- root@Shield:~# update_snort_rules() { > # check to see if ramdisk is empty and it not remove all rules. > > if [ "$(ls -A /mnt/ramdisk)" ]; > then > [ firstboot mkfs.ext3 rpcd [[ free mkfs.ext4 schedtool arping fsck.ext2 mkfs.fat scp ash fsck.ext3 mkfs.msdos sed askfirst fsck.ext4 mkfs.vfat seq awk fsck.fat mknod sh basename fsck.msdos mkswap signify block fsck.vfat mktemp sigtool board_detect fsync modinfo sleep brctl fw3 modprobe snapshot bunzip2 fw_upgrade mount snapshot_tool busybox grep mount_root snort bwm-ng gunzip mtd sort bzcat gzip mv squid cat halt named-checkconf squidclient chat head named-checkzone ssh chgrp hexdump nbtscan start-stop-daemon chmod host nc strings chown hostid netdiscover swapoff chroot hotplug-call netifd swapon clamav-config htop netstat switch_root clambc hwclock nfnl_osf sync clamconf id nice sysctl clamd ifconfig nmap sysupgrade clamdscan ifdown nslookup tail clamscan ifstatus nsupdate tar clear ifup ntpclient tc cmp init ntpd tcpdump config_generate insmod ntpd-hotplug tee conntrack ip odhcp6c telnet conntrackd ip6tables odhcpd telnetd counter ip6tables-restore odhcpd-update test cp ip6tables-save openssl time crond ipaddr openvpn top crontab ipcalc.sh opkg touch csamd iplink opkg-key tr curl iproute passwd traceroute cut iprule pgrep true daq-modules-config ipsec pidof u2boat date iptables ping u2spewfoo dbclient iptables-restore ping6 ubus dd iptables-save pivot_root ubusd devmem iptables-xml pki uci devstatus iptunnel poweroff udevtrigger df jffs2mark pppd udhcpc dig jffs2reset pppdump uhttpd dirname jshn pppoe-discovery umount dmesg jsonfilter pppstats uname dnet kill printf uniq dnsmasq killall privoxy uptime dnssec-keygen kmodloader procd usign dnssec-signzone led.sh ps validate_data dosfsck less purge vconfig dropbear libnet-config pwd vi dropbearkey ln px5g vnstat du lock qos-start vnstatd e2fsck logd qos-stat vnstati ebtables logger qos-stop wc ebtables-restore login.sh readlink wget ebtables-save logread reboot wget-ssl echo ls relayd which env lsmod reload_config whois ethtool lua reset wifi ettercap luci-bwc resolveip wrtbwmon etterfilter luci-reload rm xargs etterlog md5sum rmdir xtables-multi expr mkdir rmmod yes false mke2fs rndc zcat fdisk mkfifo rndc-confgen find mkfs.ext2 route > rm -R /mnt/ramdisk/*.rules > fi > > curl -k -1 -m 40 -o /mnt/ramdisk/botcc.portgrouped.rules https://rules.emergin gthreats.net/open/snort-edge/rules/emerging-botcc.portgrouped.rules > curl -k -1 -m 40 -o /mnt/ramdisk/botcc.rules https://rules.emergingthreats.net /open/snort-edge/rules/emerging-botcc.rules > curl -k -1 -m 40 -o /mnt/ramdisk/ciarmy.rules https://rules.emergingthreats.ne t/open/snort-edge/rules/emerging-ciarmy.rules > curl -k -1 -m 40 -o /mnt/ramdisk/compromised.rules https://rules.emergingthrea ts.net/open/snort-edge/rules/emerging-compromised.rules > curl -k -1 -m 40 -o /mnt/ramdisk/dshield.rules https://rules.emergingthreats.n et/open/snort-edge/rules/emerging-dshield.rules > curl -k -1 -m 40 -o /mnt/ramdisk/emerging-exploit.rules https://rules.emerging threats.net/open/snort-edge/rules/emerging-exploit.rules > curl -k -1 -m 40 -o /mnt/ramdisk/emerging-malware.rules https://rules.emerging threats.net/open/snort-edge/rules/emerging-malware.rules > curl -k -1 -m 40 -o /mnt/ramdisk/emerging-mobile_malware.rules https://rules.e mergingthreats.net/open/snort-edge/rules/emerging-mobile_malware.rules > curl -k -1 -m 40 -o /mnt/ramdisk/emerging-user_agents.rules https://rules.emer gingthreats.net/open/snort-edge/rules/emerging-user_agents.rules > curl -k -1 -m 40 -o /mnt/ramdisk/emerging-web_client.rules https://rules.emerg ingthreats.net/open/snort-edge/rules/emerging-web_client.rules > curl -k -1 -m 40 -o /mnt/ramdisk/emerging-worm.rules https://rules.emergingthr eats.net/open/snort-edge/rules/emerging-worm.rules > curl -k -1 -m 40 -o /mnt/ramdisk/emerging-current_events.rules https://rules.e mergingthreats.net/open/snort-edge/rules/emerging-current_events.rules > #curl -k -1 -m 40 -o /mnt/ramdisk/emerging-trojan.rules https://rules.emerging threats.net/open/snort-edge/rules/emerging-trojan.rules > #curl -k -1 -m 40 -o /mnt/ramdisk/drop.rules https://rules.emergingthreats.net /open/snort-edge/rules/emerging-drop.rules > #curl -k -1 -m 40 -o /mnt/ramdisk/emerging-web_specific_apps.rules https://rul es.emergingthreats.net/open/snort-edge/rules/emerging-web_specific_apps.rules > #curl -k -1 -m 40 -o /mnt/ramdisk/emerging-scan.rules https://rules.emergingth reats.net/open/snort-edge/rules/emerging-scan.rules > > echo "working on snort rules please wait may take upto a minute" > cat /mnt/ramdisk/*.rules > /mnt/ramdisk/alert.list > sed -i 's/alert /drop /' /mnt/ramdisk/alert.list > sed '/^\#/d' /mnt/ramdisk/alert.list >> /mnt/ramdisk/temp.rules > sed '/^$/d' /mnt/ramdisk/temp.rules > /mnt/ramdisk/snort.rules > > sed -i '/sid:2002802/s/^/#/' /mnt/ramdisk/snort.rules > sed -i '/sid:2019237/s/^/#/' /mnt/ramdisk/snort.rules > sed -i '/sid:2018194/s/^/#/' /mnt/ramdisk/snort.rules > sed -i '/sid:2012251/s/^/#/' /mnt/ramdisk/snort.rules > sed -i '/sid:2100527/s/^/#/' /mnt/ramdisk/snort.rules > sed -i '/sid:2100649/s/^/#/' /mnt/ramdisk/snort.rules > sed -i '/sid:2009080/s/^/#/' /mnt/ramdisk/snort.rules > sed -i '/sid:2009205/s/^/#/' /mnt/ramdisk/snort.rules > sed -i '/sid:2009206/s/^/#/' /mnt/ramdisk/snort.rules > sed -i '/sid:2009207/s/^/#/' /mnt/ramdisk/snort.rules > sed -i '/sid:2009208/s/^/#/' /mnt/ramdisk/snort.rules > sed -i '/sid:2008975/s/^/#/' /mnt/ramdisk/snort.rules > sed -i '/sid:2010515/s/^/#/' /mnt/ramdisk/snort.rules > sed -i '/sid:2003099/s/^/#/' /mnt/ramdisk/snort.rules > sed -i '/sid:2101201/s/^/#/' /mnt/ramdisk/snort.rules > sed -i '/sid:2001689/s/^/#/' /mnt/ramdisk/snort.rules > sed -i '/sid:2011695/s/^/#/' /mnt/ramdisk/snort.rules > sed -i '/sid:2013359/s/^/#/' /mnt/ramdisk/snort.rules > sed -i '/sid:2013358/s/^/#/' /mnt/ramdisk/snort.rules > sed -i '/sid:2013357/s/^/#/' /mnt/ramdisk/snort.rules > sed -i '/sid:2013355/s/^/#/' /mnt/ramdisk/snort.rules > sed -i '/sid:2013354/s/^/#/' /mnt/ramdisk/snort.rules > sed -i '/sid:2013353/s/^/#/' /mnt/ramdisk/snort.rules > sed -i '/sid:2013360/s/^/#/' /mnt/ramdisk/snort.rules > sed -i '/sid:2100648/s/^/#/' /mnt/ramdisk/snort.rules > sed -i '/sid:2009080/s/^/#/' /mnt/ramdisk/snort.rules > sed -i '/sid:2101390/s/^/#/' /mnt/ramdisk/snort.rules > sed -i '/sid:2012086/s/^/#/' /mnt/ramdisk/snort.rules > sed -i '/sid:2100650/s/^/#/' /mnt/ramdisk/snort.rules > sed -i '/sid:2011803/s/^/#/' /mnt/ramdisk/snort.rules > sed -i '/sid:2012510/s/^/#/' /mnt/ramdisk/snort.rules > sed -i '/sid:2001219/s/^/#/' /mnt/ramdisk/snort.rules > sed -i '/sid:2003068/s/^/#/' /mnt/ramdisk/snort.rules > sed -i '/sid:2002995/s/^/#/' /mnt/ramdisk/snort.rules > sed -i '/sid:2011347/s/^/#/' /mnt/ramdisk/snort.rules > sed -i '/sid:2102925/s/^/#/' /mnt/ramdisk/snort.rules > sed -i '/sid:2012263/s/^/#/' /mnt/ramdisk/snort.rules > sed -i '/sid:2012848/s/^/#/' /mnt/ramdisk/snort.rules > sed -i '/sid:2001046/s/^/#/' /mnt/ramdisk/snort.rules > sed -i '/sid:2003055/s/^/#/' /mnt/ramdisk/snort.rules > sed -i '/sid:2002993/s/^/#/' /mnt/ramdisk/snort.rules > sed -i '/sid:2002992/s/^/#/' /mnt/ramdisk/snort.rules > sed -i '/sid:2001353/s/^/#/' /mnt/ramdisk/snort.rules > sed -i '/sid:2009205/s/^/#/' /mnt/ramdisk/snort.rules > sed -i '/sid:2009206/s/^/#/' /mnt/ramdisk/snort.rules > sed -i '/sid:2009207/s/^/#/' /mnt/ramdisk/snort.rules > sed -i '/sid:2009208/s/^/#/' /mnt/ramdisk/snort.rules > sed -i '/sid:2001046/s/^/#/' /mnt/ramdisk/snort.rules > sed -i '/sid:2016950/s/^/#/' /mnt/ramdisk/snort.rules > sed -i '/sid:2019509/s/^/#/' /mnt/ramdisk/snort.rules > sed -i '/sid:2011507/s/^/#/' /mnt/ramdisk/snort.rules > sed -i '/sid:2010514/s/^/#/' /mnt/ramdisk/snort.rules > sed -i '/sid:2010516/s/^/#/' /mnt/ramdisk/snort.rules > sed -i '/sid:2010518/s/^/#/' /mnt/ramdisk/snort.rules > sed -i '/sid:2010520/s/^/#/' /mnt/ramdisk/snort.rules > sed -i '/sid:2010522/s/^/#/' /mnt/ramdisk/snort.rules > sed -i '/sid:2010525/s/^/#/' /mnt/ramdisk/snort.rules > sed -i '/sid:2010527/s/^/#/' /mnt/ramdisk/snort.rules > sed -i '/sid:2012056/s/^/#/' /mnt/ramdisk/snort.rules > sed -i '/sid:2012075/s/^/#/' /mnt/ramdisk/snort.rules > sed -i '/sid:2012119/s/^/#/' /mnt/ramdisk/snort.rules > sed -i '/sid:2012205/s/^/#/' /mnt/ramdisk/snort.rules > sed -i '/sid:2012272/s/^/#/' /mnt/ramdisk/snort.rules > sed -i '/sid:2012398/s/^/#/' /mnt/ramdisk/snort.rules > sed -i '/sid:2010931/s/^/#/' /mnt/ramdisk/snort.rules > sed -i '/sid:2011764/s/^/#/' /mnt/ramdisk/snort.rules > sed -i '/sid:2103088/s/^/#/' /mnt/ramdisk/snort.rules > sed -i '/sid:2103192/s/^/#/' /mnt/ramdisk/snort.rules > sed -i '/sid:2103134/s/^/#/' /mnt/ramdisk/snort.rules > sed -i '/sid:2101852/s/^/#/' /mnt/ramdisk/snort.rules > sed -i '/sid:2015526/s/^/#/' /mnt/ramdisk/snort.rules > sed -i '/sid:2009151/s/^/#/' /mnt/ramdisk/snort.rules > sed -i '/sid:2012997/s/^/#/' /mnt/ramdisk/snort.rules > sed -i '/sid:2101201/s/^/#/' /mnt/ramdisk/snort.rules > sed -i '/sid:2016672/s/^/#/' /mnt/ramdisk/snort.rules > sed -i '/sid:2000538/s/^/#/' /mnt/ramdisk/snort.rules > sed -i '/sid:2000540/s/^/#/' /mnt/ramdisk/snort.rules > sed -i '/sid:2011367/s/^/#/' /mnt/ramdisk/snort.rules > sed -i '/sid:2012251/s/^/#/' /mnt/ramdisk/snort.rules > sed -i '/sid:2100528/s/^/#/' /mnt/ramdisk/snort.rules > sed -i '/sid:2007994/s/^/#/' /mnt/ramdisk/snort.rules > sed -i '/sid:2008066/s/^/#/' /mnt/ramdisk/snort.rules > sed -i '/sid:2012180/s/^/#/' /mnt/ramdisk/snort.rules > sed -i '/sid:2102925/s/^/#/' /mnt/ramdisk/snort.rules > sed -i '/sid:2100628/s/^/#/' /mnt/ramdisk/snort.rules > sed -i '/sid:2010697/s/^/#/' /mnt/ramdisk/snort.rules > sed -i '/sid:2013479/s/^/#/' /mnt/ramdisk/snort.rules > sed -i '/sid:2001046/s/^/#/' /mnt/ramdisk/snort.rules > sed -i '/sid:2011803/s/^/#/' /mnt/ramdisk/snort.rules > sed -i '/sid:2009768/s/^/#/' /mnt/ramdisk/snort.rules > sed -i '/sid:2019490/s/^/#/' /mnt/ramdisk/snort.rules > sed -i '/sid:2011347/s/^/#/' /mnt/ramdisk/snort.rules > sed -i '/sid:2011037/s/^/#/' /mnt/ramdisk/snort.rules > sed -i '/sid:2103133/s/^/#/' /mnt/ramdisk/snort.rules > sed -i '/sid:2103132/s/^/#/' /mnt/ramdisk/snort.rules > sed -i '/sid:2017005/s/^/#/' /mnt/ramdisk/snort.rules > sed -i '/sid:2006445/s/^/#/' /mnt/ramdisk/snort.rules > sed -i '/sid:2003927/s/^/#/' /mnt/ramdisk/snort.rules > sed -i '/sid:2010908/s/^/#/' /mnt/ramdisk/snort.rules > sed -i '/sid:2014020/s/^/#/' /mnt/ramdisk/snort.rules > sed -i '/sid:2017479/s/^/#/' /mnt/ramdisk/snort.rules > > # if the alert.list file is present remove it, this justs frees up more space in memory > if [ -f /mnt/ramdisk/alert.list ] ; then > [ firstboot mkfs.ext3 rpcd [[ free mkfs.ext4 schedtool arping fsck.ext2 mkfs.fat scp ash fsck.ext3 mkfs.msdos sed askfirst fsck.ext4 mkfs.vfat seq awk fsck.fat mknod sh basename fsck.msdos mkswap signify block fsck.vfat mktemp sigtool board_detect fsync modinfo sleep brctl fw3 modprobe snapshot bunzip2 fw_upgrade mount snapshot_tool busybox grep mount_root snort bwm-ng gunzip mtd sort bzcat gzip mv squid cat halt named-checkconf squidclient chat head named-checkzone ssh chgrp hexdump nbtscan start-stop-daemon chmod host nc strings chown hostid netdiscover swapoff chroot hotplug-call netifd swapon clamav-config htop netstat switch_root clambc hwclock nfnl_osf sync clamconf id nice sysctl clamd ifconfig nmap sysupgrade clamdscan ifdown nslookup tail clamscan ifstatus nsupdate tar clear ifup ntpclient tc cmp init ntpd tcpdump config_generate insmod ntpd-hotplug tee conntrack ip odhcp6c telnet conntrackd ip6tables odhcpd telnetd counter ip6tables-restore odhcpd-update test cp ip6tables-save openssl time crond ipaddr openvpn top crontab ipcalc.sh opkg touch csamd iplink opkg-key tr curl iproute passwd traceroute cut iprule pgrep true daq-modules-config ipsec pidof u2boat date iptables ping u2spewfoo dbclient iptables-restore ping6 ubus dd iptables-save pivot_root ubusd devmem iptables-xml pki uci devstatus iptunnel poweroff udevtrigger df jffs2mark pppd udhcpc dig jffs2reset pppdump uhttpd dirname jshn pppoe-discovery umount dmesg jsonfilter pppstats uname dnet kill printf uniq dnsmasq killall privoxy uptime dnssec-keygen kmodloader procd usign dnssec-signzone led.sh ps validate_data dosfsck less purge vconfig dropbear libnet-config pwd vi dropbearkey ln px5g vnstat du lock qos-start vnstatd e2fsck logd qos-stat vnstati ebtables logger qos-stop wc ebtables-restore login.sh readlink wget ebtables-save logread reboot wget-ssl echo ls relayd which env lsmod reload_config whois ethtool lua reset wifi ettercap luci-bwc resolveip wrtbwmon etterfilter luci-reload rm xargs etterlog md5sum rmdir xtables-multi expr mkdir rmmod yes false mke2fs rndc zcat fdisk mkfifo rndc-confgen find mkfs.ext2 route > rm /mnt/ramdisk/alert.list > fi > > # if the temp.rules file is present remove it, this justs frees up more space in memory > if [ -f /mnt/ramdisk/temp.rules ] ; then > [ firstboot mkfs.ext3 rpcd [[ free mkfs.ext4 schedtool arping fsck.ext2 mkfs.fat scp ash fsck.ext3 mkfs.msdos sed askfirst fsck.ext4 mkfs.vfat seq awk fsck.fat mknod sh basename fsck.msdos mkswap signify block fsck.vfat mktemp sigtool board_detect fsync modinfo sleep brctl fw3 modprobe snapshot bunzip2 fw_upgrade mount snapshot_tool busybox grep mount_root snort bwm-ng gunzip mtd sort bzcat gzip mv squid cat halt named-checkconf squidclient chat head named-checkzone ssh chgrp hexdump nbtscan start-stop-daemon chmod host nc strings chown hostid netdiscover swapoff chroot hotplug-call netifd swapon clamav-config htop netstat switch_root clambc hwclock nfnl_osf sync clamconf id nice sysctl clamd ifconfig nmap sysupgrade clamdscan ifdown nslookup tail clamscan ifstatus nsupdate tar clear ifup ntpclient tc cmp init ntpd tcpdump config_generate insmod ntpd-hotplug tee conntrack ip odhcp6c telnet conntrackd ip6tables odhcpd telnetd counter ip6tables-restore odhcpd-update test cp ip6tables-save openssl time crond ipaddr openvpn top crontab ipcalc.sh opkg touch csamd iplink opkg-key tr curl iproute passwd traceroute cut iprule pgrep true daq-modules-config ipsec pidof u2boat date iptables ping u2spewfoo dbclient iptables-restore ping6 ubus dd iptables-save pivot_root ubusd devmem iptables-xml pki uci devstatus iptunnel poweroff udevtrigger df jffs2mark pppd udhcpc dig jffs2reset pppdump uhttpd dirname jshn pppoe-discovery umount dmesg jsonfilter pppstats uname dnet kill printf uniq dnsmasq killall privoxy uptime dnssec-keygen kmodloader procd usign dnssec-signzone led.sh ps validate_data dosfsck less purge vconfig dropbear libnet-config pwd vi dropbearkey ln px5g vnstat du lock qos-start vnstatd e2fsck logd qos-stat vnstati ebtables logger qos-stop wc ebtables-restore login.sh readlink wget ebtables-save logread reboot wget-ssl echo ls relayd which env lsmod reload_config whois ethtool lua reset wifi ettercap luci-bwc resolveip wrtbwmon etterfilter luci-reload rm xargs etterlog md5sum rmdir xtables-multi expr mkdir rmmod yes false mke2fs rndc zcat fdisk mkfifo rndc-confgen find mkfs.ext2 route > rm /mnt/ramdisk/temp.rules > fi > > echo "#*************************************************************" >> snort .rules > echo "#" >> snort.rules > echo "# Copyright (c) 2003-2016, Emerging Threats" >> snort.rules > echo "# All rights reserved." >> snort.rules > echo "# " >> snort.rules > echo "# Redistribution and use in source and binary forms, with or without mo dification, are permitted provided that the " >> snort.rules > echo "# following conditions are met:" >> snort.rules > echo "# " >> snort.rules > echo "# * Redistributions of source code must retain the above copyright noti ce, this list of conditions and the following " >> snort.rules > echo "# disclaimer." >> snort.rules > echo "# * Redistributions in binary form must reproduce the above copyright n otice, this list of conditions and the " >> snort.rules > echo "# following disclaimer in the documentation and/or other materials pr ovided with the distribution." >> snort.rules > echo "# * Neither the name of the nor the names of its contributors may be us ed to endorse or promote products derived " >> snort.rules > echo "# from this software without specific prior written permission." >> s nort.rules > echo "# " >> snort.rules > echo "# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS A S IS AND ANY EXPRESS OR IMPLIED WARRANTIES," >> snort.rules > echo "# INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABIL ITY AND FITNESS FOR A PARTICULAR PURPOSE ARE " >> snort.rules > echo "# DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, " >> snort.rules > echo "# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMI TED TO, PROCUREMENT OF SUBSTITUTE GOODS OR " >> snort.rules > echo "# SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HO WEVER CAUSED AND ON ANY THEORY OF LIABILITY, " >> snort.rules > echo "# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE " >> snort.rules > echo "# USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMA GE. " >> snort.rules > echo "#" >> snort.rules > echo "#*************************************************************" >> snort .rules > > sleep 1 > > do_snort_restart=1 > } root@Shield:~# root@Shield:~# update_ads_rules() { > > # if the ads.tmp file is present remove it, this justs frees up more space in memory > if [ -f /mnt/ramdisk/ads.tmp ] ; then > rm /mnt/ramdisk/ads.tmp > fi > > #### Ads Updates #### > curl -m 40 -s -d mimetype=plaintext -d hostformat=unixhosts http://pgl.yoyo.or g/adservers/serverlist.php? | sort >> /mnt/ramdisk/ads.tmp > curl -m 40 -s http://winhelp2002.mvps.org/hosts.txt | grep -v "#" | grep -v "1 27.0.0.1" | sed '/^$/d' | sed 's/\ /\\ /g' | awk '{print $2}' | sed -e '1,3d' | sort >> /mnt/ramdisk/ads.tmp > #curl -m 40 -s http://someonewhocares.org/hosts/hosts | grep -v "#" | sed '/^$ /d' | sed 's/\ /\\ /g' | grep -v '^\\' | grep -v '\\$' | awk '{print $2}' | grep -v '^\\' | grep -v '\\$' | sort >> /mnt/ramdisk/ads.tmp > curl -m 40 -s http://sysctl.org/cameleon/hosts | grep -v "#" | sed '/^$/d' | s ed 's/\ /\\ /g' | grep -v '^\\' | grep -v '\\$' | awk '{print $3}' | grep -v '^\ \' | grep -v '\\$' | sort >> /mnt/ramdisk/ads.tmp > curl -m 40 -s http://optimate.dl.sourceforge.net/project/adzhosts/HOSTS.txt | grep -v "#" | sed '/^$/d' | sed 's/\ /\\ /g' | grep -v '^\\' | grep -v '\\$' | awk '{print $2}' | grep -v '^\\' | grep -v '\\$' | sort >> /mnt/ramdisk/ads.tmp > curl -m 40 -s https://hosts.neocities.org/ -k | grep -v "#" | sed '/^$/d' | se d 's/\ /\\ /g' | awk '{print $2}' | grep -v '^\\' | grep -v '\\$' | sort >> /mnt /ramdisk/ads.tmp > > sleep 1 > echo "working on ads rules please wait may take upto a minute" > sed 's/^/address=\//g' -i /mnt/ramdisk/ads.tmp > sed -e 's/$/\/10.10.10.11/' -i /mnt/ramdisk/ads.tmp > sleep 1 > > # activate ads update > mv /mnt/ramdisk/ads.tmp /etc/itus/lists/ads > sleep 1 > chmod 655 /etc/itus/lists/ads > } root@Shield:~# root@Shield:~# update_malicious_rules() { > > # if the malicious.tmp file is present remove it, this justs frees up more spa ce in memory > if [ -f /mnt/ramdisk/malicious.tmp ]; then > rm /mnt/ramdisk/malicious.tmp > fi > > ### Malware Updates ### > curl -m 40 -s http://www.malwaredomainlist.com/hostslist/hosts.txt | grep -v " #" | sed '/^$/d' | sed 's/\ /\\ /g' | awk '{print $3}' | grep -v '^\\' | grep -v '\\$' | sort >> /mnt/ramdisk/malicious.tmp > curl -m 40 -s http://mirror1.malwaredomains.com/files/justdomains | grep -v "# " | sed '/^$/d' | sed 's/\ /\\ /g' | sort >> /mnt/ramdisk/malicious.tmp > curl -m 40 -s https://s3.amazonaws.com/lists.disconnect.me/simple_malvertising .txt -k | grep -v "#" | sed '/^$/d' | sed 's/\ /\\ /g' | sort >> /mnt/ramdisk/ma licious.tmp > curl -m 40 -s https://hosts.neocities.org/ -k | grep -v "#" | sed '/^$/d' | se d 's/\ /\\ /g' | awk '{print $2}' | grep -v '^\\' | grep -v '\\$' | sort >> /mnt /ramdisk/malicious.tmp > sleep 1 > echo "working on malicious rules please wait may take upto a minute" > sed 's/^/address=\//g' -i /mnt/ramdisk/malicious.tmp > sed -e 's/$/\/10.10.10.11/' -i /mnt/ramdisk/malicious.tmp > sleep 1 > > # activate malicious update > mv /mnt/ramdisk/malicious.tmp /etc/itus/lists/malicious > sleep 1 > chmod 655 /etc/itus/lists/malicious > sleep 1 > } root@Shield:~# root@Shield:~# # Prevent DNSMASQ/SNORT restart unless updates are needed root@Shield:~# do_dnsmasq_restart=0# 0 = no restart, 1 = restart -ash: 0: not found root@Shield:~# do_snort_restart=0# 0 = no restart, 1 = restart -ash: 0: not found root@Shield:~# root@Shield:~# # check to see if there is a mount point in /mnt/ramdisk and if t here is'nt it will creat one, root@Shield:~# # this is used the first time you run this script on the shield t o created the mount point. root@Shield:~# if [ ! -d "/mnt/ramdisk" ]; then > mkdir /mnt/ramdisk > fi root@Shield:~# root@Shield:~# # check to see of /mnt/ramdisk is mounted if not will create the ramdisk in memory. root@Shield:~# if mount | grep /mnt/ramdisk > /dev/null; then > [ firstboot mkfs.ext3 rpcd [[ free mkfs.ext4 schedtool arping fsck.ext2 mkfs.fat scp ash fsck.ext3 mkfs.msdos sed askfirst fsck.ext4 mkfs.vfat seq awk fsck.fat mknod sh basename fsck.msdos mkswap signify block fsck.vfat mktemp sigtool board_detect fsync modinfo sleep brctl fw3 modprobe snapshot bunzip2 fw_upgrade mount snapshot_tool busybox grep mount_root snort bwm-ng gunzip mtd sort bzcat gzip mv squid cat halt named-checkconf squidclient chat head named-checkzone ssh chgrp hexdump nbtscan start-stop-daemon chmod host nc strings chown hostid netdiscover swapoff chroot hotplug-call netifd swapon clamav-config htop netstat switch_root clambc hwclock nfnl_osf sync clamconf id nice sysctl clamd ifconfig nmap sysupgrade clamdscan ifdown nslookup tail clamscan ifstatus nsupdate tar clear ifup ntpclient tc cmp init ntpd tcpdump config_generate insmod ntpd-hotplug tee conntrack ip odhcp6c telnet conntrackd ip6tables odhcpd telnetd counter ip6tables-restore odhcpd-update test cp ip6tables-save openssl time crond ipaddr openvpn top crontab ipcalc.sh opkg touch csamd iplink opkg-key tr curl iproute passwd traceroute cut iprule pgrep true daq-modules-config ipsec pidof u2boat date iptables ping u2spewfoo dbclient iptables-restore ping6 ubus dd iptables-save pivot_root ubusd devmem iptables-xml pki uci devstatus iptunnel poweroff udevtrigger df jffs2mark pppd udhcpc dig jffs2reset pppdump uhttpd dirname jshn pppoe-discovery umount dmesg jsonfilter pppstats uname dnet kill printf uniq dnsmasq killall privoxy uptime dnssec-keygen kmodloader procd usign dnssec-signzone led.sh ps validate_data dosfsck less purge vconfig dropbear libnet-config pwd vi dropbearkey ln px5g vnstat du lock qos-start vnstatd e2fsck logd qos-stat vnstati ebtables logger qos-stop wc ebtables-restore login.sh readlink wget ebtables-save logread reboot wget-ssl echo ls relayd which env lsmod reload_config whois ethtool lua reset wifi ettercap luci-bwc resolveip wrtbwmon etterfilter luci-reload rm xargs etterlog md5sum rmdir xtables-multi expr mkdir rmmod yes false mke2fs rndc zcat fdisk mkfifo rndc-confgen find mkfs.ext2 route > echo "yes mounted" > else > [ firstboot mkfs.ext3 rpcd [[ free mkfs.ext4 schedtool arping fsck.ext2 mkfs.fat scp ash fsck.ext3 mkfs.msdos sed askfirst fsck.ext4 mkfs.vfat seq awk fsck.fat mknod sh basename fsck.msdos mkswap signify block fsck.vfat mktemp sigtool board_detect fsync modinfo sleep brctl fw3 modprobe snapshot bunzip2 fw_upgrade mount snapshot_tool busybox grep mount_root snort bwm-ng gunzip mtd sort bzcat gzip mv squid cat halt named-checkconf squidclient chat head named-checkzone ssh chgrp hexdump nbtscan start-stop-daemon chmod host nc strings chown hostid netdiscover swapoff chroot hotplug-call netifd swapon clamav-config htop netstat switch_root clambc hwclock nfnl_osf sync clamconf id nice sysctl clamd ifconfig nmap sysupgrade clamdscan ifdown nslookup tail clamscan ifstatus nsupdate tar clear ifup ntpclient tc cmp init ntpd tcpdump config_generate insmod ntpd-hotplug tee conntrack ip odhcp6c telnet conntrackd ip6tables odhcpd telnetd counter ip6tables-restore odhcpd-update test cp ip6tables-save openssl time crond ipaddr openvpn top crontab ipcalc.sh opkg touch csamd iplink opkg-key tr curl iproute passwd traceroute cut iprule pgrep true daq-modules-config ipsec pidof u2boat date iptables ping u2spewfoo dbclient iptables-restore ping6 ubus dd iptables-save pivot_root ubusd devmem iptables-xml pki uci devstatus iptunnel poweroff udevtrigger df jffs2mark pppd udhcpc dig jffs2reset pppdump uhttpd dirname jshn pppoe-discovery umount dmesg jsonfilter pppstats uname dnet kill printf uniq dnsmasq killall privoxy uptime dnssec-keygen kmodloader procd usign dnssec-signzone led.sh ps validate_data