + $hostname=`host $_[0] 2>/dev/null`; + $hostname=$_[0] if (not defined $hostname) || ($hostname eq ""); + $hostname=~ s/Name: //g; chomp($hostname); +! write; + } +! select(STDOUT); +! close(TMP); +! +! # +! ################### send mail ################################## +! # +! +! system("cat $tmpfile | $sendmail $to"); +! unlink("$tmpfile"); +! + +--- end diff --- --- snort-2.3.3.orig/debian/my/snort_rules_update +++ snort-2.3.3/debian/my/snort_rules_update @@ -0,0 +1,24 @@ +#!/bin/sh +# contributed by Marcel , 2004. +# +# Example cron-entry: +# +# 7 0 * * * test -r /usr/local/bin/snort-update && /usr/local/bin/snort-update +# + +vers=snapshot-CURRENT +# vers=snapshot-2_1 +/etc/init.d/snort stop +pushd /tmp +wget http://www.snort.org/dl/rules/snortrules-${vers}.tar.gz && ( \ + tar zxf snortrules-${vers}.tar.gz; \ + test "$vers" == "snapshot-2_1" && rm rules/netbios.rules; \ + mv rules/*.rules /etc/snort/rules/; \ + rm rules/snort.conf; \ + mv rules/* /etc/snort/; \ + rmdir rules; \ + rm snortrules-${vers}.tar.gz; \ + chown -R root.root /etc/snort/*; \ +) +popd +/etc/init.d/snort start --- snort-2.3.3.orig/debian/my/FAQ.txt +++ snort-2.3.3/debian/my/FAQ.txt @@ -0,0 +1,3580 @@ + The Snort FAQ + + The Snort Core Team + +Suggestions for enhancements of this document are always welcome. Please email +them to erek@snort.org . If you have contributed to this document and don't +see your name listed, email us. Many people have contributed to this FAQ: + + + + Marty Roesch Fyodor Yarochkin Dragos Ruiu Jed Pickel + + Max Vision Michael Davis Joe McAlerney Joe Stewart + + Erek Adams Roman Danyliw Christopher Cramer Frank Knobbe + + Phil Wood Toby Kohlenberg Ramin Alidousti Jim Hankins + +Dennis Hollingworth Paul Howell Stef Mit Ofir Arkin + + Jason Haar Blake Frantz Lars Norman Søndergaard Brent Erickson + + Brian Caswell Scot Wiedenfeld Chris Green Jeff Wirth + + Edin Dizdarevic Detmar Liesen Don Ng Matt Kettler + + Joe Lyman Jim Burwell Jed Haile Andrew Hutchinson + + Jeff Nathan Alberto Gonzalez Jason Haar + + + +Dragos Ruiu: This version of this guide has been brought to you by the kind +generosity and sponsorship of Wiley and Sons publishers whose support let +myself, and other snort developers Jeff Nathan and Jed Haile take the time to +work on this document and other tutorials for Snort due out in our upcoming +book. (route++) + + +Contents + + * Contents + * 1 Background + + 1.1 How do you pronounce the names of some of these guys who work on + snort? + + 1.2 Is Fyodor Yarochkin the same Fyodor who wrote nmap? + + 1.3 Where do I get more help on snort? + + 1.4 Where can I get more reading and courses about IDS? + + 1.5 Does Snort handle IP defragmentation? + + 1.6 Does Snort perform TCP stream reassembly? + + 1.7 Does Snort perform stateful protocol analysis? + + 1.8 I'm on a switched network, can I still use Snort? + + 1.9 Is snort vulnerable to IDS noise generators like "Stick" and + "Snot"? + + 1.10 Can snort be evaded by the use of polymorphic mutators on + shellcode? + + 1.11 Does Snort log the full packets that it generates alerts? + * 2 Getting Started + + 2.1 Where do I find binary packages for BlueHat BSD-Linux-RT? + + 2.2 How do I run snort? + + 2.3 Where are my log files located? What are they named? + + 2.4 Why does snort complain about /var/log/snort? + + 2.5 Where's a good place to physically put a Snort sensor? + + 2.6 Libpcap complains about permissions problems, what's going on? + + 2.7 I've got RedHat and .... + + 2.8 Where do I get the latest version of libpcap? + + 2.9 Where do I get the latest version of Winpcap? + + 2.10 What version of Winpcap do I need? + + 2.11 Why does building snort complain about missing references? + + 2.12 Why does building snort fail with errors about yylex and lex_init? + + 2.13 I want to build a snort box. Will this + handle traffic? + + 2.14 What are CIDR netmasks? + + 2.15 What is the use of the "-r" switch to read tcpdump files? + * 3 Configuring Snort + + 3.1 How do I setup snort on a 'stealth' interface? + + 3.2 How do I setup a receive-only ethernet cable? + + 3.3 What are HOME_NET and EXTERNAL_NET? + + 3.4 My network spans multiple subnets. How do I define HOME_NET? + + 3.5 How do I set EXTERNAL_NET? + + 3.6 How can I run snort on multiple interfaces simultaneously. + + 3.7 My IP address is assigned dynamically to my interface, can I use + snort with it? + + 3.8 I have one network card and two aliases, how can I force snort to + "listen" on both addresses ? + + 3.9 How do I ignore traffic coming from a particular host or hosts? + + 3.10 How do I get Snort to log the packet payload as well as the + header? + + 3.11 Why are there no subdirectories under /var/log/snort for IP + addresses? + + 3.12 Why does the portscan plugin log "stealth" packets even though the + host is in the portscan-ignorehosts list? + + 3.13 What the heck is a ``Stealth scan''? + + 3.14 What the heck is a SYNFIN scan? + + 3.15 Which takes precedence, commandline or rule file ? + + 3.16 How does rule ordering work? + + 3.17 How do I configure stream4? + + 3.18 Where does one obtain new/modified rules? How do you merge them + in? + + 3.19 How do you get the latest snort via cvs? + + 3.20 How do I use a remote syslog machine? + + 3.21 How do I build this ACID thing? + * 4 Rules and Alerts + + 4.1 Errors loading rules files + + 4.2 Snort says "Rule IP addr ("1.1.1.1") didn't x-late, WTF?" + + 4.3 Snort is behind a firewall and awfully quiet... + + 4.4 Does snort see packets filtered by IPTables/IPChains/IPF/PF? + + 4.5 I'm getting large amounts of . What should I do? + Where can I go to find out more about it? + + 4.6 What about all these false alarms? + + 4.7 What are all these ICMP files in subdirectories under /var/log/ + snort? + + 4.8 Why does the program generate alerts on packets that have pass + rules? + + 4.9 What are all these "ICMP destination unreachable" alerts? + + 4.10 Why do many snort rules have the flags P (TCP PuSH) and A (TCP + ACK) set? + + 4.11 Snort says BACKDOOR SIGNATURE... does my machine have a Trojan? + + 4.12 What about "CGI Null Byte attacks"? + + 4.13 Why do certain alerts seem to have 'unknown' IPs in ACID? + + 4.14 Can priorities be assigned to Alerts using ACID? + + 4.15 What about 'SMB Name Wildcard' alerts? + + 4.16 What the heck is a SYNFIN scan? + + 4.17 I am getting too many "IIS Unicode attack detected" and/or "CGI + Null Byte attack detected" false positives. How can I turn this + detection off? + + 4.18 How do I test snort alerts and logging? + + 4.19 What is the difference between ``Alerting'' and ``Logging''? + + 4.20 Are rule keywords ORed or ANDed together? + + 4.21 Can snort trigger a rule by MAC addresses? + + 4.22 How can I deactivate a rule? + + 4.23 How can I define an address to be anything except some hosts? + + 4.24 After I add new rules or comment out rules how do I make snort + reload? + + 4.25 Where do the distance and within keywords work from to modify + content searches in rules ? + + 4.26 How can I specify a list of ports in a rule? + + 4.27 How can I protect web servers running on ports other than 80? + + 4.28 How do I turn off "spp:possible EVASIVE RST detection" alerts? + + 4.29 Is there a private SID number range so my rules don't conflict? + + 4.30 How long can Address Lists, Variables, or Rules be? + * 5 Getting Fancy + + 5.1 I hear people talking about ``Barnyard''. What's that? + + 5.2 How do I process those snort logs into reports? + + 5.3 How do I log to multiple databases or output plugins? + + 5.4 How can I test snort without having an ethernet card or a + connection to other computers? + + 5.5 How to start snort as a win32 service? + + 5.6 Is it possible with snort to add a ipfilter/ipfw rule to a + firewall? + + 5.7 What is the best way to use snort to block attack traffic? + + 5.8 Snort complains about the "react" keyword... + + 5.9 How do I get snort to e-mail me alerts? + + 5.10 How do I log a specific type of traffic and send alerts to syslog? + + 5.11 Is it possible to have snort call an external program when an + alert is raised? + + 5.12 How can I use snort to log http urls or smtp traffic ? + + 5.13 How can I move data from the snort db to snort_archive db like + ACID does? + + 5.14 What are some resources that I can use to understand more about + source addresses logged and where they are coming from? + + 5.15 How do I understand this traffic and do IDS alert analysis? + + 5.16 How can I examine logged packets in more detail? + * 6 Problems + + 6.1 I think I found a bug in snort. Now what? + + 6.2 SMB alerts aren't working, what's wrong? + + 6.3 Snort says "Garbage Packet with Null Pointer discarded!". Huh? + + 6.4 Snort says "Ran Out Of Space". Huh? + + 6.5 My ACID db connection times-out when performing long operations + (e.g. deleting a large number of alerts) + + 6.6 Why does ACID keep changing my sensor number and how do I keep it + consistent? + + 6.7 Why does snort report "Packet loss statistics are unavailable under + Linux"? + + 6.8 My /var/log/snort directory get very large..... + + 6.9 Why does the 'error deleting alert' message occur when attempting + to delete an alert with ACID? + + 6.10 ACID appears to be broken in Lynx + + 6.11 I am getting 'snort [pid] uses obsolete (PF_INET, SOCK_PACKET)' + warnings, what's wrong. + + 6.12 On HPUX I get device lan0 open: recv_ack: promisc_phys: Invalid + argument + + 6.13 I am getting snort dying with 'can not create file' error and I + have plenty of diskspace, what's wrong? + + 6.14 I am using Snort on Windows and receive an ``OpenPcap() error upon + startup: ERROR: OpenPcap() device open: Error opening adapter'' What's + wrong? + + 6.15 Snort is not logging to my database! + + 6.16 Portscans are not being logged to my database + + 6.17 Snort is not logging to syslog + + 6.18 I am still getting bombarded with spp_portscan messages even + though the IP that I am getting the portscan from is in my $DNS_SERVERS + var + + 6.19 Why chrooted snort die when I send it a SIGHUP? + + 6.20 My snort crashes, how do I restart it? + + 6.21 Why can't snort see one of the 10Mbps or 100Mbps traffic on my + autoswitch hub + + 6.22 Trying to install snort it says: "bad interpreter: No such file or + directory" + + 6.23 I'm not seeing any interfaces listed under Win32. + + 6.24 It's not working on Win32, how can I tell if my problem is snort + or WinPcap? + + 6.25 I just downloaded a new ruleset and now snort fails complaining + about the rules. + + 6.26 How do I speed up ACID and MySQL ? + + 6.27 Why am I seeing so many "SMTP RCPT TO overflow" alerts ? + + 6.28 I'm getting lots of *ICMP Ping Speedera*, is this bad? + + 6.29 Why are my unified alert times off by +/- N hours? + + 6.30 I try to start snort and it gives an error like "ERROR: Unable to + open rules file: /root/.snortrc or /root//root/.snortrc". What can I do + to fix this? + * 7 Development + + 7.1 How do you put snort in debug mode? + * 8 Miscellaneous + + 8.1 What's this about a snort drinking game? + +1 Background + +1.1 How do you pronounce the names of some of these guys who work on snort? + +For the record, 'Roesch' is pronounced like 'fresh' without the 'f'. +Additionally, 'Ruiu' is pronounced like 'screw you' without the 'sc' (think of +the sound your car makes when it doesn't start on a cold morning). Jed's last +name is like "pick-el", not "pickle". + +1.2 Is Fyodor Yarochkin the same Fyodor who wrote nmap? + +Nope. fyodor@insecure.org is the author of nmap, and he uses the same pseudonym +as other snort Fyodor's real surname. Yeah, messes up my mailbox too, but I +think it's too late to change either of them :-). + +1.3 Where do I get more help on snort? + +Check the website, http://www.snort.org/ . Other good resources are are +available in the source distribution, including the Snort Users Manual and the +USAGE file. There is also a excellent mailing list, snort-users. You can find +info on how to signup at http://www.snort.org/lists.html . You can also join # +snort on irc.freenode.het. + +1.4 Where can I get more reading and courses about IDS? + + All of the following offer courses on Intrusion Detection: + + * SANS - http://www.sans.org + * Usenix - http://www.usenix.org/event/ + * Networld/Interop - http://www.key3media.com/interop/ + * CanSecWest - http://www.cansecwest.com + +There are some books about Snort that are about to be published: + ++--------------------------------------------------------------------------------------------------------+ +| | | | | | +|----------------------------------+---------------------------+----------------+--------------+---------| +| Snort: The Complete Guide | Jeff Nathan, Dragos Ruiu, | Wiley&Sons | 0471455970 | 06/2003 | +|----------------------------------+---------------------------+----------------+--------------+---------| +| to Intrusion Detection | Jed Haile | | | | +|----------------------------------+---------------------------+----------------+--------------+---------| +| Intrusion Detection with Snort: | Rafeeq Rehman | Prentice Hall | I0131407333 | 05/2003 | +|----------------------------------+---------------------------+----------------+--------------+---------| +| Advanced IDS Techniques | | | | | +|----------------------------------+---------------------------+----------------+--------------+---------| +| Snort Intrusion Detection | Ryan Russell | Syngress Media | 1931836744 | 02/2003 | +|----------------------------------+---------------------------+----------------+--------------+---------| +| Snort Intrusion Detection | Jack Koziol | New Riders | 157870281X | 04/2003 | +|----------------------------------+---------------------------+----------------+--------------+---------| +| | | | | | ++--------------------------------------------------------------------------------------------------------+ + +Many good books on Intrusion detection are available. Included are just a few: + ++-------------------------------------------------------------------------------------+ +| | | | +|---------------------------------------------------+--------------------+------------| +| Network Intrusion Detection An Analyst's Handbook | Stephen Northcutt | 0735708681 | +|---------------------------------------------------+--------------------+------------| +| Intrusion Signatures and Analysis | Stephen Northcutt | 0735710635 | +|---------------------------------------------------+--------------------+------------| +| TCP/IP Illustrated, Volume 1 The Protocols | W. Richard Stevens | 0201633469 | +|---------------------------------------------------+--------------------+------------| +| Intrusion Detection | Rebecca G. Bace | 1578701856 | +|---------------------------------------------------+--------------------+------------| +| | | | ++-------------------------------------------------------------------------------------+ + +1.5 Does Snort handle IP defragmentation? + +Yes, use "preprocessor frag2" + +1.6 Does Snort perform TCP stream reassembly? + +Yes, check out the stream4 preprocessor (see FAQ 3.17) that does stateful +analysis session loggin, tcp reassembly and much much more. + +1.7 Does Snort perform stateful protocol analysis? + +Yes. (see FAQ 3.17) does this as well. + +1.8 I'm on a switched network, can I still use Snort? + +Short version: + +Being able to sniff on a switched network depends on what type of switch is +being used. If the switch can mirror traffic, then set the switch to mirror all +traffic to the snort machine's port. + +Extended version: + +There are several ways of deploying NIDS in switched environments which all +have their pros and cons. Which method applies to your needs depends on what +kind of segments you want to monitor and on your budget. Here are the most +common methods: + +1. Switch Mirror - if the switch can mirror traffic, then set the switch to + mirror all traffic to the snort machine's port. + + Advantages: + + - Simple method, works with most decent switches. + + Drawbacks: + + - if the switch is a fast ethernet switch, you can mirror 100Mbit/s + max. Since each switch port is capable of handling 100Mbit/s for each + direction, the bandwidth per port sums up to 200Mbit/s, so the switch + will not be able to mirror all packets at high network utilization. + + - some switches suffer from performance degradation through port + mirroring. + +2. Hub - inserting a hub in line, so you can simply tap all traffic. Works + fine for home networks, will lose data due to collisions at loads greater + than 50% - so a 10Mbps hub should be fine for T1/E1, DSL or cablemodem. If + you have a DS3 or greater, you should investigate taps. + + + Advantages: + + -Simple method + + -No impact on switch performance and no config changes + + -low cost + + Drawbacks: + + -loss of full-duplex capabilities + + -additional single point of failure + + - collision loss at above 50% load levels + +3. Network Taps - using network taps (e.g. Shomiti/Finisar^[*] and Netoptics^ + [*]). You can find some rather good information in the papers by Jeff + Nathan. You can find the papers at http://www.snort.org/docs/#deploy . + + Advantages: + + - no impact on switch performance and no special configuration + + - stealth, i.e. sending data back to the switch is disabled + + - no single point of failure, "fail-open" if the tap power fails + + Drawbacks: + + - the datastream is split into TX and RX, so you need two NICs + + - the two datastreams have to be recombined, i.e. merged, if you don't + want to lose the capability of doing stateful analysis. This can be + done by using channel bonding. Information can be found at http:// + sourceforge.net/projects/bonding . - cost + +4. Throw money at it - tapping all switch ports (using the forementioned + network taps) but only tapping all incoming packets (RX lines of the switch + ports), connecting those tap ports to a dedicated gigabit switch, which is + capable of mirroring up to ten RX taplines to one single dedicated gigabit + port, which is connected to a gigabit IDS machine. + + + Advantages: + + -maximum coverage (i.e. monitor all switchports) + + -no performance degradation or re-configuration of the switch + + Drawbacks: + + -mucho $$$ + +1.9 Is snort vulnerable to IDS noise generators like "Stick" and "Snot"? + +It is now possible to defeat these kinds of noise generators with the (see FAQ +3.17) preprocessor. Even without the stream4 preprocessor enabled, snort will +weather the alert storm without falling over or losing a lot of alerts due to +its highly optimized nature. Using tools that generate huge amounts of alerts +will warn a good analyst that someone is trying to sneak by their defenses. + +1.10 Can snort be evaded by the use of polymorphic mutators on shellcode? + +Yes, and this could defeat some of the NOP sled detection signatures but the +ordinary exploit rules should not be affected by this kind of obfuscation. The +fnord preprocessor attempts to detect mutated or obfuscated long strings of NOP +equivalent sleds. + +1.11 Does Snort log the full packets that it generates alerts? + +Yes, the packets should be in the directory that has the same IP address as the +source host of the packet which generated the alert. If you are using binary +logging, there will be a packet capture file (.pcap) in the logging directory +instead. + +2 Getting Started + +2.1 Where do I find binary packages for BlueHat BSD-Linux-RT? + +Repeat after me: + + wget http://www.snort.org/downloads/snort-stable.tgz + + tar zxvf snort-stable.tgz + + cd snort-stable + + ./configure + + make + + su + + make install + + mkdir /var/log/snort + + cd etc + + vi snort.conf + + snort -D -c snort.conf + + exit + +...and if you want to use our binary package uninstaller :-): + + cd snort-stable; make uninstall + +and if you must, you can find some binaries at http://www.snort.org/dl/binaries +/ . You can also find Snort in most BSD ports trees. + +2.2 How do I run snort? + +Run Snort in sniffer mode and make sure it can see the packets. + + snort -dv + +Then run it with the HOME_NET set appropriately for the network you're +defending in your rules file. A default rules file comes with the snort +distribution and is called "snort.conf" You can run this basic ruleset with the +following command line: + + snort -A full -c snort.conf + +If it's all set right, make sure the interface is in promiscuous mode by +running the command from another window: + + ifconfig -a + +The output from ifconfig should show if the interface is in promiscuous mode. +If it's not, there should be a way to set it manually. + +Note that the default output mode (-A full) of snort should not be used except +in very controlled environments. It is the slowest way to run snort and +presents several hard to recover from problems with inode creation on +filesystems. + +For people doing real IDS work, use something like (-A fast -b) to combine fast +alert mode with tcpdump binary log files or use the unified format coupled with +(see FAQ [*]). + +2.3 Where are my log files located? What are they named? + +The default location for logs is /var/log/snort. If snort is started with "-l +", then the logs will be located in the directory specified. + +In the past, running Snort in daemon mode (-D) produced a file named +"snort.alert". For consistency sake, this has been changed. Running Snort in +both standard or daemon modes (-D) will produce a file named "alert". + +Note the log file naming convention changed between 1.8 and 1.9. That funny +alphanumeric soup at the end of the new names is a UNIX timestamp. This helps +avoid file conflicts. + +2.4 Why does snort complain about /var/log/snort? + +It requires this directory to log alerts to it. Try running the command: + + mkdir -p /var/log/snort + +Make sure the logging directory is owned by the user snort is running as. + +2.5 Where's a good place to physically put a Snort sensor? + +This is going to be heavily influenced by your organizations policy, and what +you want to detect. One way of looking at it is determining if you want to +place it inside or outside your firewall. Placing an IDS outside of your +firewall will allow you monitor all attacks directed at your network, +regardless of whether or not they are stopped at the firewall. This almost +certainly means that the IDS will pick up on more events than an IDS inside the +firewall, and hence more logs will be generated. Place an IDS inside your +firewall if you are only interested in monitoring traffic that your firewall +let pass. If resources permit, it may be best to place one IDS outside and one +IDS inside of your firewall. This way you can watch for everything directed at +your network, and anything that made it's way in. + +ADDENDA AD NAUSEUM + +Note: So this one still gets a lot of traffic even though it's in the FAQ. Erek +Adams has noted this comprehensive and authoritative discussion of this +perpetual discussion item - mildly edited, also see faq question about switches +hubs and taps -dr + +If your router/switch can do port mirroring then just connecting a network IDS +to it would be fine. Else a hub could be another option. Most of network IDS +can have a NIC that acts as a passive sniffer anyway. + +As to where to place the sensor. I would go for both, one to monitor the +external, one for the internal. I work in a distributor for security products, +so over instrumentation is fun :) And in any case, if the traffic do not pass +by the Sensor it will not get monitored. So some people deploy IDS on their +internal segments too I believe. + +In ``front'' of the firewall(s): + +Pro: Higher state of alert you know what attacks you are facing. + +Con: Wall to Wall of data, boring? If your firewall has NAT turned on, tracking +the sources originating from your internal network is difficult. + +``Behind'' the firewall(s): + +Pro: Only what gets through the firewall gets monitored? Less load on the IDS +analyst. You get to see what hosts are sending traffic to the internet. + +Con: Less idea of the state of the environment, false sense of safety. + +Where should IDS be placed relative to firewalls? Explore the pros and cons off +placing IDS inside or outside firewall. What are the drawbacks of each? + + * MARCUS RANUM from NFR Security: "I'd put mine inside. Why should I care if + someone is attacking the outside of my firewall? I care only if they + succeed, which my IDS on the inside would ideally detect. Placing the IDS + on the outside is going to quickly lull the administrator into complacency. + I used to have a highly instrumented firewall that alerted me whenever + someone attacked it. Two weeks later I was deleting its alert messages + without reading them. Another important factor arguing for putting it + inside is that not all intrusions come from the outside or the firewall. An + IDS on the inside might detect new network links appearing, or attackers + that got in via another avenue such as a dial-in bank.'' + * CURRY from IBM: ``The IDS should be placed where it will be able to see as + much of the network traffic you're concerned about as possible. For + example, if you're concerned about attacks from the Internet, it makes the + most sense to put the IDS outside the firewall. the most sense to put the + IDS outside the firewall. This gives it an "unobstructed" view of + everything that's coming in. If you put the IDS inside the firewall, then + you're not seeing all the traffic the bad guys are sending at you, and this + may impact your ability to detect intrusions.'' + * SUTTERFIELD from Wheel Group: ``IDS ideally plays an important role both + inside and outside a firewall. Outside a firewall, IDS watches legitimate + traffic going to public machines such as e-mail and Web servers. More + importantly IDS outside a firewall will see traffic that would typically be + blocked by a firewall and would remain undetected by an internal system. + This is especially important in detecting network sweeping which can be a + first indication of attack. External systems will also give you the benefit + of monitoring those services that firewalls determine are legitimate. + Putting an IDS inside the firewall offers the added benefit of being able + to watch traffic internal to the protected network. This adds an important + element of protection against insider threats. The major drawback of IDS + inside a firewall is that it cannot see a good deal of important traffic + coming from untrusted networks and may fail to alert on obvious signals of + an impending attack.'' + * CHRIS KLAUS from ISS: ``Outside the firewall is almost always a good + idea-it protects the DMZ devices from attack and dedicates an additional + processor to protecting the internal network. Just inside the firewall is + also useful-it detects attempts to exploit the tunnels that exist through + the firewall and provides an excellent source of data for how well your + firewall is working. Throughout your intranet may be the best place for IDS + deployment, however. Everyone agrees that attacks aren't the only things + we're worried about-there's internal mischief, fraud, espionage, theft, and + general network misuse. Intrusion detection systems are just as effective + inside the network as outside, especially if they're unobtrusive and easy + to deploy.'' + * GENE SPAFFORD: ``The IDS must be inside any firewalls to be able to detect + insider abuse and certain kinds of attacks through the firewall. IDS + outside the firewall may be useful if you want to monitor attacks on the + firewall, and to sample traffic that the firewall doesn't let through. + However, a true IDS system is likely to be wasted there unless you have + some follow-through on what you see.'' + * Bottom Line: + + DRAGOS RUIU: ``just pick a spot you're likely to look at the logs for :-)'' + +2.6 Libpcap complains about permissions problems, what's going on? + +You are not running snort as root or your kernel is not configured correctly. + +2.7 I've got RedHat and .... + +Check your version of libpcap. If it's not >= 0.5, then you should update. + +2.8 Where do I get the latest version of libpcap? + +You can find the most current version at: + + http://www.tcpdump.org/ + +You might also want to have a look at Phil Wood's patches to libpcap for Linux. + + http://public.lanl.gov/cpw/ + +2.9 Where do I get the latest version of Winpcap? + +http://winpcap.polito.it/ + +2.10 What version of Winpcap do I need? + +It depends. If you only have one processor, you can use the most current +version (3.x). If you have a SMP box, you'll have to use either an older +version (< 2.3) or the 3.x version plus a patch from http://www.ntop.org/ +winpcap.html . + +2.11 Why does building snort complain about missing references? + +You must configure libpcap with the -install-incl option. (On RedHat, install +the libpcap-devel rpm.) + +2.12 Why does building snort fail with errors about yylex and lex_init? + +You need the lex and yacc tools or their gnu equivalents flex and bison +installed. + +2.13 I want to build a snort box. Will this handle + traffic? + +That depends. Lower the number of rules is a standard performance increase. +Disable rules that you don't need or care about. There have been many +discussions on 'tweaking performance' with lots of 'I handle XX mb with a ___ +machine setup.' being said. Look at some of the discussions on the snort-users +mailing lists. + +Here is an oft quoted bit on the subject from Marty: + +"Hardware/OS recommendations" + +Ok, here are the guidelines and some parameters. Intrusion detection is turning +into one of the most high performance production computing fields that is in +wide deployment today. If you think about the requirements of a NIDS sensor and +the constraints that they are required to operate within, you'll probably start +to realize that it's not too hard to find the performance wall with a NIDS +these days. + +The things a NIDS needs are: + +1. MIPS (Fast CPU) +2. RAM (More is *always* better) +3. I/O (Wide, fast busses and high performance NIC) +4. AODS (Acres Of Disk Space) + +A NIDS also needs to be pretty quick internally at doing its job. Snort's seen +better days in that regard (when 1.5 came out the architecture was a lot +cleaner) but it's still considered to be one of the performance leaders +available. + +As for OS selection, use what you like. When we implement Data Acquisition +Plugin's in Snort 2.0 this may become more of a factor, but for now I'm hearing +about a lot of people seeing alot of success using Snort on Solaris, Linux, +*BSD and Windows 2000. Personally, I develop Snort on FreeBSD and Sourcefire +uses OpenBSD for our sensor appliance OS, but I've been hearing some good +things about the RedHat Turbo Packet interface (which would require mods for +Snort to use, not to mention my general objection to RedHat's breaking stuff +all the time). (ed note: take a drink, see FAQ 7.2 -dr) + +2.14 What are CIDR netmasks? + +(Excerpt from url: http://public.pacbell.net/dedicated/cidr.html ) CIDR is a +new addressing scheme for the Internet which allows for more i efficient +allocation of IP addresses than the old Class A, B, and C address scheme. + +CIDR Block Equivalent Class C IP Addresses Usable Addresses Subnet Mask + + /32 1/256th of a Class C 1 1 255.255.255.255 + + /30 1/64th of a Class C 4 2 255.255.255.252 + + /29 1/32nd of a Class C 8 6 255.255.255.248 + + /28 1/16th of a Class C 16 14 255.255.255.240 + + /27 1/8th of a Class C 32 30 255.255.255.224 + + /26 1/4th of a Class C 64 62 255.255.255.192 + + /25 1/2 of a Class C 128 126 255.255.255.128 + + /24 1 Class C 256 254 255.255.255.0 + + /23 2 Class C 512 510 255.255.254.0 + + /22 4 Class C 1,024 1022 255.255.252.0 + + /21 8 Class C 2,048 2046 255.255.248.0 + + /20 16 Class C 4,096 4094 255.255.240.0 + + /19 32 Class C 8,192 8190 255.255.224.0 + + /18 64 Class C 16,384 16,382 255.255.192.0 + + /17 128 Class C 32,768 32,766 255.255.128.0 + + /16 256 Class C 65,536 65,534 255.255.0.0 + + /15 512 Class C 131,072 131,070 255.254.0.0 + + /14 1,024 Class C 262,144 262,142 255.252.0.0 + + /13 2,048 Class C 524,288 524,286 255.248.0.0 + +For more detailed technical information on CIDR, check out the following RFCs: + + * RFC 1517: Applicability Statement for the Implementation of CIDR + * RFC 1518: An Architecture for IP Address Allocation with CIDR + * RFC 1519: CIDR: An Address Assignment and Aggregation Strategy + * RFC 1520: Exchanging Routing Information Across Provider Boundaries in the + CIDR Environment + +RFCs are available at http://www.rfc-editor.org/rfcsearch.html + +2.15 What is the use of the "-r" switch to read tcpdump files? + +Used in conjunction with a snort rules file, the tcpdump data can be analyzed +for hostile content, port scans, or anything else Snort can be used to detect. +Snort can also display the packets in a decoded format, which many people find +is easier to read than native tcpdump output. + +3 Configuring Snort + +3.1 How do I setup snort on a 'stealth' interface? + + *BSD and Linux: + + ifconfig eth1 up + +Solaris: + + ifconfig eth1 plumb + + ifconfig eth1 up + +NT/W2K/XP: + +NOTE: You are at your own risk if you follow these instructions. Editing your +registry is DANGEROUS and should be done with extreme caution. Follow these +steps at your OWN risk. + +1. Get your device's hex value. ('snort -W' works for this) +2. open Regedt32 +3. Navigate out to: HKEY_LOCAL_MACHINE\( \backslash \)SYSTEM\( \backslash \) + CurrentControlSet\( \backslash \)Services\( \backslash \)Tcpip\( \backslash + \)Parameters\( \backslash \)Interfaces\( \backslash \) + {XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX} +4. Select the network card you wish to setup as the monitoring interface (this + will be the {XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX} value). +5. Set IPAddress:REG_MULTI_SZ: to null (Double click on the string, delete + data in the Multi-String Editor, then click OK) +6. Set SubnetMask:REG_MULTI_SZ: to null (Double click on the string, delete + data in the Multi-String Editor, then click OK) +7. Set DefaultGateway:REG_MULTI_SZ: to null (Double click on the string, + delete data in the Multi-String Editor, then click OK) +8. Close the Registry Editor, your changes will be saved automatically. +9. In a command prompt, run 'ipconfig' to verify the interface does not have + an IP bound to it. + +If you do not receive an IP address listing from the interface you modified, +you are good to go. To run snort with the specified interface, use the -i flag +such as 'snort -v -d -p -i1' + +3.2 How do I setup a receive-only ethernet cable? + +Use an ethernet tap, or build your own 'receive-only' ethernet cable. Anyway, +here is the cable I use: + + * []LAN Sniffer + + 1 ---\ /- 1 + + 2 --\ | \- 2 + + 3 --+-*--- 3 + + 4 - | - 4 + + 5 - | - 5 + + 6 --*---- 6 + + 7 - - 7 + + 8 - - 8 + +Basically, 1 and 2 on the sniffer side are connected, 3 and 6 straight through +to the LAN. 1 and 2 on the LAN side connect to 3 and 6 respectively. This fakes +a link on both ends but only allows traffic from the LAN to the sniffer. It +also causes the 'incoming' traffic to be sent back to the LAN, so this cable +only works well on a hub. You can use it on a switch but you will get ...err... +interesting results. Since the switch receives the packets back in on the port +it sent them out, the MAC table gets confused and after a short while devices +start to drop off the switch. Works like a charm on a hub though. + +Another method which uses a capacitor and should work on 100mbs links: + + http://www.geocities.com/samngms/sniffing_cable + +And another: + + The UTP Y-Cable specified by Joe Lyman: + +A less noisy option: it involves a couple of cat 5 cables and a single speed +hub. The idea is to use the rcv cables for the wire going to the sniffer box +and use the xmit cables from another hub port. This will give you a link light +and allow your sniffer to rcv only. Cannot xmit because the xmit cables are not +connected. This has been successfully used on netgear single speed hubs. It +wont work on dual speed hubs due to the negotiation of speed. + +Pin outs. They are reversed in the picture in order to prevent lines from +crossing, and I only included the pins used. + + * []HUB PORT 1 HUB PORT 2 + + ----- ----- + + x x r r r r x x + + 6 3 2 1 1 2 3 6 + + | | | | | | + + | | | ----------- | + + | | ------------- + + | | + + | | + + | | + + | | + + 6 3 2 1 + + r r x x + + ---- + + SNIFFER + + x = xmit + + r = rcv + +You could make it a single cable by adding a battery to simulate the voltage +from the xmit cables on the nic, but batteries die. + +It's not recommended to cut the transmit side, shunt it to ground (pin 2). Some +OS's will disable the interface if PIN 1 does not indicate a completed circuit. + +3.3 What are HOME_NET and EXTERNAL_NET? + +HOME_NET and EXTERNAL_NET are standard variable names that all of the Snort.Org +rules use. HOME_NET refers to the network(s) that you want to protect, where +EXTERNAL_NET is the network(s) that you think attacks would come from. + +3.4 My network spans multiple subnets. How do I define HOME_NET? + +Snort 1.7 supports IP lists. You can assign a number of addresses to a single +variable. For example: + + var HOME_NET [10.1.1.0/24,192.168.1.0/24] + +Note: Not all preprocessors support IP lists at this time. Unless otherwise +stated, assume that any preprocessor using an IP list variable will use the +first value as the HOME_NET. The portscan preprocessor is an example. To catch +all detectable portscans, pass 0.0.0.0/0 in as the first parameter. + + preprocessor portscan: 0.0.0.0/0 5 3 portscan.log + +Use the portscan-ignorehosts preprocessor to fine tune and ignore traffic from +noisy, trusted machines. + +3.5 How do I set EXTERNAL_NET? + +Many people set EXTERNAL_NET to ``any''. + + var EXTERNAL_NET any + +By setting it to ``any'' Snort will alert you on any traffic matching a rule +coming into or leaving your network. + +To cut down on the work that Snort has to do, many people set it to ``not +HOME_NET''. + + var EXTERNAL_NET !$HOME_NET + +This tells Snort to define EXTERNAL_NET as everything except HOME_NET. For most +people this is the best thing to set it to. + +3.6 How can I run snort on multiple interfaces simultaneously. + +LINUX: If you aren't running snort on linux 2.1.x/2.2.x kernel (with LPF +available) the only way is to run multiple instances of snort, one instance per +interface (with the -i option specifying the interface). However for linux +2.1.x/2.2.x and higher you can use libpcap library with S. Krahmer's patch +which allows you to specify 'any' as interface name. In this case snort will be +able to process traffic coming to all interfaces. + +*BSD: Use the ``bridge'' interface to combine your nics into a logical +interface (bridge0). + +3.7 My IP address is assigned dynamically to my interface, can I use snort with +it? + +Yes. With snort 1.7 and later, _ADDRESS variable is available. The +value of this variable will be always set to IP address/Netmask of the +interface which you run snort at. if interface goes down and up again (and an +IP address is reassigned) you will have to restart Snort. For earlier versions +of snort numerous scripts to achieve the same result are available. + +3.8 I have one network card and two aliases, how can I force snort to "listen" +on both addresses ? + +Since version 1.7, you can specify an IP list like this: + + var HOME_NET [ 192.168.10.0/24, 10.1.1.1/16 ] + +3.9 How do I ignore traffic coming from a particular host or hosts? + +There are two basic ways to ignore traffic from a host: + + * Pass Rules + * BPF Filters + +Details: + +1. Pass Rules: + + Advantages: + + Gives you rule based control over the packets. + + Puts all your changes into 'one place'-snort.conf. + + Disadvantages: + + Reverses the Rule order, can cause some headaches in tracking down + problems. + + One poorly written pass rule can 'blind' your whole network. + + The more specific the pass rule is, the more CPU snort needs to process + it which may be important on loaded nets. + + Example: + + For example to ignore ALL ICMP traffic from host using a pass + rule: + + pass icmp any -> $HOME_NET any + +2. BPF Filters: + + + Advantages: + + Drops the packet at the BPF interface, which saves on processing. + + Speeds up Snort since it 'never sees' those packets. + + Disadvantages: + + Poorly constructed filters can 'blind-side' you. + + Example: + + To ignore all traffic from 192.168.0.1: + + snort not host 192.168.0.1 + + To ignore all ICMP ECHO-REQUESTS (pings) and ICMP-ECHO REPLY's (ping + reply) from host : + + snort ``not ( (icmp[0] = 8 or icmp[0] = 0) and host + )'' + +3.10 How do I get Snort to log the packet payload as well as the header? + +Use the "-d" command line option to log packet payload, or use the ``-b'' +option to log the full binary packet. + +3.11 Why are there no subdirectories under /var/log/snort for IP addresses? + +It depends on how your Snort configuration logs. If it logs in binary format, +you'll have to process the binary log in order to get cleartext. You also might +have ``-A '' on the command line. Command line options always take +override the .conf file. + +3.12 Why does the portscan plugin log "stealth" packets even though the host is +in the portscan-ignorehosts list? + +These types of TCP packets are inherently suspicious, no matter where they are +coming from. The portscan detector was built with the assumption that stealth +packets should be reported, even from hosts which are not monitored for +portscanning. An option to ignore "stealth" packets may be added in the future. + +3.13 What the heck is a ``Stealth scan''? + +A Stealth scan can refer to more than one type of scan. + + * Half-Open or SYN scan-Instead of completing the full TCP + three-way-handshake a full connection is not made. A SYN packet is sent to + the system and if a SYN/ACK packet is received it is assumed that the port + on the system is active. In that case a RST/ACK will be sent which will + determined the listening state the system is in. If a RST/ACK packet is + received, it is assumed that the port on the system is not active. + * FIN scan-According to RFC 793 a system should send back an RST for all TCP + ports closed when they receive a FIN packet for a specific port. + * XMAS tree scan-According to RFC 793 a system should send back an RST for + all TCP ports closed when they receive a FIN/URG/PUSH packet for a specific + port. + * NULL scan-According to RFC 793 a system should send back an RST for all TCP + ports closed when they receive a packet without any specified IP flags for + a specific port. + * Slow scan-Any of the above scans could be used as a slow scan. A slow scan + is when the attacker sends packets at a _very_ slow rate. Sometimes these + scans can be conducted over hours, days, or weeks. The idea is since they + are so slow, the victim's security measures won't ``notice'' the scan. + +3.14 What the heck is a SYNFIN scan? + +SYNFIN scans got their name because there are both the SYN and FIN flags set. + +3.15 Which takes precedence, commandline or rule file ? + +The command line always gets precedence over the rules file. If people want to +try stuff out quickly without having to manually edit the rules file, they +should be able to override many things from the command line. + +3.16 How does rule ordering work? + +FOR 2.0 =>: + +Please see the documents on v2.0 at: +myquotehtmladdnormallinkhttp://www.snort.org/docs/#devel http://www.snort.org/ +docs/#devel + +FOR <= 1.9.X: Marty has answered this many times on the snort-users mailing +list. Here is an excerpt from a post on Thu, 22 Feb 2001 00:31:53 -0500, titled +"Re: [Snort-users] order of evaluation of rules" + +Currently, the data structures that store Snort rule data are the RuleTreeNodes +(RTN) and the OptTreeNodes (OTN). These data structs are stored in a two +dimensional linked list structure with the RTNs forming the top row of the +"Array" and the OTNs forming the columns under the RTNs. Here's an ASCII +illustration from the infamous "lisapaper": + + * []RTN RTN RTN + + ------- ------- --- + + | Chain Header | | Chain Header | | Chai + + | | | | | + + | Src IP | | Src IP | | Src + + | Dst IP |--->| Dst IP |--->| Dst + + | Src Port | | Src Port | | Src + + | Dst Port | | Dst Port | | Dst + + | | | | | + + ------- ------- --- + + | | + + | | + + | | + + OTN \|/ OTN \|/ + + ----V--- ----V---- + + | Chain Option | | Chain Option | + + | | | : | + + | Content | : + + | TCP Flags | : + + | ICMP Data | + + | Payload Size | + + | etc. | + + | | + + -------- + + | + + | + + | + + OTN \|/ + + ----V--- + + | Chain Option | + + | | + + | Content | + + | TCP Flags | + + | ICMP data | + + | Payload Size | + + | etc. | + + | | + + ------- + + | + + | + +Rules with similar rule headers (i.e. all the CGI rules, the old stealth port +scan detection rules, most of the rules that focus on any single service, etc) +are grouped under a single RTN for the sake of efficiency and the applicable +OTNs are hung below them. For instance, if you have three rules like this: + + alert tcp any any -> $HOME 80 (content: "foo"; msg: "foo";) + alert tcp any any -> $HOME 80 (content: "bar"; msg: "bar";) + alert tcp any any -> $HOME 80 (content: "baz"; msg: "baz";) + +They all get grouped under the same RTN and the OTNs are "hung" beneath them +like this: + + * [] RTN RTN + + ---------- ---------- + + | SIP: any | | SIP: any | + + | SP: any |---->| SP: any | + + | DIP: $HOME | | DIP: $HOME | + + | DP: 80 | | DP: 1-1024 | + + ---------- ---------- + + | | + + | | + + OTN \|/ \|/ + + -----v----- -----v----- + + | content: foo | | flags: S | + + | msg: foo | | msg: example | + + ---------- ---------- + + | + + | + + OTN \|/ + + -----v----- + + | flags: S | + + | msg: Port 80 SYN! | + + ---------- + + | + + | + + OTN \|/ + + -----v----- + + | content: baz | + + | msg: baz | + + ---------- + +This is an efficient way to do things because we only need to check the data in +the RTN once with this method. There is actually another dimension to this +array: the function pointer list. Each node in the "array" has a linked list of +function pointers attached to it. The functions in this list are the tests that +need to be done to determine whether the data in the current packet matches the +current rule node's information. Having this function pointer list gives us +great efficiency and flexibility: we don't need to perform tests for things the +current rule doesn't contain (e.g. "any" ports/IPs, packet content on +non-content rules, etc). It also allows us to analyze the packet with any +function without having to make major modifications to the whole program (which +was the case in versions prior to version 1.5). + +There are a couple of implications of this architecture. For the sake of this +discussion on rules ordering, the one we're interested in is that rule order is +tricky to figure out. For instance + + alert tcp any any -> $HOME 80 (content: "foo"; msg: "foo";) + alert tcp any any -> $HOME 1:1024 (flags: S; msg: "example";) + alert tcp any any -> $HOME 80 (flags: S; msg: "Port 80 SYN!";) + alert tcp any any -> $HOME 80 (content: "baz"; msg: "baz";) + +gets built like this: + + * []\begin{verbatim} + + RTN RTN + ---------- ---------- + + | SIP: any | | SIP: any | + + | SP: any |---->| SP: any | + + | DIP: \$HOME | | DIP: \$HOME | + + | DP: 80 | | DP: 1-1024 | + + ---------- ---------- + + | | + + | | + + OTN \|/ \|/ + + -----v----- -----v----- + + | content: foo | | flags: S | + + | msg: foo | | msg: example | + + ---------- ---------- + + | + + | + + OTN \|/ + + -----v----- + + | flags: S | + + | msg: Port 80 SYN! | + + ---------- + + | + + | + + OTN \|/ + + -----v----- + + | content: baz | + + | msg: baz | + + ---------- + +Note that all three of the port 80 rules will be checked before the "1:1024" +rule due to the order in which the applicable RTN has been created. This is +because the rules parser builds the first chain header for port 80 traffic and +sticks it on the rules list, then on the next rule it sees that a new chain +header is required, so it gets built and put in place. In this case you would +intuitively expect to get the "example" message and never see the "Port 80 SYN! +", but the opposite is true. + +3.17 How do I configure stream4? + + Stream4 is an entirely new preprocessor that performs two functions: + + * Stateful inspection of TCP sessions + * TCP stream reassembly + +Marty implemented stream4 out of the desire to have more robust stream +reassembly capabilities and the desire to defeat the latest "stateless attacks" +that have been coming out against Snort (c.f. stick and snot). Stream4 is +written with the intent to let Snort be able to handle performing stream +reassembly for "enterprise class" users, people who need to track and +reassemble more than 256 streams simultaneously. Marty optimized the code +fairly extensively to be robust, stable, and fast. The testing and calculations +I've performed lead me to be fairly confident that stream4 can provide full +stream reassembly for several thousand simultaneous connections and stateful +inspection for upwards of 64,000 simultaneous sessions. + +Stream4 is a large and complex piece of code (almost 2000 lines) and there are +a lot of options associated with its runtime configuration, so I'll go over +them here. + + preprocessor stream4: [noinspect], [keepstats], [timeout ], + [memcap] + +stream4_reassemble defaults: + + Reassemble client: ACTIVE + Reassemble server: INACTIVE + Reassemble ports: 21 23 25 53 80 143 110 111 513 + Reassembly alerts: ACTIVE + +There is a new command line switch that is used in concert with the stream4 +code, "-z". If the -z switch is specified, Snort will only alert (for TCP +traffic) on streams that have been established via a three way handshake or +streams where cooperative bidirectional activity has been observed (i.e. where +some traffic went one way and something other than a RST or FIN was seen going +back to the originator). With "-z" turned on, Snort completely ignores +TCP-based stick/snot "attacks". + +3.18 Where does one obtain new/modified rules? How do you merge them in? + +New rules can be downloaded via CVS or alternatively may be found at http:// +www.snort.org . There is a mailing list dedicated to snort rules, called +snort-sigs hosted at Sourceforge. There are some scripts/programs to help you +with rule management: + + * oinkmaster: It is a simple Perl script to update the ruleset for you. + + http://www.algonet.se/~nitzer/oinkmaster/ + + * IDS Policy Manager: It is a win32 application that updates the ruleset + using a gui then upload your rulesets via scp. + + http://www.activeworx.com/idspm + + * snortpp: a program to merge multiple files into one master file sorted by + SID. + + http://dragos.com/snortpp.tgz + +There is also this script that might be useful: + + * []#!/bin/sh + + ########################################################################### + #### + + # + + # Das Skript zum Herunterladen und installieren neuer IDS-Signaturen. + + # + + ########################################################################### + #### + + MAILTO="admin@mydomain.de" + + MACHINE="machine1" + + #set -x + + SIGS_URL1="http://www.snort.org/dl/signatures/snortrules-stable.tar.gz" + + MD5_URL1="http://www.snort.org/dl/signatures/snortrules-stable.tar.gz.md5" + + WGET="/usr/bin/wget" + + #WGET_PARAMS="-N" + + WGET_PARAMS="-t 3 -T 5 -N -a /etc/snort/snort.log -P /etc/snort" + + # Wget parameters: + + # + + # -t : Retries (here 3) + + # -N : Get the file only if newer + + # -a : Append the log messages to the specified file + + # -P : Save the file to the specified directory + + # -T : Timeout + + ECHO="/bin/echo" + + TAR="/bin/tar" + + KILL="/bin/kill" + + PIDOF="/sbin/pidof" + + SNORT="/usr/local/bin/snort" + + SNORTUSER="snort" + + SNORTGROUP="snort" + + KILLSIG="SIGUSR1" + + SERVICE="/sbin/service" + + # Where is the Snort configuration dir: + + RULESPATH="/etc/snort/snortrules" + + SNORTCFGPATH="/etc/snort" + + MD5SUM="/usr/bin/md5sum" + + MD5SUM_PARAMS="" + + # The list of sensor interfacec divided by blanks + + IFACES="eth0" + + ########################################################################### + #### + + # F U N C T I O N S + + # + + ########################################################################### + #### + + ########################################################################### + #### + + # + Die Funktion, die Snort fuer alle def. Interfaces auf dem System startet + # + + # + + # + + # + Um sie zu erweitern muss man zwei Dinge tun: + # + + # + 1. Die Parameterliste von Interfaces erweitern + # + + # 2. Das Konfigurationsfile unter /etc/snort/ + snort.conf_ethX anlegen # + + # + + # + + ########################################################################### + #### + + restartsnort() { + + # Restarting Snort for all interfaces + + for i in $IFACES; do + + "$ECHO" "Setting up Snort for interface "$i"" + + $ECHO "Restarting Snort..." + + #/usr/bin/killall snort + + if [ -f /var/run/snort_"$i".pid ] + + then + + PID=$("$PIDOF" "$SNORT") + + if [ -z "$PID" ] + + then + + "$SERVICE" snort restart + + else + + #`cat /var/run/snort_"$i".pid` + + "$ECHO" "Restarting Snort running with PID "$PID" and reloading the rules..." + + "$KILL" -s "$KILLSIG" "$PID" + + fi + + else + + "$ECHO" "No PID file for interface "$i" found under /var/ + run" + + fi + + "$ECHO" "Starting Snort" + + "$SNORT" -a -b -c "$SNORTCFGPATH""/snort.conf_""$i" -I -D -v + + -i $i -u "$SNORTUSER" -g "$SNORTGROUP" + + PID=`cat /var/run/snort_"$i".pid` + + "$ECHO" "Snort running now with PID "$PID"" + + done + + } + + ########################################################################### + #### + + # + Die Funktion zum ueberpruefen, ob und wie Snort auf dem System laeuft + # + + ########################################################################### + #### + + checksnort() { + + SNORTS=$("$PIDOF" "$SNORT" | wc -w | awk '{print $1}') + + SNORT_PIDS=$(/usr/bin/find /var/run -name snort\_eth[0-9]\.pid -ls | + + wc -l | awk '{print $1}') + + "$ECHO" "Snort instances counted: $SNORTS" + + "$ECHO" "Snort PID files found: $SNORT_PIDS" + + # 1. Fall: Snort laeuft nicht oder PID-File nicht da: + + if [ "$SNORTS" = "0" -o "$SNORT_PIDS" = "0" ] + + then + + "$ECHO" "Snort seems to be down or no PID file there..." + + "$ECHO" "Restarting Snort for all Interfaces..." + + "$SERVICE" snort restart + + fi + + # 2. Fall: Anzahl der Instanzen ungleich der Anzahl der PID-Files + + if [ "$SNORTS" -gt "$SNORT_PIDS" ] + + then + + "$ECHO" "More Snort instances than found PID files..." + + "$ECHO" "Something is wrong outthere..." + + "$ECHO" "Stopping all Snort processes..." + + # /usr/bin/killall -9 snort + + "$SERVICE" snort stop + + "$ECHO" "Hold on... Restarting Snort now..." + + "$SERVICE" snort restart + + fi + + + + # + 3. Fall: Anzahl der Instanzen stimmt mit der Anzahl der PID-files ueberein + + + + } + + ########################################################################### + #### + + ########################################################################### + #### + + getrules() { + + # Get the rules, since we know that they are newer... + + $WGET $WGET_PARAMS $SIGS_URL1 + + $WGET $WGET_PARAMS $MD5_URL1 + + "$ECHO" "Readout the checksum..." + + # MD5-Summe auslesen + + if [ -f /etc/snort/snortrules-stable.tar.gz.md5 ] + + then + + MD5SUM1=`grep MD5 \ + + /etc/snort/snortrules-stable.tar.gz.md5|awk + + '{print $4}'` + + else + + "$ECHO" "Error! No MD5-file found" + + exit 1 + + fi + + "$ECHO" "Generating our own checksum..." + + # MD5-Summe bilden + + if [ -f /etc/snort/snortrules-stable.tar.gz ] + + then + + MD5SUM2=`md5sum /etc/snort/snortrules-stable.tar.gz|awk '{print $1}'` + + else + + "$ECHO" "Error! No rules file found" + + exit 1 + + fi + + if [ "$MD5SUM1" = "$MD5SUM2" ] + + then + + "$ECHO" "The MD5-Checksum fits!" + + "$ECHO" "$MD5SUM1" + + "$ECHO" "$MD5SUM2" + + "$ECHO" "$MD5SUM1" >> /etc/snort/snort.log + + "$ECHO" "$MD5SUM2" >> /etc/snort/snort.log + + "$ECHO" "Proceeding..." + + # /bin/sleep 1 + + else + + "$ECHO" "Error! Wrong checksum! Aborting!" + + "$ECHO" "Install rules manually!" + + "$ECHO" "$MD5SUM1" >> /etc/snort/snort.log + + "$ECHO" "$MD5SUM2" >> /etc/snort/snort.log + + exit 1 + + fi + + # Extract the new rules + + if [ -f "/etc/snort/snortrules-stable.tar.gz" ] + + then + + "$ECHO" "Extracting Snort rules..." + + "$TAR" -xzvf /etc/snort/snortrules-stable.tar.gz -C /etc/snort + + else + + "$ECHO" "Lost the file! Something is wrong!" + + "$ECHO" "Aborting!!" + + exit 1 + + fi + + # Deleting old rules + + # Existiert das Verzeichnis ueberhaupt? + + if [ -d "$RULESPATH" ] + + then + + # /bin/rm "$RULESPATH"/*.rules + + /bin/mv -f /etc/snort/rules/*.rules "$RULESPATH" + + /bin/cp -f /etc/snort/rules/classification.config "$SNORTCFGPATH" + + else + + "$ECHO" "Missing rules-directory!" + + "$ECHO" "Aborting!" + + exit 1 + + fi + + + + # Cleaning up... + + /bin/rm -rf /etc/snort/rules + + # Give everything to root + + /bin/chown root:root ${RULESPATH}/* + + } + + ########################################################################### + #### + + # + M A I N + # + + ########################################################################### + #### + + # Error handling first + + FCHK=$(/usr/bin/wget -spider -N -t 3 -T 5 "$SIGS_URL1" -P /etc/snort 2>&1) + + ERR_MSG=$("$ECHO" "$FCHK" | egrep -oi "failed error") + + # Log the error message explicitly + + "$ECHO" "$FCHK" >> /etc/snort/snort.log + + # If there is a word "failed" or "error" we break.. + + if [ "$("$ECHO" "$FCHK"| grep -i "failed")" ] || \ + + [ "$("$ECHO" "$FCHK"| grep -i "error")" ] + + then + + "$ECHO" "Error getting the files. The server seems to be not available." + + "$ECHO" "Error message:" + + "$ECHO" "$FCHK" + + "$ECHO" "Aborting!" + + exit 0 + + fi + + + + "$ECHO" "Checking/getting files..." + + # First extract the wget message + + FCHK=$(/usr/bin/wget -spider -N -t 3 -T 5 "$SIGS_URL1" \ + + -P /etc/snort 2>&1 | grep "not retrieving") + + /bin/date >> /etc/snort/snort.log + + "$ECHO" "Wget-output:" + + "$ECHO" $FCHK + + # Logging what we've done and when + + "$ECHO" "$FCHK" >> /etc/snort/snort.log + + if [ -z "$FCHK" ] + + then + + "$ECHO" "The files on the server seem to be newer." + + "$ECHO" "We will get them now..." + + getrules + + # Reload rules + + "$SERVICE" snort reload + + # restartsnort + + else + + # + "$ECHO" "The signature files on the server are older or not newer." + + "$ECHO" "Doing nothing for now..." + + "$ECHO" "Checking if Snort is running...." + + checksnort + + exit 0 + + fi + + # Send Email + + "$ECHO" -e "`ls -lA "$RULESPATH"`\n\nSnort running with PID $("$PIDOF"\ + + "$SNORT")" | mail -s "Reloaded Snort signatures on $MACHINE"\ + + "$MAILTO" + + ########################################################################### + #### + + ########################################################################### + #### + + exit 0 + + #EOF + +3.19 How do you get the latest snort via cvs? + + The Snort project's SourceForge CVS repository can be checked out through +anonymous (pserver) CVS with the following instruction set. The module you wish +to check out must be specified as the modulename. When prompted for a password +for anonymous, simply press the Enter key. + + cvs -d:pserver:anonymous@cvs.snort.sourceforge.net:/cvsroot/snort login + + cvs -z3 -d:pserver:anonymous@cvs.snort.sourceforge.net:/cvsroot/snort co + snort + +Updates from within the module's directory do not need the -d parameter. + +3.20 How do I use a remote syslog machine? + +Add the syslog switch, -s, and put this statement syslog.conf + + auth.alert @managmentserverIP + +Look at your snort.conf file for more info on the facility and Priority +settings. + +Make sure you have syslogd on management server configured to allow syslog over +UDP. Under RedHat, you can do this by editing /etc/sysconfig/syslog and adding +the following line: + + SYSLOGD_OPTIONS="-r -m 0" + +This will start syslogd with the mark interval set to 0 (turning it off) and +set it to receive network connections. + +Then restart syslog. ``man syslogd'' for more info. You might also want to +investigate syslog-ng^[*]. + +Example invocation of snort: + + /usr/local/bin/snort -c /etc/snort/snort.conf -I -A full -s 192.168.0.2:514 + -i rl0 + +Note for Win32 users: + +Frank Knobbe wrote a patch for Snort to allow you to use '-s ' on the +command line under Windows without nullifying the snort.conf. In other words, +Snort still uses all settings from snort.conf but in addition uses the host +from '-s' to send syslog alerts to. You can find the patch at + + http://www.snort.org/dl/contrib/patches/win32syslog/ + +3.21 How do I build this ACID thing? + +Read carefully through all the docs for each package. Getting ACID to work is a +lot of work, since it depends on many packages. You need a working Apache, a +working PHP, a working GD (and the many libraries GD depends on), the ADODB +package, and Phplot. This is a lot of stuff to configure. + +A typical sequence to get this all working on Solaris 8: Use some binary +packages from a trusted Sun freeware site (sunfreeware.com). The most problems +were with PHP and the GD library. GD itself needs a bunch of packages and +libraries to work also. It needs the libpng stuff, the libjpeg stuff (if you +want jpeg), etc, etc. Read through the readme for GD. So you either need to get +these and compile them also, or get some binary packages. PHP is the most +difficult thing to get compiled correctly. The PHP package needs to be compiled +with lots of "-with" flags for GD to work properly, otherwise it gets lots of +run-time unresolved reference errors. Just using a "with" for GD isn't +sufficient. You also need to "with" each library which GD uses also, or PHP +can't find the functions it needs. Here's the "configure" line you can use to +get PHP working: + + ./configure --with-mysql --with-apxs=/usr/apache/bin/apxs --with-gd + --enable-sockets --with-jpeg-dir=/usr/local/lib --with-png-dir=/usr/local/ + lib --with-zlib-dir=/usr/local/lib --with-xpm-dir=/usr/local/lib + + These 'with' statements basically have the effect of the Makefile including -L +and -R statements for each library so that both the compile and run time +linkers can find all the functions needed to find in the Apache module +environment. Apache doesn't seem to consult the LD_LIBRARY_PATH when running a +module (or PHP doesn't, or there's some config item in the Apache conf files, +but you can just use the "withs"). + +Basically, you need to work from the bottom up. So you need to obtain/compile +any libraries that GD needs and install them, and any libraries/packages those +packages need. Then once you get GD compiled properly and installed, compile +PHP. Then make a PHP script that calls phpinfo() (this is referenced in the +ACID install) and carefully examine the page produced. Once satisfied PHP is +working, then the 'foundation' is ready for the other stuff. Install PHplot and +run a few of the tests. If they succeed, then install ADODB and ACID, tweak the +config files, and it should all work. (heh, heh) + +Also make sure you read the ACID FAQ on the web site. There's some stuff not in +the ACID install guide that should probably be there. Namely the fact that the +PHP "register_globals" option must be turned on in the php.ini file (it's off +in the default PHP configurations). + +ACID FAQ: http://www.andrew.cmu.edu/~rdanyliw/snort/acid_faq.html + +4 Rules and Alerts + +4.1 Errors loading rules files + +Some common ones: + + * ERROR telnet.rules:YYY => Port value missing in rule! + * ERROR telnet.rules:YYY => Bad port number: "(msg:"blah" + * ERROR telnet.rules:YYY => Couldn't resolve hostname blah + +What's going on? + +``telnet.rules'' is the file where the syntax error occurred, and ``YYY'' is +the line number it occurred on. There are a couple of possibilities: + +1. The rule is missing a port value, has an invalid port number, or a bad + hostname - in which case the ruleset author/maintainer should be notified. +2. More often, the rule is just fine, but a variable in it was not declared. + Open the rules file, look at the rule on the line number provided, and + confirm that the variables it uses have been declared. You can read more + about variables from + + http://www.snort.org/docs/writing_rules/chap2.html#tth_sEc2.1.2 + +4.2 Snort says "Rule IP addr ("1.1.1.1") didn't x-late, WTF?" + +Get rid of the quotes around the IP address and try again. + +4.3 Snort is behind a firewall and awfully quiet... + +Your firewall rules will also block traffic to the snort processes. + +Note: This does not apply if Snort is installed _on_ the firewall box. + +4.4 Does snort see packets filtered by IPTables/IPChains/IPF/PF? + +Snort operates using libpcap. In general it sees everything the network adapter +driver sees before the network stack munges it. Linux IPTables, Linux IPChains, +BSD PF and IPF and other packet filters do not prevent snort from seeing a +packet that is present on the network wire. Even if an inbound packet is denied +by the packet filter Snort will still see and analyze the packet if it is +listening to that interface. Snort/pcap sees whatever comes out of or goes into +the network adapter. + +Note however that Snort is affected to the extent that the stream of data on +the network wire is affected. Thus Snort will not see outbound packets which +were denied while being sent since they will never reach the network adapter. + +Under OpenBSD you can snort just the PF rejects by using the /dev/pflogN +interface. + +4.5 I'm getting large amounts of . What should I do? Where +can I go to find out more about it? + +Some rules are more prone to producing false positives than others. This often +varies between networks. You first need to determine if it is indeed a false +positive. Some rules are referenced with ID numbers. The following are some +common identification systems, and where to go to find more information about a +particular alert. + ++---------------------------------------------------------------------------------------+ +| System | Example | URL | +|---------+---------------+-------------------------------------------------------------| +| IDS | IDS182 | http://www.whitehats.com/IDS/182 | +|---------+---------------+-------------------------------------------------------------| +| CVE | CVE-2000-0138 | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0138 | +|---------+---------------+-------------------------------------------------------------| +| Bugtraq | BugtraqID 1 | http://www.securityfocus.com/vdb/bottom.html?vid=1 | +|---------+---------------+-------------------------------------------------------------| +| McAfee | Mcafee 10225 | http://vil.nai.com/vil/dispVirus.asp?virus_k=10225 | +|---------+---------------+-------------------------------------------------------------| +| Nessus | Nessus 11073 | http://cgi.nessus.org/plugins/dump.php3?id=11073 | ++---------------------------------------------------------------------------------------+ + +It may be necessary to examine the packet payload to determine if the alert is +a false positive. The packet payload is logged using the -d option. If you +determine the alerts are false positives, you may want to write pass rules for +machines that are producing a large number of them. If the rule is producing an +unmanageable amount of false positives from a number of different machines, you +could pass on the rule for all traffic. This should be used as a last resort. + +4.6 What about all these false alarms? + +Most think that a pile of false positives is infinitely preferable. Then people +can turn off what they don't want. The reverse, having a small rule set, can +lure people into complacency thinking that Snort is doing "its thing" and there +is nothing to worry about. + +4.7 What are all these ICMP files in subdirectories under /var/log/snort? + +Most of them are likely destination unreachable and port unreachables that were +detected by snort when a communications session attempt fails. + +4.8 Why does the program generate alerts on packets that have pass rules? + +The default order that the rules are applied in is alerts first, then pass +rules, then log rules. This ordering ensures that you don't write 50 great +alert rules and then disable them all accidently with an errant pass rule. If +you really want to change this order so that the pass rules are applied first, +use the "-o" command line switch, or the ``order'' config directive. + +One other thing to keep in mind is that the alert might be generated from a +preprocessor. If that is the case, then no pass rule will help you minimize the +false positives. You will need to use a BPF filter. + +4.9 What are all these "ICMP destination unreachable" alerts? + +ICMP is the acronym for Internet Control Message Protocol. They are failed +connections. ICMP unreach packet carries first 64 bits(8bytes) or more of the +original datagram and the original IP header. + +The ICMP Destination Unreachable (message type 3) is sent back to the +originator when an IP packet could not be delivered to the destination address. +The ICMP Code indicates why the packet could not be delivered. The original +codes are: + + * 0 - net unreachable + * 1 - host unreachable + * 2 - protocol unreachable + * 3 - port unreachable + * 4 - fragmentation needed and DF bit set + * 5 - source route failed + +As far as why... "it all depends..." + +ICMP Unreachable Error Messages are divided into two groups: + +1. ICMP Unreachable Error Messages issued by routers (all 16 of them) +2. ICMP Unreachable Error Messages issued by a Host (only 2) + +What are the only 2 issued by a host? + + * ICMP Port Unreachable - the destination port on the targeted host is closed + (a.k.a. not in a listening state). + * ICMP Protocol Unreachable - the protocol we were trying to use is not being + used on the targeted host. + +Both ICMP Type field and Code field indicates why the packets could not be +delivered. Some snort ICMP alerts" are informational like the ICMP alerts found +in icmp-info.rules. At this time there are no references or even classtypes +associated with these rules. + +Other rules are more likely to be associated with untoward activity. For +example, in icmp.rules you will find: + + alert icmp $EXTERNAL_NET any -> $HOME_NET any (msg:"ICMP ISS Pinger"; + content:"|495353504e475251|";itype:8;depth:32; reference:arachnids,158; + classtype:attempted-recon; sid:465; rev:1;) + +which has a reference where the importance might be determined by checking out +the arachnids reference. The classtype may indicate more or less the relative +importance of the event. + +When a destination UDP port is closed on the targeted host, a.k.a. not in a +listening state, the targeted host will issue an ICMP Port Unreachable error +message back to the offending packets source IP address, given in the query. +Some programs use these messages, like traceroute with *nix based machines. +Windows based machines (tracert) will default to ICMP Echo requests... + +For further information about this see + + * IP - ftp://ftp.isi.edu/in-notes/rfc791.txt + * ICMP - ftp://ftp.isi.edu/in-notes/rfc792.txt + * TCP - ftp://ftp.isi.edu/in-notes/rfc793.txt + * UDP - ftp://ftp.isi.edu/in-notes/rfc768.txt + +and + + http://www.iana.org/assignments/icmp-parameters + +Actually, putting this URL somewhere handy is a good idea: + + http://www.iana.org/ + +There is also a good ICMP paper available at: + + http://www.sys-security.com/ + +4.10 Why do many snort rules have the flags P (TCP PuSH) and A (TCP ACK) set? + +One of the reasons it alerts on a PA flags is to minimize the false positive. +You will only get an alert upon successful connections. If you want to see all +the attempts, you either have to modify the signatures, add you own signatures +or use your firewall logs to see if an attempt to specific a port occurred. + +4.11 Snort says BACKDOOR SIGNATURE... does my machine have a Trojan? + +If you are dumping the data part of the packet, review it. These rules are +known to have high false rates as most of them are just based on numeric port +numbers. + +4.12 What about "CGI Null Byte attacks"? + +It's a part of the http preprocessor. Basically, if the http decoding routine +finds a %00 in an http request, it will alert with this message. Sometimes you +may see false positives with sites that use cookies with urlencoded binary +data, or if you're scanning port 443 and picking up SSLencrypted traffic . If +you're logging alerted packets you can check the actual string that caused the +alert. Also, the unicode alert is subject to the same false positives with +cookies and SSL. Having the packet dumps is the only way to tell for sure if +you have a real attack on your hands, but this is true for any content-based +alert. + +4.13 Why do certain alerts seem to have 'unknown' IPs in ACID? + +The Snort database plug-in only logs packet information into the database when +an alert is triggered by a rule (signature). Therefore, since alerts generated +by pre-preprocessors such as portscan and mini-fragment have no corresponding +rules, no packet information is logged beyond an entry indicating their +occupance. As a consequence, ACID cannot display any packet-level (e.g. IP +address) information for these alerts. For these particular alerts, certain +statistics may show zero unique IP addresses, list the IP address as 'unknown', +and will not list any packet information when decoding the alert. + +4.14 Can priorities be assigned to Alerts using ACID? + +The quick answer to this question is no. ACID is at the mercy of the underlying +database, since Snort doesn't assign priorities, ACID does not have priorities. +Nevertheless, there are some work-arounds: + + * It is possible to enforce priorities of sort at the database level by + writing alerts of different severity to separate databases. For example, + critical alerts such as buffer overflows can be written to one database, + while scan alerts can be written to another. Then load two different + versions of ACID, each pointing to a different instance of the database. + * With manual intervention Alert Groups (AG) can be used to assign priority. + Essentially, this strategy entails creating an AG for each severity level + and manually moving the alerts as they arrive into the appropriate group. + +4.15 What about 'SMB Name Wildcard' alerts? + +Whitehats IDS177 http://dev.whitehats.com/cgi/test/new.pl/Show?_id= +netbios-name-query specifies traffic coming from outside of your local network. +Allowing netbios traffic over public networks is usually very insecure. + +If the rule you are using also refers to ingres traffic only, then it would +explain why you don't see a lot of false positives. For anyone reading that +does see a lot of false positives - if you change your rule to reflect the +source address as being !$HOME (or whatever variable you use to represent your +internal network), then you should see most of the false positives go away. + +The value of this check is that a default administrative share C$ ADMIN$ or +some such has been accessed. This shouldn't happen in normal use - when people +want to share files they should be implicitly defining the shares and ACL. + +4.16 What the heck is a SYNFIN scan? + +SYNFIN scans got their name because there are both the SYN and FIN flags set. + +4.17 I am getting too many "IIS Unicode attack detected" and/or "CGI Null Byte +attack detected" false positives. How can I turn this detection off? + +These messages are produced by the http_decode preprocessor. If you wish to +turn these checks off, add -unicode or -cginull to your http_decode +preprocessor line respectively. + + preprocessor http_decode: 80 8080 -unicode -cginull + +Your own internal users normal surfing can trigger these alerts in the +preprocessor. Netscape in particular has been known to trigger them. + +Instead of disabling them,try a BPF filter to ignore your outbound http traffic +such as: + + snort -d -A fast -c snort.conf not (src net xxx.xxx and dst port 80) + +This has worked very well for us over a period of 5-6 months and Snort is still +very able to decode actual and dangerous cgi null and unicode attacks on our +public web servers. + +4.18 How do I test snort alerts and logging? + +Try a rule that will fire off all the time like: + + alert tcp any any -> any any (msg:"TCP traffic";) + +Also take a look at sneeze at http://snort.sourceforge.net/sneeze-1.0.tar +Sneeze is a false positive generator that reads snort signatures and generates +packets that will trigger the rules. + +4.19 What is the difference between ``Alerting'' and ``Logging''? + + There are two primary output facilities in Snort, logging and alerting. The +alerting facility exists to let you know that something interesting has +happened. The logging facility exists to log full packet information to the +output format (pcap, ascii, database, etc). + +The "alert" action in Snort is hard coded to do two things when an event is +detected by Snort, write an event to the alert facility and log as much as +possible/desired to the output facility. The "log" action merely logs the +current packet to the logging facility without generating an alert. This is +done so you can log interesting things (telnet sessions, whatever) without +having to generate an alert on every packet. + +The database plugin is something of an anomaly because it doesn't separate the +two functionalities very much. The "log" option attaches the log facility and +the "alert" option attaches it to the alert facility. What this means in +practical terms is that if the db plugin is in alert mode, it will only receive +output from alert rules, whereas if it's in "log" mode it will receive output +from both log and alert rules. + +4.20 Are rule keywords ORed or ANDed together? + +From Section 2.1 of the Snort Manual: + + All of the elements in that make up a rule must be true for the indicated + rule action to be taken. When taken together, the elements can be + considered to form a logical AND statement. At the same time, the various + rules in a Snort rules library file can be considered to form a large + logical OR statement. + +4.21 Can snort trigger a rule by MAC addresses? + +Not exactly. Snort logs MAC addresses and other L2 info within the packets. The +arpwatch pre-processor can watch for games with MAC address changes. But there +is no facility for triggering Rules form the L2 information. The content search +keywords and depth and offset begin from the L3 payload, though we haven't +tried playing with really big offsets yet :-). + +4.22 How can I deactivate a rule? + +Rules can be called from an included file in snort.conf, which tells Snort to +follow the path to the rules file specified, and load it at initialization. +Rules can also be included in snort.conf directly. If you want to deactivate a +single rule within any list of rules, you can use one of these techniques: + +1. Delete the rule and re-initialize Snort +2. Place a # in front of the rule, commenting it out, and re-initialize Snort +3. Write a pass rule with the same properties in local.rules (or wherever you + prefer), and re-initialize Snort with the -o option. + +4.23 How can I define an address to be anything except some hosts? + +Use the ! operator. E.g.: + + var EXTERNAL_NET !