[arch-commits] Commit in sniffit/repos/community-x86_64 (3 files)

Sergej Pupykin spupykin at archlinux.org
Fri Apr 10 20:58:33 UTC 2020


    Date: Friday, April 10, 2020 @ 20:58:32
  Author: spupykin
Revision: 613178

archrelease: copy trunk to community-x86_64

Added:
  sniffit/repos/community-x86_64/PKGBUILD
    (from rev 613177, sniffit/trunk/PKGBUILD)
Deleted:
  sniffit/repos/community-x86_64/PKGBUILD
  sniffit/repos/community-x86_64/sniffit-fix.patch

-------------------+
 PKGBUILD          |   86 +---
 sniffit-fix.patch |  937 ----------------------------------------------------
 2 files changed, 36 insertions(+), 987 deletions(-)

Deleted: PKGBUILD
===================================================================
--- PKGBUILD	2020-04-10 20:58:24 UTC (rev 613177)
+++ PKGBUILD	2020-04-10 20:58:32 UTC (rev 613178)
@@ -1,50 +0,0 @@
-# $Id$
-# Maintainer: Sergej Pupykin <pupykin.s+arch at gmail.com>
-# Maintainer: Kessia 'even' Pinheiro <kessiapinheiro at gmail.com>
-
-pkgname=sniffit
-pkgver=0.3.7.beta
-pkgrel=17
-pkgdesc="Very good packet sniffer for unix with ncurses interactive mode"
-arch=('x86_64')
-url="http://packages.ubuntu.com/source/sniffit"
-#seems the website are out, ubuntu have all sources
-#url=http://reptile.rug.ac.be/~coder/sniffit/sniffit.html"
-license=('BSD')
-depends=('ncurses' 'libpcap')
-makedepends=('libtool')
-source=("http://archive.ubuntu.com/ubuntu/pool/universe/s/${pkgname}/${pkgname}_${pkgver}.orig.tar.gz"
-	'sniffit-fix.patch')
-sha512sums=('b32d1f17d589ee1d1afc7986640a2b9f451cdb26ee2d077db1eaec1bb77ed353bbbb6a79bd25f915b3a40b7a279f9fc7855706150ec3a24f8937a152ac91b8d1'
-            'db2c29e3ccf58b661014294b6542b3642aeaaa5d64e0424b6a3d9c39243abd16ab2e07f08e1d82e4fc02076c83351bf1e856fc4e8daad6319b53fa43c44a6574')
-
-build() {
-  cd "${srcdir}"
-  patch -Np0 < "$srcdir"/sniffit-fix.patch
-
-  cd "${srcdir}/${pkgname}.${pkgver}"
-
-  rm -f config.sub config.guess
-  cp /usr/share/libtool/build-aux/config.{guess,sub} .
-
-  ./configure --prefix=/usr --no-recursion --sbindir=/usr/bin
-  make
-}
-
-package() {
-  cd "${srcdir}/${pkgname}.${pkgver}"
-  install -dm0755 -g root -o root "$pkgdir"/usr/{bin,share/licenses/${pkgname}}
-  install -Dm0744 -g root -o root sniffit "$pkgdir"/usr/bin/sniffit
-  install -Dm0644 LICENSE "$pkgdir"/usr/share/licenses/${pkgname}
-
-  # docs
-  install -Dm0644 sniffit.5 "$pkgdir"/usr/share/man/man5/sniffit.5
-  install -Dm0644 sniffit.8 "$pkgdir"/usr/share/man/man8/sniffit.8
-
-  for i in BETA-TESTING PLUGIN-HOWTO README.FIRST sniffit-FAQ; do
-    install -Dm0644 $i "$pkgdir"/usr/share/doc/sniffit/$i
-  done
-  for i in dns_plugin.plug dummy_plugin.plug sample_config_file; do
-    install -Dm0644 $i "$pkgdir"/usr/share/doc/sniffit/examples/$i
-  done
-}

Copied: sniffit/repos/community-x86_64/PKGBUILD (from rev 613177, sniffit/trunk/PKGBUILD)
===================================================================
--- PKGBUILD	                        (rev 0)
+++ PKGBUILD	2020-04-10 20:58:32 UTC (rev 613178)
@@ -0,0 +1,36 @@
+# Maintainer: Sergej Pupykin <pupykin.s+arch at gmail.com>
+# Maintainer: Kessia 'even' Pinheiro <kessiapinheiro at gmail.com>
+
+pkgname=sniffit
+pkgver=0.4.0
+pkgrel=1
+pkgdesc="Very good packet sniffer for unix with ncurses interactive mode"
+arch=('x86_64')
+url="https://packages.ubuntu.com/source/sniffit"
+#seems the website are out, ubuntu have all sources
+#url=http://reptile.rug.ac.be/~coder/sniffit/sniffit.html"
+license=('BSD')
+depends=('ncurses' 'libpcap')
+makedepends=('libtool')
+source=("http://archive.ubuntu.com/ubuntu/pool/universe/s/${pkgname}/${pkgname}_${pkgver}.orig.tar.gz")
+sha512sums=('a31c39859ab308f3ad4bf2f32a61d0f419ed6ad5d1668efc79e996c4a99557e511fc0b36c21e30316cfa82217fb10fd16d4e3473f5f1fdd70cdeba959d643aab')
+
+build() {
+  cd "${srcdir}/sniffit-sniffit-${pkgver}"
+  test -x ./configure || ./autogen.sh
+  ./configure --prefix=/usr --no-recursion --sbindir=/usr/bin
+  make
+}
+
+package() {
+  cd "${srcdir}/sniffit-sniffit-${pkgver}"
+
+  make install DESTDIR="$pkgdir"
+
+  install -dm0755 -g root -o root "$pkgdir"/usr/share/licenses/${pkgname}
+  install -Dm0644 LICENSE "$pkgdir"/usr/share/licenses/${pkgname}
+
+  install -dm0755 -g root -o root "$pkgdir"/usr/share/doc
+  cp -r docs "$pkgdir"/usr/share/doc/sniffit
+  cp -r examples "$pkgdir"/usr/share/doc/sniffit/examples
+}

Deleted: sniffit-fix.patch
===================================================================
--- sniffit-fix.patch	2020-04-10 20:58:24 UTC (rev 613177)
+++ sniffit-fix.patch	2020-04-10 20:58:32 UTC (rev 613178)
@@ -1,937 +0,0 @@
---- sniffit.0.3.7.beta.orig/sniffit.5
-+++ sniffit.0.3.7.beta/sniffit.5
-@@ -122,7 +122,6 @@
-       a) Send by hosts '100.100.12.*'
