Search
j0ke.net Open Build Service
>
Projects
>
ha
:
firewall
>
snortsam
> snortsam-suse-iptables-path.patch
Sign Up
|
Log In
Username
Password
Cancel
Overview
Repositories
Revisions
Requests
Users
Advanced
Attributes
Meta
File snortsam-suse-iptables-path.patch of Package snortsam
--- snortsam/src/ssp_iptables.c.orig 2013-02-07 08:12:06.052122486 +0100 +++ snortsam/src/ssp_iptables.c 2013-02-07 08:12:45.748116713 +0100 @@ -109,7 +109,7 @@ /*Nuevo*/ char iptcmd1[255],iptcmd4[255]; #ifdef SAVETABLES - const char savecmd[]="/sbin/iptables-save -c > /etc/sysconfig/iptables"; + const char savecmd[]="/usr/sbin/iptables-save -c > /etc/sysconfig/iptables"; #endif #ifdef FWSAMDEBUG @@ -131,14 +131,14 @@ { case FWSAM_HOW_IN: /* Assemble command */ if (snprintf(iptcmd,sizeof(iptcmd)-1, - "/sbin/iptables -I FORWARD -i %s -s %s -j DROP", + "/usr/sbin/iptables -I FORWARD -i %s -s %s -j DROP", iptp->iface, inettoa(bd->blockip)) >= sizeof(iptcmd)) { snprintf(msg,sizeof(msg)-1,"Error: Command %s is too long", iptcmd); logmessage(1,msg,"iptables",0); return; } if (snprintf(iptcmd2,sizeof(iptcmd2)-1, - "/sbin/iptables -I INPUT -i %s -s %s -j DROP", + "/usr/sbin/iptables -I INPUT -i %s -s %s -j DROP", iptp->iface, inettoa(bd->blockip)) >= sizeof(iptcmd2)) { snprintf(msg,sizeof(msg)-1,"Error: Command2 %s is too long", iptcmd2); logmessage(1,msg,"iptables",0); @@ -148,14 +148,14 @@ case FWSAM_HOW_OUT: /* Assemble command */ if (snprintf(iptcmd,sizeof(iptcmd)-1, - "/sbin/iptables -I FORWARD -i %s -d %s -j DROP", + "/usr/sbin/iptables -I FORWARD -i %s -d %s -j DROP", iptp->iface, inettoa(bd->blockip)) >= sizeof(iptcmd)) { snprintf(msg,sizeof(msg)-1,"Error: Command %s is too long", iptcmd); logmessage(1,msg,"iptables",0); return; } if (snprintf(iptcmd2,sizeof(iptcmd2)-1, - "/sbin/iptables -I INPUT -i %s -d %s -j DROP", + "/usr/sbin/iptables -I INPUT -i %s -d %s -j DROP", iptp->iface, inettoa(bd->blockip)) >= sizeof(iptcmd2)) { snprintf(msg,sizeof(msg)-1,"Error: Command2 %s is too long", iptcmd2); logmessage(1,msg,"iptables",0); @@ -165,18 +165,18 @@ case FWSAM_HOW_INOUT: /* Assemble command - block src*/ if ((snprintf(iptcmd,sizeof(iptcmd)-1, - "/sbin/iptables -I FORWARD -i %s -s %s -j DROP", + "/usr/sbin/iptables -I FORWARD -i %s -s %s -j DROP", iptp->iface, inettoa(bd->blockip)) >= sizeof(iptcmd)) || (snprintf(iptcmd1,sizeof(iptcmd1)-1, - "/sbin/iptables -I FORWARD -i %s -d %s -j DROP", + "/usr/sbin/iptables -I FORWARD -i %s -d %s -j DROP", iptp->iface, inettoa(bd->blockip)) >= sizeof(iptcmd1))) { snprintf(msg,sizeof(msg)-1,"Error: Command %s is too long", iptcmd); logmessage(1,msg,"iptables",0); return; } if ((snprintf(iptcmd2,sizeof(iptcmd2)-1, - "/sbin/iptables -I INPUT -i %s -s %s -j DROP", + "/usr/sbin/iptables -I INPUT -i %s -s %s -j DROP", iptp->iface, inettoa(bd->blockip)) >= sizeof(iptcmd2)) || (snprintf(iptcmd4,sizeof(iptcmd4)-1, - "/sbin/iptables -I INPUT -i %s -d %s -j DROP", + "/usr/sbin/iptables -I INPUT -i %s -d %s -j DROP", iptp->iface, inettoa(bd->blockip)) >= sizeof(iptcmd4))) { snprintf(msg,sizeof(msg)-1,"Error: Command2 %s is too long", iptcmd2); logmessage(1,msg,"iptables",0); @@ -186,14 +186,14 @@ case FWSAM_HOW_THIS: /* Assemble command */ if (snprintf(iptcmd,sizeof(iptcmd)-1, - "/sbin/iptables -I FORWARD -i %s -s %s -d %s -p %d --dport %d -j DROP", + "/usr/sbin/iptables -I FORWARD -i %s -s %s -d %s -p %d --dport %d -j DROP", iptp->iface, inettoa(bd->blockip), inettoa(bd->peerip), bd->proto, bd->port) >= sizeof(iptcmd)) { snprintf(msg,sizeof(msg)-1,"Error: Command %s is too long", iptcmd); logmessage(1,msg,"iptables",0); return; } if (snprintf(iptcmd2,sizeof(iptcmd2)-1, - "/sbin/iptables -I INPUT -i %s -s %s -d %s -p %d --dport %d -j DROP", + "/usr/sbin/iptables -I INPUT -i %s -s %s -d %s -p %d --dport %d -j DROP", iptp->iface, inettoa(bd->blockip), inettoa(bd->peerip), bd->proto, bd->port) >= sizeof(iptcmd2)) { snprintf(msg,sizeof(msg)-1,"Error: Command2 %s is too long", iptcmd2); logmessage(1,msg,"iptables",0); @@ -210,14 +210,14 @@ { case FWSAM_HOW_IN: /* Assemble command */ if (snprintf(iptcmd,sizeof(iptcmd)-1, - "/sbin/iptables -D FORWARD -i %s -s %s -j DROP", + "/usr/sbin/iptables -D FORWARD -i %s -s %s -j DROP", iptp->iface, inettoa(bd->blockip)) >= sizeof(iptcmd)) { snprintf(msg,sizeof(msg)-1,"Error: Command %s is too long", iptcmd); logmessage(1,msg,"iptables",0); return; } if (snprintf(iptcmd2,sizeof(iptcmd2)-1, - "/sbin/iptables -D INPUT -i %s -s %s -j DROP", + "/usr/sbin/iptables -D INPUT -i %s -s %s -j DROP", iptp->iface, inettoa(bd->blockip)) >= sizeof(iptcmd2)) { snprintf(msg,sizeof(msg)-1,"Error: Command2 %s is too long", iptcmd2); logmessage(1,msg,"iptables",0); @@ -227,14 +227,14 @@ case FWSAM_HOW_OUT: /* Assemble command */ if (snprintf(iptcmd,sizeof(iptcmd)-1, - "/sbin/iptables -D FORWARD -i %s -d %s -j DROP", + "/usr/sbin/iptables -D FORWARD -i %s -d %s -j DROP", iptp->iface, inettoa(bd->blockip)) >= sizeof(iptcmd)) { snprintf(msg,sizeof(msg)-1,"Error: Command %s is too long", iptcmd); logmessage(1,msg,"iptables",0); return; } if (snprintf(iptcmd2,sizeof(iptcmd2)-1, - "/sbin/iptables -D INPUT -i %s -d %s -j DROP", + "/usr/sbin/iptables -D INPUT -i %s -d %s -j DROP", iptp->iface, inettoa(bd->blockip)) >= sizeof(iptcmd2)) { snprintf(msg,sizeof(msg)-1,"Error: Command2 %s is too long", iptcmd2); logmessage(1,msg,"iptables",0); @@ -244,18 +244,18 @@ case FWSAM_HOW_INOUT: /* Assemble command - block src*/ if ((snprintf(iptcmd,sizeof(iptcmd)-1, - "/sbin/iptables -D FORWARD -i %s -s %s -j DROP", + "/usr/sbin/iptables -D FORWARD -i %s -s %s -j DROP", iptp->iface, inettoa(bd->blockip)) >= sizeof(iptcmd)) || (snprintf(iptcmd1,sizeof(iptcmd1)-1, - "/sbin/iptables -D FORWARD -i %s -d %s -j DROP", + "/usr/sbin/iptables -D FORWARD -i %s -d %s -j DROP", iptp->iface, inettoa(bd->blockip)) >= sizeof(iptcmd1))) { snprintf(msg,sizeof(msg)-1,"Error: Command %s is too long", iptcmd); logmessage(1,msg,"iptables",0); return; } if ((snprintf(iptcmd2,sizeof(iptcmd2)-1, - "/sbin/iptables -D INPUT -i %s -s %s -j DROP", + "/usr/sbin/iptables -D INPUT -i %s -s %s -j DROP", iptp->iface, inettoa(bd->blockip)) >= sizeof(iptcmd2)) || (snprintf(iptcmd4,sizeof(iptcmd4)-1, - "/sbin/iptables -D INPUT -i %s -d %s -j DROP", + "/usr/sbin/iptables -D INPUT -i %s -d %s -j DROP", iptp->iface, inettoa(bd->blockip)) >= sizeof(iptcmd4))) { snprintf(msg,sizeof(msg)-1,"Error: Command2 %s is too long", iptcmd2); logmessage(1,msg,"iptables",0); @@ -265,14 +265,14 @@ case FWSAM_HOW_THIS: /* Assemble command */ if (snprintf(iptcmd,sizeof(iptcmd)-1, - "/sbin/iptables -D FORWARD -i %s -s %s -d %s -p %d --dport %d -j DROP", + "/usr/sbin/iptables -D FORWARD -i %s -s %s -d %s -p %d --dport %d -j DROP", iptp->iface, inettoa(bd->blockip), inettoa(bd->peerip), bd->proto, bd->port) >= sizeof(iptcmd)) { snprintf(msg,sizeof(msg)-1,"Error: Command %s is too long", iptcmd); logmessage(1,msg,"iptables",0); return; } if (snprintf(iptcmd2,sizeof(iptcmd2)-1, - "/sbin/iptables -D INPUT -i %s -s %s -d %s -p %d --dport %d -j DROP", + "/usr/sbin/iptables -D INPUT -i %s -s %s -d %s -p %d --dport %d -j DROP", iptp->iface, inettoa(bd->blockip), inettoa(bd->peerip), bd->proto, bd->port) >= sizeof(iptcmd)) { snprintf(msg,sizeof(msg)-1,"Error: Command2 %s is too long", iptcmd2); logmessage(1,msg,"iptables",0);