summaryrefslogtreecommitdiffstats
path: root/network/dsniff/patches
diff options
context:
space:
mode:
Diffstat (limited to 'network/dsniff/patches')
-rw-r--r--network/dsniff/patches/01_time.h.patch26
-rw-r--r--network/dsniff/patches/02_mailsnarf_corrupt.patch17
-rw-r--r--network/dsniff/patches/03_pcap_read_dump.patch534
-rw-r--r--network/dsniff/patches/04_multiple_intf.patch56
-rw-r--r--network/dsniff/patches/05_amd64_fix.patch221
-rw-r--r--network/dsniff/patches/06_urlsnarf_zeropad.patch17
-rw-r--r--network/dsniff/patches/07_libnet_1.1.patch906
-rw-r--r--network/dsniff/patches/08_openssl-0.9.8.patch15
-rw-r--r--network/dsniff/patches/09_sysconf_clocks.patch23
-rw-r--r--network/dsniff/patches/10_urlsnarf_escape.patch89
-rw-r--r--network/dsniff/patches/11_string_header.patch166
-rw-r--r--network/dsniff/patches/12_arpa_inet_header.patch65
-rw-r--r--network/dsniff/patches/13_pop_with_version.patch30
-rw-r--r--network/dsniff/patches/14_obsolete_time.patch36
-rw-r--r--network/dsniff/patches/15_checksum_libnids.patch98
-rw-r--r--network/dsniff/patches/16_TDS_decoder.patch20
-rw-r--r--network/dsniff/patches/17_checksum.patch29
-rw-r--r--network/dsniff/patches/18_sshcrypto.patch17
-rw-r--r--network/dsniff/patches/19_rewrite-and-modernize-POP-decoder.patch132
-rw-r--r--network/dsniff/patches/20_debian_dirs.patch62
-rw-r--r--network/dsniff/patches/21_msgsnarf_segfault.patch15
-rw-r--r--network/dsniff/patches/22_handlepp.patch17
-rw-r--r--network/dsniff/patches/23_urlsnarf_timestamp.patch82
-rw-r--r--network/dsniff/patches/24_Fix-OpenSSL1.1.0-Build.patch202
-rw-r--r--network/dsniff/patches/25_fix-spelling-errors.patch17
-rw-r--r--network/dsniff/patches/26_arpspoof-add-r-switch-to-poison-both-directions.patch170
-rw-r--r--network/dsniff/patches/27_arpspoof-allow-use-of-of-multiple-targets.patch194
-rw-r--r--network/dsniff/patches/28_arpspoof-allow-selection-of-source-hw-address.patch230
-rw-r--r--network/dsniff/patches/29_libnet_name2addr4.patch144
-rw-r--r--network/dsniff/patches/30_pntohl_shift.patch19
-rw-r--r--network/dsniff/patches/31_sysconf_clocks.patch31
-rw-r--r--network/dsniff/patches/32_rpc_segfault.patch19
-rw-r--r--network/dsniff/patches/33_sshcrypto_DES.patch65
-rw-r--r--network/dsniff/patches/34_fix-parallel-FTBFS.patch109
-rw-r--r--network/dsniff/patches/35_Add_CPPFLAGS.patch50
-rw-r--r--network/dsniff/patches/36_implicit_declarations.patch59
-rw-r--r--network/dsniff/patches/37_fix-lib-and-share-dirs.patch14
-rw-r--r--network/dsniff/patches/38_fix-pcap_init.patch63
-rw-r--r--network/dsniff/patches/39_libtirpc.patch51
39 files changed, 4110 insertions, 0 deletions
diff --git a/network/dsniff/patches/01_time.h.patch b/network/dsniff/patches/01_time.h.patch
new file mode 100644
index 0000000000..1867cf901e
--- /dev/null
+++ b/network/dsniff/patches/01_time.h.patch
@@ -0,0 +1,26 @@
+Author: Steve Kemp <skx@debian.org>
+Description: Include <time.h> to fix segfault on some architectures.
+Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=315969
+---
+This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
+
+--- a/msgsnarf.c
++++ b/msgsnarf.c
+@@ -23,6 +23,7 @@
+ #include <nids.h>
+ #include <pcap.h>
+ #include <pcaputil.h>
++#include <time.h>
+
+ #include "buf.h"
+ #include "decode.h"
+--- a/sshow.c
++++ b/sshow.c
+@@ -15,6 +15,7 @@
+
+ #include <sys/types.h>
+ #include <sys/times.h>
++#include <time.h>
+
+ #include <netinet/in_systm.h>
+ #include <netinet/in.h>
diff --git a/network/dsniff/patches/02_mailsnarf_corrupt.patch b/network/dsniff/patches/02_mailsnarf_corrupt.patch
new file mode 100644
index 0000000000..18bb736c3c
--- /dev/null
+++ b/network/dsniff/patches/02_mailsnarf_corrupt.patch
@@ -0,0 +1,17 @@
+Author: Steve Kemp <skx@debian.org>
+Description: mailsnarf does not parse mail correctly.
+Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=149330
+---
+This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
+
+--- a/mailsnarf.c
++++ b/mailsnarf.c
+@@ -178,7 +178,7 @@
+ if (smtp->state != SMTP_DATA) {
+ while ((i = buf_index(&buf, "\r\n", 2)) >= 0) {
+ line = buf_tok(&buf, NULL, i + 2);
+- line->base[line->end] = '\0';
++ line->base[line->end-1] = '\0';
+ p = buf_ptr(line);
+
+ if (strncasecmp(p, "RSET", 4) == 0) {
diff --git a/network/dsniff/patches/03_pcap_read_dump.patch b/network/dsniff/patches/03_pcap_read_dump.patch
new file mode 100644
index 0000000000..3cc0374840
--- /dev/null
+++ b/network/dsniff/patches/03_pcap_read_dump.patch
@@ -0,0 +1,534 @@
+Author: Joseph Battaglia <sephail@sephail.net> and Joshua Krage <jkrage@guisarme.us>
+Description: Allow the reading of saved PCAP capture files.
+Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=153462
+Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=298604
+---
+This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
+
+--- a/dsniff.8
++++ b/dsniff.8
+@@ -10,7 +10,7 @@
+ .nf
+ .fi
+ \fBdsniff\fR [\fB-c\fR] [\fB-d\fR] [\fB-m\fR] [\fB-n\fR] [\fB-i
+-\fIinterface\fR] [\fB-s \fIsnaplen\fR] [\fB-f \fIservices\fR]
++\fIinterface\fR | \fB-p \fIpcapfile\fR] [\fB-s \fIsnaplen\fR] [\fB-f \fIservices\fR]
+ [\fB-t \fItrigger[,...]\fR]]
+ [\fB-r\fR|\fB-w\fR \fIsavefile\fR] [\fIexpression\fR]
+ .SH DESCRIPTION
+@@ -45,6 +45,9 @@
+ Do not resolve IP addresses to hostnames.
+ .IP "\fB-i \fIinterface\fR"
+ Specify the interface to listen on.
++.IP "\fB-p \fIpcapfile\fR"
++Rather than processing the contents of packets observed upon the network
++process the given PCAP capture file.
+ .IP "\fB-s \fIsnaplen\fR"
+ Analyze at most the first \fIsnaplen\fR bytes of each TCP connection,
+ rather than the default of 1024.
+--- a/dsniff.c
++++ b/dsniff.c
+@@ -46,8 +46,9 @@
+ usage(void)
+ {
+ fprintf(stderr, "Version: " VERSION "\n"
+- "Usage: dsniff [-cdmn] [-i interface] [-s snaplen] [-f services]\n"
+- " [-t trigger[,...]] [-r|-w savefile] [expression]\n");
++ "Usage: dsniff [-cdmn] [-i interface | -p pcapfile] [-s snaplen]\n"
++ " [-f services] [-t trigger[,...]] [-r|-w savefile]\n"
++ " [expression]\n");
+ exit(1);
+ }
+
+@@ -79,7 +80,7 @@
+
+ services = savefile = triggers = NULL;
+
+- while ((c = getopt(argc, argv, "cdf:i:mnr:s:t:w:h?V")) != -1) {
++ while ((c = getopt(argc, argv, "cdf:i:mnp:r:s:t:w:h?V")) != -1) {
+ switch (c) {
+ case 'c':
+ Opt_client = 1;
+@@ -99,6 +100,9 @@
+ case 'n':
+ Opt_dns = 0;
+ break;
++ case 'p':
++ nids_params.filename = optarg;
++ break;
+ case 'r':
+ Opt_read = 1;
+ savefile = optarg;
+@@ -168,10 +172,23 @@
+ else nids_register_tcp(trigger_tcp);
+
+ if (nids_params.pcap_filter != NULL) {
+- warnx("listening on %s [%s]", nids_params.device,
+- nids_params.pcap_filter);
++ if (nids_params.filename == NULL) {
++ warnx("listening on %s [%s]", nids_params.device,
++ nids_params.pcap_filter);
++ }
++ else {
++ warnx("using %s [%s]", nids_params.filename,
++ nids_params.pcap_filter);
++ }
++ }
++ else {
++ if (nids_params.filename == NULL) {
++ warnx("listening on %s", nids_params.device);
++ }
++ else {
++ warnx("using %s", nids_params.filename);
++ }
+ }
+- else warnx("listening on %s", nids_params.device);
+
+ nids_run();
+
+--- a/filesnarf.8
++++ b/filesnarf.8
+@@ -9,7 +9,7 @@
+ .na
+ .nf
+ .fi
+-\fBfilesnarf\fR [\fB-i \fIinterface\fR] [[\fB-v\fR] \fIpattern [\fIexpression\fR]]
++\fBfilesnarf\fR [\fB-i \fIinterface\fR | \fB-p \fIpcapfile\fR] [[\fB-v\fR] \fIpattern [\fIexpression\fR]]
+ .SH DESCRIPTION
+ .ad
+ .fi
+@@ -18,6 +18,8 @@
+ .SH OPTIONS
+ .IP "\fB-i \fIinterface\fR"
+ Specify the interface to listen on.
++.IP "\fB-p \fIpcapfile\fR"
++Process packets from the specified PCAP capture file instead of the network.
+ .IP \fB-v\fR
+ "Versus" mode. Invert the sense of matching, to select non-matching
+ files.
+--- a/filesnarf.c
++++ b/filesnarf.c
+@@ -51,7 +51,7 @@
+ usage(void)
+ {
+ fprintf(stderr, "Version: " VERSION "\n"
+- "Usage: filesnarf [-i interface] [[-v] pattern [expression]]\n");
++ "Usage: filesnarf [-i interface | -p pcapfile] [[-v] pattern [expression]]\n");
+ exit(1);
+ }
+
+@@ -464,11 +464,14 @@
+ extern int optind;
+ int c;
+
+- while ((c = getopt(argc, argv, "i:vh?V")) != -1) {
++ while ((c = getopt(argc, argv, "i:p:vh?V")) != -1) {
+ switch (c) {
+ case 'i':
+ nids_params.device = optarg;
+ break;
++ case 'p':
++ nids_params.filename = optarg;
++ break;
+ case 'v':
+ Opt_invert = 1;
+ break;
+@@ -498,11 +501,24 @@
+ nids_register_ip(decode_udp_nfs);
+ nids_register_tcp(decode_tcp_nfs);
+
+- if (nids_params.pcap_filter != NULL) {
+- warnx("listening on %s [%s]", nids_params.device,
+- nids_params.pcap_filter);
+- }
+- else warnx("listening on %s", nids_params.device);
++ if (nids_params.pcap_filter != NULL) {
++ if (nids_params.filename == NULL) {
++ warnx("listening on %s [%s]", nids_params.device,
++ nids_params.pcap_filter);
++ }
++ else {
++ warnx("using %s [%s]", nids_params.filename,
++ nids_params.pcap_filter);
++ }
++ }
++ else {
++ if (nids_params.filename == NULL) {
++ warnx("listening on %s", nids_params.device);
++ }
++ else {
++ warnx("using %s", nids_params.filename);
++ }
++ }
+
+ nids_run();
+
+--- a/mailsnarf.8
++++ b/mailsnarf.8
+@@ -9,7 +9,7 @@
+ .na
+ .nf
+ .fi
+-\fBmailsnarf\fR [\fB-i \fIinterface\fR] [[\fB-v\fR] \fIpattern [\fIexpression\fR]]
++\fBmailsnarf\fR [\fB-i \fIinterface\fR | \fB-p \fIpcapfile\fR] [[\fB-v\fR] \fIpattern [\fIexpression\fR]]
+ .SH DESCRIPTION
+ .ad
+ .fi
+@@ -19,6 +19,8 @@
+ .SH OPTIONS
+ .IP "\fB-i \fIinterface\fR"
+ Specify the interface to listen on.
++.IP "\fB-p \fIpcapfile\fR"
++Process packets from the specified PCAP capture file instead of the network.
+ .IP \fB-v\fR
+ "Versus" mode. Invert the sense of matching, to select non-matching
+ messages.
+--- a/mailsnarf.c
++++ b/mailsnarf.c
+@@ -59,7 +59,7 @@
+ usage(void)
+ {
+ fprintf(stderr, "Version: " VERSION "\n"
+- "Usage: mailsnarf [-i interface] [[-v] pattern [expression]]\n");
++ "Usage: mailsnarf [-i interface | -p pcapfile] [[-v] pattern [expression]]\n");
+ exit(1);
+ }
+
+@@ -344,11 +344,14 @@
+ extern int optind;
+ int c;
+
+- while ((c = getopt(argc, argv, "i:vh?V")) != -1) {
++ while ((c = getopt(argc, argv, "i:p:vh?V")) != -1) {
+ switch (c) {
+ case 'i':
+ nids_params.device = optarg;
+ break;
++ case 'p':
++ nids_params.filename = optarg;
++ break;
+ case 'v':
+ Opt_invert = 1;
+ break;
+@@ -378,10 +381,23 @@
+ nids_register_tcp(sniff_pop_session);
+
+ if (nids_params.pcap_filter != NULL) {
+- warnx("listening on %s [%s]", nids_params.device,
+- nids_params.pcap_filter);
+- }
+- else warnx("listening on %s", nids_params.device);
++ if (nids_params.filename == NULL) {
++ warnx("listening on %s [%s]", nids_params.device,
++ nids_params.pcap_filter);
++ }
++ else {
++ warnx("using %s [%s]", nids_params.filename,
++ nids_params.pcap_filter);
++ }
++ }
++ else {
++ if (nids_params.filename == NULL) {
++ warnx("listening on %s", nids_params.device);
++ }
++ else {
++ warnx("using %s", nids_params.filename);
++ }
++ }
+
+ nids_run();
+
+--- a/msgsnarf.8
++++ b/msgsnarf.8
+@@ -9,7 +9,7 @@
+ .na
+ .nf
+ .fi
+-\fBmsgsnarf\fR [\fB-i \fIinterface\fR] [[\fB-v\fR] \fIpattern [\fIexpression\fR]]
++\fBmsgsnarf\fR [\fB-i \fIinterface\fR | \fB-p \fIpcapfile\fR] [[\fB-v\fR] \fIpattern [\fIexpression\fR]]
+ .SH DESCRIPTION
+ .ad
+ .fi
+@@ -19,6 +19,8 @@
+ .SH OPTIONS
+ .IP "\fB-i \fIinterface\fR"
+ Specify the interface to listen on.
++.IP "\fB-p \fIpcapfile\fR"
++Process packets from the specified PCAP capture file instead of the network.
+ .IP \fB-v\fR
+ "Versus" mode. Invert the sense of matching, to select non-matching
+ messages.
+--- a/msgsnarf.c
++++ b/msgsnarf.c
+@@ -45,7 +45,7 @@
+ usage(void)
+ {
+ fprintf(stderr, "Version: " VERSION "\n"
+- "Usage: msgsnarf [-i interface] [[-v] pattern [expression]]\n");
++ "Usage: msgsnarf [-i interface | -p pcapfile] [[-v] pattern [expression]]\n");
+ exit(1);
+ }
+
+@@ -633,11 +633,14 @@
+ extern int optind;
+ int c;
+
+- while ((c = getopt(argc, argv, "i:hv?V")) != -1) {
++ while ((c = getopt(argc, argv, "i:p:hv?V")) != -1) {
+ switch (c) {
+ case 'i':
+ nids_params.device = optarg;
+ break;
++ case 'p':
++ nids_params.filename = optarg;
++ break;
+ case 'v':
+ Opt_invert = 1;
+ break;
+@@ -666,11 +669,24 @@
+
+ nids_register_tcp(sniff_msgs);
+
+- if (nids_params.pcap_filter != NULL) {
+- warnx("listening on %s [%s]", nids_params.device,
+- nids_params.pcap_filter);
+- }
+- else warnx("listening on %s", nids_params.device);
++ if (nids_params.pcap_filter != NULL) {
++ if (nids_params.filename == NULL) {
++ warnx("listening on %s [%s]", nids_params.device,
++ nids_params.pcap_filter);
++ }
++ else {
++ warnx("using %s [%s]", nids_params.filename,
++ nids_params.pcap_filter);
++ }
++ }
++ else {
++ if (nids_params.filename == NULL) {
++ warnx("listening on %s", nids_params.device);
++ }
++ else {
++ warnx("using %s", nids_params.filename);
++ }
++ }
+
+ nids_run();
+
+--- a/sshow.8
++++ b/sshow.8
+@@ -9,7 +9,7 @@
+ .na
+ .nf
+ .fi
+-\fBsshow\fR [\fB-d\fR] [\fB-i \fIinterface\fR] [\fIexpression\fR]
++\fBsshow\fR [\fB-d\fR] [\fB-i \fIinterface\fR | \fB-p \fIpcapfile\fR] [\fIexpression\fR]
+ .SH DESCRIPTION
+ .ad
+ .fi
+@@ -28,6 +28,8 @@
+ Enable verbose debugging output.
+ .IP "\fB-i \fIinterface\fR"
+ Specify the interface to listen on.
++.IP "\fB-p \fIpcapfile\fR"
++Process packets from the specified PCAP capture file instead of the network.
+ .IP "\fIexpression\fR"
+ Specify a tcpdump(8) filter expression to select traffic to sniff.
+ .SH "SEE ALSO"
+--- a/sshow.c
++++ b/sshow.c
+@@ -82,7 +82,7 @@
+ static void
+ usage(void)
+ {
+- fprintf(stderr, "Usage: sshow [-d] [-i interface]\n");
++ fprintf(stderr, "Usage: sshow [-d] [-i interface | -p pcapfile]\n");
+ exit(1);
+ }
+
+@@ -616,7 +616,7 @@
+ extern int optind;
+ int c;
+
+- while ((c = getopt(argc, argv, "di:h?")) != -1) {
++ while ((c = getopt(argc, argv, "di:p:h?")) != -1) {
+ switch (c) {
+ case 'd':
+ debug++;
+@@ -624,6 +624,9 @@
+ case 'i':
+ nids_params.device = optarg;
+ break;
++ case 'p':
++ nids_params.filename = optarg;
++ break;
+ default:
+ usage();
+ break;
+@@ -652,11 +655,24 @@
+
+ nids_register_tcp(process_event);
+
+- if (nids_params.pcap_filter != NULL) {
+- warnx("listening on %s [%s]", nids_params.device,
+- nids_params.pcap_filter);
+- }
+- else warnx("listening on %s", nids_params.device);
++ if (nids_params.pcap_filter != NULL) {
++ if (nids_params.filename == NULL) {
++ warnx("listening on %s [%s]", nids_params.device,
++ nids_params.pcap_filter);
++ }
++ else {
++ warnx("using %s [%s]", nids_params.filename,
++ nids_params.pcap_filter);
++ }
++ }
++ else {
++ if (nids_params.filename == NULL) {
++ warnx("listening on %s", nids_params.device);
++ }
++ else {
++ warnx("using %s", nids_params.filename);
++ }
++ }
+
+ nids_run();
+
+--- a/urlsnarf.8
++++ b/urlsnarf.8
+@@ -9,7 +9,7 @@
+ .na
+ .nf
+ .fi
+-\fBurlsnarf\fR [\fB-n\fR] [\fB-i \fIinterface\fR] [[\fB-v\fR] \fIpattern [\fIexpression\fR]]
++\fBurlsnarf\fR [\fB-n\fR] [\fB-i \fIinterface\fR | \fB-p \fIpcapfile\fR] [[\fB-v\fR] \fIpattern [\fIexpression\fR]]
+ .SH DESCRIPTION
+ .ad
+ .fi
+@@ -21,6 +21,9 @@
+ .IP \fB-n\fR
+ Do not resolve IP addresses to hostnames.
+ .IP "\fB-i \fIinterface\fR"
++Specify the interface to listen on.
++.IP "\fB-p \fIpcapfile\fR"
++Process packets from the specified PCAP capture file instead of the network.
+ .IP \fB-v\fR
+ "Versus" mode. Invert the sense of matching, to select non-matching
+ URLs.
+--- a/urlsnarf.c
++++ b/urlsnarf.c
+@@ -41,7 +41,7 @@
+ usage(void)
+ {
+ fprintf(stderr, "Version: " VERSION "\n"
+- "Usage: urlsnarf [-n] [-i interface] [[-v] pattern [expression]]\n");
++ "Usage: urlsnarf [-n] [-i interface | -p pcapfile] [[-v] pattern [expression]]\n");
+ exit(1);
+ }
+
+@@ -201,11 +201,14 @@
+ extern int optind;
+ int c;
+
+- while ((c = getopt(argc, argv, "i:nvh?V")) != -1) {
++ while ((c = getopt(argc, argv, "i:p:nvh?V")) != -1) {
+ switch (c) {
+ case 'i':
+ nids_params.device = optarg;
+ break;
++ case 'p':
++ nids_params.filename = optarg;
++ break;
+ case 'n':
+ Opt_dns = 0;
+ break;
+@@ -238,8 +241,24 @@
+
+ nids_register_tcp(sniff_http_client);
+
+- warnx("listening on %s [%s]", nids_params.device,
+- nids_params.pcap_filter);
++ if (nids_params.pcap_filter != NULL) {
++ if (nids_params.filename == NULL) {
++ warnx("listening on %s [%s]", nids_params.device,
++ nids_params.pcap_filter);
++ }
++ else {
++ warnx("using %s [%s]", nids_params.filename,
++ nids_params.pcap_filter);
++ }
++ }
++ else {
++ if (nids_params.filename == NULL) {
++ warnx("listening on %s", nids_params.device);
++ }
++ else {
++ warnx("using %s", nids_params.filename);
++ }
++ }
+
+ nids_run();
+
+--- a/webspy.8
++++ b/webspy.8
+@@ -9,7 +9,7 @@
+ .na
+ .nf
+ .fi
+-\fBwebspy\fR [\fB-i \fIinterface\fR] \fIhost\fR
++\fBwebspy\fR [\fB-i \fIinterface\fR | \fB-p \fIpcapfile\fR] \fIhost\fR
+ .SH DESCRIPTION
+ .ad
+ .fi
+@@ -20,6 +20,8 @@
+ .SH OPTIONS
+ .IP "\fB-i \fIinterface\fR"
+ Specify the interface to listen on.
