[people/pmueller/ipfire-2.x.git] / src / misc-progs / restartsnort.c

/* SmoothWall helper program - restartsnort\r
 *\r
 * This program is distributed under the terms of the GNU General Public\r
 * Licence.  See the file COPYING for details.\r
 *\r
 * (c) Lawrence Manning, 2001\r
 * Restarting snort.\r
 * \r
 * $Id: restartsnort.c,v 1.8.2.3 2005/10/16 12:36:14 rkerr Exp $\r
 * \r
 */\r
 \r
#include <stdio.h>\r
#include <string.h>\r
#include <stdlib.h>\r
#include <unistd.h>\r
#include <sys/types.h>\r
#include <sys/stat.h>\r
#include <string.h>\r
#include <fcntl.h>\r
#include <signal.h>\r
#include "libsmooth.h"\r
#include "setuid.h"\r
\r
struct keyvalue *kv = NULL;\r
FILE *varsfile = NULL;\r
\r
void exithandler(void)\r
{\r
	if (varsfile)\r
		fclose (varsfile);\r
\r
	if (kv)\r
		freekeyvalues(kv);\r
}\r
\r
int killsnort(char *interface)\r
{\r
	int fd;\r
	char pidname[STRING_SIZE] = "";\r
	char buffer[STRING_SIZE] = "";\r
	int pid;\r
\r
	sprintf(pidname, "/var/run/snort_%s.pid", interface);\r
\r
	if ((fd = open(pidname, O_RDONLY)) != -1)\r
	{\r
		if (read(fd, buffer, STRING_SIZE - 1) == -1)\r
			fprintf(stderr, "Couldn't read from pid file\n");\r
		else\r
		{\r
			pid = atoi(buffer);\r
			if (pid <= 1)\r
				fprintf(stderr, "Bad pid value\n");\r
			else\r
			{\r
				if (kill(pid, SIGTERM) == -1)\r
					fprintf(stderr, "Unable to send SIGTERM\n");\r
				close (fd);\r
				return 0;\r
			}\r
		}\r
		close(fd);\r
	}\r
	return 1;\r
}\r
\r
int main(int argc, char *argv[])\r
{\r
	int fd = -1;\r
	FILE *ifacefile, *ipfile, *dns1file, *dns2file;\r
	char iface[STRING_SIZE] = "";\r
	char locip[STRING_SIZE] = "";\r
	char dns1[STRING_SIZE] = "";\r
	char dns2[STRING_SIZE] = "";\r
	char command[STRING_SIZE] = "";\r
	char greendev[STRING_SIZE] = "";\r
	char orangedev[STRING_SIZE] = "";\r
	char bluedev[STRING_SIZE] = "";\r
	char greenip[STRING_SIZE] = "";\r
	char orangeip[STRING_SIZE] = "";\r
	char blueip[STRING_SIZE] = "";\r
	struct stat st;\r
	int i;\r
	int restartred = 0, restartgreen = 0, restartblue = 0, restartorange = 0;\r
	\r
	if (!(initsetuid()))\r
		exit(1);\r
	\r
	atexit(exithandler);\r
\r
	for (i=0; i<argc; i++) {\r
		if (!strcmp(argv[i], "red"))\r
			restartred = 1;\r
		if (!strcmp(argv[i], "orange"))\r
			restartorange = 1;\r
		if (!strcmp(argv[i], "blue"))\r
			restartblue = 1;\r
		if (!strcmp(argv[i], "green"))\r
			restartgreen = 1;\r
	}\r
	\r
	kv = initkeyvalues();\r
	if (!(readkeyvalues(kv, CONFIG_ROOT "/ethernet/settings")))\r
		exit(1);\r
\r
	if (! findkey(kv, "GREEN_DEV", greendev)) {\r
