OpenPKG Specs: snort/rc.snort@c10fb90893b9 (annotated)

snort/rc.snort@c10fb90893b9 (annotated)

snort/rc.snort

Thu, 04 Oct 2012 20:30:05 +0200

author: Michael Schloh von Bennewitz <michael@schloh.com>
date: Thu, 04 Oct 2012 20:30:05 +0200
changeset 715: c10fb90893b9
permissions: -rw-r--r--

Correct out of date build configuration, porting to Solaris 11 network
link infrastructure and new libpcap logic. This additionally allows for
device drivers in subdirectories of /dev. Correct packaged nmap
personalities and signatures to work out of the box. Finally, hack
arpd logic to properly close sockets and quit on TERM by repeating
signaling in the run command script. Sadly, all this fails to correct
the run time behaviour of honeyd which fails to bind to the IP layer.

 #!@l_prefix@/bin/openpkg rc
 ##
 ##  rc.snort -- Run-Commands
 ##
 %config
     snort_enable="$openpkg_rc_def"
     snort_if=""
     snort_flags="-N -Afast -o"
     snort_log_prolog="true"
     snort_log_epilog="true"
     snort_log_numfiles="10"
     snort_log_minsize="1M"
     snort_log_complevel="9"
     snort_update_time="once"
     snort_update_source="file://@l_prefix@/share/snort/rules.tar.gz"
 %common
     snort_cfgfile="@l_prefix@/etc/snort/snort.conf"
     snort_logdir="@l_prefix@/var/snort"
     snort_piddir="@l_prefix@/var/snort"
     snort_pidfile="$snort_piddir/snort_${snort_if}.pid"
     snort_signal () {
         [ -f $snort_pidfile ] && kill -$1 `cat $snort_pidfile`
     }
     snort_update () {
         @l_prefix@/sbin/snort-update "$snort_update_source"
     }
 %status -u @l_susr@ -o
     snort_usable="no"
     snort_active="no"
     @l_prefix@/sbin/snort \
         -q -T \
         -u "@l_rusr@" -g "@l_rgrp@" \
         -i "$snort_if" \
         -c "$snort_cfgfile" \
         -l "$snort_logdir" \
         >/dev/null 2>&1 && snort_usable="yes"
     [ ".$snort_if" = . ] && snort_usable="no"
     rcService snort enable yes && snort_signal 0 && snort_active="yes"
     echo "snort_enable=\"$snort_enable\""
     echo "snort_usable=\"$snort_usable\""
     echo "snort_active=\"$snort_active\""
 %start -p 100 -u @l_susr@
     rcService snort enable yes || exit 0
     rcService snort active yes && exit 0
     @l_prefix@/sbin/snort \
         -q -D \
         -u "@l_rusr@" -g "@l_rgrp@" \
         -i "$snort_if" \
         -c "$snort_cfgfile" \
         -l "$snort_logdir" \
         ${snort_flags}
 %stop -p 900 -u @l_susr@
     rcService snort enable yes || exit 0
     rcService snort active no  && exit 0
     snort_signal TERM
     sleep 2
     rm -f $snort_pidfile 2>/dev/null || true
 %restart -p 100 -u @l_susr@
     rcService snort enable yes || exit 0
     rcService snort active no  && exit 0
     rc snort stop start
 %hourly -u @l_rusr@
     rcService snort enable yes || exit 0
     if [ ".$snort_update_time" = .hourly ]; then
         snort_update || exit $?
     fi
 %daily -u @l_rusr@
     rcService snort enable yes || exit 0
     if [ ".$snort_update_time" = .daily ]; then
         snort_update || exit $?
     fi
     shtool rotate -f \
         -n ${snort_log_numfiles} -s ${snort_log_minsize} -d \
         -z ${snort_log_complevel} -m 644 -o @l_rusr@ -g @l_rgrp@ \
         -P "${snort_log_prolog}" \
         -E "${snort_log_epilog}; rc snort reload" \
         $snort_logdir/snort.alert.log
 %weekly -u @l_rusr@
     rcService snort enable yes || exit 0
     if [ ".$snort_update_time" = .weekly ]; then
         snort_update || exit $?
     fi

OpenPKG Specs / annotate

snort/rc.snort@c10fb90893b9 (annotated)

snort/rc.snort