]>
git.ipfire.org Git - people/pmueller/ipfire-2.x.git/blob - src/misc-progs/restartsnort.c
1 /* SmoothWall helper program - restartsnort
3 * This program is distributed under the terms of the GNU General Public
4 * Licence. See the file COPYING for details.
6 * (c) Lawrence Manning, 2001
9 * $Id: restartsnort.c,v 1.8.2.3 2005/10/16 12:36:14 rkerr Exp $
17 #include <sys/types.h>
22 #include "libsmooth.h"
25 struct keyvalue
*kv
= NULL
;
26 FILE *varsfile
= NULL
;
28 void exithandler(void)
37 int killsnort(char *interface
)
40 char pidname
[STRING_SIZE
] = "";
41 char buffer
[STRING_SIZE
] = "";
44 sprintf(pidname
, "/var/run/snort_%s.pid", interface
);
46 if ((fd
= open(pidname
, O_RDONLY
)) != -1)
48 if (read(fd
, buffer
, STRING_SIZE
- 1) == -1)
49 fprintf(stderr
, "Couldn't read from pid file\n");
54 fprintf(stderr
, "Bad pid value\n");
57 if (kill(pid
, SIGTERM
) == -1)
58 fprintf(stderr
, "Unable to send SIGTERM\n");
68 int main(int argc
, char *argv
[])
71 FILE *ifacefile
, *ipfile
, *dns1file
, *dns2file
;
72 char iface
[STRING_SIZE
] = "";
73 char locip
[STRING_SIZE
] = "";
74 char dns1
[STRING_SIZE
] = "";
75 char dns2
[STRING_SIZE
] = "";
76 char command
[STRING_SIZE
] = "";
77 char greendev
[STRING_SIZE
] = "";
78 char orangedev
[STRING_SIZE
] = "";
79 char bluedev
[STRING_SIZE
] = "";
80 char greenip
[STRING_SIZE
] = "";
81 char orangeip
[STRING_SIZE
] = "";
82 char blueip
[STRING_SIZE
] = "";
85 int restartred
= 0, restartgreen
= 0, restartblue
= 0, restartorange
= 0;
92 for (i
=0; i
<argc
; i
++) {
93 if (!strcmp(argv
[i
], "red"))
95 if (!strcmp(argv
[i
], "orange"))
97 if (!strcmp(argv
[i
], "blue"))
99 if (!strcmp(argv
[i
], "green"))
103 kv
= initkeyvalues();
104 if (!(readkeyvalues(kv
, CONFIG_ROOT
"/ethernet/settings")))
107 if (! findkey(kv
, "GREEN_DEV", greendev
)) {
108 fprintf(stderr
, "Couldn't find GREEN device\n");
111 if (! strlen (greendev
) > 0) {
112 fprintf(stderr
, "Couldn't find GREEN device\n");
115 if (!VALID_DEVICE(greendev
))
117 fprintf(stderr
, "Bad GREEN_DEV: %s\n", greendev
);
120 if (!(findkey(kv
, "GREEN_ADDRESS", greenip
))) {
121 fprintf(stderr
, "Couldn't find GREEN address\n");
124 if (!VALID_IP(greenip
)) {
125 fprintf(stderr
, "Bad GREEN_ADDRESS: %s\n", greenip
);
129 if (findkey(kv
, "ORANGE_DEV", orangedev
) && strlen (orangedev
) > 0) {
130 if (!VALID_DEVICE(orangedev
))
132 fprintf(stderr
, "Bad ORANGE_DEV: %s\n", orangedev
);
135 if (!(findkey(kv
, "ORANGE_ADDRESS", orangeip
))) {
136 fprintf(stderr
, "Couldn't find ORANGE address\n");
139 if (!VALID_IP(orangeip
)) {
140 fprintf(stderr
, "Bad ORANGE_ADDRESS: %s\n", orangeip
);
145 if (findkey(kv
, "BLUE_DEV", bluedev
) && strlen (bluedev
) > 0) {
146 if (!VALID_DEVICE(bluedev
))
148 fprintf(stderr
, "Bad BLUE_DEV: %s\n", bluedev
);
151 if (!(findkey(kv
, "BLUE_ADDRESS", blueip
))) {
152 fprintf(stderr
, "Couldn't find BLUE address\n");
155 if (!VALID_IP(blueip
)) {
156 fprintf(stderr
, "Bad BLUE_ADDRESS: %s\n", blueip
);
161 stat(CONFIG_ROOT
"/red/active", &st
);
163 if (S_ISREG(st
.st_mode
)) {
164 if (!(ifacefile
= fopen(CONFIG_ROOT
"/red/iface", "r")))
166 fprintf(stderr
, "Couldn't open iface file\n");
170 if (fgets(iface
, STRING_SIZE
, ifacefile
))
172 if (iface
[strlen(iface
