Pastebin launched a little side project called VERYVIRAL.com, check it out ;-) Want more features on Pastebin? Sign Up, it's FREE!
Guest

/etc/init.d/snort

By: a guest on Jun 11th, 2013  |  syntax: None  |  size: 3.90 KB  |  views: 23  |  expires: Never
download  |  raw  |  embed  |  report abuse  |  print
Text below is selected. Please press Ctrl+C to copy to your clipboard. (⌘+C on Mac)
  1. #!/bin/bash
  2. #
  3. # snort Start up the SNORT Intrusion Detection System daemon
  4. #
  5. # chkconfig: 2345 55 25
  6. # description: SNORT is a Open Source Intrusion Detection System
  7. # This service starts up the snort daemon.
  8. #
  9. # processname: snort
  10. # pidfile: /var/run/snort_eth0.pid
  11. ### BEGIN INIT INFO
  12. # Provides: snort
  13. # Required-Start: $local_fs $network $syslog
  14. # Required-Stop: $local_fs $syslog
  15. # Should-Start: $syslog
  16. # Should-Stop: $network $syslog
  17. # Default-Start: 2 3 4 5
  18. # Default-Stop: 0 1 6
  19. # Short-Description: Start up the SNORT Intrusion Detection System daemon
  20. # Description: SNORT is an application for Open Source Intrusion Detection.
  21. #              This service starts up the Snort IDS daemon.
  22. ### END INIT INFO
  23.  
  24. # source function library
  25. . /etc/rc.d/init.d/functions
  26.  
  27. # pull in sysconfig settings
  28. [ -f /etc/sysconfig/snort ] && . /etc/sysconfig/snort
  29.  
  30. RETVAL=0
  31. prog="snort"
  32. lockfile=/var/lock/subsys/$prog
  33.  
  34. # Some functions to make the below more readable
  35. SNORTD=/usr/local/bin/snort
  36. #OPTIONS="-A fast -b -d -D -i eth0 -u snort -g snort -c /etc/snort/snort.conf -l /var/log/snort"
  37. #PID_FILE=/var/run/snort_eth0.pid
  38.  
  39. # Convert the /etc/sysconfig/snort settings to something snort can
  40. # use on the startup line.
  41. if [ "$ALERTMODE"X = "X" ]; then
  42.    ALERTMODE=""
  43. else
  44.    ALERTMODE="-A $ALERTMODE"
  45. fi
  46.  
  47. if [ "$USER"X = "X" ]; then
  48.    USER="snort"
  49. fi
  50. if [ "$GROUP"X = "X" ]; then
  51.    GROUP="snort"
  52. fi
  53.  
  54. if [ "$BINARY_LOG"X = "1X" ]; then
  55.    BINARY_LOG="-b"
  56. else
  57.    BINARY_LOG=""
  58. fi
  59.  
  60. if [ "$LINK_LAYER"X = "1X" ]; then
  61.    LINK_LAYER="-e"
  62. else
  63.    LINK_LAYER=""
  64. fi
  65.  
  66. if [ "$CONF"X = "X" ]; then
  67.    CONF="-c /etc/snort/snort.conf"
  68. else
  69.    CONF="-c $CONF"
  70. fi
  71.  
  72. if [ "$INTERFACE"X = "X" ]; then
  73.    INTERFACE="-i eth0"
  74.    PID_FILE="/var/run/snort_eth0.pid"
  75. else
  76.    PID_FILE="/var/run/snort_$INTERFACE.pid"
  77. INTERFACE="-i $INTERFACE"
  78. fi
  79.  
  80. if [ "$DUMP_APP"X = "1X" ]; then
  81. DUMP_APP="-d"
  82. else
  83. DUMP_APP=""
  84. fi
  85.  
  86. if [ "$NO_PACKET_LOG"X = "1X" ]; then
  87. NO_PACKET_LOG="-N"
  88. else
  89. NO_PACKET_LOG=""
  90. fi
  91.  
  92. if [ "$PRINT_INTERFACE"X = "1X" ]; then
  93. PRINT_INTERFACE="-I"
  94. else
  95. PRINT_INTERFACE=""
  96. fi
  97.  
  98. if [ "$PASS_FIRST"X = "1X" ]; then
  99. PASS_FIRST="-o"
  100. else
  101. PASS_FIRST=""
  102. fi
  103.  
  104. if [ "$LOGDIR"X = "X" ]; then
  105. LOGDIR=/var/log/snort
  106. fi
  107.  
  108. # These are used by the 'stats' option
  109. if [ "$SYSLOG"X = "X" ]; then
  110. SYSLOG=/var/log/messages
  111. fi
  112.  
  113. if [ "$SECS"X = "X" ]; then
  114. SECS=5
  115. fi
  116.  
  117. if [ ! "$BPFFILE"X = "X" ]; then
  118. BPFFILE="-F $BPFFILE"
  119. fi
  120.  
  121. runlevel=$(set -- $(runlevel); eval "echo \$$#" )
  122.  
  123. start()
  124. {
  125.     [ -x $SNORTD ] || exit 5  
  126.  
  127.     echo -n $"Starting $prog:"
  128.         daemon --pidfile=$PID_FILE $SNORTD $ALERTMODE $BINARY_LOG
  129.     $LINK_LAYER $NO_PACKET_LOG $DUMP_APP -D $PRINT_INTERFACE
  130.     $INTERFACE -u $USER -g $GROUP $CONF -l $LOGDIR $PASS_FIRST $BPFFILE
  131.     $BPF && success || failure
  132.          RETVAL=$?
  133.     [ $RETVAL -eq 0 ] && touch $lockfile
  134.     echo
  135.     return $RETVAL
  136. }
  137. stop()
  138. {
  139.      echo -n $"Stopping $prog: "
  140.      killproc $SNORTD
  141.      if [ -e $PID_FILE ]; then
  142.         chown -R $USER:$GROUP /var/run/snort_eth0.* &&
  143.         rm -f /var/run/snort_eth0.pi*
  144.      fi
  145.      RETVAL=$?
  146.      # if we are in halt or reboot runlevel kill all running sessions
  147.      # so the TCP connections are closed cleanly
  148.      if [ "x$runlevel" = x0 -o "x$runlevel" = x6 ] ; then
  149.      trap '' TERM
  150.      killall $prog 2>/dev/null
  151.      trap TERM
  152.      fi
  153.      [ $RETVAL -eq 0 ] && rm -f $lockfile
  154.      echo
  155.      return $RETVAL
  156. }
  157.  
  158. restart() {
  159.         stop
  160.         start
  161. }
  162.  
  163. rh_status() {
  164.         status -p $PID_FILE $SNORTD
  165. }
  166.  
  167. rh_status_q() {
  168.         rh_status >/dev/null 2>&1
  169. }
  170. case "$1" in
  171.        start)
  172.         rh_status_q && exit 0
  173.         start
  174.         ;;
  175.         stop)
  176.         if ! rh_status_q; then
  177.            
  178.            rm -f $lockfile
  179.            exit 0
  180.         fi
  181.         stop
  182.         ;;
  183. restart)
  184.         restart
  185.         ;;
  186. status)
  187.         rh_status
  188.         RETVAL=$?
  189.         if [ $RETVAL -eq 3 -a -f $lockfile ] ; then
  190.         RETVAL=2
  191.         fi
  192.         ;;
  193. *)
  194.         echo $"Usage: $0 {start|stop|restart|status}"
  195.         RETVAL=2
  196. esac
  197. exit $RETVAL
clone this paste RAW Paste Data