- 论坛徽章:
- 2
|
本帖最后由 rdcwayx 于 2013-10-29 12:41 编辑
- preprocessor reputation: \
- memcap 500, \
- priority whitelist, \
- nested_ip inner, \
- whitelist $WHITE_LIST_PATH/white_list.rules, \
- blacklist $BLACK_LIST_PATH/black_list.rules
复制代码 以上是SNORT配置文件中的一段,我想用SHELL SCRIPTS 自动将它们注释掉,以下是我写的一段小程序:- #!/bin/bash
- file='/usr/local/snort/etc/snort.conf'
- for i in 'preprocessor reputation:' 'memcap 500,' 'priority whitelist,' 'nested_ip inner,' 'whitelist $WHITE_LIST_PATH/white_list.rules,' 'blacklist $BLACK_LIST_PATH/black_list.rules'
- do
- echo "$i"
- sed 's/"$i"/#"$i"/' $file > temp$ && mv temp$ $file
- grep "$i" $file
- done
复制代码 以下是输出结果- [root@master student]# bash test.sh
- preprocessor reputation:
- preprocessor reputation: \
- memcap 500,
- memcap 500, \
- priority whitelist,
- priority whitelist, \
- nested_ip inner,
- nested_ip inner, \
- whitelist $WHITE_LIST_PATH/white_list.rules,
- whitelist $WHITE_LIST_PATH/white_list.rules, \
- blacklist $BLACK_LIST_PATH/black_list.rules
- blacklist $BLACK_LIST_PATH/black_list.rules
复制代码 我怀疑是 sed那一行中的variables写法有误,但不知如何解决。请各位指点。 谢谢先。以下是加-x之后的输出:- [root@master student]# bash -x test.sh
- + file=/usr/local/snort/etc/snort.conf
- + for i in ''\''preprocessor reputation:'\''' ''\''memcap 500,'\''' ''\''priority whitelist,'\''' ''\''nested_ip inner,'\''' ''\''whitelist $WHITE_LIST_PATH/white_list.rules,'\''' ''\''blacklist $BLACK_LIST_PATH/black_list.rules'\'''
- + echo preprocessor reputation:
- preprocessor reputation:
- + sed 's/"$i"/#"$i"/' /usr/local/snort/etc/snort.conf
- + mv temp13785 /usr/local/snort/etc/snort.conf
- + grep 'preprocessor reputation:' /usr/local/snort/etc/snort.conf
- preprocessor reputation: \
- + for i in ''\''preprocessor reputation:'\''' ''\''memcap 500,'\''' ''\''priority whitelist,'\''' ''\''nested_ip inner,'\''' ''\''whitelist $WHITE_LIST_PATH/white_list.rules,'\''' ''\''blacklist $BLACK_LIST_PATH/black_list.rules'\'''
- + echo memcap 500,
- memcap 500,
- + sed 's/"$i"/#"$i"/' /usr/local/snort/etc/snort.conf
- + mv temp13785 /usr/local/snort/etc/snort.conf
- + grep 'memcap 500,' /usr/local/snort/etc/snort.conf
- memcap 500, \
- + for i in ''\''preprocessor reputation:'\''' ''\''memcap 500,'\''' ''\''priority whitelist,'\''' ''\''nested_ip inner,'\''' ''\''whitelist $WHITE_LIST_PATH/white_list.rules,'\''' ''\''blacklist $BLACK_LIST_PATH/black_list.rules'\'''
- + echo priority whitelist,
- priority whitelist,
- + sed 's/"$i"/#"$i"/' /usr/local/snort/etc/snort.conf
- + mv temp13785 /usr/local/snort/etc/snort.conf
- + grep 'priority whitelist,' /usr/local/snort/etc/snort.conf
- priority whitelist, \
- + for i in ''\''preprocessor reputation:'\''' ''\''memcap 500,'\''' ''\''priority whitelist,'\''' ''\''nested_ip inner,'\''' ''\''whitelist $WHITE_LIST_PATH/white_list.rules,'\''' ''\''blacklist $BLACK_LIST_PATH/black_list.rules'\'''
- + echo nested_ip inner,
- nested_ip inner,
- + sed 's/"$i"/#"$i"/' /usr/local/snort/etc/snort.conf
- + mv temp13785 /usr/local/snort/etc/snort.conf
- + grep 'nested_ip inner,' /usr/local/snort/etc/snort.conf
- nested_ip inner, \
- + for i in ''\''preprocessor reputation:'\''' ''\''memcap 500,'\''' ''\''priority whitelist,'\''' ''\''nested_ip inner,'\''' ''\''whitelist $WHITE_LIST_PATH/white_list.rules,'\''' ''\''blacklist $BLACK_LIST_PATH/black_list.rules'\'''
- + echo whitelist '$WHITE_LIST_PATH/white_list.rules,'
- whitelist $WHITE_LIST_PATH/white_list.rules,
- + sed 's/"$i"/#"$i"/' /usr/local/snort/etc/snort.conf
- + mv temp13785 /usr/local/snort/etc/snort.conf
- + grep 'whitelist $WHITE_LIST_PATH/white_list.rules,' /usr/local/snort/etc/snort.conf
- whitelist $WHITE_LIST_PATH/white_list.rules, \
- + for i in ''\''preprocessor reputation:'\''' ''\''memcap 500,'\''' ''\''priority whitelist,'\''' ''\''nested_ip inner,'\''' ''\''whitelist $WHITE_LIST_PATH/white_list.rules,'\''' ''\''blacklist $BLACK_LIST_PATH/black_list.rules'\'''
- + echo blacklist '$BLACK_LIST_PATH/black_list.rules'
- blacklist $BLACK_LIST_PATH/black_list.rules
- + sed 's/"$i"/#"$i"/' /usr/local/snort/etc/snort.conf
- + mv temp13785 /usr/local/snort/etc/snort.conf
- + grep 'blacklist $BLACK_LIST_PATH/black_list.rules' /usr/local/snort/etc/snort.conf
- blacklist $BLACK_LIST_PATH/black_list.rules
复制代码 |
|