You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
43 lines
1.3 KiB
43 lines
1.3 KiB
#!/bin/sh |
|
## |
|
## snort-update.sh -- Snort Rule Updating Utility |
|
## Copyright (c) 2005-2007 Ralf S. Engelschall <rse@engelschall.com> |
|
## |
|
|
|
# command line parameters |
|
url="$1" |
|
if [ ".$url" = . ]; then |
|
echo "USAGE: $0 <url>" 1>&2 |
|
exit 1 |
|
fi |
|
|
|
# configuration |
|
rulesdir="@l_prefix@/var/snort/rules" |
|
tmpdir="@l_prefix@/var/snort/tmp" |
|
oinkmaster="@l_prefix@/sbin/oinkmaster" |
|
logfile="@l_prefix@/var/snort/oinkmaster.log" |
|
statsfile="@l_prefix@/var/snort/snort.stats" |
|
|
|
# parameter post-processing |
|
url=`echo "$url" |\ |
|
sed -e 's;^oinkcode:\(.*\)$;http://www.snort.org/pub-bin/oinkmaster.cgi/\1/snortrules-snapshot-@V_rules@.tar.gz;' \ |
|
-e 's;^\(/.*\)$;file://\1;'` |
|
|
|
# ruleset updating |
|
( echo "++ SNORT-UPDATE START (`date`)" |
|
echo "++ Update URL: \"$url\"" |
|
$oinkmaster -q -o $rulesdir -u $url |
|
if [ ! -f $rulesdir/local.rules ]; then |
|
touch $rulesdir/local.rules |
|
fi |
|
@l_prefix@/lib/openpkg/shtool subst \ |
|
-e 's;\(var HOME_NET\) any;\1 $(HOME_NET:-any);' \ |
|
-e 's;\(var EXTERNAL_NET\) any;\1 $(EXTERNAL_NET:-any);' \ |
|
-e 's; \([^ /]*\.map\); $(RULE_PATH)/\1;' \ |
|
-e 's; \([^ /]*\.config\); $(RULE_PATH)/\1;' \ |
|
-e "s;\\(var RULE_PATH\\).*;\\1 \$(RULE_PATH:-$rulesdir);" \ |
|
-e "s;/var/snort/snort\.stats;$statsfile;" \ |
|
$rulesdir/snort.conf |
|
echo "++ SNORT-UPDATE END (`date`)" |
|
) >>$logfile 2>&1 |
|
|
|
|