#! /bin/bash
#
# snort - Snort intrusion detection system loader
#         This starts and stops the snort service
#
# Copyright (c) 2003 by Silvan Calarco <silvan.calarco@qilinux.it>
# Copyright (c) 2003 by Davide Madrisan <davide.madrisan@qilinux.it>
#
# description: snort loader
# chkconfig: 2345 60 80

source /etc/sysconfig/rc
source $rc_functions
source /etc/sysconfig/network
[ -f /etc/sysconfig/snort ] && source /etc/sysconfig/snort

case "$1" in
   start)
      intstring=""
      [ -z "$SNORT_INTERFACES" ] && SNORT_INTERFACES=`grep -il "ONBOOT=yes" $network_devices/ifconfig.* 2>/dev/null`
      for file in $SNORT_INTERFACES; do
         interface="`echo $file | sed s/.*ifconfig\.// 2>/dev/null`"
         intstring="-i $interface"
         echo -n "Starting snort on interface $interface: "
         daemon snort -u snort -b -D -c /etc/snort/snort.conf $intstring
         evaluate_retval
         echo
      done
      ;;

   stop)
      echo -n "Stopping snort: "
      killproc snort
      evaluate_retval
      echo
      ;;

   reload)
      echo -n "Reloading snort config file: "
      reloadproc snort 1
      evaluate_retval
      echo
      ;;

   restart)
      $0 stop
      sleep 1
      $0 start
      ;;

   status)
      statusproc snort
      ;;

   *)
      echo "Usage: $0 {start|stop|reload|restart|status}"
      exit 1
      ;;
esac