++.IP "\fB-p \fIpcapfile\fR"
++Process packets from the specified PCAP capture file instead of the network.
+ .IP \fIhost\fR
+ Specify the web client to spy on.
+ .SH "SEE ALSO"
+--- a/webspy.c
++++ b/webspy.c
+@@ -42,7 +42,7 @@
+ usage(void)
+ {
+ fprintf(stderr, "Version: " VERSION "\n"
+- "Usage: %s [-i interface] host\n", progname);
++ "Usage: %s [-i interface | -p pcapfile] host\n", progname);
+ exit(1);
+ }
+
+@@ -184,11 +184,14 @@
+ extern int optind;
+ int c;
+
+- while ((c = getopt(argc, argv, "i:h?V")) != -1) {
++ while ((c = getopt(argc, argv, "i:p:h?V")) != -1) {
+ switch (c) {
+ case 'i':
+ nids_params.device = optarg;
+ break;
++ case 'p':
++ nids_params.filename = optarg;
++ break;
+ default:
+ usage();
+ }
+@@ -216,7 +219,13 @@
+
+ nids_register_tcp(sniff_http_client);
+
+- warnx("listening on %s", nids_params.device);
++ if (nids_params.filename == NULL) {
++ warnx("listening on %s", nids_params.device);
++ }
++ else {
++ warnx("using %s", nids_params.filename);
++ }
++
+
+ nids_run();
+
diff --git a/network/dsniff/patches/04_multiple_intf.patch b/network/dsniff/patches/04_multiple_intf.patch
new file mode 100644
index 0000000000..b624929d6c
--- /dev/null
+++ b/network/dsniff/patches/04_multiple_intf.patch
@@ -0,0 +1,56 @@
+Author: Steve Kemp <skx@debian.org>
+Description: Work with multiple interfaces.
+Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=242369
+---
+This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
+
+--- a/arp.c
++++ b/arp.c
+@@ -39,7 +39,7 @@
+
+ #ifdef BSD
+ int
+-arp_cache_lookup(in_addr_t ip, struct ether_addr *ether)
++arp_cache_lookup(in_addr_t ip, struct ether_addr *ether, const char* linf)
+ {
+ int mib[6];
+ size_t len;
+@@ -91,7 +91,7 @@
+ #endif
+
+ int
+-arp_cache_lookup(in_addr_t ip, struct ether_addr *ether)
++arp_cache_lookup(in_addr_t ip, struct ether_addr *ether, const char* lif)
+ {
+ int sock;
+ struct arpreq ar;
+@@ -99,7 +99,7 @@
+
+ memset((char *)&ar, 0, sizeof(ar));
+ #ifdef __linux__
+- strncpy(ar.arp_dev, "eth0", sizeof(ar.arp_dev)); /* XXX - *sigh* */
++ strncpy(ar.arp_dev, lif, strlen(lif));
+ #endif
+ sin = (struct sockaddr_in *)&ar.arp_pa;
+ sin->sin_family = AF_INET;
+--- a/arp.h
++++ b/arp.h
+@@ -11,6 +11,6 @@
+ #ifndef _ARP_H_
+ #define _ARP_H_
+
+-int arp_cache_lookup(in_addr_t ip, struct ether_addr *ether);
++int arp_cache_lookup(in_addr_t ip, struct ether_addr *ether, const char* linf);
+
+ #endif /* _ARP_H_ */
+--- a/arpspoof.c
++++ b/arpspoof.c
+@@ -113,7 +113,7 @@
+ int i = 0;
+
+ do {
+- if (arp_cache_lookup(ip, mac) == 0)
++ if (arp_cache_lookup(ip, mac, intf) == 0)
+ return (1);
+ #ifdef __linux__
+ /* XXX - force the kernel to arp. feh. */
diff --git a/network/dsniff/patches/05_amd64_fix.patch b/network/dsniff/patches/05_amd64_fix.patch
new file mode 100644
index 0000000000..c5b9384fcf
--- /dev/null
+++ b/network/dsniff/patches/05_amd64_fix.patch
@@ -0,0 +1,221 @@
+Author: Steve Kemp <skx@debian.org>
+Description: Compile under AMD64.
+Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=254002
+---
+This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
+
+--- a/configure
++++ b/configure
+@@ -2667,15 +2667,62 @@
+ echo "$ac_t""no" 1>&6
+ fi
+
++echo $ac_n "checking for __dn_expand in -lresolv""... $ac_c" 1>&6
++echo "configure:2672: checking for __dn_expand in -lresolv" >&5
++ac_lib_var=`echo resolv'_'__dn_expand | sed 'y%./+-%__p_%'`
++if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then
++ echo $ac_n "(cached) $ac_c" 1>&6
++else
++ ac_save_LIBS="$LIBS"
++LIBS="-lresolv $LIBS"
++cat > conftest.$ac_ext <<EOF
++#line 2680 "configure"
++#include "confdefs.h"
++/* Override any gcc2 internal prototype to avoid an error. */
++/* We use char because int might match the return type of a gcc2
++ builtin and then its argument prototype would still apply. */
++char __dn_expand();
++
++int main() {
++__dn_expand()
++; return 0; }
++EOF
++if { (eval echo configure:2691: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
++ rm -rf conftest*
++ eval "ac_cv_lib_$ac_lib_var=yes"
++else
++ echo "configure: failed program was:" >&5
++ cat conftest.$ac_ext >&5
++ rm -rf conftest*
++ eval "ac_cv_lib_$ac_lib_var=no"
++fi
++rm -f conftest*
++LIBS="$ac_save_LIBS"
++
++fi
++if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then
++ echo "$ac_t""yes" 1>&6
++ ac_tr_lib=HAVE_LIB`echo resolv | sed -e 's/[^a-zA-Z0-9_]/_/g' \
++ -e 'y/abcdefghijklmnopqrstuvwxyz/ABCDEFGHIJKLMNOPQRSTUVWXYZ/'`
++ cat >> confdefs.h <<EOF
++#define $ac_tr_lib 1
++EOF
++
++ LIBS="-lresolv $LIBS"
++
++else
++ echo "$ac_t""no" 1>&6
++fi
++
+ for ac_func in dirname strlcpy strlcat strsep
+ do
+ echo $ac_n "checking for $ac_func""... $ac_c" 1>&6
+-echo "configure:2674: checking for $ac_func" >&5
++echo "configure:2721: checking for $ac_func" >&5
+ if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then
+ echo $ac_n "(cached) $ac_c" 1>&6
+ else
+ cat > conftest.$ac_ext <<EOF
+-#line 2679 "configure"
++#line 2726 "configure"
+ #include "confdefs.h"
+ /* System header to define __stub macros and hopefully few prototypes,
+ which can conflict with char $ac_func(); below. */
+@@ -2698,7 +2745,7 @@
+
+ ; return 0; }
+ EOF
+-if { (eval echo configure:2702: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
++if { (eval echo configure:2749: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+ rm -rf conftest*
+ eval "ac_cv_func_$ac_func=yes"
+ else
+@@ -2728,12 +2775,12 @@
+ for ac_func in MD5Update
+ do
+ echo $ac_n "checking for $ac_func""... $ac_c" 1>&6
+-echo "configure:2732: checking for $ac_func" >&5
++echo "configure:2779: checking for $ac_func" >&5
+ if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then
+ echo $ac_n "(cached) $ac_c" 1>&6
+ else
+ cat > conftest.$ac_ext <<EOF
+-#line 2737 "configure"
++#line 2784 "configure"
+ #include "confdefs.h"
+ /* System header to define __stub macros and hopefully few prototypes,
+ which can conflict with char $ac_func(); below. */
+@@ -2756,7 +2803,7 @@
+
+ ; return 0; }
+ EOF
+-if { (eval echo configure:2760: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
++if { (eval echo configure:2807: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+ rm -rf conftest*
+ eval "ac_cv_func_$ac_func=yes"
+ else
+@@ -2788,12 +2835,12 @@
+ for ac_func in warnx
+ do
+ echo $ac_n "checking for $ac_func""... $ac_c" 1>&6
+-echo "configure:2792: checking for $ac_func" >&5
++echo "configure:2839: checking for $ac_func" >&5
+ if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then
+ echo $ac_n "(cached) $ac_c" 1>&6
+ else
+ cat > conftest.$ac_ext <<EOF
+-#line 2797 "configure"
++#line 2844 "configure"
+ #include "confdefs.h"
+ /* System header to define __stub macros and hopefully few prototypes,
+ which can conflict with char $ac_func(); below. */
+@@ -2816,7 +2863,7 @@
+
+ ; return 0; }
+ EOF
+-if { (eval echo configure:2820: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
++if { (eval echo configure:2867: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+ rm -rf conftest*
+ eval "ac_cv_func_$ac_func=yes"
+ else
+@@ -2848,12 +2895,12 @@
+ for ac_func in ether_ntoa
+ do
+ echo $ac_n "checking for $ac_func""... $ac_c" 1>&6
+-echo "configure:2852: checking for $ac_func" >&5
++echo "configure:2899: checking for $ac_func" >&5
+ if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then
+ echo $ac_n "(cached) $ac_c" 1>&6
+ else
+ cat > conftest.$ac_ext <<EOF
+-#line 2857 "configure"
++#line 2904 "configure"
+ #include "confdefs.h"
+ /* System header to define __stub macros and hopefully few prototypes,
+ which can conflict with char $ac_func(); below. */
+@@ -2876,7 +2923,7 @@
+
+ ; return 0; }
+ EOF
+-if { (eval echo configure:2880: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
++if { (eval echo configure:2927: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+ rm -rf conftest*
+ eval "ac_cv_func_$ac_func=yes"
+ else
+@@ -2912,7 +2959,7 @@
+ fi
+
+ echo $ac_n "checking for Berkeley DB with 1.85 compatibility""... $ac_c" 1>&6
+-echo "configure:2916: checking for Berkeley DB with 1.85 compatibility" >&5
++echo "configure:2963: checking for Berkeley DB with 1.85 compatibility" >&5
+ # Check whether --with-db or --without-db was given.
+ if test "${with_db+set}" = set; then
+ withval="$with_db"
+@@ -3015,7 +3062,7 @@
+
+
+ echo $ac_n "checking for libpcap""... $ac_c" 1>&6
+-echo "configure:3019: checking for libpcap" >&5
++echo "configure:3066: checking for libpcap" >&5
+ # Check whether --with-libpcap or --without-libpcap was given.
+ if test "${with_libpcap+set}" = set; then
+ withval="$with_libpcap"
+@@ -3063,7 +3110,7 @@
+
+
+ echo $ac_n "checking for libnet""... $ac_c" 1>&6
+-echo "configure:3067: checking for libnet" >&5
++echo "configure:3114: checking for libnet" >&5
+ # Check whether --with-libnet or --without-libnet was given.
+ if test "${with_libnet+set}" = set; then
+ withval="$with_libnet"
+@@ -3110,7 +3157,7 @@
+
+
+ echo $ac_n "checking for libnids""... $ac_c" 1>&6
+-echo "configure:3114: checking for libnids" >&5
++echo "configure:3161: checking for libnids" >&5
+ # Check whether --with-libnids or --without-libnids was given.
+ if test "${with_libnids+set}" = set; then
+ withval="$with_libnids"
+@@ -3152,9 +3199,9 @@
+ save_cppflags="$CPPFLAGS"
+ CPPFLAGS="$NIDSINC"
+ echo $ac_n "checking whether libnids version is good""... $ac_c" 1>&6
+-echo "configure:3156: checking whether libnids version is good" >&5
++echo "configure:3203: checking whether libnids version is good" >&5
+ cat > conftest.$ac_ext <<EOF
+-#line 3158 "configure"
++#line 3205 "configure"
+ #include "confdefs.h"
+ #include <nids.h>
+ EOF
+@@ -3173,7 +3220,7 @@
+
+
+ echo $ac_n "checking for OpenSSL""... $ac_c" 1>&6
+-echo "configure:3177: checking for OpenSSL" >&5
++echo "configure:3224: checking for OpenSSL" >&5
+ # Check whether --with-openssl or --without-openssl was given.
+ if test "${with_openssl+set}" = set; then
+ withval="$with_openssl"
+--- a/configure.in
++++ b/configure.in
+@@ -57,6 +57,7 @@
+ AC_CHECK_LIB(nsl, gethostbyname)
+ dnl XXX - feh, everything except OpenBSD sux.
+ AC_CHECK_LIB(resolv, dn_expand)
++AC_CHECK_LIB(resolv, __dn_expand)
+ AC_REPLACE_FUNCS(dirname strlcpy strlcat strsep)
+ needmd5=no
+ AC_CHECK_FUNCS(MD5Update, , [needmd5=yes])
diff --git a/network/dsniff/patches/06_urlsnarf_zeropad.patch b/network/dsniff/patches/06_urlsnarf_zeropad.patch
new file mode 100644
index 0000000000..29991708e5
--- /dev/null
+++ b/network/dsniff/patches/06_urlsnarf_zeropad.patch
@@ -0,0 +1,17 @@
+Author: Steve Kemp <skx@debian.org>
+Description: urlsnarf: zero-pad date.
+Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=298605
+---
+This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
+
+--- a/urlsnarf.c
++++ b/urlsnarf.c
+@@ -68,7 +68,7 @@
+ t->tm_hour - gmt.tm_hour);
+ tz = hours * 60 + t->tm_min - gmt.tm_min;
+
+- len = strftime(tstr, sizeof(tstr), "%e/%b/%Y:%X", t);
++ len = strftime(tstr, sizeof(tstr), "%d/%b/%Y:%X", t);
+ if (len < 0 || len > sizeof(tstr) - 5)
+ return (NULL);
+
diff --git a/network/dsniff/patches/07_libnet_1.1.patch b/network/dsniff/patches/07_libnet_1.1.patch
new file mode 100644
index 0000000000..66d57cade4
--- /dev/null
+++ b/network/dsniff/patches/07_libnet_1.1.patch
@@ -0,0 +1,906 @@
+Author: Faidon Liambotis <paravoid@debian.org>
+Description: Use libnet v1.1 instead of v1.0
+---
+This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
+
+--- a/arpspoof.c
++++ b/arpspoof.c
+@@ -27,7 +27,7 @@
+
+ extern char *ether_ntoa(struct ether_addr *);
+
+-static struct libnet_link_int *llif;
++static libnet_t *l;
+ static struct ether_addr spoof_mac, target_mac;
+ static in_addr_t spoof_ip, target_ip;
+ static char *intf;
+@@ -41,47 +41,49 @@
+ }
+
+ static int
+-arp_send(struct libnet_link_int *llif, char *dev,
+- int op, u_char *sha, in_addr_t spa, u_char *tha, in_addr_t tpa)
++arp_send(libnet_t *l, int op, u_int8_t *sha,
++ in_addr_t spa, u_int8_t *tha, in_addr_t tpa)
+ {
+- char ebuf[128];
+- u_char pkt[60];
+-
++ int retval;
++
+ if (sha == NULL &&
+- (sha = (u_char *)libnet_get_hwaddr(llif, dev, ebuf)) == NULL) {
++ (sha = (u_int8_t *)libnet_get_hwaddr(l)) == NULL) {
+ return (-1);
+ }
+ if (spa == 0) {
+- if ((spa = libnet_get_ipaddr(llif, dev, ebuf)) == 0)
++ if ((spa = libnet_get_ipaddr4(l)) == -1)
+ return (-1);
+- spa = htonl(spa); /* XXX */
+ }
+ if (tha == NULL)
+ tha = "\xff\xff\xff\xff\xff\xff";
+
+- libnet_build_ethernet(tha, sha, ETHERTYPE_ARP, NULL, 0, pkt);
++ libnet_autobuild_arp(op, sha, (u_int8_t *)&spa,
++ tha, (u_int8_t *)&tpa, l);
++ libnet_build_ethernet(tha, sha, ETHERTYPE_ARP, NULL, 0, l, 0);
+
+- libnet_build_arp(ARPHRD_ETHER, ETHERTYPE_IP, ETHER_ADDR_LEN, 4,
+- op, sha, (u_char *)&spa, tha, (u_char *)&tpa,
+- NULL, 0, pkt + ETH_H);
+-
+ fprintf(stderr, "%s ",
+ ether_ntoa((struct ether_addr *)sha));
+
+ if (op == ARPOP_REQUEST) {
+ fprintf(stderr, "%s 0806 42: arp who-has %s tell %s\n",
+ ether_ntoa((struct ether_addr *)tha),
+- libnet_host_lookup(tpa, 0),
+- libnet_host_lookup(spa, 0));
++ libnet_addr2name4(tpa, LIBNET_DONT_RESOLVE),
++ libnet_addr2name4(spa, LIBNET_DONT_RESOLVE));
+ }
+ else {
+ fprintf(stderr, "%s 0806 42: arp reply %s is-at ",
+ ether_ntoa((struct ether_addr *)tha),
+- libnet_host_lookup(spa, 0));
++ libnet_addr2name4(spa, LIBNET_DONT_RESOLVE));
+ fprintf(stderr, "%s\n",
+ ether_ntoa((struct ether_addr *)sha));
+ }
+- return (libnet_write_link_layer(llif, dev, pkt, sizeof(pkt)) == sizeof(pkt));
++ retval = libnet_write(l);
++ if (retval)
++ fprintf(stderr, "%s", libnet_geterror(l));
++
++ libnet_clear_packet(l);
++
++ return retval;
+ }
+
+ #ifdef __linux__
+@@ -119,7 +121,7 @@
+ /* XXX - force the kernel to arp. feh. */
+ arp_force(ip);
+ #else
+- arp_send(llif, intf, ARPOP_REQUEST, NULL, 0, NULL, ip);
++ arp_send(l, ARPOP_REQUEST, NULL, 0, NULL, ip);
+ #endif
+ sleep(1);
+ }
+@@ -136,9 +138,9 @@
+ if (arp_find(spoof_ip, &spoof_mac)) {
+ for (i = 0; i < 3; i++) {
+ /* XXX - on BSD, requires ETHERSPOOF kernel. */
+- arp_send(llif, intf, ARPOP_REPLY,
+- (u_char *)&spoof_mac, spoof_ip,
+- (target_ip ? (u_char *)&target_mac : NULL),
++ arp_send(l, ARPOP_REPLY,
++ (u_int8_t *)&spoof_mac, spoof_ip,
++ (target_ip ? (u_int8_t *)&target_mac : NULL),
+ target_ip);
+ sleep(1);
+ }
+@@ -151,7 +153,8 @@
+ {
+ extern char *optarg;
+ extern int optind;
+- char ebuf[PCAP_ERRBUF_SIZE];
++ char pcap_ebuf[PCAP_ERRBUF_SIZE];
++ char libnet_ebuf[LIBNET_ERRBUF_SIZE];
+ int c;
+
+ intf = NULL;
+@@ -163,7 +166,7 @@
+ intf = optarg;
+ break;
+ case 't':
+- if ((target_ip = libnet_name_resolve(optarg, 1)) == -1)
++ if ((target_ip = libnet_name2addr4(l, optarg, LIBNET_RESOLVE)) == -1)
+ usage();
+ break;
+ default:
+@@ -176,26 +179,26 @@
+ if (argc != 1)
+ usage();
+
+- if ((spoof_ip = libnet_name_resolve(argv[0], 1)) == -1)
++ if ((spoof_ip = libnet_name2addr4(l, argv[0], LIBNET_RESOLVE)) == -1)
+ usage();
+
+- if (intf == NULL && (intf = pcap_lookupdev(ebuf)) == NULL)
+- errx(1, "%s", ebuf);
++ if (intf == NULL && (intf = pcap_lookupdev(pcap_ebuf)) == NULL)
++ errx(1, "%s", pcap_ebuf);
+
+- if ((llif = libnet_open_link_interface(intf, ebuf)) == 0)
+- errx(1, "%s", ebuf);
++ if ((l = libnet_init(LIBNET_LINK, intf, libnet_ebuf)) == NULL)
++ errx(1, "%s", libnet_ebuf);
+
+ if (target_ip != 0 && !arp_find(target_ip, &target_mac))
+ errx(1, "couldn't arp for host %s",
+- libnet_host_lookup(target_ip, 0));
++ libnet_addr2name4(target_ip, LIBNET_DONT_RESOLVE));
+
+ signal(SIGHUP, cleanup);