-       b) Send from/to 100.100.12.2 (useless line)
-       c) deselecting all WWW packets on the subnet     
--.ni
- 
- .SH AUTHOR
- Brecht Claerhout <coder at reptile.rug.ac.be>
---- sniffit.0.3.7.beta.orig/sn_structs.h
-+++ sniffit.0.3.7.beta/sn_structs.h
-@@ -67,7 +67,7 @@
- struct snif_mask                                         /* struct for mask */
-   {
-   _32_bit source_ip, destination_ip;
--  _32_bit short source_port, destination_port;
-+  _16_bit source_port, destination_port;
-   };
- 
- /* (packet generation) */
---- sniffit.0.3.7.beta.orig/sniffit.0.3.7.c
-+++ sniffit.0.3.7.beta/sniffit.0.3.7.c
-@@ -48,15 +48,15 @@
- {
-   printf (
- 	   "usage: %s [-xdabvnN] [-P proto] [-A char] [-p port] [(-r|-R) recordfile]\n"
--	   "       [-l sniflen] [-L logparam] [-F snifdevice] [-M plugin]\n"
-+	   "       [-l sniflen] [-L logparam] [-F snifdevice] [-M plugin]\n",
-+	   prog_name);
- #ifdef INCLUDE_INTERFACE
--	   "       [-D tty]"
-+  printf ( "       [-D tty]"
- 	   " (-t<Target IP> | -s<Source IP>)"
--	   " | (-i|-I) | -c<config file>]\n",
-+	   " | (-i|-I) | -c<config file>]\n");
- #else
--	   "       (-t<Target IP> | -s<Source IP>) | -c<config file>]\n",
-+  printf ( "       (-t<Target IP> | -s<Source IP>) | -c<config file>]\n");
- #endif
--	   prog_name);
-   printf ("Plugins Available:\n");
- #ifdef PLUGIN0_NAME
-   printf ("    0 -- %s\n", PLUGIN0_NAME);
---- sniffit.0.3.7.beta.orig/sn_analyse.c
-+++ sniffit.0.3.7.beta/sn_analyse.c
-@@ -151,16 +151,18 @@
-     {
-     char workbuf1[MTU];
-     char *wb_dummy;
-+    char *p;
-+    size_t len = info.DATA_len <= MTU-1 ? info.DATA_len : MTU-1;
- 
--    strncpy(workbuf1,data,info.DATA_len);
--    workbuf1[info.DATA_len]=0;
-+    strncpy(workbuf1,data,len);
-+    workbuf1[len]=0;
-     strlower(workbuf1);
- 
--    if(strstr(workbuf1,"mail from")!=NULL)
-+    if((p=strstr(workbuf1,"mail from"))!=NULL)
-       {
-       char workbuf2[MTU];
- 
--      strcpy(workbuf2, strstr(workbuf1,"mail from"));
-+      strcpy(workbuf2, p);
-       if(strchr(workbuf2,13)!=NULL)                   /* remove trailing enter */    
-      	{wb_dummy=strchr(workbuf2,13); *wb_dummy=0;}    
-       if(strchr(workbuf2,10)!=NULL)    
-@@ -168,11 +170,11 @@
-       print_mail(filename,workbuf2);
-       }
- 
--    if(strstr(workbuf1,"rcpt to")!=NULL)
-+    if((p=strstr(workbuf1,"rcpt to"))!=NULL)
-       {
-       char workbuf2[MTU];
- 
--      strcpy(workbuf2, strstr(workbuf1,"rcpt to"));
-+      strcpy(workbuf2, p);
-       if(strchr(workbuf2,13)!=NULL)                          /* remove trailing enter */    
-      	{wb_dummy=strchr(workbuf2,13); *wb_dummy=0;}    
-       if(strchr(workbuf2,10)!=NULL)    
---- sniffit.0.3.7.beta.orig/README.FIRST
-+++ sniffit.0.3.7.beta/README.FIRST
-@@ -6,7 +6,7 @@
- *                 No illegal activities are encouraged!                       *
- #                     Please read the LICENSE file                            #
- *                                                                             *
--#  Sniffit grew a little upon it's original intentions and is now             #
-+#  Sniffit grew a little upon its original intentions and is now              #
- *  extended for network debugging (UDP, ICMP, netload, etc.)                  *
- #*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#
- *                          Libpcap library                                    *
-@@ -45,19 +45,19 @@
- 
- I hope you enjoy this beta version. Like always, I removed some bugs. There
- is a new 'logging' feature. It is now possible to record traffic with
--Sniffit and process it later! (it is completely different from te logging
-+Sniffit and process it later! (it is completely different from the logging
- done in the 0.3.6 version, that is known to some hardcore Sniffit users)
- Please take a minute to skim through the text and read the passages marked
- with a '*', these are the new features.
- (Please read BETA-TESTING)
- 
--I use the libpcap library developped at Berkeley Laboratory, for easy 
-+I use the libpcap library developed at Berkeley Laboratory, for easy 
- porting (Read the licence).
- 
- 0.1 Credits and contact
- -----------------------
- 
--Credits go to (in order of apperance on the Sniffit scene): 
-+Credits go to (in order of appearance on the Sniffit scene): 
-     Wim Vandeputte <wvdputte at reptile.rug.ac.be>, 
- 		   best friend and UNIX guru, for support, testing and
-                    providing me with a WWW site.
-@@ -71,17 +71,17 @@
-     Qing Long, for the bash/zsh libpcap/configure script.
-     Guy Gustavson, for giving me a FreeBSD account.
-     Woju <woju at freebsd.ee.ntu.edu.tw>, for the ncurses SunOS/FreeBSD fixing,
--                                       and for his other effords.
