meta-networking/recipes-connectivity/snort/snort/snort.init


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110

#!/bin/sh
#
# Snort Startup Script modified for OpenEmbedded
#

# Script variables

LAN_INTERFACE="$2"
RETURN_VAL=0
BINARY=/usr/bin/snort
PATH=/bin:/usr/bin
PID=/var/run/snort_${LAN_INTERFACE}_ids.pid
DEL_PID=$PID
LOGDIR="/var/log/snort"
DATE=`/bin/date +%Y%m%d`
CONFIG_FILE=/etc/snort/snort.conf
PROG=snort
USER=root
GROUP=root

if [ ! -x "$BINARY" ]; then
    echo "ERROR: $BINARY not found."
    exit 1
fi

if [ ! -r "$CONFIG_FILE" ]; then
    echo "ERROR: $CONFIG_FILE not found."
    exit 1
fi

start()
{
    [ -n "$LAN_INTERFACE" ] || return 0
    # Check if log diratory is present. Otherwise, create it.
    if [ ! -d $LOGDIR/$DATE ]; then
        mkdir -p $LOGDIR/$DATE
        /bin/chown -R $USER:$USER $LOGDIR/$DATE
        /bin/chmod -R 700 $LOGDIR/$DATE
    fi

    /bin/echo "Starting $PROG: "

    # Snort parameters
    # -D Run Snort in background (daemon) mode
    # -i <if> Listen on interface <if>
    # -u <uname> Run snort uid as <uname> user (or uid)
    # -g <gname> Run snort uid as <gname> group (or gid)
    # -c Load configuration file
    # -N Turn off logging (alerts still work) (removed to enable logging) :)
    # -l Log to directory
    # -t Chroots process to directory after initialization
    # -R <id> Include 'id' in snort_intf<id>.pid file name

    $BINARY -D -i $LAN_INTERFACE -u $USER -g $GROUP -c $CONFIG_FILE -l $LOGDIR/$DATE -t $LOGDIR/$DATE -R _ids
    /bin/echo "$PROG startup complete."
    return $RETURN_VAL
}

stop()
{
    if [ -s $PID ]; then
        /bin/echo "Stopping $PROG with PID `cat $PID`: "
        kill -TERM `cat $PID` 2>/dev/null
        RETURN_VAL=$?
        /bin/echo "$PROG shutdown complete."
        [ -e $DEL_PID ] && rm -f $DEL_PID
        [ -e $DEL_PID.lck ] && rm -f $DEL_PID.lck
    else
        /bin/echo "ERROR: PID in $PID file not found."
        RETURN_VAL=1
    fi
    return $RETURN_VAL
}

status()
{
    if [ -s $PID ]; then
        echo "$PROG is running as pid `cat $PID`:"
    else
        echo "$PROG is not running."
    fi
}

restart()
{
    stop
    start
    RETURN_VAL=$?
    return $RETURN_VAL
}

case "$1" in
    start)
        start
        ;;
    stop)
        stop
        ;;
    status)
        status
        ;;
    restart|reload)
        restart
        ;;
    *)
        /bin/echo "Usage: $0 {start|stop|status|restart|reload}"
        RETURN_VAL=1
esac

exit $RETURN_VAL