dosfsck less purge vconfig dropbear libnet-config pwd vi dropbearkey ln px5g vnstat du lock qos-start vnstatd e2fsck logd qos-stat vnstati ebtables logger qos-stop wc ebtables-restore login.sh readlink wget ebtables-save logread reboot wget-ssl echo ls relayd which env lsmod reload_config whois ethtool lua reset wifi ettercap luci-bwc resolveip wrtbwmon etterfilter luci-reload rm xargs etterlog md5sum rmdir xtables-multi expr mkdir rmmod yes false mke2fs rndc zcat fdisk mkfifo rndc-confgen find mkfs.ext2 route > echo "creating ramdisk" > [ firstboot mkfs.ext3 rpcd [[ free mkfs.ext4 schedtool arping fsck.ext2 mkfs.fat scp ash fsck.ext3 mkfs.msdos sed askfirst fsck.ext4 mkfs.vfat seq awk fsck.fat mknod sh basename fsck.msdos mkswap signify block fsck.vfat mktemp sigtool board_detect fsync modinfo sleep brctl fw3 modprobe snapshot bunzip2 fw_upgrade mount snapshot_tool busybox grep mount_root snort bwm-ng gunzip mtd sort bzcat gzip mv squid cat halt named-checkconf squidclient chat head named-checkzone ssh chgrp hexdump nbtscan start-stop-daemon chmod host nc strings chown hostid netdiscover swapoff chroot hotplug-call netifd swapon clamav-config htop netstat switch_root clambc hwclock nfnl_osf sync clamconf id nice sysctl clamd ifconfig nmap sysupgrade clamdscan ifdown nslookup tail clamscan ifstatus nsupdate tar clear ifup ntpclient tc cmp init ntpd tcpdump config_generate insmod ntpd-hotplug tee conntrack ip odhcp6c telnet conntrackd ip6tables odhcpd telnetd counter ip6tables-restore odhcpd-update test cp ip6tables-save openssl time crond ipaddr openvpn top crontab ipcalc.sh opkg touch csamd iplink opkg-key tr curl iproute passwd traceroute cut iprule pgrep true daq-modules-config ipsec pidof u2boat date iptables ping u2spewfoo dbclient iptables-restore ping6 ubus dd iptables-save pivot_root ubusd devmem iptables-xml pki uci devstatus iptunnel poweroff udevtrigger df jffs2mark pppd udhcpc dig jffs2reset pppdump uhttpd dirname jshn pppoe-discovery umount dmesg jsonfilter pppstats uname dnet kill printf uniq dnsmasq killall privoxy uptime dnssec-keygen kmodloader procd usign dnssec-signzone led.sh ps validate_data dosfsck less purge vconfig dropbear libnet-config pwd vi dropbearkey ln px5g vnstat du lock qos-start vnstatd e2fsck logd qos-stat vnstati ebtables logger qos-stop wc ebtables-restore login.sh readlink wget ebtables-save logread reboot wget-ssl echo ls relayd which env lsmod reload_config whois ethtool lua reset wifi ettercap luci-bwc resolveip wrtbwmon etterfilter luci-reload rm xargs etterlog md5sum rmdir xtables-multi expr mkdir rmmod yes false mke2fs rndc zcat fdisk mkfifo rndc-confgen find mkfs.ext2 route > mount -t tmpfs -o size=50000k tmpfs /mnt/ramdisk > fi creating ramdisk root@Shield:~# root@Shield:~# # update snort rules root@Shield:~# # To prevent the snort rules from updating put # in front (# upda te_snort_rules) root@Shield:~# update_snort_rules sleep 1 # update ads rules % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0 # Managed via LUCI>SERVICES>Web Filter > Content filter - Ads if [ $(uci get e2guardian.e2guardian.content_ads) = 1 ]; then 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0 echo "Updating ADS rules" update_ads_rules sleep 1 do_dnsmasq_restart=1 fi # update malicious sites rules # Managed via LUCI>SERVICES>Web Filter > Content filter - Malicious if [ $(uci get e2guardian.e2guardian.content_malicious) = 1 ]; then echo "Updating MALICIOUS rules" update_malicious_rules sleep 1 do_dnsmasq_restart=1 fi # restart DNSMASQ if [ $do_dnsmasq_restart = 1 ]; then echo "Restarting DNSMASQ service" /etc/init.d/dnsmasq restart sleep 3 100 25931 100 25931 0 0 65677 0 --:--:-- --:--:-- --:--:-- 70464 fi % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0 # restart SNORT if [ $do_snort_restart = 1 ]; then echo "Restarting SNORT service" mv /mnt/ramdisk/snort.rules /etc/snort/rules/snort.rules sleep 3 /etc/init.d/snort restart sleep 2 fi # update last-update date date > /.do_date # umounts the ramdisk so freeing up memory. 100 103k 100 103k 0 0 191k 0 --:--:-- --:--:-- --:--:-- 192k % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 100 60448 100 60448 0 0 120k 0 --:--:-- --:--:-- --:--:-- 120k % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 100 58697 100 58697 0 0 136k 0 --:--:-- --:--:-- --:--:-- 137k % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 100 3124 100 3124 0 0 10161 0 --:--:-- --:--:-- --:--:-- 10242 % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 100 193k 100 193k 0 0 289k 0 --:--:-- --:--:-- --:--:-- 291k % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 100 410k 100 410k 0 0 566k 0 --:--:-- --:--:-- --:--:-- 568k % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 100 69280 100 69280 0 0 142k 0 --:--:-- --:--:-- --:--:-- 142k % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 100 28423 100 28423 0 0 75368 0 --:--:-- --:--:-- --:--:-- 75997 % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 100 129k 100 129k 0 0 231k 0 --:--:-- --:--:-- --:--:-- 232k % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 100 9599 100 9599 0 0 31284 0 --:--:-- --:--:-- --:--:-- 31575 % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 100 871k 100 871k 0 0 655k 0 0:00:01 0:00:01 --:--:-- 656k working on snort rules please wait may take upto a minute root@Shield:~# sleep 1 root@Shield:~# root@Shield:~# # update ads rules root@Shield:~# root@Shield:~# # Managed via LUCI>SERVICES>Web Filter > Content filter - Ads root@Shield:~# if [ $(uci get e2guardian.e2guardian.content_ads) = 1 ]; then > [ firstboot mkfs.ext3 rpcd [[ free mkfs.ext4 schedtool arping fsck.ext2 mkfs.fat scp ash fsck.ext3 mkfs.msdos sed askfirst fsck.ext4 mkfs.vfat seq awk fsck.fat mknod sh basename fsck.msdos mkswap signify block fsck.vfat mktemp sigtool board_detect fsync modinfo sleep brctl fw3 modprobe snapshot bunzip2 fw_upgrade mount snapshot_tool busybox grep mount_root snort bwm-ng gunzip mtd sort bzcat gzip mv squid cat halt named-checkconf squidclient chat head named-checkzone ssh chgrp hexdump nbtscan start-stop-daemon chmod host nc strings chown hostid netdiscover swapoff chroot hotplug-call netifd swapon clamav-config htop netstat switch_root clambc hwclock nfnl_osf sync clamconf id nice sysctl clamd ifconfig nmap sysupgrade clamdscan ifdown nslookup tail clamscan ifstatus nsupdate tar clear ifup ntpclient tc cmp init ntpd tcpdump config_generate insmod ntpd-hotplug tee conntrack ip odhcp6c telnet conntrackd ip6tables odhcpd telnetd counter ip6tables-restore odhcpd-update test cp ip6tables-save openssl time crond ipaddr openvpn top crontab ipcalc.sh opkg touch csamd iplink opkg-key tr curl iproute passwd traceroute cut iprule pgrep true daq-modules-config ipsec pidof u2boat date iptables ping u2spewfoo dbclient iptables-restore ping6 ubus dd iptables-save pivot_root ubusd devmem iptables-xml pki uci devstatus iptunnel poweroff udevtrigger df jffs2mark pppd udhcpc dig jffs2reset pppdump uhttpd dirname jshn pppoe-discovery umount dmesg jsonfilter pppstats uname dnet kill printf uniq dnsmasq killall privoxy uptime dnssec-keygen kmodloader procd usign dnssec-signzone led.sh ps validate_data dosfsck less purge vconfig dropbear libnet-config pwd vi dropbearkey ln px5g vnstat du lock qos-start vnstatd e2fsck logd qos-stat vnstati ebtables logger qos-stop wc ebtables-restore login.sh readlink wget ebtables-save logread reboot wget-ssl echo ls relayd which env lsmod reload_config whois ethtool lua reset wifi ettercap luci-bwc resolveip wrtbwmon etterfilter luci-reload rm xargs etterlog md5sum rmdir xtables-multi expr mkdir rmmod yes false mke2fs rndc zcat fdisk mkfifo rndc-confgen find mkfs.ext2 route > echo "Updating ADS rules" > [ firstboot mkfs.ext3 rpcd [[ free mkfs.ext4 schedtool arping fsck.ext2 mkfs.fat scp ash fsck.ext3 mkfs.msdos sed askfirst fsck.ext4 mkfs.vfat seq awk fsck.fat mknod sh basename fsck.msdos mkswap signify block fsck.vfat mktemp sigtool board_detect fsync modinfo sleep brctl fw3 modprobe snapshot bunzip2 fw_upgrade mount snapshot_tool busybox grep mount_root snort bwm-ng gunzip mtd sort bzcat gzip mv squid cat halt named-checkconf squidclient chat head named-checkzone ssh chgrp hexdump nbtscan start-stop-daemon chmod