-+                                       and for his other efforts.
-     Amlan Saha <eng40607 at nus.sg>, for adding Packet Generation to 
-                Sniffit, and adding other features (not implemented yet).
-                I'm sure that in the near future you will see more of his 
-                work in Sniffit.
-     Shudoh Kazuyuki, for changing getaddrbyname() and improving the 
-                      config-file interpreting.
--    Fyodor <fyodor at dhp.com>, for pointing out the hidious small 
-+    Fyodor <fyodor at dhp.com>, for pointing out the hideous small 
-            fragments problem. 
-     David O'Brien <obrien at nuxi.com>, for netbsd information.
--    everybody, who ever mailed me with sugestions help, etc...
-+    everybody, who ever mailed me with suggestions help, etc...
- 
- Also a big thanks to my Beta testers (alphabetically, I hope)... 
-     Charles G Stuart      <charles.stuart at juno.com>         IRIX / RedHat LINUX
-@@ -91,7 +91,7 @@
- 
-     And many others who wish to be anonymous....
- 
--Sugestions and comments can be sent to:
-+Suggestions and comments can be sent to:
-   coder at reptile.rug.ac.be
- 
-   Brecht Claerhout
-@@ -99,10 +99,10 @@
-   8700 Tielt
-   Belgium
- 
--The original distribution program can be optained from (my site):
-+The original distribution program can be obtained from (my site):
-   http://sniffit.rug.ac.be/sniffit/sniffit.html
- 
--MIND YOU: this program is ran as root, and thus could easily contain
-+MIND YOU: this program is run as root, and thus could easily contain
-           dangerous trojans. If you get it from the above site you can
-           safely compile and use it.
-           (no trojan versions are discovered yet.. it's just a warning)
-@@ -178,7 +178,7 @@
-   -v                Show version and exit (just added because it's such a
-                     wide spread option)
-   -t <IP nr/name>   tells the sniffer to check out packets GOING TO <IP>
--  -s <IP nr/name>   tells the sniffer to check out packets COMMING FROM <IP>
-+  -s <IP nr/name>   tells the sniffer to check out packets COMING FROM <IP>
-                     You can use the '@' wildcard (only IP NUMBERS of course).
-                     e.g. -t 199.145.@
-                          -t 199.14@
-@@ -197,15 +197,15 @@
- Parameters for all modes:
-   -F <device>  force sniffit to use a network device 
- 	       (READ 3.2 ON THIS SUBJECT, IMPORTANT)
--  -n           Turn  of  IP  checksum  checking. This can show you
-+  -n           Turn  off  IP  checksum  checking. This can show you
-                bogus packets.  (mind you ARP, RARP,  other  non-IP
-                packets  will  show  up bogus too) (compatible with
-                ALL options)
--  -N	       Disables all functions that Sniffit has build in, usefull 
-+  -N	       Disables all functions that Sniffit has build in, useful
-                for wanting to run ONLY a plugin
- 
- Parameters for not running in -i:
--  -b            does both -t and -s, doesn't mather what function you used 
-+  -b            does both -t and -s, doesn't matter what function you used 
-                 (-t or -s)
-   -d            Dump mode, shows the packets on the screen in bytes (not 
-                 like tcpdump). For test purposes. (numbers are hex)
-@@ -231,7 +231,7 @@
- 	        They can be combined.
-   -p <port>     Logs connections on port <port>, 0 means all ports, default 
-                 is 0 (all), look out with that on loaded nets!
--  -l <length>   Ammount of information to log (default 300 bytes). 
-+  -l <length>   Amount of information to log (default 300 bytes). 
-                 Length 0 logs everything. (look out with diskspace when 
-                 logging everything!)
-   -M <Plugin>   Activate Plugin nr. <Plugin>, for a list on all plugins 
-@@ -260,7 +260,7 @@
- 
- Some examples:
-   Imagine the following setup: 2 hosts on a subnet, one is running the 
--  sniffer (sniffit.com), the otherone is 66.66.66.7 (target.com).
-+  sniffer (sniffit.com), the other one is 66.66.66.7 (target.com).
-     1. You want to test if the sniffer is working:
-        sniffit:~/# sniffit -d -p 7 -t 66.66.66.7
-        and in another window:
-@@ -272,7 +272,7 @@
-     3. Root of target.com tells me he gets strange ftp connections and 
-        wants to find out the commands typed:
-        sniffit:~/# sniffit -p 21 -l 0 -t 66.66.66.7
--    4. You want to read all incomming and outgoing mail on target.com:
-+    4. You want to read all incoming and outgoing mail on target.com:
-        sniffit:~/# sniffit -p 25 -l 0 -b -t 66.66.66.7 &
-        or
-        sniffit:~/# sniffit -p 25 -l 0 -b -s 66.66.66.7 &
-@@ -314,9 +314,9 @@
- F5 or '5' : Start a program 'sniffit_key5' with arguments
-             <from IP> <from port> <to IP> <to port>
- 	    If the program doesn't exist, nothing is done. Sniffit should 
--	    be in the same path as sniffit was STARTED FROM (not necessarely 
-+	    be in the same path as sniffit was STARTED FROM (not necessarily 
- 	    the path sniffit is stored in) 
--	    This is usefull for interactive connection killing or extra 
-+	    This is useful for interactive connection killing or extra 
- 	    monitoring. A little shell script can always transform the 
-             arguments given and pass them on to other programs.
- F6 or '6' : Same as F5 or '5', but with program 'sniffit_key6'
-@@ -330,12 +330,12 @@
-             the config.h file to change this (could be needed if y'r 
-             computer is slow).
- 'g'       : Generate Packets!
--            Sniffit is now able to generate some trafic load. Currently 
--            this is a 'underdevelloped' feature with very few options, 
-+            Sniffit is now able to generate some traffic load. Currently 
-+            this is a 'underdeveloped' feature with very few options, 
-             but it will be expanded a lot...
-  	    Currently only UDP packets are generated. When pressing 'G' 
--            you will be asked the source/dest IP/port and how much packets 
--            are needed to be transmitted.
-+            you will be asked the source/dest IP/port and how many packets 
-+            are to be transmitted.