) - 1] == '\n')
173 iface
[strlen(iface
) - 1] = '\0';
176 if (!VALID_DEVICE(iface
))
178 fprintf(stderr
, "Bad iface: %s\n", iface
);
182 if (!(ipfile
= fopen(CONFIG_ROOT
"/red/local-ipaddress", "r")))
184 fprintf(stderr
, "Couldn't open local ip file\n");
187 if (fgets(locip
, STRING_SIZE
, ipfile
))
189 if (locip
[strlen(locip
) - 1] == '\n')
190 locip
[strlen(locip
) - 1] = '\0';
193 if (strlen(locip
) && !VALID_IP(locip
))
195 fprintf(stderr
, "Bad local IP: %s\n", locip
);
199 if (!(dns1file
= fopen(CONFIG_ROOT
"/red/dns1", "r")))
201 fprintf(stderr
, "Couldn't open dns1 file\n");
204 if (fgets(dns1
, STRING_SIZE
, dns1file
))
206 if (dns1
[strlen(dns1
) - 1] == '\n')
207 dns1
[strlen(dns1
) - 1] = '\0';
210 if (strlen(dns1
) && !VALID_IP(dns1
))
212 fprintf(stderr
, "Bad DNS1 IP: %s\n", dns1
);
216 if (!(dns2file
= fopen(CONFIG_ROOT
"/red/dns2", "r")))
218 fprintf(stderr
, "Couldn't open dns2 file\n");
221 if (fgets(dns2
, STRING_SIZE
, dns2file
))
223 if (dns2
[strlen(dns2
) - 1] == '\n')
224 dns2
[strlen(dns2
) - 1] = '\0';
227 if (strlen(dns2
) && !VALID_IP(dns2
))
229 fprintf(stderr
, "Bad DNS2 IP: %s\n", dns2
);
241 killsnort(orangedev
);
246 if (!(varsfile
= fopen("/etc/snort/vars", "w")))
248 fprintf(stderr
, "Couldn't create vars file\n");
251 if (strlen(blueip
)) {
252 if (strlen(orangeip
)) {
254 fprintf(varsfile
, "var HOME_NET [%s,%s,%s,%s]\n", greenip
, orangeip
, blueip
, locip
);
256 fprintf(varsfile
, "var HOME_NET [%s,%s,%s]\n", greenip
, orangeip
, blueip
);
260 fprintf(varsfile
, "var HOME_NET [%s,%s,%s]\n", greenip
, blueip
, locip
);
262 fprintf(varsfile
, "var HOME_NET [%s,%s]\n", greenip
, blueip
);
266 if (strlen(orangeip
)) {
268 fprintf(varsfile
, "var HOME_NET [%s,%s,%s]\n", greenip
, orangeip
, locip
);
270 fprintf(varsfile
, "var HOME_NET [%s,%s]\n", greenip
, orangeip
);
274 fprintf(varsfile
, "var HOME_NET [%s,%s]\n", greenip
, locip
);
276 fprintf(varsfile
, "var HOME_NET [%s]\n", greenip
);
283 fprintf(varsfile
, "var DNS_SERVERS [%s,%s]\n", dns1
, dns2
);
285 fprintf(varsfile
, "var DNS_SERVERS %s\n", dns1
);
287 fprintf(varsfile
, "var DNS_SERVERS []\n");
292 if (restartred
&& strlen(iface
) && (fd
= open(CONFIG_ROOT
"/snort/enable", O_RDONLY
)) != -1)
295 snprintf(command
, STRING_SIZE
-1,
296 "/usr/sbin/snort -c /etc/snort/snort.conf -D -u snort -g snort -d -e -o -p -b -A fast -m 022 -i %s",
298 safe_system(command
);
300 if (restartblue
&& strlen(bluedev
) && (fd
= open(CONFIG_ROOT
"/snort/enable_blue", O_RDONLY
)) != -1 && bluedev
)
303 snprintf(command
, STRING_SIZE
-1,
304 "/usr/sbin/snort -c /etc/snort/snort.conf -D -u snort -g snort -d -e -o -p -b -A fast -m 022 -i %s",
306 safe_system(command
);
308 if (restartorange
&& strlen(orangedev
) && (fd
= open(CONFIG_ROOT
"/snort/enable_orange", O_RDONLY
)) != -1 && orangedev
)
311 snprintf(command
, STRING_SIZE
-1,
312 "/usr/sbin/snort -c /etc/snort/snort.conf -D -u snort -g snort -d -e -o -p -b -A fast -m 022 -i %s",
314 safe_system(command
);
316 if (restartgreen
&& (fd
= open(CONFIG_ROOT
"/snort/enable_green", O_RDONLY
)) != -1)
319 snprintf(command
, STRING_SIZE
-1,
320 "/usr/sbin/snort -c /etc/snort/snort.conf -D -u snort -g snort -d -e -o -p -b -A fast -m 022 -i %s",
322 safe_system(command
);