host nc strings chown hostid netdiscover swapoff chroot hotplug-call netifd swapon clamav-config htop netstat switch_root clambc hwclock nfnl_osf sync clamconf id nice sysctl clamd ifconfig nmap sysupgrade clamdscan ifdown nslookup tail clamscan ifstatus nsupdate tar clear ifup ntpclient tc cmp init ntpd tcpdump config_generate insmod ntpd-hotplug tee conntrack ip odhcp6c telnet conntrackd ip6tables odhcpd telnetd counter ip6tables-restore odhcpd-update test cp ip6tables-save openssl time crond ipaddr openvpn top crontab ipcalc.sh opkg touch csamd iplink opkg-key tr curl iproute passwd traceroute cut iprule pgrep true daq-modules-config ipsec pidof u2boat date iptables ping u2spewfoo dbclient iptables-restore ping6 ubus dd iptables-save pivot_root ubusd devmem iptables-xml pki uci devstatus iptunnel poweroff udevtrigger df jffs2mark pppd udhcpc dig jffs2reset pppdump uhttpd dirname jshn pppoe-discovery umount dmesg jsonfilter pppstats uname dnet kill printf uniq dnsmasq killall privoxy uptime dnssec-keygen kmodloader procd usign dnssec-signzone led.sh ps validate_data dosfsck less purge vconfig dropbear libnet-config pwd vi dropbearkey ln px5g vnstat du lock qos-start vnstatd e2fsck logd qos-stat vnstati ebtables logger qos-stop wc ebtables-restore login.sh readlink wget ebtables-save logread reboot wget-ssl echo ls relayd which env lsmod reload_config whois ethtool lua reset wifi ettercap luci-bwc resolveip wrtbwmon etterfilter luci-reload rm xargs etterlog md5sum rmdir xtables-multi expr mkdir rmmod yes false mke2fs rndc zcat fdisk mkfifo rndc-confgen find mkfs.ext2 route > update_ads_rules > [ firstboot mkfs.ext3 rpcd [[ free mkfs.ext4 schedtool arping fsck.ext2 mkfs.fat scp ash fsck.ext3 mkfs.msdos sed askfirst fsck.ext4 mkfs.vfat seq awk fsck.fat mknod sh basename fsck.msdos mkswap signify block fsck.vfat mktemp sigtool board_detect fsync modinfo sleep brctl fw3 modprobe snapshot bunzip2 fw_upgrade mount snapshot_tool busybox grep mount_root snort bwm-ng gunzip mtd sort bzcat gzip mv squid cat halt named-checkconf squidclient chat head named-checkzone ssh chgrp hexdump nbtscan start-stop-daemon chmod host nc strings chown hostid netdiscover swapoff chroot hotplug-call netifd swapon clamav-config htop netstat switch_root clambc hwclock nfnl_osf sync clamconf id nice sysctl clamd ifconfig nmap sysupgrade clamdscan ifdown nslookup tail clamscan ifstatus nsupdate tar clear ifup ntpclient tc cmp init ntpd tcpdump config_generate insmod ntpd-hotplug tee conntrack ip odhcp6c telnet conntrackd ip6tables odhcpd telnetd counter ip6tables-restore odhcpd-update test cp ip6tables-save openssl time crond ipaddr openvpn top crontab ipcalc.sh opkg touch csamd iplink opkg-key tr curl iproute passwd traceroute cut iprule pgrep true daq-modules-config ipsec pidof u2boat date iptables ping u2spewfoo dbclient iptables-restore ping6 ubus dd iptables-save pivot_root ubusd devmem iptables-xml pki uci devstatus iptunnel poweroff udevtrigger df jffs2mark pppd udhcpc dig jffs2reset pppdump uhttpd dirname jshn pppoe-discovery umount dmesg jsonfilter pppstats uname dnet kill printf uniq dnsmasq killall privoxy uptime dnssec-keygen kmodloader procd usign dnssec-signzone led.sh ps validate_data dosfsck less purge vconfig dropbear libnet-config pwd vi dropbearkey ln px5g vnstat du lock qos-start vnstatd e2fsck logd qos-stat vnstati ebtables logger qos-stop wc ebtables-restore login.sh readlink wget ebtables-save logread reboot wget-ssl echo ls relayd which env lsmod reload_config whois ethtool lua reset wifi ettercap luci-bwc resolveip wrtbwmon etterfilter luci-reload rm xargs etterlog md5sum rmdir xtables-multi expr mkdir rmmod yes false mke2fs rndc zcat fdisk mkfifo rndc-confgen find mkfs.ext2 route > sleep 1 > [ firstboot mkfs.ext3 rpcd [[ free mkfs.ext4 schedtool arping fsck.ext2 mkfs.fat scp ash fsck.ext3 mkfs.msdos sed askfirst fsck.ext4 mkfs.vfat seq awk fsck.fat mknod sh basename fsck.msdos mkswap signify block fsck.vfat mktemp sigtool board_detect fsync modinfo sleep brctl fw3 modprobe snapshot bunzip2 fw_upgrade mount snapshot_tool busybox grep mount_root snort bwm-ng gunzip mtd sort bzcat gzip mv squid cat halt named-checkconf squidclient chat head named-checkzone ssh chgrp hexdump nbtscan start-stop-daemon chmod host nc strings chown hostid netdiscover swapoff chroot hotplug-call netifd swapon clamav-config htop netstat switch_root clambc hwclock nfnl_osf sync clamconf id nice sysctl clamd ifconfig nmap sysupgrade clamdscan ifdown nslookup tail clamscan ifstatus nsupdate tar clear ifup ntpclient tc cmp init ntpd tcpdump config_generate insmod ntpd-hotplug tee conntrack ip odhcp6c telnet conntrackd ip6tables odhcpd telnetd counter ip6tables-restore odhcpd-update test cp ip6tables-save openssl time crond ipaddr openvpn top crontab ipcalc.sh opkg touch csamd iplink opkg-key tr curl iproute passwd traceroute cut iprule pgrep true daq-modules-config ipsec pidof u2boat date iptables ping u2spewfoo dbclient iptables-restore ping6 ubus dd iptables-save pivot_root ubusd devmem iptables-xml pki uci devstatus iptunnel poweroff udevtrigger df jffs2mark pppd udhcpc dig jffs2reset pppdump uhttpd dirname jshn pppoe-discovery umount dmesg jsonfilter pppstats uname dnet kill printf uniq dnsmasq killall privoxy uptime dnssec-keygen kmodloader procd usign dnssec-signzone led.sh ps validate_data dosfsck less purge vconfig dropbear libnet-config pwd vi dropbearkey ln px5g vnstat du lock qos-start vnstatd e2fsck logd qos-stat vnstati ebtables logger qos-stop wc ebtables-restore login.sh readlink wget ebtables-save logread reboot wget-ssl echo ls relayd which env lsmod reload_config whois ethtool lua reset wifi ettercap luci-bwc resolveip wrtbwmon etterfilter luci-reload rm xargs etterlog md5sum rmdir xtables-multi expr mkdir rmmod yes false mke2fs rndc zcat fdisk mkfifo rndc-confgen find mkfs.ext2 route > do_dnsmasq_restart=1 > fi Updating ADS rules working on ads rules please wait may take upto a minute root@Shield:~# root@Shield:~# # update malicious sites rules root@Shield:~# # Managed via LUCI>SERVICES>Web Filter > Content filter - Malicio us root@Shield:~# if [ $(uci get e2guardian.e2guardian.content_malicious) = 1 ]; th en > [ firstboot mkfs.ext3 rpcd [[ free mkfs.ext4 schedtool arping fsck.ext2 mkfs.fat scp ash fsck.ext3 mkfs.msdos sed askfirst fsck.ext4 mkfs.vfat seq awk fsck.fat mknod sh basename fsck.msdos mkswap signify block fsck.vfat mktemp sigtool board_detect fsync modinfo sleep brctl fw3 modprobe snapshot bunzip2 fw_upgrade mount snapshot_tool busybox grep mount_root snort bwm-ng gunzip mtd sort bzcat gzip mv squid cat halt named-checkconf squidclient chat head named-checkzone ssh chgrp hexdump nbtscan start-stop-daemon chmod host nc strings chown hostid netdiscover swapoff chroot hotplug-call netifd swapon clamav-config htop netstat switch_root clambc hwclock nfnl_osf sync clamconf id nice sysctl clamd ifconfig nmap sysupgrade clamdscan ifdown nslookup tail clamscan ifstatus nsupdate tar clear ifup ntpclient tc cmp init ntpd tcpdump config_generate insmod ntpd-hotplug tee conntrack ip odhcp6c telnet conntrackd ip6tables odhcpd telnetd counter ip6tables-restore odhcpd-update test cp ip6tables-save openssl time crond ipaddr openvpn top crontab ipcalc.sh opkg touch csamd iplink opkg-key tr curl iproute passwd traceroute cut iprule pgrep true daq-modules-config ipsec pidof u2boat date iptables ping u2spewfoo dbclient iptables-restore ping6 ubus dd iptables-save pivot_root ubusd devmem iptables-xml pki uci devstatus iptunnel poweroff udevtrigger df jffs2mark pppd udhcpc dig jffs2reset pppdump uhttpd dirname jshn pppoe-discovery umount dmesg jsonfilter pppstats uname dnet kill printf uniq dnsmasq killall privoxy uptime dnssec-keygen kmodloader procd usign dnssec-signzone led.sh ps validate_data dosfsck less purge vconfig dropbear libnet-config pwd vi dropbearkey ln px5g vnstat du lock qos-start vnstatd e2fsck logd qos-stat vnstati ebtables logger qos-stop wc ebtables-restore login.sh readlink wget ebtables-save logread reboot wget-ssl echo ls relayd which env lsmod reload_config whois ethtool lua reset wifi ettercap luci-bwc resolveip wrtbwmon etterfilter luci-reload rm xargs etterlog md5sum rmdir xtables-multi expr