New port: net/libp0f

libp0f is the autotools version of p0f-2.x with support for 3rd-party linkage. libp0f splits the core p0f functionality from the p0f-2.x application. The p0f library is installed as libp0f.so so p0f2 and libp0f can co-exist independantly. WWW: https://tools.netsa.cert.org/confluence/display/tt/libp0f PR: 201503 Submitted by: setjmp@hotmail.com
author: pi <pi@FreeBSD.org> 2016-01-19 16:12:59 +0800
committer: pi <pi@FreeBSD.org> 2016-01-19 16:12:59 +0800
commit: cd9c384013a48dbda0bbbcbfe8dee2896c2bc53a (patch)
tree: 63209239bec04659999ef0f970a949aa94f2e79e /net
parent: 489f03d2d9c40d1ae0528dc7a2734292768af88d (diff)
download: freebsd-ports-graphics-cd9c384013a48dbda0bbbcbfe8dee2896c2bc53a.tar.gz
freebsd-ports-graphics-cd9c384013a48dbda0bbbcbfe8dee2896c2bc53a.tar.zst
freebsd-ports-graphics-cd9c384013a48dbda0bbbcbfe8dee2896c2bc53a.zip
6 files changed, 202 insertions, 0 deletions
diff --git a/net/Makefile b/net/Makefile
index 9c3fbc77029..2048c0805bf 100644
--- a/net/Makefile
+++ b/net/Makefile
@@ -334,6 +334,7 @@
     SUBDIR += libopennet
     SUBDIR += liboping
     SUBDIR += libosip2
+    SUBDIR += libp0f
     SUBDIR += libpcap
     SUBDIR += libpcapnav
     SUBDIR += libproxy
diff --git a/net/libp0f/Makefile b/net/libp0f/Makefile
new file mode 100644
index 00000000000..d4a64d09775
--- /dev/null
+++ b/net/libp0f/Makefile
@@ -0,0 +1,27 @@
+# Created by: Eric Allen Griff <setjmp@hotmail.com>
+# $FreeBSD$
+
+PORTNAME=	libp0f
+PORTVERSION=	2.0.8
+CATEGORIES=	net
+MASTER_SITES=	http://tools.netsa.cert.org/confluence/download/attachments/16547842/
+DISTNAME=	p0flib
+
+MAINTAINER=	setjmp@hotmail.com
+COMMENT=	Library of p0f-2.x for yaf as in the CERT NETSA confluence
+
+LICENSE=	LGPL21
+
+WRKSRC_SUBDIR=	libp0f
+GNU_CONFIGURE=	YES
+CONFIGURE_ARGS=	--sysconfdir=${LOCALBASE}/etc
+INSTALL_TARGET=	install-strip
+USES=		gmake libtool pathfix pkgconfig tar:tgz
+USE_LDCONFIG=	yes
+
+post-stage:
+	${RM} -f ${STAGEDIR}${LOCALBASE}/bin/p0f
+	${MV} ${STAGEDIR}/etc/p0f ${STAGEDIR}${LOCALBASE}/etc/libp0f
+	${RM} -rf ${STAGEDIR}/etc
+
+.include <bsd.port.mk>
diff --git a/net/libp0f/distinfo b/net/libp0f/distinfo
new file mode 100644
index 00000000000..26b41604fa1
--- /dev/null
+++ b/net/libp0f/distinfo
@@ -0,0 +1,2 @@
+SHA256 (p0flib.tgz) = 61f4069ccdd0c38133b3e4b776f9e127c321c2963c284e2ae6491facd5faca36
+SIZE (p0flib.tgz) = 827513
diff --git a/net/libp0f/files/patch-etc_p0f_p0f.fp b/net/libp0f/files/patch-etc_p0f_p0f.fp
new file mode 100644
index 00000000000..f4f0ddc0a24
--- /dev/null
+++ b/net/libp0f/files/patch-etc_p0f_p0f.fp
@@ -0,0 +1,154 @@
+--- etc/p0f/p0f.fp.orig	2009-07-28 18:31:33 UTC
++++ etc/p0f/p0f.fp
+@@ -12,6 +12,10 @@
+ # `-------------------------------------------------------------------------'
+ #
+ # (C) Copyright 2000-2006 by Michal Zalewski <lcamtuf@coredump.cx>
++# (C) Copyright 2011-2012 by Carnegie Mellon University
++#      - Roman Danyliw
++#      - version: 2012032901 (03/20/2012)
++#      - Contact <netsa-help@cert.org> for bugs and contributions
+ #
+ # Each line in this file specifies a single fingerprint. Please read the
+ # information below carefully before attempting to append any signatures
+@@ -376,19 +380,28 @@ S4:64:1:60:M1430,S,T,N,W0:.:Linux:2.4-2.
