Posted by Roadrunnere42 on Feb 10, 2016; 9:55pm
URL: https://itus.accessinnov.com/How-long-will-the-eMMC-flash-memory-last-on-our-shields-tp23p30.html

Hi user8446

That's a good point, what we need a someone who's good at scripting  to change the fw_upgrade script to,

1) download say the snort rules but only to ram
        curl -ko /tmp/botcc.portgrouped.rules https://rules.emergingthreats.net/open/snort-edge/rules/emerging-botcc.portgrouped.rules
        curl -ko /tmp/botcc.rules https://rules.emergingthreats.net/open/snort-edge/rules/emerging-botcc.rules
        curl -ko /tmp/ciarmy.rules https://rules.emergingthreats.net/open/snort-edge/rules/emerging-ciarmy.rules
        curl -ko /tmp/compromised.rules https://rules.emergingthreats.net/open/snort-edge/rules/emerging-compromised.rules
        curl -ko /tmp/dshield.rules https://rules.emergingthreats.net/open/snort-edge/rules/emerging-dshield.rules
        curl -ko /tmp/emerging-exploit.rules https://rules.emergingthreats.net/open/snort-edge/rules/emerging-exploit.rules
        curl -ko /tmp/emerging-malware.rules https://rules.emergingthreats.net/open/snort-edge/rules/emerging-malware.rules
        curl -ko /tmp/emerging-mobile_malware.rules https://rules.emergingthreats.net/open/snort-edge/rules/emerging-mobile_malware.rules
        curl -ko /tmp/emerging-user_agents.rules https://rules.emergingthreats.net/open/snort-edge/rules/emerging-user_agents.rules
        curl -ko /tmp/emerging-web_client.rules https://rules.emergingthreats.net/open/snort-edge/rules/emerging-web_client.rules
        curl -ko /tmp/emerging-worm.rules https://rules.emergingthreats.net/open/snort-edge/rules/emerging-worm.rules
        curl -ko /tmp/emerging-current_events.rules https://rules.emergingthreats.net/open/snort-edge/rules/emerging-current_events.rules

then run the 3 command below on the file that s in ram

sed -i 's/alert /drop /' alert.list
sed '/^\#/d' alert.list >> temp.rules
sed '/^$/d' temp.rules > snorttemp.rules

then check if the line exists in snort.rules that’s saved on the shield,if it does check the next line and so on. If the line does not then add it to snort.rules.

this could also be done for the ads and malicious rules, at present it have
206857 asd rules
76843 mailcious rules
4388 snort rules
these change daily sometimes going up then sometimes going down.
In the long team it will surely help save the eMMC.

Also the fw_update script should have a version number added so people would know what version they are using and what was changed, again the the short team it's fine but as time goes on it becomes hard to track with a version number.

Andy