$HOME_NET + +Note that the negation operator does not work inside a list so the following +will NOT work: + + var EXTERNAL_NET [!192.168.40.0/24,!10.14.0.0/16] + +but this will work: + + var EXTERNAL_NET ![192.168.40.0/24,10.14.0.0/16] + +4.24 After I add new rules or comment out rules how do I make snort reload? + +Usually a kill -HUP will work just fine. But if you are running inside of a +chroot setup, this will not work as expected (see FAQ 6.19). If you're running +like inside of a chroot jail, your best bet would be to kill and restart the +snort process instead. + +4.25 Where do the distance and within keywords work from to modify content +searches in rules ? + +The "distance" keyword gives you a relative offset from the end of the last +match, so it basically acts as a wildcarding mechanism. You can also use the +new "within" keyword to limit how deep into the packet from the end of the +distance it'll search before it stops. + +4.26 How can I specify a list of ports in a rule? + +You can't yet. You can specify a range of ports between X and Y With the +notation X:Y. See the users manual^[*] for more info on port ranges. + +4.27 How can I protect web servers running on ports other than 80? + +It is possible... It's a kludge, but it can work. Since the newer rules use +$HTTP_PORTS variable, you simply reset it and re-run the rules for the other +ports. + +For example: + + var HTTP_PORTS 80 + + include web.rules + + var HTTP_PORTS 8080 + + include web.rules + +4.28 How do I turn off "spp:possible EVASIVE RST detection" alerts? + +You want to pass the ``disable_evasion_alerts'' argument to stream4 in +snort.conf. + +4.29 Is there a private SID number range so my rules don't conflict? + +Yes. Private SID starts at 1000000. + +4.30 How long can Address Lists, Variables, or Rules be? + +The snort parser has an 8K limit on variables and rules *after* expansion. In +practice this is not a major limitation. :-) + +5 Getting Fancy + +5.1 I hear people talking about ``Barnyard''. What's that? + + Barnyard is a output system for Snort. Snort creates a special binary output +format called ``unified''. Barnyard reads this file, and then resends the data +to a database backend. Unlike the database output plugin, Barnyard is aware of +a failure to send the alert to the database, and it stops sending alerts. It is +also aware when the database can accept connections again and will start +sending the alerts again. + +5.2 How do I process those snort logs into reports? + +1. Barnyard 5.1can be used to process unified output files into a number of + formats including output to a database for further analysis. +2. SnortSnarf, a tool for producing HTML out of snort alerts for navigating + through these alerts. + + http://www.silicondefense.com/snortsnarf/ + +3. If you want to set up logging to a database you could try ACID Some + documentation describing the current ACID functionality: + + http://www.cert.org/kb/acid/ + +4. You can manipulate the unified output files directly without a separate + database and browse/correlate them with Cerebus: + + http://dragos.com/cerebus/ + +5. For GUI front ends with simple log browsing look at: + + + HenWen (OSX) + + http://homepage.mac.com/nickzman + + http://home.attbi.com/~rickzman/software/HenWen1.0.sit.bin + + + IDS Center (Win32) + + http://www.packx.net/ + + + Puresecure (UNIX and Win32)-Formerly known as demarc. + + http://www.demarc.com/downloads/puresecure/ + + + SnortCenter (UNIX and Win32) + + http://users.pandora.be/larc/ + + + IDS Policy Manager (Win32) + + http://www.activeworx.com/IDSPM/ + +5.3 How do I log to multiple databases or output plugins? + +Feed the unified output files through barnyard twice to separate databases, +or... + +You can build redundancy by using multiple output plugins. Here are some +examples. + +Multiple instantiations of the database plugin: + + output log_database: mysql, dbname=snort host=localhost user=xyz + output log_database: mysql, dbname=snort host=remote.loghost.com user=xyz + +Remote database and local tcpdump: + + output log_database: mysql, dbname=snort host=remote.loghost.com user=xyz + output log_tcpdump: /var/log/snort.tcpdump + +Then you can replay the tcpdump file through snort to recreate the database. +CAVEAT: just playing back the log packets might not trigger some of the state +dependent pre-processors. + +5.4 How can I test snort without having an ethernet card or a connection to +other computers? + +You have to use routing between two dummy devices: + + modprobe -a dummy # (The dummy device has to be built by the kernel) + + ifconfig dummy0 192.168.0.1 + + ifconfig dummy0:0 192.168.0.2 + + telnet 192.168.0.3 12345 + +It's important that the second IP is on the same interface and not e.g. dummy1 +or dummy2 and that the IP you try to access is not one of those you put on the +interfaces. Use snort's ability to hear in promiscuous mode on an IP address +range. (HOME_NET=192.168.0.0/16) + +5.5 How to start snort as a win32 service? + +1. Use must use complete paths for everything. This means EVERYTHING. Command + line, configuration files, everything. Examples: All include statements + must be full paths. + + WRONG: include scan-lib + + CORRECT: include C:\( \backslash \)snort\( \backslash \)scan-lib + + All Command line options must be full paths. + + WRONG: snort.exe -l ./log + + CORRECT: snort.exe -l C:\( \backslash \)snort\( \backslash \)log + +2. YOU MUST ALWAYS HAVE A LOGGING DIRECTORY SET VIA THE COMMAND LINE (-l + switch). If you do not set a logging directory the service will not start + and, on NT/Win2k, your bootup will hang for about 4 minutes. +3. Make sure that snort runs correctly from the command line, without yet + worrying about any service related issues. Test that all of your desired + command line parameters are causing snort to function as you expect, such + as correctly generating logging and alert output. If you can't get this + part to work, then you don't have much hope of snort miraculously starting + to work as a service. +4. Once you have step (3) running correctly, modify the command line + parameters you used in step (3) to include the additional parameters "/ + SERVICE /INSTALL". For example, if your command line in step (3) was + + snort -i1 -lC:\( \backslash \)snort\( \backslash \)log -cC:\( \ + backslash \)snort\( \backslash \)snort.conf + + then you should change it to be + + snort /SERVICE /INSTALL -i1 -lC:\( \backslash \)snort\( \backslash \) + log -cC:\( \backslash \)snort\( \backslash \)snort.conf + + Verify that the command line parameters were received correctly by running + the command 'snort /SERVICE /SHOW'. +5. Start the service by running the command + + net start snortsvc + + Note that versions 1.9 (build 228), 2.0 (build 50), or any versions newer + than these, will add entries to the Win32 event Log if there is ever a + problem starting the service. + Stop the service by running the command + + net stop snortsvc + +6. The service can be uninstalled by running the command + + snort /SERVICE /UNINSTALL + +5.6 Is it possible with snort to add a ipfilter/ipfw rule to a firewall? + +Yes, with additional software in the contrib directory. But this can be +dangerous and is not recommended unless you know what you're doing. + + * SnortSam + + http://www.snortsam.net + + * You also might wat to look at inline-snort at: + + http://www.snort.org/dl/contrib/patches/snort-inline + + * Guardian is a perl script which uses snort to detect attacks, and then uses + IPchains to deny any further attacks. The Guardian webpage can be found at: + http://www.chaotic.org/~astevens/Guardian/index.html or you can use the + mirror, http://www.cyberwizards.com/~midnite/Guardian/index.html + +But one caveat... running external binaries can also be a performance limiter +and your should read the caution below... + +CHRISTOPHER CRAMER wrote: + + I'm sure this has been mentioned before in similar discussions, but this + feels like a _really_ bad idea. What if the bad guys realize what is going + on and make use of your blocking method as a DoS attack. All one would have + to do start sending a series of triggering packets with spoofed IP + addresses. + + Since I am no longer interested in breaking into your site, but rather + making your life hell, I don't worry about the resulting data getting back + to me. All I have to do is start proceeding up a list of IP addresses that + I think you should no longer be able to talk to. When you come in the next + morning, you find that you can no longer access the world. + + Just my $0.02. + +Danger Will Robinson: Conventional wisdom says that auto-blocking is inherently +dangerous. + +However, for those that like to live at the bleeding edge of tech (and the +separate process scanning logs and processing firewall commands sounds like a +good way to do this...): + +Please remember to include an exclusion list and put on them important sites +such as root servers, other important dns servers (yours, and important sites +for your users), and in general any host you don't want to receive phone calls +about being DoSed when they are spoofed - usually inconveniently like that +first time you actually manage to get on vacation.... (i.e. imagine "Crisis: +the CEO can't reach his favorite redlite.org game.... you have to fly back from +the Carribean asap....") + +5.7 What is the best way to use snort to block attack traffic? + +snort-inline > hogwash >> SnortSAM|Guardian >> flexresp + +5.8 Snort complains about the "react" keyword... + +Rerun configure with the -enable-flexresp option and rebuild/reinstall. + +5.9 How do I get snort to e-mail me alerts? + +You can't. Such a process would slow Snort down too much to make it of any use. +Instead, log to syslog and use swatch or logcheck to parse over the plaintext +logfiles. + +With the logsurfer docs, this might get you on the road to doing something with +snort & logsurfer: + + http://www.obfuscation.org/emf/logsurfer/snort.txt + +JASON HAAR provided an example Swatch (3.1beta) config that emails alerts: + + http://www.theadamsfamily.net/~erek/snort/snort-swatch.conf.txt + +Here are some docs on swatch: + + * http://www.oit.ucsb.edu/~eta/swatch/ + * http://www.stanford.edu/~atkins/swatch + * http://rr.sans.org/sysadmin/swatch.php + * http://www.enteract.com/~lspitz/swatch.html + * http://www.cert.org/security-improvement/implementations/i042.01.html + +IDS Center (see FAQ 5) on Win32 will also mail alerts. + +5.10 How do I log a specific type of traffic and send alerts to syslog? + +An example addition to snort.conf: + + ruletype redalert { + + type alert + + output alert_syslog: LOG_LOCAL2 + + output database: alert, postgresql, user=user dbname=snort password=pwd + + } + +Go into your local.rules and make sure you have something like: + + redalert tcp any any -> any any (msg:"REDRUM REDRUM"; + content:"redalerttest") + +Then just do a telnet and type 'redalerttest'. Presto, alerts to both. + +5.11 Is it possible to have snort call an external program when an alert is +raised? + +Calling another program from within your main IDS loop is generally a bad idea. +Having your IDS block while waiting for of dubious reliability and +origin nevermind timing while the packets are piling up is inviting packet +loss. Especially with the already oh-so-consistent "Gee I think I'll go away +for a minute" rock steady even cpu slicing Windows gives you (that's sarcasm, +sorry). Go with the second approach.... process invocation is expensive on +Windows. + +You want to keep that IDS task humming and munching packets as efficiently as +possible with as few interruptions as possible, IMHO, and not be invoking the +penalty of process invocation.... particularly on Windows where process +invocation is much much heavier task than *nix. + +Even in a secondary process... You'll probably find something that stays +"awake" all the time will work out much more nicely than something that gets +"woken up" on a per alert basis for the aforementioned reasons. + +As a better alternative go check out swatch or logwatch. Also for those new to +UNIX, logging alerts to syslog and then using "tail -f /var/log/messages" might +be what you are looking for. + +5.12 How can I use snort to log http urls or smtp traffic ? + +It can be done with snort, but you might find it faster to use mailsnarf and +urlsnarf from Dug Song's dsniff package. Dsniff is available from + + http://www.monkey.org/~dsong/dsniff/ + +You can get a win32 port of dsniff at + + http://www.datanerds.net/~mike/dsniff.html + +5.13 How can I move data from the snort db to snort_archive db like ACID does? + +Use the perl script snort_archdb.pl found in the contrib dir of the snort +distribution (snort_archdb-90a.tar.gz). + +5.14 What are some resources that I can use to understand more about source +addresses logged and where they are coming from? + + * http://www.arin.org/ + * http://www.caida.org/tools/utilities/netgeo/ + * http://netgeo.caida.org/perl/netgeo.cgi + * http://standards.ieee.org/regauth/oui/oui.txt + * http://www.codito.de/manufactor_hash + * http://coffer.com/mac_find/ + * http://www.idefense.com/Intell/CI022702.html + * http://www.idefense.com/excelfiles/All.zip + +also try "dig". + +5.15 How do I understand this traffic and do IDS alert analysis? + +1. You'll need to understand some basics of IP, TCP, and UDP. Things like + destination addresses, source addresses, common ports, what TCP SYN, FIN + and RST mean, etc. The same kind of basic knowledge of the internet you + need to successfully configure a multi-interface router applies here, + although you don't need to know router syntax. Some useful online + references: + + A truly basic "intro to TCP/IP" http://pclt.cis.yale.edu/pclt/COMM/ + TCPIP.HTM + + A reasonable looking TCP/IP FAQ: http://www.itprc.com/tcpipfaq/ + default.htm + + A basics of firewalls, DMZ's, etc. http://www.ibiblio.org/pub/Linux/ + docs/HOWTO/other-formats/html_single/Firewall-HOWTO.html +2. You'll need to understand some basics of how network attacks work. I'd + recommend skimming over "Smashing the Stack for fun and profit" by Aleph + one. A deep understanding isn't necessary, but a casual read of this will + give you some helpful basics in understanding the kinds of things that + happen in an attack, and give you a better understanding of what to look + for. + + http://www.insecure.org/stf/smashstack.txt + +3. A good guide on securing systems is helpful, something like this one: + + http://www.openna.com/products/books/sol/solus.php + + http://www.seifried.org/lasg/ + +4. You'll need to understand the basics of internet servers, ie: what DNS, + HTTP, FTP, SMTP, etc. are for. Most of that should be covered in the + various other references made here. +5. An excellent reference on "oddball" traffic patterns commonly seen at + network borders, also very helpful: + + http://www.robertgraham.com/pubs/firewall-seen.html + +6. Also take a look at the ``Recommended Reading'' section (see FAQ 1.4) + +5.16 How can I examine logged packets in more detail? + +If you are using unified logging, you can use Barnyard (see FAQ 5.1) + +or the unified log to pcap converter written by Dragos: + + http://dragos.com/logtopcap.c + +You can then get additional decoding of the packet contents by analyzing these +pcap files with either: + + * Tcpdump - http://www.tcpdump.org + * Ethereal - http://www.ethereal.com + +6 Problems + +6.1 I think I found a bug in snort. Now what? + +Get some more diagnostic information and post it to "snort-users" at http:// +lists.sourceforge.net/lists/listinfo/snort-users To get diagnostic information +compile snort as either: + + * []make clean; make CFLAGS=-ggdb + +or + + * []make clean; make "CFLAGS=-ggdb -DDEBUG" + +trace coredump as: + + * []gdb /path/to/snort /path/to/snort/core + + gdb> where + + gdb> bt + + gdb> print \$varname, varname, \$\$varname etc.. + +or if corefile isn't generated snort should be started as + + * []gdb snort + + gdb> run snort\_args\_go\_here + +Then when it crashes: + + * []gdb> where + + gdb> bt + + gdb> print \$varname, varname, \$\$varname etc.. + +6.2 SMB alerts aren't working, what's wrong? + +Make sure you include "-enable-smbalerts" when you run "./configure". + +6.3 Snort says "Garbage Packet with Null Pointer discarded!". Huh? + +This was an internal diagnostic message triggered by an old bug in early +versions of the defragmentation preprocessor. Upgrade to to the latest version +of snort. + +6.4 Snort says "Ran Out Of Space". Huh? + +This is an internal diagnostic message when the defragmentation preprocessor +runs into its 32MB hard allocation space limit. Tell Dragos about it + + +6.5 My ACID db connection times-out when performing long operations (e.g. +deleting a large number of alerts) + +PHP has an internal variable set to limit the length an script can execute. It +is used to prevent poorly written code from executing indefinitely. In order to +modify the time-out value, examine the 'max_execution_time' variable found in +the 'php.ini' configuration file. + +6.6 Why does ACID keep changing my sensor number and how do I keep it +consistent? + +From the code in op_acid_db.c: + + * []/* if sensor id == + 0, then we attempt attempt to determine it dynamically */ if(data-> + sensor_id == 0) + + { + + data->sensor_id = AcidDbGetSensorId(data); + + } + +And AcidDbGetSensorId does the following: + + * []"SELECT sid FROM sensor WHERE hostname='%s' AND interface='%s' " + + "AND filter='%s' AND detail='%u' AND encoding='0'", pv.hostname, + + pv.interface, pv.filter, op_data->detail) + +If it gets a sensor back, it uses that sensor_id, if not, it inserts the new +sensor. So from the code, to keep it consistent, don't change the hostname / +interface / filter and detail. + +6.7 Why does snort report "Packet loss statistics are unavailable under Linux"? + +The Linux IP stack doesn't report lost packet stats. This also has been +recently fixed with the 2.4+ kernel in the new version of libpcap... upgrade +kernels and libpcap and it should now work. + +6.8 My /var/log/snort directory get very large..... + +Try this script to archive the files. + + * []#!/bin/sh + + # + + # Logfile rotation script for snort writen by jameso@elwood.net. + + # + + # This script is pretty basic. We start out by setting some vars. + + # Its job is tho rotate the days logfiles, e-mail you with what + + # it logged, keep one weeks worth of uncompressed logs, and also + + # keep compressed tgz files of all the logs. It is made to be run + + # at midnight everynight. This script expects you to have a base + + # dir that you keep all of your logs, rule sets etc in. You can + + # see what sub dirs it expects from looking at the var settings + + # below. + + # + + # Things to note in this script is that we run this script at 12 + + # every night, so we want to set the dirdate var the day the script + + # runs minus a day so we label the files with the correct day. We + + # Then create a dir for the days logs, move the log files into + + # todays dir. As soon as that is done restart snort so we don't miss + + # anything. Then delete any logs that are uncompressed and over a + + # week old. Then compress out todays logs and archive them away, and + + # end up by mailling out the logs to you. + + # + + # Define where you have the base of your snort install + + snortbase=/usr/snort + + # Define other vars + + # logdir - Where the logs are kept + + # oldlogs - Where you want the archived .tgz logs kept + + # + weeklogs - This is where you want to keep a weeks worth of log files uncompres + + sed + + # dirdate - Todays Date in Month - Day - Year format + + # olddirdate - Todays date in the same format as dirdate, minus a week + + logdir=$snortbase/log + + oldlogs=$snortbase/oldlogs + + weeklogs=$snortbase/weeklogs + + # When I first wrote this script, I only ran it on BSD systems. That was a + + # + mistake, as BSD systems have a date command that apperently lets you walk the + + # + date back pretty easily. Well, some systems don't have this feature, so I had + + # + to change the way that dates are done in here. I left in the old way, because + + + + # + it is cleaner, and I added in a new way that should be portable. If anyone + + # has any problems, just let me know and I will try to fix it. + + # + + # + You have to change the system var to either bsd or other. Set it to bsd if + + # your system supports the "-v" flag. If you are not sure, set it to other. + + system=bsd + + if [ $system = bsd ] + + then + + dirdate=`date -v -1d "+%m-%d-%y"` + + olddirdate=`date -v -8d "+%m-%d-%y"` + + elif [ $system = other ] + + month=`date "+%m"` + + yesterday=`expr \`date "+%d"\` - 1` + + eightday=`expr \`date "+%d"\` - 8` + + year=`date "+%y"` + + dirdate=$month-$yesterday-$year + + olddirdate=$month-$eightday-$year + + fi + + # Create the Dir for todays logs. + + if [ ! -d $weeklogs/$dirdate ] + + then + + mkdir $weeklogs/$dirdate + + fi + + # Move the log files into todays log dir. This is done with + + # a for loop right now, because I am afriad that if alot is + + # logged there may be to many items to move with a "mv *" + + # type command. There may a better way to do this, but I don't + + # know it yet. + + for logitem in `ls $logdir` ; do + + mv $logdir/$logitem $weeklogs/$dirdate + + done + + # Kill and restart snort now that the log files are moved. + + kill `cat /var/run/snort_fxp0.pid` + + # Restart snort in the correct way for you + + /usr/local/bin/snort -i fxp0 -d -D -h homeiprange/28 -l /usr/snort/log \ + + -c /usr/snort/etc/08292k.rules > /dev/null 2>&1 + + # Delete any uncompressed log files that over a week old. + + if [ -d $weeklogs/$olddirdate ] + + then + + rm -r $weeklogs/$olddirdate + + fi + + # Compress and save the log files to save for as long as you want. + + # This is done in a sub-shell because we change dirs, and I don't want + + # to do that within the shell that the script runs in. + + (cd $weeklogs; tar zcvf $oldlogs/$dirdate.tgz $dirdate > /dev/null 2>&1) + + # Mail out the log files for today. + + cat $weeklogs/$dirdate/snort.alert | mail -s "Snort logs" you@domain.com + + cat $weeklogs/$dirdate/snort_portscan.log | + mail -s "Snort portscan logs" you@do + + main.com + +6.9 Why does the 'error deleting alert' message occur when attempting to delete +an alert with ACID? + +Most likely the DB user configure in ACID does not have sufficient privileges. +In addition to those privileges granted to log the alerts into the database +(INSERT, SELECT), DELETE is also required. + +This permission related issue can be confirmed by manually inserting a row into +the database, then trying to delete it. + +1. login to MySQL with the same credentials (i.e. username, password) as you + use in ACID + + mysql -u -p + +2. insert a test row into the event table + + mysql> INSERT INTO event (sid, cid, signature, timestamp) VALUES + (1,1000000, "test", "0"); + + (this assumes that you don't already have a row with an event ID=1000000. + If you do just choose another event id #) + +3. now delete this newly inserted row: + + mysql> DELETE FROM event WHERE sid=1 AND cid=10000000; + + If you where not able to delete, this confirms that this is a permission + problem. Re-login to mysql as root, and issue a GRANT command (giving the + DELETE permission) to the ACID DB user. + + GRANT DELETE on snort.* to acid@localhost + + (this assumes that my alert database is 'snort', username is 'acid', and + logging from the 'localhost') + +6.10 ACID appears to be broken in Lynx + +This is a known issue. Lynx mangles some of the form arguments appended to the +URL. It's resolution is being investigated, but use Netscape, Opera, or IE in +the mean time. + +6.11 I am getting 'snort [pid] uses obsolete (PF_INET, SOCK_PACKET)' warnings, +what's wrong. + +You use older libpcap version with recent linux kernel. There should be no +problem with it as long as your kernel supports SOCK_PACKET socket type. To get +rid off the warning message however, you'll have to upgrade to some recent +version of libpcap. (a copy from www.tcpdump.org is recommended). + +6.12 On HPUX I get device lan0 open: recv_ack: promisc_phys: Invalid argument + +It's because there's another program running using the DLPI service. The HP-UX +implementation doesn't allow more than one libpcap program at a time to run, +unlike Linux. (from snort.c) + +6.13 I am getting snort dying with 'can not create file' error and I have +plenty of diskspace, what's wrong? + +You may run out of free inodes, which basically also means you can not create +more files on the partition. The obvious solution is to rm some ;-) + +6.14 I am using Snort on Windows and receive an ``OpenPcap() error upon +startup: ERROR: OpenPcap() device open: Error opening adapter'' What's wrong? + +Either winpcap is not installed, or you are using an incompatible version. Try +upgrading to the latest version (2.3 as of 01/17/03). It is available from +http://netgroup-serv.polito.it/winpcap/ It might also be an issue with SMP +machines see FAQ Q:### + +6.15 Snort is not logging to my database! + +There are a number of problems that may be causing snort to fail to log to a +database. You should check these: + +1. You did not set up the database plugin in your configuration file. +2. You are using an older database schema, and should update it by running the + create scripts from the /contrib directory of the source tarball. +3. You are using a command line option that overrides what you have in your + configuration file. This is most often -A or -s. NOTE: If you wish to log + to syslog as well, specify so in your configuration file rather then the + command line. +4. There is a problem with your database configuration itself. Make sure the + user you specify has the correct permissions, or that the database is even + up and running. + +6.16 Portscans are not being logged to my database + +You need to change the output facility to 'alert' rather then 'log'. The +portscan preprocessor calls output plugins registered as 'alert' plugins rather +then 'log'. + + output database: alert, mysql, user=snort dbname=snort host=localhost + +6.17 Snort is not logging to syslog + +There are a number of problems that may be causing snort to fail to log to +syslog. You should check these: + + * You are using a command line option that overrides what you have in your + configuration file. This is most often -A. + * It may be logging to the wrong place. Make sure syslog is configured + correctly. + +6.18 I am still getting bombarded with spp_portscan messages even though the IP +that I am getting the portscan from is in my $DNS_SERVERS var + +Try adding /32 netmasks to those addresses: + + var DNS_SERVERS [xxx.xx.0.3/32,xxx.xxx.0.2/32] + +And make sure the $DNS_SERVERS variable is on the portscan-ignorehosts line: + + preprocessor portscan-ignorehosts: $DNS_SERVERS + +6.19 Why chrooted snort die when I send it a SIGHUP? + + It's a known problem with permissions. Workaround, restart snort instead. + +But the longer answer is this: Due to the way the execv(2) call works, it +"Restarts" snort from scratch. This has the odd side effect of making HUPS to a +chrooted snort become recursive. For example, chroot to /snort. It now sees / +snort as / . Now HUP snort. Snort now expects to have /snort/snort as /. In +other words, you have to re-create your directories for your jail inside it. 4 +HUPS and you will be in /snort/snort/snort/snort. + +6.20 My snort crashes, how do I restart it? + +Try one of these two shell scripts or daemontools (refer to website to +daemontools) + + * []#!/bin/sh + + #snorthup: Snort Restarter and Crash Logger + + #(dr@kyx..net with help from kmaxwell@superpages.com) + + $conf = "snort.conf" + + for $IFACE in fxp0 fxp1 + + do + + if [ -f /var/run/snort_$IFACE.pid ]; then + + if ! ps -p `cat /var/run/snort_$IFACE.pid` > /dev/null ; then + + /usr/bin/logger -p user.notice snorthup: removing bogus pidfile + + /usr/bin/ + logger -p user.notice snorthup: restarting absentee snort o + + n $IFACE with conf file $i + + rm -f /var/run/snort_$IFACE.pid + + /usr/local/bin/snort -D -c $conf -i $IFACE + + fi; + + else + + /usr/bin/ + logger -p user.notice snorthup: restarting snort on $IFACE with + + conf file $conf + + /usr/local/bin/snort -D -c $conf -i $IFACE + + fi + + done + +Another version: + + * []#!/bin/ksh + + # snortstartd: Snort (Re)Starter + + # Dom De Vitto (dom@devitto..com) + + # (original idea by dr@kyx..net & kmaxwell@superpages.com) + + # + + # Note: You'd better get CONF and INTERFACES right or + + # this script will just keep trying to start snort. + + # Path to echo, sed, test, ps, grep, logger, rm, and sleep. + + PATH=$PATH:/usr/bin:/usr/local/bin ; export PATH + + # Point this to your conf file: + + CONF="/usr/local/share/examples/snort/snort.conf" + + # Which interfaces should Snort run on, e.g.: + + INTERFACES="hme0 hme1" + + # Wait this many seconds between checks: + + CHECKEVERY=5 + + # Full path to Snort: + + SNORTBINARY=/usr/local/bin/snort + + while :; do + + for INT in $INTERFACES + + do + + GREPSTRING="`echo $SNORTBINARY -N -D -c $CONF -i $INT|sed + + 's?\/?\\\/?g'`" + + PSCMDLINES=`(ps augxww 2>/dev/null||ps -ef 2>/dev/null) | grep + + "$GREPSTRING"|wc -l` + + if [ $PSCMDLINES = 0 ]; then + + logger -p user.notice -t "$0" "Starting Snort on $INT." + + $SNORTBINARY -N -D -c $CONF -i $INT 2>&1 > /dev/null + + fi + + done + + sleep $CHECKEVERY + + done + +6.21 Why can't snort see one of the 10Mbps or 100Mbps traffic on my autoswitch +hub + +Basically it's a function of the design and all autoswitching hubs will behave +in this way. It's the result of just not being able to stuff all the 100 Mbps +traffic into the 10Mbps CSMA/CD. One solution I use to the problem is these new +cheapie four port switches... put all the 10Mbps on it's own hub/switch/ +whatever and then route that to the 100Mbps hub I use for monitoring but put a +cheapie switch in between that works as an adapter basically mediating the 10 +up to 100 and vice versa. + +The bad thing about hubs that don't have this "feature", is that in order to +support 10bt devices, they throttle the entire hub speed down to 10bt if there +is one or more 10bt only devices hooked up to it. I have seen this behavior +(and did the bandwidth tests to prove it) on old 3com office connect 10/100 +hubs (newer ones do the 2 hubs with a switch thing.) So, the point of what I am +saying is, since these old hubs have no switching capabilities, and they don't +know which port the traffic is supposed to go to (no switch=no arp table), they +have to throttle bandwidth. + +None of the hubs and switches have any significant amount of storage on the +ethernet chip sets, and therefore any non-layer-three box that has 100 -> 10 +capability can only handle small amounts of traffic before the chip set drops +incoming packets on the floor. Guess one might call that throttled bandwidth, +but at the expense of retransmission timeouts and retransmissions at the end +nodes. + +If the box has a backplane, multiple cards and some network management +functions, there is a higher probability the manufacturer has some additional +buffering going on to keep dropped packets from happening on at least small +bursts of traffic. + +In the most generic of terms, if a box supports 100 "full-duplex", then its a +switch (regardless of what the manufacturer calls it). If it supports 100 -> +10, there is 50-50 chance the box has some MAC address awareness. If a box only +supports 10 -> 10 or 100 -> 100, there is a high probability it is not MAC +address aware and therefor functions like a hub. + +Many hubs have different back planes, ie one for 10 one for 100. + +From a definition standpoint, a hub segment whether it be 10 or 100 is a single +broadcast/collision domain. You will not see ANY traffic between segments +without a bridge or layer3 route function between them. + +In a switched environment, typically each port is a separate collision domain +but one big broadcast domain. VLANs can be created in some to separate into +separate broadcast domains and some have built in layer 3 functionality which +basically connects a router into the backplane so that it can route between +vlans at wire speed. + +Think of a switch as a bridge with many ports. (that's what it is). Some +switches support port mirroring or span ports. When you want to "sniff" frames +in a switched environment (beyond just broadcast/multicast traffic) you need to +be able to "see" the unicast traffic (telnet,http for example). You set up a +port to mirror traffic from the ports that have the devices your interested in +to the port you have your analysis device plugged into. Without doing so, you +don't see the unicast conversations because the traffic is getting "switched" +across the backplane so pc on port 1 talks to server on port 2 and no other +ports get this traffic. If server on port 2 broadcasts or multicasts, the +information is flooded out all ports. (multicast can be controlled on some +switches so only those ports that have listening stations get the traffic. Not +all switches have these capabilities. + +An excellent book on the topic is Interconnections by Radia Perlman. (Bridges +and Routers). + +Additional caveat: if you deal with full duplex on a switched port, only a tap +would save you - users have successfully used Shomiti's ones on 100MB FD ports, +and used two Snort instances, capturing traffic on both directions. Port +mirroring didn't work in that case ... + +6.22 Trying to install snort it says: "bad interpreter: No such file or +directory" + +Usually this error comes from editing files on Windows machines. Often it shows +up on the ./configure step. The configure script should be looking for the /bin +/sh shell as its interpreter. If /bin/sh doesn't exist then you'll get this +error. Check that whatever comes after the #! on the first line of configure is +actually there. + +If the file has been edited on a Windows machine it can sometimes Add CR/LF +(VM) characters on the end of each line, so #!/bin/sh becomes #!/bin/shVM and +as the ctrl-v/ctrl-m characters are special, and hidden by default on most +editors, it can create a really hard to find problem. To remove the extra CR +characters that UNIXish machines don't like, simply use the dos2unix command: + + * []dos2unix + +If your OS doesn't have dos2unix, then you can use: + + * []cat | tr -d ``\r'' > + +6.23 I'm not seeing any interfaces listed under Win32. + +The reason you're seeing nothing in the interface list is a WinPcap problem. In +previous versions of WinPcap there is a 1K buffer, which overflows if you have +many interfaces (ie. 10+). This has been replaced with an 8K buffer in more +recent versions of WinPcap. The current snort distribution should already be +linking against the newer WinPcap libraries, which should resolve this problem. +Try obtaining a more recent build of snort. + +6.24 It's not working on Win32, how can I tell if my problem is snort or +WinPcap? + +See if WinDump will work with WinPcap. This should help you isolate which +component is being bogus. + +6.25 I just downloaded a new ruleset and now snort fails complaining about the +rules. + +First, make sure you downloaded the right ruleset for your version of snort. +Snort.org generally hosts a ruleset for the released version of snort, as well +as rules for the development branch and sometimes copies for older versions of +snort. This is generally the case for "unknown keyword in rule" type errors. + +If you have the rules that are correct for your version of snort be aware that +the snort rules tarball contains a snort.conf file. From time to time the +snort.conf included with the rules gets changed as new .rules files are added, +and new variables are added to support a better ruleset. When downloading new +rulesets you should always give the included snort.conf a quick look-over to +see if new includes or vars have been added, or at least be aware you should +consult it if things do not work as expected. This is generally the case if you +get messages indicating that something is undefined in a rule. + +6.26 How do I speed up ACID and MySQL ? + +(ACID FAQ B-10) + +MySQL optimizations Two things for you to check from the ACID faq: + + http://www.andrew.cmu.edu/~rdanyliw/snort/acid_faq.html + + * Compact the tables + + After numerous delete operations, "holes" will occur in the native files + used to store the tables decreasing the speed of the all queries. The + following shell script will examine all the MySQL tables and compact them. + + []for table in `echo show tables|mysql snort|tail +2` + + do + + echo optimize table $table|mysql snort + + done + * Creating indexes + + Some of the required indexes are not created in initial MySQL creation + script. The following indexes can be added to significantly improve + performance: + + tcphdr.tcp_sport + + tcphdr.tcp_dport + + acid_ag_alert.ag_sid + acid_ag_alert.ag_cid + + MySQL can be fast - you just need to have the proper indexing set up. If + you need a good MySQL reference, pick up a copy of Paul DuBois' book, which + is currently the bible for MySQL. O'Reilly also recently released a + reference by Monty and the MySQL AB team. + + The way to check if the indices are already there are with the SHOW INDEX + command. For instance, to check the tcphdr table, you would run: + + []mysql> show index from tcphdr; + + +----+------+------+-------+-------+------+-------+-----+----+-----+ + + | Table | Non_unique | Key_name | Seq_in_index | Column_name | + Collation | Cardinality | Sub_part | Packed | Comment | + + +----+------+------+-------+-------+------+-------+-----+----+-----+ + + | tcphdr | 0 | PRIMARY | 1 | sid | + A | NULL | NULL | NULL | | + + | tcphdr | 0 | PRIMARY | 2 | cid | + A | 2543146 | NULL | NULL | | + + | tcphdr | 1 | tcp_sport | 1 | tcp_sport | + A | NULL | NULL | NULL | | + + | tcphdr | 1 | tcp_dport | 1 | tcp_dport | + A | NULL | NULL | NULL | | + + | tcphdr | 1 | tcp_flags | 1 | tcp_flags | + A | NULL | NULL | NULL | | + + +----+------+------+-------+-------+------+-------+-----+----+-----+ + + 5 rows in set (0.00 sec) + You can see that in this case, the tcphdr.tcp_sport index is in line 3, and + the tcphdr.tcp_dport is in line 4. + + If you need to create the index, you can run: + + []CREATE INDEX idx_tcp_sport ON tcphdr(tcp_sport); + To create a compound index, you would do this: + + []CREATE INDEX idx_cpd_sid_cid ON acid_ag_alert(ag_sid,ag_cid); + If you want to take a closer look at the table structures, you can use the + DESCRIBE command, and pass it the table name: + + [] mysql> DESCRIBE tcphdr; + + +------+-----------+---+---+-----+----+ + + | Field | Type | Null | Key | Default | + Extra | + + +------+-----------+---+---+-----+----+ + + | sid | int(10) unsigned | | PRI | 0 | + | + + | cid | int(10) unsigned | | PRI | 0 | + | + + | tcp_sport | smallint(5) unsigned | | MUL | 0 | + | + + | tcp_dport | smallint(5) unsigned | | MUL | 0 | + | + + | tcp_seq | int(10) unsigned | YES | | NULL | + | + + | tcp_ack | int(10) unsigned | YES | | NULL | + | + + | tcp_off | tinyint(3) unsigned | YES | | NULL | + | + + | tcp_res | tinyint(3) unsigned | YES | | NULL | + | + + | tcp_flags | tinyint(3) unsigned | | MUL | 0 | + | + + | tcp_win | smallint(5) unsigned | YES | | NULL | + | + + | tcp_csum | smallint(5) unsigned | YES | | NULL | + | + + | tcp_urp | smallint(5) unsigned | YES | | NULL | + | + + +------+-----------+---+---+-----+----+ + + 12 rows in set (0.02 sec) + +6.27 Why am I seeing so many "SMTP RCPT TO overflow" alerts ? + +That rule looks for a TCP frame going to your SMTP server which contains more +than 800 bytes of data. Any email can easily set that off if pipelining is +used. SMTP command pipelining allows several command lines lines to be sent as +a single packet without waiting for an OK response. Any good high-volume +mailserver will try to pipeline where possible, resulting in a single TCP frame +containing a series of command lines, each of which is not very long, but in +aggregate easily exceed the 800 byte threshold, particularly if there is a +large recipient list. + +For more info on pipelining: + + http://www.faqs.org/rfcs/rfc1854.html + +If your mailservers are not vulnerable to these overflows you can disable this +rule and regain some peace... + +6.28 I'm getting lots of *ICMP Ping Speedera*, is this bad? + +Quite ordinary. Windows update uses speedera based DNS, among other things. Of +course, if the speedera traffic is coming from a Dialup account (as there have +been reports of) it's likely a hacker tool. ;-) + +6.29 Why are my unified alert times off by +/- N hours? + +Unified log and alert files are stored in UTC. + +6.30 I try to start snort and it gives an error like "ERROR: Unable to open +rules file: /root/.snortrc or /root//root/.snortrc". What can I do to fix this? + +When Snort starts it looks at the command line and checks for "-c /some/path/ +snort.conf". If thats not there, then it will look for the one of the following +files: + + * /etc/snort.conf + * ./snort.conf + * $HOMEDIR/snort.conf + * $HOMEDIR/.snortrc + * ./.snortrc + +Make sure your .conf is in one of those locations and then snort will be able +to find it or use the -c parameter to tell snort the full pathname to the +snort.conf. + + snort -c /usr/local/etc/snort.conf + +7 Development + +7.1 How do you put snort in debug mode? + +In the 1.9 or greater, + +1. ./configure -enable-debug +2. Look up the section of snort you'd like to debug ( look at src/debug.h ) + and add up the constants. For example if you want to debug Portscan2, + + #define DEBUG_PORTSCAN2 0x00080000 /* 524288 / (+ conv2 ) 589824 */ + + To debug both just portscan2, + + export SNORT_DEBUG=524288 + + To debug both portscan2 and conversation: + + export SNORT_DEBUG=589824 + +3. Run snort as normal. You will need to redirect output to a file to cope + with the large amounts of debug output. + +8 Miscellaneous + +8.1 What's this about a snort drinking game? + +:-) Check it out for yourself: + + http://www.theadamsfamily.net/~erek/snort/drinking_game.txt + +About this document ... + +The Snort FAQ + +This document was generated using the LaTeX2HTML translator Version 97.1 +(release) (July 13th, 1997) + +Copyright © 1993, 1994, 1995, 1996, 1997, Nikos Drakos, Computer Based Learning +Unit, University of Leeds. + +The command line arguments were: +latex2html -no_subdir -split 0 -show_section_numbers /tmp/lyx_tmpdir5901fp5901/ +lyx_tmpbuf5901EF5901/faq.tex. + +The translation was initiated by Erek Adams on 4/9/2003 +------------------------------------------------------------------------------- + +Footnotes + +...Shomiti/Finisar + http://www.shomiti.com + +...Netoptics + http://www.netoptics.com/ + +...syslog-ng + http://www.balabit.hu/en/downloads/syslog-ng/ + +...manual + http://www.snort.org/docs/writing_rules/chap2.html#tth_sEc2.2.4 + +------------------------------------------------------------------------------- +next up previous + +Erek Adams +4/9/2003 --- snort-2.3.3.orig/debian/my/snort.ip-up.d +++ snort-2.3.3/debian/my/snort.ip-up.d @@ -0,0 +1,187 @@ +#!/bin/sh -e + +test $DEBIAN_SCRIPT_DEBUG && set -v -x + +# Initial configuration :) +DAEMON=/usr/sbin/snort +NAME=snort +DESC="Network Intrusion Detection System" + +CONFIG=/etc/snort/snort.debian.conf +if [ -r /etc/snort/snort.common.parameters ] ; then + COMMON=`cat /etc/snort/snort.common.parameters` +elif [ -r /etc/default/snort ] ; then +# Only read this if the old configuration is not present + . /etc/default/snort + COMMON="$PARAMS -l $LOGDIR -u $SNORTUSER -g $SNORTGROUP" +fi + +test -x $DAEMON || exit 0 +test -f $CONFIG && . $CONFIG +test "$DEBIAN_SNORT_STARTUP" = "dialup" || exit 0 + +# These are the cases in which this script can run: +# 1) with ppp environment set +# 1.1) from ppp/ip-up +# 1.2) from itself recursive +# 2) without ppp environment set +# 2.1) with saved ppp environment +# 2.1.1) with pppd running: saved ppp environment is valid +# 2.1.2) without pppd running: saved ppp environment is stale +# 2.2) without saved ppp environment +# 2.2.1) with pppd running +# 2.2.2) without pppd running +# +# Behaviour: +# 1.1, 1.2) +# We just trust the environment, assume snort isn't already running, +# overwrite any existing saved ppp environment with a new one +# and leave it at that. +# 2.1.1) +# We start snort with the values from the saved ppp environment. +# 2.1.2) +# We remove the stale saved ppp environment and fall back to 2.2). +# 2.2.1) +# We try to figure out the values that are correct and try +# to start snort. +# 2.2.2) +# We warn and won't start. + +check_log_dir() { +# Does the logging directory belong to Snort? + # If we cannot determine the logdir return without error + # (we will not check it) + # This will only be used by people using /etc/default/snort + [ -n "$LOGDIR" ] || return 0 + [ -n "$SNORTUSER" ] || return 0 + if [ ! -e "$LOGDIR" ] ; then + echo -n "ERR: logging directory $LOGDIR does not exist" + return 1 + elif [ ! -d "$LOGDIR" ] ; then + echo -n "ERR: logging directory $LOGDIR does not exist" + return 1 + else + real_log_user=`stat -c %U $LOGDIR` + # An alternative way is to check if the snort user can create + # a file there... + if [ "$real_log_user" != "$SNORTUSER" ] ; then + echo -n "ERR: logging directory $LOGDIR does not belong to the snort user $SNORTUSER" + return 1 + fi + fi + return 0 +} + +if ! check_log_dir; then + echo "Cannot start $DESC!" + exit 1 +fi + +if ! [ "$DEBIAN_SNORT_RECURSIVE" ]; then + # Acquire lock... + trap 'rm -f /var/run/snort.ppp.lock' 0 + for tries in $(seq 1 10); do + mkfifo /var/run/snort.ppp.lock 2>/dev/null && break + sleep 1 + done + # Now it's locked or timed out. + # In the latter case we assume stale lock. +fi + +# If we are started with ppp environment set... +if [ "$PPPD_PID" -a "$PPP_IFACE" -a "$PPP_LOCAL" ]; then + echo -n "Starting $DESC: $NAME($PPP_IFACE)" + + PIDFILE=/var/run/snort_$PPP_IFACE.pid + ENVFILE=/var/run/snort_$PPP_IFACE.env + + fail="failed (check /var/log/daemon.log)" + /sbin/start-stop-daemon --stop --signal 0 --quiet \ + --pidfile "$PIDFILE" --exec $DAEMON >/dev/null && + fail="already running" + + cd /etc/snort + CONFIGFILE=/etc/snort/snort.$PPP_IFACE.conf + if [ ! -e $CONFIGFILE ]; then + echo "No /etc/snort/snort.$PPP_IFACE.conf, defaulting to snort.conf" + CONFIGFILE=/etc/snort/snort.conf + fi + + # We intentionally set +e here, thus (new) environment is even + # saved, if startup fails - for further startup attempts + set +e + /sbin/start-stop-daemon --start --quiet --pidfile "$PIDFILE" \ + --exec $DAEMON -- $COMMON $DEBIAN_SNORT_OPTIONS \ + -c $CONFIGFILE \ + -S "HOME_NET=[$PPP_LOCAL/32]" \ + -i $PPP_IFACE >/dev/null + ret=$? + set -e + case "$ret" in + 0) + echo "." + ;; + *) + echo "...$fail." + ;; + esac + + echo "PPPD_PID=$PPPD_PID" > "$ENVFILE" + echo "PPP_IFACE=$PPP_IFACE" >> "$ENVFILE" + echo "PPP_LOCAL=$PPP_LOCAL" >> "$ENVFILE" + + exit $ret +fi + +# Else, we are started without ppp environment set... + +DEBIAN_SNORT_RECURSIVE=1 +export DEBIAN_SNORT_RECURSIVE + +# If we have saved environments, check and probably start them... +envpattern=/var/run/snort_*.env + +# If we are requested to start one special environment... +test "$1" -a -z "$2" && envpattern=/var/run/snort_"$1".env + +myret=0 +got_instance=0 +for env in $envpattern; do + # This check is also needed, if the above pattern doesn't match + test -f "$env" || continue; + + . "$env" + + # Prevent endless recursion because of damaged environments + # Check, if the environment is still valid... + if [ "$PPPD_PID" -a "$PPP_IFACE" -a "$PPP_LOCAL" ] && + kill -0 $PPPD_PID 2>/dev/null && + ps -p $PPPD_PID | grep -q pppd; then + got_instance=1 + + export PPPD_PID PPP_IFACE PPP_LOCAL + # Because the starup of this particular environment could + # fail, we guard it + set +e + $0 "$@" + ret=$? + set -e + case "$ret" in + 0) + ;; + *) + myret=$(expr "$myret" + 1) + ;; + esac + else + rm -f "$env" + fi +done + +# If we found no saved environments, we don't need to start anything +if [ "$got_instance" = 0 ]; then + echo "No snort instance found to be started!" >&2 + exit 1 +fi + +exit $myret --- snort-2.3.3.orig/debian/my/lisapaper.txt +++ snort-2.3.3/debian/my/lisapaper.txt @@ -0,0 +1,774 @@ + Snort - Lightweight Intrusion Detection for Networks + + Martin Roesch + Stanford Telecommunications, Inc. + roesch@clark.net + +ABSTRACT + + Network intrusion detection systems (NIDS) are an important part of any +network security architecture. They provide a layer of defense which monitors +network traffic for predefined suspicious activity or patterns, and alert +system administrators when potential hostile traffic is detected. Commercial +NIDS have many differences, but Information Systems departments must face the +commonalities that they share such as significant system footprint, complex +deployment and high monetary cost. Snort was designed to address these issues. + +Introduction + + Snort fills an important "ecological niche" in the the realm of network +security: a cross-platform, lightweight network intrusion detection tool that +can be deployed to monitor small TCP/IP networks and detect a wide variety of +suspicious network traffic as well as outright attacks. It can provide +administrators with enough data to make informed decisions on the proper course +of action in the face of suspicious activity. Snort can also be deployed +rapidly to fill potential holes in a network's security coverage, such as when +a new attack emerges and commercial security vendors are slow to release new +attack recognition signatures. This paper discusses the background of Snort +and its rules-based traffic collection engine, as well as new and different +applications where it can be very useful as a part of an integrated network +security infrastructure. + + Snort is a tool for small, lightly utilized networks. Snort is useful +when it is not cost efficient to deploy commercial NIDS sensors. Modern +commercial intrusion detection systems cost thousands of dollars at minimum, +tens or even hundreds of thousands in extreme cases. Snort is available under +the GNU General Public License [GNU89], and is free for use in any environment, +making the employment of Snort as a network security system more of a network +management and coordination issue than one of affordability. + +What is "lightweight" intrusion detection? + + A lightweight intrusion detection system can easily be deployed on most +any node of a network, with minimal disruption to operations. Lightweight IDS' +should be cross-platform, have a small system footprint, and be easily +configured by system administrators who need to implement a specific security +solution in a short amount of time. They can be any set of software tools +which can be assembled and put into action in response to evolving security +situations. Lightweight IDS' are small, powerful, and flexible enough to be +used as permanent elements of the network security infrastructure. + + Snort is well suited to fill these roles, weighing in at roughly 100 +kilobytes in its compressed source distribution. On most modern architectures +Snort takes only a few minutes to compile and put into place, and perhaps +another ten minutes to configure and activate. Compare this with many +commercial NIDS', which require dedicated platforms and user training to deploy +in a meaningful way. Snort can be configured and left running for long +periods of time without requiring monitoring or administrative maintenance, and +can therefore also be utilized as an integral part of most network security +infrastructures. + +What is Snort? + + Snort is a libpcap-based [PCAP94] packet sniffer and logger that can +be used as a lightweight network intrusion detection system (NIDS). It +features rules based logging to perform content pattern matching and detect +a variety of attacks and probes, such as buffer overflows [ALE96], stealth port +scans, CGI attacks, SMB probes, and much more. Snort has real-time alerting +capability, with alerts being sent to syslog, Server Message Block (SMB) +"WinPopup" messages, or a separate "alert" file. Snort is configured using +command line switches and optional Berkeley Packet Filter [BPF93] commands. +The detection engine is programmed using a simple language that describes per +packet tests and actions. Ease of use simplifies and expedites the development +of new exploit detection rules. For example, when the IIS Showcode [IISBT99] +web exploits were revealed on the Bugtraq mailing list [BTQ99], Snort rules to +detect the probes were available within a few hours. + +Snort vs. The World! + + Snort shares commonalities with both sniffers and NIDS. Two programs +that lend themselves to direct comparison with Snort, tcpdump and Network +Flight Recorder [NFR97], will be examined and contrasted in this section. +In many cases, Snort is financially, technically, and/or adminstratively easier +to implement than other Open Source [OSS98] or commercially available tools. + +How is Snort different from tcpdump? + + Snort is cosmetically similar to tcpdump [TCPD91] but is more focused +on the security applications of packet sniffing. The major feature that Snort +has which tcpdump does not is packet payload inspection. Snort decodes the +application layer of a packet and can be given rules to collect traffic that +has specific data contained within its application layer. This allows Snort to +detect many types of hostile activity, including buffer overflows, CGI scans, +or any other data in the packet payload that can be characterized in a unique +detection fingerprint. + + Another Snort advantage is that its decoded output display is +somewhat more user friendly than tcpdump's output. Snort does not currently +lookup host names or port names while running, which is a function that +tcpdump can perform. Snort is focused on collecting packets as quickly as +possible and processing them in the Snort detection engine. Performing +run-time host name lookup is not conducive to high performance packet +analysis. Figure 1 shows typical Snort output for a telnet banner display, +and Figure 2 shows the same packet as displayed by tcpdump. + + Figure 1 - Typical Snort telnet packet display: +-------------------------------------------------------------------------- +20:59:49.153313 0:10:4B:D:A9:66 -> 0:60:97:7:C2:8E type:0x800 len:0x7D +192.168.1.3:23 -> 192.168.1.4:1031 TCP TTL:64 TOS:0x10 DF +***PA* Seq: 0xDF4A6536 Ack: 0xB3A6FD01 Win: 0x446A +FF FA 22 03 03 E2 03 04 82 0F 07 E2 1C 08 82 04 .."............. +09 C2 1A 0A 82 7F 0B 82 15 0F 82 11 10 82 13 FF ................ +F0 0D 0A 46 72 65 65 42 53 44 20 28 65 6C 72 69 ...FreeBSD (elri +63 2E 68 6F 6D 65 2E 6E 65 74 29 20 28 74 74 79 c.home.net) (tty +70 30 29 0D 0A 0D 0A p0).... +--------------------------------------------------------------------------- + + Figure 2 - The same telnet packet as displayed by tcpdump: +--------------------------------------------------------------------------- +20:59:49.153313 0:10:4b:d:a9:66 0:60:97:7:c2:8e 0800 125: 192.168.1.3.23 > +192.168.1.4.1031: P 76:147(71) ack 194 win 17514 (DF) [tos 0x10] (ttl 64, +id 660) + 4510 006f 0294 4000 4006 b48d c0a8 0103 + c0a8 0104 0017 0407 df4a 6536 b3a6 fd01 + 5018 446a d2ad 0000 fffa 2203 03e2 0304 + 820f 07e2 1c08 8204 09c2 1a0a 827f 0b82 + 150f 8211 1082 13ff f00d 0a46 7265 6542 + 5344 2028 656c 7269 632e 686f 6d65 2e6e + 6574 2920 2874 7479 7030 290d 0a0d 0a +--------------------------------------------------------------------------- + + One powerful feature that Snort and tcpdump share, is the capability +to filter traffic with Berkeley Packet Filter (BPF) commands. This allows +traffic to be collected based upon a variety of specific packet fields. For +example, both tools may be instructed via BPF commands to process TCP traffic +only. While tcpdump would collect all TCP traffic, Snort can utilize its +flexible rules set to perform additional functions, such as searching out and +recording only those packets that have their TCP flags set a particular way or +containing web requests that amount to CGI vulnerability probes. The SHADOW +IDS [SHD98] from the Naval Surface Warfare Center is based on tcpdump and uses +extensive BPF filtering. SHADOW is discussed in more detail near the end of +this paper. + +Snort and NFR + + Perhaps the best comparison of Snort to NFR is the analogy of Snort +as little brother to NFR's college-bound football hero. Snort shares some of +the same concepts of functionality as NFR, but NFR is a more flexible and +complete network analysis tool. That said, the little brother idea could be +extended in that Snort tends to fit into small places and is somewhat more +"nimble" than NFR. For example, NFR's packet filtering n-code language is +a serious, full featured scripting language, while Snort's rules are more one +dimensional. On the other hand, writing a Snort rule to detect a new attack +takes only minutes once the attack signature has been determined. See +Appendix A for an example of a simple web detection rule written in n-code and +the analogous Snort rule. + + NFR also has a more complete feature set than Snort, including IP +fragmentation reassembly and TCP stream decoding. These features are essential +in any commercial product that is meant to perform mission critical intrusion +detection, and NFR was the first product which could defeat anti-NIDS attacks +outlined by Ptacek and Newsham [PTA98]. Presently, Snort does not implement TCP +stream reassembly, but future versions will implement this capability. +Snort currently addresses IP fragmentation with a rule option that sets a +minimum size threshold for fragmented packets. This rule option takes +advantage of the fact that there is virtually no commercial network equipment +on the market that fragments packets smaller than 256-bytes. By setting this +threshold value to some reasonable value, say 128-bytes, fragmented packet +probes and attacks can be logged and alerts can be sent by Snort automatically. +Full IP fragment and TCP stream reassembly and analysis will be addressed in +later versions of Snort. + +Under the Hood + + Snort's architecture is focused on performance, simplicity, and +flexibility. There are three primary subsystems that make up Snort: the +packet decoder, the detection engine, and the logging and alerting subsystem. +These subsystems ride on top of the libpcap promiscuous packet sniffing +library, which provides a portable packet sniffing and filtering capability. +Program configuration, rules parsing, and data structure generation takes place +before the sniffer section is initialized, keeping the amount of per packet +processing to the minimum required to achieve the base program functionality. + +The packet decoder + + The decode engine is organized around the layers of the protocol stack +present in the supported data-link and TCP/IP protocol definitions. Each +subroutine in the decoder imposes order on the packet data by overlaying data +structures on the raw network traffic. These decoding routines are called in +order through the protocol stack, from the data link layer up through the +transport layer, finally ending at the application layer. Speed is emphasized +in this section, and the majority of the functionality of the decoder consists +of setting pointers into the packet data for later analysis by the detection +engine. Snort provides decoding capabilities for Ethernet, SLIP, and raw (PPP) +data-link protocols. ATM support is under development. + +The detection engine + + Snort maintains its detection rules in a two dimensional linked list of +what are termed Chain Headers and Chain Options. These are lists of rules that +have been condensed down to a list of common attributes in the Chain Headers, +with the detection modifier options contained in the Chain Options. For +example, if forty five CGI-BIN probe detection rules are specified in a given +Snort detection library file, they generally all share common source and +destination IP addresses and ports. To speed the detection processing, these +commonalities are condensed into a single Chain Header and then individual +detection signatures are kept in Chain Option structures. + + Figure 3 - Rule Chain logical structure +------------------------------------------------------------------------------- + ------------------------ ------------------------ ----- + | Chain Header | | Chain Header | | Chai + | | | | | + | Source IP Address | | Source IP Address | | Sour + | Destination IP Address |--------->| Destination IP Address |--------->| Dest + | Source Port | | Source Port | | Sour + | Destination Port | | Destination Port | | Dest + | | | | | + ------------------------ ------------------------ ----- + | | + | | + | | + \|/ \|/ + -----------V--------- -----------V--------- + | Chain Option | | Chain Option | + | | | | + | Content | + | TCP Flags | + | ICMP Codes/types | + | Payload Size | + | etc. | + | | + --------------------- + | + | + | + \|/ + -----------V--------- + | Chain Option | + | | + | Content | + | TCP Flags | + | ICMP Codes/types | + | Payload Size | + | etc. | + | | + --------------------- + | + | + +------------------------------------------------------------------------------- + + These rule chains are searched recursively for each packet in both +directions. The detection engine checks only those chain options which have +been set by the rules parser at run-time. The first rule that matches a +decoded packet in the detection engine triggers the action specified in the +rule definition and returns. + + A major overhaul of the detection engine is currently in the planning +and development stage. The next version of the engine will include the +capability for users to write and distribute plug-in modules and bind them to +keywords for the detection engine rules language. This will allow anyone with +an appropriate plug-in module to add significant detection functionality to +Snort and customize the program for specific jobs. + +The logging/alerting subsystem + + The alerting and logging subsystem is selected at run-time with command +line switches. There are currently three logging and five alerting options. +The logging options can be set to log packets in their decoded, human readable +format to an IP-based directory structure, or in tcpdump binary format to a +single log file. The decoded format logging allows fast analysis of data +collected by the system. The tcpdump format is much faster to record to the +disk and should be used in instances where high performance is required. +Logging can also be turned off completely, leaving alerts enabled for even +greater performance improvements. + + Alerts may either be sent to syslog, logged to an alert text file in two +different formats, or sent as WinPopup messages using the Samba smbclient +program. The syslog alerts are sent as security/authorization messages that are +easily monitored with tools such as swatch [SWT93]. WinPopup alerts allow +event notifications to be sent to a user-specified list of Microsoft Windows +consoles running the WinPopup software. There are two options for sending the +alerts to a plain text file; full and fast alerting. Full alerting writes the +alert message and the packet header information through the transport layer +protocol. The fast alert option writes a condensed subset of the header +information to the alert file, allowing greater performance under load than +full mode. There is a fifth option to completely disable alerting, which is +useful when alerting is unnecessary or inappropriate, such as when network +penetrations tests are being performed. + +Writing Snort Rules + + Snort rules are simple to write, yet powerful enough to detect a wide +variety of hostile or merely suspicious network traffic. There are three base +action directives that Snort can use when a packet matches a specified rule +pattern: pass, log, or alert. Pass rules simply drop the packet. Log rules +write the full packet to the logging routine that was user selected at +run-time. Alert rules generate an event notification using the method specified +by the user at the command line, and then log the full packet using the +selected logging mechanism to enable later analysis. + + The most basic rules contain only protocol, direction, and the port of +interest, such as in Figure 4. + + Figure 4 - A simple Snort rule +--------------------------------------------------------------------------- +log tcp any any -> 10.1.1.0/24 79 +--------------------------------------------------------------------------- + +This rule would record all traffic inbound for port 79 (finger) going to +the 10.1.1 class C network address space. + + Snort interprets keywords enclosed in parentheses as "option fields". +Option fields are available for all rule types and may be used to generate +complex behaviors from the program, such as in Figure 5. + + Figure 5 - Options allow increased rule complexity +--------------------------------------------------------------------------- +alert tcp any any -> 10.1.1.0/24 80 (content: "/cgi-bin/phf"; msg: "PHF +probe!";) +--------------------------------------------------------------------------- + +The rule in Figure 5 would detect attempts to access the PHF service on any +of the local network's web servers. If such a packet is detected on the +network, an event notification alert is generated and then the entire packet +is logged via the logging mechanism selected at run-time. + + The rule IP address and port specifiers have several features +available. The CIDR block netmask may be set to any value between one and +thirty-two. Port ranges can be specified using the colon ":" modifier. For +example, to monitor all ports upon which the X Windows service may run +(generally 6000 through 6010), the port range could be specified with the colon +modifier as shown in Figure 6. + + Figure 6 - An example of port ranges +--------------------------------------------------------------------------- +alert tcp any any -> 10.1.1.0/24 6000:6010 (msg: "X traffic";) +--------------------------------------------------------------------------- + + Both ports and IP addresses can be modified to match by exception with +the bang "!" operator, which would be useful in the rule described in Figure 7 +to detect X Windows traffic from sources outside of the network. + + Figure 7 - Matching by exception on the source IP address +--------------------------------------------------------------------------- +alert tcp !10.1.1.0/24 any -> 10.1.1.0/24 6000:6010 (msg: "X traffic";) +--------------------------------------------------------------------------- + +This rule would generate an alert for all traffic originating outside of the +host network that was bound for internal X Windows service ports. + + Snort version 1.2.1 has fourteen option fields available: + + 1. content: Search the packet payload for the a specified pattern. + + 2. flags: Test the TCP flags for specified settings. + + 3. ttl: Check the IP header's time-to-live (TTL) field. + + 4. itype: Match on the ICMP type field. + + 5. icode: Match on the ICMP code field. + + 6. minfrag: Set the threshold value for IP fragment size. + + 7. id: Test the IP header for the specified value. + + 8. ack: Look for a specific TCP header acknowledgement number. + + 9. seq: Log for a specific TCP header sequence number. + + 10. logto: Log packets matching the rule to the specified filename. + + 11. dsize: Match on the size of the packet payload. + + 12. offset: Modifier for the content option, sets the offset into the + packet payload to begin the content search. + + 13. depth: Modifier for the content option, sets the number of bytes + from the start position to search through. + + 14. msg: Sets the message to be sent when a packet generates an event. + + These options may be combined in any manner to detect and classify +packets of interest. The rule options are processed using a logical AND +between them; all of the testing options in a rule must be true in order +for the rule to generate a "found" response and have the program perform the +rule action. + +Rule Development + + Snort is extremely useful for rapidly developing new Snort rules. The +clear and concise manner in which the data is displayed by the tool makes it +perfect for writing new rules. The general method for development consists of +getting the exploit of interest, such as a new buffer overflow, running the +exploit on a test network with Snort recording all traffic between the target +and attack hosts, and then analyzing the data for a unique signature and +condensing that signature into a rule. Figure 8 shows Snort's view of a +notional "IMAP buffer overflow" that has just come into widespread use by the +"script kiddie" community. + + Figure 8 - Notional "IMAP buffer overflow" packet +-------------------------------------------------------------------------- +052499-22:27:58.403313 192.168.1.4:1034 -> 192.168.1.3:143 +TCP TTL:64 TOS:0x0 DF +***PA* Seq: 0x5295B44E Ack: 0x1B4F8970 Win: 0x7D78 +90 90 90 90 90 90 90 90 90 90 90 90 90 90 EB 3B ...............; +5E 89 76 08 31 ED 31 C9 31 C0 88 6E 07 89 6E 0C ^.v.1.1.1..n..n. +B0 0B 89 F3 8D 6E 08 89 E9 8D 6E 0C 89 EA CD 80 .....n....n..... +31 DB 89 D8 40 CD 80 90 90 90 90 90 90 90 90 90 1...@........... +90 90 90 90 90 90 90 90 90 90 90 E8 C0 FF FF FF ................ +2F 62 69 6E 2F 73 68 90 90 90 90 90 90 90 90 90 /bin/sh......... +--------------------------------------------------------------------------- + + The unique signature data in the application layer is the machine +code just prior to the /bin/sh text string, as well as the string itself. +Using this information, a new rule can be developed quickly, such as the one +defined in Figure 9. + + Figure 9 - Alert rule for the new buffer overflow +--------------------------------------------------------------------------- +alert tcp any any -> 192.168.1.0/24 143 (content:"|E8C0 FFFF FF|/bin/sh"; +msg:"New IMAP Buffer Overflow detected!";) +--------------------------------------------------------------------------- + + The content field of the rule contains mixed plain text and hex +formatted bytecode, which is enclosed in pipes. At run-time, this data is +converted into its binary representation, as displayed in the decoded packet +dump in Figure 8, and then stored in an internal list of rules by Snort. Thus, +the rule contained in Figure 9 will raise an alarm any time a packet containing +the "fingerprint" of the new IMAP buffer overflow is detected. + +Writing high performance pattern matching rules + + The current rules system lends itself to high performance under +most conditions, but there are some general concepts that can be applied when +writing Snort rules to keep the processing speeds as high as possible. +Computationally, the content matching option is the most expensive process that +can be performed in the detection engine. Accordingly, it is performed after +all other rule tests. This fact can be used to advantage by specifying other +rule options in combination with the content option. For example, almost all +requests to web servers have their TCP PUSH and ACK flags set. Using this +knowledge, it is relatively easy to write a rule which will perform a simple +TCP flag test before running the far more computationally intensive pattern +match test. + + Other options can be combined with the content rules to limit the +amount of data that must be searched. The offset and depth keywords were made +specifically to fulfill this function. Using these options, the area of the +packet payload to search for an exploit pattern can be localized. Care should +be taken to avoid limiting the search too severely. For example, many buffer +overflows use variable offsets to tune the size and placement of the exploit +machine code. A Snort rule that has been tuned too tightly to key on a +specific area of a packet's payload may overlook the real exploit that has been +shifted to a different area within the packet. On the other hand, web CGI +probes and attacks generally all take place at the beginning of the packet +within the first thirty to fifty bytes. This can be a great place to optimize +Snort content searching. + + The actual search pattern used in the content rule is another area +where performance tuning may take place. Snort uses a Boyer-Moore [SEDG97] +algorithm to perform its pattern matching, which is one of the best algorithms +available for that task. It achieves its greatest efficiency in cases where +the pattern to match consists of non-repeating sets of unique bytes. For +example, the Intel x86 architecture uses the hex value 0x90 to indicate a NOP +in machine code. Buffer overflows generally use large regions of NOPs to pad +the actual exploit code and make the return jump calculations easier for the +exploit programmer. When specifying content match patterns, it is best to +avoid including any NOPs in the match pattern, which will otherwise cause the +Boyer-Moore routine to complete many partial matches before actually finding +the correct match pattern. + +Advanced Snorting + + Snort is a flexible tool with a wide variety of uses. It is intended +to be used in the most classic sense of a network intrusion detection system. +It examines network traffic against a set of rules, and alerts administrators +to suspicious network activity so that they may react appropriately. There are +many other areas where Snort can be useful as well. + +Shoring up commercial IDS' + + Snort can be used to fill holes in commercial vendor's network-based +intrusion detection tools, such as when a new attack makes its debut in the +hacker/cracker community and signature updates are slow to come from the +vendor. In this case, Snort may be used to characterize the new attack by +running it locally on a test network and determining it's signature. Once the +signature is written into a snort rule, the BPF command line filtering may be +used to limit the traffic that Snort analyzes to the service or protocol of +interest. Snort can be used as a very specialized detector for a single attack +or family of attacks in this mode. + + The recent IRDP denial of service attack [IRDP99] revealed by the L0pht +provides a good example of this concept. The same day that the attack was +announced, Snort rules were made available by the user community and these +attacks were detectable. + +Passive traps + + Another application to which Snort is very well suited is as a Honeypot +monitor. Honeypots are programs or computers that are dedicated to the notion +of deceiving hostile parties interested in a network. Most honeypot systems, +for example Fred Cohen & Associates Deception Toolkit [DTK98], record their +data at the server level, with a fake "service", such as an FTP server actually +recording the data sent to it. The problem with that concept is that the +services doing the recording have to be started before they will record +anything. This means that events such as stealth port scans or binary data +streams will be missed or garbled on honeypots that don't perform packet level +monitoring. Another problem is that the data generated by such a system +will tend to be complex by its nature. + + The data coming out of a honeypot requires a skilled analyst to properly +interpret the results. Snort can be a great help to the analyst/administrator +with its packet classification and automatic alerting functionality. With +these capabilities a honeypot can be erected as a stand alone intrusion +detection mechanism. It requires no other monitoring or maintenance because +Snort can be set to record and generate event notification on the first packet +that arrives at the honeypot. + + Snort can be used to implement another concept that is being advocated +today; that of "passive traps" [MJR99]. A passive trap uses the "home field +advantage" that network administrators enjoy when securing their networks. One +aspect of this concept is that administrators know which services are +not available on their networks. Snort rules can be written that watch +for traffic headed for these non-existent services. Packets which are found to +be using these ports may be an indication of port scanning, backdoors, or other +hostile traffic. For example, a network that is not using TFTP can be +configured with Snort alert rules for all packets headed to or from any node on +the network bound for port 69. This can be a good method for detecting covert +communications channels such as Loki or backdoors like Back Orifice. Another +easy concept to implement to set up pass rules for all of the services known to +be running on a network and log inbound connections to other ports or port +ranges. + +Shining some light on SHADOW + + SHADOW is designed to be a cheap alternative to commercial NIDS. As an +aside, SHADOW was probably the first true lightweight intrusion detection +system. tcpdump is used as the sensor in these systems, which are configured +using often extensive BPF commands. All traffic that is not filtered out with +these BPF rules is collected into a single file that can become quite large +over extended periods of time. Once the data is collected by the sensor, it is +post-processed using a variety of external third party tools. There are some +limitations to this system, including a complete lack of real-time alerts and a +lack of good data classification tools to aid the analyst in identifying the +data produced by the sensor. + + Snort uses the same BPF filter language rules as tcpdump, and can +be used as a complete replacement for tcpdump sensors in environments where +SHADOW is the IDS of choice. The advantages of using Snort as a replacement +sensor include real-time automatic traffic classification as it is collected +and real-time alerting. This allows security events to be detected and acted +upon by the administrative staff in a more timely manner and log file sizes to +be reduced significantly. At the same time, Snort can record the data it +collects to tcpdump formatted files so that the data generated by the system +can be post-processed for in depth analysis with existing tools that analysts +are comfortable using. + +Focused monitoring + + "Focused monitoring" is the concept of watching a single critical node +or service on a network for signs of hostile activity. For example, the +Sendmail [ALMN99] SMTP server has an extensive and well known list of +vulnerabilities and exploits. A single Snort sensor could be deployed with a +rule set that covers all known Sendmail attacks and would provide highly +focused monitoring of that specific traffic on the network. These rules could +even be extended to provide a running narrative of all of the commands and +responses into and out of SMTP servers on the defended network. This can make +the network security analysts job somewhat easier by letting the collection +engine (Snort) describe the normal flow of commands and responses as well as +the attacks. + + Focused monitoring can be especially useful in instances where existing +NIDS provide inadequate coverage. For example, a set of rules that monitor SQL +database queries to a web or database server could be developed. This would +provide more complete coverage of CGI and ODBC SQL attacks and probes than any +commercial NIDS on the market today. This concept can be extended to any +network communications technology that is under represented by commercial NIDS. + +Conclusions + +Snort was designed to fulfill the requirements of a prototypical lightweight +network intrusion detection system. It has become a small, flexible, and +highly capable system that is in use around the world on both large and small +networks. It has attained its initial design goals and is a fully capable +alternative to commercial intrusion detection systems in places where it is +cost inefficient to install full featured commercial systems. + + +Availability and Requirements + + Snort will run on any platform where libpcap will run. The current +version of Snort is 1.2.1, and libpcap is required to compile and run the +software. Snort is known to run on RedHat Linux 5.1/5.2/6.0, Debian Linux, +MkLinux, S/Linux, HP-UX, Solaris 2.5.1 - 2.7 (x86 and Sparc), x86 +Free/Net/OpenBSD, M68k NetBSD, and MacOS X. + + Information about snort may be acquired directly from the author's +web site at http://www.clark.net/~roesch/security.html + + Snort may be downloaded from the author's web site at +http://www.clark.net/~roesch/snort-1.2.1.tar.gz + + There is a slowly growing library of Snort rules available at +http://www.clark.net/~roesch/snort-lib + +Acknowledgements + + Snort originally used Mike Borella's ipgrab program as a development +template and example for how to properly code libpcap programs and packet +decoders. ipgrab can be found at http://www.borella.net. Mike's code is an +excellent starting point for any libpcap-based project. + + Ron Gula of Network Security Wizards +provided valuable advice on logging methodologies and some of the initial +program logic, as well as contributing example rules to the system. + + Ken Williams has been fantastically +supportive throughout the development of Snort, providing encouragement and +ideas for additional features as well as providing a friendly forum for the +distribution of Snort. + + The Snort user community has been especially enjoyable to work with, +providing bug reports, ideas for new development directions, and new rules for +the library since the program's initial release. Their support and enthusiasm +has kept this a vital and growing collaborative project far past what I had +imagined was possible! + +References + +[SHD98] SHADOW, Steven Northcutt et al, Naval Surface Warfare Center +Dahlgren Laboratory, 1998. + +[TCPD91] tcpdump, Van Jacobson, Craig Leres and Steven McCanne, Lawrence +Berkeley National Laboratory, 1991. + +[PCAP94] libpcap, Van Jacobson, Craig Leres and Steven McCanne, Lawrence +Berkeley National Laboratory, 1994. + +[DTK98] Deception Toolkit, Fred Cohen & Associates, 1998. + + +[GNU89] GNU General Public License, Richard Stallman, 1989. + + +[BPF93] The BSD Packet Filter: A New Architecture for User-level Packet +Capture, Steven McCanne, Van Jacobson, USENIX Technical Conference +Proceedings, 1993. + +[ALE96] Smashing the Stack for Fun and Profit, Aleph1, Phrack #49, 1996. + + +[BTQ99] Bugtraq Mailing List, archives and vulnerability data base are +available at Security Focus. + + +[IISBT99] NT IIS Showcode ASP Vulnerability (Bugtraq ID #167), +Parcens/L0pht, May 1999. + + +[OSS98] The Cathedral and the Bazaar, Eric S. Raymond, 1998. + + +[FYD97] The Art of Port Scanning, Fyodor, Phrack #51, 1997. + + +[SWT92] Centralized System Monitoring With Swatch, Stephen E. Hansen and +E. Todd Atkins, USENIX Seventh Systems Administration Conference, 1993 + + +[SEDG97] Algorithms in C: Fundamentals, Data Structures, Sorting, Searching, +Robert Sedgewick, Addison-Wesely Publishing Company, 1997 + +[IRDP99] L0pht Security Advisory, Silicosis and Mudge, August 1999 + + +[ALMN99] Sendmail, Eric Allman, 1999 + + +[PTA98] Insertion, Evasion, and Denial of Service: Eluding Network Intrusion +Detection, Thomas Ptacek and Timothy Newsham, Secure Networks Inc, 1998 + + +[MJR99] Burglar Alarms for Detecting Intrusions, Marcus Ranum, NFR Inc, 1999 + + +Author Information + + Martin Roesch is a Network Security Engineer with Stanford +Telecommunications Inc. He holds a B.S. in Computer Engineering from +Clarkson University. He has extensive experience with intrusion detection +systems and has developed several systems professionally. He was a primary +software engineer during the development of GTE Internetworking's Global +Network Infrastructure IDS, and designed and developed GTE's new commercial +honeypot/deception system "Sentinel". He is also a member of the +Trinux Linux Security Toolkit distribution development team. Snort is his +first Open Source Software project, and has been an excellent learning +experience for him. Contact him at . + +Appendix A. + +Sample NFR rule to detect web server CGI probes (n-code sample excerpted from +the L0pht's NFR IDS Modules web page at ). + +--------------------------------------------------------------------------- +badweb_schema = library_schema:new( 1, ["time", "int", + "ip", "ip", "str"], scope()); + +# list of web servers to watch. List IP address of servers or a netmask +# that matches all. use 0.0.0.0:0.0.0.0 to match any server + +da_web_servers = [ 0.0.0.0:0.0.0.0 ] ; + +query_list = [ "/cgi-bin/nph-test-cgi?", + "/cgi-bin/test-cgi?", + "/cgi-bin/perl.exe?", + "/cgi-bin/phf?" + ] ; + +filter bweb tcp ( client, dport: 80 ) +{ + if (! ( tcp.connDst inside da_web_servers) ) + return; + declare $blob inside tcp.connSym; + if ($blob == null) + $blob = tcp.blob; + else + $blob = cat ( $blob, tcp.blob ); + while (1 == 1) { + $x = index( $blob, "\n" ); + if ($x < 0) # break loop if no complete line yet + break; + $t=substr($blob,$x-1,1); # look for cr at end of line + if ($t == '\r') + $t=substr($blob,0,$x-1); # tear off line + else + $t=substr($blob,0,$x); + + $counter=0; + foreach $y inside (query_list) { + $z = index( $blob, $y ); + if ( $z >= 0) { + $counter=1; + # save the time, the connection hash, the client, + # the server, and the command to a histogram + record system.time, tcp.connHash, tcp.connSrc, tcp.connDst, $t to badweb_hist; + + } + } + if ($counter) + break; + } + # keep us from getting flooded if there is no newline in the data + if (strlen($blob) > 4096) + $blob = ""; + + # save the blob for next pass + $blob = substr($blob, $x + 1); + +} + +badweb_hist = recorder ("bin/histogram packages/test/badweb.cfg", + "badweb_schema" ); +--------------------------------------------------------------------------------- + + + +Snort rules to detect the same web CGI probes. +--------------------------------------------------------------------------------- +alert tcp any any -> any 80 (msg:"CGI-nph-tst-cgi"; content:"cgi-bin/nph-test-cgi?"; flags: PA;) +alert tcp any any -> any 80 (msg:"CGI-test-cgi"; content:"cgi-bin/test-cgi?"; flags: PA;) +alert tcp any any -> any 80 (msg:"CGI-perl.exe"; content:"cgi-bin/perl.exe?"; flags: PA;) +alert tcp any any -> any 80 (msg:"CGI-phf"; content:"cgi-bin/phf?"; flags: PA;) +--------------------------------------------------------------------------------- --- snort-2.3.3.orig/debian/my/snort-stat +++ snort-2.3.3/debian/my/snort-stat @@ -0,0 +1,554 @@ +#!/usr/bin/perl +# +# snort_stat.pl is a perl script trying to generate statistical data from every +# day snort log file. +# +# USAGE: cat | snort_stat.pl -r -f -h -t n -l +# -d: debug +# -r: resolve IP address to domain name +# -f: use fixed rather than variable width columns +# -h: produce html output +# -t: threshold +# -a: scan whole file (no date limit) +# -l: limit to entries +# +# or put it in the root's crontab file: +#59 10 * * * root cat /var/log/authlog | /etc/snort_stat.pl | sendmail root +# +# Changelog: +# 2003-01-07, Christian Hammers +# * added option "-l" +# * filtered for yesterdays lines +# * renamed "attacks to events" +# * slightly reformatted. +# 2002-03-20, Yen-Ming Chen +# * initial release +# + +use Getopt::Std; # use Getopt for options +use Socket; # use socket for resolving domain name from IP +use vars qw($opt_r $opt_f $opt_d $opt_h $opt_t $opt_a); +%HOSTS = (); # Hash for IP <-> domain name mapping + +getopts('darfht:l:') || die "Could not getopts"; # get options in command line +$saddr_len = 15; +$daddr_len = 15; +$timeout = 3; # for name resolver +$th = $opt_t || 0; # default threshold +$maxlines = $opt_l || 99999; # no more than opt_l lines per statistic + +# used to filter yesterdays lines as auth.log is rotate weekly only +chomp($yesterday_date_string = `/bin/date -d yesterday +'\%m/\%d-'`); +if ($opt_d) { $yesterday_date_string = "."; } + +# process whatever comes in +while (<>) { + my $alert = {}; + chomp; + # is this line an alert message + if ( $_ =~ /^\[\*\*\]/ ) { + $line = <>; + chomp($line); + unless ( $line eq "" ) { + # strip off the [**] from either end. + s/\s*\[\*\*\]\s*//og; + s/\s*\[[0-9:]+\]\s*//o; + if ($_ =~ /^spp_anomsensor\:[\D]+\:\s([\d\.]+)/ox) { + $alert->{PLUGIN} = "anomsensor"; $alert->{TYPE} = "plugin"; + $alert->{SIG} = $alert->{PLUGIN}; + } elsif ($_ =~ /^spp_portscan\:\sEnd\sof\sportscan\sfrom\s([\d\.]+)/ox) { + $alert->{PLUGIN} = "portscan"; $alert->{TYPE} = "plugin"; + $alert->{SADDR} = $1; $alert->{SIG} = $alert->{PLUGIN}; + process_data($alert); $lastwassnort = 1; next; + } elsif ( $_ =~ /^spp_stream4\:\s(.+)/o ) { + $alert->{SIG} = $1; $alert->{TYPE} = "alert"; + $alert->{PLUGIN} = "stream"; + } elsif ( $_ =~ /[^:]/ox) { + $alert->{SIG} = $_; $alert->{TYPE} = "alert"; + } + if ( $line =~ m/^\[Classification\:([^\]]*)\]\s + \[Priority\:\s(\d+)\]/ox) { + $alert->{CLASS} = $1; $alert->{CONTENT} = $2; $alert->{PRIORITY} = $3; + $line=<>; + } + if ( $line =~ m/^(\d+)\/(\d+)(?:\/\d+)?\-(\d+)\:(\d+)\:(\d+)\.(\d+)\s + ([\d\.]+)[\:]*([\d]*)\s[\-\>]+\s([\d\.]+)[\:]*([\d]*)/ox) { + + next if (!$opt_a && $line =~ /^$yesterday_date_string/); + $alert->{MON} = $1; $alert->{DAY} = $2; $alert->{HOUR} = $3; + $alert->{MIN} = $4; $alert->{SEC} = $5; $alert->{SADDR} = $7; + $alert->{SPORT} = $8; $alert->{DADDR} = $9; $alert->{DPORT} = $10; + $alert->{HOST} = "localhost"; + process_data($alert); $lastwassnort = 1; next; + } + } else { + print STDERR "Warning, file may be incomplete\n"; + next; + } + } + # This is syslog format + if ($_ =~ m/^(\w{3}) \s+ (\d+) \s (\d+)\:(\d+)\:(\d+)\s + (\S+?)\ssnort[\[\d+\]]*\:\s+(.+)/ox + || m/^(\d+)\/(\d+)\-(\d+)\:(\d+)\:(\d+)\.(\d+)\s(.+)/ox) + { + $alert->{MON} = $1; $alert->{DAY} = $2; $alert->{HOUR} = $3; + $alert->{MIN} = $4; $alert->{SEC} = $5; $alert->{HOST} = $6; + $alert->{SIG} = $7; + $alert->{SIG} =~ s/\s*\[[\d\:]+\]\s*//; # Get rid of [343:33:31] + $alert->{SIG} =~ s/\[\*\*\]//og; # Get rid of [**] if fast alert + if ($alert->{SIG} =~ m/spp_portscan\:\sEnd\sof\sportscan\sfrom\s + ([\d\.]+)/ox) { # portscan + $alert->{SADDR} = $1; $alert->{TYPE} = "plugin"; + $alert->{PLUGIN} = "portscan"; + process_data($alert); $lastwassnort = 1; next; + } elsif ( $alert->{SIG} =~ s/\s([\d\.]+)[\:]?([\d]*)\s[\-\>]+\s + ([\d\.]+)[\:]?([\d]*)\s*//x) { + $alert->{SADDR} = $1; $alert->{SPORT} = $2; + $alert->{DADDR} = $3; $alert->{DPORT} = $4; + if ($alert->{SIG} =~ m/spp_anomsensor\:\sAnomaly\sthreshold\s + exceeded\:\s([\d\.]+)/ox) { # spade + $alert->{THR} = $1; $alert->{TYPE} = "plugin"; + $alert->{PLUGIN} = "anomsensor"; + process_data($alert); $lastwassnort = 1; next; + } elsif ($alert->{SIG} =~ s/spp_bo\:\s//ox) { # bo + $alert->{TYPE} = "plugin"; $alert->{PLUGIN} = "bo"; + process_data($alert); $lastwassnort = 1; next; + } elsif ($alert->{SIG} =~ s/spp_stream4\:\s//ox) { # stream4 + $alert->{TYPE} = "plugin"; $alert->{PLUGIN} = "stream"; + process_data($alert); $lastwassnort = 1; next; + } else { # normal alert + if ( $alert->{SIG} =~ s/\[Classification\:([^\[|^\]]*?)\]\s* + (?:\[Priority\:\s(\d+)\])//x ) { + $alert->{CLASS} = $1; $alert->{PRIORITY} = $2; + } + $alert->{TYPE} = "sys"; $alert->{PLUGIN} = "none"; + process_data($alert); $lastwassnort = 1; next; + } + } else { + print STDERR "No source/dest IP address found! Skipped!" if $opt_d; + $alert = {}; next; + } + } + # If a snort message has been repeated several times + elsif ($lastwassnort && $_ =~ m/last message repeated (\d+) times/) { + # put the data in the matrix again for each repeat + $repeats = $1; + while ($repeats) { + push @result, $result[-1]; + $repeats--; + } + next; + } else { + $lastwassnort = 0; + next; + } # Message not related to snort +} + +# begin statistics +# I should've used $#result + 1 as $total in the first version! :( +$total = $#result + 1; + +for $i ( 0 .. $#result ) { + # for the same pair of eventer and victim with same sig + # to see the event pattern + # used in same_event() + $s0{"$result[$i]->[9],$result[$i]->[7],$result[$i]->[6]"}++; + # for the same pair of eventer and victim + # to see how many ways are being tried + # used in same_host_dest() + $s1{"$result[$i]->[7],$result[$i]->[9]"}++; + # from same host use same method to event + # to see how many events launched from one host + # used in same_host_sig() + $s2{"$result[$i]->[6],$result[$i]->[7]"}++; + # to same victim with same method + # to see how many events received by one host + # used in same_dest_sig_stat() + $s3{"$result[$i]->[6],$result[$i]->[9]"}++; + # same signature + # to see the popularity of one event method + # used in event_distribution() + $s4{"$result[$i]->[6]"}++; + # source ip + $s5{"$result[$i]->[7]"}++; + # destination ip + $s6{"$result[$i]->[9]"}++; +} + +# begin report + +exit 0 unless ($total); +print_head(); +print_summary(); +print_menu(); +same_event(); +same_host_dest(); +same_host_sig(); +same_dest_sig_stat(); +event_distribution(); +if ($opt_p) { + portscan(); +} +if ($opt_n) { + anomsensor(); +} +print_footer(); + +# print the header (e.g. for mail) +sub print_head { + my $hostname = `hostname --fqdn`; + chomp($hostname); + if ($opt_h) { + print "\n\n"; + print "Snort Statistics"; + print "\n\n"; + print "

