The FreeBSD Ports Archive
FreeBSD security  : bro
System for detecting Network Intruders in real-time
Bro is an open-source, Unix-based Network Intrusion Detection System (NIDS)
that passively monitors network traffic and looks for suspicious activity.
Bro detects intrusions by first parsing network traffic to extract is
application-level semantics and then executing event-oriented analyzers that
compare the activity with patterns deemed troublesome. Its analysis includes
detection of specific attacks (including those defined by signatures, but
also those defined in terms of events) and unusual activities (e.g., certain
hosts connecting to certain services, or patterns of failed connection
attempts).
Bro is documented in the USENIX 1998 Security Conference proceedings.
-- Paul
pauls@utdallas.edu
http://bro-ids.org/
|
bro history
v. 1.34
date: 2007/10/17 10:12:56; author: ade; state: Exp; lines: +2 -2
Migration from bison 1.x to 2.x
PR: 117086
Tested by: -exp runs
v. 1.33
date: 2007/09/11 20:50:54; author: edwin; state: Exp; lines: +2 -2
Undo changes to the header.
v. 1.32
date: 2007/09/10 13:28:11; author: edwin; state: Exp; lines: +68 -24
security/bro, port upgrade to version 1.2.1, take over maintainership
This is an upgrade of the security/bro port to the current
stable version. The port is very complex, so it needs to
be tested carefully to make sure that I'm not screwing
anything up or using wrong conventions. Also, I'm willing
to take over maintainership of the port if it's accepted
into the tree.
Please note, there are several files that need to be removed
from the port and quite a few that need to be added. All
these files are in FILESDIR. I have provided blank patches
for the files that need to be removed, so the patches will
create blank files.
Added IS_INTERACTIVE to the port
Left original freebsd header comments in it.
Next time please use one big patch-file instead of lots of little ones :-)
PR: ports/114999
Submitted by: Paul Schmehl
v. 1.31
date: 2006/05/13 04:14:59; author: edwin; state: Exp; lines: +0 -1
Remove USE_REINPLACE from all categories starting with S
v. 1.30
date: 2005/09/04 19:36:50; author: ade; state: Exp; lines: +1 -1
Revert back to devel/bison
v. 1.29
date: 2005/09/02 08:01:07; author: pav; state: Exp; lines: +2 -1
- Switch bison dependency to bison175 port
v. 1.28
date: 2005/04/12 03:26:26; author: obrien; state: Exp; lines: +1 -1
At Kris's request, back out the MACHINE_ARCH spelling correction until
after 5.4-RELEASE.
v. 1.27
date: 2005/04/11 08:03:50; author: obrien; state: Exp; lines: +1 -1
Assist getting more ports working on AMD64 by obeying the
Ports Collection documentation and use 'ARCH' rather than 'MACHINE_ARCH'.
v. 1.26
date: 2004/09/19 02:09:40; author: leeym; state: Exp; lines: +7 -9
- unbreak this port on 5.x
PR: 71853
Submitted by: leeym
Approved by: portmgr (marcus)
v. 1.25
date: 2004/09/17 23:02:58; author: kris; state: Exp; lines: +7 -1
BROKEN on 5.x: Does not compile
Approved by: portmgr (self)
v. 1.24
date: 2004/02/04 05:08:42; author: marcus; state: Exp; lines: +1 -0
Bump PORTREVISION on all ports that depend on gettext to aid with upgrading.
(Part 1)
v. 1.23
date: 2003/11/04 16:00:01; author: osa; state: Exp; lines: +1 -3
Fix broken (checksum mismatch) by change suffix of distro
from "-current" to "a37".
No changes for MD5.
v. 1.22
date: 2003/11/03 03:56:40; author: kris; state: Exp; lines: +2 -0
Mark BROKEN (see bento logs). These ports are scheduled for removal
after Feb 2 2004 if they are still broken at that time and no fixes
have been submitted by PR.
v. 1.21
date: 2003/10/14 14:50:58; author: osa; state: Exp; lines: +32 -24
Update to 0.8, fix RESTRICTED.
v. 1.20
date: 2003/09/24 09:36:57; author: osa; state: Exp; lines: +1 -1
Make portlint(1) happy by changing strip to ${STRIP_CMD}
Submitted by: Oleg Karachevtsev
PR: 56998
v. 1.19
date: 2003/02/20 18:59:03; author: knu; state: Exp; lines: +1 -0
De-pkg-comment.
v. 1.18
date: 2002/06/08 17:31:07; author: obrien; state: Exp; lines: +2 -2
To ports@freebsd.org.
v. 1.17
date: 2000/06/02 03:18:38; author: will; state: Exp; lines: +2 -2
Remove redundant/inappropriate CATEGORIES. People need to start reading
the Porter's Handbook. :-)
v. 1.16
date: 2000/04/21 08:18:10; author: mharo; state: Exp; lines: +2 -2
Correct whitespace introduced during PORTNAME conversion and portlint
v. 1.15
date: 2000/04/09 18:29:25; author: cpiazza; state: Exp; lines: +4 -4
Update with the new PORTNAME/PORTVERSION variables
v. 1.14
date: 2000/03/22 00:26:42; author: obrien; state: Exp; lines: +2 -1
Restore useless version required comments.
v. 1.13
date: 2000/03/20 02:36:09; author: obrien; state: Exp; lines: +1 -2
Remove the "version required" line.
v. 1.12
date: 2000/02/13 03:23:07; author: obrien; state: Exp; lines: +3 -3
Style nits in the ports I maintain.
v. 1.11
date: 1999/08/31 01:50:55; author: peter; state: Exp; lines: +1 -1
$Id$ -> $FreeBSD$
v. 1.10
date: 1999/04/05 17:49:35; author: fenner; state: Exp; lines: +4 -3
Tell the distfile survey that bro doesn't have any distfiles to check by
commenting out MASTER_SITES.
Modify the IGNORE= message a little, and use ${DISTFILES} to describe
the file to fetch so that the message doesn't have to be modified every
time the port is updated.
v. 1.9
date: 1999/02/13 20:03:59; author: obrien; state: Exp; lines: +6 -6
update to 0.5
Ok'ed by: Satoshi
v. 1.8
date: 1998/12/25 02:14:07; author: obrien; state: Exp; lines: +4 -2
With Satoshi's next bsd.port.* commit, this should work.
v. 1.7
date: 1998/12/24 17:52:35; author: obrien; state: Exp; lines: +5 -12
Attempt to not "exit 1" if the distfile is missing. Otherwise batch fetching
of distfiles is harder than I would like.
v. 1.6
date: 1998/11/04 18:45:38; author: obrien; state: Exp; lines: +2 -1
Make IS_INTERACTIVE so people doing ``cd /usr/ports ; make fetch'' will
get a little farther.
Requested by: Andreas Klemm
v. 1.5
date: 1998/09/14 00:20:20; author: obrien; state: Exp; lines: +7 -7
upgrade to 0.4 Alpha
v. 1.4
date: 1998/03/16 10:27:31; author: obrien; state: Exp; lines: +16 -5
Author wishes that Bro not be distrbuted while in Alpha.
v. 1.3
date: 1998/03/03 09:56:10; author: asami; state: Exp; lines: +2 -1
Mark this NO_PACKAGE until DavidO can fix it.
v. 1.2
date: 1998/03/03 09:53:37; author: asami; state: Exp; lines: +2 -2
No need to define a variable with += if it appears for the first time here.
v. 1.1
date: 1998/03/02 10:35:04; author: obrien; state: Exp;
branches: 1.1.1;
Initial revision
v. 1.1.1.1
date: 1998/03/02 10:35:04; author: obrien; state: Exp; lines: +0 -0
Bro is a system for detecting Network Intruders in real-time by the guys
that brought you tcpdump, libpcap, and flex.
Bro is documented in the the USENIX 1998 Security Conference proceedings.
=============================================================================
v. 1.34
date: 2007/10/17 10:12:56; author: ade; state: Exp; lines: +2 -2
Migration from bison 1.x to 2.x
PR: 117086
Tested by: -exp runs
v. 1.33
date: 2007/09/11 20:50:54; author: edwin; state: Exp; lines: +2 -2
Undo changes to the header.
v. 1.32
date: 2007/09/10 13:28:11; author: edwin; state: Exp; lines: +68 -24
security/bro, port upgrade to version 1.2.1, take over maintainership
This is an upgrade of the security/bro port to the current
stable version. The port is very complex, so it needs to
be tested carefully to make sure that I'm not screwing
anything up or using wrong conventions. Also, I'm willing
to take over maintainership of the port if it's accepted
into the tree.
Please note, there are several files that need to be removed
from the port and quite a few that need to be added. All
these files are in FILESDIR. I have provided blank patches
for the files that need to be removed, so the patches will
create blank files.
Added IS_INTERACTIVE to the port
Left original freebsd header comments in it.
