refactor: Update snort.ps1 to install Snort, Npcap, and WinPcap

This commit refactors the `Install-Snort` function in `snort.ps1` to include the installation of both Npcap and WinPcap. Previously, only Npcap was installed, but now WinPcap is also downloaded and installed using the provided URLs. The environment variables are updated to include the path to the WinPcap installation directory. This change ensures that both Npcap and WinPcap are properly installed and configured for Snort to function correctly. Refactor the `Install-Snort` function in `snort.ps1` to install Snort, Npcap, and WinPcap
ADORSYS-GIS · Sep 5, 2024 · af13ce6 · af13ce6
1 parent 07a4548
commit af13ce6
Showing 1 changed file with 10 additions and 3 deletions.
diff --git a/scripts/windows/snort.ps1 b/scripts/windows/snort.ps1
@@ -1,13 +1,16 @@
-# Function to install Snort
+# Function to install Snort and WinPcap
 function Install-Snort {
     # Define paths and URLs
     $tempDir = "C:\Temp"
     $snortInstallerUrl = "https://www.snort.org/downloads/snort/Snort_2_9_20_Installer.x64.exe"
     $snortInstallerPath = "$tempDir\Snort_Installer.exe"
     $npcapInstallerUrl = "https://npcap.com/dist/npcap-1.79.exe"
     $npcapInstallerPath = "$tempDir\Npcap_Installer.exe"
+    $winpcapInstallerUrl = "https://www.winpcap.org/install/bin/WinPcap_4_1_3.exe"
+    $winpcapInstallerPath = "$tempDir\WinPcap_Installer.exe"
     $snortBinPath = "C:\Snort\bin"
     $npcapPath = "C:\Program Files\Npcap"
+    $winpcapPath = "C:\Program Files\WinPcap"
     $rulesDir = "C:\Snort\rules"
     $rulesFile = Join-Path -Path $rulesDir -ChildPath "local.rules"
     $ossecConfigPath = "C:\Program Files (x86)\ossec-agent\ossec.conf"
@@ -33,14 +36,18 @@ function Install-Snort {
     Download-File $snortInstallerUrl $snortInstallerPath
     Start-Process -FilePath $snortInstallerPath -ArgumentList "/S" -Wait
 
-    # Download Npcap (manual installation required)
+    # Download and install Npcap (manual installation required)
     Download-File $npcapInstallerUrl $npcapInstallerPath
     Start-Process -FilePath $npcapInstallerPath -Wait
     Write-Host "Please follow the on-screen instructions to complete the Npcap installation."
 
+    # Download and install WinPcap
+    Download-File $winpcapInstallerUrl $winpcapInstallerPath
+    Start-Process -FilePath $winpcapInstallerPath -ArgumentList "/S" -Wait
+
     # Add environment variables
     $envPath = [Environment]::GetEnvironmentVariable("Path", "Machine")
-    [Environment]::SetEnvironmentVariable("Path", "$envPath;$snortBinPath;$npcapPath", "Machine")
+    [Environment]::SetEnvironmentVariable("Path", "$envPath;$snortBinPath;$npcapPath;$winpcapPath", "Machine")
 
     # Create the rules directory if it does not exist
     if (-Not (Test-Path -Path $rulesDir)) {