projects / people / pmueller / ipfire-2.x.git / blame
| Commit | Line | Data |
|---|---|---|
| bd3a8a50 | 1 | #!/bin/sh |
| 83843a1c MT |
2 | ######################################################################## |
| 3 | # Begin $rc_base/init.d/snort | |
| 4 | # | |
| 5 | # Description : Snort Initscript | |
| 6 | # | |
| 7 | # Authors : Michael Tremer for ipfire.org - mitch@ipfire.org | |
| 8 | # | |
| 9 | # Version : 01.00 | |
| bd3a8a50 | 10 | # |
| 83843a1c MT |
11 | # Notes : |
| 12 | # | |
| 13 | ######################################################################## | |
| 14 | ||
| 15 | . /etc/sysconfig/rc | |
| 16 | . ${rc_functions} | |
| bd3a8a50 | 17 | |
| 1b73b07e CS |
18 | PATH=/usr/local/sbin:/usr/local/bin:/bin:/usr/bin:/sbin:/usr/sbin; export PATH |
| 19 | ||
| bd3a8a50 | 20 | eval $(/usr/local/bin/readhash /var/ipfire/ethernet/settings) |
| 83843a1c | 21 | eval $(/usr/local/bin/readhash /var/ipfire/snort/settings) |
| bd3a8a50 | 22 | |
| c77e962d SS |
23 | ALIASFILE="/var/ipfire/ethernet/aliases" |
| 24 | ||
| 8dc25f04 AF |
25 | case "$1" in |
| 26 | start) | |
| 27 | if [ "$BLUE_NETADDRESS" ]; then | |
| 28 | BLUE_NET="$BLUE_NETADDRESS/$BLUE_NETMASK," | |
| 29 | BLUE_IP="$BLUE_ADDRESS," | |
| 30 | fi | |
| bd3a8a50 | 31 | |
| 8dc25f04 AF |
32 | if [ "$ORANGE_NETADDRESS" ]; then |
| 33 | ORANGE_NET="$ORANGE_NETADDRESS/$ORANGE_NETMASK," | |
| 34 | ORANGE_IP="$ORANGE_ADDRESS," | |
| 35 | fi | |
| bd3a8a50 | 36 | |
| 8dc25f04 AF |
37 | if [ "$ENABLE_SNORT_ORANGE" == "on" ]; then |
| 38 | DEVICES+="$ORANGE_DEV " | |
| 39 | HOMENET+="$ORANGE_IP" | |
| 40 | else | |
| 41 | HOMENET+="$ORANGE_NET" | |
| 42 | fi | |
| bd3a8a50 | 43 | |
| 8dc25f04 AF |
44 | if [ "$ENABLE_SNORT_BLUE" == "on" ]; then |
| 45 | DEVICES+="$BLUE_DEV " | |
| 46 | HOMENET+="$BLUE_IP" | |
| 47 | else | |
| 48 | HOMENET+="$BLUE_NET" | |
| 49 | fi | |
| bd3a8a50 | 50 | |
| 8dc25f04 AF |
51 | if [ "$ENABLE_SNORT_GREEN" == "on" ]; then |
| 52 | DEVICES+="$GREEN_DEV " | |
| 53 | HOMENET+="$GREEN_ADDRESS," | |
| 54 | else | |
| 55 | HOMENET+="$GREEN_NETADDRESS/$GREEN_NETMASK," | |
| 56 | fi | |
| bd3a8a50 | 57 | |
| 8dc25f04 AF |
58 | if [ "$ENABLE_SNORT" == "on" ]; then |
| 59 | DEVICES+=`cat /var/ipfire/red/iface 2>/dev/null` | |
| 60 | LOCAL_IP=`cat /var/ipfire/red/local-ipaddress 2>/dev/null` | |
| 61 | if [ "$LOCAL_IP" ]; then | |
| 62 | HOMENET+="$LOCAL_IP," | |
| 63 | fi | |
| c77e962d SS |
64 | |
| 65 | # Check if the red device is set to static and | |
| 66 | # any aliases have been configured. | |
| 67 | if [ "${RED_TYPE}" == "STATIC" ] && [ -s "${ALIASFILE}" ]; then | |
| 68 | # Read in aliases file. | |
| 69 | while IFS="," read -r address mode remark; do | |
