From mboxrd@z Thu Jan  1 00:00:00 1970
From: Michael Tremer <michael.tremer@ipfire.org>
To: development@lists.ipfire.org
Subject:
 Re: [PATCH] core 130: Remove snort settings dir after convert has run.
Date: Mon, 18 Mar 2019 19:05:43 +0000
Message-ID: <064B3B73-4F78-44CF-AC18-1160635FFB23@ipfire.org>
In-Reply-To: <dc612a13b49e0de9ac4b0bea70c6f9b9b05489c5.camel@ipfire.org>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="===============1011470741618632337=="
List-Id: <development.lists.ipfire.org>

--===============1011470741618632337==
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

Hi,

I do not see why the converter does not take care of the removal. That would =
only be one place.

But I will merge this if you want me to.

-Michael

> On 18 Mar 2019, at 19:04, Stefan Schantl <stefan.schantl(a)ipfire.org> wrot=
e:
>=20
>> Almost?
>=20
> As long as the files are present, the settings will be converted. May
> in special cases if a user does something really weird may the
> converter will fail, but in this case I think it even would be better
> start a new clean IPS configuration.
>=20
>>=20
>> How is this directory removed when a backup was restored?
>>=20
>=20
> By the backup.pl script. It checks if after the backup a snort settings
> dir (/var/ipfire/snort) exists, launches the converter and afterwards
> deletes the directory.
>=20
> See:
>=20
> https://git.ipfire.org/?p=3Dipfire-2.x.git;a=3Dcommit;h=3D8c27372438dd26764=
8cba48b86d85a594f14be1c
>=20
>> -Michael
>>=20
>>> On 18 Mar 2019, at 18:56, Stefan Schantl <stefan.schantl(a)ipfire.org
>>>> wrote:
>>>=20
>>> Hello Michael,
>>>> Hi,
>>>>=20
>>>> What happens when the converter has failed? Is that a
>>>> possibility?
>>>=20
>>> There is almost no risk, that this would be happened.
>>>=20
>>> It contains checks if all corresponding files are present and will
>>> contain the settings from them - I do not see a case where any
>>> problems
>>> can be happen.
>>>=20
>>> Best regards,
>>>=20
>>> -Stefan
>>>=20
>>>> -Michael
>>>>=20
>>>>> On 18 Mar 2019, at 18:46, Stefan Schantl <
>>>>> stefan.schantl(a)ipfire.org
>>>>>> wrote:
>>>>>=20
>>>>> When all settings have been converted, the files and directory
>>>>> are
>>>>> not
>>>>> needed anymore.
>>>>>=20
>>>>> If they will be left and at a later time an backup will be
>>>>> restored, the
>>>>> converter will be started by the backup script again and would
>>>>> be
>>>>> restore those
>>>>> old snort settings and replace the current IPS settings.
>>>>>=20
>>>>> Signed-off-by: Stefan Schantl <stefan.schantl(a)ipfire.org>
>>>>> ---
>>>>> config/rootfiles/core/130/update.sh | 3 +++
>>>>> 1 file changed, 3 insertions(+)
>>>>>=20
>>>>> diff --git a/config/rootfiles/core/130/update.sh
>>>>> b/config/rootfiles/core/130/update.sh
>>>>> index d33321c32..f3dc0d85a 100644
>>>>> --- a/config/rootfiles/core/130/update.sh
>>>>> +++ b/config/rootfiles/core/130/update.sh
>>>>> @@ -74,6 +74,9 @@ ldconfig
>>>>> # Migrate snort configuration to suricata
>>>>> /usr/sbin/convert-snort
>>>>>=20
>>>>> +# Remove snort settings
>>>>> +rm -rvf /var/ipfire/snort
>>>>> +
>>>>> # Start services
>>>>> /etc/init.d/collectd restart
>>>>> /etc/init.d/firewall restart
>>>>> --=20
>>>>> 2.20.1
>>>>>=20


--===============1011470741618632337==--