+ 
+ S2:64:1:60:M*,S,T,N,W0:.:Linux:2.4 (large MTU?)
+ S3:64:1:60:M*,S,T,N,W0:.:Linux:2.4 (newer)
+-S4:64:1:60:M*,S,T,N,W0:.:Linux:2.4-2.6
++S4:64:1:60:M*,S,T,N,W0:.:Linux:2.4-2.6 (possibly CentOS 3.x)
+ 
+ S3:64:1:60:M*,S,T,N,W1:.:Linux:2.6, seldom 2.4 (older, 1)
+ S4:64:1:60:M*,S,T,N,W1:.:Linux:2.6, seldom 2.4 (older, 2)
+ S3:64:1:60:M*,S,T,N,W2:.:Linux:2.6, seldom 2.4 (older, 3)
+-S4:64:1:60:M*,S,T,N,W2:.:Linux:2.6, seldom 2.4 (older, 4)
++S4:64:1:60:M*,S,T,N,W2:.:Linux:2.6, seldom 2.4 (older, 4) (possibly FC 3-5, CentOS 4.x, Mandrake 10, Ubuntu 4-6)
+ T4:64:1:60:M*,S,T,N,W2:.:Linux:2.6 (older, 5)
++S4:64:1:60:M*,S,T,N,W4:.:Linux:2.6 (older, 6) (possibly Mandriva 2010.x, Ubuntu 7.x)
+ 
+-S4:64:1:60:M*,S,T,N,W5:.:Linux:2.6 (newer, 1)
+-S4:64:1:60:M*,S,T,N,W6:.:Linux:2.6 (newer, 2)
+-S4:64:1:60:M*,S,T,N,W7:.:Linux:2.6 (newer, 3)
++S4:64:1:60:M*,S,T,N,W5:.:Linux:2.6 (newer, 1) (possibly Mandriva 2008.x, 2009.1, Ubuntu 7-9)
++S4:64:1:60:M*,S,T,N,W6:.:Linux:2.6 (newer, 2) (possibly FC8-14, Chromium 5.x, Ubuntu 10.x, OpenSuse 11.x, CentOS 6.0, Gentoo 10.x, Slackware 12-13.1)
++S4:64:1:60:M*,S,T,N,W7:.:Linux:2.6 (newer, 3) or Mac OSX 10.3.1 (possibly FC 6, CentOS 5.x)
+ T4:64:1:60:M*,S,T,N,W7:.:Linux:2.6 (newer, 4)
++S2:64:1:60:M*,S,T,N,W6:.:Linux:2.6 (newer, 5)
++S44:128:1:52:M*,N,W0,N,N,S:.:Linux:2.6 (newer, 6) (possibly Ubuntu 10.x)
++S4:64:1:52:M*,N,N,S,N,W5:.:Linux:2.6 (newer, 7) (possibly Ubuntu 8.x)
++S4:64:1:60:S,T,M*,N,W5:.:Linux:2.6 (newer, 8) (possibly Mandriva 2009.0)
++S3:64:1:60:M*,S,T,N,W6:.:Linux:2.6 (newer, 9) (possibly OpenSuse 11.4, Gentoo 11.0, Slackware 13.37)
++S10:64:1:60:M*,S,T,N,W7:.:Linux:2.6 (newer, 10) (possibly Ubuntu 11.04)
