snort/snort-update.sh@9fe04d4d4e5a
snort/snort-update.sh
Mon, 17 Sep 2012 19:10:10 +0200
- author
- Michael Schloh von Bennewitz <michael@schloh.com>
- date
- Mon, 17 Sep 2012 19:10:10 +0200
- changeset 689
- 9fe04d4d4e5a
- permissions
- -rw-r--r--
Update to new version of vendor software although Oracle fails to deliver.
More specifically, newer db(3) patch revisions exist but Oracle has
removed them from the canonical download server URI for Berkely DB.
1 #!/bin/sh
2 ##
3 ## snort-update.sh -- Snort Rule Updating Utility
4 ## Copyright (c) 2005-2007 Ralf S. Engelschall <rse@engelschall.com>
5 ##
7 # command line parameters
8 url="$1"
9 if [ ".$url" = . ]; then
10 echo "USAGE: $0 <url>" 1>&2
11 exit 1
12 fi
14 # configuration
15 rulesdir="@l_prefix@/var/snort/rules"
16 tmpdir="@l_prefix@/var/snort/tmp"
17 oinkmaster="@l_prefix@/sbin/oinkmaster"
18 logfile="@l_prefix@/var/snort/oinkmaster.log"
19 statsfile="@l_prefix@/var/snort/snort.stats"
21 # parameter post-processing
22 url=`echo "$url" |\
23 sed -e 's;^oinkcode:\(.*\)$;http://www.snort.org/pub-bin/oinkmaster.cgi/\1/snortrules-snapshot-@V_rules@.tar.gz;' \
24 -e 's;^\(/.*\)$;file://\1;'`
26 # ruleset updating
27 ( echo "++ SNORT-UPDATE START (`date`)"
28 echo "++ Update URL: \"$url\""
29 $oinkmaster -q -o $rulesdir -u $url
30 if [ ! -f $rulesdir/local.rules ]; then
31 touch $rulesdir/local.rules
32 fi
33 @l_prefix@/lib/openpkg/shtool subst \
34 -e 's;\(var HOME_NET\) any;\1 $(HOME_NET:-any);' \
35 -e 's;\(var EXTERNAL_NET\) any;\1 $(EXTERNAL_NET:-any);' \
36 -e 's; \([^ /]*\.map\); $(RULE_PATH)/\1;' \
37 -e 's; \([^ /]*\.config\); $(RULE_PATH)/\1;' \
38 -e "s;\\(var RULE_PATH\\).*;\\1 \$(RULE_PATH:-$rulesdir);" \
39 -e "s;/var/snort/snort\.stats;$statsfile;" \
40 $rulesdir/snort.conf
41 echo "++ SNORT-UPDATE END (`date`)"
42 ) >>$logfile 2>&1
