2 # Installation script for the OSSEC
3 # Author: Daniel B. Cid <daniel.cid@gmail.com>
4 # Last modification: Mar 02, 2006
6 # Changelog 19/03/2006 - Rafael M. Capovilla <under@underlinux.com.br>
7 # New function AddWhite to allow users to add more Ips in the white_list
8 # Minor *echos* modifications to better look
9 # Bug fix - When email address is blank
10 # Bug fix - delete INSTALLDIR - Default is yes but if the user just press enter the script wasn't deleting it as it should
11 # Changelog 15/07/2006 - Rafael M. Capovilla <under@underlinux.com.br>
12 # New function AddTable to add support for OpenBSD pf rules in firewall-drop active response
16 ### Looking up for the execution directory
20 ### Looking for echo -n
23 if [ ! "X$hs" = "Xa" ]; then
24 ls "/usr/ucb/echo" > /dev/null 2>&1
26 ECHO="/usr/ucb/echo -n"
33 echo "xxxx" | grep -E "xxx" > /dev/null 2>&1
35 ls "/usr/xpg4/bin/grep" > /dev/null 2>&1
37 PATH=/usr/xpg4/bin:$PATH
44 # Checking for command line arguments
46 if [ "X$i" = "Xdebug" ]; then
48 elif [ "X$i" = "Xbinary-install" ]; then
49 USER_BINARYINSTALL="yes"
50 elif [ "X$i" = "Xhelp" ]; then
52 echo "$0 binary-install"
65 echo "5- ${installing}"
67 echo "DIR=\"${INSTALLDIR}\"" > ${LOCATION}
68 echo "CC=${CC}" >> ${LOCATION}
69 echo "GCC=${CC}" >> ${LOCATION}
70 echo "CLANG=clang" >> ${LOCATION}
72 # Changing Config.OS with the new C flags
73 # Checking if debug is enabled
74 if [ "X${SET_DEBUG}" = "Xdebug" ]; then
75 CEXTRA="${CEXTRA} -DDEBUGAD"
78 echo "CEXTRA=${CEXTRA}" >> ./src/Config.OS
81 echo " - ${runningmake}"
84 # Binary install will use the previous generated code.
85 if [ "X${USER_BINARYINSTALL}" = "X" ]; then
100 # If update, stop ossec
101 if [ "X${update_only}" = "Xyes" ]; then
105 # Making the right installation type
106 if [ "X$INSTYPE" = "Xserver" ]; then
109 elif [ "X$INSTYPE" = "Xagent" ]; then
112 elif [ "X$INSTYPE" = "Xlocal" ]; then
113 ./InstallServer.sh local
119 # Generate the /etc/ossec-init.conf
120 VERSION_FILE="./src/VERSION"
121 VERSION=`cat ${VERSION_FILE}`
122 chmod 700 ${OSSEC_INIT} > /dev/null 2>&1
123 echo "DIRECTORY=\"${INSTALLDIR}\"" > ${OSSEC_INIT}
124 echo "VERSION=\"${VERSION}\"" >> ${OSSEC_INIT}
125 echo "DATE=\"`date`\"" >> ${OSSEC_INIT}
126 echo "TYPE=\"${INSTYPE}\"" >> ${OSSEC_INIT}
127 chmod 600 ${OSSEC_INIT}
128 cp -pr ${OSSEC_INIT} ${INSTALLDIR}${OSSEC_INIT}
129 chmod 644 ${INSTALLDIR}${OSSEC_INIT}
132 # If update_rules is set, we need to tweak
133 # ossec.conf to read the new signatures.
134 if [ "X${update_rules}" = "Xyes" ]; then
138 # If update, start OSSEC
139 if [ "X${update_only}" = "Xyes" ]; then
143 # Calling the init script to start ossec hids during boot
144 if [ "X${update_only}" = "X" ]; then
162 # Integrity check config
164 $ECHO " 3.2- ${runsyscheck} ($yes/$no) [$yes]: "
165 if [ "X${USER_ENABLE_SYSCHECK}" = "X" ]; then
168 AS=${USER_ENABLE_SYSCHECK}
173 echo " - ${nosyscheck}."