++S10:64:1:60:M*,S,T,N,W6:.:Linux:2.6 (newer, 11) (possibly FC 15, CentOS 6.2, Knoppix 6.x)
+ 
++S10:64:1:60:M1460,S,T,N,W4:.:Linux:3.0-1 (1) (possibly Ubuntu 11.10, FC 16, Gentoo 11.2, OpenSUSE 12.x)
+ 
+ S20:64:1:60:M*,S,T,N,W0:.:Linux:2.2 (1)
+ S22:64:1:60:M*,S,T,N,W0:.:Linux:2.2 (2)
+@@ -433,8 +446,10 @@ T4:64:1:60:M1412,S,T,N,W0:.:Linux:2.4 (r
+ 65535:64:1:60:M*,N,W1,N,N,T:Z:FreeBSD:5.1 (2)
+ 65535:64:1:60:M*,N,W2,N,N,T:Z:FreeBSD:5.1 (3)
+ 65535:64:1:64:M*,N,N,S,N,W1,N,N,T:.:FreeBSD:5.3-5.4
+-65535:64:1:64:M*,N,W1,N,N,T,S,E:P:FreeBSD:6.x (1)
++65535:64:1:64:M*,N,W1,N,N,T,S,E:P:FreeBSD:6.x (1) or MacOS X 10.6
+ 65535:64:1:64:M*,N,W0,N,N,T,S,E:P:FreeBSD:6.x (2)
++65535:64:1:60:M*,N,W3,S,T:.:FreeBSD:7.x, 8.x
++65535:64:1:60:M*,N,W6,S,T:.:FreeBSD:9.x
+ 
+ 65535:64:1:44:M*:Z:FreeBSD:5.2 (RFC1323-)
+ 
+@@ -446,7 +461,7 @@ T4:64:1:60:M1412,S,T,N,W0:.:Linux:2.4 (r
+ 65535:64:0:60:M*,N,W0,N,N,T0:.:-NetBSD:1.6 (Opera)
+ 16384:64:1:60:M*,N,W0,N,N,T0:.:NetBSD:1.6
+ 65535:64:1:60:M*,N,W1,N,N,T0:.:NetBSD:1.6W-current (DF)
+-65535:64:1:60:M*,N,W0,N,N,T0:.:NetBSD:1.6X (DF)
++65535:64:1:60:M*,N,W0,N,N,T0:.:NetBSD:1.6X (DF) or Sony PlayStation 3
+ 32768:64:1:60:M*,N,W0,N,N,T0:.:NetBSD:1.6Z or 2.0 (DF)
+ 32768:64:1:64:M1416,N,W0,S,N,N,N,N,T0:.:NetBSD:2.0G (DF)
+ 32768:64:1:64:M*,N,W0,S,N,N,N,N,T0:.:NetBSD:3.0 (DF)
+@@ -474,9 +489,9 @@ S34:64:1:48:M*,N,N,S:.:Solaris:9
+ S34:64:1:48:M*,N,N,N,N:.:Solaris:9 (no sack)
+ S44:255:1:44:M*:.:Solaris:7
+ 
+-4096:64:0:44:M1460:.:SunOS:4.1.x
++4096:64:0:44:M1460:.:SunOS:4.1.x, nmap syn scan(8)
+ 
+-S34:64:1:52:M*,N,W0,N,N,S:.:Solaris:10 (beta)
++S34:64:1:52:M*,N,W0,N,N,S:.:Solaris:10 (beta), OpenSolaris
+ 32850:64:1:64:M*,N,N,T,N,W1,N,N,S:.:Solaris:10 (1203?)
