]> git.ipfire.org Git - ipfire-2.x.git/blobdiff - src/initscripts/init.d/snort
projects / ipfire-2.x.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Fix snort errormessage if no rules are present to check.
[ipfire-2.x.git] / src / initscripts / init.d / snort
diff --git a/src/initscripts/init.d/snort b/src/initscripts/init.d/snort
index 567443f4ed03385882a3fe4de949fc86eba6941b..544609434e529425d1305fa7723abf9105d43077 100644 (file)
--- a/src/initscripts/init.d/snort
+++ b/src/initscripts/init.d/snort
@@ -62,10 +62,21 @@ fi
 
 case "$1" in
         start)
+               # Disable incompatible rules
+                boot_mesg "Check/Fix Intrusion Detection rules..."
+               for file in $(ls /etc/snort/rules/*.rules 2>/dev/null); do
+                       sed -i 's|^alert.*!\[\$DNS_SERVERS|#&|g' $file
+                       sed -i 's|^alert.*!\$SSH_PORTS|#&|g' $file
+                       sed -i 's|^alert.*!\$HOME_NET|#&|g' $file
+                       sed -i 's|^alert.*!\$SQL_SERVERS|#&|g' $file
+               done
+               echo_ok
+
                 for DEVICE in $DEVICES; do
                         boot_mesg "Starting Intrusion Detection System on $DEVICE..."
                         /usr/sbin/snort -c /etc/snort/snort.conf -i $DEVICE -D -l /var/log/snort --create-pidfile --nolock-pidfile --pid-path /var/run/
                         evaluate_retval
+                       sleep 1
                         chmod 644 /var/run/snort_$DEVICE.pid
                 done
                 
@@ -74,6 +85,7 @@ case "$1" in
                              IFACE=`/bin/cat /var/ipfire/red/iface 2>/dev/null | /usr/bin/tr -d '\012'`
                        sed -e "s/^Interface.*/Interface       ${IFACE}/" /var/ipfire/guardian/guardian.conf > temp
                        mv temp /var/ipfire/guardian/guardian.conf
+                       chown nobody.root /var/ipfire/guardian/guardian.conf
                      
                   boot_mesg "Starting Guardian..."
                              loadproc /usr/local/bin/guardian.pl -c /var/ipfire/guardian/guardian.conf
@@ -127,4 +139,6 @@ case "$1" in
                 ;;
 esac
 
+chmod 644 /var/log/snort/* 2>/dev/null
+
 # End $rc_base/init.d/snort
IPFire 2.x development tree