Added missing prelude config file. Added patch to correct snort's drop packet calculations.

2 files changed, 89 insertions, 0 deletions

diff --git a/net-analyzer/snort/files/digest-snort-2.0.5-r2 b/net-analyzer/snort/files/digest-snort-2.0.5-r2
new file mode 100644
index 000000000000..4351b0787e07
--- /dev/null
+++ b/net-analyzer/snort/files/digest-snort-2.0.5-r2
@@ -0,0 +1,2 @@
+MD5 f129ee00a3d6e7b7c1ff4a1e1fba3a08 snort-2.0.5.tar.gz 1951308
+MD5 7fd78d7bb755227c5acec7bfecdb94f7 snort-prelude-reporting-patch-0.2.5.tar.gz 39277
diff --git a/net-analyzer/snort/files/snort-drop-calculation.diff b/net-analyzer/snort/files/snort-drop-calculation.diff
new file mode 100644
index 000000000000..f246155611dd
--- /dev/null
+++ b/net-analyzer/snort/files/snort-drop-calculation.diff
@@ -0,0 +1,87 @@
+--- src/util.orig       2003-10-01 16:17:50.000000000 +0200
++++ src/util.c  2003-10-01 16:20:27.000000000 +0200
+@@ -916,13 +916,13 @@
+             LogMessage("\n\n===================================="
+                     "===========================================\n");
+             LogMessage("Snort analyzed %d out of %d packets, ", 
+-                    ps.ps_recv, ps.ps_recv+ps.ps_drop);
++                    ps.ps_recv - ps.ps_drop, ps.ps_recv);
+ 
+             if(ps.ps_recv)
+             {
+                 LogMessage("dropping %d(%.3f%%) packets\n\n", 
+                         ps.ps_drop, 
+-                        CalcPct( (float) ps.ps_drop, (float) (ps.ps_recv+ps.ps_drop) ));
++                        CalcPct( (float) ps.ps_drop, (float) ps.ps_recv ));
+             }
+             else
+             {
+@@ -931,44 +931,44 @@
+ 
+             LogMessage("Breakdown by protocol:                Action Stats:\n");
+             LogMessage("    TCP: %-10ld (%.3f%%)%-*sALERTS: %-10ld\n", 
+-                    pc.tcp, CalcPct((float) pc.tcp, recv + drop), 
++                    pc.tcp, CalcPct((float) pc.tcp, recv), 
+                     CalcPct((float)pc.tcp,recv + drop)<10?10:9 , " ", pc.alert_pkts);
+             LogMessage("    UDP: %-10ld (%.3f%%)%-*sLOGGED: %-10ld\n", 
+-                    pc.udp, CalcPct((float) pc.udp, recv + drop),  
++                    pc.udp, CalcPct((float) pc.udp, recv),  
+                     CalcPct((float)pc.udp,recv + drop)<10?10:9, " ", pc.log_pkts);
+             LogMessage("   ICMP: %-10ld (%.3f%%)%-*sPASSED: %-10ld\n", 
+-                    pc.icmp, CalcPct((float) pc.icmp, recv + drop), 
++                    pc.icmp, CalcPct((float) pc.icmp, recv), 
+                     CalcPct((float)pc.icmp,recv + drop)<10?10:9, " ", pc.pass_pkts);
+             LogMessage("    ARP: %-10ld (%.3f%%)\n", 
+-                    pc.arp, CalcPct((float) pc.arp, recv + drop));
++                    pc.arp, CalcPct((float) pc.arp, recv));
+             LogMessage("  EAPOL: %-10ld (%.3f%%)\n", 
+-                        pc.eapol, CalcPct((float) pc.eapol, recv + drop));
++                        pc.eapol, CalcPct((float) pc.eapol, recv));
+             LogMessage("   IPv6: %-10ld (%.3f%%)\n", 
+-                    pc.ipv6, CalcPct((float) pc.ipv6, recv + drop));
++                    pc.ipv6, CalcPct((float) pc.ipv6, recv));
+             LogMessage("    IPX: %-10ld (%.3f%%)\n", 
+-                    pc.ipx, CalcPct((float) pc.ipx, recv + drop));
++                    pc.ipx, CalcPct((float) pc.ipx, recv));
+             LogMessage("  OTHER: %-10ld (%.3f%%)\n", 
+-                    pc.other, CalcPct((float) pc.other, recv + drop));
++                    pc.other, CalcPct((float) pc.other, recv));
+             LogMessage("DISCARD: %-10ld (%.3f%%)\n", 
+-                    pc.discards, CalcPct((float) pc.discards, recv + drop));
++                    pc.discards, CalcPct((float) pc.discards, recv));
+             LogMessage("================================================"
+                     "===============================\n");
+             LogMessage("Wireless Stats:\n");
+         LogMessage("Breakdown by type:\n");
+             LogMessage("    Management Packets: %-10ld (%.3f%%)\n", 
+                         pc.wifi_mgmt, CalcPct((float) pc.wifi_mgmt
+-                          , recv + drop));
++                          , recv));
+             LogMessage("    Control Packets:    %-10ld (%.3f%%)\n", 
+                         pc.wifi_control, CalcPct((float) pc.wifi_control
+-                          , recv + drop));
++                          , recv));
+             LogMessage("    Data Packets:       %-10ld (%.3f%%)\n", 
+                         pc.wifi_data, CalcPct((float) pc.wifi_data
+-                          , recv + drop));
++                          , recv));
+             LogMessage("================================================"
+                        "===============================\n");
+             LogMessage("Fragmentation Stats:\n");
+             LogMessage("Fragmented IP Packets: %-10ld (%.3f%%)\n", 
+-                    pc.frags, CalcPct((float) pc.frags, recv + drop));
++                    pc.frags, CalcPct((float) pc.frags, recv));
+             LogMessage("    Fragment Trackers: %-10ld\n", 
+                     pc.frag_trackers);
+             LogMessage("   Rebuilt IP Packets: %-10ld\n", 
+@@ -987,7 +987,7 @@
+             LogMessage("TCP Stream Reassembly Stats:\n");
+             LogMessage("        TCP Packets Used: %-10ld (%-3.3f%%)\n", 
+                     pc.tcp_stream_pkts, 
+-                    CalcPct((float) pc.tcp_stream_pkts, recv + drop));
++                    CalcPct((float) pc.tcp_stream_pkts, recv));
+             LogMessage("         Stream Trackers: %-10ld\n", pc.tcp_streams);
+             LogMessage("          Stream flushes: %-10ld\n", pc.rebuilt_tcp);
+             LogMessage("           Segments used: %-10ld\n", pc.rebuilt_segs);
+
+