177 echo " - ${yessyscheck}."
181 # Adding to the config file
182 if [ "X$SYSCHECK" = "Xyes" ]; then
183 cat ${SYSCHECK_TEMPLATE} >> $NEWCONFIG
196 # Rootkit detection configuration
198 $ECHO " 3.3- ${runrootcheck} ($yes/$no) [$yes]: "
200 if [ "X${USER_ENABLE_ROOTCHECK}" = "X" ]; then
203 ES=${USER_ENABLE_ROOTCHECK}
209 echo " - ${norootcheck}."
213 echo " - ${yesrootcheck}."
218 # Adding to the config file
219 if [ "X$ROOTCHECK" = "Xyes" ]; then
220 echo "" >> $NEWCONFIG
221 echo " <rootcheck>" >> $NEWCONFIG
222 echo " <rootkit_files>$INSTALLDIR/etc/shared/rootkit_files.txt</rootkit_files>" >> $NEWCONFIG
223 echo " <rootkit_trojans>$INSTALLDIR/etc/shared/rootkit_trojans.txt</rootkit_trojans>" >> $NEWCONFIG
224 echo " <system_audit>$INSTALLDIR/etc/shared/system_audit_rcl.txt</system_audit>" >> $NEWCONFIG
225 echo " <system_audit>$INSTALLDIR/etc/shared/cis_debian_linux_rcl.txt</system_audit>" >> $NEWCONFIG
226 echo " <system_audit>$INSTALLDIR/etc/shared/cis_rhel_linux_rcl.txt</system_audit>" >> $NEWCONFIG
227 echo " <system_audit>$INSTALLDIR/etc/shared/cis_rhel5_linux_rcl.txt</system_audit>" >> $NEWCONFIG
228 echo " </rootcheck>" >> $NEWCONFIG
230 echo "" >> $NEWCONFIG
231 echo " <rootcheck>" >> $NEWCONFIG
232 echo " <disabled>yes</disabled>" >> $NEWCONFIG
233 echo " </rootcheck>" >> $NEWCONFIG
248 echo " $NB- ${readlogs}"
250 echo " <!-- Files to monitor (localfiles) -->" >> $NEWCONFIG
251 LOG_FILES=`cat ${SYSLOG_TEMPLATE}`
252 for i in ${LOG_FILES}; do
253 # If log file present, add it
254 ls $i > /dev/null 2>&1
257 echo "" >> $NEWCONFIG
258 echo " <localfile>" >> $NEWCONFIG
259 echo " <log_format>syslog</log_format>" >> $NEWCONFIG
260 echo " <location>$i</location>" >>$NEWCONFIG
261 echo " </localfile>" >> $NEWCONFIG
265 # Getting snort files
266 SNORT_FILES=`cat ${SNORT_TEMPLATE}`
267 for i in ${SNORT_FILES}; do
268 ls $i > /dev/null 2>&1
270 echo "" >> $NEWCONFIG
271 echo " <localfile>" >> $NEWCONFIG
273 head -n 1 $i|grep "\[**\] "|grep -v "Classification:" > /dev/null
275 echo " <log_format>snort-full</log_format>" >> $NEWCONFIG
276 echo " -- $i (snort-full file)"
278 echo " <log_format>snort-fast</log_format>" >> $NEWCONFIG
279 echo " -- $i (snort-fast file)"
281 echo " <location>$i</location>" >>$NEWCONFIG
282 echo " </localfile>" >> $NEWCONFIG
286 # Getting apache logs
287 APACHE_FILES=`cat ${APACHE_TEMPLATE}`
288 for i in ${APACHE_FILES}; do
289 ls $i > /dev/null 2>&1
291 echo "" >> $NEWCONFIG
292 echo " <localfile>" >> $NEWCONFIG
293 echo " <log_format>apache</log_format>" >> $NEWCONFIG
294 echo " <location>$i</location>" >>$NEWCONFIG
295 echo " </localfile>" >> $NEWCONFIG
297 echo " -- $i (apache log)"
301 # Getting postgresql logs
302 PGSQL_FILES=`cat ${PGSQL_TEMPLATE}`
303 for i in ${PGSQL_FILES}; do
304 ls $i > /dev/null 2>&1
306 echo "" >> $NEWCONFIG
307 echo " <localfile>" >> $NEWCONFIG
308 echo " <log_format>postgresql_log</log_format>" >> $NEWCONFIG
309 echo " <location>$i</location>" >>$NEWCONFIG
310 echo " </localfile>" >> $NEWCONFIG
312 echo " -- $i (postgresql log)"
321 if [ "X$USER_NO_STOP" = "X" ]; then
335 echo "3- ${configuring} $NAME."