+ signal(SIGINT, cleanup);
+ signal(SIGTERM, cleanup);
+
+ for (;;) {
+- arp_send(llif, intf, ARPOP_REPLY, NULL, spoof_ip,
+- (target_ip ? (u_char *)&target_mac : NULL),
++ arp_send(l, ARPOP_REPLY, NULL, spoof_ip,
++ (target_ip ? (u_int8_t *)&target_mac : NULL),
+ target_ip);
+ sleep(2);
+ }
+--- a/dnsspoof.c
++++ b/dnsspoof.c
+@@ -38,7 +38,7 @@
+
+ pcap_t *pcap_pd = NULL;
+ int pcap_off = -1;
+-int lnet_sock = -1;
++libnet_t *l;
+ u_long lnet_ip = -1;
+
+ static void
+@@ -90,19 +90,18 @@
+ dns_init(char *dev, char *filename)
+ {
+ FILE *f;
+- struct libnet_link_int *llif;
++ libnet_t *l;
++ char libnet_ebuf[LIBNET_ERRBUF_SIZE];
+ struct dnsent *de;
+ char *ip, *name, buf[1024];
+
+- if ((llif = libnet_open_link_interface(dev, buf)) == NULL)
+- errx(1, "%s", buf);
++ if ((l = libnet_init(LIBNET_LINK, dev, libnet_ebuf)) == NULL)
++ errx(1, "%s", libnet_ebuf);
+
+- if ((lnet_ip = libnet_get_ipaddr(llif, dev, buf)) == -1)
+- errx(1, "%s", buf);
++ if ((lnet_ip = libnet_get_ipaddr4(l)) == -1)
++ errx(1, "%s", libnet_geterror(l));
+
+- lnet_ip = htonl(lnet_ip);
+-
+- libnet_close_link_interface(llif);
++ libnet_destroy(l);
+
+ SLIST_INIT(&dns_entries);
+
+@@ -180,7 +179,7 @@
+ static void
+ dns_spoof(u_char *u, const struct pcap_pkthdr *pkthdr, const u_char *pkt)
+ {
+- struct libnet_ip_hdr *ip;
++ struct libnet_ipv4_hdr *ip;
+ struct libnet_udp_hdr *udp;
+ HEADER *dns;
+ char name[MAXHOSTNAMELEN];
+@@ -189,7 +188,7 @@
+ in_addr_t dst;
+ u_short type, class;
+
+- ip = (struct libnet_ip_hdr *)(pkt + pcap_off);
++ ip = (struct libnet_ipv4_hdr *)(pkt + pcap_off);
+ udp = (struct libnet_udp_hdr *)(pkt + pcap_off + (ip->ip_hl * 4));
+ dns = (HEADER *)(udp + 1);
+ p = (u_char *)(dns + 1);
+@@ -212,7 +211,7 @@
+ if (class != C_IN)
+ return;
+
+- p = buf + IP_H + UDP_H + dnslen;
++ p = buf + dnslen;
+
+ if (type == T_A) {
+ if ((dst = dns_lookup_a(name)) == -1)
+@@ -234,38 +233,38 @@
+ anslen += 12;
+ }
+ else return;
+-
+- libnet_build_ip(UDP_H + dnslen + anslen, 0, libnet_get_prand(PRu16),
+- 0, 64, IPPROTO_UDP, ip->ip_dst.s_addr,
+- ip->ip_src.s_addr, NULL, 0, buf);
+-
+- libnet_build_udp(ntohs(udp->uh_dport), ntohs(udp->uh_sport),
+- NULL, dnslen + anslen, buf + IP_H);
+
+- memcpy(buf + IP_H + UDP_H, (u_char *)dns, dnslen);
++ memcpy(buf, (u_char *)dns, dnslen);
+
+- dns = (HEADER *)(buf + IP_H + UDP_H);
++ dns = (HEADER *)buf;
+ dns->qr = dns->ra = 1;
+ if (type == T_PTR) dns->aa = 1;
+ dns->ancount = htons(1);
+
+ dnslen += anslen;
++
++ libnet_clear_packet(l);
++ libnet_build_udp(ntohs(udp->uh_dport), ntohs(udp->uh_sport),
++ LIBNET_UDP_H + dnslen, 0,
++ (u_int8_t *)buf, dnslen, l, 0);
++
++ libnet_build_ipv4(LIBNET_IPV4_H + LIBNET_UDP_H + dnslen, 0,
++ libnet_get_prand(LIBNET_PRu16), 0, 64, IPPROTO_UDP, 0,
++ ip->ip_dst.s_addr, ip->ip_src.s_addr, NULL, 0, l, 0);
+
+- libnet_do_checksum(buf, IPPROTO_UDP, UDP_H + dnslen);
+-
+- if (libnet_write_ip(lnet_sock, buf, IP_H + UDP_H + dnslen) < 0)
++ if (libnet_write(l) < 0)
+ warn("write");
+
+ fprintf(stderr, "%s.%d > %s.%d: %d+ %s? %s\n",
+- libnet_host_lookup(ip->ip_src.s_addr, 0), ntohs(udp->uh_sport),
+- libnet_host_lookup(ip->ip_dst.s_addr, 0), ntohs(udp->uh_dport),
++ libnet_addr2name4(ip->ip_src.s_addr, 0), ntohs(udp->uh_sport),
++ libnet_addr2name4(ip->ip_dst.s_addr, 0), ntohs(udp->uh_dport),
+ ntohs(dns->id), type == T_A ? "A" : "PTR", name);
+ }
+
+ static void
+ cleanup(int sig)
+ {
+- libnet_close_raw_sock(lnet_sock);
++ libnet_destroy(l);
+ pcap_close(pcap_pd);
+ exit(0);
+ }
+@@ -276,6 +275,7 @@
+ extern char *optarg;
+ extern int optind;
+ char *p, *dev, *hosts, buf[1024];
++ char ebuf[LIBNET_ERRBUF_SIZE];
+ int i;
+
+ dev = hosts = NULL;
+@@ -306,7 +306,7 @@
+ strlcpy(buf, p, sizeof(buf));
+ }
+ else snprintf(buf, sizeof(buf), "udp dst port 53 and not src %s",
+- libnet_host_lookup(lnet_ip, 0));
++ libnet_addr2name4(lnet_ip, LIBNET_DONT_RESOLVE));
+
+ if ((pcap_pd = pcap_init(dev, buf, 128)) == NULL)
+ errx(1, "couldn't initialize sniffing");
+@@ -314,10 +314,10 @@
+ if ((pcap_off = pcap_dloff(pcap_pd)) < 0)
+ errx(1, "couldn't determine link layer offset");
+
+- if ((lnet_sock = libnet_open_raw_sock(IPPROTO_RAW)) == -1)
++ if ((l = libnet_init(LIBNET_RAW4, dev, ebuf)) == NULL)
+ errx(1, "couldn't initialize sending");
+
+- libnet_seed_prand();
++ libnet_seed_prand(l);
+
+ signal(SIGHUP, cleanup);
+ signal(SIGINT, cleanup);
+--- a/filesnarf.c
++++ b/filesnarf.c
+@@ -134,8 +134,8 @@
+ int fd;
+
+ warnx("%s.%d > %s.%d: %s (%d@%d)",
+- libnet_host_lookup(addr->daddr, 0), addr->dest,
+- libnet_host_lookup(addr->saddr, 0), addr->source,
++ libnet_addr2name4(addr->daddr, LIBNET_DONT_RESOLVE), addr->dest,
++ libnet_addr2name4(addr->saddr, LIBNET_DONT_RESOLVE), addr->source,
+ ma->filename, len, ma->offset);
+
+ if ((fd = open(ma->filename, O_WRONLY|O_CREAT, 0644)) >= 0) {
+@@ -353,7 +353,7 @@
+ }
+
+ static void
+-decode_udp_nfs(struct libnet_ip_hdr *ip)
++decode_udp_nfs(struct libnet_ipv4_hdr *ip)
+ {
+ static struct tuple4 addr;
+ struct libnet_udp_hdr *udp;
+--- a/macof.c
++++ b/macof.c
+@@ -48,8 +48,8 @@
+ static void
+ gen_mac(u_char *mac)
+ {
+- *((in_addr_t *)mac) = libnet_get_prand(PRu32);
+- *((u_short *)(mac + 4)) = libnet_get_prand(PRu16);
++ *((in_addr_t *)mac) = libnet_get_prand(LIBNET_PRu32);
++ *((u_short *)(mac + 4)) = libnet_get_prand(LIBNET_PRu16);
+ }
+
+ int
+@@ -59,22 +59,23 @@
+ extern int optind;
+ int c, i;
+ struct libnet_link_int *llif;
+- char ebuf[PCAP_ERRBUF_SIZE];
++ char pcap_ebuf[PCAP_ERRBUF_SIZE];
++ char libnet_ebuf[LIBNET_ERRBUF_SIZE];
+ u_char sha[ETHER_ADDR_LEN], tha[ETHER_ADDR_LEN];
+ in_addr_t src, dst;
+ u_short sport, dport;
+ u_int32_t seq;
+- u_char pkt[ETH_H + IP_H + TCP_H];
++ libnet_t *l;
+
+ while ((c = getopt(argc, argv, "vs:d:e:x:y:i:n:h?V")) != -1) {
+ switch (c) {
+ case 'v':
+ break;
+ case 's':
+- Src = libnet_name_resolve(optarg, 0);
++ Src = libnet_name2addr4(l, optarg, 0);
+ break;
+ case 'd':
+- Dst = libnet_name_resolve(optarg, 0);
++ Dst = libnet_name2addr4(l, optarg, 0);
+ break;
+ case 'e':
+ Tha = (u_char *)ether_aton(optarg);
+@@ -101,13 +102,13 @@
+ if (argc != 0)
+ usage();
+
+- if (!Intf && (Intf = pcap_lookupdev(ebuf)) == NULL)
+- errx(1, "%s", ebuf);
++ if (!Intf && (Intf = pcap_lookupdev(pcap_ebuf)) == NULL)
++ errx(1, "%s", pcap_ebuf);
+
+- if ((llif = libnet_open_link_interface(Intf, ebuf)) == 0)
+- errx(1, "%s", ebuf);
++ if ((l = libnet_init(LIBNET_LINK, Intf, libnet_ebuf)) == NULL)
++ errx(1, "%s", libnet_ebuf);
+
+- libnet_seed_prand();
++ libnet_seed_prand(l);
+
+ for (i = 0; i != Repeat; i++) {
+
+@@ -117,39 +118,39 @@
+ else memcpy(tha, Tha, sizeof(tha));
+
+ if (Src != 0) src = Src;
+- else src = libnet_get_prand(PRu32);
++ else src = libnet_get_prand(LIBNET_PRu32);
+
+ if (Dst != 0) dst = Dst;
+- else dst = libnet_get_prand(PRu32);
++ else dst = libnet_get_prand(LIBNET_PRu32);
+
+ if (Sport != 0) sport = Sport;
+- else sport = libnet_get_prand(PRu16);
++ else sport = libnet_get_prand(LIBNET_PRu16);
+
+ if (Dport != 0) dport = Dport;
+- else dport = libnet_get_prand(PRu16);
++ else dport = libnet_get_prand(LIBNET_PRu16);
+
+- seq = libnet_get_prand(PRu32);
+-
+- libnet_build_ethernet(tha, sha, ETHERTYPE_IP, NULL, 0, pkt);
+-
+- libnet_build_ip(TCP_H, 0, libnet_get_prand(PRu16), 0, 64,
+- IPPROTO_TCP, src, dst, NULL, 0, pkt + ETH_H);
++ seq = libnet_get_prand(LIBNET_PRu32);
+
+ libnet_build_tcp(sport, dport, seq, 0, TH_SYN, 512,
+- 0, NULL, 0, pkt + ETH_H + IP_H);
++ 0, 0, LIBNET_TCP_H, NULL, 0, l, 0);
+
+- libnet_do_checksum(pkt + ETH_H, IPPROTO_IP, IP_H);
+- libnet_do_checksum(pkt + ETH_H, IPPROTO_TCP, TCP_H);
++ libnet_build_ipv4(LIBNET_TCP_H, 0,
++ libnet_get_prand(LIBNET_PRu16), 0, 64,
++ IPPROTO_TCP, 0, src, dst, NULL, 0, l, 0);
+
+- if (libnet_write_link_layer(llif, Intf, pkt, sizeof(pkt)) < 0)
++ libnet_build_ethernet(tha, sha, ETHERTYPE_IP, NULL, 0, l, 0);
++
++ if (libnet_write(l) < 0)
+ errx(1, "write");
+
++ libnet_clear_packet(l);
++
+ fprintf(stderr, "%s ",
+ ether_ntoa((struct ether_addr *)sha));
+ fprintf(stderr, "%s %s.%d > %s.%d: S %u:%u(0) win 512\n",
+ ether_ntoa((struct ether_addr *)tha),
+- libnet_host_lookup(Src, 0), sport,
+- libnet_host_lookup(Dst, 0), dport, seq, seq);
++ libnet_addr2name4(Src, 0), sport,
++ libnet_addr2name4(Dst, 0), dport, seq, seq);
+ }
+ exit(0);
+ }
+--- a/record.c
++++ b/record.c
+@@ -65,8 +65,8 @@
+ tm = localtime(&rec->time);
+ strftime(tstr, sizeof(tstr), "%x %X", tm);
+
+- srcp = libnet_host_lookup(rec->src, Opt_dns);
+- dstp = libnet_host_lookup(rec->dst, Opt_dns);
++ srcp = libnet_addr2name4(rec->src, Opt_dns);
++ dstp = libnet_addr2name4(rec->dst, Opt_dns);
+
+ if ((pr = getprotobynumber(rec->proto)) == NULL)
+ protop = "unknown";
+--- a/sshmitm.c
++++ b/sshmitm.c
+@@ -389,7 +389,7 @@
+ if (argc < 1)
+ usage();
+
+- if ((ip = libnet_name_resolve(argv[0], 1)) == -1)
++ if ((ip = libnet_name2addr4(NULL, argv[0], LIBNET_RESOLVE)) == -1)
+ usage();
+
+ if (argc == 2 && (rport = atoi(argv[1])) == 0)
+--- a/tcpkill.c
++++ b/tcpkill.c
+@@ -39,17 +39,18 @@
+ static void
+ tcp_kill_cb(u_char *user, const struct pcap_pkthdr *pcap, const u_char *pkt)
+ {
+- struct libnet_ip_hdr *ip;
++ struct libnet_ipv4_hdr *ip;
+ struct libnet_tcp_hdr *tcp;
+- u_char ctext[64], buf[IP_H + TCP_H];
++ u_char ctext[64];
+ u_int32_t seq, win;
+- int i, *sock, len;
++ int i, len;
++ libnet_t *l;
+
+- sock = (int *)user;
++ l = (libnet_t *)user;
+ pkt += pcap_off;
+ len = pcap->caplen - pcap_off;
+
+- ip = (struct libnet_ip_hdr *)pkt;
++ ip = (struct libnet_ipv4_hdr *)pkt;
+ if (ip->ip_p != IPPROTO_TCP)
+ return;
+
+@@ -57,34 +58,31 @@
+ if (tcp->th_flags & (TH_SYN|TH_FIN|TH_RST))
+ return;
+
+- libnet_build_ip(TCP_H, 0, 0, 0, 64, IPPROTO_TCP,
+- ip->ip_dst.s_addr, ip->ip_src.s_addr,
+- NULL, 0, buf);
+-
+- libnet_build_tcp(ntohs(tcp->th_dport), ntohs(tcp->th_sport),
+- 0, 0, TH_RST, 0, 0, NULL, 0, buf + IP_H);
+-
+ seq = ntohl(tcp->th_ack);
+ win = ntohs(tcp->th_win);
+
+ snprintf(ctext, sizeof(ctext), "%s:%d > %s:%d:",
+- libnet_host_lookup(ip->ip_src.s_addr, 0),
++ libnet_addr2name4(ip->ip_src.s_addr, LIBNET_DONT_RESOLVE),
+ ntohs(tcp->th_sport),
+- libnet_host_lookup(ip->ip_dst.s_addr, 0),
++ libnet_addr2name4(ip->ip_dst.s_addr, LIBNET_DONT_RESOLVE),
+ ntohs(tcp->th_dport));
+
+- ip = (struct libnet_ip_hdr *)buf;
+- tcp = (struct libnet_tcp_hdr *)(ip + 1);
+-
+ for (i = 0; i < Opt_severity; i++) {
+- ip->ip_id = libnet_get_prand(PRu16);
+ seq += (i * win);
+- tcp->th_seq = htonl(seq);
+
+- libnet_do_checksum(buf, IPPROTO_TCP, TCP_H);
++ libnet_clear_packet(l);
++
++ libnet_build_tcp(ntohs(tcp->th_dport), ntohs(tcp->th_sport),
++ seq, 0, TH_RST, 0, 0, 0, LIBNET_TCP_H,
++ NULL, 0, l, 0);
++
++ libnet_build_ipv4(LIBNET_IPV4_H + LIBNET_TCP_H, 0,
++ libnet_get_prand(LIBNET_PRu16), 0, 64,
++ IPPROTO_TCP, 0, ip->ip_dst.s_addr,
++ ip->ip_src.s_addr, NULL, 0, l, 0);
+
+- if (libnet_write_ip(*sock, buf, sizeof(buf)) < 0)
+- warn("write_ip");
++ if (libnet_write(l) < 0)
++ warn("write");
+
+ fprintf(stderr, "%s R %lu:%lu(0) win 0\n", ctext, seq, seq);
+ }
+@@ -95,8 +93,10 @@
+ {
+ extern char *optarg;
+ extern int optind;
+- int c, sock;
++ int c;
+ char *p, *intf, *filter, ebuf[PCAP_ERRBUF_SIZE];
++ char libnet_ebuf[LIBNET_ERRBUF_SIZE];
++ libnet_t *l;
+ pcap_t *pd;
+
+ intf = NULL;
+@@ -136,14 +136,14 @@
+ if ((pcap_off = pcap_dloff(pd)) < 0)
+ errx(1, "couldn't determine link layer offset");
+
+- if ((sock = libnet_open_raw_sock(IPPROTO_RAW)) == -1)
++ if ((l = libnet_init(LIBNET_RAW4, intf, libnet_ebuf)) == NULL)
+ errx(1, "couldn't initialize sending");
+
+- libnet_seed_prand();
++ libnet_seed_prand(l);
+
+ warnx("listening on %s [%s]", intf, filter);
+
+- pcap_loop(pd, -1, tcp_kill_cb, (u_char *)&sock);
++ pcap_loop(pd, -1, tcp_kill_cb, (u_char *)l);
+
+ /* NOTREACHED */
+
+--- a/tcpnice.c
++++ b/tcpnice.c
+@@ -41,107 +41,106 @@
+ }
+
+ static void
+-send_tcp_window_advertisement(int sock, struct libnet_ip_hdr *ip,
++send_tcp_window_advertisement(libnet_t *l, struct libnet_ipv4_hdr *ip,
+ struct libnet_tcp_hdr *tcp)
+ {
+ int len;
+
+ ip->ip_hl = 5;
+- ip->ip_len = htons(IP_H + TCP_H);
+- ip->ip_id = libnet_get_prand(PRu16);
+- memcpy(buf, (u_char *)ip, IP_H);
++ ip->ip_len = htons(LIBNET_IPV4_H + LIBNET_TCP_H);
++ ip->ip_id = libnet_get_prand(LIBNET_PRu16);
++ memcpy(buf, (u_char *)ip, LIBNET_IPV4_H);
+
+ tcp->th_off = 5;
+ tcp->th_win = htons(MIN_WIN);
+- memcpy(buf + IP_H, (u_char *)tcp, TCP_H);
++ memcpy(buf + LIBNET_IPV4_H, (u_char *)tcp, LIBNET_TCP_H);
+
+- libnet_do_checksum(buf, IPPROTO_TCP, TCP_H);
++ libnet_do_checksum(l, buf, IPPROTO_TCP, LIBNET_TCP_H);
+
+- len = IP_H + TCP_H;
++ len = LIBNET_IPV4_H + LIBNET_TCP_H;
+
+- if (libnet_write_ip(sock, buf, len) != len)
++ if (libnet_write_raw_ipv4(l, buf, len) != len)
+ warn("write");
+
+ fprintf(stderr, "%s:%d > %s:%d: . ack %lu win %d\n",
+- libnet_host_lookup(ip->ip_src.s_addr, 0), ntohs(tcp->th_sport),
+- libnet_host_lookup(ip->ip_dst.s_addr, 0), ntohs(tcp->th_dport),
++ libnet_addr2name4(ip->ip_src.s_addr, 0), ntohs(tcp->th_sport),
++ libnet_addr2name4(ip->ip_dst.s_addr, 0), ntohs(tcp->th_dport),
+ ntohl(tcp->th_ack), 1);
+ }
+
+ static void
+-send_icmp_source_quench(int sock, struct libnet_ip_hdr *ip)
++send_icmp_source_quench(libnet_t *l, struct libnet_ipv4_hdr *ip)
+ {
+- struct libnet_icmp_hdr *icmp;
++ struct libnet_icmpv4_hdr *icmp;
+ int len;
+
+ len = (ip->ip_hl * 4) + 8;
+
+- libnet_build_ip(ICMP_ECHO_H + len, 0, libnet_get_prand(PRu16),
+- 0, 64, IPPROTO_ICMP, ip->ip_dst.s_addr,
+- ip->ip_src.s_addr, NULL, 0, buf);
+-
+- icmp = (struct libnet_icmp_hdr *)(buf + IP_H);
++ icmp = (struct libnet_icmpv4_hdr *)(buf + LIBNET_IPV4_H);
+ icmp->icmp_type = ICMP_SOURCEQUENCH;
+ icmp->icmp_code = 0;
+- memcpy((u_char *)icmp + ICMP_ECHO_H, (u_char *)ip, len);
++ memcpy((u_char *)icmp + LIBNET_ICMPV4_ECHO_H, (u_char *)ip, len);
+
+- libnet_do_checksum(buf, IPPROTO_ICMP, ICMP_ECHO_H + len);
++ len += LIBNET_ICMPV4_ECHO_H;
+
+- len += (IP_H + ICMP_ECHO_H);
++ libnet_build_ipv4(LIBNET_IPV4_H + len, 0,
++ libnet_get_prand(LIBNET_PRu16), 0, 64, IPPROTO_ICMP,
++ 0, ip->ip_dst.s_addr, ip->ip_src.s_addr,
++ (u_int8_t *) icmp, len, l, 0);
+
+- if (libnet_write_ip(sock, buf, len) != len)
++ if (libnet_write(l) != len)
+ warn("write");
+
+ fprintf(stderr, "%s > %s: icmp: source quench\n",
+- libnet_host_lookup(ip->ip_dst.s_addr, 0),
+- libnet_host_lookup(ip->ip_src.s_addr, 0));
++ libnet_addr2name4(ip->ip_dst.s_addr, 0),
++ libnet_addr2name4(ip->ip_src.s_addr, 0));
+ }
+
+ static void
+-send_icmp_frag_needed(int sock, struct libnet_ip_hdr *ip)
++send_icmp_frag_needed(libnet_t *l, struct libnet_ipv4_hdr *ip)
+ {
+- struct libnet_icmp_hdr *icmp;
++ struct libnet_icmpv4_hdr *icmp;
+ int len;
+
+ len = (ip->ip_hl * 4) + 8;
+
+- libnet_build_ip(ICMP_MASK_H + len, 4, libnet_get_prand(PRu16),
+- 0, 64, IPPROTO_ICMP, ip->ip_dst.s_addr,
+- ip->ip_src.s_addr, NULL, 0, buf);
+-
+- icmp = (struct libnet_icmp_hdr *)(buf + IP_H);
++ icmp = (struct libnet_icmpv4_hdr *)(buf + LIBNET_IPV4_H);
+ icmp->icmp_type = ICMP_UNREACH;
+ icmp->icmp_code = ICMP_UNREACH_NEEDFRAG;
+ icmp->hun.frag.pad = 0;
+ icmp->hun.frag.mtu = htons(MIN_MTU);
+- memcpy((u_char *)icmp + ICMP_MASK_H, (u_char *)ip, len);
++ memcpy((u_char *)icmp + LIBNET_ICMPV4_MASK_H, (u_char *)ip, len);
+
+- libnet_do_checksum(buf, IPPROTO_ICMP, ICMP_MASK_H + len);
+-
+- len += (IP_H + ICMP_MASK_H);
++ len += LIBNET_ICMPV4_MASK_H;
++
++ libnet_build_ipv4(LIBNET_IPV4_H + len, 4,
++ libnet_get_prand(LIBNET_PRu16), 0, 64, IPPROTO_ICMP,
