case "$1" in
start)
+ # Disable incompatible rules
+ boot_mesg "Check/Fix Intrusion Detection rules..."
+ for file in $(ls /etc/snort/rules/*.rules 2>/dev/null); do
+ sed -i 's|^alert.*!\[\$DNS_SERVERS|#&|g' $file
+ sed -i 's|^alert.*!\$SSH_PORTS|#&|g' $file
+ sed -i 's|^alert.*!\$HOME_NET|#&|g' $file
+ sed -i 's|^alert.*!\$SQL_SERVERS|#&|g' $file
+ done
+ echo_ok
+
for DEVICE in $DEVICES; do
boot_mesg "Starting Intrusion Detection System on $DEVICE..."
/usr/sbin/snort -c /etc/snort/snort.conf -i $DEVICE -D -l /var/log/snort --create-pidfile --nolock-pidfile --pid-path /var/run/
evaluate_retval
+ sleep 1
chmod 644 /var/run/snort_$DEVICE.pid
done