#!/bin/sh
#
# Startup script to for Snort Network Intrusion Detection
#
# chkconfig: 2345 99 01
# description: Snort Network Intrusion Detection System

# Source function library.
. /etc/rc.d/init.d/functions

# Source networking configuration.
. /etc/sysconfig/network

# Pull in /etc/firewall settings
[ -e /etc/firewall ] && source /etc/firewall

# Check that networking is up.
[ ${NETWORKING} = "no" ] && exit 0

RETVAL=0
prog="snort"

start() {
	echo -n $"Starting $prog: "
	# Creates a dummy file for /etc/logrotate.d/snort script
	if [ -d /var/log/snort ]; then
		echo "Used for logrotate... do not delete" > /var/log/snort/logrotate
	fi

	if [ -n "$EXTIF" ]; then
		extlist=$(echo "$EXTIF" | tr ' ' ',')
		daemon /usr/local/nsc/bin/snort-watchdog --start --interfaces "$extlist" -- -c /etc/snort.conf
	else
		daemon /usr/local/nsc/bin/snort-watchdog --start -- -c /etc/snort.conf
	fi

	RETVAL=$?
	echo
	[ $RETVAL -eq 0 ] && touch /var/lock/snort
}

stop() {
	echo -n $"Stopping $prog: "
	/usr/local/nsc/bin/snort-watchdog --stop
	RETVAL=$?
	[ $RETVAL -eq 0 ] && success || failure
	echo
	[ $RETVAL -eq 0 ] && rm -f /var/lock/snort
}

pidfile="/var/run/snort-watchdog.pid"

# See how we were called.
case "$1" in
  start)
	start
	;;
  stop)
	stop
	;;
  status)
	if status -p $pidfile snort > /dev/null
	then
		ret=3
		for file in `find /var/run/ -name 'snort_*.pid'`; do
			status -p $file $(basename $file .pid | tr '_' '@')
			ret=$?
		done
		if [ $ret -eq 3 ]; then
			echo $"${base} is stopped"
		fi
	else
		status -p $pidfile snort
		ret=$?
	fi
	RETVAL=$ret
	;;
  condrestart)
	if test -f $pidfile; then
		$0 stop
		$0 start
		RETVAL=$?
	fi
	;;
  restart|reload)
	$0 stop
	$0 start
	RETVAL=$?
	;;
  *)
	echo $"Usage: $0 {start|stop|status|restart|condrestart|reload}"
	exit 1
esac

exit $RETVAL