[SNORT] $hostname Statistics

\n"; + } else { + print "Subject: [SNORT] $hostname daily report\n\n"; + } +} + +# print the time of begin and end of the log +sub print_summary { + if ($opt_h) { + print "\n"; + print "\n"; + print "\n"; + print "\n"; + print "\n"; + print "\n"; + print "\n"; + print "\n"; + print "\n"; + print "\n" if $opt_p; + print "\n" if $opt_n; + print "
The log begins at:$result[0]->[0] $result[0]->[1] $result[0]->[2]:$result[0]->[3]:$result[0]->[4]
The log ends at:$result[$#result]->[0] $result[$#result]->[1] $result[$#result]->[2]:$result[$#result]->[3]:$result[$#result]->[4]
Total events: $total
Signatures recorded: ". keys(%s4) ."
Source IP recorded: ". keys(%s5) ."
Destination IP recorded: ". keys(%s6) ."
Portscan detected: ", eval '$#posres +1',"
Anomaly detected: ", eval '$#anores +1',"
\n"; + print "
\n"; + } else { + print "Events between $result[0]->[0] $result[0]->[1] ". + "$result[0]->[2]:$result[0]->[3]:$result[0]->[4] and ". + "$result[$#result]->[0] $result[$#result]->[1] ". + "$result[$#result]->[2]:$result[$#result]->[3]:$result[$#result]->[4]\n"; + print "Total events: $total\n"; + print "Signatures recorded: ". keys(%s4) ."\n"; + print "Source IP recorded: ". keys(%s5) ."\n"; + print "Destination IP recorded: ". keys(%s6) ."\n"; + print "Portscan recorded: ", eval '$#posres +1',"\n" if $opt_p; + print "Anomaly recorded: ", eval '$#anores +1',"\n" if $opt_n; + } +} + +# print menu for HTML page +sub print_menu { + if ($opt_h) { + print "
\n"; + } +} + +# to see the frequency of the event from a certain pair of +# host and destination +sub same_event { + if ($opt_h) { + print "

Number of event from same host to same destination using same method

\n"; + print "\n"; + print ""; + foreach $k (sort { $s0{$b} <=> $s0{$a} } keys %s0) { + @_ = split ",",$k; + print " + \n" if $s0{$k} > $th; + } + print "
# of eventsfromtowith
$s0{$k}$_[1]$_[0]".printHref($_[2])."
Top
\n"; + } else { + section_header("Events from same host to same destination using same method\n", "asdm"); + foreach $k ((sort { $s0{$b} <=> $s0{$a} } keys %s0)[0..$maxlines]) { + @_ = split ",",$k; + printf(" %4d %-${saddr_len}s %-${daddr_len}s %-20s\n", + $s0{$k},$_[1],$_[0],$_[2]) if $s0{$k} > $th; + } + } +} + +# to see the percentage and number of events from a host to a destination +sub same_host_dest { + if ($opt_h) { + print "

Percentage and number of events from a host to a destination

\n"; + print "\n"; + print "\n"; + foreach $k (sort { $s1{$b} <=> $s1{$a} } keys %s1) { + @_ = split ",",$k; + printf(" +
%# of eventsfromto
%-2.2f%-2d%-20s%-20s\n",$s1{$k}/$total*100,$s1{$k},$_[0],$_[1]) if $s1{$k} > $th; + } + print "
Top
\n"; + } else { + section_header("Percentage and number of events from a host to a destination\n", "pasd"); + foreach $k ((sort { $s1{$b} <=> $s1{$a} } keys %s1)[0..$maxlines]) { + @_ = split ",",$k; + printf("%5.2f %4d %-${saddr_len}s %-${daddr_len}s\n", + $s1{$k}/$total*100, $s1{$k},$_[0],$_[1]) if $s1{$k} > $th; + } + } +} + +# to see how many events launched from one host +sub same_host_sig { + if ($opt_h) { + print "

Percentage and number of events from one host to any with same method

\n"; + print "\n"; + print "\n"; + foreach $k (sort { $s2{$b} <=> $s2{$a} } keys %s2) { + @_ = split ",",$k; + printf(" + \n",$s2{$k}/$total*100,$s2{$k},$_[1],&printHref($_[0])) if $s2{$k} > $th; + } + print "
%# of eventsfromtype
%-2.2f%-4d%-20s%-28s
Top
\n"; + } else { + section_header("Percentage and number of events from one host to any with same method\n", "pasm"); + foreach $k ((sort { $s2{$b} <=> $s2{$a} } keys %s2)[0..$maxlines]) { + @_ = split ",",$k; + printf("%5.2f %4d %-${saddr_len}s %-28s\n", + $s2{$k}/$total*100, $s2{$k},$_[1],$_[0]) if $s2{$k} > $th; + } + } +} + +# to see how many events received by one host (destination correlated) +sub same_dest_sig_stat { + if ($opt_h) { + print "

Percentage and number of events to one certain host

\n"; + print "\n"; + print "\n"; + foreach $k (sort { $s3{$b} <=> $s3{$a} } keys %s3) { + @_ = split ",",$k; + printf("
%# of eventstotype
%-2.2f%-4d%-25s%-28s\n",$s3{$k}/$total*100,$s3{$k},$_[1],&printHref($_[0])) if $s3{$k} > $th; + } + print "
Top
\n"; + } else { + section_header("Percentage and number of events to one certain host\n", "padm"); + foreach $k ((sort { $s3{$b} <=> $s3{$a} } keys %s3)[0..$maxlines]) { + @_ = split ",",$k; + printf("%5.2f %4d %-${daddr_len}s %-28s\n", + $s3{$k}/$total*100, $s3{$k}, $_[1], $_[0]) if $s3{$k} > $th; + } + } +} + +# to see the popularity of one event method +sub event_distribution { + if ($opt_h) { + print "

Distribution of event methods

\n"; + print "\n"; + print "\n"; + foreach $k (sort { $s4{$b} <=> $s4{$a} } keys %s4) { + @p1 = split ":",$k; + if ($s4{$k} > $th) { + printf(" + \n", $s4{$k}/$total*100,$s4{$k},&printHref($p1[0])); + foreach $k2 (sort { $s0{$b} <=> $s0{$a} } keys %s0) { + @p2 = split ",",$k2; + printf("\n", $s0{$k2}, join(" -> ", $p2[1],$p2[0])) if $p1[0] eq $p2[2]; + } + } + } + print "
%# of eventsmethods
%-2.2f%-4d%-32s
%-4d%-32s
Top
\n"; + } else { + section_header("The distribution of event methods\n", "pam"); + foreach $k ((sort { $s4{$b} <=> $s4{$a} } keys %s4)[0..$maxlines]) { + @p1 = split ":",$k; + if ($s4{$k} > $th) { + printf("%5.2f %4d %-32s\n", $s4{$k}/$total*100,$s4{$k},$p1[0]); + foreach $k2 (sort { $s0{$b} <=> $s0{$a} } keys %s0) { + @p2 = split ",",$k2; + printf("\t\t %-4d %-${saddr_len}s -> %-${daddr_len}s\n", $s0{$k2}, $p2[1],$p2[0]) if $p1[0] eq $p2[2]; + } + } + } + } +} + +# portscan (if enable -p switch) +# Please use '-A fast' to generate the log, so portscan() can process it. +# contributed by: Paul Bobby, +# Jian-Da Li, +sub portscan { + my (%s7, %s8); + # to see how many times a host performs portscan + # used in portscan() + for $i (0 .. $#posres) { + $s7{"$posres[$i]->[0]"}++; + } + if ($opt_h) { + print "

Portscans performed to/from HOME_NET

\n"; + print "\n"; + print "\n"; + foreach $k (sort { $s7{$b} <=> $s7{$a} } keys %s7) { + print "\n" if $s7{$k} > $th; + } + print "
Scan AttemptsSource Address
$s7{$k}$k
Top
\n"; + } else { + section_header("Portscans performed to/from HOME_NET\n", "as"); + foreach $k ((sort { $s7{$b} <=> $s7{$a} } keys %s7)[0..$maxlines]) { + printf(" %4d %-${saddr_len}s\n", $s7{$k},$k) if $s7{$k} > $th; + } + } +} + +# anomsensor (if enable -n switch) +# This function process data generated by spp_anomsensor plug-in (SPADE) +# By Yen-Ming Chen +sub anomsensor { + my (%s7); + # to see how many times a host performs portscan + # used in anomsensor() + for $i (0 .. $#anores) { + $s7{"$anores[$i]->[1],$anores[$i]->[3],$anores[$i]->[4]"}++; + } + if ($opt_h) { + print "

