snort/snort-update.sh@300d43423c2e (annotated)
snort/snort-update.sh
Wed, 08 Feb 2012 20:07:00 +0200
- author
- Michael Schloh von Bennewitz <michael@schloh.com>
- date
- Wed, 08 Feb 2012 20:07:00 +0200
- changeset 588
- 300d43423c2e
- permissions
- -rw-r--r--
Update version, adapt patch, correct PID writing, correct build on newer
FreeBSD releases, and most importantly introduce new patch to try to
avoid segfault caused by multiple network interfaces with the same (or
no) address. This is common when configuring bridges and tunnels.
| michael@549 | 1 | #!/bin/sh |
| michael@549 | 2 | ## |
| michael@549 | 3 | ## snort-update.sh -- Snort Rule Updating Utility |
| michael@549 | 4 | ## Copyright (c) 2005-2007 Ralf S. Engelschall <rse@engelschall.com> |
| michael@549 | 5 | ## |
| michael@549 | 6 | |
| michael@549 | 7 | # command line parameters |
| michael@549 | 8 | url="$1" |
| michael@549 | 9 | if [ ".$url" = . ]; then |
| michael@549 | 10 | echo "USAGE: $0 <url>" 1>&2 |
| michael@549 | 11 | exit 1 |
| michael@549 | 12 | fi |
| michael@549 | 13 | |
| michael@549 | 14 | # configuration |
| michael@549 | 15 | rulesdir="@l_prefix@/var/snort/rules" |
| michael@549 | 16 | tmpdir="@l_prefix@/var/snort/tmp" |
| michael@549 | 17 | oinkmaster="@l_prefix@/sbin/oinkmaster" |
| michael@549 | 18 | logfile="@l_prefix@/var/snort/oinkmaster.log" |
| michael@549 | 19 | statsfile="@l_prefix@/var/snort/snort.stats" |
| michael@549 | 20 | |
| michael@549 | 21 | # parameter post-processing |
| michael@549 | 22 | url=`echo "$url" |\ |
| michael@549 | 23 | sed -e 's;^oinkcode:\(.*\)$;http://www.snort.org/pub-bin/oinkmaster.cgi/\1/snortrules-snapshot-@V_rules@.tar.gz;' \ |
| michael@549 | 24 | -e 's;^\(/.*\)$;file://\1;'` |
| michael@549 | 25 | |
| michael@549 | 26 | # ruleset updating |
| michael@549 | 27 | ( echo "++ SNORT-UPDATE START (`date`)" |
| michael@549 | 28 | echo "++ Update URL: \"$url\"" |
| michael@549 | 29 | $oinkmaster -q -o $rulesdir -u $url |
| michael@549 | 30 | if [ ! -f $rulesdir/local.rules ]; then |
| michael@549 | 31 | touch $rulesdir/local.rules |
| michael@549 | 32 | fi |
| michael@549 | 33 | @l_prefix@/lib/openpkg/shtool subst \ |
| michael@549 | 34 | -e 's;\(var HOME_NET\) any;\1 $(HOME_NET:-any);' \ |
| michael@549 | 35 | -e 's;\(var EXTERNAL_NET\) any;\1 $(EXTERNAL_NET:-any);' \ |
| michael@549 | 36 | -e 's; \([^ /]*\.map\); $(RULE_PATH)/\1;' \ |
| michael@549 | 37 | -e 's; \([^ /]*\.config\); $(RULE_PATH)/\1;' \ |
| michael@549 | 38 | -e "s;\\(var RULE_PATH\\).*;\\1 \$(RULE_PATH:-$rulesdir);" \ |
| michael@549 | 39 | -e "s;/var/snort/snort\.stats;$statsfile;" \ |
| michael@549 | 40 | $rulesdir/snort.conf |
| michael@549 | 41 | echo "++ SNORT-UPDATE END (`date`)" |
| michael@549 | 42 | ) >>$logfile 2>&1 |
| michael@549 | 43 |
