File: /var/lib/dpkg/info/imunify360-ossec.preinst
#!/bin/sh
# preinst script for ossec-hids
set -e
# configuration variables
#OSSEC_HIDS_TMP_DIR="/tmp/ossec-hids"
# environment configuration
#if [ ! -d ${OSSEC_HIDS_TMP_DIR} ]; then
# mkdir ${OSSEC_HIDS_TMP_DIR}
#fi
case "$1" in
install)
groupadd -r ossec || :
useradd -g ossec -G ossec \
-d /var/ossec \
-r -s /sbin/nologin ossec || :
useradd -g ossec -G ossec \
-d /var/ossec \
-r -s /sbin/nologin ossecr || :
;;
upgrade)
rm -rf /var/ossec/rules/*.xml || :
rm -f /var/ossec/etc/rules.d/def360_rules.xml || :
#DEFA-1605
iptables -D INPUT -m set --match-set ossec.ipv4.blacklist_FTP src -p tcp --dport 21 -j DROP >/dev/null 2>&1 || :
iptables -D INPUT -m set --match-set ossec.ipv4.blacklist_SSH src -p tcp --dport 22 -j DROP >/dev/null 2>&1 || :
iptables -D INPUT -m set --match-set ossec.ipv4.blacklist_SMTP src -p tcp -p tcp -m multiport --dports 25,465,587 -j DROP >/dev/null 2>&1 || :
;;
abort-upgrade)
;;
*)
echo "preinst called with unknown argument \`$1'" >&2
exit 1
;;
esac
exit 0