mkdir rmmod yes false mke2fs rndc zcat fdisk mkfifo rndc-confgen find mkfs.ext2 route > echo "Updating MALICIOUS rules" > [ firstboot mkfs.ext3 rpcd [[ free mkfs.ext4 schedtool arping fsck.ext2 mkfs.fat scp ash fsck.ext3 mkfs.msdos sed askfirst fsck.ext4 mkfs.vfat seq awk fsck.fat mknod sh basename fsck.msdos mkswap signify block fsck.vfat mktemp sigtool board_detect fsync modinfo sleep brctl fw3 modprobe snapshot bunzip2 fw_upgrade mount snapshot_tool busybox grep mount_root snort bwm-ng gunzip mtd sort bzcat gzip mv squid cat halt named-checkconf squidclient chat head named-checkzone ssh chgrp hexdump nbtscan start-stop-daemon chmod host nc strings chown hostid netdiscover swapoff chroot hotplug-call netifd swapon clamav-config htop netstat switch_root clambc hwclock nfnl_osf sync clamconf id nice sysctl clamd ifconfig nmap sysupgrade clamdscan ifdown nslookup tail clamscan ifstatus nsupdate tar clear ifup ntpclient tc cmp init ntpd tcpdump config_generate insmod ntpd-hotplug tee conntrack ip odhcp6c telnet conntrackd ip6tables odhcpd telnetd counter ip6tables-restore odhcpd-update test cp ip6tables-save openssl time crond ipaddr openvpn top crontab ipcalc.sh opkg touch csamd iplink opkg-key tr curl iproute passwd traceroute cut iprule pgrep true daq-modules-config ipsec pidof u2boat date iptables ping u2spewfoo dbclient iptables-restore ping6 ubus dd iptables-save pivot_root ubusd devmem iptables-xml pki uci devstatus iptunnel poweroff udevtrigger df jffs2mark pppd udhcpc dig jffs2reset pppdump uhttpd dirname jshn pppoe-discovery umount dmesg jsonfilter pppstats uname dnet kill printf uniq dnsmasq killall privoxy uptime dnssec-keygen kmodloader procd usign dnssec-signzone led.sh ps validate_data dosfsck less purge vconfig dropbear libnet-config pwd vi dropbearkey ln px5g vnstat du lock qos-start vnstatd e2fsck logd qos-stat vnstati ebtables logger qos-stop wc ebtables-restore login.sh readlink wget ebtables-save logread reboot wget-ssl echo ls relayd which env lsmod reload_config whois ethtool lua reset wifi ettercap luci-bwc resolveip wrtbwmon etterfilter luci-reload rm xargs etterlog md5sum rmdir xtables-multi expr mkdir rmmod yes false mke2fs rndc zcat fdisk mkfifo rndc-confgen find mkfs.ext2 route > update_malicious_rules > [ firstboot mkfs.ext3 rpcd [[ free mkfs.ext4 schedtool arping fsck.ext2 mkfs.fat scp ash fsck.ext3 mkfs.msdos sed askfirst fsck.ext4 mkfs.vfat seq awk fsck.fat mknod sh basename fsck.msdos mkswap signify block fsck.vfat mktemp sigtool board_detect fsync modinfo sleep brctl fw3 modprobe snapshot bunzip2 fw_upgrade mount snapshot_tool busybox grep mount_root snort bwm-ng gunzip mtd sort bzcat gzip mv squid cat halt named-checkconf squidclient chat head named-checkzone ssh chgrp hexdump nbtscan start-stop-daemon chmod host nc strings chown hostid netdiscover swapoff chroot hotplug-call netifd swapon clamav-config htop netstat switch_root clambc hwclock nfnl_osf sync clamconf id nice sysctl clamd ifconfig nmap sysupgrade clamdscan ifdown nslookup tail clamscan ifstatus nsupdate tar clear ifup ntpclient tc cmp init ntpd tcpdump config_generate insmod ntpd-hotplug tee conntrack ip odhcp6c telnet conntrackd ip6tables odhcpd telnetd counter ip6tables-restore odhcpd-update test cp ip6tables-save openssl time crond ipaddr openvpn top crontab ipcalc.sh opkg touch csamd iplink opkg-key tr curl iproute passwd traceroute cut iprule pgrep true daq-modules-config ipsec pidof u2boat date iptables ping u2spewfoo dbclient iptables-restore ping6 ubus dd iptables-save pivot_root ubusd devmem iptables-xml pki uci devstatus iptunnel poweroff udevtrigger df jffs2mark pppd udhcpc dig jffs2reset pppdump uhttpd dirname jshn pppoe-discovery umount dmesg jsonfilter pppstats uname dnet kill printf uniq dnsmasq killall privoxy uptime dnssec-keygen kmodloader procd usign dnssec-signzone led.sh ps validate_data dosfsck less purge vconfig dropbear libnet-config pwd vi dropbearkey ln px5g vnstat du lock qos-start vnstatd e2fsck logd qos-stat vnstati ebtables logger qos-stop wc ebtables-restore login.sh readlink wget ebtables-save logread reboot wget-ssl echo ls relayd which env lsmod reload_config whois ethtool lua reset wifi ettercap luci-bwc resolveip wrtbwmon etterfilter luci-reload rm xargs etterlog md5sum rmdir xtables-multi expr mkdir rmmod yes false mke2fs rndc zcat fdisk mkfifo rndc-confgen find mkfs.ext2 route > sleep 1 > [ firstboot mkfs.ext3 rpcd [[ free mkfs.ext4 schedtool arping fsck.ext2 mkfs.fat scp ash fsck.ext3 mkfs.msdos sed askfirst fsck.ext4 mkfs.vfat seq awk fsck.fat mknod sh basename fsck.msdos mkswap signify block fsck.vfat mktemp sigtool board_detect fsync modinfo sleep brctl fw3 modprobe snapshot bunzip2 fw_upgrade mount snapshot_tool busybox grep mount_root snort bwm-ng gunzip mtd sort bzcat gzip mv squid cat halt named-checkconf squidclient chat head named-checkzone ssh chgrp hexdump nbtscan start-stop-daemon chmod host nc strings chown hostid netdiscover swapoff chroot hotplug-call netifd swapon clamav-config htop netstat switch_root clambc hwclock nfnl_osf sync clamconf id nice sysctl clamd ifconfig nmap sysupgrade clamdscan ifdown nslookup tail clamscan ifstatus nsupdate tar clear ifup ntpclient tc cmp init ntpd tcpdump config_generate insmod ntpd-hotplug tee conntrack ip odhcp6c telnet conntrackd ip6tables odhcpd telnetd counter ip6tables-restore odhcpd-update test cp ip6tables-save openssl time crond ipaddr openvpn top crontab ipcalc.sh opkg touch csamd iplink opkg-key tr curl iproute passwd traceroute cut iprule pgrep true daq-modules-config ipsec pidof u2boat date iptables ping u2spewfoo dbclient iptables-restore ping6 ubus dd iptables-save pivot_root ubusd devmem iptables-xml pki uci devstatus iptunnel poweroff udevtrigger df jffs2mark pppd udhcpc dig jffs2reset pppdump uhttpd dirname jshn pppoe-discovery umount dmesg jsonfilter pppstats uname dnet kill printf uniq dnsmasq killall privoxy uptime dnssec-keygen kmodloader procd usign dnssec-signzone led.sh ps validate_data dosfsck less purge vconfig dropbear libnet-config pwd vi dropbearkey ln px5g vnstat du lock qos-start vnstatd e2fsck logd qos-stat vnstati ebtables logger qos-stop wc ebtables-restore login.sh readlink wget ebtables-save logread reboot wget-ssl echo ls relayd which env lsmod reload_config whois ethtool lua reset wifi ettercap luci-bwc resolveip wrtbwmon etterfilter luci-reload rm xargs etterlog md5sum rmdir xtables-multi expr mkdir rmmod yes false mke2fs rndc zcat fdisk mkfifo rndc-confgen find mkfs.ext2 route > do_dnsmasq_restart=1 > fi Updating MALICIOUS rules working on malicious rules please wait may take upto a minute root@Shield:~# root@Shield:~# # restart DNSMASQ root@Shield:~# if [ $do_dnsmasq_restart = 1 ]; then > [ firstboot mkfs.ext3 rpcd [[ free mkfs.ext4 schedtool arping fsck.ext2 mkfs.fat scp ash fsck.ext3 mkfs.msdos sed askfirst fsck.ext4 mkfs.vfat seq awk fsck.fat mknod sh basename fsck.msdos mkswap signify block fsck.vfat mktemp sigtool board_detect fsync modinfo sleep brctl fw3 modprobe snapshot bunzip2 fw_upgrade mount snapshot_tool busybox grep mount_root snort bwm-ng gunzip mtd sort bzcat gzip mv squid cat halt named-checkconf squidclient chat head named-checkzone ssh chgrp hexdump nbtscan start-stop-daemon chmod host nc strings chown hostid netdiscover swapoff chroot hotplug-call netifd swapon clamav-config htop netstat switch_root clambc hwclock nfnl_osf sync clamconf id nice sysctl clamd ifconfig nmap sysupgrade clamdscan ifdown nslookup tail clamscan ifstatus nsupdate tar clear ifup ntpclient tc cmp init ntpd tcpdump config_generate insmod ntpd-hotplug tee conntrack ip odhcp6c telnet conntrackd ip6tables odhcpd telnetd counter ip6tables-restore odhcpd-update test cp ip6tables-save openssl time crond ipaddr openvpn top crontab ipcalc.sh opkg touch csamd iplink opkg-key tr curl iproute passwd traceroute cut iprule pgrep true daq-modules-config ipsec pidof u2boat date iptables ping u2spewfoo dbclient iptables-restore ping6 ubus dd iptables-save pivot_root ubusd devmem iptables-xml pki uci devstatus iptunnel poweroff udevtrigger df jffs2mark pppd udhcpc dig jffs2reset pppdump uhttpd dirname jshn pppoe-discovery umount dmesg jsonfilter pppstats uname dnet kill printf uniq