338 if [ "X${USER_AGENT_SERVER_IP}" = "X" ]; then
339 # Looping and asking for server ip
341 $ECHO " 3.1- ${serverip}: "
343 echo $IPANSWER | grep -E "^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$" > /dev/null 2>&1
347 echo " - ${addingip} $IP"
352 IP=${USER_AGENT_SERVER_IP}
355 echo "<ossec_config>" > $NEWCONFIG
356 echo " <client>" >> $NEWCONFIG
357 echo " <server-ip>$IP</server-ip>" >> $NEWCONFIG
358 echo " </client>" >> $NEWCONFIG
359 echo "" >> $NEWCONFIG
368 $ECHO " 3.4 - ${enable_ar} ($yes/$no) [$yes]: "
370 if [ "X${USER_ENABLE_ACTIVE_RESPONSE}" = "X" ]; then
373 ANY=${USER_ENABLE_ACTIVE_RESPONSE}
379 echo " - ${noactive}."
380 echo "" >> $NEWCONFIG
381 echo " <active-response>" >> $NEWCONFIG
382 echo " <disabled>yes</disabled>" >> $NEWCONFIG
383 echo " </active-response>" >> $NEWCONFIG
384 echo "" >> $NEWCONFIG
392 # Set up the log files
395 echo "</ossec_config>" >> $NEWCONFIG
407 echo "3- ${configuring} $NAME."
410 # Configuring e-mail notification
412 $ECHO " 3.1- ${mailnotify} ($yes/$no) [$yes]: "
414 if [ "X${USER_ENABLE_EMAIL}" = "X" ]; then
417 ANSWER=${USER_ENABLE_EMAIL}
423 echo " --- ${nomail}."
