Snort mailing list archives
Re: I have written a Linux shell script to enable all Snort rules which were commented out
From: Jeremy Hoel <jthoel () gmail com>
Date: Mon, 7 Apr 2014 22:58:18 +0000
For you to get real help you'll need to post error messages and take the time to look at whats online. Pulled-pork has very good documentation, a mailing list and it's easy to use. So while you can use your script, running ALL snort rules at once is a bad idea and will probably cause something to break (probably since I haven't tried it before). You know enough to script, which means you should be able to do tests, look at error messages and provide some information that could help us respond to a question in an effective manner. On Mon, Apr 7, 2014 at 10:04 PM, Teo En Ming <teo.en.ming () gmail com> wrote:
Dear List, Originally, I had wanted to use Pulled Pork to enable all Snort rules which were commented out/disabled. But there is no comprehensive guide/manual on Pulled Pork which covers every step. So I thought better and decided to write a very simple Linux shell script to un-comment/enable all the Snort rules which were commented out/disabled. The source code only consists of a few lines. ===Start of Linux Shell Script=== #!/bin/sh # Linux shell script: enable-all-snort-rules.sh # Written by: Teo En Ming # Email: teo.en.ming () gmail com # Date: 8 April 2014 Tuesday 5:17 A.M. Singapore Time # Version: 1.0 RULE_PATH=/etc/snort/rules cd $RULE_PATH for i in `ls -1 $RULE_PATH` do echo "Enabling all Snort rules in $i" sed -i 's/^# //g' $i done ===End of Linux Shell Script=== Use the program at your own risk! I assume no responsibility if you screw up your Snort installation. I tried to un-comment all the Snort rules and Snort couldn't start. Some enabled rules are preventing Snort from starting. Somebody please advise. Regards, Teo En Ming ------------------------------------------------------------------------------ Put Bad Developers to Shame Dominate Development with Jenkins Continuous Integration Continuously Automate Build, Test & Deployment Start a new project now. Try Jenkins in the cloud. http://p.sf.net/sfu/13600_Cloudbees _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
------------------------------------------------------------------------------ Put Bad Developers to Shame Dominate Development with Jenkins Continuous Integration Continuously Automate Build, Test & Deployment Start a new project now. Try Jenkins in the cloud. http://p.sf.net/sfu/13600_Cloudbees
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- I have written a Linux shell script to enable all Snort rules which were commented out Teo En Ming (Apr 07)
- Re: I have written a Linux shell script to enable all Snort rules which were commented out Jeremy Hoel (Apr 07)
- Re: I have written a Linux shell script to enable all Snort rules which were commented out waldo kitty (Apr 07)