eval $(/usr/local/bin/readhash /var/ipfire/ethernet/settings)
eval $(/usr/local/bin/readhash /var/ipfire/snort/settings)
-if [ "$ENABLE_SNORT_ORANGE" == "on" ]; then
- HOME_NET+="$ORANGE_ADDRESS,"
- DEVICES+="$ORANGE_DEV "
-fi
-
-if [ "$ENABLE_SNORT_GREEN" == "on" ]; then
- HOME_NET+="$GREEN_ADDRESS,"
- DEVICES+="$GREEN_DEV "
-fi
-
-if [ "$ENABLE_SNORT_BLUE" == "on" ]; then
- HOME_NET+="$BLUE_ADDRESS,"
- DEVICES+="$BLUE_DEV "
-fi
-
-if [ "$ENABLE_SNORT" == "on" ]; then
- LOCAL_IP=`cat /var/ipfire/red/local-ipaddress`
- if [ "$LOCAL_IP" ]; then
- HOME_NET+="$LOCAL_IP,"
- else
- exit 1 ## Add error handling here
- fi
- DEVICES+=`cat /var/ipfire/red/iface 2>/dev/null`
-fi
-
-COUNT=`echo $HOME_NET | wc -m`
-HOME_NET=`echo $HOME_NET | cut -c $[$COUNT - 2]`
-
-echo "var HOME_NET [$HOME_NET]" > /etc/snort/vars
-echo "var EXTERNAL_NET ANY" >> /etc/snort/vars
-
-DNS1=`cat /var/ipfire/red/dns1 2>/dev/null`
-DNS2=`cat /var/ipfire/red/dns2 2>/dev/null`
-
-if [ "$DNS2" ]; then
- echo "var DNS_SERVERS [$DNS1,$DNS2]" >> /etc/snort/vars
-else
- echo "var DNS_SERVERS $DNS1" >> /etc/snort/vars
-fi
+ALIASFILE="/var/ipfire/ethernet/aliases"
case "$1" in
start)
+ if [ "$BLUE_NETADDRESS" ]; then
+ BLUE_NET="$BLUE_NETADDRESS/$BLUE_NETMASK,"
+ BLUE_IP="$BLUE_ADDRESS,"
+ fi
+
+ if [ "$ORANGE_NETADDRESS" ]; then
+ ORANGE_NET="$ORANGE_NETADDRESS/$ORANGE_NETMASK,"
+ ORANGE_IP="$ORANGE_ADDRESS,"
+ fi
+
+ if [ "$ENABLE_SNORT_ORANGE" == "on" ]; then
+ DEVICES+="$ORANGE_DEV "
+ HOMENET+="$ORANGE_IP"
+ else
+ HOMENET+="$ORANGE_NET"
+ fi
+
+ if [ "$ENABLE_SNORT_BLUE" == "on" ]; then
+ DEVICES+="$BLUE_DEV "
+ HOMENET+="$BLUE_IP"
+ else
+ HOMENET+="$BLUE_NET"
+ fi
+
+ if [ "$ENABLE_SNORT_GREEN" == "on" ]; then
+ DEVICES+="$GREEN_DEV "
+ HOMENET+="$GREEN_ADDRESS,"
+ else
+ HOMENET+="$GREEN_NETADDRESS/$GREEN_NETMASK,"
+ fi
+
+ if [ "$ENABLE_SNORT" == "on" ]; then
+ DEVICES+=`cat /var/ipfire/red/iface 2>/dev/null`
+ LOCAL_IP=`cat /var/ipfire/red/local-ipaddress 2>/dev/null`
+ if [ "$LOCAL_IP" ]; then
+ HOMENET+="$LOCAL_IP,"
+ fi
+
+ # Check if the red device is set to static and
+ # any aliases have been configured.
+ if [ "${RED_TYPE}" == "STATIC" ] && [ -s "${ALIASFILE}" ]; then
+ # Read in aliases file.
+ while IFS="," read -r address mode remark; do
+ # Check if the alias is enabled.
+ [ "${mode}" = "on" ] || continue
+
+ # Add alias to the list of HOMENET addresses.
+ HOMENET+="${address},"
+ done < "${ALIASFILE}"
+ fi
+ fi
+ HOMENET+="127.0.0.1"
+ echo "ipvar HOME_NET [$HOMENET]" > /etc/snort/vars
+
+ DNS1=`cat /var/ipfire/red/dns1 2>/dev/null`
+ DNS2=`cat /var/ipfire/red/dns2 2>/dev/null`
+
+ if [ "$DNS2" ]; then
+ echo "ipvar DNS_SERVERS [$DNS1,$DNS2]" >> /etc/snort/vars
+ else
+ echo "ipvar DNS_SERVERS $DNS1" >> /etc/snort/vars
+ fi
+
for DEVICE in $DEVICES; do
boot_mesg "Starting Intrusion Detection System on $DEVICE..."
- /usr/sbin/snort -c /etc/snort/snort.conf -i $DEVICE -D -l /var/log/snort --create-pidfile --nolock-pidfile --pid-path /var/run/
+ /usr/sbin/snort -c /etc/snort/snort.conf -i $DEVICE -D -l /var/log/snort --create-pidfile --nolock-pidfile --pid-path /var/run
evaluate_retval
sleep 1
chmod 644 /var/run/snort_$DEVICE.pid
done
-
-
- if [ -r /var/ipfire/guardian/enable ]; then
- IFACE=`/bin/cat /var/ipfire/red/iface 2>/dev/null | /usr/bin/tr -d '\012'`
- sed -e "s/^Interface.*/Interface ${IFACE}/" /var/ipfire/guardian/guardian.conf > temp
- mv temp /var/ipfire/guardian/guardian.conf
- chown nobody.root /var/ipfire/guardian/guardian.conf
-
- boot_mesg "Starting Guardian..."
- loadproc /usr/local/bin/guardian.pl -c /var/ipfire/guardian/guardian.conf
- fi
- ;;
-
+ ;;
+
stop)
DEVICES=""
if [ -r /var/run/snort_$BLUE_DEV.pid ]; then
done
rm /var/run/snort_* >/dev/null 2>/dev/null
-
- if [ -r /var/ipfire/guardian/enable ]; then
- boot_mesg "Stopping Guardian..."
- killproc /usr/local/bin/guardian.pl
- fi
+
+ # Don't report returncode of rm if snort was not started
+ exit 0
;;
status)
projects / people / pmueller / ipfire-2.x.git / blobdiff