Administrator
|
/etc/init.d/fwupgrade
Running the latest OpenWrt stable release
|
In reply to this post by hans2
For those not so experienced, how do I change my cron job for updates to once a week?
Thanks! |
This post was updated on .
In reply to this post by breda
CONTENTS DELETED
The author has deleted this message.
No more: Shield Pro v1, Chaos Calmer, FW 1.51 SP1
|
So if I understand correctly, going from:
26 03 * * * sh /sbin/fw_upgrade to 26 03 /7 * * sh /sbin/fw_upgrade will change me from an every day update, to a once a week update. Thanks! |
https://wiki.openwrt.org/doc/howto/cron 26 03 /7 * * will do a run every 7th day at 03:26 Another way to do it is 26 03 * * 0 will do a run every sunday (day 0) at 03:26
No more: Shield Pro v1, Chaos Calmer, FW 1.51 SP1
|
I appreciate the clarification. Thanks!
|
Administrator
|
As of now, do not uncomment the emerging-trojan.rules. It's been causing snort to hang and not start and when I can get it started it reboots and have seen other errors. Still testing.
Running the latest OpenWrt stable release
|
Thank you for the head's up!
Shield Pro v1, Chaos Calmer, FW 1.51 SP1, v8.3.2, Bridge Mode
|
In reply to this post by hans2
Hi Hans
Made a few improvements to the scripts. The main one is that the snort rules are downloaded to ramdisk and now compared with the snort file on the Shield and only the additional rules are added to the snort rule file so saving writes, every 14 days a complete download of the snort rules are done so allow for deleted rules to be removed. If the Shield is restarted daily then it will check for this and download a complete new list, also ads and malicious ip's are checked for duplicate ip's whilst in ramdisk before being written to disk.fw_upgrade.fw_upgrade roadrunnere42 |
Awesome work! I will include it in the next hotfix update (BETA4)
The webfilter has also other options than the Malicious and the Ads. Should we put some effort in updating them all if people have them selected activated? In /usr/lib/lua/luci/view/admin_status/index.htm I found how the various "updates" are reported: .... <tr><td width="33%"><%:IPS Last Updated%></td><td><%=luci.sys.exec("ls -alst /etc/snort/rules/snort.rules | cut -c52-58") or "?"%></td></tr> <tr><td width="33%"><%:Web Filter Last Updated%></td><td><%=luci.sys.exec("ls -alst /etc/itus/lists/ads | cut -c52-58") or "?"%></td></tr> <tr><td width="33%"><%:Shield Update Last Run%></td><td><%=luci.sys.exec("cat /.do_date | cut -c5-10") or "?"%></td></tr> .... (I was looking for the rule that updates the Operating Mode in the same file but it seems to be fixed: ... <tr><td width="33%"><%:Operating Mode%></td><td>UTM Bridge</td></tr> ...
No more: Shield Pro v1, Chaos Calmer, FW 1.51 SP1
|
I agree, but do you know where the script or scripts are located?
(The webfilter has also other options than the Malicious and the Ads. Should we put some effort in updating them all if people have them selected activated? ) roadrunnere42 |
No i don't have that source of information yet.