-             Packets contain the line: "This Packet was fired with Sniffit!"  
- 'r'       : Reset.. clears all current connections from memory and restarts. 
- 
-@@ -348,14 +348,14 @@
- 
- When forcing network devices, sniffit tries to find out what device it is. 
- If sniffit recognises the name, everything is okay. 
--If it does not recognise the name it will set the variable 
--FORCED_HEAD_LENGHTH to the ethernet headlength. The ethernet headlength 
--is the length in bytes of an ethernet packet hearder. 
--So if you have to force a non-ethernet device, that is not recognised by 
-+If it does not recognise the name it will set the ethernet headlength
-+according to the compiled-in value FORCED_HEAD_LENGTH. The ethernet 
-+headlength is the length in bytes of an ethernet packet header. 
-+So if you have to force a non-ethernet device that is not recognised by 
- sniffit, make sure you change that headlength correctly in the 'sn_config.h' 
- file.
- 
--The -F option was added, because I noticed devicenames can differ from 
-+The -F option was added, because I noticed device names can differ from 
- system to system, and because some ppl have multiple devices present.
- When having problems with this option, please think twice before you mail me.
- 
-@@ -370,7 +370,7 @@
- 
- The configfile should have lines with the following format:
- <field1> <field2> <field3> <field4> [<field5>]
--(seperators are spaces (any number of), NO TABS!!!)
-+(separators are spaces (any number of), NO TABS!!!)
- 
- Lines that don't match this pattern are discarded, so standard unix
- comments '#' can be used in this file... (this also means that if you
-@@ -399,10 +399,10 @@
-    host        : The (de)selection criteria involves a hostname.
-    port        : similar, ... a portnumber
-    mhosts      : The (de)selection criteria involves multiple-hosts, like
--                 with the wildcars in 0.3.0, but without the 'x'
-+                 with the wildcards in 0.3.0, but without the 'x'
- 
- <field4> can be:
--*  either a hostname, a portnumber, a service name or a numbet-dot partial 
-+*  either a hostname, a portnumber, a service name or a number-dot partial 
- *  notation indicating multiple hosts depending on <field3>
- *  (service names like 'ftp' are resolved as the services available 
- *  present on the host that runs Sniffit, and translated into a port nr)
-@@ -411,7 +411,7 @@
-    a portnumber or service name, if <field3> was 'host' or 'mhosts'
- 
- 
--  Maybe it would have been wise to mention explicitely, that the config-file
-+  Maybe it would have been wise to mention explicitly, that the config-file
-   currently only works with TCP packets.
-  
- examples:
-@@ -425,7 +425,7 @@
-         a) Send by host 100.100.12.2
-         b) Send by host 100.100.12.3 from port 1400
-         c) Send to coder.sniffit.com
--        d) All packets on our subnet going to or comming from a telnet port.
-+        d) All packets on our subnet going to or coming from a telnet port.
- 
- 2. another example:
-         select both mhosts 100.100.12.
-@@ -436,7 +436,7 @@
-         b) EXCEPT the WWW packets
-         c) BUT showing the WWW packets concerning enemy.sniffit.com
- 
--   The config file in interpreted SEQUENTIAL, so mixing up those lines
-+   The config file is interpreted SEQUENTIALLY, so mixing up those lines
-    could have unwanted results e.g.:
-         select both mhosts 100.100.12.
-         select both host enemy.sniffit.org
-@@ -455,7 +455,7 @@
-         select both mhosts 2
-         deselect both mhosts 1 80
-         deselect both mhosts 2 80
--   This would show you all subnet trafic excluding WWW trafic
-+   This would show you all subnet traffic excluding WWW traffic
-    (concerning port 80.)
- 
- 4. example:
-@@ -476,12 +476,12 @@
- * you will like it more this way.
- *
- * Loglevels are now activated by '-L <logparam>'.
--* The folowing <logparam>'s are valid (concatenation is alowed):
-+* The following <logparam>'s are valid (concatenation is allowed):
- *
- * 'raw':
- *    Log all SYN, FIN, RST packets. This will give you an overview of
--*    all network (TCP) trafic in a 'RAW' way (a connection starting could
--*    gives you at least 2 SYN packets, etc...).
-+*    all network (TCP) traffic in a 'RAW' way (a connection starting could
-+*    give you at least 2 SYN packets, etc...).
- *    This is a great way to waste diskspace...
- *    Messages are:
- *                Connection initiated. (SYN)
-@@ -507,7 +507,7 @@
- *      A '~' in the login and passwords fields can be a nonprintable
- *      character (if in the beginning of a field, probably due to an early
- *      start of registration) or a '~'.
--*      This all makes it sound a little messy, but I 'testdrived' a lot and
-+*      This all makes it sound a little messy, but I 'test-drove' a lot and
- *      was pleased with the results after adding some funky shit (if y'r
- *      interested have a look at in function 'packethandler' in
- *      sniffit.*.c)
-@@ -521,7 +521,7 @@
- *
- * 'mail':
- *    Interested in who writes mail to who? Well you get all senders and 
--*    recepients nicely logged with this feature (port 25 mail). 
-+*    recipients nicely logged with this feature (port 25 mail). 
- 
- 
- 4. The output
-@@ -563,7 +563,7 @@
-    connections, you will need to use 'joe' or something else that can 
-    support control chars (look for '-A <char>' below).
-    Telnet 'negotiates' (binary) in the beginning of every connection, and 
--   'catting' a output file, will most of the time show nothing (due to 
-+   'catting' an output file, will most of the time show nothing (due to 
-    control chars).
-    Of course when logging mail, there are no problems.
-    The new '-A <char>' takes care of the control characters, that way you 
-@@ -612,14 +612,14 @@
- 
- - UDP Packets (not logged, displayed)
- 
--  You get the package id. When using -d, -a you get the contence of the 
-+  You get the package id. When using -d, -a you get the contents of the 
-   package. (pretty basic)
- 
- 
- 4.2 Logfile
- -----------
- 
--If you use a configfile (-c) and enable the Logging option a logfile is
-+If you use a configfile (-c) and enable the Logging option, a logfile is
- created. Unless you set 'logfile' in the config file, that file will be
- named 'sniffit.log'.
