svn commit: r507510 - in head/net: . hping3 hping3/files

Eugene Grosbein eugen at FreeBSD.org
Sun Jul 28 15:15:07 UTC 2019


Author: eugen
Date: Sun Jul 28 15:15:04 2019
New Revision: 507510
URL: https://svnweb.freebsd.org/changeset/ports/507510

Log:
  New port: net/hping3
  
  hping3 is a command-line oriented TCP/IP packet assembler/analyzer.
  
  This port is significantly modified version of already existing
  older port net/hping but hping3 has more useful features like
  IP options LSRR/SSRR etc.
  
  net/hping3 does not conflict with net/hping due to different names
  of installed files and both utilities may be installed same time.

Added:
  head/net/hping3/
  head/net/hping3/Makefile   (contents, props changed)
  head/net/hping3/distinfo   (contents, props changed)
  head/net/hping3/files/
  head/net/hping3/files/patch-Makefile.in   (contents, props changed)
  head/net/hping3/files/patch-bytesex.h   (contents, props changed)
  head/net/hping3/files/patch-configure   (contents, props changed)
  head/net/hping3/files/patch-docs_hping3.8   (contents, props changed)
  head/net/hping3/files/patch-sendip.c   (contents, props changed)
  head/net/hping3/pkg-descr   (contents, props changed)
Modified:
  head/net/Makefile

Modified: head/net/Makefile
==============================================================================
--- head/net/Makefile	Sun Jul 28 13:38:21 2019	(r507509)
+++ head/net/Makefile	Sun Jul 28 15:15:04 2019	(r507510)
@@ -241,6 +241,7 @@
     SUBDIR += hostapd
     SUBDIR += howl
     SUBDIR += hping
+    SUBDIR += hping3
     SUBDIR += hs-network
     SUBDIR += hsflowd
     SUBDIR += htpdate

Added: head/net/hping3/Makefile
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/net/hping3/Makefile	Sun Jul 28 15:15:04 2019	(r507510)
@@ -0,0 +1,61 @@
+# Created by: Eugene Grosbein <eugen at FreeBSD.org>
+# $FreeBSD$
+
+PORTNAME=	hping3
+PORTVERSION=	20051105
+CATEGORIES=	net security
+MASTER_SITES=	http://www.hping.org/ \
+		http://200ok.org/distfiles/hping/
+
+MAINTAINER=	eugen at FreeBSD.org
+COMMENT=	Network auditing tool
+
+LICENSE=	GPLv2
+LICENSE_FILE=	${WRKSRC}/COPYING
+
+HAS_CONFIGURE=		yes
+TCL_CONFIGURE_OFF=	--no-tcl
+
+PLIST_FILES=	sbin/${PORTNAME}
+
+PORTDOCS_en=	APD.txt API.txt AS-BACKDOOR HPING2-HOWTO.txt HPING2-IS-OPEN \
+		HPING3.txt MORE-FUN-WITH-IPID SPOOFED_SCAN.txt hping2rc.example
+PORTDOCS_fr=	AS-BACKDOOR hping2-fr.8 hping2-fr.8.txt HPING2-HOWTO.txt \
+		HPING2-IS-OPEN INSTALL MORE-FUN-WITH-IPID NEWS SPOOFED_SCAN.txt
+PORTDOCS=	${PORTDOCS_en} ${PORTDOCS_fr:S/^/french\//}
+
+OPTIONS_DEFINE=		DOCS MAN TCL
+OPTIONS_DEFAULT=	DOCS MAN
+TCL_USES=		tcl
+
+MAN_DESC=		Install manual page
+
+.include <bsd.port.options.mk>
+
+.if ${PORT_OPTIONS:MMAN}
+PLIST_FILES+=	man/man8/${PORTNAME}.8.gz
+.endif
+
+.if ${PORT_OPTIONS:MTCL}
+LDFLAGS+=	-L${PREFIX}/lib
+.endif
+
+pre-configure-TCL-on:
+	${REINPLACE_CMD} 's,"8.4",${TCL_VER},' ${WRKSRC}/configure
+.if ${LOCALBASE} != /usr/local
+	${REINPLACE_CMD} 's,/usr/local,${LOCALBASE},' ${WRKSRC}/configure
+.endif
+
+do-install:
+	${INSTALL_PROGRAM} ${WRKSRC}/${PORTNAME} ${STAGEDIR}${PREFIX}/sbin
+
+do-install-DOCS-on:
+	@${MKDIR} ${STAGEDIR}${DOCSDIR} ${STAGEDIR}${DOCSDIR}/french
+	cd ${WRKSRC}/docs && ${INSTALL_DATA} ${PORTDOCS_en} ${STAGEDIR}${DOCSDIR}
+	cd ${WRKSRC}/docs/french && ${INSTALL_DATA} ${PORTDOCS_fr} ${STAGEDIR}${DOCSDIR}/french
+
+do-install-MAN-on:
+	${INSTALL_MAN} ${WRKSRC}/docs/${PORTNAME}.8 \
+		${STAGEDIR}${MANPREFIX}/man/man8/${PORTNAME}.8
+
+.include <bsd.port.mk>

