+ barnyard2 perl-iptables-parse perl-unix-syslog psad pulledpork snort vuurmuur xtables-addons

author: aurelien <aurelien@cwb.io> 2012-11-22 10:59:05 +0100
committer: aurelien <aurelien@cwb.io> 2012-11-22 10:59:05 +0100
commit: f97ff910471fb3ae2c8ea69befecaae8cbf6dbea (patch)
tree: 297ea34dee3ae68d71ca4a5175d1d478ce69be76 /pcr/snort/snort.install
parent: 9cce2f098d5d77a2748952e1221127b9f0614566 (diff)
1 files changed, 26 insertions, 0 deletions
diff --git a/pcr/snort/snort.install b/pcr/snort/snort.install
new file mode 100644
index 000000000..673f22c6c
--- /dev/null
+++ b/pcr/snort/snort.install
@@ -0,0 +1,26 @@
+post_install() {
+  getent group snort >/dev/null || usr/sbin/groupadd -g 29 snort
+  getent passwd snort >/dev/null || usr/sbin/useradd -c 'Snort user' -u 29 -g snort -d /var/log/snort -s /bin/false snort
+  usr/bin/passwd -l snort &>/dev/null
+
+  [ -f var/log/snort/alert ] || : >var/log/snort/alert
+  chown snort.snort var/log/snort/ -R
+
+cat << _EOF  
+
+>>> You have to edit the HOME_NET variable in the /etc/snort/snort.conf file to reflect your local network.
+>>> If you do not change it, snort may not work.
+
+_EOF
+}
+
+post_upgrade() {
+  post_install $1
+}
+
+pre_remove() {
+  usr/sbin/userdel snort &>/dev/null
+  usr/sbin/groupdel snort &>/dev/null
+}
+
+# vim:set ts=2 sw=2 et:
author	aurelien <aurelien@cwb.io>	2012-11-22 10:59:05 +0100
committer	aurelien <aurelien@cwb.io>	2012-11-22 10:59:05 +0100
commit	f97ff910471fb3ae2c8ea69befecaae8cbf6dbea (patch)
tree	297ea34dee3ae68d71ca4a5175d1d478ce69be76 /pcr/snort/snort.install
parent	9cce2f098d5d77a2748952e1221127b9f0614566 (diff)