OpenPKG Specs: snort/rc.snort@c10fb90893b9

Correct out of date build configuration, porting to Solaris 11 network
link infrastructure and new libpcap logic. This additionally allows for
device drivers in subdirectories of /dev. Correct packaged nmap
personalities and signatures to work out of the box. Finally, hack
arpd logic to properly close sockets and quit on TERM by repeating
signaling in the run command script. Sadly, all this fails to correct
the run time behaviour of honeyd which fails to bind to the IP layer.

     1 #!@l_prefix@/bin/openpkg rc

     2 ##

     3 ##  rc.snort -- Run-Commands

     4 ##

     6 %config

     7     snort_enable="$openpkg_rc_def"

     8     snort_if=""

     9     snort_flags="-N -Afast -o"

    10     snort_log_prolog="true"

    11     snort_log_epilog="true"

    12     snort_log_numfiles="10"

    13     snort_log_minsize="1M"

    14     snort_log_complevel="9"

    15     snort_update_time="once"

    16     snort_update_source="file://@l_prefix@/share/snort/rules.tar.gz"

    18 %common

    19     snort_cfgfile="@l_prefix@/etc/snort/snort.conf"

    20     snort_logdir="@l_prefix@/var/snort"

    21     snort_piddir="@l_prefix@/var/snort"

    22     snort_pidfile="$snort_piddir/snort_${snort_if}.pid"

    23     snort_signal () {

    24         [ -f $snort_pidfile ] && kill -$1 `cat $snort_pidfile`

    25     }

    26     snort_update () {

    27         @l_prefix@/sbin/snort-update "$snort_update_source"

    28     }

    30 %status -u @l_susr@ -o

    31     snort_usable="no"

    32     snort_active="no"

    33     @l_prefix@/sbin/snort \

    34         -q -T \

    35         -u "@l_rusr@" -g "@l_rgrp@" \

    36         -i "$snort_if" \

    37         -c "$snort_cfgfile" \

    38         -l "$snort_logdir" \

    39         >/dev/null 2>&1 && snort_usable="yes"

    40     [ ".$snort_if" = . ] && snort_usable="no"

    41     rcService snort enable yes && snort_signal 0 && snort_active="yes"

    42     echo "snort_enable=\"$snort_enable\""

    43     echo "snort_usable=\"$snort_usable\""

    44     echo "snort_active=\"$snort_active\""

    46 %start -p 100 -u @l_susr@

    47     rcService snort enable yes || exit 0

    48     rcService snort active yes && exit 0

    49     @l_prefix@/sbin/snort \

    50         -q -D \

    51         -u "@l_rusr@" -g "@l_rgrp@" \

    52         -i "$snort_if" \

    53         -c "$snort_cfgfile" \

    54         -l "$snort_logdir" \

    55         ${snort_flags}

    57 %stop -p 900 -u @l_susr@

    58     rcService snort enable yes || exit 0

    59     rcService snort active no  && exit 0

    60     snort_signal TERM

    61     sleep 2

    62     rm -f $snort_pidfile 2>/dev/null || true

    64 %restart -p 100 -u @l_susr@

    65     rcService snort enable yes || exit 0

    66     rcService snort active no  && exit 0

    67     rc snort stop start

    69 %hourly -u @l_rusr@

    70     rcService snort enable yes || exit 0

    71     if [ ".$snort_update_time" = .hourly ]; then

    72         snort_update || exit $?

    73     fi

    75 %daily -u @l_rusr@

    76     rcService snort enable yes || exit 0

    77     if [ ".$snort_update_time" = .daily ]; then

    78         snort_update || exit $?

    79     fi

    80     shtool rotate -f \

    81         -n ${snort_log_numfiles} -s ${snort_log_minsize} -d \

    82         -z ${snort_log_complevel} -m 644 -o @l_rusr@ -g @l_rgrp@ \

    83         -P "${snort_log_prolog}" \

    84         -E "${snort_log_epilog}; rc snort reload" \

    85         $snort_logdir/snort.alert.log

    87 %weekly -u @l_rusr@

    88     rcService snort enable yes || exit 0

    89     if [ ".$snort_update_time" = .weekly ]; then

    90         snort_update || exit $?

    91     fi

OpenPKG Specs / file revision

snort/rc.snort@c10fb90893b9

snort/rc.snort