about summary refs log tree commit diff
path: root/pkgs/applications/networking/ids
AgeCommit message (Collapse)AuthorFilesLines
2016-11-18bro: 2.4.1 -> 2.5Sophie Taylor1-5/+5
2016-08-06bro: Broken on DarwinTuomas Tynkkynen1-6/+5
http://hydra.nixos.org/build/38312081
2016-08-02treewide: Add lots of meta.platformsTuomas Tynkkynen3-0/+3
Build-tested on x86_64 Linux & Mac.
2016-05-21snort: 2.9.7.2 -> 2.9.8.2Aycan iRiCAN2-6/+6
2015-11-14Revert "Revert "Merge pull request #9543 from NixOS/staging.post-15.06""William A. Kennington III1-2/+4
This reverts commit 741bf840dad05cd1728481045466811ae8ae8281. This reverts the fallout from reverting the major changes.
2015-11-04Merge branch 'master.upstream' into staging.upstreamWilliam A. Kennington III1-2/+2
2015-11-02bro: 2.4 -> 2.4.1Pascal Wittmann1-2/+2
2015-10-15snort: fix evaluationVladimír Čunát1-1/+1
2015-10-15Merge branch 'master.upstream' into staging.upstreamWilliam A. Kennington III1-1/+9
2015-10-06Revert "Merge pull request #9543 from NixOS/staging.post-15.06"Eelco Dolstra2-14/+4
This reverts commit f61176c5396ed513f3d399f73f38ab78a066667f, reversing changes made to a27ca029ee2b39e04d7d2a516a7228f4b62067fb. Conflicts: pkgs/development/libraries/ncurses/default.nix
2015-10-03snort: move dynamic path defs to wrapper script.Aycan iRiCAN1-2/+2
2015-10-02snort: typo fixAycan iRiCAN1-2/+1
2015-10-02snort: provide dynamic preprocessor path via wrapperAycan iRiCAN1-1/+2
2015-10-02add wrapProgram to buildInputsAycan iRiCAN1-1/+1
2015-10-02snort: introducing inline snort support via nfq daqAycan iRiCAN2-3/+13
2015-06-29bro: update from 2.3.2 to 2.4Pascal Wittmann1-4/+6
2015-05-31snort.org: switch downloads to SourceForgeVladimír Čunát2-2/+2
On snort.org they only seem to keep the latest release, which is annoying. Fixes #8065. /cc maintainer @aycanirican.
2015-05-22daq: update to version 2.0.5Peter Simons1-5/+5
Fixes https://github.com/NixOS/nixpkgs/issues/7947.
2015-03-16snort: 2.9.7.0 -> 2.9.7.2devhell1-2/+3
This includes a slight refactor. 2014-11-24 - Snort 2.9.7.2 [*] New additions * Application Identification Preprocessor, when used in conjunction with open app ID detector content, that will identify application protocol, client, server, and web applications (including those using SSL) and include the info in Snort alert data. In addition, a new rule option keyword 'appid' that can be used to constrain Snort rules based on one or more applications that are identified for the connection. See README.appid for details. * A new protected_content rule option that is used to match against a content that is hashed. It can be used to obscure the full context of the rule from the administrator. * Protocol Aware Flushing (PAF) improvements for SMTP, POP, and IMAP to more accurately process different portions of email messages and file attachments. * Added ability to test normalization behavior without modifying network traffic. When configured using na_policy_mode:inline-test, statistics will be gathered on packet normalizations that would have occurred, allowing less disruptive testing of inline deployments. * The HTTP Inspection preprocessor now has the ability to decompress DEFLATE and LZMA compressed flash content and DEFLATE compressed PDF content from http responses when configured with the new decompress_swf and decompress_pdf options. This enhancement can be used with existing rule options that already match against decompressed equivalents. * Added improved XFF support to HttpInspect. It is now possible to specify custom HTTP headers to use in place of 'X-Fowarded-For'. In situations where traffic may contain multiple XFF-like headers, it is possible to specify which headers hold precedence. * Added control socket command to dump packets. * The Stream5 preprocessor functionality is now split between the new Session and Stream preprocessors. * Added decoding capaiblity for Cisco FabricPath [*] Improvements * Update active response to allow for responses of 1500+ bytes that span multiple TCP packets. * Check limits of multiple configurations to not exceed a maximum ID of 4095. * Updated the error output of byte_test, byte_jump, byte_extract to including details on offending options for a given rule. * Update build and install scripts to install preprocessor and engine libraries into user specified libdir. * Improved performance of IP Reputation preprocessor. * The control socket will now report success when reloading empty IP Reputation whitelists/blacklists. * All TCP normalizations can now be enabled individually. See README.normalize for details on using the new options. For consistency with other options, the "urp" tcp normalization keyword now enables the normalization instead of disabling it. * Lowered memory demand of Unicode -> ASCII mapping in HttpInspect. * Updated profiler output to remove duplicate results when using multiple configurations. * Improved performance of FTP reassembly.
2015-02-09bro: update from 2.3.1 to 2.3.2Pascal Wittmann1-2/+2
2014-11-27Bump snort to 2.9.7.0 and daq to 2.0.4Aycan iRiCAN2-4/+4
2014-09-27bro: update from 2.1 to 2.3.1Pascal Wittmann1-6/+5
2014-09-24Fixed typoAycan iRiCAN2-2/+2
2014-09-24Added myself to maintainersAycan iRiCAN2-0/+2
2014-08-31Bump snort and daqAycan iRiCAN2-6/+6
2014-08-24Fix many package descriptionsBjørn Forsman1-1/+1
(My OCD kicked in today...) Remove repeated package names, capitalize first word, remove trailing periods and move overlong descriptions to longDescription. I also simplified some descriptions as well, when they were particularly long or technical, often based on Arch Linux' package descriptions. I've tried to stay away from generated expressions (and I think I succeeded). Some specifics worth mentioning: * cron, has "Vixie Cron" in its description. The "Vixie" part is not mentioned anywhere else. I kept it in a parenthesis at the end of the description. * ctags description started with "Exuberant Ctags ...", and the "exuberant" part is not mentioned elsewhere. Kept it in a parenthesis at the end of description. * nix has the description "The Nix Deployment System". Since that doesn't really say much what it is/does (especially after removing the package name!), I changed that to "Powerful package manager that makes package management reliable and reproducible" (borrowed from nixos.org). * Tons of "GNU Foo, Foo is a [the important bits]" descriptions is changed to just [the important bits]. If the package name doesn't contain GNU I don't think it's needed to say it in the description either.
2014-07-28Turn some license strings into lib.licenses valuesMateusz Kowalczyk2-2/+2
2013-10-05Some description fixesBjørn Forsman1-1/+1
There are many more packages to fix, this is just a start. Rules: * Don't repeat the package name (not always that easy...) * Start with capital letter * Don't end with full stop * Don't start with "The ..." or "A ..." I've also added descriptions to some packages and rewritten others.
2013-05-30Added bro 2.1Rob Vermaas1-0/+22
2013-05-30Add snort-2.9.4.6Rob Vermaas2-0/+38