Heres a script to start snort which seems to work except it is giving me a error about an unexpected end of the file. I've looked at some other scripts which include a $? after the exit and that didn't fix it. Also what languange is this? Sorry for the newbish questions :D


#!/bin/sh
#
# Created Honeynet Project <project@honeynet.org>
# March 18, 2000
#
# Updated December 10, 2002 <lance@spitzner.net>
#
# PURPOSE:
# Used to launch snort for daily automated IDS
#

# Set variables
PATH=/bin:/usr/local/bin
PID=/var/run/snort_eth0.pid
DIR=/var/log/snort
DATE=`date +%b_%d`
SNORT=/usr/local/bin/snort
USER=snort

### Kill snort
if [ -s $PID ]; then
PRO=`cat $PID`
echo ""
echo "Previous version of Snort running"
echo "Killing Snort, PID $PRO"
echo ""
kill -9 $PRO
fi

# Make directory based on date, if already exists do nothing.
if [ -d $DIR/$DATE ]; then
:
else
mkdir $DIR/$DATE

fi

# Snort options explanation
# -b log packets in tcpdump format
# -c configuration file
# -d log packet details
# -D daemon mode
# -i interface in our case eth0
# -l log directory
# -Q (used ONLY with Snort-Inline for QUEUE mode)
# -u $USER run snort as UID $USER in our case nobody

### Start snort for the Honeynet
$SNORT -d -D -c /etc/snort/snort.conf -i eth0 -l $DIR/$DATE

exit

Couldn't say this for sure, but just looking at it, is there supposed to be a semicolon after each of the if statements? I don't know much with bash scripting, but in most programming, you don't want those semicolons there.

Try adding a newline after exit.

Yes, the semicolons after if are needed. Unless you put the "then" on the next line, of course. ;)

It's probably the newline (or lack thereof) after the exit that's causing issues.

Oh, and this is Bourne shell, BTW. You asked which language in the original post -- /bin/sh is the Bourne shell (notice how the first line is #!/bin/sh? The #! tells the kernel that this is an interpreted executable, and the /bin/sh tells the kernel which executable to use to interpret it).

I got it working now. Apparently i was having the same problem i had with my iptables firewall script where it wasn't formatted correctly. I was opening the scripts with Notepad and Wordpad in Windows because i'm using Linux as little as possible until i'm confident its secured. So maybe the Windows editors are screwing something up because in both cases i just create a new file and retype everything in with VI and it works.

Originally posted by bwkaz
Yes, the semicolons after if are needed. Unless you put the "then" on the next line, of course. ;)

It's probably the newline (or lack thereof) after the exit that's causing issues.

Oh, and this is Bourne shell, BTW. You asked which language in the original post -- /bin/sh is the Bourne shell (notice how the first line is #!/bin/sh? The #! tells the kernel that this is an interpreted executable, and the /bin/sh tells the kernel which executable to use to interpret it).

Thanks, so this is really just a script like a batch file and not a real language? I saw those if then else statements and was sort of hoping i was learning C++ :D Could different shells use the same script?

Probably not, most shells have at least some small differences in how they are formatted.

It is just a shell script, but don't say "not a real language". Shell scripting, AFAIK, is fairly close to Turing-complete. Granted, it's ugly for some things, and slow for others, but you can do quite a bit with shell scripting.

And yes, even though most shells can execute some subset of the same things (e.g. bash, ksh, ksh93, ash, etc. can all execute most /bin/sh scripts), there are two basic shells available, and the other one (C shell) is completely different. You may have a tcsh or csh package; resist the urge to install it to see how it works. :D Programming with it is ugly.

And of course, if you use bash extensions (like $(command) to run command and substitute its output in for the whole word there, rather than using `command` instead), then very few shells will be able to execute your script. If you use a specific-enough extension, none of them will.

Originally posted by Ipsec Espah
I was opening the scripts with Notepad and Wordpad in Windows because i'm using Linux as little as possible until i'm confident its secured. So maybe the Windows editors are screwing something up because in both cases i just create a new file and retype everything in with VI and it works.

FYI the end of line character is different in linux then it is in windows. Windows uses a CR & LF but linux just uses a LF.

CR - carriage return hex 0x0D
LF - line feed hex 0x0A

Originally posted by bwkaz
It is just a shell script, but don't say "not a real language". Shell scripting, AFAIK, is fairly close to Turing-complete. Granted, it's ugly for some things, and slow for others, but you can do quite a bit with shell scripting.

And yes, even though most shells can execute some subset of the same things (e.g. bash, ksh, ksh93, ash, etc. can all execute most /bin/sh scripts), there are two basic shells available, and the other one (C shell) is completely different. You may have a tcsh or csh package; resist the urge to install it to see how it works. :D Programming with it is ugly.

And of course, if you use bash extensions (like $(command) to run command and substitute its output in for the whole word there, rather than using `command` instead), then very few shells will be able to execute your script. If you use a specific-enough extension, none of them will.

Yeah perhaps i was a little to quick to judge it, especially considering i don't really know anything about it :) I just got done reading a little about it though and it seems a lot more usefull than i thought. Basically mandatory learning for admins so i think i'll more than likely end up learning it. There is quite a few tutorials and guides around... are there any that you would recommend?

Originally posted by michaelk
FYI the end of line character is different in linux then it is in windows. Windows uses a CR & LF but linux just uses a LF.

CR - carriage return hex 0x0D
LF - line feed hex 0x0A

I think i'll be downloading and editing all of the scripts in linux for now on. :) Thanks.