From owner-svn-ports-head@FreeBSD.ORG  Wed Apr 17 07:57:56 2013
Return-Path: <owner-svn-ports-head@FreeBSD.ORG>
Delivered-To: svn-ports-head@freebsd.org
Received: from mx1.freebsd.org (mx1.FreeBSD.org [8.8.178.115])
 by hub.freebsd.org (Postfix) with ESMTP id 1C0335E5;
 Wed, 17 Apr 2013 07:57:56 +0000 (UTC)
 (envelope-from erwin@FreeBSD.org)
Received: from svn.freebsd.org (svn.freebsd.org
 [IPv6:2001:1900:2254:2068::e6a:0])
 by mx1.freebsd.org (Postfix) with ESMTP id F1B2C1F1;
 Wed, 17 Apr 2013 07:57:55 +0000 (UTC)
Received: from svn.freebsd.org ([127.0.1.70])
 by svn.freebsd.org (8.14.6/8.14.6) with ESMTP id r3H7vtPi007000;
 Wed, 17 Apr 2013 07:57:55 GMT (envelope-from erwin@svn.freebsd.org)
Received: (from erwin@localhost)
 by svn.freebsd.org (8.14.6/8.14.5/Submit) id r3H7vtBo006996;
 Wed, 17 Apr 2013 07:57:55 GMT (envelope-from erwin@svn.freebsd.org)
Message-Id: <201304170757.r3H7vtBo006996@svn.freebsd.org>
From: Erwin Lansing <erwin@FreeBSD.org>
Date: Wed, 17 Apr 2013 07:57:55 +0000 (UTC)
To: ports-committers@freebsd.org, svn-ports-all@freebsd.org,
 svn-ports-head@freebsd.org
Subject: svn commit: r315942 - in head/dns: bind98 bind99
X-SVN-Group: ports-head
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-BeenThere: svn-ports-head@freebsd.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: SVN commit messages for the ports tree for head
 <svn-ports-head.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/svn-ports-head>,
 <mailto:svn-ports-head-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-ports-head>
List-Post: <mailto:svn-ports-head@freebsd.org>
List-Help: <mailto:svn-ports-head-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/svn-ports-head>,
 <mailto:svn-ports-head-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 17 Apr 2013 07:57:56 -0000

Author: erwin
Date: Wed Apr 17 07:57:54 2013
New Revision: 315942
URL: http://svnweb.freebsd.org/changeset/ports/315942

Log:
  Update RPZ+RRL patchset to the latest version.
  
  The change makes "slip 1;" send only truncated (TC=1) responses.
  Without the change, "slip 1;" is the same as the default of "slip 2;".
  That default, which alternates truncated with dropped responses
  when the rate limit is exceeded, is better for authoritative DNS
  servers, because it further reduces the amplification of an attack
  from about 1X to about 0.5X.
  
  DNS RRL is not recommended for recursive servers.
  
  Feature safe:	yes

Modified:
  head/dns/bind98/Makefile
  head/dns/bind98/distinfo
  head/dns/bind99/Makefile
  head/dns/bind99/distinfo

Modified: head/dns/bind98/Makefile
==============================================================================
--- head/dns/bind98/Makefile	Wed Apr 17 07:42:03 2013	(r315941)
+++ head/dns/bind98/Makefile	Wed Apr 17 07:57:54 2013	(r315942)
@@ -109,7 +109,7 @@ CONFIGURE_ARGS+=	--enable-rpz-nsdname
 .endif
 
 .if ${PORT_OPTIONS:MRPZRRL_PATCH}
-PATCHFILES=		9.8.4-rpz+rl.072.23-P1.patch
+PATCHFILES=		9.8.4-rpz+rl.094.21-P2.patch
 PATCH_SITES=		http://ss.vix.com/~vjs/
 .endif
 

Modified: head/dns/bind98/distinfo
==============================================================================
--- head/dns/bind98/distinfo	Wed Apr 17 07:42:03 2013	(r315941)
+++ head/dns/bind98/distinfo	Wed Apr 17 07:57:54 2013	(r315942)
@@ -1,4 +1,4 @@
 SHA256 (bind-9.8.4-P2.tar.gz) = e772edfb41036a25e1392ab15ff4d3754f03c301b4b059d64afd8d8dadd18193
 SIZE (bind-9.8.4-P2.tar.gz) = 7129690
-SHA256 (9.8.4-rpz+rl.072.23-P1.patch) = e5f792fdc683285528392e6cdfb9d99138b2fe220e5f617edcf8b45cbb992aaa
-SIZE (9.8.4-rpz+rl.072.23-P1.patch) = 176430
+SHA256 (9.8.4-rpz+rl.094.21-P2.patch) = 7fdc4beaf1f20877f636ba0991d0c48c65bd497df19323f156fe91cca06357ba
+SIZE (9.8.4-rpz+rl.094.21-P2.patch) = 176510

Modified: head/dns/bind99/Makefile
==============================================================================
--- head/dns/bind99/Makefile	Wed Apr 17 07:42:03 2013	(r315941)
+++ head/dns/bind99/Makefile	Wed Apr 17 07:57:54 2013	(r315942)
@@ -115,7 +115,7 @@ CONFIGURE_ARGS+=	--enable-rpz-nsdname
 .endif
 
 .if ${PORT_OPTIONS:MRPZRRL_PATCH}
-PATCHFILES=		9.9.2-rpz+rl.072.23-P1.patch
+PATCHFILES=		9.9.2-rpz+rl.094.21-P2.patch
 PATCH_SITES=		http://ss.vix.com/~vjs/
 .endif
 

Modified: head/dns/bind99/distinfo
==============================================================================
--- head/dns/bind99/distinfo	Wed Apr 17 07:42:03 2013	(r315941)
+++ head/dns/bind99/distinfo	Wed Apr 17 07:57:54 2013	(r315942)
@@ -1,4 +1,4 @@
 SHA256 (bind-9.9.2-P2.tar.gz) = ff822734e3550969251411e20f6f7397d14a912613a42af423752e93fdb565d2
 SIZE (bind-9.9.2-P2.tar.gz) = 7277958
-SHA256 (9.9.2-rpz+rl.072.23-P1.patch) = 4afd63b44e3ecb2a782ca00542aea3c737a4de2a82c343cb15773fa3df17aef1
-SIZE (9.9.2-rpz+rl.072.23-P1.patch) = 177613
+SHA256 (9.9.2-rpz+rl.094.21-P2.patch) = cd8ba70b8f5029cc464f4db6c632c8b48cdd081cb5cfb51936fd7f9c080b91ea
+SIZE (9.9.2-rpz+rl.094.21-P2.patch) = 177693