Snort upgrade LittleScript

Nie, 16 Sty 2005, 16:46:28 CET

Witam.
Popelnilem taka pierdole.
moze komus przyda.
jest jeszcze cron, logrotate i speca tez sie da.
http://paste.phpfi.com/46233
Pozdrawiam.
---
LittleB
-------------

#!/bin/sh
# $Id: snort_up 2005-01-16 15:21:32 LittleB $
# set -x
# snort_up:    Snort rules ugrading script
# chkconfig:
# description:   
# author:    LitlleB
#         For PLD Linux Distribution
        # Source function library.
. /etc/rc.d/init.d/functions
. /etc/sysconfig/network

        # wget:
        # -t4    Retries 4 times
        # -N    Get if never bean
           PAR="-d --dns-cache=off -t4 -N"        # --sslprotocol=0 not yet
   LOG="-a /var/log/snort/snort_up.log"
   VER="2_2" # 2_3, 2_2, 2_0
   IP="199.107.65.177" # snort.org
   upgrade()
{
   mv snortrules-snapshot-$VER.tar.gz snortrules-snapshot-$VER.tar.gz.last
   rm -f snortrules-snapshot-$VER.tar.gz
    echo download rules...
   wget $PAR $LOG http://$IP/dl/rules/snortrules-snapshot-$VER.tar.gz
if [ -f ./snortrules-snapshot-$VER.tar.gz ];
   then
    echo unpacking archive...
   tar zxf snortrules-snapshot-$VER.tar.gz
   chmod 750 ./rules
   chmod 640 ./rules/*
   chown root:snort ./rules
   chown root:snort ./rules/*
   service snort stop
   rm -f /etc/snort/rules/*
   mv ./rules/* /etc/snort/rules/
   service snort start
#rm -f snortrules-snapshot-$VER.tar.gz
   mv snortrules-snapshot-$VER.tar.gz.md5 
snortrules-snapshot-$VER.tar.gz.md5.last
   rm -f snortrules-snapshot-$VER.tar.gz.md5
   rm -f rules/*
   rmdir rules
       msg_done
   else
       msg_network_down snort_up
       msg_fail
fi
}
msg_up()
{
show "UPGRADING SNORT RULES"
   busy
   echo
}
msg_done()
{
show "UPGRADING SNORT RULES"
   ok
   echo
}
msg_fail()
{
show "UPGRADING SNORT RULES"
   fail
   echo
}
   msg_up
   if is_yes "${NETWORKING}"; then
    if [ ! -f /var/lock/subsys/network -a "$1" != stop -a "$1" != status 
]; then
        msg_network_down snort_up
        msg_fail
        exit 1
    fi
   else
    exit 0
   fi
       
   rm -f snortrules-snapshot-$VER.tar.gz.md5
    echo download MD5 checksum...

   wget $PAR $LOG http://$IP/dl/rules/snortrules-snapshot-$VER.tar.gz.md5

   if [ -f ./snortrules-snapshot-$VER.tar.gz.md5.last ];
    then
    
    MD5_last=`cat ./snortrules-snapshot-$VER.tar.gz.md5.last| grep md5 | 
cut -d ' ' -f 4`
    MD5_new=`cat ./snortrules-snapshot-$VER.tar.gz.md5| grep md5 | cut 
-d ' ' -f 4`

    if [ "$MD5_last" = "$MD5_new" ];
        then
        echo $MD5_last
        echo $MD5_new
        echo YOUR checksum is correct. nothing to do.
        msg_done
    exit
        else         upgrade
    fi
   else
   upgrade
   fi
exit