/[packages]/cauldron/snort/current/SOURCES/snort.init
ViewVC logotype

Contents of /cauldron/snort/current/SOURCES/snort.init

Parent Directory Parent Directory | Revision Log Revision Log


Revision 30270 - (show annotations) (download)
Fri Jan 21 20:13:20 2011 UTC (11 years, 5 months ago) by dlucio
File size: 3453 byte(s)
imported package snort
1 #!/bin/sh
2 #
3 # snort Start/Stop the snort IDS daemon.
4 #
5 # chkconfig: 2345 40 60
6 # description: snort is a lightweight network intrusion detection tool that \
7 # currently detects more than 1100 host and network \
8 # vulnerabilities, portscans, backdoors, and more.
9 #
10 # Comments to support LSB init script conventions
11 ### BEGIN INIT INFO
12 # Provides: snort
13 # Required-Start: $network
14 # Required-Stop: $network
15 # Should-Start: mysqld postgresql
16 # Should-Stop: mysqld postgresql
17 # Default-Start: 3 4 5
18 # Default-Stop: 0 1 6
19 # Short-Description: Start/Stop the snort IDS daemon.
20 # Description: snort is a lightweight network intrusion detection tool that \
21 # currently detects more than 1100 host and network \
22 # vulnerabilities, portscans, backdoors, and more.
23 ### END INIT INFO
24
25 # Source function library.
26 . /etc/rc.d/init.d/functions
27
28 # Source the local configuration file
29 . /etc/sysconfig/snort
30
31 # Convert the /etc/sysconfig/snort settings to something snort can
32 # use on the startup line.
33 if [ "$ALERTMODE"X = "X" ]; then
34 ALERTMODE=""
35 else
36 ALERTMODE="-A $ALERTMODE"
37 fi
38
39 if [ "$USER"X = "X" ]; then
40 USER="snort"
41 fi
42
43 if [ "$GROUP"X = "X" ]; then
44 GROUP="snort"
45 fi
46
47 if [ "$BINARY_LOG"X = "1X" ]; then
48 BINARY_LOG="-b"
49 else
50 BINARY_LOG=""
51 fi
52
53 if [ "$CONF"X = "X" ]; then
54 CONF="-c /etc/snort/snort.conf"
55 else
56 CONF="-c $CONF"
57 fi
58
59 if [ "$INTERFACE"X = "X" ]; then
60 INTERFACE="-i eth0"
61 else
62 INTERFACE="-i $INTERFACE"
63 fi
64
65 if [ "$DUMP_APP"X = "1X" ]; then
66 DUMP_APP="-d"
67 else
68 DUMP_APP=""
69 fi
70
71 if [ "$NO_PACKET_LOG"X = "1X" ]; then
72 NO_PACKET_LOG="-N"
73 else
74 NO_PACKET_LOG=""
75 fi
76
77 if [ "$PRINT_INTERFACE"X = "1X" ]; then
78 PRINT_INTERFACE="-I"
79 else
80 PRINT_INTERFACE=""
81 fi
82
83 if [ "$PASS_FIRST"X = "1X" ]; then
84 PASS_FIRST="-o"
85 else
86 PASS_FIRST=""
87 fi
88
89 if [ "$LOGDIR"X = "X" ]; then
90 LOGDIR=/var/log/snort
91 fi
92
93 RETVAL=0
94
95 ######################################
96 # Now to the real heart of the matter:
97
98 # See how we were called.
99 case "$1" in
100 start)
101 echo -n "Starting snort: "
102 chown -R snort:snort $LOGDIR
103 /usr/sbin/snort -c /etc/snort/snort.conf -T > /dev/null 2>&1
104 RETVAL=$?
105 if [ "$RETVAL" != "0" ]; then
106 failure
107 echo
108 exit $RETVAL
109 fi
110 cd $LOGDIR
111 if [ "$INTERFACE" = "-i ALL" ]; then
112 for i in `cd /proc/sys/net/ipv4/conf; ls -d eth* |sed s/"\/"//g`
113 do
114 mkdir -p "$LOGDIR/$i"
115 chown -R snort:snort $LOGDIR
116 daemon /usr/sbin/snort $ALERTMODE $BINARY_LOG $NO_PACKET_LOG $DUMP_APP -D $PRINT_INTERFACE -i $i -u $USER -g $GROUP $CONF -l $LOGDIR/$i $PASS_FIRST
117 done
118 else
119 daemon /usr/sbin/snort $ALERTMODE $BINARY_LOG $NO_PACKET_LOG $DUMP_APP -D $PRINT_INTERFACE $INTERFACE -u $USER -g $GROUP $CONF -l $LOGDIR $PASS_FIRST
120 fi
121 touch /var/lock/subsys/snort
122 echo
123 ;;
124 stop)
125 echo -n "Stopping snort: "
126 killproc snort
127 RETVAL=$?
128 if [ "$RETVAL" = "0" ]; then
129 rm -f /var/lock/subsys/snort
130 fi
131 echo
132 ;;
133 reload)
134 echo -n "Testing configuration"
135 /usr/sbin/snort -c snort.conf -T
136 TESTVAL=$?
137 if [ "$TESTVAL" = "0" ]; then
138 echo -n ", reloading: "
139 SNORTPID=`/bin/pidof snort`
140 kill -SIGHUP $SNORTPID
141 RETVAL=0
142 else
143 RETVAL=1
144 fi
145 ;;
146 restart)
147 $0 stop
148 $0 start
149 ;;
150 condrestart)
151 [ -e /var/lock/subsys/snort ] && /etc/rc.d/init.d/snort restart
152 ;;
153 status)
154 status snort
155 RETVAL=$?
156 ;;
157 *)
158 echo "Usage: $0 {start|stop|reload|restart|condrestart|status}"
159 exit 2
160 esac
161
162 exit $RETVAL

  ViewVC Help
Powered by ViewVC 1.1.28