Added: head/net/hping3/distinfo
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/net/hping3/distinfo	Sun Jul 28 15:15:04 2019	(r507510)
@@ -0,0 +1,3 @@
+TIMESTAMP = 1563520605
+SHA256 (hping3-20051105.tar.gz) = f5a671a62a11dc8114fa98eade19542ed1c3aa3c832b0e572ca0eb1a5a4faee8
+SIZE (hping3-20051105.tar.gz) = 584001

Added: head/net/hping3/files/patch-Makefile.in
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/net/hping3/files/patch-Makefile.in	Sun Jul 28 15:15:04 2019	(r507510)
@@ -0,0 +1,34 @@
+--- Makefile.in.orig	2004-04-09 23:38:56 UTC
++++ Makefile.in
+@@ -6,10 +6,11 @@
+ # $date: Sun Jul 25 17:56:15 MET DST 1999$ 
+ # $rev: 3$ 
+ 
+-CC= gcc
++CC?= gcc
+ AR=/usr/bin/ar
+ RANLIB=/usr/bin/ranlib
+-CCOPT= -O2 -Wall @PCAP_INCLUDE@ @TCL_INC@ @USE_TCL@
++CCOPT= -Wall @CFLAGS@ @PCAP_INCLUDE@ @TCL_INC@ @USE_TCL@
++LDFLAGS=@LDFLAGS@
+ DEBUG= -g
+ #uncomment the following if you need libpcap based build under linux
+ #(not raccomanded)
+@@ -50,7 +51,7 @@ libars.a: $(ARSOBJ)
+ 	$(RANLIB) $@
+ 
+ hping3: byteorder.h $(OBJ)
+-	$(CC) -o hping3 $(CCOPT) $(DEBUG) $(OBJ) -L/usr/local/lib $(PCAP) @SOLARISLIB@ @TCL_LIB@
++	$(CC) -o hping3 $(CCOPT) $(OBJ) $(LDFLAGS) $(PCAP) @SOLARISLIB@ @TCL_LIB@
+ 	@echo
+ 	./hping3 -v
+ 	@echo "use \`make strip' to strip hping3 binary"
+@@ -63,7 +64,7 @@ byteorder.h:
+ 	./configure
+ 
+ .c.o:
+-	$(CC) -c $(CCOPT) $(DEBUG) $(COMPILE_TIME) $<
++	$(CC) -c $(CCOPT) $(COMPILE_TIME) $<
+ 
+ clean:
+ 	rm -rf hping3 *.o libars.a

Added: head/net/hping3/files/patch-bytesex.h
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/net/hping3/files/patch-bytesex.h	Sun Jul 28 15:15:04 2019	(r507510)
@@ -0,0 +1,23 @@
+--- bytesex.h.orig	2003-08-31 17:23:48 UTC
++++ bytesex.h
+@@ -7,6 +7,7 @@
+ #ifndef ARS_BYTESEX_H
+ #define ARS_BYTESEX_H
+ 
++#if 0
+ #if 	defined(__i386__) \
+ 	|| defined(__alpha__) \
+ 	|| (defined(__mips__) && (defined(MIPSEL) || defined (__MIPSEL__)))
+@@ -21,5 +22,12 @@
+ #else
+ # error can not find the byte order for this architecture, fix bytesex.h
+ #endif
++#endif
++
++#if BYTE_ORDER == LITTLE_ENDIAN
++#define BYTE_ORDER_LITTLE_ENDIAN
++#else
++#define BYTE_ORDER_BIG_ENDIAN
++#endif
+ 
+ #endif /* ARS_BYTESEX_H */

Added: head/net/hping3/files/patch-configure
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/net/hping3/files/patch-configure	Sun Jul 28 15:15:04 2019	(r507510)
@@ -0,0 +1,11 @@
+--- configure.orig	2004-06-04 06:39:10 UTC
++++ configure
+@@ -143,6 +143,8 @@ sed	-e "s^@PCAP@^$PCAP^g" \
+ 	-e "s^@TCL_INC@^$TCL_INC^g" \
+ 	-e "s^@TCL_VER@^$TCL_VER^g" \
+ 	-e "s^@TCL_LIB@^$TCL_LIB^g" \
++	-e "s^@CFLAGS@^$CFLAGS^g" \
++	-e "s^@LDFLAGS@^$LDFLAGS^g" \
+ 	<Makefile.in > Makefile
+ 
+ #

