snort/snort-update.sh@9fe04d4d4e5a (annotated)
snort/snort-update.sh
Mon, 17 Sep 2012 19:10:10 +0200
- author
- Michael Schloh von Bennewitz <michael@schloh.com>
- date
- Mon, 17 Sep 2012 19:10:10 +0200
- changeset 689
- 9fe04d4d4e5a
- permissions
- -rw-r--r--
Update to new version of vendor software although Oracle fails to deliver.
More specifically, newer db(3) patch revisions exist but Oracle has
removed them from the canonical download server URI for Berkely DB.
| michael@549 | 1 | #!/bin/sh |
| michael@549 | 2 | ## |
| michael@549 | 3 | ## snort-update.sh -- Snort Rule Updating Utility |
| michael@549 | 4 | ## Copyright (c) 2005-2007 Ralf S. Engelschall <rse@engelschall.com> |
| michael@549 | 5 | ## |
| michael@549 | 6 | |
| michael@549 | 7 | # command line parameters |
| michael@549 | 8 | url="$1" |
| michael@549 | 9 | if [ ".$url" = . ]; then |
| michael@549 | 10 | echo "USAGE: $0 <url>" 1>&2 |
| michael@549 | 11 | exit 1 |
| michael@549 | 12 | fi |
| michael@549 | 13 | |
| michael@549 | 14 | # configuration |
| michael@549 | 15 | rulesdir="@l_prefix@/var/snort/rules" |
| michael@549 | 16 | tmpdir="@l_prefix@/var/snort/tmp" |
| michael@549 | 17 | oinkmaster="@l_prefix@/sbin/oinkmaster" |
| michael@549 | 18 | logfile="@l_prefix@/var/snort/oinkmaster.log" |
| michael@549 | 19 | statsfile="@l_prefix@/var/snort/snort.stats" |
| michael@549 | 20 | |
| michael@549 | 21 | # parameter post-processing |
| michael@549 | 22 | url=`echo "$url" |\ |
| michael@549 | 23 | sed -e 's;^oinkcode:\(.*\)$;http://www.snort.org/pub-bin/oinkmaster.cgi/\1/snortrules-snapshot-@V_rules@.tar.gz;' \ |
| michael@549 | 24 | -e 's;^\(/.*\)$;file://\1;'` |
| michael@549 | 25 | |
| michael@549 | 26 | # ruleset updating |
| michael@549 | 27 | ( echo "++ SNORT-UPDATE START (`date`)" |
| michael@549 | 28 | echo "++ Update URL: \"$url\"" |
| michael@549 | 29 | $oinkmaster -q -o $rulesdir -u $url |
| michael@549 | 30 | if [ ! -f $rulesdir/local.rules ]; then |
| michael@549 | 31 | touch $rulesdir/local.rules |
| michael@549 | 32 | fi |
| michael@549 | 33 | @l_prefix@/lib/openpkg/shtool subst \ |
| michael@549 | 34 | -e 's;\(var HOME_NET\) any;\1 $(HOME_NET:-any);' \ |
| michael@549 | 35 | -e 's;\(var EXTERNAL_NET\) any;\1 $(EXTERNAL_NET:-any);' \ |
| michael@549 | 36 | -e 's; \([^ /]*\.map\); $(RULE_PATH)/\1;' \ |
| michael@549 | 37 | -e 's; \([^ /]*\.config\); $(RULE_PATH)/\1;' \ |
| michael@549 | 38 | -e "s;\\(var RULE_PATH\\).*;\\1 \$(RULE_PATH:-$rulesdir);" \ |
| michael@549 | 39 | -e "s;/var/snort/snort\.stats;$statsfile;" \ |
| michael@549 | 40 | $rulesdir/snort.conf |
| michael@549 | 41 | echo "++ SNORT-UPDATE END (`date`)" |
| michael@549 | 42 | ) >>$logfile 2>&1 |
| michael@549 | 43 |