+ 32850:64:1:64:M*,N,W1,N,N,T,N,N,S:.:Solaris:9.1
+ 
+@@ -516,6 +531,11 @@ S2:255:1:48:M*,W0,E:.:MacOS:8.6 classic
+ 32768:255:1:48:M1380,N,N,N,N:.:MacOS:9.1 (OT 2.7.4) (1)
+ 65535:255:1:48:M*,N,N,N,N:.:MacOS:9.1 (OT 2.7.4) (2)
+ 
++65535:64:1:64:M*,N,W3,N,N,T,S,E:P:MacOS:X 10.x (10.3-7)
++65535:64:1:64:M*,N,W2,N,N,T,S,E:P:iOS:3.1+, 4.1-3
++65535:64:1:48:M*,S,E:P:iOS:3.x, 4.2
++65535:64:1:64:M*,N,W4,N,N,T,S,E:P:iOS:5.x
++
+ # ----------------- Windows -----------------
+ 
+ # Windows TCP/IP stack is a mess. For most recent XP, 2000 and
+@@ -563,8 +583,8 @@ T31:128:1:44:M1414:.:Windows:NT 4.0 SP6a
+ # either dubious or non-specific (no service pack data)
+ # were deleted and replaced with generics at the end.
+ 
+-65535:128:1:48:M*,N,N,S:.:Windows:2000 SP4, XP SP1+
+-%8192:128:1:48:M*,N,N,S:.:Windows:2000 SP2+, XP SP1+ (seldom 98)
++65535:128:1:48:M*,N,N,S:.:Windows:2000 SP4, XP SP1+, 2003
++8192:128:1:48:M*,N,N,S:.:Windows:2000 SP2+, XP SP1+ (seldom 98), Vista SP1, 7 SP1, 2008 SP2
+ S20:128:1:48:M*,N,N,S:.:Windows:SP3
+ S45:128:1:48:M*,N,N,S:.:Windows:2000 SP4, XP SP1+ (2)
+ 40320:128:1:48:M*,N,N,S:.:Windows:2000 SP4
+@@ -575,12 +595,16 @@ S44:128:1:48:M*,N,N,S:.:Windows:XP SP1+,
+ 64512:128:1:48:M*,N,N,S:.:Windows:XP SP1+, 2000 SP3 (2)
+ 32767:128:1:48:M*,N,N,S:.:Windows:XP SP1+, 2000 SP4 (3)
+ 
+-# Windows 2003 & Vista
++# Windows 2003, Vista, 2008, 7, and 8
+ 
+ 8192:128:1:52:M*,W8,N,N,N,S:.:Windows:Vista (beta)
+ 32768:32:1:52:M1460,N,W0,N,N,S:.:Windows:2003 AS
+ 65535:64:1:52:M1460,N,W2,N,N,S:.:Windows:2003 (1)
+ 65535:64:1:48:M1460,N,N,S:.:Windows:2003 (2)
++8192:128:1:52:M*,N,W2,N,N,S:.:Windows:Vista SP1, 7 SP1
++8192:128:1:52:M*,N,W8,N,N,S:.:Windows:Vista SP0/SP2, 7 SP0+, 2008 SP0
++65535:64:0:60:M*,N,W0,S,T:.:Windows:7 SP1+
++65535:128:1:52:M*,N,W3,N,N,S:.:Windows:8 Consumer Preview
+ 
+ # Odds, ends, mods:
+ 
+@@ -792,6 +816,9 @@ S12:64:0:44:M1452:.:AXIS:Printer Server 
+ 2048:64:0:40:.:.:-*NMAP:syn scan (2)
+ 3072:64:0:40:.:.:-*NMAP:syn scan (3)
+ 4096:64:0:40:.:.:-*NMAP:syn scan (4)
++1024:64:0:44:M*:.:-*NMAP:syn scan (5)
++2048:64:0:44:M*:.:-*NMAP:syn scan (6)
++3072:64:0:44:M*:.:-*NMAP:syn scan (7)
+ 
+ 1024:64:0:40:.:A:-*NMAP:TCP sweep probe (1)
+ 2048:64:0:40:.:A:-*NMAP:TCP sweep probe (2)
+@@ -808,10 +835,22 @@ S12:64:0:44:M1452:.:AXIS:Printer Server 
