Data hosted with ♥ by Pastebin.com - Download Raw - See Original
  1. #!/bin/bash
  2.  
  3. cd /tmp
  4.  
  5. # download clamav database files
  6. wget http://database.clamav.net/main.cvd
  7. wget http://database.clamav.net/daily.cvd
  8.  
  9. # extract the databases
  10. sigtool --unpack main.cvd
  11. sigtool --unpack daily.cvd
  12.  
  13. # extract md5 hash only to blacklist_md5
  14. cat main.hdb >> clamav_md5
  15. cat daily.hdb >> clamav_md5
  16.  
  17. cut -d':' -f1 clamav_md5 > blacklist_md5
  18.  
  19. # copy to suricata rules directory
  20. cp blacklist_md5 /etc/suricata/rules/
  21.  
  22. # clean up
  23. rm main.*
  24. rm daily.*
  25. rm *_md5