case "$1" in
start)
+ # Disable incompatible rules
+ boot_mesg "Check/Fix Intrusion Detection rules..."
+ for file in $(ls /etc/snort/rules/*.rules 2>/dev/null); do
+ sed -i 's|^alert.*!\[\$DNS_SERVERS|#&|g' $file
+ sed -i 's|^alert.*!\$SSH_PORTS|#&|g' $file
+ sed -i 's|^alert.*!\$HOME_NET|#&|g' $file
+ sed -i 's|^alert.*!\$SQL_SERVERS|#&|g' $file
+ done
+ echo_ok
+
for DEVICE in $DEVICES; do
boot_mesg "Starting Intrusion Detection System on $DEVICE..."
/usr/sbin/snort -c /etc/snort/snort.conf -i $DEVICE -D -l /var/log/snort --create-pidfile --nolock-pidfile --pid-path /var/run/
evaluate_retval
+ sleep 1
chmod 644 /var/run/snort_$DEVICE.pid
done
IFACE=`/bin/cat /var/ipfire/red/iface 2>/dev/null | /usr/bin/tr -d '\012'`
sed -e "s/^Interface.*/Interface ${IFACE}/" /var/ipfire/guardian/guardian.conf > temp
mv temp /var/ipfire/guardian/guardian.conf
+ chown nobody.root /var/ipfire/guardian/guardian.conf
boot_mesg "Starting Guardian..."
loadproc /usr/local/bin/guardian.pl -c /var/ipfire/guardian/guardian.conf
;;
esac
+chmod 644 /var/log/snort/* 2>/dev/null
+
# End $rc_base/init.d/snort