[Snort-users] I have written a Linux shell script to enable all Snort rules which were commented out

Teo En Ming teo.en.ming at ...11827...
Mon Apr 7 18:04:52 EDT 2014


Dear List,

Originally, I had wanted to use Pulled Pork to enable all Snort rules which
were commented out/disabled. But there is no comprehensive guide/manual on
Pulled Pork which covers every step. So I thought better and decided to
write a very simple Linux shell script to un-comment/enable all the Snort
rules which were commented out/disabled. The source code only consists of a
few lines.

===Start of Linux Shell Script===
#!/bin/sh
# Linux shell script: enable-all-snort-rules.sh
# Written by: Teo En Ming
# Email: teo.en.ming at ...11827...
# Date: 8 April 2014 Tuesday 5:17 A.M. Singapore Time
# Version: 1.0

RULE_PATH=/etc/snort/rules

cd $RULE_PATH

for i in `ls -1 $RULE_PATH`
do
      echo "Enabling all Snort rules in $i"
      sed -i 's/^# //g' $i
done
===End of Linux Shell Script===

Use the program at your own risk! I assume no responsibility if you screw
up your Snort installation. I tried to un-comment all the Snort rules and
Snort couldn't start. Some enabled rules are preventing Snort from
starting. Somebody please advise.

Regards,

Teo En Ming
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20140408/69ba8524/attachment.html>


More information about the Snort-users mailing list