14:31 Mathieu Arnold (mat) 

all: Remove all other $FreeBSD keywords.

    135fdee

18:55 zeising 

Fix suricata failing to start if there is a stale pid file laying around.
This can happen if suricata is ungracefully shut down.

PR:		223052, 223322
Submitted by:	Reshad Patuck, Franco Fichtner
Approved by:	Franco Fichtner (maintainer)
MFH:		2017Q4

 

15:06 ultima 

* Updated to 3.2.2
* Depends on libhtp 0.5.24 or greater
* Listen on multiple PCAP interfaces via RC script
* Dependencies added in the 3.2.1 update move to the PRELUDE option where they
belong

 - Support additional runmodes for unix-socket
 - make install-full can have race conditions on OSX
 - af-packet: faulty VLAN handling in tpacket-v3 mode
 - bad checksum 0xffff
 - ippair: xbit unset memory leak
 - file store: file log / file store mismatch with multiple files
 - app-layer: fix memleak on bad traffic
 - http body handling: failed assertion
 - ippair: pair is direction sensitive
 - defrag - overlap issue in linux policy
 - unix socket: race condition on start up

PR:		220026
Submitted by:	Franco Fichtner <franco@opnsense.org> (maintainer)
Reviewed by:	matthew (mentor)
Approved by:	matthew (mentor)
Differential Revision:	https://reviews.freebsd.org/D11251

 

05:42 koobs 

security/suricata: Add rules files, netmap startup support

- Install missing rules files [1]
- Add netmap support and simplify pid file naming [2]

PR:		204838 [1], 204834 [2]
Submitted by:	Bill Meeks <bmeeks8 bellsouth net> [1]
Submitted by:	Franco Fichtner <franco opnsense org> [2]

 

08:57 dougb 

In the rc.d scripts, change assignments to rcvar to use the
literal name_enable wherever possible, and ${name}_enable
when it's not, to prepare for the demise of set_rcvar().

In cases where I had to hand-edit unusual instances also
modify formatting slightly to be more uniform (and in
some cases, correct). This includes adding some $FreeBSD$
tags, and most importantly moving rcvar= to right after
name= so it's clear that one is derived from the other.

15:31 jmelo 

The Suricata Engine is an Open Source Next Generation Intrusion Detection and
Prevention Engine developed by the Open Information Security Foundation (OISF).

This engine is not intended to just replace or emulate the existing tools in
the industry, but will bring new ideas and technologies to the field.

OISF is part of and funded by the Department of Homeland Security's Directorate
for Science and Technology HOST program (Homeland Open Security Technology),
by the the Navy's Space and Naval Warfare Systems Command (SPAWAR), as well as
through the very generous support of the members of the OISF Consortium.

More information about the Consortium is available, as well as a list of our
current Consortium Members.

The Suricata Engine and the HTP Library are available to use under the GPLv2.

The HTP Library is an HTTP normalizer and parser written by Ivan Ristic of
Mod Security fame for the OISF. This integrates and provides very advanced
processing of HTTP streams for Suricata. The HTP library is required by the
engine but may also be used independently in a range of applications and tools.

WWW: http://openinfosecfoundation.org

PR:             ports/150191
Submitted by:   Patrick Tracanelli <eksffa@freebsdbrasil.com.br>