-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathIPS_Setup.sh
More file actions
30 lines (22 loc) · 978 Bytes
/
IPS_Setup.sh
File metadata and controls
30 lines (22 loc) · 978 Bytes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
#!/bin/bash
# Snort IPS Setup Script
set -e
echo "Installing Docker, iptables, and iptables-persistent..."
sudo apt update
sudo apt install -y docker.io iptables iptables-persistent
echo "Enabling IP forwarding..."
echo 1 | sudo tee /proc/sys/net/ipv4/ip_forward
sudo sysctl -w net.ipv4.ip_forward=1
sudo bash -c 'echo "net.ipv4.ip_forward=1" >> /etc/sysctl.conf'
sudo sysctl -p
echo "Building Snort Docker image..."
docker build -t snort-ips .
echo "Starting Snort container with host network and privileged access..."
docker run -dit --name snort-ips --privileged --network host snort-ips
echo "Setting up iptables rules to send traffic to NFQUEUE..."
sudo iptables -I FORWARD -j NFQUEUE --queue-num 0
sudo iptables -I INPUT -j NFQUEUE --queue-num 0
sudo iptables -I OUTPUT -j NFQUEUE --queue-num 0
echo "Saving iptables rules for persistence..."
sudo iptables-save | sudo tee /etc/iptables/rules.v4
echo "Setup complete! Now attach to the container and start Snort:"