		fprintf(stderr, "Couldn't find GREEN device\n");\r
		exit(1);\r
	}\r
	if (! strlen (greendev) > 0) {\r
		fprintf(stderr, "Couldn't find GREEN device\n");\r
		exit(1);\r
	}\r
	if (!VALID_DEVICE(greendev))\r
	{\r
		fprintf(stderr, "Bad GREEN_DEV: %s\n", greendev);\r
		exit(1);\r
	}\r
	if (!(findkey(kv, "GREEN_ADDRESS", greenip))) {\r
		fprintf(stderr, "Couldn't find GREEN address\n");\r
		exit(1);\r
	}\r
	if (!VALID_IP(greenip)) {\r
		fprintf(stderr, "Bad GREEN_ADDRESS: %s\n", greenip);\r
		exit(1);\r
	}\r
\r
	if (findkey(kv, "ORANGE_DEV", orangedev) && strlen (orangedev) > 0) {\r
		if (!VALID_DEVICE(orangedev))\r
		{\r
			fprintf(stderr, "Bad ORANGE_DEV: %s\n", orangedev);\r
			exit(1);\r
		}\r
		if (!(findkey(kv, "ORANGE_ADDRESS", orangeip))) {\r
			fprintf(stderr, "Couldn't find ORANGE address\n");\r
			exit(1);\r
		}\r
		if (!VALID_IP(orangeip)) {\r
			fprintf(stderr, "Bad ORANGE_ADDRESS: %s\n", orangeip);\r
			exit(1);\r
		}\r
	}\r
\r
	if (findkey(kv, "BLUE_DEV", bluedev) && strlen (bluedev) > 0) {\r
		if (!VALID_DEVICE(bluedev))\r
		{\r
			fprintf(stderr, "Bad BLUE_DEV: %s\n", bluedev);\r
			exit(1);\r
		}\r
		if (!(findkey(kv, "BLUE_ADDRESS", blueip))) {\r
			fprintf(stderr, "Couldn't find BLUE address\n");\r
			exit(1);\r
		}\r
		if (!VALID_IP(blueip)) {\r
			fprintf(stderr, "Bad BLUE_ADDRESS: %s\n", blueip);\r
			exit(1);\r
		}\r
	}\r
\r
	stat(CONFIG_ROOT "/red/active", &st);\r
\r
	if (S_ISREG(st.st_mode)) {\r
		if (!(ifacefile = fopen(CONFIG_ROOT "/red/iface", "r")))\r
		{\r
			fprintf(stderr, "Couldn't open iface file\n");\r
			exit(0);\r
		}\r
\r
		if (fgets(iface, STRING_SIZE, ifacefile))\r
		{\r
			if (iface[strlen(iface) - 1] == '\n')\r
				iface[strlen(iface) - 1] = '\0';\r
		}\r
		fclose(ifacefile);\r
		if (!VALID_DEVICE(iface))\r
		{\r
			fprintf(stderr, "Bad iface: %s\n", iface);\r
			exit(0);\r
		}\r
\r
	        if (!(ipfile = fopen(CONFIG_ROOT "/red/local-ipaddress", "r")))\r
        	{\r
        	        fprintf(stderr, "Couldn't open local ip file\n");\r
	                exit(0);\r
        	}\r
		if (fgets(locip, STRING_SIZE, ipfile))\r
		{\r
		        if (locip[strlen(locip) - 1] == '\n')\r
        		        locip[strlen(locip) - 1] = '\0';\r
		}\r
        	fclose (ipfile);\r
		if (strlen(locip) && !VALID_IP(locip))\r
		{\r
			fprintf(stderr, "Bad local IP: %s\n", locip);\r
			exit(1);\r
		}\r
	\r
	        if (!(dns1file = fopen(CONFIG_ROOT "/red/dns1", "r")))\r
        	{\r
                	fprintf(stderr, "Couldn't open dns1 file\n");\r
	                exit(0);\r
        	}\r
		if (fgets(dns1, STRING_SIZE, dns1file))\r
		{\r
	        	if (dns1[strlen(dns1) - 1] == '\n')\r
	        	        dns1[strlen(dns1) - 1] = '\0';\r
		}\r
	        fclose (dns1file);\r
		if (strlen(dns1) && !VALID_IP(dns1))\r
		{\r
			fprintf(stderr, "Bad DNS1 IP: %s\n", dns1);\r
			exit(1);\r
		}\r
		        \r
	        if (!(dns2file = fopen(CONFIG_ROOT "/red/dns2", "r")))\r
        	{\r
	                fprintf(stderr, "Couldn't open dns2 file\n");\r
        	        exit(1);\r
	        }\r
		if (fgets(dns2, STRING_SIZE, dns2file))\r
		{\r
		        if (dns2[strlen(dns2) - 1] == '\n')\r
	        	        dns2[strlen(dns2) - 1] = '\0';\r
		}\r
	        fclose (dns2file);\r
		if (strlen(dns2) && !VALID_IP(dns2))\r
		{\r
			fprintf(stderr, "Bad DNS2 IP: %s\n", dns2);\r
			exit(1);\r
		}\r
	}\r
\r
	if (restartred)\r
		killsnort(iface);\r
\r
	if (restartblue)\r
		killsnort(bluedev);\r
	\r
	if (restartorange)\r
		killsnort(orangedev);\r
\r
	if (restartgreen)\r
		killsnort(greendev);\r
        \r
	if (!(varsfile = fopen("/etc/snort/vars", "w")))\r
	{\r
		fprintf(stderr, "Couldn't create vars file\n");\r
		exit(1);\r
	}\r
	if (strlen(blueip)) {\r
		if (strlen(orangeip)) {\r
			if (strlen(locip)) {\r
				fprintf(varsfile, "var HOME_NET [%s,%s,%s,%s]\n", greenip, orangeip, blueip, locip);\r
			} else {\r
				fprintf(varsfile, "var HOME_NET [%s,%s,%s]\n", greenip, orangeip, blueip);\r
			}\r
		} else {\r
			if (strlen(locip)) {\r
				fprintf(varsfile, "var HOME_NET [%s,%s,%s]\n", greenip, blueip, locip);\r
			} else {\r
				fprintf(varsfile, "var HOME_NET [%s,%s]\n", greenip, blueip);\r
			}\r
		}\r
	} else {\r
		if (strlen(orangeip)) {\r
			if (strlen(locip)) {\r
				fprintf(varsfile, "var HOME_NET [%s,%s,%s]\n", greenip, orangeip, locip);\r
			} else {\r
				fprintf(varsfile, "var HOME_NET [%s,%s]\n", greenip, orangeip);\r
			}\r
		} else {\r
			if (strlen(locip)) {\r
				fprintf(varsfile, "var HOME_NET [%s,%s]\n", greenip, locip);\r
			} else {\r
				fprintf(varsfile, "var HOME_NET [%s]\n", greenip);\r
			}\r
		}\r
	}\r
	if (strlen(dns1))\r
	{\r
		if (strlen(dns2))\r
			fprintf(varsfile, "var DNS_SERVERS [%s,%s]\n", dns1, dns2);\r
		else\r
			fprintf(varsfile, "var DNS_SERVERS %s\n", dns1);\r
	} else {\r
		fprintf(varsfile, "var DNS_SERVERS []\n");\r
	}\r
	fclose(varsfile);\r
	varsfile = NULL;\r
	\r
	if (restartred && strlen(iface) && (fd = open(CONFIG_ROOT "/snort/enable", O_RDONLY)) != -1)\r
	{\r
		close(fd);\r
		snprintf(command, STRING_SIZE -1,\r
			"/usr/sbin/snort -c /etc/snort/snort.conf -D -u snort -g snort -d -e -o -p -b -A fast -m 022 -i %s",\r