428 $ECHO " - ${whatsemail} "
429 if [ "X${USER_EMAIL_ADDRESS}" = "X" ]; then
432 echo "${EMAIL}" | grep -E "^[a-zA-Z0-9_.-]{1,36}@[a-zA-Z0-9_.-]{1,54}$" > /dev/null 2>&1 ;RVAL=$?;
433 # Ugly e-mail validation
434 while [ "$EMAIL" = "" -o ! ${RVAL} = 0 ] ; do
435 $ECHO " - ${whatsemail} "
437 echo "${EMAIL}" | grep -E "^[a-zA-Z0-9_.-]{1,36}@[a-zA-Z0-9_.-]{1,54}$" > /dev/null 2>&1 ;RVAL=$?;
440 EMAIL=${USER_EMAIL_ADDRESS}
443 ls ${HOST_CMD} > /dev/null 2>&1
445 HOSTTMP=`${HOST_CMD} -W 5 -t mx devmail.ossec.net 2>/dev/null`
447 # Trying without the -W
448 HOSTTMP=`${HOST_CMD} -t mx devmail.ossec.net 2>/dev/null`
450 if [ "X$HOSTTMP" = "X${OSSECMX}" -o "X$HOSTTMP" = "X${OSSECMX2}" -o "X$HOSTTMP" = "X${OSSECMX3}" ];then
451 # Breaking down the user e-mail
452 EMAILHOST=`echo ${EMAIL} | cut -d "@" -f 2`
453 if [ "X${EMAILHOST}" = "Xlocalhost" ]; then
456 HOSTTMP=`${HOST_CMD} -W 5 -t mx ${EMAILHOST}`
457 SMTPHOST=`echo ${HOSTTMP} | cut -d " " -f 7`
462 if [ "X${USER_EMAIL_SMTP}" = "X" ]; then
463 if [ "X${SMTPHOST}" != "X" ]; then
465 echo " - ${yoursmtp}: ${SMTPHOST}"
466 $ECHO " - ${usesmtp} ($yes/$no) [$yes]: "
476 echo " --- ${usingsmtp} ${SMTP}"
481 if [ "X${SMTP}" = "X" ]; then
482 $ECHO " - ${whatsmtp} "
486 SMTP=${USER_EMAIL_SMTP}
492 # Writting global parameters
493 echo "<ossec_config>" > $NEWCONFIG
494 echo " <global>" >> $NEWCONFIG
495 if [ "$EMAILNOTIFY" = "yes" ]; then
496 echo " <email_notification>yes</email_notification>" >> $NEWCONFIG
497 echo " <email_to>$EMAIL</email_to>" >> $NEWCONFIG
498 echo " <smtp_server>$SMTP</smtp_server>" >> $NEWCONFIG
499 echo " <email_from>ossecm@${HOST}</email_from>" >> $NEWCONFIG
501 echo " <email_notification>no</email_notification>" >> $NEWCONFIG
504 echo " </global>" >> $NEWCONFIG
505 echo "" >> $NEWCONFIG
507 # Writting rules configuration
508 cat ${RULES_TEMPLATE} >> $NEWCONFIG
509 echo "" >> $NEWCONFIG
512 # Checking if syscheck should run
515 # Checking if rootcheck should run
521 $ECHO " - ${enable_ar} ($yes/$no) [$yes]: "
523 if [ "X${USER_ENABLE_ACTIVE_RESPONSE}" = "X" ]; then
526 AR=${USER_ENABLE_ACTIVE_RESPONSE}
532 echo " - ${noactive}."
533 echo "" >> $NEWCONFIG
534 echo " <active-response>" >> $NEWCONFIG
535 echo " <disabled>yes</disabled>" >> $NEWCONFIG
536 echo " </active-response>" >> $NEWCONFIG
537 echo "" >> $NEWCONFIG
542 catMsg "0x108-ar-enabled"
545 $ECHO " - ${firewallar} ($yes/$no) [$yes]: "
547 if [ "X${USER_ENABLE_FIREWALL_RESPONSE}" = "X" ]; then
550 HD2=${USER_ENABLE_FIREWALL_RESPONSE}
556 echo " - ${nofirewall}"
559 echo " - ${yesfirewall}"
563 echo "" >> $NEWCONFIG
564 echo " <global>" >> $NEWCONFIG
565 echo " <white_list>127.0.0.1</white_list>" >> $NEWCONFIG
566 echo " <white_list>^localhost.localdomain$</white_list>">>$NEWCONFIG
568 echo " - ${defaultwhitelist}"
569 for ip in ${NAMESERVERS} ${NAMESERVERS2};
571 if [ ! "X${ip}" = "X" ]; then
573 echo " <white_list>${ip}</white_list>" >>$NEWCONFIG
578 # If Openbsd or Freebsd with pf enable, ask about
579 # automatically setting it up.
