Ajax Speed Anzeige ncohmal veraendert
[ipfire-2.x.git] / src / initscripts / init.d / snort
CommitLineData
bd3a8a50 1#!/bin/sh
83843a1c
MT
2########################################################################
3# Begin $rc_base/init.d/snort
4#
5# Description : Snort Initscript
6#
7# Authors : Michael Tremer for ipfire.org - mitch@ipfire.org
8#
9# Version : 01.00
bd3a8a50 10#
83843a1c
MT
11# Notes :
12#
13########################################################################
14
15. /etc/sysconfig/rc
16. ${rc_functions}
bd3a8a50 17
bd3a8a50 18eval $(/usr/local/bin/readhash /var/ipfire/ethernet/settings)
83843a1c 19eval $(/usr/local/bin/readhash /var/ipfire/snort/settings)
bd3a8a50 20
83843a1c
MT
21if [ "$ENABLE_SNORT_ORANGE" == "on" ]; then
22 HOME_NET+="$ORANGE_ADDRESS,"
23 DEVICES+="$ORANGE_DEV "
24fi
bd3a8a50 25
83843a1c
MT
26if [ "$ENABLE_SNORT_GREEN" == "on" ]; then
27 HOME_NET+="$GREEN_ADDRESS,"
28 DEVICES+="$GREEN_DEV "
29fi
bd3a8a50 30
83843a1c
MT
31if [ "$ENABLE_SNORT_BLUE" == "on" ]; then
32 HOME_NET+="$BLUE_ADDRESS,"
33 DEVICES+="$BLUE_DEV "
34fi
bd3a8a50 35
83843a1c
MT
36if [ "$ENABLE_SNORT" == "on" ]; then
37 LOCAL_IP=`cat /var/ipfire/red/local-ipaddress`
38 if [ "$LOCAL_IP" ]; then
39 HOME_NET+="$LOCAL_IP,"
40 else
41 exit 1 ## Add error handling here
42 fi
cf29614f 43 DEVICES+=`cat /var/ipfire/red/iface`
83843a1c 44fi
bd3a8a50 45
83843a1c
MT
46COUNT=`echo $HOME_NET | wc -m`
47HOME_NET=`echo $HOME_NET | cut -c $[$COUNT - 2]`
48
49echo "var HOME_NET [$HOME_NET]" > /etc/snort/vars
50echo "var EXTERNAL_NET ANY" >> /etc/snort/vars
bd3a8a50 51
e65dae7e
CS
52DNS1=`cat /var/ipfire/red/dns1 2>/dev/null`
53DNS2=`cat /var/ipfire/red/dns2 2>/dev/null`
83843a1c
MT
54
55if [ "$DNS2" ]; then
56 echo "var DNS_SERVERS [$DNS1,$DNS2]" >> /etc/snort/vars
57else
3ef6c343 58 echo "var DNS_SERVERS $DNS1" >> /etc/snort/vars
83843a1c 59fi
bd3a8a50
RZ
60
61case "$1" in
62 start)
83843a1c
MT
63 for DEVICE in $DEVICES; do
64 boot_mesg "Starting Intrusion Detection System on $DEVICE..."
69addbb8 65 /usr/sbin/snort -c /etc/snort/snort.conf -i $DEVICE -D -l /var/log/snort --create-pidfile --nolock-pidfile --pid-path /var/run/
3ef6c343 66 evaluate_retval
c6c9630e 67 chmod 644 /var/run/snort_$DEVICE.pid
83843a1c 68 done
bd3a8a50 69 ;;
3ef6c343 70
bd3a8a50 71 stop)
f5be2265
CS
72 DEVICES=""
73 if [ -r /var/run/snort_$BLUE_DEV.pid ]; then
74 DEVICES+="$BLUE_DEV "
75 fi
76 if [ -r /var/run/snort_$GREEN_DEV.pid ]; then
77 DEVICES+="$GREEN_DEV "
78 fi
79 if [ -r /var/run/snort_$ORANGE_DEV.pid ]; then
80 DEVICES+="$ORANGE_DEV "
81 fi
cf29614f
CS
82
83 RED=`cat /var/ipfire/red/iface`
84 if [ -r /var/run/snort_$RED.pid ]; then
e65dae7e 85 DEVICES+=`cat /var/ipfire/red/iface 2>/dev/null`
ce8e4c83
CS
86 fi
87
cf29614f 88 for DEVICE in $DEVICES; do
83843a1c
MT
89 boot_mesg "Stopping Intrusion Detection System on $DEVICE..."
90 killproc -p /var/run/snort_$DEVICE.pid /var/run
91 done
cf29614f 92
e65dae7e 93 rm /var/run/snort_* >/dev/null 2>/dev/null
bd3a8a50 94 ;;
3ef6c343 95
bd3a8a50
RZ
96 status)
97 statusproc /usr/sbin/snort
98 ;;
3ef6c343 99
83843a1c
MT
100 restart)
101 $0 stop
102 $0 start
103 ;;
104
bd3a8a50 105 *)
3ef6c343 106 echo "Usage: $0 {start|stop|restart|status}"
bd3a8a50
RZ
107 exit 1
108 ;;
109esac
110
111# End $rc_base/init.d/snort