non port: security/zeek/files/patch-src_input_readers_raw_Raw.cc |
Number of commits found: 4 |
Tuesday, 22 Aug 2023
|
20:34 Craig Leres (leres)
security/zeek: Update to 6.0.0
https://github.com/zeek/zeek/releases/tag/v6.0.0
This is the latest major version number Long-Term Support (LTS)
release of Zeek.
The NETMAP option has been removed; it was too difficult to build
it without zeek being installed in %%PREFIX%%. The consensus was
that this was a rarely used feature, please reach out to me if need
this (I've done some work on a new security/zeek-netmap port that
is probably the right way forward).
When I upgraded zeek on my systems I found some cruft left over
from previous versions. The way I recommend upgrading from 5.0.9
to 6.0.0 is:
service zeek stop
pkg delete -fy zeek py311-zkg
[clean up leftover files in /usr/local/lib/zeek]
pkg install -y zeek
service zeek deploy
Changes:
- Zeek now treats private address space (i.e., non-routable IP
address ranges) as local by default
- Telemetry centralization and Prometheus exposition is not enabled
by default anymore
- Custom source tarballs require a repo-info.json file.
- Plugin authors should raise the minimum required CMake version
to 3.15 to ensure compatibility with new CMake scaffolding
included in this release
- Zeek container images are not pushed to the zeekurity organization
anymore
- The error message returned when using bro_init, bro_done, and
bro_script_loaded events is now removed
Reported by: Tim Wojtulewicz
2dbcea6 |
Wednesday, 13 Jul 2022
|
16:50 Craig Leres (leres)
security/zeek: Update input framework patch
https://github.com/zeek/zeek/pull/2266
This version of the patch fixes tail -F semantics when want_record=F.
818eb4c |
Saturday, 9 Jul 2022
|
02:44 Craig Leres (leres)
security/zeek: Update to 5.0.0 (latest LTS release)
https://github.com/zeek/zeek/releases/tag/v5.0.0
Changes incompatiable with 4.0.7:
- The script-land ``union`` and ``timer`` types have been removed.
They haven't had any actual semantics backing them for some time
and shouldn't have functioned in any useable way. We opted to
skip the deprecation cycle for these types for that reason.
- Broker now uses a new network backend with a custom network
protocol that is incompatible with the pre-5.0 backend. In
practice, this means Zeek 4.x will not be able to exchange events
with Zeek 5.x. Going forward, this new backend will allow us to
keep the Broker protocol more stable and add new capabilities
in a backwards compatible way.
While we're here add a comment explaining why we really need uname
-p instead of using ARCH (uname -m). Also solve a portlint nag.
Reported by: Tim Wojtulewicz
c356da8 |
Friday, 1 Jul 2022
|
21:19 Craig Leres (leres)
security/zeek: Patch to provide tail -F semantics for input framework
MODE_STREAM
This is a backport of this github pull request:
https://github.com/zeek/zeek/pull/2097
b8b4094 |
Number of commits found: 4 |