580 # Commenting it out in case I change my mind about it
582 #if [ "X`sh ./src/init/fw-check.sh`" = "XPF" ]; then
584 # $ECHO " - ${pfenable} ($yes/$no) [$yes]: "
585 # if [ "X${USER_ENABLE_PF}" = "X" ]; then
588 # PFENABLE=${USER_ENABLE_PF}
602 echo " </global>" >> $NEWCONFIG
607 if [ "X$INSTYPE" = "Xserver" ]; then
608 # Configuring remote syslog
610 $ECHO " 3.5- ${syslog} ($yes/$no) [$yes]: "
612 if [ "X${USER_ENABLE_SYSLOG}" = "X" ]; then
615 ANSWER=${USER_ENABLE_SYSLOG}
621 echo " --- ${nosyslog}."
624 echo " - ${yessyslog}."
629 # Configuring remote connections
635 if [ "X$RLOG" = "Xyes" ]; then
636 echo "" >> $NEWCONFIG
637 echo " <remote>" >> $NEWCONFIG
638 echo " <connection>syslog</connection>" >> $NEWCONFIG
639 echo " </remote>" >> $NEWCONFIG
642 if [ "X$SLOG" = "Xyes" ]; then
643 echo "" >> $NEWCONFIG
644 echo " <remote>" >> $NEWCONFIG
645 echo " <connection>secure</connection>" >> $NEWCONFIG
646 echo " </remote>" >> $NEWCONFIG
651 echo "" >> $NEWCONFIG
652 echo " <alerts>" >> $NEWCONFIG
653 echo " <log_alert_level>1</log_alert_level>" >> $NEWCONFIG
654 if [ "$EMAILNOTIFY" = "yes" ]; then
655 echo " <email_alert_level>7</email_alert_level>">> $NEWCONFIG
657 echo " </alerts>" >> $NEWCONFIG
660 if [ "X$ACTIVERESPONSE" = "Xyes" ]; then
661 # Add commands in here
662 echo "" >> $NEWCONFIG
663 cat ${HOST_DENY_TEMPLATE} >> $NEWCONFIG
664 echo "" >> $NEWCONFIG
665 cat ${FIREWALL_DROP_TEMPLATE} >> $NEWCONFIG
666 echo "" >> $NEWCONFIG
667 cat ${DISABLE_ACCOUNT_TEMPLATE} >> $NEWCONFIG
668 echo "" >> $NEWCONFIG
669 cat ${ROUTENULL_TEMPLATE} >> $NEWCONFIG
670 echo "" >> $NEWCONFIG
672 if [ "X$FIREWALLDROP" = "Xyes" ]; then
673 echo "" >> $NEWCONFIG
674 cat ${ACTIVE_RESPONSE_TEMPLATE} >> $NEWCONFIG
675 echo "" >> $NEWCONFIG
679 # Setting up the logs
681 echo "</ossec_config>" >> $NEWCONFIG
693 echo "2- ${settingupenv}."
696 if [ "X${USER_DIR}" = "X" ]; then
698 $ECHO " - ${wheretoinstall} [$INSTALLDIR]: "
700 if [ ! "X$ANSWER" = "X" ]; then
701 echo $ANSWER |grep -E "^/[a-zA-Z0-9./_-]{3,128}$">/dev/null 2>&1
711 INSTALLDIR=${USER_DIR}
715 CEXTRA="$CEXTRA -DDEFAULTDIR=\\\"${INSTALLDIR}\\\""
718 echo " - ${installat} ${INSTALLDIR} ."
