[Snort] snort_up upgrade

newsonet newsonet w poczta.onet.pl
Pią, 15 Kwi 2005, 20:10:46 CEST 

W zwiazku z tym ze na snort.org wrocilo md5
poprawilem skrypcik i znow mozna z niego korzystac

wymagana rejestracja na snort.org
kazdy dostaje swoj: oink code



#!/bin/sh
# $Id: snort_up 2005-01-16 15:21:32 LittleB $
# set -x
# snort_up:     Snort rules ugrading script
# chkconfig:
# description:
# author:       LitlleB
#               For PLD Linux Distribution

# Source function library.
. /etc/rc.d/init.d/functions
. /etc/sysconfig/network


            # wget:
            # -t4       Retries 4 times
            # -N        Get if never bean

    PAR="-d --dns-cache=off -t4 -N"	# --sslprotocol=0
    LOG="-a /var/log/snort/snort_up.log"
    CODE="YOUR OINK CODE"		# your oink code
    VER="2.3"				# 2.3, 2.2, 2.0
    IP="199.107.65.177"			# snort.org

upgrade(){
if [ -f ./snortrules-snapshot-$VER.tar.gz ];then
    mv snortrules-snapshot-$VER.tar.gz
snortrules-snapshot-$VER.tar.gz.last
fi

#    rm -f snortrules-snapshot-$VER.tar.gz

        echo download rules...
    wget $PAR $LOG
http://$IP/pub-bin/oinkmaster.cgi/$CODE/snortrules-snapshot-$VER.tar.gz

if [ -f ./snortrules-snapshot-$VER.tar.gz ];then

        echo unpacking archive...
    tar zxf snortrules-snapshot-$VER.tar.gz
    chmod 750 ./rules
    chmod 640 ./rules/*
    chown root:snort ./rules
    chown root:snort ./rules/*
    service snort stop
    rm -f /etc/snort/rules/*
    mv ./rules/* /etc/snort/rules/
    service snort start
#rm -f snortrules-snapshot-$VER.tar.gz

    mv snortrules-snapshot-$VER.tar.gz.md5
snortrules-snapshot-$VER.tar.gz.md5.last

    rm -f snortrules-snapshot-$VER.tar.gz.md5
    rm -r rules
    rm -r doc
    msg_done
    else
    msg_network_down snort_up
    msg_fail
fi
}
msg_up(){
show "UPGRADING SNORT RULES"
    busy
    echo
}
msg_done(){
show "UPGRADING SNORT RULES"
    ok
    echo
}
msg_fail(){
show "UPGRADING SNORT RULES"
    fail
    echo
}

    msg_up
    if is_yes "${NETWORKING}"; then

        if [ ! -f /var/lock/subsys/network -a "$1" != stop -a "$1" !=
status ]; then
                msg_network_down snort_up
                msg_fail
                exit 1
        fi
    else
        exit 0
    fi

    rm -f snortrules-snapshot-$VER.tar.gz.md5

        echo download MD5 checksum...

    wget $PAR $LOG
http://$IP/pub-bin/oinkmaster.cgi/$CODE/snortrules-snapshot-$VER.tar.gz.md5

    if [ -f ./snortrules-snapshot-$VER.tar.gz ]; then

        MD5_last=`cat ./snortrules-snapshot-$VER.tar.gz.md5.last`
        MD5_new=`cat ./snortrules-snapshot-$VER.tar.gz.md5`

        if [ "$MD5_last" = "$MD5_new" ]; then
            echo $MD5_last
            echo $MD5_new
            echo YOUR checksum is correct. nothing to do.
            msg_done
                exit
        else
            upgrade
        fi
    else
    upgrade
    fi
exit

Więcej informacji o liście dyskusyjnej pld-users-pl