- It will contain lines with the following FIXED format:
-@@ -635,7 +635,7 @@
- 
- 3) Lines containing other data (future versions), will NOT begin with '['
-    and will have also easily interpretable formats.
--   Other data is e.g. packet contence
-+   Other data is e.g. packet contents
- 
- I do this because I can imagine (when this is more expanded) that people
- will use their own parsers for these logfiles. Well, if you respect those 3
-@@ -651,13 +651,13 @@
- Some other notes:
-  
-   - Sniffers can only be run by ROOT
--  - Sniffers can only log packets that 'travel' on THEIR ethernetcable.
-+  - Sniffers can only log packets that 'travel' on THEIR ethernet cable.
-     So there has to be some host on your subnet involved (either as 
-     sender or receiver).
--  - Working with '-d' or '-a' give you raw packets, they are still 
--    packed in IP, when logging to files, only send data is logged, 
-+  - Working with '-d' or '-a' gives you raw packets, they are still 
-+    packed in IP, when logging to files, only sent data is logged, 
-     the packets are 'unwrapped'.
--  - Sniffers can NORMALY not be detected by outsiders (or outsiders 
-+  - Sniffers can NORMALLY not be detected by outsiders (or outsiders 
-     SHOULD not be able to...).
-     Unfortunately some systems contain bugs that will allow outsiders to 
-     probe your network device for PROMISC mode (which is a good indication 
---- sniffit.0.3.7.beta.orig/sniffit.8
-+++ sniffit.0.3.7.beta/sniffit.8
-@@ -39,7 +39,7 @@
- is a packet sniffer for TCP/UDP/ICMP packets. 
- .B sniffit 
- is able to give you very detailed technical info on these 
--packets (SEQ, ACK, TTL, Window, ...) but also packet contence in 
-+packets (SEQ, ACK, TTL, Window, ...) but also packet contents in 
- different formats (hex or plain text, ...).
- .LP
- .B sniffit
-@@ -76,7 +76,7 @@
- 
- .IP "-t Target-IP"
- Only process packets TO Target-IP. If Target-IP is in dot-nr notation, 
--'x' is allowed as wildcard. (e.g. '-t 157.193.x', '-t x', ...)
-+\'x' is allowed as wildcard. (e.g. '-t 157.193.x', '-t x', ...)
- .I "(NOT compatible with: '-s' '-i' '-I' '-c' '-v' '-L')"
- 
- .IP "-s Source-IP"
-@@ -84,7 +84,7 @@
- .I "(NOT compatible with: '-t' '-i' '-I' '-c' '-v' '-L')"
- 
- .IP -b
--'both' mode, together with '-s' or '-t', only process FROM/TO the IP 
-+\'both' mode, together with '-s' or '-t', only process FROM/TO the IP 
- specified by '-s' or '-t' 
- .I "(NOT compatible with: '-t' '-i' '-I' '-c' '-v' '-L')"
- 
-@@ -115,7 +115,7 @@
- .IP "-R <file>"
- Record all traffic in 
- .I <file>
--.This file can then be fed to Sniffit with the '-r' option.
-+This file can then be fed to Sniffit with the '-r' option.
- .I "(Needs a selection parameter like '-c' '-t' '-s')"
- .I "(NOT compatible with '-i' '-I' '-v' '-L' '-r')"
- 
-@@ -149,12 +149,12 @@
- .I "(NOT compatible with: '-i' 'I' '-v')"
- 
- .IP -d
--'dump mode', shows the packets on the screen (stdout) instead of logging 
-+\'dump mode', shows the packets on the screen (stdout) instead of logging 
- into files (default). Data is printed in bytes (hex).  
- .I "(NOT compatible with: '-i' 'I' '-v' '-L')"
- 
- .IP -a
--'dump mode', same of '-d' but outputs ASCII. Non printable chars are 
-+\'dump mode', same of '-d' but outputs ASCII. Non printable chars are 
- replaced by '.'.
- ('-d' and '-a' mix without any problem)
- .I "(NOT compatible with: '-i' '-I' '-v' '-L')"
-@@ -193,8 +193,7 @@
- can be found with 
- .I ifconfig
- (see
--.BR ifconfig (8)
--). 
-+.BR ifconfig (8)). 
- .B sniffit
- supports ethernet and PPP by default. Read
- .B README.FIRST
-@@ -210,7 +209,7 @@
- .B Plugin
- , for a list on all plugins compiled in your version, just type '
- .B sniffit
--'. Read all about Plugins in the PLUGIN-HOWTO (READ IT!)
-+\'. Read all about Plugins in the PLUGIN-HOWTO (READ IT!)
- .I "(NOT compatible with: '-i' '-I' '-v')"
- 
- .IP "-L logparam"
-@@ -235,7 +234,7 @@
- receiving host (port 'o').
- 
- .SH "DUMP MODE ('-d' and/or '-a')"
--Output is dumped to stdout, the packet contence is shown in it's 
-+Output is dumped to stdout, the packet contents is shown in it's 
- unwrapped form (the complete IP packet). 
- 
- .SH "INTERACTIVE MODE ('-i' or '-I')"
-@@ -320,7 +319,7 @@
- .SH "IP ICMP UDP LOGGING"
- Information on these packets is dumped to stdout. Packet 
- Filtering options only refer to TCP and UDP packets.
--The contence of UDP packets is only shown when enabling '-a' or '-d'.  
-+The contents of UDP packets is only shown when enabling '-a' or '-d'.  
