]>
Commit | Line | Data |
---|---|---|
bd3a8a50 | 1 | #!/bin/sh |
83843a1c MT |
2 | ######################################################################## |
3 | # Begin $rc_base/init.d/snort | |
4 | # | |
5 | # Description : Snort Initscript | |
6 | # | |
7 | # Authors : Michael Tremer for ipfire.org - mitch@ipfire.org | |
8 | # | |
9 | # Version : 01.00 | |
bd3a8a50 | 10 | # |
83843a1c MT |
11 | # Notes : |
12 | # | |
13 | ######################################################################## | |
14 | ||
15 | . /etc/sysconfig/rc | |
16 | . ${rc_functions} | |
bd3a8a50 | 17 | |
1b73b07e CS |
18 | PATH=/usr/local/sbin:/usr/local/bin:/bin:/usr/bin:/sbin:/usr/sbin; export PATH |
19 | ||
bd3a8a50 | 20 | eval $(/usr/local/bin/readhash /var/ipfire/ethernet/settings) |
83843a1c | 21 | eval $(/usr/local/bin/readhash /var/ipfire/snort/settings) |
bd3a8a50 | 22 | |
c77e962d SS |
23 | ALIASFILE="/var/ipfire/ethernet/aliases" |
24 | ||
8dc25f04 AF |
25 | case "$1" in |
26 | start) | |
27 | if [ "$BLUE_NETADDRESS" ]; then | |
28 | BLUE_NET="$BLUE_NETADDRESS/$BLUE_NETMASK," | |
29 | BLUE_IP="$BLUE_ADDRESS," | |
30 | fi | |
bd3a8a50 | 31 | |
8dc25f04 AF |
32 | if [ "$ORANGE_NETADDRESS" ]; then |
33 | ORANGE_NET="$ORANGE_NETADDRESS/$ORANGE_NETMASK," | |
34 | ORANGE_IP="$ORANGE_ADDRESS," | |
35 | fi | |
bd3a8a50 | 36 | |
8dc25f04 AF |
37 | if [ "$ENABLE_SNORT_ORANGE" == "on" ]; then |
38 | DEVICES+="$ORANGE_DEV " | |
39 | HOMENET+="$ORANGE_IP" | |
40 | else | |
41 | HOMENET+="$ORANGE_NET" | |
42 | fi | |
bd3a8a50 | 43 | |
8dc25f04 AF |
44 | if [ "$ENABLE_SNORT_BLUE" == "on" ]; then |
45 | DEVICES+="$BLUE_DEV " | |
46 | HOMENET+="$BLUE_IP" | |
47 | else | |
48 | HOMENET+="$BLUE_NET" | |
49 | fi | |
bd3a8a50 | 50 | |
8dc25f04 AF |
51 | if [ "$ENABLE_SNORT_GREEN" == "on" ]; then |
52 | DEVICES+="$GREEN_DEV " | |
53 | HOMENET+="$GREEN_ADDRESS," | |
54 | else | |
55 | HOMENET+="$GREEN_NETADDRESS/$GREEN_NETMASK," | |
56 | fi | |
bd3a8a50 | 57 | |
8dc25f04 AF |
58 | if [ "$ENABLE_SNORT" == "on" ]; then |
59 | DEVICES+=`cat /var/ipfire/red/iface 2>/dev/null` | |
60 | LOCAL_IP=`cat /var/ipfire/red/local-ipaddress 2>/dev/null` | |
61 | if [ "$LOCAL_IP" ]; then | |
62 | HOMENET+="$LOCAL_IP," | |
63 | fi | |
c77e962d SS |
64 | |
65 | # Check if the red device is set to static and | |
66 | # any aliases have been configured. | |
67 | if [ "${RED_TYPE}" == "STATIC" ] && [ -s "${ALIASFILE}" ]; then | |
68 | # Read in aliases file. | |
69 | while IFS="," read -r address mode remark; do | |
70 | # Check if the alias is enabled. | |
