snort/rc.snort@914043724d20
snort/rc.snort
Sat, 06 Oct 2012 16:24:01 +0200
- author
- Michael Schloh von Bennewitz <michael@schloh.com>
- date
- Sat, 06 Oct 2012 16:24:01 +0200
- changeset 727
- 914043724d20
- permissions
- -rw-r--r--
Update to new vendor software version and adjust patch code accordingly.
Unfortunately the vendor has apparently failed to properly test this
release which depends on missing object symbols in libsasl2.a(common.o):
undefined reference to `sasl_randcreate'
undefined reference to `sasl_mkchal'
undefined reference to `sasl_utf8verify'
undefined reference to `sasl_rand'
undefined reference to `sasl_churn'
undefined reference to `sasl_encode64'
undefined reference to `sasl_decode64'
undefined reference to `sasl_erasebuffer'
undefined reference to `sasl_randfree'
undefined reference to `sasl_strlower'
undefined reference to `get_fqhostname'
...yet to be patched.
1 #!@l_prefix@/bin/openpkg rc
2 ##
3 ## rc.snort -- Run-Commands
4 ##
6 %config
7 snort_enable="$openpkg_rc_def"
8 snort_if=""
9 snort_flags="-N -Afast -o"
10 snort_log_prolog="true"
11 snort_log_epilog="true"
12 snort_log_numfiles="10"
13 snort_log_minsize="1M"
14 snort_log_complevel="9"
15 snort_update_time="once"
16 snort_update_source="file://@l_prefix@/share/snort/rules.tar.gz"
18 %common
19 snort_cfgfile="@l_prefix@/etc/snort/snort.conf"
20 snort_logdir="@l_prefix@/var/snort"
21 snort_piddir="@l_prefix@/var/snort"
22 snort_pidfile="$snort_piddir/snort_${snort_if}.pid"
23 snort_signal () {
24 [ -f $snort_pidfile ] && kill -$1 `cat $snort_pidfile`
25 }
26 snort_update () {
27 @l_prefix@/sbin/snort-update "$snort_update_source"
28 }
30 %status -u @l_susr@ -o
31 snort_usable="no"
32 snort_active="no"
33 @l_prefix@/sbin/snort \
34 -q -T \
35 -u "@l_rusr@" -g "@l_rgrp@" \
36 -i "$snort_if" \
37 -c "$snort_cfgfile" \
38 -l "$snort_logdir" \
39 >/dev/null 2>&1 && snort_usable="yes"
40 [ ".$snort_if" = . ] && snort_usable="no"
41 rcService snort enable yes && snort_signal 0 && snort_active="yes"
42 echo "snort_enable=\"$snort_enable\""
43 echo "snort_usable=\"$snort_usable\""
44 echo "snort_active=\"$snort_active\""
46 %start -p 100 -u @l_susr@
47 rcService snort enable yes || exit 0
48 rcService snort active yes && exit 0
49 @l_prefix@/sbin/snort \
50 -q -D \
51 -u "@l_rusr@" -g "@l_rgrp@" \
52 -i "$snort_if" \
53 -c "$snort_cfgfile" \
54 -l "$snort_logdir" \
55 ${snort_flags}
57 %stop -p 900 -u @l_susr@
58 rcService snort enable yes || exit 0
59 rcService snort active no && exit 0
60 snort_signal TERM
61 sleep 2
62 rm -f $snort_pidfile 2>/dev/null || true
64 %restart -p 100 -u @l_susr@
65 rcService snort enable yes || exit 0
66 rcService snort active no && exit 0
67 rc snort stop start
69 %hourly -u @l_rusr@
70 rcService snort enable yes || exit 0
71 if [ ".$snort_update_time" = .hourly ]; then
72 snort_update || exit $?
73 fi
75 %daily -u @l_rusr@
76 rcService snort enable yes || exit 0
77 if [ ".$snort_update_time" = .daily ]; then
78 snort_update || exit $?
79 fi
80 shtool rotate -f \
81 -n ${snort_log_numfiles} -s ${snort_log_minsize} -d \
82 -z ${snort_log_complevel} -m 644 -o @l_rusr@ -g @l_rgrp@ \
83 -P "${snort_log_prolog}" \
84 -E "${snort_log_epilog}; rc snort reload" \
85 $snort_logdir/snort.alert.log
87 %weekly -u @l_rusr@
88 rcService snort enable yes || exit 0
89 if [ ".$snort_update_time" = .weekly ]; then
90 snort_update || exit $?
91 fi
