]> git.ipfire.org Git - people/pmueller/ipfire-2.x.git/blob - src/initscripts/system/snort
projects / people / pmueller / ipfire-2.x.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
core130: Ship updated firewall script
[people/pmueller/ipfire-2.x.git] / src / initscripts / system / snort
1 #!/bin/sh
2 ########################################################################
3 # Begin $rc_base/init.d/snort
4 #
5 # Description : Snort Initscript
6 #
7 # Authors : Michael Tremer for ipfire.org - mitch@ipfire.org
8 #
9 # Version : 01.00
10 #
11 # Notes :
12 #
13 ########################################################################
14
15 . /etc/sysconfig/rc
16 . ${rc_functions}
17
18 PATH=/usr/local/sbin:/usr/local/bin:/bin:/usr/bin:/sbin:/usr/sbin; export PATH
19
20 eval $(/usr/local/bin/readhash /var/ipfire/ethernet/settings)
21 eval $(/usr/local/bin/readhash /var/ipfire/snort/settings)
22
23 ALIASFILE="/var/ipfire/ethernet/aliases"
24
25 case "$1" in
26 start)
27 if [ "$BLUE_NETADDRESS" ]; then
28 BLUE_NET="$BLUE_NETADDRESS/$BLUE_NETMASK,"
29 BLUE_IP="$BLUE_ADDRESS,"
30 fi
31
32 if [ "$ORANGE_NETADDRESS" ]; then
33 ORANGE_NET="$ORANGE_NETADDRESS/$ORANGE_NETMASK,"
34 ORANGE_IP="$ORANGE_ADDRESS,"
35 fi
36
37 if [ "$ENABLE_SNORT_ORANGE" == "on" ]; then
38 DEVICES+="$ORANGE_DEV "
39 HOMENET+="$ORANGE_IP"
40 else
41 HOMENET+="$ORANGE_NET"
42 fi
43
44 if [ "$ENABLE_SNORT_BLUE" == "on" ]; then
45 DEVICES+="$BLUE_DEV "
46 HOMENET+="$BLUE_IP"
47 else
48 HOMENET+="$BLUE_NET"
49 fi
50
51 if [ "$ENABLE_SNORT_GREEN" == "on" ]; then
52 DEVICES+="$GREEN_DEV "
53 HOMENET+="$GREEN_ADDRESS,"
54 else
55 HOMENET+="$GREEN_NETADDRESS/$GREEN_NETMASK,"
56 fi
57
58 if [ "$ENABLE_SNORT" == "on" ]; then
59 DEVICES+=`cat /var/ipfire/red/iface 2>/dev/null`
60 LOCAL_IP=`cat /var/ipfire/red/local-ipaddress 2>/dev/null`
61 if [ "$LOCAL_IP" ]; then
62 HOMENET+="$LOCAL_IP,"
63 fi
64
65 # Check if the red device is set to static and
66 # any aliases have been configured.
67 if [ "${RED_TYPE}" == "STATIC" ] && [ -s "${ALIASFILE}" ]; then
68 # Read in aliases file.
69 while IFS="," read -r address mode remark; do
70 # Check if the alias is enabled.
71 [ "${mode}" = "on" ] || continue
72
73 # Add alias to the list of HOMENET addresses.
74 HOMENET+="${address},"
75 done < "${ALIASFILE}"
76 fi
77 fi
78 HOMENET+="127.0.0.1"
79 echo "ipvar HOME_NET [$HOMENET]" > /etc/snort/vars
80
81 DNS1=`cat /var/ipfire/red/dns1 2>/dev/null`
82 DNS2=`cat /var/ipfire/red/dns2 2>/dev/null`
83
84 if [ "$DNS2" ]; then
85 echo "ipvar DNS_SERVERS [$DNS1,$DNS2]" >> /etc/snort/vars
86 else
87 echo "ipvar DNS_SERVERS $DNS1" >> /etc/snort/vars
88 fi
89
90 for DEVICE in $DEVICES; do
91 boot_mesg "Starting Intrusion Detection System on $DEVICE..."
92 /usr/sbin/snort -c /etc/snort/snort.conf -i $DEVICE -D -l /var/log/snort --create-pidfile --nolock-pidfile --pid-path /var/run
93 evaluate_retval
94 sleep 1
95 chmod 644 /var/run/snort_$DEVICE.pid
96 done
97 ;;
98
99 stop)
100 DEVICES=""
101 if [ -r /var/run/snort_$BLUE_DEV.pid ]; then
102 DEVICES+="$BLUE_DEV "
103 fi
104
105 if [ -r /var/run/snort_$GREEN_DEV.pid ]; then
106 DEVICES+="$GREEN_DEV "
107 fi
108
109 if [ -r /var/run/snort_$ORANGE_DEV.pid ]; then
110 DEVICES+="$ORANGE_DEV "
111 fi
112
113 RED=`cat /var/ipfire/red/iface 2>/dev/null`
114 if [ -r /var/run/snort_$RED.pid ]; then
115 DEVICES+=`cat /var/ipfire/red/iface 2>/dev/null`
116 fi
117
118 for DEVICE in $DEVICES; do
119 boot_mesg "Stopping Intrusion Detection System on $DEVICE..."
120 killproc -p /var/run/snort_$DEVICE.pid /var/run
121 done
122
123 rm /var/run/snort_* >/dev/null 2>/dev/null
124
125 # Don't report returncode of rm if snort was not started
126 exit 0
127 ;;
128
129 status)
130 statusproc /usr/sbin/snort
131 ;;
132
133 restart)
134 $0 stop
135 $0 start
136 ;;
137
138 *)
139 echo "Usage: $0 {start|stop|restart|status}"
140 exit 1
141 ;;
142 esac
143
144 chmod 644 /var/log/snort/* 2>/dev/null
145
146 # End $rc_base/init.d/snort
Peter's tree of IPFire 2.x