]>
git.ipfire.org Git - ipfire-2.x.git/blob - src/initscripts/init.d/snort
2 ########################################################################
3 # Begin $rc_base/init.d/snort
5 # Description : Snort Initscript
7 # Authors : Michael Tremer for ipfire.org - mitch@ipfire.org
13 ########################################################################
18 eval $
(/usr
/local
/bin
/readhash
/var
/ipfire
/ethernet
/settings
)
19 eval $
(/usr
/local
/bin
/readhash
/var
/ipfire
/snort
/settings
)
21 if [ "$ENABLE_SNORT_ORANGE" == "on" ]; then
22 HOME_NET
+="$ORANGE_ADDRESS,"
23 DEVICES
+="$ORANGE_DEV "
26 if [ "$ENABLE_SNORT_GREEN" == "on" ]; then
27 HOME_NET
+="$GREEN_ADDRESS,"
28 DEVICES
+="$GREEN_DEV "
31 if [ "$ENABLE_SNORT_BLUE" == "on" ]; then
32 HOME_NET
+="$BLUE_ADDRESS,"
36 if [ "$ENABLE_SNORT" == "on" ]; then
37 LOCAL_IP
=`cat /var/ipfire/red/local-ipaddress`
38 if [ "$LOCAL_IP" ]; then
39 HOME_NET
+="$LOCAL_IP,"
41 exit 1 ## Add error handling here
43 DEVICES
+=`cat /var/ipfire/red/iface`
46 COUNT
=`echo $HOME_NET | wc -m`
47 HOME_NET
=`echo $HOME_NET | cut -c $[$COUNT - 2]`
49 echo "var HOME_NET [$HOME_NET]" > /etc
/snort
/vars
50 echo "var EXTERNAL_NET ANY" >> /etc
/snort
/vars
52 DNS1
=`cat /var/ipfire/red/dns1`
53 DNS2
=`cat /var/ipfire/red/dns2`
56 echo "var DNS_SERVERS [$DNS1,$DNS2]" >> /etc
/snort
/vars
58 echo "var DNS_SERVERS $DNS1" >> /etc
/snort
/vars
63 for DEVICE
in $DEVICES; do
64 boot_mesg
"Starting Intrusion Detection System on $DEVICE..."
65 /usr
/sbin
/snort
-c /etc
/snort
/snort.conf
-i $DEVICE -D -l /var
/log
/snort
--create-pidfile --nolock-pidfile --pid-path /var
/run
/
67 chmod 644 /var
/run
/snort_
$DEVICE.pid
73 if [ -r /var
/run
/snort_
$BLUE_DEV.pid
]; then
76 if [ -r /var
/run
/snort_
$GREEN_DEV.pid
]; then
77 DEVICES
+="$GREEN_DEV "
79 if [ -r /var
/run
/snort_
$ORANGE_DEV.pid
]; then
80 DEVICES
+="$ORANGE_DEV "
83 RED
=`cat /var/ipfire/red/iface`
84 if [ -r /var
/run
/snort_
$RED.pid
]; then
85 DEVICES
+=`cat /var/ipfire/red/iface`
88 for DEVICE
in $DEVICES; do
89 boot_mesg
"Stopping Intrusion Detection System on $DEVICE..."
90 killproc
-p /var
/run
/snort_
$DEVICE.pid
/var
/run
97 statusproc
/usr
/sbin
/snort
106 echo "Usage: $0 {start|stop|restart|status}"
111 # End $rc_base/init.d/snort