snort/rc.snort@300d43423c2e (annotated)
snort/rc.snort
Wed, 08 Feb 2012 20:07:00 +0200
- author
- Michael Schloh von Bennewitz <michael@schloh.com>
- date
- Wed, 08 Feb 2012 20:07:00 +0200
- changeset 588
- 300d43423c2e
- permissions
- -rw-r--r--
Update version, adapt patch, correct PID writing, correct build on newer
FreeBSD releases, and most importantly introduce new patch to try to
avoid segfault caused by multiple network interfaces with the same (or
no) address. This is common when configuring bridges and tunnels.
| michael@549 | 1 | #!@l_prefix@/bin/openpkg rc |
| michael@549 | 2 | ## |
| michael@549 | 3 | ## rc.snort -- Run-Commands |
| michael@549 | 4 | ## |
| michael@549 | 5 | |
| michael@549 | 6 | %config |
| michael@549 | 7 | snort_enable="$openpkg_rc_def" |
| michael@549 | 8 | snort_if="" |
| michael@549 | 9 | snort_flags="-N -Afast -o" |
| michael@549 | 10 | snort_log_prolog="true" |
| michael@549 | 11 | snort_log_epilog="true" |
| michael@549 | 12 | snort_log_numfiles="10" |
| michael@549 | 13 | snort_log_minsize="1M" |
| michael@549 | 14 | snort_log_complevel="9" |
| michael@549 | 15 | snort_update_time="once" |
| michael@549 | 16 | snort_update_source="file://@l_prefix@/share/snort/rules.tar.gz" |
| michael@549 | 17 | |
| michael@549 | 18 | %common |
| michael@549 | 19 | snort_cfgfile="@l_prefix@/etc/snort/snort.conf" |
| michael@549 | 20 | snort_logdir="@l_prefix@/var/snort" |
| michael@549 | 21 | snort_piddir="@l_prefix@/var/snort" |
| michael@549 | 22 | snort_pidfile="$snort_piddir/snort_${snort_if}.pid" |
| michael@549 | 23 | snort_signal () { |
| michael@549 | 24 | [ -f $snort_pidfile ] && kill -$1 `cat $snort_pidfile` |
| michael@549 | 25 | } |
| michael@549 | 26 | snort_update () { |
| michael@549 | 27 | @l_prefix@/sbin/snort-update "$snort_update_source" |
| michael@549 | 28 | } |
| michael@549 | 29 | |
| michael@549 | 30 | %status -u @l_susr@ -o |
| michael@549 | 31 | snort_usable="no" |
| michael@549 | 32 | snort_active="no" |
| michael@549 | 33 | @l_prefix@/sbin/snort \ |
| michael@549 | 34 | -q -T \ |
| michael@549 | 35 | -u "@l_rusr@" -g "@l_rgrp@" \ |
| michael@549 | 36 | -i "$snort_if" \ |
| michael@549 | 37 | -c "$snort_cfgfile" \ |
| michael@549 | 38 | -l "$snort_logdir" \ |
| michael@549 | 39 | >/dev/null 2>&1 && snort_usable="yes" |
| michael@549 | 40 | [ ".$snort_if" = . ] && snort_usable="no" |
| michael@549 | 41 | rcService snort enable yes && snort_signal 0 && snort_active="yes" |
| michael@549 | 42 | echo "snort_enable=\"$snort_enable\"" |
| michael@549 | 43 | echo "snort_usable=\"$snort_usable\"" |
| michael@549 | 44 | echo "snort_active=\"$snort_active\"" |
| michael@549 | 45 | |
| michael@549 | 46 | %start -p 100 -u @l_susr@ |
| michael@549 | 47 | rcService snort enable yes || exit 0 |
| michael@549 | 48 | rcService snort active yes && exit 0 |
| michael@549 | 49 | @l_prefix@/sbin/snort \ |
| michael@549 | 50 | -q -D \ |
| michael@549 | 51 | -u "@l_rusr@" -g "@l_rgrp@" \ |
| michael@549 | 52 | -i "$snort_if" \ |
| michael@549 | 53 | -c "$snort_cfgfile" \ |
| michael@549 | 54 | -l "$snort_logdir" \ |
| michael@549 | 55 | ${snort_flags} |
| michael@549 | 56 | |
| michael@549 | 57 | %stop -p 900 -u @l_susr@ |
| michael@549 | 58 | rcService snort enable yes || exit 0 |
| michael@549 | 59 | rcService snort active no && exit 0 |
| michael@549 | 60 | snort_signal TERM |
| michael@549 | 61 | sleep 2 |
| michael@549 | 62 | rm -f $snort_pidfile 2>/dev/null || true |
| michael@549 | 63 | |
| michael@549 | 64 | %restart -p 100 -u @l_susr@ |
| michael@549 | 65 | rcService snort enable yes || exit 0 |
| michael@549 | 66 | rcService snort active no && exit 0 |
| michael@549 | 67 | rc snort stop start |
| michael@549 | 68 | |
| michael@549 | 69 | %hourly -u @l_rusr@ |
| michael@549 | 70 | rcService snort enable yes || exit 0 |
| michael@549 | 71 | if [ ".$snort_update_time" = .hourly ]; then |
| michael@549 | 72 | snort_update || exit $? |
| michael@549 | 73 | fi |
| michael@549 | 74 | |
| michael@549 | 75 | %daily -u @l_rusr@ |
| michael@549 | 76 | rcService snort enable yes || exit 0 |
| michael@549 | 77 | if [ ".$snort_update_time" = .daily ]; then |
| michael@549 | 78 | snort_update || exit $? |
| michael@549 | 79 | fi |
| michael@549 | 80 | shtool rotate -f \ |
| michael@549 | 81 | -n ${snort_log_numfiles} -s ${snort_log_minsize} -d \ |
| michael@549 | 82 | -z ${snort_log_complevel} -m 644 -o @l_rusr@ -g @l_rgrp@ \ |
| michael@549 | 83 | -P "${snort_log_prolog}" \ |
| michael@549 | 84 | -E "${snort_log_epilog}; rc snort reload" \ |
| michael@549 | 85 | $snort_logdir/snort.alert.log |
| michael@549 | 86 | |
| michael@549 | 87 | %weekly -u @l_rusr@ |
| michael@549 | 88 | rcService snort enable yes || exit 0 |
| michael@549 | 89 | if [ ".$snort_update_time" = .weekly ]; then |
| michael@549 | 90 | snort_update || exit $? |
| michael@549 | 91 | fi |
| michael@549 | 92 |