Anomaly detected by SPADE

\n"; + print "\n"; + print "\n"; + foreach $k (sort { $s7{$b} <=> $s7{$a} } keys %s7) { + @_ = split(/,/,$k); + print "\n" if $s7{$k} > $th; + } + print "
Scan AttemptsSource AddressDestination AddressDestination Ports
$s7{$k}$_[0]$_[1]$_[2]
Top
\n"; + } else { + section_header("Anomaly detected by SPADE\n", "asdo"); + foreach $k ((sort { $s7{$b} <=> $s7{$a} } keys %s7)[0..$maxlines]) { + @_ = split(/,/,$k); + printf(" %-4d %-${saddr_len}s %-${daddr_len}s\t%-6d\n", $s7{$k},$_[0],$_[1],$_[2]) if $s7{$k} > $th; + } + } +} + +# print the footer (needed for html) +sub print_footer { + if ($opt_h) { + print "Generated by snort_stat.pl\n"; + print "\n\n"; + } +} + +# +# resolve host name and cache it +# contributed by: Angelos Karageorgiou, +# edited by: $Author: ssmeenk $ +# +sub resolve { + local ($mname, $miaddr, $mhost = shift); + $miaddr = inet_aton($mhost); + if (!$HOSTS{$mhost}) { + $mname =""; + eval { + local $SIG{ALRM} = sub {die "alarm\n" }; # NB \n required + alarm $timeout; + $mname = gethostbyaddr($miaddr, AF_INET); + alarm 0; + }; + die if $@ && $@ ne "alarm\n"; # propagate errors + if ($mname =~ /^$/) { + $mname = $mhost; + } + $HOSTS{$mhost} = $mname; + } + return $HOSTS{$mhost}; +} + +# Use a title and a short code to write the section headers +# This is used in place of a FORMAT as this allows variable column widths +# contributed by: Ned Patterson, +# +# Usage: section_header($title, $format); +# +# Format: "pasdom" +# p percentage of events +# a number of events +# s source host +# d destination host +# o home net +# m method used +# +sub section_header { + my $linelength; + $title = shift; + $_ = shift; + print("\n\n$title"); + # constant for method length for now + $linelength = (/p/?7:0) + + (/a/?20:0) + + (/s/?$saddr_len:0) + + (/d/?$daddr_len+3:0) + + (/m/?20:0); + print( '=' x $linelength, "\n"); + print(" % ") if (s/^p([asdm]*)/$1/); + print(" # of ") if (s/^a([sdm]*)/$1/); + printf("%-${saddr_len}s ", "from") if (s/^s([dm]*)/$1/); + printf("%-${daddr_len}s ", "to" ) if (s/^d(m*)/$1/); + printf("%-5s ", "ports" ) if (s/^o(m*)/$1/); + print("method") if (/^m/); + print("\n"); + + print( '=' x $linelength, "\n"); +} + +# Put data $alert into matrix for further process +# INPUT: $alert +sub process_data() { + $self = shift; + # if the resolve switch is on + if ($opt_r) { + $self->{SADDR} = resolve($self->{SADDR}); + unless ($opt_f) { + if ( length($self->{SADDR}) > $saddr_len ) { + $saddr_len = length($self->{SADDR}); + } + } + $self->{DADDR} = resolve($self->{DADDR}); + unless ($opt_f) { + if ( length($self->{DADDR}) > $daddr_len ) { + $daddr_len = length($self->{DADDR}); + } + } + } + # put those data into a big matrix + if ($self->{PLUGIN} eq "anomsensor") { + push @anores , [$self->{THR},$self->{SADDR},$self->{SPORT}, + $self->{DADDR},$self->{DPORT}]; + $opt_n = 1; + } elsif ($self->{PLUGIN} eq "portscan") { + push @posres , [$self->{SADDR}]; + $opt_p = 1; + } elsif ($self->{TYPE} eq "sys" || $self->{TYPE} eq "alert" || + $self->{PLUGIN} eq "stream" || $self->{PLUGIN} eq "bo" ) { + $self->{SIG} =~ s/\:$//o; + push @result ,[$self->{MON},$self->{DAY},$self->{HOUR},$self->{MIN}, + $self->{SEC},$self->{HOST},$self->{SIG},$self->{SADDR}, + $self->{SPORT},$self->{DADDR},$self->{DPORT}]; + $lastwassnort = 1; + } else { + print STDERR "Unknown alert type/plugin! $self->{TYPE}:$self->{PLUGIN} Skipped!\n"; + return; + } + 1; +} + +# Turn IDS into the link to whitehats +sub printHref +{ + my $type = $_[0]; + + if ($type =~ /\A\s*(IDS\d+)\//) + { + return "$type"; + } + return $type; +} --- snort-2.3.3.orig/Makefile.in +++ snort-2.3.3/Makefile.in @@ -1,8 +1,8 @@ -# Makefile.in generated by automake 1.6.3 from Makefile.am. +# Makefile.in generated by automake 1.9.6 from Makefile.am. # @configure_input@ -# Copyright 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002 -# Free Software Foundation, Inc. +# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +# 2003, 2004, 2005 Free Software Foundation, Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -13,120 +13,197 @@ # PARTICULAR PURPOSE. @SET_MAKE@ -SHELL = @SHELL@ - srcdir = @srcdir@ top_srcdir = @top_srcdir@ VPATH = @srcdir@ -prefix = @prefix@ -exec_prefix = @exec_prefix@ - -bindir = @bindir@ -sbindir = @sbindir@ -libexecdir = @libexecdir@ -datadir = @datadir@ -sysconfdir = @sysconfdir@ -sharedstatedir = @sharedstatedir@ -localstatedir = @localstatedir@ -libdir = @libdir@ -infodir = @infodir@ -mandir = @mandir@ -includedir = @includedir@ -oldincludedir = /usr/include pkgdatadir = $(datadir)/@PACKAGE@ pkglibdir = $(libdir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ top_builddir = . - -ACLOCAL = @ACLOCAL@ -AUTOCONF = @AUTOCONF@ -AUTOMAKE = @AUTOMAKE@ -AUTOHEADER = @AUTOHEADER@ - am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd INSTALL = @INSTALL@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_DATA = @INSTALL_DATA@ install_sh_DATA = $(install_sh) -c -m 644 install_sh_PROGRAM = $(install_sh) -c install_sh_SCRIPT = $(install_sh) -c -INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_HEADER = $(INSTALL_DATA) -transform = @program_transform_name@ +transform = $(program_transform_name) NORMAL_INSTALL = : PRE_INSTALL = : POST_INSTALL = : NORMAL_UNINSTALL = : PRE_UNINSTALL = : POST_UNINSTALL = : -host_alias = @host_alias@ +build_triplet = @build@ host_triplet = @host@ - -EXEEXT = @EXEEXT@ -OBJEXT = @OBJEXT@ -PATH_SEPARATOR = @PATH_SEPARATOR@ +DIST_COMMON = $(am__configure_deps) $(srcdir)/Makefile.am \ + $(srcdir)/Makefile.in $(srcdir)/config.h.in \ + $(top_srcdir)/configure COPYING ChangeLog config.guess \ + config.sub depcomp install-sh missing mkinstalldirs +subdir = . +ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 +am__aclocal_m4_deps = $(top_srcdir)/configure.in +am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ + $(ACLOCAL_M4) +am__CONFIG_DISTCLEAN_FILES = config.status config.cache config.log \ + configure.lineno configure.status.lineno +mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs +CONFIG_HEADER = config.h +CONFIG_CLEAN_FILES = +depcomp = +am__depfiles_maybe = +SOURCES = +DIST_SOURCES = +RECURSIVE_TARGETS = all-recursive check-recursive dvi-recursive \ + html-recursive info-recursive install-data-recursive \ + install-exec-recursive install-info-recursive \ + install-recursive installcheck-recursive installdirs-recursive \ + pdf-recursive ps-recursive uninstall-info-recursive \ + uninstall-recursive +man8dir = $(mandir)/man8 +am__installdirs = "$(DESTDIR)$(man8dir)" +NROFF = nroff +MANS = $(man_MANS) +ETAGS = etags +CTAGS = ctags +DIST_SUBDIRS = $(SUBDIRS) +DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) +distdir = $(PACKAGE)-$(VERSION) +top_distdir = $(distdir) +am__remove_distdir = \ + { test ! -d $(distdir) \ + || { find $(distdir) -type d ! -perm -200 -exec chmod u+w {} ';' \ + && rm -fr $(distdir); }; } +DIST_ARCHIVES = $(distdir).tar.gz +GZIP_ENV = --best +distuninstallcheck_listfiles = find . -type f -print +distcleancheck_listfiles = find . -type f -print +ACLOCAL = @ACLOCAL@ +AMDEP_FALSE = @AMDEP_FALSE@ +AMDEP_TRUE = @AMDEP_TRUE@ AMTAR = @AMTAR@ +AUTOCONF = @AUTOCONF@ +AUTOHEADER = @AUTOHEADER@ +AUTOMAKE = @AUTOMAKE@ AWK = @AWK@ CC = @CC@ +CCDEPMODE = @CCDEPMODE@ +CFLAGS = @CFLAGS@ +CPP = @CPP@ +CPPFLAGS = @CPPFLAGS@ +CYGPATH_W = @CYGPATH_W@ +DEFS = @DEFS@ DEPDIR = @DEPDIR@ - +ECHO_C = @ECHO_C@ +ECHO_N = @ECHO_N@ +ECHO_T = @ECHO_T@ +EGREP = @EGREP@ +EXEEXT = @EXEEXT@ INCLUDES = @INCLUDES@ +INSTALL_DATA = @INSTALL_DATA@ +INSTALL_PROGRAM = @INSTALL_PROGRAM@ +INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +LDFLAGS = @LDFLAGS@ +LIBOBJS = @LIBOBJS@ +LIBS = @LIBS@ +LTLIBOBJS = @LTLIBOBJS@ +MAINT = @MAINT@ +MAINTAINER_MODE_FALSE = @MAINTAINER_MODE_FALSE@ +MAINTAINER_MODE_TRUE = @MAINTAINER_MODE_TRUE@ +MAKEINFO = @MAKEINFO@ +OBJEXT = @OBJEXT@ PACKAGE = @PACKAGE@ +PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +PACKAGE_NAME = @PACKAGE_NAME@ +PACKAGE_STRING = @PACKAGE_STRING@ +PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_VERSION = @PACKAGE_VERSION@ +PATH_SEPARATOR = @PATH_SEPARATOR@ RANLIB = @RANLIB@ +SET_MAKE = @SET_MAKE@ +SHELL = @SHELL@ STRIP = @STRIP@ VERSION = @VERSION@ +ac_ct_CC = @ac_ct_CC@ +ac_ct_RANLIB = @ac_ct_RANLIB@ +ac_ct_STRIP = @ac_ct_STRIP@ +am__fastdepCC_FALSE = @am__fastdepCC_FALSE@ +am__fastdepCC_TRUE = @am__fastdepCC_TRUE@ am__include = @am__include@ +am__leading_dot = @am__leading_dot@ am__quote = @am__quote@ +am__tar = @am__tar@ +am__untar = @am__untar@ +bindir = @bindir@ +build = @build@ +build_alias = @build_alias@ +build_cpu = @build_cpu@ +build_os = @build_os@ +build_vendor = @build_vendor@ +datadir = @datadir@ +exec_prefix = @exec_prefix@ extra_incl = @extra_incl@ +host = @host@ +host_alias = @host_alias@ +host_cpu = @host_cpu@ +host_os = @host_os@ +host_vendor = @host_vendor@ +includedir = @includedir@ +infodir = @infodir@ install_sh = @install_sh@ +libdir = @libdir@ +libexecdir = @libexecdir@ +localstatedir = @localstatedir@ +mandir = @mandir@ +mkdir_p = @mkdir_p@ +oldincludedir = @oldincludedir@ +prefix = @prefix@ +program_transform_name = @program_transform_name@ +sbindir = @sbindir@ +sharedstatedir = @sharedstatedir@ +sysconfdir = @sysconfdir@ +target_alias = @target_alias@ AUTOMAKE_OPTIONS = foreign no-dependencies -SUBDIRS = src doc etc rules templates contrib schemas rpm - +SUBDIRS = src etc rules templates contrib schemas rpm EXTRA_DIST = ChangeLog snort.8 LICENSE verstuff.pl RELEASE.NOTES - man_MANS = snort.8 - DISTCLEANFILES = stamp-h.in -subdir = . -ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs -CONFIG_HEADER = config.h -CONFIG_CLEAN_FILES = -depcomp = -am__depfiles_maybe = -DIST_SOURCES = - -NROFF = nroff -MANS = $(man_MANS) - -RECURSIVE_TARGETS = info-recursive dvi-recursive install-info-recursive \ - uninstall-info-recursive all-recursive install-data-recursive \ - install-exec-recursive installdirs-recursive install-recursive \ - uninstall-recursive check-recursive installcheck-recursive -DIST_COMMON = COPYING ChangeLog Makefile.am Makefile.in aclocal.m4 \ - config.guess config.h.in config.sub configure configure.in \ - depcomp install-sh missing mkinstalldirs -DIST_SUBDIRS = $(SUBDIRS) all: config.h $(MAKE) $(AM_MAKEFLAGS) all-recursive .SUFFIXES: - -am__CONFIG_DISTCLEAN_FILES = config.status config.cache config.log \ - configure.lineno -$(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) +am--refresh: + @: +$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps) + @for dep in $?; do \ + case '$(am__configure_deps)' in \ + *$$dep*) \ + echo ' cd $(srcdir) && $(AUTOMAKE) --foreign '; \ + cd $(srcdir) && $(AUTOMAKE) --foreign \ + && exit 0; \ + exit 1;; \ + esac; \ + done; \ + echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign Makefile'; \ cd $(top_srcdir) && \ $(AUTOMAKE) --foreign Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - cd $(top_builddir) && $(SHELL) ./config.status $@ $(am__depfiles_maybe) +.PRECIOUS: Makefile +Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status + @case '$?' in \ + *config.status*) \ + echo ' $(SHELL) ./config.status'; \ + $(SHELL) ./config.status;; \ + *) \ + echo ' cd $(top_builddir) && $(SHELL) ./config.status $@ $(am__depfiles_maybe)'; \ + cd $(top_builddir) && $(SHELL) ./config.status $@ $(am__depfiles_maybe);; \ + esac; -$(top_builddir)/config.status: $(srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) +$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) $(SHELL) ./config.status --recheck -$(srcdir)/configure: $(srcdir)/configure.in $(ACLOCAL_M4) $(CONFIGURE_DEPENDENCIES) - cd $(srcdir) && $(AUTOCONF) -$(ACLOCAL_M4): configure.in +$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) + cd $(srcdir) && $(AUTOCONF) +$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) cd $(srcdir) && $(ACLOCAL) $(ACLOCAL_AMFLAGS) config.h: stamp-h1 @@ -138,19 +215,17 @@ stamp-h1: $(srcdir)/config.h.in $(top_builddir)/config.status @rm -f stamp-h1 cd $(top_builddir) && $(SHELL) ./config.status config.h - -$(srcdir)/config.h.in: $(top_srcdir)/configure.in $(ACLOCAL_M4) +$(srcdir)/config.h.in: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) cd $(top_srcdir) && $(AUTOHEADER) - touch $(srcdir)/config.h.in + rm -f stamp-h1 + touch $@ distclean-hdr: -rm -f config.h stamp-h1 uninstall-info-am: - -man8dir = $(mandir)/man8 install-man8: $(man8_MANS) $(man_MANS) @$(NORMAL_INSTALL) - $(mkinstalldirs) $(DESTDIR)$(man8dir) + test -z "$(man8dir)" || $(mkdir_p) "$(DESTDIR)$(man8dir)" @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ for i in $$l2; do \ @@ -169,8 +244,8 @@ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ inst=`echo $$inst | sed -e 's/^.*\///'`; \ inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " $(INSTALL_DATA) $$file $(DESTDIR)$(man8dir)/$$inst"; \ - $(INSTALL_DATA) $$file $(DESTDIR)$(man8dir)/$$inst; \ + echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \ + $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst"; \ done uninstall-man8: @$(NORMAL_UNINSTALL) @@ -183,11 +258,15 @@ done; \ for i in $$list; do \ ext=`echo $$i | sed -e 's/^.*\\.//'`; \ + case "$$ext" in \ + 8*) ;; \ + *) ext='8' ;; \ + esac; \ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ inst=`echo $$inst | sed -e 's/^.*\///'`; \ inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " rm -f $(DESTDIR)$(man8dir)/$$inst"; \ - rm -f $(DESTDIR)$(man8dir)/$$inst; \ + echo " rm -f '$(DESTDIR)$(man8dir)/$$inst'"; \ + rm -f "$(DESTDIR)$(man8dir)/$$inst"; \ done # This directory's subdirectories are mostly independent; you can cd @@ -197,7 +276,13 @@ # (which will cause the Makefiles to be regenerated when you run `make'); # (2) otherwise, pass the desired values on the `make' command line. $(RECURSIVE_TARGETS): - @set fnord $$MAKEFLAGS; amf=$$2; \ + @failcom='exit 1'; \ + for f in x $$MAKEFLAGS; do \ + case $$f in \ + *=* | --[!k]*);; \ + *k*) failcom='fail=yes';; \ + esac; \ + done; \ dot_seen=no; \ target=`echo $@ | sed s/-recursive//`; \ list='$(SUBDIRS)'; for subdir in $$list; do \ @@ -209,7 +294,7 @@ local_target="$$target"; \ fi; \ (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \ - || case "$$amf" in *=*) exit 1;; *k*) fail=yes;; *) exit 1;; esac; \ + || eval $$failcom; \ done; \ if test "$$dot_seen" = "no"; then \ $(MAKE) $(AM_MAKEFLAGS) "$$target-am" || exit 1; \ @@ -217,7 +302,13 @@ mostlyclean-recursive clean-recursive distclean-recursive \ maintainer-clean-recursive: - @set fnord $$MAKEFLAGS; amf=$$2; \ + @failcom='exit 1'; \ + for f in x $$MAKEFLAGS; do \ + case $$f in \ + *=* | --[!k]*);; \ + *k*) failcom='fail=yes';; \ + esac; \ + done; \ dot_seen=no; \ case "$@" in \ distclean-* | maintainer-clean-*) list='$(DIST_SUBDIRS)' ;; \ @@ -238,17 +329,16 @@ local_target="$$target"; \ fi; \ (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \ - || case "$$amf" in *=*) exit 1;; *k*) fail=yes;; *) exit 1;; esac; \ + || eval $$failcom; \ done && test -z "$$fail" tags-recursive: list='$(SUBDIRS)'; for subdir in $$list; do \ test "$$subdir" = . || (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) tags); \ done - -ETAGS = etags -ETAGSFLAGS = - -tags: TAGS +ctags-recursive: + list='$(SUBDIRS)'; for subdir in $$list; do \ + test "$$subdir" = . || (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) ctags); \ + done ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ @@ -258,14 +348,23 @@ $(AWK) ' { files[$$0] = 1; } \ END { for (i in files) print i; }'`; \ mkid -fID $$unique +tags: TAGS TAGS: tags-recursive $(HEADERS) $(SOURCES) config.h.in $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) tags=; \ here=`pwd`; \ + if ($(ETAGS) --etags-include --version) >/dev/null 2>&1; then \ + include_option=--etags-include; \ + empty_fix=.; \ + else \ + include_option=--include; \ + empty_fix=; \ + fi; \ list='$(SUBDIRS)'; for subdir in $$list; do \ if test "$$subdir" = .; then :; else \ - test -f $$subdir/TAGS && tags="$$tags -i $$here/$$subdir/TAGS"; \ + test ! -f $$subdir/TAGS || \ + tags="$$tags $$include_option=$$here/$$subdir/TAGS"; \ fi; \ done; \ list='$(SOURCES) $(HEADERS) config.h.in $(LISP) $(TAGS_FILES)'; \ @@ -274,8 +373,24 @@ done | \ $(AWK) ' { files[$$0] = 1; } \ END { for (i in files) print i; }'`; \ - test -z "$(ETAGS_ARGS)$$tags$$unique" \ - || $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$tags $$unique; \ + fi +ctags: CTAGS +CTAGS: ctags-recursive $(HEADERS) $(SOURCES) config.h.in $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + tags=; \ + here=`pwd`; \ + list='$(SOURCES) $(HEADERS) config.h.in $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) ' { files[$$0] = 1; } \ + END { for (i in files) print i; }'`; \ + test -z "$(CTAGS_ARGS)$$tags$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ $$tags $$unique GTAGS: @@ -284,29 +399,23 @@ && gtags -i $(GTAGS_ARGS) $$here distclean-tags: - -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) - -top_distdir = . -distdir = $(PACKAGE)-$(VERSION) - -am__remove_distdir = \ - { test ! -d $(distdir) \ - || { find $(distdir) -type d ! -perm -200 -exec chmod u+w {} ';' \ - && rm -fr $(distdir); }; } - -GZIP_ENV = --best -distcleancheck_listfiles = find . -type f -print + -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags distdir: $(DISTFILES) $(am__remove_distdir) mkdir $(distdir) - @list='$(DISTFILES)'; for file in $$list; do \ + @srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; \ + topsrcdirstrip=`echo "$(top_srcdir)" | sed 's|.|.|g'`; \ + list='$(DISTFILES)'; for file in $$list; do \ + case $$file in \ + $(srcdir)/*) file=`echo "$$file" | sed "s|^$$srcdirstrip/||"`;; \ + $(top_srcdir)/*) file=`echo "$$file" | sed "s|^$$topsrcdirstrip/|$(top_builddir)/|"`;; \ + esac; \ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ dir=`echo "$$file" | sed -e 's,/[^/]*$$,,'`; \ if test "$$dir" != "$$file" && test "$$dir" != "."; then \ dir="/$$dir"; \ - $(mkinstalldirs) "$(distdir)$$dir"; \ + $(mkdir_p) "$(distdir)$$dir"; \ else \ dir=''; \ fi; \ @@ -321,21 +430,23 @@ || exit 1; \ fi; \ done - list='$(SUBDIRS)'; for subdir in $$list; do \ + list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ if test "$$subdir" = .; then :; else \ - test -d $(distdir)/$$subdir \ - || mkdir $(distdir)/$$subdir \ + test -d "$(distdir)/$$subdir" \ + || $(mkdir_p) "$(distdir)/$$subdir" \ || exit 1; \ + distdir=`$(am__cd) $(distdir) && pwd`; \ + top_distdir=`$(am__cd) $(top_distdir) && pwd`; \ (cd $$subdir && \ $(MAKE) $(AM_MAKEFLAGS) \ - top_distdir="$(top_distdir)" \ - distdir=../$(distdir)/$$subdir \ + top_distdir="$$top_distdir" \ + distdir="$$distdir/$$subdir" \ distdir) \ || exit 1; \ fi; \ done $(MAKE) $(AM_MAKEFLAGS) \ - top_distdir="${top_distdir}" distdir="$(distdir)" \ + top_distdir="$(top_distdir)" distdir="$(distdir)" \ dist-hook -find $(distdir) -type d ! -perm -777 -exec chmod a+rwx {} \; -o \ ! -type d ! -perm -444 -links 1 -exec chmod a+r {} \; -o \ @@ -343,26 +454,54 @@ ! -type d ! -perm -444 -exec $(SHELL) $(install_sh) -c -m a+r {} {} \; \ || chmod -R a+r $(distdir) dist-gzip: distdir - $(AMTAR) chof - $(distdir) | GZIP=$(GZIP_ENV) gzip -c >$(distdir).tar.gz + tardir=$(distdir) && $(am__tar) | GZIP=$(GZIP_ENV) gzip -c >$(distdir).tar.gz + $(am__remove_distdir) + +dist-bzip2: distdir + tardir=$(distdir) && $(am__tar) | bzip2 -9 -c >$(distdir).tar.bz2 + $(am__remove_distdir) + +dist-tarZ: distdir + tardir=$(distdir) && $(am__tar) | compress -c >$(distdir).tar.Z + $(am__remove_distdir) + +dist-shar: distdir + shar $(distdir) | GZIP=$(GZIP_ENV) gzip -c >$(distdir).shar.gz + $(am__remove_distdir) + +dist-zip: distdir + -rm -f $(distdir).zip + zip -rq $(distdir).zip $(distdir) $(am__remove_distdir) dist dist-all: distdir - $(AMTAR) chof - $(distdir) | GZIP=$(GZIP_ENV) gzip -c >$(distdir).tar.gz + tardir=$(distdir) && $(am__tar) | GZIP=$(GZIP_ENV) gzip -c >$(distdir).tar.gz $(am__remove_distdir) # This target untars the dist file and tries a VPATH configuration. Then # it guarantees that the distribution is self-contained by making another # tarfile. distcheck: dist - $(am__remove_distdir) - GZIP=$(GZIP_ENV) gunzip -c $(distdir).tar.gz | $(AMTAR) xf - + case '$(DIST_ARCHIVES)' in \ + *.tar.gz*) \ + GZIP=$(GZIP_ENV) gunzip -c $(distdir).tar.gz | $(am__untar) ;;\ + *.tar.bz2*) \ + bunzip2 -c $(distdir).tar.bz2 | $(am__untar) ;;\ + *.tar.Z*) \ + uncompress -c $(distdir).tar.Z | $(am__untar) ;;\ + *.shar.gz*) \ + GZIP=$(GZIP_ENV) gunzip -c $(distdir).shar.gz | unshar ;;\ + *.zip*) \ + unzip $(distdir).zip ;;\ + esac chmod -R a-w $(distdir); chmod a+w $(distdir) - mkdir $(distdir)/=build - mkdir $(distdir)/=inst + mkdir $(distdir)/_build + mkdir $(distdir)/_inst chmod a-w $(distdir) - dc_install_base=`$(am__cd) $(distdir)/=inst && pwd` \ - && cd $(distdir)/=build \ - && ../configure --srcdir=.. --prefix=$$dc_install_base \ + dc_install_base=`$(am__cd) $(distdir)/_inst && pwd | sed -e 's,^[^:\\/]:[\\/],/,'` \ + && dc_destdir="$${TMPDIR-/tmp}/am-dc-$$$$/" \ + && cd $(distdir)/_build \ + && ../configure --srcdir=.. --prefix="$$dc_install_base" \ $(DISTCHECK_CONFIGURE_FLAGS) \ && $(MAKE) $(AM_MAKEFLAGS) \ && $(MAKE) $(AM_MAKEFLAGS) dvi \ @@ -370,23 +509,40 @@ && $(MAKE) $(AM_MAKEFLAGS) install \ && $(MAKE) $(AM_MAKEFLAGS) installcheck \ && $(MAKE) $(AM_MAKEFLAGS) uninstall \ - && (test `find $$dc_install_base -type f -print | wc -l` -le 1 \ - || { echo "ERROR: files left after uninstall:" ; \ - find $$dc_install_base -type f -print ; \ - exit 1; } >&2 ) \ - && $(MAKE) $(AM_MAKEFLAGS) dist-gzip \ - && rm -f $(distdir).tar.gz \ + && $(MAKE) $(AM_MAKEFLAGS) distuninstallcheck_dir="$$dc_install_base" \ + distuninstallcheck \ + && chmod -R a-w "$$dc_install_base" \ + && ({ \ + (cd ../.. && umask 077 && mkdir "$$dc_destdir") \ + && $(MAKE) $(AM_MAKEFLAGS) DESTDIR="$$dc_destdir" install \ + && $(MAKE) $(AM_MAKEFLAGS) DESTDIR="$$dc_destdir" uninstall \ + && $(MAKE) $(AM_MAKEFLAGS) DESTDIR="$$dc_destdir" \ + distuninstallcheck_dir="$$dc_destdir" distuninstallcheck; \ + } || { rm -rf "$$dc_destdir"; exit 1; }) \ + && rm -rf "$$dc_destdir" \ + && $(MAKE) $(AM_MAKEFLAGS) dist \ + && rm -rf $(DIST_ARCHIVES) \ && $(MAKE) $(AM_MAKEFLAGS) distcleancheck $(am__remove_distdir) - @echo "$(distdir).tar.gz is ready for distribution" | \ - sed 'h;s/./=/g;p;x;p;x' + @(echo "$(distdir) archives ready for distribution: "; \ + list='$(DIST_ARCHIVES)'; for i in $$list; do echo $$i; done) | \ + sed -e '1{h;s/./=/g;p;x;}' -e '$${p;x;}' +distuninstallcheck: + @cd $(distuninstallcheck_dir) \ + && test `$(distuninstallcheck_listfiles) | wc -l` -le 1 \ + || { echo "ERROR: files left after uninstall:" ; \ + if test -n "$(DESTDIR)"; then \ + echo " (check DESTDIR support)"; \ + fi ; \ + $(distuninstallcheck_listfiles) ; \ + exit 1; } >&2 distcleancheck: distclean - if test '$(srcdir)' = . ; then \ + @if test '$(srcdir)' = . ; then \ echo "ERROR: distcleancheck can only run from a VPATH build" ; \ exit 1 ; \ fi - test `$(distcleancheck_listfiles) | wc -l` -eq 0 \ - || { echo "ERROR: files left after distclean:" ; \ + @test `$(distcleancheck_listfiles) | wc -l` -eq 0 \ + || { echo "ERROR: files left in build directory after distclean:" ; \ $(distcleancheck_listfiles) ; \ exit 1; } >&2 check-am: all-am @@ -394,8 +550,9 @@ all-am: Makefile $(MANS) config.h installdirs: installdirs-recursive installdirs-am: - $(mkinstalldirs) $(DESTDIR)$(man8dir) - + for dir in "$(DESTDIR)$(man8dir)"; do \ + test -z "$$dir" || $(mkdir_p) "$$dir"; \ + done install: install-recursive install-exec: install-exec-recursive install-data: install-data-recursive @@ -407,7 +564,7 @@ installcheck: installcheck-recursive install-strip: $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - INSTALL_STRIP_FLAG=-s \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ `test -z '$(STRIP)' || \ echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install mostlyclean-generic: @@ -415,7 +572,7 @@ clean-generic: distclean-generic: - -rm -f Makefile $(CONFIG_CLEAN_FILES) + -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) -test -z "$(DISTCLEANFILES)" || rm -f $(DISTCLEANFILES) maintainer-clean-generic: @@ -427,12 +584,15 @@ distclean: distclean-recursive -rm -f $(am__CONFIG_DISTCLEAN_FILES) + -rm -f Makefile distclean-am: clean-am distclean-generic distclean-hdr distclean-tags dvi: dvi-recursive dvi-am: +html: html-recursive + info: info-recursive info-am: @@ -449,34 +609,43 @@ maintainer-clean: maintainer-clean-recursive -rm -f $(am__CONFIG_DISTCLEAN_FILES) - -rm -rf autom4te.cache + -rm -rf $(top_srcdir)/autom4te.cache + -rm -f Makefile maintainer-clean-am: distclean-am maintainer-clean-generic mostlyclean: mostlyclean-recursive mostlyclean-am: mostlyclean-generic +pdf: pdf-recursive + +pdf-am: + +ps: ps-recursive + +ps-am: + uninstall-am: uninstall-info-am uninstall-man uninstall-info: uninstall-info-recursive uninstall-man: uninstall-man8 -.PHONY: $(RECURSIVE_TARGETS) GTAGS all all-am check check-am clean \ - clean-generic clean-recursive dist dist-all dist-gzip distcheck \ - distclean distclean-generic distclean-hdr distclean-recursive \ - distclean-tags distcleancheck distdir dvi dvi-am dvi-recursive \ - info info-am info-recursive install install-am install-data \ - install-data-am install-data-recursive install-exec \ - install-exec-am install-exec-recursive install-info \ - install-info-am install-info-recursive install-man install-man8 \ - install-recursive install-strip installcheck installcheck-am \ - installdirs installdirs-am installdirs-recursive \ - maintainer-clean maintainer-clean-generic \ +.PHONY: $(RECURSIVE_TARGETS) CTAGS GTAGS all all-am am--refresh check \ + check-am clean clean-generic clean-recursive ctags \ + ctags-recursive dist dist-all dist-bzip2 dist-gzip dist-hook \ + dist-shar dist-tarZ dist-zip distcheck distclean \ + distclean-generic distclean-hdr distclean-recursive \ + distclean-tags distcleancheck distdir distuninstallcheck dvi \ + dvi-am html html-am info info-am install install-am \ + install-data install-data-am install-exec install-exec-am \ + install-info install-info-am install-man install-man8 \ + install-strip installcheck installcheck-am installdirs \ + installdirs-am maintainer-clean maintainer-clean-generic \ maintainer-clean-recursive mostlyclean mostlyclean-generic \ - mostlyclean-recursive tags tags-recursive uninstall \ - uninstall-am uninstall-info-am uninstall-info-recursive \ - uninstall-man uninstall-man8 uninstall-recursive + mostlyclean-recursive pdf pdf-am ps ps-am tags tags-recursive \ + uninstall uninstall-am uninstall-info-am uninstall-man \ + uninstall-man8 dist-hook: --- snort-2.3.3.orig/config.guess +++ snort-2.3.3/config.guess @@ -1,9 +1,9 @@ #! /bin/sh # Attempt to guess a canonical system name. # Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, -# 2000, 2001, 2002 Free Software Foundation, Inc. +# 2000, 2001, 2002, 2003, 2004, 2005 Free Software Foundation, Inc. -timestamp='2002-01-23' +timestamp='2005-08-03' # This file is free software; you can redistribute it and/or modify it # under the terms of the GNU General Public License as published by @@ -17,13 +17,15 @@ # # You should have received a copy of the GNU General Public License # along with this program; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. +# Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA +# 02110-1301, USA. # # As a special exception to the GNU General Public License, if you # distribute this file as part of a program that contains a # configuration script generated by Autoconf, you may include it under # the same distribution terms that you use for the rest of that program. + # Originally written by Per Bothner . # Please send patches to . Submit a context # diff and a properly formatted ChangeLog entry. @@ -53,7 +55,7 @@ GNU config.guess ($timestamp) Originally written by Per Bothner. -Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001 +Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005 Free Software Foundation, Inc. This is free software; see the source for copying conditions. There is NO @@ -66,11 +68,11 @@ while test $# -gt 0 ; do case $1 in --time-stamp | --time* | -t ) - echo "$timestamp" ; exit 0 ;; + echo "$timestamp" ; exit ;; --version | -v ) - echo "$version" ; exit 0 ;; + echo "$version" ; exit ;; --help | --h* | -h ) - echo "$usage"; exit 0 ;; + echo "$usage"; exit ;; -- ) # Stop option processing shift; break ;; - ) # Use stdin as input. @@ -88,30 +90,42 @@ exit 1 fi +trap 'exit 1' 1 2 15 -dummy=dummy-$$ -trap 'rm -f $dummy.c $dummy.o $dummy.rel $dummy; exit 1' 1 2 15 +# CC_FOR_BUILD -- compiler used by this script. Note that the use of a +# compiler to aid in system detection is discouraged as it requires +# temporary files to be created and, as you can see below, it is a +# headache to deal with in a portable fashion. -# CC_FOR_BUILD -- compiler used by this script. # Historically, `CC_FOR_BUILD' used to be named `HOST_CC'. We still # use `HOST_CC' if defined, but it is deprecated. -set_cc_for_build='case $CC_FOR_BUILD,$HOST_CC,$CC in - ,,) echo "int dummy(){}" > $dummy.c ; - for c in cc gcc c89 ; do - ($c $dummy.c -c -o $dummy.o) >/dev/null 2>&1 ; - if test $? = 0 ; then +# Portable tmp directory creation inspired by the Autoconf team. + +set_cc_for_build=' +trap "exitcode=\$?; (rm -f \$tmpfiles 2>/dev/null; rmdir \$tmp 2>/dev/null) && exit \$exitcode" 0 ; +trap "rm -f \$tmpfiles 2>/dev/null; rmdir \$tmp 2>/dev/null; exit 1" 1 2 13 15 ; +: ${TMPDIR=/tmp} ; + { tmp=`(umask 077 && mktemp -d -q "$TMPDIR/cgXXXXXX") 2>/dev/null` && test -n "$tmp" && test -d "$tmp" ; } || + { test -n "$RANDOM" && tmp=$TMPDIR/cg$$-$RANDOM && (umask 077 && mkdir $tmp) ; } || + { tmp=$TMPDIR/cg-$$ && (umask 077 && mkdir $tmp) && echo "Warning: creating insecure temp directory" >&2 ; } || + { echo "$me: cannot create a temporary directory in $TMPDIR" >&2 ; exit 1 ; } ; +dummy=$tmp/dummy ; +tmpfiles="$dummy.c $dummy.o $dummy.rel $dummy" ; +case $CC_FOR_BUILD,$HOST_CC,$CC in + ,,) echo "int x;" > $dummy.c ; + for c in cc gcc c89 c99 ; do + if ($c -c -o $dummy.o $dummy.c) >/dev/null 2>&1 ; then CC_FOR_BUILD="$c"; break ; fi ; done ; - rm -f $dummy.c $dummy.o $dummy.rel ; if test x"$CC_FOR_BUILD" = x ; then CC_FOR_BUILD=no_compiler_found ; fi ;; ,,*) CC_FOR_BUILD=$CC ;; ,*,*) CC_FOR_BUILD=$HOST_CC ;; -esac' +esac ; set_cc_for_build= ;' # This is needed to find uname on a Pyramid OSx when run in the BSD universe. # (ghazi@noc.rutgers.edu 1994-08-24) @@ -138,9 +152,11 @@ # # Note: NetBSD doesn't particularly care about the vendor # portion of the name. We always set it to "unknown". - UNAME_MACHINE_ARCH=`(uname -p) 2>/dev/null` || \ - UNAME_MACHINE_ARCH=unknown + sysctl="sysctl -n hw.machine_arch" + UNAME_MACHINE_ARCH=`(/sbin/$sysctl 2>/dev/null || \ + /usr/sbin/$sysctl 2>/dev/null || echo unknown)` case "${UNAME_MACHINE_ARCH}" in + armeb) machine=armeb-unknown ;; arm*) machine=arm-unknown ;; sh3el) machine=shl-unknown ;; sh3eb) machine=sh-unknown ;; @@ -166,141 +182,125 @@ ;; esac # The OS release - release=`echo ${UNAME_RELEASE}|sed -e 's/[-_].*/\./'` + # Debian GNU/NetBSD machines have a different userland, and + # thus, need a distinct triplet. However, they do not need + # kernel version information, so it can be replaced with a + # suitable tag, in the style of linux-gnu. + case "${UNAME_VERSION}" in + Debian*) + release='-gnu' + ;; + *) + release=`echo ${UNAME_RELEASE}|sed -e 's/[-_].*/\./'` + ;; + esac # Since CPU_TYPE-MANUFACTURER-KERNEL-OPERATING_SYSTEM: # contains redundant information, the shorter form: # CPU_TYPE-MANUFACTURER-OPERATING_SYSTEM is used. echo "${machine}-${os}${release}" - exit 0 ;; - amiga:OpenBSD:*:*) - echo m68k-unknown-openbsd${UNAME_RELEASE} - exit 0 ;; - arc:OpenBSD:*:*) - echo mipsel-unknown-openbsd${UNAME_RELEASE} - exit 0 ;; - hp300:OpenBSD:*:*) - echo m68k-unknown-openbsd${UNAME_RELEASE} - exit 0 ;; - mac68k:OpenBSD:*:*) - echo m68k-unknown-openbsd${UNAME_RELEASE} - exit 0 ;; - macppc:OpenBSD:*:*) - echo powerpc-unknown-openbsd${UNAME_RELEASE} - exit 0 ;; - mvme68k:OpenBSD:*:*) - echo m68k-unknown-openbsd${UNAME_RELEASE} - exit 0 ;; - mvme88k:OpenBSD:*:*) - echo m88k-unknown-openbsd${UNAME_RELEASE} - exit 0 ;; - mvmeppc:OpenBSD:*:*) - echo powerpc-unknown-openbsd${UNAME_RELEASE} - exit 0 ;; - pmax:OpenBSD:*:*) - echo mipsel-unknown-openbsd${UNAME_RELEASE} - exit 0 ;; - sgi:OpenBSD:*:*) - echo mipseb-unknown-openbsd${UNAME_RELEASE} - exit 0 ;; - sun3:OpenBSD:*:*) - echo m68k-unknown-openbsd${UNAME_RELEASE} - exit 0 ;; - wgrisc:OpenBSD:*:*) - echo mipsel-unknown-openbsd${UNAME_RELEASE} - exit 0 ;; + exit ;; *:OpenBSD:*:*) - echo ${UNAME_MACHINE}-unknown-openbsd${UNAME_RELEASE} - exit 0 ;; + UNAME_MACHINE_ARCH=`arch | sed 's/OpenBSD.//'` + echo ${UNAME_MACHINE_ARCH}-unknown-openbsd${UNAME_RELEASE} + exit ;; + *:ekkoBSD:*:*) + echo ${UNAME_MACHINE}-unknown-ekkobsd${UNAME_RELEASE} + exit ;; + macppc:MirBSD:*:*) + echo powerppc-unknown-mirbsd${UNAME_RELEASE} + exit ;; + *:MirBSD:*:*) + echo ${UNAME_MACHINE}-unknown-mirbsd${UNAME_RELEASE} + exit ;; alpha:OSF1:*:*) - if test $UNAME_RELEASE = "V4.0"; then + case $UNAME_RELEASE in + *4.0) UNAME_RELEASE=`/usr/sbin/sizer -v | awk '{print $3}'` - fi + ;; + *5.*) + UNAME_RELEASE=`/usr/sbin/sizer -v | awk '{print $4}'` + ;; + esac + # According to Compaq, /usr/sbin/psrinfo has been available on + # OSF/1 and Tru64 systems produced since 1995. I hope that + # covers most systems running today. This code pipes the CPU + # types through head -n 1, so we only detect the type of CPU 0. + ALPHA_CPU_TYPE=`/usr/sbin/psrinfo -v | sed -n -e 's/^ The alpha \(.*\) processor.*$/\1/p' | head -n 1` + case "$ALPHA_CPU_TYPE" in + "EV4 (21064)") + UNAME_MACHINE="alpha" ;; + "EV4.5 (21064)") + UNAME_MACHINE="alpha" ;; + "LCA4 (21066/21068)") + UNAME_MACHINE="alpha" ;; + "EV5 (21164)") + UNAME_MACHINE="alphaev5" ;; + "EV5.6 (21164A)") + UNAME_MACHINE="alphaev56" ;; + "EV5.6 (21164PC)") + UNAME_MACHINE="alphapca56" ;; + "EV5.7 (21164PC)") + UNAME_MACHINE="alphapca57" ;; + "EV6 (21264)") + UNAME_MACHINE="alphaev6" ;; + "EV6.7 (21264A)") + UNAME_MACHINE="alphaev67" ;; + "EV6.8CB (21264C)") + UNAME_MACHINE="alphaev68" ;; + "EV6.8AL (21264B)") + UNAME_MACHINE="alphaev68" ;; + "EV6.8CX (21264D)") + UNAME_MACHINE="alphaev68" ;; + "EV6.9A (21264/EV69A)") + UNAME_MACHINE="alphaev69" ;; + "EV7 (21364)") + UNAME_MACHINE="alphaev7" ;; + "EV7.9 (21364A)") + UNAME_MACHINE="alphaev79" ;; + esac + # A Pn.n version is a patched version. # A Vn.n version is a released version. # A Tn.n version is a released field test version. # A Xn.n version is an unreleased experimental baselevel. # 1.2 uses "1.2" for uname -r. - cat <$dummy.s - .data -\$Lformat: - .byte 37,100,45,37,120,10,0 # "%d-%x\n" - - .text - .globl main - .align 4 - .ent main -main: - .frame \$30,16,\$26,0 - ldgp \$29,0(\$27) - .prologue 1 - .long 0x47e03d80 # implver \$0 - lda \$2,-1 - .long 0x47e20c21 # amask \$2,\$1 - lda \$16,\$Lformat - mov \$0,\$17 - not \$1,\$18 - jsr \$26,printf - ldgp \$29,0(\$26) - mov 0,\$16 - jsr \$26,exit - .end main -EOF - eval $set_cc_for_build - $CC_FOR_BUILD $dummy.s -o $dummy 2>/dev/null - if test "$?" = 0 ; then - case `./$dummy` in - 0-0) - UNAME_MACHINE="alpha" - ;; - 1-0) - UNAME_MACHINE="alphaev5" - ;; - 1-1) - UNAME_MACHINE="alphaev56" - ;; - 1-101) - UNAME_MACHINE="alphapca56" - ;; - 2-303) - UNAME_MACHINE="alphaev6" - ;; - 2-307) - UNAME_MACHINE="alphaev67" - ;; - 2-1307) - UNAME_MACHINE="alphaev68" - ;; - esac - fi - rm -f $dummy.s $dummy - echo ${UNAME_MACHINE}-dec-osf`echo ${UNAME_RELEASE} | sed -e 's/^[VTX]//' | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz'` - exit 0 ;; + echo ${UNAME_MACHINE}-dec-osf`echo ${UNAME_RELEASE} | sed -e 's/^[PVTX]//' | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz'` + exit ;; Alpha\ *:Windows_NT*:*) # How do we know it's Interix rather than the generic POSIX subsystem? # Should we change UNAME_MACHINE based on the output of uname instead # of the specific Alpha model? echo alpha-pc-interix - exit 0 ;; + exit ;; 21064:Windows_NT:50:3) echo alpha-dec-winnt3.5 - exit 0 ;; + exit ;; Amiga*:UNIX_System_V:4.0:*) echo m68k-unknown-sysv4 - exit 0;; + exit ;; *:[Aa]miga[Oo][Ss]:*:*) echo ${UNAME_MACHINE}-unknown-amigaos - exit 0 ;; + exit ;; *:[Mm]orph[Oo][Ss]:*:*) echo ${UNAME_MACHINE}-unknown-morphos - exit 0 ;; + exit ;; *:OS/390:*:*) echo i370-ibm-openedition - exit 0 ;; + exit ;; + *:z/VM:*:*) + echo s390-ibm-zvmoe + exit ;; + *:OS400:*:*) + echo powerpc-ibm-os400 + exit ;; arm:RISC*:1.[012]*:*|arm:riscix:1.[012]*:*) echo arm-acorn-riscix${UNAME_RELEASE} - exit 0;; + exit ;; + arm:riscos:*:*|arm:RISCOS:*:*) + echo arm-unknown-riscos + exit ;; SR2?01:HI-UX/MPP:*:* | SR8000:HI-UX/MPP:*:*) echo hppa1.1-hitachi-hiuxmpp - exit 0;; + exit ;; Pyramid*:OSx*:*:* | MIS*:OSx*:*:* | MIS*:SMP_DC-OSx*:*:*) # akee@wpdis03.wpafb.af.mil (Earle F. Ake) contributed MIS and NILE. if test "`(/bin/universe) 2>/dev/null`" = att ; then @@ -308,25 +308,32 @@ else echo pyramid-pyramid-bsd fi - exit 0 ;; + exit ;; NILE*:*:*:dcosx) echo pyramid-pyramid-svr4 - exit 0 ;; + exit ;; + DRS?6000:unix:4.0:6*) + echo sparc-icl-nx6 + exit ;; + DRS?6000:UNIX_SV:4.2*:7* | DRS?6000:isis:4.2*:7*) + case `/usr/bin/uname -p` in + sparc) echo sparc-icl-nx7; exit ;; + esac ;; sun4H:SunOS:5.*:*) echo sparc-hal-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` - exit 0 ;; + exit ;; sun4*:SunOS:5.*:* | tadpole*:SunOS:5.*:*) echo sparc-sun-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` - exit 0 ;; + exit ;; i86pc:SunOS:5.*:*) echo i386-pc-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` - exit 0 ;; + exit ;; sun4*:SunOS:6*:*) # According to config.sub, this is the proper way to canonicalize # SunOS6. Hard to guess exactly what SunOS6 will be like, but # it's likely to be more like Solaris than SunOS4. echo sparc-sun-solaris3`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` - exit 0 ;; + exit ;; sun4*:SunOS:*:*) case "`/usr/bin/arch -k`" in Series*|S4*) @@ -335,12 +342,12 @@ esac # Japanese Language versions have a version number like `4.1.3-JL'. echo sparc-sun-sunos`echo ${UNAME_RELEASE}|sed -e 's/-/_/'` - exit 0 ;; + exit ;; sun3*:SunOS:*:*) echo m68k-sun-sunos${UNAME_RELEASE} - exit 0 ;; + exit ;; sun*:*:4.2BSD:*) - UNAME_RELEASE=`(head -1 /etc/motd | awk '{print substr($5,1,3)}') 2>/dev/null` + UNAME_RELEASE=`(sed 1q /etc/motd | awk '{print substr($5,1,3)}') 2>/dev/null` test "x${UNAME_RELEASE}" = "x" && UNAME_RELEASE=3 case "`/bin/arch`" in sun3) @@ -350,10 +357,10 @@ echo sparc-sun-sunos${UNAME_RELEASE} ;; esac - exit 0 ;; + exit ;; aushp:SunOS:*:*) echo sparc-auspex-sunos${UNAME_RELEASE} - exit 0 ;; + exit ;; # The situation for MiNT is a little confusing. The machine name # can be virtually everything (everything which is not # "atarist" or "atariste" at least should have a processor @@ -364,37 +371,40 @@ # be no problem. atarist[e]:*MiNT:*:* | atarist[e]:*mint:*:* | atarist[e]:*TOS:*:*) echo m68k-atari-mint${UNAME_RELEASE} - exit 0 ;; + exit ;; atari*:*MiNT:*:* | atari*:*mint:*:* | atarist[e]:*TOS:*:*) echo m68k-atari-mint${UNAME_RELEASE} - exit 0 ;; + exit ;; *falcon*:*MiNT:*:* | *falcon*:*mint:*:* | *falcon*:*TOS:*:*) echo m68k-atari-mint${UNAME_RELEASE} - exit 0 ;; + exit ;; milan*:*MiNT:*:* | milan*:*mint:*:* | *milan*:*TOS:*:*) echo m68k-milan-mint${UNAME_RELEASE} - exit 0 ;; + exit ;; hades*:*MiNT:*:* | hades*:*mint:*:* | *hades*:*TOS:*:*) echo m68k-hades-mint${UNAME_RELEASE} - exit 0 ;; + exit ;; *:*MiNT:*:* | *:*mint:*:* | *:*TOS:*:*) echo m68k-unknown-mint${UNAME_RELEASE} - exit 0 ;; + exit ;; + m68k:machten:*:*) + echo m68k-apple-machten${UNAME_RELEASE} + exit ;; powerpc:machten:*:*) echo powerpc-apple-machten${UNAME_RELEASE} - exit 0 ;; + exit ;; RISC*:Mach:*:*) echo mips-dec-mach_bsd4.3 - exit 0 ;; + exit ;; RISC*:ULTRIX:*:*) echo mips-dec-ultrix${UNAME_RELEASE} - exit 0 ;; + exit ;; VAX*:ULTRIX*:*:*) echo vax-dec-ultrix${UNAME_RELEASE} - exit 0 ;; + exit ;; 2020:CLIX:*:* | 2430:CLIX:*:*) echo clipper-intergraph-clix${UNAME_RELEASE} - exit 0 ;; + exit ;; mips:*:*:UMIPS | mips:*:*:RISCos) eval $set_cc_for_build sed 's/^ //' << EOF >$dummy.c @@ -418,27 +428,33 @@ exit (-1); } EOF - $CC_FOR_BUILD $dummy.c -o $dummy \ - && ./$dummy `echo "${UNAME_RELEASE}" | sed -n 's/\([0-9]*\).*/\1/p'` \ - && rm -f $dummy.c $dummy && exit 0 - rm -f $dummy.c $dummy + $CC_FOR_BUILD -o $dummy $dummy.c && + dummyarg=`echo "${UNAME_RELEASE}" | sed -n 's/\([0-9]*\).*/\1/p'` && + SYSTEM_NAME=`$dummy $dummyarg` && + { echo "$SYSTEM_NAME"; exit; } echo mips-mips-riscos${UNAME_RELEASE} - exit 0 ;; + exit ;; Motorola:PowerMAX_OS:*:*) echo powerpc-motorola-powermax - exit 0 ;; + exit ;; + Motorola:*:4.3:PL8-*) + echo powerpc-harris-powermax + exit ;; + Night_Hawk:*:*:PowerMAX_OS | Synergy:PowerMAX_OS:*:*) + echo powerpc-harris-powermax + exit ;; Night_Hawk:Power_UNIX:*:*) echo powerpc-harris-powerunix - exit 0 ;; + exit ;; m88k:CX/UX:7*:*) echo m88k-harris-cxux7 - exit 0 ;; + exit ;; m88k:*:4*:R4*) echo m88k-motorola-sysv4 - exit 0 ;; + exit ;; m88k:*:3*:R3*) echo m88k-motorola-sysv3 - exit 0 ;; + exit ;; AViiON:dgux:*:*) # DG/UX returns AViiON for all architectures UNAME_PROCESSOR=`/usr/bin/uname -p` @@ -454,29 +470,29 @@ else echo i586-dg-dgux${UNAME_RELEASE} fi - exit 0 ;; + exit ;; M88*:DolphinOS:*:*) # DolphinOS (SVR3) echo m88k-dolphin-sysv3 - exit 0 ;; + exit ;; M88*:*:R3*:*) # Delta 88k system running SVR3 echo m88k-motorola-sysv3 - exit 0 ;; + exit ;; XD88*:*:*:*) # Tektronix XD88 system running UTekV (SVR3) echo m88k-tektronix-sysv3 - exit 0 ;; + exit ;; Tek43[0-9][0-9]:UTek:*:*) # Tektronix 4300 system running UTek (BSD) echo m68k-tektronix-bsd - exit 0 ;; + exit ;; *:IRIX*:*:*) echo mips-sgi-irix`echo ${UNAME_RELEASE}|sed -e 's/-/_/g'` - exit 0 ;; + exit ;; ????????:AIX?:[12].1:2) # AIX 2.2.1 or AIX 2.1.1 is RT/PC AIX. - echo romp-ibm-aix # uname -m gives an 8 hex-code CPU id - exit 0 ;; # Note that: echo "'`uname -s`'" gives 'AIX ' + echo romp-ibm-aix # uname -m gives an 8 hex-code CPU id + exit ;; # Note that: echo "'`uname -s`'" gives 'AIX ' i*86:AIX:*:*) echo i386-ibm-aix - exit 0 ;; + exit ;; ia64:AIX:*:*) if [ -x /usr/bin/oslevel ] ; then IBM_REV=`/usr/bin/oslevel` @@ -484,7 +500,7 @@ IBM_REV=${UNAME_VERSION}.${UNAME_RELEASE} fi echo ${UNAME_MACHINE}-ibm-aix${IBM_REV} - exit 0 ;; + exit ;; *:AIX:2:3) if grep bos325 /usr/include/stdio.h >/dev/null 2>&1; then eval $set_cc_for_build @@ -499,17 +515,20 @@ exit(0); } EOF - $CC_FOR_BUILD $dummy.c -o $dummy && ./$dummy && rm -f $dummy.c $dummy && exit 0 - rm -f $dummy.c $dummy - echo rs6000-ibm-aix3.2.5 + if $CC_FOR_BUILD -o $dummy $dummy.c && SYSTEM_NAME=`$dummy` + then + echo "$SYSTEM_NAME" + else + echo rs6000-ibm-aix3.2.5 + fi elif grep bos324 /usr/include/stdio.h >/dev/null 2>&1; then echo rs6000-ibm-aix3.2.4 else echo rs6000-ibm-aix3.2 fi - exit 0 ;; + exit ;; *:AIX:*:[45]) - IBM_CPU_ID=`/usr/sbin/lsdev -C -c processor -S available | head -1 | awk '{ print $1 }'` + IBM_CPU_ID=`/usr/sbin/lsdev -C -c processor -S available | sed 1q | awk '{ print $1 }'` if /usr/sbin/lsattr -El ${IBM_CPU_ID} | grep ' POWER' >/dev/null 2>&1; then IBM_ARCH=rs6000 else @@ -521,28 +540,28 @@ IBM_REV=${UNAME_VERSION}.${UNAME_RELEASE} fi echo ${IBM_ARCH}-ibm-aix${IBM_REV} - exit 0 ;; + exit ;; *:AIX:*:*) echo rs6000-ibm-aix - exit 0 ;; + exit ;; ibmrt:4.4BSD:*|romp-ibm:BSD:*) echo romp-ibm-bsd4.4 - exit 0 ;; + exit ;; ibmrt:*BSD:*|romp-ibm:BSD:*) # covers RT/PC BSD and echo romp-ibm-bsd${UNAME_RELEASE} # 4.3 with uname added to - exit 0 ;; # report: romp-ibm BSD 4.3 + exit ;; # report: romp-ibm BSD 4.3 *:BOSX:*:*) echo rs6000-bull-bosx - exit 0 ;; + exit ;; DPX/2?00:B.O.S.:*:*) echo m68k-bull-sysv3 - exit 0 ;; + exit ;; 9000/[34]??:4.3bsd:1.*:*) echo m68k-hp-bsd - exit 0 ;; + exit ;; hp300:4.4BSD:*:* | 9000/[34]??:4.3bsd:2.*:*) echo m68k-hp-bsd4.4 - exit 0 ;; + exit ;; 9000/[34678]??:HP-UX:*:*) HPUX_REV=`echo ${UNAME_RELEASE}|sed -e 's/[^.]*.[0B]*//'` case "${UNAME_MACHINE}" in @@ -598,17 +617,37 @@ exit (0); } EOF - (CCOPTS= $CC_FOR_BUILD $dummy.c -o $dummy 2>/dev/null) && HP_ARCH=`./$dummy` - if test -z "$HP_ARCH"; then HP_ARCH=hppa; fi - rm -f $dummy.c $dummy + (CCOPTS= $CC_FOR_BUILD -o $dummy $dummy.c 2>/dev/null) && HP_ARCH=`$dummy` + test -z "$HP_ARCH" && HP_ARCH=hppa fi ;; esac + if [ ${HP_ARCH} = "hppa2.0w" ] + then + eval $set_cc_for_build + + # hppa2.0w-hp-hpux* has a 64-bit kernel and a compiler generating + # 32-bit code. hppa64-hp-hpux* has the same kernel and a compiler + # generating 64-bit code. GNU and HP use different nomenclature: + # + # $ CC_FOR_BUILD=cc ./config.guess + # => hppa2.0w-hp-hpux11.23 + # $ CC_FOR_BUILD="cc +DA2.0w" ./config.guess + # => hppa64-hp-hpux11.23 + + if echo __LP64__ | (CCOPTS= $CC_FOR_BUILD -E - 2>/dev/null) | + grep __LP64__ >/dev/null + then + HP_ARCH="hppa2.0w" + else + HP_ARCH="hppa64" + fi + fi echo ${HP_ARCH}-hp-hpux${HPUX_REV} - exit 0 ;; + exit ;; ia64:HP-UX:*:*) HPUX_REV=`echo ${UNAME_RELEASE}|sed -e 's/[^.]*.[0B]*//'` echo ia64-hp-hpux${HPUX_REV} - exit 0 ;; + exit ;; 3050*:HI-UX:*:*) eval $set_cc_for_build sed 's/^ //' << EOF >$dummy.c @@ -636,166 +675,213 @@ exit (0); } EOF - $CC_FOR_BUILD $dummy.c -o $dummy && ./$dummy && rm -f $dummy.c $dummy && exit 0 - rm -f $dummy.c $dummy + $CC_FOR_BUILD -o $dummy $dummy.c && SYSTEM_NAME=`$dummy` && + { echo "$SYSTEM_NAME"; exit; } echo unknown-hitachi-hiuxwe2 - exit 0 ;; + exit ;; 9000/7??:4.3bsd:*:* | 9000/8?[79]:4.3bsd:*:* ) echo hppa1.1-hp-bsd - exit 0 ;; + exit ;; 9000/8??:4.3bsd:*:*) echo hppa1.0-hp-bsd - exit 0 ;; + exit ;; *9??*:MPE/iX:*:* | *3000*:MPE/iX:*:*) echo hppa1.0-hp-mpeix - exit 0 ;; + exit ;; hp7??:OSF1:*:* | hp8?[79]:OSF1:*:* ) echo hppa1.1-hp-osf - exit 0 ;; + exit ;; hp8??:OSF1:*:*) echo hppa1.0-hp-osf - exit 0 ;; + exit ;; i*86:OSF1:*:*) if [ -x /usr/sbin/sysversion ] ; then echo ${UNAME_MACHINE}-unknown-osf1mk else echo ${UNAME_MACHINE}-unknown-osf1 fi - exit 0 ;; + exit ;; parisc*:Lites*:*:*) echo hppa1.1-hp-lites - exit 0 ;; + exit ;; C1*:ConvexOS:*:* | convex:ConvexOS:C1*:*) echo c1-convex-bsd - exit 0 ;; + exit ;; C2*:ConvexOS:*:* | convex:ConvexOS:C2*:*) if getsysinfo -f scalar_acc then echo c32-convex-bsd else echo c2-convex-bsd fi - exit 0 ;; + exit ;; C34*:ConvexOS:*:* | convex:ConvexOS:C34*:*) echo c34-convex-bsd - exit 0 ;; + exit ;; C38*:ConvexOS:*:* | convex:ConvexOS:C38*:*) echo c38-convex-bsd - exit 0 ;; + exit ;; C4*:ConvexOS:*:* | convex:ConvexOS:C4*:*) echo c4-convex-bsd - exit 0 ;; - CRAY*X-MP:*:*:*) - echo xmp-cray-unicos - exit 0 ;; + exit ;; CRAY*Y-MP:*:*:*) echo ymp-cray-unicos${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' - exit 0 ;; + exit ;; CRAY*[A-Z]90:*:*:*) echo ${UNAME_MACHINE}-cray-unicos${UNAME_RELEASE} \ | sed -e 's/CRAY.*\([A-Z]90\)/\1/' \ -e y/ABCDEFGHIJKLMNOPQRSTUVWXYZ/abcdefghijklmnopqrstuvwxyz/ \ -e 's/\.[^.]*$/.X/' - exit 0 ;; + exit ;; CRAY*TS:*:*:*) echo t90-cray-unicos${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' - exit 0 ;; - CRAY*T3D:*:*:*) - echo alpha-cray-unicosmk${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' - exit 0 ;; + exit ;; CRAY*T3E:*:*:*) echo alphaev5-cray-unicosmk${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' - exit 0 ;; + exit ;; CRAY*SV1:*:*:*) echo sv1-cray-unicos${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' - exit 0 ;; - CRAY-2:*:*:*) - echo cray2-cray-unicos - exit 0 ;; + exit ;; + *:UNICOS/mp:*:*) + echo craynv-cray-unicosmp${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' + exit ;; F30[01]:UNIX_System_V:*:* | F700:UNIX_System_V:*:*) FUJITSU_PROC=`uname -m | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz'` FUJITSU_SYS=`uname -p | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/\///'` FUJITSU_REL=`echo ${UNAME_RELEASE} | sed -e 's/ /_/'` echo "${FUJITSU_PROC}-fujitsu-${FUJITSU_SYS}${FUJITSU_REL}" - exit 0 ;; + exit ;; + 5000:UNIX_System_V:4.*:*) + FUJITSU_SYS=`uname -p | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/\///'` + FUJITSU_REL=`echo ${UNAME_RELEASE} | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/ /_/'` + echo "sparc-fujitsu-${FUJITSU_SYS}${FUJITSU_REL}" + exit ;; i*86:BSD/386:*:* | i*86:BSD/OS:*:* | *:Ascend\ Embedded/OS:*:*) echo ${UNAME_MACHINE}-pc-bsdi${UNAME_RELEASE} - exit 0 ;; + exit ;; sparc*:BSD/OS:*:*) echo sparc-unknown-bsdi${UNAME_RELEASE} - exit 0 ;; + exit ;; *:BSD/OS:*:*) echo ${UNAME_MACHINE}-unknown-bsdi${UNAME_RELEASE} - exit 0 ;; + exit ;; *:FreeBSD:*:*) echo ${UNAME_MACHINE}-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` - exit 0 ;; + exit ;; i*:CYGWIN*:*) echo ${UNAME_MACHINE}-pc-cygwin - exit 0 ;; + exit ;; i*:MINGW*:*) echo ${UNAME_MACHINE}-pc-mingw32 - exit 0 ;; + exit ;; + i*:windows32*:*) + # uname -m includes "-pc" on this system. + echo ${UNAME_MACHINE}-mingw32 + exit ;; i*:PW*:*) echo ${UNAME_MACHINE}-pc-pw32 - exit 0 ;; - x86:Interix*:3*) - echo i386-pc-interix3 - exit 0 ;; + exit ;; + x86:Interix*:[34]*) + echo i586-pc-interix${UNAME_RELEASE}|sed -e 's/\..*//' + exit ;; + [345]86:Windows_95:* | [345]86:Windows_98:* | [345]86:Windows_NT:*) + echo i${UNAME_MACHINE}-pc-mks + exit ;; i*:Windows_NT*:* | Pentium*:Windows_NT*:*) # How do we know it's Interix rather than the generic POSIX subsystem? # It also conflicts with pre-2.0 versions of AT&T UWIN. Should we # UNAME_MACHINE based on the output of uname instead of i386? - echo i386-pc-interix - exit 0 ;; + echo i586-pc-interix + exit ;; i*:UWIN*:*) echo ${UNAME_MACHINE}-pc-uwin - exit 0 ;; + exit ;; + amd64:CYGWIN*:*:* | x86_64:CYGWIN*:*:*) + echo x86_64-unknown-cygwin + exit ;; p*:CYGWIN*:*) echo powerpcle-unknown-cygwin - exit 0 ;; + exit ;; prep*:SunOS:5.*:*) echo powerpcle-unknown-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` - exit 0 ;; + exit ;; *:GNU:*:*) + # the GNU system echo `echo ${UNAME_MACHINE}|sed -e 's,[-/].*$,,'`-unknown-gnu`echo ${UNAME_RELEASE}|sed -e 's,/.*$,,'` - exit 0 ;; + exit ;; + *:GNU/*:*:*) + # other systems with GNU libc and userland + echo ${UNAME_MACHINE}-unknown-`echo ${UNAME_SYSTEM} | sed 's,^[^/]*/,,' | tr '[A-Z]' '[a-z]'``echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'`-gnu + exit ;; i*86:Minix:*:*) echo ${UNAME_MACHINE}-pc-minix - exit 0 ;; + exit ;; arm*:Linux:*:*) echo ${UNAME_MACHINE}-unknown-linux-gnu - exit 0 ;; + exit ;; + cris:Linux:*:*) + echo cris-axis-linux-gnu + exit ;; + crisv32:Linux:*:*) + echo crisv32-axis-linux-gnu + exit ;; + frv:Linux:*:*) + echo frv-unknown-linux-gnu + exit ;; ia64:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux - exit 0 ;; + echo ${UNAME_MACHINE}-unknown-linux-gnu + exit ;; + m32r*:Linux:*:*) + echo ${UNAME_MACHINE}-unknown-linux-gnu + exit ;; m68*:Linux:*:*) echo ${UNAME_MACHINE}-unknown-linux-gnu - exit 0 ;; + exit ;; mips:Linux:*:*) eval $set_cc_for_build sed 's/^ //' << EOF >$dummy.c #undef CPU #undef mips #undef mipsel - #if defined(__MIPSEL__) || defined(__MIPSEL) || defined(_MIPSEL) || defined(MIPSEL) - CPU=mipsel + #if defined(__MIPSEL__) || defined(__MIPSEL) || defined(_MIPSEL) || defined(MIPSEL) + CPU=mipsel #else - #if defined(__MIPSEB__) || defined(__MIPSEB) || defined(_MIPSEB) || defined(MIPSEB) + #if defined(__MIPSEB__) || defined(__MIPSEB) || defined(_MIPSEB) || defined(MIPSEB) CPU=mips #else CPU= #endif - #endif + #endif +EOF + eval `$CC_FOR_BUILD -E $dummy.c 2>/dev/null | grep ^CPU=` + test x"${CPU}" != x && { echo "${CPU}-unknown-linux-gnu"; exit; } + ;; + mips64:Linux:*:*) + eval $set_cc_for_build + sed 's/^ //' << EOF >$dummy.c + #undef CPU + #undef mips64 + #undef mips64el + #if defined(__MIPSEL__) || defined(__MIPSEL) || defined(_MIPSEL) || defined(MIPSEL) + CPU=mips64el + #else + #if defined(__MIPSEB__) || defined(__MIPSEB) || defined(_MIPSEB) || defined(MIPSEB) + CPU=mips64 + #else + CPU= + #endif + #endif EOF eval `$CC_FOR_BUILD -E $dummy.c 2>/dev/null | grep ^CPU=` - rm -f $dummy.c - test x"${CPU}" != x && echo "${CPU}-pc-linux-gnu" && exit 0 + test x"${CPU}" != x && { echo "${CPU}-unknown-linux-gnu"; exit; } ;; + or32:Linux:*:*) + echo or32-unknown-linux-gnu + exit ;; ppc:Linux:*:*) echo powerpc-unknown-linux-gnu - exit 0 ;; + exit ;; ppc64:Linux:*:*) echo powerpc64-unknown-linux-gnu - exit 0 ;; + exit ;; alpha:Linux:*:*) case `sed -n '/^cpu model/s/^.*: \(.