Fix snort errormessage if no rules are present to check.

author Arne Fitzenreiter <arne_f@ipfire.org>

Wed, 16 Jun 2010 16:19:43 +0000 (18:19 +0200)

committer Arne Fitzenreiter <arne_f@ipfire.org>

Wed, 16 Jun 2010 16:19:43 +0000 (18:19 +0200)
author Arne Fitzenreiter <arne_f@ipfire.org>
Wed, 16 Jun 2010 16:19:43 +0000 (18:19 +0200)
committer Arne Fitzenreiter <arne_f@ipfire.org>
Wed, 16 Jun 2010 16:19:43 +0000 (18:19 +0200)
diff --git a/src/initscripts/init.d/snort b/src/initscripts/init.d/snort

index 2e2f4f2e40cb6bf514c29bf3f1ce1e0ff4183b87..544609434e529425d1305fa7723abf9105d43077 100644 (file)
--- a/src/initscripts/init.d/snort
+++ b/src/initscripts/init.d/snort
@@ -63,12 +63,14 @@ fi
  case "$1" in
          start)
                 # Disable incompatible rules
-               for file in $(ls /etc/snort/rules/*.rules); do
+                boot_mesg "Check/Fix Intrusion Detection rules..."
+               for file in $(ls /etc/snort/rules/*.rules 2>/dev/null); do
                         sed -i 's|^alert.*!\[\$DNS_SERVERS|#&|g' $file
                         sed -i 's|^alert.*!\$SSH_PORTS|#&|g' $file
                         sed -i 's|^alert.*!\$HOME_NET|#&|g' $file
                         sed -i 's|^alert.*!\$SQL_SERVERS|#&|g' $file
                 done
+               echo_ok
  
                  for DEVICE in $DEVICES; do
                          boot_mesg "Starting Intrusion Detection System on $DEVICE..."
author	Arne Fitzenreiter <arne_f@ipfire.org>
	Wed, 16 Jun 2010 16:19:43 +0000 (18:19 +0200)
committer	Arne Fitzenreiter <arne_f@ipfire.org>
	Wed, 16 Jun 2010 16:19:43 +0000 (18:19 +0200)