++ 0, ip->ip_dst.s_addr, ip->ip_src.s_addr,
++ (u_int8_t *) icmp, len, l, 0);
+
+- if (libnet_write_ip(sock, buf, len) != len)
++ if (libnet_write(l) != len)
+ warn("write");
+
+ fprintf(stderr, "%s > %s: icmp: ",
+- libnet_host_lookup(ip->ip_dst.s_addr, 0),
+- libnet_host_lookup(ip->ip_src.s_addr, 0));
++ libnet_addr2name4(ip->ip_dst.s_addr, 0),
++ libnet_addr2name4(ip->ip_src.s_addr, 0));
+ fprintf(stderr, "%s unreachable - need to frag (mtu %d)\n",
+- libnet_host_lookup(ip->ip_src.s_addr, 0), MIN_MTU);
++ libnet_addr2name4(ip->ip_src.s_addr, 0), MIN_MTU);
+ }
+
+ static void
+ tcp_nice_cb(u_char *user, const struct pcap_pkthdr *pcap, const u_char *pkt)
+ {
+- struct libnet_ip_hdr *ip;
++ struct libnet_ipv4_hdr *ip;
+ struct libnet_tcp_hdr *tcp;
+- int *sock, len;
++ int len;
++ libnet_t *l;
+
+- sock = (int *)user;
++ l = (libnet_t *)user;
+ pkt += pcap_off;
+ len = pcap->caplen - pcap_off;
+
+- ip = (struct libnet_ip_hdr *)pkt;
++ ip = (struct libnet_ipv4_hdr *)pkt;
+ if (ip->ip_p != IPPROTO_TCP)
+ return;
+
+@@ -151,11 +150,11 @@
+
+ if (ntohs(ip->ip_len) > (ip->ip_hl << 2) + (tcp->th_off << 2)) {
+ if (Opt_icmp)
+- send_icmp_source_quench(*sock, ip);
++ send_icmp_source_quench(l, ip);
+ if (Opt_win)
+- send_tcp_window_advertisement(*sock, ip, tcp);
++ send_tcp_window_advertisement(l, ip, tcp);
+ if (Opt_pmtu)
+- send_icmp_frag_needed(*sock, ip);
++ send_icmp_frag_needed(l, ip);
+ }
+ }
+
+@@ -164,8 +163,10 @@
+ {
+ extern char *optarg;
+ extern int optind;
+- int c, sock;
++ int c;
+ char *intf, *filter, ebuf[PCAP_ERRBUF_SIZE];
++ char libnet_ebuf[LIBNET_ERRBUF_SIZE];
++ libnet_t *l;
+ pcap_t *pd;
+
+ intf = NULL;
+@@ -209,14 +210,14 @@
+ if ((pcap_off = pcap_dloff(pd)) < 0)
+ errx(1, "couldn't determine link layer offset");
+
+- if ((sock = libnet_open_raw_sock(IPPROTO_RAW)) == -1)
++ if ((l = libnet_init(LIBNET_RAW4, intf, libnet_ebuf)) == NULL)
+ errx(1, "couldn't initialize sending");
+
+- libnet_seed_prand();
++ libnet_seed_prand(l);
+
+ warnx("listening on %s [%s]", intf, filter);
+
+- pcap_loop(pd, -1, tcp_nice_cb, (u_char *)&sock);
++ pcap_loop(pd, -1, tcp_nice_cb, (u_char *)l);
+
+ /* NOTREACHED */
+
+--- a/tcp_raw.c
++++ b/tcp_raw.c
+@@ -119,7 +119,7 @@
+ }
+
+ struct iovec *
+-tcp_raw_input(struct libnet_ip_hdr *ip, struct libnet_tcp_hdr *tcp, int len)
++tcp_raw_input(struct libnet_ipv4_hdr *ip, struct libnet_tcp_hdr *tcp, int len)
+ {
+ struct tha tha;
+ struct tcp_conn *conn;
+@@ -131,7 +131,7 @@
+
+ /* Verify TCP checksum. */
+ cksum = tcp->th_sum;
+- libnet_do_checksum((u_char *) ip, IPPROTO_TCP, len);
++ libnet_do_checksum(NULL, (u_char *) ip, IPPROTO_TCP, len);
+
+ if (cksum != tcp->th_sum)
+ return (NULL);
+--- a/tcp_raw.h
++++ b/tcp_raw.h
+@@ -15,7 +15,7 @@
+ u_short sport, u_short dport,
+ u_char *buf, int len);
+
+-struct iovec *tcp_raw_input(struct libnet_ip_hdr *ip,
++struct iovec *tcp_raw_input(struct libnet_ipv4_hdr *ip,
+ struct libnet_tcp_hdr *tcp, int len);
+
+ void tcp_raw_timeout(int timeout, tcp_raw_callback_t callback);
+--- a/trigger.c
++++ b/trigger.c
+@@ -276,7 +276,7 @@
+ }
+
+ void
+-trigger_ip(struct libnet_ip_hdr *ip)
++trigger_ip(struct libnet_ipv4_hdr *ip)
+ {
+ struct trigger *t, tr;
+ u_char *buf;
+@@ -305,7 +305,7 @@
+
+ /* libnids needs a nids_register_udp()... */
+ void
+-trigger_udp(struct libnet_ip_hdr *ip)
++trigger_udp(struct libnet_ipv4_hdr *ip)
+ {
+ struct trigger *t, tr;
+ struct libnet_udp_hdr *udp;
+@@ -437,7 +437,7 @@
+ }
+
+ void
+-trigger_tcp_raw(struct libnet_ip_hdr *ip)
++trigger_tcp_raw(struct libnet_ipv4_hdr *ip)
+ {
+ struct trigger *t, tr;
+ struct libnet_tcp_hdr *tcp;
+--- a/trigger.h
++++ b/trigger.h
+@@ -24,10 +24,10 @@
+ int trigger_set_tcp(int port, char *name);
+ int trigger_set_rpc(int program, char *name);
+
+-void trigger_ip(struct libnet_ip_hdr *ip);
+-void trigger_udp(struct libnet_ip_hdr *ip);
++void trigger_ip(struct libnet_ipv4_hdr *ip);
++void trigger_udp(struct libnet_ipv4_hdr *ip);
+ void trigger_tcp(struct tcp_stream *ts, void **conn_save);
+-void trigger_tcp_raw(struct libnet_ip_hdr *ip);
++void trigger_tcp_raw(struct libnet_ipv4_hdr *ip);
+ void trigger_tcp_raw_timeout(int signal);
+ void trigger_rpc(int program, int proto, int port);
+
+--- a/urlsnarf.c
++++ b/urlsnarf.c
+@@ -145,14 +145,14 @@
+ if (user == NULL)
+ user = "-";
+ if (vhost == NULL)
+- vhost = libnet_host_lookup(addr->daddr, Opt_dns);
++ vhost = libnet_addr2name4(addr->daddr, Opt_dns);
+ if (referer == NULL)
+ referer = "-";
+ if (agent == NULL)
+ agent = "-";
+
+ printf("%s - %s [%s] \"%s http://%s%s\" - - \"%s\" \"%s\"\n",
+- libnet_host_lookup(addr->saddr, Opt_dns),
++ libnet_addr2name4(addr->saddr, Opt_dns),
+ user, timestamp(), req, vhost, uri, referer, agent);
+ }
+ fflush(stdout);
+--- a/webmitm.c
++++ b/webmitm.c
+@@ -242,7 +242,7 @@
+ word = buf_tok(&msg, "/", 1);
+ vhost = buf_strdup(word);
+ }
+- ssin.sin_addr.s_addr = libnet_name_resolve(vhost, 1);
++ ssin.sin_addr.s_addr = libnet_name2addr4(NULL, vhost, 1);
+ free(vhost);
+
+ if (ssin.sin_addr.s_addr == ntohl(INADDR_LOOPBACK) ||
+@@ -510,7 +510,7 @@
+ argv += optind;
+
+ if (argc == 1) {
+- if ((static_host = libnet_name_resolve(argv[0], 1)) == -1)
++ if ((static_host = libnet_name2addr4(NULL, argv[0], 1)) == -1)
+ usage();
+ }
+ else if (argc != 0) usage();
+--- a/webspy.c
++++ b/webspy.c
+@@ -126,7 +126,7 @@
+ if (auth == NULL)
+ auth = "";
+ if (vhost == NULL)
+- vhost = libnet_host_lookup(addr->daddr, 0);
++ vhost = libnet_addr2name4(addr->daddr, 0);
+
+ snprintf(cmd, sizeof(cmd), "openURL(http://%s%s%s%s)",
+ auth, *auth ? "@" : "", vhost, uri);
+@@ -205,7 +205,7 @@
+ cmdtab[0] = cmd;
+ cmdtab[1] = NULL;
+
+- if ((host = libnet_name_resolve(argv[0], 1)) == -1)
++ if ((host = libnet_name2addr4(NULL, argv[0], 1)) == -1)
+ errx(1, "unknown host");
+
+ if ((dpy = XOpenDisplay(NULL)) == NULL)
diff --git a/network/dsniff/patches/08_openssl-0.9.8.patch b/network/dsniff/patches/08_openssl-0.9.8.patch
new file mode 100644
index 0000000000..dc9b327bfe
--- /dev/null
+++ b/network/dsniff/patches/08_openssl-0.9.8.patch
@@ -0,0 +1,15 @@
+Author: <kees@ubuntu.com>
+Description: Fix FTBFS with openssl.
+---
+This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
+
+--- a/ssh.c
++++ b/ssh.c
+@@ -16,6 +16,7 @@
+ #include <openssl/ssl.h>
+ #include <openssl/err.h>
+ #include <openssl/rand.h>
++#include <openssl/md5.h>
+
+ #include <err.h>
+ #include <errno.h>
diff --git a/network/dsniff/patches/09_sysconf_clocks.patch b/network/dsniff/patches/09_sysconf_clocks.patch
new file mode 100644
index 0000000000..a41fa581c5
--- /dev/null
+++ b/network/dsniff/patches/09_sysconf_clocks.patch
@@ -0,0 +1,23 @@
+Author: <kees@ubuntu.com>
+Description: Fix FTBFS: ./sshow.c:226: error: 'CLK_TCK' undeclared.
+---
+This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
+
+--- a/sshow.c
++++ b/sshow.c
+@@ -217,6 +217,7 @@
+ {
+ clock_t delay;
+ int payload;
++ long CLK_TCK= sysconf(_SC_CLK_TCK);
+
+ delay = add_history(session, 0, cipher_size, plain_range);
+
+@@ -265,6 +266,7 @@
+ clock_t delay;
+ int skip;
+ range string_range;
++ long CLK_TCK= sysconf(_SC_CLK_TCK);
+
+ delay = add_history(session, 1, cipher_size, plain_range);
+
diff --git a/network/dsniff/patches/10_urlsnarf_escape.patch b/network/dsniff/patches/10_urlsnarf_escape.patch
new file mode 100644
index 0000000000..e6fab01ab3
--- /dev/null
+++ b/network/dsniff/patches/10_urlsnarf_escape.patch
@@ -0,0 +1,89 @@
+Author: Hilko Bengen <bengen@debian.org>
+Description: Escape user, vhost, uri, referer, agent strings in log.
+Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=372536
+---
+This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
+
+--- a/urlsnarf.c
++++ b/urlsnarf.c
+@@ -84,6 +84,43 @@
+ return (tstr);
+ }
+
++static char *
++escape_log_entry(char *string)
++{
++ char *out;
++ unsigned char *c, *o;
++ size_t len;
++
++ if (!string)
++ return NULL;
++
++ /* Determine needed length */
++ for (c = string, len = 0; *c; c++) {
++ if ((*c < 32) || (*c >= 128))
++ len += 4;
++ else if ((*c == '"') || (*c =='\\'))
++ len += 2;
++ else
++ len++;
++ }
++ out = malloc(len+1);
++ if (!out)
++ return NULL;
++ for (c = string, o = out; *c; c++, o++) {
++ if ((*c < 32) || (*c >= 128)) {
++ snprintf(o, 5, "\\x%02x", *c);
++ o += 3;
++ } else if ((*c == '"') || ((*c =='\\'))) {
++ *(o++) = '\\';
++ *o = *c;
++ } else {
++ *o = *c;
++ }
++ }
++ out[len]='\0';
++ return out;
++}
++
+ static int
+ process_http_request(struct tuple4 *addr, u_char *data, int len)
+ {
+@@ -142,18 +179,26 @@
+ buf_tok(NULL, NULL, i);
+ }
+ }
+- if (user == NULL)
+- user = "-";
+- if (vhost == NULL)
+- vhost = libnet_addr2name4(addr->daddr, Opt_dns);
+- if (referer == NULL)
+- referer = "-";
+- if (agent == NULL)
+- agent = "-";
+-
++ user = escape_log_entry(user);
++ vhost = escape_log_entry(vhost);
++ uri = escape_log_entry(uri);
++ referer = escape_log_entry(referer);
++ agent = escape_log_entry(agent);
++
+ printf("%s - %s [%s] \"%s http://%s%s\" - - \"%s\" \"%s\"\n",
+ libnet_addr2name4(addr->saddr, Opt_dns),
+- user, timestamp(), req, vhost, uri, referer, agent);
++ (user?user:"-"),
++ timestamp(), req,
++ (vhost?vhost:libnet_addr2name4(addr->daddr, Opt_dns)),
++ uri,
++ (referer?referer:"-"),
++ (agent?agent:"-"));
++
++ free(user);
++ free(vhost);
++ free(uri);
++ free(referer);
++ free(agent);
+ }
+ fflush(stdout);
+
diff --git a/network/dsniff/patches/11_string_header.patch b/network/dsniff/patches/11_string_header.patch
new file mode 100644
index 0000000000..1b383f2847
--- /dev/null
+++ b/network/dsniff/patches/11_string_header.patch
@@ -0,0 +1,166 @@
+Author: Luciano Bello <luciano@linux.org.ar>
+Description: Avoid the "implicit declaration of function 'str*'" warning
+---
+This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
+
+--- a/arp.c
++++ b/arp.c
+@@ -34,6 +34,7 @@
+ #include <stdio.h>
+ #include <stdlib.h>
+ #include <unistd.h>
++#include <string.h>
+
+ #include "arp.h"
+
+--- a/buf.c
++++ b/buf.c
+@@ -17,6 +17,7 @@
+ #include <unistd.h>
+ #include <ctype.h>
+ #include <err.h>
++#include <string.h>
+
+ #include "buf.h"
+
+--- a/decode_nntp.c
++++ b/decode_nntp.c
+@@ -15,6 +15,7 @@
+
+ #include <stdio.h>
+ #include <string.h>
++#include <strlcat.h>
+
+ #include "base64.h"
+ #include "decode.h"
+--- a/decode_pop.c
++++ b/decode_pop.c
+@@ -14,6 +14,7 @@
+
+ #include <stdio.h>
+ #include <string.h>
++#include <strlcat.h>
+
+ #include "base64.h"
+ #include "options.h"
+--- a/decode_rlogin.c
++++ b/decode_rlogin.c
+@@ -14,6 +14,8 @@
+
+ #include <stdio.h>
+ #include <string.h>
++#include <strlcpy.h>
++#include <strlcat.h>
+
+ #include "options.h"
+ #include "decode.h"
+--- a/decode_smb.c
++++ b/decode_smb.c
+@@ -15,6 +15,7 @@
+
+ #include <stdio.h>
+ #include <string.h>
++#include <strlcat.h>
+
+ #include "decode.h"
+
+--- a/decode_smtp.c
++++ b/decode_smtp.c
+@@ -14,6 +14,7 @@
+
+ #include <stdio.h>
+ #include <string.h>
++#include <strlcat.h>
+
+ #include "base64.h"
+ #include "options.h"
+--- a/decode_sniffer.c
++++ b/decode_sniffer.c
+@@ -15,6 +15,8 @@
+
+ #include <stdio.h>
+ #include <string.h>
++#include <strlcat.h>
++#include <strlcpy.h>
+
+ #include "base64.h"
+ #include "decode.h"
+--- a/decode_socks.c
++++ b/decode_socks.c
+@@ -14,6 +14,7 @@
+
+ #include <stdio.h>
+ #include <string.h>
++#include <strlcat.h>
+
+ #include "decode.h"
+
+--- a/decode_tds.c
++++ b/decode_tds.c
+@@ -18,6 +18,7 @@
+
+ #include <stdio.h>
+ #include <string.h>
++#include <strlcat.h>
+
+ #include "decode.h"
+
+--- a/decode_telnet.c
++++ b/decode_telnet.c
+@@ -14,6 +14,7 @@
+
+ #include <stdio.h>
+ #include <string.h>
++#include <strlcpy.h>
+
+ #include "options.h"
+ #include "decode.h"
+--- a/decode_x11.c
++++ b/decode_x11.c
+@@ -14,6 +14,8 @@
+
+ #include <stdio.h>
+ #include <string.h>
++#include <strlcat.h>
++#include <strlcpy.h>
+
+ #include "decode.h"
+
+--- a/dnsspoof.c
++++ b/dnsspoof.c
+@@ -20,6 +20,7 @@
+ #include <stdlib.h>
+ #include <signal.h>
+ #include <string.h>
++#include <strlcpy.h>
+ #include <resolv.h>
+ #include <err.h>
+ #include <libnet.h>
+--- a/magic.c
++++ b/magic.c
+@@ -36,6 +36,7 @@
+ #include <stdio.h>
+ #include <stdlib.h>
+ #include <string.h>
++#include <strlcpy.h>
+ #include <ctype.h>
+ #include <time.h>
+ #include <err.h>
+--- /dev/null
++++ b/missing/strlcat.h
+@@ -0,0 +1 @@
++size_t strlcat(char *dst, const char *src, size_t siz);
+--- /dev/null
++++ b/missing/strlcpy.h
+@@ -0,0 +1 @@
++size_t strlcpy(char *dst, const char *src, size_t siz);
+--- a/sshmitm.c
++++ b/sshmitm.c
+@@ -24,6 +24,7 @@
+ #include <stdio.h>
+ #include <stdlib.h>
+ #include <unistd.h>
++#include <strlcat.h>
+
+ #include "buf.h"
+ #include "record.h"
diff --git a/network/dsniff/patches/12_arpa_inet_header.patch b/network/dsniff/patches/12_arpa_inet_header.patch
new file mode 100644
index 0000000000..246cf27b3c
--- /dev/null
+++ b/network/dsniff/patches/12_arpa_inet_header.patch
@@ -0,0 +1,65 @@
+Author: Luciano Bello <luciano@linux.org.ar>
+Description: avoid the "implicit declaration of function 'ntohs'" warning
+---
+This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
+
+--- a/decode_aim.c
++++ b/decode_aim.c
+@@ -14,6 +14,7 @@
+
+ #include <stdio.h>
+ #include <string.h>
++#include <arpa/inet.h>
+
+ #include "hex.h"
+ #include "buf.h"
+--- a/decode_mmxp.c
++++ b/decode_mmxp.c
+@@ -21,6 +21,7 @@
+
+ #include <stdio.h>
+ #include <string.h>
++#include <arpa/inet.h>
+
+ #include "buf.h"
+ #include "decode.h"
+--- a/decode_pptp.c
++++ b/decode_pptp.c
+@@ -16,6 +16,7 @@
+
+ #include <stdio.h>
+ #include <string.h>
++#include <arpa/inet.h>
+
+ #include "buf.h"
+ #include "decode.h"
+--- a/decode_tds.c
++++ b/decode_tds.c
+@@ -19,6 +19,7 @@
+ #include <stdio.h>
+ #include <string.h>
+ #include <strlcat.h>
++#include <arpa/inet.h>
+
+ #include "decode.h"
+
+--- a/decode_vrrp.c
++++ b/decode_vrrp.c
+@@ -15,6 +15,7 @@
+
+ #include <stdio.h>
+ #include <string.h>
++#include <arpa/inet.h>
+
+ #include "buf.h"
+ #include "decode.h"
+--- a/ssh.c
++++ b/ssh.c
+@@ -23,6 +23,7 @@
+ #include <stdio.h>
+ #include <stdlib.h>
+ #include <string.h>
++#include <arpa/inet.h>
+ #include <unistd.h>
+
+ #include "hex.h"
diff --git a/network/dsniff/patches/13_pop_with_version.patch b/network/dsniff/patches/13_pop_with_version.patch
new file mode 100644
index 0000000000..80c570c41a
--- /dev/null
+++ b/network/dsniff/patches/13_pop_with_version.patch
@@ -0,0 +1,30 @@
+Author: Luciano Bello <luciano@linux.org.ar>
+Description: distinguish between pop versions
+---
+This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
+
+--- a/decode.c
++++ b/decode.c
+@@ -63,7 +63,8 @@
+ { "http", decode_http },
+ { "ospf", decode_ospf },
+ { "poppass", decode_poppass },
+- { "pop", decode_pop },
++ { "pop2", decode_pop },
++ { "pop3", decode_pop },
+ { "nntp", decode_nntp },
+ { "smb", decode_smb },
+ { "imap", decode_imap },
+--- a/dsniff.services
++++ b/dsniff.services
+@@ -10,8 +10,8 @@
+ ospf 89/ip
+ http 98/tcp
+ poppass 106/tcp
+-pop 109/tcp
+-pop 110/tcp
++pop2 109/tcp
++pop3 110/tcp
+ portmap 111/tcp
+ portmap -111/tcp
+ portmap 111/udp
diff --git a/network/dsniff/patches/14_obsolete_time.patch b/network/dsniff/patches/14_obsolete_time.patch
new file mode 100644
index 0000000000..f4ca6088c1
--- /dev/null
+++ b/network/dsniff/patches/14_obsolete_time.patch
@@ -0,0 +1,36 @@
+Author: Luciano Bello <luciano@linux.org.ar>
+Description: According to /usr/include/time.h, CLK_TCK is the
+"obsolete POSIX.1-1988 name" for CLOCKS_PER_SEC.
+Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=420944
+---
+This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
+
+--- a/sshow.c
++++ b/sshow.c
+@@ -224,7 +224,7 @@
+ if (debug)
+ printf("- %s -> %s: DATA (%s bytes, %.2f seconds)\n",
+ s_saddr(ts), s_daddr(ts), s_range(plain_range),
+- (float)delay / CLK_TCK);
++ (float)delay / CLOCKS_PER_SEC);
+ if (debug > 1)
+ print_data(&ts->server, cipher_size);
+
+@@ -273,7 +273,7 @@
+ if (debug)
+ printf("- %s <- %s: DATA (%s bytes, %.2f seconds)\n",
+ s_saddr(ts), s_daddr(ts), s_range(plain_range),
+- (float)delay / CLK_TCK);
++ (float)delay / CLOCKS_PER_SEC);
+ if (debug > 1)
+ print_data(&ts->client, cipher_size);
+
+@@ -302,7 +302,7 @@
+
+ if (session->state == 1 &&
+ #ifdef USE_TIMING
+- now - get_history(session, 2)->timestamp >= CLK_TCK &&
++ now - get_history(session, 2)->timestamp >= CLOCKS_PER_SEC &&
+ #endif
+ session->protocol == 1 &&
+ (session->history.directions & 7) == 5 &&
diff --git a/network/dsniff/patches/15_checksum_libnids.patch b/network/dsniff/patches/15_checksum_libnids.patch
new file mode 100644
index 0000000000..47fbbe1d58
--- /dev/null
+++ b/network/dsniff/patches/15_checksum_libnids.patch
@@ -0,0 +1,98 @@
+Author: Gleb Paharenko <gpaharenko@gmail.com>
+Description: Workaround to this Debian bug
+Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=420129
+---
+This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
+
+--- a/dsniff.c
++++ b/dsniff.c
+@@ -70,6 +70,80 @@
+ {
+ }
+
++
++static int get_all_ifaces(struct ifreq **, int *);
++static unsigned int get_addr_from_ifreq(struct ifreq *);
++
++int all_local_ipaddrs_chksum_disable()
++{
++ struct ifreq *ifaces;
++ int ifaces_count;
++ int i, ind = 0;
++ struct nids_chksum_ctl *ctlp;
++ unsigned int tmp;
++
++ if (!get_all_ifaces(&ifaces, &ifaces_count))
++ return -1;
++ ctlp =
++ (struct nids_chksum_ctl *) malloc(ifaces_count *
++ sizeof(struct
++ nids_chksum_ctl));
++ if (!ctlp)
++ return -1;
++ for (i = 0; i < ifaces_count; i++) {
++ tmp = get_addr_from_ifreq(ifaces + i);
++ if (tmp) {
++ ctlp[ind].netaddr = tmp;
++ ctlp[ind].mask = inet_addr("255.255.255.255");
++ ctlp[ind].action = NIDS_DONT_CHKSUM;
++ ind++;
++ }
++ }
++ free(ifaces);
++ nids_register_chksum_ctl(ctlp, ind);
++}
++
++/* helper functions for Example 2 */
++unsigned int get_addr_from_ifreq(struct ifreq *iface)
++{
++ if (iface->ifr_addr.sa_family == AF_INET)
++ return ((struct sockaddr_in *) &(iface->ifr_addr))->
++ sin_addr.s_addr;
++ return 0;
++}
++
++static int get_all_ifaces(struct ifreq **ifaces, int *count)
++{
++ int ifaces_size = 8 * sizeof(struct ifreq);
++ struct ifconf param;
++ int sock;
++ unsigned int i;
++
++ *ifaces = malloc(ifaces_size);
++ sock = socket(PF_INET, SOCK_DGRAM, IPPROTO_IP);
++ if (sock <= 0)
++ return 0;
++ for (;;) {
++ param.ifc_len = ifaces_size;
++ param.ifc_req = *ifaces;
++ if (ioctl(sock, SIOCGIFCONF, &param))
++ goto err;
++ if (param.ifc_len < ifaces_size)
++ break;
++ free(*ifaces);
++ ifaces_size *= 2;
++ ifaces = malloc(ifaces_size);
++ }
++ *count = param.ifc_len / sizeof(struct ifreq);
++ close(sock);
++ return 1;
++ err:
++ close(sock);
++ return 0;
++}
++
++
++
+ int
+ main(int argc, char *argv[])
+ {
+@@ -189,6 +263,8 @@
+ warnx("using %s", nids_params.filename);
+ }
+ }
++
++ all_local_ipaddrs_chksum_disable();
+
+ nids_run();
+
diff --git a/network/dsniff/patches/16_TDS_decoder.patch b/network/dsniff/patches/16_TDS_decoder.patch
new file mode 100644
index 0000000000..a748243f6c
--- /dev/null
+++ b/network/dsniff/patches/16_TDS_decoder.patch
@@ -0,0 +1,20 @@
+Author: Luciano Bello <luciano@debian.org>
+Description: Fix for DOS y TDS decoder. Patch provided by Hilko Bengen.
+Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=609988
+---
+This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
+
+--- a/decode_tds.c
++++ b/decode_tds.c
+@@ -144,6 +144,11 @@
+ len > sizeof(*th) && len >= ntohs(th->size);
+ buf += ntohs(th->size), len -= ntohs(th->size)) {
+
++ if (th->size != 8) {
++ /* wrong header length */
++ break;
++ }
++
+ if (th->type == 2) {
+ /* Version 4.x, 5.0 */
+ if (len < sizeof(*th) + sizeof(*tl))
diff --git a/network/dsniff/patches/17_checksum.patch b/network/dsniff/patches/17_checksum.patch
new file mode 100644
index 0000000000..96eb3cc80f
--- /dev/null
+++ b/network/dsniff/patches/17_checksum.patch
@@ -0,0 +1,29 @@
+Author: Piotr Engelking <inkerman42@gmail.com>
+Description: Disable the filtering packets with incorrect checksum.
+Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=372536
+---
+This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
+
+--- a/urlsnarf.c
++++ b/urlsnarf.c
+@@ -245,6 +245,7 @@
+ extern char *optarg;
+ extern int optind;
+ int c;
++ struct nids_chksum_ctl chksum_ctl;
+
+ while ((c = getopt(argc, argv, "i:p:nvh?V")) != -1) {
+ switch (c) {
+@@ -305,6 +306,12 @@
+ }
+ }
+
++ chksum_ctl.netaddr = 0;
++ chksum_ctl.mask = 0;
++ chksum_ctl.action = NIDS_DONT_CHKSUM;
++
++ nids_register_chksum_ctl(&chksum_ctl, 1);
++
+ nids_run();
+
+ /* NOTREACHED */
diff --git a/network/dsniff/patches/18_sshcrypto.patch b/network/dsniff/patches/18_sshcrypto.patch
new file mode 100644
index 0000000000..252ffa6e67
--- /dev/null
+++ b/network/dsniff/patches/18_sshcrypto.patch
@@ -0,0 +1,17 @@
+Author: Steve Kemp <skx@debian.org>
+Description: Missing openssl includes in sshcrypto.c.
+This patch was through diff.gz and now is implemented as a dpatch.
+---
+This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
+
+--- a/sshcrypto.c
++++ b/sshcrypto.c
+@@ -14,6 +14,8 @@
+
+ #include <sys/types.h>
+ #include <openssl/ssl.h>
++#include <openssl/blowfish.h>
++#include <openssl/des.h>
+
+ #include <err.h>
+ #include <stdio.h>
diff --git a/network/dsniff/patches/19_rewrite-and-modernize-POP-decoder.patch b/network/dsniff/patches/19_rewrite-and-modernize-POP-decoder.patch
new file mode 100644
index 0000000000..790931521f
--- /dev/null
+++ b/network/dsniff/patches/19_rewrite-and-modernize-POP-decoder.patch
@@ -0,0 +1,132 @@
+>From b05e27ba9b0ba9ef00ad2183933652e08d8c89af Mon Sep 17 00:00:00 2001
+From: Stefan Tomanek <stefan@pico.ruhr.de>
+Date: Sat, 29 Oct 2011 20:48:55 +0200
+Subject: [PATCH] rewrite and modernize POP decoder
+
+
+Signed-off-by: Stefan Tomanek <stefan@pico.ruhr.de>
+---
+ decode_pop.c | 96 ++++++++++++++++++++++++++++++++++++++++++++++-----------
+ 1 files changed, 77 insertions(+), 19 deletions(-)
+---
+This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
+
+--- a/decode_pop.c
++++ b/decode_pop.c
+@@ -6,6 +6,8 @@
+ * Copyright (c) 2000 Dug Song <dugsong@monkey.org>
+ *
+ * $Id: decode_pop.c,v 1.4 2001/03/15 08:33:02 dugsong Exp $
++ *
++ * Rewritten by Stefan Tomanek 2011 <stefan@pico.ruhr.de>
+ */
+
+ #include "config.h"
+@@ -45,32 +47,88 @@
+ decode_pop(u_char *buf, int len, u_char *obuf, int olen)
+ {
+ char *p;
++ char *s;
++ int n;
+ int i, j;
++ char *user;
++ char *password;
++ enum {
++ NONE,
++ AUTHPLAIN,
++ AUTHLOGIN,
++ USERPASS
++ } mode = NONE;
++
+
+ obuf[0] = '\0';
+
+ for (p = strtok(buf, "\r\n"); p != NULL; p = strtok(NULL, "\r\n")) {
+- if (strncasecmp(p, "AUTH PLAIN", 10) == 0 ||
+- strncasecmp(p, "AUTH LOGIN", 10) == 0) {
+- strlcat(obuf, p, olen);
+- strlcat(obuf, "\n", olen);
+-
+- /* Decode SASL auth. */
+- for (i = 0; i < 2 && (p = strtok(NULL, "\r\n")); i++) {
+- strlcat(obuf, p, olen);
+- j = base64_pton(p, p, strlen(p));
+- p[j] = '\0';
+- strlcat(obuf, " [", olen);
+- strlcat(obuf, p, olen);
+- strlcat(obuf, "]\n", olen);
++ if (mode == NONE) {
++ user = NULL;
++ password = NULL;
++ if (strncasecmp(p, "AUTH PLAIN", 10) == 0) {
++ mode = AUTHPLAIN;
++ continue;
++ }
++ if (strncasecmp(p, "AUTH LOGIN", 10) == 0) {
++ mode = AUTHLOGIN;
++ continue;
++ }
++ if (strncasecmp(p, "USER ", 5) == 0) {
++ mode = USERPASS;
++ /* the traditional login cuts right to the case,
++ * so no continue here
++ */
+ }
+ }
+- /* Save regular POP2, POP3 auth info. */
+- else if (strncasecmp(p, "USER ", 5) == 0 ||
+- strncasecmp(p, "PASS ", 5) == 0 ||
+- strncasecmp(p, "HELO ", 5) == 0) {
+- strlcat(obuf, p, olen);
+- strlcat(obuf, "\n", olen);
++ printf("(%d) %s\n", mode, p);
++ if (mode == USERPASS) {
++ if (strncasecmp(p, "USER ", 5) == 0) {
++ user = &p[5];
++ } else if (strncasecmp(p, "PASS ", 5) == 0) {
++ password = &p[5];
++ }
++ }
++
++ if (mode == AUTHPLAIN) {
++ j = base64_pton(p, p, strlen(p));
++ p[j] = '\0';
++ n = 0;
++ s = p;
++ /* p consists of three parts, divided by \0 */
++ while (s <= &p[j] && n<=3) {
++ if (n == 0) {
++ /* we do not process this portion yet */
++ } else if (n == 1) {
++ user = s;
++ } else if (n == 2) {
++ password = s;
++ }
++ n++;
++ while (*s) s++;
++ s++;
++ }
++ }
++
++ if (mode == AUTHLOGIN) {
++ j = base64_pton(p, p, strlen(p));
++ p[j] = '\0';
++ if (! user) {
++ user = p;
++ } else {
++ password = p;
++ /* got everything we need :-) */
++ }
++ }
++
++ if (user && password) {
++ strlcat(obuf, "\nusername [", olen);
++ strlcat(obuf, user, olen);
++ strlcat(obuf, "] password [", olen);
++ strlcat(obuf, password, olen);
++ strlcat(obuf, "]\n", olen);
++
++ mode = NONE;
+ }
+ }
+ return (strlen(obuf));
diff --git a/network/dsniff/patches/20_debian_dirs.patch b/network/dsniff/patches/20_debian_dirs.patch
new file mode 100644
index 0000000000..a99a3ff57d
--- /dev/null
+++ b/network/dsniff/patches/20_debian_dirs.patch
@@ -0,0 +1,62 @@
+Author: Steve Kemp <skx@debian.org>
+Description: Adapt to Debian directory structure.
+---
+This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
+
+--- a/Makefile.in
++++ b/Makefile.in
+@@ -11,7 +11,7 @@
+ install_prefix =
+ prefix = @prefix@
+ exec_prefix = @exec_prefix@
+-libdir = @libdir@
++libdir = $(prefix)/share/dsniff
+ sbindir = @sbindir@
+ mandir = @mandir@
+
+@@ -37,8 +37,7 @@
+ X11INC = @X_CFLAGS@
+ X11LIB = @X_LIBS@ @X_PRE_LIBS@ -lXmu -lX11 @X_EXTRA_LIBS@
+
+-INCS = -I. $(NIDSINC) $(PCAPINC) $(LNETINC) $(DBINC) $(SSLINC) $(X11INC) \
+- -I$(srcdir)/missing
++INCS = -I. $(X11INC) -I$(srcdir)/missing
+ LIBS = @LIBS@ -L$(srcdir) -lmissing
+
+ INSTALL = @INSTALL@
+--- a/dnsspoof.8
++++ b/dnsspoof.8
+@@ -31,7 +31,7 @@
+ address queries on the LAN with an answer of the local machine's IP
+ address.
+ .SH FILES
+-.IP \fI/usr/local/lib/dnsspoof.hosts\fR
++.IP \fI/usr/share/dsniff/dnsspoof.hosts\fR
+ Sample hosts file.
+ .SH "SEE ALSO"
+ dsniff(8), hosts(5)
+--- a/dsniff.8
++++ b/dsniff.8
+@@ -68,9 +68,9 @@
+ On a hangup signal \fBdsniff\fR will dump its current trigger table to
+ \fIdsniff.services\fR.
+ .SH FILES
+-.IP \fI/usr/local/lib/dsniff.services\fR
++.IP \fI/usr/share/dsniff/dsniff.services\fR
+ Default trigger table
+-.IP \fI/usr/local/lib/dsniff.magic\fR
++.IP \fI/usr/share/dsniff/dsniff.magic\fR
+ Network protocol magic
+ .SH "SEE ALSO"
+ arpspoof(8), libnids(3), services(5), magic(5)
+--- a/pathnames.h
++++ b/pathnames.h
+@@ -12,7 +12,7 @@
+ #define PATHNAMES_H
+
+ #ifndef DSNIFF_LIBDIR
+-#define DSNIFF_LIBDIR "/usr/local/lib/"
++#define DSNIFF_LIBDIR "/usr/share/dsniff/"
+ #endif
+
+ #define DSNIFF_SERVICES "dsniff.services"
diff --git a/network/dsniff/patches/21_msgsnarf_segfault.patch b/network/dsniff/patches/21_msgsnarf_segfault.patch
new file mode 100644
index 0000000000..e60fe847e4
--- /dev/null
+++ b/network/dsniff/patches/21_msgsnarf_segfault.patch
@@ -0,0 +1,15 @@
+Author: <bdefreese@debian2.bddebian.com>
+Description: Correctly 0 out the c struct.
+---
+This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
+
+--- a/msgsnarf.c
++++ b/msgsnarf.c
+@@ -584,6 +584,7 @@
+ if (i == 0) {
+ if ((c = malloc(sizeof(*c))) == NULL)
+ nids_params.no_mem("sniff_msgs");
++ memset(c, 0, sizeof(*c));
+ c->ip = ts->addr.saddr;
+ c->nick = strdup("unknown");
+ SLIST_INSERT_HEAD(&client_list, c, next);
diff --git a/network/dsniff/patches/22_handlepp.patch b/network/dsniff/patches/22_handlepp.patch
new file mode 100644
index 0000000000..da0a49dbeb
--- /dev/null
+++ b/network/dsniff/patches/22_handlepp.patch
@@ -0,0 +1,17 @@
+Author: Joerg Dorchain <joerg@dorchain.net>
+Description: Add tcpkill support for handle ppp interfaces.
+---
+This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
+
+--- a/pcaputil.c
++++ b/pcaputil.c
+@@ -52,6 +52,9 @@
+ case DLT_NULL:
+ offset = 4;
+ break;
++ case DLT_LINUX_SLL: /* e.g. ppp */
++ offset = 16;
++ break;
+ default:
+ warnx("unsupported datalink type");
+ break;
diff --git a/network/dsniff/patches/23_urlsnarf_timestamp.patch b/network/dsniff/patches/23_urlsnarf_timestamp.patch
new file mode 100644
index 0000000000..36a8b0f277
--- /dev/null
+++ b/network/dsniff/patches/23_urlsnarf_timestamp.patch
@@ -0,0 +1,82 @@
+Author: Hilko Bengen <bengen@debian.org>
+Description: urlsnarf: use timestamps from pcap file if available.
+Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=573365
+---
+This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
+
+--- a/urlsnarf.c
++++ b/urlsnarf.c
+@@ -36,6 +36,7 @@
+ u_short Opt_dns = 1;
+ int Opt_invert = 0;
+ regex_t *pregex = NULL;
++time_t tt = 0;
+
+ static void
+ usage(void)
+@@ -57,9 +58,12 @@
+ {
+ static char tstr[32], sign;
+ struct tm *t, gmt;
+- time_t tt = time(NULL);
+ int days, hours, tz, len;
+
++ if (!nids_params.filename) {
++ tt = time(NULL);
++ }
++
+ gmt = *gmtime(&tt);
+ t = localtime(&tt);
+
+@@ -312,9 +316,48 @@
+
+ nids_register_chksum_ctl(&chksum_ctl, 1);
+
+- nids_run();
+-
+- /* NOTREACHED */
++ pcap_t *p;
++ char pcap_errbuf[PCAP_ERRBUF_SIZE];
++ if (nids_params.filename == NULL) {
++ /* adapted from libnids.c:open_live() */
++ if (strcmp(nids_params.device, "all") == 0)
++ nids_params.device = "any";
++ p = pcap_open_live(nids_params.device, 16384,
++ (nids_params.promisc != 0),
++ 0, pcap_errbuf);
++ if (!p) {
++ fprintf(stderr, "pcap_open_live(): %s\n",
++ pcap_errbuf);
++ exit(1);
++ }
++ }
++ else {
++ p = pcap_open_offline(nids_params.filename,
++ pcap_errbuf);
++ if (!p) {
++ fprintf(stderr, "pcap_open_offline(%s): %s\n",
++ nids_params.filename, pcap_errbuf);
++ }
++ }
++
++ struct pcap_pkthdr *h;
++ u_char *d;
++ int rc;
++ while ((rc = pcap_next_ex(p, &h, &d)) == 1) {
++ tt = h->ts.tv_sec;
++ nids_pcap_handler(NULL, h, d);
++ }
++ switch (rc) {
++ case(-2): /* end of pcap file */
++ case(0): /* timeout on live capture */
++ break;
++ case(-1):
++ default:
++ fprintf(stderr, "rc = %i\n", rc);
++ pcap_perror(p, "pcap_read_ex()");
++ exit(1);
++ break;
++ }
+
+ exit(0);
+ }
diff --git a/network/dsniff/patches/24_Fix-OpenSSL1.1.0-Build.patch b/network/dsniff/patches/24_Fix-OpenSSL1.1.0-Build.patch
new file mode 100644
index 0000000000..db7739ee34
--- /dev/null
+++ b/network/dsniff/patches/24_Fix-OpenSSL1.1.0-Build.patch
@@ -0,0 +1,202 @@
+Description: Fix build with OpenSSL 1.1.0
+Author: Christoph Biedl <debian.axhn@manchmal.in-ulm.de>
+---
+This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
+
+
+--- a/ssh.c
++++ b/ssh.c
+@@ -234,7 +234,10 @@
+ u_char *p, cipher, cookie[8], msg[1024];
+ u_int32_t num;
+ int i;
+-
++
++ const BIGNUM *servkey_e, *servkey_n;
++ const BIGNUM *hostkey_e, *hostkey_n;
++
+ /* Generate anti-spoofing cookie. */
+ RAND_bytes(cookie, sizeof(cookie));
+
+@@ -243,11 +246,13 @@
+ *p++ = SSH_SMSG_PUBLIC_KEY; /* type */
+ memcpy(p, cookie, 8); p += 8; /* cookie */
+ num = 768; PUTLONG(num, p); /* servkey bits */
+- put_bn(ssh->ctx->servkey->e, &p); /* servkey exponent */
+- put_bn(ssh->ctx->servkey->n, &p); /* servkey modulus */
++ RSA_get0_key(ssh->ctx->servkey, &servkey_n, &servkey_e, NULL);
++ put_bn(servkey_e, &p); /* servkey exponent */
++ put_bn(servkey_n, &p); /* servkey modulus */
+ num = 1024; PUTLONG(num, p); /* hostkey bits */
+- put_bn(ssh->ctx->hostkey->e, &p); /* hostkey exponent */
+- put_bn(ssh->ctx->hostkey->n, &p); /* hostkey modulus */
++ RSA_get0_key(ssh->ctx->hostkey, &hostkey_n, &hostkey_e, NULL);
++ put_bn(hostkey_e, &p); /* hostkey exponent */
++ put_bn(hostkey_n, &p); /* hostkey modulus */
+ num = 0; PUTLONG(num, p); /* protocol flags */
+ num = ssh->ctx->encmask; PUTLONG(num, p); /* ciphers */
+ num = ssh->ctx->authmask; PUTLONG(num, p); /* authmask */
+@@ -298,7 +303,7 @@
+ SKIP(p, i, 4);
+
+ /* Decrypt session key. */
+- if (BN_cmp(ssh->ctx->servkey->n, ssh->ctx->hostkey->n) > 0) {
++ if (BN_cmp(servkey_n, hostkey_n) > 0) {
+ rsa_private_decrypt(enckey, enckey, ssh->ctx->servkey);
+ rsa_private_decrypt(enckey, enckey, ssh->ctx->hostkey);
+ }
+@@ -318,8 +323,8 @@
+ BN_clear_free(enckey);
+
+ /* Derive real session key using session id. */
+- if ((p = ssh_session_id(cookie, ssh->ctx->hostkey->n,
+- ssh->ctx->servkey->n)) == NULL) {
++ if ((p = ssh_session_id(cookie, hostkey_n,
++ servkey_n)) == NULL) {
+ warn("ssh_session_id");
+ return (-1);
+ }
+@@ -328,10 +333,8 @@
+ }
+ /* Set cipher. */
+ if (cipher == SSH_CIPHER_3DES) {
+- ssh->estate = des3_init(ssh->sesskey, sizeof(ssh->sesskey));
+- ssh->dstate = des3_init(ssh->sesskey, sizeof(ssh->sesskey));
+- ssh->encrypt = des3_encrypt;
+- ssh->decrypt = des3_decrypt;
++ warnx("cipher 3des no longer supported");
++ return (-1);
+ }
+ else if (cipher == SSH_CIPHER_BLOWFISH) {
+ ssh->estate = blowfish_init(ssh->sesskey,sizeof(ssh->sesskey));
+@@ -357,7 +360,10 @@
+ u_char *p, cipher, cookie[8], msg[1024];
+ u_int32_t num;
+ int i;
+-
++
++ BIGNUM *servkey_n, *servkey_e;
++ BIGNUM *hostkey_n, *hostkey_e;
++
+ /* Get public key. */
+ if ((i = SSH_recv(ssh, pkt, sizeof(pkt))) <= 0) {
+ warn("SSH_recv");
+@@ -379,21 +385,23 @@
+
+ /* Get servkey. */
+ ssh->ctx->servkey = RSA_new();
+- ssh->ctx->servkey->n = BN_new();
+- ssh->ctx->servkey->e = BN_new();
++ servkey_n = BN_new();
++ servkey_e = BN_new();
++ RSA_set0_key(ssh->ctx->servkey, servkey_n, servkey_e, NULL);
+
+ SKIP(p, i, 4);
+- get_bn(ssh->ctx->servkey->e, &p, &i);
+- get_bn(ssh->ctx->servkey->n, &p, &i);
++ get_bn(servkey_e, &p, &i);
++ get_bn(servkey_n, &p, &i);
+
+ /* Get hostkey. */
+ ssh->ctx->hostkey = RSA_new();
+- ssh->ctx->hostkey->n = BN_new();
+- ssh->ctx->hostkey->e = BN_new();
++ hostkey_n = BN_new();
++ hostkey_e = BN_new();
++ RSA_set0_key(ssh->ctx->hostkey, hostkey_n, hostkey_e, NULL);
+
+ SKIP(p, i, 4);
+- get_bn(ssh->ctx->hostkey->e, &p, &i);
+- get_bn(ssh->ctx->hostkey->n, &p, &i);
++ get_bn(hostkey_e, &p, &i);
++ get_bn(hostkey_n, &p, &i);
+
+ /* Get cipher, auth masks. */
+ SKIP(p, i, 4);
+@@ -405,8 +413,8 @@
+ RAND_bytes(ssh->sesskey, sizeof(ssh->sesskey));
+
+ /* Obfuscate with session id. */
+- if ((p = ssh_session_id(cookie, ssh->ctx->hostkey->n,
+- ssh->ctx->servkey->n)) == NULL) {
++ if ((p = ssh_session_id(cookie, hostkey_n,
++ servkey_n)) == NULL) {
+ warn("ssh_session_id");
+ return (-1);
+ }
+@@ -422,7 +430,7 @@
+ else BN_add_word(bn, ssh->sesskey[i]);
+ }
+ /* Encrypt session key. */
+- if (BN_cmp(ssh->ctx->servkey->n, ssh->ctx->hostkey->n) < 0) {
++ if (BN_cmp(servkey_n, hostkey_n) < 0) {
+ rsa_public_encrypt(bn, bn, ssh->ctx->servkey);
+ rsa_public_encrypt(bn, bn, ssh->ctx->hostkey);
+ }
+@@ -470,10 +478,8 @@
+ ssh->decrypt = blowfish_decrypt;
+ }
+ else if (cipher == SSH_CIPHER_3DES) {
+- ssh->estate = des3_init(ssh->sesskey, sizeof(ssh->sesskey));
+- ssh->dstate = des3_init(ssh->sesskey, sizeof(ssh->sesskey));
+- ssh->encrypt = des3_encrypt;
+- ssh->decrypt = des3_decrypt;
++ warnx("cipher 3des no longer supported");
++ return (-1);
+ }
+ /* Get server response. */
+ if ((i = SSH_recv(ssh, pkt, sizeof(pkt))) <= 0) {
+--- a/sshcrypto.c
++++ b/sshcrypto.c
+@@ -28,10 +28,12 @@
+ u_char iv[8];
+ };
+
++#if 0
+ struct des3_state {
+ des_key_schedule k1, k2, k3;
+ des_cblock iv1, iv2, iv3;
+ };
++#endif
+
+ void
+ rsa_public_encrypt(BIGNUM *out, BIGNUM *in, RSA *key)
+@@ -39,10 +41,12 @@
+ u_char *inbuf, *outbuf;
+ int len, ilen, olen;
+
+- if (BN_num_bits(key->e) < 2 || !BN_is_odd(key->e))
++ const BIGNUM *n, *e;
++ RSA_get0_key(key, &n, &e, NULL);
++ if (BN_num_bits(e) < 2 || !BN_is_odd(e))
+ errx(1, "rsa_public_encrypt() exponent too small or not odd");
+
+- olen = BN_num_bytes(key->n);
++ olen = BN_num_bytes(n);
+ outbuf = malloc(olen);
+
+ ilen = BN_num_bytes(in);
+@@ -71,7 +75,9 @@
+ u_char *inbuf, *outbuf;
+ int len, ilen, olen;
+
+- olen = BN_num_bytes(key->n);
++ const BIGNUM *n;
++ RSA_get0_key(key, &n, NULL, NULL);
++ olen = BN_num_bytes(n);
+ outbuf = malloc(olen);
+
+ ilen = BN_num_bytes(in);
+@@ -146,6 +152,7 @@
+ swap_bytes(dst, dst, len);
+ }
+
++#if 0
+ /* XXX - SSH1's weirdo 3DES... */
+ void *
+ des3_init(u_char *sesskey, int len)
+@@ -194,3 +201,4 @@
+ des_ncbc_encrypt(dst, dst, len, dstate->k2, &dstate->iv2, DES_ENCRYPT);
+ des_ncbc_encrypt(dst, dst, len, dstate->k1, &dstate->iv1, DES_DECRYPT);
+ }
++#endif
diff --git a/network/dsniff/patches/25_fix-spelling-errors.patch b/network/dsniff/patches/25_fix-spelling-errors.patch
new file mode 100644
index 0000000000..febbf914e0
--- /dev/null
+++ b/network/dsniff/patches/25_fix-spelling-errors.patch
@@ -0,0 +1,17 @@
+Description: Fix minor spelling error in source code
+Author: Marcos Fouces <marcos.fouces@gmail.com>
+---
+This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
+
+
+--- a/remote.c
++++ b/remote.c
+@@ -652,7 +652,7 @@
+ if (remote_command_count > 0)
+ {
+ fprintf (stderr,
+- "%s: the `-id' option must preceed all `-remote' options.\n",
++ "%s: the `-id' option must precede all `-remote' options.\n",
+ progname);
+ usage ();
+ exit (-1);
diff --git a/network/dsniff/patches/26_arpspoof-add-r-switch-to-poison-both-directions.patch b/network/dsniff/patches/26_arpspoof-add-r-switch-to-poison-both-directions.patch
new file mode 100644
index 0000000000..9a55f25051
--- /dev/null
+++ b/network/dsniff/patches/26_arpspoof-add-r-switch-to-poison-both-directions.patch
@@ -0,0 +1,170 @@
+>From 8fbf0ac15e5fe2df427e3e028f9aa8d96788986a Mon Sep 17 00:00:00 2001
+From: Stefan Tomanek <stefan@pico.ruhr.de>
+Date: Sun, 6 Nov 2011 22:44:54 +0100
+Subject: [PATCH 1/3] arpspoof: add -r switch to poison both directions
+
+
+Signed-off-by: Stefan Tomanek <stefan@pico.ruhr.de>
+---
+ arpspoof.8 | 5 ++++-
+ arpspoof.c | 59 +++++++++++++++++++++++++++++++++++++++++++++++------------
+ 2 files changed, 51 insertions(+), 13 deletions(-)
+
+ ---
+This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
+
+--- a/arpspoof.8
++++ b/arpspoof.8
+@@ -9,7 +9,7 @@
+ .na
+ .nf
+ .fi
+-\fBarpspoof\fR [\fB-i \fIinterface\fR] [\fB-t \fItarget\fR] \fIhost\fR
++\fBarpspoof\fR [\fB\-i \fIinterface\fR] [\fB\-t \fItarget\fR] [\fB\-r\fR] \fIhost\fR
+ .SH DESCRIPTION
+ .ad
+ .fi
+@@ -26,6 +26,9 @@
+ .IP "\fB-t \fItarget\fR"
+ Specify a particular host to ARP poison (if not specified, all hosts
+ on the LAN).
++.IP "\fB\-r\fR"
++Poison both hosts (host and target) to capture traffic in both directions.
++(only valid in conjuntion with \-t)
+ .IP \fIhost\fR
+ Specify the host you wish to intercept packets for (usually the local
+ gateway).
+--- a/arpspoof.c
++++ b/arpspoof.c
+@@ -7,6 +7,8 @@
+ * Copyright (c) 1999 Dug Song <dugsong@monkey.org>
+ *
+ * $Id: arpspoof.c,v 1.5 2001/03/15 08:32:58 dugsong Exp $
++ *
++ * Improved 2011 by Stefan Tomanek <stefa@pico.ruhr.de>
+ */
+
+ #include "config.h"
+@@ -31,12 +33,13 @@
+ static struct ether_addr spoof_mac, target_mac;
+ static in_addr_t spoof_ip, target_ip;
+ static char *intf;
++static int poison_reverse;
+
+ static void
+ usage(void)
+ {
+ fprintf(stderr, "Version: " VERSION "\n"
+- "Usage: arpspoof [-i interface] [-t target] host\n");
++ "Usage: arpspoof [-i interface] [-t target] [-r] host\n");
+ exit(1);
+ }
+
+@@ -133,18 +136,30 @@
+ static void
+ cleanup(int sig)
+ {
++ int fw = arp_find(spoof_ip, &spoof_mac);
++ int bw = poison_reverse && target_ip && arp_find(target_ip, &target_mac);
+ int i;
+-
+- if (arp_find(spoof_ip, &spoof_mac)) {
+- for (i = 0; i < 3; i++) {
+- /* XXX - on BSD, requires ETHERSPOOF kernel. */
++
++ fprintf(stderr, "Cleaning up and re-arping targets...\n");
++ for (i = 0; i < 5; i++) {
++ /* XXX - on BSD, requires ETHERSPOOF kernel. */
++ if (fw) {
+ arp_send(l, ARPOP_REPLY,
+ (u_int8_t *)&spoof_mac, spoof_ip,
+ (target_ip ? (u_int8_t *)&target_mac : NULL),
+ target_ip);
++ /* we have to wait a moment before sending the next packet */
++ sleep(1);
++ }
++ if (bw) {
++ arp_send(l, ARPOP_REPLY,
++ (u_int8_t *)&target_mac, target_ip,
++ (u_int8_t *)&spoof_mac,
++ spoof_ip);
+ sleep(1);
+ }
+ }
++
+ exit(0);
+ }
+
+@@ -156,11 +171,12 @@
+ char pcap_ebuf[PCAP_ERRBUF_SIZE];
+ char libnet_ebuf[LIBNET_ERRBUF_SIZE];
+ int c;
+-
++
+ intf = NULL;
+ spoof_ip = target_ip = 0;
+-
+- while ((c = getopt(argc, argv, "i:t:h?V")) != -1) {
++ poison_reverse = 0;
++
++ while ((c = getopt(argc, argv, "ri:t:h?V")) != -1) {
+ switch (c) {
+ case 'i':
+ intf = optarg;
+@@ -169,6 +185,9 @@
+ if ((target_ip = libnet_name2addr4(l, optarg, LIBNET_RESOLVE)) == -1)
+ usage();
+ break;
++ case 'r':
++ poison_reverse = 1;
++ break;
+ default:
+ usage();
+ }
+@@ -178,7 +197,12 @@
+
+ if (argc != 1)
+ usage();
+-
++
++ if (poison_reverse && !target_ip) {
++ errx(1, "Spoofing the reverse path (-r) is only available when specifying a target (-t).");
++ usage();
++ }
++
+ if ((spoof_ip = libnet_name2addr4(l, argv[0], LIBNET_RESOLVE)) == -1)
+ usage();
+
+@@ -191,18 +215,29 @@
+ if (target_ip != 0 && !arp_find(target_ip, &target_mac))
+ errx(1, "couldn't arp for host %s",
+ libnet_addr2name4(target_ip, LIBNET_DONT_RESOLVE));
+-
++
++ if (poison_reverse) {
++ if (!arp_find(spoof_ip, &spoof_mac)) {
++ errx(1, "couldn't arp for spoof host %s",
++ libnet_addr2name4(spoof_ip, LIBNET_DONT_RESOLVE));
++ }
++ }
++
+ signal(SIGHUP, cleanup);
+ signal(SIGINT, cleanup);
+ signal(SIGTERM, cleanup);
+-
++
+ for (;;) {
+ arp_send(l, ARPOP_REPLY, NULL, spoof_ip,
+ (target_ip ? (u_int8_t *)&target_mac : NULL),
+ target_ip);
++ if (poison_reverse) {
++ arp_send(l, ARPOP_REPLY, NULL, target_ip, (uint8_t *)&spoof_mac, spoof_ip);
++ }
++
+ sleep(2);
+ }
+ /* NOTREACHED */
+-
++
+ exit(0);
+ }
diff --git a/network/dsniff/patches/27_arpspoof-allow-use-of-of-multiple-targets.patch b/network/dsniff/patches/27_arpspoof-allow-use-of-of-multiple-targets.patch
new file mode 100644
index 0000000000..120001f7b3
--- /dev/null
+++ b/network/dsniff/patches/27_arpspoof-allow-use-of-of-multiple-targets.patch
@@ -0,0 +1,194 @@
+Description: [PATCH 2/3] arpspoof: allow use of multiple targets. Last hunk modified by João Salavisa <joao.salavisa@gmail.com>
+in order to fix a bug with "-t" option of arpspoof. See https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=706766 fo more information.
+Author: Stefan Tomanek <stefan@pico.ruhr.de>
+ ---
+This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
+
+
+--- a/arpspoof.8
++++ b/arpspoof.8
+@@ -25,7 +25,7 @@
+ Specify the interface to use.
+ .IP "\fB-t \fItarget\fR"
+ Specify a particular host to ARP poison (if not specified, all hosts
+-on the LAN).
++on the LAN). Repeat to specify multiple hosts.
+ .IP "\fB\-r\fR"
+ Poison both hosts (host and target) to capture traffic in both directions.
+ (only valid in conjuntion with \-t)
+--- a/arpspoof.c
++++ b/arpspoof.c
+@@ -29,9 +29,14 @@
+
+ extern char *ether_ntoa(struct ether_addr *);
+
++struct host {
++ in_addr_t ip;
++ struct ether_addr mac;
++};
++
+ static libnet_t *l;
+-static struct ether_addr spoof_mac, target_mac;
+-static in_addr_t spoof_ip, target_ip;
++static struct host spoof = {0};
++static struct host *targets;
+ static char *intf;
+ static int poison_reverse;
+
+@@ -133,30 +138,46 @@
+ return (0);
+ }
+
++static int arp_find_all() {
++ struct host *target = targets;
++ while(target->ip) {
++ if (arp_find(target->ip, &target->mac)) {
++ return 1;
++ }
++ target++;
++ }
++
++ return 0;
++}
++
+ static void
+ cleanup(int sig)
+ {
+- int fw = arp_find(spoof_ip, &spoof_mac);
+- int bw = poison_reverse && target_ip && arp_find(target_ip, &target_mac);
++ int fw = arp_find(spoof.ip, &spoof.mac);
++ int bw = poison_reverse && targets[0].ip && arp_find_all();
+ int i;
+
+ fprintf(stderr, "Cleaning up and re-arping targets...\n");
+ for (i = 0; i < 5; i++) {
+- /* XXX - on BSD, requires ETHERSPOOF kernel. */
+- if (fw) {
+- arp_send(l, ARPOP_REPLY,
+- (u_int8_t *)&spoof_mac, spoof_ip,
+- (target_ip ? (u_int8_t *)&target_mac : NULL),
+- target_ip);
+- /* we have to wait a moment before sending the next packet */
+- sleep(1);
+- }
+- if (bw) {
+- arp_send(l, ARPOP_REPLY,
+- (u_int8_t *)&target_mac, target_ip,
+- (u_int8_t *)&spoof_mac,
+- spoof_ip);
+- sleep(1);
++ struct host *target = targets;
++ while(target->ip) {
++ /* XXX - on BSD, requires ETHERSPOOF kernel. */
++ if (fw) {
++ arp_send(l, ARPOP_REPLY,
++ (u_int8_t *)&spoof.mac, spoof.ip,
++ (target->ip ? (u_int8_t *)&target->mac : NULL),
++ target->ip);
++ /* we have to wait a moment before sending the next packet */
++ sleep(1);
++ }
++ if (bw) {
++ arp_send(l, ARPOP_REPLY,
++ (u_int8_t *)&target->mac, target->ip,
++ (u_int8_t *)&spoof.mac,
++ spoof.ip);
++ sleep(1);
++ }
++ target++;
+ }
+ }
+
+@@ -171,10 +192,15 @@
+ char pcap_ebuf[PCAP_ERRBUF_SIZE];
+ char libnet_ebuf[LIBNET_ERRBUF_SIZE];
+ int c;
++ int n_targets;
+
++ spoof.ip = 0;
+ intf = NULL;
+- spoof_ip = target_ip = 0;
+ poison_reverse = 0;
++ n_targets = 0;
++
++ /* allocate enough memory for target list */
++ targets = calloc( argc+1, sizeof(struct host) );
+
+ while ((c = getopt(argc, argv, "ri:t:h?V")) != -1) {
+ switch (c) {
+@@ -182,7 +208,7 @@
+ intf = optarg;
+ break;
+ case 't':
+- if ((target_ip = libnet_name2addr4(l, optarg, LIBNET_RESOLVE)) == -1)
++ if ((targets[n_targets++].ip = libnet_name2addr4(l, optarg, LIBNET_RESOLVE)) == -1)
+ usage();
+ break;
+ case 'r':
+@@ -198,12 +224,12 @@
+ if (argc != 1)
+ usage();
+
+- if (poison_reverse && !target_ip) {
++ if (poison_reverse && !n_targets) {
+ errx(1, "Spoofing the reverse path (-r) is only available when specifying a target (-t).");
+ usage();
+ }
+
+- if ((spoof_ip = libnet_name2addr4(l, argv[0], LIBNET_RESOLVE)) == -1)
++ if ((spoof.ip = libnet_name2addr4(l, argv[0], LIBNET_RESOLVE)) == -1)
+ usage();
+
+ if (intf == NULL && (intf = pcap_lookupdev(pcap_ebuf)) == NULL)
+@@ -211,15 +237,19 @@
+
+ if ((l = libnet_init(LIBNET_LINK, intf, libnet_ebuf)) == NULL)
+ errx(1, "%s", libnet_ebuf);
+-
+- if (target_ip != 0 && !arp_find(target_ip, &target_mac))
+- errx(1, "couldn't arp for host %s",
+- libnet_addr2name4(target_ip, LIBNET_DONT_RESOLVE));
++
++ struct host *target = targets;
++ while(target->ip) {
++ if (target->ip != 0 && !arp_find(target->ip, &target->mac))
++ errx(1, "couldn't arp for host %s",
++ libnet_addr2name4(target->ip, LIBNET_DONT_RESOLVE));
++ target++;
++ }
+
+ if (poison_reverse) {
+- if (!arp_find(spoof_ip, &spoof_mac)) {
++ if (!arp_find(spoof.ip, &spoof.mac)) {
+ errx(1, "couldn't arp for spoof host %s",
+- libnet_addr2name4(spoof_ip, LIBNET_DONT_RESOLVE));
++ libnet_addr2name4(spoof.ip, LIBNET_DONT_RESOLVE));
+ }
+ }
+
+@@ -228,12 +258,20 @@
+ signal(SIGTERM, cleanup);
+
+ for (;;) {
+- arp_send(l, ARPOP_REPLY, NULL, spoof_ip,
+- (target_ip ? (u_int8_t *)&target_mac : NULL),
+- target_ip);
+- if (poison_reverse) {
+- arp_send(l, ARPOP_REPLY, NULL, target_ip, (uint8_t *)&spoof_mac, spoof_ip);
++ if (!n_targets) {
++ arp_send(l, ARPOP_REPLY, my_ha, spoof.ip, brd_ha, 0, my_ha);
++ } else {
++ struct host *target = targets;
++ while(target->ip) {
++ arp_send(l, ARPOP_REPLY, NULL, spoof.ip,
++ (target->ip ? (u_int8_t *)&target->mac : NULL),
++ target->ip);
++ if (poison_reverse) {
++ arp_send(l, ARPOP_REPLY, NULL, target->ip, (uint8_t *)&spoof.mac, spoof.ip);
++ }
++ target++;
+ }
++ }
+
+ sleep(2);
+ }
diff --git a/network/dsniff/patches/28_arpspoof-allow-selection-of-source-hw-address.patch b/network/dsniff/patches/28_arpspoof-allow-selection-of-source-hw-address.patch
new file mode 100644
index 0000000000..95da6a1651
--- /dev/null
+++ b/network/dsniff/patches/28_arpspoof-allow-selection-of-source-hw-address.patch
@@ -0,0 +1,230 @@
+>From 21773ccf18a5fc49d35e510a8797b0a1e83858c4 Mon Sep 17 00:00:00 2001
+From: Stefan Tomanek <stefan@pico.ruhr.de>
+Date: Sun, 20 Nov 2011 21:32:53 +0100
+Subject: [PATCH 3/3] arpspoof: allow selection of source hw address
+
+In certain networks, sending with the wrong hardware source address can
+jeopardize the network connection of the host running arpspoof. This
+patch makes it possible to specify whether arpspoof should use the own
+hardware address or the one of the real host when resetting the arp
+table of the target systems; it is also possible to use both.