Until we do solve it for all but Ads and Malicious, lets not give people false hopes. I've updated the e2guardian.lua (if 1 == 2 then) so that it only shows the options that are supported by fw_upgrade script. I will include this change in BETA4
No more: Shield Pro v1, Chaos Calmer, FW 1.51 SP1
|
Hans
Been playing with the fw_upgrade script gain It checks for new snort rules and also deletes new deleted snort rules, but im not sure if the command sed -i writes the whole file or just changes. I only want the changes so as not to write whole file again, have you got any ideals? echo "working on snort rules please wait... may take upto a minute" cat /mnt/ramdisk/*.rules > /mnt/ramdisk/alert.list sed -i 's/alert /drop /' /mnt/ramdisk/alert.list sed '/^\#/d' /mnt/ramdisk/alert.list >> /mnt/ramdisk/temp.rules sed '/^$/d' /mnt/ramdisk/temp.rules > /mnt/ramdisk/snort.rules #grep -Fxvf /etc/snort/rules/snort.rules /mnt/ramdisk/snort.rules >> /etc/snort/rules/snort.rules #grep -Fxvf /mnt/ramdisk/snort.rules /etc/snort/rules/snort.rules >> /mnt/ramdisk/snortstage2.rules #echo "Checking for deleted snort rules... may take some time" #var1=wc -l /etc/snort/rules/snort.rules #while read -r line || [[ -n "$line" ]]; do # sed -i '/$line/d' /etc/snort/rules/snort.rules # counter=$((counter+1)) # echo $counter" rules of "$var1 # done < /mnt/ramdisk/snortstage2.rules #rm /mnt/ramdisk/snortstage2.rules mv /mnt/ramdisk/snort.rules /etc/snort/rules/snort.rules roadrunnere42 |
Not sure, I was checking https://en.wikipedia.org/wiki/Sed#Mode_of_operation " sed is a line-oriented text processing utility: it reads text, line by line, from an input stream or file, into an internal buffer called the pattern space. Each line read starts a cycle. To the pattern space, sed applies one or more operations which have been specified via a sed script. sed implements a programming language with about 25 commands that specify the operations on the text. For each input line, after running the script sed ordinarily outputs the pattern space (the line as modified by the script) and begins the cycle again with the next line. ... " This read to me as sed processes the entire file in pattern space, applies the changes and then commits the file back
No more: Shield Pro v1, Chaos Calmer, FW 1.51 SP1
|
Hans
just done a few additions to fw_upgrade script which now updates the drug list, only if selected in gui just like the ads and malicious rules, the site is http://www.shallalist.de/ and is free for non-commercial use. Their rules are update daily, on comparing the drug rule on the shield with their list, the shield had roughly 54000 odd rules and their site had 11300. So i joined the two together and removed any duplicates all done in memory then write only the new rules back to the shield. Will try this out for a bit to make sure is work smoothly. fw_upgrade.fw_upgrade roadrunnere42 |
Administrator
|
In reply to this post by user8446
Solution here: http://itus.accessinnov.com/Not-being-able-to-run-the-Trojan-rules-in-the-update-script-and-performance-increase-SOLUTION-td304.html
Running the latest OpenWrt stable release
|
In reply to this post by hans2
|
The first and second lines are correct.
The third one is not. You may want to change the ntp (second line) from every 10 minutes (*/10 * ) to every day. I have: # weekly - upgrade IPS rules at 03:31 on Sunday 31 03 * * 0 sh /sbin/fw_upgrade # daily - sync clock at midnight daily 0 0 * * * /usr/sbin/ntpclient -s -p 123 -h 0.us.pool.ntp.org || /etc/init.d/ntpclient restart
No more: Shield Pro v1, Chaos Calmer, FW 1.51 SP1
|
Thanks Hans just confirming
I should remove */10 * * * * /usr/sbin/ntpclient -s -p 123 -h 0.us.pool.ntp.org || /etc/init.d/ntpclient restart and on */10 * it would go in the red circle in the photo ? thanks for the help |
In reply to this post by hans2
OK, thank you.. made edit and forced update. All seems to be working.
I had one error that I needed to edit for the script run: line 26 reads: if [ "$(ls -A /mnt/ramdisk)" ]; I had to add a space after the "]" before the ";" for it to run. Now reads: if [ "$(ls -A /mnt/ramdisk)" ] ; This is a couple of times that i had to tweak the script to run on my system. I'm wondering if there's some switch turned on/off in my interpreter since no one else seems to have any issue with the syntax.
Shield Pro v1, Chaos Calmer, FW 1.51 SP1, v8.3.2, Bridge Mode
|
Free forum by Nabble | Edit this page |