API tools faq
paste
Advertisement
Guest User

/etc/init.d/snort

a guest
Jun 11th, 2013
76
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 3.90 KB | None | 0 0
raw download clone embed print report
  1. #!/bin/bash
  2. #
  3. # snort Start up the SNORT Intrusion Detection System daemon
  4. #
  5. # chkconfig: 2345 55 25
  6. # description: SNORT is a Open Source Intrusion Detection System
  7. # This service starts up the snort daemon.
  8. #
  9. # processname: snort
  10. # pidfile: /var/run/snort_eth0.pid
  11. ### BEGIN INIT INFO
  12. # Provides: snort
  13. # Required-Start: $local_fs $network $syslog
  14. # Required-Stop: $local_fs $syslog
  15. # Should-Start: $syslog
  16. # Should-Stop: $network $syslog
  17. # Default-Start: 2 3 4 5
  18. # Default-Stop: 0 1 6
  19. # Short-Description: Start up the SNORT Intrusion Detection System daemon
  20. # Description: SNORT is an application for Open Source Intrusion Detection.
  21. # This service starts up the Snort IDS daemon.
  22. ### END INIT INFO
  23.  
  24. # source function library
  25. . /etc/rc.d/init.d/functions
  26.  
  27. # pull in sysconfig settings
  28. [ -f /etc/sysconfig/snort ] && . /etc/sysconfig/snort
  29.  
  30. RETVAL=0
  31. prog="snort"
  32. lockfile=/var/lock/subsys/$prog
  33.  
  34. # Some functions to make the below more readable
  35. SNORTD=/usr/local/bin/snort
  36. #OPTIONS="-A fast -b -d -D -i eth0 -u snort -g snort -c /etc/snort/snort.conf -l /var/log/snort"
  37. #PID_FILE=/var/run/snort_eth0.pid
  38.  
  39. # Convert the /etc/sysconfig/snort settings to something snort can
  40. # use on the startup line.
  41. if [ "$ALERTMODE"X = "X" ]; then
  42. ALERTMODE=""
  43. else
  44. ALERTMODE="-A $ALERTMODE"
  45. fi
  46.  
  47. if [ "$USER"X = "X" ]; then
  48. USER="snort"
  49. fi
  50. if [ "$GROUP"X = "X" ]; then
  51. GROUP="snort"
  52. fi
  53.  
  54. if [ "$BINARY_LOG"X = "1X" ]; then
  55. BINARY_LOG="-b"
  56. else
  57. BINARY_LOG=""
  58. fi
  59.  
  60. if [ "$LINK_LAYER"X = "1X" ]; then
  61. LINK_LAYER="-e"
  62. else
  63. LINK_LAYER=""
  64. fi
  65.  
  66. if [ "$CONF"X = "X" ]; then
  67. CONF="-c /etc/snort/snort.conf"
  68. else
  69. CONF="-c $CONF"
  70. fi
  71.  
  72. if [ "$INTERFACE"X = "X" ]; then
  73. INTERFACE="-i eth0"
  74. PID_FILE="/var/run/snort_eth0.pid"
  75. else
  76. PID_FILE="/var/run/snort_$INTERFACE.pid"
  77. INTERFACE="-i $INTERFACE"
  78. fi
  79.  
  80. if [ "$DUMP_APP"X = "1X" ]; then
  81. DUMP_APP="-d"
  82. else
  83. DUMP_APP=""
  84. fi
  85.  
  86. if [ "$NO_PACKET_LOG"X = "1X" ]; then
  87. NO_PACKET_LOG="-N"
  88. else
  89. NO_PACKET_LOG=""
  90. fi
  91.  
  92. if [ "$PRINT_INTERFACE"X = "1X" ]; then
  93. PRINT_INTERFACE="-I"
  94. else
  95. PRINT_INTERFACE=""
  96. fi
  97.  
  98. if [ "$PASS_FIRST"X = "1X" ]; then
  99. PASS_FIRST="-o"
  100. else
  101. PASS_FIRST=""
  102. fi
  103.  
  104. if [ "$LOGDIR"X = "X" ]; then
  105. LOGDIR=/var/log/snort
  106. fi
  107.  
  108. # These are used by the 'stats' option
  109. if [ "$SYSLOG"X = "X" ]; then
  110. SYSLOG=/var/log/messages
  111. fi
  112.  
  113. if [ "$SECS"X = "X" ]; then
  114. SECS=5
  115. fi
  116.  
  117. if [ ! "$BPFFILE"X = "X" ]; then
  118. BPFFILE="-F $BPFFILE"
  119. fi
  120.  
  121. runlevel=$(set -- $(runlevel); eval "echo \$$#" )
  122.  
  123. start()
  124. {
  125. [ -x $SNORTD ] || exit 5
  126.  
  127. echo -n $"Starting $prog:"
  128. daemon --pidfile=$PID_FILE $SNORTD $ALERTMODE $BINARY_LOG
  129. $LINK_LAYER $NO_PACKET_LOG $DUMP_APP -D $PRINT_INTERFACE
  130. $INTERFACE -u $USER -g $GROUP $CONF -l $LOGDIR $PASS_FIRST $BPFFILE
  131. $BPF && success || failure
  132. RETVAL=$?
  133. [ $RETVAL -eq 0 ] && touch $lockfile
  134. echo
  135. return $RETVAL
  136. }
  137. stop()
  138. {
  139. echo -n $"Stopping $prog: "
  140. killproc $SNORTD
  141. if [ -e $PID_FILE ]; then
  142. chown -R $USER:$GROUP /var/run/snort_eth0.* &&
  143. rm -f /var/run/snort_eth0.pi*
  144. fi
  145. RETVAL=$?
  146. # if we are in halt or reboot runlevel kill all running sessions
  147. # so the TCP connections are closed cleanly
  148. if [ "x$runlevel" = x0 -o "x$runlevel" = x6 ] ; then
  149. trap '' TERM
  150. killall $prog 2>/dev/null
  151. trap TERM
  152. fi
  153. [ $RETVAL -eq 0 ] && rm -f $lockfile
  154. echo
  155. return $RETVAL
  156. }
  157.  
  158. restart() {
  159. stop
  160. start
  161. }
  162.  
  163. rh_status() {
  164. status -p $PID_FILE $SNORTD
  165. }
  166.  
  167. rh_status_q() {
  168. rh_status >/dev/null 2>&1
  169. }
  170. case "$1" in
  171. start)
  172. rh_status_q && exit 0
  173. start
  174. ;;
  175. stop)
  176. if ! rh_status_q; then
  177.  
  178. rm -f $lockfile
  179. exit 0
  180. fi
  181. stop
  182. ;;
  183. restart)
  184. restart
  185. ;;
  186. status)
  187. rh_status
  188. RETVAL=$?
  189. if [ $RETVAL -eq 3 -a -f $lockfile ] ; then
  190. RETVAL=2
  191. fi
  192. ;;
  193. *)
  194. echo $"Usage: $0 {start|stop|restart|status}"
  195. RETVAL=2
  196. esac
  197. exit $RETVAL
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!