dnsmasq killall privoxy uptime dnssec-keygen kmodloader procd usign dnssec-signzone led.sh ps validate_data dosfsck less purge vconfig dropbear libnet-config pwd vi dropbearkey ln px5g vnstat du lock qos-start vnstatd e2fsck logd qos-stat vnstati ebtables logger qos-stop wc ebtables-restore login.sh readlink wget ebtables-save logread reboot wget-ssl echo ls relayd which env lsmod reload_config whois ethtool lua reset wifi ettercap luci-bwc resolveip wrtbwmon etterfilter luci-reload rm xargs etterlog md5sum rmdir xtables-multi expr mkdir rmmod yes false mke2fs rndc zcat fdisk mkfifo rndc-confgen find mkfs.ext2 route > echo "Restarting DNSMASQ service" > [ firstboot mkfs.ext3 rpcd [[ free mkfs.ext4 schedtool arping fsck.ext2 mkfs.fat scp ash fsck.ext3 mkfs.msdos sed askfirst fsck.ext4 mkfs.vfat seq awk fsck.fat mknod sh basename fsck.msdos mkswap signify block fsck.vfat mktemp sigtool board_detect fsync modinfo sleep brctl fw3 modprobe snapshot bunzip2 fw_upgrade mount snapshot_tool busybox grep mount_root snort bwm-ng gunzip mtd sort bzcat gzip mv squid cat halt named-checkconf squidclient chat head named-checkzone ssh chgrp hexdump nbtscan start-stop-daemon chmod host nc strings chown hostid netdiscover swapoff chroot hotplug-call netifd swapon clamav-config htop netstat switch_root clambc hwclock nfnl_osf sync clamconf id nice sysctl clamd ifconfig nmap sysupgrade clamdscan ifdown nslookup tail clamscan ifstatus nsupdate tar clear ifup ntpclient tc cmp init ntpd tcpdump config_generate insmod ntpd-hotplug tee conntrack ip odhcp6c telnet conntrackd ip6tables odhcpd telnetd counter ip6tables-restore odhcpd-update test cp ip6tables-save openssl time crond ipaddr openvpn top crontab ipcalc.sh opkg touch csamd iplink opkg-key tr curl iproute passwd traceroute cut iprule pgrep true daq-modules-config ipsec pidof u2boat date iptables ping u2spewfoo dbclient iptables-restore ping6 ubus dd iptables-save pivot_root ubusd devmem iptables-xml pki uci devstatus iptunnel poweroff udevtrigger df jffs2mark pppd udhcpc dig jffs2reset pppdump uhttpd dirname jshn pppoe-discovery umount dmesg jsonfilter pppstats uname dnet kill printf uniq dnsmasq killall privoxy uptime dnssec-keygen kmodloader procd usign dnssec-signzone led.sh ps validate_data dosfsck less purge vconfig dropbear libnet-config pwd vi dropbearkey ln px5g vnstat du lock qos-start vnstatd e2fsck logd qos-stat vnstati ebtables logger qos-stop wc ebtables-restore login.sh readlink wget ebtables-save logread reboot wget-ssl echo ls relayd which env lsmod reload_config whois ethtool lua reset wifi ettercap luci-bwc resolveip wrtbwmon etterfilter luci-reload rm xargs etterlog md5sum rmdir xtables-multi expr mkdir rmmod yes false mke2fs rndc zcat fdisk mkfifo rndc-confgen find mkfs.ext2 route > /etc/init.d/dnsmasq restart > [ firstboot mkfs.ext3 rpcd [[ free mkfs.ext4 schedtool arping fsck.ext2 mkfs.fat scp ash fsck.ext3 mkfs.msdos sed askfirst fsck.ext4 mkfs.vfat seq awk fsck.fat mknod sh basename fsck.msdos mkswap signify block fsck.vfat mktemp sigtool board_detect fsync modinfo sleep brctl fw3 modprobe snapshot bunzip2 fw_upgrade mount snapshot_tool busybox grep mount_root snort bwm-ng gunzip mtd sort bzcat gzip mv squid cat halt named-checkconf squidclient chat head named-checkzone ssh chgrp hexdump nbtscan start-stop-daemon chmod host nc strings chown hostid netdiscover swapoff chroot hotplug-call netifd swapon clamav-config htop netstat switch_root clambc hwclock nfnl_osf sync clamconf id nice sysctl clamd ifconfig nmap sysupgrade clamdscan ifdown nslookup tail clamscan ifstatus nsupdate tar clear ifup ntpclient tc cmp init ntpd tcpdump config_generate insmod ntpd-hotplug tee conntrack ip odhcp6c telnet conntrackd ip6tables odhcpd telnetd counter ip6tables-restore odhcpd-update test cp ip6tables-save openssl time crond ipaddr openvpn top crontab ipcalc.sh opkg touch csamd iplink opkg-key tr curl iproute passwd traceroute cut iprule pgrep true daq-modules-config ipsec pidof u2boat date iptables ping u2spewfoo dbclient iptables-restore ping6 ubus dd iptables-save pivot_root ubusd devmem iptables-xml pki uci devstatus iptunnel poweroff udevtrigger df jffs2mark pppd udhcpc dig jffs2reset pppdump uhttpd dirname jshn pppoe-discovery umount dmesg jsonfilter pppstats uname dnet kill printf uniq dnsmasq killall privoxy uptime dnssec-keygen kmodloader procd usign dnssec-signzone led.sh ps validate_data dosfsck less purge vconfig dropbear libnet-config pwd vi dropbearkey ln px5g vnstat du lock qos-start vnstatd e2fsck logd qos-stat vnstati ebtables logger qos-stop wc ebtables-restore login.sh readlink wget ebtables-save logread reboot wget-ssl echo ls relayd which env lsmod reload_config whois ethtool lua reset wifi ettercap luci-bwc resolveip wrtbwmon etterfilter luci-reload rm xargs etterlog md5sum rmdir xtables-multi expr mkdir rmmod yes false mke2fs rndc zcat fdisk mkfifo rndc-confgen find mkfs.ext2 route > sleep 3 > fi Restarting DNSMASQ service yes mounted sed: /mnt/ramdisk/malicious: No such file or directory sed: /mnt/ramdisk/illegal: No such file or directory sed: /mnt/ramdisk/ads: No such file or directory Updated redirect ip address: 192.168.1.112: update_blacklist cat: can't open '/mnt/ramdisk/ads': No such file or directory cat: can't open '/mnt/ramdisk/illegal': No such file or directory cat: can't open '/mnt/ramdisk/malicious': No such file or directory root@Shield:~# root@Shield:~# # restart SNORT root@Shield:~# if [ $do_snort_restart = 1 ]; then > [ firstboot mkfs.ext3 rpcd [[ free mkfs.ext4 schedtool arping fsck.ext2 mkfs.fat scp ash fsck.ext3 mkfs.msdos sed askfirst fsck.ext4 mkfs.vfat seq awk fsck.fat mknod sh basename fsck.msdos mkswap signify block fsck.vfat mktemp sigtool board_detect fsync modinfo sleep brctl fw3 modprobe snapshot bunzip2 fw_upgrade mount snapshot_tool busybox grep mount_root snort bwm-ng gunzip mtd sort bzcat gzip mv squid cat halt named-checkconf squidclient chat head named-checkzone ssh chgrp hexdump nbtscan start-stop-daemon chmod host nc strings chown hostid netdiscover swapoff chroot hotplug-call netifd swapon clamav-config htop netstat switch_root clambc hwclock nfnl_osf sync clamconf id nice sysctl clamd ifconfig nmap sysupgrade clamdscan ifdown nslookup tail clamscan ifstatus nsupdate tar clear ifup ntpclient tc cmp init ntpd tcpdump config_generate insmod ntpd-hotplug tee conntrack ip odhcp6c telnet conntrackd ip6tables odhcpd telnetd counter ip6tables-restore odhcpd-update test cp ip6tables-save openssl time crond ipaddr openvpn top crontab ipcalc.sh opkg touch csamd iplink opkg-key tr curl iproute passwd traceroute cut iprule pgrep true daq-modules-config ipsec pidof u2boat date iptables ping u2spewfoo dbclient iptables-restore ping6 ubus dd iptables-save pivot_root ubusd devmem iptables-xml pki uci devstatus iptunnel poweroff udevtrigger df jffs2mark pppd udhcpc dig jffs2reset pppdump uhttpd dirname jshn pppoe-discovery umount dmesg jsonfilter pppstats uname dnet kill printf uniq dnsmasq killall privoxy uptime dnssec-keygen kmodloader procd usign dnssec-signzone led.sh ps validate_data dosfsck less purge vconfig dropbear libnet-config pwd vi dropbearkey ln px5g vnstat du lock qos-start vnstatd e2fsck logd qos-stat vnstati ebtables logger qos-stop wc ebtables-restore login.sh readlink wget ebtables-save logread reboot wget-ssl echo ls relayd which env lsmod reload_config whois ethtool lua reset wifi ettercap luci-bwc resolveip wrtbwmon etterfilter luci-reload rm xargs etterlog md5sum rmdir xtables-multi expr mkdir rmmod yes false mke2fs rndc zcat fdisk mkfifo rndc-confgen find mkfs.ext2 route > echo "Restarting SNORT service" > [ firstboot mkfs.ext3 rpcd [[ free mkfs.ext4 schedtool arping fsck.ext2 mkfs.fat scp ash fsck.ext3 mkfs.msdos sed askfirst fsck.ext4 mkfs.vfat seq awk fsck.fat mknod sh basename fsck.msdos mkswap signify block fsck.vfat mktemp sigtool board_detect fsync modinfo sleep brctl fw3 modprobe snapshot bunzip2 fw_upgrade mount snapshot_tool busybox grep mount_root snort bwm-ng gunzip mtd sort bzcat gzip mv squid cat halt named-checkconf squidclient chat head named-checkzone ssh chgrp hexdump nbtscan start-stop-daemon chmod host nc strings chown hostid netdiscover swapoff chroot