@@ -0,0 +1,159 @@
+--- snortsam/src/ssp_iptables.c.orig 2013-02-07 08:12:06.052122486 +0100
++++ snortsam/src/ssp_iptables.c 2013-02-07 08:12:45.748116713 +0100
+@@ -109,7 +109,7 @@
+ /*Nuevo*/
+ char iptcmd1[255],iptcmd4[255];
+ #ifdef SAVETABLES
+- const char savecmd[]="/sbin/iptables-save -c > /etc/sysconfig/iptables";
++ const char savecmd[]="/usr/sbin/iptables-save -c > /etc/sysconfig/iptables";
+ #endif
+
+ #ifdef FWSAMDEBUG
+@@ -131,14 +131,14 @@
+ { case FWSAM_HOW_IN:
+ /* Assemble command */
+ if (snprintf(iptcmd,sizeof(iptcmd)-1,
+- "/sbin/iptables -I FORWARD -i %s -s %s -j DROP",
++ "/usr/sbin/iptables -I FORWARD -i %s -s %s -j DROP",
+ iptp->iface, inettoa(bd->blockip)) >= sizeof(iptcmd)) {
+ snprintf(msg,sizeof(msg)-1,"Error: Command %s is too long", iptcmd);
+ logmessage(1,msg,"iptables",0);
+ return;
+ }
+ if (snprintf(iptcmd2,sizeof(iptcmd2)-1,
+- "/sbin/iptables -I INPUT -i %s -s %s -j DROP",
++ "/usr/sbin/iptables -I INPUT -i %s -s %s -j DROP",
+ iptp->iface, inettoa(bd->blockip)) >= sizeof(iptcmd2)) {
+ snprintf(msg,sizeof(msg)-1,"Error: Command2 %s is too long", iptcmd2);
+ logmessage(1,msg,"iptables",0);
+@@ -148,14 +148,14 @@
+ case FWSAM_HOW_OUT:
+ /* Assemble command */
+ if (snprintf(iptcmd,sizeof(iptcmd)-1,
+- "/sbin/iptables -I FORWARD -i %s -d %s -j DROP",
++ "/usr/sbin/iptables -I FORWARD -i %s -d %s -j DROP",
+ iptp->iface, inettoa(bd->blockip)) >= sizeof(iptcmd)) {
+ snprintf(msg,sizeof(msg)-1,"Error: Command %s is too long", iptcmd);
+ logmessage(1,msg,"iptables",0);
+ return;
+ }
+ if (snprintf(iptcmd2,sizeof(iptcmd2)-1,
+- "/sbin/iptables -I INPUT -i %s -d %s -j DROP",
++ "/usr/sbin/iptables -I INPUT -i %s -d %s -j DROP",
+ iptp->iface, inettoa(bd->blockip)) >= sizeof(iptcmd2)) {
+ snprintf(msg,sizeof(msg)-1,"Error: Command2 %s is too long", iptcmd2);
+ logmessage(1,msg,"iptables",0);
+@@ -165,18 +165,18 @@
+ case FWSAM_HOW_INOUT:
+ /* Assemble command - block src*/
+ if ((snprintf(iptcmd,sizeof(iptcmd)-1,
+- "/sbin/iptables -I FORWARD -i %s -s %s -j DROP",
++ "/usr/sbin/iptables -I FORWARD -i %s -s %s -j DROP",
+ iptp->iface, inettoa(bd->blockip)) >= sizeof(iptcmd)) || (snprintf(iptcmd1,sizeof(iptcmd1)-1,
+- "/sbin/iptables -I FORWARD -i %s -d %s -j DROP",
++ "/usr/sbin/iptables -I FORWARD -i %s -d %s -j DROP",
+ iptp->iface, inettoa(bd->blockip)) >= sizeof(iptcmd1))) {
+ snprintf(msg,sizeof(msg)-1,"Error: Command %s is too long", iptcmd);