			iface);\r
		safe_system(command);\r
	}\r
	if (restartblue && strlen(bluedev) && (fd = open(CONFIG_ROOT "/snort/enable_blue", O_RDONLY)) != -1 && bluedev)\r
        {\r
		close(fd);\r
		snprintf(command, STRING_SIZE -1,\r
			"/usr/sbin/snort -c /etc/snort/snort.conf -D -u snort -g snort -d -e -o -p -b -A fast -m 022 -i %s",\r
			bluedev);\r
		safe_system(command);\r
	}\r
	if (restartorange && strlen(orangedev) && (fd = open(CONFIG_ROOT "/snort/enable_orange", O_RDONLY)) != -1 && orangedev)\r
	{\r
		close(fd);\r
		snprintf(command, STRING_SIZE -1,\r
			"/usr/sbin/snort -c /etc/snort/snort.conf -D -u snort -g snort -d -e -o -p -b -A fast -m 022 -i %s",\r
			orangedev);\r
		safe_system(command);\r
	}\r
	if (restartgreen && (fd = open(CONFIG_ROOT "/snort/enable_green", O_RDONLY)) != -1)\r
	{\r
		close(fd);\r
		snprintf(command, STRING_SIZE -1,\r
			"/usr/sbin/snort -c /etc/snort/snort.conf -D -u snort -g snort -d -e -o -p -b -A fast -m 022 -i %s",\r
			greendev);\r
		safe_system(command);\r
	}\r
\r
  return 0;\r
}\r
Commit	Line	Data
cd1a2927 MT	1	/* SmoothWall helper program - restartsnort\r
	2	*\r
	3	* This program is distributed under the terms of the GNU General Public\r
	4	* Licence. See the file COPYING for details.\r
	5	*\r
	6	* (c) Lawrence Manning, 2001\r
	7	* Restarting snort.\r
	8	* \r
	9	* $Id: restartsnort.c,v 1.8.2.3 2005/10/16 12:36:14 rkerr Exp $\r
	10	* \r
	11	*/\r
	12	\r
	13	#include <stdio.h>\r
	14	#include <string.h>\r
	15	#include <stdlib.h>\r
	16	#include <unistd.h>\r
	17	#include <sys/types.h>\r
	18	#include <sys/stat.h>\r
	19	#include <string.h>\r
	20	#include <fcntl.h>\r
	21	#include <signal.h>\r
	22	#include "libsmooth.h"\r
	23	#include "setuid.h"\r
	24	\r
	25	struct keyvalue *kv = NULL;\r
	26	FILE *varsfile = NULL;\r
	27	\r
	28	void exithandler(void)\r
	29	{\r
	30	if (varsfile)\r
	31	fclose (varsfile);\r
	32	\r
	33	if (kv)\r
	34	freekeyvalues(kv);\r
	35	}\r
	36	\r
	37	int killsnort(char *interface)\r
	38	{\r
	39	int fd;\r
	40	char pidname[STRING_SIZE] = "";\r
	41	char buffer[STRING_SIZE] = "";\r
	42	int pid;\r
	43	\r
	44	sprintf(pidname, "/var/run/snort_%s.pid", interface);\r
	45	\r
	46	if ((fd = open(pidname, O_RDONLY)) != -1)\r
	47	{\r
	48	if (read(fd, buffer, STRING_SIZE - 1) == -1)\r
	49	fprintf(stderr, "Couldn't read from pid file\n");\r
	50	else\r
	51	{\r
	52	pid = atoi(buffer);\r
	53	if (pid <= 1)\r
	54	fprintf(stderr, "Bad pid value\n");\r
	55	else\r
	56	{\r
	57	if (kill(pid, SIGTERM) == -1)\r
	58	fprintf(stderr, "Unable to send SIGTERM\n");\r
