unifios-utilities/suricata/on_boot.d/25-suricata.sh

64 lines
1.7 KiB
Bash
Raw Normal View History

2023-02-23 05:44:27 +00:00
#!/bin/bash
# Get DataDir location
DATA_DIR="/data"
case "$(ubnt-device-info firmware || true)" in
1*)
DATA_DIR="/mnt/data"
;;
2*)
DATA_DIR="/data"
;;
3*)
DATA_DIR="/data"
;;
*)
echo "ERROR: No persistent storage found." 1>&2
exit 1
;;
esac
2020-08-27 09:46:17 +00:00
# Check if the directory exists
if [ ! -d "${DATA_DIR}/suricata-rules" ]; then
# If it does not exist, create the directory
mkdir -p "${DATA_DIR}/suricata-rules"
echo "Directory '${DATA_DIR}/suricata-rules' created."
else
# If it already exists, print a message
echo "Directory '${DATA_DIR}/suricata-rules' already exists. Moving on."
fi
2020-08-27 09:46:17 +00:00
APP_PID="/run/suricata.pid"
cat <<"EOF" >/tmp/suricata.sh
2023-02-23 05:44:27 +00:00
#!/bin/bash
CUSTOM_RULES="${DATA_DIR}/suricata-rules"
2020-08-27 09:46:17 +00:00
for file in $(find ${CUSTOM_RULES} -name '*.rules' -print)
2020-08-27 09:46:17 +00:00
do
if [ -f "${file}" ]; then
bname=$(basename ${file})
cp "${file}" "/run/ips/rules/${bname}"
# Check if the existing filename is already in the rules.yaml based upon a previous update
grep -wq "${bname}" /run/ips/config/rules.yaml
# Don't add twice if it is in the file already
if [ $? -ne 0 ]; then
echo " - ${bname}" >> /run/ips/config/rules.yaml
fi
2020-08-27 09:46:17 +00:00
fi
done
CONTAINER=suricata
if podman container exists ${CONTAINER}; then
podman rm -f ${CONTAINER}
2020-08-27 09:46:17 +00:00
fi
podman run --network=host --privileged --name ${CONTAINER} --rm -it -v /run:/var/run/ -v /run:/run -v /usr/share/ubios-udapi-server/ips/:/usr/share/ubios-udapi-server/ips/ jasonish/suricata:5.0.3-arm64v8 /usr/bin/suricata "$@"
EOF
2020-08-27 09:46:17 +00:00
chmod +x /tmp/suricata.sh
cp /usr/bin/suricata /tmp/suricata.backup # In case you want to move back without rebooting
ln -f -s /tmp/suricata.sh /usr/bin/suricata
if [ ! -z "$APP_PID" ]; then
killall -9 suricata
rm -f APP_PID
fi