Added: head/net/hping3/files/patch-docs_hping3.8
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/net/hping3/files/patch-docs_hping3.8	Sun Jul 28 15:15:04 2019	(r507510)
@@ -0,0 +1,217 @@
+--- docs/hping3.8.orig	2004-06-18 09:53:13 UTC
++++ docs/hping3.8
+@@ -1,8 +1,8 @@
+-.TH HPING2 8 "2001 Aug 14"
++.TH HPING3 8 "2001 Aug 14"
+ .SH NAME
+-hping2 \- send (almost) arbitrary TCP/IP packets to network hosts
++hping3 \- send (almost) arbitrary TCP/IP packets to network hosts
+ .SH SYNOPSIS
+-.B hping2
++.B hping3
+ [
+ .B \-hvnqVDzZ012WrfxykQbFSRPAUXYjJBuTG
+ ] [
+@@ -116,11 +116,11 @@ hostname
+ .br
+ .ad
+ .SH DESCRIPTION
+-hping2 is a network tool able to send custom TCP/IP packets and to
+-display target replies like ping program does with ICMP replies. hping2
++hping3 is a network tool able to send custom TCP/IP packets and to
++display target replies like ping program does with ICMP replies. hping3
+ handle fragmentation, arbitrary packets body and size and can be used in
+ order to transfer files encapsulated under supported protocols. Using
+-hping2 you are able to perform at least the following stuff:
++hping3 you are able to perform at least the following stuff:
+ 
+  - Test firewall rules
+  - Advanced port scanning
+@@ -136,7 +136,7 @@ hping2 you are able to perform at least 
+  - A lot of others.
+ 
+ .IR "It's also a good didactic tool to learn TCP/IP" .
+-hping2 is developed and maintained by antirez at invece.org and is
++hping3 is developed and maintained by antirez at invece.org and is
+ licensed under GPL version 2. Development is open so you can send
+ me patches, suggestion and affronts without inhibitions.
+ .SH HPING SITE
+@@ -158,7 +158,7 @@ or
+ .I -c --count count
+ Stop after sending (and receiving)
+ .I count
+-response packets. After last packet was send hping2 wait COUNTREACHED_TIMEOUT
++response packets. After last packet was send hping3 wait COUNTREACHED_TIMEOUT
+ seconds target host replies. You are able to tune COUNTREACHED_TIMEOUT editing
+ hping2.h
+ .TP
+@@ -171,9 +171,9 @@ to X seconds, --interval uX set
+ .I wait
+ to X micro seconds.
+ The default is to wait
+-one second between each packet. Using hping2 to transfer files tune this
++one second between each packet. Using hping3 to transfer files tune this
+ option is really important in order to increase transfer rate. Even using
+-hping2 to perform idle/spoofing scanning you should tune this option, see
++hping3 to perform idle/spoofing scanning you should tune this option, see
+ .B HPING2-HOWTO
+ for more information.
+ .TP
+@@ -195,13 +195,13 @@ Quiet output. Nothing is displayed excep
+ startup time and when finished.
+ .TP
+ .I -I --interface interface name
+-By default on linux and BSD systems hping2 uses default routing interface.
++By default on linux and BSD systems hping3 uses default routing interface.
+ In other systems or when there is no default route
+-hping2 uses the first non-loopback interface.
+-However you are able to force hping2 to use the interface you need using
++hping3 uses the first non-loopback interface.
++However you are able to force hping3 to use the interface you need using
+ this option. Note: you don't need to specify the whole name, for
+ example -I et will match eth0 ethernet0 myet1 et cetera. If no interfaces
+-match hping2 will try to use lo.
++match hping3 will try to use lo.
+ .TP
+ .I -V --verbose
+ Enable verbose output. TCP replies will be shown as follows:
+@@ -211,7 +211,7 @@ tos=0 iplen=40 seq=0 ack=1380893504 sum=
+ .TP
+ .I -D --debug
+ Enable debug mode, it's useful when you experience some problem with
+-hping2. When debug mode is enabled you will get more information about
++hping3. When debug mode is enabled you will get more information about
+ .B interface detection, data link layer access, interface settings, options
+ .B parsing, fragmentation, HCMP protocol
+ and other stuff.
+@@ -223,30 +223,30 @@ so you will able to increment/decrement 
+ CTRL+Z once or twice.
+ .TP
+ .I -Z --unbind
+-Unbind CTRL+Z so you will able to stop hping2.
++Unbind CTRL+Z so you will able to stop hping3.
+ .TP
+ .I --beep
+ Beep for every matching received packet (but not for ICMP errors).
+ .SH PROTOCOL SELECTION
+-Default protocol is TCP, by default hping2 will send tcp headers to target
++Default protocol is TCP, by default hping3 will send tcp headers to target
+ host's port 0 with a winsize of 64 without any tcp flag on. Often this
+ is the best way to do an 'hide ping', useful when target is behind
+ a firewall that drop ICMP. Moreover a tcp null-flag to port 0 has a good
+ probability of not being logged.
+ .TP
+ .I -0 --rawip
+-RAW IP mode, in this mode hping2 will send IP header with data