| 70 | # Check if the alias is enabled. | |
| 71 | [ "${mode}" = "on" ] || continue | |
| 72 | ||
| 73 | # Add alias to the list of HOMENET addresses. | |
| 74 | HOMENET+="${address}," | |
| 75 | done < "${ALIASFILE}" | |
| 76 | fi | |
| 8dc25f04 AF |
77 | fi |
| 78 | HOMENET+="127.0.0.1" | |
| 89f3d66c | 79 | echo "ipvar HOME_NET [$HOMENET]" > /etc/snort/vars |
| 83843a1c | 80 | |
| 8dc25f04 AF |
81 | DNS1=`cat /var/ipfire/red/dns1 2>/dev/null` |
| 82 | DNS2=`cat /var/ipfire/red/dns2 2>/dev/null` | |
| bd3a8a50 | 83 | |
| 8dc25f04 | 84 | if [ "$DNS2" ]; then |
| 89f3d66c | 85 | echo "ipvar DNS_SERVERS [$DNS1,$DNS2]" >> /etc/snort/vars |
| 8dc25f04 | 86 | else |
| 89f3d66c | 87 | echo "ipvar DNS_SERVERS $DNS1" >> /etc/snort/vars |
| 8dc25f04 | 88 | fi |
| ce0e83b3 | 89 | |
| 1b73b07e CS |
90 | for DEVICE in $DEVICES; do |
| 91 | boot_mesg "Starting Intrusion Detection System on $DEVICE..." | |
| 6ee104ae | 92 | /usr/sbin/snort -c /etc/snort/snort.conf -i $DEVICE -D -l /var/log/snort --create-pidfile --nolock-pidfile --pid-path /var/run |
| 1b73b07e | 93 | evaluate_retval |
| 0d7da887 | 94 | sleep 1 |
| 1b73b07e CS |
95 | chmod 644 /var/run/snort_$DEVICE.pid |
| 96 | done | |
| dcb6493a SS |
97 | ;; |
| 98 | ||
| 1b73b07e CS |
99 | stop) |
| 100 | DEVICES="" | |
| 101 | if [ -r /var/run/snort_$BLUE_DEV.pid ]; then | |
| 102 | DEVICES+="$BLUE_DEV " | |
| 103 | fi | |
| 104 | ||
| 105 | if [ -r /var/run/snort_$GREEN_DEV.pid ]; then | |
| 106 | DEVICES+="$GREEN_DEV " | |
| 107 | fi | |
| 108 | ||
| 109 | if [ -r /var/run/snort_$ORANGE_DEV.pid ]; then | |
| 110 | DEVICES+="$ORANGE_DEV " | |
| 111 | fi | |
| cf29614f | 112 | |
| 1b73b07e CS |
113 | RED=`cat /var/ipfire/red/iface 2>/dev/null` |
| 114 | if [ -r /var/run/snort_$RED.pid ]; then | |
| 115 | DEVICES+=`cat /var/ipfire/red/iface 2>/dev/null` | |
| 116 | fi | |
| ce8e4c83 | 117 | |
| 1b73b07e CS |
118 | for DEVICE in $DEVICES; do |
| 119 | boot_mesg "Stopping Intrusion Detection System on $DEVICE..." | |
| 120 | killproc -p /var/run/snort_$DEVICE.pid /var/run | |
| 121 | done | |
| 122 | ||
| 123 | rm /var/run/snort_* >/dev/null 2>/dev/null | |
| 0ad0c03e AF |
124 | |
| 125 | # Don't report returncode of rm if snort was not started | |
| 126 | exit 0 | |
| 1b73b07e CS |
127 | ;; |
| 128 | ||
| 129 | status) | |
| 130 | statusproc /usr/sbin/snort | |
| 131 | ;; | |
| 132 | ||
| 133 | restart) | |
| 134 | $0 stop | |
| 135 | $0 start | |
| 136 | ;; | |
| 137 | ||
| 138 | *) | |
| 139 | echo "Usage: $0 {start|stop|restart|status}" | |
| 140 | exit 1 | |
| 141 | ;; | |
| bd3a8a50 RZ |
142 | esac |
| 143 | ||
| 97bfe380 | 144 | chmod 644 /var/log/snort/* 2>/dev/null |
| 9c0d99da | 145 | |
| bd3a8a50 | 146 | # End $rc_base/init.d/snort |