2023-02-23 05:44:27 +00:00
|
|
|
#!/bin/bash
|
2023-02-22 16:49:54 +00:00
|
|
|
# Get DataDir location
|
|
|
|
DATA_DIR="/data"
|
|
|
|
case "$(ubnt-device-info firmware || true)" in
|
|
|
|
1*)
|
|
|
|
DATA_DIR="/mnt/data"
|
|
|
|
;;
|
|
|
|
2*)
|
|
|
|
DATA_DIR="/data"
|
|
|
|
;;
|
|
|
|
3*)
|
|
|
|
DATA_DIR="/data"
|
|
|
|
;;
|
|
|
|
*)
|
|
|
|
echo "ERROR: No persistent storage found." 1>&2
|
|
|
|
exit 1
|
|
|
|
;;
|
|
|
|
esac
|
2020-08-27 09:46:17 +00:00
|
|
|
|
2023-02-22 16:49:54 +00:00
|
|
|
# Check if the directory exists
|
|
|
|
if [ ! -d "${DATA_DIR}/suricata-rules" ]; then
|
|
|
|
# If it does not exist, create the directory
|
|
|
|
mkdir -p "${DATA_DIR}/suricata-rules"
|
|
|
|
echo "Directory '${DATA_DIR}/suricata-rules' created."
|
|
|
|
else
|
|
|
|
# If it already exists, print a message
|
|
|
|
echo "Directory '${DATA_DIR}/suricata-rules' already exists. Moving on."
|
|
|
|
fi
|
2020-08-27 09:46:17 +00:00
|
|
|
APP_PID="/run/suricata.pid"
|
|
|
|
|
2023-02-22 16:49:54 +00:00
|
|
|
cat <<"EOF" >/tmp/suricata.sh
|
2023-02-23 05:44:27 +00:00
|
|
|
#!/bin/bash
|
2023-02-22 16:49:54 +00:00
|
|
|
CUSTOM_RULES="${DATA_DIR}/suricata-rules"
|
2020-08-27 09:46:17 +00:00
|
|
|
|
2020-09-30 04:24:33 +00:00
|
|
|
for file in $(find ${CUSTOM_RULES} -name '*.rules' -print)
|
2020-08-27 09:46:17 +00:00
|
|
|
do
|
2020-09-30 04:24:33 +00:00
|
|
|
if [ -f "${file}" ]; then
|
|
|
|
bname=$(basename ${file})
|
|
|
|
cp "${file}" "/run/ips/rules/${bname}"
|
|
|
|
# Check if the existing filename is already in the rules.yaml based upon a previous update
|
|
|
|
grep -wq "${bname}" /run/ips/config/rules.yaml
|
|
|
|
# Don't add twice if it is in the file already
|
|
|
|
if [ $? -ne 0 ]; then
|
|
|
|
echo " - ${bname}" >> /run/ips/config/rules.yaml
|
|
|
|
fi
|
2020-08-27 09:46:17 +00:00
|
|
|
fi
|
|
|
|
done
|
|
|
|
CONTAINER=suricata
|
2020-09-30 04:24:33 +00:00
|
|
|
if podman container exists ${CONTAINER}; then
|
|
|
|
podman rm -f ${CONTAINER}
|
2020-08-27 09:46:17 +00:00
|
|
|
fi
|
2020-09-30 04:24:33 +00:00
|
|
|
podman run --network=host --privileged --name ${CONTAINER} --rm -it -v /run:/var/run/ -v /run:/run -v /usr/share/ubios-udapi-server/ips/:/usr/share/ubios-udapi-server/ips/ jasonish/suricata:5.0.3-arm64v8 /usr/bin/suricata "$@"
|
|
|
|
|
|
|
|
EOF
|
2020-08-27 09:46:17 +00:00
|
|
|
|
|
|
|
chmod +x /tmp/suricata.sh
|
|
|
|
cp /usr/bin/suricata /tmp/suricata.backup # In case you want to move back without rebooting
|
|
|
|
ln -f -s /tmp/suricata.sh /usr/bin/suricata
|
|
|
|
|
|
|
|
if [ ! -z "$APP_PID" ]; then
|
|
|
|
killall -9 suricata
|
|
|
|
rm -f APP_PID
|
2020-09-30 04:24:33 +00:00
|
|
|
fi
|