++RAW IP mode, in this mode hping3 will send IP header with data
+ appended with --signature and/or --file, see also --ipproto that
+ allows you to set the ip protocol field.
+ .TP
+ .I -1 --icmp
+-ICMP mode, by default hping2 will send ICMP echo-request, you can set
++ICMP mode, by default hping3 will send ICMP echo-request, you can set
+ other ICMP type/code using
+ .B --icmptype --icmpcode
+ options.
+ .TP
+ .I -2 --udp
+-UDP mode, by default hping2 will send udp to target host's port 0.
++UDP mode, by default hping3 will send udp to target host's port 0.
+ UDP header tunable options are the following:
+ .B --baseport, --destport, --keep.
+ .TP
+@@ -288,11 +288,11 @@ at this additional information when you 
+ shows interesting details.
+ .TP
+ .I -9 --listen signature
+-HPING2 listen mode, using this option hping2 waits for packet that contain
++HPING3 listen mode, using this option hping3 waits for packet that contain
+ .I signature
+ and dump from
+ .I signature
+-end to packet's end. For example if hping2 --listen TEST reads a packet
++end to packet's end. For example if hping3 --listen TEST reads a packet
+ that contain
+ .B 234-09sdflkjs45-TESThello_world
+ it will display
+@@ -347,7 +347,7 @@ of outgoing packets, it's likely that yo
+ or
+ .B --bind
+ options. If in doubt try
+-.BR "" "`" "hping2 some.host.com -t 1 --traceroute" "'."
++.BR "" "`" "hping3 some.host.com -t 1 --traceroute" "'."
+ .TP
+ .I -N --id
+ Set ip->id field. Default id is random but if fragmentation is turned on
+@@ -361,7 +361,7 @@ Set the ip protocol in RAW IP mode.
+ .I -W --winid
+ id from Windows* systems before Win2k has different byte ordering, if this
+ option is enable
+-hping2 will properly display id replies from those Windows.
++hping3 will properly display id replies from those Windows.
+ .TP
+ .I -r --rel
+ Display id increments instead of id. See the
+@@ -445,7 +445,7 @@ Alias for --icmptype 17 (to send ICMP ad
+ .SH TCP/UDP RELATED OPTIONS
+ .TP
+ .I -s --baseport source port
+-hping2 uses source port in order to guess replies sequence number. It
++hping3 uses source port in order to guess replies sequence number. It
+ starts with a base source port number, and increase this number for each
+ packet sent. When packet is received sequence number can be computed as
+ .IR "replies.dest.port - base.source.port" .
+@@ -485,7 +485,7 @@ This option can be used in order to coll
+ by target host. This can be useful when you need to analyze whether
+ TCP sequence number is predictable. Output example:
+ 
+-.B #hping2 win98 --seqnum -p 139 -S -i u1 -I eth0
++.B #hping3 win98 --seqnum -p 139 -S -i u1 -I eth0
+ .nf
+ HPING uaz (eth0 192.168.4.41): S set, 40 headers + 0 data bytes
+ 2361294848 +2361294848
+@@ -540,8 +540,8 @@ Set Ymas tcp flag.
+ .SH COMMON OPTIONS
+ .TP
+ .I -d --data data size
+-Set packet body size. Warning, using --data 40 hping2 will not generate
+-0 byte packets but protocol_header+40 bytes. hping2 will display
++Set packet body size. Warning, using --data 40 hping3 will not generate
++0 byte packets but protocol_header+40 bytes. hping3 will display
+ packet size information as first line output, like this:
+ .B HPING www.yahoo.com (ppp0 204.71.200.67): NO FLAGS are set, 40 headers + 40 data bytes
+ .TP
+@@ -577,9 +577,9 @@ will be resent. For example in order to 
+ A to host B you may use the following:
+ .nf
+ .I [host_a]
+-.B # hping2 host_b --udp -p 53 -d 100 --sign signature --safe --file /etc/passwd
++.B # hping3 host_b --udp -p 53 -d 100 --sign signature --safe --file /etc/passwd
+ .I [host_b]
+-.B # hping2 host_a --listen signature --safe --icmp
++.B # hping3 host_a --listen signature --safe --icmp
+ .fi
+ .TP
+ .I -u --end
+@@ -590,10 +590,10 @@ accept more packets. Please, for more in
+ .BR HPING2-HOWTO .
+ .TP
+ .I -T --traceroute
+-Traceroute mode. Using this option hping2 will increase ttl for each
++Traceroute mode. Using this option hping3 will increase ttl for each
+ .B ICMP time to live 0 during transit
+ received. Try
+-.BR "hping2 host --traceroute" .
++.BR "hping3 host --traceroute" .
+ This option implies --bind and --ttl 1. You can override the ttl of 1
+ using the --ttl option. Since 2.0.0 stable it prints RTT information.
+ .TP
+@@ -601,7 +601,7 @@ using the --ttl option. Since 2.0.0 stab
+ Keep the TTL fixed in traceroute mode, so you can monitor just one hop
+ in the route. For example, to monitor how the 5th hop changes or
+ how its RTT changes you can try
+-.BR "hping2 host --traceroute --ttl 5 --tr-keep-ttl" .
++.BR "hping3 host --traceroute --ttl 5 --tr-keep-ttl" .
+ .TP
+ .I --tr-stop
+ If this option is specified hping will exit once the first packet