*\)/\1/p' < /proc/cpuinfo` in EV5) UNAME_MACHINE=alphaev5 ;; @@ -809,7 +895,7 @@ objdump --private-headers /bin/sh | grep ld.so.1 >/dev/null if test "$?" = 0 ; then LIBC="libc1" ; else LIBC="" ; fi echo ${UNAME_MACHINE}-unknown-linux-gnu${LIBC} - exit 0 ;; + exit ;; parisc:Linux:*:* | hppa:Linux:*:*) # Look for CPU level case `grep '^cpu[^a-z]*:' /proc/cpuinfo 2>/dev/null | cut -d' ' -f2` in @@ -817,29 +903,31 @@ PA8*) echo hppa2.0-unknown-linux-gnu ;; *) echo hppa-unknown-linux-gnu ;; esac - exit 0 ;; + exit ;; parisc64:Linux:*:* | hppa64:Linux:*:*) echo hppa64-unknown-linux-gnu - exit 0 ;; + exit ;; s390:Linux:*:* | s390x:Linux:*:*) echo ${UNAME_MACHINE}-ibm-linux - exit 0 ;; + exit ;; + sh64*:Linux:*:*) + echo ${UNAME_MACHINE}-unknown-linux-gnu + exit ;; sh*:Linux:*:*) echo ${UNAME_MACHINE}-unknown-linux-gnu - exit 0 ;; + exit ;; sparc:Linux:*:* | sparc64:Linux:*:*) echo ${UNAME_MACHINE}-unknown-linux-gnu - exit 0 ;; + exit ;; x86_64:Linux:*:*) echo x86_64-unknown-linux-gnu - exit 0 ;; + exit ;; i*86:Linux:*:*) # The BFD linker knows what the default object file format is, so # first see if it will tell us. cd to the root directory to prevent # problems with other programs or directories called `ld' in the path. - # Export LANG=C to prevent ld from outputting information in other - # languages. - ld_supported_targets=`LANG=C; export LANG; cd /; ld --help 2>&1 \ + # Set LC_ALL=C to ensure ld outputs messages in English. + ld_supported_targets=`cd /; LC_ALL=C ld --help 2>&1 \ | sed -ne '/supported targets:/!d s/[ ][ ]*/ /g s/.*supported targets: *// @@ -851,15 +939,15 @@ ;; a.out-i386-linux) echo "${UNAME_MACHINE}-pc-linux-gnuaout" - exit 0 ;; + exit ;; coff-i386) echo "${UNAME_MACHINE}-pc-linux-gnucoff" - exit 0 ;; + exit ;; "") # Either a pre-BFD a.out linker (linux-gnuoldld) or # one that does not give us useful --help. echo "${UNAME_MACHINE}-pc-linux-gnuoldld" - exit 0 ;; + exit ;; esac # Determine whether the default compiler is a.out or elf eval $set_cc_for_build @@ -882,18 +970,23 @@ LIBC=gnuaout #endif #endif + #ifdef __dietlibc__ + LIBC=dietlibc + #endif EOF eval `$CC_FOR_BUILD -E $dummy.c 2>/dev/null | grep ^LIBC=` - rm -f $dummy.c - test x"${LIBC}" != x && echo "${UNAME_MACHINE}-pc-linux-${LIBC}" && exit 0 - test x"${TENTATIVE}" != x && echo "${TENTATIVE}" && exit 0 + test x"${LIBC}" != x && { + echo "${UNAME_MACHINE}-pc-linux-${LIBC}" + exit + } + test x"${TENTATIVE}" != x && { echo "${TENTATIVE}"; exit; } ;; i*86:DYNIX/ptx:4*:*) # ptx 4.0 does uname -s correctly, with DYNIX/ptx in there. # earlier versions are messed up and put the nodename in both # sysname and nodename. echo i386-sequent-sysv4 - exit 0 ;; + exit ;; i*86:UNIX_SV:4.2MP:2.*) # Unixware is an offshoot of SVR4, but it has its own version # number series starting with 2... @@ -901,7 +994,27 @@ # I just have to hope. -- rms. # Use sysv4.2uw... so that sysv4* matches it. echo ${UNAME_MACHINE}-pc-sysv4.2uw${UNAME_VERSION} - exit 0 ;; + exit ;; + i*86:OS/2:*:*) + # If we were able to find `uname', then EMX Unix compatibility + # is probably installed. + echo ${UNAME_MACHINE}-pc-os2-emx + exit ;; + i*86:XTS-300:*:STOP) + echo ${UNAME_MACHINE}-unknown-stop + exit ;; + i*86:atheos:*:*) + echo ${UNAME_MACHINE}-unknown-atheos + exit ;; + i*86:syllable:*:*) + echo ${UNAME_MACHINE}-pc-syllable + exit ;; + i*86:LynxOS:2.*:* | i*86:LynxOS:3.[01]*:* | i*86:LynxOS:4.0*:*) + echo i386-unknown-lynxos${UNAME_RELEASE} + exit ;; + i*86:*DOS:*:*) + echo ${UNAME_MACHINE}-pc-msdosdjgpp + exit ;; i*86:*:4.*:* | i*86:SYSTEM_V:4.*:*) UNAME_REL=`echo ${UNAME_RELEASE} | sed 's/\/MP$//'` if grep Novell /usr/include/link.h >/dev/null 2>/dev/null; then @@ -909,99 +1022,100 @@ else echo ${UNAME_MACHINE}-pc-sysv${UNAME_REL} fi - exit 0 ;; - i*86:*:5:[78]*) + exit ;; + i*86:*:5:[678]*) + # UnixWare 7.x, OpenUNIX and OpenServer 6. case `/bin/uname -X | grep "^Machine"` in *486*) UNAME_MACHINE=i486 ;; *Pentium) UNAME_MACHINE=i586 ;; *Pent*|*Celeron) UNAME_MACHINE=i686 ;; esac echo ${UNAME_MACHINE}-unknown-sysv${UNAME_RELEASE}${UNAME_SYSTEM}${UNAME_VERSION} - exit 0 ;; + exit ;; i*86:*:3.2:*) if test -f /usr/options/cb.name; then UNAME_REL=`sed -n 's/.*Version //p' /dev/null >/dev/null ; then - UNAME_REL=`(/bin/uname -X|egrep Release|sed -e 's/.*= //')` - (/bin/uname -X|egrep i80486 >/dev/null) && UNAME_MACHINE=i486 - (/bin/uname -X|egrep '^Machine.*Pentium' >/dev/null) \ + UNAME_REL=`(/bin/uname -X|grep Release|sed -e 's/.*= //')` + (/bin/uname -X|grep i80486 >/dev/null) && UNAME_MACHINE=i486 + (/bin/uname -X|grep '^Machine.*Pentium' >/dev/null) \ && UNAME_MACHINE=i586 - (/bin/uname -X|egrep '^Machine.*Pent ?II' >/dev/null) \ + (/bin/uname -X|grep '^Machine.*Pent *II' >/dev/null) \ && UNAME_MACHINE=i686 - (/bin/uname -X|egrep '^Machine.*Pentium Pro' >/dev/null) \ + (/bin/uname -X|grep '^Machine.*Pentium Pro' >/dev/null) \ && UNAME_MACHINE=i686 echo ${UNAME_MACHINE}-pc-sco$UNAME_REL else echo ${UNAME_MACHINE}-pc-sysv32 fi - exit 0 ;; - i*86:*DOS:*:*) - echo ${UNAME_MACHINE}-pc-msdosdjgpp - exit 0 ;; + exit ;; pc:*:*:*) # Left here for compatibility: # uname -m prints for DJGPP always 'pc', but it prints nothing about # the processor, so we play safe by assuming i386. echo i386-pc-msdosdjgpp - exit 0 ;; + exit ;; Intel:Mach:3*:*) echo i386-pc-mach3 - exit 0 ;; + exit ;; paragon:*:*:*) echo i860-intel-osf1 - exit 0 ;; + exit ;; i860:*:4.*:*) # i860-SVR4 if grep Stardent /usr/include/sys/uadmin.h >/dev/null 2>&1 ; then echo i860-stardent-sysv${UNAME_RELEASE} # Stardent Vistra i860-SVR4 else # Add other i860-SVR4 vendors below as they are discovered. echo i860-unknown-sysv${UNAME_RELEASE} # Unknown i860-SVR4 fi - exit 0 ;; + exit ;; mini*:CTIX:SYS*5:*) # "miniframe" echo m68010-convergent-sysv - exit 0 ;; - M68*:*:R3V[567]*:*) - test -r /sysV68 && echo 'm68k-motorola-sysv' && exit 0 ;; - 3[34]??:*:4.0:3.0 | 3[34]??A:*:4.0:3.0 | 3[34]??,*:*:4.0:3.0 | 3[34]??/*:*:4.0:3.0 | 4850:*:4.0:3.0 | SKA40:*:4.0:3.0) + exit ;; + mc68k:UNIX:SYSTEM5:3.51m) + echo m68k-convergent-sysv + exit ;; + M680?0:D-NIX:5.3:*) + echo m68k-diab-dnix + exit ;; + M68*:*:R3V[5678]*:*) + test -r /sysV68 && { echo 'm68k-motorola-sysv'; exit; } ;; + 3[345]??:*:4.0:3.0 | 3[34]??A:*:4.0:3.0 | 3[34]??,*:*:4.0:3.0 | 3[34]??/*:*:4.0:3.0 | 4400:*:4.0:3.0 | 4850:*:4.0:3.0 | SKA40:*:4.0:3.0 | SDS2:*:4.0:3.0 | SHG2:*:4.0:3.0 | S7501*:*:4.0:3.0) OS_REL='' test -r /etc/.relid \ && OS_REL=.`sed -n 's/[^ ]* [^ ]* \([0-9][0-9]\).*/\1/p' < /etc/.relid` /bin/uname -p 2>/dev/null | grep 86 >/dev/null \ - && echo i486-ncr-sysv4.3${OS_REL} && exit 0 + && { echo i486-ncr-sysv4.3${OS_REL}; exit; } /bin/uname -p 2>/dev/null | /bin/grep entium >/dev/null \ - && echo i586-ncr-sysv4.3${OS_REL} && exit 0 ;; + && { echo i586-ncr-sysv4.3${OS_REL}; exit; } ;; 3[34]??:*:4.0:* | 3[34]??,*:*:4.0:*) /bin/uname -p 2>/dev/null | grep 86 >/dev/null \ - && echo i486-ncr-sysv4 && exit 0 ;; + && { echo i486-ncr-sysv4; exit; } ;; m68*:LynxOS:2.*:* | m68*:LynxOS:3.0*:*) echo m68k-unknown-lynxos${UNAME_RELEASE} - exit 0 ;; + exit ;; mc68030:UNIX_System_V:4.*:*) echo m68k-atari-sysv4 - exit 0 ;; - i*86:LynxOS:2.*:* | i*86:LynxOS:3.[01]*:* | i*86:LynxOS:4.0*:*) - echo i386-unknown-lynxos${UNAME_RELEASE} - exit 0 ;; + exit ;; TSUNAMI:LynxOS:2.*:*) echo sparc-unknown-lynxos${UNAME_RELEASE} - exit 0 ;; + exit ;; rs6000:LynxOS:2.*:*) echo rs6000-unknown-lynxos${UNAME_RELEASE} - exit 0 ;; + exit ;; PowerPC:LynxOS:2.*:* | PowerPC:LynxOS:3.[01]*:* | PowerPC:LynxOS:4.0*:*) echo powerpc-unknown-lynxos${UNAME_RELEASE} - exit 0 ;; + exit ;; SM[BE]S:UNIX_SV:*:*) echo mips-dde-sysv${UNAME_RELEASE} - exit 0 ;; + exit ;; RM*:ReliantUNIX-*:*:*) echo mips-sni-sysv4 - exit 0 ;; + exit ;; RM*:SINIX-*:*:*) echo mips-sni-sysv4 - exit 0 ;; + exit ;; *:SINIX-*:*:*) if uname -p 2>/dev/null >/dev/null ; then UNAME_MACHINE=`(uname -p) 2>/dev/null` @@ -1009,82 +1123,99 @@ else echo ns32k-sni-sysv fi - exit 0 ;; + exit ;; PENTIUM:*:4.0*:*) # Unisys `ClearPath HMP IX 4000' SVR4/MP effort # says echo i586-unisys-sysv4 - exit 0 ;; + exit ;; *:UNIX_System_V:4*:FTX*) # From Gerald Hewes . # How about differentiating between stratus architectures? -djm echo hppa1.1-stratus-sysv4 - exit 0 ;; + exit ;; *:*:*:FTX*) # From seanf@swdc.stratus.com. echo i860-stratus-sysv4 - exit 0 ;; + exit ;; + i*86:VOS:*:*) + # From Paul.Green@stratus.com. + echo ${UNAME_MACHINE}-stratus-vos + exit ;; *:VOS:*:*) # From Paul.Green@stratus.com. echo hppa1.1-stratus-vos - exit 0 ;; + exit ;; mc68*:A/UX:*:*) echo m68k-apple-aux${UNAME_RELEASE} - exit 0 ;; + exit ;; news*:NEWS-OS:6*:*) echo mips-sony-newsos6 - exit 0 ;; + exit ;; R[34]000:*System_V*:*:* | R4000:UNIX_SYSV:*:* | R*000:UNIX_SV:*:*) if [ -d /usr/nec ]; then echo mips-nec-sysv${UNAME_RELEASE} else echo mips-unknown-sysv${UNAME_RELEASE} fi - exit 0 ;; + exit ;; BeBox:BeOS:*:*) # BeOS running on hardware made by Be, PPC only. echo powerpc-be-beos - exit 0 ;; + exit ;; BeMac:BeOS:*:*) # BeOS running on Mac or Mac clone, PPC only. echo powerpc-apple-beos - exit 0 ;; + exit ;; BePC:BeOS:*:*) # BeOS running on Intel PC compatible. echo i586-pc-beos - exit 0 ;; + exit ;; SX-4:SUPER-UX:*:*) echo sx4-nec-superux${UNAME_RELEASE} - exit 0 ;; + exit ;; SX-5:SUPER-UX:*:*) echo sx5-nec-superux${UNAME_RELEASE} - exit 0 ;; + exit ;; + SX-6:SUPER-UX:*:*) + echo sx6-nec-superux${UNAME_RELEASE} + exit ;; Power*:Rhapsody:*:*) echo powerpc-apple-rhapsody${UNAME_RELEASE} - exit 0 ;; + exit ;; *:Rhapsody:*:*) echo ${UNAME_MACHINE}-apple-rhapsody${UNAME_RELEASE} - exit 0 ;; + exit ;; *:Darwin:*:*) - echo `uname -p`-apple-darwin${UNAME_RELEASE} - exit 0 ;; + UNAME_PROCESSOR=`uname -p` || UNAME_PROCESSOR=unknown + case $UNAME_PROCESSOR in + *86) UNAME_PROCESSOR=i686 ;; + unknown) UNAME_PROCESSOR=powerpc ;; + esac + echo ${UNAME_PROCESSOR}-apple-darwin${UNAME_RELEASE} + exit ;; *:procnto*:*:* | *:QNX:[0123456789]*:*) - if test "${UNAME_MACHINE}" = "x86pc"; then + UNAME_PROCESSOR=`uname -p` + if test "$UNAME_PROCESSOR" = "x86"; then + UNAME_PROCESSOR=i386 UNAME_MACHINE=pc fi - echo `uname -p`-${UNAME_MACHINE}-nto-qnx - exit 0 ;; + echo ${UNAME_PROCESSOR}-${UNAME_MACHINE}-nto-qnx${UNAME_RELEASE} + exit ;; *:QNX:*:4*) echo i386-pc-qnx - exit 0 ;; - NSR-[GKLNPTVW]:NONSTOP_KERNEL:*:*) + exit ;; + NSE-?:NONSTOP_KERNEL:*:*) + echo nse-tandem-nsk${UNAME_RELEASE} + exit ;; + NSR-?:NONSTOP_KERNEL:*:*) echo nsr-tandem-nsk${UNAME_RELEASE} - exit 0 ;; + exit ;; *:NonStop-UX:*:*) echo mips-compaq-nonstopux - exit 0 ;; + exit ;; BS2000:POSIX*:*:*) echo bs2000-siemens-sysv - exit 0 ;; + exit ;; DS/*:UNIX_System_V:*:*) echo ${UNAME_MACHINE}-${UNAME_SYSTEM}-${UNAME_RELEASE} - exit 0 ;; + exit ;; *:Plan9:*:*) # "uname -m" is not consistent, so use $cputype instead. 386 # is converted to i386 for consistency with other x86 @@ -1095,36 +1226,44 @@ UNAME_MACHINE="$cputype" fi echo ${UNAME_MACHINE}-unknown-plan9 - exit 0 ;; - i*86:OS/2:*:*) - # If we were able to find `uname', then EMX Unix compatibility - # is probably installed. - echo ${UNAME_MACHINE}-pc-os2-emx - exit 0 ;; + exit ;; *:TOPS-10:*:*) echo pdp10-unknown-tops10 - exit 0 ;; + exit ;; *:TENEX:*:*) echo pdp10-unknown-tenex - exit 0 ;; + exit ;; KS10:TOPS-20:*:* | KL10:TOPS-20:*:* | TYPE4:TOPS-20:*:*) echo pdp10-dec-tops20 - exit 0 ;; + exit ;; XKL-1:TOPS-20:*:* | TYPE5:TOPS-20:*:*) echo pdp10-xkl-tops20 - exit 0 ;; + exit ;; *:TOPS-20:*:*) echo pdp10-unknown-tops20 - exit 0 ;; + exit ;; *:ITS:*:*) echo pdp10-unknown-its - exit 0 ;; - i*86:XTS-300:*:STOP) - echo ${UNAME_MACHINE}-unknown-stop - exit 0 ;; - i*86:atheos:*:*) - echo ${UNAME_MACHINE}-unknown-atheos - exit 0 ;; + exit ;; + SEI:*:*:SEIUX) + echo mips-sei-seiux${UNAME_RELEASE} + exit ;; + *:DragonFly:*:*) + echo ${UNAME_MACHINE}-unknown-dragonfly`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` + exit ;; + *:*VMS:*:*) + UNAME_MACHINE=`(uname -p) 2>/dev/null` + case "${UNAME_MACHINE}" in + A*) echo alpha-dec-vms ; exit ;; + I*) echo ia64-dec-vms ; exit ;; + V*) echo vax-dec-vms ; exit ;; + esac ;; + *:XENIX:*:SysV) + echo i386-pc-xenix + exit ;; + i*86:skyos:*:*) + echo ${UNAME_MACHINE}-pc-skyos`echo ${UNAME_RELEASE}` | sed -e 's/ .*$//' + exit ;; esac #echo '(No uname command or uname output not recognized.)' 1>&2 @@ -1156,7 +1295,7 @@ #endif #if defined (__arm) && defined (__acorn) && defined (__unix) - printf ("arm-acorn-riscix"); exit (0); + printf ("arm-acorn-riscix\n"); exit (0); #endif #if defined (hp300) && !defined (hpux) @@ -1245,12 +1384,12 @@ } EOF -$CC_FOR_BUILD $dummy.c -o $dummy 2>/dev/null && ./$dummy && rm -f $dummy.c $dummy && exit 0 -rm -f $dummy.c $dummy +$CC_FOR_BUILD -o $dummy $dummy.c 2>/dev/null && SYSTEM_NAME=`$dummy` && + { echo "$SYSTEM_NAME"; exit; } # Apollos put the system type in the environment. -test -d /usr/apollo && { echo ${ISP}-apollo-${SYSTYPE}; exit 0; } +test -d /usr/apollo && { echo ${ISP}-apollo-${SYSTYPE}; exit; } # Convex versions that predate uname can use getsysinfo(1) @@ -1259,22 +1398,22 @@ case `getsysinfo -f cpu_type` in c1*) echo c1-convex-bsd - exit 0 ;; + exit ;; c2*) if getsysinfo -f scalar_acc then echo c32-convex-bsd else echo c2-convex-bsd fi - exit 0 ;; + exit ;; c34*) echo c34-convex-bsd - exit 0 ;; + exit ;; c38*) echo c38-convex-bsd - exit 0 ;; + exit ;; c4*) echo c4-convex-bsd - exit 0 ;; + exit ;; esac fi @@ -1285,7 +1424,9 @@ the operating system you are using. It is advised that you download the most up to date version of the config scripts from - ftp://ftp.gnu.org/pub/gnu/config/ + http://savannah.gnu.org/cgi-bin/viewcvs/*checkout*/config/config/config.guess +and + http://savannah.gnu.org/cgi-bin/viewcvs/*checkout*/config/config/config.sub If the version you run ($0) is already up to date, please send the following data and any information you think might be --- snort-2.3.3.orig/configure +++ snort-2.3.3/configure @@ -1,19 +1,10 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.53. +# Generated by GNU Autoconf 2.59. # -# Copyright 1992, 1993, 1994, 1995, 1996, 1998, 1999, 2000, 2001, 2002 -# Free Software Foundation, Inc. +# Copyright (C) 2003 Free Software Foundation, Inc. # This configure script is free software; the Free Software Foundation # gives unlimited permission to copy, distribute and modify it. - -if expr a : '\(a\)' >/dev/null 2>&1; then - as_expr=expr -else - as_expr=false -fi - - ## --------------------- ## ## M4sh Initialization. ## ## --------------------- ## @@ -22,46 +13,57 @@ if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then emulate sh NULLCMD=: + # Zsh 3.x and 4.x performs word splitting on ${1+"$@"}, which + # is contrary to our usage. Disable this feature. + alias -g '${1+"$@"}'='"$@"' elif test -n "${BASH_VERSION+set}" && (set -o posix) >/dev/null 2>&1; then set -o posix fi +DUALCASE=1; export DUALCASE # for MKS sh -# NLS nuisances. # Support unset when possible. -if (FOO=FOO; unset FOO) >/dev/null 2>&1; then +if ( (MAIL=60; unset MAIL) || exit) >/dev/null 2>&1; then as_unset=unset else as_unset=false fi -(set +x; test -n "`(LANG=C; export LANG) 2>&1`") && - { $as_unset LANG || test "${LANG+set}" != set; } || - { LANG=C; export LANG; } -(set +x; test -n "`(LC_ALL=C; export LC_ALL) 2>&1`") && - { $as_unset LC_ALL || test "${LC_ALL+set}" != set; } || - { LC_ALL=C; export LC_ALL; } -(set +x; test -n "`(LC_TIME=C; export LC_TIME) 2>&1`") && - { $as_unset LC_TIME || test "${LC_TIME+set}" != set; } || - { LC_TIME=C; export LC_TIME; } -(set +x; test -n "`(LC_CTYPE=C; export LC_CTYPE) 2>&1`") && - { $as_unset LC_CTYPE || test "${LC_CTYPE+set}" != set; } || - { LC_CTYPE=C; export LC_CTYPE; } -(set +x; test -n "`(LANGUAGE=C; export LANGUAGE) 2>&1`") && - { $as_unset LANGUAGE || test "${LANGUAGE+set}" != set; } || - { LANGUAGE=C; export LANGUAGE; } -(set +x; test -n "`(LC_COLLATE=C; export LC_COLLATE) 2>&1`") && - { $as_unset LC_COLLATE || test "${LC_COLLATE+set}" != set; } || - { LC_COLLATE=C; export LC_COLLATE; } -(set +x; test -n "`(LC_NUMERIC=C; export LC_NUMERIC) 2>&1`") && - { $as_unset LC_NUMERIC || test "${LC_NUMERIC+set}" != set; } || - { LC_NUMERIC=C; export LC_NUMERIC; } -(set +x; test -n "`(LC_MESSAGES=C; export LC_MESSAGES) 2>&1`") && - { $as_unset LC_MESSAGES || test "${LC_MESSAGES+set}" != set; } || - { LC_MESSAGES=C; export LC_MESSAGES; } + +# Work around bugs in pre-3.0 UWIN ksh. +$as_unset ENV MAIL MAILPATH +PS1='$ ' +PS2='> ' +PS4='+ ' + +# NLS nuisances. +for as_var in \ + LANG LANGUAGE LC_ADDRESS LC_ALL LC_COLLATE LC_CTYPE LC_IDENTIFICATION \ + LC_MEASUREMENT LC_MESSAGES LC_MONETARY LC_NAME LC_NUMERIC LC_PAPER \ + LC_TELEPHONE LC_TIME +do + if (set +x; test -z "`(eval $as_var=C; export $as_var) 2>&1`"); then + eval $as_var=C; export $as_var + else + $as_unset $as_var + fi +done + +# Required to use basename. +if expr a : '\(a\)' >/dev/null 2>&1; then + as_expr=expr +else + as_expr=false +fi + +if (basename /) >/dev/null 2>&1 && test "X`basename / 2>&1`" = "X/"; then + as_basename=basename +else + as_basename=false +fi # Name of the executable. -as_me=`(basename "$0") 2>/dev/null || +as_me=`$as_basename "$0" || $as_expr X/"$0" : '.*/\([^/][^/]*\)/*$' \| \ X"$0" : 'X\(//\)$' \| \ X"$0" : 'X\(/\)$' \| \ @@ -72,6 +74,7 @@ /^X\/\(\/\).*/{ s//\1/; q; } s/.*/./; q'` + # PATH needs CR, and LINENO needs CR and PATH. # Avoid depending upon Character Ranges. as_cr_letters='abcdefghijklmnopqrstuvwxyz' @@ -82,15 +85,15 @@ # The user is always right. if test "${PATH_SEPARATOR+set}" != set; then - echo "#! /bin/sh" >conftest.sh - echo "exit 0" >>conftest.sh - chmod +x conftest.sh - if (PATH=".;."; conftest.sh) >/dev/null 2>&1; then + echo "#! /bin/sh" >conf$$.sh + echo "exit 0" >>conf$$.sh + chmod +x conf$$.sh + if (PATH="/nonexistent;."; conf$$.sh) >/dev/null 2>&1; then PATH_SEPARATOR=';' else PATH_SEPARATOR=: fi - rm -f conftest.sh + rm -f conf$$.sh fi @@ -138,6 +141,8 @@ as_lineno_3=`(expr $as_lineno_1 + 1) 2>/dev/null` test "x$as_lineno_1" != "x$as_lineno_2" && test "x$as_lineno_3" = "x$as_lineno_2" ') 2>/dev/null; then + $as_unset BASH_ENV || test "${BASH_ENV+set}" != set || { BASH_ENV=; export BASH_ENV; } + $as_unset ENV || test "${ENV+set}" != set || { ENV=; export ENV; } CONFIG_SHELL=$as_dir/$as_base export CONFIG_SHELL exec "$CONFIG_SHELL" "$0" ${1+"$@"} @@ -210,13 +215,20 @@ fi rm -f conf$$ conf$$.exe conf$$.file +if mkdir -p . 2>/dev/null; then + as_mkdir_p=: +else + test -d ./-p && rmdir ./-p + as_mkdir_p=false +fi + as_executable_p="test -f" # Sed expression to map a string onto a valid CPP name. -as_tr_cpp="sed y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g" +as_tr_cpp="eval sed 'y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g'" # Sed expression to map a string onto a valid variable name. -as_tr_sh="sed y%*+%pp%;s%[^_$as_cr_alnum]%_%g" +as_tr_sh="eval sed 'y%*+%pp%;s%[^_$as_cr_alnum]%_%g'" # IFS @@ -226,7 +238,7 @@ IFS=" $as_nl" # CDPATH. -$as_unset CDPATH || test "${CDPATH+set}" != set || { CDPATH=$PATH_SEPARATOR; export CDPATH; } +$as_unset CDPATH # Name of the host. @@ -240,6 +252,7 @@ # Initializations. # ac_default_prefix=/usr/local +ac_config_libobj_dir=. cross_compiling=no subdirs= MFLAGS= @@ -296,6 +309,8 @@ # include #endif" +ac_subst_vars='SHELL PATH_SEPARATOR PACKAGE_NAME PACKAGE_TARNAME PACKAGE_VERSION PACKAGE_STRING PACKAGE_BUGREPORT exec_prefix prefix program_transform_name bindir sbindir libexecdir datadir sysconfdir sharedstatedir localstatedir libdir includedir oldincludedir infodir mandir build_alias host_alias target_alias DEFS ECHO_C ECHO_N ECHO_T LIBS MAINTAINER_MODE_TRUE MAINTAINER_MODE_FALSE MAINT INSTALL_PROGRAM INSTALL_SCRIPT INSTALL_DATA CYGPATH_W PACKAGE VERSION ACLOCAL AUTOCONF AUTOMAKE AUTOHEADER MAKEINFO install_sh STRIP ac_ct_STRIP INSTALL_STRIP_PROGRAM mkdir_p AWK SET_MAKE am__leading_dot AMTAR am__tar am__untar CC CFLAGS LDFLAGS CPPFLAGS ac_ct_CC EXEEXT OBJEXT DEPDIR am__include am__quote AMDEP_TRUE AMDEP_FALSE AMDEPBACKSLASH CCDEPMODE am__fastdepCC_TRUE am__fastdepCC_FALSE RANLIB ac_ct_RANLIB build build_cpu build_vendor build_os host host_cpu host_vendor host_os extra_incl CPP EGREP INCLUDES LIBOBJS LTLIBOBJS' +ac_subst_files='' # Initialize some variables set by options. ac_init_help= @@ -653,7 +668,7 @@ # Be sure to have absolute paths. for ac_var in bindir sbindir libexecdir datadir sysconfdir sharedstatedir \ - localstatedir libdir includedir oldincludedir infodir mandir + localstatedir libdir includedir oldincludedir infodir mandir do eval ac_val=$`echo $ac_var` case $ac_val in @@ -693,10 +708,10 @@ # Try the directory containing this script, then its parent. ac_confdir=`(dirname "$0") 2>/dev/null || $as_expr X"$0" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ - X"$0" : 'X\(//\)[^/]' \| \ - X"$0" : 'X\(//\)$' \| \ - X"$0" : 'X\(/\)' \| \ - . : '\(.\)' 2>/dev/null || + X"$0" : 'X\(//\)[^/]' \| \ + X"$0" : 'X\(//\)$' \| \ + X"$0" : 'X\(/\)' \| \ + . : '\(.\)' 2>/dev/null || echo X"$0" | sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/; q; } /^X\(\/\/\)[^/].*/{ s//\1/; q; } @@ -719,6 +734,9 @@ { (exit 1); exit 1; }; } fi fi +(cd $srcdir && test -r ./$ac_unique_file) 2>/dev/null || + { echo "$as_me: error: sources are in $srcdir, but \`cd $srcdir' does not work" >&2 + { (exit 1); exit 1; }; } srcdir=`echo "$srcdir" | sed 's%\([^\\/]\)[\\/]*$%\1%'` ac_env_build_alias_set=${build_alias+set} ac_env_build_alias_value=$build_alias @@ -785,9 +803,9 @@ cat <<_ACEOF Installation directories: --prefix=PREFIX install architecture-independent files in PREFIX - [$ac_default_prefix] + [$ac_default_prefix] --exec-prefix=EPREFIX install architecture-dependent files in EPREFIX - [PREFIX] + [PREFIX] By default, \`make install' will install all the files in \`$ac_default_prefix/bin', \`$ac_default_prefix/lib' etc. You can specify @@ -831,9 +849,11 @@ Optional Features: --disable-FEATURE do not include FEATURE (same as --enable-FEATURE=no) --enable-FEATURE[=ARG] include FEATURE [ARG=yes] + --enable-maintainer-mode enable make rules and dependencies not useful + (and sometimes confusing) to the casual installer --enable-64bit-gcc Try to compile 64bit (only tested on Sparc Solaris 9). - --disable-dependency-tracking Speeds up one-time builds - --enable-dependency-tracking Do not reject slow dependency extractors + --disable-dependency-tracking speeds up one-time build + --enable-dependency-tracking do not reject slow dependency extractors --enable-debug enable debugging options (bugreports and developers only) --enable-profile enable profiling options (developers only) --enable-sourcefire Enable Sourcefire specific build options @@ -855,6 +875,7 @@ --with-mysql=DIR support for mysql --with-odbc=DIR support for odbc --with-postgresql=DIR support for postgresql + --with-pgsql-includes=DIR postgresql include directory --with-oracle=DIR support for oracle --with-libipq-includes=DIR libipq include directory --with-libipq-libraries=DIR libipq library directory @@ -904,12 +925,45 @@ ac_srcdir=$ac_top_builddir$srcdir$ac_dir_suffix ac_top_srcdir=$ac_top_builddir$srcdir ;; esac -# Don't blindly perform a `cd "$ac_dir"/$ac_foo && pwd` since $ac_foo can be -# absolute. -ac_abs_builddir=`cd "$ac_dir" && cd $ac_builddir && pwd` -ac_abs_top_builddir=`cd "$ac_dir" && cd $ac_top_builddir && pwd` -ac_abs_srcdir=`cd "$ac_dir" && cd $ac_srcdir && pwd` -ac_abs_top_srcdir=`cd "$ac_dir" && cd $ac_top_srcdir && pwd` + +# Do not use `cd foo && pwd` to compute absolute paths, because +# the directories may not exist. +case `pwd` in +.) ac_abs_builddir="$ac_dir";; +*) + case "$ac_dir" in + .) ac_abs_builddir=`pwd`;; + [\\/]* | ?:[\\/]* ) ac_abs_builddir="$ac_dir";; + *) ac_abs_builddir=`pwd`/"$ac_dir";; + esac;; +esac +case $ac_abs_builddir in +.) ac_abs_top_builddir=${ac_top_builddir}.;; +*) + case ${ac_top_builddir}. in + .) ac_abs_top_builddir=$ac_abs_builddir;; + [\\/]* | ?:[\\/]* ) ac_abs_top_builddir=${ac_top_builddir}.;; + *) ac_abs_top_builddir=$ac_abs_builddir/${ac_top_builddir}.;; + esac;; +esac +case $ac_abs_builddir in +.) ac_abs_srcdir=$ac_srcdir;; +*) + case $ac_srcdir in + .) ac_abs_srcdir=$ac_abs_builddir;; + [\\/]* | ?:[\\/]* ) ac_abs_srcdir=$ac_srcdir;; + *) ac_abs_srcdir=$ac_abs_builddir/$ac_srcdir;; + esac;; +esac +case $ac_abs_builddir in +.) ac_abs_top_srcdir=$ac_top_srcdir;; +*) + case $ac_top_srcdir in + .) ac_abs_top_srcdir=$ac_abs_builddir;; + [\\/]* | ?:[\\/]* ) ac_abs_top_srcdir=$ac_top_srcdir;; + *) ac_abs_top_srcdir=$ac_abs_builddir/$ac_top_srcdir;; + esac;; +esac cd $ac_dir # Check for guested configure; otherwise get Cygnus style configure. @@ -920,13 +974,13 @@ echo $SHELL $ac_srcdir/configure --help=recursive elif test -f $ac_srcdir/configure.ac || - test -f $ac_srcdir/configure.in; then + test -f $ac_srcdir/configure.in; then echo $ac_configure --help else echo "$as_me: WARNING: no configuration information is in $ac_dir" >&2 fi - cd $ac_popdir + cd "$ac_popdir" done fi @@ -934,8 +988,7 @@ if $ac_init_version; then cat <<\_ACEOF -Copyright 1992, 1993, 1994, 1995, 1996, 1998, 1999, 2000, 2001, 2002 -Free Software Foundation, Inc. +Copyright (C) 2003 Free Software Foundation, Inc. This configure script is free software; the Free Software Foundation gives unlimited permission to copy, distribute and modify it. _ACEOF @@ -947,7 +1000,7 @@ running configure, to aid debugging if configure makes a mistake. It was created by $as_me, which was -generated by GNU Autoconf 2.53. Invocation command line was +generated by GNU Autoconf 2.59. Invocation command line was $ $0 $@ @@ -999,27 +1052,54 @@ # Keep a trace of the command line. # Strip out --no-create and --no-recursion so they do not pile up. +# Strip out --silent because we don't want to record it for future runs. # Also quote any args containing shell meta-characters. +# Make two passes to allow for proper duplicate-argument suppression. ac_configure_args= +ac_configure_args0= +ac_configure_args1= ac_sep= -for ac_arg +ac_must_keep_next=false +for ac_pass in 1 2 do - case $ac_arg in - -no-create | --no-create | --no-creat | --no-crea | --no-cre \ - | --no-cr | --no-c | -n ) continue ;; - -no-recursion | --no-recursion | --no-recursio | --no-recursi \ - | --no-recurs | --no-recur | --no-recu | --no-rec | --no-re | --no-r) - continue ;; - *" "*|*" "*|*[\[\]\~\#\$\^\&\*\(\)\{\}\\\|\;\<\>\?\"\']*) - ac_arg=`echo "$ac_arg" | sed "s/'/'\\\\\\\\''/g"` ;; - esac - case " $ac_configure_args " in - *" '$ac_arg' "*) ;; # Avoid dups. Use of quotes ensures accuracy. - *) ac_configure_args="$ac_configure_args$ac_sep'$ac_arg'" - ac_sep=" " ;; - esac - # Get rid of the leading space. + for ac_arg + do + case $ac_arg in + -no-create | --no-c* | -n | -no-recursion | --no-r*) continue ;; + -q | -quiet | --quiet | --quie | --qui | --qu | --q \ + | -silent | --silent | --silen | --sile | --sil) + continue ;; + *" "*|*" "*|*[\[\]\~\#\$\^\&\*\(\)\{\}\\\|\;\<\>\?\"\']*) + ac_arg=`echo "$ac_arg" | sed "s/'/'\\\\\\\\''/g"` ;; + esac + case $ac_pass in + 1) ac_configure_args0="$ac_configure_args0 '$ac_arg'" ;; + 2) + ac_configure_args1="$ac_configure_args1 '$ac_arg'" + if test $ac_must_keep_next = true; then + ac_must_keep_next=false # Got value, back to normal. + else + case $ac_arg in + *=* | --config-cache | -C | -disable-* | --disable-* \ + | -enable-* | --enable-* | -gas | --g* | -nfp | --nf* \ + | -q | -quiet | --q* | -silent | --sil* | -v | -verb* \ + | -with-* | --with-* | -without-* | --without-* | --x) + case "$ac_configure_args0 " in + "$ac_configure_args1"*" '$ac_arg' "* ) continue ;; + esac + ;; + -* ) ac_must_keep_next=true ;; + esac + fi + ac_configure_args="$ac_configure_args$ac_sep'$ac_arg'" + # Get rid of the leading space. + ac_sep=" " + ;; + esac + done done +$as_unset ac_configure_args0 || test "${ac_configure_args0+set}" != set || { ac_configure_args0=; export ac_configure_args0; } +$as_unset ac_configure_args1 || test "${ac_configure_args1+set}" != set || { ac_configure_args1=; export ac_configure_args1; } # When interrupted or exit'd, cleanup temporary files, and complete # config.log. We remove comments because anyway the quotes in there @@ -1030,6 +1110,7 @@ # Save into config.log some information that might help in debugging. { echo + cat <<\_ASBOX ## ---------------- ## ## Cache variables. ## @@ -1042,16 +1123,45 @@ case `(ac_space='"'"' '"'"'; set | grep ac_space) 2>&1` in *ac_space=\ *) sed -n \ - "s/'"'"'/'"'"'\\\\'"'"''"'"'/g; - s/^\\([_$as_cr_alnum]*_cv_[_$as_cr_alnum]*\\)=\\(.*\\)/\\1='"'"'\\2'"'"'/p" + "s/'"'"'/'"'"'\\\\'"'"''"'"'/g; + s/^\\([_$as_cr_alnum]*_cv_[_$as_cr_alnum]*\\)=\\(.*\\)/\\1='"'"'\\2'"'"'/p" ;; *) sed -n \ - "s/^\\([_$as_cr_alnum]*_cv_[_$as_cr_alnum]*\\)=\\(.*\\)/\\1=\\2/p" + "s/^\\([_$as_cr_alnum]*_cv_[_$as_cr_alnum]*\\)=\\(.*\\)/\\1=\\2/p" ;; esac; } echo + + cat <<\_ASBOX +## ----------------- ## +## Output variables. ## +## ----------------- ## +_ASBOX + echo + for ac_var in $ac_subst_vars + do + eval ac_val=$`echo $ac_var` + echo "$ac_var='"'"'$ac_val'"'"'" + done | sort + echo + + if test -n "$ac_subst_files"; then + cat <<\_ASBOX +## ------------- ## +## Output files. ## +## ------------- ## +_ASBOX + echo + for ac_var in $ac_subst_files + do + eval ac_val=$`echo $ac_var` + echo "$ac_var='"'"'$ac_val'"'"'" + done | sort + echo + fi + if test -s confdefs.h; then cat <<\_ASBOX ## ----------- ## @@ -1059,14 +1169,14 @@ ## ----------- ## _ASBOX echo - sed "/^$/d" confdefs.h + sed "/^$/d" confdefs.h | sort echo fi test "$ac_signal" != 0 && echo "$as_me: caught signal $ac_signal" echo "$as_me: exit $exit_status" } >&5 - rm -f core core.* *.core && + rm -f core *.core && rm -rf conftest* confdefs* conf$$* $ac_clean_files && exit $exit_status ' 0 @@ -1146,7 +1256,7 @@ # value. ac_cache_corrupted=false for ac_var in `(set) 2>&1 | - sed -n 's/^ac_env_\([a-zA-Z_0-9]*\)_set=.*/\1/p'`; do + sed -n 's/^ac_env_\([a-zA-Z_0-9]*\)_set=.*/\1/p'`; do eval ac_old_set=\$ac_cv_env_${ac_var}_set eval ac_new_set=\$ac_env_${ac_var}_set eval ac_old_val="\$ac_cv_env_${ac_var}_value" @@ -1163,13 +1273,13 @@ ,);; *) if test "x$ac_old_val" != "x$ac_new_val"; then - { echo "$as_me:$LINENO: error: \`$ac_var' has changed since the previous run:" >&5 + { echo "$as_me:$LINENO: error: \`$ac_var' has changed since the previous run:" >&5 echo "$as_me: error: \`$ac_var' has changed since the previous run:" >&2;} - { echo "$as_me:$LINENO: former value: $ac_old_val" >&5 + { echo "$as_me:$LINENO: former value: $ac_old_val" >&5 echo "$as_me: former value: $ac_old_val" >&2;} - { echo "$as_me:$LINENO: current value: $ac_new_val" >&5 + { echo "$as_me:$LINENO: current value: $ac_new_val" >&5 echo "$as_me: current value: $ac_new_val" >&2;} - ac_cache_corrupted=: + ac_cache_corrupted=: fi;; esac # Pass precious variables to config.status. @@ -1216,15 +1326,39 @@ -# Add the stamp file to the list of files AC keeps track of, -# along with our hook. -ac_config_headers="$ac_config_headers config.h" + + ac_config_headers="$ac_config_headers config.h" + + +# Added to change the output of aclocal and automake. +echo "$as_me:$LINENO: checking whether to enable maintainer-specific portions of Makefiles" >&5 +echo $ECHO_N "checking whether to enable maintainer-specific portions of Makefiles... $ECHO_C" >&6 + # Check whether --enable-maintainer-mode or --disable-maintainer-mode was given. +if test "${enable_maintainer_mode+set}" = set; then + enableval="$enable_maintainer_mode" + USE_MAINTAINER_MODE=$enableval +else + USE_MAINTAINER_MODE=no +fi; + echo "$as_me:$LINENO: result: $USE_MAINTAINER_MODE" >&5 +echo "${ECHO_T}$USE_MAINTAINER_MODE" >&6 + + +if test $USE_MAINTAINER_MODE = yes; then + MAINTAINER_MODE_TRUE= + MAINTAINER_MODE_FALSE='#' +else + MAINTAINER_MODE_TRUE='#' + MAINTAINER_MODE_FALSE= +fi + + MAINT=$MAINTAINER_MODE_TRUE # When changing the snort version, please also update the VERSION # definition in "src/win32/WIN32-Includes/config.h" -am__api_version="1.6" +am__api_version="1.9" ac_aux_dir= for ac_dir in $srcdir $srcdir/.. $srcdir/../..; do if test -f $ac_dir/install-sh; then @@ -1261,6 +1395,7 @@ # AIX 4 /usr/bin/installbsd, which doesn't work without a -g flag # AFS /usr/afsws/bin/install, which mishandles nonexistent args # SVR4 /usr/ucb/install, which tries to use the nonexistent group "staff" +# OS/2's system install, which has a completely different semantic # ./install, which can be erroneously created by make from ./install.sh. echo "$as_me:$LINENO: checking for a BSD-compatible install" >&5 echo $ECHO_N "checking for a BSD-compatible install... $ECHO_C" >&6 @@ -1277,6 +1412,7 @@ case $as_dir/ in ./ | .// | /cC/* | \ /etc/* | /usr/sbin/* | /usr/etc/* | /sbin/* | /usr/afsws/bin/* | \ + ?:\\/os2\\/install\\/* | ?:\\/OS2\\/INSTALL\\/* | \ /usr/ucb/* ) ;; *) # OSF1 and SCO ODT 3.0 have their own names for install. @@ -1284,20 +1420,20 @@ # by default. for ac_prog in ginstall scoinst install; do for ac_exec_ext in '' $ac_executable_extensions; do - if $as_executable_p "$as_dir/$ac_prog$ac_exec_ext"; then - if test $ac_prog = install && - grep dspmsg "$as_dir/$ac_prog$ac_exec_ext" >/dev/null 2>&1; then - # AIX install. It has an incompatible calling convention. - : - elif test $ac_prog = install && - grep pwplus "$as_dir/$ac_prog$ac_exec_ext" >/dev/null 2>&1; then - # program-specific install script used by HP pwplus--don't use. - : - else - ac_cv_path_install="$as_dir/$ac_prog$ac_exec_ext -c" - break 3 - fi - fi + if $as_executable_p "$as_dir/$ac_prog$ac_exec_ext"; then + if test $ac_prog = install && + grep dspmsg "$as_dir/$ac_prog$ac_exec_ext" >/dev/null 2>&1; then + # AIX install. It has an incompatible calling convention. + : + elif test $ac_prog = install && + grep pwplus "$as_dir/$ac_prog$ac_exec_ext" >/dev/null 2>&1; then + # program-specific install script used by HP pwplus--don't use. + : + else + ac_cv_path_install="$as_dir/$ac_prog$ac_exec_ext -c" + break 3 + fi + fi done done ;; @@ -1385,7 +1521,6 @@ program_transform_name=`echo $program_transform_name | sed -f conftest.sed` rm conftest.sed - # expand $ac_aux_dir to an absolute path am_aux_dir=`cd $ac_aux_dir && pwd` @@ -1399,6 +1534,39 @@ echo "$as_me: WARNING: \`missing' script is too old or missing" >&2;} fi +if mkdir -p --version . >/dev/null 2>&1 && test ! -d ./--version; then + # We used to keeping the `.' as first argument, in order to + # allow $(mkdir_p) to be used without argument. As in + # $(mkdir_p) $(somedir) + # where $(somedir) is conditionally defined. However this is wrong + # for two reasons: + # 1. if the package is installed by a user who cannot write `.' + # make install will fail, + # 2. the above comment should most certainly read + # $(mkdir_p) $(DESTDIR)$(somedir) + # so it does not work when $(somedir) is undefined and + # $(DESTDIR) is not. + # To support the latter case, we have to write + # test -z "$(somedir)" || $(mkdir_p) $(DESTDIR)$(somedir), + # so the `.' trick is pointless. + mkdir_p='mkdir -p --' +else + # On NextStep and OpenStep, the `mkdir' command does not + # recognize any option. It will interpret all options as + # directories to create, and then abort because `.' already + # exists. + for d in ./-p ./--version; + do + test -d $d && rmdir $d + done + # $(mkinstalldirs) is defined by Automake if mkinstalldirs exists. + if test -f "$ac_aux_dir/mkinstalldirs"; then + mkdir_p='$(mkinstalldirs)' + else + mkdir_p='$(install_sh) -d' + fi +fi + for ac_prog in gawk mawk nawk awk do # Extract the first word of "$ac_prog", so it can be a program name with args. @@ -1439,15 +1607,15 @@ test -n "$AWK" && break done -echo "$as_me:$LINENO: checking whether ${MAKE-make} sets \${MAKE}" >&5 -echo $ECHO_N "checking whether ${MAKE-make} sets \${MAKE}... $ECHO_C" >&6 -set dummy ${MAKE-make}; ac_make=`echo "$2" | sed 'y,./+-,__p_,'` +echo "$as_me:$LINENO: checking whether ${MAKE-make} sets \$(MAKE)" >&5 +echo $ECHO_N "checking whether ${MAKE-make} sets \$(MAKE)... $ECHO_C" >&6 +set dummy ${MAKE-make}; ac_make=`echo "$2" | sed 'y,:./+-,___p_,'` if eval "test \"\${ac_cv_prog_make_${ac_make}_set+set}\" = set"; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.make <<\_ACEOF all: - @echo 'ac_maketemp="${MAKE}"' + @echo 'ac_maketemp="$(MAKE)"' _ACEOF # GNU make sometimes prints "make[1]: Entering...", which would confuse us. eval `${MAKE-make} -f conftest.make 2>/dev/null | grep temp=` @@ -1468,7 +1636,16 @@ SET_MAKE="MAKE=${MAKE-make}" fi - # test to see if srcdir already configured +rm -rf .tst 2>/dev/null +mkdir .tst 2>/dev/null +if test -d .tst; then + am__leading_dot=. +else + am__leading_dot=_ +fi +rmdir .tst 2>/dev/null + +# test to see if srcdir already configured if test "`cd $srcdir && pwd`" != "`pwd`" && test -f $srcdir/config.status; then { { echo "$as_me:$LINENO: error: source directory already configured; run \"make distclean\" there first" >&5 @@ -1476,6 +1653,16 @@ { (exit 1); exit 1; }; } fi +# test whether we have cygpath +if test -z "$CYGPATH_W"; then + if (cygpath --version) >/dev/null 2>/dev/null; then + CYGPATH_W='cygpath -w' + else + CYGPATH_W=echo + fi +fi + + # Define the identity of the package. PACKAGE=snort VERSION=2.3.3 @@ -1506,9 +1693,6 @@ MAKEINFO=${MAKEINFO-"${am_missing_run}makeinfo"} - -AMTAR=${AMTAR-"${am_missing_run}tar"} - install_sh=${install_sh-"$am_aux_dir/install-sh"} # Installed binaries are usually stripped using `strip' when the user @@ -1601,6 +1785,13 @@ # We need awk for the "check" target. The system "awk" is bad on # some platforms. +# Always define AMTAR for backward compatibility. + +AMTAR=${AMTAR-"${am_missing_run}tar"} + +am__tar='${AMTAR} chof - "$$tardir"'; am__untar='${AMTAR} xf -' + + @@ -1612,24 +1803,16 @@ enableval="$enable_64bit_gcc" CFLAGS="-O0 -g" CC="gcc -m64"; export CFLAGS CC fi; -rm -f .deps 2>/dev/null -mkdir .deps 2>/dev/null -if test -d .deps; then - DEPDIR=.deps -else - # MS-DOS does not allow filenames that begin with a dot. - DEPDIR=_deps -fi -rmdir .deps 2>/dev/null - +DEPDIR="${am__leading_dot}deps" -ac_config_commands="$ac_config_commands depfiles" + ac_config_commands="$ac_config_commands depfiles" am_make=${MAKE-make} cat > confinc << 'END' -doit: +am__doit: @echo done +.PHONY: am__doit END # If we don't find an include directive, just comment out the code. echo "$as_me:$LINENO: checking for style of include used by $am_make" >&5 @@ -1644,7 +1827,7 @@ # In particular we don't look at `^make:' because GNU make might # be invoked under some other name (usually "gmake"), in which # case it prints its new name instead of `make'. -if test "`$am_make -s -f confmf 2> /dev/null | fgrep -v 'ing directory'`" = "done"; then +if test "`$am_make -s -f confmf 2> /dev/null | grep -v 'ing directory'`" = "done"; then am__include=include am__quote= _am_result=GNU @@ -1889,9 +2072,7 @@ # However, it has the same basename, so the bogon will be chosen # first if we set CC to just the basename; use the full file name. shift - set dummy "$as_dir/$ac_word" ${1+"$@"} - shift - ac_cv_prog_CC="$@" + ac_cv_prog_CC="$as_dir/$ac_word${1+' '}$@" fi fi fi @@ -1996,8 +2177,10 @@ fi -test -z "$CC" && { { echo "$as_me:$LINENO: error: no acceptable C compiler found in \$PATH" >&5 -echo "$as_me: error: no acceptable C compiler found in \$PATH" >&2;} +test -z "$CC" && { { echo "$as_me:$LINENO: error: no acceptable C compiler found in \$PATH +See \`config.log' for more details." >&5 +echo "$as_me: error: no acceptable C compiler found in \$PATH +See \`config.log' for more details." >&2;} { (exit 1); exit 1; }; } # Provide some information about the compiler. @@ -2021,15 +2204,12 @@ (exit $ac_status); } cat >conftest.$ac_ext <<_ACEOF -#line $LINENO "configure" -#include "confdefs.h" +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ -#ifdef F77_DUMMY_MAIN -# ifdef __cplusplus - extern "C" -# endif - int F77_DUMMY_MAIN() { return 1; } -#endif int main () { @@ -2039,12 +2219,12 @@ } _ACEOF ac_clean_files_save=$ac_clean_files -ac_clean_files="$ac_clean_files a.out a.exe" +ac_clean_files="$ac_clean_files a.out a.exe b.out" # Try to create an executable without -o first, disregard a.out. # It will help us diagnose broken compilers, and finding out an intuition # of exeext. -echo "$as_me:$LINENO: checking for C compiler default output" >&5 -echo $ECHO_N "checking for C compiler default output... $ECHO_C" >&6 +echo "$as_me:$LINENO: checking for C compiler default output file name" >&5 +echo $ECHO_N "checking for C compiler default output file name... $ECHO_C" >&6 ac_link_default=`echo "$ac_link" | sed 's/ -o *conftest[^ ]*//'` if { (eval echo "$as_me:$LINENO: \"$ac_link_default\"") >&5 (eval $ac_link_default) 2>&5 @@ -2058,26 +2238,39 @@ # Be careful to initialize this variable, since it used to be cached. # Otherwise an old cache value of `no' led to `EXEEXT = no' in a Makefile. ac_cv_exeext= -for ac_file in `ls a_out.exe a.exe conftest.exe 2>/dev/null; - ls a.out conftest 2>/dev/null; - ls a.* conftest.* 2>/dev/null`; do +# b.out is created by i960 compilers. +for ac_file in a_out.exe a.exe conftest.exe a.out conftest a.* conftest.* b.out +do + test -f "$ac_file" || continue case $ac_file in - *.$ac_ext | *.o | *.obj | *.xcoff | *.tds | *.d | *.pdb | *.xSYM ) ;; - a.out ) # We found the default executable, but exeext='' is most - # certainly right. - break;; - *.* ) ac_cv_exeext=`expr "$ac_file" : '[^.]*\(\..*\)'` - # FIXME: I believe we export ac_cv_exeext for Libtool --akim. - export ac_cv_exeext - break;; - * ) break;; + *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.o | *.obj ) + ;; + conftest.$ac_ext ) + # This is the source file. + ;; + [ab].out ) + # We found the default executable, but exeext='' is most + # certainly right. + break;; + *.* ) + ac_cv_exeext=`expr "$ac_file" : '[^.]*\(\..*\)'` + # FIXME: I believe we export ac_cv_exeext for Libtool, + # but it would be cool to find out if it's true. Does anybody + # maintain Libtool? --akim. + export ac_cv_exeext + break;; + * ) + break;; esac done else echo "$as_me: failed program was:" >&5 -cat conftest.$ac_ext >&5 -{ { echo "$as_me:$LINENO: error: C compiler cannot create executables" >&5 -echo "$as_me: error: C compiler cannot create executables" >&2;} +sed 's/^/| /' conftest.$ac_ext >&5 + +{ { echo "$as_me:$LINENO: error: C compiler cannot create executables +See \`config.log' for more details." >&5 +echo "$as_me: error: C compiler cannot create executables +See \`config.log' for more details." >&2;} { (exit 77); exit 77; }; } fi @@ -2104,9 +2297,11 @@ cross_compiling=yes else { { echo "$as_me:$LINENO: error: cannot run C compiled programs. -If you meant to cross compile, use \`--host'." >&5 +If you meant to cross compile, use \`--host'. +See \`config.log' for more details." >&5 echo "$as_me: error: cannot run C compiled programs. -If you meant to cross compile, use \`--host'." >&2;} +If you meant to cross compile, use \`--host'. +See \`config.log' for more details." >&2;} { (exit 1); exit 1; }; } fi fi @@ -2114,7 +2309,7 @@ echo "$as_me:$LINENO: result: yes" >&5 echo "${ECHO_T}yes" >&6 -rm -f a.out a.exe conftest$ac_cv_exeext +rm -f a.out a.exe conftest$ac_cv_exeext b.out ac_clean_files=$ac_clean_files_save # Check the compiler produces executables we can run. If not, either # the compiler is broken, or we cross compile. @@ -2134,18 +2329,21 @@ # catch `conftest.exe'. For instance with Cygwin, `ls conftest' will # work properly (i.e., refer to `conftest.exe'), while it won't with # `rm'. -for ac_file in `(ls conftest.exe; ls conftest; ls conftest.*) 2>/dev/null`; do +for ac_file in conftest.exe conftest conftest.*; do + test -f "$ac_file" || continue case $ac_file in - *.$ac_ext | *.o | *.obj | *.xcoff | *.tds | *.d | *.pdb ) ;; + *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.o | *.obj ) ;; *.* ) ac_cv_exeext=`expr "$ac_file" : '[^.]*\(\..*\)'` - export ac_cv_exeext - break;; + export ac_cv_exeext + break;; * ) break;; esac done else - { { echo "$as_me:$LINENO: error: cannot compute suffix of executables: cannot compile and link" >&5 -echo "$as_me: error: cannot compute suffix of executables: cannot compile and link" >&2;} + { { echo "$as_me:$LINENO: error: cannot compute suffix of executables: cannot compile and link +See \`config.log' for more details." >&5 +echo "$as_me: error: cannot compute suffix of executables: cannot compile and link +See \`config.log' for more details." >&2;} { (exit 1); exit 1; }; } fi @@ -2162,15 +2360,12 @@ echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF -#line $LINENO "configure" -#include "confdefs.h" +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ -#ifdef F77_DUMMY_MAIN -# ifdef __cplusplus - extern "C" -# endif - int F77_DUMMY_MAIN() { return 1; } -#endif int main () { @@ -2187,16 +2382,19 @@ (exit $ac_status); }; then for ac_file in `(ls conftest.o conftest.obj; ls conftest.*) 2>/dev/null`; do case $ac_file in - *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb ) ;; + *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg ) ;; *) ac_cv_objext=`expr "$ac_file" : '.*\.\(.*\)'` break;; esac done else echo "$as_me: failed program was:" >&5 -cat conftest.$ac_ext >&5 -{ { echo "$as_me:$LINENO: error: cannot compute suffix of object files: cannot compile" >&5 -echo "$as_me: error: cannot compute suffix of object files: cannot compile" >&2;} +sed 's/^/| /' conftest.$ac_ext >&5 + +{ { echo "$as_me:$LINENO: error: cannot compute suffix of object files: cannot compile +See \`config.log' for more details." >&5 +echo "$as_me: error: cannot compute suffix of object files: cannot compile +See \`config.log' for more details." >&2;} { (exit 1); exit 1; }; } fi @@ -2212,15 +2410,12 @@ echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF -#line $LINENO "configure" -#include "confdefs.h" +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ -#ifdef F77_DUMMY_MAIN -# ifdef __cplusplus - extern "C" -# endif - int F77_DUMMY_MAIN() { return 1; } -#endif int main () { @@ -2234,11 +2429,20 @@ _ACEOF rm -f conftest.$ac_objext if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - (eval $ac_compile) 2>&5 + (eval $ac_compile) 2>conftest.er1 ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && - { ac_try='test -s conftest.$ac_objext' + { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest.$ac_objext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? @@ -2247,10 +2451,11 @@ ac_compiler_gnu=yes else echo "$as_me: failed program was:" >&5 -cat conftest.$ac_ext >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + ac_compiler_gnu=no fi -rm -f conftest.$ac_objext conftest.$ac_ext +rm -f conftest.err conftest.$ac_objext conftest.$ac_ext ac_cv_c_compiler_gnu=$ac_compiler_gnu fi @@ -2266,15 +2471,12 @@ echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF -#line $LINENO "configure" -#include "confdefs.h" +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ -#ifdef F77_DUMMY_MAIN -# ifdef __cplusplus - extern "C" -# endif - int F77_DUMMY_MAIN() { return 1; } -#endif int main () { @@ -2285,11 +2487,20 @@ _ACEOF rm -f conftest.$ac_objext if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - (eval $ac_compile) 2>&5 + (eval $ac_compile) 2>conftest.er1 ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && - { ac_try='test -s conftest.$ac_objext' + { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest.$ac_objext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? @@ -2298,10 +2509,11 @@ ac_cv_prog_cc_g=yes else echo "$as_me: failed program was:" >&5 -cat conftest.$ac_ext >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + ac_cv_prog_cc_g=no fi -rm -f conftest.$ac_objext conftest.$ac_ext +rm -f conftest.err conftest.$ac_objext conftest.$ac_ext fi echo "$as_me:$LINENO: result: $ac_cv_prog_cc_g" >&5 echo "${ECHO_T}$ac_cv_prog_cc_g" >&6 @@ -2320,6 +2532,120 @@ CFLAGS= fi fi +echo "$as_me:$LINENO: checking for $CC option to accept ANSI C" >&5 +echo $ECHO_N "checking for $CC option to accept ANSI C... $ECHO_C" >&6 +if test "${ac_cv_prog_cc_stdc+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +else + ac_cv_prog_cc_stdc=no +ac_save_CC=$CC +cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ +#include +#include +#include +#include +/* Most of the following tests are stolen from RCS 5.7's src/conf.sh. */ +struct buf { int x; }; +FILE * (*rcsopen) (struct buf *, struct stat *, int); +static char *e (p, i) + char **p; + int i; +{ + return p[i]; +} +static char *f (char * (*g) (char **, int), char **p, ...) +{ + char *s; + va_list v; + va_start (v,p); + s = g (p, va_arg (v,int)); + va_end (v); + return s; +} + +/* OSF 4.0 Compaq cc is some sort of almost-ANSI by default. It has + function prototypes and stuff, but not '\xHH' hex character constants. + These don't provoke an error unfortunately, instead are silently treated + as 'x'. The following induces an error, until -std1 is added to get + proper ANSI mode. Curiously '\x00'!='x' always comes out true, for an + array size at least. It's necessary to write '\x00'==0 to get something + that's true only with -std1. */ +int osf4_cc_array ['\x00' == 0 ? 1 : -1]; + +int test (int i, double x); +struct s1 {int (*f) (int a);}; +struct s2 {int (*f) (double a);}; +int pairnames (int, char **, FILE *(*)(struct buf *, struct stat *, int), int, int); +int argc; +char **argv; +int +main () +{ +return f (e, argv, 0) != argv[0] || f (e, argv, 1) != argv[1]; + ; + return 0; +} +_ACEOF +# Don't try gcc -ansi; that turns off useful extensions and +# breaks some systems' header files. +# AIX -qlanglvl=ansi +# Ultrix and OSF/1 -std1 +# HP-UX 10.20 and later -Ae +# HP-UX older versions -Aa -D_HPUX_SOURCE +# SVR4 -Xc -D__EXTENSIONS__ +for ac_arg in "" -qlanglvl=ansi -std1 -Ae "-Aa -D_HPUX_SOURCE" "-Xc -D__EXTENSIONS__" +do + CC="$ac_save_CC $ac_arg" + rm -f conftest.$ac_objext +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 + (eval $ac_compile) 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && + { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest.$ac_objext' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; }; then + ac_cv_prog_cc_stdc=$ac_arg +break +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + +fi +rm -f conftest.err conftest.$ac_objext +done +rm -f conftest.$ac_ext conftest.$ac_objext +CC=$ac_save_CC + +fi + +case "x$ac_cv_prog_cc_stdc" in + x|xno) + echo "$as_me:$LINENO: result: none needed" >&5 +echo "${ECHO_T}none needed" >&6 ;; + *) + echo "$as_me:$LINENO: result: $ac_cv_prog_cc_stdc" >&5 +echo "${ECHO_T}$ac_cv_prog_cc_stdc" >&6 + CC="$CC $ac_cv_prog_cc_stdc" ;; +esac + # Some people use a C++ compiler to compile C. Since we use `exit', # in C++ we need to declare it. In case someone uses the same compiler # for both compiling C and C++ we need to have the C++ compiler decide @@ -2331,19 +2657,27 @@ _ACEOF rm -f conftest.$ac_objext if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - (eval $ac_compile) 2>&5 + (eval $ac_compile) 2>conftest.er1 ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && - { ac_try='test -s conftest.$ac_objext' + { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest.$ac_objext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then for ac_declaration in \ - ''\ - '#include ' \ + '' \ 'extern "C" void std::exit (int) throw (); using std::exit;' \ 'extern "C" void std::exit (int); using std::exit;' \ 'extern "C" void exit (int) throw ();' \ @@ -2351,16 +2685,13 @@ 'void exit (int);' do cat >conftest.$ac_ext <<_ACEOF -#line $LINENO "configure" -#include "confdefs.h" -#include +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ $ac_declaration -#ifdef F77_DUMMY_MAIN -# ifdef __cplusplus - extern "C" -# endif - int F77_DUMMY_MAIN() { return 1; } -#endif +#include int main () { @@ -2371,11 +2702,20 @@ _ACEOF rm -f conftest.$ac_objext if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - (eval $ac_compile) 2>&5 + (eval $ac_compile) 2>conftest.er1 ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && - { ac_try='test -s conftest.$ac_objext' + { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest.$ac_objext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? @@ -2384,20 +2724,18 @@ : else echo "$as_me: failed program was:" >&5 -cat conftest.$ac_ext >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + continue fi -rm -f conftest.$ac_objext conftest.$ac_ext +rm -f conftest.err conftest.$ac_objext conftest.$ac_ext cat >conftest.