diff options
| author | obraun <obraun@FreeBSD.org> | 2003-04-20 04:40:13 +0800 |
|---|---|---|
| committer | obraun <obraun@FreeBSD.org> | 2003-04-20 04:40:13 +0800 |
| commit | a6d4771d523bdd5fded4a499b132d592a2b9b319 (patch) | |
| tree | 0b239ba0541641a2ebf4315af87dbee4a43e468d /security/nessus-libraries/files | |
| parent | 996c50af473600b30871639b059a1621d8191646 (diff) | |
| download | freebsd-ports-gnome-a6d4771d523bdd5fded4a499b132d592a2b9b319.tar.gz freebsd-ports-gnome-a6d4771d523bdd5fded4a499b132d592a2b9b319.tar.zst freebsd-ports-gnome-a6d4771d523bdd5fded4a499b132d592a2b9b319.zip | |
- Update to 2.0.4.
- Add dependency on bpf for the server.
- Add "client only" knob.
PR: ports/51126
Submitted by: maintainer
Diffstat (limited to 'security/nessus-libraries/files')
| -rw-r--r-- | security/nessus-libraries/files/README.BPF | 46 | ||||
| -rw-r--r-- | security/nessus-libraries/files/patch-aa | 16 |
2 files changed, 54 insertions, 8 deletions
diff --git a/security/nessus-libraries/files/README.BPF b/security/nessus-libraries/files/README.BPF new file mode 100644 index 000000000000..90185da60834 --- /dev/null +++ b/security/nessus-libraries/files/README.BPF @@ -0,0 +1,46 @@ +Nessus uses the pcap library, which uses the +berkeley packet filter (bpf) to do its job. + +Since Nessus used multiple processes, several pcap-aware plugins will +need to access the the bpf at the same time. + +This means that you need to recompile your kernel with the +following option : + +For FreeBSD 5.x: +pseudo-device bpfilter + +For FreeBSD 4.x: +pseudo-device bpfilter NUM + +Where 'NUM' is the number of bpf you want -- it should be equal to +the 'max hosts number' option you enter in nessusd x the +'max plugins' option. + +If for instance you want to have 10 nessusd running at the same time, +each running 5 plugins in parallel, you should create 50 (10 * 5) bpfs +(as nessusd is extremely lightweight, you can expect to have this amount + of processes running at the same time) + +If you plan to scan a whole network, we recommand you create at least +100 of them. + +Once your kernel has been rebuilt, get root, cd to /dev +and do : + + i=0; while [ $i -lt 100]; + do + ./MAKEDEV bpf$i + let i=$i+1 + done + +On FreeBSD, you can directly do : + ./MAKEDEV bpf+100 + +(For FreeBSD 5.x this is not needed since the devfs creates devices when needed) + +If you can not recompile your kernel, you can try to run the configure +script with the option --enable-bpf-sharing. In this case, nessusd will +try to share one /dev/bpf among multiple processes and do the filtering +in userland. NOTE THAT THIS OPTION IS HIGHLY EXPERIMENTAL AND WE DO +NOT RECOMMAND ENABLING IT. diff --git a/security/nessus-libraries/files/patch-aa b/security/nessus-libraries/files/patch-aa index 9d914ce75c0c..2eca56c14a81 100644 --- a/security/nessus-libraries/files/patch-aa +++ b/security/nessus-libraries/files/patch-aa @@ -1,10 +1,10 @@ ---- Makefile.orig Thu May 31 15:51:08 2001 -+++ Makefile Wed Oct 10 20:16:14 2001 -@@ -46,7 +46,6 @@ +--- Makefile.orig Tue Jan 21 15:25:01 2003 ++++ Makefile Wed Jan 22 08:40:19 2003 +@@ -51,7 +51,6 @@ cd libhosts_gatherer && ${MAKE} install - cd libpcap-nessus && ${MAKE} install -- $(INSTALL) -m 0444 include/includes.h ${includedir}/nessus - $(INSTALL) -m 0444 include/libnessus.h ${includedir}/nessus - $(INSTALL) -m 0444 include/harglists.h ${includedir}/nessus - $(INSTALL) -m 0444 include/libvers.h ${includedir}/nessus + +- $(INSTALL) -m 0444 include/includes.h $(DESTDIR)${includedir}/nessus + $(INSTALL) -m 0444 include/libnessus.h $(DESTDIR)${includedir}/nessus + $(INSTALL) -m 0444 include/harglists.h $(DESTDIR)${includedir}/nessus + $(INSTALL) -m 0444 include/libvers.h $(DESTDIR)${includedir}/nessus |