michael@549: #!/bin/sh
michael@549: ##
michael@549: ##  snort-update.sh -- Snort Rule Updating Utility
michael@549: ##  Copyright (c) 2005-2007 Ralf S. Engelschall <rse@engelschall.com> 
michael@549: ##
michael@549: 
michael@549: #   command line parameters
michael@549: url="$1"
michael@549: if [ ".$url" = . ]; then
michael@549:     echo "USAGE: $0 <url>" 1>&2
michael@549:     exit 1
michael@549: fi
michael@549: 
michael@549: #   configuration
michael@549: rulesdir="@l_prefix@/var/snort/rules"
michael@549: tmpdir="@l_prefix@/var/snort/tmp"
michael@549: oinkmaster="@l_prefix@/sbin/oinkmaster"
michael@549: logfile="@l_prefix@/var/snort/oinkmaster.log"
michael@549: statsfile="@l_prefix@/var/snort/snort.stats"
michael@549: 
michael@549: #   parameter post-processing
michael@549: url=`echo "$url" |\
michael@549:      sed -e 's;^oinkcode:\(.*\)$;http://www.snort.org/pub-bin/oinkmaster.cgi/\1/snortrules-snapshot-@V_rules@.tar.gz;' \
michael@549:          -e 's;^\(/.*\)$;file://\1;'`
michael@549: 
michael@549: #   ruleset updating
michael@549: ( echo "++ SNORT-UPDATE START (`date`)"
michael@549:   echo "++ Update URL: \"$url\""
michael@549:   $oinkmaster -q -o $rulesdir -u $url
michael@549:   if [ ! -f $rulesdir/local.rules ]; then
michael@549:       touch $rulesdir/local.rules
michael@549:   fi
michael@549:   @l_prefix@/lib/openpkg/shtool subst \
michael@549:       -e 's;\(var HOME_NET\) any;\1 $(HOME_NET:-any);' \
michael@549:       -e 's;\(var EXTERNAL_NET\) any;\1 $(EXTERNAL_NET:-any);' \
michael@549:       -e 's; \([^ /]*\.map\); $(RULE_PATH)/\1;' \
michael@549:       -e 's; \([^ /]*\.config\); $(RULE_PATH)/\1;' \
michael@549:       -e "s;\\(var RULE_PATH\\).*;\\1 \$(RULE_PATH:-$rulesdir);" \
michael@549:       -e "s;/var/snort/snort\.stats;$statsfile;" \
michael@549:       $rulesdir/snort.conf
michael@549:   echo "++ SNORT-UPDATE END (`date`)"
michael@549: ) >>$logfile 2>&1
michael@549: