1
0
mirror of https://git.FreeBSD.org/ports.git synced 2024-12-25 04:43:33 +00:00
freebsd-ports/security/nessus-libraries-devel/files
..
patch-aa
patch-ab
patch-ac
README.BPF

Nessus uses the pcap library, which uses the
berkeley packet filter (bpf) to do its job.

Since Nessus used multiple processes, several pcap-aware plugins will
need to access the the bpf at the same time. 

This means that you need to recompile your kernel with the
following option :

For FreeBSD 5.x:
pseudo-device   bpfilter

For FreeBSD 4.x:
pseudo-device   bpfilter NUM

Where 'NUM' is the number of bpf you want -- it should be equal to
the 'max hosts number' option you enter in nessusd x the
'max plugins' option.
	   
If for instance you want to have 10 nessusd running at the same time,
each running 5 plugins in parallel, you should create 50 (10 * 5) bpfs
(as nessusd is extremely lightweight, you can expect to have this amount
 of processes running at the same time)

If you plan to scan a whole network, we recommand you create at least
100 of them.

Once your kernel has been rebuilt, get root, cd to /dev
and do  :

  i=0; while [ $i -lt 100];
  do
  ./MAKEDEV bpf$i
  let i=$i+1
  done

On FreeBSD, you can directly do :
      ./MAKEDEV bpf+100

(For FreeBSD 5.x this is not needed since the devfs creates devices when needed)

If you can not recompile your kernel, you can try to run the configure
script with the option --enable-bpf-sharing. In this case, nessusd will
try to share one /dev/bpf among multiple processes and do the filtering
in userland. NOTE THAT THIS OPTION IS HIGHLY EXPERIMENTAL AND WE DO 
NOT RECOMMAND ENABLING IT.