+ 3072:64:0:60:W10,N,M265,T,E:PF:-*NMAP:OS detection probe w/flags (3)
+ 4096:64:0:60:W10,N,M265,T,E:PF:-*NMAP:OS detection probe w/flags (4)
+ 
++1:64:0:60:W10,N,M1460,T,S:A:-*NMAP:OS detection probe (5)
++63:64:0:60:M1400,W0,S,T,E:A:-*NMAP:OS detection probe (6)
++4:64:0:60:T,N,N,W5,N,M640:A:-*NMAP:OS detection probe (7) 
++4:64:0:56:S,T,W10,E:A:-*NMAP:OS detection probe (8)
++16:64:0:60:M536,S,T,W10,E:A:-*NMAP:OS detection probe (9)
++512:64:0:56:M265,S,T:A:-*NMAP:OS detection probe (10)
++3:64:0:52:W10,N,M1460,S,N,N:UX:-*NMAP:OS detection probe (11)
++31337:64:0:60:W10,N,M265,T,S:A:-*NMAP:OS detection probe (12)
++
+ 32767:64:0:40:.:.:-*NAST:syn scan
+ 
+ 12345:255:0:40:.:A:-p0f:sendsyn utility
+ 
++S4:255:0:40:.:A:-*sinfp:active scan (1)
++S4:255:0:60:M1460,T,W1,S,E:A:-*sinfp:active scan (2) 
++
+ # UFO - see tmp/*:
+ 56922:128:0:40:.:A:-@Mysterious:port scanner (?)
+ 5792:64:1:60:M1460,S,T,N,W0:T:-@Mysterious:NAT device (2nd tstamp)
diff --git a/net/libp0f/pkg-descr b/net/libp0f/pkg-descr
new file mode 100644
index 00000000000..a7915a8c665
--- /dev/null
+++ b/net/libp0f/pkg-descr
@@ -0,0 +1,6 @@
+libp0f is the autotools version of p0f-2.x with support for 3rd-party
+linkage. libp0f splits the core p0f functionality from the p0f-2.x
+application. The p0f library is installed as libp0f.so so
+p0f2 and libp0f can co-exist independantly.
+
+WWW: https://tools.netsa.cert.org/confluence/display/tt/libp0f
diff --git a/net/libp0f/pkg-plist b/net/libp0f/pkg-plist
new file mode 100644
index 00000000000..fb5418fbac4
--- /dev/null
+++ b/net/libp0f/pkg-plist
@@ -0,0 +1,12 @@
+include/p0f/config.h
+include/p0f/config-p0f.h
+include/p0f/public.h
+lib/libp0f.so
+lib/libp0f.so.0
+lib/libp0f.so.0.0.0
+lib/libp0f.a
+libdata/pkgconfig/libp0f.pc
+etc/libp0f/p0fa.fp
+etc/libp0f/p0f.fp
+etc/libp0f/p0fo.fp
+etc/libp0f/p0fr.fp
author	pi <pi@FreeBSD.org>	2016-01-19 16:12:59 +0800
committer	pi <pi@FreeBSD.org>	2016-01-19 16:12:59 +0800
commit	cd9c384013a48dbda0bbbcbfe8dee2896c2bc53a (patch)
tree	63209239bec04659999ef0f970a949aa94f2e79e /net
parent	489f03d2d9c40d1ae0528dc7a2734292768af88d (diff)
download	freebsd-ports-graphics-cd9c384013a48dbda0bbbcbfe8dee2896c2bc53a.tar.gz freebsd-ports-graphics-cd9c384013a48dbda0bbbcbfe8dee2896c2bc53a.tar.zst freebsd-ports-graphics-cd9c384013a48dbda0bbbcbfe8dee2896c2bc53a.zip