Hi In our case (satellite connexion) we have a lot of cases where snf2check fail, So our current batch keep retrying download every 10 minutes until snf2check succeed (that is done by creating a file error.txt) If I use getRulebase.cmd, what happens if snf2check fail ? or if wget does not complete ? or other problems ? ...
My current wget is optimized as follow wget -N http://www.sortmonster.net/Sniffer/Updates/zydt3crn.snf --tries=10 --wait=5 --random-wait -o %DD%result.txt --header=Accept-Encoding:gzip --http-user=sniffer --http-passwd=xxxxxxxx ----- Original Message ----- From: Pete McNeil To: Message Sniffer Community Sent: Sunday, July 06, 2008 6:22 PM Subject: [sniffer] Re: It's official. SNF Version 3.0 is Ready! Hello Serge, Sunday, July 6, 2008, 1:46:00 PM, you wrote: > Hi Pete Just upgraded from 2.9 to 3.0 1- Please check if all is OK from your side Looks ok from here. Good telemetry showing version 3. High capture rates: > 2- I curently upgrade my rules on emails alerts. My understanding is that the server can dectect new rules and launch a batch file. Please confirm and give link to detailed instructions. Can i use the same batch file I am using now ? In theory you could use the same batch file, however it is probably better to use/adapt the getRulebase.cmd script. At present your rulebase is not out of date: <update ready="no" utc="20080706172248"/> You can find some detailed instructions about setting up getRulebase.cmd here starting with step 6. The process is largely the same for all Win* platforms: http://www.armresearch.com/support/articles/installation/decludeImail.jsp Best, _M -- Pete McNeil Chief Scientist, Arm Research Labs, LLC. ------------------------------------------------------------------------------ ############################################################# This message is sent to you because you are subscribed to the mailing list <[email protected]>. To unsubscribe, E-mail to: <[EMAIL PROTECTED]> To switch to the DIGEST mode, E-mail to <[EMAIL PROTECTED]> To switch to the INDEX mode, E-mail to <[EMAIL PROTECTED]> Send administrative queries to <[EMAIL PROTECTED]>
SETLOCAL SET DDdrv=E: SET DDdir=\sniffer\scripts\ SET DD=%DDdrv%%DDdir% rem Set the full path to your IMail directory. SET IMailDir=E:\imail rem Set the full path to you Sniffer directory. set snifferdir=E:\sniffer\ set sniffersrv=E:\snfsrv\rulebase\ rem Set the e-mail address you would like script results sent to. SET [EMAIL PROTECTED] rem Set e-mail "from" domain for your script results. SET FromDom=Cefib.net :CheckDirectories if not exist %DD% goto end %DDdrv% cd %DD% echo %date% > %DD%mail.txt echo %time% >> %DD%mail.txt echo ****** >> %DD%mail.txt echo param %1 >> %DD%mail.txt echo ****** >> %DD%mail.txt if exist %DD%error.txt goto errorexist echo - >> %DD%mail.txt echo %DD%error.txt not found >> %DD%mail.txt echo Proceeding with .gz test >> %DD%mail.txt echo - >> %DD%mail.txt goto testgz :errorexist echo - >> %DD%mail.txt echo found %DD%error.txt >> %DD%mail.txt echo Previous download failed, deleting all files >> %DD%mail.txt del %DD%error.txt >> %DD%mail.txt if exist %DD%zydt3crn.snf.gz del %DD%zydt3crn.snf.gz >> %DD%mail.txt if exist %DD%zydt3crn.snf del %DD%zydt3crn.snf >> %DD%mail.txt echo %DD%error.txt deleted >> %DD%mail.txt echo Proceeding with download >> %DD%mail.txt echo - >> %DD%mail.txt goto download :testgz if exist %DD%zydt3crn.snf.gz goto gzexist echo - >> %DD%mail.txt echo %DD%zydt3crn.snf.gz not found >> %DD%mail.txt echo Proceeding with file download >> %DD%mail.txt echo - >> %DD%mail.txt goto download :gzexist echo - >> %DD%mail.txt echo found %DD%zydt3crn.snf.gz >> %DD%mail.txt del %DD%zydt3crn.snf.gz >> %DD%mail.txt echo %DD%zydt3crn.snf.gz deleted >> %DD%mail.txt echo