[ipfire-2.x.git] / src / initscripts / init.d / snort

#!/bin/sh
########################################################################
# Begin $rc_base/init.d/snort
#
# Description : Snort Initscript
#
# Authors     : Michael Tremer for ipfire.org - mitch@ipfire.org
#
# Version     : 01.00
#
# Notes       :
#
########################################################################

. /etc/sysconfig/rc
. ${rc_functions}

eval $(/usr/local/bin/readhash /var/ipfire/ethernet/settings)
eval $(/usr/local/bin/readhash /var/ipfire/snort/settings)

if [ "$ENABLE_SNORT_ORANGE" == "on" ]; then
	HOME_NET+="$ORANGE_ADDRESS,"
	DEVICES+="$ORANGE_DEV "
fi

if [ "$ENABLE_SNORT_GREEN" == "on" ]; then
	HOME_NET+="$GREEN_ADDRESS,"
	DEVICES+="$GREEN_DEV "
fi

if [ "$ENABLE_SNORT_BLUE" == "on" ]; then
	HOME_NET+="$BLUE_ADDRESS,"
	DEVICES+="$BLUE_DEV "
fi

if [ "$ENABLE_SNORT" == "on" ]; then
	LOCAL_IP=`cat /var/ipfire/red/local-ipaddress`
	if [ "$LOCAL_IP" ]; then
		HOME_NET+="$LOCAL_IP,"
	else
		exit 1 ## Add error handling here
	fi
	DEVICES+="`cat /var/ipfire/red/iface` "
fi

COUNT=`echo $HOME_NET | wc -m`
HOME_NET=`echo $HOME_NET | cut -c $[$COUNT - 2]`
 
echo "var HOME_NET [$HOME_NET]" >	/etc/snort/vars
echo "var EXTERNAL_NET ANY" >> 		/etc/snort/vars

DNS1=`cat /var/ipfire/red/dns1`
DNS2=`cat /var/ipfire/red/dns2`

if [ "$DNS2" ]; then
	echo "var DNS_SERVERS [$DNS1,$DNS2]" >> /etc/snort/vars
else
	echo "var DNS_SERVERS $DNS1" >> /etc/snort/vars
fi 

case "$1" in
	start)
		for DEVICE in $DEVICES; do
			boot_mesg "Starting Intrusion Detection System on $DEVICE..."
			/usr/sbin/snort -c /etc/snort/snort.conf -i $DEVICE -D -l /var/log/snort --pid-path /var/run/snort_$DEVICE.pid
			evaluate_retval
			chmod 644 /var/run/snort_$DEVICE.pid
		done
		;;
		
	stop)
	     DEVICES=""
	     if [ -r /var/run/snort_$BLUE_DEV.pid ]; then
	         DEVICES+="$BLUE_DEV "
       fi
	     if [ -r /var/run/snort_$GREEN_DEV.pid ]; then
	         DEVICES+="$GREEN_DEV "
       fi
	     if [ -r /var/run/snort_$ORANGE_DEV.pid ]; then
	         DEVICES+="$ORANGE_DEV "
       fi
		for DEVICE in $DEVICES; do
			boot_mesg "Stopping Intrusion Detection System on $DEVICE..."
			killproc -p /var/run/snort_$DEVICE.pid /var/run
		done
		;;
		
	status)
		statusproc /usr/sbin/snort
		;;
		
	restart)
		$0 stop
		$0 start
		;;
		
