Re: Rules tuning categories
Posted by Roadrunnere42 on Mar 04, 2016; 8:16am
URL: https://itus.accessinnov.com/Rules-tuning-categories-tp222p275.html
Hi
just modified the scrip so it removes all blank space from list, seem to work ok,
#!/bin/bash
EXCLUDE_RULES=/etc/snort/rules/exclude.rules
SNORT_RULES=/etc/snort/rules/snort.rules
# Remove all blank lines
sed -i '/^$/d' $EXCLUDE_RULES
# Remove all non-numeric entries
sed -i '/[^0-9]/d' $EXCLUDE_RULES
# Remove all blanks so gui accepts list properly (added by roadrunnere42)
sed -r 's/\s//g' $EXCLUDE_RULES
while read -r line || [[ -n "$line" ]]; do
sed -i '/sid:'$line'/d' $SNORT_RULES
done < $EXCLUDE_RULES
Hans maybe worth putting into hotfixes
roadrunnere42
URL: https://itus.accessinnov.com/Rules-tuning-categories-tp222p275.html
Hi
just modified the scrip so it removes all blank space from list, seem to work ok,
#!/bin/bash
EXCLUDE_RULES=/etc/snort/rules/exclude.rules
SNORT_RULES=/etc/snort/rules/snort.rules
# Remove all blank lines
sed -i '/^$/d' $EXCLUDE_RULES
# Remove all non-numeric entries
sed -i '/[^0-9]/d' $EXCLUDE_RULES
# Remove all blanks so gui accepts list properly (added by roadrunnere42)
sed -r 's/\s//g' $EXCLUDE_RULES
while read -r line || [[ -n "$line" ]]; do
sed -i '/sid:'$line'/d' $SNORT_RULES
done < $EXCLUDE_RULES
Hans maybe worth putting into hotfixes
roadrunnere42
| Free forum by Nabble | Edit this page |