DNRD will always bind to all interfaces, even if the user specifically
says it should bind to only one, using the -a option.
PR: ports/89774
Submitted by: Natanael Copa <natanael.copa@gmail.com>
openssl from ports, and do not use the option to have the port
version overwrite the base version.
Several folks have mentioned this problem in the past, but a
good workaround (and more importantly, solid testing) were
provided by the submitter.
Submitted by: Uffe Vedenbrant <uffe@vedenbrant.se>
nstallbug + non-function
libidnkutres.la doesn't get installed.
"Have you installed idnkit? I cannot find libidnkitres.la."
When it is copied into /usr/local/lib,
the errormessage disappears, but there is no function.
At least by making it run, there is a chance that somebody will fix it.
in bsd.autotools.mk essentially makes this a no-op given that all the
old variables set a USE_AUTOTOOLS_COMPAT variable, which is parsed in
exactly the same way as USE_AUTOTOOLS itself.
Moreover, USE_AUTOTOOLS has already been extensively tested by the GNOME
team -- all GNOME 2.12.x ports use it.
Preliminary documentation can be found at:
http://people.FreeBSD.org/~ade/autotools.txt
which is in the process of being SGMLized before introduction into the
Porters Handbook.
Light blue touch-paper. Run.
- move 1.0 obsoleted version to net/libnet10
net/libnet is latest Stable Version
net/libnet is latest Beta Version
- Fix all depended ports with a new DEPENDS scheme
- While I'm here fix security/yersinia build on 4.x
(getopt_long and ncurses issues)
PR: ports/85519 (based on)
Submitted by: Stas Yakovlev <stas.yakovlev_at_gmail.com>
1. Add myself as a backup master site (Sourceforge and CPAN ports
already have good enough coverage, so skip them).
2. For all ports that have them, download the PGP signature files.
3. For ports in 2, add a verify target to the Makefile
4. For ports where I was already providing a master site, update the URL.
5. Pet portlint in a couple of places.
days his MTA also remains unresponsive [1].
[1] Unable to deliver to destination domain
Failed to deliver to domain oven.org after 73 tries.
The last error was:
CantConnectToHost
Approved by: portmgr (linimon)
<ozkan@enderunix.org>: host mail.enderunix.org[193.140.143.23] said: 554 mail
server permanently rejected message (#5.3.0) (in reply to end of DATA
command)
dnscheck is a simple to use DNS zone sanity checker, comparing name server
records and serial numbers with both the parent zone and the zone itself.
It allows you to find lame, leaked or stale name servers which have the
potential to cause disruption.
PR: 86542
Submitted by: arrod Sayers <jarrod@netleader.com.au>
Approved by: pav (mentor)
Refer to all modules using their /dist/Foo/ path instead of via
the mishmash of old author path, new author path, module documentation,
etc.
This pass brought to you by loving, painstaking hand editing.
URLs automatically rewritten from /search?dist=Foo or /dist/Foo
to /dist/Foo/ (note trailing slash). After a 2002(!) reorganization,
this is the preferred way to refer to modules on search.cpan.org.
This pass brought to you by http://people.freebsd.org/~fenner/fix-search
Update to the latest, 0.9.3. This version moves to a more typical
Perl-style Makefile.PL structure, and splits the functionality into
a library and a binary. This necessitates changes to the port structure,
including re-adding the pkg-plist file.
While I'm here, make portlint happy with the IGNORE statement.
- Remove spurious USE_GCC
- Do not install in the GNOME datadir anymore, as it is no longer needed by
the GNOME panel
- Reformat and polish the Makefile
This is queryperf, a DNS server query performance testing tool.
It is primarily intended for measuring the performance of
authoritative DNS servers, but it has also been used for measuring
caching server performance.
See /usr/local/share/docs/queryperf//queryperf.txt for more
information on the command line option and the required
configuration files. ND-of-queryperf/pkg-descr
PR: ports/85179
Submitted by: Edwin Groothuis <edwin@mavetju.org>
incorporated by ISC into the next version of BIND.
The patch addresses a problem with high-load resolvers which
hit memory barriers. Without this patch, running the resolving
name server out of memory would lead to "unpredictable results."
Of course, the canonical answer to this problem is to put more
memory into the system, however that is not always possible, and
the code should be able to handle this situation gracefully in
any case.
Approved by: portmgr (krion)
tinystats is a statistic generator for DJB's tinydns.
It can be easily integrated with rrdtool to generate
nice graphical DNS stats.
WWW: http://www.morettoni.net/tinystats.html
PR: ports/83167
Submitted by: Filippo Natali <filippo.natali@gmail.com>
invert WITHOUT_MAN to WITH_MAN, and add the jumbo patch almost like in
the PR.
Bump PORTREVISION.
PR: 65865
Submitted by: Andrey Slusar <vasallia@ukr.net>
of this module later than 0.49, you should definitely upgrade, as
this version fixes several bugs in the new code.
If running Perl < 5.6, make addition of the IPv6 modules optional
as 0.52 of this module fixes the bugs that made it mandatory.
- While I'm here, fix maintainer email to more common form
PR: ports/79799
Submitted by: Mark Foster <mark@foster.cc>
Approved by: maintainer timeout (2 monthes)
gone into the live version.
Also, 0.50 grew a dependency on Net-IP which was not recorded in the
Changes file, so add that explicitly. This was mentioned by several
people, including the current Net-DNS author, and the PR.
