]>
Commit | Line | Data |
---|---|---|
d72b3e64 SS |
1 | #!/bin/sh |
2 | ######################################################################## | |
3 | # Begin $rc_base/init.d/suricata | |
4 | # | |
5 | # Description : Suricata Initscript | |
6 | # | |
7 | # Author : Stefan Schantl <stefan.schantl@ipfire.org> | |
8 | # | |
9 | # Version : 01.00 | |
10 | # | |
11 | # Notes : | |
12 | # | |
13 | ######################################################################## | |
14 | ||
15 | . /etc/sysconfig/rc | |
16 | . ${rc_functions} | |
17 | ||
18 | PATH=/usr/local/sbin:/usr/local/bin:/bin:/usr/bin:/sbin:/usr/sbin; export PATH | |
19 | ||
20 | eval $(/usr/local/bin/readhash /var/ipfire/ethernet/settings) | |
21 | eval $(/usr/local/bin/readhash /var/ipfire/suricata/settings) | |
22 | ||
23 | case "$1" in | |
24 | start) | |
25 | # Get amount of CPU cores. | |
26 | NFQUEUES= | |
27 | CPUCOUNT=0 | |
28 | while read line; do | |
29 | [ "$line" ] && [ -z "${line%processor*}" ] && NFQUEUES+="-q $CPUCOUNT " && ((CPUCOUNT++)) | |
30 | done </proc/cpuinfo | |
31 | ||
32 | boot_mesg "Starting Intrusion Detection System..." | |
33 | /usr/bin/suricata -c /etc/suricata/suricata.yaml -D $NFQUEUES | |
34 | evaluate_retval | |
35 | ;; | |
36 | ||
37 | stop) | |
38 | boot_mesg "Stopping Intrusion Detection System..." | |
39 | killproc -p /var/run/suricata.pid /var/run | |
40 | ||
41 | # Remove suricata control socket. | |
42 | rm /var/run/suricata/* >/dev/null 2>/dev/null | |
43 | ||
44 | # Don't report returncode of rm if suricata was not started | |
45 | exit 0 | |
46 | ;; | |
47 | ||
48 | status) | |
49 | statusproc /usr/bin/suricata | |
50 | ;; | |
51 | ||
52 | restart) | |
53 | $0 stop | |
54 | $0 start | |
55 | ;; | |
6187da50 SS |
56 | reload) |
57 | # Send SIGUSR2 to the suricata process to perform a reload | |
58 | # of the ruleset. | |
59 | kill -USR2 $(pidof suricata) | |
60 | ;; | |
d72b3e64 SS |
61 | |
62 | *) | |
6187da50 | 63 | echo "Usage: $0 {start|stop|restart|reload|status}" |
d72b3e64 SS |
64 | exit 1 |
65 | ;; | |
66 | esac | |
67 | ||
68 | chmod 644 /var/log/suricata/* 2>/dev/null | |
69 | ||
70 | # End $rc_base/init.d/suricata |