Next time please use one big patch-file instead of lots of little ones :-)
PR: ports/114999
Submitted by: Paul Schmehl
v. 1.31
date: 2006/05/13 04:14:59; author: edwin; state: Exp; lines: +0 -1
Remove USE_REINPLACE from all categories starting with S
v. 1.30
date: 2005/09/04 19:36:50; author: ade; state: Exp; lines: +1 -1
Revert back to devel/bison
v. 1.29
date: 2005/09/02 08:01:07; author: pav; state: Exp; lines: +2 -1
- Switch bison dependency to bison175 port
v. 1.28
date: 2005/04/12 03:26:26; author: obrien; state: Exp; lines: +1 -1
At Kris's request, back out the MACHINE_ARCH spelling correction until
after 5.4-RELEASE.
v. 1.27
date: 2005/04/11 08:03:50; author: obrien; state: Exp; lines: +1 -1
Assist getting more ports working on AMD64 by obeying the
Ports Collection documentation and use 'ARCH' rather than 'MACHINE_ARCH'.
v. 1.26
date: 2004/09/19 02:09:40; author: leeym; state: Exp; lines: +7 -9
- unbreak this port on 5.x
PR: 71853
Submitted by: leeym
Approved by: portmgr (marcus)
v. 1.25
date: 2004/09/17 23:02:58; author: kris; state: Exp; lines: +7 -1
BROKEN on 5.x: Does not compile
Approved by: portmgr (self)
v. 1.24
date: 2004/02/04 05:08:42; author: marcus; state: Exp; lines: +1 -0
Bump PORTREVISION on all ports that depend on gettext to aid with upgrading.
(Part 1)
v. 1.23
date: 2003/11/04 16:00:01; author: osa; state: Exp; lines: +1 -3
Fix broken (checksum mismatch) by change suffix of distro
from "-current" to "a37".
No changes for MD5.
v. 1.22
date: 2003/11/03 03:56:40; author: kris; state: Exp; lines: +2 -0
Mark BROKEN (see bento logs). These ports are scheduled for removal
after Feb 2 2004 if they are still broken at that time and no fixes
have been submitted by PR.
v. 1.21
date: 2003/10/14 14:50:58; author: osa; state: Exp; lines: +32 -24
Update to 0.8, fix RESTRICTED.
v. 1.20
date: 2003/09/24 09:36:57; author: osa; state: Exp; lines: +1 -1
Make portlint(1) happy by changing strip to ${STRIP_CMD}
Submitted by: Oleg Karachevtsev
PR: 56998
v. 1.19
date: 2003/02/20 18:59:03; author: knu; state: Exp; lines: +1 -0
De-pkg-comment.
v. 1.18
date: 2002/06/08 17:31:07; author: obrien; state: Exp; lines: +2 -2
To ports@freebsd.org.
v. 1.17
date: 2000/06/02 03:18:38; author: will; state: Exp; lines: +2 -2
Remove redundant/inappropriate CATEGORIES. People need to start reading
the Porter's Handbook. :-)
v. 1.16
date: 2000/04/21 08:18:10; author: mharo; state: Exp; lines: +2 -2
Correct whitespace introduced during PORTNAME conversion and portlint
v. 1.15
date: 2000/04/09 18:29:25; author: cpiazza; state: Exp; lines: +4 -4
Update with the new PORTNAME/PORTVERSION variables
v. 1.14
date: 2000/03/22 00:26:42; author: obrien; state: Exp; lines: +2 -1
Restore useless version required comments.
v. 1.13
date: 2000/03/20 02:36:09; author: obrien; state: Exp; lines: +1 -2
Remove the "version required" line.
v. 1.12
date: 2000/02/13 03:23:07; author: obrien; state: Exp; lines: +3 -3
Style nits in the ports I maintain.
v. 1.11
date: 1999/08/31 01:50:55; author: peter; state: Exp; lines: +1 -1
$Id$ -> $FreeBSD$
v. 1.10
date: 1999/04/05 17:49:35; author: fenner; state: Exp; lines: +4 -3
Tell the distfile survey that bro doesn't have any distfiles to check by
commenting out MASTER_SITES.