PR: ports/82194
Submitted by: Helge Oldach <p5netdnsjun05@oldach.net>
It checks and reports whether a domain name, hosted by your organization,
is still in use, and if so, reports whether your name servers are
still the delegated name servers of the domain name in question.
PR: ports/80834
Submitted by: Ozkan KIRIK <ozkan@enderunix.org>
When you update a zone in your djbdns DNS you must notify the slaves
about your change.
PR: ports/80091
Submitted by: Emanuel Haupt <ehaupt@critical.ch>
It scans the range and classifies its findings into 4 categories:
- Missing A records
- Missing PTR records
- Mismatched A/PTR records
- Stale PTR records
PR: ports/80119
Submitted by: Mark Foster <mark@foster.cc>
Approved by: adamw (mentor)
several important fixes, including a remote (although unlikely) exploit.
See the CHANGES file for details.
All users of BIND 9 are highly encouraged to upgrade to this version.
Changes to the port include:
1. Remove ISC patch to 9.3.0 that addressed the remote exploit
2. Change to OPTIONS, and thereby
3. --enable-threads is now the default. Users report that the new thread
code in 9.3.x works significantly better than the old on all versions of
FreeBSD.
4. Add a temporary shim for the old PORT_REPLACES_BASE_BIND9 option.
The OPTIONS framework requires knobs to start with WITH_ or WITHOUT_
5. Remove patch that shoehorned named.conf.5 into the right place,
it has been fixed in the code.
- Update to 2.2.0
With this release nsd no longer requires named-xfer to be
present on the system.
I also changed the options to a configure script.
Added file(s):
- scripts/configure.nsd
PR: ports/76412
Submitted by: Olafur Osvaldsson <oli@isnic.is>
All ports depending on postgresql shall use the USE_PGSQL=yes knob
defined in Mk/bsd.ports.mk. Bumping portrevisions where needed.
PR: 75344
Approved by: portmgr@ (kris), ade & sean (mentors)
allows for per record configuration. It also includes a wizard for generation
of configuration files.
PR: ports/76614
Submitted by: Dan Smith <dan@algenta.com>
Name: BIND: Self Check Failing [Added 2005.25.01]
Versions affected: BIND 9.3.0
Severity: LOW
Exploitable: Remotely
Type: Denial of Service
Description:
An incorrect assumption in the validator (authvalidated) can result in a
REQUIRE (internal consistancy) test failing and named exiting.
Workarounds:
Turn off dnssec validation (off by default) at the options/view level.
dnssec-enable no;
Active Exploits: None known
Bump PORTREVISION accordingly.
It should be noted that the vast majority of users would not have
DNSSEC enabled, and therefore are not vulnerable to this bug.
BIND 8.4.6-REL is a security release of BIND 8.4.
It is possible to remotely trigger a overrun causing a
denial of service. If you are running BIND 8.4.4 or
BIND 8.4.5 you should upgrade.
Also:
1. Add ipv6 as a virtual category, since a key reason for the
BIND 8.4.x branch is IPv6 transport.
2. Download the PGP .asc files for the src and doc tarballs.
3. Add a new example file to PORTDOCS.
Version bump. This release fixes segfault in argument
parsing. Cleaned -h output (remved longopts when they are
unavailable) Improved signal handling and blacklist feature
added. Proper handling of paths in documentation.
I implemeted a pselect in lib.c for BSD 4.x support. Please
let me know if this could be handeled in a better way.
PR: ports/76060
Submitted by: Natanael Copa <ncopa@users.sourceforge.net>
Drill is a tool ala dig from BIND. It was designed with
DNSSEC in mind and should be a useful debugging/query tool
for DNSSEC.
PR: ports/75882
Submitted by: Jaap Akkerhuis <jaap@NLnetLabs.nl>
missing a couple of dependencies on the uint32.h header, so make(1) was
postponing its creation.
Bump PORTREVISION, since it is the same for the IPv6 and !IPv6 cases,
although this particular change does not affect the !IPv6 case at all.
PR: 75564
Submitted by: oHmEr <ohmer@epita.info>
o Move databases/sqlite to databases/sqlite2.
o Fix dependency on databases/sqlite.
o Update sqlite2 to 2.8.15.
o Bump PORTREVISION, accordingly.
Approved by: portmgr, maintainers of sqlite and related ports
Sqldjbdns is an authoritative DNS server that pulls its
data directly from a set of SQL tables. It supports fully
dynamic A, MX, TXT, and PTR records, and run-time configurable
static NS and SOA records. It also supports schedule expiry
and introduction of records.
This package also includes dnscache with PostgreSQL backend
PR: ports/71345
Submitted by: Radim Kolar <hsn@netmag.cz>
And while I'm here:
1. Download the PGP .sig file, in case the user wants to verify the package
2. Switch to PLIST_FILES for the one file this port installs
3. Replace the lone patch file with a ${SED} command
For those keeping score at home, that's 3 inodes gone with one commit! :)
Approved by: edwin (maintainer)
dns/walker is the same ports. And name 'walker' was
recognized as a better name. So we move dns/dnssecwalker
to dns/walker port and remove the first one.
Submitted by: Johan van Selst <johans(at)stack.nl>
- Depends on Net::DNS::SEC as well as Net::DNS
- Recent versions include a PGP signature
- MASTER_SITES changed
- Grant a port maintainership to submitter
PR: ports/74995
Submitted by: Johan van Selst <johans(at)stack.nl>
