-case "$1" in
- start)
- for DEVICE in $DEVICES; do
- boot_mesg "Starting Intrusion Detection System on $DEVICE..."
- /usr/sbin/snort -c /etc/snort/snort.conf -i $DEVICE -D -l /var/log/snort --create-pidfile --nolock-pidfile --pid-path /var/run/
- evaluate_retval
- chmod 644 /var/run/snort_$DEVICE.pid
- done
- ;;
-
- stop)
- DEVICES=""
- if [ -r /var/run/snort_$BLUE_DEV.pid ]; then
- DEVICES+="$BLUE_DEV "
- fi
- if [ -r /var/run/snort_$GREEN_DEV.pid ]; then
- DEVICES+="$GREEN_DEV "
- fi
- if [ -r /var/run/snort_$ORANGE_DEV.pid ]; then
- DEVICES+="$ORANGE_DEV "
- fi
+ if [ "$DNS2" ]; then
+ echo "var DNS_SERVERS [$DNS1,$DNS2]" >> /etc/snort/vars
+ else
+ echo "var DNS_SERVERS $DNS1" >> /etc/snort/vars
+ fi
+
+ for DEVICE in $DEVICES; do
+ boot_mesg "Starting Intrusion Detection System on $DEVICE..."
+ /usr/sbin/snort -c /etc/snort/snort.conf -i $DEVICE -D -l /var/log/snort --create-pidfile --nolock-pidfile --pid-path /var/run/
+ evaluate_retval
+ sleep 1
+ chmod 644 /var/run/snort_$DEVICE.pid
+ done
+
+
+ if [ -r /var/ipfire/guardian/enable ]; then
+ IFACE=`/bin/cat /var/ipfire/red/iface 2>/dev/null | /usr/bin/tr -d '\012'`
+ sed -e "s/^Interface.*/Interface ${IFACE}/" /var/ipfire/guardian/guardian.conf > temp
+ mv temp /var/ipfire/guardian/guardian.conf
+ chown nobody.root /var/ipfire/guardian/guardian.conf
+
+ boot_mesg "Starting Guardian..."
+ loadproc /usr/local/bin/guardian.pl -c /var/ipfire/guardian/guardian.conf
+ fi
+ ;;
+
+ stop)
+ DEVICES=""
+ if [ -r /var/run/snort_$BLUE_DEV.pid ]; then
+ DEVICES+="$BLUE_DEV "
+ fi
+
+ if [ -r /var/run/snort_$GREEN_DEV.pid ]; then
+ DEVICES+="$GREEN_DEV "
+ fi
+
+ if [ -r /var/run/snort_$ORANGE_DEV.pid ]; then
+ DEVICES+="$ORANGE_DEV "
+ fi