- 
- .SH AUTHOR
- Brecht Claerhout <coder at reptile.rug.ac.be>
---- sniffit.0.3.7.beta.orig/sn_interface.c
-+++ sniffit.0.3.7.beta/sn_interface.c
-@@ -5,6 +5,7 @@
- 
- #ifdef INCLUDE_INTERFACE
- #include <signal.h>
-+#include <termios.h>
- #include <unistd.h>
- #include <sys/ipc.h>
- #include <sys/shm.h>       
-@@ -513,8 +514,11 @@
- 
- void screen_exit (void)
- {
--clear();
- endwin();
-+/* next line added by Edward Betts <edward at debian.org>, should not be needed
-+ * because endwin should be calling it, without this the console has no echo
-+ * after exiting in an xterm */
-+reset_shell_mode(); 
- };
- 
- void mem_exit (void)
---- sniffit.0.3.7.beta.orig/sn_logfile.c
-+++ sniffit.0.3.7.beta/sn_logfile.c
-@@ -44,42 +44,42 @@
- void print_ftp_user (char *conn, char *user)
- {
- char line[250];
--sprintf(line,"%s: USER [%s]",conn,user);
-+snprintf(line,sizeof(line),"%s: USER [%s]",conn,user);
- print_logline (line);
- }
- 
- void print_ftp_pass(char *conn, char *pass)
- {
- char line[250];
--sprintf(line,"%s: PASS [%s]",conn,pass);
-+snprintf(line,sizeof(line),"%s: PASS [%s]",conn,pass);
- print_logline (line);
- }
- 
- void print_login (char *conn, char *login)
- {
- char line[250];
--sprintf(line,"%s: login [%s]",conn,login);
-+snprintf(line,sizeof(line),"%s: login [%s]",conn,login);
- print_logline (line);
- }
- 
- void print_mail (char *conn, char *msg)
- {
- char line[250];
--sprintf(line,"%s: mail [%s]",conn,msg);
-+snprintf(line,sizeof(line),"%s: mail [%s]",conn,msg);
- print_logline (line);
- }
- 
- void print_pwd (char *conn, char *pwd)
- {
- char line[250];
--sprintf(line,"%s: password [%s]",conn,pwd);
-+snprintf(line,sizeof(line),"%s: password [%s]",conn,pwd);
- print_logline (line);
- }
- 
- void print_conn (char *conn, char *msg)
- {
- char line[250];
--sprintf(line,"%s: %s",conn,msg);
-+snprintf(line,sizeof(line),"%s: %s",conn,msg);
- print_logline (line);
- }
- 
---- sniffit.0.3.7.beta.orig/Makefile.in
-+++ sniffit.0.3.7.beta/Makefile.in
-@@ -26,9 +26,8 @@
- 	@echo "Succesfull compilation..."
- 
- sniffit: $(SNIFFIT) $(DEP_FILES)
--	cd libpcap; make; cd ..
-+#	cd libpcap; make; cd ..
- 	$(CC) $(EXE_FLAG) $(SNIFFIT) $(EXE_OBJ) $(EXE_OPT) $(LIBS) $(DEFS) $(OS_OPT) 
--	strip sniffit
- 
- sn_cfgfile.o: sn_cfgfile.h sn_cfgfile.c sn_defines.h sn_structs.h sn_config.h
- 	$(CC) $(OBJ_FLAG) sn_cfgfile.c $(OBJ_OPT) $(DEFS)
-@@ -52,12 +51,12 @@
- 
- #Clean up everthing...
- clean:
--	cd libpcap; make clean; rm -f config.cache; cd ..
-+#	cd libpcap; make clean; rm -f config.cache; cd ..
- 	rm -f Makefile
- 	rm -f config.cache
- 	rm -f config.status
- 	rm -f config.log
--	rm -f ./libpcap/config.cache
--	rm -f ./libpcap/config.status
--	rm -f ./libpcap/config.log
-+#	rm -f ./libpcap/config.cache
-+#	rm -f ./libpcap/config.status
-+#	rm -f ./libpcap/config.log
- 	rm -f *.o sniffit 
---- sniffit.0.3.7.beta.orig/debian/rules
-+++ sniffit.0.3.7.beta/debian/rules
-@@ -0,0 +1,28 @@
-+#!/usr/bin/make -f
-+
-+build: 
-+	dh build --before configure
-+	cp /usr/share/misc/config.guess .
-+	cp /usr/share/misc/config.sub .
-+	./configure --prefix=/usr --no-recursion
-+	$(MAKE) OBJ_OPT="" EXE_OPT="-lpcap"
-+	dh build --after build
-+
-+clean:
-+	dh clean
-+	rm -f config.sub config.guess
-+
-+install: build
-+	dh install --before dh_auto_install
-+	dh_install sniffit usr/sbin
-+	dh_installman sniffit.5 sniffit.8
-+	dh_installchangelogs HISTORY
-+	dh install --after dh_auto_install
-+
-+binary-arch: install
-+	dh binary-arch
-+
-+binary-indep: install
-+	dh binary-indep
-+
-+binary: binary-arch binary-indep
---- sniffit.0.3.7.beta.orig/debian/README
-+++ sniffit.0.3.7.beta/debian/README
-@@ -0,0 +1,48 @@
-+sniffit for Debian
-+----------------------
-+
-+What follows are one of the previous maintainers, Patrick J. Edwards 
-+<edwards at cambridgenet.sk.ca>, thoughts on this package, and its security
-+implications.
-+
-+Notes on Security
-+-----------------
-+	This program is highly dangerous, with this program hackers no
-+longer need qcrack or crack for your system. Instead, they can just wait
-+till a user logs in and *BAM* they have a new password. So the point is,
-+this program should be promptly removed in any of the following situations:
-+
-+	1. You are in doubt of the security of your system. Granted that
-+	some one who has already creatively aquired (meaning hacked) root
-+	can install this program his/her self there is no point in
-+	pre-installing this program for them.  
-+
-+	2. You have a tendency to act unethically and snoop on you users for
-+	no apparent reason.  "Good" system admins won't do this.  
-+
-+	3. You don't actively search for security holes in your system.  If
-+	your not doing this and you box is on the Internet 24/7 perhaps you
-+	should.
-+
-+Notes on Usage
-+--------------
-+	1. Don't use this program unless you have to, and once you're done
-+with it uninstall it.
-+	2. Don't scan all ports and all addresses in the hoping of catching
-+a hacker cause you won't, you'll just have vast quantities of logs to search
-+through and very little disk space. Instead wait till you recognize that you
-+have a program user/hacker and then find out what the person is doing (how
-+the hacker is trying to penetrate the system) then start using sniffit to
-+collect your evidence against the offender. [I know this is flying in the
-+face of traditional anti-system-terrorism policies but it leads into my next
-+point]
-+	3. If you persist in using sniffit as a security net for your system
-+DON'T. Plain and simple.  Instead of trying to catch the hacker who has
-+already hacked into your system spend your efforts security proofing your
-+system (up to date versions on cron, sendmail, libraries, etc -- almost
-+anything that runs as root or sudo).
