From: Michael Tremer <michael.tremer@ipfire.org>
Date: Thu, 14 Mar 2019 13:48:25 +0000 (+0000)
Subject: core130: Ship suricata
X-Git-Tag: v2.23-core131~114
X-Git-Url: http://git.ipfire.org/?p=ipfire-2.x.git;a=commitdiff_plain;h=f9219b91a1f4648f6c2db9e3699169bb797e79c1

core130: Ship suricata

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
---

diff --git a/config/rootfiles/core/130/filelists/files b/config/rootfiles/core/130/filelists/files
index 3bbc1c6263..38f8b8dc58 100644
--- a/config/rootfiles/core/130/filelists/files
+++ b/config/rootfiles/core/130/filelists/files
@@ -2,5 +2,22 @@ etc/system-release
 etc/issue
 srv/web/ipfire/cgi-bin/credits.cgi
 var/ipfire/langs
+etc/collectd/collectd.conf
+etc/logrotate.conf
 etc/rc.d/init.d/firewall
+etc/rc.d/init.d/networking/red.up/23-suricata
+etc/rc.d/init.d/suricata
+etc/syslog.conf
+srv/web/ipfire/cgi-bin/aliases.cgi
+srv/web/ipfire/cgi-bin/ids.cgi
+srv/web/ipfire/cgi-bin/logs.cgi/ids.dat
+srv/web/ipfire/cgi-bin/logs.cgi/log.dat
+usr/local/bin/suricatactl
+usr/local/bin/update-ids-rulese
+usr/sbin/convert-snort
+var/ipfire/backup/bin/backup.pl
+var/ipfire/backup/include
 var/ipfire/general-functions.pl
+var/ipfire/ids-functions.pl
+var/ipfire/menu.d/40-services.menu
+var/ipfire/menu.d/50-firewall.menub
diff --git a/config/rootfiles/core/130/filelists/ids-ruleset-sources b/config/rootfiles/core/130/filelists/ids-ruleset-sources
new file mode 120000
index 0000000000..a226ada39b
--- /dev/null
+++ b/config/rootfiles/core/130/filelists/ids-ruleset-sources
@@ -0,0 +1 @@
+../../../common/ids-ruleset-sources
\ No newline at end of file
diff --git a/config/rootfiles/core/130/filelists/libcap-ng b/config/rootfiles/core/130/filelists/libcap-ng
new file mode 120000
index 0000000000..f58b21141b
--- /dev/null
+++ b/config/rootfiles/core/130/filelists/libcap-ng
@@ -0,0 +1 @@
+../../../common/libcap-ng
\ No newline at end of file
diff --git a/config/rootfiles/core/130/filelists/libhtp b/config/rootfiles/core/130/filelists/libhtp
new file mode 120000
index 0000000000..676e2c5e87
--- /dev/null
+++ b/config/rootfiles/core/130/filelists/libhtp
@@ -0,0 +1 @@
+../../../common/libhtp
\ No newline at end of file
diff --git a/config/rootfiles/core/130/filelists/oinkmaster b/config/rootfiles/core/130/filelists/oinkmaster
new file mode 120000
index 0000000000..75029e6799
--- /dev/null
+++ b/config/rootfiles/core/130/filelists/oinkmaster
@@ -0,0 +1 @@
+../../../common/oinkmaster
\ No newline at end of file
diff --git a/config/rootfiles/core/130/filelists/suricata b/config/rootfiles/core/130/filelists/suricata
new file mode 120000
index 0000000000..f671f69933
--- /dev/null
+++ b/config/rootfiles/core/130/filelists/suricata
@@ -0,0 +1 @@
+../../../common/suricata
\ No newline at end of file
diff --git a/config/rootfiles/core/130/filelists/yaml b/config/rootfiles/core/130/filelists/yaml
new file mode 120000
index 0000000000..3dc14343f6
--- /dev/null
+++ b/config/rootfiles/core/130/filelists/yaml
@@ -0,0 +1 @@
+../../../common/yaml
\ No newline at end of file
diff --git a/config/rootfiles/core/130/update.sh b/config/rootfiles/core/130/update.sh
index 93530cb531..b4238e7b44 100644
--- a/config/rootfiles/core/130/update.sh
+++ b/config/rootfiles/core/130/update.sh
@@ -32,8 +32,35 @@ for (( i=1; i<=$core; i++ )); do
 done
 
 # Stop services
+/etc/init.d/snort stop
+if [ -e "/etc/init.d/suricata" ]; then
+	/etc/init.d/suricata stop
+fi
 
 # Remove files
+rm -rfv \
+	/etc/rc.d/rc*.d/*snort \
+	/etc/rc.d/init.d/networking/red.up/23-RS-snort \
+	/etc/snort \
+	/usr/bin/daq-modules-config \
+	/usr/bin/u2boat \
+	/usr/bin/u2spewfoo \
+	/usr/lib/daq \
+	/usr/lib/snort \
+	/usr/lib/libdaq.so* \
+	/usr/lib/libsfbpf.so* \
+	/usr/local/bin/snortctl \
+	/usr/sbin/snort
+
+# Rename snort user to suricata
+if getent group snort &>/dev/null; then
+	groupmod -n suricata snort
+fi
+
+if getent passwd snort &>/dev/null; then
+	usermod -l suricata -c "Suricata" \
+		-d /var/log/suricata snort
+fi
 
 # Extract files
 extract_files
@@ -44,7 +71,13 @@ ldconfig
 # Update Language cache
 /usr/local/bin/update-lang-cache
 
+# Migrate snort configuration to suricata
+/usr/sbin/convert-snort
+
 # Start services
+/etc/init.d/collectd restart
+/etc/init.d/firewall restart
+/etc/init.d/suricata start
 
 # This update needs a reboot...
 touch /var/run/need_reboot