	*)
		echo "Usage: $0 {start|stop|restart|status}"
		exit 1
		;;
esac

# End $rc_base/init.d/snort
Commit	Line	Data
bd3a8a50	1	#!/bin/sh
83843a1c MT	2	########################################################################
	3	# Begin $rc_base/init.d/snort
	4	#
	5	# Description : Snort Initscript
	6	#
	7	# Authors : Michael Tremer for ipfire.org - mitch@ipfire.org
	8	#
	9	# Version : 01.00
bd3a8a50	10	#
83843a1c MT	11	# Notes :
	12	#
	13	########################################################################
	14
	15	. /etc/sysconfig/rc
	16	. ${rc_functions}
bd3a8a50	17
bd3a8a50	18	eval $(/usr/local/bin/readhash /var/ipfire/ethernet/settings)
83843a1c	19	eval $(/usr/local/bin/readhash /var/ipfire/snort/settings)
bd3a8a50	20
83843a1c MT	21	if [ "$ENABLE_SNORT_ORANGE" == "on" ]; then
	22	HOME_NET+="$ORANGE_ADDRESS,"
	23	DEVICES+="$ORANGE_DEV "
	24	fi
bd3a8a50	25
83843a1c MT	26	if [ "$ENABLE_SNORT_GREEN" == "on" ]; then
	27	HOME_NET+="$GREEN_ADDRESS,"
	28	DEVICES+="$GREEN_DEV "
	29	fi
bd3a8a50	30
83843a1c MT	31	if [ "$ENABLE_SNORT_BLUE" == "on" ]; then
	32	HOME_NET+="$BLUE_ADDRESS,"
	33	DEVICES+="$BLUE_DEV "
	34	fi
bd3a8a50	35
83843a1c MT	36	if [ "$ENABLE_SNORT" == "on" ]; then
	37	LOCAL_IP=`cat /var/ipfire/red/local-ipaddress`
	38	if [ "$LOCAL_IP" ]; then
	39	HOME_NET+="$LOCAL_IP,"
	40	else
	41	exit 1 ## Add error handling here
	42	fi
	43	DEVICES+="`cat /var/ipfire/red/iface` "
	44	fi
bd3a8a50	45
83843a1c MT	46	COUNT=`echo $HOME_NET \| wc -m`
	47	HOME_NET=`echo $HOME_NET \| cut -c $[$COUNT - 2]`
	48
	49	echo "var HOME_NET [$HOME_NET]" > /etc/snort/vars
	50	echo "var EXTERNAL_NET ANY" >> /etc/snort/vars
bd3a8a50	51
83843a1c MT	52	DNS1=`cat /var/ipfire/red/dns1`
	53	DNS2=`cat /var/ipfire/red/dns2`
	54
	55	if [ "$DNS2" ]; then
	56	echo "var DNS_SERVERS [$DNS1,$DNS2]" >> /etc/snort/vars
	57	else
3ef6c343	58	echo "var DNS_SERVERS $DNS1" >> /etc/snort/vars
83843a1c	59	fi
bd3a8a50 RZ	60
	61	case "$1" in
	62	start)
83843a1c MT	63	for DEVICE in $DEVICES; do
83843a1c MT	64	boot_mesg "Starting Intrusion Detection System on $DEVICE..."
3ef6c343 MT	65	/usr/sbin/snort -c /etc/snort/snort.conf -i $DEVICE -D -l /var/log/snort --pid-path /var/run/snort_$DEVICE.pid
3ef6c343 MT	66	evaluate_retval
c6c9630e	67	chmod 644 /var/run/snort_$DEVICE.pid
83843a1c	68	done
bd3a8a50	69	;;
3ef6c343	70
bd3a8a50	71	stop)
f5be2265 CS	72	DEVICES=""
	73	if [ -r /var/run/snort_$BLUE_DEV.pid ]; then
	74	DEVICES+="$BLUE_DEV "
	75	fi
	76	if [ -r /var/run/snort_$GREEN_DEV.pid ]; then
	77	DEVICES+="$GREEN_DEV "
	78	fi
	79	if [ -r /var/run/snort_$ORANGE_DEV.pid ]; then
	80	DEVICES+="$ORANGE_DEV "
	81	fi
83843a1c MT	82	for DEVICE in $DEVICES; do
	83	boot_mesg "Stopping Intrusion Detection System on $DEVICE..."
	84	killproc -p /var/run/snort_$DEVICE.pid /var/run
	85	done
bd3a8a50	86	;;
3ef6c343	87
bd3a8a50 RZ	88	status)
	89	statusproc /usr/sbin/snort
	90	;;
3ef6c343	91
83843a1c MT	92	restart)
	93	$0 stop
	94	$0 start
	95	;;
	96
bd3a8a50	97	*)
3ef6c343	98	echo "Usage: $0 {start\|stop\|restart\|status}"
bd3a8a50 RZ	99	exit 1
	100	;;
	101	esac
	102
	103	# End $rc_base/init.d/snort