config is in snort 2.9.7.0-5build1.
This file is a maintainer script. It is executed when installing (*inst) or removing (*rm) the package.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 | #!/bin/sh -e
. /usr/share/debconf/confmodule
test $DEBIAN_SCRIPT_DEBUG && set -v -x
INTERFACES=""
if [ -r /etc/snort/snort.debian.conf ] ; then
. /etc/snort/snort.debian.conf
# Set the variables in debconf using the configuration values
# (if defined)
[ ! -z "$DEBIAN_SNORT_STARTUP" ] && { db_set snort/startup "$DEBIAN_SNORT_STARTUP"; db_fset snort/startup seen true ; }
[ ! -z "$DEBIAN_SNORT_HOME_NET" ] && { db_set snort/address_range "$DEBIAN_SNORT_HOME_NET"; db_fset snort/address_range seen true ; }
if [ ! -z "$DEBIAN_SNORT_OPTIONS" ] ; then
# Remove the -p option wich is added in postinst due to the 'DISABLE_PROMISCUOUS' debconf option
DEBIAN_SNORT_OPTIONS=`echo "$DEBIAN_SNORT_OPTIONS" | sed -e 's/ -p$//'`
db_get snort/reverse_order
if [ "x$RET" = "xyes" ]; then
# Remove the -o option which was introduced by Debconf
# (snort/reverse_order) in versions previous to 2.8.5.2-2
DEBIAN_SNORT_OPTIONS=`echo "$DEBIAN_SNORT_OPTIONS" | sed -e 's/ -o$//'`
fi
db_set snort/options "$DEBIAN_SNORT_OPTIONS"
db_fset snort/options seen true
fi
[ ! -z "$DEBIAN_SNORT_INTERFACE" ] && { db_set snort/interface "$DEBIAN_SNORT_INTERFACE"; db_fset snort/interface seen true ; }
[ ! -z "$DEBIAN_SNORT_SEND_STATS" ] && { db_set snort/send_stats "$DEBIAN_SNORT_SEND_STATS"; db_fset snort/send_stats seen true ; }
[ ! -z "$DEBIAN_SNORT_STATS_RCPT" ] && { db_set snort/stats_rcpt "$DEBIAN_SNORT_STATS_RCPT" ; db_fset snort/stats_rcpt seen true ; }
[ ! -z "$DEBIAN_SNORT_STATS_THRESHOLD" ] && { db_set snort/stats_treshold "$DEBIAN_SNORT_STATS_THRESHOLD"; db_fset snort/stats_treshold seen true ; }
fi
check_interfaces() {
# Check the interface status, abort with error if one is configured but it
# is not available
[ -z "$INTERFACES" ] && return 0
ints=`echo $INTERFACES | sed -e 's/,/ /g'`
for iface in $ints; do
if ! LC_ALL=C ifconfig "$iface" 2>/dev/null | grep -w UP >/dev/null; then
return 1
fi
done
return 0
}
db_input low snort/startup || true
db_go
# /etc/ppp/ip-up.d/snort is called with interface and IP number
db_get snort/startup
if [ "x$RET" = "xdialup" ]; then
db_set snort/interface ""
db_set snort/address_range ""
db_set snort/disable_promiscuous true
else
db_beginblock
# Interface default in case the configuration file does not exist
if [ -z "$DEBIAN_SNORT_INTERFACE" ] ; then
INTERFACES=eth0
else
INTERFACES="$DEBIAN_SNORT_INTERFACE"
fi
# Ask for a valid set of interfaces
ok=''
count=0
while [ ! "$ok" ] && [ "$count" -lt 2 ]; do
# Depending on whether the default interface is up or down we set the
# question priority
priority='medium'
if ! check_interfaces
then
priority='high'
db_fset snort/interface seen false
fi
set +e
db_input $priority snort/interface
if [ $? -eq 30 ]; then
# User is not being shown the question, break out
break
fi
set -e
db_go || true
# Check the interfaces
db_get snort/interface
INTERFACES=$RET
if ! check_interfaces ; then
db_fset snort/invalid_interface seen false
db_input critical snort/invalid_interface
else
ok='yes'
fi
# Increment the count, we only go through this two times
count=$(($count+1))
done
db_input high snort/address_range || true
db_input low snort/disable_promiscuous || true
db_endblock
db_go
fi
db_beginblock
db_input low snort/options || true
db_endblock
db_go
db_beginblock
db_input low snort/send_stats || true
db_go
db_get snort/send_stats
if [ "x$RET" = "xtrue" ]; then
# TODO: This values should not be empty (even
# if we default to 'root' and '1' in the scripts)
# so the config script should check wether the
# values here are legitimate.
db_beginblock
db_input medium snort/stats_rcpt || true
db_input low snort/stats_treshold || true
db_endblock
db_go
fi
DEFAULT=/etc/default/snort
PARAMETERS=/etc/snort/snort.common.parameters
if [ -e "$DEFAULT" ] && [ -e "$PARAMETERS" ] ; then
db_beginblock
db_input high snort/config_parameters || true
db_endblock
db_go
fi
db_get snort/startup
if [ "x$RET" = "xmanual" ]; then
db_beginblock
db_input medium snort/please_restart_manually || true
db_endblock
db_go
fi
db_stop
|