Up to [cvs.NetBSD.org] / pkgsrc / net / dnstop
Request diff between arbitrary revisions
Keyword substitution: kv
Default branch: MAIN
net: Replace RMD160 checksums with BLAKE2s checksums All checksums have been double-checked against existing RMD160 and SHA512 hashes Not committed (merge conflicts...): net/radsecproxy/distinfo The following distfiles could not be fetched (fetched conditionally?): ./net/citrix_ica/distinfo citrix_ica-10.6.115659/en.linuxx86.tar.gz ./net/djbdns/distinfo dnscache-1.05-multiple-ip.patch ./net/djbdns/distinfo djbdns-1.05-test28.diff.xz ./net/djbdns/distinfo djbdns-1.05-ignoreip2.patch ./net/djbdns/distinfo djbdns-1.05-multiip.diff ./net/djbdns/distinfo djbdns-cachestats.patch
net: Remove SHA1 hashes for distfiles
Add SHA512 digests for distfiles for net category Problems found with existing digests: Package haproxy distfile haproxy-1.5.14.tar.gz 159f5beb8fdc6b8059ae51b53dc935d91c0fb51f [recorded] da39a3ee5e6b4b0d3255bfef95601890afd80709 [calculated] Problems found locating distfiles: Package bsddip: missing distfile bsddip-1.02.tar.Z Package citrix_ica: missing distfile citrix_ica-10.6.115659/en.linuxx86.tar.gz Package djbdns: missing distfile djbdns-1.05-test25.diff.bz2 Package djbdns: missing distfile djbdns-cachestats.patch Package djbdns: missing distfile 0002-dnscache-cache-soa-records.patch Package gated: missing distfile gated-3-5-11.tar.gz Package owncloudclient: missing distfile owncloudclient-2.0.2.tar.xz Package poink: missing distfile poink-1.6.tar.gz Package ra-rtsp-proxy: missing distfile rtspd-src-1.0.0.0.tar.gz Package ucspi-ssl: missing distfile ucspi-ssl-0.70-ucspitls-0.1.patch Package waste: missing distfile waste-source.tar.gz Otherwise, existing SHA1 digests verified and found to be the same on the machine holding the existing distfiles (morden). All existing SHA1 digests retained for now as an audit trail.
Update net/dnstop to dnstop-20140915, based on patches from Benedek Gergely via pkgsrc-users@. ok by wiz@. Changes: 2014/09/12 Duane Wessels Added 'new-gtlds' filter, which includes only queries for names ending with one of the new (2013/2014) generic TLDs. This may be useful to find hosts/servers using internal names which may collide with new gTLDs once they become active. If you use short (not fully qualified) names internally you may be uknownlying relying on root (or other) name servers to return NXDOMAIN for them. If so, "you're gonna have a bad time." Along with this new feature, TLD lists are now hashed in the code for faster lookups. 2012/11/30 Duane Wessels Added more entries to the table of known query type names (HINFO, AFSDB, PX, SSHFP, NSEC3, NSEC3PARAM, TLSA, DLV). 2012/10/15 Duane Wessels The 'refused' filter only works on responses, which are not processed by default. Now, if the 'refused' filter is specified, dnstop will automatically process responses and ignore queries. 2012/06/11 Duane Wessels Added "qtype-any" filter for displaying ANY queries which are now fashionable in DNS based attacks. 2011/05/02 Duane Wessels Anand Buddhev pointed out that LDFLAGS= is missing from Makefile.in. Also updated known_tlds.h. 2011/01/27 Duane Wessels Fixed some portability bugs (OpenBSD, gmake 3.82) and other minor bugs. Added a feature (-n option) to restrict counting to a given query name. 2011/01/05 Duane Wessels Found a fixed a few problems after spending some quality time looking at the code. 1) Hash table performance was terrible and has been improved. The hash table size is now configurable via command line option. 2) Some things were double-counted when both -Q and -R were given. 3) Added cumulative percentage totals to the tables 4) Added -X option to disable the source+queryname tables, which could consume a lot of memory. 5) Imported "inX_addr" mini-library for storing IPv4/IPv6 addresses. 2010/12/27 Duane Wessels Fixed a bug where if stdout was a TTY but stdin was not a TTY, then dnstop would enter a loop on keyboard input and consume 100% CPU. Now it checks that stdin is a TTY as well.
Update dnstop to 20090128. Based on PR 41779 by Fredrik Pettai. Version 20090128: I added a new feature to dnstop today that filters on "refused" response codes. This might be useful in tracking the ongoing DNS-based DDoS attacks. To use this new feature: dnstop -R -f refused eth0 Version 20080321: The interesting changes came in a patch from Dave Plonka: Fixed a bug that cause dnstop to Memory fault when processing a DNS packet greater than PCAP_SNAPLEN (previously 1460) bytes in size. Raised PCAP_SNAPLEN to 65535 to avoid truncating large DNS packets. Eliminated unnecessary stack buffers and memcpy calls when handling packets. Also some variables have been added to the Makefile at the request of a packager so that it may be easier to customize where files are installed, etc.
update dnstop to version 20070219. IPv6 support is now included; less CPU is required; miscellaneous bugfixes. See CHANGES for more detailed information.
Update dnstop to 20060517. Patch provided by Martin Wilke via PR 34425. - Changelog A few fixes for OS X. 1) select()ing on a pcap FD doesn't always work. Advice from tcpdump mailing list archive is to put it into non-blocking mode and ignore the select() return value. 2) Added $(LDFLAGS) to link command line in Makefile to have dnstop linked with specific libraries. LDFLAGS will be picked up from the environment. 3) OS X needs to #include <arpa/nameser_compat.h> 2006/04/24 Duane Wessels Adriaan Peeters reported that the list of known TLDs is out-of-date. In particular, the .EU domain is not in the list. 2005/04/05 Duane Wessels Mark Foster found a bug with the source+SLD list. It was being updated for 3RD-level domain names as well. Mark also suggested that the '@' key should display the source+SLD screen, just as '3' and '#' work for 3RD-level.
Update to 20050203: 2005/01/21 Sam Norris Added support for third-level domain statistics. Use the -t command line option to enable collection of 3rd-level stats, and use '3' while running to display them. Note that enabling 3rd-level stats collection does not automatically also enable 2nd-level stats. 2005/01/13 Duane Wessels Added a non-interactive mode. If you specify a savefile and stdout is not a TTY, dnstop prints each table at the end. 2004/03/09 Duane Wessels Added filter support. Filters can be used to restrict the input stream to queries with certain characteristics. The currently defined filters are: unknown-tlds Only includes queries for TLDs that are bogus. Useful for identifying hosts/servers that leak queries for things like "localhost" or "workgroup." A-for-A Only includes A queries for names that are already IP addresses. Certain Microsoft Windows DNS servers have a known bug that forward these queries. rfc1918-ptr PTR queries for addresses in RFC1918 space. These should never leak from inside an organization. 2003/11/13 Mark Foster <mark@foster.cc> Added 'c' to display options. This screen will combine the source and sld fields to show "who is querying for what" - reason: we see alot of duplicate querys for whatever reason. This will help separate the legitimate queries from the broken resolvers, etc. See http://www.circleid.com/article/102_0_1_0_C/ for more about that. Closes PR 29807.
Add RMD160 digests.
Change DIST_SUBDIR from PKGNAME_NOREV to PKGNAME, since the man page changed again (see previous commit) and to avoid breakage for people who have the old distfile.
The checksum for dnstop.8 changed; sync to the new one.
Use DIST_SUBDIR=${PKGNAME_NOREV} as dnstop.8 has no version number.
manpage revised .\" $Id: dnstop.8,v 1.5 2003/11/13 21:12:57 wessels Exp $
Man page got updated: 1c1 < .\" $Id: dnstop.8,v 1.2 2002/12/24 19:20:28 wessels Exp $ --- > .\" $Id: dnstop.8,v 1.3 2003/01/24 17:44:23 wessels Exp $ 53c53 < display the desitination address table --- > display the destination address table Noted by Jeremy C. Reed in PR 21286.
Include the manual page in the distinfo. Don't attempt to extract the manual page.
Update to 20021224, now BSD-licensed and with man page.
dnstop is a libpcap application (ala tcpdump) that displays various tables of DNS traffic on your network. Currently dnstop displays tables of: * Source IP addresses * Destination IP addresses * Query types * Top level domains * Second level domains http://dnstop.measurement-factory.com/
Initial revision