+
+Signed-off-by: Stefan Tomanek <stefan@pico.ruhr.de>
+---
+ arpspoof.8 | 9 +++++-
+ arpspoof.c | 90 ++++++++++++++++++++++++++++++++++++++++++-----------------
+ 2 files changed, 72 insertions(+), 27 deletions(-)
+---
+This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
+
+--- a/arpspoof.8
++++ b/arpspoof.8
+@@ -9,7 +9,7 @@
+ .na
+ .nf
+ .fi
+-\fBarpspoof\fR [\fB\-i \fIinterface\fR] [\fB\-t \fItarget\fR] [\fB\-r\fR] \fIhost\fR
++\fBarpspoof\fR [\fB\-i \fIinterface\fR] [\fB\-c \fIown|host|both\fR] [\fB\-t \fItarget\fR] [\fB\-r\fR] \fIhost\fR
+ .SH DESCRIPTION
+ .ad
+ .fi
+@@ -23,6 +23,13 @@
+ .SH OPTIONS
+ .IP "\fB-i \fIinterface\fR"
+ Specify the interface to use.
++.IP "\fB-c \fIown|host|both\fR"
++Specify which hardware address t use when restoring the arp configuration;
++while cleaning up, packets can be send with the own address as well as with
++the address of the host. Sending packets with a fake hw address can disrupt
++connectivity with certain switch/ap/bridge configurations, however it works
++more reliably than using the own address, which is the default way arpspoof
++cleans up afterwards.
+ .IP "\fB-t \fItarget\fR"
+ Specify a particular host to ARP poison (if not specified, all hosts
+ on the LAN). Repeat to specify multiple hosts.
+--- a/arpspoof.c
++++ b/arpspoof.c
+@@ -40,37 +40,36 @@
+ static char *intf;
+ static int poison_reverse;
+
++static uint8_t *my_ha = NULL;
++static uint8_t *brd_ha = "\xff\xff\xff\xff\xff\xff";
++
++static int cleanup_src_own = 1;
++static int cleanup_src_host = 0;
++
+ static void
+ usage(void)
+ {
+ fprintf(stderr, "Version: " VERSION "\n"
+- "Usage: arpspoof [-i interface] [-t target] [-r] host\n");
++ "Usage: arpspoof [-i interface] [-c own|host|both] [-t target] [-r] host\n");
+ exit(1);
+ }
+
+ static int
+-arp_send(libnet_t *l, int op, u_int8_t *sha,
+- in_addr_t spa, u_int8_t *tha, in_addr_t tpa)
++arp_send(libnet_t *l, int op,
++ u_int8_t *sha, in_addr_t spa,
++ u_int8_t *tha, in_addr_t tpa,
++ u_int8_t *me)
+ {
+ int retval;
+
+- if (sha == NULL &&
+- (sha = (u_int8_t *)libnet_get_hwaddr(l)) == NULL) {
+- return (-1);
+- }
+- if (spa == 0) {
+- if ((spa = libnet_get_ipaddr4(l)) == -1)
+- return (-1);
+- }
+- if (tha == NULL)
+- tha = "\xff\xff\xff\xff\xff\xff";
+-
++ if (!me) me = sha;
++
+ libnet_autobuild_arp(op, sha, (u_int8_t *)&spa,
+ tha, (u_int8_t *)&tpa, l);
+- libnet_build_ethernet(tha, sha, ETHERTYPE_ARP, NULL, 0, l, 0);
++ libnet_build_ethernet(tha, me, ETHERTYPE_ARP, NULL, 0, l, 0);
+
+ fprintf(stderr, "%s ",
+- ether_ntoa((struct ether_addr *)sha));
++ ether_ntoa((struct ether_addr *)me));
+
+ if (op == ARPOP_REQUEST) {
+ fprintf(stderr, "%s 0806 42: arp who-has %s tell %s\n",
+@@ -129,7 +128,7 @@
+ /* XXX - force the kernel to arp. feh. */
+ arp_force(ip);
+ #else
+- arp_send(l, ARPOP_REQUEST, NULL, 0, NULL, ip);
++ arp_send(l, ARPOP_REQUEST, NULL, 0, NULL, ip, NULL);
+ #endif
+ sleep(1);
+ }
+@@ -156,17 +155,23 @@
+ int fw = arp_find(spoof.ip, &spoof.mac);
+ int bw = poison_reverse && targets[0].ip && arp_find_all();
+ int i;
++ int rounds = (cleanup_src_own*5 + cleanup_src_host*5);
+
+ fprintf(stderr, "Cleaning up and re-arping targets...\n");
+- for (i = 0; i < 5; i++) {
++ for (i = 0; i < rounds; i++) {
+ struct host *target = targets;
+ while(target->ip) {
++ uint8_t *src_ha = NULL;
++ if (cleanup_src_own && (i%2 || !cleanup_src_host)) {
++ src_ha = my_ha;
++ }
+ /* XXX - on BSD, requires ETHERSPOOF kernel. */
+ if (fw) {
+ arp_send(l, ARPOP_REPLY,
+ (u_int8_t *)&spoof.mac, spoof.ip,
+- (target->ip ? (u_int8_t *)&target->mac : NULL),
+- target->ip);
++ (target->ip ? (u_int8_t *)&target->mac : brd_ha),
++ target->ip,
++ src_ha);
+ /* we have to wait a moment before sending the next packet */
+ sleep(1);
+ }
+@@ -174,7 +179,8 @@
+ arp_send(l, ARPOP_REPLY,
+ (u_int8_t *)&target->mac, target->ip,
+ (u_int8_t *)&spoof.mac,
+- spoof.ip);
++ spoof.ip,
++ src_ha);
+ sleep(1);
+ }
+ target++;
+@@ -193,6 +199,7 @@
+ char libnet_ebuf[LIBNET_ERRBUF_SIZE];
+ int c;
+ int n_targets;
++ char *cleanup_src = NULL;
+
+ spoof.ip = 0;
+ intf = NULL;
+@@ -202,7 +209,7 @@
+ /* allocate enough memory for target list */
+ targets = calloc( argc+1, sizeof(struct host) );
+
+- while ((c = getopt(argc, argv, "ri:t:h?V")) != -1) {
++ while ((c = getopt(argc, argv, "ri:t:c:h?V")) != -1) {
+ switch (c) {
+ case 'i':
+ intf = optarg;
+@@ -214,6 +221,9 @@
+ case 'r':
+ poison_reverse = 1;
+ break;
++ case 'c':
++ cleanup_src = optarg;
++ break;
+ default:
+ usage();
+ }
+@@ -229,6 +239,29 @@
+ usage();
+ }
+
++ if (!cleanup_src || strcmp(cleanup_src, "own")==0) { /* default! */
++ /* only use our own hw address when cleaning up,
++ * not jeopardizing any bridges on the way to our
++ * target
++ */
++ cleanup_src_own = 1;
++ cleanup_src_host = 0;
++ } else if (strcmp(cleanup_src, "host")==0) {
++ /* only use the target hw address when cleaning up;
++ * this can screw up some bridges and scramble access
++ * for our own host, however it resets the arp table
++ * more reliably
++ */
++ cleanup_src_own = 0;
++ cleanup_src_host = 1;
++ } else if (strcmp(cleanup_src, "both")==0) {
++ cleanup_src_own = 1;
++ cleanup_src_host = 1;
++ } else {
++ errx(1, "Invalid parameter to -c: use 'own' (default), 'host' or 'both'.");
++ usage();
++ }
++
+ if ((spoof.ip = libnet_name2addr4(l, argv[0], LIBNET_RESOLVE)) == -1)
+ usage();
+
+@@ -253,6 +286,10 @@
+ }
+ }
+
++ if ((my_ha = (u_int8_t *)libnet_get_hwaddr(l)) == NULL) {
++ errx(1, "Unable to determine own mac address");
++ }
++
+ signal(SIGHUP, cleanup);
+ signal(SIGINT, cleanup);
+ signal(SIGTERM, cleanup);
+@@ -263,11 +300,12 @@
+ } else {
+ struct host *target = targets;
+ while(target->ip) {
+- arp_send(l, ARPOP_REPLY, NULL, spoof.ip,
+- (target->ip ? (u_int8_t *)&target->mac : NULL),
+- target->ip);
++ arp_send(l, ARPOP_REPLY, my_ha, spoof.ip,
++ (target->ip ? (u_int8_t *)&target->mac : brd_ha),
++ target->ip,
++ my_ha);
+ if (poison_reverse) {
+- arp_send(l, ARPOP_REPLY, NULL, target->ip, (uint8_t *)&spoof.mac, spoof.ip);
++ arp_send(l, ARPOP_REPLY, my_ha, target->ip, (uint8_t *)&spoof.mac, spoof.ip, my_ha);
+ }
+ target++;
+ }
diff --git a/network/dsniff/patches/29_libnet_name2addr4.patch b/network/dsniff/patches/29_libnet_name2addr4.patch
new file mode 100644
index 0000000000..76c8c39882
--- /dev/null
+++ b/network/dsniff/patches/29_libnet_name2addr4.patch
@@ -0,0 +1,144 @@
+Description: fixes possible segmentation faults of arpspoof, sshmitm, webmitm and
+webspy if any non-resolving hostname is passed. Issue was introduced by
+dsniff-2.4-libnet_11.patch; libnet_name_resolve() was replaced by libnet_name2addr4()
+while there must be the structure libnet_t passed additionally. And if that structure is not initialized
+using libnet_init() and the passed name can't be resolved (like "192.168.2."), it
+causes a snprintf() to NULL and thus the segmentation fault. Note that macof isn't
+affected as no resolving was involved here ever.
+Author: Robert Scheck <robert@fedoraproject.org>
+Bug-RedHat: https://bugzilla.redhat.com/show_bug.cgi?id=1009879
+Origin: http://pkgs.fedoraproject.org/cgit/rpms/dsniff.git/tree/dsniff-2.4-libnet_name2addr4.patch
+---
+This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
+
+--- a/sshmitm.c
++++ b/sshmitm.c
+@@ -45,6 +45,8 @@
+ struct sockaddr_in csin, ssin;
+ int sig_pipe[2];
+
++static libnet_t *l;
++
+ static void
+ usage(void)
+ {
+@@ -364,6 +366,7 @@
+ u_long ip;
+ u_short lport, rport;
+ int c;
++ char libnet_ebuf[LIBNET_ERRBUF_SIZE];
+
+ lport = rport = 22;
+
+@@ -390,12 +393,15 @@
+ if (argc < 1)
+ usage();
+
+- if ((ip = libnet_name2addr4(NULL, argv[0], LIBNET_RESOLVE)) == -1)
+- usage();
+-
+ if (argc == 2 && (rport = atoi(argv[1])) == 0)
+ usage();
+
++ if ((l = libnet_init(LIBNET_LINK, NULL, libnet_ebuf)) == NULL)
++ errx(1, "%s", libnet_ebuf);
++
++ if ((ip = libnet_name2addr4(l, argv[0], LIBNET_RESOLVE)) == -1)
++ usage();
++
+ record_init(NULL);
+
+ mitm_init(lport, ip, rport);
+--- a/webmitm.c
++++ b/webmitm.c
+@@ -47,6 +47,8 @@
+ int do_ssl, sig_pipe[2];
+ in_addr_t static_host = 0;
+
++static libnet_t *l;
++
+ extern int decode_http(char *, int, char *, int);
+
+ static void
+@@ -242,7 +244,7 @@
+ word = buf_tok(&msg, "/", 1);
+ vhost = buf_strdup(word);
+ }
+- ssin.sin_addr.s_addr = libnet_name2addr4(NULL, vhost, 1);
++ ssin.sin_addr.s_addr = libnet_name2addr4(l, vhost, LIBNET_RESOLVE);
+ free(vhost);
+
+ if (ssin.sin_addr.s_addr == ntohl(INADDR_LOOPBACK) ||
+@@ -496,6 +498,7 @@
+ extern char *optarg;
+ extern int optind;
+ int c;
++ char libnet_ebuf[LIBNET_ERRBUF_SIZE];
+
+ while ((c = getopt(argc, argv, "dh?V")) != -1) {
+ switch (c) {
+@@ -509,8 +512,11 @@
+ argc -= optind;
+ argv += optind;
+
++ if ((l = libnet_init(LIBNET_LINK, NULL, libnet_ebuf)) == NULL)
++ errx(1, "%s", libnet_ebuf);
++
+ if (argc == 1) {
+- if ((static_host = libnet_name2addr4(NULL, argv[0], 1)) == -1)
++ if ((static_host = libnet_name2addr4(l, argv[0], LIBNET_RESOLVE)) == -1)
+ usage();
+ }
+ else if (argc != 0) usage();
+--- a/webspy.c
++++ b/webspy.c
+@@ -33,6 +33,7 @@
+ extern int mozilla_remote_commands (Display *, Window, char **);
+ char *expected_mozilla_version = "4.7";
+ char *progname = "webspy";
++static libnet_t *l;
+
+ Display *dpy;
+ char cmd[2048], *cmdtab[2];
+@@ -183,6 +184,7 @@
+ extern char *optarg;
+ extern int optind;
+ int c;
++ char libnet_ebuf[LIBNET_ERRBUF_SIZE];
+
+ while ((c = getopt(argc, argv, "i:p:h?V")) != -1) {
+ switch (c) {
+@@ -205,7 +207,10 @@
+ cmdtab[0] = cmd;
+ cmdtab[1] = NULL;
+
+- if ((host = libnet_name2addr4(NULL, argv[0], 1)) == -1)
++ if ((l = libnet_init(LIBNET_LINK, NULL, libnet_ebuf)) == NULL)
++ errx(1, "%s", libnet_ebuf);
++
++ if ((host = libnet_name2addr4(l, argv[0], LIBNET_RESOLVE)) == -1)
+ errx(1, "unknown host");
+
+ if ((dpy = XOpenDisplay(NULL)) == NULL)
+--- a/arpspoof.c
++++ b/arpspoof.c
+@@ -208,6 +208,10 @@
+
+ /* allocate enough memory for target list */
+ targets = calloc( argc+1, sizeof(struct host) );
++
++ if ((l = libnet_init(LIBNET_LINK, NULL, libnet_ebuf)) == NULL)
++ errx(1, "%s", libnet_ebuf);
++
+
+ while ((c = getopt(argc, argv, "ri:t:c:h?V")) != -1) {
+ switch (c) {
+@@ -265,6 +269,8 @@
+ if ((spoof.ip = libnet_name2addr4(l, argv[0], LIBNET_RESOLVE)) == -1)
+ usage();
+
++ libnet_destroy(l);
++
+ if (intf == NULL && (intf = pcap_lookupdev(pcap_ebuf)) == NULL)
+ errx(1, "%s", pcap_ebuf);
+
diff --git a/network/dsniff/patches/30_pntohl_shift.patch b/network/dsniff/patches/30_pntohl_shift.patch
new file mode 100644
index 0000000000..8764d69523
--- /dev/null
+++ b/network/dsniff/patches/30_pntohl_shift.patch
@@ -0,0 +1,19 @@
+Description: Corrects the incorrect bit-shift in pntohl(), the left-shift should be 8 bits, not 18.
+Author: Matthew Boyle <mlb@decisionsoft.co.uk>
+Origin: http://pkgs.fedoraproject.org/cgit/rpms/dsniff.git/tree/dsniff-2.4-pntohl_shift.patch
+Bug-RedHat: https://bugzilla.redhat.com/show_bug.cgi?id=714958
+Bug-RedHat: https://bugzilla.redhat.com/show_bug.cgi?id=850496
+---
+This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
+
+--- a/decode.h
++++ b/decode.h
+@@ -35,7 +35,7 @@
+ (u_short)*((u_char *)p+0)<<8))
+
+ #define pntohl(p) ((u_int32_t)*((u_char *)p+3)<<0| \
+- (u_int32_t)*((u_char *)p+2)<<18| \
++ (u_int32_t)*((u_char *)p+2)<<8| \
+ (u_int32_t)*((u_char *)p+1)<<16| \
+ (u_int32_t)*((u_char *)p+0)<<24)
+
diff --git a/network/dsniff/patches/31_sysconf_clocks.patch b/network/dsniff/patches/31_sysconf_clocks.patch
new file mode 100644
index 0000000000..4aa22086d9
--- /dev/null
+++ b/network/dsniff/patches/31_sysconf_clocks.patch
@@ -0,0 +1,31 @@
+Description: Adds a clock fix. It was improved by Robert Scheck <robert@fedoraproject.org>
+to work with older Linux kernel versions, too.
+Author: <kees@ubuntu.com>
+Origin: http://pkgs.fedoraproject.org/cgit/rpms/dsniff.git/tree/dsniff-2.4-sysconf_clocks.patch
+---
+This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
+
+--- a/sshow.c
++++ b/sshow.c
+@@ -217,7 +217,9 @@
+ {
+ clock_t delay;
+ int payload;
+- long CLK_TCK= sysconf(_SC_CLK_TCK);
++#if defined(_SC_CLK_TCK)
++ long CLK_TCK = sysconf(_SC_CLK_TCK);
++#endif
+
+ delay = add_history(session, 0, cipher_size, plain_range);
+
+@@ -266,7 +268,9 @@
+ clock_t delay;
+ int skip;
+ range string_range;
+- long CLK_TCK= sysconf(_SC_CLK_TCK);
++#if defined(_SC_CLK_TCK)
++ long CLK_TCK = sysconf(_SC_CLK_TCK);
++#endif
+
+ delay = add_history(session, 1, cipher_size, plain_range);
+
diff --git a/network/dsniff/patches/32_rpc_segfault.patch b/network/dsniff/patches/32_rpc_segfault.patch
new file mode 100644
index 0000000000..89a8d9c5af
--- /dev/null
+++ b/network/dsniff/patches/32_rpc_segfault.patch
@@ -0,0 +1,19 @@
+Description: avoids xdrs being used without being initialised first. Without this
+patch dsniff segfaults when decoding RPC packets on x86_64.
+Author: Matthew Boyle <mlb@decisionsoft.co.uk>
+Origin: http://pkgs.fedoraproject.org/cgit/rpms/dsniff.git/tree/dsniff-2.4-rpc_segfault.patch
+---
+This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
+
+--- a/rpc.c
++++ b/rpc.c
+@@ -125,6 +125,9 @@
+ return (0);
+ }
+ }
++ else
++ return (0);
++
+ stat = xdr_getpos(&xdrs);
+ xdr_destroy(&xdrs);
+
diff --git a/network/dsniff/patches/33_sshcrypto_DES.patch b/network/dsniff/patches/33_sshcrypto_DES.patch
new file mode 100644
index 0000000000..02ff90bf09
--- /dev/null
+++ b/network/dsniff/patches/33_sshcrypto_DES.patch
@@ -0,0 +1,65 @@
+Description: improves 18_sshcrypto.patch
+ - Replace all des_ methods and structs with DES_ equivalents.
+ - Remove openssl/des_old.h include.
+ - Register dependencies on OpenSSL, glib20 and gettext.
