#!/bin/sh

# Add sudoers entries
#--------------------

/usr/sbin/addsudo /usr/bin/snortsam-state app-intrusion-prevention-core

# Implant Snortsam hook
#----------------------

if [ -e /etc/snort.conf ]; then
    CHECK=`grep "^output[[:space:]]*alert_fwsam:" /etc/snort.conf`
    if [ -z "$CHECK" ]; then 
        logger -p local6.notice -t installer "app-intrusion-prevention-core - adding hook to intrusion detection system"
        sed -i -e "s/^output[[:space:]]*\(.*\)/output \1\n\n\
# snortsam - intrusion prevention\n\
output alert_fwsam: 127.0.0.1/" /etc/snort.conf

        /sbin/service snort condrestart >/dev/null 2>&1
    fi
fi

# Add iptables parameter if missing (tracker #6741)
#--------------------------------------------------

if [ -e /etc/snortsam.conf ]; then
    CHECK=`grep "^iptables[[:space:]]*" /etc/snortsam.conf`
    if [ -z "$CHECK" ]; then
        logger -p local6.notice -t installer "app-intrusion-prevention-core - adding hook to intrusion detection system"
        sed -i -e "s/bindip 127.0.0.1/bindip 127.0.0.1\n\niptables eth0 syslog.info/" /etc/snortsam.conf

    fi
fi

# Trigger event to update the eth0 default to WAN interface(s)
/var/clearos/events/network_configuration/intrusion_prevention 2>&1

exit 0