Added: head/net/hping3/files/patch-sendip.c
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/net/hping3/files/patch-sendip.c	Sun Jul 28 15:15:04 2019	(r507510)
@@ -0,0 +1,33 @@
+--- sendip.c.orig	2004-04-09 23:38:56 UTC
++++ sendip.c
+@@ -48,12 +48,12 @@ void send_ip (char* src, char *dst, char
+ 	ip->ihl		= (IPHDR_SIZE + optlen + 3) >> 2;
+ 	ip->tos		= ip_tos;
+ 
+-#if defined OSTYPE_FREEBSD || defined OSTYPE_NETBSD || defined OSTYPE_BSDI
+-/* FreeBSD */
++#if defined OSTYPE_NETBSD || defined OSTYPE_BSDI
+ /* NetBSD */
+ 	ip->tot_len	= packetsize;
+ #else
+ /* Linux */
++/* FreeBSD */
+ /* OpenBSD */
+ 	ip->tot_len	= htons(packetsize);
+ #endif
+@@ -73,13 +73,13 @@ void send_ip (char* src, char *dst, char
+ 			htons((unsigned short) src_id);
+ 	}
+ 
+-#if defined OSTYPE_FREEBSD || defined OSTYPE_NETBSD | defined OSTYPE_BSDI
+-/* FreeBSD */
++#if defined OSTYPE_NETBSD | defined OSTYPE_BSDI
+ /* NetBSD */
+ 	ip->frag_off	|= more_fragments;
+ 	ip->frag_off	|= fragoff >> 3;
+ #else
+ /* Linux */
++/* FreeBSD */
+ /* OpenBSD */
+ 	ip->frag_off	|= htons(more_fragments);
+ 	ip->frag_off	|= htons(fragoff >> 3); /* shift three flags bit */

Added: head/net/hping3/pkg-descr
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/net/hping3/pkg-descr	Sun Jul 28 15:15:04 2019	(r507510)
@@ -0,0 +1,21 @@
+hping is a command-line oriented TCP/IP packet assembler/analyzer.
+The interface is inspired to the ping(8) Unix command, but hping isn't
+only able to send ICMP echo requests. It supports TCP, UDP, ICMP and
+RAW-IP protocols, has a traceroute mode, the ability to send files
+between a covered channel, and many other features.
+While hping was mainly used as a security tool in the past, it can be
+used in many ways by people that don't care about security to test
+networks and hosts. A subset of the stuff you can do using hping:
+
+	- Test firewall rules
+	- [spoofed] port scanning
+	- Test net performance using different protocols,
+	  packet size, TOS (type of service) and fragmentation.
+	- Path MTU discovery
+	- Files transfering even between really fascist firewall rules.
+	- Traceroute like under different protocols.
+	- Firewalk like usage.
+	- Remote OS fingerprint.
+	- TCP/IP stack auditing.
+
+WWW: http://www.hping.org/


More information about the svn-ports-all mailing list