Modify the IGNORE= message a little, and use ${DISTFILES} to describe
the file to fetch so that the message doesn't have to be modified every
time the port is updated.
v. 1.9
date: 1999/02/13 20:03:59; author: obrien; state: Exp; lines: +6 -6
update to 0.5
Ok'ed by: Satoshi
v. 1.8
date: 1998/12/25 02:14:07; author: obrien; state: Exp; lines: +4 -2
With Satoshi's next bsd.port.* commit, this should work.
v. 1.7
date: 1998/12/24 17:52:35; author: obrien; state: Exp; lines: +5 -12
Attempt to not "exit 1" if the distfile is missing. Otherwise batch fetching
of distfiles is harder than I would like.
v. 1.6
date: 1998/11/04 18:45:38; author: obrien; state: Exp; lines: +2 -1
Make IS_INTERACTIVE so people doing ``cd /usr/ports ; make fetch'' will
get a little farther.
Requested by: Andreas Klemm
v. 1.5
date: 1998/09/14 00:20:20; author: obrien; state: Exp; lines: +7 -7
upgrade to 0.4 Alpha
v. 1.4
date: 1998/03/16 10:27:31; author: obrien; state: Exp; lines: +16 -5
Author wishes that Bro not be distrbuted while in Alpha.
v. 1.3
date: 1998/03/03 09:56:10; author: asami; state: Exp; lines: +2 -1
Mark this NO_PACKAGE until DavidO can fix it.
v. 1.2
date: 1998/03/03 09:53:37; author: asami; state: Exp; lines: +2 -2
No need to define a variable with += if it appears for the first time here.
v. 1.1
date: 1998/03/02 10:35:04; author: obrien; state: Exp;
branches: 1.1.1;
Initial revision
v. 1.1.1.1
date: 1998/03/02 10:35:04; author: obrien; state: Exp; lines: +0 -0
Bro is a system for detecting Network Intruders in real-time by the guys
that brought you tcpdump, libpcap, and flex.
Bro is documented in the the USENIX 1998 Security Conference proceedings.
=============================================================================
v. 1.34
date: 2007/10/17 10:12:56; author: ade; state: Exp; lines: +2 -2
Migration from bison 1.x to 2.x
PR: 117086
Tested by: -exp runs
v. 1.33
date: 2007/09/11 20:50:54; author: edwin; state: Exp; lines: +2 -2
Undo changes to the header.
v. 1.32
date: 2007/09/10 13:28:11; author: edwin; state: Exp; lines: +68 -24
security/bro, port upgrade to version 1.2.1, take over maintainership
This is an upgrade of the security/bro port to the current
stable version. The port is very complex, so it needs to
be tested carefully to make sure that I'm not screwing
anything up or using wrong conventions. Also, I'm willing
to take over maintainership of the port if it's accepted
into the tree.
Please note, there are several files that need to be removed
from the port and quite a few that need to be added. All
these files are in FILESDIR. I have provided blank patches
for the files that need to be removed, so the patches will
create blank files.
Added IS_INTERACTIVE to the port
Left original freebsd header comments in it.
Next time please use one big patch-file instead of lots of little ones :-)
PR: ports/114999
Submitted by: Paul Schmehl
v. 1.31
date: 2006/05/13 04:14:59; author: edwin; state: Exp; lines: +0 -1
Remove USE_REINPLACE from all categories starting with S
v. 1.30
date: 2005/09/04 19:36:50; author: ade; state: Exp; lines: +1 -1
Revert back to devel/bison
v. 1.29
date: 2005/09/02 08:01:07; author: pav; state: Exp; lines: +2 -1
- Switch bison dependency to bison175 port
v. 1.28
date: 2005/04/12 03:26:26; author: obrien; state: Exp; lines: +1 -1
At Kris's request, back out the MACHINE_ARCH spelling correction until
after 5.4-RELEASE.
v. 1.27
date: 2005/04/11 08:03:50; author: obrien; state: Exp; lines: +1 -1
Assist getting more ports working on AMD64 by obeying the
Ports Collection documentation and use 'ARCH' rather than 'MACHINE_ARCH'.
v. 1.26
date: 2004/09/19 02:09:40; author: leeym; state: Exp; lines: +7 -9
- unbreak this port on 5.x
PR: 71853
Submitted by: leeym
Approved by: portmgr (marcus)
v. 1.25
date: 2004/09/17 23:02:58; author: kris; state: Exp; lines: +7 -1
BROKEN on 5.x: Does not compile
Approved by: portmgr (self)
v. 1.24
date: 2004/02/04 05:08:42; author: marcus; state: Exp; lines: +1 -0
Bump PORTREVISION on all ports that depend on gettext to aid with upgrading.