	59	close (fd);\r
	60	return 0;\r
	61	}\r
	62	}\r
	63	close(fd);\r
	64	}\r
65	return 1;\r
66	}\r
67	\r
68	int main(int argc, char *argv[])\r
69	{\r
70	int fd = -1;\r
71	FILE ifacefile, ipfile, dns1file, dns2file;\r
72	char iface[STRING_SIZE] = "";\r
73	char locip[STRING_SIZE] = "";\r
74	char dns1[STRING_SIZE] = "";\r
75	char dns2[STRING_SIZE] = "";\r
76	char command[STRING_SIZE] = "";\r
77	char greendev[STRING_SIZE] = "";\r
78	char orangedev[STRING_SIZE] = "";\r
79	char bluedev[STRING_SIZE] = "";\r
80	char greenip[STRING_SIZE] = "";\r
81	char orangeip[STRING_SIZE] = "";\r
82	char blueip[STRING_SIZE] = "";\r
83	struct stat st;\r
84	int i;\r
85	int restartred = 0, restartgreen = 0, restartblue = 0, restartorange = 0;\r
86	\r
87	if (!(initsetuid()))\r
88	exit(1);\r
89	\r
90	atexit(exithandler);\r
91	\r
92	for (i=0; i<argc; i++) {\r
93	if (!strcmp(argv[i], "red"))\r
94	restartred = 1;\r
95	if (!strcmp(argv[i], "orange"))\r
96	restartorange = 1;\r
97	if (!strcmp(argv[i], "blue"))\r
98	restartblue = 1;\r
99	if (!strcmp(argv[i], "green"))\r
100	restartgreen = 1;\r
101	}\r
102	\r
103	kv = initkeyvalues();\r
104	if (!(readkeyvalues(kv, CONFIG_ROOT "/ethernet/settings")))\r
105	exit(1);\r
106	\r
107	if (! findkey(kv, "GREEN_DEV", greendev)) {\r
108	fprintf(stderr, "Couldn't find GREEN device\n");\r
109	exit(1);\r
110	}\r
111	if (! strlen (greendev) > 0) {\r
112	fprintf(stderr, "Couldn't find GREEN device\n");\r
113	exit(1);\r
114	}\r
115	if (!VALID_DEVICE(greendev))\r
116	{\r
117	fprintf(stderr, "Bad GREEN_DEV: %s\n", greendev);\r
118	exit(1);\r
119	}\r
120	if (!(findkey(kv, "GREEN_ADDRESS", greenip))) {\r
121	fprintf(stderr, "Couldn't find GREEN address\n");\r
122	exit(1);\r
123	}\r
124	if (!VALID_IP(greenip)) {\r
125	fprintf(stderr, "Bad GREEN_ADDRESS: %s\n", greenip);\r
126	exit(1);\r
127	}\r
128	\r
129	if (findkey(kv, "ORANGE_DEV", orangedev) && strlen (orangedev) > 0) {\r
130	if (!VALID_DEVICE(orangedev))\r
131	{\r
132	fprintf(stderr, "Bad ORANGE_DEV: %s\n", orangedev);\r
133	exit(1);\r
134	}\r
135	if (!(findkey(kv, "ORANGE_ADDRESS", orangeip))) {\r
136	fprintf(stderr, "Couldn't find ORANGE address\n");\r
137	exit(1);\r
138	}\r
139	if (!VALID_IP(orangeip)) {\r
140	fprintf(stderr, "Bad ORANGE_ADDRESS: %s\n", orangeip);\r
141	exit(1);\r
142	}\r
143	}\r
144	\r
145	if (findkey(kv, "BLUE_DEV", bluedev) && strlen (bluedev) > 0) {\r
146	if (!VALID_DEVICE(bluedev))\r
147	{\r
148	fprintf(stderr, "Bad BLUE_DEV: %s\n", bluedev);\r
149	exit(1);\r
150	}\r
151	if (!(findkey(kv, "BLUE_ADDRESS", blueip))) {\r
