Fix snort errormessage if no rules are present to check.

[ipfire-2.x.git] / src / initscripts / init.d / snort

diff --git a/src/initscripts/init.d/snort b/src/initscripts/init.d/snort
index a2db0de0fb4286095caabe0dd2724dc5be843c60..544609434e529425d1305fa7723abf9105d43077 100644 (file)
--- a/src/initscripts/init.d/snort
+++ b/src/initscripts/init.d/snort
@@ -62,10 +62,21 @@ fi
 
 case "$1" in
         start)
+               # Disable incompatible rules
+                boot_mesg "Check/Fix Intrusion Detection rules..."
+               for file in $(ls /etc/snort/rules/*.rules 2>/dev/null); do
+                       sed -i 's|^alert.*!\[\$DNS_SERVERS|#&|g' $file
+                       sed -i 's|^alert.*!\$SSH_PORTS|#&|g' $file
+                       sed -i 's|^alert.*!\$HOME_NET|#&|g' $file
+                       sed -i 's|^alert.*!\$SQL_SERVERS|#&|g' $file
+               done
+               echo_ok
+
                 for DEVICE in $DEVICES; do
                         boot_mesg "Starting Intrusion Detection System on $DEVICE..."
                         /usr/sbin/snort -c /etc/snort/snort.conf -i $DEVICE -D -l /var/log/snort --create-pidfile --nolock-pidfile --pid-path /var/run/
                         evaluate_retval
+                       sleep 1
                         chmod 644 /var/run/snort_$DEVICE.pid
                 done