$ac_ext <<_ACEOF -#line $LINENO "configure" -#include "confdefs.h" +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ $ac_declaration -#ifdef F77_DUMMY_MAIN -# ifdef __cplusplus - extern "C" -# endif - int F77_DUMMY_MAIN() { return 1; } -#endif int main () { @@ -2408,11 +2746,20 @@ _ACEOF rm -f conftest.$ac_objext if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - (eval $ac_compile) 2>&5 + (eval $ac_compile) 2>conftest.er1 ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && - { ac_try='test -s conftest.$ac_objext' + { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest.$ac_objext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? @@ -2421,9 +2768,10 @@ break else echo "$as_me: failed program was:" >&5 -cat conftest.$ac_ext >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + fi -rm -f conftest.$ac_objext conftest.$ac_ext +rm -f conftest.err conftest.$ac_objext conftest.$ac_ext done rm -f conftest* if test -n "$ac_declaration"; then @@ -2434,9 +2782,10 @@ else echo "$as_me: failed program was:" >&5 -cat conftest.$ac_ext >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + fi -rm -f conftest.$ac_objext conftest.$ac_ext +rm -f conftest.err conftest.$ac_objext conftest.$ac_ext ac_ext=c ac_cpp='$CPP $CPPFLAGS' ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' @@ -2461,18 +2810,34 @@ # using a relative directory. cp "$am_depcomp" conftest.dir cd conftest.dir + # We will build objects and dependencies in a subdirectory because + # it helps to detect inapplicable dependency modes. For instance + # both Tru64's cc and ICC support -MD to output dependencies as a + # side effect of compilation, but ICC will put the dependencies in + # the current directory while Tru64 will put them in the object + # directory. + mkdir sub am_cv_CC_dependencies_compiler_type=none if test "$am_compiler_list" = ""; then am_compiler_list=`sed -n 's/^#*\([a-zA-Z0-9]*\))$/\1/p' < ./depcomp` fi for depmode in $am_compiler_list; do + # Setup a source with many dependencies, because some compilers + # like to wrap large dependency lists on column 80 (with \), and + # we should not choose a depcomp mode which is confused by this. + # # We need to recreate these files for each test, as the compiler may # overwrite some of them when testing with obscure command lines. # This happens at least with the AIX C compiler. - echo '#include "conftest.h"' > conftest.c - echo 'int i;' > conftest.h - echo "${am__include} ${am__quote}conftest.Po${am__quote}" > confmf + : > sub/conftest.c + for i in 1 2 3 4 5 6; do + echo '#include "conftst'$i'.h"' >> sub/conftest.c + # Using `: > sub/conftst$i.h' creates only sub/conftst1.h with + # Solaris 8's {/usr,}/bin/sh. + touch sub/conftst$i.h + done + echo "${am__include} ${am__quote}sub/conftest.Po${am__quote}" > confmf case $depmode in nosideeffect) @@ -2490,13 +2855,25 @@ # mode. It turns out that the SunPro C++ compiler does not properly # handle `-M -o', and we need to detect this. if depmode=$depmode \ - source=conftest.c object=conftest.o \ - depfile=conftest.Po tmpdepfile=conftest.TPo \ - $SHELL ./depcomp $depcc -c conftest.c -o conftest.o >/dev/null 2>&1 && - grep conftest.h conftest.Po > /dev/null 2>&1 && + source=sub/conftest.c object=sub/conftest.${OBJEXT-o} \ + depfile=sub/conftest.Po tmpdepfile=sub/conftest.TPo \ + $SHELL ./depcomp $depcc -c -o sub/conftest.${OBJEXT-o} sub/conftest.c \ + >/dev/null 2>conftest.err && + grep sub/conftst6.h sub/conftest.Po > /dev/null 2>&1 && + grep sub/conftest.${OBJEXT-o} sub/conftest.Po > /dev/null 2>&1 && ${MAKE-make} -s -f confmf > /dev/null 2>&1; then - am_cv_CC_dependencies_compiler_type=$depmode - break + # icc doesn't choke on unknown options, it will just issue warnings + # or remarks (even with -Werror). So we grep stderr for any message + # that says an option was ignored or not supported. + # When given -MP, icc 7.0 and 7.1 complain thusly: + # icc: Command line warning: ignoring option '-M'; no argument required + # The diagnosis changed in icc 8.0: + # icc: Command line remark: option '-MP' not supported + if (grep 'ignoring option' conftest.err || + grep 'not supported' conftest.err) >/dev/null 2>&1; then :; else + am_cv_CC_dependencies_compiler_type=$depmode + break + fi fi done @@ -2513,115 +2890,26 @@ +if + test "x$enable_dependency_tracking" != xno \ + && test "$am_cv_CC_dependencies_compiler_type" = gcc3; then + am__fastdepCC_TRUE= + am__fastdepCC_FALSE='#' +else + am__fastdepCC_TRUE='#' + am__fastdepCC_FALSE= +fi + +am_cv_prog_cc_stdc=$ac_cv_prog_cc_stdc -echo "$as_me:$LINENO: checking for ${CC-cc} option to accept ANSI C" >&5 -echo $ECHO_N "checking for ${CC-cc} option to accept ANSI C... $ECHO_C" >&6 -if test "${am_cv_prog_cc_stdc+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - am_cv_prog_cc_stdc=no -ac_save_CC="$CC" -# Don't try gcc -ansi; that turns off useful extensions and -# breaks some systems' header files. -# AIX -qlanglvl=ansi -# Ultrix and OSF/1 -std1 -# HP-UX 10.20 and later -Ae -# HP-UX older versions -Aa -D_HPUX_SOURCE -# SVR4 -Xc -D__EXTENSIONS__ -for ac_arg in "" -qlanglvl=ansi -std1 -Ae "-Aa -D_HPUX_SOURCE" "-Xc -D__EXTENSIONS__" -do - CC="$ac_save_CC $ac_arg" - cat >conftest.$ac_ext <<_ACEOF -#line $LINENO "configure" -#include "confdefs.h" -#include -#include -#include -#include -/* Most of the following tests are stolen from RCS 5.7's src/conf.sh. */ -struct buf { int x; }; -FILE * (*rcsopen) (struct buf *, struct stat *, int); -static char *e (p, i) - char **p; - int i; -{ - return p[i]; -} -static char *f (char * (*g) (char **, int), char **p, ...) -{ - char *s; - va_list v; - va_start (v,p); - s = g (p, va_arg (v,int)); - va_end (v); - return s; -} -int test (int i, double x); -struct s1 {int (*f) (int a);}; -struct s2 {int (*f) (double a);}; -int pairnames (int, char **, FILE *(*)(struct buf *, struct stat *, int), int, int); -int argc; -char **argv; - -#ifdef F77_DUMMY_MAIN -# ifdef __cplusplus - extern "C" -# endif - int F77_DUMMY_MAIN() { return 1; } -#endif -int -main () -{ - -return f (e, argv, 0) != argv[0] || f (e, argv, 1) != argv[1]; - - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - (eval $ac_compile) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && - { ac_try='test -s conftest.$ac_objext' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then - am_cv_prog_cc_stdc="$ac_arg"; break -else - echo "$as_me: failed program was:" >&5 -cat conftest.$ac_ext >&5 -fi -rm -f conftest.$ac_objext conftest.$ac_ext -done -CC="$ac_save_CC" - -fi - -if test -z "$am_cv_prog_cc_stdc"; then - echo "$as_me:$LINENO: result: none needed" >&5 -echo "${ECHO_T}none needed" >&6 -else - echo "$as_me:$LINENO: result: $am_cv_prog_cc_stdc" >&5 -echo "${ECHO_T}$am_cv_prog_cc_stdc" >&6 -fi -case "x$am_cv_prog_cc_stdc" in - x|xno) ;; - *) CC="$CC $am_cv_prog_cc_stdc" ;; -esac - -if test -n "$ac_tool_prefix"; then - # Extract the first word of "${ac_tool_prefix}ranlib", so it can be a program name with args. -set dummy ${ac_tool_prefix}ranlib; ac_word=$2 -echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 -if test "${ac_cv_prog_RANLIB+set}" = set; then +if test -n "$ac_tool_prefix"; then + # Extract the first word of "${ac_tool_prefix}ranlib", so it can be a program name with args. +set dummy ${ac_tool_prefix}ranlib; ac_word=$2 +echo "$as_me:$LINENO: checking for $ac_word" >&5 +echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 +if test "${ac_cv_prog_RANLIB+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else if test -n "$RANLIB"; then @@ -2900,9 +3188,7 @@ # However, it has the same basename, so the bogon will be chosen # first if we set CC to just the basename; use the full file name. shift - set dummy "$as_dir/$ac_word" ${1+"$@"} - shift - ac_cv_prog_CC="$@" + ac_cv_prog_CC="$as_dir/$ac_word${1+' '}$@" fi fi fi @@ -3007,8 +3293,10 @@ fi -test -z "$CC" && { { echo "$as_me:$LINENO: error: no acceptable C compiler found in \$PATH" >&5 -echo "$as_me: error: no acceptable C compiler found in \$PATH" >&2;} +test -z "$CC" && { { echo "$as_me:$LINENO: error: no acceptable C compiler found in \$PATH +See \`config.log' for more details." >&5 +echo "$as_me: error: no acceptable C compiler found in \$PATH +See \`config.log' for more details." >&2;} { (exit 1); exit 1; }; } # Provide some information about the compiler. @@ -3037,15 +3325,12 @@ echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF -#line $LINENO "configure" -#include "confdefs.h" +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ -#ifdef F77_DUMMY_MAIN -# ifdef __cplusplus - extern "C" -# endif - int F77_DUMMY_MAIN() { return 1; } -#endif int main () { @@ -3059,11 +3344,20 @@ _ACEOF rm -f conftest.$ac_objext if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - (eval $ac_compile) 2>&5 + (eval $ac_compile) 2>conftest.er1 ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && - { ac_try='test -s conftest.$ac_objext' + { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest.$ac_objext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? @@ -3072,10 +3366,11 @@ ac_compiler_gnu=yes else echo "$as_me: failed program was:" >&5 -cat conftest.$ac_ext >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + ac_compiler_gnu=no fi -rm -f conftest.$ac_objext conftest.$ac_ext +rm -f conftest.err conftest.$ac_objext conftest.$ac_ext ac_cv_c_compiler_gnu=$ac_compiler_gnu fi @@ -3091,15 +3386,12 @@ echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF -#line $LINENO "configure" -#include "confdefs.h" +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ -#ifdef F77_DUMMY_MAIN -# ifdef __cplusplus - extern "C" -# endif - int F77_DUMMY_MAIN() { return 1; } -#endif int main () { @@ -3110,11 +3402,20 @@ _ACEOF rm -f conftest.$ac_objext if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - (eval $ac_compile) 2>&5 + (eval $ac_compile) 2>conftest.er1 ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && - { ac_try='test -s conftest.$ac_objext' + { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest.$ac_objext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? @@ -3123,10 +3424,11 @@ ac_cv_prog_cc_g=yes else echo "$as_me: failed program was:" >&5 -cat conftest.$ac_ext >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + ac_cv_prog_cc_g=no fi -rm -f conftest.$ac_objext conftest.$ac_ext +rm -f conftest.err conftest.$ac_objext conftest.$ac_ext fi echo "$as_me:$LINENO: result: $ac_cv_prog_cc_g" >&5 echo "${ECHO_T}$ac_cv_prog_cc_g" >&6 @@ -3145,6 +3447,120 @@ CFLAGS= fi fi +echo "$as_me:$LINENO: checking for $CC option to accept ANSI C" >&5 +echo $ECHO_N "checking for $CC option to accept ANSI C... $ECHO_C" >&6 +if test "${ac_cv_prog_cc_stdc+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +else + ac_cv_prog_cc_stdc=no +ac_save_CC=$CC +cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ +#include +#include +#include +#include +/* Most of the following tests are stolen from RCS 5.7's src/conf.sh. */ +struct buf { int x; }; +FILE * (*rcsopen) (struct buf *, struct stat *, int); +static char *e (p, i) + char **p; + int i; +{ + return p[i]; +} +static char *f (char * (*g) (char **, int), char **p, ...) +{ + char *s; + va_list v; + va_start (v,p); + s = g (p, va_arg (v,int)); + va_end (v); + return s; +} + +/* OSF 4.0 Compaq cc is some sort of almost-ANSI by default. It has + function prototypes and stuff, but not '\xHH' hex character constants. + These don't provoke an error unfortunately, instead are silently treated + as 'x'. The following induces an error, until -std1 is added to get + proper ANSI mode. Curiously '\x00'!='x' always comes out true, for an + array size at least. It's necessary to write '\x00'==0 to get something + that's true only with -std1. */ +int osf4_cc_array ['\x00' == 0 ? 1 : -1]; + +int test (int i, double x); +struct s1 {int (*f) (int a);}; +struct s2 {int (*f) (double a);}; +int pairnames (int, char **, FILE *(*)(struct buf *, struct stat *, int), int, int); +int argc; +char **argv; +int +main () +{ +return f (e, argv, 0) != argv[0] || f (e, argv, 1) != argv[1]; + ; + return 0; +} +_ACEOF +# Don't try gcc -ansi; that turns off useful extensions and +# breaks some systems' header files. +# AIX -qlanglvl=ansi +# Ultrix and OSF/1 -std1 +# HP-UX 10.20 and later -Ae +# HP-UX older versions -Aa -D_HPUX_SOURCE +# SVR4 -Xc -D__EXTENSIONS__ +for ac_arg in "" -qlanglvl=ansi -std1 -Ae "-Aa -D_HPUX_SOURCE" "-Xc -D__EXTENSIONS__" +do + CC="$ac_save_CC $ac_arg" + rm -f conftest.$ac_objext +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 + (eval $ac_compile) 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && + { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest.$ac_objext' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; }; then + ac_cv_prog_cc_stdc=$ac_arg +break +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + +fi +rm -f conftest.err conftest.$ac_objext +done +rm -f conftest.$ac_ext conftest.$ac_objext +CC=$ac_save_CC + +fi + +case "x$ac_cv_prog_cc_stdc" in + x|xno) + echo "$as_me:$LINENO: result: none needed" >&5 +echo "${ECHO_T}none needed" >&6 ;; + *) + echo "$as_me:$LINENO: result: $ac_cv_prog_cc_stdc" >&5 +echo "${ECHO_T}$ac_cv_prog_cc_stdc" >&6 + CC="$CC $ac_cv_prog_cc_stdc" ;; +esac + # Some people use a C++ compiler to compile C. Since we use `exit', # in C++ we need to declare it. In case someone uses the same compiler # for both compiling C and C++ we need to have the C++ compiler decide @@ -3156,19 +3572,27 @@ _ACEOF rm -f conftest.$ac_objext if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - (eval $ac_compile) 2>&5 + (eval $ac_compile) 2>conftest.er1 ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && - { ac_try='test -s conftest.$ac_objext' + { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest.$ac_objext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then for ac_declaration in \ - ''\ - '#include ' \ + '' \ 'extern "C" void std::exit (int) throw (); using std::exit;' \ 'extern "C" void std::exit (int); using std::exit;' \ 'extern "C" void exit (int) throw ();' \ @@ -3176,16 +3600,13 @@ 'void exit (int);' do cat >conftest.$ac_ext <<_ACEOF -#line $LINENO "configure" -#include "confdefs.h" -#include +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ $ac_declaration -#ifdef F77_DUMMY_MAIN -# ifdef __cplusplus - extern "C" -# endif - int F77_DUMMY_MAIN() { return 1; } -#endif +#include int main () { @@ -3196,11 +3617,20 @@ _ACEOF rm -f conftest.$ac_objext if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - (eval $ac_compile) 2>&5 + (eval $ac_compile) 2>conftest.er1 ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && - { ac_try='test -s conftest.$ac_objext' + { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest.$ac_objext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? @@ -3209,20 +3639,18 @@ : else echo "$as_me: failed program was:" >&5 -cat conftest.$ac_ext >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + continue fi -rm -f conftest.$ac_objext conftest.$ac_ext +rm -f conftest.err conftest.$ac_objext conftest.$ac_ext cat >conftest.$ac_ext <<_ACEOF -#line $LINENO "configure" -#include "confdefs.h" +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ $ac_declaration -#ifdef F77_DUMMY_MAIN -# ifdef __cplusplus - extern "C" -# endif - int F77_DUMMY_MAIN() { return 1; } -#endif int main () { @@ -3233,11 +3661,20 @@ _ACEOF rm -f conftest.$ac_objext if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - (eval $ac_compile) 2>&5 + (eval $ac_compile) 2>conftest.er1 ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && - { ac_try='test -s conftest.$ac_objext' + { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest.$ac_objext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? @@ -3246,9 +3683,10 @@ break else echo "$as_me: failed program was:" >&5 -cat conftest.$ac_ext >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + fi -rm -f conftest.$ac_objext conftest.$ac_ext +rm -f conftest.err conftest.$ac_objext conftest.$ac_ext done rm -f conftest* if test -n "$ac_declaration"; then @@ -3259,9 +3697,10 @@ else echo "$as_me: failed program was:" >&5 -cat conftest.$ac_ext >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + fi -rm -f conftest.$ac_objext conftest.$ac_ext +rm -f conftest.err conftest.$ac_objext conftest.$ac_ext ac_ext=c ac_cpp='$CPP $CPPFLAGS' ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' @@ -3286,18 +3725,34 @@ # using a relative directory. cp "$am_depcomp" conftest.dir cd conftest.dir + # We will build objects and dependencies in a subdirectory because + # it helps to detect inapplicable dependency modes. For instance + # both Tru64's cc and ICC support -MD to output dependencies as a + # side effect of compilation, but ICC will put the dependencies in + # the current directory while Tru64 will put them in the object + # directory. + mkdir sub am_cv_CC_dependencies_compiler_type=none if test "$am_compiler_list" = ""; then am_compiler_list=`sed -n 's/^#*\([a-zA-Z0-9]*\))$/\1/p' < ./depcomp` fi for depmode in $am_compiler_list; do + # Setup a source with many dependencies, because some compilers + # like to wrap large dependency lists on column 80 (with \), and + # we should not choose a depcomp mode which is confused by this. + # # We need to recreate these files for each test, as the compiler may # overwrite some of them when testing with obscure command lines. # This happens at least with the AIX C compiler. - echo '#include "conftest.h"' > conftest.c - echo 'int i;' > conftest.h - echo "${am__include} ${am__quote}conftest.Po${am__quote}" > confmf + : > sub/conftest.c + for i in 1 2 3 4 5 6; do + echo '#include "conftst'$i'.h"' >> sub/conftest.c + # Using `: > sub/conftst$i.h' creates only sub/conftst1.h with + # Solaris 8's {/usr,}/bin/sh. + touch sub/conftst$i.h + done + echo "${am__include} ${am__quote}sub/conftest.Po${am__quote}" > confmf case $depmode in nosideeffect) @@ -3315,13 +3770,25 @@ # mode. It turns out that the SunPro C++ compiler does not properly # handle `-M -o', and we need to detect this. if depmode=$depmode \ - source=conftest.c object=conftest.o \ - depfile=conftest.Po tmpdepfile=conftest.TPo \ - $SHELL ./depcomp $depcc -c conftest.c -o conftest.o >/dev/null 2>&1 && - grep conftest.h conftest.Po > /dev/null 2>&1 && + source=sub/conftest.c object=sub/conftest.${OBJEXT-o} \ + depfile=sub/conftest.Po tmpdepfile=sub/conftest.TPo \ + $SHELL ./depcomp $depcc -c -o sub/conftest.${OBJEXT-o} sub/conftest.c \ + >/dev/null 2>conftest.err && + grep sub/conftst6.h sub/conftest.Po > /dev/null 2>&1 && + grep sub/conftest.${OBJEXT-o} sub/conftest.Po > /dev/null 2>&1 && ${MAKE-make} -s -f confmf > /dev/null 2>&1; then - am_cv_CC_dependencies_compiler_type=$depmode - break + # icc doesn't choke on unknown options, it will just issue warnings + # or remarks (even with -Werror). So we grep stderr for any message + # that says an option was ignored or not supported. + # When given -MP, icc 7.0 and 7.1 complain thusly: + # icc: Command line warning: ignoring option '-M'; no argument required + # The diagnosis changed in icc 8.0: + # icc: Command line remark: option '-MP' not supported + if (grep 'ignoring option' conftest.err || + grep 'not supported' conftest.err) >/dev/null 2>&1; then :; else + am_cv_CC_dependencies_compiler_type=$depmode + break + fi fi done @@ -3337,6 +3804,18 @@ CCDEPMODE=depmode=$am_cv_CC_dependencies_compiler_type + +if + test "x$enable_dependency_tracking" != xno \ + && test "$am_cv_CC_dependencies_compiler_type" = gcc3; then + am__fastdepCC_TRUE= + am__fastdepCC_FALSE='#' +else + am__fastdepCC_TRUE='#' + am__fastdepCC_FALSE= +fi + + if test -n "$GCC"; then CFLAGS="$CFLAGS -Wall " fi @@ -3420,6 +3899,7 @@ linux=no sunos4=no + echo "$as_me:$LINENO: checking whether byte ordering is bigendian" >&5 echo $ECHO_N "checking whether byte ordering is bigendian... $ECHO_C" >&6 if test "${ac_cv_c_bigendian+set}" = set; then @@ -3427,17 +3907,14 @@ else # See if sys/param.h defines the BYTE_ORDER macro. cat >conftest.$ac_ext <<_ACEOF -#line $LINENO "configure" -#include "confdefs.h" +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ #include #include -#ifdef F77_DUMMY_MAIN -# ifdef __cplusplus - extern "C" -# endif - int F77_DUMMY_MAIN() { return 1; } -#endif int main () { @@ -3451,11 +3928,20 @@ _ACEOF rm -f conftest.$ac_objext if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - (eval $ac_compile) 2>&5 + (eval $ac_compile) 2>conftest.er1 ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && - { ac_try='test -s conftest.$ac_objext' + { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest.$ac_objext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? @@ -3463,17 +3949,14 @@ (exit $ac_status); }; }; then # It does; now see whether it defined to BIG_ENDIAN or not. cat >conftest.$ac_ext <<_ACEOF -#line $LINENO "configure" -#include "confdefs.h" +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ #include #include -#ifdef F77_DUMMY_MAIN -# ifdef __cplusplus - extern "C" -# endif - int F77_DUMMY_MAIN() { return 1; } -#endif int main () { @@ -3487,11 +3970,20 @@ _ACEOF rm -f conftest.$ac_objext if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - (eval $ac_compile) 2>&5 + (eval $ac_compile) 2>conftest.er1 ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && - { ac_try='test -s conftest.$ac_objext' + { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest.$ac_objext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? @@ -3500,32 +3992,31 @@ ac_cv_c_bigendian=yes else echo "$as_me: failed program was:" >&5 -cat conftest.$ac_ext >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + ac_cv_c_bigendian=no fi -rm -f conftest.$ac_objext conftest.$ac_ext +rm -f conftest.err conftest.$ac_objext conftest.$ac_ext else echo "$as_me: failed program was:" >&5 -cat conftest.$ac_ext >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + # It does not; compile a test program. if test "$cross_compiling" = yes; then - # try to guess the endianess by grep'ing values into an object file + # try to guess the endianness by grepping values into an object file ac_cv_c_bigendian=unknown cat >conftest.$ac_ext <<_ACEOF -#line $LINENO "configure" -#include "confdefs.h" +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ short ascii_mm[] = { 0x4249, 0x4765, 0x6E44, 0x6961, 0x6E53, 0x7953, 0 }; short ascii_ii[] = { 0x694C, 0x5454, 0x656C, 0x6E45, 0x6944, 0x6E61, 0 }; void _ascii () { char *s = (char *) ascii_mm; s = (char *) ascii_ii; } short ebcdic_ii[] = { 0x89D3, 0xE3E3, 0x8593, 0x95C5, 0x89C4, 0x9581, 0 }; short ebcdic_mm[] = { 0xC2C9, 0xC785, 0x95C4, 0x8981, 0x95E2, 0xA8E2, 0 }; void _ebcdic () { char *s = (char *) ebcdic_mm; s = (char *) ebcdic_ii; } -#ifdef F77_DUMMY_MAIN -# ifdef __cplusplus - extern "C" -# endif - int F77_DUMMY_MAIN() { return 1; } -#endif int main () { @@ -3536,20 +4027,29 @@ _ACEOF rm -f conftest.$ac_objext if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - (eval $ac_compile) 2>&5 + (eval $ac_compile) 2>conftest.er1 ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && - { ac_try='test -s conftest.$ac_objext' + { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest.$ac_objext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then - if fgrep BIGenDianSyS conftest.$ac_objext >/dev/null ; then + if grep BIGenDianSyS conftest.$ac_objext >/dev/null ; then ac_cv_c_bigendian=yes fi -if fgrep LiTTleEnDian conftest.$ac_objext >/dev/null ; then +if grep LiTTleEnDian conftest.$ac_objext >/dev/null ; then if test "$ac_cv_c_bigendian" = unknown; then ac_cv_c_bigendian=no else @@ -3559,13 +4059,17 @@ fi else echo "$as_me: failed program was:" >&5 -cat conftest.$ac_ext >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + fi -rm -f conftest.$ac_objext conftest.$ac_ext +rm -f conftest.err conftest.$ac_objext conftest.$ac_ext else cat >conftest.$ac_ext <<_ACEOF -#line $LINENO "configure" -#include "confdefs.h" +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ int main () { @@ -3594,14 +4098,15 @@ else echo "$as_me: program exited with status $ac_status" >&5 echo "$as_me: failed program was:" >&5 -cat conftest.$ac_ext >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + ( exit $ac_status ) ac_cv_c_bigendian=yes fi -rm -f core core.* *.core conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext +rm -f core *.core gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext fi fi -rm -f conftest.$ac_objext conftest.$ac_ext +rm -f conftest.err conftest.$ac_objext conftest.$ac_ext fi echo "$as_me:$LINENO: result: $ac_cv_c_bigendian" >&5 echo "${ECHO_T}$ac_cv_c_bigendian" >&6 @@ -3615,9 +4120,9 @@ no) ;; *) - { { echo "$as_me:$LINENO: error: unknown endianess + { { echo "$as_me:$LINENO: error: unknown endianness presetting ac_cv_c_bigendian=no (or yes) will help" >&5 -echo "$as_me: error: unknown endianess +echo "$as_me: error: unknown endianness presetting ac_cv_c_bigendian=no (or yes) will help" >&2;} { (exit 1); exit 1; }; } ;; esac @@ -3816,24 +4321,34 @@ do # Use a header file that comes with gcc, so configuring glibc # with a fresh cross-compiler works. + # Prefer to if __STDC__ is defined, since + # exists even on freestanding compilers. # On the NeXT, cc -E runs the code through the compiler's parser, # not just through cpp. "Syntax error" is here to catch this case. cat >conftest.$ac_ext <<_ACEOF -#line $LINENO "configure" -#include "confdefs.h" -#include - Syntax error +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ +#ifdef __STDC__ +# include +#else +# include +#endif + Syntax error _ACEOF if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5 (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1 ac_status=$? - egrep -v '^ *\+' conftest.er1 >conftest.err + grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } >/dev/null; then if test -s conftest.err; then ac_cpp_err=$ac_c_preproc_warn_flag + ac_cpp_err=$ac_cpp_err$ac_c_werror_flag else ac_cpp_err= fi @@ -3844,7 +4359,8 @@ : else echo "$as_me: failed program was:" >&5 - cat conftest.$ac_ext >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + # Broken: fails on valid input. continue fi @@ -3853,20 +4369,24 @@ # OK, works on sane cases. Now check whether non-existent headers # can be detected and how. cat >conftest.$ac_ext <<_ACEOF -#line $LINENO "configure" -#include "confdefs.h" +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ #include _ACEOF if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5 (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1 ac_status=$? - egrep -v '^ *\+' conftest.er1 >conftest.err + grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } >/dev/null; then if test -s conftest.err; then ac_cpp_err=$ac_c_preproc_warn_flag + ac_cpp_err=$ac_cpp_err$ac_c_werror_flag else ac_cpp_err= fi @@ -3878,7 +4398,8 @@ continue else echo "$as_me: failed program was:" >&5 - cat conftest.$ac_ext >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + # Passes both tests. ac_preproc_ok=: break @@ -3907,24 +4428,34 @@ do # Use a header file that comes with gcc, so configuring glibc # with a fresh cross-compiler works. + # Prefer to if __STDC__ is defined, since + # exists even on freestanding compilers. # On the NeXT, cc -E runs the code through the compiler's parser, # not just through cpp. "Syntax error" is here to catch this case. cat >conftest.$ac_ext <<_ACEOF -#line $LINENO "configure" -#include "confdefs.h" -#include - Syntax error +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ +#ifdef __STDC__ +# include +#else +# include +#endif + Syntax error _ACEOF if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5 (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1 ac_status=$? - egrep -v '^ *\+' conftest.er1 >conftest.err + grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } >/dev/null; then if test -s conftest.err; then ac_cpp_err=$ac_c_preproc_warn_flag + ac_cpp_err=$ac_cpp_err$ac_c_werror_flag else ac_cpp_err= fi @@ -3935,7 +4466,8 @@ : else echo "$as_me: failed program was:" >&5 - cat conftest.$ac_ext >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + # Broken: fails on valid input. continue fi @@ -3944,20 +4476,24 @@ # OK, works on sane cases. Now check whether non-existent headers # can be detected and how. cat >conftest.$ac_ext <<_ACEOF -#line $LINENO "configure" -#include "confdefs.h" +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ #include _ACEOF if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5 (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1 ac_status=$? - egrep -v '^ *\+' conftest.er1 >conftest.err + grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } >/dev/null; then if test -s conftest.err; then ac_cpp_err=$ac_c_preproc_warn_flag + ac_cpp_err=$ac_cpp_err$ac_c_werror_flag else ac_cpp_err= fi @@ -3969,7 +4505,8 @@ continue else echo "$as_me: failed program was:" >&5 - cat conftest.$ac_ext >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + # Passes both tests. ac_preproc_ok=: break @@ -3982,8 +4519,10 @@ if $ac_preproc_ok; then : else - { { echo "$as_me:$LINENO: error: C preprocessor \"$CPP\" fails sanity check" >&5 -echo "$as_me: error: C preprocessor \"$CPP\" fails sanity check" >&2;} + { { echo "$as_me:$LINENO: error: C preprocessor \"$CPP\" fails sanity check +See \`config.log' for more details." >&5 +echo "$as_me: error: C preprocessor \"$CPP\" fails sanity check +See \`config.log' for more details." >&2;} { (exit 1); exit 1; }; } fi @@ -3994,55 +4533,88 @@ ac_compiler_gnu=$ac_cv_c_compiler_gnu +echo "$as_me:$LINENO: checking for egrep" >&5 +echo $ECHO_N "checking for egrep... $ECHO_C" >&6 +if test "${ac_cv_prog_egrep+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +else + if echo a | (grep -E '(a|b)') >/dev/null 2>&1 + then ac_cv_prog_egrep='grep -E' + else ac_cv_prog_egrep='egrep' + fi +fi +echo "$as_me:$LINENO: result: $ac_cv_prog_egrep" >&5 +echo "${ECHO_T}$ac_cv_prog_egrep" >&6 + EGREP=$ac_cv_prog_egrep + + echo "$as_me:$LINENO: checking for ANSI C header files" >&5 echo $ECHO_N "checking for ANSI C header files... $ECHO_C" >&6 if test "${ac_cv_header_stdc+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF -#line $LINENO "configure" -#include "confdefs.h" +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ #include #include #include #include +int +main () +{ + + ; + return 0; +} _ACEOF -if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5 - (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1 +rm -f conftest.$ac_objext +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 + (eval $ac_compile) 2>conftest.er1 ac_status=$? - egrep -v '^ *\+' conftest.er1 >conftest.err + grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } >/dev/null; then - if test -s conftest.err; then - ac_cpp_err=$ac_c_preproc_warn_flag - else - ac_cpp_err= - fi -else - ac_cpp_err=yes -fi -if test -z "$ac_cpp_err"; then + (exit $ac_status); } && + { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest.$ac_objext' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; }; then ac_cv_header_stdc=yes else echo "$as_me: failed program was:" >&5 - cat conftest.$ac_ext >&5 - ac_cv_header_stdc=no +sed 's/^/| /' conftest.$ac_ext >&5 + +ac_cv_header_stdc=no fi -rm -f conftest.err conftest.$ac_ext +rm -f conftest.err conftest.$ac_objext conftest.$ac_ext if test $ac_cv_header_stdc = yes; then # SunOS 4.x string.h does not declare mem*, contrary to ANSI. cat >conftest.$ac_ext <<_ACEOF -#line $LINENO "configure" -#include "confdefs.h" +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ #include _ACEOF if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | - egrep "memchr" >/dev/null 2>&1; then + $EGREP "memchr" >/dev/null 2>&1; then : else ac_cv_header_stdc=no @@ -4054,13 +4626,16 @@ if test $ac_cv_header_stdc = yes; then # ISC 2.0.2 stdlib.h does not declare free, contrary to ANSI. cat >conftest.$ac_ext <<_ACEOF -#line $LINENO "configure" -#include "confdefs.h" +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ #include _ACEOF if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | - egrep "free" >/dev/null 2>&1; then + $EGREP "free" >/dev/null 2>&1; then : else ac_cv_header_stdc=no @@ -4075,16 +4650,20 @@ : else cat >conftest.$ac_ext <<_ACEOF -#line $LINENO "configure" -#include "confdefs.h" +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ #include #if ((' ' & 0x0FF) == 0x020) # define ISLOWER(c) ('a' <= (c) && (c) <= 'z') # define TOUPPER(c) (ISLOWER(c) ? 'A' + ((c) - 'a') : (c)) #else -# define ISLOWER(c) (('a' <= (c) && (c) <= 'i') \ - || ('j' <= (c) && (c) <= 'r') \ - || ('s' <= (c) && (c) <= 'z')) +# define ISLOWER(c) \ + (('a' <= (c) && (c) <= 'i') \ + || ('j' <= (c) && (c) <= 'r') \ + || ('s' <= (c) && (c) <= 'z')) # define TOUPPER(c) (ISLOWER(c) ? ((c) | 0x40) : (c)) #endif @@ -4095,7 +4674,7 @@ int i; for (i = 0; i < 256; i++) if (XOR (islower (i), ISLOWER (i)) - || toupper (i) != TOUPPER (i)) + || toupper (i) != TOUPPER (i)) exit(2); exit (0); } @@ -4115,11 +4694,12 @@ else echo "$as_me: program exited with status $ac_status" >&5 echo "$as_me: failed program was:" >&5 -cat conftest.$ac_ext >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + ( exit $ac_status ) ac_cv_header_stdc=no fi -rm -f core core.* *.core conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext +rm -f core *.core gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext fi fi fi @@ -4144,7 +4724,7 @@ for ac_header in sys/types.h sys/stat.h stdlib.h string.h memory.h strings.h \ - inttypes.h stdint.h unistd.h + inttypes.h stdint.h unistd.h do as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` echo "$as_me:$LINENO: checking for $ac_header" >&5 @@ -4153,19 +4733,31 @@ echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF -#line $LINENO "configure" -#include "confdefs.h" +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ $ac_includes_default #include <$ac_header> _ACEOF rm -f conftest.$ac_objext if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - (eval $ac_compile) 2>&5 + (eval $ac_compile) 2>conftest.er1 ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && - { ac_try='test -s conftest.$ac_objext' + { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest.$ac_objext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? @@ -4174,10 +4766,11 @@ eval "$as_ac_Header=yes" else echo "$as_me: failed program was:" >&5 -cat conftest.$ac_ext >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + eval "$as_ac_Header=no" fi -rm -f conftest.$ac_objext conftest.$ac_ext +rm -f conftest.err conftest.$ac_objext conftest.$ac_ext fi echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5 echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6 @@ -4208,18 +4801,30 @@ echo "$as_me:$LINENO: checking $ac_header usability" >&5 echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6 cat >conftest.$ac_ext <<_ACEOF -#line $LINENO "configure" -#include "confdefs.h" +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ $ac_includes_default #include <$ac_header> _ACEOF rm -f conftest.$ac_objext if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - (eval $ac_compile) 2>&5 + (eval $ac_compile) 2>conftest.er1 ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && - { ac_try='test -s conftest.$ac_objext' + { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest.$ac_objext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? @@ -4228,10 +4833,11 @@ ac_header_compiler=yes else echo "$as_me: failed program was:" >&5 -cat conftest.$ac_ext >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + ac_header_compiler=no fi -rm -f conftest.$ac_objext conftest.$ac_ext +rm -f conftest.err conftest.$ac_objext conftest.$ac_ext echo "$as_me:$LINENO: result: $ac_header_compiler" >&5 echo "${ECHO_T}$ac_header_compiler" >&6 @@ -4239,20 +4845,24 @@ echo "$as_me:$LINENO: checking $ac_header presence" >&5 echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6 cat >conftest.$ac_ext <<_ACEOF -#line $LINENO "configure" -#include "confdefs.h" +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ #include <$ac_header> _ACEOF if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5 (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1 ac_status=$? - egrep -v '^ *\+' conftest.er1 >conftest.err + grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } >/dev/null; then if test -s conftest.err; then ac_cpp_err=$ac_c_preproc_warn_flag + ac_cpp_err=$ac_cpp_err$ac_c_werror_flag else ac_cpp_err= fi @@ -4263,7 +4873,8 @@ ac_header_preproc=yes else echo "$as_me: failed program was:" >&5 - cat conftest.$ac_ext >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + ac_header_preproc=no fi rm -f conftest.err conftest.$ac_ext @@ -4271,26 +4882,43 @@ echo "${ECHO_T}$ac_header_preproc" >&6 # So? What about this header? -case $ac_header_compiler:$ac_header_preproc in - yes:no ) +case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in + yes:no: ) { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5 echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5 -echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;};; - no:yes ) + { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the compiler's result" >&5 +echo "$as_me: WARNING: $ac_header: proceeding with the compiler's result" >&2;} + ac_header_preproc=yes + ;; + no:yes:* ) { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5 echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5 -echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;} + { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5 +echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;} + { echo "$as_me:$LINENO: WARNING: $ac_header: see the Autoconf documentation" >&5 +echo "$as_me: WARNING: $ac_header: see the Autoconf documentation" >&2;} + { echo "$as_me:$LINENO: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&5 +echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&2;} { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5 -echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;};; +echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;} + { echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5 +echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;} + ( + cat <<\_ASBOX +## ------------------------------------------ ## +## Report this to the AC_PACKAGE_NAME lists. ## +## ------------------------------------------ ## +_ASBOX + ) | + sed "s/^/$as_me: WARNING: /" >&2 + ;; esac echo "$as_me:$LINENO: checking for $ac_header" >&5 echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6 if eval "test \"\${$as_ac_Header+set}\" = set"; then echo $ECHO_N "(cached) $ECHO_C" >&6 else - eval "$as_ac_Header=$ac_header_preproc" + eval "$as_ac_Header=\$ac_header_preproc" fi echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5 echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6 @@ -4322,18 +4950,30 @@ echo "$as_me:$LINENO: checking $ac_header usability" >&5 echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6 cat >conftest.$ac_ext <<_ACEOF -#line $LINENO "configure" -#include "confdefs.h" +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ $ac_includes_default #include <$ac_header> _ACEOF rm -f conftest.$ac_objext if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - (eval $ac_compile) 2>&5 + (eval $ac_compile) 2>conftest.er1 ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && - { ac_try='test -s conftest.$ac_objext' + { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest.$ac_objext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? @@ -4342,10 +4982,11 @@ ac_header_compiler=yes else echo "$as_me: failed program was:" >&5 -cat conftest.$ac_ext >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + ac_header_compiler=no fi -rm -f conftest.$ac_objext conftest.$ac_ext +rm -f conftest.err conftest.$ac_objext conftest.$ac_ext echo "$as_me:$LINENO: result: $ac_header_compiler" >&5 echo "${ECHO_T}$ac_header_compiler" >&6 @@ -4353,20 +4994,24 @@ echo "$as_me:$LINENO: checking $ac_header presence" >&5 echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6 cat >conftest.$ac_ext <<_ACEOF -#line $LINENO "configure" -#include "confdefs.h" +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ #include <$ac_header> _ACEOF if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5 (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1 ac_status=$? - egrep -v '^ *\+' conftest.er1 >conftest.err + grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } >/dev/null; then if test -s conftest.err; then ac_cpp_err=$ac_c_preproc_warn_flag + ac_cpp_err=$ac_cpp_err$ac_c_werror_flag else ac_cpp_err= fi @@ -4377,7 +5022,8 @@ ac_header_preproc=yes else echo "$as_me: failed program was:" >&5 - cat conftest.$ac_ext >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + ac_header_preproc=no fi rm -f conftest.err conftest.$ac_ext @@ -4385,26 +5031,43 @@ echo "${ECHO_T}$ac_header_preproc" >&6 # So? What about this header? -case $ac_header_compiler:$ac_header_preproc in - yes:no ) +case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in + yes:no: ) { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5 echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5 -echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;};; - no:yes ) + { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the compiler's result" >&5 +echo "$as_me: WARNING: $ac_header: proceeding with the compiler's result" >&2;} + ac_header_preproc=yes + ;; + no:yes:* ) { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5 echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5 -echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;} + { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5 +echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;} + { echo "$as_me:$LINENO: WARNING: $ac_header: see the Autoconf documentation" >&5 +echo "$as_me: WARNING: $ac_header: see the Autoconf documentation" >&2;} + { echo "$as_me:$LINENO: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&5 +echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&2;} { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5 -echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;};; +echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;} + { echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5 +echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;} + ( + cat <<\_ASBOX +## ------------------------------------------ ## +## Report this to the AC_PACKAGE_NAME lists. ## +## ------------------------------------------ ## +_ASBOX + ) | + sed "s/^/$as_me: WARNING: /" >&2 + ;; esac echo "$as_me:$LINENO: checking for $ac_header" >&5 echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6 if eval "test \"\${$as_ac_Header+set}\" = set"; then echo $ECHO_N "(cached) $ECHO_C" >&6 else - eval "$as_ac_Header=$ac_header_preproc" + eval "$as_ac_Header=\$ac_header_preproc" fi echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5 echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6 @@ -4436,18 +5099,30 @@ echo "$as_me:$LINENO: checking $ac_header usability" >&5 echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6 cat >conftest.$ac_ext <<_ACEOF -#line $LINENO "configure" -#include "confdefs.h" +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ $ac_includes_default #include <$ac_header> _ACEOF rm -f conftest.$ac_objext if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - (eval $ac_compile) 2>&5 + (eval $ac_compile) 2>conftest.er1 ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && - { ac_try='test -s conftest.$ac_objext' + { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest.$ac_objext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? @@ -4456,10 +5131,11 @@ ac_header_compiler=yes else echo "$as_me: failed program was:" >&5 -cat conftest.$ac_ext >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + ac_header_compiler=no fi -rm -f conftest.$ac_objext conftest.$ac_ext +rm -f conftest.err conftest.$ac_objext conftest.$ac_ext echo "$as_me:$LINENO: result: $ac_header_compiler" >&5 echo "${ECHO_T}$ac_header_compiler" >&6 @@ -4467,20 +5143,24 @@ echo "$as_me:$LINENO: checking $ac_header presence" >&5 echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6 cat >conftest.$ac_ext <<_ACEOF -#line $LINENO "configure" -#include "confdefs.h" +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ #include <$ac_header> _ACEOF if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5 (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1 ac_status=$? - egrep -v '^ *\+' conftest.er1 >conftest.err + grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } >/dev/null; then if test -s conftest.err; then ac_cpp_err=$ac_c_preproc_warn_flag + ac_cpp_err=$ac_cpp_err$ac_c_werror_flag else ac_cpp_err= fi @@ -4491,7 +5171,8 @@ ac_header_preproc=yes else echo "$as_me: failed program was:" >&5 - cat conftest.$ac_ext >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + ac_header_preproc=no fi rm -f conftest.err conftest.$ac_ext @@ -4499,26 +5180,43 @@ echo "${ECHO_T}$ac_header_preproc" >&6 # So? What about this header? -case $ac_header_compiler:$ac_header_preproc in - yes:no ) +case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in + yes:no: ) { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5 echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5 -echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;};; - no:yes ) + { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the compiler's result" >&5 +echo "$as_me: WARNING: $ac_header: proceeding with the compiler's result" >&2;} + ac_header_preproc=yes + ;; + no:yes:* ) { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5 echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5 -echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;} + { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5 +echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;} + { echo "$as_me:$LINENO: WARNING: $ac_header: see the Autoconf documentation" >&5 +echo "$as_me: WARNING: $ac_header: see the Autoconf documentation" >&2;} + { echo "$as_me:$LINENO: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&5 +echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&2;} { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5 -echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;};; +echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;} + { echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5 +echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;} + ( + cat <<\_ASBOX +## ------------------------------------------ ## +## Report this to the AC_PACKAGE_NAME lists. ## +## ------------------------------------------ ## +_ASBOX + ) | + sed "s/^/$as_me: WARNING: /" >&2 + ;; esac echo "$as_me:$LINENO: checking for $ac_header" >&5 echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6 if eval "test \"\${$as_ac_Header+set}\" = set"; then echo $ECHO_N "(cached) $ECHO_C" >&6 else - eval "$as_ac_Header=$ac_header_preproc" + eval "$as_ac_Header=\$ac_header_preproc" fi echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5 echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6 @@ -4550,18 +5248,30 @@ echo "$as_me:$LINENO: checking $ac_header usability" >&5 echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6 cat >conftest.$ac_ext <<_ACEOF -#line $LINENO "configure" -#include "confdefs.h" +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ $ac_includes_default #include <$ac_header> _ACEOF rm -f conftest.$ac_objext if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - (eval $ac_compile) 2>&5 + (eval $ac_compile) 2>conftest.er1 ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && - { ac_try='test -s conftest.$ac_objext' + { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest.$ac_objext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? @@ -4570,10 +5280,11 @@ ac_header_compiler=yes else echo "$as_me: failed program was:" >&5 -cat conftest.$ac_ext >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + ac_header_compiler=no fi -rm -f conftest.$ac_objext conftest.$ac_ext +rm -f conftest.err conftest.$ac_objext conftest.$ac_ext echo "$as_me:$LINENO: result: $ac_header_compiler" >&5 echo "${ECHO_T}$ac_header_compiler" >&6 @@ -4581,20 +5292,24 @@ echo "$as_me:$LINENO: checking $ac_header presence" >&5 echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6 cat >conftest.$ac_ext <<_ACEOF -#line $LINENO "configure" -#include "confdefs.h" +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ #include <$ac_header> _ACEOF if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5 (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1 ac_status=$? - egrep -v '^ *\+' conftest.er1 >conftest.err + grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } >/dev/null; then if test -s conftest.err; then ac_cpp_err=$ac_c_preproc_warn_flag + ac_cpp_err=$ac_cpp_err$ac_c_werror_flag else ac_cpp_err= fi @@ -4605,7 +5320,8 @@ ac_header_preproc=yes else echo "$as_me: failed program was:" >&5 - cat conftest.$ac_ext >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + ac_header_preproc=no fi rm -f conftest.err conftest.$ac_ext @@ -4613,26 +5329,43 @@ echo "${ECHO_T}$ac_header_preproc" >&6 # So? What about this header? -case $ac_header_compiler:$ac_header_preproc in - yes:no ) +case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in + yes:no: ) { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5 echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5 -echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;};; - no:yes ) + { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the compiler's result" >&5 +echo "$as_me: WARNING: $ac_header: proceeding with the compiler's result" >&2;} + ac_header_preproc=yes + ;; + no:yes:* ) { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5 echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5 -echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;} + { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5 +echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;} + { echo "$as_me:$LINENO: WARNING: $ac_header: see the Autoconf documentation" >&5 +echo "$as_me: WARNING: $ac_header: see the Autoconf documentation" >&2;} + { echo "$as_me:$LINENO: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&5 +echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&2;} { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5 -echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;};; +echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;} + { echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5 +echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;} + ( + cat <<\_ASBOX +## ------------------------------------------ ## +## Report this to the AC_PACKAGE_NAME lists. ## +## ------------------------------------------ ## +_ASBOX + ) | + sed "s/^/$as_me: WARNING: /" >&2 + ;; esac echo "$as_me:$LINENO: checking for $ac_header" >&5 echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6 if eval "test \"\${$as_ac_Header+set}\" = set"; then echo $ECHO_N "(cached) $ECHO_C" >&6 else - eval "$as_ac_Header=$ac_header_preproc" + eval "$as_ac_Header=\$ac_header_preproc" fi echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5 echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6 @@ -4664,18 +5397,30 @@ echo "$as_me:$LINENO: checking $ac_header usability" >&5 echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6 cat >conftest.$ac_ext <<_ACEOF -#line $LINENO "configure" -#include "confdefs.h" +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ $ac_includes_default #include <$ac_header> _ACEOF rm -f conftest.$ac_objext if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - (eval $ac_compile) 2>&5 + (eval $ac_compile) 2>conftest.er1 ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && - { ac_try='test -s conftest.$ac_objext' + { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest.$ac_objext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? @@ -4684,10 +5429,11 @@ ac_header_compiler=yes else echo "$as_me: failed program was:" >&5 -cat conftest.$ac_ext >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + ac_header_compiler=no fi -rm -f conftest.$ac_objext conftest.$ac_ext +rm -f conftest.err conftest.$ac_objext conftest.$ac_ext echo "$as_me:$LINENO: result: $ac_header_compiler" >&5 echo "${ECHO_T}$ac_header_compiler" >&6 @@ -4695,20 +5441,24 @@ echo "$as_me:$LINENO: checking $ac_header presence" >&5 echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6 cat >conftest.