Patrick Williams | b48b7b4 | 2016-08-17 15:04:38 -0500 | [diff] [blame] | 1 | #!/bin/sh |
| 2 | # |
| 3 | # Snort Startup Script modified for OpenEmbedded |
| 4 | # |
| 5 | |
| 6 | # Script variables |
| 7 | |
| 8 | LAN_INTERFACE="$2" |
| 9 | RETURN_VAL=0 |
| 10 | BINARY=/usr/bin/snort |
| 11 | PATH=/bin:/usr/bin |
| 12 | PID=/var/run/snort_${LAN_INTERFACE}_ids.pid |
| 13 | DEL_PID=$PID |
| 14 | LOGDIR="/var/log/snort" |
| 15 | DATE=`/bin/date +%Y%m%d` |
| 16 | CONFIG_FILE=/etc/snort/snort.conf |
| 17 | PROG=snort |
| 18 | USER=root |
| 19 | GROUP=root |
| 20 | |
| 21 | if [ ! -x "$BINARY" ]; then |
| 22 | echo "ERROR: $BINARY not found." |
| 23 | exit 1 |
| 24 | fi |
| 25 | |
| 26 | if [ ! -r "$CONFIG_FILE" ]; then |
| 27 | echo "ERROR: $CONFIG_FILE not found." |
| 28 | exit 1 |
| 29 | fi |
| 30 | |
| 31 | start() |
| 32 | { |
| 33 | |
| 34 | [ -n "$LAN_INTERFACE" ] || return 0 |
| 35 | # Check if log diratory is present. Otherwise, create it. |
| 36 | if [ ! -d $LOGDIR/$DATE ]; then |
| 37 | mkdir -d $LOGDIR/$DATE |
| 38 | /bin/chown -R $USER:$USER $LOGDIR/$DATE |
| 39 | /bin/chmod -R 700 $LOGDIR/$DATE |
| 40 | fi |
| 41 | |
| 42 | /bin/echo "Starting $PROG: " |
| 43 | # Snort parameters |
| 44 | # -D Run Snort in background (daemon) mode |
| 45 | # -i <if> Listen on interface <if> |
| 46 | # -u <uname> Run snort uid as <uname> user (or uid) |
| 47 | # -g <gname> Run snort uid as <gname> group (or gid) |
| 48 | # -c Load configuration file |
| 49 | # -N Turn off logging (alerts still work) (removed to enable logging) :) |
| 50 | # -l Log to directory |
| 51 | # -t Chroots process to directory after initialization |
| 52 | # -R <id> Include 'id' in snort_intf<id>.pid file name |
| 53 | |
| 54 | $BINARY -D -i $LAN_INTERFACE -u $USER -g $GROUP -c $CONFIG_FILE -l $LOGDIR/$DATE -t $LOGDIR/$DATE -R _ids |
| 55 | /bin/echo "$PROG startup complete." |
| 56 | return $RETURN_VAL |
| 57 | } |
| 58 | |
| 59 | stop() |
| 60 | { |
| 61 | if [ -s $PID ]; then |
| 62 | /bin/echo "Stopping $PROG with PID `cat $PID`: " |
| 63 | kill -TERM `cat $PID` 2>/dev/null |
| 64 | RETURN_VAL=$? |
| 65 | /bin/echo "$PROG shutdown complete." |
| 66 | [ -e $DEL_PID ] && rm -f $DEL_PID |
| 67 | [ -e $DEL_PID.lck ] && rm -f $DEL_PID.lck |
| 68 | else |
| 69 | /bin/echo "ERROR: PID in $PID file not found." |
| 70 | RETURN_VAL=1 |
| 71 | fi |
| 72 | return $RETURN_VAL |
| 73 | } |
| 74 | |
| 75 | status() { |
| 76 | if [ -s $PID ]; then |
| 77 | echo "$PROG is running as pid `cat $PID`:" |
| 78 | else |
| 79 | echo "$PROG is not running." |
| 80 | fi |
| 81 | } |
| 82 | |
| 83 | restart() |
| 84 | { |
| 85 | stop |
| 86 | start |
| 87 | RETURN_VAL=$? |
| 88 | return $RETURN_VAL |
| 89 | } |
| 90 | |
| 91 | case "$1" in |
| 92 | start) |
| 93 | start |
| 94 | ;; |
| 95 | stop) |
| 96 | stop |
| 97 | ;; |
| 98 | status) |
| 99 | status |
| 100 | ;; |
| 101 | restart|reload) |
| 102 | restart |
| 103 | ;; |
| 104 | *) |
| 105 | /bin/echo "Usage: $0 {start|stop|status|restart|reload}" |
| 106 | RETURN_VAL=1 |
| 107 | esac |
| 108 | |
| 109 | exit $RETURN_VAL |