(Part 1)
v. 1.23
date: 2003/11/04 16:00:01; author: osa; state: Exp; lines: +1 -3
Fix broken (checksum mismatch) by change suffix of distro
from "-current" to "a37".
No changes for MD5.
v. 1.22
date: 2003/11/03 03:56:40; author: kris; state: Exp; lines: +2 -0
Mark BROKEN (see bento logs). These ports are scheduled for removal
after Feb 2 2004 if they are still broken at that time and no fixes
have been submitted by PR.
v. 1.21
date: 2003/10/14 14:50:58; author: osa; state: Exp; lines: +32 -24
Update to 0.8, fix RESTRICTED.
v. 1.20
date: 2003/09/24 09:36:57; author: osa; state: Exp; lines: +1 -1
Make portlint(1) happy by changing strip to ${STRIP_CMD}
Submitted by: Oleg Karachevtsev
PR: 56998
v. 1.19
date: 2003/02/20 18:59:03; author: knu; state: Exp; lines: +1 -0
De-pkg-comment.
v. 1.18
date: 2002/06/08 17:31:07; author: obrien; state: Exp; lines: +2 -2
To ports@freebsd.org.
v. 1.17
date: 2000/06/02 03:18:38; author: will; state: Exp; lines: +2 -2
Remove redundant/inappropriate CATEGORIES. People need to start reading
the Porter's Handbook. :-)
v. 1.16
date: 2000/04/21 08:18:10; author: mharo; state: Exp; lines: +2 -2
Correct whitespace introduced during PORTNAME conversion and portlint
v. 1.15
date: 2000/04/09 18:29:25; author: cpiazza; state: Exp; lines: +4 -4
Update with the new PORTNAME/PORTVERSION variables
v. 1.14
date: 2000/03/22 00:26:42; author: obrien; state: Exp; lines: +2 -1
Restore useless version required comments.
v. 1.13
date: 2000/03/20 02:36:09; author: obrien; state: Exp; lines: +1 -2
Remove the "version required" line.
v. 1.12
date: 2000/02/13 03:23:07; author: obrien; state: Exp; lines: +3 -3
Style nits in the ports I maintain.
v. 1.11
date: 1999/08/31 01:50:55; author: peter; state: Exp; lines: +1 -1
$Id$ -> $FreeBSD$
v. 1.10
date: 1999/04/05 17:49:35; author: fenner; state: Exp; lines: +4 -3
Tell the distfile survey that bro doesn't have any distfiles to check by
commenting out MASTER_SITES.
Modify the IGNORE= message a little, and use ${DISTFILES} to describe
the file to fetch so that the message doesn't have to be modified every
time the port is updated.
v. 1.9
date: 1999/02/13 20:03:59; author: obrien; state: Exp; lines: +6 -6
update to 0.5
Ok'ed by: Satoshi
v. 1.8
date: 1998/12/25 02:14:07; author: obrien; state: Exp; lines: +4 -2
With Satoshi's next bsd.port.* commit, this should work.
v. 1.7
date: 1998/12/24 17:52:35; author: obrien; state: Exp; lines: +5 -12
Attempt to not "exit 1" if the distfile is missing. Otherwise batch fetching
of distfiles is harder than I would like.
v. 1.6
date: 1998/11/04 18:45:38; author: obrien; state: Exp; lines: +2 -1
Make IS_INTERACTIVE so people doing ``cd /usr/ports ; make fetch'' will
get a little farther.
Requested by: Andreas Klemm
v. 1.5
date: 1998/09/14 00:20:20; author: obrien; state: Exp; lines: +7 -7
upgrade to 0.4 Alpha
v. 1.4
date: 1998/03/16 10:27:31; author: obrien; state: Exp; lines: +16 -5
Author wishes that Bro not be distrbuted while in Alpha.
v. 1.3
date: 1998/03/03 09:56:10; author: asami; state: Exp; lines: +2 -1
Mark this NO_PACKAGE until DavidO can fix it.
v. 1.2
date: 1998/03/03 09:53:37; author: asami; state: Exp; lines: +2 -2
No need to define a variable with += if it appears for the first time here.
v. 1.1
date: 1998/03/02 10:35:04; author: obrien; state: Exp;
branches: 1.1.1;
Initial revision
v. 1.1.1.1
date: 1998/03/02 10:35:04; author: obrien; state: Exp; lines: +0 -0
Bro is a system for detecting Network Intruders in real-time by the guys
that brought you tcpdump, libpcap, and flex.
Bro is documented in the the USENIX 1998 Security Conference proceedings.
=============================================================================
|
| |
|