$ac_ext <<_ACEOF -#line $LINENO "configure" -#include "confdefs.h" +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ #include <$ac_header> _ACEOF if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5 (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1 ac_status=$? - egrep -v '^ *\+' conftest.er1 >conftest.err + grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } >/dev/null; then if test -s conftest.err; then ac_cpp_err=$ac_c_preproc_warn_flag + ac_cpp_err=$ac_cpp_err$ac_c_werror_flag else ac_cpp_err= fi @@ -4719,7 +5469,8 @@ ac_header_preproc=yes else echo "$as_me: failed program was:" >&5 - cat conftest.$ac_ext >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + ac_header_preproc=no fi rm -f conftest.err conftest.$ac_ext @@ -4727,26 +5478,43 @@ echo "${ECHO_T}$ac_header_preproc" >&6 # So? What about this header? -case $ac_header_compiler:$ac_header_preproc in - yes:no ) +case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in + yes:no: ) { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5 echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5 -echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;};; - no:yes ) + { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the compiler's result" >&5 +echo "$as_me: WARNING: $ac_header: proceeding with the compiler's result" >&2;} + ac_header_preproc=yes + ;; + no:yes:* ) { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5 echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5 -echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;} + { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5 +echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;} + { echo "$as_me:$LINENO: WARNING: $ac_header: see the Autoconf documentation" >&5 +echo "$as_me: WARNING: $ac_header: see the Autoconf documentation" >&2;} + { echo "$as_me:$LINENO: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&5 +echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&2;} { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5 -echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;};; +echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;} + { echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5 +echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;} + ( + cat <<\_ASBOX +## ------------------------------------------ ## +## Report this to the AC_PACKAGE_NAME lists. ## +## ------------------------------------------ ## +_ASBOX + ) | + sed "s/^/$as_me: WARNING: /" >&2 + ;; esac echo "$as_me:$LINENO: checking for $ac_header" >&5 echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6 if eval "test \"\${$as_ac_Header+set}\" = set"; then echo $ECHO_N "(cached) $ECHO_C" >&6 else - eval "$as_ac_Header=$ac_header_preproc" + eval "$as_ac_Header=\$ac_header_preproc" fi echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5 echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6 @@ -4778,18 +5546,30 @@ echo "$as_me:$LINENO: checking $ac_header usability" >&5 echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6 cat >conftest.$ac_ext <<_ACEOF -#line $LINENO "configure" -#include "confdefs.h" +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ $ac_includes_default #include <$ac_header> _ACEOF rm -f conftest.$ac_objext if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - (eval $ac_compile) 2>&5 + (eval $ac_compile) 2>conftest.er1 ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && - { ac_try='test -s conftest.$ac_objext' + { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest.$ac_objext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? @@ -4798,10 +5578,11 @@ ac_header_compiler=yes else echo "$as_me: failed program was:" >&5 -cat conftest.$ac_ext >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + ac_header_compiler=no fi -rm -f conftest.$ac_objext conftest.$ac_ext +rm -f conftest.err conftest.$ac_objext conftest.$ac_ext echo "$as_me:$LINENO: result: $ac_header_compiler" >&5 echo "${ECHO_T}$ac_header_compiler" >&6 @@ -4809,20 +5590,24 @@ echo "$as_me:$LINENO: checking $ac_header presence" >&5 echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6 cat >conftest.$ac_ext <<_ACEOF -#line $LINENO "configure" -#include "confdefs.h" +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ #include <$ac_header> _ACEOF if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5 (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1 ac_status=$? - egrep -v '^ *\+' conftest.er1 >conftest.err + grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } >/dev/null; then if test -s conftest.err; then ac_cpp_err=$ac_c_preproc_warn_flag + ac_cpp_err=$ac_cpp_err$ac_c_werror_flag else ac_cpp_err= fi @@ -4833,7 +5618,8 @@ ac_header_preproc=yes else echo "$as_me: failed program was:" >&5 - cat conftest.$ac_ext >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + ac_header_preproc=no fi rm -f conftest.err conftest.$ac_ext @@ -4841,26 +5627,43 @@ echo "${ECHO_T}$ac_header_preproc" >&6 # So? What about this header? -case $ac_header_compiler:$ac_header_preproc in - yes:no ) +case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in + yes:no: ) { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5 echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5 -echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;};; - no:yes ) + { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the compiler's result" >&5 +echo "$as_me: WARNING: $ac_header: proceeding with the compiler's result" >&2;} + ac_header_preproc=yes + ;; + no:yes:* ) { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5 echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5 -echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;} + { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5 +echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;} + { echo "$as_me:$LINENO: WARNING: $ac_header: see the Autoconf documentation" >&5 +echo "$as_me: WARNING: $ac_header: see the Autoconf documentation" >&2;} + { echo "$as_me:$LINENO: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&5 +echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&2;} { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5 -echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;};; +echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;} + { echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5 +echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;} + ( + cat <<\_ASBOX +## ------------------------------------------ ## +## Report this to the AC_PACKAGE_NAME lists. ## +## ------------------------------------------ ## +_ASBOX + ) | + sed "s/^/$as_me: WARNING: /" >&2 + ;; esac echo "$as_me:$LINENO: checking for $ac_header" >&5 echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6 if eval "test \"\${$as_ac_Header+set}\" = set"; then echo $ECHO_N "(cached) $ECHO_C" >&6 else - eval "$as_ac_Header=$ac_header_preproc" + eval "$as_ac_Header=\$ac_header_preproc" fi echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5 echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6 @@ -4886,8 +5689,11 @@ ac_check_lib_save_LIBS=$LIBS LIBS="-lnsl $LIBS" cat >conftest.$ac_ext <<_ACEOF -#line $LINENO "configure" -#include "confdefs.h" +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ /* Override any gcc2 internal prototype to avoid an error. */ #ifdef __cplusplus @@ -4896,12 +5702,6 @@ /* We use char because int might match the return type of a gcc2 builtin and then its argument prototype would still apply. */ char inet_ntoa (); -#ifdef F77_DUMMY_MAIN -# ifdef __cplusplus - extern "C" -# endif - int F77_DUMMY_MAIN() { return 1; } -#endif int main () { @@ -4912,11 +5712,20 @@ _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 - (eval $ac_link) 2>&5 + (eval $ac_link) 2>conftest.er1 ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && - { ac_try='test -s conftest$ac_exeext' + { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest$ac_exeext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? @@ -4925,10 +5734,12 @@ ac_cv_lib_nsl_inet_ntoa=yes else echo "$as_me: failed program was:" >&5 -cat conftest.$ac_ext >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + ac_cv_lib_nsl_inet_ntoa=no fi -rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext +rm -f conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS fi echo "$as_me:$LINENO: result: $ac_cv_lib_nsl_inet_ntoa" >&5 @@ -4954,8 +5765,11 @@ ac_check_lib_save_LIBS=$LIBS LIBS="-lsocket $LIBS" cat >conftest.$ac_ext <<_ACEOF -#line $LINENO "configure" -#include "confdefs.h" +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ /* Override any gcc2 internal prototype to avoid an error. */ #ifdef __cplusplus @@ -4964,12 +5778,6 @@ /* We use char because int might match the return type of a gcc2 builtin and then its argument prototype would still apply. */ char socket (); -#ifdef F77_DUMMY_MAIN -# ifdef __cplusplus - extern "C" -# endif - int F77_DUMMY_MAIN() { return 1; } -#endif int main () { @@ -4980,11 +5788,20 @@ _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 - (eval $ac_link) 2>&5 + (eval $ac_link) 2>conftest.er1 ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && - { ac_try='test -s conftest$ac_exeext' + { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest$ac_exeext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? @@ -4993,10 +5810,12 @@ ac_cv_lib_socket_socket=yes else echo "$as_me: failed program was:" >&5 -cat conftest.$ac_ext >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + ac_cv_lib_socket_socket=no fi -rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext +rm -f conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS fi echo "$as_me:$LINENO: result: $ac_cv_lib_socket_socket" >&5 @@ -5027,49 +5846,72 @@ echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF -#line $LINENO "configure" -#include "confdefs.h" +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ +/* Define $ac_func to an innocuous variant, in case declares $ac_func. + For example, HP-UX 11i declares gettimeofday. */ +#define $ac_func innocuous_$ac_func + /* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func (); below. */ -#include + which can conflict with char $ac_func (); below. + Prefer to if __STDC__ is defined, since + exists even on freestanding compilers. */ + +#ifdef __STDC__ +# include +#else +# include +#endif + +#undef $ac_func + /* Override any gcc2 internal prototype to avoid an error. */ #ifdef __cplusplus extern "C" +{ #endif /* We use char because int might match the return type of a gcc2 builtin and then its argument prototype would still apply. */ char $ac_func (); -char (*f) (); - -#ifdef F77_DUMMY_MAIN -# ifdef __cplusplus - extern "C" -# endif - int F77_DUMMY_MAIN() { return 1; } -#endif -int -main () -{ /* The GNU C library defines this for functions which it implements to always fail with ENOSYS. Some functions are actually named something starting with __ and the normal name is an alias. */ #if defined (__stub_$ac_func) || defined (__stub___$ac_func) choke me #else -f = $ac_func; +char (*f) () = $ac_func; +#endif +#ifdef __cplusplus +} #endif +int +main () +{ +return f != $ac_func; ; return 0; } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 - (eval $ac_link) 2>&5 + (eval $ac_link) 2>conftest.er1 ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && - { ac_try='test -s conftest$ac_exeext' + { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest$ac_exeext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? @@ -5078,10 +5920,12 @@ eval "$as_ac_var=yes" else echo "$as_me: failed program was:" >&5 -cat conftest.$ac_ext >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + eval "$as_ac_var=no" fi -rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext +rm -f conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext fi echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_var'}'`" >&5 echo "${ECHO_T}`eval echo '${'$as_ac_var'}'`" >&6 @@ -5105,49 +5949,72 @@ echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF -#line $LINENO "configure" -#include "confdefs.h" +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ +/* Define $ac_func to an innocuous variant, in case declares $ac_func. + For example, HP-UX 11i declares gettimeofday. */ +#define $ac_func innocuous_$ac_func + /* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func (); below. */ -#include + which can conflict with char $ac_func (); below. + Prefer to if __STDC__ is defined, since + exists even on freestanding compilers. */ + +#ifdef __STDC__ +# include +#else +# include +#endif + +#undef $ac_func + /* Override any gcc2 internal prototype to avoid an error. */ #ifdef __cplusplus extern "C" +{ #endif /* We use char because int might match the return type of a gcc2 builtin and then its argument prototype would still apply. */ char $ac_func (); -char (*f) (); - -#ifdef F77_DUMMY_MAIN -# ifdef __cplusplus - extern "C" -# endif - int F77_DUMMY_MAIN() { return 1; } -#endif -int -main () -{ /* The GNU C library defines this for functions which it implements to always fail with ENOSYS. Some functions are actually named something starting with __ and the normal name is an alias. */ #if defined (__stub_$ac_func) || defined (__stub___$ac_func) choke me #else -f = $ac_func; +char (*f) () = $ac_func; +#endif +#ifdef __cplusplus +} #endif +int +main () +{ +return f != $ac_func; ; return 0; } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 - (eval $ac_link) 2>&5 + (eval $ac_link) 2>conftest.er1 ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && - { ac_try='test -s conftest$ac_exeext' + { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest$ac_exeext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? @@ -5156,10 +6023,12 @@ eval "$as_ac_var=yes" else echo "$as_me: failed program was:" >&5 -cat conftest.$ac_ext >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + eval "$as_ac_var=no" fi -rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext +rm -f conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext fi echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_var'}'`" >&5 echo "${ECHO_T}`eval echo '${'$as_ac_var'}'`" >&6 @@ -5202,8 +6071,11 @@ echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF -#line $LINENO "configure" -#include "confdefs.h" +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ #include #ifdef HAVE_STRING_H @@ -5222,12 +6094,6 @@ #include #include -#ifdef F77_DUMMY_MAIN -# ifdef __cplusplus - extern "C" -# endif - int F77_DUMMY_MAIN() { return 1; } -#endif int main () { @@ -5238,11 +6104,20 @@ _ACEOF rm -f conftest.$ac_objext if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - (eval $ac_compile) 2>&5 + (eval $ac_compile) 2>conftest.er1 ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && - { ac_try='test -s conftest.$ac_objext' + { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest.$ac_objext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? @@ -5251,10 +6126,11 @@ eval "sn_cv_decl_needed_$sn_decl=no" else echo "$as_me: failed program was:" >&5 -cat conftest.$ac_ext >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + eval "sn_cv_decl_needed_$sn_decl=yes" fi -rm -f conftest.$ac_objext conftest.$ac_ext +rm -f conftest.err conftest.$ac_objext conftest.$ac_ext fi @@ -5286,49 +6162,72 @@ echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF -#line $LINENO "configure" -#include "confdefs.h" +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ +/* Define $ac_func to an innocuous variant, in case declares $ac_func. + For example, HP-UX 11i declares gettimeofday. */ +#define $ac_func innocuous_$ac_func + /* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func (); below. */ -#include + which can conflict with char $ac_func (); below. + Prefer to if __STDC__ is defined, since + exists even on freestanding compilers. */ + +#ifdef __STDC__ +# include +#else +# include +#endif + +#undef $ac_func + /* Override any gcc2 internal prototype to avoid an error. */ #ifdef __cplusplus extern "C" +{ #endif /* We use char because int might match the return type of a gcc2 - builtin and then its argument prototype would still apply. */ -char $ac_func (); -char (*f) (); - -#ifdef F77_DUMMY_MAIN -# ifdef __cplusplus - extern "C" -# endif - int F77_DUMMY_MAIN() { return 1; } -#endif -int -main () -{ + builtin and then its argument prototype would still apply. */ +char $ac_func (); /* The GNU C library defines this for functions which it implements to always fail with ENOSYS. Some functions are actually named something starting with __ and the normal name is an alias. */ #if defined (__stub_$ac_func) || defined (__stub___$ac_func) choke me #else -f = $ac_func; +char (*f) () = $ac_func; +#endif +#ifdef __cplusplus +} #endif +int +main () +{ +return f != $ac_func; ; return 0; } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 - (eval $ac_link) 2>&5 + (eval $ac_link) 2>conftest.er1 ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && - { ac_try='test -s conftest$ac_exeext' + { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest$ac_exeext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? @@ -5337,10 +6236,12 @@ eval "$as_ac_var=yes" else echo "$as_me: failed program was:" >&5 -cat conftest.$ac_ext >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + eval "$as_ac_var=no" fi -rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext +rm -f conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext fi echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_var'}'`" >&5 echo "${ECHO_T}`eval echo '${'$as_ac_var'}'`" >&6 @@ -5362,49 +6263,72 @@ echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF -#line $LINENO "configure" -#include "confdefs.h" +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ +/* Define $ac_func to an innocuous variant, in case declares $ac_func. + For example, HP-UX 11i declares gettimeofday. */ +#define $ac_func innocuous_$ac_func + /* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func (); below. */ -#include + which can conflict with char $ac_func (); below. + Prefer to if __STDC__ is defined, since + exists even on freestanding compilers. */ + +#ifdef __STDC__ +# include +#else +# include +#endif + +#undef $ac_func + /* Override any gcc2 internal prototype to avoid an error. */ #ifdef __cplusplus extern "C" +{ #endif /* We use char because int might match the return type of a gcc2 builtin and then its argument prototype would still apply. */ char $ac_func (); -char (*f) (); - -#ifdef F77_DUMMY_MAIN -# ifdef __cplusplus - extern "C" -# endif - int F77_DUMMY_MAIN() { return 1; } -#endif -int -main () -{ /* The GNU C library defines this for functions which it implements to always fail with ENOSYS. Some functions are actually named something starting with __ and the normal name is an alias. */ #if defined (__stub_$ac_func) || defined (__stub___$ac_func) choke me #else -f = $ac_func; +char (*f) () = $ac_func; +#endif +#ifdef __cplusplus +} #endif +int +main () +{ +return f != $ac_func; ; return 0; } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 - (eval $ac_link) 2>&5 + (eval $ac_link) 2>conftest.er1 ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && - { ac_try='test -s conftest$ac_exeext' + { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest$ac_exeext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? @@ -5413,10 +6337,12 @@ eval "$as_ac_var=yes" else echo "$as_me: failed program was:" >&5 -cat conftest.$ac_ext >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + eval "$as_ac_var=no" fi -rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext +rm -f conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext fi echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_var'}'`" >&5 echo "${ECHO_T}`eval echo '${'$as_ac_var'}'`" >&6 @@ -5438,49 +6364,72 @@ echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF -#line $LINENO "configure" -#include "confdefs.h" +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ +/* Define $ac_func to an innocuous variant, in case declares $ac_func. + For example, HP-UX 11i declares gettimeofday. */ +#define $ac_func innocuous_$ac_func + /* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func (); below. */ -#include + which can conflict with char $ac_func (); below. + Prefer to if __STDC__ is defined, since + exists even on freestanding compilers. */ + +#ifdef __STDC__ +# include +#else +# include +#endif + +#undef $ac_func + /* Override any gcc2 internal prototype to avoid an error. */ #ifdef __cplusplus extern "C" +{ #endif /* We use char because int might match the return type of a gcc2 builtin and then its argument prototype would still apply. */ char $ac_func (); -char (*f) (); - -#ifdef F77_DUMMY_MAIN -# ifdef __cplusplus - extern "C" -# endif - int F77_DUMMY_MAIN() { return 1; } -#endif -int -main () -{ /* The GNU C library defines this for functions which it implements to always fail with ENOSYS. Some functions are actually named something starting with __ and the normal name is an alias. */ #if defined (__stub_$ac_func) || defined (__stub___$ac_func) choke me #else -f = $ac_func; +char (*f) () = $ac_func; +#endif +#ifdef __cplusplus +} #endif +int +main () +{ +return f != $ac_func; ; return 0; } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 - (eval $ac_link) 2>&5 + (eval $ac_link) 2>conftest.er1 ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && - { ac_try='test -s conftest$ac_exeext' + { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest$ac_exeext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? @@ -5489,10 +6438,12 @@ eval "$as_ac_var=yes" else echo "$as_me: failed program was:" >&5 -cat conftest.$ac_ext >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + eval "$as_ac_var=no" fi -rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext +rm -f conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext fi echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_var'}'`" >&5 echo "${ECHO_T}`eval echo '${'$as_ac_var'}'`" >&6 @@ -5514,49 +6465,72 @@ echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF -#line $LINENO "configure" -#include "confdefs.h" +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ +/* Define $ac_func to an innocuous variant, in case declares $ac_func. + For example, HP-UX 11i declares gettimeofday. */ +#define $ac_func innocuous_$ac_func + /* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func (); below. */ -#include + which can conflict with char $ac_func (); below. + Prefer to if __STDC__ is defined, since + exists even on freestanding compilers. */ + +#ifdef __STDC__ +# include +#else +# include +#endif + +#undef $ac_func + /* Override any gcc2 internal prototype to avoid an error. */ #ifdef __cplusplus extern "C" +{ #endif /* We use char because int might match the return type of a gcc2 builtin and then its argument prototype would still apply. */ char $ac_func (); -char (*f) (); - -#ifdef F77_DUMMY_MAIN -# ifdef __cplusplus - extern "C" -# endif - int F77_DUMMY_MAIN() { return 1; } -#endif -int -main () -{ /* The GNU C library defines this for functions which it implements to always fail with ENOSYS. Some functions are actually named something starting with __ and the normal name is an alias. */ #if defined (__stub_$ac_func) || defined (__stub___$ac_func) choke me #else -f = $ac_func; +char (*f) () = $ac_func; +#endif +#ifdef __cplusplus +} #endif +int +main () +{ +return f != $ac_func; ; return 0; } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 - (eval $ac_link) 2>&5 + (eval $ac_link) 2>conftest.er1 ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && - { ac_try='test -s conftest$ac_exeext' + { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest$ac_exeext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? @@ -5565,10 +6539,12 @@ eval "$as_ac_var=yes" else echo "$as_me: failed program was:" >&5 -cat conftest.$ac_ext >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + eval "$as_ac_var=no" fi -rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext +rm -f conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext fi echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_var'}'`" >&5 echo "${ECHO_T}`eval echo '${'$as_ac_var'}'`" >&6 @@ -5582,17 +6558,14 @@ cat >conftest.$ac_ext <<_ACEOF -#line $LINENO "configure" -#include "confdefs.h" +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ #include -#ifdef F77_DUMMY_MAIN -# ifdef __cplusplus - extern "C" -# endif - int F77_DUMMY_MAIN() { return 1; } -#endif int main () { @@ -5603,11 +6576,20 @@ _ACEOF rm -f conftest.$ac_objext if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - (eval $ac_compile) 2>&5 + (eval $ac_compile) 2>conftest.er1 ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && - { ac_try='test -s conftest.$ac_objext' + { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest.$ac_objext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? @@ -5620,24 +6602,22 @@ else echo "$as_me: failed program was:" >&5 -cat conftest.$ac_ext >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + fi -rm -f conftest.$ac_objext conftest.$ac_ext +rm -f conftest.err conftest.$ac_objext conftest.$ac_ext echo "$as_me:$LINENO: checking for __FUNCTION__" >&5 echo $ECHO_N "checking for __FUNCTION__... $ECHO_C" >&6 cat >conftest.$ac_ext <<_ACEOF -#line $LINENO "configure" -#include "confdefs.h" +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ #include -#ifdef F77_DUMMY_MAIN -# ifdef __cplusplus - extern "C" -# endif - int F77_DUMMY_MAIN() { return 1; } -#endif int main () { @@ -5648,11 +6628,20 @@ _ACEOF rm -f conftest.$ac_objext if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - (eval $ac_compile) 2>&5 + (eval $ac_compile) 2>conftest.er1 ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && - { ac_try='test -s conftest.$ac_objext' + { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest.$ac_objext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? @@ -5661,10 +6650,11 @@ sn_cv_have___FUNCTION__=yes else echo "$as_me: failed program was:" >&5 -cat conftest.$ac_ext >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + sn_cv__have___FUNCTION__=no fi -rm -f conftest.$ac_objext conftest.$ac_ext +rm -f conftest.err conftest.$ac_objext conftest.$ac_ext if test "x$sn_cv_have___FUNCTION__" = "xyes"; then echo "$as_me:$LINENO: result: yes" >&5 echo "${ECHO_T}yes" >&6 @@ -5679,17 +6669,14 @@ echo "$as_me:$LINENO: checking for __func__" >&5 echo $ECHO_N "checking for __func__... $ECHO_C" >&6 cat >conftest.$ac_ext <<_ACEOF -#line $LINENO "configure" -#include "confdefs.h" +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ #include -#ifdef F77_DUMMY_MAIN -# ifdef __cplusplus - extern "C" -# endif - int F77_DUMMY_MAIN() { return 1; } -#endif int main () { @@ -5700,11 +6687,20 @@ _ACEOF rm -f conftest.$ac_objext if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - (eval $ac_compile) 2>&5 + (eval $ac_compile) 2>conftest.er1 ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && - { ac_try='test -s conftest.$ac_objext' + { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest.$ac_objext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? @@ -5713,10 +6709,11 @@ sn_cv_have___func__=yes else echo "$as_me: failed program was:" >&5 -cat conftest.$ac_ext >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + sn_cv__have___func__=no fi -rm -f conftest.$ac_objext conftest.$ac_ext +rm -f conftest.err conftest.$ac_objext conftest.$ac_ext if test "x$sn_cv_have___func__" = "xyes"; then echo "$as_me:$LINENO: result: yes" >&5 echo "${ECHO_T}yes" >&6 @@ -5777,8 +6774,11 @@ ac_check_lib_save_LIBS=$LIBS LIBS="-lm $LIBS" cat >conftest.$ac_ext <<_ACEOF -#line $LINENO "configure" -#include "confdefs.h" +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ /* Override any gcc2 internal prototype to avoid an error. */ #ifdef __cplusplus @@ -5787,12 +6787,6 @@ /* We use char because int might match the return type of a gcc2 builtin and then its argument prototype would still apply. */ char floor (); -#ifdef F77_DUMMY_MAIN -# ifdef __cplusplus - extern "C" -# endif - int F77_DUMMY_MAIN() { return 1; } -#endif int main () { @@ -5803,11 +6797,20 @@ _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 - (eval $ac_link) 2>&5 + (eval $ac_link) 2>conftest.er1 ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && - { ac_try='test -s conftest$ac_exeext' + { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest$ac_exeext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? @@ -5816,10 +6819,12 @@ ac_cv_lib_m_floor=yes else echo "$as_me: failed program was:" >&5 -cat conftest.$ac_ext >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + ac_cv_lib_m_floor=no fi -rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext +rm -f conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS fi echo "$as_me:$LINENO: result: $ac_cv_lib_m_floor" >&5 @@ -5844,8 +6849,11 @@ ac_check_lib_save_LIBS=$LIBS LIBS="-lpcap $LIBS" cat >conftest.$ac_ext <<_ACEOF -#line $LINENO "configure" -#include "confdefs.h" +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ /* Override any gcc2 internal prototype to avoid an error. */ #ifdef __cplusplus @@ -5854,12 +6862,6 @@ /* We use char because int might match the return type of a gcc2 builtin and then its argument prototype would still apply. */ char pcap_datalink (); -#ifdef F77_DUMMY_MAIN -# ifdef __cplusplus - extern "C" -# endif - int F77_DUMMY_MAIN() { return 1; } -#endif int main () { @@ -5870,11 +6872,20 @@ _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 - (eval $ac_link) 2>&5 + (eval $ac_link) 2>conftest.er1 ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && - { ac_try='test -s conftest$ac_exeext' + { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest$ac_exeext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? @@ -5883,10 +6894,12 @@ ac_cv_lib_pcap_pcap_datalink=yes else echo "$as_me: failed program was:" >&5 -cat conftest.$ac_ext >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + ac_cv_lib_pcap_pcap_datalink=no fi -rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext +rm -f conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS fi echo "$as_me:$LINENO: result: $ac_cv_lib_pcap_pcap_datalink" >&5 @@ -5909,7 +6922,7 @@ echo " http://www.tcpdump.org" echo " or use the --with-libpcap-* options, if you have it installed" echo " in unusual place" - exit + exit 1 fi default_directory="/usr /usr/local" @@ -5966,18 +6979,30 @@ echo "$as_me:$LINENO: checking $ac_header usability" >&5 echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6 cat >conftest.$ac_ext <<_ACEOF -#line $LINENO "configure" -#include "confdefs.h" +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ $ac_includes_default #include <$ac_header> _ACEOF rm -f conftest.$ac_objext if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - (eval $ac_compile) 2>&5 + (eval $ac_compile) 2>conftest.er1 ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && - { ac_try='test -s conftest.$ac_objext' + { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest.$ac_objext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? @@ -5986,10 +7011,11 @@ ac_header_compiler=yes else echo "$as_me: failed program was:" >&5 -cat conftest.$ac_ext >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + ac_header_compiler=no fi -rm -f conftest.$ac_objext conftest.$ac_ext +rm -f conftest.err conftest.$ac_objext conftest.$ac_ext echo "$as_me:$LINENO: result: $ac_header_compiler" >&5 echo "${ECHO_T}$ac_header_compiler" >&6 @@ -5997,20 +7023,24 @@ echo "$as_me:$LINENO: checking $ac_header presence" >&5 echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6 cat >conftest.$ac_ext <<_ACEOF -#line $LINENO "configure" -#include "confdefs.h" +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ #include <$ac_header> _ACEOF if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5 (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1 ac_status=$? - egrep -v '^ *\+' conftest.er1 >conftest.err + grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } >/dev/null; then if test -s conftest.err; then ac_cpp_err=$ac_c_preproc_warn_flag + ac_cpp_err=$ac_cpp_err$ac_c_werror_flag else ac_cpp_err= fi @@ -6021,7 +7051,8 @@ ac_header_preproc=yes else echo "$as_me: failed program was:" >&5 - cat conftest.$ac_ext >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + ac_header_preproc=no fi rm -f conftest.err conftest.$ac_ext @@ -6029,26 +7060,43 @@ echo "${ECHO_T}$ac_header_preproc" >&6 # So? What about this header? -case $ac_header_compiler:$ac_header_preproc in - yes:no ) +case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in + yes:no: ) { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5 echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5 -echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;};; - no:yes ) + { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the compiler's result" >&5 +echo "$as_me: WARNING: $ac_header: proceeding with the compiler's result" >&2;} + ac_header_preproc=yes + ;; + no:yes:* ) { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5 echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5 -echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;} + { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5 +echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;} + { echo "$as_me:$LINENO: WARNING: $ac_header: see the Autoconf documentation" >&5 +echo "$as_me: WARNING: $ac_header: see the Autoconf documentation" >&2;} + { echo "$as_me:$LINENO: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&5 +echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&2;} { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5 -echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;};; +echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;} + { echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5 +echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;} + ( + cat <<\_ASBOX +## ------------------------------------------ ## +## Report this to the AC_PACKAGE_NAME lists. ## +## ------------------------------------------ ## +_ASBOX + ) | + sed "s/^/$as_me: WARNING: /" >&2 + ;; esac echo "$as_me:$LINENO: checking for $ac_header" >&5 echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6 if eval "test \"\${$as_ac_Header+set}\" = set"; then echo $ECHO_N "(cached) $ECHO_C" >&6 else - eval "$as_ac_Header=$ac_header_preproc" + eval "$as_ac_Header=\$ac_header_preproc" fi echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5 echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6 @@ -6069,7 +7117,7 @@ echo echo " ERROR! Libpcre header not found, go get it from" echo " http://www.pcre.org" - exit + exit 1 fi # Verify that we have the library @@ -6083,8 +7131,11 @@ ac_check_lib_save_LIBS=$LIBS LIBS="-lpcre $LIBS" cat >conftest.$ac_ext <<_ACEOF -#line $LINENO "configure" -#include "confdefs.h" +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ /* Override any gcc2 internal prototype to avoid an error. */ #ifdef __cplusplus @@ -6093,12 +7144,6 @@ /* We use char because int might match the return type of a gcc2 builtin and then its argument prototype would still apply. */ char pcre_compile (); -#ifdef F77_DUMMY_MAIN -# ifdef __cplusplus - extern "C" -# endif - int F77_DUMMY_MAIN() { return 1; } -#endif int main () { @@ -6109,11 +7154,20 @@ _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 - (eval $ac_link) 2>&5 + (eval $ac_link) 2>conftest.er1 ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && - { ac_try='test -s conftest$ac_exeext' + { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest$ac_exeext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? @@ -6122,10 +7176,12 @@ ac_cv_lib_pcre_pcre_compile=yes else echo "$as_me: failed program was:" >&5 -cat conftest.$ac_ext >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + ac_cv_lib_pcre_pcre_compile=no fi -rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext +rm -f conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS fi echo "$as_me:$LINENO: result: $ac_cv_lib_pcre_pcre_compile" >&5 @@ -6146,7 +7202,7 @@ echo " ERROR! Libpcre library not found, go get it from" echo " http://www.pcre.org" echo - exit + exit 1 fi @@ -6226,7 +7282,7 @@ done echo "**********************************************" echo - exit + exit 1 else echo "$as_me:$LINENO: result: no" >&5 @@ -6257,7 +7313,7 @@ done echo "**********************************************" echo - exit + exit 1 else echo "$as_me:$LINENO: result: no" >&5 @@ -6277,8 +7333,11 @@ ac_check_lib_save_LIBS=$LIBS LIBS="-lz $LIBS" cat >conftest.$ac_ext <<_ACEOF -#line $LINENO "configure" -#include "confdefs.h" +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ /* Override any gcc2 internal prototype to avoid an error. */ #ifdef __cplusplus @@ -6287,12 +7346,6 @@ /* We use char because int might match the return type of a gcc2 builtin and then its argument prototype would still apply. */ char compress (); -#ifdef F77_DUMMY_MAIN -# ifdef __cplusplus - extern "C" -# endif - int F77_DUMMY_MAIN() { return 1; } -#endif int main () { @@ -6303,11 +7356,20 @@ _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 - (eval $ac_link) 2>&5 + (eval $ac_link) 2>conftest.er1 ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && - { ac_try='test -s conftest$ac_exeext' + { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest$ac_exeext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? @@ -6316,10 +7378,12 @@ ac_cv_lib_z_compress=yes else echo "$as_me: failed program was:" >&5 -cat conftest.$ac_ext >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + ac_cv_lib_z_compress=no fi -rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext +rm -f conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS fi echo "$as_me:$LINENO: result: $ac_cv_lib_z_compress" >&5 @@ -6388,7 +7452,7 @@ done echo "**********************************************" echo - exit + exit 1 else echo "$as_me:$LINENO: result: no" >&5 @@ -6418,7 +7482,7 @@ done echo "**********************************************" echo - exit + exit 1 else echo "$as_me:$LINENO: result: no" >&5 @@ -6443,6 +7507,15 @@ with_postgresql=no fi; + +# Check whether --with-pgsql_includes or --without-pgsql_includes was given. +if test "${with_pgsql_includes+set}" = set; then + withval="$with_pgsql_includes" + with_pgsql_includes="$withval" +else + with_pgsql_includes=no +fi; + if test "$with_postgresql" != "no"; then if test "$with_postgresql" = "yes"; then postgresql_directory="$default_directory /usr/local/pgsql /usr/pgsql /usr/local" @@ -6458,23 +7531,42 @@ echo "$as_me:$LINENO: checking for postgresql" >&5 echo $ECHO_N "checking for postgresql... $ECHO_C" >&6 - for i in $postgresql_directory; do - if test -r $i/include/pgsql/libpq-fe.h; then - POSTGRESQL_DIR=$i - POSTGRESQL_INC_DIR=$i/include/pgsql - elif test -r $i/include/libpq-fe.h; then - POSTGRESQL_DIR=$i - POSTGRESQL_INC_DIR=$i/include - elif test -r $i/include/postgresql/libpq-fe.h; then - POSTGRESQL_DIR=$i - POSTGRESQL_INC_DIR=$i/include/postgresql - fi - done + if test "$with_pgsql_includes" != "no"; then + for i in $with_pgsql_includes $postgresql_directory; do + if test -r $i/libpq-fe.h; then + POSTGRESQL_INC_DIR=$i + elif test -r $i/include/pgsql/libpq-fe.h; then + POSTGRESQL_INC_DIR=$i/include/pgsql + elif test -r $i/include/libpq-fe.h; then + POSTGRESQL_INC_DIR=$i/include + elif test -r $i/include/postgresql/libpq-fe.h; then + POSTGRESQL_INC_DIR=$i/include/postgresql + fi + done + fi - if test -z "$POSTGRESQL_DIR"; then + if test -z "$POSTGRESQL_INC_DIR"; then + for i in $postgresql_directory; do + if test -r $i/include/pgsql/libpq-fe.h; then + POSTGRESQL_DIR=$i + POSTGRESQL_INC_DIR=$i/include/pgsql + elif test -r $i/include/libpq-fe.h; then + POSTGRESQL_DIR=$i + POSTGRESQL_INC_DIR=$i/include + elif test -r $i/include/postgresql/libpq-fe.h; then + POSTGRESQL_DIR=$i + POSTGRESQL_INC_DIR=$i/include/postgresql + fi + done + fi + + if test -z "$POSTGRESQL_INC_DIR"; then if test "$postgresql_fail" != "no"; then tmp="" - for i in $postgesql_directory; do + if test "$with_pgsql_includes" != "no"; then + tmp="$tmp $with_pgsql_includes" + fi + for i in $postgresql_directory; do tmp="$tmp $i/include $i/include/pgsql" done @@ -6488,26 +7580,30 @@ done echo "**********************************************" echo - exit + exit 1 else echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 fi - else + fi - for i in lib lib/pgsql; do - str="$POSTGRESQL_DIR/$i/libpq.*" - for j in `echo $str`; do - if test -r $j; then - POSTGRESQL_LIB_DIR="$POSTGRESQL_DIR/$i" - break 2 - fi - done - done + if test -z "$POSTGRESQL_DIR"; then + for dir in $postgresql_directory; do + for i in lib lib/pgsql; do + str="$dir/$i/libpq.*" + for j in `echo $str`; do + if test -r $j; then + POSTGRESQL_LIB_DIR="$dir/$i" + break 2 + fi + done + done + done + fi - if test -z "$POSTGRESQL_LIB_DIR"; then - if test "$postgresql_fail" != "no"; then + if test -z "$POSTGRESQL_LIB_DIR"; then + if test "$postgresql_fail" != "no"; then echo echo @@ -6519,19 +7615,18 @@ done echo "**********************************************" echo - exit + exit 1 - else - echo "$as_me:$LINENO: result: no" >&5 + else + echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6; - fi - else - echo "$as_me:$LINENO: result: yes" >&5 + fi + else + echo "$as_me:$LINENO: result: yes" >&5 echo "${ECHO_T}yes" >&6 - LDFLAGS="${LDFLAGS} -L${POSTGRESQL_LIB_DIR}" - CPPFLAGS="${CPPFLAGS} -I${POSTGRESQL_INC_DIR} -DENABLE_POSTGRESQL" - LIBS="${LIBS} -lpq" - fi + LDFLAGS="${LDFLAGS} -L${POSTGRESQL_LIB_DIR}" + CPPFLAGS="${CPPFLAGS} -I${POSTGRESQL_INC_DIR} -DENABLE_POSTGRESQL" + LIBS="${LIBS} -lpq" fi fi @@ -6583,7 +7678,7 @@ done echo "**********************************************" echo - exit + exit 1 else echo "$as_me:$LINENO: result: no" >&5 @@ -6682,18 +7777,30 @@ echo "$as_me:$LINENO: checking libipq.h usability" >&5 echo $ECHO_N "checking libipq.h usability... $ECHO_C" >&6 cat >conftest.$ac_ext <<_ACEOF -#line $LINENO "configure" -#include "confdefs.h" +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ $ac_includes_default #include _ACEOF rm -f conftest.$ac_objext if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - (eval $ac_compile) 2>&5 + (eval $ac_compile) 2>conftest.er1 ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && - { ac_try='test -s conftest.$ac_objext' + { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest.$ac_objext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? @@ -6702,10 +7809,11 @@ ac_header_compiler=yes else echo "$as_me: failed program was:" >&5 -cat conftest.$ac_ext >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + ac_header_compiler=no fi -rm -f conftest.$ac_objext conftest.$ac_ext +rm -f conftest.err conftest.$ac_objext conftest.$ac_ext echo "$as_me:$LINENO: result: $ac_header_compiler" >&5 echo "${ECHO_T}$ac_header_compiler" >&6 @@ -6713,20 +7821,24 @@ echo "$as_me:$LINENO: checking libipq.h presence" >&5 echo $ECHO_N "checking libipq.h presence... $ECHO_C" >&6 cat >conftest.$ac_ext <<_ACEOF -#line $LINENO "configure" -#include "confdefs.h" +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ #include _ACEOF if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5 (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1 ac_status=$? - egrep -v '^ *\+' conftest.er1 >conftest.err + grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } >/dev/null; then if test -s conftest.err; then ac_cpp_err=$ac_c_preproc_warn_flag + ac_cpp_err=$ac_cpp_err$ac_c_werror_flag else ac_cpp_err= fi @@ -6737,7 +7849,8 @@ ac_header_preproc=yes else echo "$as_me: failed program was:" >&5 - cat conftest.$ac_ext >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + ac_header_preproc=no fi rm -f conftest.err conftest.$ac_ext @@ -6745,19 +7858,36 @@ echo "${ECHO_T}$ac_header_preproc" >&6 # So? What about this header? -case $ac_header_compiler:$ac_header_preproc in - yes:no ) +case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in + yes:no: ) { echo "$as_me:$LINENO: WARNING: libipq.h: accepted by the compiler, rejected by the preprocessor!" >&5 echo "$as_me: WARNING: libipq.h: accepted by the compiler, rejected by the preprocessor!" >&2;} - { echo "$as_me:$LINENO: WARNING: libipq.h: proceeding with the preprocessor's result" >&5 -echo "$as_me: WARNING: libipq.h: proceeding with the preprocessor's result" >&2;};; - no:yes ) + { echo "$as_me:$LINENO: WARNING: libipq.h: proceeding with the compiler's result" >&5 +echo "$as_me: WARNING: libipq.h: proceeding with the compiler's result" >&2;} + ac_header_preproc=yes + ;; + no:yes:* ) { echo "$as_me:$LINENO: WARNING: libipq.h: present but cannot be compiled" >&5 echo "$as_me: WARNING: libipq.h: present but cannot be compiled" >&2;} - { echo "$as_me:$LINENO: WARNING: libipq.h: check for missing prerequisite headers?" >&5 -echo "$as_me: WARNING: libipq.h: check for missing prerequisite headers?" >&2;} + { echo "$as_me:$LINENO: WARNING: libipq.h: check for missing prerequisite headers?" >&5 +echo "$as_me: WARNING: libipq.h: check for missing prerequisite headers?" >&2;} + { echo "$as_me:$LINENO: WARNING: libipq.h: see the Autoconf documentation" >&5 +echo "$as_me: WARNING: libipq.h: see the Autoconf documentation" >&2;} + { echo "$as_me:$LINENO: WARNING: libipq.h: section \"Present But Cannot Be Compiled\"" >&5 +echo "$as_me: WARNING: libipq.h: section \"Present But Cannot Be Compiled\"" >&2;} { echo "$as_me:$LINENO: WARNING: libipq.h: proceeding with the preprocessor's result" >&5 -echo "$as_me: WARNING: libipq.h: proceeding with the preprocessor's result" >&2;};; +echo "$as_me: WARNING: libipq.h: proceeding with the preprocessor's result" >&2;} + { echo "$as_me:$LINENO: WARNING: libipq.h: in the future, the compiler will take precedence" >&5 +echo "$as_me: WARNING: libipq.h: in the future, the compiler will take precedence" >&2;} + ( + cat <<\_ASBOX +## ------------------------------------------ ## +## Report this to the AC_PACKAGE_NAME lists. ## +## ------------------------------------------ ## +_ASBOX + ) | + sed "s/^/$as_me: WARNING: /" >&2 + ;; esac echo "$as_me:$LINENO: checking for libipq.h" >&5 echo $ECHO_N "checking for libipq.h... $ECHO_C" >&6 @@ -6793,8 +7923,11 @@ ac_check_lib_save_LIBS=$LIBS LIBS="-lipq $LIBS" cat >conftest.$ac_ext <<_ACEOF -#line $LINENO "configure" -#include "confdefs.h" +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ /* Override any gcc2 internal prototype to avoid an error. */ #ifdef __cplusplus @@ -6803,12 +7936,6 @@ /* We use char because int might match the return type of a gcc2 builtin and then its argument prototype would still apply. */ char ipq_set_mode (); -#ifdef F77_DUMMY_MAIN -# ifdef __cplusplus - extern "C" -# endif - int F77_DUMMY_MAIN() { return 1; } -#endif int main () { @@ -6819,11 +7946,20 @@ _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 - (eval $ac_link) 2>&5 + (eval $ac_link) 2>conftest.er1 ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && - { ac_try='test -s conftest$ac_exeext' + { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest$ac_exeext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? @@ -6832,10 +7968,12 @@ ac_cv_lib_ipq_ipq_set_mode=yes else echo "$as_me: failed program was:" >&5 -cat conftest.$ac_ext >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + ac_cv_lib_ipq_ipq_set_mode=no fi -rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext +rm -f conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS fi echo "$as_me:$LINENO: result: $ac_cv_lib_ipq_ipq_set_mode" >&5 @@ -6858,7 +7996,7 @@ echo " www.netfilter.org or use the --with-libipq-* options, " echo " if you have it installed in unusual place" echo - exit + exit 1 fi fi @@ -6885,7 +8023,7 @@ done echo "**********************************************" echo - exit + exit 1 fi CFLAGS="${CFLAGS} `libnet-config --defines` `libnet-config --cflags`" @@ -6946,18 +8084,30 @@ echo "$as_me:$LINENO: checking $ac_header usability" >&5 echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6 cat >conftest.$ac_ext <<_ACEOF -#line $LINENO "configure" -#include "confdefs.h" +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ $ac_includes_default #include <$ac_header> _ACEOF rm -f conftest.$ac_objext if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - (eval $ac_compile) 2>&5 + (eval $ac_compile) 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && + { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && - { ac_try='test -s conftest.$ac_objext' + (exit $ac_status); }; } && + { ac_try='test -s conftest.$ac_objext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? @@ -6966,10 +8116,11 @@ ac_header_compiler=yes else echo "$as_me: failed program was:" >&5 -cat conftest.$ac_ext >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + ac_header_compiler=no fi -rm -f conftest.$ac_objext conftest.$ac_ext +rm -f conftest.err conftest.$ac_objext conftest.$ac_ext echo "$as_me:$LINENO: result: $ac_header_compiler" >&5 echo "${ECHO_T}$ac_header_compiler" >&6 @@ -6977,20 +8128,24 @@ echo "$as_me:$LINENO: checking $ac_header presence" >&5 echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6 cat >conftest.$ac_ext <<_ACEOF -#line $LINENO "configure" -#include "confdefs.h" +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ #include <$ac_header> _ACEOF if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5 (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1 ac_status=$? - egrep -v '^ *\+' conftest.er1 >conftest.err + grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } >/dev/null; then if test -s conftest.err; then ac_cpp_err=$ac_c_preproc_warn_flag + ac_cpp_err=$ac_cpp_err$ac_c_werror_flag else ac_cpp_err= fi @@ -7001,7 +8156,8 @@ ac_header_preproc=yes else echo "$as_me: failed program was:" >&5 - cat conftest.$ac_ext >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + ac_header_preproc=no fi rm -f conftest.err conftest.$ac_ext @@ -7009,26 +8165,43 @@ echo "${ECHO_T}$ac_header_preproc" >&6 # So? What about this header? -case $ac_header_compiler:$ac_header_preproc in - yes:no ) +case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in + yes:no: ) { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5 echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5 -echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;};; - no:yes ) + { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the compiler's result" >&5 +echo "$as_me: WARNING: $ac_header: proceeding with the compiler's result" >&2;} + ac_header_preproc=yes + ;; + no:yes:* ) { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5 echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5 -echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;} + { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5 +echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;} + { echo "$as_me:$LINENO: WARNING: $ac_header: see the Autoconf documentation" >&5 +echo "$as_me: WARNING: $ac_header: see the Autoconf documentation" >&2;} + { echo "$as_me:$LINENO: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&5 +echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&2;} { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5 -echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;};; +echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;} + { echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5 +echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;} + ( + cat <<\_ASBOX +## ------------------------------------------ ## +## Report this to the AC_PACKAGE_NAME lists. ## +## ------------------------------------------ ## +_ASBOX + ) | + sed "s/^/$as_me: WARNING: /" >&2 + ;; esac echo "$as_me:$LINENO: checking for $ac_header" >&5 echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6 if eval "test \"\${$as_ac_Header+set}\" = set"; then echo $ECHO_N "(cached) $ECHO_C" >&6 else - eval "$as_ac_Header=$ac_header_preproc" + eval "$as_ac_Header=\$ac_header_preproc" fi echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5 echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6 @@ -7051,7 +8224,7 @@ echo " http://www.packetfactory.net/projects/libnet/" echo " or use the --with-libnet-* options, if you have it installed" echo " in unusual place" - exit + exit 1 fi echo "$as_me:$LINENO: checking for libnet version 1.0.2a" >&5 @@ -7092,7 +8265,7 @@ done echo "**********************************************" echo - exit + exit 1 fi echo "$as_me:$LINENO: result: yes" >&5 @@ -7111,7 +8284,7 @@ done echo "**********************************************" echo - exit + exit 1 fi @@ -7125,8 +8298,11 @@ ac_check_lib_save_LIBS=$LIBS LIBS="-lnet $LIBS" cat >conftest.