Proceeding with file download >> %DD%mail.txt echo - >> %DD%mail.txt goto download :download %DD%wget -N http://www.sortmonster.net/Sniffer/Updates/zydt3crn.snf --tries=10 --wait=5 --random-wait -o %DD%result.txt --header=Accept-Encoding:gzip --http-user=sniffer --http-passwd= if errorlevel 1 goto wgeterr1 if not exist zydt3crn.snf goto nosnf fgrep "Server file no newer than local file" %DD%result.txt if not errorlevel 1 goto nonewff :step2 fgrep "`zydt3crn.snf' saved" %DD%result.txt if not errorlevel 1 goto newff echo cas wget non prevu >> %DD%mail.txt goto END :newff echo %time% >> %DD%mail.txt echo Renaming and testing >> %DD%mail.txt rename zydt3crn.snf zydt3crn.snf.gz gzip -d -f -t zydt3crn.snf.gz if errorlevel 0 goto gziperr0 if errorlevel 1 goto gziperr1 GOTO END :gziperr0 Echo gzip OK errorlevel 0 >> %DD%mail.txt gzip -d -f zydt3crn.snf.gz GOTO New GOTO END :gziperr1 Echo gzip errorlevel 1 >> %DD%mail.txt Echo gzip .gz file did not test OK >> %DD%mail.txt GOTO END :New ECHO New Rule File Found ECHO New Rule File Found and Extracted >> %DD%mail.txt ECHO Testing with Snf2check >> %DD%mail.txt snf2check.exe %DD%zydt3crn.snf xxxxxxxxxxxxxxxx >> %DD%mail.txt if errorlevel 1 goto FileNotGood echo New File Tested GOOD! ECHO Snf2check Files tested good >> %DD%mail.txt ECHO %Date% >> %DD%mail.txt ECHO %Time% >> %DD%mail.txt rem ECHO Copying and Replacing old sniffer >> %DD%mail.txt rem ECHO - >> %DD%mail.txt rem if exist %snifferdir%zydt3crn.old del %snifferdir%zydt3crn.old >> %DD%mail.txt rem if exist %snifferdir%zydt3crn.tmp del %snifferdir%zydt3crn.tmp >> %DD%mail.txt rem copy /V /Y zydt3crn.snf %snifferdir%zydt3crn.tmp >> %DD%mail.txt rem rename %snifferdir%zydt3crn.snf zydt3crn.old >> %DD%mail.txt rem rename %snifferdir%zydt3crn.tmp zydt3crn.snf >> %DD%mail.txt ECHO - >> %DD%mail.txt ECHO Copying and Replacing server >> %DD%mail.txt ECHO - >> %DD%mail.txt if exist %sniffersrv%zydt3crn.old del %sniffersrv%zydt3crn.old >> %DD%mail.txt if exist %sniffersrv%zydt3crn.tmp del %sniffersrv%zydt3crn.tmp >> %DD%mail.txt copy /V /Y zydt3crn.snf %sniffersrv%zydt3crn.tmp >> %DD%mail.txt rename %sniffersrv%zydt3crn.snf zydt3crn.old >> %DD%mail.txt rename %sniffersrv%zydt3crn.tmp zydt3crn.snf >> %DD%mail.txt ECHO Files updated successfuly >> %DD%mail.txt ECHO %Time% >> %DD%mail.txt ECHO Reloading Sniffer RuleBase >> %DD%mail.txt %SNIFFERDIR%zydt3crn.exe reload goto end :FileNotGood ECHO Snf2check File zydt3crn.snf tested not good >> %DD%mail.txt ECHO %Time% >> %DD%mail.txt ECHO %Time% >> %DD%error.txt GOTO END :wgeterr1 Echo Error level 1 from Wget > %DD%mail.txt Echo >> %DD%mail.txt goto END :nosnf Echo no zydt3crn.snf file found > %DD%mail.txt Echo >> %DD%mail.txt goto END :nonewff Echo no new zydt3crn.snf file found on remote server >> %DD%mail.txt Echo ******** >> %DD%mail.txt Echo ******** >> %DD%mail.txt goto END :END echo %date% >> %DD%mail.txt echo %time% >> %DD%mail.txt echo ****** >> %DD%mail.txt Type result.txt >> %DD%mail.txt if not exist %1 goto email REM Add the trigger message to the final message echo ***********************************************>> %DD%mail.txt echo ***********************************************>> %DD%mail.txt type %1>> %DD%mail.txt del %1 :email rem Send Email with update results. IMailDir%\imail1 -f %DD%mail.txt -s "Sniffer update on mail.cefib.com" -t %MailTo% -u postmaster cd\ :finish ENDLOCAL
############################################################# This message is sent to you because you are subscribed to the mailing list <[email protected]>. To unsubscribe, E-mail to: <[EMAIL PROTECTED]> To switch to the DIGEST mode, E-mail to <[EMAIL PROTECTED]> To switch to the INDEX mode, E-mail to <[EMAIL PROTECTED]> Send administrative queries to <[EMAIL PROTECTED]>