152	fprintf(stderr, "Couldn't find BLUE address\n");\r
153	exit(1);\r
154	}\r
155	if (!VALID_IP(blueip)) {\r
156	fprintf(stderr, "Bad BLUE_ADDRESS: %s\n", blueip);\r
157	exit(1);\r
158	}\r
159	}\r
160	\r
161	stat(CONFIG_ROOT "/red/active", &st);\r
162	\r
163	if (S_ISREG(st.st_mode)) {\r
164	if (!(ifacefile = fopen(CONFIG_ROOT "/red/iface", "r")))\r
165	{\r
166	fprintf(stderr, "Couldn't open iface file\n");\r
167	exit(0);\r
168	}\r
169	\r
170	if (fgets(iface, STRING_SIZE, ifacefile))\r
171	{\r
172	if (iface[strlen(iface) - 1] == '\n')\r
173	iface[strlen(iface) - 1] = '\0';\r
174	}\r
175	fclose(ifacefile);\r
176	if (!VALID_DEVICE(iface))\r
177	{\r
178	fprintf(stderr, "Bad iface: %s\n", iface);\r
179	exit(0);\r
180	}\r
181	\r
182	if (!(ipfile = fopen(CONFIG_ROOT "/red/local-ipaddress", "r")))\r
183	{\r
184	fprintf(stderr, "Couldn't open local ip file\n");\r
185	exit(0);\r
186	}\r
187	if (fgets(locip, STRING_SIZE, ipfile))\r
188	{\r
189	if (locip[strlen(locip) - 1] == '\n')\r
190	locip[strlen(locip) - 1] = '\0';\r
191	}\r
192	fclose (ipfile);\r
193	if (strlen(locip) && !VALID_IP(locip))\r
194	{\r
195	fprintf(stderr, "Bad local IP: %s\n", locip);\r
196	exit(1);\r
197	}\r
198	\r
199	if (!(dns1file = fopen(CONFIG_ROOT "/red/dns1", "r")))\r
200	{\r
201	fprintf(stderr, "Couldn't open dns1 file\n");\r
202	exit(0);\r
203	}\r
204	if (fgets(dns1, STRING_SIZE, dns1file))\r
205	{\r
206	if (dns1[strlen(dns1) - 1] == '\n')\r
207	dns1[strlen(dns1) - 1] = '\0';\r
208	}\r
209	fclose (dns1file);\r
210	if (strlen(dns1) && !VALID_IP(dns1))\r
211	{\r
212	fprintf(stderr, "Bad DNS1 IP: %s\n", dns1);\r
213	exit(1);\r
214	}\r
215	\r
216	if (!(dns2file = fopen(CONFIG_ROOT "/red/dns2", "r")))\r
217	{\r
218	fprintf(stderr, "Couldn't open dns2 file\n");\r
219	exit(1);\r
220	}\r
221	if (fgets(dns2, STRING_SIZE, dns2file))\r
222	{\r
223	if (dns2[strlen(dns2) - 1] == '\n')\r
224	dns2[strlen(dns2) - 1] = '\0';\r
225	}\r
226	fclose (dns2file);\r
227	if (strlen(dns2) && !VALID_IP(dns2))\r
228	{\r
229	fprintf(stderr, "Bad DNS2 IP: %s\n", dns2);\r
230	exit(1);\r
231	}\r
232	}\r
233	\r
234	if (restartred)\r
235	killsnort(iface);\r
236	\r
237	if (restartblue)\r
238	killsnort(bluedev);\r
239	\r
240	if (restartorange)\r
241	killsnort(orangedev);\r
242	\r
243	if (restartgreen)\r
244	killsnort(greendev);\r
245	\r
246	if (!(varsfile = fopen("/etc/snort/vars", "w")))\r
247	{\r
248	fprintf(stderr, "Couldn't create vars file\n");\r
249	exit(1);\r
250	}\r
251	if (strlen(blueip)) {\r
252	if (strlen(orangeip)) {\r
253	if (strlen(locip)) {\r