+Author: jca
+Origin: OpenBSD
+---
+This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
+
+--- a/sshcrypto.c
++++ b/sshcrypto.c
+@@ -30,8 +30,8 @@
+
+ #if 0
+ struct des3_state {
+- des_key_schedule k1, k2, k3;
+- des_cblock iv1, iv2, iv3;
++ DES_key_schedule k1, k2, k3;
++ DES_cblock iv1, iv2, iv3;
+ };
+ #endif
+
+@@ -162,13 +162,13 @@
+ if ((state = malloc(sizeof(*state))) == NULL)
+ err(1, "malloc");
+
+- des_set_key((void *)sesskey, state->k1);
+- des_set_key((void *)(sesskey + 8), state->k2);
++ DES_set_key((void *)sesskey, &state->k1);
++ DES_set_key((void *)(sesskey + 8), &state->k2);
+
+ if (len <= 16)
+- des_set_key((void *)sesskey, state->k3);
++ DES_set_key((void *)sesskey, &state->k3);
+ else
+- des_set_key((void *)(sesskey + 16), state->k3);
++ DES_set_key((void *)(sesskey + 16), &state->k3);
+
+ memset(state->iv1, 0, 8);
+ memset(state->iv2, 0, 8);
+@@ -184,9 +184,9 @@
+ estate = (struct des3_state *)state;
+ memcpy(estate->iv1, estate->iv2, 8);
+
+- des_ncbc_encrypt(src, dst, len, estate->k1, &estate->iv1, DES_ENCRYPT);
+- des_ncbc_encrypt(dst, dst, len, estate->k2, &estate->iv2, DES_DECRYPT);
+- des_ncbc_encrypt(dst, dst, len, estate->k3, &estate->iv3, DES_ENCRYPT);
++ DES_ncbc_encrypt(src, dst, len, &estate->k1, &estate->iv1, DES_ENCRYPT);
++ DES_ncbc_encrypt(dst, dst, len, &estate->k2, &estate->iv2, DES_DECRYPT);
++ DES_ncbc_encrypt(dst, dst, len, &estate->k3, &estate->iv3, DES_ENCRYPT);
+ }
+
+ void
+@@ -197,8 +197,8 @@
+ dstate = (struct des3_state *)state;
+ memcpy(dstate->iv1, dstate->iv2, 8);
+
+- des_ncbc_encrypt(src, dst, len, dstate->k3, &dstate->iv3, DES_DECRYPT);
+- des_ncbc_encrypt(dst, dst, len, dstate->k2, &dstate->iv2, DES_ENCRYPT);
+- des_ncbc_encrypt(dst, dst, len, dstate->k1, &dstate->iv1, DES_DECRYPT);
++ DES_ncbc_encrypt(src, dst, len, &dstate->k3, &dstate->iv3, DES_DECRYPT);
++ DES_ncbc_encrypt(dst, dst, len, &dstate->k2, &dstate->iv2, DES_ENCRYPT);
++ DES_ncbc_encrypt(dst, dst, len, &dstate->k1, &dstate->iv1, DES_DECRYPT);
+ }
+ #endif
diff --git a/network/dsniff/patches/34_fix-parallel-FTBFS.patch b/network/dsniff/patches/34_fix-parallel-FTBFS.patch
new file mode 100644
index 0000000000..00fbb96c13
--- /dev/null
+++ b/network/dsniff/patches/34_fix-parallel-FTBFS.patch
@@ -0,0 +1,109 @@
+Description: Fix parallel FTBFS problems
+ * Add libmissing.a as a dependency to each of the PROGS to ensure it is
+ built before them.
+ * Ensure mount.h is created before decode_mountd.o gets built.
+ * Ensure nfs_prot.h is created before filesnarf.o gets built.
+Author: Lukas Schwaighofer <lukas@schwaighofer.name>
+Author: Adrian Bunk <bunk@debian.org>
+Bug-Debian: https://bugs.debian.org/860611
+Bug-Debian: https://bugs.debian.org/869086
+
+--- a/Makefile.in
++++ b/Makefile.in
+@@ -75,16 +75,28 @@
+ .c.o:
+ $(CC) $(CFLAGS) $(INCS) -c $(srcdir)/$*.c
+
+-all: libmissing.a $(PROGS)
++all: $(PROGS)
+
+-mount.c: mount.x
++mount.h: mount.x
+ rpcgen -h mount.x -o mount.h
++
++mount.c: mount.x
+ rpcgen -c mount.x -o mount.c
+
+-nfs_prot.c: nfs_prot.x
++mount.o: mount.h
++
++decode_mountd.o: mount.h
++
++nfs_prot.h: nfs_prot.x
+ rpcgen -h nfs_prot.x -o nfs_prot.h
++
++nfs_prot.c: nfs_prot.x
+ rpcgen -c nfs_prot.x -o nfs_prot.c
+
++nfs_prot.o: nfs_prot.h
++
++filesnarf.o: nfs_prot.h
++
+ $(LIBOBJS):
+ $(CC) $(CFLAGS) $(INCS) -c $(srcdir)/missing/$*.c
+
+@@ -92,49 +104,49 @@
+ ar -cr $@ $(LIBOBJS)
+ $(RANLIB) $@
+
+-dsniff: $(HDRS) $(SRCS) $(OBJS)
++dsniff: $(HDRS) $(SRCS) $(OBJS) libmissing.a
+ $(CC) $(LDFLAGS) -o $@ $(OBJS) $(LIBS) $(NIDSLIB) $(PCAPLIB) $(LNETLIB) $(DBLIB) $(SSLLIB)
+
+-arpspoof: arpspoof.o arp.o
++arpspoof: arpspoof.o arp.o libmissing.a
+ $(CC) $(LDFLAGS) -o $@ arpspoof.o arp.o $(LIBS) $(PCAPLIB) $(LNETLIB)
+
+-dnsspoof: dnsspoof.o pcaputil.o
++dnsspoof: dnsspoof.o pcaputil.o libmissing.a
+ $(CC) $(LDFLAGS) -o $@ dnsspoof.o pcaputil.o $(LIBS) $(PCAPLIB) $(LNETLIB)
+
+-filesnarf: nfs_prot.o filesnarf.o pcaputil.o rpc.o
++filesnarf: nfs_prot.o filesnarf.o pcaputil.o rpc.o libmissing.a
+ $(CC) $(LDFLAGS) -o $@ filesnarf.o nfs_prot.o pcaputil.o rpc.o $(LIBS) $(NIDSLIB) $(PCAPLIB) $(LNETLIB)
+
+-macof: macof.o
++macof: macof.o libmissing.a
+ $(CC) $(LDFLAGS) -o $@ macof.o $(LIBS) $(PCAPLIB) $(LNETLIB)
+
+-mailsnarf: mailsnarf.o buf.o pcaputil.o
++mailsnarf: mailsnarf.o buf.o pcaputil.o libmissing.a
+ $(CC) $(LDFLAGS) -o $@ mailsnarf.o buf.o pcaputil.o $(LIBS) $(NIDSLIB) $(PCAPLIB) $(LNETLIB)
+
+-msgsnarf: msgsnarf.o buf.o pcaputil.o
++msgsnarf: msgsnarf.o buf.o pcaputil.o libmissing.a
+ $(CC) $(LDFLAGS) -o $@ msgsnarf.o buf.o pcaputil.o $(LIBS) $(NIDSLIB) $(PCAPLIB) $(LNETLIB)
+
+-sshmitm: sshmitm.o buf.o hex.o record.o ssh.o sshcrypto.o
++sshmitm: sshmitm.o buf.o hex.o record.o ssh.o sshcrypto.o libmissing.a
+ $(CC) $(LDFLAGS) -o $@ sshmitm.o buf.o hex.o record.o ssh.o sshcrypto.o $(LIBS) $(LNETLIB) $(DBLIB) $(SSLLIB)
+
+-sshow: sshow.o pcaputil.o
++sshow: sshow.o pcaputil.o libmissing.a
+ $(CC) $(LDFLAGS) -o $@ sshow.o pcaputil.o $(LIBS) $(NIDSLIB) $(PCAPLIB) $(LNETLIB)
+
+-tcpkill: tcpkill.o pcaputil.o
++tcpkill: tcpkill.o pcaputil.o libmissing.a
+ $(CC) $(LDFLAGS) -o $@ tcpkill.o pcaputil.o $(LIBS) $(PCAPLIB) $(LNETLIB)
+
+-tcpnice: tcpnice.o pcaputil.o
++tcpnice: tcpnice.o pcaputil.o libmissing.a
+ $(CC) $(LDFLAGS) -o $@ tcpnice.o pcaputil.o $(LIBS) $(PCAPLIB) $(LNETLIB)
+
+-tcphijack: tcphijack.o pcaputil.o
++tcphijack: tcphijack.o pcaputil.o libmissing.a
+ $(CC) $(LDFLAGS) -o $@ tcphijack.o pcaputil.o $(LIBS) $(PCAPLIB) $(LNETLIB)
+
+-urlsnarf: urlsnarf.o base64.o buf.o pcaputil.o
++urlsnarf: urlsnarf.o base64.o buf.o pcaputil.o libmissing.a
+ $(CC) $(LDFLAGS) -o $@ urlsnarf.o base64.o buf.o pcaputil.o $(LIBS) $(NIDSLIB) $(PCAPLIB) $(LNETLIB)
+
+-webmitm: webmitm.o base64.o buf.o decode_http.o record.o
++webmitm: webmitm.o base64.o buf.o decode_http.o record.o libmissing.a
+ $(CC) $(LDFLAGS) -o $@ webmitm.o base64.o buf.o decode_http.o record.o $(LIBS) $(LNETLIB) $(DBLIB) $(SSLLIB)
+
+-webspy: webspy.o base64.o buf.o remote.o
++webspy: webspy.o base64.o buf.o remote.o libmissing.a
+ $(CC) $(LDFLAGS) -o $@ webspy.o base64.o buf.o remote.o $(LIBS) $(NIDSLIB) $(PCAPLIB) $(LNETLIB) $(X11LIB)
+
+ install:
diff --git a/network/dsniff/patches/35_Add_CPPFLAGS.patch b/network/dsniff/patches/35_Add_CPPFLAGS.patch
new file mode 100644
index 0000000000..3ea8eb94d7
--- /dev/null
+++ b/network/dsniff/patches/35_Add_CPPFLAGS.patch
@@ -0,0 +1,50 @@
+Description: import CPPFLAGS in order to build an ELF binary that uses fortified libc functions. Now it is built with all default Debian compiler flags.
+Author: Marcos Fouces <marcos.fouces@gmail.com>
+---
+This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
+
+--- a/Makefile.in
++++ b/Makefile.in
+@@ -11,12 +11,13 @@
+ install_prefix =
+ prefix = @prefix@
+ exec_prefix = @exec_prefix@
+-libdir = $(prefix)/share/dsniff
++libdir = @libdir@
+ sbindir = @sbindir@
+ mandir = @mandir@
+
+ CC = @CC@
+ CFLAGS = @CFLAGS@ -DDSNIFF_LIBDIR=\"$(libdir)/\"
++CPPFLAGS = @CPPFLAGS@
+ LDFLAGS = @LDFLAGS@
+
+ PCAPINC = @PCAPINC@
+@@ -37,7 +38,8 @@
+ X11INC = @X_CFLAGS@
+ X11LIB = @X_LIBS@ @X_PRE_LIBS@ -lXmu -lX11 @X_EXTRA_LIBS@
+
+-INCS = -I. $(X11INC) -I$(srcdir)/missing
++INCS = -I. $(NIDSINC) $(PCAPINC) $(LNETINC) $(DBINC) $(SSLINC) $(X11INC) \
++ -I$(srcdir)/missing
+ LIBS = @LIBS@ -L$(srcdir) -lmissing
+
+ INSTALL = @INSTALL@
+@@ -73,7 +75,7 @@
+ CONFIGS = dsniff.magic dsniff.services dnsspoof.hosts
+
+ .c.o:
+- $(CC) $(CFLAGS) $(INCS) -c $(srcdir)/$*.c
++ $(CC) $(CFLAGS) $(CPPFLAGS) $(INCS) -c $(srcdir)/$*.c
+
+ all: $(PROGS)
+
+@@ -98,7 +100,7 @@
+ filesnarf.o: nfs_prot.h
+
+ $(LIBOBJS):
+- $(CC) $(CFLAGS) $(INCS) -c $(srcdir)/missing/$*.c
++ $(CC) $(CFLAGS) $(CPPFLAGS) $(INCS) -c $(srcdir)/missing/$*.c
+
+ libmissing.a: $(LIBOBJS)
+ ar -cr $@ $(LIBOBJS)
diff --git a/network/dsniff/patches/36_implicit_declarations.patch b/network/dsniff/patches/36_implicit_declarations.patch
new file mode 100644
index 0000000000..159f7c2b32
--- /dev/null
+++ b/network/dsniff/patches/36_implicit_declarations.patch
@@ -0,0 +1,59 @@
+Description: fix implicit declarations compiler warning
+ * switch to C99 uint64_t, remove now unnecessary xdr_u_int64_t function
+ * include missing string.h for memset
+Author: Lukas Schwaighofer <lukas@schwaighofer.name>
+
+--- a/filesnarf.c
++++ b/filesnarf.c
+@@ -55,30 +55,6 @@
+ exit(1);
+ }
+
+-/* XXX - for nfs_prot_xdr.c */
+-bool_t
+-xdr_u_int64_t(XDR *xdrs, u_int64_t *nump)
+-{
+- int i = 1;
+- u_char *p = (u_char *)nump;
+-
+- if (*(char *)&i == 1) { /* endian haack. */
+- if (xdr_u_long(xdrs, (u_long *)(p + 4)))
+- return (xdr_u_long(xdrs, (u_long *)p));
+- }
+- else {
+- if (xdr_u_long(xdrs, (u_long *)p))
+- return (xdr_u_long(xdrs, (u_long *)(p + 4)));
+- }
+- return (FALSE);
+-}
+-
+-bool_t
+-xdr_int64_t(XDR *xdrs, int64_t *nump)
+-{
+- return (xdr_u_int64_t(xdrs, (u_int64_t *)nump));
+-}
+-
+ static void
+ fh_map_init(void)
+ {
+--- a/nfs_prot.x
++++ b/nfs_prot.x
+@@ -190,7 +190,7 @@
+ /*
+ * Basic data types
+ */
+-typedef u_int64_t uint64;
++typedef uint64_t uint64;
+ typedef int64_t int64;
+ typedef unsigned int uint32;
+ typedef int int32;
+--- a/sshcrypto.c
++++ b/sshcrypto.c
+@@ -20,6 +20,7 @@
+ #include <err.h>
+ #include <stdio.h>
+ #include <stdlib.h>
++#include <string.h>
+
+ #include "sshcrypto.h"
+
diff --git a/network/dsniff/patches/37_fix-lib-and-share-dirs.patch b/network/dsniff/patches/37_fix-lib-and-share-dirs.patch
new file mode 100644
index 0000000000..f384b7ced0
--- /dev/null
+++ b/network/dsniff/patches/37_fix-lib-and-share-dirs.patch
@@ -0,0 +1,14 @@
+Description: Fix directory location for data files. They were wrongly set to lib dirs.
+Author: Hank Leininger <hlein@korelogic.com>
+
+--- a/Makefile.in
++++ b/Makefile.in
+@@ -11,7 +11,7 @@
+ install_prefix =
+ prefix = @prefix@
+ exec_prefix = @exec_prefix@
+-libdir = @libdir@
++libdir = $(prefix)/share/dsniff
+ sbindir = @sbindir@
+ mandir = @mandir@
+
diff --git a/network/dsniff/patches/38_fix-pcap_init.patch b/network/dsniff/patches/38_fix-pcap_init.patch
new file mode 100644
index 0000000000..5a91c2b40a
--- /dev/null
+++ b/network/dsniff/patches/38_fix-pcap_init.patch
@@ -0,0 +1,63 @@
+Description: Resolve naming collision due to libpcap API changes
+ dsniff was written with a function named pcap_init() that predates
+ the one in libpcap and is entirely different. This patch renames it
+ out of the way.
+Author: Dennis Filder <d.filder@web.de>
+Bug-Debian: https://bugs.debian.org/980588
+Last-Update: 2021-02-10
+---
+--- a/tcpnice.c
++++ b/tcpnice.c
+@@ -204,7 +204,7 @@
+
+ filter = copy_argv(argv);
+
+- if ((pd = pcap_init(intf, filter, 128)) == NULL)
++ if ((pd = pcap_init_dsniff(intf, filter, 128)) == NULL)
+ errx(1, "couldn't initialize sniffing");
+
+ if ((pcap_off = pcap_dloff(pd)) < 0)
+--- a/dnsspoof.c
++++ b/dnsspoof.c
+@@ -309,7 +309,7 @@
+ else snprintf(buf, sizeof(buf), "udp dst port 53 and not src %s",
+ libnet_addr2name4(lnet_ip, LIBNET_DONT_RESOLVE));
+
+- if ((pcap_pd = pcap_init(dev, buf, 128)) == NULL)
++ if ((pcap_pd = pcap_init_dsniff(dev, buf, 128)) == NULL)
+ errx(1, "couldn't initialize sniffing");
+
+ if ((pcap_off = pcap_dloff(pcap_pd)) < 0)
+--- a/pcaputil.h
++++ b/pcaputil.h
+@@ -11,7 +11,7 @@
+ #ifndef PCAPUTIL_H
+ #define PCAPUTIL_H
+
+-pcap_t *pcap_init(char *intf, char *filter, int snaplen);
++pcap_t *pcap_init_dsniff(char *intf, char *filter, int snaplen);
+
+ int pcap_dloff(pcap_t *pd);
+
+--- a/tcpkill.c
++++ b/tcpkill.c
+@@ -130,7 +130,7 @@
+
+ filter = copy_argv(argv);
+
+- if ((pd = pcap_init(intf, filter, 64)) == NULL)
++ if ((pd = pcap_init_dsniff(intf, filter, 64)) == NULL)
+ errx(1, "couldn't initialize sniffing");
+
+ if ((pcap_off = pcap_dloff(pd)) < 0)
+--- a/pcaputil.c
++++ b/pcaputil.c
+@@ -63,7 +63,7 @@
+ }
+
+ pcap_t *
+-pcap_init(char *intf, char *filter, int snaplen)
++pcap_init_dsniff(char *intf, char *filter, int snaplen)
+ {
+ pcap_t *pd;
+ u_int net, mask;
diff --git a/network/dsniff/patches/39_libtirpc.patch b/network/dsniff/patches/39_libtirpc.patch
new file mode 100644
index 0000000000..9f46666826
--- /dev/null
+++ b/network/dsniff/patches/39_libtirpc.patch
@@ -0,0 +1,51 @@
+Author: Robert Scheck <robert@fedoraproject.org>
+Description: allows building against libtirpc (as a separate library) given the Sun RPC
+support in glibc has been deprecated for a long time.
+
+--- a/Makefile.in
++++ b/Makefile.in
+@@ -16,7 +16,7 @@
+ mandir = @mandir@
+
+ CC = @CC@
+-CFLAGS = @CFLAGS@ -DDSNIFF_LIBDIR=\"$(libdir)/\"
++CFLAGS = @CFLAGS@ -DDSNIFF_LIBDIR=\"$(libdir)/\" -I/usr/include/tirpc
+ CPPFLAGS = @CPPFLAGS@
+ LDFLAGS = @LDFLAGS@
+
+@@ -107,7 +107,7 @@
+ $(RANLIB) $@
+
+ dsniff: $(HDRS) $(SRCS) $(OBJS) libmissing.a
+- $(CC) $(LDFLAGS) -o $@ $(OBJS) $(LIBS) $(NIDSLIB) $(PCAPLIB) $(LNETLIB) $(DBLIB) $(SSLLIB)
++ $(CC) $(LDFLAGS) -o $@ $(OBJS) $(LIBS) $(NIDSLIB) $(PCAPLIB) $(LNETLIB) $(DBLIB) $(SSLLIB) -ltirpc
+
+ arpspoof: arpspoof.o arp.o libmissing.a
+ $(CC) $(LDFLAGS) -o $@ arpspoof.o arp.o $(LIBS) $(PCAPLIB) $(LNETLIB)
+@@ -116,7 +116,7 @@
+ $(CC) $(LDFLAGS) -o $@ dnsspoof.o pcaputil.o $(LIBS) $(PCAPLIB) $(LNETLIB)
+
+ filesnarf: nfs_prot.o filesnarf.o pcaputil.o rpc.o libmissing.a
+- $(CC) $(LDFLAGS) -o $@ filesnarf.o nfs_prot.o pcaputil.o rpc.o $(LIBS) $(NIDSLIB) $(PCAPLIB) $(LNETLIB)
++ $(CC) $(LDFLAGS) -o $@ filesnarf.o nfs_prot.o pcaputil.o rpc.o $(LIBS) $(NIDSLIB) $(PCAPLIB) $(LNETLIB) -ltirpc
+
+ macof: macof.o libmissing.a
+ $(CC) $(LDFLAGS) -o $@ macof.o $(LIBS) $(PCAPLIB) $(LNETLIB)
+@@ -128,7 +128,7 @@
+ $(CC) $(LDFLAGS) -o $@ msgsnarf.o buf.o pcaputil.o $(LIBS) $(NIDSLIB) $(PCAPLIB) $(LNETLIB)
+
+ sshmitm: sshmitm.o buf.o hex.o record.o ssh.o sshcrypto.o libmissing.a
+- $(CC) $(LDFLAGS) -o $@ sshmitm.o buf.o hex.o record.o ssh.o sshcrypto.o $(LIBS) $(LNETLIB) $(DBLIB) $(SSLLIB)
++ $(CC) $(LDFLAGS) -o $@ sshmitm.o buf.o hex.o record.o ssh.o sshcrypto.o $(LIBS) $(LNETLIB) $(DBLIB) $(SSLLIB) -ltirpc
+
+ sshow: sshow.o pcaputil.o libmissing.a
+ $(CC) $(LDFLAGS) -o $@ sshow.o pcaputil.o $(LIBS) $(NIDSLIB) $(PCAPLIB) $(LNETLIB)
+@@ -146,7 +146,7 @@
+ $(CC) $(LDFLAGS) -o $@ urlsnarf.o base64.o buf.o pcaputil.o $(LIBS) $(NIDSLIB) $(PCAPLIB) $(LNETLIB)
+
+ webmitm: webmitm.o base64.o buf.o decode_http.o record.o libmissing.a
+- $(CC) $(LDFLAGS) -o $@ webmitm.o base64.o buf.o decode_http.o record.o $(LIBS) $(LNETLIB) $(DBLIB) $(SSLLIB)
++ $(CC) $(LDFLAGS) -o $@ webmitm.o base64.o buf.o decode_http.o record.o $(LIBS) $(LNETLIB) $(DBLIB) $(SSLLIB) -ltirpc
+
+ webspy: webspy.o base64.o buf.o remote.o libmissing.a
+ $(CC) $(LDFLAGS) -o $@ webspy.o base64.o buf.o remote.o $(LIBS) $(NIDSLIB) $(PCAPLIB) $(LNETLIB) $(X11LIB)