search

joanbono / Snorter

Snort + Barnyard2 + Pulledpork → The easy way!
https://joanbono.github.io/Snorter
GNU General Public License v3.0
165 stars 32 forks source link

Add enable_rules.sh into Snorter.sh #9

Closed joanbono closed 7 years ago

joanbono commented 7 years ago

Will add the enable_rules.sh into the Snorter.sh main script.

joanbono commented 7 years ago

Added enable_rules.sh into the Snorter.sh script.

now last_steps function looks like:

function last_steps() {

    echo -ne "\n\t${YELLOW}[!] IMPORTANT:${NOCOLOR} Would you like to enable ${BOLD}Emerging Threats${NOCOLOR} and ${BOLD}Community${NOCOLOR} rules? [Y/n] "

    read OPTION
    case "$OPTION" in 
        [yY][eE][sS]|[yY])
            echo "# Community and Emerging Rules enabled" >> /etc/snort/snort.conf
            for RULE in $(ls -l /etc/snort/rules/emerging-*.rules | awk '{print $9}'); do 
                echo "include $RULE" >> /etc/snort/snort.conf ; 
            done
            echo "include /etc/snort/rules/community.rules" >> /etc/snort/snort.conf
            sudo systemctl restart snort barnyard2
            echo -ne "\n\t${GREEN}[+] SUCCESS:${NOCOLOR} ${BOLD}Emerging Threats${NOCOLOR} and ${BOLD}Community${NOCOLOR} rules enabled\n\n"
            ;;
        *)
            echo -ne "\n\t${YELLOW}[!] IMPORTANT:${NOCOLOR} Edit your ${BOLD}/etc/snort/snort.conf${NOCOLOR} and enable the rules you need by uncomment the lines"
        echo -ne "\n\t${YELLOW}[!] EXAMPLE:${NOCOLOR} If you want to enable the ${BOLD}Exploit rules${NOCOLOR}, remove the ${RED}${BOLD}#${NOCOLOR}:"
        echo -ne "\n\t\t${RED}#${NOCOLOR}include \$RULE_PATH/exploit.rules ${GREEN}-->${NOCOLOR} include \$RULE_PATH/exploit.rules\n\n"
        ;;
    esac

}

FIXED