-+
-+	The overall point is: 
-+		"Practice preventive medicine not reactive."
-+
-+ -- Edward Betts <edward at debian.org>  Sun, 12 Sep 1999 11:04:08 +0100
---- sniffit.0.3.7.beta.orig/debian/sniffit.docs
-+++ sniffit.0.3.7.beta/debian/sniffit.docs
-@@ -0,0 +1,4 @@
-+BETA-TESTING
-+PLUGIN-HOWTO
-+README.FIRST
-+sniffit-FAQ
---- sniffit.0.3.7.beta.orig/debian/compat
-+++ sniffit.0.3.7.beta/debian/compat
-@@ -0,0 +1 @@
-+7
---- sniffit.0.3.7.beta.orig/debian/control
-+++ sniffit.0.3.7.beta/debian/control
-@@ -0,0 +1,16 @@
-+Source: sniffit
-+Section: net
-+Priority: optional
-+Maintainer: William Vera <billy at billy.com.mx>
-+Standards-Version: 3.8.0
-+Build-Depends: debhelper (>= 7), libpcap-dev, libncurses5-dev, autotools-dev
-+
-+Package: sniffit
-+Architecture: any
-+Depends: ${shlibs:Depends}
-+Description: packet sniffer and monitoring tool
-+ sniffit is a packet sniffer for TCP/UDP/ICMP packets.
-+ sniffit is able to give you very detailed technical info
-+ on these packets (SEC, ACK, TTL, Window, ...) but also
-+ packet contents in different formats (hex or plain text,
-+ etc. ).
---- sniffit.0.3.7.beta.orig/debian/copyright
-+++ sniffit.0.3.7.beta/debian/copyright
-@@ -0,0 +1,40 @@
-+This package was debianized by Damjan Marion <dmarion at debian.org> on
-+Tue,  7 Apr 1998 22:57:01 +0200.
-+
-+It was taken over by Edward Betts <edward at debian.org> on 
-+Fri, 12 Nov 1999 23:20:20 +0000
-+
-+It was downloaded from
-+http://reptile.rug.ac.be/~coder/sniffit/files/sniffit.0.3.7.beta.tar.gz
-+
-+Upstream Author: Brecht Claerhout
-+
-+Copyright:
-+
-+Sniffit 0.3.7 Copyright (c) 1996-1998 Brecht Claerhout
-+All rights reserved.
-+
-+Redistribution and use in source and binary forms, with or without
-+modification, are permitted provided that the following conditions
-+are met:
-+1. Redistributions of source code must retain the above copyright
-+   notice, this list of conditions and the following disclaimer.
-+2. Redistributions in binary form must reproduce the above copyright
-+   notice, this list of conditions and the following disclaimer in the
-+   documentation and/or other materials provided with the distribution.
-+3. The name of the author may not be used to endorse or promote products
-+   derived from this software without specific prior written permission.
-+4. Redistribution of source code must be conform with the 'libpcap'
-+   copyright conditions, if that library is included.
-+
-+THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
-+IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
-+OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
-+IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
-+INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
-+NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
-+DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
-+THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
-+(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
-+THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-+
---- sniffit.0.3.7.beta.orig/debian/changelog
-+++ sniffit.0.3.7.beta/debian/changelog
-@@ -0,0 +1,165 @@
-+sniffit (0.3.7.beta-13) unstable; urgency=low
-+
-+  * New maintainer. (Closes: #465931).
-+  * Some format corrections on the man pages (sniffit(5) sniffit(8)).
-+  * Don't include config.{sub,guess} in .diff.gz
-+
-+ -- William Vera <billy at billy.com.mx>  Sat, 07 Jun 2008 12:56:48 -0500
-+
-+sniffit (0.3.7.beta-12) unstable; urgency=low
-+
-+  * Use debhelper v7, rules file minimisation.
-+  * Makefile.in: don't strip binary Closes: #438032
-+  * debian/control: Updated to Standards-Version: 3.7.3, no changes needed
-+
-+ -- Edward Betts <edward at debian.org>  Wed, 30 Apr 2008 11:00:19 +0100
-+
-+sniffit (0.3.7.beta-11) unstable; urgency=low
-+
-+  * Acknowledge NMU
-+  * sn_structs.h: Sitting at Debcamp, fixing FTBFS bugs, and Alberto Gonzalez
-+    Iniesta <agi at debian.org> sitting next to me points out there is one in
-+    this package. Thanks to Joshua Kwan <joshk at triplehelix.org> for the patch
-+    to fix it. (closes: #195548)
-+  * config.{guess,sub}: updated
-+  * debian/control: Updated to Standards-Version: 3.6.0, no changes needed
-+  * sn_interface.c: sniffit was leaving echo turned off when exiting from the
-+    interactive mode in an xterm, added reset_shell_mode() to screen_exit()
-+    and it works. This should not be needed because endwin should be calling
-+    it.
-+
-+ -- Edward Betts <edward at debian.org>  Mon, 14 Jul 2003 10:50:24 +0200
-+
-+sniffit (0.3.7.beta-10.1) unstable; urgency=low
-+
-+  * Non maintainer upload
-+  * Rebuilt with new libpcap to remove dependency on libpcap0, which I
-+    got removed from unstable by accident. Sorry about this...