71 | [ "${mode}" = "on" ] || continue | |
72 | ||
73 | # Add alias to the list of HOMENET addresses. | |
74 | HOMENET+="${address}," | |
75 | done < "${ALIASFILE}" | |
76 | fi | |
8dc25f04 AF |
77 | fi |
78 | HOMENET+="127.0.0.1" | |
89f3d66c | 79 | echo "ipvar HOME_NET [$HOMENET]" > /etc/snort/vars |
83843a1c | 80 | |
8dc25f04 AF |
81 | DNS1=`cat /var/ipfire/red/dns1 2>/dev/null` |
82 | DNS2=`cat /var/ipfire/red/dns2 2>/dev/null` | |
bd3a8a50 | 83 | |
8dc25f04 | 84 | if [ "$DNS2" ]; then |
89f3d66c | 85 | echo "ipvar DNS_SERVERS [$DNS1,$DNS2]" >> /etc/snort/vars |
8dc25f04 | 86 | else |
89f3d66c | 87 | echo "ipvar DNS_SERVERS $DNS1" >> /etc/snort/vars |
8dc25f04 | 88 | fi |
ce0e83b3 | 89 | |
1b73b07e CS |
90 | for DEVICE in $DEVICES; do |
91 | boot_mesg "Starting Intrusion Detection System on $DEVICE..." | |
6ee104ae | 92 | /usr/sbin/snort -c /etc/snort/snort.conf -i $DEVICE -D -l /var/log/snort --create-pidfile --nolock-pidfile --pid-path /var/run |
1b73b07e | 93 | evaluate_retval |
0d7da887 | 94 | sleep 1 |
1b73b07e CS |
95 | chmod 644 /var/run/snort_$DEVICE.pid |
96 | done | |
dcb6493a SS |
97 | ;; |
98 | ||
1b73b07e CS |
99 | stop) |
100 | DEVICES="" | |
101 | if [ -r /var/run/snort_$BLUE_DEV.pid ]; then | |
102 | DEVICES+="$BLUE_DEV " | |
103 | fi | |
104 | ||
105 | if [ -r /var/run/snort_$GREEN_DEV.pid ]; then | |
106 | DEVICES+="$GREEN_DEV " | |
107 | fi | |
108 | ||
109 | if [ -r /var/run/snort_$ORANGE_DEV.pid ]; then | |
110 | DEVICES+="$ORANGE_DEV " | |
111 | fi | |
cf29614f | 112 | |
1b73b07e CS |
113 | RED=`cat /var/ipfire/red/iface 2>/dev/null` |
114 | if [ -r /var/run/snort_$RED.pid ]; then | |
115 | DEVICES+=`cat /var/ipfire/red/iface 2>/dev/null` | |
116 | fi | |
ce8e4c83 | 117 | |
1b73b07e CS |
118 | for DEVICE in $DEVICES; do |
119 | boot_mesg "Stopping Intrusion Detection System on $DEVICE..." | |
120 | killproc -p /var/run/snort_$DEVICE.pid /var/run | |
121 | done | |
122 | ||
123 | rm /var/run/snort_* >/dev/null 2>/dev/null | |
0ad0c03e AF |
124 | |
125 | # Don't report returncode of rm if snort was not started | |
126 | exit 0 | |
1b73b07e CS |
127 | ;; |
128 | ||
129 | status) | |
130 | statusproc /usr/sbin/snort | |
131 | ;; | |
132 | ||
133 | restart) | |
134 | $0 stop | |
135 | $0 start | |
136 | ;; | |
137 | ||
138 | *) | |
139 | echo "Usage: $0 {start|stop|restart|status}" | |
140 | exit 1 | |
141 | ;; | |
bd3a8a50 RZ |
142 | esac |
143 | ||
97bfe380 | 144 | chmod 644 /var/log/snort/* 2>/dev/null |
9c0d99da | 145 | |
bd3a8a50 | 146 | # End $rc_base/init.d/snort |