• file
• revisions
• annotate
• diff
• comparison
• raw

snort/rc.snort@79e32993cb4d (annotated)

snort/rc.snort

Sun, 02 Sep 2012 18:18:43 +0200

author

Michael Schloh von Bennewitz <michael@schloh.com>

date

Sun, 02 Sep 2012 18:18:43 +0200

changeset 659

79e32993cb4d

permissions

-rw-r--r--

Introduce new version of tcpdump, reorder taglib and cryptbreaker to
the end because they fail to build on Linux, and correct flawed URLs
probably copied from the doxygen build entry.

michael@549	1	#!@l_prefix@/bin/openpkg rc
michael@549	2	##
michael@549	3	## rc.snort -- Run-Commands
michael@549	4	##
michael@549	5
michael@549	6	%config
michael@549	7	snort_enable="$openpkg_rc_def"
michael@549	8	snort_if=""
michael@549	9	snort_flags="-N -Afast -o"
michael@549	10	snort_log_prolog="true"
michael@549	11	snort_log_epilog="true"
michael@549	12	snort_log_numfiles="10"
michael@549	13	snort_log_minsize="1M"
michael@549	14	snort_log_complevel="9"
michael@549	15	snort_update_time="once"
michael@549	16	snort_update_source="file://@l_prefix@/share/snort/rules.tar.gz"
michael@549	17
michael@549	18	%common
michael@549	19	snort_cfgfile="@l_prefix@/etc/snort/snort.conf"
michael@549	20	snort_logdir="@l_prefix@/var/snort"
michael@549	21	snort_piddir="@l_prefix@/var/snort"
michael@549	22	snort_pidfile="$snort_piddir/snort_${snort_if}.pid"
michael@549	23	snort_signal () {
michael@549	24	[ -f $snort_pidfile ] && kill -$1 `cat $snort_pidfile`
michael@549	25	}
michael@549	26	snort_update () {
michael@549	27	@l_prefix@/sbin/snort-update "$snort_update_source"
michael@549	28	}
michael@549	29
michael@549	30	%status -u @l_susr@ -o
michael@549	31	snort_usable="no"
michael@549	32	snort_active="no"
michael@549	33	@l_prefix@/sbin/snort \
michael@549	34	-q -T \
michael@549	35	-u "@l_rusr@" -g "@l_rgrp@" \
michael@549	36	-i "$snort_if" \
michael@549	37	-c "$snort_cfgfile" \
michael@549	38	-l "$snort_logdir" \
michael@549	39	>/dev/null 2>&1 && snort_usable="yes"
michael@549	40	[ ".$snort_if" = . ] && snort_usable="no"
michael@549	41	rcService snort enable yes && snort_signal 0 && snort_active="yes"
michael@549	42	echo "snort_enable=\"$snort_enable\""
michael@549	43	echo "snort_usable=\"$snort_usable\""
michael@549	44	echo "snort_active=\"$snort_active\""
michael@549	45
michael@549	46	%start -p 100 -u @l_susr@
michael@549	47	rcService snort enable yes || exit 0
michael@549	48	rcService snort active yes && exit 0
michael@549	49	@l_prefix@/sbin/snort \
michael@549	50	-q -D \
michael@549	51	-u "@l_rusr@" -g "@l_rgrp@" \
michael@549	52	-i "$snort_if" \
michael@549	53	-c "$snort_cfgfile" \
michael@549	54	-l "$snort_logdir" \
michael@549	55	${snort_flags}
michael@549	56
michael@549	57	%stop -p 900 -u @l_susr@
michael@549	58	rcService snort enable yes || exit 0
michael@549	59	rcService snort active no && exit 0
michael@549	60	snort_signal TERM
michael@549	61	sleep 2
michael@549	62	rm -f $snort_pidfile 2>/dev/null || true
michael@549	63
michael@549	64	%restart -p 100 -u @l_susr@
michael@549	65	rcService snort enable yes || exit 0
michael@549	66	rcService snort active no && exit 0
michael@549	67	rc snort stop start
michael@549	68
michael@549	69	%hourly -u @l_rusr@
michael@549	70	rcService snort enable yes || exit 0
michael@549	71	if [ ".$snort_update_time" = .hourly ]; then
michael@549	72	snort_update || exit $?
michael@549	73	fi
michael@549	74
michael@549	75	%daily -u @l_rusr@
michael@549	76	rcService snort enable yes || exit 0
michael@549	77	if [ ".$snort_update_time" = .daily ]; then
michael@549	78	snort_update || exit $?
michael@549	79	fi
michael@549	80	shtool rotate -f \
michael@549	81	-n ${snort_log_numfiles} -s ${snort_log_minsize} -d \
michael@549	82	-z ${snort_log_complevel} -m 644 -o @l_rusr@ -g @l_rgrp@ \
michael@549	83	-P "${snort_log_prolog}" \
michael@549	84	-E "${snort_log_epilog}; rc snort reload" \
michael@549	85	$snort_logdir/snort.alert.log
michael@549	86
michael@549	87	%weekly -u @l_rusr@
michael@549	88	rcService snort enable yes || exit 0
michael@549	89	if [ ".$snort_update_time" = .weekly ]; then
michael@549	90	snort_update || exit $?
michael@549	91	fi
michael@549	92