721 if [ "X$INSTYPE" = "Xagent" ]; then
722 CEXTRA="$CEXTRA -DCLIENT"
723 elif [ "X$INSTYPE" = "Xlocal" ]; then
724 CEXTRA="$CEXTRA -DLOCAL"
727 ls $INSTALLDIR >/dev/null 2>&1
729 if [ "X${USER_DELETE_DIR}" = "X" ]; then
731 $ECHO " - ${deletedir} ($yes/$no) [$yes]: "
734 ANSWER=${USER_DELETE_DIR}
740 if [ ! $? = 0 ]; then
752 # checkDependencies()
753 # Thanks to gabriel@macacos.org
759 if [ "X$NUNAME" = "XSunOS" ]; then
760 PATH=$PATH:/usr/ccs/bin:/usr/xpg4/bin:/opt/csw/gcc3/bin:/opt/csw/bin:/usr/sfw/bin
762 elif [ "X$NUNAME" = "XAIX" ]; then
763 PATH=$PATH:/usr/vac/bin
767 ls "`which gcc`" > /dev/null 2>&1
768 if [ ! $? = 0 ]; then
769 ls "`which cc`" > /dev/null 2>&1
770 if [ ! $? = 0 ]; then
771 if [ "X${USER_BINARYINSTALL}" = "X" ]; then
772 catError "0x3-dependencies"
792 $ECHO " - ${addwhite} ($yes/$no)? [$no]: "
794 # If white list is set, we don't need to ask it here.
795 if [ "X${USER_WHITE_LIST}" = "X" ]; then
801 if [ "X${ANSWER}" = "X" ] ; then
810 $ECHO " - ${ipswhite}"
811 if [ "X${USER_WHITE_LIST}" = "X" ]; then
814 IPS=${USER_WHITE_LIST}
819 if [ ! "X${ip}" = "X" ]; then
820 echo $ip | grep -E "^[0-9./]{5,20}$" > /dev/null 2>&1
822 echo " <white_list>${ip}</white_list>" >>$NEWCONFIG
840 TABLE="ossec_fwtable"
842 # Add table to the first line
844 echo " - ${pfmessage}:"
846 echo " http://www.ossec.net/en/manual.html#active-response-tools"
850 echo " table <${TABLE}> persist #$TABLE "
851 echo " block in quick from <${TABLE}> to any"
852 echo " block out quick from any to <${TABLE}>"
865 . ./src/init/shared.sh
866 . ./src/init/functions.sh
868 # Reading pre-defined file
869 if [ ! `isFile ${PREDEF_FILE}` = "${FALSE}" ]; then
873 # If user language is not set
875 if [ "X${USER_LANGUAGE}" = "X" ]; then
877 # Choosing the language.
880 for i in `ls ${TEMPLATE}`; do
881 # ignore CVS (should not be there anyways and config)
882 if [ "$i" = "CVS" -o "$i" = "config" ]; then continue; fi
883 cat "${TEMPLATE}/$i/language.txt"
884 if [ ! "$i" = "en" ]; then
888 $ECHO " (${LG}) [en]: "
891 if [ "X${USER_LG}" = "X" ]; then
895 ls "${TEMPLATE}/${USER_LG}" > /dev/null 2>&1
905 # If provided language is not valid, default to english
906 ls "${TEMPLATE}/${USER_LANGUAGE}" > /dev/null 2>&1
908 LANGUAGE=${USER_LANGUAGE}
913 fi # for USER_LANGUAGE
916 . ./src/init/shared.sh
917 . ./src/init/language.sh
918 . ./src/init/functions.sh
920 . ${TEMPLATE}/${LANGUAGE}/messages.txt
923 # Must be executed as ./install.sh
924 if [ `isFile ${VERSION_FILE}` = "${FALSE}" ]; then
925 catError "0x1-location";
929 if [ ! "X$ME" = "Xroot" ]; then
930 catError "0x2-beroot";
933 # Checking dependencies
940 echo " $NAME $VERSION ${installscript} - http://www.ossec.net"
942 catMsg "0x101-initial"
944 echo " - $system: $UNAME"
946 echo " - $host: $HOST"
949 echo " -- $hitanyorabort --"
951 if [ "X$USER_NO_STOP" = "X" ]; then
955 . ./src/init/update.sh
957 if [ "`isUpdate`" = "${TRUE}" ]; then
960 while [ $ct = "1" ]; do
962 $ECHO " - ${wanttoupdate} ($yes/$no): "
963 if [ "X${USER_UPDATE}" = "X" ]; then
984 # Do some of the update steps.
