From b60fd7a3e2640d7da41a3bdb875669c302849acc Mon Sep 17 00:00:00 2001 From: Stefan Schantl Date: Mon, 18 Mar 2019 20:33:28 +0100 Subject: [PATCH] Core 130: Remove files after convert-snort has been launched The converter requires /etc/snort/snort.conf to grab the used rule files (categories). After all settings have been converted, we are fine to delete all snort related files, because none of them is needed anymore. Also the /var/ipfire/snort directory needs to be deleted. If it will be left on the system and at any later time a backup will get restored, the converter will be started by the backup script, because it detects that a snort settins dir exists and would be restore the old snort settings and replaces all current IPS settings. Signed-off-by: Stefan Schantl Signed-off-by: Michael Tremer --- config/rootfiles/core/130/update.sh | 31 +++++++++++++++-------------- 1 file changed, 16 insertions(+), 15 deletions(-) diff --git a/config/rootfiles/core/130/update.sh b/config/rootfiles/core/130/update.sh index d33321c320..6d32bdba29 100644 --- a/config/rootfiles/core/130/update.sh +++ b/config/rootfiles/core/130/update.sh @@ -37,21 +37,6 @@ if [ -e "/etc/init.d/suricata" ]; then /etc/init.d/suricata stop fi -# Remove files -rm -rfv \ - /etc/rc.d/rc*.d/*snort \ - /etc/rc.d/init.d/networking/red.up/23-RS-snort \ - /etc/snort \ - /usr/bin/daq-modules-config \ - /usr/bin/u2boat \ - /usr/bin/u2spewfoo \ - /usr/lib/daq \ - /usr/lib/snort \ - /usr/lib/libdaq.so* \ - /usr/lib/libsfbpf.so* \ - /usr/local/bin/snortctl \ - /usr/sbin/snort - # Rename snort user to suricata if getent group snort &>/dev/null; then groupmod -n suricata snort @@ -74,6 +59,22 @@ ldconfig # Migrate snort configuration to suricata /usr/sbin/convert-snort +# Remove files +rm -rfv \ + /etc/rc.d/rc*.d/*snort \ + /etc/rc.d/init.d/networking/red.up/23-RS-snort \ + /etc/snort \ + /usr/bin/daq-modules-config \ + /usr/bin/u2boat \ + /usr/bin/u2spewfoo \ + /usr/lib/daq \ + /usr/lib/snort \ + /usr/lib/libdaq.so* \ + /usr/lib/libsfbpf.so* \ + /usr/local/bin/snortctl \ + /usr/sbin/snort \ + /var/ipfire/snort + # Start services /etc/init.d/collectd restart /etc/init.d/firewall restart -- 2.39.2