Hi,
After few days looking into patch downloaded from https://www.zeroshell.org/patch-details/#DA12, I found the way to install this patch on ZS2.0. I’m using ZS2.0RC2. You can try that as following steps:
Download and extract patch:
cd /Database
wget http://www.zeroshell.net/listing/DA12-Snort-2.8.5-1.0.beta12.tar.bz2
tar xvfj DA12-Snort-2.8.5-1.0.beta12.tar.bz2
cd DA12Edit install script to match release version:
vim install.shFind and replace 1.0 by 2.0 as bellow:
if ! ls /Database/opt/2.0/*/db/$D/Description 2>/dev/null > /dev/null ; then
echo "ABORTED: dependence failed: the update $D is required. Please install it."
exit 10
fiChange current directory to tars directory:
cd tarsUncompressed tar file in this directory:
tar -xjf DA12.tar.bz2Move to opt directory:
cd optChange name of 1.0 directory to 2.0 and subdirectory beta12 to RC2 to match ZS release version:
mv 1.0 2.0
cd 2.0
mv beta12 RC2Open file RC2/packages/bin/pcre-config:
vim RC2/packages/bin/pcre-configand replace line as bellow:
prefix=/Database/opt/2.0/RC2/packagesOpen file RC2/packages/etc/snort.conf:
vim RC2/packages/etc/snort.confFind and replace all lines content ‘1.0/beta12’ by ‘2.0/RC2’ using replace function of vim:
:%s/1.0/beta12/2.0/RC2/gNow go to RC2/tars directory:
cd RC2/tarsExtract tar file in this:
tar -xzf DA12-files.tar.gzcd etcRecreate link of snort.conf:
rm -f snort.conf
ln -s /Database/opt/2.0/RC2/packages/etc/snort.conf snort.confMake a new directory and move init.d directory into it:
mkdir rc.d
mv init.d rc.dNow remove old tar file, recreate new one and remove directory:
cd ..
rm -f DA12-files.tar.gz
tar -czf DA12-files.tar.gz etc
rm -rf etcAnd now, recreate DA12.tar.bz2 file:
cd /Database/DA12/tars
rm -f DA12.tar.bz2
tar -cjf DA12.tar.bz2
rm -rf optAnd run install script:
cd ..
./install.sh
You can using web face to view log with session snort.