#!/bin/bash
#Copyright 2003 William Stearns <wstearns@pobox.com>
#Released under the GPL.


for RuleFile in *.rules ; do
	echo "Processing $RuleFile" >&2
	Module="snort-${RuleFile%%.*}"
	#echo going to $Module >&2
	cat /usr/src/firebricks/firebricks-template-head \
	 | sed \
	    -e 's/^Me=.*/Me='\'$Module\''/' \
	    -e 's/^MyVersion=.*/MyVersion='\'`date +%Y%m%d`\''/' \
	 >$Module
	/usr/src/snort2iptables/snort2iptables --firebricks $RuleFile \
	 | grep -v '^		#LogAs' \
	 | sed \
	    -e 's/ -s $DNS_SERVERS / /' \
	    -e 's/ -d $DNS_SERVERS / /' \
	    -e 's/ -s $EXTERNAL_NET / /' \
	    -e 's/ -d $EXTERNAL_NET / /' \
	    -e 's/ -s $HOME_NET / /' \
	    -e 's/ -d $HOME_NET / /' \
	    -e 's/ -s $HTTP_SERVERS / /' \
	    -e 's/ -d $HTTP_SERVERS / /' \
	    -e 's/ -s $SMTP_SERVERS / /' \
	    -e 's/ -d $SMTP_SERVERS / /' \
	    -e 's/ -s $SNMP_SERVERS / /' \
	    -e 's/ -d $SNMP_SERVERS / /' \
	    -e 's/ -s $SQL_SERVERS / /' \
	    -e 's/ -d $SQL_SERVERS / /' \
	    -e 's/ -s $TELNET_SERVERS / /' \
	    -e 's/ -d $TELNET_SERVERS / /' \
	    -e 's/ --sport $HTTP_PORTS / --sport 80 /' \
	    -e 's/ --dport $HTTP_PORTS / --dport 80 /' \
	 >>$Module
	cat /usr/src/firebricks/firebricks-template-tail >>$Module
	if [ `cat $Module | grep 'LogAs="SID' | wc -l` -eq 0 ]; then
		echo "Empty $Module, deleting." >&2
		rm -f $Module
	fi
done


#	 | sed \
#	    -e 's/ -p tcp -s $EXTERNAL_NET -d $HTTP_SERVERS --dport $HTTP_PORTS / $IncomingHTTP /' \
#	    -e 's/ -p tcp -s $EXTERNAL_NET -d $SMTP_SERVERS --dport 25 / $IncomingSMTP /' \
#	    -e 's/ -p tcp -s $EXTERNAL_NET -d $HOME_NET --dport 21 / $IncomingFTP /' \
#	    -e 's/ -p tcp -s $EXTERNAL_NET -d $HOME_NET --dport 79 / $IncomingFinger /' \
#	    -e 's/ -p tcp -s $EXTERNAL_NET -d $TELNET_SERVERS --dport 23 / $IncomingTelnet /' \