diff options
Diffstat (limited to 'security/snort/files/snort.in')
| -rw-r--r-- | security/snort/files/snort.in | 72 |
1 files changed, 72 insertions, 0 deletions
diff --git a/security/snort/files/snort.in b/security/snort/files/snort.in new file mode 100644 index 000000000000..41e272dec014 --- /dev/null +++ b/security/snort/files/snort.in @@ -0,0 +1,72 @@ +#!/bin/sh +# $FreeBSD$ + +# PROVIDE: snort +# REQUIRE: DAEMON +# BEFORE: LOGIN +# KEYWORD: shutdown + +# Add the following lines to /etc/rc.conf to enable snort: +# snort_enable (bool): Set to YES to enable snort +# Default: NO +# snort_flags (str): Extra flags passed to snort +# Default: -D -q +# snort_interface (str): Network interface to sniff +# Default: "" +# snort_conf (str): Snort configuration file +# Default: ${PREFIX}/etc/snort/snort.conf +# snort_expression (str): filter expression +# If your expression is very long, set +# kern.ps_arg_cache_limit sysctl variable +# to large value. Otherwise, snort won't +# restart! +# Default: "" +# +# To enable multi interface, use: +# snort_rules="eth0 eth1" +# defaults will follow, snort.conf becomes 'snort_eth0.conf', etc. + +. /etc/rc.subr + +name="snort" +rcvar=snort_enable +extra_commands=reload + +command="%%PREFIX%%/bin/snort" + +load_rc_config $name + +[ -z "$snort_enable" ] && snort_enable="NO" +[ -z "$snort_conf" ] && snort_conf="%%PREFIX%%/etc/snort/snort.conf" +[ -z "$snort_flags" ] && snort_flags="-D -q" + +[ -n "$snort_interface" ] && snort_flags="$snort_flags -i $snort_interface" \ + && pidfile="/var/run/snort_${snort_interface}.pid" +[ -n "$snort_conf" ] && snort_flags="$snort_flags -c $snort_conf" +[ -n "$snort_expression" ] && snort_flags="$snort_flags $snort_expression" + +if [ -n "$snort_rules" ]; then + _1=$1 + if [ $# -gt 1 ]; then shift; snort_rules=$*; fi + snort_conf="" + snort_flags="" + rc=0 + for i in ${snort_rules}; do + eval _conf=\$snort_${i}_conf + eval _flags=\$snort_${i}_flags + [ -z "$_flags" ] && _flags="-D -q" + eval _intf=\$snort_${i}_interface + eval _expr=\$snort_${i}_expression + if [ -n "$_intf" ] ;then + _conf="$_conf -i $_intf" + eval pidfile="/var/run/snort_$_intf.pid" + fi + command_args="$_flags -c $_conf $_expr" + run_rc_command "$_1" + if [ $? -ne 0 ]; then rc=1; fi + unset _pidcmd _rc_restart_done + done + exit $rc +else + run_rc_command "$1" +fi |