+ logmessage(1,msg,"iptables",0);
+ return;
+ }
+ if ((snprintf(iptcmd2,sizeof(iptcmd2)-1,
+- "/sbin/iptables -I INPUT -i %s -s %s -j DROP",
++ "/usr/sbin/iptables -I INPUT -i %s -s %s -j DROP",
+ iptp->iface, inettoa(bd->blockip)) >= sizeof(iptcmd2)) || (snprintf(iptcmd4,sizeof(iptcmd4)-1,
+- "/sbin/iptables -I INPUT -i %s -d %s -j DROP",
++ "/usr/sbin/iptables -I INPUT -i %s -d %s -j DROP",
+ iptp->iface, inettoa(bd->blockip)) >= sizeof(iptcmd4))) {
+ snprintf(msg,sizeof(msg)-1,"Error: Command2 %s is too long", iptcmd2);
+ logmessage(1,msg,"iptables",0);
+@@ -186,14 +186,14 @@
+ case FWSAM_HOW_THIS:
+ /* Assemble command */
+ if (snprintf(iptcmd,sizeof(iptcmd)-1,
+- "/sbin/iptables -I FORWARD -i %s -s %s -d %s -p %d --dport %d -j DROP",
++ "/usr/sbin/iptables -I FORWARD -i %s -s %s -d %s -p %d --dport %d -j DROP",
+ iptp->iface, inettoa(bd->blockip), inettoa(bd->peerip), bd->proto, bd->port) >= sizeof(iptcmd)) {
+ snprintf(msg,sizeof(msg)-1,"Error: Command %s is too long", iptcmd);
+ logmessage(1,msg,"iptables",0);
+ return;
+ }
+ if (snprintf(iptcmd2,sizeof(iptcmd2)-1,
+- "/sbin/iptables -I INPUT -i %s -s %s -d %s -p %d --dport %d -j DROP",
++ "/usr/sbin/iptables -I INPUT -i %s -s %s -d %s -p %d --dport %d -j DROP",
+ iptp->iface, inettoa(bd->blockip), inettoa(bd->peerip), bd->proto, bd->port) >= sizeof(iptcmd2)) {
+ snprintf(msg,sizeof(msg)-1,"Error: Command2 %s is too long", iptcmd2);
+ logmessage(1,msg,"iptables",0);
+@@ -210,14 +210,14 @@
+ { case FWSAM_HOW_IN:
+ /* Assemble command */
+ if (snprintf(iptcmd,sizeof(iptcmd)-1,
+- "/sbin/iptables -D FORWARD -i %s -s %s -j DROP",
++ "/usr/sbin/iptables -D FORWARD -i %s -s %s -j DROP",
+ iptp->iface, inettoa(bd->blockip)) >= sizeof(iptcmd)) {
+ snprintf(msg,sizeof(msg)-1,"Error: Command %s is too long", iptcmd);
+ logmessage(1,msg,"iptables",0);
+ return;
+ }
+ if (snprintf(iptcmd2,sizeof(iptcmd2)-1,
+- "/sbin/iptables -D INPUT -i %s -s %s -j DROP",
++ "/usr/sbin/iptables -D INPUT -i %s -s %s -j DROP",
+ iptp->iface, inettoa(bd->blockip)) >= sizeof(iptcmd2)) {
+ snprintf(msg,sizeof(msg)-1,"Error: Command2 %s is too long", iptcmd2);
+ logmessage(1,msg,"iptables",0);
+@@ -227,14 +227,14 @@
+ case FWSAM_HOW_OUT:
+ /* Assemble command */
+ if (snprintf(iptcmd,sizeof(iptcmd)-1,
+- "/sbin/iptables -D FORWARD -i %s -d %s -j DROP",
++ "/usr/sbin/iptables -D FORWARD -i %s -d %s -j DROP",
+ iptp->iface, inettoa(bd->blockip)) >= sizeof(iptcmd)) {
