#! /bin/sh
# Copyright (c) 1995-2002 SuSE, Germany.
#
# Author: Andreas Hasenack
#         Mads Martin Jrgensen
#
### BEGIN INIT INFO
# Provides:       snort
# Required-Start: $network
# Required-Stop:  
# Default-Start:  2 3 5
# Default-Stop:   
# Description:    snort packet-sniffer/logger
### END INIT INFO

SNORT_BIN=/usr/bin/snort

if [ -s /etc/rc.status ] ; then
	. /etc/rc.status
fi
if [ -s /etc/sysconfig/snort ] ; then
	. /etc/sysconfig/snort
else
	echo "/etc/sysconfig/snort not found."
	return=$rc_failed
	rc_exit
fi

if [ ! -n "$SNORT_INTERFACE" -o -z "$SNORT_INTERFACE" ]; then
	echo "Error, you must specify an interface in /etc/sysconfig/snort"
	return=$rc_failed
	rc_exit
fi

if [ "$SNORT_PROMISC" = "yes" ]; then
	PROMISC=
else
	PROMISC=-p
fi

if [ ! -n "$SNORT_USER" -o -z "$SNORT_USER" ]; then
	# safe default
	SNORT_USER=snort
fi

if [ ! -n "$SNORT_GROUP" -o -z "$SNORT_GROUP" ]; then
	# safe default
	SNORT_GROUP=snort
fi

return=$rc_done
case "$1" in
    start)
    	if [ ! "$SNORT_ACTIVATE" = "yes" ]; then
		echo -n "Warning, if $SNORT_INTERFACE goes down, snort will "
		echo "NOT be restarted automatically!"
		echo -n "Check /etc/sysconfig/snort for more details on the"
		echo "SNORT_ACTIVATE entry"
	fi
        echo -n "Starting snort"
	if ! /sbin/ip l l $SNORT_INTERFACE > /dev/null 2>&1; then
		echo "Interface $SNORT_INTERFACE does not exist or is not up"
		return=$rc_failed
		rc_exit
	fi
	# change /etc/snort/snort.conf to reflect this if the user asked for it
	# AUTO is defined in /etc/sysconfig/snort
	if [ "$SNORT_AUTO" = "yes" ]; then
		temp=`mktemp /etc/snort/snort.conf.XXXXXX`
		if [ -f $temp ]; then
			chown root:snort $temp
			chmod 0640 $temp
			cat /etc/snort/snort.conf | \
				sed -e "s,^var[ 	]\+HOME_NET.*$,var HOME_NET \$${SNORT_INTERFACE}_ADDRESS,g" > $temp
			[ -s $temp ] && mv -f $temp /etc/snort/snort.conf \
			             || rm $temp
		else
			echo -n "Warning, couldn't update HOME_NET in "
			echo "/etc/snort/snort.conf!"
			return=$rc_failed
			rc_exit
		fi
	fi
        startproc $SNORT_BIN -d -D -i $SNORT_INTERFACE $PROMISC \
	-l /var/log/snort -u $SNORT_USER -g $SNORT_GROUP -c /etc/snort/snort.conf \
	$SNORT_EXTRA_OPTIONS
        rc_status -v
        ;;
    stop)
        echo -n "Shutting down snort"
        killproc -TERM $SNORT_BIN || return=$rc_failed
	rm -f /var/run/snort*.pid
        #echo -e "$return"
	rc_status -v
        ;;
    status)
	checkproc $SNORT_BIN
	rc_status -v
	;;
    reload)
        echo -n "Reloading snort"
	killproc -HUP $SNORT_BIN
	rc_status -v
	;;
    force-reload)
    	echo -n "Reload snort "
	killproc -HUP $SNORT_BIN
	rc_status -v
	;;
    try-restart)
        $0 status >/dev/null &&  $0 restart
	# Remember status and be quiet
	rc_status
	;;
    restart)
        $0 stop
	$0 start 
	# Remember status and be quiet
	rc_status
	;;
    activate)
	echo "Activating automatic snort startup on interface startup"
	temp=`mktemp /etc/sysconfig/snort.XXXXXX`
	if [ -f $temp ]; then
		cat /etc/sysconfig/snort | sed -e "s,^SNORT_ACTIVATE=.*$,SNORT_ACTIVATE=yes,g" > $temp
		if [ -s $temp ]; then 
			mv -f $temp /etc/sysconfig/snort
			rc_status -v	
		else
			echo -n "Couldn't set ACTIVATE to 'yes' in"
			echo "/etc/sysconfig/snort"
			echo "(zero size file after applying sed)"
			return=$rc_failed
			rc_exit
		fi
		rm -f $temp
	else
		echo -n "Couldn't set ACTIVATE to 'yes' in "
		echo "/etc/sysconfig/snort"
		echo "(temp file creation error)"
		return=$rc_failed
		rc_exit
	fi
        ;;
    deactivate)
	echo "Deactivating automatic snort startup on interface startup"
	temp=`mktemp /etc/sysconfig/snort.XXXXXX`
	if [ -f $temp ]; then
		cat /etc/sysconfig/snort | sed -e "s,^SNORT_ACTIVATE=.*$,SNORT_ACTIVATE=no,g" > $temp
		if [ -s $temp ]; then
			mv -f $temp /etc/sysconfig/snort
			rc_status -v
		else
			echo -n "Warning, couldn't set ACTIVATE to 'no' in "
			echo "/etc/sysconfig/snort"
			echo "(zero size file after applying sed)"
			return=$rc_failed
			rc_exit
		fi
		rm -f $temp
	else
		echo -n "Warning, couldn't set ACTIVATE to 'no' in "
		echo "/etc/sysconfig/snort"
		echo "(temp file creation error)"
		return=$rc_failed
		rc_exit.
	fi
	;;
    *)
        echo "Usage: $0 {start|stop|status|restart|try-restart|reload|force-reload|activate|deactivate}"
        exit 1
        ;;
esac
rc_exit