985 if [ "X${update_only}" = "Xyes" ]; then
986 . ./src/init/update.sh
988 if [ "`doUpdatecleanup`" = "${FALSE}" ]; then
991 echo "${unabletoupdate}"
996 USER_INSTALL_TYPE=`getPreinstalled`
997 USER_DIR=`getPreinstalledDir`
998 USER_DELETE_DIR="$nomatch"
1003 # We dont need to update the rules on agent installs
1004 if [ "X${USER_INSTALL_TYPE}" = "Xagent" ]; then
1008 while [ $ct = "1" ]; do
1010 $ECHO " - ${updaterules} ($yes/$no): "
1011 if [ "X${USER_UPDATE_RULES}" = "X" ]; then
1034 serverm=`echo ${server} | cut -b 1`
1035 localm=`echo ${local} | cut -b 1`
1036 agentm=`echo ${agent} | cut -b 1`
1037 helpm=`echo ${help} | cut -b 1`
1039 # If user install type is not set, ask for it.
1040 if [ "X${USER_INSTALL_TYPE}" = "X" ]; then
1042 # Loop for the installation options
1046 $ECHO "1- ${whattoinstall} "
1052 catMsg "0x102-installhelp"
1055 ${server}|${serverm})
1057 echo " - ${serverchose}."
1064 echo " - ${clientchose}."
1071 echo " - ${localchose}."
1079 INSTYPE=${USER_INSTALL_TYPE}
1083 # Setting up the environment
1087 # Configuring the system (based on the installation type)
1088 if [ "X${update_only}" = "X" ]; then
1089 if [ "X$INSTYPE" = "Xserver" ]; then
1091 elif [ "X$INSTYPE" = "Xagent" ]; then
1093 elif [ "X$INSTYPE" = "Xlocal" ]; then
1096 catError "0x4-installtype"
1100 # Installing (calls the respective script
1101 # -- InstallAgent.sh or InstallServer.sh
1106 echo " - ${configurationdone}."
1108 echo " - ${tostart}:"
1109 echo " $INSTALLDIR/bin/ossec-control start"
1111 echo " - ${tostop}:"
1112 echo " $INSTALLDIR/bin/ossec-control stop"
1114 echo " - ${configat} $INSTALLDIR/etc/ossec.conf"
1118 catMsg "0x103-thanksforusing"
1121 if [ "X${update_only}" = "Xyes" ]; then
1122 # Message for the update
1123 if [ "X`sh ./src/init/fw-check.sh`" = "XPF" -a "X${ACTIVERESPONSE}" = "Xyes" ]; then
1124 if [ "X$USER_NO_STOP" = "X" ]; then
1130 echo " - ${updatecompleted}"
1136 if [ "X$USER_NO_STOP" = "X" ]; then
1141 # PF firewall message
1142 if [ "X`sh ./src/init/fw-check.sh`" = "XPF" -a "X${ACTIVERESPONSE}" = "Xyes" ]; then
1147 if [ "X$INSTYPE" = "Xserver" ]; then
1149 echo " - ${addserveragent}"
1152 echo " $INSTALLDIR/bin/manage_agents"
1155 echo " http://www.ossec.net/en/manual.html#ma"
1158 elif [ "X$INSTYPE" = "Xagent" ]; then
1159 catMsg "0x104-client"
1160 echo " $INSTALLDIR/bin/manage_agents"
1163 echo " http://www.ossec.net/en/manual.html#ma"
1167 if [ "X$notmodified" = "Xyes" ]; then
1168 catMsg "0x105-noboot"
1169 echo " $INSTALLDIR/bin/ossec-control start"
1177 ### Calling main function where everything happens
projects / ossec-hids.git / blob