+ snprintf(msg,sizeof(msg)-1,"Error: Command %s is too long", iptcmd);
+ logmessage(1,msg,"iptables",0);
+ return;
+ }
+ if (snprintf(iptcmd2,sizeof(iptcmd2)-1,
+- "/sbin/iptables -D INPUT -i %s -d %s -j DROP",
++ "/usr/sbin/iptables -D INPUT -i %s -d %s -j DROP",
+ iptp->iface, inettoa(bd->blockip)) >= sizeof(iptcmd2)) {
+ snprintf(msg,sizeof(msg)-1,"Error: Command2 %s is too long", iptcmd2);
+ logmessage(1,msg,"iptables",0);
+@@ -244,18 +244,18 @@
+ case FWSAM_HOW_INOUT:
+ /* Assemble command - block src*/
+ if ((snprintf(iptcmd,sizeof(iptcmd)-1,
+- "/sbin/iptables -D FORWARD -i %s -s %s -j DROP",
++ "/usr/sbin/iptables -D FORWARD -i %s -s %s -j DROP",
+ iptp->iface, inettoa(bd->blockip)) >= sizeof(iptcmd)) || (snprintf(iptcmd1,sizeof(iptcmd1)-1,
+- "/sbin/iptables -D FORWARD -i %s -d %s -j DROP",
++ "/usr/sbin/iptables -D FORWARD -i %s -d %s -j DROP",
+ iptp->iface, inettoa(bd->blockip)) >= sizeof(iptcmd1))) {
+ snprintf(msg,sizeof(msg)-1,"Error: Command %s is too long", iptcmd);
+ logmessage(1,msg,"iptables",0);
+ return;
+ }
+ if ((snprintf(iptcmd2,sizeof(iptcmd2)-1,
+- "/sbin/iptables -D INPUT -i %s -s %s -j DROP",
++ "/usr/sbin/iptables -D INPUT -i %s -s %s -j DROP",
+ iptp->iface, inettoa(bd->blockip)) >= sizeof(iptcmd2)) || (snprintf(iptcmd4,sizeof(iptcmd4)-1,
+- "/sbin/iptables -D INPUT -i %s -d %s -j DROP",
++ "/usr/sbin/iptables -D INPUT -i %s -d %s -j DROP",
+ iptp->iface, inettoa(bd->blockip)) >= sizeof(iptcmd4))) {
+ snprintf(msg,sizeof(msg)-1,"Error: Command2 %s is too long", iptcmd2);
+ logmessage(1,msg,"iptables",0);
+@@ -265,14 +265,14 @@
+ case FWSAM_HOW_THIS:
+ /* Assemble command */
+ if (snprintf(iptcmd,sizeof(iptcmd)-1,
+- "/sbin/iptables -D FORWARD -i %s -s %s -d %s -p %d --dport %d -j DROP",
++ "/usr/sbin/iptables -D FORWARD -i %s -s %s -d %s -p %d --dport %d -j DROP",
+ iptp->iface, inettoa(bd->blockip), inettoa(bd->peerip), bd->proto, bd->port) >= sizeof(iptcmd)) {
+ snprintf(msg,sizeof(msg)-1,"Error: Command %s is too long", iptcmd);
+ logmessage(1,msg,"iptables",0);
+ return;
+ }
+ if (snprintf(iptcmd2,sizeof(iptcmd2)-1,
+- "/sbin/iptables -D INPUT -i %s -s %s -d %s -p %d --dport %d -j DROP",
++ "/usr/sbin/iptables -D INPUT -i %s -s %s -d %s -p %d --dport %d -j DROP",
+ iptp->iface, inettoa(bd->blockip), inettoa(bd->peerip), bd->proto, bd->port) >= sizeof(iptcmd)) {
+ snprintf(msg,sizeof(msg)-1,"Error: Command2 %s is too long", iptcmd2);
+ logmessage(1,msg,"iptables",0);
|