$ac_ext <<_ACEOF -#line $LINENO "configure" -#include "confdefs.h" +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ /* Override any gcc2 internal prototype to avoid an error. */ #ifdef __cplusplus @@ -7135,12 +8311,6 @@ /* We use char because int might match the return type of a gcc2 builtin and then its argument prototype would still apply. */ char libnet_build_ip (); -#ifdef F77_DUMMY_MAIN -# ifdef __cplusplus - extern "C" -# endif - int F77_DUMMY_MAIN() { return 1; } -#endif int main () { @@ -7151,11 +8321,20 @@ _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 - (eval $ac_link) 2>&5 + (eval $ac_link) 2>conftest.er1 ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && - { ac_try='test -s conftest$ac_exeext' + { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest$ac_exeext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? @@ -7164,10 +8343,12 @@ ac_cv_lib_net_libnet_build_ip=yes else echo "$as_me: failed program was:" >&5 -cat conftest.$ac_ext >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + ac_cv_lib_net_libnet_build_ip=no fi -rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext +rm -f conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS fi echo "$as_me:$LINENO: result: $ac_cv_lib_net_libnet_build_ip" >&5 @@ -7189,7 +8370,7 @@ echo " http://www.packetfactory.net/projects/libnet/" echo " or use the --with-libnet-* options, if you have it installed" echo " in unusual place" - exit + exit 1 fi fi @@ -7201,15 +8382,12 @@ echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF -#line $LINENO "configure" -#include "confdefs.h" +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ $ac_includes_default -#ifdef F77_DUMMY_MAIN -# ifdef __cplusplus - extern "C" -# endif - int F77_DUMMY_MAIN() { return 1; } -#endif int main () { @@ -7223,11 +8401,20 @@ _ACEOF rm -f conftest.$ac_objext if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - (eval $ac_compile) 2>&5 + (eval $ac_compile) 2>conftest.er1 ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && - { ac_try='test -s conftest.$ac_objext' + { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest.$ac_objext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? @@ -7236,10 +8423,11 @@ ac_cv_type_u_int8_t=yes else echo "$as_me: failed program was:" >&5 -cat conftest.$ac_ext >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + ac_cv_type_u_int8_t=no fi -rm -f conftest.$ac_objext conftest.$ac_ext +rm -f conftest.err conftest.$ac_objext conftest.$ac_ext fi echo "$as_me:$LINENO: result: $ac_cv_type_u_int8_t" >&5 echo "${ECHO_T}$ac_cv_type_u_int8_t" >&6 @@ -7259,15 +8447,12 @@ echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF -#line $LINENO "configure" -#include "confdefs.h" +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ $ac_includes_default -#ifdef F77_DUMMY_MAIN -# ifdef __cplusplus - extern "C" -# endif - int F77_DUMMY_MAIN() { return 1; } -#endif int main () { @@ -7281,11 +8466,20 @@ _ACEOF rm -f conftest.$ac_objext if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - (eval $ac_compile) 2>&5 + (eval $ac_compile) 2>conftest.er1 ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && - { ac_try='test -s conftest.$ac_objext' + { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest.$ac_objext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? @@ -7294,10 +8488,11 @@ ac_cv_type_u_int16_t=yes else echo "$as_me: failed program was:" >&5 -cat conftest.$ac_ext >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + ac_cv_type_u_int16_t=no fi -rm -f conftest.$ac_objext conftest.$ac_ext +rm -f conftest.err conftest.$ac_objext conftest.$ac_ext fi echo "$as_me:$LINENO: result: $ac_cv_type_u_int16_t" >&5 echo "${ECHO_T}$ac_cv_type_u_int16_t" >&6 @@ -7317,15 +8512,12 @@ echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF -#line $LINENO "configure" -#include "confdefs.h" +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ $ac_includes_default -#ifdef F77_DUMMY_MAIN -# ifdef __cplusplus - extern "C" -# endif - int F77_DUMMY_MAIN() { return 1; } -#endif int main () { @@ -7339,11 +8531,20 @@ _ACEOF rm -f conftest.$ac_objext if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - (eval $ac_compile) 2>&5 + (eval $ac_compile) 2>conftest.er1 ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && - { ac_try='test -s conftest.$ac_objext' + { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest.$ac_objext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? @@ -7352,10 +8553,11 @@ ac_cv_type_u_int32_t=yes else echo "$as_me: failed program was:" >&5 -cat conftest.$ac_ext >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + ac_cv_type_u_int32_t=no fi -rm -f conftest.$ac_objext conftest.$ac_ext +rm -f conftest.err conftest.$ac_objext conftest.$ac_ext fi echo "$as_me:$LINENO: result: $ac_cv_type_u_int32_t" >&5 echo "${ECHO_T}$ac_cv_type_u_int32_t" >&6 @@ -7377,15 +8579,12 @@ echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF -#line $LINENO "configure" -#include "confdefs.h" +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ $ac_includes_default -#ifdef F77_DUMMY_MAIN -# ifdef __cplusplus - extern "C" -# endif - int F77_DUMMY_MAIN() { return 1; } -#endif int main () { @@ -7399,11 +8598,20 @@ _ACEOF rm -f conftest.$ac_objext if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - (eval $ac_compile) 2>&5 + (eval $ac_compile) 2>conftest.er1 ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && - { ac_try='test -s conftest.$ac_objext' + { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest.$ac_objext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? @@ -7412,10 +8620,11 @@ ac_cv_type_u_int8_t=yes else echo "$as_me: failed program was:" >&5 -cat conftest.$ac_ext >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + ac_cv_type_u_int8_t=no fi -rm -f conftest.$ac_objext conftest.$ac_ext +rm -f conftest.err conftest.$ac_objext conftest.$ac_ext fi echo "$as_me:$LINENO: result: $ac_cv_type_u_int8_t" >&5 echo "${ECHO_T}$ac_cv_type_u_int8_t" >&6 @@ -7435,15 +8644,12 @@ echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF -#line $LINENO "configure" -#include "confdefs.h" +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ $ac_includes_default -#ifdef F77_DUMMY_MAIN -# ifdef __cplusplus - extern "C" -# endif - int F77_DUMMY_MAIN() { return 1; } -#endif int main () { @@ -7457,11 +8663,20 @@ _ACEOF rm -f conftest.$ac_objext if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - (eval $ac_compile) 2>&5 + (eval $ac_compile) 2>conftest.er1 ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && - { ac_try='test -s conftest.$ac_objext' + { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest.$ac_objext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? @@ -7470,10 +8685,11 @@ ac_cv_type_u_int16_t=yes else echo "$as_me: failed program was:" >&5 -cat conftest.$ac_ext >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + ac_cv_type_u_int16_t=no fi -rm -f conftest.$ac_objext conftest.$ac_ext +rm -f conftest.err conftest.$ac_objext conftest.$ac_ext fi echo "$as_me:$LINENO: result: $ac_cv_type_u_int16_t" >&5 echo "${ECHO_T}$ac_cv_type_u_int16_t" >&6 @@ -7493,15 +8709,12 @@ echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF -#line $LINENO "configure" -#include "confdefs.h" +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ $ac_includes_default -#ifdef F77_DUMMY_MAIN -# ifdef __cplusplus - extern "C" -# endif - int F77_DUMMY_MAIN() { return 1; } -#endif int main () { @@ -7515,11 +8728,20 @@ _ACEOF rm -f conftest.$ac_objext if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - (eval $ac_compile) 2>&5 + (eval $ac_compile) 2>conftest.er1 ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && - { ac_try='test -s conftest.$ac_objext' + { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest.$ac_objext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? @@ -7528,10 +8750,11 @@ ac_cv_type_u_int32_t=yes else echo "$as_me: failed program was:" >&5 -cat conftest.$ac_ext >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + ac_cv_type_u_int32_t=no fi -rm -f conftest.$ac_objext conftest.$ac_ext +rm -f conftest.err conftest.$ac_objext conftest.$ac_ext fi echo "$as_me:$LINENO: result: $ac_cv_type_u_int32_t" >&5 echo "${ECHO_T}$ac_cv_type_u_int32_t" >&6 @@ -7552,15 +8775,12 @@ echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF -#line $LINENO "configure" -#include "confdefs.h" +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ $ac_includes_default -#ifdef F77_DUMMY_MAIN -# ifdef __cplusplus - extern "C" -# endif - int F77_DUMMY_MAIN() { return 1; } -#endif int main () { @@ -7574,11 +8794,20 @@ _ACEOF rm -f conftest.$ac_objext if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - (eval $ac_compile) 2>&5 + (eval $ac_compile) 2>conftest.er1 ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && - { ac_try='test -s conftest.$ac_objext' + { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest.$ac_objext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? @@ -7587,10 +8816,11 @@ ac_cv_type_u_int8_t=yes else echo "$as_me: failed program was:" >&5 -cat conftest.$ac_ext >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + ac_cv_type_u_int8_t=no fi -rm -f conftest.$ac_objext conftest.$ac_ext +rm -f conftest.err conftest.$ac_objext conftest.$ac_ext fi echo "$as_me:$LINENO: result: $ac_cv_type_u_int8_t" >&5 echo "${ECHO_T}$ac_cv_type_u_int8_t" >&6 @@ -7610,15 +8840,12 @@ echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF -#line $LINENO "configure" -#include "confdefs.h" +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ $ac_includes_default -#ifdef F77_DUMMY_MAIN -# ifdef __cplusplus - extern "C" -# endif - int F77_DUMMY_MAIN() { return 1; } -#endif int main () { @@ -7632,11 +8859,20 @@ _ACEOF rm -f conftest.$ac_objext if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - (eval $ac_compile) 2>&5 + (eval $ac_compile) 2>conftest.er1 ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && - { ac_try='test -s conftest.$ac_objext' + { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest.$ac_objext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? @@ -7645,10 +8881,11 @@ ac_cv_type_u_int16_t=yes else echo "$as_me: failed program was:" >&5 -cat conftest.$ac_ext >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + ac_cv_type_u_int16_t=no fi -rm -f conftest.$ac_objext conftest.$ac_ext +rm -f conftest.err conftest.$ac_objext conftest.$ac_ext fi echo "$as_me:$LINENO: result: $ac_cv_type_u_int16_t" >&5 echo "${ECHO_T}$ac_cv_type_u_int16_t" >&6 @@ -7668,15 +8905,12 @@ echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF -#line $LINENO "configure" -#include "confdefs.h" +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ $ac_includes_default -#ifdef F77_DUMMY_MAIN -# ifdef __cplusplus - extern "C" -# endif - int F77_DUMMY_MAIN() { return 1; } -#endif int main () { @@ -7690,11 +8924,20 @@ _ACEOF rm -f conftest.$ac_objext if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - (eval $ac_compile) 2>&5 + (eval $ac_compile) 2>conftest.er1 ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && - { ac_try='test -s conftest.$ac_objext' + { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest.$ac_objext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? @@ -7703,10 +8946,11 @@ ac_cv_type_u_int32_t=yes else echo "$as_me: failed program was:" >&5 -cat conftest.$ac_ext >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + ac_cv_type_u_int32_t=no fi -rm -f conftest.$ac_objext conftest.$ac_ext +rm -f conftest.err conftest.$ac_objext conftest.$ac_ext fi echo "$as_me:$LINENO: result: $ac_cv_type_u_int32_t" >&5 echo "${ECHO_T}$ac_cv_type_u_int32_t" >&6 @@ -7744,6 +8988,7 @@ # AIX 4 /usr/bin/installbsd, which doesn't work without a -g flag # AFS /usr/afsws/bin/install, which mishandles nonexistent args # SVR4 /usr/ucb/install, which tries to use the nonexistent group "staff" +# OS/2's system install, which has a completely different semantic # ./install, which can be erroneously created by make from ./install.sh. echo "$as_me:$LINENO: checking for a BSD-compatible install" >&5 echo $ECHO_N "checking for a BSD-compatible install... $ECHO_C" >&6 @@ -7760,6 +9005,7 @@ case $as_dir/ in ./ | .// | /cC/* | \ /etc/* | /usr/sbin/* | /usr/etc/* | /sbin/* | /usr/afsws/bin/* | \ + ?:\\/os2\\/install\\/* | ?:\\/OS2\\/INSTALL\\/* | \ /usr/ucb/* ) ;; *) # OSF1 and SCO ODT 3.0 have their own names for install. @@ -7767,20 +9013,20 @@ # by default. for ac_prog in ginstall scoinst install; do for ac_exec_ext in '' $ac_executable_extensions; do - if $as_executable_p "$as_dir/$ac_prog$ac_exec_ext"; then - if test $ac_prog = install && - grep dspmsg "$as_dir/$ac_prog$ac_exec_ext" >/dev/null 2>&1; then - # AIX install. It has an incompatible calling convention. - : - elif test $ac_prog = install && - grep pwplus "$as_dir/$ac_prog$ac_exec_ext" >/dev/null 2>&1; then - # program-specific install script used by HP pwplus--don't use. - : - else - ac_cv_path_install="$as_dir/$ac_prog$ac_exec_ext -c" - break 3 - fi - fi + if $as_executable_p "$as_dir/$ac_prog$ac_exec_ext"; then + if test $ac_prog = install && + grep dspmsg "$as_dir/$ac_prog$ac_exec_ext" >/dev/null 2>&1; then + # AIX install. It has an incompatible calling convention. + : + elif test $ac_prog = install && + grep pwplus "$as_dir/$ac_prog$ac_exec_ext" >/dev/null 2>&1; then + # program-specific install script used by HP pwplus--don't use. + : + else + ac_cv_path_install="$as_dir/$ac_prog$ac_exec_ext -c" + break 3 + fi + fi done done ;; @@ -7810,7 +9056,7 @@ test -z "$INSTALL_DATA" && INSTALL_DATA='${INSTALL} -m 644' -ac_config_files="$ac_config_files Makefile src/Makefile src/sfutil/Makefile src/detection-plugins/Makefile src/output-plugins/Makefile src/preprocessors/Makefile src/preprocessors/HttpInspect/Makefile src/preprocessors/HttpInspect/include/Makefile src/preprocessors/HttpInspect/utils/Makefile src/preprocessors/HttpInspect/anomaly_detection/Makefile src/preprocessors/HttpInspect/client/Makefile src/preprocessors/HttpInspect/event_output/Makefile src/preprocessors/HttpInspect/mode_inspection/Makefile src/preprocessors/HttpInspect/normalization/Makefile src/preprocessors/HttpInspect/server/Makefile src/preprocessors/HttpInspect/session_inspection/Makefile src/preprocessors/HttpInspect/user_interface/Makefile src/preprocessors/flow/Makefile src/preprocessors/flow/int-snort/Makefile src/preprocessors/flow/portscan/Makefile src/parser/Makefile doc/Makefile contrib/Makefile schemas/Makefile rpm/Makefile etc/Makefile rules/Makefile templates/Makefile src/win32/Makefile" + ac_config_files="$ac_config_files Makefile src/Makefile src/sfutil/Makefile src/detection-plugins/Makefile src/output-plugins/Makefile src/preprocessors/Makefile src/preprocessors/HttpInspect/Makefile src/preprocessors/HttpInspect/include/Makefile src/preprocessors/HttpInspect/utils/Makefile src/preprocessors/HttpInspect/anomaly_detection/Makefile src/preprocessors/HttpInspect/client/Makefile src/preprocessors/HttpInspect/event_output/Makefile src/preprocessors/HttpInspect/mode_inspection/Makefile src/preprocessors/HttpInspect/normalization/Makefile src/preprocessors/HttpInspect/server/Makefile src/preprocessors/HttpInspect/session_inspection/Makefile src/preprocessors/HttpInspect/user_interface/Makefile src/preprocessors/flow/Makefile src/preprocessors/flow/int-snort/Makefile src/preprocessors/flow/portscan/Makefile src/parser/Makefile doc/Makefile contrib/Makefile schemas/Makefile rpm/Makefile etc/Makefile rules/Makefile templates/Makefile src/win32/Makefile" cat >confcache <<\_ACEOF # This file is a shell script that caches the results of configure # tests run on this system so they can be shared between configure @@ -7821,7 +9067,7 @@ # config.status only pays attention to the cache file if you give it # the --recheck option to rerun configure. # -# `ac_cv_env_foo' variables (set or unset) will be overriden when +# `ac_cv_env_foo' variables (set or unset) will be overridden when # loading this file, other *unset* `ac_cv_foo' will be assigned the # following values. @@ -7839,13 +9085,13 @@ # `set' does not quote correctly, so add quotes (double-quote # substitution turns \\\\ into \\, and sed turns \\ into \). sed -n \ - "s/'/'\\\\''/g; - s/^\\([_$as_cr_alnum]*_cv_[_$as_cr_alnum]*\\)=\\(.*\\)/\\1='\\2'/p" + "s/'/'\\\\''/g; + s/^\\([_$as_cr_alnum]*_cv_[_$as_cr_alnum]*\\)=\\(.*\\)/\\1='\\2'/p" ;; *) # `set' quotes correctly as required by POSIX, so do not add quotes. sed -n \ - "s/^\\([_$as_cr_alnum]*_cv_[_$as_cr_alnum]*\\)=\\(.*\\)/\\1=\\2/p" + "s/^\\([_$as_cr_alnum]*_cv_[_$as_cr_alnum]*\\)=\\(.*\\)/\\1=\\2/p" ;; esac; } | @@ -7856,7 +9102,7 @@ t end /^ac_cv_env/!s/^\([^=]*\)=\(.*\)$/\1=${\1=\2}/ : end' >>confcache -if cmp -s $cache_file confcache; then :; else +if diff $cache_file confcache >/dev/null 2>&1; then :; else if test -w $cache_file; then test "x$cache_file" != "x/dev/null" && echo "updating cache $cache_file" cat confcache >$cache_file @@ -7875,18 +9121,40 @@ # trailing colons and then remove the whole line if VPATH becomes empty # (actually we leave an empty line to preserve line numbers). if test "x$srcdir" = x.; then - ac_vpsub='/^[ ]*VPATH[ ]*=/{ + ac_vpsub='/^[ ]*VPATH[ ]*=/{ s/:*\$(srcdir):*/:/; s/:*\${srcdir}:*/:/; s/:*@srcdir@:*/:/; -s/^\([^=]*=[ ]*\):*/\1/; +s/^\([^=]*=[ ]*\):*/\1/; s/:*$//; -s/^[^=]*=[ ]*$//; +s/^[^=]*=[ ]*$//; }' fi DEFS=-DHAVE_CONFIG_H +ac_libobjs= +ac_ltlibobjs= +for ac_i in : $LIBOBJS; do test "x$ac_i" = x: && continue + # 1. Remove the extension, and $U if already installed. + ac_i=`echo "$ac_i" | + sed 's/\$U\././;s/\.o$//;s/\.obj$//'` + # 2. Add them. + ac_libobjs="$ac_libobjs $ac_i\$U.$ac_objext" + ac_ltlibobjs="$ac_ltlibobjs $ac_i"'$U.lo' +done +LIBOBJS=$ac_libobjs + +LTLIBOBJS=$ac_ltlibobjs + + +if test -z "${MAINTAINER_MODE_TRUE}" && test -z "${MAINTAINER_MODE_FALSE}"; then + { { echo "$as_me:$LINENO: error: conditional \"MAINTAINER_MODE\" was never defined. +Usually this means the macro was only invoked conditionally." >&5 +echo "$as_me: error: conditional \"MAINTAINER_MODE\" was never defined. +Usually this means the macro was only invoked conditionally." >&2;} + { (exit 1); exit 1; }; } +fi if test -z "${AMDEP_TRUE}" && test -z "${AMDEP_FALSE}"; then { { echo "$as_me:$LINENO: error: conditional \"AMDEP\" was never defined. Usually this means the macro was only invoked conditionally." >&5 @@ -7894,6 +9162,20 @@ Usually this means the macro was only invoked conditionally." >&2;} { (exit 1); exit 1; }; } fi +if test -z "${am__fastdepCC_TRUE}" && test -z "${am__fastdepCC_FALSE}"; then + { { echo "$as_me:$LINENO: error: conditional \"am__fastdepCC\" was never defined. +Usually this means the macro was only invoked conditionally." >&5 +echo "$as_me: error: conditional \"am__fastdepCC\" was never defined. +Usually this means the macro was only invoked conditionally." >&2;} + { (exit 1); exit 1; }; } +fi +if test -z "${am__fastdepCC_TRUE}" && test -z "${am__fastdepCC_FALSE}"; then + { { echo "$as_me:$LINENO: error: conditional \"am__fastdepCC\" was never defined. +Usually this means the macro was only invoked conditionally." >&5 +echo "$as_me: error: conditional \"am__fastdepCC\" was never defined. +Usually this means the macro was only invoked conditionally." >&2;} + { (exit 1); exit 1; }; } +fi : ${CONFIG_STATUS=./config.status} ac_clean_files_save=$ac_clean_files @@ -7908,11 +9190,12 @@ # configure, is in config.log if it exists. debug=false +ac_cs_recheck=false +ac_cs_silent=false SHELL=\${CONFIG_SHELL-$SHELL} _ACEOF cat >>$CONFIG_STATUS <<\_ACEOF - ## --------------------- ## ## M4sh Initialization. ## ## --------------------- ## @@ -7921,46 +9204,57 @@ if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then emulate sh NULLCMD=: + # Zsh 3.x and 4.x performs word splitting on ${1+"$@"}, which + # is contrary to our usage. Disable this feature. + alias -g '${1+"$@"}'='"$@"' elif test -n "${BASH_VERSION+set}" && (set -o posix) >/dev/null 2>&1; then set -o posix fi +DUALCASE=1; export DUALCASE # for MKS sh -# NLS nuisances. # Support unset when possible. -if (FOO=FOO; unset FOO) >/dev/null 2>&1; then +if ( (MAIL=60; unset MAIL) || exit) >/dev/null 2>&1; then as_unset=unset else as_unset=false fi -(set +x; test -n "`(LANG=C; export LANG) 2>&1`") && - { $as_unset LANG || test "${LANG+set}" != set; } || - { LANG=C; export LANG; } -(set +x; test -n "`(LC_ALL=C; export LC_ALL) 2>&1`") && - { $as_unset LC_ALL || test "${LC_ALL+set}" != set; } || - { LC_ALL=C; export LC_ALL; } -(set +x; test -n "`(LC_TIME=C; export LC_TIME) 2>&1`") && - { $as_unset LC_TIME || test "${LC_TIME+set}" != set; } || - { LC_TIME=C; export LC_TIME; } -(set +x; test -n "`(LC_CTYPE=C; export LC_CTYPE) 2>&1`") && - { $as_unset LC_CTYPE || test "${LC_CTYPE+set}" != set; } || - { LC_CTYPE=C; export LC_CTYPE; } -(set +x; test -n "`(LANGUAGE=C; export LANGUAGE) 2>&1`") && - { $as_unset LANGUAGE || test "${LANGUAGE+set}" != set; } || - { LANGUAGE=C; export LANGUAGE; } -(set +x; test -n "`(LC_COLLATE=C; export LC_COLLATE) 2>&1`") && - { $as_unset LC_COLLATE || test "${LC_COLLATE+set}" != set; } || - { LC_COLLATE=C; export LC_COLLATE; } -(set +x; test -n "`(LC_NUMERIC=C; export LC_NUMERIC) 2>&1`") && - { $as_unset LC_NUMERIC || test "${LC_NUMERIC+set}" != set; } || - { LC_NUMERIC=C; export LC_NUMERIC; } -(set +x; test -n "`(LC_MESSAGES=C; export LC_MESSAGES) 2>&1`") && - { $as_unset LC_MESSAGES || test "${LC_MESSAGES+set}" != set; } || - { LC_MESSAGES=C; export LC_MESSAGES; } + +# Work around bugs in pre-3.0 UWIN ksh. +$as_unset ENV MAIL MAILPATH +PS1='$ ' +PS2='> ' +PS4='+ ' + +# NLS nuisances. +for as_var in \ + LANG LANGUAGE LC_ADDRESS LC_ALL LC_COLLATE LC_CTYPE LC_IDENTIFICATION \ + LC_MEASUREMENT LC_MESSAGES LC_MONETARY LC_NAME LC_NUMERIC LC_PAPER \ + LC_TELEPHONE LC_TIME +do + if (set +x; test -z "`(eval $as_var=C; export $as_var) 2>&1`"); then + eval $as_var=C; export $as_var + else + $as_unset $as_var + fi +done + +# Required to use basename. +if expr a : '\(a\)' >/dev/null 2>&1; then + as_expr=expr +else + as_expr=false +fi + +if (basename /) >/dev/null 2>&1 && test "X`basename / 2>&1`" = "X/"; then + as_basename=basename +else + as_basename=false +fi # Name of the executable. -as_me=`(basename "$0") 2>/dev/null || +as_me=`$as_basename "$0" || $as_expr X/"$0" : '.*/\([^/][^/]*\)/*$' \| \ X"$0" : 'X\(//\)$' \| \ X"$0" : 'X\(/\)$' \| \ @@ -7971,6 +9265,7 @@ /^X\/\(\/\).*/{ s//\1/; q; } s/.*/./; q'` + # PATH needs CR, and LINENO needs CR and PATH. # Avoid depending upon Character Ranges. as_cr_letters='abcdefghijklmnopqrstuvwxyz' @@ -7981,15 +9276,15 @@ # The user is always right. if test "${PATH_SEPARATOR+set}" != set; then - echo "#! /bin/sh" >conftest.sh - echo "exit 0" >>conftest.sh - chmod +x conftest.sh - if (PATH=".;."; conftest.sh) >/dev/null 2>&1; then + echo "#! /bin/sh" >conf$$.sh + echo "exit 0" >>conf$$.sh + chmod +x conf$$.sh + if (PATH="/nonexistent;."; conf$$.sh) >/dev/null 2>&1; then PATH_SEPARATOR=';' else PATH_SEPARATOR=: fi - rm -f conftest.sh + rm -f conf$$.sh fi @@ -8038,6 +9333,8 @@ as_lineno_3=`(expr $as_lineno_1 + 1) 2>/dev/null` test "x$as_lineno_1" != "x$as_lineno_2" && test "x$as_lineno_3" = "x$as_lineno_2" ') 2>/dev/null; then + $as_unset BASH_ENV || test "${BASH_ENV+set}" != set || { BASH_ENV=; export BASH_ENV; } + $as_unset ENV || test "${ENV+set}" != set || { ENV=; export ENV; } CONFIG_SHELL=$as_dir/$as_base export CONFIG_SHELL exec "$CONFIG_SHELL" "$0" ${1+"$@"} @@ -8111,13 +9408,20 @@ fi rm -f conf$$ conf$$.exe conf$$.file +if mkdir -p . 2>/dev/null; then + as_mkdir_p=: +else + test -d ./-p && rmdir ./-p + as_mkdir_p=false +fi + as_executable_p="test -f" # Sed expression to map a string onto a valid CPP name. -as_tr_cpp="sed y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g" +as_tr_cpp="eval sed 'y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g'" # Sed expression to map a string onto a valid variable name. -as_tr_sh="sed y%*+%pp%;s%[^_$as_cr_alnum]%_%g" +as_tr_sh="eval sed 'y%*+%pp%;s%[^_$as_cr_alnum]%_%g'" # IFS @@ -8127,7 +9431,7 @@ IFS=" $as_nl" # CDPATH. -$as_unset CDPATH || test "${CDPATH+set}" != set || { CDPATH=$PATH_SEPARATOR; export CDPATH; } +$as_unset CDPATH exec 6>&1 @@ -8144,7 +9448,7 @@ cat >&5 <<_CSEOF This file was extended by $as_me, which was -generated by GNU Autoconf 2.53. Invocation command line was +generated by GNU Autoconf 2.59. Invocation command line was CONFIG_FILES = $CONFIG_FILES CONFIG_HEADERS = $CONFIG_HEADERS @@ -8184,12 +9488,13 @@ -h, --help print this help, then exit -V, --version print version number, then exit + -q, --quiet do not print progress messages -d, --debug don't remove temporary files --recheck update $as_me by reconfiguring in the same conditions --file=FILE[:TEMPLATE] - instantiate the configuration file FILE + instantiate the configuration file FILE --header=FILE[:TEMPLATE] - instantiate the configuration header FILE + instantiate the configuration header FILE Configuration files: $config_files @@ -8206,11 +9511,10 @@ cat >>$CONFIG_STATUS <<_ACEOF ac_cs_version="\\ config.status -configured by $0, generated by GNU Autoconf 2.53, +configured by $0, generated by GNU Autoconf 2.59, with options \\"`echo "$ac_configure_args" | sed 's/[\\""\`\$]/\\\\&/g'`\\" -Copyright 1992, 1993, 1994, 1995, 1996, 1998, 1999, 2000, 2001 -Free Software Foundation, Inc. +Copyright (C) 2003 Free Software Foundation, Inc. This config.status script is free software; the Free Software Foundation gives unlimited permission to copy, distribute and modify it." srcdir=$srcdir @@ -8227,25 +9531,25 @@ --*=*) ac_option=`expr "x$1" : 'x\([^=]*\)='` ac_optarg=`expr "x$1" : 'x[^=]*=\(.*\)'` - shift - set dummy "$ac_option" "$ac_optarg" ${1+"$@"} - shift + ac_shift=: + ;; + -*) + ac_option=$1 + ac_optarg=$2 + ac_shift=shift ;; - -*);; *) # This is not an option, so the user has probably given explicit # arguments. + ac_option=$1 ac_need_defaults=false;; esac - case $1 in + case $ac_option in # Handling of the options. _ACEOF -cat >>$CONFIG_STATUS <<_ACEOF - -recheck | --recheck | --rechec | --reche | --rech | --rec | --re | --r) - echo "running $SHELL $0 " $ac_configure_args " --no-create --no-recursion" - exec $SHELL $0 $ac_configure_args --no-create --no-recursion ;; -_ACEOF cat >>$CONFIG_STATUS <<\_ACEOF + -recheck | --recheck | --rechec | --reche | --rech | --rec | --re | --r) + ac_cs_recheck=: ;; --version | --vers* | -V ) echo "$ac_cs_version"; exit 0 ;; --he | --h) @@ -8260,13 +9564,16 @@ --debug | --d* | -d ) debug=: ;; --file | --fil | --fi | --f ) - shift - CONFIG_FILES="$CONFIG_FILES $1" + $ac_shift + CONFIG_FILES="$CONFIG_FILES $ac_optarg" ac_need_defaults=false;; --header | --heade | --head | --hea ) - shift - CONFIG_HEADERS="$CONFIG_HEADERS $1" + $ac_shift + CONFIG_HEADERS="$CONFIG_HEADERS $ac_optarg" ac_need_defaults=false;; + -q | -quiet | --quiet | --quie | --qui | --qu | --q \ + | -silent | --silent | --silen | --sile | --sil | --si | --s) + ac_cs_silent=: ;; # This is an error. -*) { { echo "$as_me:$LINENO: error: unrecognized option: $1 @@ -8281,6 +9588,20 @@ shift done +ac_configure_extra_args= + +if $ac_cs_silent; then + exec 6>/dev/null + ac_configure_extra_args="$ac_configure_extra_args --silent" +fi + +_ACEOF +cat >>$CONFIG_STATUS <<_ACEOF +if \$ac_cs_recheck; then + echo "running $SHELL $0 " $ac_configure_args \$ac_configure_extra_args " --no-create --no-recursion" >&6 + exec $SHELL $0 $ac_configure_args \$ac_configure_extra_args --no-create --no-recursion +fi + _ACEOF cat >>$CONFIG_STATUS <<_ACEOF @@ -8346,6 +9667,9 @@ test "${CONFIG_COMMANDS+set}" = set || CONFIG_COMMANDS=$config_commands fi +# Have a temporary directory for convenience. Make it in the build tree +# simply because there is no reason to put it here, and in addition, +# creating and moving files from /tmp can sometimes cause problems. # Create a temporary directory, and hook for its removal unless debugging. $debug || { @@ -8354,17 +9678,17 @@ } # Create a (secure) tmp directory for tmp files. -: ${TMPDIR=/tmp} + { - tmp=`(umask 077 && mktemp -d -q "$TMPDIR/csXXXXXX") 2>/dev/null` && + tmp=`(umask 077 && mktemp -d -q "./confstatXXXXXX") 2>/dev/null` && test -n "$tmp" && test -d "$tmp" } || { - tmp=$TMPDIR/cs$$-$RANDOM + tmp=./confstat$$-$RANDOM (umask 077 && mkdir $tmp) } || { - echo "$me: cannot create a temporary directory in $TMPDIR" >&2 + echo "$me: cannot create a temporary directory in ." >&2 { (exit 1); exit 1; } } @@ -8412,9 +9736,13 @@ s,@ECHO_N@,$ECHO_N,;t t s,@ECHO_T@,$ECHO_T,;t t s,@LIBS@,$LIBS,;t t +s,@MAINTAINER_MODE_TRUE@,$MAINTAINER_MODE_TRUE,;t t +s,@MAINTAINER_MODE_FALSE@,$MAINTAINER_MODE_FALSE,;t t +s,@MAINT@,$MAINT,;t t s,@INSTALL_PROGRAM@,$INSTALL_PROGRAM,;t t s,@INSTALL_SCRIPT@,$INSTALL_SCRIPT,;t t s,@INSTALL_DATA@,$INSTALL_DATA,;t t +s,@CYGPATH_W@,$CYGPATH_W,;t t s,@PACKAGE@,$PACKAGE,;t t s,@VERSION@,$VERSION,;t t s,@ACLOCAL@,$ACLOCAL,;t t @@ -8422,13 +9750,17 @@ s,@AUTOMAKE@,$AUTOMAKE,;t t s,@AUTOHEADER@,$AUTOHEADER,;t t s,@MAKEINFO@,$MAKEINFO,;t t -s,@AMTAR@,$AMTAR,;t t s,@install_sh@,$install_sh,;t t s,@STRIP@,$STRIP,;t t s,@ac_ct_STRIP@,$ac_ct_STRIP,;t t s,@INSTALL_STRIP_PROGRAM@,$INSTALL_STRIP_PROGRAM,;t t +s,@mkdir_p@,$mkdir_p,;t t s,@AWK@,$AWK,;t t s,@SET_MAKE@,$SET_MAKE,;t t +s,@am__leading_dot@,$am__leading_dot,;t t +s,@AMTAR@,$AMTAR,;t t +s,@am__tar@,$am__tar,;t t +s,@am__untar@,$am__untar,;t t s,@CC@,$CC,;t t s,@CFLAGS@,$CFLAGS,;t t s,@LDFLAGS@,$LDFLAGS,;t t @@ -8443,6 +9775,8 @@ s,@AMDEP_FALSE@,$AMDEP_FALSE,;t t s,@AMDEPBACKSLASH@,$AMDEPBACKSLASH,;t t s,@CCDEPMODE@,$CCDEPMODE,;t t +s,@am__fastdepCC_TRUE@,$am__fastdepCC_TRUE,;t t +s,@am__fastdepCC_FALSE@,$am__fastdepCC_FALSE,;t t s,@RANLIB@,$RANLIB,;t t s,@ac_ct_RANLIB@,$ac_ct_RANLIB,;t t s,@build@,$build,;t t @@ -8455,7 +9789,10 @@ s,@host_os@,$host_os,;t t s,@extra_incl@,$extra_incl,;t t s,@CPP@,$CPP,;t t +s,@EGREP@,$EGREP,;t t s,@INCLUDES@,$INCLUDES,;t t +s,@LIBOBJS@,$LIBOBJS,;t t +s,@LTLIBOBJS@,$LTLIBOBJS,;t t CEOF _ACEOF @@ -8485,9 +9822,9 @@ (echo ':t /@[a-zA-Z_][a-zA-Z_0-9]*@/!b' && cat $tmp/subs.frag) >$tmp/subs-$ac_sed_frag.sed if test -z "$ac_sed_cmds"; then - ac_sed_cmds="sed -f $tmp/subs-$ac_sed_frag.sed" + ac_sed_cmds="sed -f $tmp/subs-$ac_sed_frag.sed" else - ac_sed_cmds="$ac_sed_cmds | sed -f $tmp/subs-$ac_sed_frag.sed" + ac_sed_cmds="$ac_sed_cmds | sed -f $tmp/subs-$ac_sed_frag.sed" fi ac_sed_frag=`expr $ac_sed_frag + 1` ac_beg=$ac_end @@ -8505,46 +9842,51 @@ # Support "outfile[:infile[:infile...]]", defaulting infile="outfile.in". case $ac_file in - | *:- | *:-:* ) # input from stdin - cat >$tmp/stdin - ac_file_in=`echo "$ac_file" | sed 's,[^:]*:,,'` - ac_file=`echo "$ac_file" | sed 's,:.*,,'` ;; + cat >$tmp/stdin + ac_file_in=`echo "$ac_file" | sed 's,[^:]*:,,'` + ac_file=`echo "$ac_file" | sed 's,:.*,,'` ;; *:* ) ac_file_in=`echo "$ac_file" | sed 's,[^:]*:,,'` - ac_file=`echo "$ac_file" | sed 's,:.*,,'` ;; + ac_file=`echo "$ac_file" | sed 's,:.*,,'` ;; * ) ac_file_in=$ac_file.in ;; esac # Compute @srcdir@, @top_srcdir@, and @INSTALL@ for subdirectories. ac_dir=`(dirname "$ac_file") 2>/dev/null || $as_expr X"$ac_file" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ - X"$ac_file" : 'X\(//\)[^/]' \| \ - X"$ac_file" : 'X\(//\)$' \| \ - X"$ac_file" : 'X\(/\)' \| \ - . : '\(.\)' 2>/dev/null || + X"$ac_file" : 'X\(//\)[^/]' \| \ + X"$ac_file" : 'X\(//\)$' \| \ + X"$ac_file" : 'X\(/\)' \| \ + . : '\(.\)' 2>/dev/null || echo X"$ac_file" | sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/; q; } /^X\(\/\/\)[^/].*/{ s//\1/; q; } /^X\(\/\/\)$/{ s//\1/; q; } /^X\(\/\).*/{ s//\1/; q; } s/.*/./; q'` - { case "$ac_dir" in - [\\/]* | ?:[\\/]* ) as_incr_dir=;; - *) as_incr_dir=.;; -esac -as_dummy="$ac_dir" -for as_mkdir_dir in `IFS='/\\'; set X $as_dummy; shift; echo "$@"`; do - case $as_mkdir_dir in - # Skip DOS drivespec - ?:) as_incr_dir=$as_mkdir_dir ;; - *) - as_incr_dir=$as_incr_dir/$as_mkdir_dir - test -d "$as_incr_dir" || - mkdir "$as_incr_dir" || - { { echo "$as_me:$LINENO: error: cannot create \"$ac_dir\"" >&5 -echo "$as_me: error: cannot create \"$ac_dir\"" >&2;} - { (exit 1); exit 1; }; } - ;; - esac -done; } + { if $as_mkdir_p; then + mkdir -p "$ac_dir" + else + as_dir="$ac_dir" + as_dirs= + while test ! -d "$as_dir"; do + as_dirs="$as_dir $as_dirs" + as_dir=`(dirname "$as_dir") 2>/dev/null || +$as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ + X"$as_dir" : 'X\(//\)[^/]' \| \ + X"$as_dir" : 'X\(//\)$' \| \ + X"$as_dir" : 'X\(/\)' \| \ + . : '\(.\)' 2>/dev/null || +echo X"$as_dir" | + sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/; q; } + /^X\(\/\/\)[^/].*/{ s//\1/; q; } + /^X\(\/\/\)$/{ s//\1/; q; } + /^X\(\/\).*/{ s//\1/; q; } + s/.*/./; q'` + done + test ! -n "$as_dirs" || mkdir $as_dirs + fi || { { echo "$as_me:$LINENO: error: cannot create directory \"$ac_dir\"" >&5 +echo "$as_me: error: cannot create directory \"$ac_dir\"" >&2;} + { (exit 1); exit 1; }; }; } ac_builddir=. @@ -8571,12 +9913,45 @@ ac_srcdir=$ac_top_builddir$srcdir$ac_dir_suffix ac_top_srcdir=$ac_top_builddir$srcdir ;; esac -# Don't blindly perform a `cd "$ac_dir"/$ac_foo && pwd` since $ac_foo can be -# absolute. -ac_abs_builddir=`cd "$ac_dir" && cd $ac_builddir && pwd` -ac_abs_top_builddir=`cd "$ac_dir" && cd $ac_top_builddir && pwd` -ac_abs_srcdir=`cd "$ac_dir" && cd $ac_srcdir && pwd` -ac_abs_top_srcdir=`cd "$ac_dir" && cd $ac_top_srcdir && pwd` + +# Do not use `cd foo && pwd` to compute absolute paths, because +# the directories may not exist. +case `pwd` in +.) ac_abs_builddir="$ac_dir";; +*) + case "$ac_dir" in + .) ac_abs_builddir=`pwd`;; + [\\/]* | ?:[\\/]* ) ac_abs_builddir="$ac_dir";; + *) ac_abs_builddir=`pwd`/"$ac_dir";; + esac;; +esac +case $ac_abs_builddir in +.) ac_abs_top_builddir=${ac_top_builddir}.;; +*) + case ${ac_top_builddir}. in + .) ac_abs_top_builddir=$ac_abs_builddir;; + [\\/]* | ?:[\\/]* ) ac_abs_top_builddir=${ac_top_builddir}.;; + *) ac_abs_top_builddir=$ac_abs_builddir/${ac_top_builddir}.;; + esac;; +esac +case $ac_abs_builddir in +.) ac_abs_srcdir=$ac_srcdir;; +*) + case $ac_srcdir in + .) ac_abs_srcdir=$ac_abs_builddir;; + [\\/]* | ?:[\\/]* ) ac_abs_srcdir=$ac_srcdir;; + *) ac_abs_srcdir=$ac_abs_builddir/$ac_srcdir;; + esac;; +esac +case $ac_abs_builddir in +.) ac_abs_top_srcdir=$ac_top_srcdir;; +*) + case $ac_top_srcdir in + .) ac_abs_top_srcdir=$ac_abs_builddir;; + [\\/]* | ?:[\\/]* ) ac_abs_top_srcdir=$ac_top_srcdir;; + *) ac_abs_top_srcdir=$ac_abs_builddir/$ac_top_srcdir;; + esac;; +esac case $INSTALL in @@ -8584,11 +9959,6 @@ *) ac_INSTALL=$ac_top_builddir$INSTALL ;; esac - if test x"$ac_file" != x-; then - { echo "$as_me:$LINENO: creating $ac_file" >&5 -echo "$as_me: creating $ac_file" >&6;} - rm -f "$ac_file" - fi # Let's still pretend it is `configure' which instantiates (i.e., don't # use $as_me), people would be surprised to read: # /* config.h. Generated by config.status. */ @@ -8598,7 +9968,7 @@ configure_input="$ac_file. " fi configure_input=$configure_input"Generated from `echo $ac_file_in | - sed 's,.*/,,'` by configure." + sed 's,.*/,,'` by configure." # First look for the input files in the build tree, otherwise in the # src tree. @@ -8607,26 +9977,32 @@ case $f in -) echo $tmp/stdin ;; [\\/$]*) - # Absolute (can't be DOS-style, as IFS=:) - test -f "$f" || { { echo "$as_me:$LINENO: error: cannot find input file: $f" >&5 + # Absolute (can't be DOS-style, as IFS=:) + test -f "$f" || { { echo "$as_me:$LINENO: error: cannot find input file: $f" >&5 echo "$as_me: error: cannot find input file: $f" >&2;} { (exit 1); exit 1; }; } - echo $f;; + echo "$f";; *) # Relative - if test -f "$f"; then - # Build tree - echo $f - elif test -f "$srcdir/$f"; then - # Source tree - echo $srcdir/$f - else - # /dev/null tree - { { echo "$as_me:$LINENO: error: cannot find input file: $f" >&5 + if test -f "$f"; then + # Build tree + echo "$f" + elif test -f "$srcdir/$f"; then + # Source tree + echo "$srcdir/$f" + else + # /dev/null tree + { { echo "$as_me:$LINENO: error: cannot find input file: $f" >&5 echo "$as_me: error: cannot find input file: $f" >&2;} { (exit 1); exit 1; }; } - fi;; + fi;; esac done` || { (exit 1); exit 1; } + + if test x"$ac_file" != x-; then + { echo "$as_me:$LINENO: creating $ac_file" >&5 +echo "$as_me: creating $ac_file" >&6;} + rm -f "$ac_file" + fi _ACEOF cat >>$CONFIG_STATUS <<_ACEOF sed "$ac_vpsub @@ -8666,12 +10042,12 @@ # NAME is the cpp macro being defined and VALUE is the value it is being given. # # ac_d sets the value in "#define NAME VALUE" lines. -ac_dA='s,^\([ ]*\)#\([ ]*define[ ][ ]*\)' -ac_dB='[ ].*$,\1#\2' +ac_dA='s,^\([ ]*\)#\([ ]*define[ ][ ]*\)' +ac_dB='[ ].*$,\1#\2' ac_dC=' ' ac_dD=',;t' # ac_u turns "#undef NAME" without trailing blanks into "#define NAME VALUE". -ac_uA='s,^\([ ]*\)#\([ ]*\)undef\([ ][ ]*\)' +ac_uA='s,^\([ ]*\)#\([ ]*\)undef\([ ][ ]*\)' ac_uB='$,\1#\2define\3' ac_uC=' ' ac_uD=',;t' @@ -8680,11 +10056,11 @@ # Support "outfile[:infile[:infile...]]", defaulting infile="outfile.in". case $ac_file in - | *:- | *:-:* ) # input from stdin - cat >$tmp/stdin - ac_file_in=`echo "$ac_file" | sed 's,[^:]*:,,'` - ac_file=`echo "$ac_file" | sed 's,:.*,,'` ;; + cat >$tmp/stdin + ac_file_in=`echo "$ac_file" | sed 's,[^:]*:,,'` + ac_file=`echo "$ac_file" | sed 's,:.*,,'` ;; *:* ) ac_file_in=`echo "$ac_file" | sed 's,[^:]*:,,'` - ac_file=`echo "$ac_file" | sed 's,:.*,,'` ;; + ac_file=`echo "$ac_file" | sed 's,:.*,,'` ;; * ) ac_file_in=$ac_file.in ;; esac @@ -8698,28 +10074,29 @@ case $f in -) echo $tmp/stdin ;; [\\/$]*) - # Absolute (can't be DOS-style, as IFS=:) - test -f "$f" || { { echo "$as_me:$LINENO: error: cannot find input file: $f" >&5 + # Absolute (can't be DOS-style, as IFS=:) + test -f "$f" || { { echo "$as_me:$LINENO: error: cannot find input file: $f" >&5 echo "$as_me: error: cannot find input file: $f" >&2;} { (exit 1); exit 1; }; } - echo $f;; + # Do quote $f, to prevent DOS paths from being IFS'd. + echo "$f";; *) # Relative - if test -f "$f"; then - # Build tree - echo $f - elif test -f "$srcdir/$f"; then - # Source tree - echo $srcdir/$f - else - # /dev/null tree - { { echo "$as_me:$LINENO: error: cannot find input file: $f" >&5 + if test -f "$f"; then + # Build tree + echo "$f" + elif test -f "$srcdir/$f"; then + # Source tree + echo "$srcdir/$f" + else + # /dev/null tree + { { echo "$as_me:$LINENO: error: cannot find input file: $f" >&5 echo "$as_me: error: cannot find input file: $f" >&2;} { (exit 1); exit 1; }; } - fi;; + fi;; esac done` || { (exit 1); exit 1; } # Remove the trailing spaces. - sed 's/[ ]*$//' $ac_file_inputs >$tmp/in + sed 's/[ ]*$//' $ac_file_inputs >$tmp/in _ACEOF @@ -8742,9 +10119,9 @@ s,[\\$`],\\&,g t clear : clear -s,^[ ]*#[ ]*define[ ][ ]*\([^ (][^ (]*\)\(([^)]*)\)[ ]*\(.*\)$,${ac_dA}\1${ac_dB}\1\2${ac_dC}\3${ac_dD},gp +s,^[ ]*#[ ]*define[ ][ ]*\([^ (][^ (]*\)\(([^)]*)\)[ ]*\(.*\)$,${ac_dA}\1${ac_dB}\1\2${ac_dC}\3${ac_dD},gp t end -s,^[ ]*#[ ]*define[ ][ ]*\([^ ][^ ]*\)[ ]*\(.*\)$,${ac_dA}\1${ac_dB}\1${ac_dC}\2${ac_dD},gp +s,^[ ]*#[ ]*define[ ][ ]*\([^ ][^ ]*\)[ ]*\(.*\)$,${ac_dA}\1${ac_dB}\1${ac_dC}\2${ac_dD},gp : end _ACEOF # If some macros were called several times there might be several times @@ -8758,13 +10135,13 @@ # example, in the case of _POSIX_SOURCE, which is predefined and required # on some systems where configure will not decide to define it. cat >>conftest.undefs <<\_ACEOF -s,^[ ]*#[ ]*undef[ ][ ]*[a-zA-Z_][a-zA-Z_0-9]*,/* & */, +s,^[ ]*#[ ]*undef[ ][ ]*[a-zA-Z_][a-zA-Z_0-9]*,/* & */, _ACEOF # Break up conftest.defines because some shells have a limit on the size # of here documents, and old seds have small limits too (100 cmds). echo ' # Handle all the #define templates only if necessary.' >>$CONFIG_STATUS -echo ' if egrep "^[ ]*#[ ]*define" $tmp/in >/dev/null; then' >>$CONFIG_STATUS +echo ' if grep "^[ ]*#[ ]*define" $tmp/in >/dev/null; then' >>$CONFIG_STATUS echo ' # If there are no defines, we may have an empty if/fi' >>$CONFIG_STATUS echo ' :' >>$CONFIG_STATUS rm -f conftest.tail @@ -8773,7 +10150,7 @@ # Write a limited-size here document to $tmp/defines.sed. echo ' cat >$tmp/defines.sed <>$CONFIG_STATUS # Speed up: don't consider the non `#define' lines. - echo '/^[ ]*#[ ]*define/!b' >>$CONFIG_STATUS + echo '/^[ ]*#[ ]*define/!b' >>$CONFIG_STATUS # Work around the forget-to-reset-the-flag bug. echo 't clr' >>$CONFIG_STATUS echo ': clr' >>$CONFIG_STATUS @@ -8788,7 +10165,7 @@ mv conftest.tail conftest.defines done rm -f conftest.defines -echo ' fi # egrep' >>$CONFIG_STATUS +echo ' fi # grep' >>$CONFIG_STATUS echo >>$CONFIG_STATUS # Break up conftest.undefs because some shells have a limit on the size @@ -8800,7 +10177,7 @@ # Write a limited-size here document to $tmp/undefs.sed. echo ' cat >$tmp/undefs.sed <>$CONFIG_STATUS # Speed up: don't consider the non `#undef' - echo '/^[ ]*#[ ]*undef/!b' >>$CONFIG_STATUS + echo '/^[ ]*#[ ]*undef/!b' >>$CONFIG_STATUS # Work around the forget-to-reset-the-flag bug. echo 't clr' >>$CONFIG_STATUS echo ': clr' >>$CONFIG_STATUS @@ -8828,41 +10205,46 @@ cat $tmp/in >>$tmp/config.h rm -f $tmp/in if test x"$ac_file" != x-; then - if cmp -s $ac_file $tmp/config.h 2>/dev/null; then + if diff $ac_file $tmp/config.h >/dev/null 2>&1; then { echo "$as_me:$LINENO: $ac_file is unchanged" >&5 echo "$as_me: $ac_file is unchanged" >&6;} else ac_dir=`(dirname "$ac_file") 2>/dev/null || $as_expr X"$ac_file" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ - X"$ac_file" : 'X\(//\)[^/]' \| \ - X"$ac_file" : 'X\(//\)$' \| \ - X"$ac_file" : 'X\(/\)' \| \ - . : '\(.\)' 2>/dev/null || + X"$ac_file" : 'X\(//\)[^/]' \| \ + X"$ac_file" : 'X\(//\)$' \| \ + X"$ac_file" : 'X\(/\)' \| \ + . : '\(.\)' 2>/dev/null || echo X"$ac_file" | sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/; q; } /^X\(\/\/\)[^/].*/{ s//\1/; q; } /^X\(\/\/\)$/{ s//\1/; q; } /^X\(\/\).*/{ s//\1/; q; } s/.*/./; q'` - { case "$ac_dir" in - [\\/]* | ?:[\\/]* ) as_incr_dir=;; - *) as_incr_dir=.;; -esac -as_dummy="$ac_dir" -for as_mkdir_dir in `IFS='/\\'; set X $as_dummy; shift; echo "$@"`; do - case $as_mkdir_dir in - # Skip DOS drivespec - ?:) as_incr_dir=$as_mkdir_dir ;; - *) - as_incr_dir=$as_incr_dir/$as_mkdir_dir - test -d "$as_incr_dir" || - mkdir "$as_incr_dir" || - { { echo "$as_me:$LINENO: error: cannot create \"$ac_dir\"" >&5 -echo "$as_me: error: cannot create \"$ac_dir\"" >&2;} - { (exit 1); exit 1; }; } - ;; - esac -done; } + { if $as_mkdir_p; then + mkdir -p "$ac_dir" + else + as_dir="$ac_dir" + as_dirs= + while test ! -d "$as_dir"; do + as_dirs="$as_dir $as_dirs" + as_dir=`(dirname "$as_dir") 2>/dev/null || +$as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ + X"$as_dir" : 'X\(//\)[^/]' \| \ + X"$as_dir" : 'X\(//\)$' \| \ + X"$as_dir" : 'X\(/\)' \| \ + . : '\(.\)' 2>/dev/null || +echo X"$as_dir" | + sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/; q; } + /^X\(\/\/\)[^/].*/{ s//\1/; q; } + /^X\(\/\/\)$/{ s//\1/; q; } + /^X\(\/\).*/{ s//\1/; q; } + s/.*/./; q'` + done + test ! -n "$as_dirs" || mkdir $as_dirs + fi || { { echo "$as_me:$LINENO: error: cannot create directory \"$ac_dir\"" >&5 +echo "$as_me: error: cannot create directory \"$ac_dir\"" >&2;} + { (exit 1); exit 1; }; }; } rm -f $ac_file mv $tmp/config.h $ac_file @@ -8871,13 +10253,29 @@ cat $tmp/config.h rm -f $tmp/config.h fi - # Run the commands associated with the file. - case $ac_file in - config.h ) # update the timestamp -echo 'timestamp for config.h' >"./stamp-h1" - ;; +# Compute $ac_file's index in $config_headers. +_am_stamp_count=1 +for _am_header in $config_headers :; do + case $_am_header in + $ac_file | $ac_file:* ) + break ;; + * ) + _am_stamp_count=`expr $_am_stamp_count + 1` ;; esac done +echo "timestamp for $ac_file" >`(dirname $ac_file) 2>/dev/null || +$as_expr X$ac_file : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ + X$ac_file : 'X\(//\)[^/]' \| \ + X$ac_file : 'X\(//\)$' \| \ + X$ac_file : 'X\(/\)' \| \ + . : '\(.\)' 2>/dev/null || +echo X$ac_file | + sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/; q; } + /^X\(\/\/\)[^/].*/{ s//\1/; q; } + /^X\(\/\/\)$/{ s//\1/; q; } + /^X\(\/\).*/{ s//\1/; q; } + s/.*/./; q'`/stamp-h$_am_stamp_count +done _ACEOF cat >>$CONFIG_STATUS <<\_ACEOF @@ -8889,16 +10287,41 @@ ac_source=`echo "$ac_file" | sed 's,[^:]*:,,'` ac_dir=`(dirname "$ac_dest") 2>/dev/null || $as_expr X"$ac_dest" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ - X"$ac_dest" : 'X\(//\)[^/]' \| \ - X"$ac_dest" : 'X\(//\)$' \| \ - X"$ac_dest" : 'X\(/\)' \| \ - . : '\(.\)' 2>/dev/null || + X"$ac_dest" : 'X\(//\)[^/]' \| \ + X"$ac_dest" : 'X\(//\)$' \| \ + X"$ac_dest" : 'X\(/\)' \| \ + . : '\(.\)' 2>/dev/null || echo X"$ac_dest" | sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/; q; } /^X\(\/\/\)[^/].*/{ s//\1/; q; } /^X\(\/\/\)$/{ s//\1/; q; } /^X\(\/\).*/{ s//\1/; q; } s/.*/./; q'` + { if $as_mkdir_p; then + mkdir -p "$ac_dir" + else + as_dir="$ac_dir" + as_dirs= + while test ! -d "$as_dir"; do + as_dirs="$as_dir $as_dirs" + as_dir=`(dirname "$as_dir") 2>/dev/null || +$as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ + X"$as_dir" : 'X\(//\)[^/]' \| \ + X"$as_dir" : 'X\(//\)$' \| \ + X"$as_dir" : 'X\(/\)' \| \ + . : '\(.\)' 2>/dev/null || +echo X"$as_dir" | + sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/; q; } + /^X\(\/\/\)[^/].*/{ s//\1/; q; } + /^X\(\/\/\)$/{ s//\1/; q; } + /^X\(\/\).*/{ s//\1/; q; } + s/.*/./; q'` + done + test ! -n "$as_dirs" || mkdir $as_dirs + fi || { { echo "$as_me:$LINENO: error: cannot create directory \"$ac_dir\"" >&5 +echo "$as_me: error: cannot create directory \"$ac_dir\"" >&2;} + { (exit 1); exit 1; }; }; } + ac_builddir=. if test "$ac_dir" != .; then @@ -8924,12 +10347,45 @@ ac_srcdir=$ac_top_builddir$srcdir$ac_dir_suffix ac_top_srcdir=$ac_top_builddir$srcdir ;; esac -# Don't blindly perform a `cd "$ac_dir"/$ac_foo && pwd` since $ac_foo can be -# absolute. -ac_abs_builddir=`cd "$ac_dir" && cd $ac_builddir && pwd` -ac_abs_top_builddir=`cd "$ac_dir" && cd $ac_top_builddir && pwd` -ac_abs_srcdir=`cd "$ac_dir" && cd $ac_srcdir && pwd` -ac_abs_top_srcdir=`cd "$ac_dir" && cd $ac_top_srcdir && pwd` + +# Do not use `cd foo && pwd` to compute absolute paths, because +# the directories may not exist. +case `pwd` in +.) ac_abs_builddir="$ac_dir";; +*) + case "$ac_dir" in + .) ac_abs_builddir=`pwd`;; + [\\/]* | ?:[\\/]* ) ac_abs_builddir="$ac_dir";; + *) ac_abs_builddir=`pwd`/"$ac_dir";; + esac;; +esac +case $ac_abs_builddir in +.) ac_abs_top_builddir=${ac_top_builddir}.;; +*) + case ${ac_top_builddir}. in + .) ac_abs_top_builddir=$ac_abs_builddir;; + [\\/]* | ?:[\\/]* ) ac_abs_top_builddir=${ac_top_builddir}.;; + *) ac_abs_top_builddir=$ac_abs_builddir/${ac_top_builddir}.;; + esac;; +esac +case $ac_abs_builddir in +.) ac_abs_srcdir=$ac_srcdir;; +*) + case $ac_srcdir in + .) ac_abs_srcdir=$ac_abs_builddir;; + [\\/]* | ?:[\\/]* ) ac_abs_srcdir=$ac_srcdir;; + *) ac_abs_srcdir=$ac_abs_builddir/$ac_srcdir;; + esac;; +esac +case $ac_abs_builddir in +.) ac_abs_top_srcdir=$ac_top_srcdir;; +*) + case $ac_top_srcdir in + .) ac_abs_top_srcdir=$ac_abs_builddir;; + [\\/]* | ?:[\\/]* ) ac_abs_top_srcdir=$ac_top_srcdir;; + *) ac_abs_top_srcdir=$ac_abs_builddir/$ac_top_srcdir;; + esac;; +esac { echo "$as_me:$LINENO: executing $ac_dest commands" >&5 @@ -8947,10 +10403,10 @@ if grep '^#.*generated by automake' $mf > /dev/null 2>&1; then dirpart=`(dirname "$mf") 2>/dev/null || $as_expr X"$mf" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ - X"$mf" : 'X\(//\)[^/]' \| \ - X"$mf" : 'X\(//\)$' \| \ - X"$mf" : 'X\(/\)' \| \ - . : '\(.\)' 2>/dev/null || + X"$mf" : 'X\(//\)[^/]' \| \ + X"$mf" : 'X\(//\)$' \| \ + X"$mf" : 'X\(/\)' \| \ + . : '\(.\)' 2>/dev/null || echo X"$mf" | sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/; q; } /^X\(\/\/\)[^/].*/{ s//\1/; q; } @@ -8960,61 +10416,60 @@ else continue fi - grep '^DEP_FILES *= *[^ #]' < "$mf" > /dev/null || continue - # Extract the definition of DEP_FILES from the Makefile without - # running `make'. - DEPDIR=`sed -n -e '/^DEPDIR = / s///p' < "$mf"` + # Extract the definition of DEPDIR, am__include, and am__quote + # from the Makefile without running `make'. + DEPDIR=`sed -n 's/^DEPDIR = //p' < "$mf"` test -z "$DEPDIR" && continue + am__include=`sed -n 's/^am__include = //p' < "$mf"` + test -z "am__include" && continue + am__quote=`sed -n 's/^am__quote = //p' < "$mf"` # When using ansi2knr, U may be empty or an underscore; expand it - U=`sed -n -e '/^U = / s///p' < "$mf"` - test -d "$dirpart/$DEPDIR" || mkdir "$dirpart/$DEPDIR" - # We invoke sed twice because it is the simplest approach to - # changing $(DEPDIR) to its actual value in the expansion. - for file in `sed -n -e ' - /^DEP_FILES = .*\\\\$/ { - s/^DEP_FILES = // - :loop - s/\\\\$// - p - n - /\\\\$/ b loop - p - } - /^DEP_FILES = / s/^DEP_FILES = //p' < "$mf" | \ + U=`sed -n 's/^U = //p' < "$mf"` + # Find all dependency output files, they are included files with + # $(DEPDIR) in their names. We invoke sed twice because it is the + # simplest approach to changing $(DEPDIR) to its actual value in the + # expansion. + for file in `sed -n " + s/^$am__include $am__quote\(.*(DEPDIR).*\)$am__quote"'$/\1/p' <"$mf" | \ sed -e 's/\$(DEPDIR)/'"$DEPDIR"'/g' -e 's/\$U/'"$U"'/g'`; do # Make sure the directory exists. test -f "$dirpart/$file" && continue fdir=`(dirname "$file") 2>/dev/null || $as_expr X"$file" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ - X"$file" : 'X\(//\)[^/]' \| \ - X"$file" : 'X\(//\)$' \| \ - X"$file" : 'X\(/\)' \| \ - . : '\(.\)' 2>/dev/null || + X"$file" : 'X\(//\)[^/]' \| \ + X"$file" : 'X\(//\)$' \| \ + X"$file" : 'X\(/\)' \| \ + . : '\(.\)' 2>/dev/null || echo X"$file" | sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/; q; } /^X\(\/\/\)[^/].*/{ s//\1/; q; } /^X\(\/\/\)$/{ s//\1/; q; } /^X\(\/\).*/{ s//\1/; q; } s/.*/./; q'` - { case $dirpart/$fdir in - [\\/]* | ?:[\\/]* ) as_incr_dir=;; - *) as_incr_dir=.;; -esac -as_dummy=$dirpart/$fdir -for as_mkdir_dir in `IFS='/\\'; set X $as_dummy; shift; echo "$@"`; do - case $as_mkdir_dir in - # Skip DOS drivespec - ?:) as_incr_dir=$as_mkdir_dir ;; - *) - as_incr_dir=$as_incr_dir/$as_mkdir_dir - test -d "$as_incr_dir" || - mkdir "$as_incr_dir" || - { { echo "$as_me:$LINENO: error: cannot create $dirpart/$fdir" >&5 -echo "$as_me: error: cannot create $dirpart/$fdir" >&2;} - { (exit 1); exit 1; }; } - ;; - esac -done; } + { if $as_mkdir_p; then + mkdir -p $dirpart/$fdir + else + as_dir=$dirpart/$fdir + as_dirs= + while test ! -d "$as_dir"; do + as_dirs="$as_dir $as_dirs" + as_dir=`(dirname "$as_dir") 2>/dev/null || +$as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ + X"$as_dir" : 'X\(//\)[^/]' \| \ + X"$as_dir" : 'X\(//\)$' \| \ + X"$as_dir" : 'X\(/\)' \| \ + . : '\(.\)' 2>/dev/null || +echo X"$as_dir" | + sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/; q; } + /^X\(\/\/\)[^/].*/{ s//\1/; q; } + /^X\(\/\/\)$/{ s//\1/; q; } + /^X\(\/\).*/{ s//\1/; q; } + s/.*/./; q'` + done + test ! -n "$as_dirs" || mkdir $as_dirs + fi || { { echo "$as_me:$LINENO: error: cannot create directory $dirpart/$fdir" >&5 +echo "$as_me: error: cannot create directory $dirpart/$fdir" >&2;} + { (exit 1); exit 1; }; }; } # echo "creating $dirpart/$file" echo '# dummy' > "$dirpart/$file" @@ -9043,8 +10498,11 @@ # need to make the FD available again. if test "$no_create" != yes; then ac_cs_success=: + ac_config_status_args= + test "$silent" = yes && + ac_config_status_args="$ac_config_status_args --quiet" exec 5>/dev/null - $SHELL $CONFIG_STATUS || ac_cs_success=false + $SHELL $CONFIG_STATUS $ac_config_status_args || ac_cs_success=false exec 5>>config.log # Use ||, not &&, to avoid exiting from the if with $? = 1, which # would make configure fail if this is the last instruction.