hotplug-call netifd swapon clamav-config htop netstat switch_root clambc hwclock nfnl_osf sync clamconf id nice sysctl clamd ifconfig nmap sysupgrade clamdscan ifdown nslookup tail clamscan ifstatus nsupdate tar clear ifup ntpclient tc cmp init ntpd tcpdump config_generate insmod ntpd-hotplug tee conntrack ip odhcp6c telnet conntrackd ip6tables odhcpd telnetd counter ip6tables-restore odhcpd-update test cp ip6tables-save openssl time crond ipaddr openvpn top crontab ipcalc.sh opkg touch csamd iplink opkg-key tr curl iproute passwd traceroute cut iprule pgrep true daq-modules-config ipsec pidof u2boat date iptables ping u2spewfoo dbclient iptables-restore ping6 ubus dd iptables-save pivot_root ubusd devmem iptables-xml pki uci devstatus iptunnel poweroff udevtrigger df jffs2mark pppd udhcpc dig jffs2reset pppdump uhttpd dirname jshn pppoe-discovery umount dmesg jsonfilter pppstats uname dnet kill printf uniq dnsmasq killall privoxy uptime dnssec-keygen kmodloader procd usign dnssec-signzone led.sh ps validate_data dosfsck less purge vconfig dropbear libnet-config pwd vi dropbearkey ln px5g vnstat du lock qos-start vnstatd e2fsck logd qos-stat vnstati ebtables logger qos-stop wc ebtables-restore login.sh readlink wget ebtables-save logread reboot wget-ssl echo ls relayd which env lsmod reload_config whois ethtool lua reset wifi ettercap luci-bwc resolveip wrtbwmon etterfilter luci-reload rm xargs etterlog md5sum rmdir xtables-multi expr mkdir rmmod yes false mke2fs rndc zcat fdisk mkfifo rndc-confgen find mkfs.ext2 route > mv /mnt/ramdisk/snort.rules /etc/snort/rules/snort.rules > [ firstboot mkfs.ext3 rpcd [[ free mkfs.ext4 schedtool arping fsck.ext2 mkfs.fat scp ash fsck.ext3 mkfs.msdos sed askfirst fsck.ext4 mkfs.vfat seq awk fsck.fat mknod sh basename fsck.msdos mkswap signify block fsck.vfat mktemp sigtool board_detect fsync modinfo sleep brctl fw3 modprobe snapshot bunzip2 fw_upgrade mount snapshot_tool busybox grep mount_root snort bwm-ng gunzip mtd sort bzcat gzip mv squid cat halt named-checkconf squidclient chat head named-checkzone ssh chgrp hexdump nbtscan start-stop-daemon chmod host nc strings chown hostid netdiscover swapoff chroot hotplug-call netifd swapon clamav-config htop netstat switch_root clambc hwclock nfnl_osf sync clamconf id nice sysctl clamd ifconfig nmap sysupgrade clamdscan ifdown nslookup tail clamscan ifstatus nsupdate tar clear ifup ntpclient tc cmp init ntpd tcpdump config_generate insmod ntpd-hotplug tee conntrack ip odhcp6c telnet conntrackd ip6tables odhcpd telnetd counter ip6tables-restore odhcpd-update test cp ip6tables-save openssl time crond ipaddr openvpn top crontab ipcalc.sh opkg touch csamd iplink opkg-key tr curl iproute passwd traceroute cut iprule pgrep true daq-modules-config ipsec pidof u2boat date iptables ping u2spewfoo dbclient iptables-restore ping6 ubus dd iptables-save pivot_root ubusd devmem iptables-xml pki uci devstatus iptunnel poweroff udevtrigger df jffs2mark pppd udhcpc dig jffs2reset pppdump uhttpd dirname jshn pppoe-discovery umount dmesg jsonfilter pppstats uname dnet kill printf uniq dnsmasq killall privoxy uptime dnssec-keygen kmodloader procd usign dnssec-signzone led.sh ps validate_data dosfsck less purge vconfig dropbear libnet-config pwd vi dropbearkey ln px5g vnstat du lock qos-start vnstatd e2fsck logd qos-stat vnstati ebtables logger qos-stop wc ebtables-restore login.sh readlink wget ebtables-save logread reboot wget-ssl echo ls relayd which env lsmod reload_config whois ethtool lua reset wifi ettercap luci-bwc resolveip wrtbwmon etterfilter luci-reload rm xargs etterlog md5sum rmdir xtables-multi expr mkdir rmmod yes false mke2fs rndc zcat fdisk mkfifo rndc-confgen find mkfs.ext2 route > sleep 3 > [ firstboot mkfs.ext3 rpcd [[ free mkfs.ext4 schedtool arping fsck.ext2 mkfs.fat scp ash fsck.ext3 mkfs.msdos sed askfirst fsck.ext4 mkfs.vfat seq awk fsck.fat mknod sh basename fsck.msdos mkswap signify block fsck.vfat mktemp sigtool board_detect fsync modinfo sleep brctl fw3 modprobe snapshot bunzip2 fw_upgrade mount snapshot_tool busybox grep mount_root snort bwm-ng gunzip mtd sort bzcat gzip mv squid cat halt named-checkconf squidclient chat head named-checkzone ssh chgrp hexdump nbtscan start-stop-daemon chmod host nc strings chown hostid netdiscover swapoff chroot hotplug-call netifd swapon clamav-config htop netstat switch_root clambc hwclock nfnl_osf sync clamconf id nice sysctl clamd ifconfig nmap sysupgrade clamdscan ifdown nslookup tail clamscan ifstatus nsupdate tar clear ifup ntpclient tc cmp init ntpd tcpdump config_generate insmod ntpd-hotplug tee conntrack ip odhcp6c telnet conntrackd ip6tables odhcpd telnetd counter ip6tables-restore odhcpd-update test cp ip6tables-save openssl time crond ipaddr openvpn top crontab ipcalc.sh opkg touch csamd iplink opkg-key tr curl iproute passwd traceroute cut iprule pgrep true daq-modules-config ipsec pidof u2boat date iptables ping u2spewfoo dbclient iptables-restore ping6 ubus dd iptables-save pivot_root ubusd devmem iptables-xml pki uci devstatus iptunnel poweroff udevtrigger df jffs2mark pppd udhcpc dig jffs2reset pppdump uhttpd dirname jshn pppoe-discovery umount dmesg jsonfilter pppstats uname dnet kill printf uniq dnsmasq killall privoxy uptime dnssec-keygen kmodloader procd usign dnssec-signzone led.sh ps validate_data dosfsck less purge vconfig dropbear libnet-config pwd vi dropbearkey ln px5g vnstat du lock qos-start vnstatd e2fsck logd qos-stat vnstati ebtables logger qos-stop wc ebtables-restore login.sh readlink wget ebtables-save logread reboot wget-ssl echo ls relayd which env lsmod reload_config whois ethtool lua reset wifi ettercap luci-bwc resolveip wrtbwmon etterfilter luci-reload rm xargs etterlog md5sum rmdir xtables-multi expr mkdir rmmod yes false mke2fs rndc zcat fdisk mkfifo rndc-confgen find mkfs.ext2 route > /etc/init.d/snort restart > [ firstboot mkfs.ext3 rpcd [[ free mkfs.ext4 schedtool arping fsck.ext2 mkfs.fat scp ash fsck.ext3 mkfs.msdos sed askfirst fsck.ext4 mkfs.vfat seq awk fsck.fat mknod sh basename fsck.msdos mkswap signify block fsck.vfat mktemp sigtool board_detect fsync modinfo sleep brctl fw3 modprobe snapshot bunzip2 fw_upgrade mount snapshot_tool busybox grep mount_root snort bwm-ng gunzip mtd sort bzcat gzip mv squid cat halt named-checkconf squidclient chat head named-checkzone ssh chgrp hexdump nbtscan start-stop-daemon chmod host nc strings chown hostid netdiscover swapoff chroot hotplug-call netifd swapon clamav-config htop netstat switch_root clambc hwclock nfnl_osf sync clamconf id nice sysctl clamd ifconfig nmap sysupgrade clamdscan ifdown nslookup tail clamscan ifstatus nsupdate tar clear ifup ntpclient tc cmp init ntpd tcpdump config_generate insmod ntpd-hotplug tee conntrack ip odhcp6c telnet conntrackd ip6tables odhcpd telnetd counter ip6tables-restore odhcpd-update test cp ip6tables-save openssl time crond ipaddr openvpn top crontab ipcalc.sh opkg touch csamd iplink opkg-key tr curl iproute passwd traceroute cut iprule pgrep true daq-modules-config ipsec pidof u2boat date iptables ping u2spewfoo dbclient iptables-restore ping6 ubus dd iptables-save pivot_root ubusd devmem iptables-xml pki uci devstatus iptunnel poweroff udevtrigger df jffs2mark pppd udhcpc dig jffs2reset pppdump uhttpd dirname jshn pppoe-discovery umount dmesg jsonfilter pppstats uname dnet kill printf uniq dnsmasq killall privoxy uptime dnssec-keygen kmodloader procd usign dnssec-signzone led.sh ps validate_data dosfsck less purge vconfig dropbear libnet-config pwd vi dropbearkey ln px5g vnstat du lock qos-start vnstatd e2fsck logd qos-stat vnstati ebtables logger qos-stop wc ebtables-restore login.sh readlink wget ebtables-save logread reboot wget-ssl echo ls relayd which env lsmod reload_config whois ethtool lua reset wifi ettercap luci-bwc resolveip wrtbwmon etterfilter luci-reload rm xargs etterlog md5sum rmdir xtables-multi expr mkdir rmmod yes false mke2fs rndc zcat fdisk mkfifo rndc-confgen find mkfs.ext2 route > sleep 2 > fi Restarting SNORT service root@Shield:~# root@Shield:~# # update last-update date root@Shield:~# date > /.do_date root@Shield:~# root@Shield:~# # umounts the ramdisk so freeing up memory. root@Shield:~# umount /mnt/ramdisk