From: Michael Tremer <michael.tremer@ipfire.org>
Date: Mon, 9 Sep 2024 21:08:11 +0000 (+0200)
Subject: suricata: Start the new watcher in the background
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=7138bbd94f8dec316d5cca4758f438a0770bd50a;p=people%2Fms%2Fipfire-2.x.git

suricata: Start the new watcher in the background

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
---

diff --git a/src/initscripts/system/suricata b/src/initscripts/system/suricata
index 40bd69c87..455715d1b 100644
--- a/src/initscripts/system/suricata
+++ b/src/initscripts/system/suricata
@@ -43,9 +43,6 @@ NFQ_OPTS=(
 	"--queue-bypass"
 )
 
-# PID file of suricata.
-PID_FILE="/var/run/suricata.pid"
-
 # Function to flush the firewall chains.
 flush_fw_chain() {
 	iptables -w -t mangle -F IPS
@@ -123,8 +120,7 @@ case "$1" in
 		if [ "$ENABLE_IDS" == "on" ]; then
 			# Start the IDS.
 			boot_mesg "Starting Intrusion Detection System..."
-			/usr/bin/suricata-watcher -c /etc/suricata/suricata.yaml $NFQUEUES
-			evaluate_retval
+			loadproc -b /usr/bin/suricata-watcher -c /etc/suricata/suricata.yaml $NFQUEUES
 
 			# Flush the firewall chain
 			flush_fw_chain