michael@549: #!@l_prefix@/bin/openpkg rc michael@549: ## michael@549: ## rc.snort -- Run-Commands michael@549: ## michael@549: michael@549: %config michael@549: snort_enable="$openpkg_rc_def" michael@549: snort_if="" michael@549: snort_flags="-N -Afast -o" michael@549: snort_log_prolog="true" michael@549: snort_log_epilog="true" michael@549: snort_log_numfiles="10" michael@549: snort_log_minsize="1M" michael@549: snort_log_complevel="9" michael@549: snort_update_time="once" michael@549: snort_update_source="file://@l_prefix@/share/snort/rules.tar.gz" michael@549: michael@549: %common michael@549: snort_cfgfile="@l_prefix@/etc/snort/snort.conf" michael@549: snort_logdir="@l_prefix@/var/snort" michael@549: snort_piddir="@l_prefix@/var/snort" michael@549: snort_pidfile="$snort_piddir/snort_${snort_if}.pid" michael@549: snort_signal () { michael@549: [ -f $snort_pidfile ] && kill -$1 `cat $snort_pidfile` michael@549: } michael@549: snort_update () { michael@549: @l_prefix@/sbin/snort-update "$snort_update_source" michael@549: } michael@549: michael@549: %status -u @l_susr@ -o michael@549: snort_usable="no" michael@549: snort_active="no" michael@549: @l_prefix@/sbin/snort \ michael@549: -q -T \ michael@549: -u "@l_rusr@" -g "@l_rgrp@" \ michael@549: -i "$snort_if" \ michael@549: -c "$snort_cfgfile" \ michael@549: -l "$snort_logdir" \ michael@549: >/dev/null 2>&1 && snort_usable="yes" michael@549: [ ".$snort_if" = . ] && snort_usable="no" michael@549: rcService snort enable yes && snort_signal 0 && snort_active="yes" michael@549: echo "snort_enable=\"$snort_enable\"" michael@549: echo "snort_usable=\"$snort_usable\"" michael@549: echo "snort_active=\"$snort_active\"" michael@549: michael@549: %start -p 100 -u @l_susr@ michael@549: rcService snort enable yes || exit 0 michael@549: rcService snort active yes && exit 0 michael@549: @l_prefix@/sbin/snort \ michael@549: -q -D \ michael@549: -u "@l_rusr@" -g "@l_rgrp@" \ michael@549: -i "$snort_if" \ michael@549: -c "$snort_cfgfile" \ michael@549: -l "$snort_logdir" \ michael@549: ${snort_flags} michael@549: michael@549: %stop -p 900 -u @l_susr@ michael@549: rcService snort enable yes || exit 0 michael@549: rcService snort active no && exit 0 michael@549: snort_signal TERM michael@549: sleep 2 michael@549: rm -f $snort_pidfile 2>/dev/null || true michael@549: michael@549: %restart -p 100 -u @l_susr@ michael@549: rcService snort enable yes || exit 0 michael@549: rcService snort active no && exit 0 michael@549: rc snort stop start michael@549: michael@549: %hourly -u @l_rusr@ michael@549: rcService snort enable yes || exit 0 michael@549: if [ ".$snort_update_time" = .hourly ]; then michael@549: snort_update || exit $? michael@549: fi michael@549: michael@549: %daily -u @l_rusr@ michael@549: rcService snort enable yes || exit 0 michael@549: if [ ".$snort_update_time" = .daily ]; then michael@549: snort_update || exit $? michael@549: fi michael@549: shtool rotate -f \ michael@549: -n ${snort_log_numfiles} -s ${snort_log_minsize} -d \ michael@549: -z ${snort_log_complevel} -m 644 -o @l_rusr@ -g @l_rgrp@ \ michael@549: -P "${snort_log_prolog}" \ michael@549: -E "${snort_log_epilog}; rc snort reload" \ michael@549: $snort_logdir/snort.alert.log michael@549: michael@549: %weekly -u @l_rusr@ michael@549: rcService snort enable yes || exit 0 michael@549: if [ ".$snort_update_time" = .weekly ]; then michael@549: snort_update || exit $? michael@549: fi michael@549: