Skip to content
This repository has been archived by the owner. It is now read-only.

Fix ip2c in Squert #43

Closed
GoogleCodeExporter opened this issue Mar 24, 2015 · 5 comments
Closed

Fix ip2c in Squert #43

GoogleCodeExporter opened this issue Mar 24, 2015 · 5 comments

Comments

@GoogleCodeExporter
Copy link

@GoogleCodeExporter GoogleCodeExporter commented Mar 24, 2015

For ip2c.tcl to work you will need (these are all for TCL of course): 

   - Tclx, mysqltcl, uri, ftp, ftp::geturl, md5

Revert these two lines:
sed -i 's|//$ip2c = 'no';|$ip2c = 'no';|g' squert/config.php
sed -i 's|$ip2c = 'yes';|//$ip2c = 'yes';|g' squert/config.ph

Original issue reported on code.google.com by doug.bu...@gmail.com on 13 Nov 2010 at 3:48

@GoogleCodeExporter
Copy link
Author

@GoogleCodeExporter GoogleCodeExporter commented Mar 24, 2015

Created /etc/cron.d/squert-ip2c and packaged as securityonion-squert-cron:

# /etc/cron.d/squert-ip2c
#
# crontab entry to update SQueRT ip2c mappings

SHELL=/bin/sh
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin

*/5 * * * * root [ -d /var/lib/mysql/securityonion_db/ ] && /usr/bin/php -e 
/var/www/squert/.inc/ip2c.php 1 > /dev/null 2>&1

Original comment by doug.bu...@gmail.com on 19 Sep 2011 at 7:39

  • Changed state: Started
  • Added labels: ****
  • Removed labels: ****

Loading

@GoogleCodeExporter
Copy link
Author

@GoogleCodeExporter GoogleCodeExporter commented Mar 24, 2015

[deleted comment]

Loading

@GoogleCodeExporter
Copy link
Author

@GoogleCodeExporter GoogleCodeExporter commented Mar 24, 2015

Added the following to security-onion-upgrade.sh:

sed -i 's| |=|g' $CONF
source $CONF
if [ "$VERSION" = "20110919" ]; then
    NEW="20110920"
    echo "**********************************************"   | $LOGGER
    echo "* Upgrading from $VERSION to $NEW."       | $LOGGER
    echo "**********************************************"   | $LOGGER
    DIR="/nsm/backup/$NEW"
    mkdir -p $DIR                       | $LOGGER
    cd $DIR

    # Is this machine currently running a server?  If so, update the DB.
    if [ -d /var/lib/mysql/securityonion_db/ ]
    then
        echo "* Granting privileges to ip2c table"  | $LOGGER
        mysql -N -B --user=root -e "GRANT ALL PRIVILEGES ON securityonion_db.ip2c TO 'readonly'@'localhost';" | $LOGGER
        echo "* Populating the ip2c table"      | $LOGGER
        cd /var/www/squert/.scripts/Ip2c/
        ./ip2c.tcl                  | $LOGGER
    fi

    echo "* Installing cron job for updates"    | $LOGGER
    FILE='securityonion-squert-cron_20110920_i386.deb'
    wget -q http://sourceforge.net/projects/security-onion/files/$NEW/$FILE -O $FILE | $LOGGER
    dpkg -i $FILE                   | $LOGGER

    echo "* Installing new setup script"        | $LOGGER
    FILE='securityonion-setup_20110920_i386.deb'
    wget -q http://sourceforge.net/projects/security-onion/files/$NEW/$FILE -O $FILE | $LOGGER
    dpkg -i $FILE                   | $LOGGER

    sed -i "s|VERSION=$VERSION|VERSION=$NEW|g" $CONF    | $LOGGER
        echo "* Upgrade to $NEW complete."          | $LOGGER
    echo 
fi

Original comment by doug.bu...@gmail.com on 19 Sep 2011 at 7:41

  • Added labels: ****
  • Removed labels: ****

Loading

@GoogleCodeExporter
Copy link
Author

@GoogleCodeExporter GoogleCodeExporter commented Mar 24, 2015

Added the following to /usr/local/bin/setup in progress window when Squert is 
being configured:
mysql -N -B --user=root -e "GRANT ALL PRIVILEGES ON securityonion_db.ip2c TO 
'readonly'@'localhost';" | tee -a $LOG

Added the following to /usr/local/bin/setup at end of script we spawn ip2c.tcl 
since it may take a few minutes:
#########################################
# If this is a server, populate ip2c table
#########################################
if [ -d /var/lib/mysql/securityonion_db/ ]
then
    cd /var/www/squert/.scripts/Ip2c/
    ./ip2c.tcl &
    cd -
fi


Packaged /usr/local/bin/setup as securityonion-setup.

Original comment by doug.bu...@gmail.com on 20 Sep 2011 at 12:25

  • Changed state: Verified
  • Added labels: ****
  • Removed labels: ****

Loading

@GoogleCodeExporter
Copy link
Author

@GoogleCodeExporter GoogleCodeExporter commented Mar 24, 2015

Published:
http://securityonion.blogspot.com/2011/09/security-onion-20110920-now-available.
html

Original comment by doug.bu...@gmail.com on 20 Sep 2011 at 8:22

  • Added labels: ****
  • Removed labels: ****

Loading

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Projects
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
1 participant