254	fprintf(varsfile, "var HOME_NET [%s,%s,%s,%s]\n", greenip, orangeip, blueip, locip);\r
255	} else {\r
256	fprintf(varsfile, "var HOME_NET [%s,%s,%s]\n", greenip, orangeip, blueip);\r
257	}\r
258	} else {\r
259	if (strlen(locip)) {\r
260	fprintf(varsfile, "var HOME_NET [%s,%s,%s]\n", greenip, blueip, locip);\r
261	} else {\r
262	fprintf(varsfile, "var HOME_NET [%s,%s]\n", greenip, blueip);\r
263	}\r
264	}\r
265	} else {\r
266	if (strlen(orangeip)) {\r
267	if (strlen(locip)) {\r
268	fprintf(varsfile, "var HOME_NET [%s,%s,%s]\n", greenip, orangeip, locip);\r
269	} else {\r
270	fprintf(varsfile, "var HOME_NET [%s,%s]\n", greenip, orangeip);\r
271	}\r
272	} else {\r
273	if (strlen(locip)) {\r
274	fprintf(varsfile, "var HOME_NET [%s,%s]\n", greenip, locip);\r
275	} else {\r
276	fprintf(varsfile, "var HOME_NET [%s]\n", greenip);\r
277	}\r
278	}\r
279	}\r
280	if (strlen(dns1))\r
281	{\r
282	if (strlen(dns2))\r
283	fprintf(varsfile, "var DNS_SERVERS [%s,%s]\n", dns1, dns2);\r
284	else\r
285	fprintf(varsfile, "var DNS_SERVERS %s\n", dns1);\r
286	} else {\r
287	fprintf(varsfile, "var DNS_SERVERS []\n");\r
288	}\r
289	fclose(varsfile);\r
290	varsfile = NULL;\r
291	\r
292	if (restartred && strlen(iface) && (fd = open(CONFIG_ROOT "/snort/enable", O_RDONLY)) != -1)\r
293	{\r
294	close(fd);\r
295	snprintf(command, STRING_SIZE -1,\r
296	"/usr/sbin/snort -c /etc/snort/snort.conf -D -u snort -g snort -d -e -o -p -b -A fast -m 022 -i %s",\r
297	iface);\r
298	safe_system(command);\r
299	}\r
300	if (restartblue && strlen(bluedev) && (fd = open(CONFIG_ROOT "/snort/enable_blue", O_RDONLY)) != -1 && bluedev)\r
301	{\r
302	close(fd);\r
303	snprintf(command, STRING_SIZE -1,\r
304	"/usr/sbin/snort -c /etc/snort/snort.conf -D -u snort -g snort -d -e -o -p -b -A fast -m 022 -i %s",\r
305	bluedev);\r
306	safe_system(command);\r
307	}\r
308	if (restartorange && strlen(orangedev) && (fd = open(CONFIG_ROOT "/snort/enable_orange", O_RDONLY)) != -1 && orangedev)\r
309	{\r
310	close(fd);\r
311	snprintf(command, STRING_SIZE -1,\r
312	"/usr/sbin/snort -c /etc/snort/snort.conf -D -u snort -g snort -d -e -o -p -b -A fast -m 022 -i %s",\r
313	orangedev);\r
314	safe_system(command);\r
315	}\r
316	if (restartgreen && (fd = open(CONFIG_ROOT "/snort/enable_green", O_RDONLY)) != -1)\r
317	{\r
318	close(fd);\r
319	snprintf(command, STRING_SIZE -1,\r
320	"/usr/sbin/snort -c /etc/snort/snort.conf -D -u snort -g snort -d -e -o -p -b -A fast -m 022 -i %s",\r
321	greendev);\r
322	safe_system(command);\r
323	}\r
324	\r
325	return 0;\r
326	}\r