Log message:
Make this package build on NetBSD 1.6.

Log message:
Update to version 2.1.0.

Changes:

2.1.0:
======
- A new connection tracking module, Flow (replaces conversation)
- A new portscan detector based off of Flow, Flow-Portscan (replaces
  portscan2)
- A new http preprocessor, HttpInspect (replaces http_decode)
- Alert Thresholding and Suppression
- PCRE rule keyword (Perl Compat Regular Expressions)
- isdataat rule keyword (buffer length detection)
- A ton of new and updated rules.

2.0.6:
======
- 64-bit update for detection engine. (Thanks, Silio d'Angelo)
- Added better PPP decoding. (Thanks Jesper Peterson)
- Updated ip_proto optimization for high-speed detection engine.
- Fixed infinite loop problem that was introduced by the recursive pattern
  matching patch. Reported by Lawrence Reed, thanks for testing out the
  changes for us!
- Various changes to help respond (version 1) work a little better.
- spp_http_decode 64-bit patch from Dirk Mueller.
- Out-of-order ACK problem from Andrew Rucker. Also, updated stream4 to the
  most recent version from HEAD.
- Minor fixes to tagging related to 'src' and 'dst' directives
- When counting one byte patterns in 'ningroup' added a check for
  psLen==1 (wu-manber pattern matcher). Thanks Josh Sakofsky and Dennis
  McGuire for helping us test this.

2.0.5:
======
- Stream4 fixes from Andrew Rucker Jones.
- Allow memcap to be configured for threshold features.

2.0.4:
======
- Fixed a core dump introduced with 2.0.3 when dealing with negated patterns

2.0.3:
======
- doe_ptr handling in byte_test/byte_jump slightly modified to work
  better with the pcre patch
- content processing is now recursive to make distance/within processing
  better ( thanks to Shai Rubin for patch! )
- fixed a bug in the mwm.c pattern matcher that resulted in some alerts
  not firing in a particular configuration of rules

2.0.2:
======
- Added Thresholding and Suppression features (Marc Norton/Sourcefire)
- Fixed TCP RST processing bug found (Shai Rubin)
- Cleanup of spp_arpspoof (Jeff Nathan)
- Cleanup of win32 version including proper Event Log support (Chris Reid)
- Munged data fixes for stream4 (Chris Green)

Log message:
Update to version 2.0.2.

Patch from Adrian Portelli via PR pkg/22900.

Changes:

- Added Thresholding and Suppression features (Marc Norton/Sourcefire)
- Fixed TCP RST processing bug found (Shai Rubin)
- Cleanup of spp_arpspoof (Jeff Nathan)
- Cleanup of win32 version including proper Event Log support (Chris Reid)
- Munged data fixes for stream4 (Chris Green)

Log message:
Updated to version 2.0.1.

Changes:

- fix host endianess problem in udp decoder
- vlan decoding fixes from Michael Pomraning
- add tcp state checking to httpflow
- ignoring bad checksums throughout snort if checksumming is turned on
- config disable_ttcp_alerts is now also config disable_tcpopt_ttcp_alerts
- better initialization handling of low memory conditions pointing to the
- low memory search engine
- byte_jump / byte_test 2 byte cases handled and unified
- correctly assign port numbers on tcpoption events
- pass rule logic changed to "win" in specific multiple event cases
- named interface support for win32 from the winpcap folks
- spp_bo now also will work with log-only output plugins
- added window detection plugin documentation to manual
- lots of new rules and tons of rule documentation

Log message:
s/netbsd.org/NetBSD.org/

Log message:
Bump PKGREVISION: honour PKG_SYSCONFDIR for real.  (i thought i fixed this
                  before but apparently i did not :/)

Log message:
Updated to version 2.0.0.

IMPORTANT: This version fixes remotely exploitable heap overflow in the stream4
           preprocessor module.

Advisory:  http://www.coresecurity.com/common/showdoc.php?idx=313&idxseccion=10

Changes:

2.0.0:
======
- Enhanced high-performance detection engine
- Stateful Pattern Matching
- New detection keywords: byte_test & byte_jump
- The Snort code base has undergone an external third party professional
  security audit funded by Sourcefire (http://www.sourcefire.com)
- Many new and updated rules
- snort.conf has been updated
- Enhancements to self preservation mechanisms in stream4 and frag2
- State tracking fixes in stream4
- New HTTP flow analyzer
- Enhanced protocol decoding (TCP options, 802.1q, etc)
- Enhanced protocol anomaly detection (IP, TCP, UDP, ICMP, RPC, HTTP, etc)
- Enhanced flexresp mode for real-time TCP session sniping
- Better chroot()'ing
- Tagging system updated
- Several million bugs addressed....
- Updated FAQ (thanks to Erek Adams and Dragos Ruiu) Snort 2.0 can be
  downloaded at http://www.snort.org/dl/snort-2.0.0.tar.gz. Binary
  versions of the codebase will be built over the next several days and
  made available at here.

2.0.rc4:
========
- byte_jump/byte_test don't force relative content options
- byte_jump/byte_test absolute offsets work
- Better FIN handling in Stream4

2.0.rc3:
========
- A low memory usage detection method (enabled via "config detection:
  search-method lowmem")
- Moved the default unix socket location to LOGDIR

2.0.rc2:
========
- syslog should work on win32 and unix
- major tagging updates
- new UDP decoding alerts
- snort.conf updates

2.0.rc1:
========
- Higher performance (due to a new pattern matcher and rebuilt detection
  engine)
- Better decoders
- Enhanced stream reassembly and defragmentation
- Tons of bug fixes
- Updated rules
- Updated snort.conf
- New detection keywords (byte_test, byte_jump, distance, within) &
  stateful pattern matching
- New HTTP flow analyzer
- Enhanced anomaly detection (HTTP, RPC, TCP, IP, etc)
- Better self preservation in stateful subsystems
- Xrefs fixed
- Flexresp works faster and more effectively
- Better chroot()'ing
- Fixed 802.1q decoding
- Better async state handling
- New alerting option: -A cmg!!

Log message:
Updated to version 1.9.1.

This version fixes the buffer overflow issue noted in:

  http://www.kb.cert.org/vuls/id/916785

Changes:

 - follow PKG_SYSCONFDIR
 - added rc.d script
 - create own user and group
 - added MESSAGE with post-install instructions
 - removed DEINSTALL
 - minor cleanups (this package was really half-baked..)

1.9.1:
======
 - src/preprocessors/spp_rpc_decode.c (PreprocRpcDecode):
	- alignment errors on non-x86 platforms
	- added new space delimited options
	  alert_fragments
	  no_alert_multiple_requests
	  no_alert_large_fragments
	  no_alert_incomplete
 - corrected buffer overflow in fragment normalization
 - src/snort.c
	- Win32 '-s' parameter wasn't configured to accept an optarg,
	  but code expected one, causing null-pointer violation.
 - Backport of 2.0 fixes for stream4 ( off by one errors on reassembly )

Log message:
Replace "true" by "${TRUE}".

Log message:
COMMENT should be set in Makefile, not any common Makefile parts.