-+
-+ -- Torsten Landschoff <torsten at debian.org>  Sat, 10 Aug 2002 11:37:33 +0200
-+
-+sniffit (0.3.7.beta-10) unstable; urgency=low
-+
-+  * README.FIRST: apply patch "James R. Van Zandt" <jrv at mitre.org> to correct
-+    spelling and other mistakes in README.FIRST
-+
-+ -- Edward Betts <edward at debian.org>  Thu, 13 Dec 2001 17:35:25 +0000
-+
-+sniffit (0.3.7.beta-9) unstable; urgency=low
-+
-+  * debian/control: Standards-Version: 3.5.5
-+  * debian/rules: Support DEB_BUILD_OPTIONS
-+  * config.{guess,sub}: updated files to version from libtool package
-+    (Closes: Bug#103633)
-+  * sniffit.c: applied patch from Bug#103633
-+
-+ -- Edward Betts <edward at debian.org>  Thu,  5 Jul 2001 10:44:23 +0200
-+
-+sniffit (0.3.7.beta-8) unstable; urgency=low
-+
-+  * debian/control: Standards-Version: 3.5.2
-+  * debian/rules: Changed to debhelper 3
-+  * debian/rules: Removed dh_suidregister
-+  * debian/rules: Removed dh_testversion
-+  * debian/rules: Changed dh_installman to dh_installmanpages
-+  * debian/rules: Support DEB_BUILD_OPTIONS
-+
-+ -- Edward Betts <edward at debian.org>  Sun, 25 Mar 2001 04:41:39 -0700
-+
-+sniffit (0.3.7.beta-7) frozen unstable; urgency=high
-+
-+  * debian/rules: do not install pcap.3 (closes: Bug#77769).
-+  * debian/control: updated Standards-Version to 3.2.1
-+  * debian/control: added version to build-depends on debhelper for lintian:
-+     E: sniffit: package-uses-dh_testversion-but-lacks-versioned-build-depends 
-+  * Package now lintian clean.
-+
-+ -- Edward Betts <edward at debian.org>  Tue, 28 Nov 2000 07:00:24 -0700
-+
-+sniffit (0.3.7.beta-6.1) frozen unstable; urgency=high
-+
-+  * Non maintainer upload.
-+  * [security] sn_logfile.c: Replaced sprintfs by snprintfs fixing a buffer 
-+    overflow (bugtraq).
-+  * [security] sn_analyse.c: Limit length of TCP packets to the buffer 
-+    size (buffer overflow with MTU > 5000).
-+
-+ -- Torsten Landschoff <torsten at debian.org>  Fri, 26 May 2000 08:40:14 +0200
-+
-+sniffit (0.3.7.beta-6) frozen unstable; urgency=low
-+
-+  * Update config.{guess,sub} to versions from the automake package.
-+    Should now compile better on ARM (closes: Bug#56915).
-+
-+ -- Edward Betts <edward at debian.org>  Thu,  3 Feb 2000 09:22:16 +0000
-+
-+sniffit (0.3.7.beta-5) unstable; urgency=low
-+
-+  * debian/control: updated Standards-Version to 3.1.1
-+  * debian/control: added Build-Depends.
-+  * debian/rules: rewritten.
-+
-+ -- Edward Betts <edward at debian.org>  Thu,  6 Jan 2000 23:12:32 +0000
-+
-+sniffit (0.3.7.beta-4) unstable; urgency=low
-+
-+  * Recompile to try and fix bug #49979
-+
-+ -- Edward Betts <edward at debian.org>  Fri, 12 Nov 1999 23:21:17 +0000
-+
-+sniffit (0.3.7.beta-3) unstable; urgency=low
-+
-+  * Changed to Debhelper 2.0
-+  * Updated to Standards-Version: 3.0.1
-+  * This package includes a copy of libpcap, ensured that it is not built
-+  * Moved config file /etc/sniffit.cfg to
-+    /usr/doc/sniffit/examples/sample_config_file
-+  * Lintain clean
-+
-+ -- Edward Betts <edward at debian.org>  Fri, 12 Nov 1999 23:20:20 +0000
-+
-+sniffit (0.3.7.beta-2) unstable; urgency=low
-+
-+  * Updated /usr/doc/sniffit/copyright from README.FIRST (fixes #39765)
-+  * sniffit 0.3.7.beta is free software (BSD-like license)
-+  * Changed section to main/net
-+  * Added conffiles entry for /etc/sniffit.cfg
-+
-+ -- Hamish Moffatt <hamish at debian.org>  Fri, 25 Jun 1999 22:30:00 +1000
-+
-+sniffit (0.3.7.beta-1) unstable; urgency=low
-+
-+  * QA group upload
-+  * New upstream release (fixes #28510)
-+  * Fixed spelling error in description (fixes #26859)
-+  * Recompiled with ncurses 4.0 (fixes #37431)
-+
-+ -- Hamish Moffatt <hamish at debian.org>  Sun, 23 May 1999 01:03:00 +1000
-+
-+sniffit (0.3.5-3) frozen unstable; urgency=low
-+
-+  * After long waiting for new copyright i must move it to non-free
-+    (fixes bug #21832)
-+
-+ -- Damjan Marion <dmarion at debian.org>  Thu,  28 May 1998 15:10:35 +0200
-+
-+sniffit (0.3.5-2) frozen unstable; urgency=low
-+
-+  * Moved to frozen (resurected from orphaned)
-+  * Updated to standards 2.4.1.0
-+
-+ -- Damjan Marion <dmarion at debian.org>  Tue,  15 Apr 1998 23:56:11 +0200
-+
-+sniffit (0.3.5-1) unstable; urgency=low
-+
-+  * New maintainer
-+  * New upstream release
-+  * Updated to standards 2.4.0.0
-+
-+ -- Damjan Marion <dmarion at debian.org>  Tue,  7 Apr 1998 22:57:01 +0200
-+
-+sniffit (0.3.3-1) unstable; urgency=low
-+
-+  * Initial Release.
-+
-+ -- Patrick J. Edwards <edwards at cambridgenet.sk.ca>  Mon, 17 Mar 1997 17:46:24 -0600
---- sniffit.0.3.7.beta.orig/debian/sniffit.examples
-+++ sniffit.0.3.7.beta/debian/sniffit.examples
-@@ -0,0 +1,3 @@
-+sample_config_file
-+dns_plugin.plug
-+dummy_plugin.plug
---- sniffit.0.3.7.beta.orig/debian/watch
-+++ sniffit.0.3.7.beta/debian/watch
-@@ -0,0 +1,2 @@
-+version=3
-+http://reptile.rug.ac.be /~coder/sniffit/files/ sniffit.(.*)\.tar\.gz debian uupdate



More information about the arch-commits mailing list