Snort mailing list archives

Re: I have written a Linux shell script to detect missing rule files in your /etc/snort/snort.conf!

From: Jeremy Hoel <jthoel () gmail com>
Date: Sat, 12 Apr 2014 00:09:53 -0600

You do know that snort will tell you if it's missing rules when you run a
test, right?

snort -T -c <path to config file>

No reason to have a script check it for you..
Plus, if you use pulledpork then you just have (probably) snort.rules and
local.rules.


On Fri, Apr 11, 2014 at 11:59 PM, Teo En Ming <teo.en.ming () gmail com> wrote:

===Start of Linux shell script===
#!/bin/sh
# Linux shell script: detect-missing-snort-rule-files.sh
# Written by: Teo En Ming
# Email: teo.en.ming () gmail com
# Date: 12 April 2014 Saturday 1:00 P.M. Singapore Time
# Version: 1.0
#
# This program detects missing rule files in your /etc/snort/snort.conf
configuration file.
#

RULE_PATH=/etc/snort/rules
SNORT_CONF=/etc/snort/snort.conf

cd $RULE_PATH

for i in `ls -1 $RULE_PATH`
do
    grep "^include \$RULE_PATH/$i" $SNORT_CONF > /dev/null
    if [ $? -ne 0 ]
    then
        echo "$i not included in $SNORT_CONF!"
    fi
done
===End of Linux shell script===


------------------------------------------------------------------------------
Put Bad Developers to Shame
Dominate Development with Jenkins Continuous Integration
Continuously Automate Build, Test & Deployment
Start a new project now. Try Jenkins in the cloud.
http://p.sf.net/sfu/13600_Cloudbees
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest
Snort news!

------------------------------------------------------------------------------
Put Bad Developers to Shame
Dominate Development with Jenkins Continuous Integration
Continuously Automate Build, Test & Deployment 
Start a new project now. Try Jenkins in the cloud.
http://p.sf.net/sfu/13600_Cloudbees

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!

Current thread:

I have written a Linux shell script to detect missing rule files in your /etc/snort/snort.conf! Teo En Ming (Apr 11)
- Re: I have written a Linux shell script to detect missing rule files in your /etc/snort/snort.conf! Jeremy Hoel (Apr 11)
  - Re: I have written a Linux shell script to detect missing rule files in your /etc/snort/snort.conf! Teo En Ming (Apr 11)
    - Re: I have written a Linux shell script to detect missing rule files in your /etc/snort/snort.conf! waldo kitty (Apr 12)
- Re: I have written a Linux shell script to detect missing rule files in your /etc/snort/snort.conf! waldo kitty (Apr 12)