Posted by Roadrunnere42 on Mar 04, 2016; 9:27pm
URL: https://itus.accessinnov.com/Update-script-fw-upgrade-tp43p286.html

Hans

Been playing with the fw_upgrade script gain It checks for new snort rules and also deletes new deleted snort rules, but im not sure if the command sed -i writes the whole file or just changes. I only want the changes so  as not to write whole file again, have you got any ideals?

echo "working on snort rules please wait... may take upto a minute"
        cat /mnt/ramdisk/*.rules > /mnt/ramdisk/alert.list
        sed -i 's/alert /drop /' /mnt/ramdisk/alert.list
        sed '/^\#/d' /mnt/ramdisk/alert.list >> /mnt/ramdisk/temp.rules
        sed '/^$/d' /mnt/ramdisk/temp.rules > /mnt/ramdisk/snort.rules

#grep -Fxvf  /etc/snort/rules/snort.rules /mnt/ramdisk/snort.rules >> /etc/snort/rules/snort.rules
#grep -Fxvf /mnt/ramdisk/snort.rules /etc/snort/rules/snort.rules >> /mnt/ramdisk/snortstage2.rules
#echo "Checking for deleted snort rules... may take some time"
#var1=wc -l /etc/snort/rules/snort.rules
#while read -r line || [[ -n "$line" ]]; do
#        sed -i '/$line/d' /etc/snort/rules/snort.rules
#     counter=$((counter+1))
#       echo $counter" rules  of "$var1
# done < /mnt/ramdisk/snortstage2.rules
#rm /mnt/ramdisk/snortstage2.rules
mv /mnt/ramdisk/snort.rules /etc/snort/rules/snort.rules


roadrunnere42