Alex-Devera/tpotce
1
0
Fork 0
mirror of https://github.com/telekom-security/tpotce.git synced 2025-04-28 11:18:51 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Merge pull request #818 from trixam/suricata-updatescript

Browse source 
Update update.sh
This commit is contained in:
Marco Ochse 2021-05-03 14:43:01 +02:00 committed by GitHub
commit 12c4308b89
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 19 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

17
docker/suricata/dist/update.sh vendored
View file

@ -40,3 +40,20 @@ if [ "$myCHECK" == "0" ];
else else
echo "/etc/suricata/null.bpf" echo "/etc/suricata/null.bpf"
fi fi
# Download rules via URL
if [ "$FROMURL" != "" ] ; then
SAVEIFS=$IFS ; IFS='|'
for URL in $FROMURL; do
if [ $(curl -I --silent --output /dev/null --write-out "%{http_code}" "$URL") -eq 200 ] ; then
rm -rf /tmp/*
curl "$URL" -o /tmp/rules.tar.gz
tar -xvf /tmp/rules.tar.gz -C /tmp
suricata-update --local /tmp/rules --no-test
rm -rf /tmp/*
else
continue
fi
done
IFS=$SAVEIFS
fi

2
etc/compose/sensor.yml
View file

@ -498,6 +498,8 @@ services:
environment: environment:
# For ET Pro ruleset replace "OPEN" with your OINKCODE # For ET Pro ruleset replace "OPEN" with your OINKCODE
- OINKCODE=OPEN - OINKCODE=OPEN
# Loading externel Rules from URL
# - FROMURL="https://username:password@yoururl.com|https://username:password@otherurl.com"
network_mode: "host" network_mode: "host"
cap_add: cap_add:
- NET_ADMIN - NET_ADMIN