kpriv/freebsd-ports
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
freebsd-ports/security/snort/files/snort.in
Doug Barton 9aac569eaa Move the rc.d scripts of the form *.sh.in to *.in 
Where necessary add $FreeBSD$ to the file

No PORTREVISION bump necessary because this is a no-op
2012-08-05 23:19:36 +00:00

72 lines
2 KiB
Bash
Raw Blame History

#!/bin/sh
# $FreeBSD$
# PROVIDE: snort
# REQUIRE: DAEMON
# BEFORE: LOGIN
# KEYWORD: shutdown
# Add the following lines to /etc/rc.conf to enable snort:
# snort_enable (bool): Set to YES to enable snort
# Default: NO
# snort_flags (str): Extra flags passed to snort
# Default: -D -q
# snort_interface (str): Network interface to sniff
# Default: ""
# snort_conf (str): Snort configuration file
# Default: ${PREFIX}/etc/snort/snort.conf
# snort_expression (str): filter expression
# If your expression is very long, set
# kern.ps_arg_cache_limit sysctl variable
# to large value. Otherwise, snort won't
# restart!
# Default: ""
#
# To enable multi interface, use:
# snort_rules="eth0 eth1"
# defaults will follow, snort.conf becomes 'snort_eth0.conf', etc.
. /etc/rc.subr
name="snort"
rcvar=snort_enable
extra_commands=reload
command="%%PREFIX%%/bin/snort"
load_rc_config $name
[ -z "$snort_enable" ] && snort_enable="NO"
[ -z "$snort_conf" ] && snort_conf="%%PREFIX%%/etc/snort/snort.conf"
[ -z "$snort_flags" ] && snort_flags="-D -q"
[ -n "$snort_interface" ] && snort_flags="$snort_flags -i $snort_interface" \
&& pidfile="/var/run/snort_${snort_interface}.pid"
[ -n "$snort_conf" ] && snort_flags="$snort_flags -c $snort_conf"
[ -n "$snort_expression" ] && snort_flags="$snort_flags $snort_expression"
if [ -n "$snort_rules" ]; then
_1=$1
if [ $# -gt 1 ]; then shift; snort_rules=$*; fi
snort_conf=""
snort_flags=""
rc=0
for i in ${snort_rules}; do
eval _conf=\$snort_${i}_conf
eval _flags=\$snort_${i}_flags
[ -z "$_flags" ] && _flags="-D -q"
eval _intf=\$snort_${i}_interface
eval _expr=\$snort_${i}_expression
if [ -n "$_intf" ] ;then
_conf="$_conf -i $_intf"
eval pidfile="/var/run/snort_$_intf.pid"
fi
command_args="$_flags -c $_conf $_expr"
run_rc_command "$_1"
if [ $? -ne 0 ]; then rc=1; fi
unset _pidcmd _rc_restart_done
done
exit $rc
else
run_rc_command "$1"
fi
Reference in a new issue View git blame Copy permalink